Latest posts of: ewemoa - DonationCoder.com
Welcome Guest.   Make a donation to an author on the site July 28, 2015, 10:24:13 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Check out and download the GOE 2007 Freeware Challenge productivity tools.
   
  Forum Home Thread Marks Chat! Downloads Search Login Register  
  Show Posts
      View this member's profile 
      donate to someone Donate to this member 
Pages: [1] 2 3 4 5 6 ... 104 Next
1  Main Area and Open Discussion / Living Room / Security: Stagefright Vulnerability (Android) on: July 27, 2015, 08:40:22 PM
Quote
Six critical vulnerabilities have left 95 per cent of Google Android phones open to an attack delivered by a simple multimedia text, a mobile security expert warned today. In some cases, where phones parse the attack code prior to the message being opened, the exploits are silent and the user would have little chance of defending their data.

via: http://www.forbes.com/sit.../27/android-text-attacks/

Still trying to process what one can easily do about this (apart from disabling network access and turning off one's affected Android devices -- may be it's important to be careful about what one does after turning it back on too...).

Some related info:

  http://www.theregister.co.../android_phone_text_flaw/
  https://threatpost.com/an...on-devices-at-risk/113960
  http://it.slashdot.org/st...-android-with-just-a-text
2  Other Software / Developer's Corner / Re: Syntax in Different Programming Languages on: July 27, 2015, 06:04:29 PM
FWIW, the situation in question was indeed for multiple similar languages (trying to express something in Clojure, but much more familiar with Emacs Lisp and Scheme).  The page being examined was:

  http://hyperpolyglot.org/lisp

For idiomatic usage, I tend to look for "Cookbook" types of documents (e.g. https://github.com/clojur...cookbook/clojure-cookbook), but perhaps the Rosetta Code site mentioned earlier can also help.
3  Other Software / Developer's Corner / Re: Syntax in Different Programming Languages on: July 27, 2015, 06:33:17 AM
Just wanted to mention that I came across the Hyperployglot site again today -- the side-by-side comparison was handy for a particular situation I was investigating smiley
4  News and Reviews / Official Announcements / Re: DonationCoder Major Upgrades - Progress Report Thread on: July 27, 2015, 01:25:46 AM
Thanks for the clarification.

For my part, I'd be willing to go with whatever is easiest to implement first, try that out for a while and then make loud noises if I didn't adjust to it smiley
5  News and Reviews / Official Announcements / Re: DonationCoder Major Upgrades - Progress Report Thread on: July 26, 2015, 09:56:50 PM
My original intention was to get rid of the links under the avatar, and keep the button going to all unread

I didn't quite follow what you meant here by "links under the avatar" -- would you mind elaborating?
6  News and Reviews / Official Announcements / Re: DonationCoder Major Upgrades - Progress Report Thread on: July 26, 2015, 05:56:07 PM
It has been some time since I've clicked on "unread since last visit" - I do click on "Show unread posts".
7  Main Area and Open Discussion / General Software Discussion / Re: uBlock Origin (Chrome ad blocker extension) - I like it! on: July 25, 2015, 06:23:29 AM
Haven't made up my mind about which of the two uBlock extensions to stick with -- there has been some discussion in a number of threads here, FWIW.
8  Main Area and Open Discussion / Living Room / Re: Interesting "stuff" on: July 23, 2015, 05:14:11 PM
The first time I checked Add-ons it wasn't there, so  I went to YouTube.com to see what would happen...and IE froze on me (I guess the "transparent" install is a bit clumsy..). Second try the page loaded and the video played ... And the MS/Shockwave Flash Player Object now appeared in the Currently loaded add-ons list.

In retrospect...perhaps the 'Currently loaded' bit was/is key..

No luck here (Win7 IE11 32-bit in a VM) -- somewhere under maker.tv I see "Please install Flash to continue".

I don't know whether to be happy or not...
9  Main Area and Open Discussion / General Software Discussion / Re: DVCS ? (All about Git, Mercurial-Hg and the like...) on: July 23, 2015, 12:54:48 AM
It's nice that there are tools to import / export smiley

I didn't find it easy to get used to git -- certainly took a number of iterations.  In the end knowing about the guts a bit was helpful, but it's not the kind of thing one may enjoy hearing about when all one wants to do is work on one's code...
10  Main Area and Open Discussion / Living Room / Re: Interesting "stuff" on: July 22, 2015, 02:53:34 AM
Yes...all I saw there was XML DOM Document.  Just verified it's IE11.

Hmm...
11  Main Area and Open Discussion / Living Room / Re: Security: Microsoft Security Bulletin MS15-078 - Critical on: July 21, 2015, 05:24:37 PM
Supposedly, the fix addresses fall-out from the recent leakage:

  http://www.computerworld....ng-teams-leaked-docs.html
  http://blog.trendmicro.co...om-the-hacking-team-leak/
12  Main Area and Open Discussion / Living Room / Re: Interesting "stuff" on: July 21, 2015, 09:39:30 AM

I didn't understand the following parts from the article:

Quote
If you don’t want to give up Flash-required sites on your desktop or laptop, good news: You probably can’t uninstall Flash completely anyway. Google’s Chrome and Microsoft’s Internet Explorer both include their own versions of Flash that update automatically.

Quote
In IE, you have to go deeper. Click the gear-shaped Settings icon and select “Manage add-ons,” right-click “Shockwave Flash Object” in that dialog, select “More information” and then click the “Remove all sites” button.

I didn't succeed in locating "Shockwave Flash Object" in IE's "Manage add-ons" dialog.

What am I missing?
13  Main Area and Open Discussion / Living Room / Security: Microsoft Security Bulletin MS15-078 - Critical on: July 21, 2015, 04:03:53 AM
Quote
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.

via: https://technet.microsoft...ry/security/ms15-078.aspx
14  Main Area and Open Discussion / Non-Windows Software / Re: Thoughts on "next generation" forum systems? (Discourse, nodeBB, etc.) on: July 19, 2015, 08:31:41 PM
I started to feel like traditional forums might be on their way to becoming antiquated in the way that Newsgroups are now - they still exist, people still use them, but they're relegated to a seldom-used part of the Internet where most people seldom venture.

As a side note, I've come to value mailing lists and newsgroups (and forums) much more than before -- (untargetted -- i.e. not using things like site:) search results via search engines really haven't been working well for me for some time, whereas the aforementioned 3 types of things often give much better results.
15  Main Area and Open Discussion / Living Room / Security: All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS on: July 19, 2015, 05:36:51 PM
Worth checking one's access point settings and https-running web server configuration?

Quote
Almost a third of the world's encrypted Web connections can be cracked using an exploit that's growing increasingly practical, computer scientists warned Wednesday. They said the attack technique on a cryptographic cipher known as RC4 can also be used to break into wireless networks protected by the Wi-Fi Protected Access Temporal Key Integrity Protocol.

via: http://arstechnica.com/se...w-verges-on-practicality/



Upstream site and paper:

http://www.rc4nomore.com/
http://www.rc4nomore.com/vanhoef-usenix2015.pdf

Quotes from site:

Quote
When you visit a website, and the browser's address bar contains a lock icon , the HTTPS protocol is used to protect your communication with this website (providing security and privacy). HTTPS supports several encryption techniques, one of them being the famous RC4 algorithm. At one point RC4 was used 50% of the time, with the latest estimate being 30%. Our RC4 NOMORE attack exposes weaknesses in this RC4 encryption algorithm. More precisely, in most situations where RC4 is used, these weaknesses can be used to reveal information which was previously thought to be safely encrypted.

Quote
Is WPA-TKIP also vulnerable?

Yes. We can break a WPA-TKIP network within an hour. More precisely, after successfully executing the attack, an attacker can decrypt and inject arbitrary packets sent towards a client. In general, any protocol using RC4 should be considered vulnerable.
16  Main Area and Open Discussion / Non-Windows Software / Re: LINUX: In-place upgrade of Mint 17.0 Qiana to Mint 17.1 Rebecca on: July 17, 2015, 11:47:05 PM
Just tried for 17 -> 17.2.

So far it seems ok.
17  Main Area and Open Discussion / Living Room / Security: Oracle Critical Patch Update Advisory - July 2015 on: July 16, 2015, 04:54:32 PM
IIUC, there's a Java vulnerability:

  http://blog.trendmicro.co...ew-java-zero-day-exploit/

related to the same "source" of the recent Flash exploits and apparently there's an update:

  https://blogs.oracle.com/...015_critical_patch_update

Looking for "Oracle Java" at:

  http://www.oracle.com/tec...y/cpujul2015-2367936.html

might be helpful.



No chance of a separate section / sub-forum for security-related info?
18  Main Area and Open Discussion / General Software Discussion / Re: Firefox Extensions: Your favorite or most useful on: July 16, 2015, 06:31:51 AM
the one I was recommending is only a bookmarklet button on your browser's panel, so it cannot work offline. Their server on their site is doing the job, but it is doing it very well  ;-) The other one, mentioned by Tom, is for your homepage, (read http://www.printfriendly.com/button), but of course also going to their site, http://www.printfriendly.com

Thanks for the clarification.

FWIW, it's a bit of work but I sometimes use a combination of "Inspect Element" followed by "Delete Node" before "printing".
19  Main Area and Open Discussion / General Software Discussion / Re: Firefox Extensions: Your favorite or most useful on: July 15, 2015, 09:55:48 PM
I didn't succeed in determining whether this can work offline -- my impression is that it requires communication with their site.

Is that correct?
20  News and Reviews / Official Announcements / Re: DonationCoder Major Upgrades - Progress Report Thread on: July 13, 2015, 10:24:56 PM
Is starting with something pretty vanilla and gradually adding features when enough clamor is raised infeasible?  Or alternatively, classifying things to be added into two groups -- one group for must-have up-front and the other for things to possibly added down the line...

May be we'd find we could live with much less -- so less work for you all at once and perhaps less maintenance burden going forward?

Perhaps this is what you had in mind already...
21  Main Area and Open Discussion / General Software Discussion / Re: DVCS ? (All about Git, Mercurial-Hg and the like...) on: July 13, 2015, 12:15:23 AM
Good luck smiley
22  Main Area and Open Discussion / Living Room / Re: Patch your Flash! Version 18.0.0.203 (July 08, 2015) on: July 13, 2015, 12:09:40 AM
With all of the different settings, perhaps uninstallation is simpler and safer.



FWIW according to:

  https://helpx.adobe.com/s...ts/acrobat/apsb15-15.html

Quote
Adobe is planning to release security updates on Tuesday, July 14, 2015 for Adobe Acrobat and Reader for Windows and Macintosh.

May be the latest issue will be addressed by this.
23  Main Area and Open Discussion / Living Room / Re: Patch your Flash! Version 18.0.0.203 (July 08, 2015) on: July 12, 2015, 07:21:32 PM

So according to:

  https://helpx.adobe.com/s...ash-player/apsa15-04.html

Quote
Critical vulnerabilities (CVE-2015-5122, CVE-2015-5123) have been identified in Adobe Flash Player 18.0.0.204 and earlier versions for Windows, Macintosh and Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. 

Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly. Adobe expects to make updates available during the week of July 12, 2015.

Haven't seen an additional update yet -- I guess that might help explain the following text from the first link:

Quote
Therefore, once again we advise everyone with Flash installed to remove or disable the software until the company patches the critical security bug.

Didn't figure out how to disable without uninstalling -- at least not system-wide -- any hints?  Or may be "disable" above referred to changing settings in each individual browser and possibly other applications...
24  Main Area and Open Discussion / General Software Discussion / Re: DVCS ? (All about Git, Mercurial-Hg and the like...) on: July 12, 2015, 07:37:10 AM
Hadn't seen that one -- thanks for mentioning it.

If that sort of thing is of interest, perhaps the following will be too:

  https://git.wiki.kernel.o..._Control_Interface_layers
25  Main Area and Open Discussion / Living Room / Re: Patch your Flash! Version 18.0.0.203 (July 08, 2015) on: July 12, 2015, 07:12:02 AM
Unfortunately...

  http://thehackernews.com/...flash-player-exploit.html



On a side note, there's no security announcement sub-forum on dc, right?
Pages: [1] 2 3 4 5 6 ... 104 Next
DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.043s | Server load: 0.12 ]


Share on Facebook
submit to reddit