Why can people like you shut up? Here we had very entertaining discussion going on, about all sorts of conspiracy theories, comparisons to Orwell's 1984, and even some outright rantings in there. And then YOU come along and ruin absolutely everything! But I have hope our unbiased moderators will fix this. 'troll' mod coming in 5...4...3...
I thought journalists had greater freedom in certain situations. For example interviewing a wanted felon and not reporting his/her location to police would normally be illegal (obstruction of justice, aiding a felon), but journalists do that all the time.
or the linux way: 1. Find the software you want to install 2. apt-get (or GUI) install it 3. enjoy
Don't you mean : 1. find the software you want to install 2. search for app in repos to see if you can install via GUI. 3. app you want isn't packaged by your distro. 4. go to app's web site and download the linux version. Two possibilities : 5a. the app is closed source - the binary hasn't been updated since 2006 and won't work with your kernel version. 5b. the app is OSS - you won't be able to find all the lib-xyz dependencies needed to compile from source (if you even get that far!) 6. give up and assume linux sucks.
People take lessons to learn how to ride a motorcycle after all they've known how to drive is a car. Why would software be any different? Hell, I'd think it would be MORE important with software, it's a much more complex system than just driving.
The basic principles of operation may be less complex, but in practice it's much harder to ride a motorcycle than use software. Harder because any mistakes are punished by instant injuries or death, there is no 'undo' button !!
While there is certainly some truth to this, you are confusing a few things.
First, while some countries do change governments from time to time, it is the administrations that are on a fixed timeline. The US hasn't had a different governement since the current constitution was ratified in ~1789.
Second, administrations can and do last longer than 4 years. In the US, maximum term for the president is 8 years (4*2), but other contries have different standards (i.e. in France it's 10 years).
Third, earlier administrations will leave behind a framework and guidelines that latter ones will build on and follow. So while it may not be the same exact people in charge, the tendency is to keep the same basic path and make minor and gradual adjustments as needed. The same basic system (capitalist, protestant, expansionist, imperialist) still continues, but with a few tweaks. Probably the only major changes in the US system was universal suffrage and social security. Everything else is a continuation.
Securing the server doesn't change, and if you follow proper security guidelines you will be generally OK. It's just that AJAX does add complexity, and any time complexity increases, so do potential exploits.
For example some devs will forget that the return needs to be tested not to contain potentially dangerous information... things like DB structures or users, info only visible to certain users, etc. Quite often this may be debug info that needs to be turned off on production, but because it's hidden under a layer of JS, people forget.
It's true that using frameworks makes things a lot easier, especially for filtering and validation. But a good understanding of why certain things have to be done is more important in the long run. I've seen the best frameworks destroyed by programmers bypassing major security precautions out of laziness or for "performance tuning".
AJAX is probably the biggest security hole, even in a well designed application. Be especially careful when the AJAX does a DB update/insert - sometimes all the attacker needs is the JS code (obviously not secure) to see what url to hit and what parameters to send.
I find it very disappointing that this book doesn't cover that. Even if not an in-depth analysis, which could well require its own volume, at least a chapter on basic concepts.
Because otherwise PHP security is actually pretty simple. There's only 3 major rules : Never trust anything from outside : filter/validate all user input. Don't display error messages on production servers. Wrap system binaries in scripts rather than executing them directly.
Everyone, without exception, uses excel in the banking world. A lot of backend stuff runs on OSS though. And the source code to the calculator is in C, and includes a Linux makefile.
Yes, kinda like this web forum called 'slashdot' where everyone in it thinks normal people actually care about openness of files, formats, and software.
By not taking every opportunity to lie, cheat, and steal from my friends and family, I am at a disadvantage relative to those who do. By paying my taxes instead of hiding my income, I am at a disadvantage to those with, say, large Swiss bank accounts.
No, not really, because all of these things carry a significant penalty. A family member known to cheat and steal will eventually be ostracized and may not be helped in a time of need. A person attempting to hide income can be caught by the IRS and sent to prison and/or heavily fined. Society punishes those that do not follow its 'morals' (rules and regulations) and rewards those that do.
This is more as if a football player didn't wear shinguards. It's an accepted method of protection in this particular game, and all other players wear them, so not using them puts you at a disadvantage. You may claim you are the better athlete, have the moral highground, and be the crowd favorite, but it doesn't mean it won't hurt when you get kicked in the shins!
If you think that the current rules and regulations give an unfair advantage to corporations over regular citizens (and I for one certainly do), then the correct course of action is to change the rules by which all corporations operate, rather than single out some of them for punishment.
Judging from the EULAs it seems like this is exactly what the EU has done, and the US has failed to do.
They don't seem any worse than any other corporation.
Looking at the EULA, it's really only the US version that has a lot of the typical bullshit, the European versions are much saner. Can't really blame them for doing the same things all other companies operating in the US are allowed to do.
And from the gpl-violations page (which was resolved in a friendly manner):
As part of the agreement, TomTom will show it's appreciation of the Free Software and technology enthusiast movement by making a significant donation to the Chaos Computer Club (http://www.ccc.de/).
So they may not be exactly saintly, but don't seem overtly evil... and compared to Microsoft ? Come on !!
filtered/parsed results from running : nmap -A -T4 -F 182273490.qzone.qq.com
Port80-TCP : i686-pc-linux-gnu
501 Method Not Implemented The requested method 'OPTIONS' is not implemented by this server. http://www.tencent.com/ - qhttpd Server Server: qhttpd Connection: close Content-Type: text/html Content-Length: 255
Slashdot Mirror
I always have thought this to be the most illogical parts of humans of modern mainstream religion.
Looking for logic and consistency in any religion is a fool's errand.
Why can people like you shut up? Here we had very entertaining discussion going on, about all sorts of conspiracy theories, comparisons to Orwell's 1984, and even some outright rantings in there. And then YOU come along and ruin absolutely everything! But I have hope our unbiased moderators will fix this. 'troll' mod coming in 5...4...3...
Don't you know? The free market can solve ANYTHING !!
I thought journalists had greater freedom in certain situations. For example interviewing a wanted felon and not reporting his/her location to police would normally be illegal (obstruction of justice, aiding a felon), but journalists do that all the time.
or the linux way:
1. Find the software you want to install
2. apt-get (or GUI) install it
3. enjoy
Don't you mean :
1. find the software you want to install
2. search for app in repos to see if you can install via GUI.
3. app you want isn't packaged by your distro.
4. go to app's web site and download the linux version.
Two possibilities :
5a. the app is closed source - the binary hasn't been updated since 2006 and won't work with your kernel version.
5b. the app is OSS - you won't be able to find all the lib-xyz dependencies needed to compile from source (if you even get that far!)
6. give up and assume linux sucks.
Now do you see why this is a REAL problem ?
People take lessons to learn how to ride a motorcycle after all they've known how to drive is a car. Why would software be any different? Hell, I'd think it would be MORE important with software, it's a much more complex system than just driving.
The basic principles of operation may be less complex, but in practice it's much harder to ride a motorcycle than use software. Harder because any mistakes are punished by instant injuries or death, there is no 'undo' button !!
While there is certainly some truth to this, you are confusing a few things.
First, while some countries do change governments from time to time, it is the administrations that are on a fixed timeline. The US hasn't had a different governement since the current constitution was ratified in ~1789.
Second, administrations can and do last longer than 4 years. In the US, maximum term for the president is 8 years (4*2), but other contries have different standards (i.e. in France it's 10 years).
Third, earlier administrations will leave behind a framework and guidelines that latter ones will build on and follow. So while it may not be the same exact people in charge, the tendency is to keep the same basic path and make minor and gradual adjustments as needed. The same basic system (capitalist, protestant, expansionist, imperialist) still continues, but with a few tweaks. Probably the only major changes in the US system was universal suffrage and social security. Everything else is a continuation.
And yet we wonder why Kdawson hasn't been reprimanded.
Uh, because he didn't post the article ?
How is porn something to be "guilty" of ?
Securing the server doesn't change, and if you follow proper security guidelines you will be generally OK. It's just that AJAX does add complexity, and any time complexity increases, so do potential exploits.
For example some devs will forget that the return needs to be tested not to contain potentially dangerous information ... things like DB structures or users, info only visible to certain users, etc. Quite often this may be debug info that needs to be turned off on production, but because it's hidden under a layer of JS, people forget.
It's true that using frameworks makes things a lot easier, especially for filtering and validation. But a good understanding of why certain things have to be done is more important in the long run. I've seen the best frameworks destroyed by programmers bypassing major security precautions out of laziness or for "performance tuning".
AJAX is probably the biggest security hole, even in a well designed application. Be especially careful when the AJAX does a DB update/insert - sometimes all the attacker needs is the JS code (obviously not secure) to see what url to hit and what parameters to send.
I find it very disappointing that this book doesn't cover that. Even if not an in-depth analysis, which could well require its own volume, at least a chapter on basic concepts.
Because otherwise PHP security is actually pretty simple. There's only 3 major rules :
Never trust anything from outside : filter/validate all user input.
Don't display error messages on production servers.
Wrap system binaries in scripts rather than executing them directly.
Not a problem. It's in my own word though.
PHPisaninherentlyinsecurelanguagesousecaution
AAaaww what a cute little troll. I was just about to feed you.
Everyone, without exception, uses excel in the banking world. A lot of backend stuff runs on OSS though. And the source code to the calculator is in C, and includes a Linux makefile.
Yes, kinda like this web forum called 'slashdot' where everyone in it thinks normal people actually care about openness of files, formats, and software.
Why help support a company that treats you like a filthy criminal ? In your position I would simply download the torrent and be done with it.
By not taking every opportunity to lie, cheat, and steal from my friends and family, I am at a disadvantage relative to those who do. By paying my taxes instead of hiding my income, I am at a disadvantage to those with, say, large Swiss bank accounts.
No, not really, because all of these things carry a significant penalty. A family member known to cheat and steal will eventually be ostracized and may not be helped in a time of need. A person attempting to hide income can be caught by the IRS and sent to prison and/or heavily fined. Society punishes those that do not follow its 'morals' (rules and regulations) and rewards those that do.
This is more as if a football player didn't wear shinguards. It's an accepted method of protection in this particular game, and all other players wear them, so not using them puts you at a disadvantage. You may claim you are the better athlete, have the moral highground, and be the crowd favorite, but it doesn't mean it won't hurt when you get kicked in the shins!
If you think that the current rules and regulations give an unfair advantage to corporations over regular citizens (and I for one certainly do), then the correct course of action is to change the rules by which all corporations operate, rather than single out some of them for punishment.
Judging from the EULAs it seems like this is exactly what the EU has done, and the US has failed to do.
Because by not doing these things they would be at a disadvantage.
this part of the complaint made me LOL :
Microsoft has a long history of technical innovation in the software and hardware products it develops and distributes.
I wonder if they really believe this ?
They don't seem any worse than any other corporation.
Looking at the EULA, it's really only the US version that has a lot of the typical bullshit, the European versions are much saner. Can't really blame them for doing the same things all other companies operating in the US are allowed to do.
And from the gpl-violations page (which was resolved in a friendly manner) :
As part of the agreement, TomTom will show it's appreciation of the Free Software and technology enthusiast movement by making a significant donation to the Chaos Computer Club (http://www.ccc.de/).
So they may not be exactly saintly, but don't seem overtly evil ... and compared to Microsoft ? Come on !!
they're using qhttpd and linux.
filtered/parsed results from running :
nmap -A -T4 -F 182273490.qzone.qq.com
Port80-TCP : i686-pc-linux-gnu
501 Method Not Implemented
The requested method 'OPTIONS' is not implemented by this server.
http://www.tencent.com/ - qhttpd Server
Server: qhttpd
Connection: close
Content-Type: text/html
Content-Length: 255
info on qhttpd :
http://www.xman.org/Qhttpd/design.shtml
"learn Chinese"
You must be new here.
Don't swim against the current, but perpendicular to it.
So a bit like some children then ?