FWIW, I tried changing "echo vulnerable" to "whoami" and it didn't work. In fact, it segfaulted! Then I changed it to "echo `whoami`" and it worked as expected. So while it may possibly only work directly with built-in shell commands, they still get the full benefit of the command line parser and its handling of backquotes.

Sure, but anything remote that can set up environment variables before starting bash can exploit it. Lots of idiot programmers like to blindly shell out to do stuff even when there's a simple library function to do things, such as unlink("$path") vs. system("rm $path"). And environment variables have this pesky habit of sticking around when you do that. Environment variables are commonly used with CGI, which is also commonly used with idiot programmers. So while it may be a "local" exploit, that's with unusually large values of "local".

Except by the Russians. Sort of.

In Soviet Russia, you are the one droids are looking for!

Even better low-tech solution: camoflauge cover. I saw that pic of the half-built Millennium Falcon the other day. Completely open to the sky.

They're a California company, they would have had The Beach Boys there for sure.

In other words, they have failed to understand (or more likely succeeded in forgetting) the primary purpose of recorded music. It is something you can listen to while doing something else.

"Interactive" music is not music, it is an interactive activity (aka game) which happens to contain music.

And he's right about one thing, I won't be pirating it, because I don't want it. That's a great way to stop piracy, with the minor side effect of stopping sales, too.

So that we can laugh at the balls it takes to come up with this kind of thing. "Damn, why didn't I think of that?"

Here's a pretty good analysis of 4-digit PIN distribution: http://www.datagenetics.com/bl...

If it was working perfectly fine until they changed it with no option to use the old rendering, I would consider that a bug on their side. The GPU being able to be locked up is indeed a problem, but one that that I am surprised hadn't been a problem before, like when 10.6.x was new. In researching what the hell was happening, I found that the usual fix for other OSes is to keep one reserved thread (or whatever they're called) running on the GPU that allows it to be reset in case it gets totally fucked up.

They "upgraded" something that was working perfectly fine, without even a configuration option to go back to the old rendering?

Well it's only been a few decades, and I was mostly a Mac user back in the day. I did remember enough about VGA that as I posted, I was wondering where the hell all the color came from, because I was sure that 640x480 was only 16 colors. Oh the joys of cramming a frame buffer through a tiny chunk of a mere 1 megabyte addressing space. But at least I got the approximate CPU range right.

And FWIW, shrinking the screen down (and a coprocessor in the cartridge) was how they got it to run on SNES.