Re: Obviously not
Arghghg - that was my fault :-( Slip of the keys. It's been fixed. Please - next time, email corrections@thereg so these can be fixed asap.
C.
3495 publicly visible posts • joined 21 Sep 2011
I'll put my hand up - that was my fault. I accidentally hit the wrong button. I'm sorry about that.
Normally I can hit another switch to turn the comments back on, but this happened right in the middle of the rollout of some internal changes to our system, which delayed the regeneration of the forum for the article.
The comments are open again.
C.
It's quite clever and naughty. It works kinda like this. You use a use-after-free() bug to perform an arbitrary write to fiddle with values in allocated structures - such as deleting a terminating byte or increasing the length of the object. This allows you to access memory you shouldn't. Eventually you'll be able to calculate where the OS has placed libraries and such things in memory using ASLR.
Now you know where things are, you can link together short sequences of machine code in the known objects to build up your attack code and execute it. This gets you around DEP; it's called Return Orientated Programming (ROP). Google it and spend a weekend having fun with it :-)
C.
"US TV is drivel."
Judging by my Xfinity cable package, I'm minded to agree. There's fun stuff on the Food Network, because I like cooking, and there's comedy like Community scattered all over the schedules, but in general – and with adverts every 10mins it seems – it's best to turn off, tune out and drop everything to go outside.
C.
"Or am I being victimised?"
Yes, you're in the 10% of readers that's seeing the sliding 'more from the register' design in an A-B test (see the forums). Drew says it's the least popular so far.
I'm not seeing it, for instance.
C.
"How come your name no longer has the Reg Hack icon against it?"
If I post a comment from the front-end of the website (like every normal reader) I don't get the Reg logo. If I post a comment from our comment moderation system (available to staff) then my posts get a Reg logo. Simples.
C.
"an article per week"
Taking last Friday as a random sample, we published 30 stories. Over the course of a week, that's about 150. During busy months, such as last November, we were doing 40-50 a day, or 200-250 a week. So, that's a small percentage a week about a storage company that talked big, IPO'd at the wrong moment, saw its stock plummet and it fired its CEO.
C.
"when google has an outage there's barely a ripple in el reg"
Ahem. We do write about Google outages. This was one of our most read stories last year.
As for Linux vendors wanting to run promotions, I'm sure our ad sales and ops teams will be delighted to hear from them.
C.
"are either of these two companies located in the United Kingdom? If so, is that where all of this action is taking place?"
I kinda hoped that this being specifically about T-Mobile US and AT&T would give away the fact that this is all happening in America. AT&T doesn't operate in the UK. I've made everything super clear now, though.
"wondering at why a British paper is interested"
We have millions of readers in the States (I gather you're one of them, hi!) so we're writing for you, too. We have an office in San Francisco and the article was published at 3.30am UK time - when Brits are (mostly) asleep and Americans are winding up the working day. I kinda hoped that would make it all nicely US focused :-)
C.
"making a mockery of marriages"
More than the straight people repeatedly marrying and divorcing in their droves? Check the divorce rates. I know friends who have divorced and remarried for good reasons, and they're happy. And I'm pleased for them. But in the wider sense, what's "making a mockery of marriage" more - people recklessly exchanging vows or gay people?
Just my personal opinion.
C.
"the measly 10 days' paid holiday a year, only getting Christmas Day off, and the awful plastic cheese!"
Yeah, I was a bit surprised to find Americans don't get Dec 26 off work. Working for a UK publisher at least means Reg staff worldwide get UK-grade time off.
As for the cheese, well, I tried it on a 7-11 hotdog once. Once.
Merry Christmas from balmy northern California,
C.
Ruiu is still working away at his mystery malware; look him up on Twitter. I (for one) haven't taken my eye off the story. No doubt it'll be revisited when there's some more stuff.
The lack of patches is frustrating, sure. Oddly, the whole thing has sparked debate about spreading information over ultrasonic comms between machines (and example code), which is (IMHO) the most wild part about BadBIOS.
C.