Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



FCC May Permit Robocalls To Cell Phones -- If They Are Calling a Wrong Number

Earthquake Retrofit Re:I currently get robocalls on my mobile (217 comments)

You mean I'll be getting MORE unwanted calls?

. What is so difficult about the FCC understanding that I do not want calls on my mobile from robocallers and/or telemarketers.

What is difficult for people to understand is the difference between telemarketers and political opinion surveys. Politicians will never, ever give up their political opinion polls. There WILL be a loophole.

about a week ago

What are you most interested in seeing out of CES?

Earthquake Retrofit CPUs with the Three Laws built in (162 comments)

But at CES, I expect to first see our robotic overlord disguised as a consumer product.

about two weeks ago

AI Experts Sign Open Letter Pledging To Protect Mankind From Machines

Earthquake Retrofit Re:A pessimistic view (258 comments)

AI ... now contains the seeds of our total destruction, and the scientists will be powerless to prevent it.

Perhaps it's the AI scientists who should obey the three laws?

about two weeks ago

Nuclear Waste Accident Costs Los Alamos Contractor $57 Million

Earthquake Retrofit Re:Posting links to 3.5 year old blog posts (166 comments)

Is this what slashdot has come to?

Fine. I'm out. I first got my /. account back in 1998 but this is the last bullshit I'll tolerate. This site is no longer relevant.

You know, I think I first read something like that twenty years ago.

about two weeks ago

5 major Linux appearances at CES 2015

Earthquake Retrofit I predict (1 comments)

I predict that 2015 is the year of Linux on the wrist top.

about two weeks ago

If the Programmer Won't Go To Silicon Valley, Should SV Go To the Programmer?

Earthquake Retrofit Re:Exactly this. (294 comments)

Why would anyone in their right mind go into STEM when an MBA gets you twice the money for less work?

Why would anyone marry a poor man when a wealthy one is worth more money?

about three weeks ago

Lizard Squad Targets Tor

Earthquake Retrofit Re:Oops (83 comments)

no kidding there ARE groups you just DO NOT PISS OFF

the non govt. professionals like the ones behind offensive security and like are not to be messed with lightly

I'm more concerned about dissidents in dangerous places and the reporters who cover such places. They deserve to have secure channels. I hope the community can come up with something.

about a month ago

The Magic of Pallets

Earthquake Retrofit Basement dwellers... (250 comments)

have long sung the praises of the lowly pallet which protects our stuff from the occasional 'water event' as we call them in the Northwest.

about a month ago

Anyone Can Now Launch Their Own Version of the Pirate Bay

Earthquake Retrofit Re:The Legit Bay (81 comments)

Please define "free culture"

Free means you don't pay. Among other things...

about a month ago

Sony Reportedly Is Using Cyber-Attacks To Keep Leaked Files From Spreading

Earthquake Retrofit Re:The only real defense ... (190 comments)

A good defense can beat the best offense - George Hallas

about a month and a half ago

French Publishers Prepare Lawsuit Against Adblock Plus

Earthquake Retrofit This is a good thing. (699 comments)

Millions of people have never heard of Ad Block Plus. Until today. I once dreamed of buying a TV ad for ABP during the Superbowl. The Streisand effect will do the job.

about a month and a half ago

Romanian Officials Say Russia Finances European Fracking Protests

Earthquake Retrofit Re:One should be careful on the logic here (155 comments)

...But then, one has to understand that every position - no matter how altruistic your motivation - has a consequence. If your local group is protesting anything based on funding from Putin (or the Koch Brothers, or George Soros, etc) understand that as well-intentioned as your protests may be, you are being used as a convenient pawn.

Put you faith in ideas, not persons. Even a blind pig finds an acorn once in a while.

about a month and a half ago

Eizo Debuts Monitor With 1:1 Aspect Ratio

Earthquake Retrofit Re:Squarer is better. (330 comments)

...The obvious problem is that which you mention - much if not most of PC work is related to document handling and such, which requires vertical space and wastes horizontal space, making wide screen format a bad idea.

On Windows, turn your monitor on its side and press cntr+alt+left arrow>.

about 2 months ago

The Downside to Low Gas Prices

Earthquake Retrofit Re:Stupid, trucks cause the problem (554 comments)

Gasoline is taxed by the gallon, not the dollar. Lower priced gas means more driving and more taxes for the highway funds.

about 2 months ago

fMRI Data Reveals How Many Parallel Processes Run In the Brain

Earthquake Retrofit Re:Brains are living, chips aren't (91 comments)

There is no such thing as a special-purpose brain... or is that general purpose?

about 3 months ago

AT&T Locks Apple SIM Cards On New iPads

Earthquake Retrofit Re:Easy solution (112 comments)



CenturyLink(formerly Qwest)....nope



about 3 months ago

Assange: Google Is Not What It Seems

Earthquake Retrofit Re:Triumph the Insult Comic Dog Says... (289 comments)

" the liberating power of the Internet "

Citation needed.

When I first found out the internet was going to be available to the public I said to myself, "The Man has made a serious mistake." (That's how I talked in those days.) I was excited that soon I'd be able to make friends with people in all those countries I'd been hearing about on shortwave stations like the BBC, Radio Nederland, Havana, etc., without any government propaganda nor media filter at all. Actual real people sharing truths with each other. This will bring people together like never before, I predicted.

Oh well,,,,

about 3 months ago

China Staging a Nationwide Attack On iCloud and Microsoft Accounts

Earthquake Retrofit Re:Why? (109 comments)

The BBC reported today: "The Beijing-appointed leader of Hong Kong, Leung Chun-ying, said Monday evening that it was unacceptable to allow his successors to be chosen in open elections, in part because doing so would risk giving poorer residents a dominant voice in politics... he backed Beijing’s position that all candidates to succeed him as chief executive, the top post in the city, must be screened by a “broadly representative” nominating committee appointed by Beijing. That screening, he said, would insulate candidates from popular pressure to create a welfare state, and would allow the city government to follow more business-friendly policies to address economic inequality instead."

Whatever it is, it doesn't sound like communism to me.

about 3 months ago

DARPA Technology Could Uncover Counterfeit Microchips

Earthquake Retrofit Question from the lawn (35 comments)

Granted that my experience is way out of date, but why not just try every possible op code, especially undocumented codes and see if they do what is expected? This wouldn't detect counterfeits but could turn up any built-in monkey business.

about 4 months ago

Are the World's Religions Ready For ET?

Earthquake Retrofit Re:Religion is a weakness. (534 comments)

... what do you think would happen if ET did exist, had a spaceship, was feeling a bit nefarious, and manifested itself as a booming voice from the sky? How hard do you think it would be for ET to convince the world's populations that it is in fact god (especially given the technological advantage), then instruct them to do whatever the hell it wants?

What makes you think this hasn't already happened?"

about 4 months ago



TOR network may be attacked

Earthquake Retrofit Earthquake Retrofit writes  |  about a month ago

Earthquake Retrofit (1372207) writes "The Register is reporting that the Tor Project has warned that its network – used to mask peoples' identities on the internet – may be knocked offline in the coming days.

In a Tor blog post (https://blog.torproject.org) project leader Roger "arma" Dingledine said an unnamed group may seize Tor's directory authority servers before the end of next week. These servers distribute the official lists of relays in the network, which are the systems that route users' traffic around the world to obfuscate their internet connections' public IP addresses."

Link to Original Source

Limbaugh takes Apple's side in smartphone wars

Earthquake Retrofit Earthquake Retrofit writes  |  about a year and a half ago

Earthquake Retrofit (1372207) writes "The Register reports that Republican spokesman Rush Limbaugh feels Apple fans are being abused.

From Limbaugh's website:

"I would venture to say that nine out of 10 bloggers writing high-tech hate Apple. Apple is the equivalent of the Republicans on these blogs, and Google, Android, and Samsung are the equivalent of the Democrats. They're perfect, they can't do anything wrong, they're ideal, and everybody hates Apple. But Apple does have a small cadre of loyalists. Now, all of these people — I would venture to guess all of these people, they're relatively young, and I say the vast majority of 'em vote Democrat no matter how they divvy up on Apple, Samsung, Google.""

Link to Original Source

Skype disruption during Zimmerman trial

Earthquake Retrofit Earthquake Retrofit writes  |  about a year and a half ago

Earthquake Retrofit (1372207) writes "CBS is reporting (with video) that proceedings in the George Zimmerman murder trial were interrupted Wednesday morning when a witness testifying over Skype began receiving repeated incoming calls, forcing attorneys to switch from the video conferencing system to speaker phone.

I never heard of testifying in this manner. Is this common in other places? I wonder if potential witnesses would be more willing to come forward if they could. Or less likely?"

Link to Original Source

Anti-surveillance clothing becoming fashionable

Earthquake Retrofit Earthquake Retrofit writes  |  about a year and a half ago

Earthquake Retrofit (1372207) writes "The New York Times reports: Flying surveillance cameras, also known as drones, are increasingly in the news. So are advances in facial-recognition technology. And wearable devices like Google Glass — which can be used to take photographs and videos and upload them to the Internet within seconds — are adding to the fervor. Then there are the disclosures of Edward Snowden, the fugitive former government contractor, about clandestine government surveillance. It’s enough to make countersurveillance fashion as timely and pertinent as any seasonal trend, like midriff tops or wedge sneakers.
Tinfoil hats are so passe'."

ISS Laptops migrating to Linux

Earthquake Retrofit Earthquake Retrofit writes  |  about a year and a half ago

Earthquake Retrofit (1372207) writes "ZDNet is reporting: Keith Chuvala, a United Space Alliance contractor, manager of the Space Operations Computing (SpOC) for NASA..., recently explained that NASA had decided to move to Linux for the ISS's PCs. "We migrated key functions from Windows to Linux because we needed an operating system that was stable and reliable — one that would give us in-house control. So if we needed to patch, adjust, or adapt, we could."
Specifically, the ISS astronauts will be using computers running Debian 6.

In addition to appearing on in-flight laptops, Linux is also running Robonaut (R2), the first humanoid robot in space."

Link to Original Source

What do we really want, Mars or wars?

Earthquake Retrofit Earthquake Retrofit writes  |  about 2 years ago

Earthquake Retrofit (1372207) writes "SpaceFlightNow reports: The spacecraft that will carry three Chinese astronauts into orbit in June arrived at the country's remote desert launch base Sunday for final testing and flight preparations, state media reported.

The article also points out some of the recent accomplishments of the Chinese manned space program which invoke in me fond memories of the early days of NASA. And in light of their recent statements indicating a softening (somewhat) of their position regarding North Korea, has me wondering if perhaps now is the time to start talking about a cooperative space venture with the Chinese.

Sure we're ahead of them now. But we won't be forever. Do we hate them so much that we really need to force them to re-invent everything? Because they will. To quote Doonsbury "They don't like being forced, but don't mind being bribed." It could be quite lucrative for all countries involved in the decades to come both monetarily and especially scientifically.

We could start small, like we did with the Russians. That turned out fairly well. Perhaps something simple like a standard docking system so space travelers in trouble might be rescued or be able to rescue someone else.

I truly believe that Peggy Whitson would have made it to Mars by now if it weren't for these damn wars."

Link to Original Source

New Facebook-branded Android coming?

Earthquake Retrofit Earthquake Retrofit writes  |  about 2 years ago

Earthquake Retrofit writes "The Register reports that "Facebook has sent out invitations to an event at its Menlo Park headquarters next week that many believe will see the launch of a new, Facebook-branded smartphone..."
I have lately become dissillusioned with Google having so much power over my phone and the usual privacy concerns, so this announcment means I now have a choice.

Oh, wait..."

Link to Original Source

Workers Told: Use Java or use the door!

Earthquake Retrofit Earthquake Retrofit writes  |  about 2 years ago

Earthquake Retrofit (1372207) writes "At one point I thought 'ordinary' computer users were going to be more or less like me. Then again, I thought I'd have a flying car by now.

I don't suppose it should be a crime to force programmers to use Java. But when I read headlines like this I feel so grateful I'm a hobbyist programmer and have never had to deal with the corporate BS. And today's ordinary user has little or no idea how much power they have in their hand or on their desktop. I do.

To me, it's a joy to write code. Inventing a elegant new (to me) algorithm and watching it compile and run correctly still gives me a thrill. Coding empowers me in ways nothing else does and it's FUN. I make programs with no regard or concern with patents nor copyright nor bosses nor schedules ad nausium. Everything I need to learn, or can't make myself, is available on the Internet for free. I write code the way I want, my programs do what I tell them to do. I have the power!

I can be creative in ways that were never before possible. I'm doing 'work' in linguistics, music, visual art and photography, communications and AI; all things I never knew I could do and it's really just play. All for the price of a little electricity, an Internet account and an old computer with a new Linux."

Electromechanical switch operates in extreme heat

Earthquake Retrofit Earthquake Retrofit writes  |  more than 4 years ago

Earthquake Retrofit (1372207) writes "Science Daily is reporting that researchers at Case Western Reserve University have taken the first step to building a computer capable of operating in extreme heat.

Te-Hao Lee, Swarup Bhunia and Mehran Mehregany, have made electromechanical switches — building blocks of circuits — that can take twice the heat that would render electronic transistors useless. Their work was published in Science last month.

The group used electron beam lithography and sulfur hexafluoride gas to etch the switches, just a few hundred nanometers in size, out of silicon carbide. The result is a switch that has no discernable leakage and no loss of power in testing at 500 degrees Celsius.

A pair of switches were used to make an inverter, which was able to switch on and off 500,000 times per second, performing computation each cycle. The switches, however, began to break down after 2 billion cycles and in a manner the researchers do not yet fully understand.

Whether they can reach the point of competing with faster transistors for office and home and even supercomputing, remains to be seen. The researchers point out that with the ability to handle much higher heat, the need for costly and space-consuming cooling systems would be eliminated."

Link to Original Source

Buckyballs found in nebula

Earthquake Retrofit Earthquake Retrofit writes  |  more than 4 years ago

Earthquake Retrofit (1372207) writes "Astronomers using NASA's Spitzer Space Telescope have discovered carbon molecules, known as "buckyballs," in space for the first time. Buckyballs are soccer-ball-shaped molecules that were first observed in a laboratory 25 years ago.

In 1970, Japanese professor Eiji Osawa predicted the existence of buckyballs, but they were not observed until lab experiments in 1985. Researchers simulated conditions in the atmospheres of aging, carbon-rich giant stars, in which chains of carbon had been detected. Surprisingly, these experiments resulted in the formation of large quantities of buckminsterfullerenes. The molecules have since been found on Earth in candle soot, layers of rock and meteorites.

"We found what are now the largest molecules known to exist in space," said astronomer Jan Cami of the University of Western Ontario, Canada, and the SETI Institute in Mountain View, Calif. "We are particularly excited because they have unique properties that make them important players for all sorts of physical and chemical processes going on in space."

Cami authored a paper about the discovery that will appear online Thursday in the journal Science.

Sir Harry Kroto, who shared the 1996 Nobel Prize in chemistry with Bob Curl and Rick Smalley for the discovery of buckyballs, said, "This most exciting breakthrough provides convincing evidence that the buckyball has, as I long suspected, existed since time immemorial in the dark recesses of our galaxy.""

Link to Original Source

Zuckerberg sued for blasphemy

Earthquake Retrofit Earthquake Retrofit writes  |  more than 4 years ago

Earthquake Retrofit (1372207) writes "The Register is running a story about a Pakistani laywer who filed blasphemy charges, carrying a death penalty, against Mark Zuckerberg over the Facebook hosting a "Draw Muhammad" contest on its site late last month. There's a typo, "publishable by death" and a lot of deleted comments. Maybe we could keep our discussion more civil?"

Malware authors learn from the best

Earthquake Retrofit Earthquake Retrofit writes  |  more than 4 years ago

Earthquake Retrofit (1372207) writes "The Register http://www.theregister.co.uk/2010/03/12/new_zeus_features/ has a rather funny story about the Zeus botnet: 'The latest version of the Zeus do-it-yourself crimeware kit goes to great lengths to thwart would-be pirates by introducing a hardware-based product activation scheme similar to what's found in Microsoft Windows... They've also pushed out multiple flavors of the package that vary in price depending on the capabilities it offers. Just as Windows users can choose between the lower-priced Windows 7 Starter or the more costly Windows 7 Business, bot masters have multiple options for Zeus.'"
Link to Original Source

ISS science report released

Earthquake Retrofit Earthquake Retrofit writes  |  more than 5 years ago

Earthquake Retrofit (1372207) writes "NASA has released an extensive report on science results from experiments performed on the International Space Station. From the summary:

"One of the most compelling results reported is the confirmation that the ability of common germs to cause disease increases during spaceflight, but that changing the growth environment of the bacteria can control this virulence. The Effect of Spaceflight on Microbial Gene Expression and Virulence experiment identified increased virulence of space-flown Salmonella typhimurium, a leading cause of food poisoning. New research on subsequent station missions will target development of a vaccine for this widespread malady."

I can't tell if this is good news, bad or both.

Also from a quick look at the report (http://www.nasa.gov/pdf/389388main_ISS%20Science%20Report_20090030907.pdf), I see that soybeans grow bigger in space with no harmful effect."

Link to Original Source

Online game unleashes unholy rage on abusers

Earthquake Retrofit Earthquake Retrofit writes  |  more than 5 years ago

Earthquake Retrofit (1372207) writes "Ars has a story about Eve Online dropping 9000 accounts for real-world trading of in-game money for profit. From the article:

"Those who buy and sell ISK, the game's currency, are not only exploiting the game, but unbalancing play. That's why the company decided to go drastic: a program they called "Unholy Rage,"

For weeks they studied the behavior and effects these real-money traders had on the game, and then they struck. During scheduled maintenance, over 6,000 accounts were banned. Hreiðarsson assures us that the methods were sound, and the bannings went off with surgical precision.

While the number of accounts banned in the opening phase of the operation constituted around 2 percent of the total active registered accounts, the CPU per user usage was cut by a good 30 percent."

Looks like they got the right 6000."

Link to Original Source

Return to those wild days of yesteryear?

Earthquake Retrofit Earthquake Retrofit writes  |  more than 5 years ago

Earthquake Retrofit (1372207) writes "Brian Krebs has a story about cyber squatting on social networking sites. He sites cases of people being impersonated and reports: "A site called knowem.com allows you to see whether your name or whatever nickname you favor is already registered at any of some 120 social networking sites on the Web today. For a $64.95 fee, the site will register all available accounts on your behalf, a manual process that it says takes one to five business days." If that last statement is true it implies that people are being employed, not a bad thing overall. But is it time to saddle up for a new round of Internet land grabs? Steve"
Link to Original Source



Adventures in modern programming

Earthquake Retrofit Earthquake Retrofit writes  |  more than 5 years ago

I learned to program in BASIC on a TRS-80 model 1 level 1. By the time I got level 2 BASIC I was already exploring machine language. I actually hand assembled some stuff. Later I learned PL/I, Pascal, assembly in IBM 370 (got an A) and, god help me, COBOL at university. But that was all thirty years ago and only had a Commodore well into the 1990s.

I recently watched the lectures at the M.I.T. website for the introductory C++ course. The professor was quite entertaining but wasn't too useful on a practical scale. No doubt the labs are much more informative. But it got me inspired to learn a modern language. The Microsoft APIs were enough to chase me away from assembly for a while. And got me to install Linux.

I'm not completely clueless and I've read all about Java since it started and OOP. And I never quite got it. Lots and lot of tutorials exist on the web, some of which are worse than useless for a beginner. But this time I wasn't going to be discouraged. I got going and decided I would make a spaceship. Threads, I think. Now that's something I can have fun with.

At "http://www.linuxselfhelp.com/HOWTO/C++Programming-HOWTO-18.htm", I found this mess:

class Thread
            int Start(void * arg);
            int Run(void * arg);
            static void * EntryPoint(void*);
            virtual void Setup();
            virtual void Execute(void*);
            void * Arg() const {return Arg_;}
            void Arg(void* a){Arg_ = a;}
            THREADID ThreadId_;
            void * Arg_;
Thread::Thread() {}
int Thread::Start(void * arg)
      Arg(arg); // store user data
      int code = thread_create(Thread::EntryPoint, this, & ThreadId_);
      return code;
int Thread::Run(void * arg)
      Execute( arg );
} /*static */
void * Thread::EntryPoint(void * pthis)
      Thread * pt = (Thread*)pthis;
      pthis->Run( Arg() );
virtual void Thread::Setup()
{ // Do any setup here
virtual void Thread::Execute(void* arg)
{ // Your code goes here

Forty three lines. All this to implement a thread? Oh, well look at all the difficulties you have to overcome:

"The create a thread, you must specify a function that will become the entry point for the thread. At the operating system level, this is a normal function. We have to do a few tricks to wrap a C++ class around it (*) because the entry function cannot be a normal member function of a class. However, it can be a static member function of a class. This is what we will use as the entry point. There is a gotcha here though. Static member functions do not have access to the this pointer of a C++ object. They can only access static data. Fortunately, there is way to do it. Thread entry point functions take a void * as a parameter so that the caller can typecast any data and pass in to the thread. We will use this to pass this to the static function. The static function will then typecast the void * and use it to call a non static member function."

* He doesn't say why on Earth I would want to...

A FEW tricks he says and a gotcha. And still does nothing yet. Now look at this thread declaration:

shield_running(void* data) {

        float fuel_usage = .0195; //rate of use kilos per minute

      while (Shield.power_on == true){
        Shield.min_of_operation = (Shield.min_of_operation + (1/60));
        Cargo.fuel = (Cargo.fuel - fuel_usage);
        Air.dust = (Air.dust + .0001);
        if (Shield.boost_on == true) {Cargo.fuel = (Cargo.fuel - fuel_usage);};
        sleep(1); };

which is started by the following:

if (choice == "so") {Shield.power_on = true;
        choice = "0";
        thr_id = pthread_create(&p_thread, NULL, shield_running, (void*)&g);};

Only seventeen lines, it actually does something, is very easy to understand, was easy to adapt to other systems like my oxygen generator, and if I had 100 shields I could start a hundred threads. My teachers at SIU would not have liked the lack of comments, but C++ is almost self-documenting. And if this is actually true: "The call to pthread_exit() Causes the current thread to exit and free any thread-specific resources it is taking." then there should be no problem with memory leaks which I know jack about.

Both are written in the same C++. That's why I decided to learn C++. I could do it my way. I get the first example, Now. But I LEARNED from:

This one has clearly explained concepts and example programs that ACTUALLY COMPILE!

'Public' and 'private' and 'restricted'? Global and local are good enough for the likes of me. But I'm not totally close-minded. I suspect that a graphic user interface, which every modern spaceship should have, may actually require the use of classes. If so, like the way Republicans say they voted for McCain, I'll hold my nose and do it.

Now if only I could find a simple example of a C++ program with a simple GUI that ACTUALLY COMPILES on Kdevelop, I might have enough fun for another thirty years. Tonight... make that tomorrow, I'm trying out QT designer.


Buffer overflows explored

Earthquake Retrofit Earthquake Retrofit writes  |  more than 5 years ago As a beginning assembly language programmer, I've been having trouble getting my head around buffer overflows as a security vulnerability. The popular media has many lurid stories containing few details and the detailed descriptions often mean nothing to me. So I decided to design a purposefully insecure program as a thought experiment.

I make a web page with a box labeled "Type your 16 charecter password to get the file." When the user presses ENTER whatever he typed is sent to my program without any check for the proper length. I have read that any client-side bounds checking could be disabled. Hole number one. I would leave the check in anyway.

A 16 byte variable will hold the user's password and is defined in memory and initilized to -1 just before the beginning of the code for the first procedure. So anything written starting at that address that's longer that 16 bytes overwrites what comes after in the program. Hole number two? But this is crazy, variables are defined all over the place.

Now, the first procedure displays the file. Let's say that routine is 100 bytes long. The second procedure checks for a valid password and returns zero in a register if the password is valid, unchanged if not.

A third procedure, trusting the client-side checking, if there was any, blindly writes whatever it gets from the user to memory starting at the address of the password variable, so anything bigger than 16 bytes begins to overwrite the code that follows. Overflow. Hole number three.

So if an attacker types in any 16 characters and then the exact 100 bytes of the hex code of the first procedure, which can't be changed if the attacker wants the file, then replaces the guts of the second procedure, which checks the password, with hex code that only has to set the register to zero and return from the procedure. Exploit! As long as the modified code is running, any subsequent user will also have access to the file as long as their password is 16 charecters or less.

But an attacker would have to know the exact 100 bytes of the first procedure to get the file. Get it wrong, and the program crashes or behaves unpredictably which I have no idea how to exploit. But it is a denial of service. Get it right and subsequent users could also easily crash it. But unless I publish the source or executable code how would anyone know? It's only running on my machine. Security by obscurity?

This does seem to meet the description 'allows attacker to execute arbritary code.' If the attacker isn't interested in the file, he or she could inject code to take over my box IF the running program has administrator privileges. That would be hole number 4.

All of these holes, except maybe number one and two, seem to be easily prevented, so why do buffer overflows occur so often? This all seems obvious to me as a beginner, but there's a lot I don't know yet. For instance, 19,000 windows APIs.



Installing an editor/assembler

Earthquake Retrofit Earthquake Retrofit writes  |  about 6 years ago

Well, it had warned me, but holy shit the anti-virus went off like I've never seen before. So I choose 'send file(s) to virus vault' and worried, but perhaps feeling brave, (or crazy see below) keep going. Weird console window but it seems to be assembling and linking libraries, just like it said. Run the editor, File, Open... SIRENS warning warning Trojan. "WTF, just from looking at a directory?" Alright, this isn't working. I checked the add-install list, nothing, but I already read that it would be unzipped not 'installed'. I deleted it all. Back to the website. The guy at the forum says "It's not my fault, It's not my fault! huristics don't understand assembly level programs because we're crazy."

"Okay," I think, "that makes sense." And the free AV I'm using is one of the two implicated. I disable my internet connection and I'm not turning off my huristics so I'll just choose ignore. I run the installer, same as before, ignore ignore. So far so good. I run the editor, fine. File, Open, warning! warning! No, I'm gonna get tired of this. So, back to the AV. Turn off huristics. Run the editor. No effect, same as before. But I happened to noticed the 'exclude path' choice on the AV advanced menu and that finally worked.

File, Open, example1.asm. "Oooo, pretty."

So my question is, just how crazy do assembly level programmers have to be? Steve

Slashdot Login

Need an Account?

Forgot your password?