Not necessarily. According to Scientology, there are a number of alien planets, and they are populated by creatures that look remarkably human, wear clothing remarkably like our own, and speak a language remarkably similar to English.
From this log: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363516 It looks like openssl is pulling in "entropy" from uninitialized memory, causing valigrind to complain. The debian maintainer "fixed" this issue by memsetting the buffer to zero.
My question is, wouldn't I see the same behavior using grsecurity to scrub deallocated memory? From what I am seeing, this looks much more like the fault of the openssl team.
We can choose not to go down this road. First of all, I don't think we can choose that. The US is not the only nation in the world. I doubt genetic research will go the way of nuclear weapons, and even if it does, there will always be rogue nations working on it.
We as a race have too much to gain from genetic research to just ignore it. Why should we choose this arbitrary point to stop advancing science?
Military botnets are a dumb idea. Botnets serve two main purposes.
1. DDoS 2. mail relays
The value of a DDoS network is proportional to the total bandwidth of syn packets it can send. Why would the military need to take over smaller hosts when they have direct access to routers high up on the backbone of the internet?
As for number 2, I doubt the military has much need for mail relays.
What they really need is not a botnet. They need a list of foreign machines that they can bounce attacks through. It's been shown that titan rain was using compromised machines in Korea when they pulled the data from Germany (whether titan rain is considered a military unit is still up in the air).
The UK is a democratic society isn't it? I was under the impression that people voted for the CCTV to be there, and if enough people cared, they could vote it away as well.
Who are you to impose your view of an ideal society on these people?
The notion that CCTV will spread and take over the world is absurd, because when CCTV moves in, people opposed enough will move out. Even in the most extreme cases, you will always end up with ares where most of the population is opposed to CCTV, and the legislation will never pass there.
If one city does not install CCTV, and the crime rate spikes, then that's too bad for them, and if another city invests so much in CCTV that it breaks their local economy causing an increase in crime, that's too bad as well.
Like everything else in the world, CCTV networks are a tool that works in some places, and will never work in others. The people who are best to decide that are the people that live there.
When "hackers" use "cid spoofing" to "SWAT" people's houses, they deserve more than just a fine.
Seriously, I have cid spoofed to play pranks on friends etc, and nobody cares. The crime is when you use the misinformation to take advantage of a system or group of people (especially when money is involved).
having to deal with xine/gstreamer/vlc/mplayer which all seem to work on different content but none on all is something the user shouldn't have to do. I disagree with the idea that throwing another player into the game is going to do anything to help the user.
I disagree, but I have heard this a lot. I really have no idea where this idea comes from. If you have a wide variety of operating systems deployed, you are vulnerable to every new exploit that becomes available. Once on your network, almost any software deployment system is vulnerable to local network attacks, and then the rest of your network gets owned.
I would argue for putting every OS deployment on its own vlan, and then using NAC to make sure they are all properly patched before getting out.
Homogenization reduces attack surface, and simplifies management, which is almost always a good thing from a security perspective.
1. mount whatever device his homedir is on 2. copy off his.mozilla/ directory 3. back up your own.mozilla directory to.mozilla.bak/ or something 4. copy his.mozilla dir into your homedir 5. open firefox 6. edit > prefrences > security > saved passwords > show passwords
That should give you a good enough head start to look into whatever websites he frequently visited. Also might be good to dump his entire homedir just to poke around for notes or papers he may have written recently. Using cp -p will preserve timestamp information.
Also, to get access to his university accounts, if the password isn't in his list of saved web passwords, it should probably be in whatever email client he was using.
Also, as a side note. Fuck ethics and morality. Any confusion or uncertainty over something like that has the potential of causing even worse long term damage to family members. Good luck.
I believe you are referring to SUSE. Not that there is anything wrong with that, I think microsoft is actually trying hard to make sure you can easily run a linux server farm in a windows datacenter.
I think that this is why microsoft has been hiring up so many xen/suse people. From their hires and acquisitions, you can tell that microsoft is investing a TON into the virtualization market.
Google around a bit. It's a USB stick with a bunch of sysinternals tools on it. It even gives a nice gui that explains what the tools are for.
It would be neat if microsoft had a device that used any of the cdrom emulation, or firewire DMA issues to bypass locked machines etc, but I am pretty sure they don't.
It seems that this usb stick was designed to bypass full disk crypto etc. It allows an investigator to pull as much important data as possible off of a running system before it is confiscated.
Sure, standardizations are great. My problem is with people who believe that they are on a level above those who make different choices.
Sure, I think linux is a better OS than windows, but that does not somehow make me a better person for using linux. I don't believe that it is my decisions that make me a good person, I believe it is my actions.
I think that all creativity would be stifled if we were all locked into proprietary licenses, and I think software engineering as we know it would turn into a giant academic circle jerk if everything was published under the GPL.
This can be traced to a basketball analogy I heard when I was very young. A team of 12 Michael Jordans would suck, because there is no such thing as a perfect basketball player. As a society our greatness is defined by the sum of our differences.
Seriously, can they just make an ubuntu-hippie distro? I understand that some of these problems have legal issues around them, but the reason I left debian the first time was all the open source fundamentalism. Now, after spending 4 years with gentoo, I am back with ubuntu, and highly disappointed that so much of that mentality persisted with the fork.
Okay folks, grab your pitchforks and your torches, it's time to round up as many of these damn fundamentalists as possible. They are destroying our world, and need to be exterminated, leaving only us pure non-fundamentalists.
The problem with that in this scenario is that the unfamiliar tester is probably already familiar with other operating systems. That means you are testing how well a user can transition from one system to another.
That is fine, useful, and should be done, but I would say for pure "usability testing", you need someone with a minimal background in computer use, like a 5 year old, or a caveman.
This is how things are supposed to work. Feds push from one side, and privacy advocates push from the other. Our elected representatives in the legislative branch then decide where the actual line in the sand should be drawn.
If either side steps over the line too far, our elected representatives in the judicial branch figure out the specifics and make the laws more solid.
If either side (fed vs privacy advocates) stopped pushing, the entire process would stop working. Disagreement, and pressure on both sides is a good thing, and as long as we make sure the legislative branch gets the right facts (which has been a problem at times in the past), the system does actually work pretty well.
There was no cyberwar, the Russian government had nothing to do with it, and every media source that mentioned it really needs to update their articles because the misinformation is causing far more harm than good.
I would put to you that C is only fast because the compiler makes it fast. As hardware architectures change, and compiler theory advances, people who use C for everything will start to realize that better options exist.
I do believe that C will be around for a long time though, and the only reason it is losing popularity is that few companies need to hire programmers to write low level code. Hardware companies will hire C programmers, but software has moved far beyond that, into domains that other languages are just better at addressing.
Slashdot Mirror
Not necessarily. According to Scientology, there are a number of alien planets, and they are populated by creatures that look remarkably human, wear clothing remarkably like our own, and speak a language remarkably similar to English.
http://www.bek-transplant.com/joomla/index.php
Duude.. you're going to be getting some Rick Astley in your DNS responses if you aren't careful.
From this log: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363516
It looks like openssl is pulling in "entropy" from uninitialized memory, causing valigrind to complain. The debian maintainer "fixed" this issue by memsetting the buffer to zero.
My question is, wouldn't I see the same behavior using grsecurity to scrub deallocated memory? From what I am seeing, this looks much more like the fault of the openssl team.
We as a race have too much to gain from genetic research to just ignore it. Why should we choose this arbitrary point to stop advancing science?
Military botnets are a dumb idea. Botnets serve two main purposes.
1. DDoS
2. mail relays
The value of a DDoS network is proportional to the total bandwidth of syn packets it can send. Why would the military need to take over smaller hosts when they have direct access to routers high up on the backbone of the internet?
As for number 2, I doubt the military has much need for mail relays.
What they really need is not a botnet. They need a list of foreign machines that they can bounce attacks through. It's been shown that titan rain was using compromised machines in Korea when they pulled the data from Germany (whether titan rain is considered a military unit is still up in the air).
The UK is a democratic society isn't it? I was under the impression that people voted for the CCTV to be there, and if enough people cared, they could vote it away as well.
Who are you to impose your view of an ideal society on these people?
The notion that CCTV will spread and take over the world is absurd, because when CCTV moves in, people opposed enough will move out. Even in the most extreme cases, you will always end up with ares where most of the population is opposed to CCTV, and the legislation will never pass there.
If one city does not install CCTV, and the crime rate spikes, then that's too bad for them, and if another city invests so much in CCTV that it breaks their local economy causing an increase in crime, that's too bad as well.
Like everything else in the world, CCTV networks are a tool that works in some places, and will never work in others. The people who are best to decide that are the people that live there.
When "hackers" use "cid spoofing" to "SWAT" people's houses, they deserve more than just a fine.
Seriously, I have cid spoofed to play pranks on friends etc, and nobody cares. The crime is when you use the misinformation to take advantage of a system or group of people (especially when money is involved).
I disagree, but I have heard this a lot. I really have no idea where this idea comes from. If you have a wide variety of operating systems deployed, you are vulnerable to every new exploit that becomes available. Once on your network, almost any software deployment system is vulnerable to local network attacks, and then the rest of your network gets owned.
I would argue for putting every OS deployment on its own vlan, and then using NAC to make sure they are all properly patched before getting out.
Homogenization reduces attack surface, and simplifies management, which is almost always a good thing from a security perspective.
Depends on how well he covered his ass with a EULA :-)
This seems more like a custom patchset than a fork, much like the compiz-quinnstorm/beryl/compiz-fusion from back in the day.
The main developers can work on stability, while a group of enthusiasts can test out some experimental features.
What the pidgin developers really need to do now is crank out 3.0. Lack of video conferencing in 2008 is just ridiculous.
A quick way to grab all of his saved passwords:
.mozilla/ directory .mozilla directory to .mozilla.bak/ or something .mozilla dir into your homedir
1. mount whatever device his homedir is on
2. copy off his
3. back up your own
4. copy his
5. open firefox
6. edit > prefrences > security > saved passwords > show passwords
That should give you a good enough head start to look into whatever websites he frequently visited. Also might be good to dump his entire homedir just to poke around for notes or papers he may have written recently. Using cp -p will preserve timestamp information.
Also, to get access to his university accounts, if the password isn't in his list of saved web passwords, it should probably be in whatever email client he was using.
Also, as a side note. Fuck ethics and morality. Any confusion or uncertainty over something like that has the potential of causing even worse long term damage to family members. Good luck.
I believe you are referring to SUSE. Not that there is anything wrong with that, I think microsoft is actually trying hard to make sure you can easily run a linux server farm in a windows datacenter.
I think that this is why microsoft has been hiring up so many xen/suse people. From their hires and acquisitions, you can tell that microsoft is investing a TON into the virtualization market.
This is not an article about beards. It is an article about language designers, which RMS is not.
Google around a bit. It's a USB stick with a bunch of sysinternals tools on it. It even gives a nice gui that explains what the tools are for.
It would be neat if microsoft had a device that used any of the cdrom emulation, or firewire DMA issues to bypass locked machines etc, but I am pretty sure they don't.
It seems that this usb stick was designed to bypass full disk crypto etc. It allows an investigator to pull as much important data as possible off of a running system before it is confiscated.
http://www.forensicswiki.org/wiki/Incident_Response
Its mention in that wiki entry makes it sound like nothing more than a graphical frontend for various other forensics tools.
While it would be easy enough to write something like this for any operating system, it goes a bit beyond a knoppix disk.
Sure, standardizations are great. My problem is with people who believe that they are on a level above those who make different choices.
Sure, I think linux is a better OS than windows, but that does not somehow make me a better person for using linux. I don't believe that it is my decisions that make me a good person, I believe it is my actions.
I think that all creativity would be stifled if we were all locked into proprietary licenses, and I think software engineering as we know it would turn into a giant academic circle jerk if everything was published under the GPL.
This can be traced to a basketball analogy I heard when I was very young. A team of 12 Michael Jordans would suck, because there is no such thing as a perfect basketball player. As a society our greatness is defined by the sum of our differences.
I disagree. Fundamentalism at its core is the belief that the world would be better if everyone thought the same way that you do.
I agree that everyone should have ideals, but I believe that the ultimate goal should be balance, not monoculture.
2) Watch youtube. Unsuccessful. No Flash.
Seriously, can they just make an ubuntu-hippie distro? I understand that some of these problems have legal issues around them, but the reason I left debian the first time was all the open source fundamentalism. Now, after spending 4 years with gentoo, I am back with ubuntu, and highly disappointed that so much of that mentality persisted with the fork.
Okay folks, grab your pitchforks and your torches, it's time to round up as many of these damn fundamentalists as possible. They are destroying our world, and need to be exterminated, leaving only us pure non-fundamentalists.
The problem with that in this scenario is that the unfamiliar tester is probably already familiar with other operating systems. That means you are testing how well a user can transition from one system to another.
That is fine, useful, and should be done, but I would say for pure "usability testing", you need someone with a minimal background in computer use, like a 5 year old, or a caveman.
This is how things are supposed to work. Feds push from one side, and privacy advocates push from the other. Our elected representatives in the legislative branch then decide where the actual line in the sand should be drawn.
If either side steps over the line too far, our elected representatives in the judicial branch figure out the specifics and make the laws more solid.
If either side (fed vs privacy advocates) stopped pushing, the entire process would stop working. Disagreement, and pressure on both sides is a good thing, and as long as we make sure the legislative branch gets the right facts (which has been a problem at times in the past), the system does actually work pretty well.
Please do not perpetuate hysteria.
The "Russian DDoS attacks of Estonia" were done by a few Estonian kids mad about some statues being moved around.
http://www.theregister.co.uk/2008/01/24/estonian_ddos_fine/
There was no cyberwar, the Russian government had nothing to do with it, and every media source that mentioned it really needs to update their articles because the misinformation is causing far more harm than good.
I would put to you that C is only fast because the compiler makes it fast. As hardware architectures change, and compiler theory advances, people who use C for everything will start to realize that better options exist.
I do believe that C will be around for a long time though, and the only reason it is losing popularity is that few companies need to hire programmers to write low level code. Hardware companies will hire C programmers, but software has moved far beyond that, into domains that other languages are just better at addressing.