Worry Gurry, super scurry, call the troops out in a hurry
neunundneunzig luftballons
Good old Nena.
4259 publicly visible posts • joined 19 May 2010
'three letters added to another sciency word to make a product sound really expensive and worthwhile spending money on eg pro-biotic or pro-qubit'
Also "pro-Vitamin" which can be further enhanced by the addition of a random number and letter after it:
"New pro-Vitamin B5 Tile Grout, for that fresher, long-lasting whiteness"
Yep, completely agree.
We seem to be so risk-averse nowadays that it makes you wonder if, were we to go back a hundred years, but keep the same attitudes as we have now, whether many of the technological advances we have today would have survived the initial experimental stage without someone calling for them to be cancelled.
Would we have any civil aviation, or space program, if those who gave their lives in the early stages had meant that the testing and experimentation was deemed too dangerous?
Indeed, if you go back further, would the original American settlers have decided it was too risky to explore inland and to the the west, and still be stuck on the east coast?
Nobody wants to see people die, or expensive hardware get destroyed, but pushing the boundaries of technology means that accidents will happen, it is an essential part of the learning process, and we should embrace that.
The episode serves to underline the fact that there are worse and more damaging things than spamming someone
Hmm, I wouldn't be so sure, tins of Spam tend to be square, whereas tins of veg and soup are nearly always round, so I would suggest that being hit by a tin of Spam is potentially more damaging.
I feel some further research may be necessary...
It's definitely not paranoia when we can all pull out log files full of people out to get us.
This, exactly.
Every day, in mail logs, web logs, FTP logs - in fact everything that listens to incoming connections, you can see the background level of malicious connection attempts. Most are at the silly script-kiddy level, but you'll probably get at least one serious attempt a day, from somewhere.
One of our Directors overheard a colleague and I discussing one such script kiddy attempt - we were taking the piss out of the fact he was trying to find aspx files on a Linux PHP server - and the Director was horrified, asking why we weren't doing something about it.
He had no understanding of just how many attacks go on, day in and day out, and yet he's the one who normally queries why we need to invest in expensive firewalls, IDP / IDS systems, etc.
As an SME Admin, I do my best to maintain a robust and secure environment, but I'm well aware that at some point, we are going to get pwned.
We've had one incident, where a junior developer put up a web form without sanitizing inputs, and it only took a day before someone had successfully re-written the content of the site's CMS.
In another incident the Web team wrote a comments page without a capcha on it, which allowed anyone to type in an email address, and some text (not checked) and press send, and it would email the address given - an automatic spam machine, which was discovered by a bot within hours.
All you can do is try, with the resources available, to keep on top of things, and accept that despite all your best efforts, you are going to be hacked at some point, and if they're good at it, you may not even realise it.
It's open source, isn't it? I thought the idea was if you had a problem with something, you get the source code and fix it.
You're probably trolling, but I'll bite.
The source code for the video drivers for Nvidia and certain AMD (ATI) cards is not made available by the manufacturers, and therefore users of those cards are unable to "get the source code and fix it".
or are you just wanting someone else to do all the work for you, and you want to have it for free?
Linux users have just the same expectation as Windows and MAC users - manufacturers should provide support for their hardware and the software to make it work. They do it for free for Windows drivers, so why not Linux?
I think you are correct regarding current UK law.
However, in the case of the Reg, they do apply some light moderation, and therefore would probably be deemed liable for abusive comments. Thankfully, they do tend to jump on ad-hominem attacks and outright abusive posts, so content like that in the case mentioned wouldn't last long.
The trouble is, adding security to code inevitably increases the complexity of the code, (depending on the language, enormously so) and therefore "simple" tutorials to illustrate basic functionality are mostly written without the security additions.
Any reputable writer will include a disclaimer that states that the code should not be used "as is" in a production environment.
Unfortunately, developers, being human - and also in certain cases being under time pressure from management - will tend to pick the quick and easy solution, and copy and paste the simple tutorial, rather than the more complex ones showing how it should be done properly.
Teaching "coding" is just a sop to the masses, and is of no use in isolation.
Without the underlying knowledge of logic and how to break down any task into achievable steps, and also some basic knowledge of what your code does in a computer, then abstract copying and pasting of code snippets until it works is worthless.
<rant>
I'm constantly amazed by young developers with nice new shiny degrees in "Computer Science" who don't know why "Object reference not set to an instance of an object" messages happen.
They have no concept of memory allocation, or how pointers work, or how garbage collection works, either. Just because their chosen language is supposed to clean up after itself doesn't mean they shouldn't be taught what's happening underneath.
</rant>
Tesla can continue to fill cars with the skins of sentient beings that suffer unspeakable horror while adding massive amounts of greenhouse gas into the air.
“Or, Tesla can adopt one of the many faux leather materials used by Mercedes Benz, Lexus, BMW, Infiniti and others that are cruelty free, have wonderful reviews, last a long time, come in multiple colours and involve far less greenhouse gases”.
I'm so glad that Mr Peters didn't resort to using over-emotive language to make his point...
I'm sorry, your post has been edited, due to a Cease and Desist order from Flash Networks and Bharti Airtel. It now reads:
So just to clarify, it's .___________________. and .___________________. that are alleged to be involved in this this Ad injection, and .___________________. lawyers, but not .___________________. laywers, have issued a cease and desist order, to prevent .___________________. and .___________________. being named. Additionally the laywers for .___________________., but not for .___________________. issued a take down noticed for Github, where a screen shot for the the alleged Ad injection by .___________________. and .___________________. could be found.
.___________________. and .___________________. have yet to comment to The Reg, who have asked .___________________. and .___________________. for comment about ad-injection that .___________________. and .___________________. may be involved in?
Is that correct?
------------------------------------------------------------------------------------------------------------
Thank you for your compliance.
"Dahan says the MileagePlus system will inform when user identification numbers are incorrect"
This is a problem where web developers try to be too helpful to the customer.
The error message for a failed login should not identify which bit (username / ID or password) is wrong, it should just give a generic "Login details incorrect" for both an incorrect ID or an incorrect password.
That way, at least there is no shortcut for a hacker, they have to find both a valid ID and matching password.
Sadly whilst ever there is data held in databases, someone will find a way to steal it.
I'm pleasantly surprised by how CareFirst have handled this, they appear to have been up-front and honest with their customers.
Contrast this with how so many other big companies in recent memory have behaved after a data breach.
I have no axe to grind here, just thought it worthy of comment.
The Northumbrian Police have released a statement saying:
"In anticipation of tonight's demonstration, we have authorised the use of lethal force to control the crowds, and have mobilised more than 15 police vehicles, a helicopter hovering overhead, and three or four officers in sniper gear to deal with the gathering, which may cause dangerous and severe obstructions to a major highway."
Wouldn't it be more practical to have a gyroscope turn really really fast to accelerate the rotation of Earth?
What we need is every able-bodied member of the population to stand facing away from the direction of the Earth's rotation, and start running really, really hard all at the same time...
I'm sure this would be trivial to organise.
Guys?...
Oh come on, guys?
Really?
Yep, It's only last year we were sent a backup of a database from a client, they wanted us to import the data into their systems. Turns out they were running Microsoft SQL 5 on Windows NT4, we had to build a legacy machine just to read the data!