Wednesday, November 22, 2006

More MOKB-20-11-2006 related news

Apparently, it isn't enough to explain cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se issues in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most simple possible way. There will be always someone else who doesn't bocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r reading, checking and, well, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re will be always someone willing to say something that doesn't make sense at all.

A blog post is claiming that 'crashing a Mac with a .dmg, has been known for ages'. It doesn't stop cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re, it even falls in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 now clueless logical fallacy that has been used over and over by Mac Zealots and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r creatures of Neverland for enough time now:
conveniently ignoring cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fact that this is still just a crash, not an exploit, and that not all crashes are actually exploitable anyway.
Too many things mixed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re and getting screwed up. Time to stop, space cowboy. Going back to Earth, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 definition of a 'crash' in kernel-land has quite a few possible meanings:
  • locking issues
  • infinite loops (ex. filesystem code looking for non-existent blocks)
  • unhandled exceptions (ex. invalid memory access, ala page faults, etc)
  • handled exceptions (ex. known unsupported condition, poorly written code panicking for no real reason, ala fpathconf() bug, etc).
  • ...
Now define exploit in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 context of a kernel-land issue. Basically exploiting a bug a in kernel-land requires some conditions to be met:
  • influence memory operations (ex. land at controlled memory)
  • avoid hard locks
  • avoid corrupting essential spots
  • change execution flow gracefully
In any case, once you have abused cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 vulnerable condition, you will have only one chance (normally, although cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are exceptions, like modules and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r interfaces that can be dynamically loaded and not necessarily get totally screwed up) to subvert cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 execution flow, until it goes wild and causes your so-called 'crash'. So, what happens upon successful exploitation? You're pwned, Michael Knight.

So, leaving cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 humorous style. Mac Zealots, please get a life. If something is well beyond your understanding capability, don't worry. Go watch TV, or cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 iTunes Store.

Reading documentation, debugging, checking cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 problem, spending hours to understand how something actually works, is obviously a tedious task. It's easier to smoke some pot and mixed hash while listening to Massive Attack and Modest Mouse.

Signed, a proud Macbook, Mac OS X and iPod (it has some indie music too, but not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 brainwashing kind it seems, fortunately) user.