Forgot your password?

Comment: Doesn't sound like much of a leap (Score 1) 99

by bussdriver (#47575373) Attached to: "BadUSB" Exploit Makes Devices Turn "Evil"

I was reading about more capable hacks back in 2005 back when there were people doing attacks against the generic device drivers for ... well, any type of USB device driver. Plus using it to pick up the keyboard or injecting data to mess with other devices on the bus.

TFA sounds to me like a much more limited attack and not all that creative since we've had a decade+ of USB devices that spoofed multiple devices -- I'm specifically thinking of those spoofed CD-ROM drives on some of those old Flash sticks.

Keyboards? doesn't sound all that useful at 1st glance... but finding a fool proof script to open up a terminal on a mac sounds like an interesting challenge. linux? too much variety. windows... getting to the run cmd is easy.

If you don't have a locked screen saver... which has been a MUST forever... a well written script could just be run from anywhere (just post it online, type in the URL and exec the file) which does most everything you need without admin access but could later also trigger some stuff to attempt privilege escalation attacks... like the police can already buy on usb flash (and whose software is signed by the OS vendor as trusted.)

What would really be interesting are attacks that unlock the screen saver... or some generic driver exploit that allows custom error messages to pop up on the OS... "The radiation shield on your monitor has broken, please sit back 4 ft to avoid being irradiated."

Although given the huge number of exploits and flaws in drivers--- I would like to see something push for greater quality and if that means popular USB stick exploits where it spoofs crap hardware to trigger automatic installation of crap drivers... would be nice to see hardware vendor drivers getting banned/noticed for poor quality.

Comment: Re:schadenfreude (Score 1) 84

by JustNiz (#47575353) Attached to: Crytek USA Collapses, Sells Game IP To Other Developers

>> in 2007 when it launched it was literally impossible to run it at the best settings.

Sorry but completely not true.
Admittedly my PC had a high-end video card and CPU for its time, but Crysis definately ran fine with best settings on my rig.

As I recall, the larger negative issue about Crysis was that it was VERY buggy on release, and to make matters worse, the game was pretty much already old news and in the discount bins by the time Crytek finally started releasing patches for it.

It seemed that Crysis/Crytek was just one of the many victims of a bunch of clueless MBA beancounters that seemed to be taking over every tech company back then. it seemed that many tech companies were suddenly switching culture from being very aware of the importance of shipping quality products, to incorrectly thinking they could get away with shipping any old broken crap as long as they met some arbitrary internal deadline.

Comment: Re:Have you actually been to China? (Score 1) 93

by drinkypoo (#47575337) Attached to: Chinese Government Probes Microsoft For Breaches of Monopoly Law

You do realise the US does exactly this as well, and the prisons are corporations, and America even has more prisoners.

And? I didn't say the US didn't have any of these elements. I said that China did.

Posting ac as I spent all my mod points before reading this complete rubbish.

I note you didn't actually disagree with me. Obviously it isn't complete rubbish.

Comment: ...compared to the power of ACTING!! (Score 1) 98

by dfenstrate (#47575311) Attached to: Unesco Probing Star Wars Filming In Ireland

The power to destroy a habitat is nothing next to the power of Money.

One must really wonder what is so special about this location, that they A) feel the need to risk damage to the habitats to film, and B) could not be reproduced in a green screen environment like they do everything else.

Excessive use of green screen likely helped Episodes 1-3 be so terrible- wooden acting being one of the many problems. An actor's performance can only be improved by actually being in the environment their character is supposed to be in.

Comment: Re: Very original (Score 1) 72

Not with a fan that size. and I highly doubt that a HEPA filter and a fan works. you need significant air pressure behind the fan to get any real filtering volume.

Honestly people buying cheap pleated paper furnace filters and doubling them up over their windows will be more effective. when it can filter 50CFM then I'll be impressed. and that will be for a very small one that can barely keep up with air leakage of a tiny apartment.

Comment: Re:Very original (Score 2, Interesting) 72

Comparable particle counts HOW? right up against the filter? What about over time? Zero details except you MUST go to his workshop for $33 to find out... Fishy...

I have a rock that keeps tigers away, My most recent tiger count shows zero so it's as good as a $10,000 tiger cage.

Need real data, full information on how the test was done and for how long. Anything else is made up BS or misinformation.

User Journal

Journal: Nobots: now in paperback

Journal by mcgrew

It annoys the hell out of me that my books are so damned expensive, which is why I wanted Mars, Ho! to be 100,000 words. I'd hoped that possibly Baen might publish it so it would be, oddly, far cheaper. I can buy a copy of Andy Wier's excellent novel The Martian from Barnes and Noble or Amazon for less than I can get a copy of my own Paxil Diaries from my printer, and Wier's book is a lot longer.

Comment: Re:USB 4.x to offer signed USB device signatures?? (Score 1) 96

by Lumpy (#47574793) Attached to: "BadUSB" Exploit Makes Devices Turn "Evil"

All you need to do is have the USB drive mounted by a locked down device. Example, RasPi set to read only on the OS and disable everything all it does is mounts the USB drive and then offers up the contents via the network.

I dont care what you have in the USB stick it will not auto run and infect. then your can look at the contents with another pc via the network and see the real contents or even run automated tests on it before it is available to the users machine.

It is not hard to make something that will stop this crap.

Comment: Re:So China is going to do (Score 1) 93

by drinkypoo (#47574349) Attached to: Chinese Government Probes Microsoft For Breaches of Monopoly Law

So, non-free dependencies? Not on my watch!

The specifications for the required ammunition are well-known. The stuff is harder to make than the firearm, however. For that to differ you'll have to use something substantially higher- or lower-tech, e.g. caseless or black powder. And caseless ammo is only easier to produce if you disregard the difficulty of producing a practical propellant.

Comment: Didn't ICANN already give them all to godaddy? (Score 1) 72

by damn_registrars (#47574319) Attached to: Countries Don't Own Their Internet Domains, ICANN Says
ICANN's primary objective - at least for the last 10 or so years - has been profit maximization. They have done everything they can to help registrars make more money without concern for the long-term consequences of atrociously bad decisions (such as selling gTLDs).

You will lose an important disk file.