For those of you who keep asking why it's so hard to do this, I want you to do a quick little exercise for me. Close your eyes and think about the last time your Mom or your Grandma asked you for "just a little bit" of help with her computer. Got it? Now realize that these are the same people who are going to have to operate and maintain these machines throughout the voting day.
...but by asking for ludicrous amounts like 4GB at once on a 32bit system.
That is exactly what the exploit does. By exploiting a flash length value that is validated as signed, but used as unsigned, Dowd was able to cause the dynamic allocation to request a massive amount of storage in a single call with the intent of having it fail.
That said, anyone want to buy $2k worth of 3.5 Edition books?
Sure. I figure they are worth about $50 if you cover the shipping. On the other hand, consider donating them to the public library. You get to take the tax writeoff and they get to figure out what to do with them.
Hmm. Why do you need to unwrap the cable every few weeks?
As the windmill head weathervanes to stay faced into the wind, it rotates about the mounting pole. You can either use some sort of rotating connector to deal with this, or allow some extra cable to wrap around the pole and manually unwrap it every so often.
I'm sure it will be a lot of fun for small mom and pop retailers to deal with filing paperwork and collecting tax in 50 states
If it were only that easy. Many counties impose their own little bit of sales tax as well. Mom and Pop Inc. will be trying to figure out what tax rate to apply for each delivery zip code. Those tax rates will need to be updated after each local election since there might have been a change to the sales tax rate. We could also throw in the issue that some products are taxable in some locales while not in others. They will need to take that issue into account as well.
And finally, any thoughts on who is ultimately going to bear the cost of producing and managing all of that underlying detail? Want to bet it won't be Congress?
Carol gives the example of multiplying 5 by successive numbers, such as 6, 7, 8. "In simple terms, the method of differences is based on the observation that if the work has already been done to multiply 5 by 5, [then] that work can be reused to multiple 5 by 7 with the addition of another 5 into the previous total," he writes.
I guess that's why the author went into journalism instead of computers.
And they'll also lose their common carrier protections, which will open them to lawsuits for anything carried on their networks, like child porn or illegally shared MP3s.
This isn't really a problem since they don't have common carrier status anyway. Section 230 of the Communications Decency Act does provide them with protection as an ISP from torts arising from data traffic that passes through. There doesn't seem to be any clause that would waive this protection based on any traffic shaping actions that Comcast might take.
If I were comcast, I would just completely block P2P uploading as it violates the TOS. Not a popular answer I know, but my terms do say that I cannot run a server on my residential connection. P2P seeding should qualify as a file server.
They aren't running a server, they are running a peer. Unless their TOS prohibits peering relationships between computers there is no violation.
Why on h^Hearth do you need the password of this account to be written in the source code?
Because Gmail's SMTP server uses username/password to authenticate the user before accepting outgoing mail. He was not only emailing info to his gmail account, he was using gmail's smtp server as the outbound connection. Given the purpose of the program, the author assumed that the user had a gmail account and used gmail's smtp server, so the program would not have any firewall issues connecting outbound for its nefarious purposes.
Not really JUST as easily. You fully expect the G-Archiver to be transmitting encrypted (ssl) data to google. A few extra packets aren't going to raise any red flags.
No, but the outgoing connection to the SMTP port might. There is absolutely no reason for it to make that connection and it should have tripped someone's radar.
Slashdot Mirror
Hopefully that helped clear it up a bit.
I fail to see the news in this. Spammers and malware distributors have always targeted the technologically ignorant.
And finally, any thoughts on who is ultimately going to bear the cost of producing and managing all of that underlying detail? Want to bet it won't be Congress?
I guess that's why the author went into journalism instead of computers.
As long as Lasseter leaves Studio Ghibli and Hayao Miazaki alone, he can do whatever he wants with the rest of Disney.
I was looking for an "I'm a dumbass" button. I found it but it was marked submit. Doh!
See also Ken Thompson's post on Reflections on Trusting Trust, where he reprints his article from the Communications of the ACM about the subject.