Forgot your password?
typodupeerror
Encryption

GnuTLS Flaw Leaves Many Linux Users Open To Attacks 127

Posted by Soulskill
from the with-many-eyes-all-maintainers-are-grumpy dept.
A new flaw has been discovered in the GnuTLS cryptographic library that ships with several popular Linux distributions and hundreds of software implementations. According to the bug report, "A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code." A patch is currently available, but it will take time for all of the software maintainers to implement it. A lengthy technical analysis is available. "There don't appear to be any obvious signs that an attack is under way, making it possible to exploit the vulnerability in surreptitious "drive-by" attacks. There are no reports that the vulnerability is actively being exploited in the wild."

+ - MS to Indie Devs: Ya' gotta have a publisher!->

Submitted by Loadmaster
Loadmaster (720754) writes "The new Oddworld game New 'n' Tasty is coming to every platform in the current generation and even the next generation but not the Xbox One. It's not that developer Oddworld Inhabitants isn't porting the game. It's not that they hate Microsoft or the Xbox One. No, it's that Microsoft has taken an anti-indie dev stance with the Xbox One. While the game industry is moving to Kickstarter and self-funded shops, Microsoft has decided all developers must have a publisher to grace their console.

It just gets worse for Microsoft's new console. They spy on you, control who you let borrow, restrict how you can sell the game, and now they are forcing indie developers to split profit with a partner in the form of an unnecessary publisher. The adage for Microsoft products is that they get it right on rev. 3, but here it seems they've bombed it. Big time."

Link to Original Source

Comment: Re:If there is no oversight.... (Score 1) 800

by Loadmaster (#42797967) Attached to: Leaked: Obama's Rules For Assassinating American Citizens

Maybe. National security issues often times result in bad decisions (Korematsu - sorry George Takei) and scary rationale. For example, in Hamdi v. Rumsfeld, Hamdi was an American citizen captured in Afghanistan, returned to the US, then denied habeas rights. O'Connor, Rehnquist, Kennedy, and Breyer all said if Hamdi took up arms he can be detained for the duration of hostilities under the AUMF. Souter and Ginsburg concurred but said he should be tried via criminal law. Stevens and Scalia said screw you. Either suspend habeas (which you can't) or criminally charge him. And then Thomas said Hamdi is a combatant and the judiciary is not allowed to question the executive power (ed. Yikes!).

Scalia's dissent, joined by Stevens, should have been a 9-0 ruling. Like I said, national security issues befuddle the Court. In Korematsu the Court effectively abdicated its power and simply said we don't know war matters so the military can do what it wants. That's double plus ungood.

Of course, we have knew members on the Court, but even the remaining ones are hard to tell where'd they'd fall.

Comment: Re:incorrect leftist BS (Score 5, Informative) 800

by Loadmaster (#42797717) Attached to: Leaked: Obama's Rules For Assassinating American Citizens

Well, sub-section 3 says "entering, or serving in, the armed forces of a foreign state" which Al Qaeda is not a foreign state. This is the same reason we keep detainees in Quantanamo instead of prisoners of war or prisoners. The Bush administration claimed they weren't enemy combatants because they didn't fight for a foreign state (standardized uniform and all that). Number 7 is more applicable, because it allows citizenship to be stripped for "bearing arms against the United States." However, section (b) states that the burden to prove loss of citizenship is on the party claiming the loss not on the supposed, um, loser. That's basic due process. Essentially if the government said he was no longer a citizen they have to prove it first.

Comment: Re:If there is no oversight.... (Score 5, Informative) 800

by Loadmaster (#42797473) Attached to: Leaked: Obama's Rules For Assassinating American Citizens

Good question. You should have brought it up when the legislation was passed in September 2001. Here's the applicable language from the Authorization to Use Military Forced (AUMF):

(a) IN GENERAL- That the President is authorized to use all necessary and appropriate force against those nations, organizations, or persons he determines planned, authorized, committed, or aided the terrorist attacks that occurred on September 11, 2001, or harbored such organizations or persons, in order to prevent any future acts of international terrorism against the United States by such nations, organizations or persons.

You see the "he determines?" The Obama administration didn't make that up, because it's currently valid law. And it will be valid law until it is defeated in court or repealed. Section (b) says the AUMF complies with the War Powers Act which is complete BS, and the AUMF in total is an over delegation of congressional power a la Chadha.

But I don't make the rules.

Comment: Re:Did they try... (Score 1) 97

Here's the transcript from the launchpad.

Robot #2: "Uh oh, he froze up again."
Robot #3: "Try control, alt, delete!"
Robot #4: "Jiggle the cord!"
Robot #5: "Turn him off and on!"
Robot #6: "Clean the gunk out of the mouse!"
Fry: "Call technical support!"
Robot #2: "Ok, ok, he's back online."

Comment: Re:check what he's suing over (Score 2) 296

by Loadmaster (#39728287) Attached to: Magician Suing For Copyright Over Magic Trick

Two cases like that actually. First is Midway Manufacturing Co. v. Artic International, Inc. and the second is Williams Electronics, Inc. v. Artic International, Inc., 685 F.2d 870 (3d Cir. 1982). Artic was selling Defender like ROMs with extremely similar code (we're talking pixels here) on them so others could make bootleg copies. Their argument was that the code or presentation was not copyrightable. The visible element or attract screen, Artic said, was not "fixed." The court, in both cases, held that it was fixed because the code was in the chips from which it can be perceived using the other game components.

Those cases, at least Williams, is still taught in law school today.

Comment: Thought it was about VASIMR. (Score 3, Informative) 114

by Loadmaster (#39116275) Attached to: Electric Rockets Set To Transform Space Flight

Turns out I was wrong. I made myself sad. Here's the technology that might actually transform space flight.

http://www.adastrarocket.com/aarc/
http://en.wikipedia.org/wiki/Variable_Specific_Impulse_Magnetoplasma_Rocket

The guy who invented it is an ex-Astronaut and VASIMR (or its tech underpinnings) was his PhD thesis at MIT for Applied Plasma Physics. I guess what I'm saying is he isn't a crank.

Comment: Re:Battery (Score 1) 348

by Loadmaster (#38982445) Attached to: US Air Force Buys iPads To Replace Flight Bags

Then I would've had to carry it around with me everywhere. Anything other than your A-3 bags (life support stuff in case you were shot down or went to a different environment) you had to carry with you. There was a chance you wouldn't be coming back to that location so we had to carry all our stuff with us every time we flew. Bringing a microwave sounds like a good idea (as does bringing an inflatable mattress) until you have to drag it around.

"The Amiga is the only personal computer where you can run a multitasking operating system and get realtime performance, out of the box." -- Peter da Silva

Working...