## How to understand the hijack in networking security?

How to understand the `hijack` in network security?

in cloudflare mirai-botnet, there is a sentence:

The Mirai botnet employed a hundred thousand hijacked IoT devices to bring down Dyn.

is the hijacked mean `be-controled`? or `infected` ?

## [ Gender Studies ] Open Question : Why do many men fail to understand yes can mean no?

Just because no means no, doesn’t mean yes means yes. Some women can’t say no to men. Some women may feel differently the next day. Fail to understand this and you may find yourself facing rape accusations.

## Can’t Understand the formula for processing speed of each job

I am trying to understand the formula for processing speed of each job. I got the formula from the following link:

Fair Online Scheduling for Selfish Jobs on Heterogeneous Machines

The other details are provided below:

I can’t understand what is the basis (i.e. the fundamental logic) of the following formula. Speed (i.e. Velocity) is given by : S= V * t

Why we have this fraction term in the formula? What does the denominator represent? I think it is representing the processing time of each job.

## Trying to understand AC0 reduction: what can be done with them?

I’m trying to understand the basic ideas behind the $$AC^0$$ reductions, related to some logical problems e.g. evaluation of boolean formulae. Where can I find some references to what can be done with $$AC^0$$ reduction and cannot be done with a LogSpace reduction?

Can the following operations on the input formulae can be implemented in $$AC^0$$? They can be easily implemented by LogSpace (or even const-space) transducer?

• parse the formula and remove all negation symbols from it,
• create a copy of the input and return its disjunction.

Is there any nicer way to think about $$AC^0$$ reductions than by the means of circuits? Is there any analogy here to parallel complexity?

## What would a Warlock understand from written spells outside of their class, via Eyes of the Rune Keeper?

This related question asks if you could transcribe a ritual spell to the warlock book via the Book of Ancient Secrets invocation regardless of spell lists, and the answers were generally “yes, but you can’t tell what the spell is”.

This other one asks if you had the Eyes of the Rune Keeper invocation, “could you cast a scroll of a spell outside of your spell list?”, and the answer, using a quote from Crawford, was that you cannot cast the spell since it was out of your spell list (but it did not state if you could actually read the scroll).

By this point, you can probably guess where I’m getting at.

The description of the Warlock eldritch invocation, Eyes of the Rune Keeper:

You can read all writing. You can comprehend any written word or symbol, should it hold any linguistic meaning.

The rules on scrolls outside of your spell list:

If the spell is on your class’s spell list, you can read the scroll and cast its spell without providing any material Components. Otherwise, the scroll is unintelligible.

Can I understand magical literature that is normally outside of my class list if I have the Eyes of the Rune Keeper?

What would I be able to identify from a written spell with Eyes of the Rune Keeper?

Note: I am not asking if I can cast spells outside of my class with the invocation; I am asking if I can understand the nature of the scroll/spell, even if I can’t cast from it.

Related: Can Warlock's Eyes of the Rune Keeper decipher written code?

## Did not understand few things about saml and openid

In OpenID, the client needs to support OpenID Identity provider and the client (application) needs to register with OpenID Identity provider. This is similar to the service provider in SAML registering with SAML Identity provider.

In both cases, client registration is required. So, except XML data and openid (identifier, URL) I could not understand the differences between both of them other than above. Can anyone explain differences?

# Context

I am doing an undergrad math project that involves exploring Donald Knuth’s “TAOCP, Volume 4, fascicle 6: Satisfiability”.

I am having trouble parsing some of this material.

Surely there are some online forums where different sections are unpacked or discussed or translated into Python?

I googled this but cannot find anything that helps me.

# Question

What are some online resources to help people parse TAOCP?

Surely many people have read this work before me?

## What should I read to understand semantics of programming languages?

I would like to have a good conceptual understanding of the semantics of programming languages: operational-, denotational-, axiomatic-, categorical-.

Is there a good (standard?) textbook for this?

## 64bit buffer overflow fails with SIGILL, cannot understand the reason

I have been doing 32bit buffer overflows for some time and I decided to try some 64bit overflows, to explore some more realistic scenarios. I have compiled my code with gcc -fno-stack-protector -z execstack -no-pie overflow.c -o Overflow.

Here is the code:

``#include <stdio.h> #include <string.h> void function(char *str) {     char buffer[32];     strcpy(buffer,str);     puts(buffer); }  int main(int argc, char **argv) {     function(argv[1]); } ``

Using gdb I determined how many bytes I need to write to control the return address. This is 40 bytes. So at first I tried to write 40bytes of “A” and then 6bytes of “B” to test the control of the return address.

Here is a screenshot:

I found and tested a 23 byte shellcode that executes “/bin/sh”, so I try to write a nop-sled of 13 bytes, the shellcode and the first 6 bytes of the return address that need to change. So I come up with this (in gdb):

``r \$  (python -c'print "\x90"*13+"\x31\xc0\x48\xbb\xd1\x9d\x96\x91\xd0\x8c\x97\xff\x48\xf7\xdb\x53\x54\x5f\x99\x52\x57\x54\x5e\xb0\x3b\x0f\x05"+"\x10\xe1\xff\xff\xff\x7f"') ``

I have set 2 breakpoints before and after the execution of strcpy and examine the memory.

This is the stack before the strcpy:

And this is the stack right after the strcpy execution:

So in my understanding, after I press c to continue the execution, I must “return” to the nopsled and then execute the shellcode in gdb.

Instead I get a SIGILL, for illegal instruction.

I cannot figure out why this is happening, any help/suggestions/pointer would be much appreciated.

## Need to understand the security flaw?

I am creating a database of encrypted value.

Let us say I store “John” which would be encrypted and stored as “Yoky”.

``John | Yoky ``

Now I store “Johnny” which would be encrypted and store as “Koaddy”

``John   | Yoky  Johnny | Koaddy ``

Now with the above storage I will not get any kind of regex search functionality. If I wanted to search “Jo%” it will not work.

But what if I store the values after breaking them. as

``Jo      |   Yoky , Koaddy Joh     |   Yoky , Koaddy John    |   Yoky , Koaddy Johnn   |   Koaddy Johnny  |   Koaddy ``

Here the regex searches will work “Jo%”,”Joh%” both will give Yoky and Koaddy, which is what I want.

I can see the obvious security flaw above that anyone can map out Jo,Joh.

So I have decided to store the encryption of these.

I will AES encrypt my stubs and store them.

``qkjklewr!j==      |   Yoky , Koaddy klkadsopos==      |   Yoky , Koaddy oensd%21op==      |   Yoky , Koaddy kaknvp23b02==     |   Koaddy kashdi2094j==     |   Koaddy ``

While performing any type of search say, “Joh”, I will first encrypt “Joh” then perform the search, therefore it will map to the AES encrypted value of “Joh”,i.e,klkadsopos==

Note : Both the column will use different keys and algorithms to protect the data.

Note : This storage will be TDE encrypted. HDFS will be encrypted and I will be using Apache Solr for the rest.

I need to understand if I am missing something fundamental here.