The funny thing is the HACKERS sent out a mass e-mail to everyone with a steam forums account, advertising some steam hacks (either they are stupid and were advertising themselves or they were framing another group). Also I never actually got Gabe's email, I only read about THAT on Joystiq first.
Didn't Mythbusters disprove the whole "bullet to the gas tank makes the car explode" thing? I would imagine it's the same with a jet, not sure if "incendiary" makes a difference or not. Pretty sure it wouldn't EXPLODE all at once though.
And I'm sure they gotta keep good enough eyes on the airfield that people wandering around would be noticed and stopped by security... AFAIK all the big airports restrict who can actually go into the airfield, and if you hang around outside you're not likely to be able to get off a good shot, plus you'd probably still be noticed hanging around the fence or whatever.
Thinking about it more, wind power simply turns the "turbine" with the force of the wind directly, and gas-powered engines use controlled explosions to get the mechanical force wanted,
But at least I'm pretty sure coal, nuclear, and solar all use heat to get water to go through an evaporate -> spin the turbine -> cool -> start over cycle...
Don't most current methods of generating electricity pretty much break down into somehow generating heat to boil water to force steam to turn a turbine etc etc? Except for maybe hydroelectric, where you have gravity acting on water turning turbines AFAIK.
It doesn't say remote vulnerability, it says remote code execution. It's probably a Word bug that allows execution of shellcode, which in turn exploits the LOCAL vulnerability in the Windows kernel for privilege elevation. "Remote" just refers to Duqu running code given to it over the network, I assume.
If your file system starts to fill up Disk Cleanup will wipe your Temp folder of old files. So this functionality sort of already exists, it's just not automatic (you have to answer the "disk is filling up" prompt) and doesn't delete files unless it needs to.
Minecraft is a sandbox game. As the name implies both mining and crafting are important parts of the game. Mining is necessary to get the ingredients to build the strongest and most resilient tools. Crafting is necessary to produce most of the materials in the game. There is no point or goal at the moment other than any goals you set for yourself (or in an MP server, you can take part in large projects together).
The latest update coming up is actually going to add real mineshafts complete with train rails and archways. But for now you get caves with goodies marking the ceilings, floors, and walls at various points.
There's a lot more to the game too... enemy monsters for example. Flowing water and lava (not entirely physically accurate, but it's easy enough to predict how it will act... most of the time), day/night and weather system (monsters come out at night!), different biomes, near-infinite world. Oh, and you can create portals to hell which allow you to quickly cross large bits of the normal-world map in shorter time. I'm not joking (it's called the Nether).
There are plenty of videos on YouTube. look some up. It's really quite fun, especially online with people you know (strangers tend to be destructive and not fun to play with).
Also there's a subreddit on reddit (/r/minecraft) if you want to see pictures of peoples' creations.
It sounds like Chrome delays loading NSS until it is needed (for the first HTTPS request made). When NSS loads it loads pkcs11.txt and looks for user-definable configuration settings. The idea of changing the CWD is just because if the hacker can write to C:\pkcs11.txt (where Chrome would look for it assuming Chrome's default installation location) the hacker already has control of the PC. Changing the CWD before the first HTTPS request allows the hacker to control where Chrome looks for that file. The file itself is static and is not changed by NSS I would imagine.
NSS was probably designed with the assumption that it gets loaded on application startup (I imagine Firefox uses it since Mozilla wrote it) and so CWD would never be an issue. Whoops.
Addendum: This appears to be a bug in NSS, which is maintained by Mozilla, not Chrome. It also is reproducible on Mac, not just Windows. In addition it is not considered a security bug and is publicly view-able in the Chrome bug tracker. More reading.
The link indicates it is far from easy. First, the user must not be using Google as the Chrome search engine, nor have used HTTPS at all during the browsing session, as either causes the window of opportunity to close until Chrome is restarted. Secondly, the attacker must trick the user into moving Chrome's CWD using Open/Save As to a network drive where they have control. THEN the attack is easy as the following HTTPS site the user visits will trigger the loading of arbitrary code controlled by the attacker. But overall it is far easier to trick a user into opening an e-mail attachment or downloading and executing arbitrary code to begin with imo...
Re:Nice distro but they messed up the desktop
on
Ubuntu Turns 7
·
· Score: 1
If you would prefer gnome 3 you can install the gnome-shell package or whatever; reportedly it works just fine... I dunno about gnome 2 though, I would expect there is a package for that too.
WARNING These experimental features may change, break, or disappear at any time. We make absolutely no guarantees about what may happen if you turn one of these experiments on, and your browser may even spontaneously combust. Jokes aside, your browser may delete all your data, or your security and privacy could be compromised in unexpected ways. Any experiments you enable will be enabled for all users of this browser. Please proceed with caution.
It can be cross-compiled to JavaScript. So every browser will be able to support it right off the bat. Of course it would be slower than native Dart support.
At work we have been looking to bring 3D to IE7/8 (don't ask... client requires them) so this could be a possible solution to our problem. The only other options we've had so far are software renderers for Flash which are obviously too slow to do any more than 3DS-quality graphics on a very small scale.
If you tap the Windows key and start typing, like in previous versions it will start searching for what you typed. So that still works the same, at least.
Slashdot Mirror
Yes, it's in TFA url and title. :)
Then Apple just blacklists them from Siri for violating their ToS (I'm sure reverse engineering protocols are covered somewhere in there).
The funny thing is the HACKERS sent out a mass e-mail to everyone with a steam forums account, advertising some steam hacks (either they are stupid and were advertising themselves or they were framing another group). Also I never actually got Gabe's email, I only read about THAT on Joystiq first.
Didn't Mythbusters disprove the whole "bullet to the gas tank makes the car explode" thing? I would imagine it's the same with a jet, not sure if "incendiary" makes a difference or not. Pretty sure it wouldn't EXPLODE all at once though.
And I'm sure they gotta keep good enough eyes on the airfield that people wandering around would be noticed and stopped by security... AFAIK all the big airports restrict who can actually go into the airfield, and if you hang around outside you're not likely to be able to get off a good shot, plus you'd probably still be noticed hanging around the fence or whatever.
I would settle for harmed functionality over none.
Thinking about it more, wind power simply turns the "turbine" with the force of the wind directly, and gas-powered engines use controlled explosions to get the mechanical force wanted,
But at least I'm pretty sure coal, nuclear, and solar all use heat to get water to go through an evaporate -> spin the turbine -> cool -> start over cycle...
Don't most current methods of generating electricity pretty much break down into somehow generating heat to boil water to force steam to turn a turbine etc etc? Except for maybe hydroelectric, where you have gravity acting on water turning turbines AFAIK.
It doesn't say remote vulnerability, it says remote code execution. It's probably a Word bug that allows execution of shellcode, which in turn exploits the LOCAL vulnerability in the Windows kernel for privilege elevation. "Remote" just refers to Duqu running code given to it over the network, I assume.
And of course I'm thinking of Windows, not 'nix, but Ubuntu does have a similar tool and functionality as well. Not sure about other 'nixes.
If your file system starts to fill up Disk Cleanup will wipe your Temp folder of old files. So this functionality sort of already exists, it's just not automatic (you have to answer the "disk is filling up" prompt) and doesn't delete files unless it needs to.
Minecraft is a sandbox game. As the name implies both mining and crafting are important parts of the game. Mining is necessary to get the ingredients to build the strongest and most resilient tools. Crafting is necessary to produce most of the materials in the game. There is no point or goal at the moment other than any goals you set for yourself (or in an MP server, you can take part in large projects together).
The latest update coming up is actually going to add real mineshafts complete with train rails and archways. But for now you get caves with goodies marking the ceilings, floors, and walls at various points.
There's a lot more to the game too... enemy monsters for example. Flowing water and lava (not entirely physically accurate, but it's easy enough to predict how it will act... most of the time), day/night and weather system (monsters come out at night!), different biomes, near-infinite world. Oh, and you can create portals to hell which allow you to quickly cross large bits of the normal-world map in shorter time. I'm not joking (it's called the Nether).
There are plenty of videos on YouTube. look some up. It's really quite fun, especially online with people you know (strangers tend to be destructive and not fun to play with).
Also there's a subreddit on reddit (/r/minecraft) if you want to see pictures of peoples' creations.
It sounds like Chrome delays loading NSS until it is needed (for the first HTTPS request made). When NSS loads it loads pkcs11.txt and looks for user-definable configuration settings. The idea of changing the CWD is just because if the hacker can write to C:\pkcs11.txt (where Chrome would look for it assuming Chrome's default installation location) the hacker already has control of the PC. Changing the CWD before the first HTTPS request allows the hacker to control where Chrome looks for that file. The file itself is static and is not changed by NSS I would imagine.
NSS was probably designed with the assumption that it gets loaded on application startup (I imagine Firefox uses it since Mozilla wrote it) and so CWD would never be an issue. Whoops.
Addendum: This appears to be a bug in NSS, which is maintained by Mozilla, not Chrome. It also is reproducible on Mac, not just Windows. In addition it is not considered a security bug and is publicly view-able in the Chrome bug tracker. More reading.
It appears to manifest on Mac as well. Read more.
The link indicates it is far from easy. First, the user must not be using Google as the Chrome search engine, nor have used HTTPS at all during the browsing session, as either causes the window of opportunity to close until Chrome is restarted. Secondly, the attacker must trick the user into moving Chrome's CWD using Open/Save As to a network drive where they have control. THEN the attack is easy as the following HTTPS site the user visits will trigger the loading of arbitrary code controlled by the attacker. But overall it is far easier to trick a user into opening an e-mail attachment or downloading and executing arbitrary code to begin with imo...
If you would prefer gnome 3 you can install the gnome-shell package or whatever; reportedly it works just fine... I dunno about gnome 2 though, I would expect there is a package for that too.
Looks like he just got the URL from the RSS feed (likely because he is subscribed to it). No big deal.
You can pay via PayPal or Google Checkout IIRC. Not sure what fees those guys charge.
It can be cross-compiled to JavaScript. So every browser will be able to support it right off the bat. Of course it would be slower than native Dart support.
At work we have been looking to bring 3D to IE7/8 (don't ask... client requires them) so this could be a possible solution to our problem. The only other options we've had so far are software renderers for Flash which are obviously too slow to do any more than 3DS-quality graphics on a very small scale.
If you tap the Windows key and start typing, like in previous versions it will start searching for what you typed. So that still works the same, at least.
Good luck proving that that statement was there, and that someone at the company with the authority to make that agreement signed off on it.
This post certainly isn't suspicious and not a spam bot. Nope.
Ooh! Maybe we can make them put GeoCities back up!