I've seen this done with a phishing scam on my bank...
You click on the typical link that's for http://www.bank.com.ewroijwer.@somewhere.illegal/s cam.php
That the returns a page which pops up a toolbarless window saying "Please verify your account information...". It then reloads the main window so it actually displays https://www.bank.com
That way you see your banks homepage, you see the lock icon, the certificate checks out, but the popup window asking for your account information isn't secure and posts information to russia.
I was very very impressed - took me a while to realize what they were doing.
I used to have a perl script that went to overture few hours, searched for bulk email, and clicked on each of the results.
Overture used to display how much the advertizer would pay for every single click, and lots of them were over $10.
I'm not sure if it actually worked or not, but in theory i cost the UCE industry about a half a million dollars - sadly that went to overture who aren't much more reputable.
Realistically most people here probably run linux most of the time... or at least they should if they practice what they preach.
I work on solaris, run linux most other places and have a win2k box since my wife needs MS Word and i occasionally have to do VC++ consulting work.
I see kde and gnome every day and see them advancing but since i haven't used a version of windows released in the last 5 years so it's hard to make a direct comparison.
The point with firewalls is that most windows boxes are not firewalled and most linux boxes are... it's a statement more about their userbase than anything else. OSX stands above the crowd here though:)
Hmm i can add a printer to my kde in a minute or two.
Then it's smart enough to know that when i need to print something, and i'm not at home, that there are 3 roughly equidistant lasers at work. It'll select the one that's not-broken and least loaded and send it there.
Kde's printing is slick - pick something else to bash:)
Every source, no matter how impartial it claims to be, is bound to have some sort of bias.
The key to finding value in those sources comes from being able to identify the bias and interpret around it.
For example/. is "news for nerds who dislike microsoft and sco and hold apple on a pedastal", and with that in mind i can find useful stuff here sometimes.
SOAP is an excellent technology but it's SLOW. Servers get bogged down doing string processing, and when you are handling thousands of requests per minute it's a big problem. Adding a gzip/gunzip into the mix would make it slower still.
As it happens, most soap requests are NOT human readable. Sure i can sit and figure one out, but unless it's a trivial example, trying to decipher it isn't easy.
A standard binary xml format would allow a standard binary soap variant. Debuggers could hand bsoap->soap translation and everything would get quite a speed boost.
My argument would be that if it's not standardized then people will develop non-standards-complient implementations, which is definitely a bad thing.
Things you probably cant do nowadays but we did in high school (which was only 8 yrs ago)
1) Play with radioactive stuff
2) Use transformers to run some 14kV distribution lines up and down the classroom to show the decrease in cable loss
3) Show that the high voltage back-emf spikes from a relay closing can jam your nerve signals and leave you unable to move (ala taser)
4) Look inside classmates with ultrasound
5) Find out how much voltage it takes to blow up a capacitor
Even then our teacher had a closet full of 'special equipment' that he'd smuggle home every time the inspectors came round to visit.
I loved physics and i can assure you that 90% of my high school classmates concurred that it was better than chemsitry or biology or social "science". The experiments make it fun.
Why does a help desk operator have access to my credit report?
Surely you can design a system where very few humans ever have contact with all of a persons information.
I've dealt with on UK bank where when you wanted to perform certain transactions using telephone banking you were passed to a second tier operator and instructed not to give them your name.
Presumably the system was set up such that no one person had enough confidential information on a single customer.
The US really needs far stricter controls on SSNs - it's insane how often i need my ssn for day to day transactions.
I complained to them once that i was getting a 400ms ping time to the UK and that this wasn't normal.
Their response was pretty much that i shouldn't expect broadband if i'm not connecting to things in the uk.
The upside is that now their customer service is entirely handled by script reading indians, you can call and say you want to cancel because qwest are doing dsl for $27/mo and they'll half the price of your internet service.
Sounds just like what they did with Windows 95. You put an autorun.inf file on the disk and as soon as the system sees it, it starts.
What's the market for this anyway. Am i going to have to carry one dongle for each application?
Surely it'd be better to work on a standard for applications that run from removable media... require that they run from a single exe file and create some sort of sub-registry on the removable device - that'd make it easy for people to handroll their own usb functionality.
All semiconductor manufacture processes have defects, and when a defect occurs it ruins the chip.
Typically defects occur at random so there will be X defects per cm^2 (in this case X should be 1).
So the bigger you make the individual chip dies, the more likely the case that there will be a defect in one of them. Hence larger chips have far lower yield than smaller chips.
This is the main reason that very few digital cameras have sensors the size of 35mm film... since you'll probably end up with a yeild of less than 0.5.
I'm certainly not arguing that you shouldn't take a view towards the future direction of the project, and plan your initial design to accomodate that.
I've just seen projects where people have gone to lengths to design functionality that (from my perspective) seems uncalled for and unsuited to the project.
I treat my phone like crap. If i cant find it in a pile of clothes i'll just pull it out by the charger. I'll throw it across the room if it's a call for someone else....
I've seen a lot of projects get truly overdesigned, because someone wants to make sure that they'll be easily extensible to changing requirements.
The resulting source is then needlessly complicated, and often when it comes to extending it, the original design gets in the way because it didn't pander to the particular change being made.
Slashdot Mirror
I've seen this done with a phishing scam on my bank...
s cam.php
You click on the typical link that's for http://www.bank.com.ewroijwer.@somewhere.illegal/
That the returns a page which pops up a toolbarless window saying "Please verify your account information...". It then reloads the main window so it actually displays https://www.bank.com
That way you see your banks homepage, you see the lock icon, the certificate checks out, but the popup window asking for your account information isn't secure and posts information to russia.
I was very very impressed - took me a while to realize what they were doing.
If the people who aren't bright enough to spot more obvious scams leave the internet - we'll be better off :)
they can only be president twice.
I wonder if i could phish for credit card details by sending out email advertising my ub3r l33t ph1$in kit.
Wonder if they'd fall for it, or if the average phisher is just as stupid as the phish.
I used to have a perl script that went to overture few hours, searched for bulk email, and clicked on each of the results.
Overture used to display how much the advertizer would pay for every single click, and lots of them were over $10.
I'm not sure if it actually worked or not, but in theory i cost the UCE industry about a half a million dollars - sadly that went to overture who aren't much more reputable.
I'm not totally sure, but usually i go into the CUPS web interface and just use socket://address.of.printer and do it that way.
Of course that only works for network aware printers.
I've definitely entered smb:// urls into cups and recall not having any problems, but dont have anything like that running now.
Realistically most people here probably run linux most of the time... or at least they should if they practice what they preach.
:)
I work on solaris, run linux most other places and have a win2k box since my wife needs MS Word and i occasionally have to do VC++ consulting work.
I see kde and gnome every day and see them advancing but since i haven't used a version of windows released in the last 5 years so it's hard to make a direct comparison.
The point with firewalls is that most windows boxes are not firewalled and most linux boxes are... it's a statement more about their userbase than anything else. OSX stands above the crowd here though
Hmm i can add a printer to my kde in a minute or two.
:)
Then it's smart enough to know that when i need to print something, and i'm not at home, that there are 3 roughly equidistant lasers at work. It'll select the one that's not-broken and least loaded and send it there.
Kde's printing is slick - pick something else to bash
Every source, no matter how impartial it claims to be, is bound to have some sort of bias.
/. is "news for nerds who dislike microsoft and sco and hold apple on a pedastal", and with that in mind i can find useful stuff here sometimes.
The key to finding value in those sources comes from being able to identify the bias and interpret around it.
For example
SOAP is an excellent technology but it's SLOW. Servers get bogged down doing string processing, and when you are handling thousands of requests per minute it's a big problem. Adding a gzip/gunzip into the mix would make it slower still.
As it happens, most soap requests are NOT human readable. Sure i can sit and figure one out, but unless it's a trivial example, trying to decipher it isn't easy.
A standard binary xml format would allow a standard binary soap variant. Debuggers could hand bsoap->soap translation and everything would get quite a speed boost.
My argument would be that if it's not standardized then people will develop non-standards-complient implementations, which is definitely a bad thing.
Things you probably cant do nowadays but we did in high school (which was only 8 yrs ago)
1) Play with radioactive stuff
2) Use transformers to run some 14kV distribution lines up and down the classroom to show the decrease in cable loss
3) Show that the high voltage back-emf spikes from a relay closing can jam your nerve signals and leave you unable to move (ala taser)
4) Look inside classmates with ultrasound
5) Find out how much voltage it takes to blow up a capacitor
Even then our teacher had a closet full of 'special equipment' that he'd smuggle home every time the inspectors came round to visit.
I loved physics and i can assure you that 90% of my high school classmates concurred that it was better than chemsitry or biology or social "science". The experiments make it fun.
I think they should get MC Hawking to promote physics
:) I still like " F*ck the Creationists" best :)
http://www.mchawking.com/
He rocks
This of course assumes that he has that information.
There are ways to not keep records on that kind of thing.. and i'd hope he's set up that way.
Why does a help desk operator have access to my credit report?
Surely you can design a system where very few humans ever have contact with all of a persons information.
I've dealt with on UK bank where when you wanted to perform certain transactions using telephone banking you were passed to a second tier operator and instructed not to give them your name.
Presumably the system was set up such that no one person had enough confidential information on a single customer.
The US really needs far stricter controls on SSNs - it's insane how often i need my ssn for day to day transactions.
Oddly enough that company appears to have no revenue.....
I complained to them once that i was getting a 400ms ping time to the UK and that this wasn't normal.
Their response was pretty much that i shouldn't expect broadband if i'm not connecting to things in the uk.
The upside is that now their customer service is entirely handled by script reading indians, you can call and say you want to cancel because qwest are doing dsl for $27/mo and they'll half the price of your internet service.
I'd be pretty surprised if comcast can do anything better than their competitors
That's the glory of having a virtual monopoly and charging me a hundred bucks a month for internet and basic digital cable.
It sounds like the ipod UI will be used for playing music, but does that mean a different UI will be used for placing phonecalls.
I'd say that was very-motorola to have an inconsistent user interface... tho to be fair i haven't used one of their phones since the early 90s.
Sounds just like what they did with Windows 95. You put an autorun.inf file on the disk and as soon as the system sees it, it starts.
What's the market for this anyway. Am i going to have to carry one dongle for each application?
Surely it'd be better to work on a standard for applications that run from removable media... require that they run from a single exe file and create some sort of sub-registry on the removable device - that'd make it easy for people to handroll their own usb functionality.
All semiconductor manufacture processes have defects, and when a defect occurs it ruins the chip.
Typically defects occur at random so there will be X defects per cm^2 (in this case X should be 1).
So the bigger you make the individual chip dies, the more likely the case that there will be a defect in one of them. Hence larger chips have far lower yield than smaller chips.
This is the main reason that very few digital cameras have sensors the size of 35mm film... since you'll probably end up with a yeild of less than 0.5.
I thing you need the 'special' columbian beans for that.
Sounds like my life...
I'm certainly not arguing that you shouldn't take a view towards the future direction of the project, and plan your initial design to accomodate that.
I've just seen projects where people have gone to lengths to design functionality that (from my perspective) seems uncalled for and unsuited to the project.
I treat my phone like crap. If i cant find it in a pile of clothes i'll just pull it out by the charger. I'll throw it across the room if it's a call for someone else....
i'd never dream of doing that with an ipod.
I've seen a lot of projects get truly overdesigned, because someone wants to make sure that they'll be easily extensible to changing requirements.
The resulting source is then needlessly complicated, and often when it comes to extending it, the original design gets in the way because it didn't pander to the particular change being made.