Archive for April 2003

Student’s Web site hacked by al-Qaida

FAST protocol

Space.com: Pushing the Speed Limit: For Researchers, the Internet Just Got Faster
“Unlike the single path TCP protocol, FAST uses 10 parallel routes for its delivery, allowing researchers to send massive amounts of data while still keeping the size of each information packet down to current standards. During a data transfer, FAST monitors network congestion and rapidly adjusts the amount of information being sent to ensure a prompt delivery. … In comparison tests using only one pathway to send data from the Sunnyvale facility to CERN, a distance of about 6,236 miles (10,037 kilometers), FAST was still more than three times as efficient as the standard TCP method.”

Habeas sues haiku abusers

The Register:Habeas sues haiku abusers
“The first suit, against Avalend and Intermark Media, alleges infringement of the Habeas trademark in attempts to get junk mail delivered. The second lawsuit, against Dale Heller, Stan Stuchinski (BigDogSecrets.com), Clickbank and Keynetics, covers a breach of contract claim against Heller, a Habeas licensee.”

Ten Security Checks for PHP

ONLamp.com: Ten Security Checks for PHP
[Part 1]
[Part 2]

Checkershadow Illusion

Grady Booch on future of software development

“the fatal flaw of web services”

Mark Baker: Why bad design always trumps hype; the fatal flaw of Web services [April 02, 2003]
“First, bad design cannot be masked. And second, that Web services’ lack of use of a coordination language is an example of bad design.”

Buffer Overflow Solutions in OpenBSD

OpenBSD: Buffer Overflow “Solutions” – KernelTrap
Theo de Raadt: “In the last while, a couple of people in OpenBSD have been putting
some buffer overflow “solutions” into our source tree; under my
continual prodding. I thought I would summarize some of these and how
they fit together, since what I have seen written up so far has been
wildly inaccurate. (Bad reporter, no cookie).

These are, in short form:

1) PROT_* purity
2) W^X
3) .rodata
4) propolice”

[See also grsecurity
and
Immunix
which includes StackGuard.]

NYSERNet settles

Rochester Democrat & Chronicle: Web firm settles U.S. grant case