They have seemed to banned me from showing up in their Twingly trackback links.
I've only posted comments on a couple of their articles, and added to their lightning photos articles with my own lightning photos.
I also posted a comment on their internet security bug article.
Oh well, no big loss, I will continue to blog here.
[ add comment ] ( 6 views ) | permalink |
( 3 / 1568 )Bugs in Funcoms game Age Of Conan has been undisclosed by the group ISE.
The bugs are also present in the game 'Anarchy Online' which also was very popular some years ago.
These bugs makes it possible to read files of the victims computer, and is exploited in-game via the chat.
More specific details can be found here.
It can be exploited by giving the victim a "link", which causes the victim to speak the contents of a file to the chat.
This makes the file contents available for everyone surrounding this player in the game.
It is one of the more severe bugs found in Funcoms games, and was patched at the 28th of August.
[ add comment ] ( 11 views ) | permalink | related link |
( 2.8 / 1165 )According to TheRegister, German customs agents have raided another trade fair due to complaints about patent infrigment.
200 armed customs agents raided 69 stands at the consumer electronics show IFA, in Berlin.
The last we heard about such actions were during the CeBIT fair in Hannover, Berlin.
The police then raided 51 booths due to the same kind of complaints.
[ add comment ] ( 4 views ) | permalink |
( 2.9 / 776 )Just wanted to note to the readers that there is a competition on dagbladet.no.
(Like, if any of you work at a school or something ... you will win, for sure..)
The person that sets db.no as the homepage of the most computers wins the new iPhone 3G.
This is one of the more annoying/horrible competitions I have seen, there are a lot of people who have serious advantages here.
People who works at schools?
People who work as managers at large organizations?
The IT staff at your local work place?
Very nice done, db.no, you effectively lock a large percentage out of the population out of this competition! ;)
But at least, if you are in the position to do it...
you can win the iPhone 3G here!
PS! There is only ONE! :)
[ add comment ] ( 4 views ) | permalink | related link |
( 3 / 671 )This is finally up in Norwegian news too.
Dagbladet writes about a 'security hole' in the Internet.
BGP works in this way:
o You use AS Numbers (ASN) which are globally unique.
(simplified, but not completely true: Two Internet Providers can not share the same ASN)
o These AS numbers are used for path decisions on the internet,
the general idea is that less 'AS hops' (AS numbers between you and the destination) is better.
o IP address ranges are linked to AS numbers.
o Setting up a BGP session for exchange of IP traffic between AS numbers (ISPs) is called 'a peering'.
CIDR
In routing, you will have to say that for example: 192.168.0.0/24 is at your router (this means 192.168.0.0 - 192.168.0.255)
A /23 is double the size of a /24, and hence 192.168.0.0 - 192.168.1.255
Path decision
Some attributes are used for deciding which ISP to use to reach another in (BGP) routing.
The ones I am going to focus on here is AS_PATH and CIDR
The 'problem' about routing is that a more specific route will be prefered.
Let us say that the fictive company boogle owns 192.168.0.0/23 and keeps bmail in the rear end of that /23-network, from 192.168.1.128 - 192.168.1.256.
What will happen when someone announces 192.168.1.0/24 to other ISPs?
Yes, they will of course start using this route instead of the less specific /23-network that boogle announces.
BGP peering
In BGP, one AS (autonomous system) will announce to the other ASNs which IP ranges they will accept traffic for.
Let us say you have AS1, AS2, AS3 and AS4 - which are owned by ISP1, ISP2, ISP3 and ISP4.
ISP1 uses ISP2 to reach the internet, because ISP2 has built a large network.
ISP3 and ISP4 are peering, and ISP4 also uses ISP2 to reach the internet (and then also to reach ISP1).
ISP3 usually uses a hidden ISP5 to reach ISP1.
Let us take the example from above then, with the preceding facts.
What will happen when ISP4 decides to announce the more specific network to ISP3?
Yes, ISP3 which is used to having this path: ISP5 -> ISP1 will of course exchange this for ISP4 -> ISP2 -> ISP1
This is regardless of a longer AS_PATH (ISP4->ISP3->ISP1) because of the more specific network.
The other way this can be exploited is to force in a route with a shorter AS_PATH.
The real problem
These are FEATURES of BGP and IP routing, and was never a security hole.
The actual security hole is misconfigured routers that will accept announcements of networks from maliciously configured routers.
[ add comment ] ( 6 views ) | permalink | related link |
( 3 / 646 )
Random Entry
