topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday December 3, 2020, 6:00 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - ewemoa [ switch to compact view ]

Pages: prev1 ... 5 6 7 8 9 [10] 11 12 13 14 15 ... 113next
226
I updated to 40.0 via the dialog box a couple hours or so back FWIW.

228
Have worked a bit with both an Arduino and a couple of Raspberry Pis, and at least from that background, what Ath says makes sense to me.

229
May be you can write a desktop wrapper for this:

   http://www.theregist...to_white_hats_vxers/

:)

230
I suppose there might be some clues obtainable via the dmesg command...

If you don't mind trying some other distribution's live cds, perhaps that might give some hints too.

231
I'm still waiting on the Mint 17.2 XFCE's official release.

May be you noticed already, but FWIW:

The upgrade path from Linux Mint 17 and 17.1 to Linux Mint 17.2 is now open for all editions (Cinnamon, MATE, KDE and Xfce).

Instructions on how to perform this upgrade are available at http://blog.linuxmint.com/?p=2871

via http://blog.linuxmint.com/?p=2887

232
Not having much luck downloading specific files from them.

Specifically, looking to download a couple of things listed at:

  http://sourceforge.n.../REPOS/MSYS2/x86_64/

Did manage to get something from another project.

Also, I get the sense that https is being redirected to http -- thought it had been different before.



Anyone else encountering a similar situation?

233
Living Room / Re: Security: Stagefright Vulnerability (Android)
« on: July 28, 2015, 06:14 PM »
The disabling instructions I've encountered include:

1. In messaging apps, disable automatic downloading of mms messages (like what Jibz said)
2. In APN settings, disable some appropriate mms-related settings (didn't manage to become clear enough on exactly what though)
3. For rooted phones, put media.stagefright.enable-player=false in /system/build.prop (likely have to do something like: 'mount -o remount,rw /system' as root first)

The first two suggestions might help to mitigate the issue, but there may be other ways for the code in question in stagefright to get executed, IIUC.

My current understanding is that on some phones the code in question can get executed with system level privileges (e.g. Galaxy S4), but not necessarily on all phones.  So I guess depending on one's phone, how nasty this is may be quite different.



Regarding updates, IIUC, the Cyanogemod 12.x (nightly) series has been patched:

  https://plus.google....od/posts/7iuX21Tz7n8

Personally I'm waiting for:
CM11 will see these updates hit as part of out of band fixes this weekend (these releases occur weekly).

234
Living Room / Security: Stagefright Vulnerability (Android)
« on: July 27, 2015, 08:40 PM »
Six critical vulnerabilities have left 95 per cent of Google Android phones open to an attack delivered by a simple multimedia text, a mobile security expert warned today. In some cases, where phones parse the attack code prior to the message being opened, the exploits are silent and the user would have little chance of defending their data.

via: http://www.forbes.co...ndroid-text-attacks/

Still trying to process what one can easily do about this (apart from disabling network access and turning off one's affected Android devices -- may be it's important to be careful about what one does after turning it back on too...).

Some related info:

  http://www.theregist...oid_phone_text_flaw/
  https://threatpost.c...vices-at-risk/113960
  http://it.slashdot.o...oid-with-just-a-text

235
FWIW, the situation in question was indeed for multiple similar languages (trying to express something in Clojure, but much more familiar with Emacs Lisp and Scheme).  The page being examined was:

  http://hyperpolyglot.org/lisp

For idiomatic usage, I tend to look for "Cookbook" types of documents (e.g. https://github.com/c...ook/clojure-cookbook), but perhaps the Rosetta Code site mentioned earlier can also help.

236
Just wanted to mention that I came across the Hyperployglot site again today -- the side-by-side comparison was handy for a particular situation I was investigating :)

237
Thanks for the clarification.

For my part, I'd be willing to go with whatever is easiest to implement first, try that out for a while and then make loud noises if I didn't adjust to it :)

238
My original intention was to get rid of the links under the avatar, and keep the button going to all unread

I didn't quite follow what you meant here by "links under the avatar" -- would you mind elaborating?

239
It has been some time since I've clicked on "unread since last visit" - I do click on "Show unread posts".

240
Haven't made up my mind about which of the two uBlock extensions to stick with -- there has been some discussion in a number of threads here, FWIW.

241
Living Room / Re: Interesting "stuff"
« on: July 23, 2015, 05:14 PM »
The first time I checked Add-ons it wasn't there, so  I went to YouTube.com to see what would happen...and IE froze on me (I guess the "transparent" install is a bit clumsy..). Second try the page loaded and the video played ... And the MS/Shockwave Flash Player Object now appeared in the Currently loaded add-ons list.

In retrospect...perhaps the 'Currently loaded' bit was/is key..

No luck here (Win7 IE11 32-bit in a VM) -- somewhere under maker.tv I see "Please install Flash to continue".

I don't know whether to be happy or not...

242
It's nice that there are tools to import / export :)

I didn't find it easy to get used to git -- certainly took a number of iterations.  In the end knowing about the guts a bit was helpful, but it's not the kind of thing one may enjoy hearing about when all one wants to do is work on one's code...

243
Living Room / Re: Interesting "stuff"
« on: July 22, 2015, 02:53 AM »
Yes...all I saw there was XML DOM Document.  Just verified it's IE11.

Hmm...

244
Supposedly, the fix addresses fall-out from the recent leakage:

  http://www.computerw...ams-leaked-docs.html
  http://blog.trendmic...e-hacking-team-leak/

245
Living Room / Re: Interesting "stuff"
« on: July 21, 2015, 09:39 AM »
(see attachment in previous post)
How to bid farewell to Flash

I didn't understand the following parts from the article:

If you don’t want to give up Flash-required sites on your desktop or laptop, good news: You probably can’t uninstall Flash completely anyway. Google’s Chrome and Microsoft’s Internet Explorer both include their own versions of Flash that update automatically.

In IE, you have to go deeper. Click the gear-shaped Settings icon and select “Manage add-ons,” right-click “Shockwave Flash Object” in that dialog, select “More information” and then click the “Remove all sites” button.

I didn't succeed in locating "Shockwave Flash Object" in IE's "Manage add-ons" dialog.

What am I missing?

246
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.

via: https://technet.micr...curity/ms15-078.aspx

247
I started to feel like traditional forums might be on their way to becoming antiquated in the way that Newsgroups are now - they still exist, people still use them, but they're relegated to a seldom-used part of the Internet where most people seldom venture.

As a side note, I've come to value mailing lists and newsgroups (and forums) much more than before -- (untargetted -- i.e. not using things like site:) search results via search engines really haven't been working well for me for some time, whereas the aforementioned 3 types of things often give much better results.

248
Worth checking one's access point settings and https-running web server configuration?

Almost a third of the world's encrypted Web connections can be cracked using an exploit that's growing increasingly practical, computer scientists warned Wednesday. They said the attack technique on a cryptographic cipher known as RC4 can also be used to break into wireless networks protected by the Wi-Fi Protected Access Temporal Key Integrity Protocol.

via: http://arstechnica.c...ges-on-practicality/



Upstream site and paper:

http://www.rc4nomore.com/
http://www.rc4nomore...nhoef-usenix2015.pdf

Quotes from site:

When you visit a website, and the browser's address bar contains a lock icon , the HTTPS protocol is used to protect your communication with this website (providing security and privacy). HTTPS supports several encryption techniques, one of them being the famous RC4 algorithm. At one point RC4 was used 50% of the time, with the latest estimate being 30%. Our RC4 NOMORE attack exposes weaknesses in this RC4 encryption algorithm. More precisely, in most situations where RC4 is used, these weaknesses can be used to reveal information which was previously thought to be safely encrypted.

Is WPA-TKIP also vulnerable?

Yes. We can break a WPA-TKIP network within an hour. More precisely, after successfully executing the attack, an attacker can decrypt and inject arbitrary packets sent towards a client. In general, any protocol using RC4 should be considered vulnerable.

249
Just tried for 17 -> 17.2.

So far it seems ok.

250
IIUC, there's a Java vulnerability:

  http://blog.trendmic...va-zero-day-exploit/

related to the same "source" of the recent Flash exploits and apparently there's an update:

  https://blogs.oracle...ritical_patch_update

Looking for "Oracle Java" at:

  http://www.oracle.co...jul2015-2367936.html

might be helpful.



No chance of a separate section / sub-forum for security-related info?

Pages: prev1 ... 5 6 7 8 9 [10] 11 12 13 14 15 ... 113next