kenmtraveller - Slashdot User

Comment Re:Static Link? (Score 1) 151

by kenmtraveller on Tuesday February 13, 2018 @06:33PM (#56118707) Attached to: Skype Can't Fix a Nasty Security Bug Without a Massive Code Rewrite

I think I know why they claim a need to rewrite their downloader, it's because of the way the loader does implicit loading of DLLs at process initialization.
This implicit loading is vulnerable to DLL hijacking , and mitigations like SetDLLDirectory() and such don't help because it happens before any code in their updater gets to run -- even if they use a custom entry point. You can see this yourself by using WinDbg with Loader Snaps enabled , you will see DLL loads occurring before any of your own code gets to run.
So, one good way to defend against DLL hijacking, given this, is to make sure your downloader has no dependencies on Microsoft APIs except for those in kernel32.dll (and I suppose user32.dll). These DLLs are 'special case' DLLs that can't be hijacked due to their presence in the KnownDLLs list.
But, taking an updater with heavy dependence on Microsoft APIs and reducing this dependency across the board might easily require a big rewrite.

Comment Re:Yeah... except at 35,000ft it's pressurized to (Score 1) 388

by kenmtraveller on Monday March 26, 2012 @01:16PM (#39476053) Attached to: Science Reveals Why Airplane Food Tastes So Bad

I agree...The original article is definitely BS...I've spent months at high altitude (13000ft+) in the himalayas, and food tastes great there. Cabins are indeed pressurized to 8000ft, I've verified this with the altimiter on my watch (which works off barometric pressure) while flying.

Yellowstone Supervolcano Larger Than First Thought 451

Posted by timothy on Tuesday December 15, 2009 @11:50AM from the even-superer dept.

drewtheman writes "New studies of the plumbing that feeds the Yellowstone supervolcano in Wyoming's Yellowstone National Park shows the plume and the magma chamber under the volcano are larger than first thought and contradicts claims that only shallow hot rock exists. University of Utah research professor of geophysics Robert Smith led four separate studies that verify a plume of hot and molten rock at least 410 miles deep that rises at an angle from the northwest."

Super-Earths Discovered Orbiting Nearby, Sun-Like Star 242

Posted by Soulskill on Monday December 14, 2009 @05:52PM from the i-for-one dept.

likuidkewl writes "Two super-earths, 5 and 7.5 times the size of our home, were found to be orbiting 61 Virginis a mere 28 light years away. 'These detections indicate that low-mass planets are quite common around nearby stars. The discovery of potentially habitable nearby worlds may be just a few years away,' said Steven Vogt, a professor of astronomy and astrophysics at UCSC. Among hundreds of our nearest stellar neighbors, 61 Vir stands out as being the most nearly similar to the Sun in terms of age, mass, and other essential properties."

Big Dipper "Star" Actually a Sextuplet System 88

Posted by kdawson on Friday December 11, 2009 @01:48PM from the toil-and-trouble dept.

Theosis sends word that an astronomer at the University of Rochester and his colleagues have made the surprise discovery that Alcor, one of the brightest stars in the Big Dipper, is actually two stars; and it is apparently gravitationally bound to the four-star Mizar system, making the whole group a sextuplet. This would make the Mizar-Alcor sextuplet the second-nearest such system known. The discovery is especially surprising because Alcor is one of the most studied stars in the sky. The Mizar-Alcor system has been involved in many "firsts" in the history of astronomy: "Benedetto Castelli, Galileo's protege and collaborator, first observed with a telescope that Mizar was not a single star in 1617, and Galileo observed it a week after hearing about this from Castelli, and noted it in his notebooks... Those two stars, called Mizar A and Mizar B, together with Alcor, in 1857 became the first binary stars ever photographed through a telescope. In 1890, Mizar A was discovered to itself be a binary, being the first binary to be discovered using spectroscopy. In 1908, spectroscopy revealed that Mizar B was also a pair of stars, making the group the first-known quintuple star system."

Slashdot Top Deals