Alright then smartass, I think the Nouveau guys could use your expertise then. Or perhaps you'd like to write open firmware for all those Broadcom chips that require firmware upload?
Try reading my fucking post AGAIN. You know what you did in your other reply? You said the same thing I did except you made it sound like you were contradicting me.
I do not think it's black arts. I know exactly how it's done. I also think it should be managed by the BIOS, or if the OS must, then the BIOS should have the final override if the OS fucks it up.
So long as your work gets done, she doesn't give a shit how you do it. Browse the net! Work from home!... but at the end of the day your shit better be done, or a good attempt made if it's been one of those days.
Only if the proxy doesn't do cert validation itself and throw a fit if there's a problem.
The one we have at work does this.
That said, it's only used for intranet access it seems, so it's specific hosts that are proxied, everything else is left alone. We have to be sure of that, since we do payment software stuff and therefore have to take PCI extremely seriously.
Well, I got that you were linking it to the matrix in some way ("agent Smith" and your subject) but I don't understand how it relates to the story at all. That critical link is missing from your post.
Ah, thanks for looking. So to even bother you already have to own the box.
What about virtualization? I know that stuff like VMWare/Virtualbox shouldn't be vulnerable because (i think) you can't talk to the CPU directly like that. What about things like Xen? If you can, might it be a vector out of the VM and into the host?
Isn't it possible for an attacker to exploit the microcode update facility to load vulnerable code back on? If you can gain enough privilege to run the tools to do so, you might be able to then get around other access controls imposed by the kernel, right?
Not been on many planes have you? Next time you're boarding look at the sides and try to imagine how hard it would be to avoid hitting a window. Remember you're not going to be calm when it happens, so don't be thinking you're going to have a tight group.
How sure are you of this? Because I've heard with my own ears ATC direct an aircraft to a FL below FL180, and the pilot understood the instruction with no hesitation.
Sure, but quickly losing several thousand feet of pressure is not exactly a fun experience. They generally only pressurize to something like FL100, where cruise may typically be FL180 or so. In some cases even as high as FL280.
What kind of music do you listen to, then, that you get highway hypnosis? You probably need something with more energy in it.
Then the riots start.
Either that or making music becomes a common public thing again. You know, bards and such from yesteryear.
Already happens to some extent.
Why are we suing AES then? Serpent is even better. It's just slower.
Oh, that's why everyone isn't using AES, either. Speed vs strength. Sometimes speed wins out.
Alright then smartass, I think the Nouveau guys could use your expertise then. Or perhaps you'd like to write open firmware for all those Broadcom chips that require firmware upload?
You know, since any hacker could to it.
Try reading my fucking post AGAIN. You know what you did in your other reply? You said the same thing I did except you made it sound like you were contradicting me.
I do not think it's black arts. I know exactly how it's done. I also think it should be managed by the BIOS, or if the OS must, then the BIOS should have the final override if the OS fucks it up.
Except for the fact that the problem is in a binary firmware blob, that we can't really do much with.
Someone needs to get Anonymous pissed off at these fools.
Indeed. My boss is awesome.
So long as your work gets done, she doesn't give a shit how you do it. Browse the net! Work from home! ... but at the end of the day your shit better be done, or a good attempt made if it's been one of those days.
Huh, I'm salaried and 9-5 at the same time. Where do I fit in, there?
Or 40 hours of the kind of work that would get you committed if you didn't take sanity breaks now and then.
Only if the proxy doesn't do cert validation itself and throw a fit if there's a problem.
The one we have at work does this.
That said, it's only used for intranet access it seems, so it's specific hosts that are proxied, everything else is left alone. We have to be sure of that, since we do payment software stuff and therefore have to take PCI extremely seriously.
Well, I got that you were linking it to the matrix in some way ("agent Smith" and your subject) but I don't understand how it relates to the story at all. That critical link is missing from your post.
Ah, well, if it's a slip-up on their part...
I knew the rest of this, though. Other people happening by the thread might not though, so appreciate the detail.
(read through good part of the FAA airplane handbook and IFR handbook, also played around a bit with VATSIM via X-Plane.)
Ah, thanks for looking. So to even bother you already have to own the box.
What about virtualization? I know that stuff like VMWare/Virtualbox shouldn't be vulnerable because (i think) you can't talk to the CPU directly like that. What about things like Xen? If you can, might it be a vector out of the VM and into the host?
Its not a "flight level" until you get to 18,000 feet, so there really is no "FL 100".
Maybe not on paper, but I've heard FL's below 180 on ATC.
I'm fairly close to KATL, so I get to listen in fairly often.
I see that you're trying to link it to the Matrix, but beyond that... nothing. What exactly are you trying to say?
Occam's razor just cut deeply into your finger. You might want to put a bandage on that.
Isn't it possible for an attacker to exploit the microcode update facility to load vulnerable code back on? If you can gain enough privilege to run the tools to do so, you might be able to then get around other access controls imposed by the kernel, right?
Not been on many planes have you? Next time you're boarding look at the sides and try to imagine how hard it would be to avoid hitting a window. Remember you're not going to be calm when it happens, so don't be thinking you're going to have a tight group.
How sure are you of this? Because I've heard with my own ears ATC direct an aircraft to a FL below FL180, and the pilot understood the instruction with no hesitation.
Sure, but quickly losing several thousand feet of pressure is not exactly a fun experience. They generally only pressurize to something like FL100, where cruise may typically be FL180 or so. In some cases even as high as FL280.
"-pipe" is your friend.
He probably meant GB.
It works great until your transfer switch fucks up and you get a bunch of zeroes or massive bit rot.
Delt with a product that had just such a scheme. Fucker would corrupt files if the power supply so much as twitched.
That ammunition can still fracture or blow out a window (probably not the cockpit glass, that stuff is tough) though.