Re: More reason to use Linux
I suspected as much.
Thanks for the clarification, AC!
1887 posts • joined 14 Jun 2007
I suspected as much.
Thanks for the clarification, AC!
Could the national security service intercept a download request and insert their own malicious version? Inquiring minds would like to know beneath their tinfoil hats!
I don't know about Linux, but FreeBSD keeps sha256 checksums of all it's distfiles (seperate from the distfiles themselves!)
Noooooo! I was dragged kicking and screaming into SQL database programming for a while at my last job... left join this, select where this. learn to optimise your queries etc.... (even though this should be the database softwares job!)
Arrrrgh, database design is to IT as accounting is to maths.
I get cold sweats thinking about it.
Kill it with fire,
Kill it now!
I've only ever used it to debug/investigate other peoples code... I otherwise try to avoid SQL!
I'm surprised that function exists, as I see a hell of a lot of apps fall into the same trap. "Delete history?" - if you're lucky!
Yes, yes, http isn't encrypted and is insecure, but it still doesn't mean open the whole database is going to be readily available to the public!
Assuming the user isn't using a passwordless public wifi access point without a vpn, to get the session data, you'd need to tap in to the connection somewhere - preferably as cose to the server as possible.
I don't think you'd be able to bribe someone at an ISP/transit site with the details of a few redneck trumpies!
Anyway, it would then be only the users connections being eavesdropped on - hardly blanket access to the whole db!
Have you seen some of the so-called 'pranks' on youtube. Sigh.. They seem to think filming them makes them funny and OK.
Here's a hint for them: If you do something nobbish to someone, it is still just as nobbish if it's being recorded. The only difference is that you're now not just a nob, but are a nob with a camera.
To be fair, the last time I really looked at ED was when I was about 13. Then I discovered girls, alcohol, the outside world...
I've heard of people doing that... Could you tell me how?
Point taken. However, the site is clearly satirical and one would have expected thicker skin from an ex-councillor
Tough. He could have gone straight to court, but he first just asked them to delete it.
Any sympathy I may have had for them was lost when I saw how they reacted.
If you're going to play with adults, prepare to face the consequences. Laws don't simply vanish when using the internet.
I'm glad he won, but don't hold out too much hope that the basement dwelling geeks will be able to pay.
Encyclopedia Dramatica is one of the more amusingly offensive destinations on the web.
Is it? I haven;t been there in years. It used to be good, but the site was overrun with brain-dead morons who kept replacing decent and witty satire with low-level toilet-stall graffiti.
Like waterskiing, swimming, sailing etc. ?
You are, of course, correct Sir!
Thanks for the advice... I feel so ashamed now (even though it was damn fine coffee!)
I've been known to shove milk, coffee, and water into the kettle, and boil the lot together (I was busy and thirsty, and didn't want to keep getting up to pour another cup!)
Surely I'm not the only one to notice the big yellow cock-and-balls in the middle of the photo at the top of the article?!?!
Oh really? How come Jeremy Kyle states they're 98% accurate then? Unless you're calling him scientifically weak as well.
Yeah... And even going by his own figures, on average, one in 50 of his lie detector shows has come up withe the wrong answer...
The identified flaws are patched in PHP versions five and seven released last month. ®
If they were fixed a month ago, how come they are still zero day?
This article sounds like an advertisment.
Is it mainly a cut n' paste job from a press release?
And it could (will) screw up LANs everywhere.
Yep, it will do, in many places, and that brings up a security can of worms..
Basically, such infrastructure is not secure. There should be no way your internal network can be affected by external changes. Organisations whose infrastructure was affected by the verisign 'wildcard A instead of NXDOMAIN' fiasco of a few years ago should have seen it as a wakeup call, but alas...
“The crimes committed by this defendant violated the privacy of dozens of people, fostered identity theft, and endangered the safety of many others,” US Attorney Channey Phillips says.
"Further more, that's our job" - NSA/GCHQ
Nothing in your script requires bash extensions, so you should use #!/bin/sh for maximum portabiliy -- I only know of Linux systems that have bash in /bin , but sh is universal amongst unix(type) systems
Background: Grew up on free TV in the UK and find it laughable that people PAY for TV and STILL have to put up with adverts? In the words of one Johnny Rotten: 'ever get the feeling you've been had?)
Paying for ENDLESS REPEATS and adverts!
All those unnecessary downloads would also add up for any ISP that doesn't have an onsite CDN...
Oh come on Vogie, even you are capable of better trolling than that!
Companies don't use FAT for its suitability, but the fact you can plug your device/card into any windows machine and it 'just works' without needing drivers.
Android using FAT for its sdcards causes all sorts of security problems, there's no reason to use it apart from compatibility
This is supposed to be evolution?
Yes! When I buy something big from Amazon, or a google-analitics using site, invariably both companies then spend a few weeks targetting me with ads for equivalents of the very same product!
Nice reply. A bit wasted here. I think it would make a good article.
Or, maybe MS are busy, or forgot, or whatever?
Thsy advertise all over the 'Reg, so I don't think they are in much of a huff with them!
MS hopes you're wrong - 1 in a 100 will cause a HUGE number of support calls!
" A tracert even had me getting out of virgins network hanging for 3 attempts then moving to BT onto manchester (where website is hosted) then hanging at the last hop."
That is simply a router that doesn't respond to ICMP (*) but tracert waits anyway until timing out.
Annoying, but not weird, or related to any network issue you have if your trace moves beyond it.
As for your problem, are the MTU values the same? And have you filtered ICMP at the router, so stopping the OS receiving any ICMP 'need defrag' messages from being received?
MTU issues wouldn't affect the traceroute, but the website could be blocking ICMP - Did the tracert succeed on the machine which could connect to the website?
(*) MS tracert defaults to using ICMP probes, unix tracetoute defaults to using UDP
" Trevor , I thought you made your living by providing maintenance for windows users, does this mean that you are moving full time to Linux systems and completely giving up on windows ?
......because, of course, these are the only 2 operating systems in the entire world...
I've been evaluating the budget Q8H_HD Android tablet, and it's actually a lovely piece of kit for under 30 quid.
However, it comes preinstalled with a hobbled browser that hard codes their search engine referral-url (to ask.com .... no surprises there) and home page, and also a utility that regularly phones home with a bunch of details, hardware id, google account details, and receives instructions for new apps to update/install, and those to delete (trend micro anti-virus) is on the list.
Worse, it's been flashed into the firmware to reinstall itself if deleted, requiring a complete reflash to remove (fortunately there are ways to disable it without reflashing)
Relatively benign at the moment, but basically a root-kit, especially as the Linode-hosted C&C servers are accesed over unencrypted http using non-DNSSEC dns entries...
I'm still not sure whether it's the shop, the distributer, or the manufacturer who is responsible for this, but like Sony, and now Lenovo (for the second time) it's yet another company doing stuff that would get an individual doing the same a custodial sentence
Whilst UK politicians rally fast and loose with the term 'terrorist' (to intentionally scare the populace), in America, it seems to be used by many who simply don't know what it means.
Someone commits murder in the community, and isn't caught? Residents terrified. Ergo, terrorist.
Ditto, women scared to go out at night when there's a rapist on the loose? they're terrified. Ergo, terrorist.
" PhilipN Then your a complete and utter fuck wit"
His 'complete and utter fuckwit' what?
Are you after a job on Fox 'news'?
Even the bloody Republicans now admit that global warming exists (of course, they deny Human contributions)
" such an inane and fruitless debate"
Of course, that should technically be vegetableless debate.
But, no, that does not mean you can buy an old, damaged CD from a car boot and then download a copy off the Internet because you've "bought it already".
Why not? They keep banging on about the fact you are paying for a personal license for the media. However damaged that old CD is, originally the same full price was paid for it.
" Since my last name is pretty unusual
Yep. The only other people I've heard of with your surname are those guys who used to be the band behind Cliff Richard...
" The radio wants to know how fast the car is going to adjust the radio volume and the radio also wants to connect out the world to stream music and/or get cd info"
But why does the radio need to be able to control the speed?
Well there you go then....
I'm now officially a right-tit!
"Automatic termination of contract because someone said lawyer? I don't think so."
He wrote contact - presumably meaning the phone call!
... as posted by Christoph 2 hours before you, though it would have been easy to miss, what with all of 2 other comments to search through!
Though, I suppose you'll now tell me that the original post was stuck in pre-moderation, making me out to be a right tit!
C'mon - Who here *didn't* successfully hack the school Econet system?
More holes than [ insert here something witty referencing something with lots of holes ]
I've NEVER had real spam to my Google email address, but regularly have to check it to pull out false positives, so make that a 100% false-positive rate for me.
I was annoyed when I discovered what was happening, so went to disable it. But can you? Like hell!
"I know, let's add a feature that silently deletes peoples email..... and make it so that it can't be switched off!"
[ Yes, you can get around it by creating filters to automatically undo the spam categorising, but what's wrong with a simple "Off"? ]
" Those on rooted devices can get around this by manually backing up the apk file, but it's still a pain in the arse and it'd be good to have a better way of handling it - say a "test update" option that backs up the existing version & config to a separate location, installs the new one and lets you test it, but keeps the existing version until you fully accept the update."
Nice idea, though I suspect they don't want to have people running all sorts of old versions, otherwise they would make them available.
Though, after being bitten by that too may times, I'm now running a home-grown auto-apk backup on all my android devices.. Every version of every apk I install is safely archived on servers both on and off site.
Take that crappy BBC-News-App-which-used-to-be-fast-and-usable-offline-but-is-now-basically-a-reskinned-web-browser!
Whenever you see that an article is written by Kieren, you know you are going to get some quality investigative journalism.
[ yeah, yeah, cue the 'brown-nose' comments! ]
This article is ancient!
How come posts are still allowed?!
p.s. native Ipv6 on all my servers, and home devices ^including my android tablets/tv sticks)
It took me the first sixteen words of this article to realise it was written by Lewis Page.