Are you kidding? Who's morals should it be based on? A Congressman, the President, Joe from California, the Christian church? Legislating based on morals is how we run into trouble. It's why we have ridicolous debates about laws that should be passed because of the views of certain interest groups. Legislating based on morals is why we need checks and balances to prevent just that.
Glorifying such fool pranks I would consider the same as glorifying cutting brake lines on school buses. Really quite funny when the bus driver tries to stop.
Yeah man, lots of kids have died due to hacking attempts. There isn't a "rolleyes" icon big enough to reply to your post.
Amazon had something very similiar in A9 Maps. You could view either side of most streets in major cities. They also had a program where you would sign up and, given the name of a business and a few pictures, pick one out that best represented the storefront. You could see where they were going with this.
However, I just checked on it and it's discontinued. This is strange, considering the immense amount of effort this must have taken. I wonder if Microsoft didn't buy their data? If not, someone must have a use for it, as a Windows Live competitor if nothing else.
Anyone who's ever worked with any Diebold product shouldn't be surprised by any claim of insecurity. I've never worked with their voting machines, but I have with their banking products. Most of their Windows-based solutions are unpatched, and their stance on upgrading often invovles buying an upgrade. One client was told, for example, that if they wanted to patch holes in a current ATM produc they'd need to "buy a firewall upgrade." They configure sensitive databases with usernames/passwords of "DIEBOLD." And the list goes on and on. While many companies have started to see security as a vital part of development, Diebold is stubbornly stuck in the dark ages.
Why would anybody want to buy these domains unless they are the bank themselves - or a phishing scammer?", F-Secure asks.
Good old advertising. People visit the domain mistakenly, whether through Google ads, mistyping, or whatnot, and see ads. These ads are targeted towards financial topics. People click them, owner makes money. No real scam, just advertising dollars coming in.
(Of course, phishing is another possibility, but it's not the only one.)
They said: "...we've locked down most other debian.org machines, limiting access to DSA only, until they can be fixed for what we suspect is the exploit used to compromise gluck."
Are they saying they think the exploit is in the RSA functionality of SSH? If so, it might be prudent to turn it off for now, but this could be a knee-jerk reaction. (To turn it off, change RSAAuthentication to "no" in/etc/ssh/sshd_config and restart SSHD, though I don't know if it's worth it.)
I won't even comment on the security risk issue; though it takes a bit of social engineering, XSS can easily be leveraged for everything from session hijacking to plain old phishing.
Unavoidable? I don't know ASP, for example, and when I was using it for the first time and had a user variable which was displayed as HTML, 2 minutes of Googling led me to HTMLEncode(). Problem solved, for the most part. A real programmer can accomplish this in any language, with a regex or whatever.
Whoever wrote this obviously doesn't even have a basic understanding of programming or security.
Wow, great joke man, it's up there with a child inflicted with a flesh-eating cancer due to AIDS received by being raped by his drug-addicted father on the funny meter.
Am I missing something? IP spoofing, in the classical sense, involves SYN flooding and messing with the three-way handshake and all that. What they are testing is, how many IP stacks out there can set a false source address on a UDP packet. This was one of the functionalities removed by XP SP2. I might be missing something, but I think this is a badly-titled article.
Hey, this is neat: the article says they'll be using "The Gospel According to The Simpsons: The Spiritual Life of the Most Animated Family" as one of the books in the class. I'm a senior in high school and I had a sub in one of my classes who was actually the editor of this book. I saw parts of this book before it was released, and we answered trivia questions from this book about the Simpsons' link to religion. Heh.
I remember around the time the Taliban was knockign down statues of Buddha, news came out that they "banned the Internet", and MSNBC (or some other major news outlet) thought this was amusing because no Internet connections exist anywhere exist, unless you're very close to borders with other countries. Come on, Katz. "Gamers and coders hiding PCs"? Yeah, right.
The weirdest of them all will be.name. According to the registrar's rules, you have to register your own legal name (ie, no "cowboy.neal.name":), and you actually have to register it in the format of "firstname.lastname.name." That would suggest subdomain to me, so I really don't know how to the hell they are doing this.
Does anyone know? Will "bob.smith.name" actually be a different domain from "john.smith.name"?
Slashdot Mirror
It's been "Big Four" (PwC, Delloite, E&Y, KPMG) since Andersen collapsed, FYI.
but perhaps law should be based on morality.
Are you kidding? Who's morals should it be based on? A Congressman, the President, Joe from California, the Christian church? Legislating based on morals is how we run into trouble. It's why we have ridicolous debates about laws that should be passed because of the views of certain interest groups. Legislating based on morals is why we need checks and balances to prevent just that.
Guess which one plays in a browser and doesn't require downloading a large file.
Glorifying such fool pranks I would consider the same as glorifying cutting brake lines on school buses. Really quite funny when the bus driver tries to stop.
Yeah man, lots of kids have died due to hacking attempts. There isn't a "rolleyes" icon big enough to reply to your post.
Amazon had something very similiar in A9 Maps. You could view either side of most streets in major cities. They also had a program where you would sign up and, given the name of a business and a few pictures, pick one out that best represented the storefront. You could see where they were going with this.
However, I just checked on it and it's discontinued. This is strange, considering the immense amount of effort this must have taken. I wonder if Microsoft didn't buy their data? If not, someone must have a use for it, as a Windows Live competitor if nothing else.
STFU
Does it also make the metal grym and frosbitten?
Anyone who's ever worked with any Diebold product shouldn't be surprised by any claim of insecurity. I've never worked with their voting machines, but I have with their banking products. Most of their Windows-based solutions are unpatched, and their stance on upgrading often invovles buying an upgrade. One client was told, for example, that if they wanted to patch holes in a current ATM produc they'd need to "buy a firewall upgrade." They configure sensitive databases with usernames/passwords of "DIEBOLD." And the list goes on and on. While many companies have started to see security as a vital part of development, Diebold is stubbornly stuck in the dark ages.
Why would anybody want to buy these domains unless they are the bank themselves - or a phishing scammer?", F-Secure asks.
Good old advertising. People visit the domain mistakenly, whether through Google ads, mistyping, or whatnot, and see ads. These ads are targeted towards financial topics. People click them, owner makes money. No real scam, just advertising dollars coming in.
(Of course, phishing is another possibility, but it's not the only one.)
In Soviet Russia, old recycled jokes aren't funny.
They said:
/etc/ssh/sshd_config and restart SSHD, though I don't know if it's worth it.)
"...we've locked down
most other debian.org machines, limiting access to DSA only, until
they can be fixed for what we suspect is the exploit used to
compromise gluck."
Are they saying they think the exploit is in the RSA functionality of SSH? If so, it might be prudent to turn it off for now, but this could be a knee-jerk reaction. (To turn it off, change RSAAuthentication to "no" in
In Net Neutrality, Google sues you
I think we've found the eefoof killer.
I won't even comment on the security risk issue; though it takes a bit of social engineering, XSS can easily be leveraged for everything from session hijacking to plain old phishing.
Unavoidable? I don't know ASP, for example, and when I was using it for the first time and had a user variable which was displayed as HTML, 2 minutes of Googling led me to HTMLEncode(). Problem solved, for the most part. A real programmer can accomplish this in any language, with a regex or whatever.
Whoever wrote this obviously doesn't even have a basic understanding of programming or security.
This is much easier than typing "site:gov"
Look up the word "volunteer" in the dictionary.
All that just to make Slashdot look like a generic CMS template? I was half expecting to see "Powered by PHPNuke" at the bottom.
Wow, great joke man, it's up there with a child inflicted with a flesh-eating cancer due to AIDS received by being raped by his drug-addicted father on the funny meter.
Am I missing something? IP spoofing, in the classical sense, involves SYN flooding and messing with the three-way handshake and all that. What they are testing is, how many IP stacks out there can set a false source address on a UDP packet. This was one of the functionalities removed by XP SP2. I might be missing something, but I think this is a badly-titled article.
Are there stairs in your house?
Hey, this is neat: the article says they'll be using "The Gospel According to The Simpsons: The Spiritual Life of the Most Animated Family" as one of the books in the class. I'm a senior in high school and I had a sub in one of my classes who was actually the editor of this book. I saw parts of this book before it was released, and we answered trivia questions from this book about the Simpsons' link to religion. Heh.
I remember around the time the Taliban was knockign down statues of Buddha, news came out that they "banned the Internet", and MSNBC (or some other major news outlet) thought this was amusing because no Internet connections exist anywhere exist, unless you're very close to borders with other countries. Come on, Katz. "Gamers and coders hiding PCs"? Yeah, right.
Correct me if I am wrong, but .biz is managed by NeuLevel, whereas .us, by NeuStar. Or are they one in the same?
This gives a new meaning to:
a) Mail virus
b) "Don't open that attachment, you might get a virus"
The weirdest of them all will be .name. According to the registrar's rules, you have to register your own legal name (ie, no "cowboy.neal.name" :), and you actually have to register it in the format of "firstname.lastname.name." That would suggest subdomain to me, so I really don't know how to the hell they are doing this.
Does anyone know? Will "bob.smith.name" actually be a different domain from "john.smith.name"?