search for: dishonest

Sorry, I certainly didn't mean to be dishonest. I was just repeating one of the comparisons given by the research paper. Regardless, even setjmp() uses a structure of 148 bytes in size (on my machine). The main point is that with compiler support, many context switches can be easily reduced to just a few instructions and only 8 byte of memory,...

...for a third party package. The point I'm trying to make though is that yum could benefit from the ability to verify the fingerprint in a key it is importing matches a DNS query for the user and domain the key claims to be for. Regardless of how the package was retrieved, this could prevent dishonest trojan keys from being imported, especially if DNSSEC validated the DNS query. -- -=- Sent my from my laptop, may not be able to respond timely

...ocs/LangRef.html <https://llvm.org/docs/LangRef.html>). > On Mar 27, 2020, at 3:30 PM, Joerg Sonnenberger via llvm-dev <llvm-dev at lists.llvm.org> wrote: > > On Fri, Mar 27, 2020 at 02:58:03PM -0500, Joshua Thomas Wise wrote: >> Sorry, I certainly didn't mean to be dishonest. I was just repeating >> one of the comparisons given by the research paper. Regardless, even >> setjmp() uses a structure of 148 bytes in size (on my machine). > > Let me repeat. Please take a look at the setjmp/longjmp intrinsics. On > support architectures they boil down to...

...Hat (for better or worse) considers freeloaders are large businesses who keep a small number of licensed RHEL systems so that when they have problems in their production network (which isn't running RHEL), they can reproduce the problem on RHEL and ask Red Hat for support.? That practice is dishonest and abusive. If you're not doing that specific thing, then Red Hat is not calling you a freeloader.

Hi LLVM devs, I’d like to describe my problem, and then propose new features of LLVM which would solve it efficiently. I'm building a new statically-compiled programming language, and I plan on using LLVM as the backend. The language will have a runtime with cooperatively managed green threads (user-space "mini-threads", each with their own dynamically allocated stack). A single OS

...verify that those properties indeed hold. Using these tools, we found some security vulnerabilities in Rails, and we would like to get a sense of how important these are in practice. 1. Using CookieStore opens the door to "replay attacks", whose importance is, we feel, underestimated. A dishonest user can replay an old session to fool the server, of course; but more critically, it may be possible for an attacker to steal a cookie from an honest user after the latter is authenticated, and replay that session. The obvious fix is to include nonce-checking for every session object to ensure its...

As far as I can see, here is a summary of the situation, and there's a point to this, but I only make it in step (4), needing the first three steps to set up a background to keep my own thoughts clear: 1) Fedora (via Jakub) shows it's possible to patch OpenSSH. 2) OpenVPN (via gert) shows it's possible to build a 'shim' of sorts that allows code to work with libreSSL and

...or > worse) considers freeloaders are large businesses who keep a small > number of licensed RHEL systems so that when they have problems in their > production network (which isn't running RHEL), they can reproduce the > problem on RHEL and ask Red Hat for support. That practice is dishonest > and abusive. > > If you're not doing that specific thing, then Red Hat is not calling you > a freeloader. > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos

...> The point I'm trying to make though is that yum could benefit from > the ability to verify the fingerprint in a key it is importing > matches a DNS query for the user and domain the key claims to be for. > > Regardless of how the package was retrieved, this could prevent > dishonest trojan keys from being imported, especially if DNSSEC > validated the DNS query. How widespread is the problem of unknowingly importing compromised software ? -- Regards, Paul. England, EU. England's place is in the European Union.

Hello, I see the new Xen packages now really in Sid and even in Lenny on packages.debian.org: http://packages.debian.org/search?keywords=linux-image+xen+amd64&searchon=names&suite=testing&section=all http://packages.debian.org/lenny/xen-linux-system-2.6.26-1-xen-amd64 Does this mean there is now official Xen amb64 and dom0 support in Lenny? I am running it now for a while without

> I can't predict the future but my feeling is that AlmaLinux has a good > chance to become the second Gold standard. I disagree with you. Both Rocky Linux and AlmaLinux are in a very comfortable position, and they will likely stay that way. my predict is that they will continue as a #rebuilder / #freeloader, writing software is a hard work. SuSe hardfork will probably be only an

Dear Guru''s, I''ld like to request you to vote here http://launchpad.enterprise2conf.com/node/74 as 5 star (please click on 5 star to vote), this will give oxygen to our project. Waiting for your valuable vote. Best Regards, Pavan Agrawal

Hi, As stated on the Dovecot documentation, at rest encryption is possible [1]. However, these keys are present on the system itself and are unprotected. Therefore, if a system is compromised, the attacker has access to the encrypted mail and the keys. There is no security benefit in that situation, except for hoping that the attacker doesn't understand that this is happening and how.

I guess you've all read it already, but here it goes: "All video codecs are covered by patents. A patent pool is being assembled to go after Theora and other ?open source? codecs now. Unfortunately, just because something is open source, it doesn?t mean or guarantee that it doesn?t infringe on others patents. An open standard is different from being royalty free or open source. Sent

On 20/12/15 10:28, Gordon Messmer wrote: > On 12/19/2015 09:49 AM, Alice Wonder wrote: >> >> With third party repositories the key and configuration file is often >> distributed separately. That's the potential attack vector for trojan >> keys. > > Examples? > > All of the notable repositories that I'm aware of publish an > x-release.rpm that

...g, I am not aware of many programs that do that without > very specific user selection. Any user savvy enough to turn on dithering > would hopefully be paying attention well enough to avoid promoting 16-bit to > 24-bit without noticing their mistake. I suspect that this is sometimes done dishonestly in order to sell hi-fi enthusiasts DVD-A's made from lower-quality source material. After all, they do sell $35 dollar "high definition" digital coaxial S/PDIF cables at your local Radio Shack. And you lost me on the last paragraph there, but that's okay. Thanks for the clarifi...

...ke we run DHCP out of the kernel > > on new interfaces... > > Because one can set up a static IP, IPv6 doesn't always need DHCP, etc. But we don't handle LACP, etc. Look, as much as I don't like this, I'm not going to argue about this to death. I just find it very dishonest to claim kernel *has to* do it, when no one seem to have made any honest attempts to solve this in user space for the last 10 years :/

...ke we run DHCP out of the kernel > > on new interfaces... > > Because one can set up a static IP, IPv6 doesn't always need DHCP, etc. But we don't handle LACP, etc. Look, as much as I don't like this, I'm not going to argue about this to death. I just find it very dishonest to claim kernel *has to* do it, when no one seem to have made any honest attempts to solve this in user space for the last 10 years :/

We are using a platform from AmarFone Inc. It great full featured , everything you want to run a calling card and does not cost your a lot of money. Their support is awesome. You can contact them at sales@amarfone.com. Ehsanul Karim

On Jul 28, 2017, at 11:56 AM, hw <hw at gc-24.de> wrote: > > Matthew Miller wrote: >> On Fri, Jul 28, 2017 at 06:13:42PM +0200, hw wrote: >>> What?s the point of doing this with Fedora? It?s not like bugs >>> were fixed before Fedora is EOL and all reports are forgotten. >> >> Many bugs are fixed in Fedora. Many more bugs are fixed in the >>