1 United Arab Emirates Dirham = 164.7088 CFA Franc BCEAO

1 Sri Lanka Rupee = 3.2437 CFA Franc BCEAO

1 Algerian Dinar = 4.7142 CFA Franc BCEAO

1 Indonesian Rupiah = 0.0405 CFA Franc BCEAO

1 Lithuanian Lita = 204.8944 CFA Franc BCEAO

1 Nigerian Naira = 1.5513 CFA Franc BCEAO

1 Czech Republic Koruna = 24.0723 CFA Franc BCEAO

1 Bolivian Boliviano = 87.7361 CFA Franc BCEAO

1 Japanese Yen = 5.6714 CFA Franc BCEAO

Herodotus once wrote:

“The counting was done by first packing ten thousand men as close together as they could stand and drawing a circle round them on the ground; they were then dismissed, and a fence, about navel high, was constructed around the circle; finally, other troops were marched into the area thus enclosed and dismissed in their turn, until the whole army had been counted.”

Whose army?

Workoutable © 2007 IndiaUncut.com. All rights reserved.
India Uncut * The IU Blog * Rave Out * Extrowords * Workoutable * Linkastic

I could barely recognize Ben Foster in 3:10 to Yuma, but I was blown away just the same by him as in his star making turn from Hostage. What makes Foster so special in Yuma?

Yuma contains two of Hollywood’s finest: Russell Crowe and Christian Bale. Bale is excellent, Crowe a little too relaxed to be cock-sure-dangerous. Both are unable to provide the powder-keg relationship that the movie demands.

Into this void steps Ben Foster. He plays Charlie Prince, sidekick to Crowe’s dangerous and celebrated outlaw Ben Wade. When Wade is captured, Prince is infuriated. He initiates an effort suffused with desperate passion to rescue his boss.

Playing Prince with a mildly effeminate gait, Foster quickly becomes the movie’s beating heart. What struck me in particular was that Foster was able to balance method acting with just plain good acting. He plays his character organically but isn’t above drawing attention with controlled staginess.

Gradually, Foster’s willingness to control a scene blend in with that of Prince’s. Is the character manipulating his circumstances in the movie or is it the actor playing a fine hand? Foster is so entertaining, the answer is immaterial.

Rave Out © 2007 IndiaUncut.com. All rights reserved.
India Uncut * The IU Blog * Rave Out * Extrowords * Workoutable * Linkastic

This new film is the latest remake of Devdas, but what is equally interesting is the fact that it is in conversation with films made in the West. Unlike Bhansali’s more spectacular version of the older story, Anurag Kashyap’s Dev.D is a genuine rewriting of Sarat Chandra’s novel. Kashyap doesn’t flinch from depicting the individual’s downward spiral, but he also gives women their own strength. He has set out to right a wrong—or, at least, tell a more realistic, even redemptive, story. If these characters have lost some of the affective depth of the original creations, they have also gained the hard edges of modern lives.

We don’t always feel the pain of Kashyap’s characters, but we are able to more readily recognize them. Take Chandramukhi, or Chanda, who is a school-girl humiliated by the MMS sex-scandal. Her father, protective and patriarchal, says that he has seen the tape and thinks she knew what she was doing. “How could you watch it?” the girl asks angrily. And then, “Did you get off on it?” When was the last time a father was asked such a question on the Hindi screen? With its frankness toward sex and masturbation, Dev.D takes a huge step toward honesty. In fact, more than the obvious tributes to Danny Boyle’s Trainspotting, or the over-extended psychedelic adventure on screen, in fact, as much as the moody style of film-making, the candour of such questions make Dev.D a film that is truly a part of world cinema.

Rave Out © 2007 IndiaUncut.com. All rights reserved.
India Uncut * The IU Blog * Rave Out * Extrowords * Workoutable * Linkastic

I loved Nina Paley’s brilliant animated film Sita Sings the Blues. If you’re reading this, stop right now—and watch the film here.

Paley has set the story of the Ramayana to the 1920s jazz vocals of Annette Hanshaw. The epic tale is interwoven with Paley’s account of her husband’s move to India from where he dumps her by e-mail. The Ramayana is presented with the tagline: “The Greatest Break-Up Story Ever Told.”

All of this should make us curious. But there are other reasons for admiring this film:

The film returns us to the message that is made clear by every village-performance of the Ramlila: the epics are for everyone. Also, there is no authoritative narration of an epic. This film is aided by three shadow puppets who, drawing upon memory and unabashedly incomplete knowledge, boldly go where only pundits and philosophers have gone before. The result is a rendition of the epic that is gloriously a part of the everyday.

This idea is taken even further. Paley says that the work came from a shared culture, and it is to a shared culture that it must return: she has put the film on Creative Commons—viewers are invited to distribute, copy, remix the film.

Of course, such art drives the purists and fundamentalists crazy. On the Channel 13 website, “Durgadevi” and “Shridhar” rant about the evil done to Hinduism. It is as if Paley had lit her tail (tale!) and set our houses on fire!

Rave Out © 2007 IndiaUncut.com. All rights reserved.
India Uncut * The IU Blog * Rave Out * Extrowords * Workoutable * Linkastic

This Metasploit module exploits a stack overflow in the FutureSoft TFTP Server 2000 product. By sending an overly long transfer-mode string, we were able to overwrite both the SEH and the saved EIP. A subsequent write-exception that will occur allows the transferring of execution to our shellcode via the overwritten SEH. This Metasploit module has been tested against Windows 2000 Professional and for some reason does not seem to work against Windows 2000 Server (could not trigger the overflow at all).

This is an exploit for the chunked encoding buffer overflow described in MS03-051 and originally reported by Brett Moore. This particular modules works against versions of Windows 2000 between SP0 and SP3. Service Pack 4 fixes the issue.

This Metasploit module exploits a stack overflow in the NetApi32 NetpManageIPCConnect function using the Workstation service in Windows 2000 SP4 and Windows XP SP2. In order to exploit this vulnerability, you must specify a the name of a valid Windows DOMAIN. It may be possible to satisfy this condition by using a custom dns and ldap setup, however that method is not covered here. Although Windows XP SP2 is vulnerable, Microsoft reports that Administrator credentials are required to reach the vulnerable code. Windows XP SP1 only requires valid user credentials. Also, testing shows that a machine already joined to a domain is not exploitable.

win32k.sys in Microsoft Windows 2000 / XP / 2003 suffers from a local kernel denial of service vulnerability related to SfnLOGONNOTIFY.

win32k.sys in Microsoft Windows 2000 / XP / 2003 suffers from a local kernel denial of service vulnerability related to SfnINSTRING.

This is an exploit for the chunked encoding buffer overflow described in MS03-051 and originally reported by Brett Moore. This particular modules works against versions of Windows 2000 between SP0 and SP3. Service Pack 4 fixes the issue.

A vulnerability in the Windows kernel can be triggered via SMB in Microsoft Windows versions ranging from Windows 2000 through to Windows 7. This vulnerability allows an attacker to trigger a kernel pool corruption by sending a specially crafted SMB_COM_TRANSACTION2 request. Successful exploitation of this issue may result in remote code execution with kernel privileges, while failed attempts will result in a denial of service condition.

A vulnerability in Windows DHCP was found on Windows OS versions ranging from Windows 2000 through to Windows server 2003. This vulnerability allows an attacker to remotely overwrite DNS, Gateway, IP Addresses, routing, WINS server, WPAD, and server configuration with no user interaction. Successful exploitation of this issue will result in a remote network configuration overwrite. Microsoft acknowledged the issue but has indicated no plans to publish a patch to resolve it.

Whitepaper called Using "ShoutBoxes" to control malicious software.

Whitepaper called How Conficker makes use of MS08-067.