Archive for 'April, 2003'

From NTBUGTRAQ:

I expect this will be all over the web shortly.

This tiny bit of code will apparently crash any component of Windows that uses the IE rendering engine. That includes IE, Outlook Express and the Explorer itself.

[html]
[form]
[input type crash]
[/form]
[/html]

I’ve replaced the standard HTML tag characters with square brackets to make sure it can’t DoS you Microsoft Victims.

It seems to crash explorer.exe when the .html file containing the
code is copied into any folder.

Technical details:

IE tries to compare the type of the input field to “HIDDEN”, to see if it
should be rendered. When there is no type string, a null-pointer is used. mshtml.dll calls shlwapi.dll#158 @ 0x636f0037 with a pointer to a static unicode string “HIDDEN” and a null-pointer. shlwapi.dll#158 does a case-insensitive comparison of two unicode strings:
it reads from address 0×0 because of the null-pointer and thus causes an exception.

This is not exploitable, other then a DoS because there is no memory mapped @ 0×0 and even if you could load something there, you could only compare it to “HIDDEN” which gets you nowhere.

Plain HTML is a dangerous language

My mail server rejects HTML email – and I’ve been criticised for being so “anal” about it. I guess things like this just validate the block.

Ok yeah, I crumbled… I wasn’t going to do it as I waste too much damn time on this Ninternet thing already.

I’ve added this site and e3 to blogshares.com to see how we fare.

Go buy some shares!

http://www.blogshares.com

Oddly enough, I get 2 or 3 visitors per day to this website who are searching for "bukkake". For the rest of us – let’s find out what bukkake really is. Lifted from kittybukkake.diaryland.com:

"Butsu" is a Japanese verb meaning "to hit", and "kakeru" is a verb meaning "to wear/put on/hang from/stick to/cover/splash on" depending on context. The verb "bukkakeru" means "to splash water on someone’s face". "Bukkake" is a noun form, where the ideograms could be read as "hit-n-splash" or "hit-n-stick" in the porn context. It should be pronounced "bu’kakeh", where the apostrophe indicates a slight pause. To make it a little more obvious, the image should help.

Of course, thanks to the search engines that keep worming their way through this site, mentioning the word again will be enough to get another few hundred spooge-a-philes pay a visit. Sorry folks – there’s no porn on this site. Try googling for goatse man. oBTW: Yes, I’m well aware that the word "bukakke" also appears in the disclaimer at the bottom of this page. I just find it hard to believe that one word can result in so many priapismic onanists moistly clicking their way here.

I can’t possibly hope to keep up with the guys at:

http://www.squeak.org/us/ted/sars-graph.html
http://www.sars-spread.com/
http://www.sarswatch.org/
http://www.real-humanity.com/sars.htm

Using those four sites and their links, you can get SARS updates virtually 24 hours a day.

Ah, that reminds me, Google has a news tool at news.google.com that not only lists the latest headlines from thousands of sources world-wide – you can also filter on it. Try it, go there and filter on SARS.

Now, how’s this for interesting? Ted from squeak.org has calculated the following:

The number of reported cases of SARS in the world is doubling every 16 days using the data available on April 17, 2003. There will be 100,000 cases on about July 2, 2003. A million cases will be reached on about August 25, 2003, and ten million on about October 17, 2003. The number of reported worldwide deaths due to SARS will double every 12 days. The number will be 100,000 on about August 7, 2003. A million deaths will be reached on about September 16, 2003, and ten million on about October 27, 2003.

Even more interesting is this excerpt from real-humanity.com:

The SARS death rate will continue to rise and will likely eventually fall between 6.4% and 9% and this doesn’t include the probable lack of respirators as hospitals become overloaded. This death rate increase is solely a function of mathematics. The problem is that cases are reported when the patient presents with symptoms, but the patient does not die straight away. It is likely from all reports that those patients that will die, do so between one and three weeks after they go to hospital. Which means that the death rate should not be calculated by dividing the number dead by the number of cases now, but by dividing the number dead by the number of cases one or two weeks ago. If the time is one week on average then the rate should be taken as 6.4% and if it is two weeks, then the death rate is 9%. Of course, if the average time from being classified as a SARS patient till death is longer than two weeks, then the fatality rates get even higher.

Ok, I am worried about SARS, but if these guys are right – we may be confronting the next Spanish Flu or Black Death.

Ok, we’re seeing some delays on the secret project.
I guess we just underestimated the complexity of making something simple to use. That sounds odd I know, but what we’re learning is that hiding the hard stuff by delivering an easy-to-understand interface is exquisitely difficult.

And I think it’s only going to get harder. We’re probably 70% through the code and interface design, however the user testing may force us to spend a great deal more time on the pretty stuff.

Nevermind – as long as it’s right when we launch it.

In the mean time, bookmark http://www.gotmyvote.com