The Sun Reporting Murdock Dead

**Sysman** · 19 July 2011, 11:16

Originally posted by NickFitz View Post

Media moguls body discoverd

Rupert Murdoch, the controversial media mogul, has reportedly been found dead in his garden, police announce.

Murdoch, aged 80, has said to have ingested a large quantity of palladium before stumbling into his famous topiary garden late last night, passing out in the early hours of the morning.

"We found the chemicals sitting beside a kitchen table, recently cooked," one officer states. "From what we can gather, Murdoch melted and consumed large quantities of it before exiting into his garden."

Chemicals found in house

Er, I bet you were all thinking of polonium there. Palladium is used in dental alloys and catalytic converters and is pretty inert[ (perhaps a spot of dermatitis will result).

There has been a suggestion that it refers to Microsoft's
Next-Generation Secure Computing Base (NGSCB), aka Palladium.

Criticism of Palladium

Bruce Schneier in his Crypto-Gram Newsletter wrote:

"There's a lot of good stuff in Pd, and a lot I like about it. There's also a lot I don't like, and am scared of. My fear is that Pd will lead us down a road where our computers are no longer our computers, but are instead owned by a variety of factions and companies all looking for a piece of our wallet. To the extent that Pd facilitates that reality, it's bad for society. I don't mind companies selling, renting, or licensing things to me, but the loss of the power, reach, and flexibility of the computer is too great a price to pay."

Another older link to Microsoft Palladium

MicrosoftPalladium is dead, see MicrosoftSecurity for future developments (May04)

...

TheRegister article which discusses the possibility of MicrosoftPalladium destroying the GPL: MS to eradicate GPL, hence Linux ? The Register

**DaveB** · 19 July 2011, 11:45

Originally posted by fullyautomatix View Post

If it was such a complete control of the server/CMS/file system whatever, why didnt they just modify the home page of "Sun" and put the story up there ? Why a redirect? and why not a server side redirect rather than a client redirect ?

Probably because they had complete control of the new-times.co.uk site and could do what they wanted with it, all they could do on the main Sun site was mess with it via the CMS.

**PinkPoshRat** · 19 July 2011, 12:27

someone please try to explain to me what an XSS attack is, in plain English please!

I'm guessing the 'SQL injection' means the database has stuff added to it?

I'm loving all of this twice as much as you guys are, not only is this all the best news story ever, but for me to try and understand what you're talking about is good fun too!!

**zeitghost** · 19 July 2011, 12:33

Don't worry, I don't know what they're talking about either.

If its got more than 4k of memory and you don't program it in assembler, I start getting panic attacks.

**Sockpuppet** · 19 July 2011, 12:42

Originally posted by PinkPoshRat View Post

someone please try to explain to me what an XSS attack is, in plain English please!

I'm guessing the 'SQL injection' means the database has stuff added to it?

XSS = Force one site to load infected info from another site. I.e. by having a security bug in a flash advert on your site and another site loads that you can infect users without taking over control of the other site.

SQL Inject = instead of your name write "SELECT * user_perms;" etc etc to read user info. A badly written website wouldn't escape that and instead of trying to insert your name in a comments form would insert the SQL you had written which the server will duly run.

**Bunk** · 19 July 2011, 12:47

An example of cross site scripting would be if we could write <script type="javascript/text">alert('hello');</script> in a post and then when people viewed the thread the javascript was executed. This example would be harmless but it could do far nastier stuff like sending your session information off to someone who could then use it to pretend to be you.

**DodgyAgent** · 19 July 2011, 12:48

It may be unfashionable to think it or say it but anyone who has helped to break the power of the Unions,to question the sanctity of the BBC and socialism in general (and introduce porn to TV)
is OK by me

**Bunk** · 19 July 2011, 12:51

Originally posted by DodgyAgent View Post

It may be unfashionable to think it or say it but anyone who has helped to break the power of the Unions,to question the sanctity of the BBC and socialism in general (and introduce porn to TV)
is OK by me

It's not proper porn though is it?

**PinkPoshRat** · 19 July 2011, 12:53

hmm, thanks that's got me sold on the idea of what to learn when I start on my new contract. I shall attempt to learn SQL

I know jack about SQL. I hope it fairly easy to learn from CBT stuff?

**Zippy** · 19 July 2011, 12:54

I think the Grauniad suggested there was a vulnerability in the Sun's "comment on this article" form, which could have allowed any SQL entered (as opposed to the usual 'i luv katie i think shes fab lol!') to be executed. The implication is that the Sun's web app passed this to the database without checking it first.

The Sun Reporting Murdock Dead

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

The Sun Reporting Murdock Dead

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

Tag Cloud