This excellent blog article describes a technique developed by Judea Pearl decades ago to do exactly this. Would be interested to understand how this is different/better.
Why does the boot process require random numbers, anyway?
They mention this in the article - one way to make a kernel harder to write an exploit for is to randomize the layout of memory somewhat, so system libraries, kernel tables, and the like are located in different places. Obviously if the "random" numbers are predictable, this makes those mitigation techniques less-useful.
Stuxnet only became known to the public when an employee of the Natanz facility took an infected work laptop home and connected to the internet, with the malware quickly spreading around the globe infecting millions of PCs.
Stuxnet never spread via the internet. It spread via USB only and then only up to 3 infections before it removed itself from the USB stick.
The primary role of the Pentagon is to envision what warfare of the future looks like. They take a 20 year view and ask the following questions (and run the following scenarios):
1) Who is/could be the enemy?
2) What does the battlefield look like (jungle, desert, urban, etc).
3) What kind of weapons/tactics will be used against us.
4) Most importantly, what type of military hardware would we need to have in order to counter that threat 20 years out.
They then take this 'long view' and use that as a road-map to invest in future weapons technologies. Mind you; this road-map gets updated every year. Then again, every year, the Department of Defense (DoD) retires 5% of old military technology, and buys up 5% of what's new... and at the end of that 20 year cycle, you have a 100% refreshed military that his hopefully ready/capable to counter whatever threat is coming at us today.
When the Soviet Union collapsed in the 90's, the war plans changed to a dual-theater conflict between 2 large nation-states (i.e. Russia & China). That is the military they built up to fight, essentially a land war in East Asia. When 9/11 happened, DoD was caught *completely* off guard. The reactionary spending that took place cost hundreds of billions more than it should have to up-armor Humvee's and build MRAP's simply because they had failed to plan for battle in the mountains of Afghanistan/Iraq engaged in guerrilla warfare. (Perhaps this is why it was time to retire Yoda?)
If you shut the think tank, the Pentagon will no longer be the R&D arm of the DoD, and within 10 years, certainly within 20 we will be a completely reactionary military force. From there, I do not see how we could or would remain a military super power. I'm not stating this in order to take a position on this being good or bad; I just wanted to put it out there that this would be the consequence of eliminating this central, core component of the Pentagon - and the role it plays in our entire national defense establishment.
But it's far more questionable whether he would welcome the iPhone 5C—almost certainly a low-margin device, despite its current-generation components and plastic body—taking a bite out of the more expensive, and presumably higher-margin iPhone 5S
Seriously? This guys thinks the margins on the iPhone 5c are *lower* than the 5s? In that case, why is everybody else complaining about how expensive the 5c is, and saying it should have been released at a $300 price point? If you believe that the 5c could be made & sold at $300 (and I do), then since it sells at $550, Apple *must* be making something like 40% margins on them. The 5s is $100 more, but I bet it's considerably more-expensive to make.
No - because then it would be 100% taxpayer funded. College is simply a money laundering operation for political power. Highly subsidized education does nothing to change that. I say the government should get out of the market entirely and let the market decide the fair price on the product being offered.
There was a day when a College education was affordable, and an enterprising student could work their way through college on a part time job. Then the government got involved providing federally guaranteed student loans. This enabled colleges to start raising tuition, because now students could finance their way through college. Today, any college that doesn't raise their tuition is simply leaving money on the table - they'd be fools not to raise rates. The horse has left the barn, and the race is on. There is no upper limit now to what colleges can charge for tuition because the loans are guaranteed.
Now, the political side of this is that conservatives never wanted the government involved in the first place, because government involvement always distorts the market (which is exactly what has happened). Progressives called the conservatives heartless because they wanted to deny education to the poor and underprivileged. Somehow this argument always seems to work - we want life easier today and never think about the consequences. (Progressives and conservatives exist in both parties, don't let anyone fool you into thinking this is a democrat/republican thing.)
Now we have the consequences: Tuition rates that are skyrocketing and it is now near impossible to go through college without taking on obscene levels of debt. Those who decried government involvement in the first place, would like to see government get out of the student loan business. The reaction is obvious: "You are anti-education! You are not for the poor and underprivileged!"
And so here we are, the way to stop it is to collapse the 'Government-Educational-Complex' - shouldn't be hard. The actual value of a college education is rapidly approaching nil, yet people are paying more and more for it. Government is always happy to enslave you to the debt, because then you'll always vote for the party who promises keeping rates low and/or forgiving your student loan debt. If that isn't slavery, I don't know what is.
We need ACTION ITEM MAN! Professional Superhero.
There is a TechCrunch article on the breach, and someone by the name of Ibrahim Balic is taking credit for the breach.
What he wrote is below, and the link provided goes directly to the comment.
My name is ibrahim Balic, I am a security researcher. You can also search my name from Facebook's Whitehat List. I do private consulting for particular firms. Recently I have started doing research on Apple inc.
In total I have found 13 bugs and have reported through http://bugreport.apple.com./ The bugs are all reported one by one and Apple was informed. I gave details to Apple as much as I can and I've also added screenshots.
One of those bugs have provided me access to users details etc. I immediately reported this to Apple. I have taken 73 users details (all apple inc workers only) and prove them as an example.
4 hours later from my final report Apple developer portal gas closed down and you know it still is. I have emailed and asked if I am putting them in any difficulty so that I can give a break to my research. I have not gotten any respond to this... I have been waiting since then for them to contact me, and today I'm reading news saying that they have been attacked and hacked. In some of the media news I watch/read that whether legal authorities were involved in its investigation of the hack. I'm not feeling very happy with what I read and a bit irritated, as I did not done this research to harm or damage. I didn't attempt to publish or have not shared this situation with anybody else. My aim was to report bugs and collect the datas for the porpoise of seeing how deep I can go within this scope. I have over 100.000+ users details and Apple is informed about this. I didn't attempt to get the datas first and report then, instead I have reported first.
I do not want my name to be in blacklist, please search on this situation. I'm keeping all the evidences, emails and images also I have the records of bugs that I made through Apple bug-report.
You can't beat a dead horse.
Agreed - ArcGIS is what your county government uses to track utilities and maintain them.
Many hosting providers have traffic load balancers that distribute traffic based upon source IP address (there is a better way to do this, but I'll get to that later). When traffic arrives it routes that traffic to a specific server. When you have a carrier that has thousands of customers all coming from 1 IP, the load balancer routes it to 1 server which quickly gets overwhelmed and either crashes or is just DoS'ed. Then it points it to the next server, then the next. Back in the early days of the internets - AOL pulled this stunt where entire regions would get nat'ed behind a firewall. It was very efficient in taking out online services.
Most load balancers will now look at the session cookie and load-balance off of that, as long as they are configured to work that way. As the practice of CGNAT (as they call it now) went away, I'm sure a number of hosting companies have gone to using source IP as a sufficient load balancing method. If so, we are sure to see these events happen again.
Isn't this why we add chlorine to water? And if you visit a foreign country and drink the water - you get sick?
How is it news that unfiltered ground water can contain harmful pathogens?
There is a bootable disk that MS has released to help users recover from this nightmare.
Repair Disk for KB2823324 and KB2782476 (KB2840165)
To help customers who are experiencing difficulties restarting their systems after installation of security update 2823324, Microsoft is making available a bootable media ISO image through the Microsoft Download Center (DLC). Clicking Download means you agree to the MICROSOFT SOFTWARE LICENSE TERMS.