Non malware use cases of LSASS dumping

I recently looked up some techniques for dumping credentials from LSASS and came across an article that says PPL and other protections were not enabled by default in Windows because some non malicious programs from third parties (including antivirus companies) uses them.

However I was unable to find if actually some programs interact in a non-conventional way with LSASS, which programs do it and why.

Does anybody have information regarding this?

Attack of Oppertunity 5E DnD – some corner cases (and spectres)

We had a 5E DnD session where a Spectre besides a character and a wall “moved” into wall without leaving the reach range, but depending on how you consider reach with obstacles to work and when you leave it, would there be Attack of Opportunity? (AOO)

Rules as written: “In a fight, everyone is constantly watching for a chance to strike an enemy who is fleeing or passing by. Such a strike is called an opportunity Attack. You can make an opportunity Attack when a Hostile creature that you can see moves out of your reach. To make the opportunity Attack, you use your Reaction to make one melee Attack against the provoking creature. The Attack occurs right before the creature leaves your reach. … You also don’t provoke an opportunity Attack when you Teleport or when someone or something moves you without using your Movement, action, or Reaction. For example, you don’t provoke an opportunity Attack if an explosion hurls you out of a foe’s reach or if gravity causes you to fall past an enemy

  • So we have normal case where someone Hostile moves past the Defender, and gets hit leaving * since moved out of reach, getting AOOed.
---*->H  .D.  ... 
  • Then we have case where someone moves in circle around defender – no AOO
---+  .D|  H-+ 
  • So what if someone runs by an open door, or an alcove or something. A tunnel opening by someone with reach like a lance? Is there AOO (feels like there should)? Where AOO? What about 10ft reach? Things are getting a bit weird now, but seems like there should be AOO at one of [?]
---???->H ===.===  ..D..  .....  ..... 
  • Ok, so what of some hostile runs a circle around someone, and there is a wall or pillar or something enough to give 100% giver temporarily? Now we have a case where hostile arguably is better off than the No AOO circle (cover some of way), yet is arguably worse off than running across doorway (less cover yet it felt right door runner had got AOOed. Technically reach not needed if thin iron plate of right size, but for sake of ascii art…
--?->H  ..=..  ..D..  .....  ..... 
  • And the case that got us thinking about it all. Spectre beside Defender (no reach) and a wall moves into wall. AOO? Spectre did not leave reach by distance, yetis not reachable. But if AOO, what if spectre just “fell” through floor? Falling by someone does not cause AOO? By now the whole thing just seem broken.
.-|->S .D| ..|  

Any suggestions on what RAW and (perhaps) what common sense says about these cases?

[ Politics ] Open Question : Why do people keep claiming the mortality rate among confirmed cases is over 3 percent in the U.S.?

19,777 confirmed cases and 276 deaths equals a mortality rate of about 1.4 percent, Of course if we included all the minor cases that are never tested and not confirmed, the rate would be notably lower than even that. Are there political agenda reasons why the mortality rate is being misrepresented? Both confined cases and deaths have been updated since I posted this, but the rate similar, now at. 1.3.    https://www.worldometers.info/coronavirus/country/us/ P.S.  I’m not in anyway claiming this shouldn’t be taken seriously.  I’m just wondering why many continually misrepresent the mortality rate.  What’s their motive?

Matrix to select most relevant security test cases to automate

I spend some quality time on studying security reports on the internet. I build from it an overview of the most relevant security risk category (Injection, session management, and so on) along with an average risk number (high, medium, low). Now I want to create a matrix that will help to select the most relevant test cases to automate.

I was thinking of having these factors:

  • Attack complexity
  • Tool availability
  • Risk value (high, medium, low)

Is this a good approach? I like to hear a second option about what to change/improve.

Analysing worst case time complexity of quick sort for various cases

I am trying to understand worst case time complexity of quick sort for various pivots. Here is what I came across:

  1. When array is already sorted in either ascending order or descending order and we select either leftmost or rightmost element as pivot, then it results in worst case $ O(n^2)$ time complexity.

  2. When array is not already sorted and we select random element as pivot, then it gives worst case “expected” time complexity as $ O(n log n)$ . But worst case time complexity is still $ O(n^2)$ . [1]

  3. When we select median of [2] first, last and middle element as pivot, then it results in worst case time complexity of $ O(n log n)$ [1]

I have following doubts

D1. Link 2 says, if all elements in array are same then both random pivot and median pivot will lead to $ O(n^2)$ time complexity. However link 1 says median pivot yields $ O(n log n)$ worst case time complexity. What is correct?

D2. How median of first, last and middle element can be median of all elements?

D3. What we do when random pivot is ith element? Do we always have to swap it with either leftmost or rightmost element before partitioning? Or is there any algorithm which does not require such swap?

Collision detection when falling: two identical cases?

I am looking for a conceptual solution to my problem. It’s a simple platformer-alike game where player can move horizontally during free-fall.

Consider those two cases: enter image description here

In the first case, from game experience point of view, the player should land on top of the box; and in the other case he hit the left edge, hence the player should fall down.

However, from my code point of view (“real behaviour”), both those collision detection cases are identical. I am not sure how to separate them.

In both cases the vertical velocity is positive (falling down) and the user is moving with some fixed positive horizontal velocity. (moving right)

From a collision-standpoint the two cases are identical, I think. How can I tell whether I should put the player on top of it or let him fall?

Is it lazy or inconvenient not to distinguish between password reset use cases in the UI?

I was recently asked to reset a password due to the fact that the security requirements for the website had been upgraded, and the users have been asked to change their passwords (for those that don’t meet the current standards).

Although the user interface simply asked you to provide an email address (to verify that it is an active account) with a call-to-action to change the password, when the email link is sent to my inbox, it was in the format of a ‘Forgotten Email’ page that had the same flow as if you clicked on the ‘Forgotten Email?’ link commonly seen at the sign-in page.

Is it simply more convenient to use exactly the same process, or is it simply lazy design or development not to make this distinction as it clearly has some effect on the user experience? Is this a common practice and if so why?