Comment I wish I could believe that (Score 3, Insightful) 284
But I can't.
But I can't.
I'm sure looking forward to their findings!
Hopefully the Chinese will release some high quality pictures. I'm not suggesting the moon landings were fake, but given the overall cost and engineering that goes into such an endeavor, I don't think it's unreasonable to expect photos of the same quality I can take with my cell phone.
I read that the first images we see now are low quality to keep transmission time low. The high quality ones, including full video of the decent, will follow.
Good luck keeping guys with tens of thousands of exploits out of it
As soon as software catches up and makes it practical, the rest of the world is going to dump the US cloud forever.
Sourceforge is garbage now.
If you don't want to be discovered with Bluetooth, don't leave your devices in discoverable mode!
Cryptome notes this document is claimed to be a hoax by a Hacker News user.
Trademark?
It is a fact that the largest US defense contractors had *thousands* of workstations and servers backdoored for *years* before anyone wised up to it. These are networks managed by professionals who really do take security seriously.
I don't think it's unreasonable to believe that tons of machines are trojaned prior to sale.
I have file system 0day. Be sure to dd the content to that flash drive and dd it back off!
There's no reason to use an asymmetric algorithm.
It's like tripwire, except it works on code in memory. It has an online database where hashes of known code are stored in various sizes... so the client will hash 4k and ask the server if this is known. If so, move on we know what it is. If not, split it into 2 blocks of 2k. Can we positively identify that? Anything not identified continues to be split into smaller and smaller pieces.
The software understands how processes are laid out so it's not going to hash your user data as that can't possibly provide a useful result.
The idea is that we need to be able to ask, "Is this really Microsoft Word 2010 patchlevel X running on my system? Has it been modified in anyway, even via hotpatching memory? If so, show me exactly where it has been modified so I can focus my analysis on that"
When you visit the site in Firefox for some reason it just tries to download something. I didn't try with other browsers. That's why I said use IE. Visit in IE and you see a little blurb about it with a couple different options for installing. It uses some Microsoft 1click installer framework... and yeah, this needs some serious release engineering work.
It's alpha code. It seems to work better on HyperV than VMWare too... In VMWare I have to close the target VM (run in background) in order to get it to work. Some kind of locking issue I guess.
Anyway, I think it's a really cool concept. I'm sure there will soon be a proper page put up to describe it, running on a standard port and everything.
Fair point, but it's not like getting something from port 80 or 443 really assures safety.
Like I said it's really alpha. I would not run it on any important VMs anyway.
Oh, and make sure you have
He has not acquired a fortune; the fortune has acquired him. -- Bion
