Grocery Store Wars

I just found this link in another blog:

It’s the Meatrix for veget­ables :)


Kernel Entropy

There seems to be an issue with linux kernels > 2.6.10 and kernel generated entropy. As /dev/random is required for almost every cryp­to­graph­ic procedure in linux, the amount of available entroy is important. With kernel version 2.6.10 available entropy is about 4000 bytes. With kernel version 2.6.12, however, the entropy oscil­lates between 600 and 3500 bytes with a median of 800 bytes. This behavior has been observed inde­pend­ently on three different systems. The diagram below points out the problem. Today at 11:40 I down­graded to a 2.6.10 kernel.

Linux kernel entropy

Maybe it’s a kernel bug? We’ll keep track of it…

Update: It seems to be a feature. Maybe it’s the “peri­od­icity detection fix” patch intro­duced in 2.6.11? It primarily targeted the input layer, though. This is a server, it has no keyboard or mouse input.

Binary World Uncategorized

WordPress Exploit

WordPress < = is vul­ner­able to a server-side XSS attack. It requires register\_globals
to be turned on. If you can’t disable regis­tra­tion of global variables you might want to enable safe\_mode or disable some of the unsafe functions by adding

disable_functions = exec, system, passthru

to your php.ini.

Found on fh’s blog