George Guninski regularly finds and releases exploits for many different services/os's. Whenever I see his name on Bugtraq, I know it's gonna be a crazy day. According to Rain Forest Puppy's policy, the waiting time is just a _suggestion_, not a law. I'd personally wait, and release the exploit announcement along with a vendor supplied patch (thus being RFP compliant), but that's just me.
$ man condom
CONDOM(1) EUNUCH Programmer's Manual CONDOM(1)
NAME
condom - Protection against viruses and prevention of child
processes
SYNOPSIS
condom [options] [processid]
DESCRIPTION
_condom_ provides protection against System Transmitted
Viruses (STVs) that may invade your system. Although the spread of
such viruses across a network can only be abated by aware and cautious
users, condom is the only highly-effective means of preventing
viruses from entering your system (see celibacy(1)). Any data passed
to condom by the protected process will be blocked, as specified by
the value of the -s option (see OPTIONS below). condom is known to
defend against the following viruses and other malicious
afflictions...
o AIDS
o Herpes Simplex (genital varieties)
o Syphilis
o Crabs
o Genital warts
o Gonhorrea
o Chlamydia
o Michelangelo
o Jerusalem
When used alone or in conjunction with pill(1), sponge(1),
foam(1), and/or setiud(3), condom also prevents the conception of a
child process. If invoked from within a synchronous process, condom
has, by default, an 80% chance of preventing the external processes
from becoming parent processes (see the -s option below). When other
process contraceptives are used, the chance of preventing a child
process from being forked becomes much greater. See pill(1),
sponge(1), foam(1), and setiud(3) for more information.
If no options are given, the current user's login process (as
determined by the environment variable USER) is protected with a
Trojan rough-cut latex condom without a reservoir tip. The optional
'processid' argument is an integer specifying the process to protect.
NOTE: condom may only be used with a hard disk. condom
will terminate abnormally with exit code -1 if used with a floppy
disk (see DIAGNOSTICS below).
...
Read the rest from http://www.netfunny.com/rhf/jokes/92q4/condomman.h tml
Even going to www.brillig.com gives you a 500 Server Error Hmm...Even with Verio's bronze package (where the site looks like it's hosted on), you get 5 gig's of monthly data transfer...burning the bandwidth fast...
- grunby
"Your credit card and personal information is safe with Egghead.com - we guarantee it! "
I subscribe to the defaced mailing list put out by attrition.org. I find it interesting to see the reactions of the web site owners. I look for any notice about the breach that they may put up after they've restored (and hopefully patched). I checked out Egghead's Privacy Policy page and saw that guarantee. Kinda makes me wonder...I'd think that companies would first react and check out the wording on any of their privacy and security page. The following is an excerpt from Egghead's privacy page:
Guarantee
Your browser and Egghead.com's secure server encrypt confidential information during transmission, ensuring that transactions stay private and protected. Egghead.com guarantees the safety of your credit card information in the following manner: if any unauthorized use of your credit card occurs as a result of your credit card purchase from Egghead.com, simply notify your credit card provider in accordance with its reporting rules and procedures. If, through no fault of your own, your credit card company finds credit card fraud but does not waive your entire liability for unauthorized charges, Egghead.com will reimburse you for the remaining liability, up to a maximum of fifty dollars U.S. ($50.00) per card. This guarantee applies to purchases made using Egghead.com's secure server (https: protocol). Woah, check out the second to last line...only 50 clams...
Did a quick search on Ebay... seems to be pretty popular...Came up with like 6 or 7 hits for the Akira DVD...It can apparently be played worldwide, ie. no region code... (Didn't think it was possible). Anyways, you may be able to get it was ebay at a premium price...
Well I haven't taken the time to check it out so this may in fact be happening...Just wanted to mention that Microsoft "extends" many standardize applications, protocols, RFCs...
The telnet client for windows 2000 is a good example of this...The shipped/unpatched telnet binary of windows 2000 will try and authenticate first using NT challenge/response...If that fails, it will proceed to the normal interactive server login/prompt. I think this "feature" was supposed to be used in conjunction with a Microsoft telnet server which can authenticate using NTLM.
Kinda scary...actually, very scary...Thank god I've been using scrt as my telnet/ssh client...
- [grunby]
BTW: MS has released a patch for the above mentioned bug
located here
They'd better offer some good music...
And what about that strange silence when you get into an elevator with a stranger...woah...5 hours worth of silence...
- [jeff]
That Yahoo! webpage mentioned in the article says "Similar levies already exist in Germany on devices whose main function is that of copying, such as scanners, photocopiers and fax machines. Depending on the power of the machine involved, the taxes range from $30-$275."
Does this mean that people who buy a 1Ghz machine will have to pay even more (in this "Payback tax ") than people who buy 600Mhz machines. And what about my new Cray Y-MP C90 machine?
From: Freecddb's Why page
"(Funny sidenote: One programmer told me, that his cd-player will be banned if he is refusing to display the CDDB-logo. His software is a console-based program (it does not produce any graphical output) for blind people...)."
The iFell should send out a little jolt of electricity...or it could make javascript very popular on porn sites...onmouseover="iFell.massage"
- [grunby]
Mr. Garfinkel also urged the more than 300 residential-network managers and student-coordinators attending the conference to stop the common practice of using unencrypted passwords to secure network-user accounts. "But you won't," he chided. "And so you're going to keep having accounts broken into."
With switched environments becoming the norm, I think the problem is more with users choosing bad passwords...People need to be better informed of what kind of responsiblity comes with getting an account on a system...i'd say at least twenty-five percent of our users have their passwords taped to their monitors or tabletop even after we give them the shpeel about keeping their passwords secure... - [grunby]
How similar are the laws in Norway to here in the US? Here I'm pretty sure it's still legal to make a "backup" of media like software and music, just as long it's for personal use...It seems that the decoding of DVD was so unexpected by the bigwig video companies and the code spread out so quickly, that they needed to make a decicive move and prosecute...granted, international internet laws have to enacted, but this is ridiculus...someone taken in for writing a piece of code that does basically the same thing a 200 dollar piece of hardware does...maybe if it could be compressed with minimal loss to one twentyth the original size they might have something to worry about...but not at this infant stage... just my.23 cents...
I've been waiting for these for a while now...saw all the prototype models being offered for a lot of money...and now they are starting to become mass produced...these are just little startup/no name companies trying to make a quick buck before the big boys come out and play... I'm sure sony, yamaha, and kenwood have working prototypes, but they're just not ready to be released yet...so if I can hold out a few more months, i'll be able to get my sony 5 disc mp3 player that'll integrate right into my sony system... it's sorta like the portable mp3 players...diamond came out with one and then loads of small companies started mass producing crappy little players...I guess I'll just have to wait and let this technology settle a bit before I go out and buy one...i'll just have to use xmms a little longer...
Slashdot Mirror
George Guninski regularly finds and releases exploits for many different services/os's. Whenever I see his name on Bugtraq, I know it's gonna be a crazy day. According to Rain Forest Puppy's policy, the waiting time is just a _suggestion_, not a law. I'd personally wait, and release the exploit announcement along with a vendor supplied patch (thus being RFP compliant), but that's just me.
- grunby
$ man condom
h tml
CONDOM(1) EUNUCH Programmer's Manual CONDOM(1)
NAME
condom - Protection against viruses and prevention of child
processes
SYNOPSIS
condom [options] [processid]
DESCRIPTION
_condom_ provides protection against System Transmitted
Viruses (STVs) that may invade your system. Although the spread of
such viruses across a network can only be abated by aware and cautious
users, condom is the only highly-effective means of preventing
viruses from entering your system (see celibacy(1)). Any data passed
to condom by the protected process will be blocked, as specified by
the value of the -s option (see OPTIONS below). condom is known to
defend against the following viruses and other malicious
afflictions...
o AIDS
o Herpes Simplex (genital varieties)
o Syphilis
o Crabs
o Genital warts
o Gonhorrea
o Chlamydia
o Michelangelo
o Jerusalem
When used alone or in conjunction with pill(1), sponge(1),
foam(1), and/or setiud(3), condom also prevents the conception of a
child process. If invoked from within a synchronous process, condom
has, by default, an 80% chance of preventing the external processes
from becoming parent processes (see the -s option below). When other
process contraceptives are used, the chance of preventing a child
process from being forked becomes much greater. See pill(1),
sponge(1), foam(1), and setiud(3) for more information.
If no options are given, the current user's login process (as
determined by the environment variable USER) is protected with a
Trojan rough-cut latex condom without a reservoir tip. The optional
'processid' argument is an integer specifying the process to protect.
NOTE: condom may only be used with a hard disk. condom
will terminate abnormally with exit code -1 if used with a floppy
disk (see DIAGNOSTICS below).
...
Read the rest from http://www.netfunny.com/rhf/jokes/92q4/condomman.
- grunby
Even going to www.brillig.com gives you a 500 Server Error
Hmm...Even with Verio's bronze package (where the site looks like it's hosted on), you get 5 gig's of monthly data transfer...burning the bandwidth fast...
- grunby
I'd be afraid if they ever hooked up maybe a worker ant's brain to one of these things...
- [grunby]
"Your credit card and personal information is safe with Egghead.com - we guarantee it! "
I subscribe to the defaced mailing list put out by attrition.org. I find it interesting to see the reactions of the web site owners. I look for any notice about the breach that they may put up after they've restored (and hopefully patched). I checked out Egghead's Privacy Policy page and saw that guarantee. Kinda makes me wonder...I'd think that companies would first react and check out the wording on any of their privacy and security page. The following is an excerpt from Egghead's privacy page:
Guarantee Your browser and Egghead.com's secure server encrypt confidential information during transmission, ensuring that transactions stay private and protected. Egghead.com guarantees the safety of your credit card information in the following manner: if any unauthorized use of your credit card occurs as a result of your credit card purchase from Egghead.com, simply notify your credit card provider in accordance with its reporting rules and procedures. If, through no fault of your own, your credit card company finds credit card fraud but does not waive your entire liability for unauthorized charges, Egghead.com will reimburse you for the remaining liability, up to a maximum of fifty dollars U.S. ($50.00) per card. This guarantee applies to purchases made using Egghead.com's secure server (https: protocol).
Woah, check out the second to last line...only 50 clams...
- [grunby]
They've got a funny logo on their homepage
"We make hackers go Ka - Chingg"
- [grunby]
Did a quick search on Ebay...
seems to be pretty popular...Came up with like 6 or 7 hits for the Akira DVD...It can apparently be played worldwide, ie. no region code... (Didn't think it was possible). Anyways, you may be able to get it was ebay at a premium price...
- [grunby]
Well I haven't taken the time to check it out so this may in fact be happening...Just wanted to mention that Microsoft "extends" many standardize applications, protocols, RFCs...
The telnet client for windows 2000 is a good example of this...The shipped/unpatched telnet binary of windows 2000 will try and authenticate first using NT challenge/response...If that fails, it will proceed to the normal interactive server login/prompt. I think this "feature" was supposed to be used in conjunction with a Microsoft telnet server which can authenticate using NTLM.
Kinda scary...actually, very scary...Thank god I've been using scrt as my telnet/ssh client...
- [grunby]
BTW: MS has released a patch for the above mentioned bug located here
I'm going to check their halloween bags and make sure someone hasn't slipped them a copy of win9x...
- [grunby]
Those captures wasn't enlightenment...
They've worked around the win98 source...
- [grunby]
They'd better offer some good music... And what about that strange silence when you get into an elevator with a stranger...woah...5 hours worth of silence... - [jeff]
"Similar levies already exist in Germany on devices whose main function is that of copying, such as scanners, photocopiers and fax machines. Depending on the power of the machine involved, the taxes range from $30-$275."
Does this mean that people who buy a 1Ghz machine will have to pay even more (in this "Payback tax ") than people who buy 600Mhz machines. And what about my new Cray Y-MP C90 machine?
damn...gotta sell my car...
- [grunby]
From: Freecddb's Why page
"(Funny sidenote: One programmer told me, that his cd-player will be banned if he is refusing to display the CDDB-logo. His software is a console-based program (it does not produce any graphical output) for blind people...)."
The iFell should send out a little jolt of electricity...or it could make javascript very popular on porn sites...onmouseover="iFell.massage" - [grunby]
It's loading up now, but very, _very_ slowly...I want to give it a look over before I send the url to my boss...
Mr. Garfinkel also urged the more than 300 residential-network managers and student-coordinators attending the conference to stop the common practice of using unencrypted passwords to secure network-user accounts. "But you won't," he chided. "And so you're going to keep having accounts broken into."
With switched environments becoming the norm, I think the problem is more with users choosing bad passwords...People need to be better informed of what kind of responsiblity comes with getting an account on a system...i'd say at least twenty-five percent of our users have their passwords taped to their monitors or tabletop even after we give them the shpeel about keeping their passwords secure...
- [grunby]
they got slashdotted... fear the slashdot effect...
How similar are the laws in Norway to here in the US? Here I'm pretty sure it's still legal to make a "backup" of media like software and music, just as long it's for personal use...It seems that the decoding of DVD was so unexpected by the bigwig video companies and the code spread out so quickly, that they needed to make a decicive move and prosecute...granted, international internet laws have to enacted, but this is ridiculus...someone taken in for writing a piece of code that does basically the same thing a 200 dollar piece of hardware does...maybe if it could be compressed with minimal loss to one twentyth the original size they might have something to worry about...but not at this infant stage... just my .23 cents...
I've been waiting for these for a while now...saw all the prototype models being offered for a lot of money...and now they are starting to become mass produced...these are just little startup/no name companies trying to make a quick buck before the big boys come out and play... I'm sure sony, yamaha, and kenwood have working prototypes, but they're just not ready to be released yet...so if I can hold out a few more months, i'll be able to get my sony 5 disc mp3 player that'll integrate right into my sony system... it's sorta like the portable mp3 players...diamond came out with one and then loads of small companies started mass producing crappy little players...I guess I'll just have to wait and let this technology settle a bit before I go out and buy one...i'll just have to use xmms a little longer...
mmm beer...