Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment This is not "code encoded as pixels" (Score 5, Informative) 106

This is not "code encoded as pixels" as some comments here describe it. Its much better. Its actually recreating basic logic gates using the pixels + a single pass of the JBIG2 decompression algorithm, recreating basic assembly operations including registers. Its kind of like Conway's Game of Life, just by flipping bits off & on it results in something Turing complete. From the article:

"JBIG2 doesn't have scripting capabilities, but when combined with a vulnerability, it does have the ability to emulate circuits of arbitrary logic gates operating on arbitrary memory. So why not just use that to build your own computer architecture and script that!? That's exactly what this exploit does," the researchers explained.

"Using over 70,000 segment commands defining logical bit operations, [NSO’s hackers] define a small computer architecture with features such as registers and a full 64-bit adder and comparator which they use to search memory and perform arithmetic operations. It's not as fast as Javascript, but it's fundamentally computationally equivalent."

"The bootstrapping operations for the sandbox escape exploit are written to run on this logic circuit and the whole thing runs in this weird, emulated environment created out of a single decompression pass through a JBIG2 stream. It's pretty incredible, and at the same time, pretty terrifying,” the Google researchers added.

Comment It couldn't find my record, not a good start (Score 1) 167

I got my vaccine 4 weeks ago at Walgreens (big, common pharmacy in CA). I don't remember if I put down my phone number or email when I did, so I tried registering first with my email and then with my phone number, in both cases I got a response that they weren't able to find my vaccine record.

Comment Re: Business as usual (Score 1) 39

Well based on Wikipedia, it ended up not selling it because of pressure from the US: > Israel was ready to sell China the Phalcon, an Israeli airborne early-warning radar system (AWACS), until the United States forced it to cancel the deal but the next sentence did surprise me: > Some estimate that Israel sold arms worth US$4 billion to China in this period. However reading through the article gives it more context, China was one of the first to recognize Israel's right to exist, they both opposed the Russian-Afghanistan war and partnered in helping Afghanistan back in the day. Man international relations are crazy complicated. Source: https://en.wikipedia.org/wiki/...

Comment Re:in short (Score 1) 63

they actually spent time on non-nullable pointers instead of just using the C++ standard shared pointers and unique pointers. They were writing and using JSON in a capacity where they did not need to talk to anything Javascript related

Where are you getting all of this? This wasn't in the article.

Comment How do you have so much time for development? (Score 3) 109

Hi DHH. How much of the code for basecamp 3 did you personally write? and is it a challenge to clear out long stretches of time for concentrating on development (vs meetings, etc) due to your seniority at the company? From your blog posts it seems that you're definitely still significantly involved in day to day development.

Comment Re:Macbook battery life is insane (Score 1) 291

FYI - on MacBook Pros (maybe on MacBooks too?) - when you close the lid it goes into sleep mode, the little white led stays solid / on all the time, and the HD is still on and you still need to be careful of shaking/moving it too much. After you wait a few minutes it hibernates automatically, you can know its done if the led starts blinking/pulsing slowly, then its safer to move the laptop around.

Comment Re:OK, dumb question after reading the article (Score 5, Insightful) 747

The problem with that logic is that Stallman missed a huge point. If, from his example you're using Google Docs, even if the JavaScript is "freed" using his new standard with stylized comments and the @source directive - you are still accessing non-free server software (the Google web servers) that responds to the AJAX requests. Not only that, but your browser is also making a call to the Google Ad server, which also has non-free software. You might also argue that its being served by a modified version of MySQL thats non-free, and perhaps even the firewall and the proxy that its passing through is a custom version written by Google Engineers (likely.)
Censorship

Belgium May Prosecute the Church of Scientology 755

sheean.nl writes "A Belgian prosecutor recommended after a 10-year investigation that the government prosecute the church of Scientology. The church is accused of being a criminal organization involved in extortion, fraud, unfair trading, violation of privacy laws, and unlawfully practicing medicine. Both the Belgian and the European branches of the church should be brought to court, according to the authorities. The investigation was started in 1997 after former Scientologists complained about intimidation and extortion by the church. Other European countries such as Germany have problems with Scientology, but in the US it is officially recognized as a religion. Scientology has 10 million members including high-profile followers such as Tom Cruise and John Travolta." Scientology has long used heavy-handed legal and other tactics to suppress opposition on the Net.

Slashdot Top Deals

"What man has done, man can aspire to do." -- Jerry Pournelle, about space flight

Working...