Jump to content
I'm starting to smell a rat.
I went against my religion and clicked on Steve's Frito-Lay link, read it three times, and didn't see his name mentioned anywhere. What were we supposed to pull from that?
"I once used a core dump... [once?] ...implemented the fix in machine code" I find hardly credible. If you can't find a reverse compiler that'll work, you're damn sure not going to backtrace or fix the problem in machine code. I've been programming applications for 40 years, and that's one of the bigger whoppers I've heard.
"65,000 dimensions on each of 3 different axes" long on jargon short on basis.
Re/Open Source "every third rate programmer in the world can contribute to the code" wrong again. Linux is overseen by an international panel. Any changes suggested for the shell are submitted to that committee. All Linux development occurs at Debian Linux. Once changes are approved and clear initial testing, they are incorporated in the Unstable release. That version contains the most advanced op sys on the planet. After so much time and wider use, they are moved up to the Testing release. More time and testing, finally they make it to the Stable release. This is the shell all the other distributions use -- Red Hat, Ubuntu, Knoppix, SuSE, etc. The only difference between distros is the wrapper, cosmetics, and ease of system administration. I use Ubuntu.
"this is a CLASSIC buffer overrun exploit which has been around for DECADES." From http://heartbleed.com/ (yeah a link, I'll quote out of it, verify if you want) "Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug."
"Only a third rate programmer would ever write any code which allowed for a buffer overrun exploit -- it's Computer Programming 101." Excuse me, I've been programming for 40 years, sometimes even for money, know at least 15 languages, and this is my first up-close encounter with a buffer overrun. Even doing my own sys admin for the last seven years, and developing and publishing my own venture solo over the last 20-plus. I must be third-rate. Or maybe I'm just skilled.
As I have ventured in the past, I generally don't click links in these posts, especially Fox news, nor do I often include them in my posts. If you have something to say, say it, don't go begging to some false authority.
That said... and if I can claim any computer distinction, it would be this: Of all the people you know who work with computers, in any capacity, and there are many -- if you took the total money they have made at it, then divided in the hours they have invested, I have made less per hour than any of them. My current venture wilts on the vine.
I'm a jack-of-all-trades, master of none, and one-man band. I claim applications and database expertise, but have never used a complex outer join, always made select-where work. Whenever I Google a technical issue, expecially in the tech forums, I see so much unrelated techno about which I am currently clueless -- there's so much out there; it would be impossible to learn it all, more is developed every day than one could absorb -- and I realize just what a guppy I am, in deep waters.
So take me with a grain of salt, when I quote FDR: The only thing we have to fear, is fear itself.
Thanks Scott, I take back all the bad things I said about you.
Can't say I disagree, Trudi. I will not buy clothes or shoes at Wally World; they invariably disappoint, seams tearing, buttons popping, insoles sliding, always irreparably, made in China, even name brands, formerly American, I will never buy Coleman or Wrangler again.
Can't afford the boutiques, leaving the thrift shops, Internet, and other towns. Nobody would lose business; they're not getting it anyway, not from me anyway. Sure, affordable quality clothing would be nice!! I never went to Staples once. Won't miss it.
... and I call myself a geek. Ha.
I installed AdBlock Plus a while back, at someone's suggestion (forgot who, thank you anyway) to block those annoying popup banner ads at the top and bottom, squeezing out content, Slopeside Grill comes to mind. And it worked fine for that.
I never knew you could use it to block their stupid reader surveys (I answer "no" to everything, hoping it will go away as soon as possible) or that it could do that... did it need a restart if I've rebooted since I installed it? I Googled it real quick -- no, it was running in my Firefox...
I did see one obscurity... checking on AdBlock settings... under Tools -> Adblock Plus -> Filter Preferences then Filter Subscriptions tab, there is a check box at the bottom, already checked, labelled "Allow some non-intrusive advertising" and I guess if you uncheck that, it might block their inane surveys.
Unfortunately I won't know any results for at least a week. I answered a whole barrage of questions yesterday, for the sacred privelege of reading this rag, which supposedly will buy me seven survey-free days. Do you use this? Are you planning on buying that? How do you like Clint Eastwood? (no... no... no... love him) They walk you into corners, forcing a response to things you don't know or care about.
Hopefully this little tweak will block the pests for good, and I hope it helps someone else. And if somebody out there has better information, we would all benefit if you shared it.
She's sweet too!! And Brittany at OTP. And Haven at Carl's. And...
Is this record skipping? Or is that a terrier, with his teeth in my pants leg?
I repeat: Heartbleed was only specific to certain releases of OpenSSL. Those have been corrected. If your information wasn't stolen already, it won't be now. Not through that hole, anyway.
The Yellowstone volcano could explode at any moment. Should I move to Florida? There are crazy drivers on the road. Should I not cross the street?
Some things fall below my fear threshhold. Yellowstone, drivers, and Heartbleed are three of them.
I've wasted too much of my life on this already; surely there are other bones to gnaw. Ciao!!
Thanks for covering my back, Chris (and I said I was out of this).
Steve apparently has extensive knowledge on the subject, although the Heartbleed hole was specific to only certain releases of OpenSSL, those have been corrected, and if the culprits didn't steal your identity when they had the chance, that window is closed.
Conspiracies come in different flavors. The Fed is fact. Heartbleed is a) mostly theory, and b) history.
Paranoia can overrule common sense. The few people with the knowlege of the Heartbleed defect, combined with the ability to exploit it, while it was open, most likely have far better things to do with their time than turn into petty thieves. That's a lot of trouble, for a dubious return.
I trust open source well ahead of Gates' can of worms. Nobody knows what's buried in all the undecipherable .EXE's, outside Seattle. After he got off his antitrust charges with basically a slap on the wrist, soon to release XP, his latest at the time... and several closed-door meetings with Congress... one wonders what spyware he buried in his operating system for the Feds. We know for a fact they are monitoring all email traffic; what else can they see? Bank balances? Money transfers? Your pictures?
Get a 404 or 505, who answers first: Microsoft, or Linux? Our community wins that hands down. We (they) fixed Heartbleed as soon as it was discovered (though there are rumors the NSA exploited it for some time first). No harm was done.
Some dogs just like to bark, and I guess there's a bit of border collie in me too.
We'll hear from the doubters shortly, waking groggily, 'shaking their heads to clear them, the approximate equivalent of shaking a glass of muddy water so as to see better through it' (courtesy PJ O'Rourke, thanks PJ) but in the meantime, I think this is an excellent recommendation.
I told y'all about the RCSO who zoomed up on my bumper at at least 60 in order to cause me to swerve, at the apex of the tightest curve on River Road... that was six years ago, and with the occasional desperate exception, I have been bussing and biking and walking and hitchhiking ever since.
If dashboard cameras had been the norm back then -- and if I'd had the wherewithal to subpoena it -- and if it didn't mysteriously disappear, like my breath test did -- I might likely be driving today. A couple of thought occur:
That was bound to happen sooner or later anyway; I had exactly the wrong attitude. A cop who is also a close relative -- can't say who -- said at the time "We don't have to look for drunks -- you make yourselves plenty evident."
My old Blazer is not getting any older just sitting there. Even when it is being used, M&M keeps it alive with used parts, all from more recent vehicles than itself. My truck doesn't get older -- it gets newer, all the time. Maybe some day soon, you'll see it on the road again.
I just love seeing "no action/contact/arrest." Despite my occasional carping, I think we've generally got a pretty good bunch of level-headed of cops around here.
Last login: Thursday, April 17, 2014
Contents of this site are © Copyright 2014 Steamboat Pilot & Today. All rights reserved.