Assuming it uses a version of openssl that supports the relevant TLS feature, SSH servers are absolutely vulnerable. Connect to one, carry out the attack while it waits for you to authenticate; now you can steal its secret key. This is also a way that a malicious SSH server could attack the client; possibly stealing things like the client private keys (SSH being one of relatively few places where asymmetric client authentication is common).

Don't just encrypt them - move them out of process entirely. Have a security broker that knows your secrets, but doesn't talk to *anything* except local clients (on the assumption that if the attacker has arbitrary code execution, it's game over anyhow). Use inter-process communication to get secrets when needed, but preferably don't *ever* hold sensitive data in memory (for example, instead of using your private key directly, you ask he broker process to sign a binary blob for you, and it does so using your key and returns just the signature). Use "secure buffers" in managed code, or "secure zero" functions otherwise, to eliminate any sensitive data from memory as quickly as possible.

Yes, this used to sound paranoid. Actually, it still does sound paranoid. But, there's now a great example of a scenario where this is a Good Idea.

Of course, you have to make sure that broker is Really Damn Secure. Keep its attack surface minimal, make sure the mechanism by which it identifies whose key to use is extremely robust, and if possible make it a trusted part of the OS that is as secure from tampering as possible (Microsoft already has something like this built into Windows). There's also a question of how far to take it. For example, you could have the broker handle the symmetric encryption and decryption of TLS data (the bulk data part, after handshaking is completed) but that could impact performance a lot. Keeping the symmetric key in memory isn't so bad, really; it's ephemeral. However, if an attacker has a vuln like this and wants to read the traffic of a target user, they could attack the server while the user is using it, extract the symmetric key, and use it to decrypt the captured TLS stream. Keeping the key in-memory only while actually losing and (securely) purging it between response and the next request might be a good middle ground, perhaps?

No, you got it quite right. A server could grab browsing history, JS memory contents, stored passwords, and authentication cookies from a browser. It's not just web browsers, though; a malicious server could also steal email (from other email accounts) out of a mail client, and so on. For the handful of services that use client certificates, a server could steal the *client's* secret key.

Browsers (or other clients) that use multiple processes have some degree of safety, as this exploit can't read across process boundaries. It's also completely passive; just because every Chrome tab *can* get the cookies that are currently being used in every other Chrome tab doesn't mean that they are always loaded in each tab's process' address space (though I don't know if they are in practice or not).

Still, this is a grade-A clusterfuck security-wise. The ability for an unauthenticated attacker (all you need is an open TLS connection; that could be the login screen) to read memory off the other side of the connection is the kind of exploit you can make movie-grade "hacker" scenes out of. For a simple example you might see somebody pulling, you could use this exploit to decrypt any connection you recorded, assuming the server hadn't rotated its private key since then. If you can be fast enough and are in an intercept (MitM) position rather than just monitoring passively, you could even grab the keys in real-time and have complete control, invisibly, over the connection. From there, you could even read memory from the client and (continue reading from) the server at the same time!

You could probably do it automatically using a Raspberry Pi hiding behind the flowerpot in a café. I'm not joking.

I've been in the security world for years and I don't think I've ever seen so bad a vuln. Yes, things like "goto fail" were mind-blowingly stupid, but they still only let you MitM connections if you were in the right place at the right time. This one is strictly better and enables a huge number of alternative attacks.

How the fuck did this get modded up? Idiot mods (and "DarwinSurvivor", apparently) can't read a link, I guess...

The only way this could have been stupider is if it was actually the same link, instead of merely being a link that I could tell, just from the URL, was about exactly the same issue.

Morons.

Thanks for the tip. I use Namecheap and didn't know about this feature.
Now I can stop answering the no-ip emails every month.

It need not be a revolution of our understanding; it might "simply" lend an incredible degree of support to a bunch of our current theories. We've got lots of theories about life that once existed on Earth but no longer does, and lots of theories about how life arose on Earth, and something like this could mean a ton for our ability to understand such things.

Would extraterrestrial life have its proteins folded the same way? Would it even use the same proteins? Would it have adapted a double-helix structure like DNA, or still be single-strand like RNA, or something else? What chemistry would it use (aerobic is not impossible, but seems unlikely - then again, I'm not a biologist)? There are many more questions that could be asked, and answered, by those who know more of this subject than I do... if we can, in fact, find such life.

On the other hand, if we can't, then that has some interesting implications as well. Are the "building blocks" of life present? If so, maybe life is extremely unlikely to ever spontaneously occur. Is that ocean completely sterile? If so, why is Earth different? What are the differences which could account for that difference, and how likely are they?

*MOST* of that is because the software expects to be running as Admin all the time. The vast majority of general use software can be coaxed into working on NT 6.x, sometimes just by changing ACLs on things that it wants access to (like being able to write to its home directory). Of course, to most people, if they double-click the icon which the installer put on their desktop and it doesn't work just like that, then "it doesn't work" and they complain.

With that said, there's definitely other stuff that changed. Older Windows versions allowed opening block devices directly if you have enough permissions, while newer versions require an extra call into the driver to enable a given user-mode process to do so. There have been some similar changes to low-level access to hardware, especially legacy hardware interfaces, in other places too..

Wow, you have *no* fucking idea what you're talking about, do you?

Let's see... there is simply nothing equivalent to the Mandatory Integrity Control system in NT versions before 6.0 (Vista/Server 2008). You can't build that on top of the existing ACL system, because the existing ACL system didn't support anything that behaves that way. ASLR is a major change in the way processes start and load libraries. The "split token" model for UAC - where the same account can usually be a non-Admin but sometimes be an Admin without actually changing to a different user - is also completely new and wasn't possible before, because that kind of group membership used to be tied to the user's identity.

Then there's all the tons of other stuff that changed. One good example is the removal of the global scheduler lock, which substantially improves performance on machines with multiple hardware threads when making frequent context switches (as desktop OSes often do). The switch to user-mode drivers for most things - including video drivers, which were one of the primary causes of BSODs on XP - is another big deal; the video driver model of XP requires kernel-mode drivers and it was a major effort to re-architect the driver model so that the kernel could simply restart a crashed video driver. Full IPv6 support required substantial changes to the network driver interface.

The fact that the ABI hasn't changed *more* is a testament to Microsoft's backward compatibility efforts - usually in the form of leaving legacy interfaces in place for legacy code to use, but deprecating them for new code - but it has definitely changed. Leaving aside the stuff that is purely additions to the ABI, you still have things like the updated NDIS requirement causing some legacy WiFi drivers to be unable to get IP addresses, and the removal of the XP video driver model in Win8+ makes anything pre-WDDM incompatible at the binary level.

Oh, bullshit. XP isn't a single monolithic and atomic (indivisible) entity. Microsoft has no further commercial interest in the particular combination of executable binaries, resource files, patents, and support obligations which, when combined, make up Windows XP. That doesn't mean "no... interest in XP whatsoever" at all.

Win7, Win8, WP8, and Windows RT are all based on the same kernel and user-space as XP. Presumably you agree that Microsoft can, with a "strait[sic] face", claim that those products contain "valuable intellectual property", right? Well, some of that valuable IP is also in XP. You cannot, with a straight face, reasonably claim that Microsoft has no further commercial interest in NT-based operating systems, can you?

If at some future point they completely drop Windows-as-we-know-it - the kernel, the subsystems, the shell, the libraries, the tools and utilities, etc. - then you can make that claim. Right now, they still have a lot to lose if they release that IP.

As for begging, I'm sure MS would happily sell you an XP copy if you could completely absolve them of all responsibility for it. That means not only remove their responsibility to maintain it (which, incidentally, you *can* pay them enough to do... it's just hideously expensive) but also to test compatibility and attach their reputation to its behavior. XP is substantially less secure than newer Windows versions, lacking important security features which have been standard for over five years now; if you buy XP and then get pwned, that reflects poorly on MS (especially if the news is publicized). How much are you willing to pay them to account for those kinds of risks?

Or populated the earth Himself. Or come up with a sin-free reproductive option. It's not as if the urges of lust need to lead to reproductive behavior, *or* that - for believers - engaging in a non-sinful and possibly even unpleasant reproductive act would have been unreasonable. I mean, cutting a boy's foreskin can't exactly be a pleasant act for any party involved, if not for the religious connection. If the ancient Jews were willing to do that then surely something similarly unpleasant and non-sinful would suffice for *making* the baby!

Of course, as long as we're allowing God to set the rules and ignoring all the ways in which evolutionary biology fits the fact better than *any* form of intelligent design, why the hell are we born as babies anyhow? Adam and Eve were not, to the best of my knowledge, created as newborns. They had adult bodies and adult-level intelligence, even if they were naive. If God's goal was to have there be lots of human "children" (in the sense that Adam and Eve were - innocents in the Garden of Eden) then why ever not allow humans to be created whole to he same state that the *first* humans were created? Of course, all of this is set up to support the commandment of going forth and multiplying; seems like there are any number of easier options God could have created if He just wanted some life made in His image. Why bother with things like aging (and why has it accelerated since "ancient times"? Methuselah was merely the longest-lived if his generation, he wasn't much an outlier within it though) or disease (I don't recall bacterium being implied necessary at any point), or indeed mortality at all?

Incredibly enough, the Mormon version of Genesis makes *even less sense* than the usual one! I could continue picking this apart for hours. Omnipotence is the ultimate cheat card in reasoning. It's like breaking the rules to even assume the potential existence of such a (benevolent) power, because everything that isn't perfect in the world is arguably proof - certainly evidence - that He doesn't exist!

Not just PS, that's a common pattern in many scripting languages, especially shell scripts. Microsoft picked from the best (there's a number of bash-isms in Powershell, for example) when writing that thing.

The compiler really *should* complain about assignment in a test statement, because it's a really common error to make. Or you can remove that option entirely (make assignments valueless statements, in which case that's a syntax error and won't compile at all) but then A) you're forking the languages, and B) a lot of handy stuff like a=b=c=50; stops working unless you special-case it. Better to special-case the if(herp=derp) case, although if you do it as a warning some people will just ignore that...

It's already completely possible to run native or managed desktop apps on RT. You just need to "jailbreak" it first to remove the signature enforcement on user-mode full-trust binaries. RT 8.0 has been jailbroken since like a year ago...

The jailbreak for RT 8.1 is in development. Microsoft put a completely unjustifiable amount of effort (IMO) into making sure RT 8.1 sucks even more than RT 8.0, but nothing that complex is perfect. If you have a gen1 RT device (anything except a Surface 2 or Lumia 2520) you can downgrade to 8.0 or even dual-boot. Or you can just be patient; the 8.1 jailbreak will be out as soon as it can be made stable.

So... if we *do* notice you're there (because your edits add things that are obviously unnatural to anybody who doesn't go through life half-asleep) does that mean you're doing your job wrong? Because that's what it sounds like to me.

Nobody objects to removing incidental sounds that are distracting (although a complete lack of background sounds, such as some older movies have in a number of shots that obviously shouldn't be so silent, is quite bad itself and "makes me see the stage" if you will, breaking immersion). We object to gratuitously *fake* editing (that being, after all, the topic of this whole discussion). And yes, it's gratuitous. Nobody is going to unhappy because the tires grind on gravel instead of screeching on pavement unless there is, in fact, pavement under said tires. The reverse (demonstrably) is not true.

Besides, there's still a lot you can do by adjusting what sounds are focused on (even if the mic barely caught them the first time). For example, a patter of falling gravel following the departure is the audible equivalent of a cloud of dust: it's what we expect from a fast departure on gravel (as opposed to a leisurely/polite one) because it's what actually happens.

Note that I never watched Dukes, so maybe there's some reason you couldn't establish (even after the fact) that they were on gravel, but I find it very hard to believe that the gravel was *so* incidental to the setting that squealing tires on pavement is *less* likely to break suspension of disbelief.

... That's half the RAM cache on my (3TB magnetic) secondary disk drive. It's one fifteen-thousandath the storage on my primary SSD. 32GB of Flash on a magnetic HDD would be nice. 32MB is quite worthless. It's slower *and* smaller than the RAM cache on any modern drive (my 3TB drive is 1.5 years old).

I put a 240GB SSD and a 3TB spinny HD in my homebuilt PC about 17 months ago. They both cost the same, $90.

That was most of an iteration of Moore's Law ago. $0.50/GB is actually quite a lot.