Someone correct me if I'm wrong, but isn't one of those factors only 80 digits long? (80/3)*10~= about 267 bits. From what I understand, factoring a number is just as complex as pulling out the smallest factor. That would make this feat roughly equal to factoring the RSA 512, which was done a few years back. 1024 bit RSA uses two 512 bit primes. This is significantly harder than what these guys have done.
Rock on, except grandparent is 100% correct, and somehow you got the +5 and he got the -1? Machines these days (even when there is an entire botnet after you) don't have the power to simply "flood" an opponent's pipe. In any DoS or DDoS, you need to find the minimum amount of traffic you need to send out to tax one of the opponents' critical resources (cpu, memory, connect queue, whatever). Often times attackers will take advantage if a flaw in some server code to do this. More often, however, people just resort to the syn flood, since the protocol itself is pretty weak.
I also believe the reference to "a few eggs thrown over the fence" wasn't a claim that these attacks are insignificant, just that they are common, and there plenty of ways to mitigate them. I will agree that if the Russian government is actually to blame for this, that is pretty lame.
I am also curious if AACS-LS is claiming that this number is a technology, product, service, device, or component. Those are the only things that DMCA cares about, and I could make a pretty good argument against calling a number any one of those things.
from the DMCA "No person shall... offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof that that -"...
The article suspects that they will try to claim that it is a "part" of a "technology" that could theoretically crack an HDDVD. I am pretty sure that the final HDDVD cracking code will contain an if statement as well. I really hope that these lawsuits will end up redefining the law so that a "circumvention device" must at least be a physical device (which, I know would go against the decss ruling).
Point taken. I still think it's strange that the apostrophe is used in marking the possessive for all nouns except the pronouns. It was an arbitrary decision some guy made one day, with no real sensible basis, so the user confusion is more than understandable. From what I have seen on wikipedia, even top scholars still disagree on apostrophe usage.
I think the bigger issue is that the apostrophe is used to mark omissions and possessiveness. I would be happier if things that sounded the same looked the same on paper. More than phonetics, it should go for punctuation as well.
That would also kill interoperability between controllers, and reduce the number of infections on the machine, which would be a good thing. Also, by fixing many of the commonly used vulnerabilities (weak passwords in RDP etc), the user has a much higher chance of catching on.
Also, hardening machines is harder that you might think:-) If we had worms that hardened as they reaped, that might even be considered a service. Most worms that I have looked at on the other hand attempt to kill AV, logging, and often times create backdoor users, shares, or open simple control ports. If the attacker started enabling security measures and auto updates etc, they put themselves at a very high risk of losing the box, and not being able to get back in. Also a good thing.
The first time I looked at the link that was posted on full disclosure, all the passwords etc were there, but when I checked again the next day they had been removed. I think Google actually did a pretty quick cleanup job cleaning up their mess. The delay is due to the media echo chamber.
Remember that the full disclosure event was reported to Finjan, who did an analysis. Someone over at information week then wrote an article about this analysis, which was posted yesterday. The slashdot posting is about the information week article.
From what I can tell, it seems like they are just blocking links which contain redirects. Links to movies do not work, but links to images do. All the redirect links I could think of for other sites seemed to work though, so it might have something to do with the depth of the redirect, or the media type of the final content.
Is one in every thousand Chinese citizens a spammer?
I could easily believe that there are a million comprimised machines that are being used as spam relays. If they actually knew where the person who was running the spam network lived, they would get raided, not an email.
When I started playing Diablo 2, I knew very little about computers. Much of what I now know about programming, including things like memory patching and packet analysis/injection, started with me playing diablo 2. It's not that I had any sort of grudge against the NPCs, or that I felt inadequate or something like that. The new game was just more fun than the RPG.
Anyway, the way I see it, all clientside variables are fair game. I do realize there are things like bandwidth concerns for things like map transfers, but client boxes should in general be used for rendering graphics, and actual calculations should be done on the server. Any real cheating is the result of lazy programmers, or cheap server admins, everything else is just automation.
Oddly enough, that statement is the justification that some animal rights extremists use. If you assume that a human life is the same as an animal life, then you are fully justified in killing one life to save the lives as others.
The reason its "ask slashdot" is because it has nothing to do with what slashdot is supposed to be about. It's not really about "your rights online", because they were in a tree, not on the internet. It has some political implications, but what doesn't these days?
They saw a story they thought was interesting, they wanted to post it to their favorite news site, they couldnt find the right category. So.. they called it "ask slashdot" by posting a link to the story, and saying "what do you think?", as if that question wasn't implied by other more relevant news stories.
I understand that this is an evolutionary news site, but maybe once a year or so there should be a vote on a new slogan (the poll system is already in place).
The only thing that I can think of would be blind reverse engineering or something. No offense to whoever submitted the code, as Im sure that can be taken as a massive insult (I know I would be annoyed if someone made accusations like that about my code). Maybe the wine developer was just very anal about the specs and didn't realize what could be done with it, but it is a good defensive point for microsoft.
or.. maybe its the simple/dumb ones that manage to get the media attention? Plenty of people get rich every day with nothing more than good old fashioned greed and manipulation.
But didnt Einstein spend most of his later life trying to prove that quantum mechanics was just new age hippie physics? From what I understand he only came up with the whole EPR thing because he wanted to make quantum physics look bad, because it conflicted with his base of "nothing can go faster than light"
Slashdot Mirror
Very true. I am however surprised that they had the manpower to detect such intrusions.
haha, dumbass should have been watching the stairs. no wonder he fell
"...And Scotty beamed them to the Klingon ship, where there would be no tribble at all!"
Someone correct me if I'm wrong, but isn't one of those factors only 80 digits long? (80/3)*10~= about 267 bits. From what I understand, factoring a number is just as complex as pulling out the smallest factor. That would make this feat roughly equal to factoring the RSA 512, which was done a few years back. 1024 bit RSA uses two 512 bit primes. This is significantly harder than what these guys have done.
Rock on, except grandparent is 100% correct, and somehow you got the +5 and he got the -1? Machines these days (even when there is an entire botnet after you) don't have the power to simply "flood" an opponent's pipe. In any DoS or DDoS, you need to find the minimum amount of traffic you need to send out to tax one of the opponents' critical resources (cpu, memory, connect queue, whatever). Often times attackers will take advantage if a flaw in some server code to do this. More often, however, people just resort to the syn flood, since the protocol itself is pretty weak.
I also believe the reference to "a few eggs thrown over the fence" wasn't a claim that these attacks are insignificant, just that they are common, and there plenty of ways to mitigate them. I will agree that if the Russian government is actually to blame for this, that is pretty lame.
I am also curious if AACS-LS is claiming that this number is a technology, product, service, device, or component. Those are the only things that DMCA cares about, and I could make a pretty good argument against calling a number any one of those things.
... offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof that that -" ...
from the DMCA
"No person shall
The article suspects that they will try to claim that it is a "part" of a "technology" that could theoretically crack an HDDVD. I am pretty sure that the final HDDVD cracking code will contain an if statement as well. I really hope that these lawsuits will end up redefining the law so that a "circumvention device" must at least be a physical device (which, I know would go against the decss ruling).
Point taken. I still think it's strange that the apostrophe is used in marking the possessive for all nouns except the pronouns. It was an arbitrary decision some guy made one day, with no real sensible basis, so the user confusion is more than understandable. From what I have seen on wikipedia, even top scholars still disagree on apostrophe usage.
I think the bigger issue is that the apostrophe is used to mark omissions and possessiveness. I would be happier if things that sounded the same looked the same on paper. More than phonetics, it should go for punctuation as well.
Why is its the only non apostrophized possessive? Strictly adhering to antiquated rules that make no sense kills the natural progression of language
That would also kill interoperability between controllers, and reduce the number of infections on the machine, which would be a good thing. Also, by fixing many of the commonly used vulnerabilities (weak passwords in RDP etc), the user has a much higher chance of catching on.
:-) If we had worms that hardened as they reaped, that might even be considered a service. Most worms that I have looked at on the other hand attempt to kill AV, logging, and often times create backdoor users, shares, or open simple control ports. If the attacker started enabling security measures and auto updates etc, they put themselves at a very high risk of losing the box, and not being able to get back in. Also a good thing.
Also, hardening machines is harder that you might think
The security on botnet nodes is normally pretty weak, so is should be feasible to just crack that node, and see who is connected to it.
The first time I looked at the link that was posted on full disclosure, all the passwords etc were there, but when I checked again the next day they had been removed. I think Google actually did a pretty quick cleanup job cleaning up their mess. The delay is due to the media echo chamber.
Remember that the full disclosure event was reported to Finjan, who did an analysis. Someone over at information week then wrote an article about this analysis, which was posted yesterday. The slashdot posting is about the information week article.
dancing trees make me happy
From what I can tell, it seems like they are just blocking links which contain redirects. Links to movies do not work, but links to images do. All the redirect links I could think of for other sites seemed to work though, so it might have something to do with the depth of the redirect, or the media type of the final content.
Is one in every thousand Chinese citizens a spammer?
I could easily believe that there are a million comprimised machines that are being used as spam relays. If they actually knew where the person who was running the spam network lived, they would get raided, not an email.
Boyd likened the technique to the fight combos common in martial arts video games.
:-)
Now all we need is a nice graphical interface and a joystick control system, and the fun can really begin
1. Its not hard in windows to go from user->admin if you are executing arbitrary code
2. Its not hard to infect backups
playing a different game
When I started playing Diablo 2, I knew very little about computers. Much of what I now know about programming, including things like memory patching and packet analysis/injection, started with me playing diablo 2. It's not that I had any sort of grudge against the NPCs, or that I felt inadequate or something like that. The new game was just more fun than the RPG.
Anyway, the way I see it, all clientside variables are fair game. I do realize there are things like bandwidth concerns for things like map transfers, but client boxes should in general be used for rendering graphics, and actual calculations should be done on the server. Any real cheating is the result of lazy programmers, or cheap server admins, everything else is just automation.
I don't get it. Aren't humans "animals", too?
Oddly enough, that statement is the justification that some animal rights extremists use. If you assume that a human life is the same as an animal life, then you are fully justified in killing one life to save the lives as others.
The reason its "ask slashdot" is because it has nothing to do with what slashdot is supposed to be about. It's not really about "your rights online", because they were in a tree, not on the internet. It has some political implications, but what doesn't these days?
They saw a story they thought was interesting, they wanted to post it to their favorite news site, they couldnt find the right category. So.. they called it "ask slashdot" by posting a link to the story, and saying "what do you think?", as if that question wasn't implied by other more relevant news stories.
I understand that this is an evolutionary news site, but maybe once a year or so there should be a vote on a new slogan (the poll system is already in place).
WOAH, the plot thickens!
but ya, it also spreads via windows shares (not just emails), so yes, it is a worm.
it said 15 million infections :-(
7 65247
http://webstats.web.rcn.net/cgi-bin/Count.cgi?df=
The only thing that I can think of would be blind reverse engineering or something. No offense to whoever submitted the code, as Im sure that can be taken as a massive insult (I know I would be annoyed if someone made accusations like that about my code). Maybe the wine developer was just very anal about the specs and didn't realize what could be done with it, but it is a good defensive point for microsoft.
or.. maybe its the simple/dumb ones that manage to get the media attention? Plenty of people get rich every day with nothing more than good old fashioned greed and manipulation.
a rooster only crows so many times before the mama knows a henhouse fulla graham crackers.
But didnt Einstein spend most of his later life trying to prove that quantum mechanics was just new age hippie physics? From what I understand he only came up with the whole EPR thing because he wanted to make quantum physics look bad, because it conflicted with his base of "nothing can go faster than light"