The heightened state of unease over the possibility of a 'Con Air' sequel resulted in an influx of security personnel. It just goes to show, when it comes to Nic Cage, the need for increased security is always 'Raising Arizona.'

Shipped in Windows 11 Insider Preview Build 26052. https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html claims it has a big security problem that makes the program accept calls to elevate from anywhere once first run

Edit:

1. The security problem has been internally fixed and will be available in the next release
2. It's not just an alias for 'runas'. It seems to be able to configurably block user input for sudo'd commands, retain the existing environment, ditch it and open a new window, and remember that you've sudo'd in the last minute or so.
3. It brings up UAC instead of having you input the password

This news is from almost exactly 8 years ago. Softpedia reported 13 days later that eBay partially patched it, but the patch was insufficient. I could not find further updates, but I do know that eBay has since removed more advanced JavaScript (incl. JSFuck) from all listings in 2017.

"An attacker could target eBay users by sending them a legitimate page that contains malicious code," Check Point researcher Oded Vanunu wrote in a blog post published Tuesday. "Customers can be tricked into opening the page, and the code will then be executed by the user's browser or mobile app, leading to multiple ominous scenarios that range from phishing to binary download."

To exploit this vulnerability, all an attacker needs to do is create an online eBay store. In his store details, he posts a maliciously crafted item description. eBay prevents users from including scripts or iFrames by filtering out those HTML tags. However, by using JSF**k, the attacker is able to create a code that will load an additional JS code from his server. This allows the attacker to insert a remote controllable JavaScript that he can adjust to, for example, create multiple payloads for a different user agent.

eBay performs simple verification but only strips alpha-numeric characters from inside the script tags. The JSF**k technique allows the attackers to get around this protection by using a very limited and reduced number of characters.

eBay has no plans to fix a "severe" vulnerability that allows attackers to use the company's trusted website to distribute malicious code and phishing pages, researchers from security firm Check Point Software said.

In an e-mail sent to Ars after [their article] went live, eBay officials wrote: " "eBay is committed to providing a safe and secure marketplace for our millions of customers around the world. We take reported security issues very seriously, and work quickly to evaluate them within the context of our entire security infrastructure. We have not found any fraudulent activity stemming from this incident.”

The e-mail added:

Also, it's important to understand that we have been in touch with the researcher and have implemented various security filters based on his findings to detect this exploit. Since we allow active content on our site it's important to understand that malicious content on our marketplace is extraordinarily uncommon, which we estimate to be less than two listings per million that use active content on the eBay marketplace.

In other news, URLs are now delimited by a space rather than a comma when updating manifests. Komac uses a very small amount amount of memory and has been heavily optimised to minimise memory usage (especially heap allocations). Updating Android Studio (a 1GB+ binary) consistently took just ~3.5mb memory. Komac now has a significantly more accurate way of checking if an installer was created with Inno/NSIS instead of just checking for some magic bytes. As of this release, the uncompressed x64 portable binary stands at just ~7.5mb and doesn't require runtimes like the JVM. The Windows installers add Komac to path (allowing you to just run komac in a terminal) and stand at less than 3.5mb.

The incorrect book. Note that his father only died in 1909 of liver issues. Jughashvili was upset when he learned that Keke had enrolled Ioseb in school, instead hoping his son would follow his path and become a cobbler. This led to a major incident in January 1890. Ioseb had been struck by a phaeton, severely injuring him. Ioseb is the former name of Stalin.

this is why wayland will never be used /s

Apparently it's got a feature that allows moving the mouse pointer using arrow keys, and for some reason sometimes it doesn't stop listening when the window loses focus, so Paint was running in the background since I often use it and it was still doing its job of moving the mouse.

Jesus Christ, just add an if statement for even or odd!

Why not "NINAA"? Because then it would be an acronym.

The original post uses "roll-up" instead of "catch-all" for some reason. I meant to crosspost this hours ago but something happened, sorry.

There is a long-festering problem in some tags where some questions are closed by dupehammers, using a single roll-up question as the duplicate target. A "roll-up" question is defined here as a question trying to cover multiple minor topics within one question and a set of answers. So this Java question about null pointer exceptions does not qualify, as it is about a single topic.

A prime example would be this regex roll-up which has a large number of duplicates. This was by design.

Questions that are clear duplicates, but you can't find one quickly.

To be fair, PHP and other tags have such roll-ups (example), and I have participated in hammering them as such. And there are a lot of questions that are low quality, where the temptation is to simply close them as the duplicates of the roll-up. I mean, it answers the question, doesn't it?

The problem is that this has started to promote two undesirable community actions:

Lazy closure

Dupehammers are a "one and done" action. Moreover, there is a belief is that these questions answer all the "core" elements and are therefore "useful" in low quality situations. The question for regex theoretically covers all symbols used within, so why isn't that useful? But this type of closure assumes that the roll-up covers all cases. The danger of dupehammers has always been that the target question doesn't really cover a specific use case. Lazy closure doesn't even bother to find that out first. Thus it becomes the action of choice for dupehammer users. It's problematic, but the community largely self-regulates this so it's not been a major issue. A low quality question can be closed for many other reasons beyond duplicate.

Tag gatekeeping

This action is the more problematic one. What we've been seeing for some time are "brigades" (for lack of any better term) of users who are committed to ensuring that only questions they see fit in a tag are open. Thus we get a number of these:

Dupehammer 40000

What this has turned into is not laziness, but deliberate actions, where we see the same users doing this over and over. Or, to quote a comment under the question I got the screenshot from:

I invite readers to examine the earlier question and ask themselves if any question could possibly be a duplicate of that question. If the answer is "no", please vote to reopen (and leave a comment giving your reasons for doing so). Closing this question, in this way, is sending a clear message to Peter, the OP (the polite version): "get lost". This catch-all closing of questions having a "regex" tag must stop.

I don't know that it sends a "get lost" message, as much as it sends another message moderators have been fighting against for years: RTFM. What these roll-ups have become, in essence, is another "fine" manual for users to read. Duplicate closure like this is basically throwing a volume of information at users and telling them "Figure out what, in this giant pile of information, answers your question." That's not useful.
It also effectively acts as a veto for anything any dupehammer user sees fit to close it as. Roll-up questions worked well as a philosophy for a long time, but (as the old saying goes), this is why we can't have nice things.

The rule

The rule would be as follows:

Roll-up questions are useful in general, but may not provide enough guidance to users with specific questions, and serve as poor signposts to users looking for specific answers. Please use only specific questions for duplicate closure.

FAQ

• Moderators would enforce this new rule. No system changes would be made.
• Moderators would find out about violations via flags. Moderators already get an autoflag for closure disputes, and users could flag instances of this rule being violated.
• Enforcement would follow standard enforcement: A warning on the first offense and suspension for subsequent violations.
• Any other duplicate closure would still be allowed. If someone feels strongly enough that it's a duplicate, they should go find that specific question. Moderators will still not solve duplicate disputes, but the list of roll-up questions isn't long, and it's a fairly objective standard to enforce.

of tariffs, imports and customs. Justice Horace Gray delivered the opinion of the Court in holding that the Tariff Act of 1883 used the ordinary meaning of the words "fruit" and "vegetable", instead of the technical botanical meaning.

In 1883, President Chester A. Arthur signed the Tariff Act of March 3, 1883, requiring a tax to be paid on imported vegetables, but not fruit. The John Nix & Co. company filed a suit against Edward L. Hedden, Collector of the Port of New York, to recover back duties paid under protest. They argued against the tariff by pointing out that, botanically, a tomato is a fruit due to its seed-bearing structure growing from the flowering part of a plant.

At the trial, the plaintiffs' counsel entered into evidence definitions of the words "fruit" and "vegetables" from Webster's Dictionary, Worcester's Dictionary, and the Imperial Dictionary. They called two witnesses, who had been in the business of selling fruit and vegetables for 30 years, and asked them, after hearing these definitions, to say whether these words had "any special meaning in trade or commerce, different from those read".

Both the plaintiffs' counsel and the defendant's counsel made use of the dictionaries. The plaintiffs' counsel read in evidence from the same dictionaries the definitions of the word tomato, while the defendant's counsel then read in evidence from Webster's Dictionary the definitions of the words pea, eggplant, cucumber, squash, and pepper. Countering this, the plaintiff then read in evidence from Webster's and Worcester's dictionaries the definitions of potato, turnip, parsnip, cauliflower, cabbage, carrot and bean.

Justice Gray, citing several Supreme Court cases (Brown v. Piper, 91 U.S. 37, 42, and Jones v. U.S., 137 U.S. 202, 216) stated that when words have acquired no special meaning in trade or commerce, the ordinary meaning must be used by the court. In this case dictionaries cannot be admitted as evidence, but only as aids to the memory and understanding of the court. Gray acknowledged that botanically, tomatoes are classified as a "fruit of the vine"; nevertheless, they are seen as vegetables because they were usually eaten as a main course instead of being eaten as a dessert. In making his decision, Justice Gray mentioned another case where it had been claimed that beans were seeds — Justice Bradley, in Robertson v. Salomon, 130 U.S. 412, 414, similarly found that though a bean is botanically a seed, in common parlance a bean is seen as a vegetable. While on the subject, Gray clarified the status of the cucumber, squash, pea, and bean.

Nix has been cited in three Supreme Court decisions as a precedent for court interpretation of common meanings, especially dictionary definitions. (Sonn v. Maggone, 159 U.S. 417 (1895); Saltonstall v. Wiebusch & Hilger, 156 U.S. 601 (1895); and Cadwalader v. Zeh, 151 U.S. 171 (1894)). Additionally, in JSG Trading Corp. v. Tray-Wrap, Inc., 917 F.2d 75 (2d Cir. 1990), a case unrelated to Nix aside from the shared focus on tomatoes, a judge wrote the following paragraph citing the case:

In common parlance tomatoes are vegetables, as the Supreme Court observed long ago [see Nix v. Hedden 149 U.S. 304, 307, 13 S.Ct. 881, 882, 37 L.Ed. 745 (1893)], although botanically speaking they are actually a fruit. [26 Encyclopedia Americana 832 (Int'l. ed. 1981)]. Regardless of classification, people have been enjoying tomatoes for centuries; even Mr. Pickwick, as Dickens relates, ate his chops in "tomata" sauce.

In 2005, supporters in the New Jersey legislature cited Nix as a basis for a bill designating the tomato as the official state vegetable.