Last but not least, you might want to dig deep into the bowels of Erlangs runtime (which I've had to do for thornier debugs.) Lists upon lists upon lists -- with syntactic sugar at the language level so you can *pretend* you're not dealing with a list.
And tail recursion is an extremely restrictive programming model. If you break out of the tail recursion model with Erlang (resulting in more readable code and sometimes unavoidable if you want a specific behaviour from your code), be prepared to run out of stack space.
And what is a tuple other than a list of values?
Go back to university and study the basics.
I don't know the fine details of this bug, but am I the only one appalled at how obvious this bug sounds? It doesn't even properly check the certificate? I mean buffer overflows and such are one thing, but not properly testing your certificate code seems unforgivable.
No, it's not that it doesn't check certificates generally, it's that if there's an additional, extra certificate of a particular form in the list that forms an app's certificate chain (but isn't actually in the chain) then that extra certificate gets included in the list of signatures associated with an app... making other apps that query the signature list believe that the app is signed by a certificate it's not. This doesn't, for example, fool the Play store into believing an app is from developer A when it's really from developer B. But it can fool other apps. There are some apps that load others as plugins, and make decisions about which plugins to load based on whether they're signed by a particular key. This flaw allows malicious apps to subvert that, convincing the plugin-loading apps to execute them, thereby giving the malicious app the same permissions as the plugin-loading app.
It's a serious security flaw, no doubt. But it's a little more subtle and less obvious than the summary makes it appear. Also, it appears that no app in the Play store, nor any of the other apps that Google has scanned, attempt to exploit the flaw. It's very easy to identify them by scanning the certificates in the package.
I've implemented tests for certificate chain validation code several times (not in Android), and it never once occurred to me to test for this particular odd construction, nor, I think, would anyone else think to test for it without some specific reason. This sort of bug requires inspection of the code.
(Disclaimer: I'm a member of the Android security team, but I'm not speaking in an official capacity, just summarizing what I've read of the vulnerability -- which isn't a great deal. Others on my team are well-informed, but I haven't followed this issue closely.)
So you would like to buy a carpet, sahib? Here, enjoy a glass of tea.
So. You are able to regurgitate the Israeli propaganda that was fed to the world's press organizations, 40 years ago - building the myth of the ruthless Palestinian and the incomparable IDF.
But the BBC - that revolutionary hotbed of anti-Israeli sentiment - had this to report, confirming what Victor Ostrovsky and others had intimated for many years:
But newly released documents contain a claim that the 1976 rescue of hostages, kidnapped on an Air France flight and held in Entebbe in Uganda, was not all it seemed.
A UK government file on the crisis, released from the National Archives, contains a claim that Israel itself was behind the hijacking.
An unnamed contact from the Euro-Arab Parliamentary Association told a British diplomat in Paris that the Israeli Secret Service, the Shin Bet, and the Popular Front for the Liberation of Palestine (PFLP) collaborated to seize the plane.
The flight was seized shortly after it took off from Athens and was flown to Entebbe, where 98 people were held hostage, many of them Israeli citizens.
socialism stepped in as the american dream eroded.
And now fascism is coming up fast along the rail.
Is Madden still a good game year after year? I stopped playing them back in the '70s (I think), so I really don't know.
Is it like fantasy football, or is it more of a twitch controller game where you have to learn combinations and everything and there's quick time events?
I think EA and Microsoft should do their best to charge customers whatever their customers voluntarily agreed to
"Do their best"? That assumes any overcharges are accidental. You're giving those companies way too much credit.
What was the last time you heard of EA or Microsoft undercharging someone by accident?
Well, it's still your money going into EA coffers.
If you really see them as a company that sees its customers as the enemy, you won't want to be enriching them in any way.
Yes. I've set up alarms on all of my accounts, so that if it sees any payment to "EA", it knows that someone has hacked my accounts, because I will not knowingly give that company my money.
Oh, yes, it would make perfect sense to smuggle rockets into Gaza through Israel. Grasping at straws much?
Still a hugely high risk proposition in the continually updating battery field. A major battery break through of substantially different technology will cripple that investment. Global research on battery technology has never been higher, a bit of Government focus via forced patent sharing and fiscal contribution could push it along even faster.
Limited catalogue all with pay extra for downloadable content, which them becomes worthless if you stop paying the subscription mwah hah hah. You can bet that will be the way psychopath executives will think.
The trouble with a lot of self-made men is that they worship their creator.
