That is actually quite a non-trivial secure concern called horizontal privilege escalation that carries a high risk. They should get that fixed asap and do a little forensics to see if it's being actively exploited. A penetration test would help.
Grails is a web application framework for Groovy, a new-ish (8 years?) language that runs in the JVM and is 99.99% compatible with java.
Grails itself borrows the good stuff from Ruby on Rails, like convention over configuration. It's a springsource project that uses other springsource resources, like Spring Security and Spring MVC. The first time your build or parse XML/Json using Groovy you will fall in love. Database access is similarly easy using GORM (Grails Object Relational Mapping) which is built on top of hibernate (but without any XML configuration).
Read the Web application Hacker's Handbook. Once you can think like a malicious user you will build more secure code. Once your app is almost production ready, have it Penetration tested by a reputable security vendor like Emagined, and then remediate any identified vulnerabilities. Rinse and repeat. Never release a security critical application without due diligence.
Great features for masochists to maintain horribly engineered legacy systems, including (but not limited to):
No recursion or dynamic arrays: hard coded implementations at compile time, off by one errors, limited toolset
Global comm(memory) access is the rule: ad-hoc code, debugging errors due to opverlaid memory can take days
Lack of OO Concepts: lack of abstraction, repeated code, ad-hoc code
No automated testing: unavoidable code rot, makes TDD impossible, ad-hoc code
Lack of frameworks or simple library functions: no option but to always rebuild the wheel
Horrible IDEs: Completely inaccessible (try downloading a COBOL compiler), Worse to code in than notepad, costly and eternal vendor lock in (hope you like micro focus)
COBOL Culture: Programmers are a dime a dozen, Analysts with domain knowledge and no technical ability are awesome
>Would love to have something that works hand in hand between server, db, and browser in a more seamless way
I just discovered Grails two months ago and I think it does all of the above. It's built on top of spring mvc and you can use all existing java libraries/code in your code. The learning curve for learning Groovy syntax is graceful (if you know java) and follows the 'principle of least astonishment.' A couple examples...
Persisting an object to a database:
def foo = new Foo().save()
Getting an object from a database:
def foo = Foo.get(id)
It's a cause I believe in and I try to do my part. Around my house an open network called EFF Open Wireless is available from 9am - 6pm. You're welcome to use it if you ever see it:-)
I'll use that lame 3D UI for pen testing right after they pry Backtrack 5 out of my cold, dead hands. Try and make sqlmap a better tool by giving it a flashy ui. Go ahead, make my day.
... the money it would take to build this thing is enough to improve the quality of life in Mexico enough that they wouldn't be crossing the border in droves anymore.
I don't think anyone has mentioned ADHD-PI (Predominantly Inattentive). It's like normal ADHD but trades the hyperactivity for inactivity, which means its more difficult to identify.
I tried some adderall on advice of my sister and the result has been life changing. Anyone that heard I was on ADD meds would say "well geez I wish I could concentrate better, too." I gave some adderall to one of my friends to see if it would help him concentrate and guess what? All it did was get him high.
YES ADHD misdiagnosis may be rampant but ADHD-PI diagnosis is largely absent.
Slashdot Mirror
That is actually quite a non-trivial secure concern called horizontal privilege escalation that carries a high risk. They should get that fixed asap and do a little forensics to see if it's being actively exploited. A penetration test would help.
The billions of views they lost is about the same amount of money the music industry has lost due to piracy.
Who said perception is reality? Just make your own, it's easier.
I believe the XKCD in question is non-obligatory at this point.
that's why I sold a piece of toast for $50 bucks... it looked like Jesus.
Grails is a web application framework for Groovy, a new-ish (8 years?) language that runs in the JVM and is 99.99% compatible with java.
Grails itself borrows the good stuff from Ruby on Rails, like convention over configuration. It's a springsource project that uses other springsource resources, like Spring Security and Spring MVC. The first time your build or parse XML/Json using Groovy you will fall in love. Database access is similarly easy using GORM (Grails Object Relational Mapping) which is built on top of hibernate (but without any XML configuration).
Read the Web application Hacker's Handbook. Once you can think like a malicious user you will build more secure code. Once your app is almost production ready, have it Penetration tested by a reputable security vendor like Emagined, and then remediate any identified vulnerabilities. Rinse and repeat. Never release a security critical application without due diligence.
Great features for masochists to maintain horribly engineered legacy systems, including (but not limited to):
No recursion or dynamic arrays: hard coded implementations at compile time, off by one errors, limited toolset
Global comm(memory) access is the rule: ad-hoc code, debugging errors due to opverlaid memory can take days
Lack of OO Concepts: lack of abstraction, repeated code, ad-hoc code
No automated testing: unavoidable code rot, makes TDD impossible, ad-hoc code
Lack of frameworks or simple library functions: no option but to always rebuild the wheel
Horrible IDEs: Completely inaccessible (try downloading a COBOL compiler), Worse to code in than notepad, costly and eternal vendor lock in (hope you like micro focus)
COBOL Culture: Programmers are a dime a dozen, Analysts with domain knowledge and no technical ability are awesome
>Would love to have something that works hand in hand between server, db, and browser in a more seamless way
I just discovered Grails two months ago and I think it does all of the above. It's built on top of spring mvc and you can use all existing java libraries/code in your code. The learning curve for learning Groovy syntax is graceful (if you know java) and follows the 'principle of least astonishment.' A couple examples...
Persisting an object to a database:
def foo = new Foo().save()
Getting an object from a database:
def foo = Foo.get(id)
And the best part: no xml config files. yay!
Not one comment about the EFF Open Wireless Movement. that was covered on /. back in April.
It's a cause I believe in and I try to do my part. Around my house an open network called EFF Open Wireless is available from 9am - 6pm. You're welcome to use it if you ever see it :-)
I'll use that lame 3D UI for pen testing right after they pry Backtrack 5 out of my cold, dead hands. Try and make sqlmap a better tool by giving it a flashy ui. Go ahead, make my day.
But hey, the script kiddies will love it.
The educational system caters to students who try, care, are awake, etc. The Onion New Network has more.
... the money it would take to build this thing is enough to improve the quality of life in Mexico enough that they wouldn't be crossing the border in droves anymore.
non-obligatory cracked article here
I don't think anyone has mentioned ADHD-PI (Predominantly Inattentive). It's like normal ADHD but trades the hyperactivity for inactivity, which means its more difficult to identify.
I tried some adderall on advice of my sister and the result has been life changing. Anyone that heard I was on ADD meds would say "well geez I wish I could concentrate better, too." I gave some adderall to one of my friends to see if it would help him concentrate and guess what? All it did was get him high. YES ADHD misdiagnosis may be rampant but ADHD-PI diagnosis is largely absent.