Not only that, but if the joke flies by at a significant fraction of the speed of light, individual O's will appear flattened and compressed respective to their height!
Honestly, I think TV would be way better if it stopped being profitable to produce million-dollar-per-episode shows. Is Fear Factor really that much more entertaining than Mr. Bean?
If it's a toss-up between a genuinely funny smalltown comedy troupe with a cheesy home-edited sketch show, vs. a Californian firm who can afford to buy anything at all for their show except a genuinely funny idea, well, I'll stick with YouTube, thanks.
...even if the user clicks on it, it won't run if it doesn't have execute permission.
'Even if?' If these drive-by download exploits are only able to create pwned.sh, then I'm not sure what they could ever accomplish if the user didn't click.
If this exploit could instead be used to create a pwned.sh with the execute bit already set, could we then get that script to run without user help? Or are we still stuck waiting around for a curious moron to click it?
Once the user starts to suspect shenanigans, cleaning you out is as simple as (optionally) rescuing important user data, killing the user account, and rolling up a new one. Getting back to 'trustworthy system' is a lot simpler and more foolproof if you're confident that the hostile code was effectively contained by its user privs.
Of course, this isn't a dealbreaker: as you said, you can get plenty of evil done by just hanging out in the unprivileged account, and all bets are off if there are any local escalation exploits, which there pretty much always are. But ignoring these kinds of exploits, in principle, user privilege management is sufficient to keep the underlying system trustworthy, even if it can't protect the individual users from themselves.
I did. And then I read the body of the post. And then I wanted to know how many different locations he uses RFIDs to get into. So I posted a reply. Asking how many locations.
The same way you manage to have more than 4 TCP connections open at once, despite your Ethernet cable only having 4 pairs of copper. The idea of multiplexing and timeslicing on a shared medium is already used at pretty much every level of a modern computer system.
If you have a situation where the performance cost is a huge deal, you probably have a situation where more hardware in parallel is warranted.
Remember 15 years ago, when you could put 2 IDE hard drives onto the same bus? Remember how sometimes you'd put one onto the secondary IDE bus instead because that was faster? Same shit, different signalling medium.
Yeah, we should consider the possibility that anonymous posting may suffer. As more and more AC's end up accessing Slashdot from behind the same gateways, they'll get that "Wait 10 minutes, asshole" message more and more often.
Slashdot Mirror
Not only that, but if the joke flies by at a significant fraction of the speed of light, individual O's will appear flattened and compressed respective to their height!
That's not news. Aquaman was washed up from the very founding of the Justice League.
Yeah, I thought this same thing.
"Trivially disproven using a cat and a blanket."
I agree. An adult vulva, waxed smooth, does not resemble a kid's.
That's what he said. "Lobbying."
Honestly, I think TV would be way better if it stopped being profitable to produce million-dollar-per-episode shows. Is Fear Factor really that much more entertaining than Mr. Bean?
If it's a toss-up between a genuinely funny smalltown comedy troupe with a cheesy home-edited sketch show, vs. a Californian firm who can afford to buy anything at all for their show except a genuinely funny idea, well, I'll stick with YouTube, thanks.
And if we mod it down, the comment will have insightfully predicted this!
Epimenides is watching us and snickering somewhere.
Oh, and look how fantastical I am at HTML.
I'm with you here, except for this bit:
...even if the user clicks on it, it won't run if it doesn't have execute permission.
'Even if?' If these drive-by download exploits are only able to create pwned.sh, then I'm not sure what they could ever accomplish if the user didn't click.
If this exploit could instead be used to create a pwned.sh with the execute bit already set, could we then get that script to run without user help? Or are we still stuck waiting around for a curious moron to click it?
If a hostile piece of code is able to create such a script in the first place, it is almost certainly also able to execute 'chmod' without asking you.
There's another difference, and it's a doozy:
Once the user starts to suspect shenanigans, cleaning you out is as simple as (optionally) rescuing important user data, killing the user account, and rolling up a new one. Getting back to 'trustworthy system' is a lot simpler and more foolproof if you're confident that the hostile code was effectively contained by its user privs.
Of course, this isn't a dealbreaker: as you said, you can get plenty of evil done by just hanging out in the unprivileged account, and all bets are off if there are any local escalation exploits, which there pretty much always are. But ignoring these kinds of exploits, in principle, user privilege management is sufficient to keep the underlying system trustworthy, even if it can't protect the individual users from themselves.
Or if someone has managed to trick iexplore.exe into executing hostile code.
But that'd never happen.
Note to self: Always empty an Infiniti owner's pockets before stashing his body in his own trunk for burial in the harbour.
Man, I wish my wife would eat me alive more often. I should try to pull that.
I did. And then I read the body of the post. And then I wanted to know how many different locations he uses RFIDs to get into. So I posted a reply. Asking how many locations.
Really? How many different places do you routinely need access to?
Those were installed by the same guy who mosaic'd your junk.
Mod parent insightful. I would normally call this flamebait, but in light of the weirdly oblivious GP comment, it hits the nail on the head.
The same way you manage to have more than 4 TCP connections open at once, despite your Ethernet cable only having 4 pairs of copper.
The idea of multiplexing and timeslicing on a shared medium is already used at pretty much every level of a modern computer system.
If you have a situation where the performance cost is a huge deal, you probably have a situation where more hardware in parallel is warranted.
Remember 15 years ago, when you could put 2 IDE hard drives onto the same bus? Remember how sometimes you'd put one onto the secondary IDE bus instead because that was faster? Same shit, different signalling medium.
In this case, "Decode" was a computationally trivial analog signal transformation. It was like an RF version of ROT13.
Yeah, we should consider the possibility that anonymous posting may suffer. As more and more AC's end up accessing Slashdot from behind the same gateways, they'll get that "Wait 10 minutes, asshole" message more and more often.
Oh, this oughta be good. Please. Name some "centrists" who have shows on Fox.
Moose and Maverick?
WHAT could they be trying to tell us.
Psychologists don't give advice on how to best be mentally ill
Don't they?
That depends on what your definitions for "are" are.