Posts by happygeek

What?

Let me rephrase that: WHAT?

Probably because it's not compatible with Windows 7, see: http://answers.microsoft.com/en-us/windows/forum/windows_7-hardware/how-do-i-install-a-hp-laserjet-1010-printer-using/4fbb4816-3ffb-4b49-897e-c800d0a0a9e0

which also includes a workaround.

I assume you have contacted/searched HP for a Windows 7 driver in case one is now available?

Seeing as this thread remains alive, if the price in the title is correct I reckon Microsoft paid precisely two dollars too much...

Is there a point anywhere in all of that?

A Drupal security advisory, SA-CORE-2014-005, rather embarrassingly states that:

Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution. Depending on the content of the requests this can lead to privilege escalation, arbitrary PHP execution, or other attacks. This vulnerability can be exploited by anonymous users.

I think that's a whoops, with an uppercase W. The highly critical SQL injection vulnerability is to be found in versions of Drupal 7 prior to 7.32 and users should immediately upgrade to 7.32 to fix the problem. The urgency for updating is confirmed by the fact that proof of concept sharing has been spotted on assorted dark web forums and there is at least one known live exploit out there.

Dwayne Melancon, CTO at Tripwire, told me that "the ever-increasing use of Open Source and third-party software components means this isn’t the last time we will see this kind of vulnerability – diligence is critical, and this is as much a supply chain issue as it is a technical one. This situation shares similarities with other recently discovered exploits such as ShellShock, Heartbleed, and the Poodle SSL vulnerability in that it is something that has been around for quite a while but just wasn’t known. Exploits, such as this one, that enable arbitrary command execution by unauthenticated remote users …

Actually Dropbox not hacked, and the majority of the logins posted so far either are not related to Dropbox or are from inactive accounts. Looks like yet another case of someone posting a database of stolen credentials that were being reused by people across sites and services, and the 'hacker' was trying all the major players to see if anything hit. Dropbox states it had already reset passwords on all accounts it had identitied at being at potential risk from this particular non-exploit.

More information needed if we are to help you, much more.

Try starting with the make and model of router and an explanation of precisely what the problem is and when it occurs.

Done :)

welcome, hope you get the help you are looking for.

So, Microsoft and iSIGHT uncovered another 0-day vulnerability; this time
impacting all supported versions of Microsoft Windows and Windows Server 2008 and 2012. iSIGHT has detailed in the wild exploits of the vulnerability, and points the finger of suspicion at state-sponsored Russian interests. The Dallas-based cybersecurity outfit explained that the exploit (dubbed Sandworm) showed visibility targeting Ukranian government organisations, Polish energy businesses and US academic organisations as well as NATO itself, and warned that there is an obvious potential for much broader targeting from the same and new threat actors.

The researchers have been tracking at least five distinct Russia-based intrusion teams according, one of which was based around mobile malware use and targeted US and European intelligence communities as well as jihadists and rebels in Chechnya. The Sandworm Team, however, has been active through late 2013 and throughout 2014 targeting victims with specific lures related to the Ukranian conflict via 'traditional' spear phishing techniques involving malware infected document attachments. The newly observed Microsoft Windows 0-day is the latest weapon to be deployed.

iSIGHT has seen evidence of the group attacking NATO with other exploits during December 2013, and more recently with spear-phishing attacks during the NATO summit on Ukraine held in Wales. In September it spotted that the spear-phishing attacks were reliant upon exploitation of this new 0-day vulnerability which impacted all supported versions of Microsoft Windows (from Vista SP2 to Windows 8.1) and Windows Server 2008 and 2012 and weaponised with an infected PowerPoint document. …

Three thoughts:

1. make sure it is fully charged - put it on charge for at least 30 minutes and try again

2. press/hold of the sleep button until red slider appears (slide it) then hold sleep button until Apple logo appears

3. connect it to iTunes via a laptop and see if it will come to life that way

I've used all three in the (distant) past when an iPad has gone comatose.

You are getting help, yet still you sent (10mins ago) a PM begging me to help you as you have to submit a project tomorrow and don't have time to do it yourself...

Please don't do that again.

In what article? You are posting a lot of nonsense all over the place, please cease and desist...

What?

HINT: we don't do your homework for you.

HINT: show us your code, explain what you are stuck with, and we will take it from there...

Not only what looks like a homework question, pretty much copied off the page, but also posted in the wrong place (this is the community centre which is a lounge area for kicking back in) and you didn't even bother to think about adding any detail about the language you are using to do this.

Sigh. Not a good start.

Read the rules in particular this one:

provide evidence of having done some work yourself if posting questions from school or work assignments

and this one:

read the forum description to ensure it is is relevant for your posting

Now, go to the forum which is appropriate to your query in terms of programming language and ask your question again but this time showing the code that you have produced so far and where you are getting stuck with it.

Welcome to all

Follow the link and take a read, will save you falling into trouble unawares :)

Please see the rules, which include:

Do not ask for help to pursue any illegal activity including, but not limited to, hacking and spamming

With what?

Second rule: don't spam our forums with your adverts

(why ask about the rules if you are only here to flout them?)

Number four sums it up. Also applies to posting stuff on DaniWeb you don't want your teacher/employer/wife to see...

Domain Authority and Page Authority. That said, doesn't make the posting any more understandable the way it is written.

My worse fears confirmed. We will miss you Mel. The world of programming will miss you Mel. One of the most helpful and knowledgeable guys ever to have blessed DaniWeb with his presence.

:'-(

At the start of the year, DaniWeb reported how Snapchat, the self-destruct photo messaging service, had been hacked and information regarding 4.5 million users had been stolen. Fast forward to now, and Snapchat is again in the mire: nude images have started to appear on 4chan which have been stolen from Snapchat accounts.

According to new reports images from 200,000 Snapchat accounts have been stolen and are now starting to appear online. Snapchat itself denies that its own servers have been breached, however it does confirm that accounts have been hacked. This rather confusing admission would appear to be due to Snapchat account holders using third party apps to send and receive their photos, something that Snapchat prohibits in the terms of use because of the security risk. Indeed, Snapchat has been successful in having such apps removed from Google Play and the App Store, but inevitably there are plenty out there and plenty in use.

In case you have not come across Snapchat before, it's basically an application driven service which enables users to post images, video and text on a time limited basis to a group of recipient users. These 'snaps' self-destruct, sort of, after 10 seconds. That is, there is a 10 second window during which the recipient can see them after which they are no longer available for viewing. Unless the recipient saves it using a screengrabber, or uses a different app to access the service, and so on. The fact that …

Try asking that again in a way that makes any sense at all...

Unless you are asking for a pirate copy of Windows 8, in which case that's against our rules and you are on very thin ice indeed.

Why would anyone send you their work so you don't have to do yours? Or have I totally misunderstood what you are asking here?

Did you not read the reply, which gives the information you seek, before posting? Or are you just replying to everything regardless and not actually bothering to read the conversation first? At the moment, it certainly seems like the latter.

Sometimes less is more...

I think you may need to be more specific.

Which version of Windows?
Tips for doing what?

Do you have any deadlines written into the contract/agreement that you have with her? If you are concerned with the time being taken then chase her up, after all you are paying her for a service here...

Useful information about the evolution of Shellshock attack payloads to be found here:

http://research.zscaler.com/2014/10/bashed-evolution-of-shellshock-attack.html

There are a whole host of sub-issues (for want of a better word) that have been discovered, and so you should ensure you have the latest patch as applicable.

No you can't post them here, this is the community forum. Once again, the correct answer was already given a couple of weeks ago. Please do not post for the sake of it, or just to build up your post count.

As well as being CEO of penetration testing specialists High-Tech Bridge, Ilia Kolochenko is also perhaps unsurprisingly a white hat hacker of some repute. Equally unsurprising is the fact that he has warned that security vulnerabilities in leading CMS platforms such as Drupal, Joomla and WordPress are effectively leaving the security door wide open for hackers to walk through.

Kolochenko refers to the threat posed by old plugins, passwords and extensions as being the 'Achilles heel of popular CMS' and for good reason. High-Tech Bridge regularly tests popular CMSs via the ImmuniWeb online penetration testing service and equally regularly, sadly, discovers vulnerabilities therein. It follows a strategy of responsible disclosure, which I'm all in favour of, whereby any vulnerabilities are reported to the vendor with immediate effect but no public disclosure (other than a broad statement without exploitable details) is made for three weeks. This gives the vendor ample time to do something about it, and should encourage those who are a bit slow off the mark to focus attention on a fix. All without alerting the bad guys as to how to create code to exploit the hole.

This is obviously a good thing for all of us, with many Joomla and WordPress vulnerabilities coming to light this way, and being patched before any damage can be done. Unfortunately, black as well as white hat hackers do the research and it's always something of an ongoing race to find the holes first. The difference being that the …

It's a hark back to the past.

Ten is the number of people who liked Windows Me, and Microsoft is aiming on bettering that after Vista and 8 failed to make it.

The news that JPMorgan Chase & Co, which is the largest of the US banks with a reach that extends to half of all American households, has been breached will surprise nobody. At least not in the sense that this is old news, with a disclosure of the event happening in August. The actual breach was discovered by the bank back in July, and is thought to have been active for at least a month prior to that. What is surprising, however, is that a financial organisation of such a size and reputation should fall victim to such a breach in the first place. One highly placed individual in the IT security business told me over a pint that "if it can happen to JP Morgan then, frankly, it can happen to anyone" and that wasn't just the drink talking. Also surprising was the claim that a million accounts had been compromised during the breach, a claim made during the initial disclosure.

Just before the weekend the surprise level went off the scale as the New York-based bank revealed, via a regulatory filing, that the actual numbers were a little higher. How much higher? How does 76 million households and 7 million small businesses higher strike you? Of course, this can be played down by comparing it to other mega-breach statistics: the Target attack last year hit 110 million accounts, and the more recent eBay hack 145 million. That doesn't make the JP Morgan numbers any the less striking though, …

I should probably infract myself for circumventing the curse filter...

I think, more often than not, if someone knows you are wrong and has spotted the error then they will want to point it out. This could be because they want to help you or the OP, or it could be because it massages their ego, but they would usually want to make the correction nonetheless.

The downvote issue, rather than rep as such, can often be nothing more than a finger slip or a knee jerk reaction, a bad hair day or some knobend who has simply taken a dislike to you for whatever reason. Most of us just ignore the up/down vote stuff to be honest, as we appreciate how fickle it can be.

Get a virtual divorce?

Usually 2 in my never humble opinion.

What Prit said. Reputation building takes time, and to be honest you are not doing badly considering you have only been here a week! I'd be impressed with your rep after that short amount of time.

Just remember you cannot please all the people all of the time and move on, but stick around as your contributions are appreciated...

If heads were to roll they would have done four years ago. See date of orginal news story post...

I suspect that your issue here might well be related.

Did you run that full malware scan, and if so what were the results?

It's a pretty common name :)

More news from the security research labs:

FireEye has discovered that cyber attackers have already mobilised to use BASH Shellshock bug and suspect that they may be conducting initial dry runs in preparation for a real, potentially larger scale, attack. Some of the suspicious activity appears to be originating from Russia, although there has been frenzied activity from all over the world. It’s believed that it’s only a matter of time before attackers exploit the vulnerability to redirect users to malicious hosts, which can result in further compromise. So far, the Common Gateway Interface vector (an interface between a web server and executables that produce dynamic content) has received the bulk of the focus from attackers, however, the reach of the BASH Shellshock bug doesn’t stop at web servers. Any application that relies on user-controlled data to set OS-level environment variables and then invokes the shell from that same context can trigger the vulnerability. In other words, web applications relying on a specific type of user input can be manipulated to make clients (i.e., consumers) vulnerable to attack.

15 mins. ROFL...

Nobody here is going to do your homework for you buddy. Tell us exactly what you are stuck with and someone might be able to point you in the right direction.

I don't think that looking young is a barrier to marriage, and anyway why are you even thinking about marriage as a teen? Enjoy life first, says the man who has been married three times...

Rubberman has already told you.

Please note, we do not help people to use pirated software...

What code?

What do you need help with?

You're not helping yourself much here so far..,

If you are basing your marriage potential on facial hair then, frankly, I imagine you are going to be single for some time. Unless you sign up with beardedladydating.com of course...