There's no conceivable way that the exploit was discovered and attack code written in two minutes. Hell, I could barely write a slightly sophisticated 'hello world' app in that time (maybe I'm just a slow typist, or he's an android.)
From what I've seen, (correct me if I'm wrong) the rules stated that no previously disclosed vulnerabilities could be used. So, if this guy kept quiet for a few weeks, he could have used exploit code he had already developed.
Maybe I'm being ignorant, but was the same attention devoted to hacking the other systems?
Of course Mac OS X is going to have 'special attention' - it's an unknown quantity, in a way - and has become the kind of trophy that Vista or Linux would never be.
Another thing - what is with all these buffer overflows due to malformed/long URLs in Safari, Quicktime, etc? Surely the system would truncate them to fit the buffer and remove any dubious characters? (I'm not terribly knowledgeable as far as security is concerned.)
You can't upgrade the motherboard, or graphics card, or add extra internal hardware. You can upgrade the hard disk, RAM, Optical Drive, and CPU, which isn't so bad.
The difference is that the Mac Mini is essentially a thick, square, headless laptop, running laptop parts. I'll grant that having PCMCIA and a nicer graphics accelerator would be nice, but you make sacrifices getting the thing that small.
I tried it, (completely wittingly) and it doesn't work. I think it was fixed by the patch that came out last week.
Chances are, someone made a stupid typo when writing the path input handlers for iChat which slightly changed the logical structure when handling escaped strings, and caused some instability to that effect. I don't think you could get the kernel to panic like that - just the program to crash, and whether you could actually execute malicious code is another issue - I suppose its a matter of how much time you have to work it all out.
The Beige G3 can run (without any 3rd party upgrades or utilities) Mac OS X 10.2.8, which has a 3D accelerated desktop. My Beige DT G3 266 (clocked to 366Mhz) runs 10.4 (installed very simply through XPostFacto) pretty smoothly with just 256Mb RAM. I could try running Vista on a computer from 1997, which is probably possible, but I would be waiting for days while the system booted up.
However, I don't think using a Beige G3 to demonstrate the upgradeability of various computer models was a terribly useful example, (without wanting to criticise your insight) since it can support up to 768MB RAM, a 1Ghz G4 (Sonnet Encore), and 4x120GB hard disks (2 on the IDE chain, 2 on the SCSI chain) provided you can fit them in. Apple has made far less upgradeable PCs then the Beige.
Nowadays, admittedly, it is hardly a powerful machine - it has trouble with pretty basic applications - but highly respectable in the era from which it came.
I don't believe (again, this is just personal observation) that the average consumer even considers upgrading an option (through ignorance) - they only ever replace the entire system.
iTunes was based on SoundJam, but is vastly different today. You can find a good explanation of the creation of iTunes through the eyes of a competitor to SoundJam here: http://panic.com/extras/audionstory/
Keyframe and layer based animation models have been around a *lot* longer then flash. In fact, those concepts have been in use since cartoons were manually created using the cell animation procedure.
The 3D addition to this animation style isn't anything new, either, but what is new is the combination - a keyframe based, 3D scripting model into which can be embedded other models, like Quartz Compositions (something which flash couldn't touch, especially as a 2D animation scheme) and videos, and that is easily accessible through OS wide APIs.
They might be slightly similar in that they both use keyframes and layers, but who doesn't these days?! Animation is animation. Core Animation isn't flash by any means. With all due respect, the comparison was slightly misguided.
The frame rate of an eye isn't governed by the eye itself - given the transfer is analog, the frame rate is governed by what the visual cortex can handle. Which, if you have done any animation, is about 25 frames per second - a speed at which the human visual cortex cannot percieve the individual frames making up an animation.
I doubt the data transfer rate of any nerve is anywhere near the transfer speed of ethernet - I read an article once stating that human nerve tissue could transmit information at about 400 metres per second - something which ethernet stomps all over. The beauty of the brain is that it isn't restricted by raw transfer speed. What governs the speed at which the brain computes and calculates is its massively paralell connectivity. In fact, many have speculated that this connectivity is what conciousness itself arises from - it gives the brain a complexity far beyond the number of cells it actually contains.
The second thing to consider is that the brain is not limited by binary transfer - it can utilise chemicals and hormones, variable voltages, and timings to transfer information, not just on/off.
Fair enough - but 900lbs? No meteorite or spacebourne detritus that big has fallen to earth for thousands of years. Good luck finding moon rocks on earth.
To fake moon rocks you would have to have to crush "them under 1000 atmospheres of pressure, while keeping them at 1100C for a few years. Then while keeping under pressure, you would have to cool them slowly for a few more years." - Dr Karl Kruszelnicki
Slashdot Mirror
There's no conceivable way that the exploit was discovered and attack code written in two minutes. Hell, I could barely write a slightly sophisticated 'hello world' app in that time (maybe I'm just a slow typist, or he's an android.)
From what I've seen, (correct me if I'm wrong) the rules stated that no previously disclosed vulnerabilities could be used. So, if this guy kept quiet for a few weeks, he could have used exploit code he had already developed.
Maybe I'm being ignorant, but was the same attention devoted to hacking the other systems?
Of course Mac OS X is going to have 'special attention' - it's an unknown quantity, in a way - and has become the kind of trophy that Vista or Linux would never be.
Another thing - what is with all these buffer overflows due to malformed/long URLs in Safari, Quicktime, etc? Surely the system would truncate them to fit the buffer and remove any dubious characters? (I'm not terribly knowledgeable as far as security is concerned.)
This might be a stupid comment (I'm not pretending I know anything about satellites) but the heat sounds like a good energy source to me.
Just how hot would it get?
Interestingly enough, the Mac OS X printing service is based on CUPS.
You can't upgrade the motherboard, or graphics card, or add extra internal hardware. You can upgrade the hard disk, RAM, Optical Drive, and CPU, which isn't so bad.
The difference is that the Mac Mini is essentially a thick, square, headless laptop, running laptop parts. I'll grant that having PCMCIA and a nicer graphics accelerator would be nice, but you make sacrifices getting the thing that small.
Exactly. It is always covered in saliva.
I tried it, (completely wittingly) and it doesn't work. I think it was fixed by the patch that came out last week.
Chances are, someone made a stupid typo when writing the path input handlers for iChat which slightly changed the logical structure when handling escaped strings, and caused some instability to that effect. I don't think you could get the kernel to panic like that - just the program to crash, and whether you could actually execute malicious code is another issue - I suppose its a matter of how much time you have to work it all out.
The Beige G3 can run (without any 3rd party upgrades or utilities) Mac OS X 10.2.8, which has a 3D accelerated desktop. My Beige DT G3 266 (clocked to 366Mhz) runs 10.4 (installed very simply through XPostFacto) pretty smoothly with just 256Mb RAM. I could try running Vista on a computer from 1997, which is probably possible, but I would be waiting for days while the system booted up.
However, I don't think using a Beige G3 to demonstrate the upgradeability of various computer models was a terribly useful example, (without wanting to criticise your insight) since it can support up to 768MB RAM, a 1Ghz G4 (Sonnet Encore), and 4x120GB hard disks (2 on the IDE chain, 2 on the SCSI chain) provided you can fit them in. Apple has made far less upgradeable PCs then the Beige.
Nowadays, admittedly, it is hardly a powerful machine - it has trouble with pretty basic applications - but highly respectable in the era from which it came.
I don't believe (again, this is just personal observation) that the average consumer even considers upgrading an option (through ignorance) - they only ever replace the entire system.
Wow. You have a lot of Java developers in your family!
Thats why it is a live CD. You don't have to install it to run it.
iTunes was based on SoundJam, but is vastly different today. You can find a good explanation of the creation of iTunes through the eyes of a competitor to SoundJam here:
http://panic.com/extras/audionstory/
Keyframe and layer based animation models have been around a *lot* longer then flash. In fact, those concepts have been in use since cartoons were manually created using the cell animation procedure. The 3D addition to this animation style isn't anything new, either, but what is new is the combination - a keyframe based, 3D scripting model into which can be embedded other models, like Quartz Compositions (something which flash couldn't touch, especially as a 2D animation scheme) and videos, and that is easily accessible through OS wide APIs. They might be slightly similar in that they both use keyframes and layers, but who doesn't these days?! Animation is animation. Core Animation isn't flash by any means. With all due respect, the comparison was slightly misguided.
The frame rate of an eye isn't governed by the eye itself - given the transfer is analog, the frame rate is governed by what the visual cortex can handle. Which, if you have done any animation, is about 25 frames per second - a speed at which the human visual cortex cannot percieve the individual frames making up an animation.
I doubt the data transfer rate of any nerve is anywhere near the transfer speed of ethernet - I read an article once stating that human nerve tissue could transmit information at about 400 metres per second - something which ethernet stomps all over. The beauty of the brain is that it isn't restricted by raw transfer speed. What governs the speed at which the brain computes and calculates is its massively paralell connectivity. In fact, many have speculated that this connectivity is what conciousness itself arises from - it gives the brain a complexity far beyond the number of cells it actually contains.
The second thing to consider is that the brain is not limited by binary transfer - it can utilise chemicals and hormones, variable voltages, and timings to transfer information, not just on/off.
Fair enough - but 900lbs? No meteorite or spacebourne detritus that big has fallen to earth for thousands of years. Good luck finding moon rocks on earth. To fake moon rocks you would have to have to crush "them under 1000 atmospheres of pressure, while keeping them at 1100C for a few years. Then while keeping under pressure, you would have to cool them slowly for a few more years." - Dr Karl Kruszelnicki
Not even Samba - created by Australian Andrew Tridgell, is listed! How is this credible?