Silviu

Are you fucking idiot? You cannot scan my site LOL! o.O A mers prima data, dar nu afiseaza IP-ul actual.

The National Institute of Standards and Technology (NIST) had published a document on Jan 2011 that the SHA-1 algorithm will be risky and should be disallowed after year 2013, but it was recently noticed by Netcraft experts that NIST.gov website itself were using 2014 dated SSL certificate with SHA-1 hashes. "From January 1, 2011 through December 31, 2013, the use of SHA-1 is deprecated for digital signature generation. The user must accept risk when SHA-1 is used, particularly when approaching the December 31, 2013 upper limit. SHA-1 shall not be used for digital signature generation after December 31, 2013." NIST in the document. Digital signatures facilitate the safe exchange of electronic documents by providing a way to test both the authenticity and the integrity of information exchanged digitally. Authenticity means when you sign data with a digital signature, someone else can verify the signature, and can confirm that the data originated from you and was not altered after you signed it. A digital certificate is essentially a bit of information that tells the Web server is trusted. Digital signatures are usually applied to hash values that represent larger data. A Cryptographic hash function like MD5 and SHA-1 can transform input of an arbitrary length to an output of a certain number of bits, typically 128 or 160 bits. The output is called the hash value. SHA-1 is a hashing algorithm that is currently enjoying widespread adoption. SHA-1 is a 160-bit hash functions, whose job is to ensure the integrity of a given piece of data. Different data yield unique hash values, and any change to a given piece of data will result in a different hash value. This was designed by the National Security Agency (NSA) to be a part of the Digital Signature Algorithm. But in 2005, Cryptographic weaknesses were discovered in SHA-1. Hashes are designed to minimize the probability that two different pieces of data yield the same hash values, but yes, it is possible that two different data can have the same hash value, according to Cryptographic hash collision theory. In February 2005, three female Chinese researchers - Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu have reduced the amount of time needed to find two documents with the same signature. Brute-force is the best way to find such collision points, where two messages can have the same hash value. The Strength of digital signature is determined by the cryptographic key i.e. 160-bit for SHA-1. There are 2160 possible SHA-1 hash values and mathematical theory of Chinese researchers tell us that the chances that any two different pieces of data computing to the same value should be about 1 in 269, and the process is about 2,000 times faster than brute force. At that time, it was predicted that practically doing so would take thousands of years, but today with modern cloud computing technology, such crypto attacks would cost only $700,000, which is an affordable project for well funded hacking group or Intelligence agencies like the NSA, GCHQ. So it is potentially possible to exploit the SHA-1 crypto hash to spoof any digital signatures, and this is the reason that SHA-1 is being phased out of most governmental applications, and that NIST has recommended that SHA-1 not be used after 2013. "An attacker able to find SHA-1 collisions could carefully construct a pair of certificates with colliding SHA-1 hashes: one a conventional certificate to be signed by a trusted CA, the other a sub-CA certificate able to be used to sign arbitrary SSL certificates. By substituting the signature of the CA-signed certificate into the sub-CA certificate, certificate chains containing the attacker-controlled sub-CA certificate will pass browser verification checks. This attack is, however, made more difficult by path constraints and the inclusion of unpredictable data in the certificate before signing it." Netcraft expert said. For the use of digital signatures, we need the collision resistance property of the hash function. So, the latest Digital certificates of NIST are now verified by VeriSign, and using SHA-2 (SHA-256) with RSA in their certificates. "In total, more than 98% of all SSL certificates in use on the Web are still using SHA-1 signatures. Netcraft's February 2014 SSL Survey found more than 256,000 of these certificates would otherwise be valid beyond the start of 2017 and, due to the planned deprecation of SHA-1, will need to be replaced before their natural expiry dates." But not only NIST, other US government organizations are also using an outdated hashing algorithm, including Obamacare website healthcare.gov, donogc.navy.mil and several others. owever, in the same document, NIST also published a deadline of December 31, 2013 for switching over 1024 to 2048-bit certificate. In February 2013, Symantec announced a multi-algorithm SSL certificates for Web servers that go beyond traditional crypto to include what’s known as the Elliptic Curve Cryptography (ECC) Digital Signature Algorithm (DSA). ECC offers greater security as compared to other prevalent algorithms and 10,000 times harder to break than an RSA-bit key, i.e. Symantec ECC-256 certificates will offer equivalent security of a 3072-bit RSA certificate. Sursa: thehackernews.com

Smartphone manufacturers are adding ways for owners to track and manage their phones if they ever get lost or stolen. Find My iPhone is a service that comes with every iOS device that allows you to track your iPhone, whether it was lost or stolen. Normally, the iPhone requires a password if you want to deactivate “Find My iPhone”, but it isn’t entirely perfect and thieves are now smart enough to disable 'Find My iPhone' on devices running iOS 7.0.4 and lower version, without having to enter a password. The exploit was discovered and demonstrated security researcher 'Bradley Williams' and performing a successful bypass means you won’t be able to locate, make sound and wipe out. The vulnerability could put the devices at risk, and the exploitation method involves a few simple steps that involve making changes in the iCloud settings, even if they don’t know the password. Steps to hack 'Find My iPhone': Navigate to iCloud in the settings. Select your account. Change the password to an incorrect one, then taps Done. When display 'wrong password' warning, Tap OK and then tap Cancel. Reselect your account. Empty the description field and then press Done. You will notice Find My iPhone is now toggled off. The exploitation also requires physical access to the device, and then only works if the user hasn't set a passcode or enabled the iPhone 5S fingerprint-based Touch ID system and hackers are not able to reproduce it iOS 7.1 beta version, that means the flaw will be fixed in the next iOS update, which is expected to hit the devices in March. Users are recommended to activate Apple’s device Lock system, which blocks a thief from erasing and re-activating a stolen phone unless they enter your Apple ID and password. Sursa: thehackernews.com

Incearca sa ii suni seara, pe la 8, ar trebui sa fie mai lejer, eu mereu am prins pe la ora aia in sub 5 minute.

Suna frate la ei si rezolvi mult mai repede.

E clar ceva necurat. Parca e facut dinadins cu 911 la sfarsit pentru faza de dupa cumparare.. Deci nu te aventura, suna prea bine ca sa fie real.

Il faci in Microsoft Word si il salvezi .html si cu asta ai terminat. Succesuri!

Spune-i sa faca Withdraw, ca tu vrei cash. Nu te risca la suma asta, parerea mea.

Lasati bre streroizii, in primul rand sunt ilegali si in al doilea rand, iti cresc organele de la ei, nu alea la care va ganditi voi, ti se maresc inima, ficatul si altele, asa ca daca vrei sa mori de tanar, baga prostii in tine. Eu sunt pe principiul ca daca asa te-a lasat Dumnezeu, nu are rost sa iti futi metabolismul ampulea.

Nu va mai contraziceti atat pe niste prostii. Un antivirus e bun atunci cand il cumperi. Cum zici tu cu patch-uirea e valabila decat daca o faci tu personal, atunci ai incredere ca nu te arzi singur si in al doilea rand ESET-ul era bun si el odata, pe vremuri. Ce spui tu acum e ca si cum ai imbraca un puscarias cu o camasa de forta din plastilina sau cum ti-ai instala un virus pe post de antivirus. Eu zic sa inchida cineva topicul. Edit: Am scris in paralel cu IMAGINARY .

Ce iti returneaza graph.facebook.com este in format JSON. Te sfatuiesc sa citesti aici PHP: json_decode - Manual apoi sa folosesti o functie curl simpla care sa iti preia continutul, sa faci un json_decode variabilei si apoi sa accesezi obiectele/elementele matricilor de care ai nevoie.

Pentru inceput ai putea sa scoti balaria aia de semnatura (e prea mare) si sa citesti regulile.

Pot sa iti spun ca ai muncit de pomana sa faci ditamai carnatul de script care consuma si o gramada de memorie si banda. Solutia light: http://graph.facebook.com/idpagina si extragi frumos din matrice ce ai nevoie.

Pentru o curva probabil. La varsta asta e greu sa mai faci ceva, cunosc un prieten caruia ii lipseau cativa cm si nu a putut sa dea la politie. Incearca inot.

Tocmai de aia trebuie executat din consola, dupa cum a precizat si autorul sau cum vrei tu, dar nu am umblat eu cu servere web pe windows si nu stiu ce trebuie configurat ca sa iti ia functia ce ti-am dat-o. Incearca eventual pe alt hosting sau fa o masina virtuala cu linux pe ea si incearca de acolo.

Pune la inceputul scriptului set_time_limit(0);

Pai odata ce tu folosesti serverul omului sa iti tii jegurile de boti pe el, ci nu sa ii testezi calitatea pentru a-ti forma o opinie ca potential client, ce impresie crezi ca lasi cand iti bati joc de munca cuiva? E cum le-ai zice la tovarasi: "Mi-a lasat Ion cheia de la casa 4 ore, hai sa ne batem joc de ce are prin casa", sper ca ai prins ideea si vei folosi data viitoare ce ti se ofera intr-un mod constructiv.

Inchide careva balaria asta de topic?

Bump!

Luata de pe emag, folosita aproape deloc, garantie 2 ani, rootata, pret 450 lei sau 500 lei cu husa si tastatura luate saptamana trecuta. --- Nota de la imparat Ramaneti ontopic ca va ard @aelius

Cu un DD-WRT pe ele si la banii lor eu zic ca sunt destul de ok, acum depinde ce pretentii ai si de la ele, ca asa nici dacia nu e BMW.

Ai baut gaz.

Omul a crezut ca escrow-ul e bunul simt si reputatia, respectiv data inregistrarii. Oricum de la un user cu 15 posturi nu as avea incredere nici cu escrow pentru ca nu as stii de unde are ala banii sau ce invarte, dar la un user vechi macar ai speranta ca are niste principii formate, dar nu intotdeauna e asa.