... I still dont know how they are relevant if you initiated the connection in the first place. Sequence number attacks seem to be about taking over someone else's authenticated sessions
If you can guess the sequence number, then you can initiate a connection with a forged source IP address. It is very similar to taking over an existing connection.
You saw it here first. Here's an idea. Don't charge per click but per sale generated.
Porn companies have been doing this for years. Sign up for an affiliate program, send traffic, make sales, get paid. It's not a new idea now, and it wasn't a new idea then.
fraud would be virtually impossible
The advertiser wouldn't have to report correct sale numbers.
did descent do realtime lighting and shading? Yup.
Actually, I think the lighting was faked like in DOOM. The sector/room light level could be in various levels from lit to dark. Quake had real lighting: a rocket or grenade could light up arbitrary walls.
is that apple is no longer shipping classic or even the classic cd's with osx. After the last time I took my ibook in for repair, they replaced my harddrive, giving me 10.3, but without classic.
I got a PowerBook with 10.3 about four months ago and it came with Classic.
I'm not saying they don't value their own software -- clearly they do, like any coder does -- but they don't care enough about it to ask people even to assert their authorship.
Or they simply want it to be used by as many people as possible. Lots of excellent software is public domain. SQLite is a great example:
The author disclaims copyright to this source code. In place of a legal notice, here is a blessing:
May you do good and not evil.
May you find forgiveness for yourself and forgive others.
May you share freely, never taking more than you give.
but it just take one merchant willing to charge to an account and ship merchandise based on the the phone data alone and suddenly there's a way to get a charge onto somebody's credit account without even knowing their card number
Who cares? The card holder will charge back, and the merchant will be out the money, plus the charge back fee. It only hurts the incompetent merchant, not the card holder.
It sucks for the game because the person who bought the level 245 Necromancer Dark Elf Paladin is skipping the majority of the world that the developers put their blood, sweat and tears into.
The person who played the character to level 245 didn't skip the majority of the world.
The answers it generates are often excessively verbose (e.g. redundant NS records).
This only occurs if you specify redundant name servers in the database. tinydns serves exactly what you tell it to serve.
Third-party documentation suggests a configuration that violates recommendations of TLD operators and most ISPs, which means that you have to redo parts of it once you receive your first delegation.
"If you were running BIND, you'd find it only a little bit painful to receive a classless reverse delegation (setting up one zone file), while you'd find it much more painful to receive separate reverse delegations (setting up many zone files)." (source)
But what I really want is something like EasyDNS provides: Aliases. I want to be able to 'clone' whole domains, because they're all going to the same place anyways based on the hostname.
MyDNS supports server side aliases. The web interface lets you specify default records (such as NS and MX records) to add automatically whenever you add a domain. This makes it very easy to setup many domains with the same records. Of course, since the data is in MySQL, it's easy to write a script to do the same thing.
As a side note, I've been using MyDNS for almost two years (when it was first released) on many servers and have been very happy with it. It is perfect for situations where MySQL is more convenient than a simple text file (tinydns).
In theory you should be allowing TCP 53 anyway as it is part of the DNS spec. If you don't, you're misconfigured even though it will work most of the time.
Most email currently goes through Apache . . . I think that the open sorce community has done a pretty good job of creating the email server of choice.
This works on Windows and OS X because the kernel is know and has not changed recently. Every WinXP user has the same kernel and driver needs.
It would be more accurate to say that it works because Microsoft and Apple had the foresight to define a stable ABI for drivers. The Linux kernel developers refuse to do this.
AMEX used to have this--I wonder if they killed it because too many of their merchants didn't like getting stiffed on recurring billing services.
Credit card companies are almost always on the side of the card holder. Merchants need credit card companies more than the credit card companies need merchants.
Slashdot Mirror
I dont need to know what his sequence numbers are because he doesnt ever ask
You need his sequence numbers because you are never going to see them. The packets he is sending will be going to source IP that you are forging.
Search Google for something like "tcp blind connection spoofing". This paper explains it well.
... I still dont know how they are relevant if you initiated the connection in the first place. Sequence number attacks seem to be about taking over someone else's authenticated sessions
If you can guess the sequence number, then you can initiate a connection with a forged source IP address. It is very similar to taking over an existing connection.
You saw it here first. Here's an idea. Don't charge per click but per sale generated.
Porn companies have been doing this for years. Sign up for an affiliate program, send traffic, make sales, get paid. It's not a new idea now, and it wasn't a new idea then.
fraud would be virtually impossible
The advertiser wouldn't have to report correct sale numbers.
did descent do realtime lighting and shading? Yup.
Actually, I think the lighting was faked like in DOOM. The sector/room light level could be in various levels from lit to dark. Quake had real lighting: a rocket or grenade could light up arbitrary walls.
is that apple is no longer shipping classic or even the classic cd's with osx. After the last time I took my ibook in for repair, they replaced my harddrive, giving me 10.3, but without classic.
I got a PowerBook with 10.3 about four months ago and it came with Classic.
Don't forget the "medical" exception. I remember when MTV showed the breast operation show
MTV is not broadcast over the air.
Or they simply want it to be used by as many people as possible. Lots of excellent software is public domain. SQLite is a great example:
The above is taken from the SQLite source code.
Open online bug tracking has already started for some of their products.
Do you have a link to that?
The kernel exploits are local exploits only. Unless you have untrustworthy users, there's no security issue.
Wrong. A local root exploit means any remote exploit becomes a remote root exploit.
but it just take one merchant willing to charge to an account and ship merchandise based on the the phone data alone and suddenly there's a way to get a charge onto somebody's credit account without even knowing their card number
Who cares? The card holder will charge back, and the merchant will be out the money, plus the charge back fee. It only hurts the incompetent merchant, not the card holder.
A open source RAD evironment sounds like it could have a huge impact on the number of apps that could be rolled out.
What about Borland Kylix?
That's simple ... you DO have to install a new device every time, at fairly high cost. One of the reasons most folks don't like this device.
That's silly. The cost of losing a finger or an arm is greater.
No, it's just a steep learning curve if you never used the original Windows message model. Lots of us like it and use it.
Compared to the VCL or CLX, it is godawful.
const std::string& pQuery
Why prefix a reference with a p (pointer)?
A recent Slashdot article (or maybe it was one of the comments attached to the article) pointed out an easy cache-poisoning DoS attack on djbdns.
Wrong. dnscache (from the djbdns package) is not vulnerable to poison and never has been. You are probably thinking of previous versions of BIND.
It sucks for the game because the person who bought the level 245 Necromancer Dark Elf Paladin is skipping the majority of the world that the developers put their blood, sweat and tears into.
The person who played the character to level 245 didn't skip the majority of the world.
And perhaps then someone will make a free Jabber client that doesn't suck.
Try Psi. It has a nice interface and runs on Win32, Mac OS X and X11.
are not proven in the field
directNIC is running MyDNS and is currently serving 3.2 million queries per hour.
The answers it generates are often excessively verbose (e.g. redundant NS records).
This only occurs if you specify redundant name servers in the database. tinydns serves exactly what you tell it to serve.
Third-party documentation suggests a configuration that violates recommendations of TLD operators and most ISPs, which means that you have to redo parts of it once you receive your first delegation.
That is because you should avoid RFC 2317 style delegation. RFC 2317 was written by the authors of BIND:
"If you were running BIND, you'd find it only a little bit painful to receive a classless reverse delegation (setting up one zone file), while you'd find it much more painful to receive separate reverse delegations (setting up many zone files)." (source)
But what I really want is something like EasyDNS provides: Aliases. I want to be able to 'clone' whole domains, because they're all going to the same place anyways based on the hostname.
MyDNS supports server side aliases. The web interface lets you specify default records (such as NS and MX records) to add automatically whenever you add a domain. This makes it very easy to setup many domains with the same records. Of course, since the data is in MySQL, it's easy to write a script to do the same thing.
As a side note, I've been using MyDNS for almost two years (when it was first released) on many servers and have been very happy with it. It is perfect for situations where MySQL is more convenient than a simple text file (tinydns).
In theory you should be allowing TCP 53 anyway as it is part of the DNS spec. If you don't, you're misconfigured even though it will work most of the time.
That's not correct. See RFC 1035 section 4.2.
Most email currently goes through Apache . . . I think that the open sorce community has done a pretty good job of creating the email server of choice.
Umm...
This works on Windows and OS X because the kernel is know and has not changed recently. Every WinXP user has the same kernel and driver needs.
It would be more accurate to say that it works because Microsoft and Apple had the foresight to define a stable ABI for drivers. The Linux kernel developers refuse to do this.
AMEX used to have this--I wonder if they killed it because too many of their merchants didn't like getting stiffed on recurring billing services.
Credit card companies are almost always on the side of the card holder. Merchants need credit card companies more than the credit card companies need merchants.
I use a one-time virtual number from Citibank. Not sure if this can thwart the scam but they seem to do the trick.
Neat. And it's free.