* Posts by Ron

12 posts • joined 3 Jul 2007

Brits decline to 'think outside the box'

Ron
Alert

Synergy?

Where's Synergy!? It's quite possibly the worst!

0
0

English Channel defeats one-armed Frenchman

Ron
Coat

Going in circles?

No wonder he had trouble, he was just going in circles!

I kid, I kid...

0
0

Photobucket tipped over by Turkish hacker

Ron

No personal information?

If they stole the domain name, that means the users' browsers would be submitting their cookies to the attacker's server. That means that anything stored in the user's cookie (for example, session IDs) could be compromised, just not their stored data.

0
0

Open source code crawling with fewer bugs

Ron

Null pointer refs

-------

Buffer overflow flaws are the staple of most security bugs but experts warn that null pointer bugs could become fertile ground for hacking attacks. "Null pointer security flaws are exploitable and could quickly replace buffer overflows as the next big threat," said Geoff Sweeney, CTO of Australian-based net security firm Tier-3.

-------

Not true. Null-pointer refs normally aren't exploitable, but, in certain cases, can be. It depends on how the null pointer is used.

0
0

Girl-only fish species survives by cloning

Ron

Jurassic park?

Am I the only one who's reminded of Jurassic Park?

0
0

Need a new duster? Avoid Woolies

Ron
Thumb Up

I own that album

I actually bought that album a year or two ago, and love it! Granted, I knew I wasn't buying a duster.. :)

And, since this thread is already NSFW, here's the track list:

root@librarian:/data/music/Blood Duster/Blood Duster - 2001 - Cunt# ls -Q

"01-We Are The Word Police.mp3"*

"02-Big Fat Arse.mp3"*

"03-Another Slack Arsed Aussie Band.mp3"*

"04-Porn Store Stiffi.mp3"*

"05-Pissing Content.mp3"*

"06-I Just Finished Sucking Off Metalheads In The Mens Urinals.mp3"*

"07-Hoochie Mumma.mp3"*

"08-I Love It When Joe Pesci Swears.mp3"*

"09-Stock Takin'.mp3"*

"10-Lets All Fuck.mp3"*

"11-A Track Suit Is Not Appropriate Metal Apparel.mp3"*

"12-The Corpse Song.mp3"*

"13-Fuck You Scene Boy.mp3"*

"14-Is Killing Clones Illegal.mp3"*

"15-Don't Call Me Homeboy Ya' Cunt.mp3"*

"16-Spefeven.mp3"*

"17-The Object Is To Shift Some Units.mp3"*

"18-Sweet Meat.mp3"*

"19-Dis-Organ-Ized.mp3"*

0
0

Drunk-astronauts doc says NASA is in denial

Ron

Re: *hic*

I believe the line you were looking for is:

Kirk: *hic* Jimbeam up, Scotchy!

(Which, of course, is from the classic TV Series Bar Trek)

0
0

Zune DRM stripped

Ron

Shortcomings

"Expect updates from Microsoft to address the apparent shortcomings of its file protection software, which hackers will continue to attack."

The awesome part is, based on the way DRM works, they'll never be able to fix the shortcomings. They're doomed to create something that'll be broken!

0
0

Computer virus turns 25

Ron

Re: It's true

To Vesselin Bontchev: I was kidding about Symantec, attempting to imply that Symantec's entire business is based on creating computer viruses, which obviously isn't true.

0
0
Ron

Symantec too!

Symantec also turned 25 this year. Coincidence?

http://www.symantec.com/enterprise/security_response/weblog/security_response_blog/evolution_of_security/

0
0

Talking Trojan taunts victims

Ron

Re: Idiots on both sides

It may surprise you to find out that creating a simple virus or Trojan isn't a simple task. And you'd be awfully surprised about how skillful teenage American (or Canadian, UKian, etc) kids can be.

I won't argue that some malicious code is, indeed, written by criminals (be it Russian, Chinese, or American), but it's a mixture.

0
0

MPack malware exposes cheapskate web hosts

Ron

Re: One rule for one

Do you actually know what you're talking about? Just in case this is ignorance and not actually trolling, let me explain.

On Linux servers, each user has an account, and the files on their accounts have permissions. The Web server uses the data from those accounts to serve up pages.

Typically, the server will automatically switch to the proper user account (using the techniques mentioned in the article, including suExec) and grab the proper files.

On a badly-configured server, these user directories will all have the same owner (be it 'root' or 'nobody'), and, as such, they'll be writable by that account. Since they're all running as the same account, an exploit that hits one of them can make modifications to others. And I'm reasonably sure that that's the problem here.

Note that this isn't a problem with Apache, just like it wouldn't be a problem if it was IIS; the problem is allowing different Web sites to modify each other. In other words, it's a configuration problem, not a software problem. If permissions are set properly, this won't happen.

Hope that explains the problem, and if that was indeed a troll, I hope you enjoyed my response. Maybe somebody else will even learn from it, who knows? :)

0
0

Forums