It’s not quite the same type of hybrid drive-train you’d see in street vehicles, but in an exciting announcement, Max Mosely of F1 has announced that all cars will become hybrid by 2013, along with other changes to the vehicles.
The hybrid system that will be phased in is known as KERS, which stands for Kenetic Energy Recovery System. KERS doesn’t store as much energy as a traditional hybrid system, but it only weighs 55 pounds and the limited energy storage capacity is well suited for Formula-style racing.
The biggest difference between KERS and a regular battery-electric hybrid is that KERS stores recovered waste energy in a rotating flywheel. Instead of converting waste energy into electricity and than back into useful energy again with an electric motor, KERS simply transfers the kenetic energy to a ~5kg flywheel in the F1 car’s transmission. The energy stored in the flywheel can then be used by the driver by pushing a “boost” button.
RE: Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications
Topic: Technology
3:00 pm EDT, Apr 19, 2008
Key Design Points The most important design question for constructing the constraint formula is to figure out what instructions to include in the formula. We need to include all the instructions for an exploitable path for the solver to generate a candidate exploit. However, the number of exploitable paths is usually only a fraction of all paths to the new check. Should the formula cover all such execution paths, some of them, or just one? We consider three approaches to answering this question: a dynamic approach which considers only a single path at a time, a static approach which considers multiple paths in the CFG without enumerating them, and a combined dynamic and static approach.
This is a really good example of combining Static Analysis and Dynamic Analysis to find and verify security vulnerabilities. Come see my Summercon presentation for more on this topic.
Wanna see a 7ft tall Bearcat mascott stiff arm a bunch of 10 year old kids into the ground? These mascots sure don't seem like they're taking it easy on the kids.
The evidence is now overwhelming that Mark Dowd was, in fact, sent back through time to kill the mother of the person who will grow up to challenge SkyNet. Please direct your attention to Dowd’s 25-page bombshell on a Flash bytecode attack.
Some context. Reliable Flash vulnerabilities are catastrophes. In 2008, we have lots of different browsers. We have different versions of the OS, and we have Mac users. But we’ve only got one Flash vendor, and everyone has Flash installed. Why do you care about Flash exploits? Because in the field, any one of them wins a commanding majority of browser installs for an attacker. It is the Cyberdyne Systems Model 101 of clientsides.
So that’s pretty bad-ass. But that’s not why the fate of humanity demands that we hunt down Dowd and dissolve him in molten steel.
Look at the details of this attack. It’s a weaponized NULL pointer attack that desynchronizes a bytecode verifier to slip malicious ActionScript bytecode into the Flash runtime. If you’re not an exploit writer, think of it this way: you know that crazy version of Super Mario Brothers that Japan refused to ship to the US markets because they thought the difficulty would upset and provoke us? This is the exploit equivalent of that guy who played the perfect game of it on YouTube.
The Office TV Show Series on NBC Is Back 04.10.2008 9PM EST
Topic: Miscellaneous
4:48 pm EDT, Apr 10, 2008
DINNER PARTY 9/8c TV-PG 04.10.2008
GUESS WHO'S COMING TO DINNER - Pam (Jenna Fischer) and Jim (John Krasinski) find they have run out of excuses and are forced to go to Jan (Melora Hardin) and Michael's (Golden Globe winner Steve Carell) house for dinner. When Andy (Ed Helms) and Angela (Angela Kinsey) are also invited to dinner, Dwight's (Rainn Wilson) jealousy gets the best of him. Leslie David Baker, Brian Baumgartner, Kate Flannery, Oscar Nunez, Phyllis Smith, Paul Lieberstein, Mindy Kaling and Creed Bratton also star.
SANS Internet Storm Center - Advanced obfuscated JavaScript analysis
Topic: Technology
7:08 pm EDT, Apr 9, 2008
When we got contacted by ISC reader Greg in Hungary, whose web server had been hacked and adorned with a couple of obfuscated JavaScript files, we expected a variant of the "nmidahena" injection and a closed case. JavaScript is an interpreted language, and while the obfuscation attempts we see are getting more creative, the scripts can usually still be coerced quite easily into divulging their secrets. ISC handler Lenny Zeltser teaches the SANS course on malware analysis, and ISC handler Bojan Zdrnja wrote the portion on JavaScript analysis for that course, so we are usually able to make short work of bad stuff.
Cool example of self-defending javascript malware.
Polish , Czech, Slovak, Hungarian , German style of food. Sausages, meats, cheese, breads, rolls, struedels, popy seed rolls, dumplings, pierogies. Imported jar products, mineral water, juices. Czech and Polish beer. Take-out catering, European style sauerkraut, Goulash, Soups, Fleish salad, Cod fish salad and more.
550 S Main St Ste.100 Woodstock GA 30188 Tel: 678-238-0567 Hours: Thue-Sat 11 - 7 pm.
And we'll make a good goulash baby. Dio time to go!
