Is that really true? At least as far as my understanding of OS X security is concerned, no code can "take over" the computer without the user specifically giving admin privileges. I'd be interested to hear other thoughts on this.
As far as installing something as root, it should ask for your password. But if something is running as root, and is exploited then code can be executed as root, in effect taking over your computer. Mac OS X is pretty good about limiting the listening ports and good software should use a least-privilege mindset where it drops to a lesser-privileged user, such as the user 'nobody'.
is pretty darn quick. Disclosure guidelines generally give 5 days to a week just to RESPOND to the issue, let alone fix it. Thumbs up to Google for their prompt fix.
You could also go to https://gmail.google.com/mail just once, and drag the icon in the location to the bookmarks toolbar, and it's there permanently. You even get a pretty red envelop icon to click on each time!
also does Defcon each year in Las Vegas. I've been to defcon 7 and 8 and found it to be too big and commercialized even for a "hacker" convention. Attendees at BlackHat Briefings used to receive free attendance at Defcon, and at defcon you could easily tell who the kiddies where and who were the professionals. I much prefer the smaller conventions like RootFest or ToorCon, that don't have rooms of booths or tons of script kiddies running around.
You think the public switched telephone network is any more secure than VOIP? Hackers have been playing around in the phone system since it's inception, via switchboard pranks, then devices like blueboxes, and finally hacking the DMS-100 switch used to route your telephone calls. Free service, free features, unbillable numbers, untracable calls, phone taps, and even controlling dial-in lines to win radio call-in prizes. This is all old hat, and VOIP is simply the new playground.
My guess is the lil green men took it to their underground lab for analysis.
I don't care about what people say re: Theo...
on
OpenBSD Turns 10
·
· Score: 5, Insightful
about his attitude or any of that. OpenBSD is a very good product, and it's leading-edge when it comes to security. They audit code, they take care of security issues, and they tackle even the so-called theoretical security issues. OpenBSD is the best example of how others should treat security.
Happy Birthday OpenBSD!
>Or you could... you know... remember to renew your domains after you get the first or >second warning email.
>Just a thought.
There is a group out there that uses their status as domain registrars to steal domains before the expiration period is over. See www.rootfest.net/squatters.html for more information.
I believe you mean "heterogeneous," consisting of dissimilar elements. The opposite of homogeneous. I won't even touch the rest of your post... where do you come up with this crap?
that bands at least care about their listeners. Maybe artists can pressure their labels into getting rid of this crap?
Now that they've posted instructions on getting around the copy protection, is Sony going to sue them using the DMCA??
Slashdot Mirror
...this does not open up top level domains, like .a or .b This is a proposal to open up something like a.com or b.com.
Yes, I realize there are a few out there, www.X.org comes to mind. Most of the single letter domains are registered to:
[whois.iana.org]
IANA Whois Service
Domain: c.com
Name: IANA_RESERVED
The article also states that IANA started reserving these in 1993, but the whois record for x.org shows it was created in 1997.
Is that really true? At least as far as my understanding of OS X security is concerned, no code can "take over" the computer without the user specifically giving admin privileges. I'd be interested to hear other thoughts on this.
As far as installing something as root, it should ask for your password. But if something is running as root, and is exploited then code can be executed as root, in effect taking over your computer. Mac OS X is pretty good about limiting the listening ports and good software should use a least-privilege mindset where it drops to a lesser-privileged user, such as the user 'nobody'.
is pretty darn quick. Disclosure guidelines generally give 5 days to a week just to RESPOND to the issue, let alone fix it. Thumbs up to Google for their prompt fix.
You could also go to https://gmail.google.com/mail just once, and drag the icon in the location to the bookmarks toolbar, and it's there permanently. You even get a pretty red envelop icon to click on each time!
also does Defcon each year in Las Vegas. I've been to defcon 7 and 8 and found it to be too big and commercialized even for a "hacker" convention. Attendees at BlackHat Briefings used to receive free attendance at Defcon, and at defcon you could easily tell who the kiddies where and who were the professionals. I much prefer the smaller conventions like RootFest or ToorCon, that don't have rooms of booths or tons of script kiddies running around.
telnet legions.org 5555
a set of pointy ears!
I don't drink beer, because I don't like the taste, but this sounds GOOD. mmmmm caffeine!
The NSA has released it's over version of linux, SELinux, the Security Enhanced Linux.
Now, when the NSA spies on me, my wi-fi network will be unable to work due to interference!
Is anyone suprised by this? I'm shocked, real shocked. Who would have thought?
You think the public switched telephone network is any more secure than VOIP? Hackers have been playing around in the phone system since it's inception, via switchboard pranks, then devices like blueboxes, and finally hacking the DMS-100 switch used to route your telephone calls. Free service, free features, unbillable numbers, untracable calls, phone taps, and even controlling dial-in lines to win radio call-in prizes. This is all old hat, and VOIP is simply the new playground.
My guess is the lil green men took it to their underground lab for analysis.
about his attitude or any of that. OpenBSD is a very good product, and it's leading-edge when it comes to security. They audit code, they take care of security issues, and they tackle even the so-called theoretical security issues. OpenBSD is the best example of how others should treat security. Happy Birthday OpenBSD!
for network assesment. It's the best free tool out there, and IMHO better than the commercial apps as well.
>Or you could... you know... remember to renew your domains after you get the first or >second warning email. >Just a thought. There is a group out there that uses their status as domain registrars to steal domains before the expiration period is over. See www.rootfest.net/squatters.html for more information.
about people walking through the mall with rfid readers? Will /. readers line their wallets with tinfoil? :-)
I believe you mean "heterogeneous," consisting of dissimilar elements. The opposite of homogeneous. I won't even touch the rest of your post... where do you come up with this crap?
that bands at least care about their listeners. Maybe artists can pressure their labels into getting rid of this crap? Now that they've posted instructions on getting around the copy protection, is Sony going to sue them using the DMCA??