We should be moving toward keeping all our 'stuff' in a distributed individual server which we personally control, but services can access via standard API.
There is a new project toward building this interoperable API - tent.io . It is just getting started, but deserves community support.
Facebook, Twitter, Google+, Flickr should be services which use personal data controlled by their own users. If we controlled our own tweets, posts, pictures, and connected them to our friends via interoperable services, then once service providers pull a fast one, we could pull up stakes and go to the next one.
Look into the prototypical Tent project https://tent.io/ for a vision of the future.
actually, if you read the actual description of the attack is IS a SQL Injection attack on a web script. More advanced than "bobby tables", but basically the same problem.
1. "Safe" place to be and share. Obviously, they threw this out the window. 2. Best "Dashboard". The superior, clean interface to see updates made a lot of users abandon MySpace, etc. This will be a big hurdle for the aspiring replacement- ease of use and cleanness. 3. Critical-mass of user network. It has the people/friends you want. This hurdle can be overcome too, as long as the "open" movement doesn't fracture into a thousand sourceforge projects.
Honestly, we've got to support this effort, and i hope all us paranoid hackers can get on the bus in the same direction. We have so many great tools and infrastructure-- we just have to make it a no-brainer for grandpa and the tweens to use alike.
Well, no one's stopping you from doing that right now, but you're breaking the social contract.
If everyone on the net did what you're doing, the system would drag to a halt, or there would be a ton of new "security restrictions" on the dns system to prevent it, basically a new pain in the ass for everyone.
if you're that worried about dns attacks, i'd rely more on public key enc and certs.
You can't give up, you have to excersise. The body was not meant to stay in a fixed position all the time - i know from experience.
I got RSI / tendinits relapse from typing in the wrong position, which i recovered over a year by changing typing position and habits, and doing weightlifting to have muscle to take the strain off the tendons. Then a few years later, i threw out my back (bulging disk) by being in sitting position too long. I did physical therapy for 6 months and learned excercises to compensate (bending spine backwards, not unlike a yoga position).
If you get health problems working "every waking hour", you can't work anyway, so make some time to do non-computer activity. I know it can seem counter-intuitive to excercise when uncomfortable or in some pain, but it really it better, as long as you don't cause injury.
I think most PostgreSQL users checked out MySQL in the late 90's, and read the MySQL docs, to see if referential integrity was supported (i know i did).
Not only did they say it was not supported, but that it would be stupid to implement it in the database, and that application developers should write their own code to do constraints.
Well, the message was pretty clear to me - never give MySQL another consideration. Unless you want to do repetitive coding the rest of your life.
Osbourne: Dad got it for spreadsheet, I remember playing Adventure. That was an awesome "portable". I think the original Compaq was influenced by the design.
Apple//c: First computer i programmed in (BASIC). Of course the arguments with me and my friends was over what was better -- Apple II or Commodore. Of course our friend w/the IBM PC was a boring lamer.
-Phone fields that auto-formats to (###) ###-#### or whatever the user needs for his region.
This doesn't make sense to me, on a practical basis. Just because you are in a region, doesn't mean the other person is in the same region, and their phone# is formatted the same way.
And then if the format is based on the contact's region, then you have to set that on every contact. It just seems like a feature request that sounds good until it is created.
He thinks vendors need to come up with a standardizes vulnerability test bed. I'm not sure exactly how this would be done (hackers do non-standard testing), but it sounds interesting. At least it could be a baseline over companies whose policy is "we don't get hacked".
right, i remember when the browser war was between Mosaic, Netscape 0.9 and Lynx.
Actually, i remember the first time i used the web in 93 or 94 (lynx on a terminal). I remember thinking "this sux - gopher is better" (i think i didn't get that there was a GUI interface:-)
I think we should look with interest at the new guidelines for stem cell research, which are likely to be unofficially followed by California-funded research.
Basically, they are saying: - making chimeras are "OK", as long as they don't reproduce - don't implant human cell in monkeys or apes - don't transplant cells in a way which "might make them assume some human qualities"
Good luck with figuring out that last one. We're walking a tightrope, and some may not care about falling off that much.
Slashdot Mirror
Look at the Tent project - http://tent.io . It is just getting started, but that is the vision.
We should be moving toward keeping all our 'stuff' in a distributed individual server which we personally control, but services can access via standard API.
There is a new project toward building this interoperable API - tent.io . It is just getting started, but deserves community support.
Facebook, Twitter, Google+, Flickr should be services which use personal data controlled by their own users. If we controlled our own tweets, posts, pictures, and connected them to our friends via interoperable services, then once service providers pull a fast one, we could pull up stakes and go to the next one.
Look into the prototypical Tent project https://tent.io/ for a vision of the future.
As a longtime reader and former creator of a hacked-up Perl-based CMS, i always respected what you built here.
Keep pursuing "the way"
Best wishes...
actually, if you read the actual description of the attack is IS a SQL Injection attack on a web script. More advanced than "bobby tables", but basically the same problem.
1. "Safe" place to be and share. Obviously, they threw this out the window.
2. Best "Dashboard". The superior, clean interface to see updates made a lot of users abandon MySpace, etc. This will be a big hurdle for the aspiring replacement- ease of use and cleanness.
3. Critical-mass of user network. It has the people/friends you want. This hurdle can be overcome too, as long as the "open" movement doesn't fracture into a thousand sourceforge projects.
Honestly, we've got to support this effort, and i hope all us paranoid hackers can get on the bus in the same direction. We have so many great tools and infrastructure-- we just have to make it a no-brainer for grandpa and the tweens to use alike.
safe until next week, when they use another address.
Checking inputs is the only fix.
Well, no one's stopping you from doing that right now, but you're breaking the social contract.
If everyone on the net did what you're doing, the system would drag to a halt, or there would be a ton of new "security restrictions" on the dns system to prevent it, basically a new pain in the ass for everyone.
if you're that worried about dns attacks, i'd rely more on public key enc and certs.
NTP server use is tiered. So client PCs are not supposed to hit the tier 1s, they should hit 2nd tier or a local ntp server.
You don't use the root DNS servers for all your DNS requests, right?
You can't give up, you have to excersise. The body was not meant to stay in a fixed position all the time - i know from experience.
I got RSI / tendinits relapse from typing in the wrong position, which i recovered over a year by changing typing position and habits, and doing weightlifting to have muscle to take the strain off the tendons. Then a few years later, i threw out my back (bulging disk) by being in sitting position too long. I did physical therapy for 6 months and learned excercises to compensate (bending spine backwards, not unlike a yoga position).
If you get health problems working "every waking hour", you can't work anyway, so make some time to do non-computer activity. I know it can seem counter-intuitive to excercise when uncomfortable or in some pain, but it really it better, as long as you don't cause injury.
This is just puff - if MS ever resorted to that, IBM would have to dust off their extensive patent collection and retaliate.
I think most PostgreSQL users checked out MySQL in the late 90's, and read the MySQL docs, to see if referential integrity was supported (i know i did).
4 831&cid=8925689l .html#Broken_Foreign_KEY
Not only did they say it was not supported, but that it would be stupid to implement it in the database, and that application developers should write their own code to do constraints.
Well, the message was pretty clear to me - never give MySQL another consideration. Unless you want to do repetitive coding the rest of your life.
http://developers.slashdot.org/comments.pl?sid=10
http://sunsite.univie.ac.at/textbooks/mysql/manua
Osbourne:
//c:
Dad got it for spreadsheet, I remember playing Adventure. That was an awesome "portable". I think the original Compaq was influenced by the design.
Apple
First computer i programmed in (BASIC). Of course the arguments with me and my friends was over what was better -- Apple II or Commodore. Of course our friend w/the IBM PC was a boring lamer.
Then i went to Mac SE, Then PC.
-Phone fields that auto-formats to (###) ###-#### or whatever the user needs for his region.
This doesn't make sense to me, on a practical basis. Just because you are in a region, doesn't mean the other person is in the same region, and their phone# is formatted the same way.
And then if the format is based on the contact's region, then you have to set that on every contact. It just seems like a feature request that sounds good until it is created.
I lit a candle at work to mark the passing of Netscape 7 years ago...
I like how he was in this position, but now thinks dept homeland security can't hack it.
http://appserv.gcn.com/22_20/news/22904-1.html
He thinks vendors need to come up with a standardizes vulnerability test bed. I'm not sure exactly how this would be done (hackers do non-standard testing), but it sounds interesting. At least it could be a baseline over companies whose policy is "we don't get hacked".
No they shouldn't - if i had one in a laptop, i don't want people i don't know tracking my movements. My car too (ok i buy used).
User-agent: FedBot /
Disallow:
the ip block is left as an exercise to the reader.
right, i remember when the browser war was between Mosaic, Netscape 0.9 and Lynx.
:-)
Actually, i remember the first time i used the web in 93 or 94 (lynx on a terminal). I remember thinking "this sux - gopher is better" (i think i didn't get that there was a GUI interface
I have been a "Perl Medic", and re-wrote old perl with new perl - much better.
Perl gives you enough rope to hang yourself. If you are disciplined, it is powerful enough to do anything cleanly, quickly, and efficiently.
#2 seems possible.
l ls27apr27,0,4314086.story?coll=la-home-headlines
I think we should look with interest at the new guidelines for stem cell research, which are likely to be unofficially followed by California-funded research.
http://www.latimes.com/news/science/la-sci-stemce
Basically, they are saying:
- making chimeras are "OK", as long as they don't reproduce
- don't implant human cell in monkeys or apes
- don't transplant cells in a way which "might make them assume some human qualities"
Good luck with figuring out that last one. We're walking a tightrope, and some may not care about falling off that much.
After i read Learning Perl and doing test scripts, i felt like i was a real programmer in my gut (instead of just trying to "get it").
Thanks for the best book on learning programming, Randal!
Someone tell you to stop buying NVidia until they have open source drivers!
Oracle and MS-SQL are pushing them...
That's what the point-in-time recovery and tablespaces are about.
1. happened in a small, isolated community, when it took months by ship to communicate w/other countries
2. 1000 times more similar events were happening in europe
3. USA didn't exist then, it was a possession of England