Livefyre Profile

Activity Stream

Sorry, what? You're basing this claim upon the fact that both of them use C++ exception handlers? Just because you Google'd a partial instruction, in a very specific tool's output format, for a very mundane type of structure, and got a Google-whack, does NOT mean these two things are in any way the same. This is classic confirmation bias: you search online for a string emitted by a common malware analysis tool, then get a result related to malware, and suddenly 2+2=0x18.

For a start, that -18h value you're looking at is an offset constant for the stack. It's a fixed value that is used to identify the position of the CPPEH_RECORD struct relative to the stack frame base pointer (ebp). The two values are the same because CPPEH_RECORD is the same size no matter what application you're writing - the sizeof the struct is 0x18.

CCPEH_RECORD is the name that IDA gives to C++ exception handler descriptors. These structures sit on the stack, at the start of stack frames, and contain various parameters related to exception handling. This is why ebp-0x18 gives you the pointer to the record. It's a similar affair to SEH - the idea being that when an exception is thrown, the exception handling chain is traversed for a valid handler record for the exception type, and when one is found control flow is passed to the handler routine. Such structures are often a target for stack buffer overflows, because if you can overwrite the stack you can overwrite the exception handler, and can then gain control over the instruction pointer by causing an exception. This means literally nothing in the context you've framed it, though.

This entire fragment is likely a compiler-generated artefact and has nothing to do with malware, apart from the fact that SEH structures on the stack are often overwritten by stack buffer overflows. Even if it were vaguely relevant (which it isn't) you'd still comparing apples to oranges.

The two pieces of code you posted are *completely* different and there is no reason to believe that they're related in any way, other than that they both were probably written in C++ and compiled in Visual Studio.

7 months, 2 weeks ago on Could a Novell vulnerability be behind the Target breach?

Reply

 @Boris Badnov   @Dre_Mane  I'd have opened up a dialog with both WikiLeaks and the DoJ, so that options could be discussed. I'd have asked the DoJ to provide a letter, signed by an official, stating that it is the opinion of the DoJ that WikiLeaks proposes a significant threat to national security, that it believes the best course of action is for PayPal to cease its business with them, that it believes the cessation of business would not constitute a violation of the law, and that the DoJ would fully back us in any ensuing legal matters. Then, and only then, would it be on the cards. Then, even if I did choose to cease dealings with WikiLeaks, I'd give them a notice of termination - only something short, say, 5 days, but enough to organise an alternative and finalise their accounts. It's common courtesty.

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply

 @Schnacks They clearly know who they have more repeat business security with. A buyer has plenty of choice, a seller has much less of one.

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply

 @Schnacks Wow, that sucks. Could you not use the shipping payment receipt as proof? I've successfully managed to beat such a false claim before by taking a photo of the box (with the order number printed on it) with the Royal Mail receipt on top before shipping, using standard postage, as I suspected there might be problems, but it's clearly a bit silly to be expected to do such a thing for every item shipped.

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply

 @FastSpringCEO  Not exactly, since it's not directly clear that SaaSy.com is owned by FastSpring, until you do a little research. It'd have been nice if you'd said something like "Disclaimer: I own SaaSy.com"

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply

Just an FYI for anyone reading this, in the interests of full disclosure: SaaSy.com is owned by FastSpring.

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply

 @scottishwildcat Don't fix what ain't broke!

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply

 @rjdempsey  Amusing point, but you and @PedroSantos  seem to have mixed up payment processors with currencies. Sainsbury's might not accept PayPal, but they accept GBP. State currencies are accepted almost everywhere, even moreso when using global payment processing systems such as PayPal, but novel "digital" currencies such as BitCoin are barely accepted anywhere. I can use GBP, USD, AUD, EUR, NOK, JPY, or pretty much any other state currency I like with PayPal and other global payment processors, but not BitCoin. I also don't know of a single company that pays their staff in BitCoins. I'm not saying BitCoin is a bad idea, or a broken concept, but it's just not ubiquitous enough yet to be useful in any general sense. Perhaps the first global payment processor to accept BitCoin will be the most successful one? I'm not sure, but it'd be interesting.

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply

The only thing that PayPal has going for it is the fact that they're global. There aren't really any alternatives for non-US companies looking to accept payments from global customers. However, this comes with its own headaches - especially in the legal / tax areas. The list of problems I have with them is huge: their API is awkward, they don't care about buyers, they're inefficient and awkward when dealing with complaints, they randomly block legit transactions, they seem to block charties (e.g. WikiLeaks) for political reasons, and they certainly don't have an error-free buying process. Overall experience: terrible.

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply

 @Dre_Mane Whilst I agree that this article is rather US-centric, it's still completely correct. PayPal's profit comes almost entirely from the US, especially when you consider the differences in tax law (and legal tax evasion) when doing business there. Add that to the fact that there are plenty of non-US payment processors based in people's own countries, which makes the legal side of things a bit easier, and you can start to see why PayPal's business model is being eroded.For example, if I run a site from a company registered in the UK, then use PayPal to process my funds, I have to fill out extra paperwork when filing my profits with HM Revenue & Customs. With a UK-based payment processor, that headache goes away completely.The final nail in the coffin was when they started blocking charitable organisations for dubious (read: politically motivated) reasons, e.g. WikiLeaks.

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply

 @PedroSantos Sorry, but until my local Sainsbury's starts accepting BitCoin, or at least a major player like Amazon or Play.com, it's not killing anything.

2 years, 1 month ago on Exactly How Screwed Is PayPal? (Hint: Very)

Reply