* Posts by Jeremy Shannon

3 posts • joined 30 Mar 2008

Archaeologists unearth oldest known 3D pornography

Jeremy Shannon

@Pablo

It's not surprising that it's headless. Plenty of ancient European myths state that to look on the face of a god or goddess was a quick way to die. Robert Graves discusses this facet of mythology in his book, _The White Goddess._

Only Ubuntu left standing, as Flash vuln fells Vista in Pwn2Own hacking contest

Jeremy Shannon
Dead Vulture

To various

@Are you all dumb?:

Yeah, he *said* he could hack it but why didn't he do so, even after hours of trying? What, did he just decide he'd rather not for some reason? "Oh, a free laptop and $5,000 is great, but TWO free laptops and $10,000? No way, I don't want people to think I'm gay or something!" Sure. That'd make sense.

@David Webb:

No, virtually all Linux apps require sudo to install (unless you're installing for one user, in his home folder) and it does not elevate their privileges when run. Only apps which require setuid (deprecated and dangerous) or sudo (much more secure) are run with higher rights than the calling user.

Now, running some binary blob self-installer with sudo is dangerous, but it's a rare occurrence -- normally you install apps with apt-get or dpkg, then the apps run as yourself, not root or anything.

@everyone saying "It's all Adobe's fault!"

It's partly Adobe and partly Microsoft's fault, if you actually read the article. The vulnerability in Flash alone didn't allow him to do anything on Vista SP1. (It allowed him to execute arbitrary code under the retail Vista, but the new IE security measures stopped that.) To get code running with elevated privileges now required him to work out a Javascript hack that allowed him to disable the new Vista SP1 security, a secondary vulnerability that should not have been possible, had Vista been as secure as it's supposed to be.

He was trying to do something similar on Linux, believing it possible, but failed to do so. This is why us Linux people are chuckling.

(Beating a dead vulture.)

Jeremy Shannon

And the fox leaped again, and missed again..

I smell the distinct scent of sour grapes in that guy's comment. "I could have broken Ubuntu, too." So how come it's still not broken after hours of trying, hmmm?

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021