Comment Why would the Java exploits be related? (Score 4, Insightful) 91
IE10 bundles Flash, so I guess the flash bugfixes can be related.
But IE does not bundle Java - why would the IE bugfixes be related to the Java bugfixes?
IE10 bundles Flash, so I guess the flash bugfixes can be related.
But IE does not bundle Java - why would the IE bugfixes be related to the Java bugfixes?
This page is your friend: http://www.x.org/wiki/RadeonFeature
Don't buy a 7xxx (Southern Islands) or (I assume) a 8xxx (Sea Islands) card, since they don't have open source 3D drivers for Linux; a 6xxx graphics card is the best bet (Northern Islands). For integrated graphics, I suppose the 2012 A series trinity should work, since it is based on the well-supported Northern Islands GPU.
Debian is no substitute for Ubuntu LTS. If you look at http://en.wikipedia.org/wiki/Debian#Release_history , Debian releases have generally only been supported for 3 years. Ubuntu LTS is supported for 5 years. The extra 2 years of not being forced to dist-upgrade a stable working system just to get security upgrades are very useful!
Surely the bad publicity from a root exploit is worth more to Oracle than $5000? $5000 is peanuts in this context. Why doesn't Oracle have a bug bounty program to avoid problems like this?
Standalone Java apps already have full arbitrary code execution and full access to the system. What would be the point of using an exploit to gain access to a system you can already access. If you are running a standalone Java app, you have already chosen to trust the code completely, unlike a sandboxed app in a browser.
In summary, they claim that a testing profile (which creates intermediate certificates) on a test system were accidentally copied to a production system, and in effect for two days. The MitM *.google.com cert is claimed to be have been automatically issued by a Checkpoint firewall once a CA cert is installed, without intention from the owner of the accidental CA cert.
So TURKTRUST claims it has all been an accident.
TURKTRUST's explanation is here: https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/aqn0Zm-KxQ0/x1hfTMGwE2AJ
Asia got all the address it asked for, until the pool ran out. Unless the address sharing stated in the last year (after the IANA pool ran dry), it was your own choice to use shared IP space.
Serious users should insist on SSD with a battery or super capacitor. If not, then you might lose data in internal caches in an unclean shutdown.
Unlike the Intel 320 series, I can't find anywhere whether the 335 series has backup power, so I strongly assume that it doesn't.
While AMD is releasing documentation, Intel is releasing actual open source drivers. And now that Intel's graphics hardware is no longer a complete joke, Intel is becoming a real alternative for some users.
AMD is still better than NVIDIA, which doesn't release documentation.
Typo - I meant to write product
For a concrete example, the RSA public key includes a number n, which is the sum of two secret primes p and q. The encryption is broken if an attacker can derive p and q from n by factorization. ( http://en.wikipedia.org/wiki/RSA_(algorithm)#Operation )
if you could factorize an RSA public key 48% of the time then it would be a pretty big deal, since it would render RSA completely obsolete.
> He betrayed them with this massive stunt.
Massive stunt? He has offered to go to Sweden if he is not extradited to the US. And the whole handling of the rape allegation is obviously related to WikiLeaks. This is an attack on WikiLeaks, not a stunt by Assange.
Why do you think transaction costs would go back up if we abolished HFT?
nt
If all else fails, lower your standards.