Is the SDP a=crypto attribute relevant when DTLS-SRTP is used?

The a=crypto attribute in RFC 4568 has a separate section 9.2. for SRTP “Crypto” Attribute Grammar. What it basically includes is a list of attribute values required for encrypting media (crypto suite, method, session params, keys, MKI…).

However, DTLS-SRTP also does the same (RFC 5764 – SRTP Extension for DTLS). So, is it correct to say that where DTLS-SRTP is used, the a=crypto: attribute is not used. For example, does webRTC offer-answer SDP use the “a=crypto:” attribute as DTLS-SRTP is a must for webRTC?

Informational RFC “SDP for webRTC” also does not throw any light on this issue.

Please clarify.

What is the distribution of Saving Throws associated with each attribute that are required by spells?

I read somewhere that in D&D 5e, the Saving Throw distribution for spells was biased towards DEX, CON and WIS. In other words, if you had proficiency in those attributes, you would benefit a lot more than having proficiency in other attributes.

What is the distribution of Saving Throws across attributes for spells in D&D 5e?

I’m looking for a percentage of each attribute for all the spells available (one would expect this to be uniform). Bonus points if this is also calculated for only spells that can be cast by RAW monsters (MM and VMG).

Determining Attribute Flow Compiler Construction

I am trying to determine how to actually answer these questions in my textbook. I have 3 questions which is as stated below.

These questions, i do not quite understand what the uparrow and downarrows have to do with the attribute flow and definition of this grammar.

For each of the following grammar indicate whether overall, general attribute value flow is bottom-up, top-down, left-to-right, and right-to-left.    (a).          G -> A(downarrow)l          A(downarrow)n -> B(downarrow)3n A(downarrow)7n          ->”c” C(downarrow)n-1          B(downarrow)n -> ”a” B(downarrow)n+4 “b” C(downarrow)2n          -> ”b”          -> ”c”        (b)         G -> A(uparrow)x          A(uparrow)n -> B(uparrow)u (uparrow)v  A(uparrow)y        [x=uy+v]          -> ”c” C(uparrow)z                                        [x=2z]          B(uparrow)v -> ”a” B(uparrow)r(uparrow)s“b” C(uparrow)x   [u=2r+x-s; v=s+1]          -> ”b”                                                    [u=1; v=2]          C(uparrow)x  -> ”c”                                       [x=3]   (c)          G -> A(downarrow)0(uparrow)r          A(downarrow)x(uparrow)z -> B(downarrow)y (uparrow)z  A(downarrow) x(uparrow)y                            -> ”c”  C(downarrow)x(uparrow)y                                       [z=10y+3]          B x w -> “a” B(downarrow)10y+2(uparrow)z “b” C(downarrow)x(uparrow)y  [w=10z+1]          -> ”b”                                                                [w=10x+2]          C x y -> ”c”                                                         [y=10x+3] 

What happen if the L1 cache has the address entry with write_back attribute. Will that address be available in L2 cache?

I have the TLB entry for a particular address. This address has write-back attributes in both L1 cache and L2 cache. My queries are: 1> if L1 cache entry has write-back, can it be write-back in L2? 2> if L1 cache entry has write-back, then updated values will not be written into DDR until we apply flush. Does the same behaviour like DDR is applicable for L2 cache also?

Keeping passwords in plain text in “value” attribute. Addons can use this for password leaking

Either there is a security hole or I’m missing information about something.

While I was testing how Surfingkeys addon works I’ve noticed that it has command yf to copy form content on current web page. I though about testing it on “Sign In” and “Log In” forms on few websites to see if it would be able to retrieve typed passwords in plain text. It was successful if standardized <form> tags were used.

Then I’ve noticed that in most web applications password is kept in <input value=""> attribute in plain text which to me seems like by-standard security hole for whole W3 stack (HTML, CSS, JS, etc.). If this addon was able to get password from DOM then any addon can do that. The only piece missing is sending that data to server of a 3rd party who are owners of such malicious addon – such situation already had place with Stylish.

So attack scenario looks like this:

  1. Company “mal1c1ous” buys popular web addon.

  2. They add to addon generic <form> parser script which retrieves data from <input value="">.

  3. For each known website they make their addon “decorate” submit buttons with script which on click 1st sends request with credentials to their server and then to host of that website. Or they just send requests each time parser script is able to get new data.

  4. After some time they perform an attack using gathered credentials.

I find that scenario possible show me that it can’t happen. Also my question is: given that is Web security flawed by design?

The thing is that no one discourages from using <input value=""> as a password holder it seems that there is no other option by standard. Web developers can only come up with their own ideas to obfuscate where a password is stored before request is made.

Would Affliction with Attribute Penalty for Will without damaging IQ cost the same as Affliction for IQ penalty?

Suppose you have a telepath who wants to be able to soften up the resistance of targets with high willpower. The plan is to reduce the target’s will score and then hit the target with Mind Probe or Mind Control.

This telepath might be interrogating stalwart warriors with IQ 9 and Will 16. To speak a language requires an IQ of 6. Thus the telepath does not want to reduce IQ very low. Ideally, the affliction should sap the target’s Will without affecting IQ.

A possibility might be to use Affliction with Attribute Penalty. Presumably the cost for a penalty to Will would be the same as the cost for a penalty to IQ. I presume the Cumulative modifier would be necessary to make the effects stack.

Affliction (-1 to Will) level 1= 10 pts: Malediction/Ranged +190%, -1 attribute penalty +10%, Cumulative +400% Based on Will +20% =72 points

It would be much more expensive to use a version of Leech that saps Will instead of IQ. Presumably this would cost as much as a version of Leech that saps IQ.

Leech (drains Will) level 1 =25 pts: Malediction/Ranged +190%, Affects Will +300%, only heals FP -20%, Based on Will +20% = 148 points

Question: Is it reasonable to have an attack to Will cost the same as an attack to IQ?

Savage Worlds (SWADE) – Implication of permanent injuries (specifically reducing an attribute by a die type) on Edges and weapon use?

FYI: I’m using the Adventure Edition of Savage Worlds (SWADE).

If a character in Savage Worlds gains an injury that permanently reduces the die type for an attribute, does that mean that all Edges that were dependant on that attribute are no longer valid? If so, what does that mean for the character? Do they get to replace the Edges with something else or do they just lose it forever?

e.g. A character has a d8 in Agility and buys the Extraction Edge during char. creation, which has a prerequisite Agility of d8+. During combat, they’re incapacitated, fail the Vigor roll, and roll “Broken” on the Injury Table (Agility reduced a die type).
What happens to their Extraction Edge?

Does the same rule apply for what kind of weapon they can use? Let’s say they usually use a weapon that has a min. strength of d8, but the character’s strength is now a d6 – can they no longer use that weapon? Does this happen while the attribute is temporarily reduced, too (as in, they get a temporary injury instead of a permanent one)? The answer to this question might seem obvious, but the reason I ask is because the character in question has the Trademark Weapon Edge, and the weapon has a min. str. of d8. If they can no longer wield that weapon, does that Edge become useless?

What is a range of an attribute in data mining?

In my data mining course, we are working with a data set. I have to identity the ranges of each attribute. I am given the set of data for all 150 points and i am given the visualization (charts) of all attributes. However I do not know how to use that set of data or the charts to find the ranges of each attribute. I do not know what is meant by range either.

I’m working on the data set for Iris plants and I have three classes of the flower.