Digg Effect 與 DDoS Attack

這篇 www.WikiTree.org 刊登出來沒多久後,原網站就因為 Digg Effect 而掛掉...

不過,值得寫的原因不是因為掛掉,而是在原網站上面這樣公告 XD

WikiTree.org Has Been Badly Cut!

Wikitree.Org has suffered a DoS attack on 20060306-7 and had to be suspended to protect the webserver.

Shame on anybody responsible for the attack!

Be sure, however, that Wikitree.Org will be up and running again as soon as humanly possible...

It may take some hours, but also several days.

BitComet 0.63

Release Notes 裡可以看到 v0.63 2006.3.7 的變動:

  • GUI Improved: fix the bug that somtimes torrent file can't be open properly after downloaded in BitComet embedded browser
  • Core Improved: Remove the old protocol header encryption, add new protocol encryption compatible with Azureus and uTorrent

最讓人驚訝的是 Protocol Header Encryption 全面改用與 / 相同的協定。

WordPress 2.0.2

[wp-testers] 2.0.2 on Tuesday 這篇裡宣佈將在星期二發佈 2.0.2,看起來是因為一個未公開的安全性問題:

We need to release 2.0.2 to address a security bug. No, not the security bug that caused all of the commotion recently, another one.

We'll get a package out shortly. In the meantimes, pull the latest from the 2.0 branch.

http://svn.automattic.com/wordpress/branches/2.0/

This contains fixes for both security issues as well as a handful of non-security bugs. Here's the list of bugs, sans the security issues.

http://trac.wordpress.org/query?action=view&status=closed&resolution=fixed&milestone=2.0.2&order=priority

Look over the bug list and target your testing on the effected areas. I'll add the security issues to the list when we release.

Tuesday is just a target. If we can't make it we can delay a bit, but we need to get this out soon.

Ryan

Skype 的 Ten-only-on-Intel 限制

雖然最近沒時間看 所有的文章 (尤其是國外的新聞,像是 這兩個量又超多),不過看到 寫的「Skype 在 AMD 上的十方通話」之後,趕緊看一下是誰 crack 的。

因為在前陣子 合作,使得 只有在 平台上才能十方通話之後,我和某個同學就已經知道一定會被 crack 掉,問題是,會是哪位有名的大長輩 crack 的 XD

我是猜 這位對 DRM 感冒的長輩,而強者我同學則是猜前陣子惡搞 Intel-based MacOSX 的 ,太準了 XD

安全性問題 - 事先告知的義務

一般在發現 Security Issue 後都會以 mail 先通知負責的單位 (Vendor),直到提供 patch 或是修正問題後才會將 Security Issue 公諸於世。

不過,有時候也會遇到不想鳥你的單位... 這時候就光明正大的給他一腳吧 XD

IV. HISTORY
30th Jan, 2006 -Bug originally discovered
2nd Feb, 2006 - Vendor Notified
...
...
No vendor response
...
...
22nd Feb, 2006 -Vendor Notified again
22nd Feb, 2006 -Public Disclosre

請參考:Gmail Security Flaw Fixed

Norton 的誤判

Symantec Users, Start Your Keyloggers 看到的,當你在 irc channel 上輸入 "startkeylogger" 或 "stopkeylogger" 時,使用 Norton Internet Security 或 Norton Personal Firewall 的人就會自動離線 XD

原始的報導在 Malware-Speak Spooks Symantec 這裡:

Turns out that if someone types "startkeylogger" or "stopkeylogger" in an IRC channel, anyone on the channel using the affected Norton products will be immediately kicked off without warning.