Forgot your password?

Comment: Re:Dear Sony, I am delighted! (Score 1) 154

by ArsenneLupin (#48458553) Attached to: Sony Pictures Computer Sytems Shut Down After Ransomware Hack

every officer of the company needs to do the honorable thing and leave the company, leave the industry, and get a job more suited to their ethical and strategic skill set. Like flipping burgers, or arranging the sushi on the platter.

Are you sure these are appropriate jobs for Sonyscum? Personally, I wouldn't want to eat burgers laced with exlax, or sushi caught from the waters next to Fukushima...

Comment: Re:Fix a thumbdrive virus by doing WHAT??? (Score 1) 555

by ArsenneLupin (#48428021) Attached to: "Barbie: I Can Be a Computer Engineer" Pulled From Amazon

The suggestion in the book that it would be appropriate to plug a known-virus-infected USB thumbdrive into another computer in order to fix it seems totally crazy to me. Even if the second computer does have better security there's no guarantee the virus isn't a new one that hasn't made it into virus checker recognition databases yet...

Yeah, but you forgot an important detail... The suggestion was not just to plug it in to another computer, but to plug it into another computer that isn't yours. In case it does becomes infected, you just sneak away, and pretend that nothing happened...

But only if you're a boy. If you're a girl, you just keep sitting next to it and weep...

Comment: Re:They WILL FIght Back (Score 1) 516

by ArsenneLupin (#48418763) Attached to: Rooftop Solar Could Reach Price Parity In the US By 2016

Everybody knows wind turbines are eye sores.

They obscure all the lovely smoke stacks.

A couple of years back, the French complained that a new wind turbine field in Germany was spoiling the nice scenic view of the Chateau de Malbrouck (located just opposite the German-French border from that infamous field).

Unfortunately, they conveniently completely forgot what the Germans see when they look at the Chateau de Malbrouck

Comment: Re:What the hell (Score 1) 168

by ArsenneLupin (#48316585) Attached to: Ask Slashdot: Single Sign-On To Link Google Apps and Active Directory?

If you are turning north from I-10 onto I-65, or if you are on I-65 and turning east or west onto I=10, you have already failed at taking the quickest was from anywhere to anywhere else.

Just looking at a map, while coming from North I-65 and going east on I-10 looks kinda nonsensical, going west doesn't look so bizarre. You'd use that connection when going from Montgomery to New Orleans, wouldn't you?

Or is that just a general comment that those roads tend to be congested, and are never the quickest way (no matter which way you turn?)

Comment: Re:The more things change the more the stay the sa (Score 1) 728

by ArsenneLupin (#48111145) Attached to: Why the Trolls Will Always Win

"politic" meaning roughly in the original Greek "To shout down"

Bullshit. The word "politic" is derived from "polis", the Greek word for "city". So "politics" is the art of running a city (or city-state, as most cities were back then), not the art of shouting your opponent down...

Comment: Re:Only CGI scripts affected? (Score 1) 399

by ArsenneLupin (#47991853) Attached to: Remote Exploit Vulnerability Found In Bash

Oh I had the same thought....I mean, by the time an "attacker" is modifying arbitrary environment variables in your process,

Which is the case on most Apache Web server configs: the client has full control over the HTTP_REFERER and HTTP_USER_AGENT variables... And the exploit in question works with any environment variable, including those 2.

Well, starting from here, you are vulnerable as soon as:

  1. You have a CGI script written as a #!/bin/bash script on your system
  1. You have /bin/sh symlinked to /bin/bash (used to be common in many Linux distribution), so as soon as a script calls system(), /bin/bash gets executed, along with the scripts full environment...

Comment: Re:Really? Using bash for CGI? (Score 2) 399

by ArsenneLupin (#47991811) Attached to: Remote Exploit Vulnerability Found In Bash

The problem affects any CGI that *calls* bash, which means any call to system() in any language is going to cause a problem.

Nowadays, on most systems, /bin/sh is a proper Bourne Shell (either ash or dash), and no longer bash. So system() should no longer be an issue, but explicitly calling bash still would be...

Comment: Re:Full Disclosure can be found on oss-security... (Score 1) 399

by ArsenneLupin (#47991801) Attached to: Remote Exploit Vulnerability Found In Bash

Just ran pacman -Syu

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

Good. And now on to the next level:

env X='() { (a)=>\' bash -c "echo /usr/bin/id"; cat echo

The reason that every major university maintains a department of mathematics is that it's cheaper than institutionalizing all those people.