Forgot your password?
typodupeerror

Comment: Re:Honestly, when will people learn? (Score 3, Interesting) 98

by katterjohn (#47761879) Attached to: Project Zero Exploits 'Unexploitable' Glibc Bug

While I don't feel buffer overflows are something to ignore, from what I see the developer never actually said "unexploitable."

From the "skeptical glibc developer" link:

> if not maybe the one byte overflow is still exploitable.

Hmm. How likely is that? It overflows in to malloc metadata, and the
glibc malloc hardening should catch that these days.

Comment: That's pretty neat... (Score 1) 264

by katterjohn (#45883109) Attached to: Experiments Reveal That Deformed Rubber Sheet Is Not Like Spacetime
... but I'm not sure how it's a "Relativity Shock" as the second links suggests.

Upon thinking about a marble rolling on a rubber sheet I immediately see two big differences between it and a planet moving in space: (i) the marble.. well.. rolls along the sheet, which planets don't do while moving through space; and (ii) the rubber sheet doesn't propagate disturbances at the speed of light (or anywhere close to it).

+ - Nmap team releases 5 gigapixel favicon map 1

Submitted by iago-vL
iago-vL (760581) writes "From the creators of Nmap comes the largest survey of this its kind ever performed: the favicon.ico files of over a million Web sites were scanned, compiled, and sorted to create a 5 gigapixel image, blowing their 2010 survey out of the water! It's searchable, zoomable, and incredibly fun to play with! Can you find Slashdot without cheating? (Hint: it's near Facebook)"
Programming

The State of Ruby VMs — Ruby Renaissance 89

Posted by Soulskill
from the take-your-pick dept.
igrigorik writes "In the short span of just a couple of years, the Ruby VM space has evolved to more than just a handful of choices: MRI, JRuby, IronRuby, MacRuby, Rubinius, MagLev, REE and BlueRuby. Four of these VMs will hit 1.0 status in the upcoming year and will open up entirely new possibilities for the language — Mac apps via MacRuby, Ruby in the browser via Silverlight, object persistence via Smalltalk VM, and so forth. This article takes a detailed look at the past year, the progress of each project, and where the community is heading. It's an exciting time to be a Rubyist."
Security

+ - Nmap 4.50 Released in its 10th Birthday->

Submitted by
buanzo
buanzo writes "After nearly two years of work since the 4.00 release, Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 4.50 from http://insecure.org/nmap/ . Nmap was first released in 1997, so this release celebrates our 10th anniversary! Major new features since 4.00 include the Zenmap cross-platform GUI, 2nd Generation OS Detection, the Nmap Scripting Engine, a rewritten host discovery system, performance optimization, advanced traceroute functionality, TCP and IP options support, and nearly 1,500 new version detection signatures. Dozens of other important changes — and future plans for Nmap — are listed in the release announcement. We recommend that all current Nmap users upgrade."
Link to Original Source
Security

+ - Nmap hits the Silver Screen (Again)

Submitted by
Devil's BSD
Devil's BSD writes "Some of you probably remember a few years ago when Nmap was used in Matrix Revolutions to take down a power grid. Now, Nmap has hit the big screen again, this time in the Bourne Ultimatum. Although it probably flashed by too fast for most of us in the theater, it's clearly visible in the DVD releases. Video stills at http://insecure.org! Also, bash is clearly visible as the shell of choice here. Were they trying to make a subtle connection to the Bourne-Again Shell?"
Privacy

+ - All Danish citizens under surveillance->

Submitted by Snaller
Snaller (147050) writes "Unfortunately I can find no English news sites reporting this, so i guess it may never go beyond your eyes (or ours), but at least one American (I'm assuming) will have read it then:

During this weekend the real big brother put his foot down on the country of Denmark, in Europe, in the name of fighting terrorism the government has ordered all Internet providers and telcos to log: who you call on your phone, who calls you, the addresses of the calling parties and for cell phones where you are when you make/receive the call. Times of messages you send and receive on your phone. Internet providers must log who a user connects to via his computer, this includes the users IP address, the destination IP address, what port numbers are used on the sending end, and port numbers used at the receiving end, and the duration of the communication. They must log the identity of the user initiating the communication and the precise geographic location of the user. In addition to this they must log the email address of people the user sends email to, and the email address used to send from, and the time of the email transmission. By law these loggings must be carried out for every single citizen who uses the Internet or the phone system, and these logs must be kept for one year, to be made available to the police if it is found relevant for an investigation. A judge needs sign of on it, however apparently the secret Danish police does not need that — they can simply demand to see it.

Some Danes are pragmatically pointing out that there is a bit of a hole in the law since libraries are currently not included, hotels are confused since they are included but not sure if they need to write down the names of all of their guests who try to use the Internet or just that the hotel computer was used, while others are outraged at what they consider a gross violation of their privacy, but apparently, and unfortunately, many seem to accept it when the blonde minister of justice opinions that only people who plan on doing crime could object to these measures.

This is the full text of the law (in Danish) http://147.29.40.91/DELFIN/HTML/B2006/0098805.htm

And a couple of articles about the subject (alas, in Danish)

Newspaper Information
News paper Arbejderen
Newspaper Politiken and here
Newspaper Jyllands Posten
And The Danish Library Agency"

Link to Original Source
Power

+ - Inflatable, Affordable Electric Car-> 3

Submitted by
Sterling Allan
Sterling Allan writes "XP Vehicles(TM) announced on Thursday that it's Whisper(TM) electric car is being developed for online direct ship distribution at sub $5000.00 price-points. This would be the world's first crash-proof, long range, flat-pack vehicle. A baffled pressure tube system provides the supporting and protective structure of the vehicle, making it so safe that the engineers for the Whisper are confident you can drive it off a 25-foot cliff without serious injury to its passengers."
Link to Original Source

Your code should be more efficient!

Working...