As an operator of a site dedicated to producing cheats, I would like to know what Blizzard is going to do to encourage cheating. The site I administrate (EdgeofNowhere, formerly Blizzhackers until Blizzard deployed some lawyers) has over one hundred and fifty thousand registered users, and I believe this represents a demographic that Blizzard should not ignore. Diablo II was great for that, but it's starting to run out of steam; can we expect Diablo III to be just as fun to hack?
I thought that Hellboy 2 was significantly more influenced by Dunsany than Lovecraft. The reference to 'bethmoora' (butchered as the context is) makes it clear where del Tormo is drawing inspiration from. This is in keeping with the Ogdru-Jahad and other miscellaneous bits of theogony established in the original Hellboy comics, though. All of that bears far more resemblance to Dunsany's "Gods of Pegana" than any piece of the Cthulhu mythos (though Lovecraft's dreamlands stories are close). I for one, was very happy to see a director acknowledge Dunsany, as he is so often passed up in favor of Lovecraft.
On the subject of The Hobbit movie, I think that Hellboy 2 clearly showed that del Tormo is very capable of creating very Tolkienesque plotlines, but I think his distinct visual style migt be a bad fit for a direct adaptation of Tolkien's work.
Yes, it's easily patchable once you realize it's there, and yes, it should have been easy to check for. This isn't as revolutionary as the summary might suggest, but it is still interesting. The way Dowd jumps through a bunch of hoops to achieve the exploit is interesting to learn from, in the same way a perfect shot in pool or pitching a no-hitter might be to a sports fan. Dowd showed an amazing amount of technical skill by putting together all the pieces, and people are reacting to that more than the specific bug(s) that allowed it, though those are interesting as well in some ways.
The way they force a NULL return from malloc is by using a value that's valid when interpreted as a signed type (which the code checks), but causes a massive attempted allocation of memory (one that will invariably fail) when interpreted as an unsigned type, as malloc uses it. This can then be used to overwrite part of a static table of instruction lengths stored somewhere around 0x80000000 which causes the bytecode verifier to interpret a set of Actionscript bytecodes differently from how they are actually executed later on. Nothing else on the machine has to be compromised in advance.
I agree that 'WASP' is not the apex of culture, but a person's mannerisms can tell you a lot about a person. If someone is very openly of an alternate culture that at least has some sophistication to it, it's generally okay. However, when you get into people who act and sound uneducated, who clearly lack social skills or the language skills needed to work well with other employees, who clearly do not have enough self discipline to at least practice basic hygiene, or who obviously don't care enough to try to make a good impression, screening can be a valuable tool. That being said, you of course need to screen based on what job you're trying to fill. If you're looking for the next hypergenius to design a quantum computer, you should obviously give precedence to factors like job history, education, recommendations, etcetera. On the other hand, if you're just looking for a junior programmer, you might want to give a bit more precedence to factors like how well they fit into the work environment (which is affected by mannerisms and culture), how well they communicate, how much care they take in making themselves 'acceptable', and so on.
Remember in XHTML you can declare and then you're free to throw in any st1:foo tags and add st1:bar attributes to existing tags.
I haven't looked at their page myself, but if there's an xmlns definition then they're sort of OK, but against a HTML 4.01 doctype though.
I know you can use an XMLNS element, but it's not XHTML and no XMLNS elements either.
In the page source....
on
CherryOS On Hold
·
· Score: 5, Interesting
There is a date in the page source (which doesn't conform to the stated HTML 4.01 Transitional doctype along with other random attributes given to various elements, by the way):
<st1:date Month="11" Day="25" Year="2004">
I wonder what it's there for, as it is nowhere near accurate.
Odd, that's not what topics on phpBB.com say, but I guess you may be right. Regardless, the issue was patched a month ago and people have been reminded to upgrade many times.
First of all, the exploit is in PHP (see here), not phpBB, the worm just happens to attack phpBB. I just think that should be cleared up before people start spreading FUD about how phpBB is insecure.
Secondly, this issue has been patched for a month now (see this announcement) and the phpBB group has reminded users several times to upgrade.
Actually, that's not it at all. According to 'purists', hacking is a term used to denote someone who programs (e.g. hacking code is programming) whereas cracking is breaking into a system with malicious intent, although the term hacker has been demonized by the media and government (e.g. Kevin Mitnick's story).
At the risk of stating the obvious; hacking into NASA is not technological advancement. Furthermore, it's 6 months in prison, and some computer restrictions, they're not exactly branding him with a giant forehead stamp that says "DANGEROUS HACKER - DO NOT ASSOCIATE WITH OR HIRE, OSTRACIZE WHEN POSSIBLE".
While many items on/. may not be news in the traditional sense, at least most of them are fairly fresh and new (within a few days, admittedly). I read Slashdot for the technological aspect and the occasional interest factor in a few of the less news-like posts, not for examples of mildly anachronistic innovation. If I wanted that, I'd watch the History Channel.
I suppose this may be fascinating for some people, but how does something published in 1989 count as news? And how does it relate to computers and/or technology? Kites are hardly groundbreaking, especially ones from 1906.
Yes, but you can safely assume that it isn't a bunch of idiots doing this. If it's counted as a 'study' one can assume that it has at least some credibility, although by no means an aura of infallibility.
Re:PHP or Perl?
on
Learning PHP 5
·
· Score: 2, Interesting
Er, PHP stands for 'PHP: Hypertext Preproccessor' (gogo recursive acronyms!), not Personal Home Page.
Actually it is "...10 types of people..." as the first digit represents the 'ones'. 1 is just 1 and 10 is 2.
Please learn binary before correcting people on it.
I think it's great that this kid exposed a security flaw in a widely used product. How many of you admins would have known about the vulnerability had this worm not been released? Do you think Microsoft knew about it?
Why did they not do something about it?
The kid didn't expose anything, he just wrote a program to exploit a flaw in lsass.exe that had been announced and patched by Microsoft a month prior to the writing of the worm. I'm sure most admins (as well as mots people with even a scrap of technical knowledge) knew of and/or had patched this flaw by the time the worm was spreading. The real problem was with all the unpatched home users who were unwittingly spreading the worm.
Slashdot Mirror
As an operator of a site dedicated to producing cheats, I would like to know what Blizzard is going to do to encourage cheating. The site I administrate (EdgeofNowhere, formerly Blizzhackers until Blizzard deployed some lawyers) has over one hundred and fifty thousand registered users, and I believe this represents a demographic that Blizzard should not ignore. Diablo II was great for that, but it's starting to run out of steam; can we expect Diablo III to be just as fun to hack?
I thought that Hellboy 2 was significantly more influenced by Dunsany than Lovecraft. The reference to 'bethmoora' (butchered as the context is) makes it clear where del Tormo is drawing inspiration from. This is in keeping with the Ogdru-Jahad and other miscellaneous bits of theogony established in the original Hellboy comics, though. All of that bears far more resemblance to Dunsany's "Gods of Pegana" than any piece of the Cthulhu mythos (though Lovecraft's dreamlands stories are close). I for one, was very happy to see a director acknowledge Dunsany, as he is so often passed up in favor of Lovecraft. On the subject of The Hobbit movie, I think that Hellboy 2 clearly showed that del Tormo is very capable of creating very Tolkienesque plotlines, but I think his distinct visual style migt be a bad fit for a direct adaptation of Tolkien's work.
Yes, it's easily patchable once you realize it's there, and yes, it should have been easy to check for. This isn't as revolutionary as the summary might suggest, but it is still interesting. The way Dowd jumps through a bunch of hoops to achieve the exploit is interesting to learn from, in the same way a perfect shot in pool or pitching a no-hitter might be to a sports fan. Dowd showed an amazing amount of technical skill by putting together all the pieces, and people are reacting to that more than the specific bug(s) that allowed it, though those are interesting as well in some ways.
The way they force a NULL return from malloc is by using a value that's valid when interpreted as a signed type (which the code checks), but causes a massive attempted allocation of memory (one that will invariably fail) when interpreted as an unsigned type, as malloc uses it. This can then be used to overwrite part of a static table of instruction lengths stored somewhere around 0x80000000 which causes the bytecode verifier to interpret a set of Actionscript bytecodes differently from how they are actually executed later on. Nothing else on the machine has to be compromised in advance.
Firefox doesn't parse identifiers like . and .. in URIs that refer to local data. And view-source properly blocks file:// access.
Almost every meat...
I agree that 'WASP' is not the apex of culture, but a person's mannerisms can tell you a lot about a person. If someone is very openly of an alternate culture that at least has some sophistication to it, it's generally okay. However, when you get into people who act and sound uneducated, who clearly lack social skills or the language skills needed to work well with other employees, who clearly do not have enough self discipline to at least practice basic hygiene, or who obviously don't care enough to try to make a good impression, screening can be a valuable tool. That being said, you of course need to screen based on what job you're trying to fill. If you're looking for the next hypergenius to design a quantum computer, you should obviously give precedence to factors like job history, education, recommendations, etcetera. On the other hand, if you're just looking for a junior programmer, you might want to give a bit more precedence to factors like how well they fit into the work environment (which is affected by mannerisms and culture), how well they communicate, how much care they take in making themselves 'acceptable', and so on.
Odd, that's not what topics on phpBB.com say, but I guess you may be right. Regardless, the issue was patched a month ago and people have been reminded to upgrade many times.
First of all, the exploit is in PHP (see here), not phpBB, the worm just happens to attack phpBB. I just think that should be cleared up before people start spreading FUD about how phpBB is insecure.
Secondly, this issue has been patched for a month now (see this announcement) and the phpBB group has reminded users several times to upgrade.
Actually, that's not it at all. According to 'purists', hacking is a term used to denote someone who programs (e.g. hacking code is programming) whereas cracking is breaking into a system with malicious intent, although the term hacker has been demonized by the media and government (e.g. Kevin Mitnick's story).
At the risk of stating the obvious; hacking into NASA is not technological advancement. Furthermore, it's 6 months in prison, and some computer restrictions, they're not exactly branding him with a giant forehead stamp that says "DANGEROUS HACKER - DO NOT ASSOCIATE WITH OR HIRE, OSTRACIZE WHEN POSSIBLE".
6 months in prison because he was too cheap to buy a hard drive...
While many items on /. may not be news in the traditional sense, at least most of them are fairly fresh and new (within a few days, admittedly). I read Slashdot for the technological aspect and the occasional interest factor in a few of the less news-like posts, not for examples of mildly anachronistic innovation. If I wanted that, I'd watch the History Channel.
I suppose this may be fascinating for some people, but how does something published in 1989 count as news? And how does it relate to computers and/or technology? Kites are hardly groundbreaking, especially ones from 1906.
Next time try linking to them instead of just typing them:-
http://www.getfirefox.com/
http://www.spreadfirefox.com/
Yes, but you can safely assume that it isn't a bunch of idiots doing this. If it's counted as a 'study' one can assume that it has at least some credibility, although by no means an aura of infallibility.
Er, PHP stands for 'PHP: Hypertext Preproccessor' (gogo recursive acronyms!), not Personal Home Page.
I for one welcome our new plant overlords.
Actually it is "...10 types of people..." as the first digit represents the 'ones'. 1 is just 1 and 10 is 2. Please learn binary before correcting people on it.
Now I can go hunt deer with an AK-47!
Have some fun and paint a big red penis on your PHB's door, reminiscent of Penny-Arcade.