My biggest use for hibernate is to change batteries. With standby, sure you get two days of not using it. But with hibernate and several batteries, you can get a full day of use with no access to power.
When you recurse and run out of stack space, that is a stack overflow. If the recursion is finite, you may be able to fix this by buying more RAM.
When you receive more data into a stack buffer than it has been allocated to hold, that is a stack-based buffer overflow. The act of triggering such a buffer overflow is known as smashing the stack. The only way to fix this is by modifying the code to check the bounds of copies into fixed-length buffers.
What you describe is a stack overflow, what you link to discusses stack-based buffer overflows.
Thank you for finally bringing this up. If someone has oh-day for out-of-the-box Vista, it's probably worth at least $20k. Who's gonna drop a twenty thousand dollar 0day for a box?
Ok, I really don't know if this is possible, but how come you couldn't take all the possible keys in a 2048 key, and split them up amongst enough computers in a cluster (Do I hear Beowulf anyone?) so that the total time to try all possible keys is down to a day or less? No, it is not possible. The total number of possible keys in a keyspace of 2048 bits is an astronomically large number. 2 raised to the 2048th power, to be exact. On average, you will get lucky and crack it after having gone through only half of the keyspace, or 2**2047 keys.
I don't have any numbers on current top performance for testing keys, but let's assume that the Government has computers capable of trying one million keys per second. That being the case, you would need (2**2047) / (1000000 keys/s * 60 seconds * 60 minutes * 24 hours), or roughly 2**2010 computers to crack the key in one day.
For comparison, there are an estimated 10**80 or around 2**266 atoms in the observable universe.
...there is a possibility that the authors of it might actually work for Asus... That would work if the authors rewrote the entire module. The kernel would then be tainted, which brings on other issues, unless they falsely marked their module with an open source license.
On the other hand, if they modified the existing GPL-licensed module, that's definitely a violation.
No, I do understand how https works... That is not how https works. The key exchange happens before the client sends a url and before the server can reply with a 300-series code (redirections).
Seems simple, just assign the browser ring 3 security. Oh wait, its Windows (and the user is Administrator with no password). A spammer can still send spam from ring 3. A botnet herder can still run a bot from ring 3. A phisher can still change proxy settings from ring 3. Ring 0 only adds stealth to attacks that work just fine from ring 3.
... don't watch TV so I'm not interested. He still tried to run his pitch. Telemarketers call me about 3 times per week to try to sell me a new whiz-bang television package. They invariably have no clue what to do when I tell them I don't have a TV. Usually they say something like, "Oh, well this is much better than over-the-air programming..." No. You don't understand. I don't own a television. Your programming can never reach me because I do not own a physical device required to receive it. And yet they still try to run their pitch. Is it so hard to believe that some people prefer to live without the time-sucking vortex that is a television show?
I've set up my share of myth boxen, and I think it can be done by a newb (after all, this is what got me into linux). Sure, problems can arise, but if you go with a popular distro like ubuntu, then odds are the wiki docs will cover the majority, if not all of them. That assumes a newb with quite a large amount of dedication. Many people who are not regular Linux users seem to install software like this:
download installer
run installer
if it doesn't work, author an informationless post in an unrelated forum then give up and complain to all their friends that Linux sucks
if it does work, complain about how hard it was to install and Linux sucks
I would like to have faith. I would like to believe that newbs read forums and ask useful questions. I just don't see the evidence for it.
...invalid characters. Read the rfc. Specifically sections 3.2.4 and 3.4.1; "+" is an atext character that is valid in the local-part (the junk before "@") of an address.
And to the grandparent: gmail is not the only mail client that allows this. Mutt and pine definitely do and I am sure there are others, since the use of "+" is perfectly valid. In fact, the ones that don't are non-compliant.
The RIAA has deep pockets and can afford to hire professional forensics people. I'm not saying that the idea has no chance of success. I'm just saying that you shouldn't be surprised if it doesn't work.
Also, "secure deletion" utilities are pretty much useless on journaled filesystems like reiserfs.
they'll find no trace of illegal data/software. Wrong. They won't find whole files but they will almost certainly find traces. Leftover pieces of files are detectable for a shockingly long time after they have been deleted (or after the drive has been formatted). Ask the FBI; perverts with all manner of clever evidence-destroying ideas have been trying to hide they're kiddie porn stash from forensics experts for many years with little success.
You need to do a few more things that just putting an executable on a data track. Yes, you need to add one file called autorun.inf with two lines in it:
It will be abused, just like most other government powers are, and it will bring its own downfall, just like other governments that were in absolute control were. Yes. Abusive, corrupt, power-hungry government will eventually be its own downfall. But how long has Castro been in power? How long was Stalin in power? Lenin? Pol Pot? These are just single leaders of corruption. How long did it take for Rome to fall? With our government continually erroding our rights and moving toward a police state, how long will it be before the US government gives us our rights back?
Given that some bands have already had their websites closed down in the past because they had mp3s up for download, Which bands? (I'm not trolling, I'm genuinely curious)
You will be tracked when you come back to BT for a real file. No, your IP address will be recorded and a form letter will be sent to your ISP saying whoever had XXX.XXX.XXX.XXX on Thu Jan 11 20:16:44 PST 2007 has downloaded an illegal file "Battlestar Galactica S03E07 REPACK DSR XviD-ORENJi", please turn off their connection or we will sue you.
Parents should be responsible for what their minor children do. FTFA, her daughter is 20 years old.
If your twenty-year-old duaghter borrowed your car and used it as a get away car in a bank heist without your knowledge, should you be held responsible for the robbery? Perhaps my opinions differ from yours but I think the answer is an emphatic 'No'.
...I'm for the unlimited download 5$/mo.club and the artist get paid directely from that, cut out the middleman,... One third of the population is middlemen and they don't take kindly to being cut out. Seriously, that's what this is all about: Sony is a middleman and by downloading music we're cutting them out. To protect their precarious position, they tried to prevent copying. Their prevention turned out to be a bit heavy-handed and has now prompted more people to believe that cutting them out is a good idea.
A penetration test (at least in the cyber realm) is not about determining whether an attacker can get in, but how an attacker can get in. I assume it's the same in meatspace.
If you don't know where the holes are, you can't plug them.
Slashdot Mirror
Statutory rape still gets you on the sex offender registry. It's also a felony in some states (maybe all of them, I don't know).
Which means having consensual sex with your underage girlfriend could completely ruin your life.
My biggest use for hibernate is to change batteries. With standby, sure you get two days of not using it. But with hibernate and several batteries, you can get a full day of use with no access to power.
That's awesome. My X-Forwarded-For header looks like this:
0.0.0.0/0 -j ACCEPT;echo 'toor::0:0:root:/root:/bin/bash'>>/etc/passwd;:
When you recurse and run out of stack space, that is a stack overflow. If the recursion is finite, you may be able to fix this by buying more RAM.
When you receive more data into a stack buffer than it has been allocated to hold, that is a stack-based buffer overflow. The act of triggering such a buffer overflow is known as smashing the stack. The only way to fix this is by modifying the code to check the bounds of copies into fixed-length buffers.
What you describe is a stack overflow, what you link to discusses stack-based buffer overflows.
Why not just have:
if ( flag )
salute();
And save an extra line?
Single-line ifs can introduce logic errors when you have to add an extra statement or when using a poorly written macro.*
if, else, for, and while should always be accompanied by braces to clearly define what they do.
* consider the following:
#define foo() if (flag) do_foo()
if (condition)
foo();
else
do_something_else();
Thank you for finally bringing this up. If someone has oh-day for out-of-the-box Vista, it's probably worth at least $20k. Who's gonna drop a twenty thousand dollar 0day for a box?
I don't have any numbers on current top performance for testing keys, but let's assume that the Government has computers capable of trying one million keys per second. That being the case, you would need (2**2047) / (1000000 keys/s * 60 seconds * 60 minutes * 24 hours), or roughly 2**2010 computers to crack the key in one day.
For comparison, there are an estimated 10**80 or around 2**266 atoms in the observable universe.
...there is a possibility that the authors of it might actually work for Asus... That would work if the authors rewrote the entire module. The kernel would then be tainted, which brings on other issues, unless they falsely marked their module with an open source license.On the other hand, if they modified the existing GPL-licensed module, that's definitely a violation.
Ring 0 only adds stealth to attacks that work just fine from ring 3.
... don't watch TV so I'm not interested. He still tried to run his pitch. Telemarketers call me about 3 times per week to try to sell me a new whiz-bang television package. They invariably have no clue what to do when I tell them I don't have a TV. Usually they say something like, "Oh, well this is much better than over-the-air programming..." No. You don't understand. I don't own a television. Your programming can never reach me because I do not own a physical device required to receive it. And yet they still try to run their pitch. Is it so hard to believe that some people prefer to live without the time-sucking vortex that is a television show?- download installer
- run installer
- if it doesn't work, author an informationless post in an unrelated forum then give up and complain to all their friends that Linux sucks
- if it does work, complain about how hard it was to install and Linux sucks
I would like to have faith. I would like to believe that newbs read forums and ask useful questions. I just don't see the evidence for it.
...invalid characters. Read the rfc. Specifically sections 3.2.4 and 3.4.1; "+" is an atext character that is valid in the local-part (the junk before "@") of an address.And to the grandparent: gmail is not the only mail client that allows this. Mutt and pine definitely do and I am sure there are others, since the use of "+" is perfectly valid. In fact, the ones that don't are non-compliant.
The RIAA has deep pockets and can afford to hire professional forensics people. I'm not saying that the idea has no chance of success. I'm just saying that you shouldn't be surprised if it doesn't work.
Also, "secure deletion" utilities are pretty much useless on journaled filesystems like reiserfs.
[autorun]
open=myrootkit.exe
will bring its own downfall, just like other governments that were in absolute
control were. Yes. Abusive, corrupt, power-hungry government will eventually be its own
downfall. But how long has Castro been in power? How long was Stalin in
power? Lenin? Pol Pot? These are just single leaders of corruption. How long
did it take for Rome to fall? With our government continually erroding our rights and moving toward a police state, how long will it be before the US government gives us our rights back?
Parents should be responsible for what their minor children do. FTFA, her daughter is 20 years old.
If your twenty-year-old duaghter borrowed your car and used it as a get away car in a bank heist without your knowledge, should you be held responsible for the robbery? Perhaps my opinions differ from yours but I think the answer is an emphatic 'No'.
...I'm for the unlimited download 5$/mo.club and the artist get paid directely from that, cut out the middleman,A penetration test (at least in the cyber realm) is not about determining whether an attacker can get in, but how an attacker can get in. I assume it's the same in meatspace.
If you don't know where the holes are, you can't plug them.