Jump to content
Search In
  • More options...
Find results that contain...
Find results in...


  • Content Count

  • Joined

  • Last visited


This user doesn't have any awards

About wanderingfool2

  • Title

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Spoofing, like the fact that this was able to take over a domain controller by spoofing.
  2. Booting a system out for too many invalid attempts would just be asking for DOS....or you know locking out a domain controller On a similar note, do we know that it didn't log it? [Back in the day I remember having a lot of invalid password attempts and such]. I could be wrong, just thinking there probably was a way of seeing it in logs.
  3. The worst bit here was they padded with zero's on an implementation that should have used random padding. Had that hadn't happened it actually would be a lot harder to exploit it. To that regard, cryptography is a difficult thing one innocent mistake during implementation can bring the entire thing down. There are lots of examples of mistakes being made by large corporations. *Spoofing comes to mind to causing a dos attack comes to mind in terms of limiting tries* This mistake could literally boil down to one programmer padding without the understanding of the consequences. Look at things like heartbleed, a simple mistake by a single person, it doesn't always speak of incompetence. At least it wasn't like Sony's mistake int getRandom() { return 4; } For those who are curious here is the link to the whitepaper https://www.secura.com/pathtoimg.php?id=2055 It's been patched and I'm sure people would have figured out what changed eventually anyways. It's not as trivial as sending full 0's anyways...just the main part of it is sending 0's through.
  4. Honestly, the only real reason I could see Microsoft patching this would be due to them padding with zero's which was what allowed this attack to happen. Virtualization. While it's not ideal, you can get NT 4.0 running in a virtualized environment. Not that it's recommended, but it is what it is (software that would cost too much to replace given that it would need to be rewritten and re-tested...at least 50-60k which isn't practical and the fact that new software would need to be licensed which changed from a perpetual license to a per user yearly license...so that would have an added cost of 10k a year). Sometimes it's just cheaper running the old stuff and making sure only limited things see/access it.
  5. Making the consoles doesn't mean it would be easy, or cost effective for them...and it makes things a lot less practical when there isn't a disc drive. With that said, it almost seems like the statement just means they haven't completed some of that yet. The PS3 emulation I think would be still be quite an achievement on the given hardware (well to an extent). The other thing is it's an emulator, so they can't just implment the API elements, they need to emulate some of the chips...yes there are things like PS2 emulators, but Sony would have to create their code from scratch (and look at how long the PS2 emulator has been in dev. without being 100% accurate)
  6. Some people who cheat will always cheat, but the easier it is made to cheat the more likely it is for people to do so. Catching people cheating, and having no punishment means there isn't as much of an incentive for not cheating. Again, the 25% of the class, aside for a long lecture and continued monitoring they got away with it. Their grades in that class remained, and they weren't forced to retake the class. If you want a more quantitative thing, look at the rates of cheating on assignments vs tests (where assignments are easier to cheat on). It raised to 43%, and this is of those who admitted to it. Or look at the whole admissions scandal...so don't claim that the "cheaters" aren't taking up a certain percentage of spots within university (and abusing the resources) It's a mark on an academic career, it would instantly disqualify them from scholarships and such. To have no safeguards in place would just be foolish, as there will be cheaters and it will likely increase the rate of cheating/severity. Whether a person can do a task is greatly different than if they are fully adequate for the job. Do you know the cost of picking an wrong employee during hire? It's a ton, even if you discover early on they oversold their abilities. It also speaks to someone's character that is willing to cheat.
  7. Not going to name names, it was a school within British Columbia though. To start off with, most actually means having the greatest amount (which in this case since it is binary is a 50%, but by no means does most mean "more than 50%". You are also missing the point completely, you aren't wrong because you said most students are honest. You are wrong in saying that "most students are honest" is not an argument for not having not setting a deterrent. My original wording "It's about setting a proper deterrent (if all students think they could get away with it, the number of students cheating would go through the roof).". 17% admit to already cheating (that's almost 1 in 5). 43% admit to cheating on assignments (over 2 in 5). Again, it doesn't matter if most students are honest, that doesn't mean the numbers won't spike and that there is already quite a large % of people cheating. There were professors who would design the test to average around 50% (and curve). The reason for this was to be able to single out the students who really knew their stuff (and would give recommendations to). What about all the other students? How many people that were on the bubble of getting a scholarship, but a cheater got it instead. How many people didn't get accepted into their post-grad classes because someone who cheated got in instead. There are a lot of reasons to flag someone who has committed academic fraud; including flagging to future employers of the character
  8. Sure...let's do the honor system then. My point is valid, 17% is quite a large number to -admit- to cheating, and is likely higher than that. Context is the key, saying that "most" students are honest is flat out wrong in a rebuttal to a statement that cheating would skyrocket. The easier it is to cheat the more temptation it will be to cheat (changing that B to an A, or C to a B). Things are often graded on a curve, so cheating has an impact on all students. Cheating at an university level course should have consequences of it getting put on the transcript of caught of academic fraud, or expulsion (depending on the severity)
  9. You're wrong, flat out. https://www.plagiarism.org/article/plagiarism-facts-and-stats 17% admitted to cheating on a test...that is those who admitted to it. As mentioned I've mentioned in another post in this thread, I've attended a school where 25%+ were caught cheating (in a single class). This also brings to issue that there isn't enough punishment of undergrads that get caught cheating (in some cases it doesn't go on the record).
  10. ...maybe I am misunderstanding, but using consoles as an example isn't exactly great as they have the exact same issue of selling out and having it scalped for a higher price (remembering in the Wii/PS3 days it took months to get it). All of this is just an optimization thing...there is only so many cards that could be made at one time (yes more factories could be built or could be repurposed but that then means added costs and less supply of the other product you sacrificed the manufacturing for). It's all about the balance between the demand over time and the added cost of filling all the demand. e.g. They could have delayed the launch and stored more stock, but that means they release a card 3-4 months later (I would prefer the cards to hit the market sooner than later)...they also would have missed the Christmas season. It's also about the perception, if they released enough for every consumer at launch then there would be less press coverage over the next few months. I am curious about the "bots" claim though...I could see bots buying a majority, but realistically how are they suppose to prevent that? (1 person with a bot could realisically buy 10 easily...switching around their IP's and having it delivered to separate PO boxes/neighbours etc)
  11. All decisions are a trade off. Having a system like this, while it does pose a risk has the benefit of things such as less fraud, better medical treatments (I've had medical issues as a kid that I cannot remember and I don't have the records anymore...a digital system would have prevented this)
  12. Given we are talking university level education, a laptop is usually an assumed given for a course anyways (and even older laptops would meet that spec). Actually you could get a webcam with microphone for like $35CAD or less...and I can tell you that while affordability is a thing, going through university a $35 school expense is minor compared to the many other requires expenses of attending school. If things like that are an issue, or getting access to a room that isn't busy then talking to the academic advisor to take the exam in person or to provide a room that would be suitable. (While there is a blanket statement that was made regarding "drop the class" or fail, I would treat that as a blanket statement to prevent a lot of the people who would refuse the software if they were allowed to) I don't think it is a pointless violation either, it's about trying to come up with a solution that will diswayed cheating. And then you are flagged for cheating, since it likely has proper measures of detecting if it's in a VM. (While there might be ways of tricking it so it doesn't know it's in a VM, the chances would be that they are using multiple methods of detecting that it's in a virtual machine...e.g. some don't report the clock speed as changing, so if it's constant then its more likely to be running in a VM). It's about setting a proper deterrent (if all students think they could get away with it, the number of students cheating would go through the roof). It's similar to when they put a cardboard cut-out of an officer with a radar gun, they do so to remind people of the speed limit and to have them slow down. 1. It flags potential issues, so if things like someone popped in/kid ran in while taking a test I bet you wouldn't get in trouble. If you were in a crowded environment the entire time then yea, most likely you would be in trouble. 2. That's the issue though, if in a test environment a teacher escorts you then how would you propose to have a similar limitation here? (And again, if you had to go to the restroom, and you went quickly my guess is they might ask questions and investigate but not fail you). As for the fire alarm, well see point 1...they have the audio so they could tell an alarm went off (and it defaults back to point 1, you likely wouldn't get in trouble for it...although if you went outside for an extended period of time you might be in trouble in the sense that you don't have time to take the test). 3. See my comment from the beginning. I am betting if you talked with an academic advisor/professor you could come up with a solution. The blanket statements are often used to deter people from exploiting exceptions as a loophole.
  13. Honestly, I don't think that this option is that bad. I think there should be an option to take the test in person though (as an alternative). There should also be cell-phone jammers in test halls (but usually not, as it would typically require a specialized exemption...owning a jammer here is illegal, and using it is as well unless special permission is made). While there is a privacy aspect to this, the other side of the coin is the rampant cheating that is going on in some of the schools. [The course I went through is a good example where a class was getting the quiz assignments before and distributing it amoungst themselves, they eventually got caught as a TA had added an additional comment in the source code that wasn't present when everyone submitted there results. The students that cheated made up to close to 25% to the class]. Academic fraud is a real thing, with not really serious consequences when caught usually...so I am happy that at least a school is taking it more seriously. I've seen professors and such attempt doing some of your mitigations, but the fact is sitting at home unmonitored it will become a lot easier to cheat. (e.g. paying someone smarter to do the test and just copying the answers)
  14. Everything is going to be how vague the trademark actually is. If it's pretty much as vague as the rounded corners then the CBP can't be faulted. Don't know enough about trademark laws, but I would suspect that OnePlus would have to sue to invalidate the trademark description...with that said, if it is upheld then the CBP could start completely confiscating all OnePlus buds being important
  15. All of that is held by government laws, and shouldn't be forced onto consumers. Sometimes you might see things like Torrent software putting it in their TOS because they just want to protect themselves from civil suit. Government's have very little place in terms of mandating what a company's product should do. The point of my statement was that encryption in the past has had regulations on it and it caused consequences 10 years down the road (in our modern internet infrastructure). And one could argue that encryption is allowing a hostile government to hide their communications (so should be regulated)...it's a slippery slope when it comes to government oversight. Some would argue privacy from a government body is more important. What good is open communication if the government uses it to track you down and arrest you (for some petty thing, but still a way to control the masses). It brings me back to my point, there isn't a golden rule in terms of what is and isn't acceptable...the line can sometimes very much be blurred, where as laws/mandates tend to be hard lines in the sand which creates the issues.