quartertime - Slashdot User

Comment title a little confusing (Score 1) 1

by quartertime on Thursday February 23, 2012 @04:05AM (#39134305) Attached to: Oracle extends RHEL support to a decade and offers Ksplice trial for RHEL

The title should probably say "Oracle extends Linux support to a decade ...", since I think techncially their product is Oracle Linux, not RHEL.

Submission + - Gitionary: the git party game (ksplice.com)

Submitted by sdasher on Friday May 06, 2011 @02:25PM

sdasher writes: Finally, a chance to combine your love of version control and parties, with Gitionary. The brainchild of two MIT alums, it's a party game where you try to illustrate git commands. Personally, I'm still holding out for the Debugging Python RPG.

Submission + - Plumber Injection Attack in Bowser’s Castle (ksplice.com) 1

Submitted by Anonymous Coward on Friday April 01, 2011 @10:12AM

An anonymous reader writes: Security Advisory SMB-1985-0001: Plumber Injection Attack in Bowser’s Castle

Ksplice, working in conjunction with Lakitu Cloud Security, has released a high-severity advisory about a Plumber Injection attack in multiple versions of Bowser's Castle. An Italian plumber could exploit this bug to bypass security measures (walk through walls) in order to rescue Peach, to defeat Bowser, or for unspecified other impact.

This vulnerability is demonstrated by "happylee-supermariobros,warped.fm2". Attacks using this exploit have been observed in the wild, and multiple other exploits are publicly available. A patch has been made available.

Submission + - Firefox 5 To Integrate Tab Web Apps (conceivablytech.com)

Submitted by Anonymous Coward on Wednesday February 16, 2011 @12:19PM

An anonymous reader writes: We are hearing that Firefox 4 is now scheduled for a late March release and that the company has some issues fixing the right bugs as more non-blocking than blocking bugs are patched. However, on a positive note, the UI design team has posted some intriguing mockups of partial Firefox 5 interfaces. The big change will be the creation of a site-specific browser, which turns websites into tab apps within Firefox 5. This is the first time we are seeing Mozilla ideas how to deal with the app-ification of the Internet and a strategy to keep the web browser relevant.

Submission + - Valve beats Google, Apple for profits per employee (examiner.com)

Submitted by AndrewGOO9 on Wednesday February 16, 2011 @12:15PM

AndrewGOO9 writes: It should come with little surprise that Gabe Newell is well on his way to being one of the wealthiest men in gaming. In an age when console gamers would have many believe that the PC was on it's way out the door, Newell and Valve's Steam stand as sentinels of the platform, offering a ridiculous amount of content to the 30 million users. With the lion's share of the downloadable market on the PC, it's no wonder that Steam has become the go-to for many and an incredible financial opportunity for Newell and Valve.

Submission + - Why the NSA builds its own hardware

Submitted by quartertime on Friday October 29, 2010 @01:09AM

quartertime writes: Remember Reflections on Trusting Trust, the classic paper describing how to hide a nearly undetectable backdoor inside the C compiler? Here's an interesting piece about how to hide a nearly undetectable backdoor inside hardware. The post describes how to install a backdoor in the expansion ROM of a PCI card, which during the boot process patches the BIOS to patch grub to patch the kernel to give the controller remote root access. Because the backdoor is actually housed in the hardware, even if the victim reinstalls the operating from CD, they won't clear out the backdoor. I wonder whether China, with its dominant position in the computer hardware assembly business, has already used this technique for espionage? This perhaps explains why the NSA has its own chip fabrication plant.

Submission + - Linux kernel exploit aggressively rooting machines (seclists.org)

Submitted by Anonymous Coward on Sunday September 19, 2010 @09:53PM

An anonymous reader writes: Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and "Ac1db1tch3z" (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a "rebootless" version of the patch.

Submission + - The many faces of 3G (ksplice.com)

Submitted by Anonymous Coward on Friday August 20, 2010 @01:14PM

An anonymous reader writes: Did you ever notice how each new generation of cell-phone tech gets branded "3G", and the previous thing is retroactively downgraded to some lesser number of G's? An MIT engineer explains why in this brilliant essay about "3G" in the last 10 years, showing how the cell carriers have kept offering it and swiping it away to sell more stuff. He cites numerous Cingular/AT&T and Sprint press releases showing how the companies have made "3G" into a brand name ideally suited for amnesiac consumers. Meanwhile, no cell carrier is foolish enough to sell you bottom-line throughput like an ISP in 1996 — you could actually hold them to that.

Submission + - Today is System Administrator Appreciation Day (sysadminday.com)

Submitted by ArbiterOne on Friday July 30, 2010 @12:09AM

ArbiterOne writes: The 11th Annual System Administrator Appreciation Day is today. Celebrated worldwide on the last Friday of July, this holiday honors those who fight in the digital trenches to keep the 'Net alive.

OpenDNS offers a way to remind your boss about the holiday, while another blogger shares war stories. The startup Ksplice created an homage to these heroes... in the style of Choose Your Own Adventure.

How are you celebrating Sysadmin Day?

Security Vulnerability Bingo 21

Posted by samzenpus on Friday July 02, 2010 @02:28PM from the fun-and-games dept.

An anonymous reader writes "Ben Bitdiddle of MIT fame sends an open letter to system administrators encouraging them to stop patching their systems so they can play 'Security Vulnerability Bingo.'"

Submission + - Let's Play Security Vulnerability Bingo! (ksplice.com)

Submitted by Anonymous Coward on Thursday July 01, 2010 @01:19PM

An anonymous reader writes: Ben Bitdiddle of MIT fame sends an open letter to system administrators encouraging them to stop patching their systems so they can play "Security Vulnerability Bingo".

Submission + - Blogger shows that cosmic rays are a real problem

Submitted by Hanji on Thursday June 24, 2010 @03:14PM

Hanji writes: We have discussed the potential effects of and protections against cosmic ray radiation here before, but for the average computer user, it's an obscure threat that doesn't affect them in any real way. Well here's a blog post that describes a strange segfault and, after extensive debugging, traces it down to a single bit flip, probably caused by a stray a cosmic ray. Lots of helpful descriptions of Linux debugging techniques in this one, and a pretty clear demonstration that this can be a real problem. I know I'm never buying a desktop without ECC RAM ever again!

Submission + - Sniffing the wireless traffic of MIT students (ksplice.com)

Submitted by Anonymous Coward on Thursday May 20, 2010 @12:18PM

An anonymous reader writes: Someone got permission to sniff the wireless traffic during an MIT class. The professor: none other than Robert Morris, creator of the first internet worm! The lecture: computer security! I love it.

Submission + - Diskless Booting Making a Comeback? (ksplice.com)

Submitted by Anonymous Coward on Thursday May 06, 2010 @03:07PM

An anonymous reader writes: Ever wonder what happened to PXE? Intel's popular standard for diskless booting hasn't been updated since 1999, and has missed out on such revolutions as wireless Ethernet, cloud computing and iSCSI. An open-source project called Etherboot has been trying to drag PXE into the 21st century. One of their programmers explains how to set up diskless booting for your cloud, using copy-on-write to save space.

Submission + - Kernel prog shows how to exploit NULL pointers (ksplice.com)

Submitted by Anonymous Coward on Tuesday April 13, 2010 @02:10PM

An anonymous reader writes: Ever wondered what was so bad about NULL pointer exceptions? An MIT Linux kernel programmer explains how to turn any NULL pointer into a root exploit on Linux. (There was also a previous installment about virtual memory and how to make NULL pointers benign.)

Slashdot Top Deals