
I can't believe I enjoyed reading that. There must be something wrong with me.
It's fair to say that the quest for a stirring motto for our proposed Low Orbit Helium Assisted Navigator (LOHAN) mission patch is proving to be the most fun we've had in a long while. A proposed LOHAN mission patch So great was the response to our call for suggestions that we're buried under a magnus congestus of Latin, a …
... Latin - a subject I never studied at all being just a poor plebian
The vast majority of the population of the Roman Empire was made up of foreigners, slaves, or freedmen. To be one of the plebes -- the lowest rank of actual citizens -- you would almost certainly have been Roman, so your native language would very likely have been Latin.
... or perhaps you were just being ironical?
"And I'm not sure if I should be happy or sad that my own entry (in Latin - a subject I never studied at all being just a poor plebian) didn't get a mention or argument either."
In the case of my offerings it should probably be Google Translate that is unsure if it should be happy or sad. :)
The "WD" in WD-40 stands for "water displacement," so to rephrase: With duct tape* and Water Displacement 40. Using Google Translate (with apologies), it yields this:
Ductum lineam, et cum Praesentibus Aquam XL
Going back the other direction gives us this mess: Drawing the line, and with the presence of water, 40. Clearly this needs work that I'm not up for... er... for which I am not up.
* Duck Tape is a brand name.
from my O-level days, that (IIRC) most educated Romans spoke Greek. In fact doesn't Robert Graves put a brief bit in "I Claudius" as to why it was written in Latin, rather than Greek ?
In which case, I introduce astroployen from 35 years ago, as the Greek word my friends and I invented for "spaceship". After all, we use "Astro*naut*" ...
Just wanted to say that dodgy puns like this (and the attention to detail in the delightful article that spawned it) is one of the main reasons I love el Reg so much.
Two. Two main reasons. And whoever writes the subheads on the front page has those occasional flashes of brilliance that makes whatever rubbish is in the story well worth reading.
So the three main reasons I love the Reg...
Barkeep! A round to the Reg team on my way out!
Ah, that brings back memories (although it certainly does not bring back any knowledge of the subject).
I remember taking Latin for one year at High School, we had a teacher who's accuracy with the blackboard eraser was lethally accurate, but I digress. My point being that it brought back this...
Latin is a language, as dead as dead can be
It killed the ancient Romans
And now it's killing me.
Curabitur in maxima eruditorum commentariis.
I did Latin at school for, um, two years? Hated every moment. I can remember more from Asterix books than anything we did at school, which led to me having to explain to the class exactly what "timeo danaos et dona ferentes" means, and feeling a lot like Brian facing the centurion.
I also was taught Latin for one year, before being kicked off the course (family tradition).
My Latin master* had taught the father of one of my friends and was consequently approximately as old as his subject in our eyes. His way of 'encouraging' pupils to remember was to grab you by the ear and twist.
That scene in Life of Brian is pretty accurate in a lot of ways.
* I use the word master instead of teacher because it fit him much better, he was from the proper old school.
I agree that "Navis volitans mea plena anguillarum est" is a winner.
I think repleta is the word for "filled up with", as plena seems to mean full in the sense of complete, or even plump. And I'm not sure about the genitive case; "full of" has the feel of an English idiom, but I can't think of a more appropriate case. Possible alternatives:
Navis volitans mea subter anguillis repleta est (Filled under eels? Nah.)
Navis volitans mea per | propter anguillas repleta est (Filled by, or on account of eels.)
Navem volitantem meam anguillae replent (Seems to imply that the eels did the filling.)
Where is John Cleese when you need him?
Kubla Cant, the division is not “full of” + “something”, but “full” + “of something”; that is, adjective + genitive. Plenus/plenum/plena is perfectly acceptable in this way: Cicero used plenum sceleris (“full of wickedness”), and Horace used plenum laetitiae (“full of happiness”).
Oddly enough, my Latin grammar book notes two exceptions from Early through “Golden Age” Latin: for adjectives denoting either fullness or deficiency only, adjective + ablative was equally acceptable. Thus, plena anguillis could also have been used.
Given the lack of balloons in Roman times (or helium either but never mind) an alternative metaphor might an inflated bladder. It has the added bonus of alluding to the after effects of a few celebratory drinks.
Google Translate then suggested "to the stars on an inflated bladder" becomes
vesica inflata ad astra
Sorry.
And frankly, that's all I remember. Except that my Latin teacher confirmed the stereotype: of advanced age, extremely well educated, deadly boring and barely tolerant of we young whippersnappers who couldn't see the use of learning such a beautiful languiage.
Two years...wasted. Oh well, not much Latin required in Electrical Engineering, thank God.
// This has been a memorably good thread.
// The one with the Cassell's in the pocket, please
A security flaw in Apple's Safari web browser that was patched nine years ago was exploited in the wild again some months ago – a perfect example of a "zombie" vulnerability.
That's a bug that's been patched, but for whatever reason can be abused all over again on up-to-date systems and devices – or a bug closely related to a patched one.
In a write-up this month, Maddie Stone, a top researcher on Google's Project Zero team, shared details of a Safari vulnerability that folks realized in January this year was being exploited in the wild. This remote-code-execution flaw could be abused by a specially crafted website, for example, to run spyware on someone's device when viewed in their browser.
Apple last week patched two actively exploited vulnerabilities in macOS Monterey yet has left users of older supported versions of its desktop operating system unprotected.
In a blog post on Tuesday, security biz Intego said fixes applied to address CVE-2022-22675 (AppleAVD bug) and CVE-2022-22674 (Intel Graphics Driver bug) in macOS Monterey were not backported to macOS Big Sur or macOS Catalina.
The AppleAVD issue is unpatched for macOS Big Sur, said Joshua Long, chief security analyst for Intego, while Catalina isn't affected because it lacks the AppleAVD component for decoding audio and video. The Intel Graphics Driver flaw, he said, looks like it affects both Big Sur and Catalina.
Adobe has put out a warning about another critical security bug affecting its Magento/Adobe Commerce product – and IT pros need to install a second patch after an initial update earlier this week failed to fully plug the first one.
You need to apply both patches, in order.
The new vuln has also been assigned a severity rating of the 9.8 on the CVSS scale – the same as its predecessor, for which Adobe issued an out-of-bounds patch earlier in the week. It's tracked as CVE-2022-24087 and – like the earlier vuln, CVE-2022-24086 – impacts both Magento Open Source and Adobe Commerce.
In an advisory this week, VMware alerted users to guest-to-host vulnerabilities in the XHCI and UHCI USB controllers in its ESXi hypervisor, plus an important flaw fixed in NSX Data Center for vSphere.
In all, five vulnerabilities were discovered in VMware's ESXi, Workstation, Cloud Foundation (ESXi), and Fusion during the Tianfu Cup 2021, a Chinese vulnerability competition, by the country's Kunlun Lab. Bugs that Kunlun discovered were disclosed privately to VMware – though last year China passed a new law ordering security researchers to reveal findings to the country's Ministry of Public Security at least two days before anyone else.
The vendor said it hadn't seen any evidence the competition's findings had been exploited in the wild. Patches have been issued, now it's up to admins to schedule them. The vulnerabilities range from use-after-free() and double-fetch flaws that can be exploited to execute code on the host, to an old-fashioned denial of service (DoS). The full list for ESXi, Workstation, Cloud Foundation, and Fusion is:
Microsoft has kicked off 2022 by issuing a patch for Exchange Server 2016 and 2019, which both possessed a “latent date issue” that saw emails queued up instead of being dispatched to inboxes.
“The problem relates to a date check failure with the change of the new year,” states a January 1st post to the Exchange Blog.
Exchange’s malware scanning engine is the source of the problem, as Exchange checks the version of that software and then tries to write the date into a variable. But that variable’s maximum value is 2,147,483,647 and the value Exchange tries to write - 2,201,010,001, to reflect the date of January 1st, 2022, at midnight – exceeds the variable’s maximum threshold.
Feature Some vulnerabilities remain unreported for the longest time. The 12-year-old Dell SupportAssist remote code execution (RCE) flaw – which was finally unearthed earlier this year – would be one example.
Others, however, have not only been long since reported and had patches released, but continue to pose a threat to enterprises. A joint advisory from the National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA), published in late July, listed the top 30 publicly known vulnerabilities that are routinely being exploited by threat actors. Many of these are a good few years old, including one Microsoft Office RCE that was patched in 2017 but had been around since the year 2000.
Eoin Keary, CEO and founder of Edgescan, told The Register that the oldest common vulnerability discovered in its latest quarterly vulnerability scans report (CVE-1999-0517, impacting Simple Network Management Protocol) dated back to 1999. Which raises the question, why are threat actors being allowed to party like it's, um... 1999?
It has proved an unfortunate Halloween for Microsoft, with the ghost of an expired certificate haunting Windows 11 users. The upshot is: various built-in programs may stop working properly or cannot be opened at all.
Redmond yesterday said "some users" are affected, so you may or may not notice the blunder. This all applies to at least Windows 11 version 21H2.
The cryptographic cert at the heart of this affair ran out at the end of October leading to failures this month, according to Microsoft: "Starting on November 1, 2021, some users might be unable to open or use certain built-in Windows apps or parts of some built-in apps. This is caused by an issue with a Microsoft digital certificate, which expired October 31, 2021."
SolarWinds has issued an emergency patch after a critical security hole in its Serv-U Managed File Transfer and Serv-U Secure FTP was spotted being exploited in the wild.
The vulnerability, discovered by Microsoft's Threat Intelligence Center (MSTIC) and Offensive Security Research teams, can be exploited by an attacker to achieve remote code execution, and is present in Serv-U version 15.2.3 HF1 and all prior builds. The Redmond crew also said a "single threat actor" was abusing the programming blunder (CVE-2021-35211) though it's not known how many customers are affected.
"This attack is a Return Oriented Programming (ROP) attack," said SolarWinds in an advisory. "When exploited, the vulnerability causes the Serv-U product to throw an exception and then intercepts the exception handling code to run commands. Please note, several reasons exist for exceptions to be thrown, so an exception itself is not necessarily an indicator of attack."
Updated Microsoft continues to demonstrate its impressive commitment to Windows quality by admitting the patch it released to patch the patch that broke printing was, er, itself broken.
As a reminder, a fresh security update dropped from Microsoft's Windows Update orifice last week that left some Windows 10 users unable to print. Worse, a screen of deathly blue was flashed when a printing operation was attempted – a step up from the error message seen after last year's mishap.
With impressive speed, Microsoft hurried out an out-of-band optional patch to deal with the affected Windows 10 versions: KB5001567 for Windows 10 2004 and 20H2; KB5001566 for Windows 10 1909; KB5001568 for 1809 and KB5001565 for 1803.
Apple has patched a hole in macOS that has been exploited by malware to secretly take screenshots on victims' Macs.
The security flaw can also be potentially abused to access files and record video and audio from the computer. The iGiant has also released iOS and iPadOS 14.6, which fixes 43 CVE-listed security flaws and adding a bunch of user-friendly UI tweaks.
Biting the hand that feeds IT © 1998–2022