Absolutely correct. If you say our icons need to be updated, I say you (or your kids) need a history lesson. Convention exists for a reason, and if you're going to do things differently, it needs to be better for everyone.
Yeah, I use Netflix too, and I've only seen one cracked disc. But there, the envelope is just the right size and the disc is basically held in place inside. It might be easier to recognize that it's supposed to be rigid than if you just stick a disc in a letter envelope that's too big for it.
Sounds like the CD I received in the mail once, in a plain envelope, with no jewel case, and no padding. More accurately, what I received was shards of a CD.
Li-Ion batteries are generally safe if they're manufactured well and undamaged. But as far as I know, they all have the potential to catch fire if something goes wrong.
So do it yourself. Sanitize your variables, prepare your statement, and then pass it. If you're going to use a language, you should be able to use it correctly. And it's really not that much of a chore once you're used to it. Even if SQL wasn't an issue, you still have to sanitize other things like shell commands.
Yes, it does make security hard. But I don't think it's the language. I think it's the fact that you're interfacing a web server, a backend script, and MySQL database. Most of the insecurity has to do with the interfacing, not the script itself.
requires you to learn a hundred different quirks and hacks
I really don't know what quirks and hacks you're talking about. Any language has to be learned, and as long as you escape your strings before passing them to MySQL, sendmail, or another application, PHP is secure. The hole they're talking about here is an escaping problem. Although it sounds like this is actually a flaw in PHP, the method that makes it possible shouldn't be used today anyway. And you're not going to avoid escaping problems in any language that does what you're doing in PHP.
Cable stations pay for content. Hulu pays for content. I understand that the cable companies don't like Hulu taking business away from them. My question is, why is that anyone else's problem? It's called competition. If I own Target, should I force my customers to shop at Wal-Mart too?
I don't mind Hulu having commercials, but they are a little excessive. They're up to 3 commercials per break now, and if you skip forward or backward over a commercial break, you usually have to watch them again. Amazon Prime doesn't have commercials, though, so that makes Hulu odd man out of three.
It doesn't make any sense to me at all. If "liking" a page is not speech, then it's meaningless, and therefore there's no issue. But if a "like" requires constitutional protection, then is IS speech, period.
Yes, you can be fired for stating your opinion on an issue. Actually, you can be fired for any reason at all, as long as they make up a good reason for it.
All true. But tips would no longer be taxable under Fair Tax, so the waiter who was previously dodging some of their income tax would be forced to pay increased sales tax on their personal purchases. Same with any individual who's under-reporting.
For businesses, yes, sloppy record keeping or false record keeping would be a serious problem. But it is already. What Fair Tax does is ensure that the person paying a tax is different than the person who's reporting the tax, thereby altering the incentives for cheating. I can no longer simply lie on my tax return - I'd have to conspire with someone.
My thinking is that companies are less likely to under-report their income than individuals are. Plus, there are fewer companies to audit than there are individuals. When I buy something, the company doesn't know if I'm an auditor or not, and all I have to do is look at my receipt to know if they're charging sales tax. Yes, the company could keep the tax money for themselves, but I'd call that embezzlement. There may be one or two companies willing to try it, but probably not many.
Yeah, that is true. Encouraging saving is good, except when you're talking about the rich who are hoarding cash. Even so, the thing I like about Fair Tax is that it significantly increases compliance, while hopefully decreasing cost somewhat. For example, illegal immigrants pay tax on their purchases, but presumably don't get the prebate.
I'm no expert, but if you eliminate the IRS and all of its expenses, and you eliminate the cost of tax preparation for individuals, and then you raise the same number of tax dollars as before, it would seem that the net effect on the tax payer would be slightly positive, and the net revenue for the government would be very positive.
They send notices if a bill payment gets scheduled, or if someone changes my address or phone number. I can also get balance alerts or notices if my credit card payment is overdue. Combined with the ability to log in and check my transactions, all of this makes it much faster to identify fraud. If someone intercepts my email they might gain more information about me, but no truly sensitive information.
Yes. I found an email in my spam filter the other day that claimed to be a notice from my bank. It was worded the same way that notices from my bank are worded. The From address was right. One small detail - it was full of broken images. And, of course, all the links pointed to a site in another country.
Of course the phisher should be responsible, and when they track him down he will be. But good luck with that, and even then, you'll be lucky to get the money back.
His computer was infected with a trojan that made it look like it was his bank's web site.
How much like it? Was it his bank's url at the top? I have actually seen one phishing site in my life that attempted to graphically overwrite the url bar, but it was a little off.
Anyway, malware or not, in this case he should have asked himself why he was entering the codes. (What is this TAN code shit anyway?)
In other cases you might have an argument, because not everyone is observational enough to realize if their bank's site has been altered, or if an ATM has had a skimmer attached.
Slashdot Mirror
Absolutely correct. If you say our icons need to be updated, I say you (or your kids) need a history lesson. Convention exists for a reason, and if you're going to do things differently, it needs to be better for everyone.
our sense of discovery is fucking DONE as a society
I don't think so. But we're too preoccupied with bullshit to get anything done.
Yeah, I use Netflix too, and I've only seen one cracked disc. But there, the envelope is just the right size and the disc is basically held in place inside. It might be easier to recognize that it's supposed to be rigid than if you just stick a disc in a letter envelope that's too big for it.
Sounds like the CD I received in the mail once, in a plain envelope, with no jewel case, and no padding. More accurately, what I received was shards of a CD.
Li-Ion batteries are generally safe if they're manufactured well and undamaged. But as far as I know, they all have the potential to catch fire if something goes wrong.
So do it yourself. Sanitize your variables, prepare your statement, and then pass it. If you're going to use a language, you should be able to use it correctly. And it's really not that much of a chore once you're used to it. Even if SQL wasn't an issue, you still have to sanitize other things like shell commands.
Of course it's error-prone, but how else can you avoid SQL injection in any language?
Interesting. That has to be intentional, though. It shouldn't happen by accident.
Yes, it does make security hard. But I don't think it's the language. I think it's the fact that you're interfacing a web server, a backend script, and MySQL database. Most of the insecurity has to do with the interfacing, not the script itself.
requires you to learn a hundred different quirks and hacks
I really don't know what quirks and hacks you're talking about. Any language has to be learned, and as long as you escape your strings before passing them to MySQL, sendmail, or another application, PHP is secure. The hole they're talking about here is an escaping problem. Although it sounds like this is actually a flaw in PHP, the method that makes it possible shouldn't be used today anyway. And you're not going to avoid escaping problems in any language that does what you're doing in PHP.
the php-cgi receives a processed query string parameter as command line arguments
That's a bad setup anyway, and shouldn't be needed this century.
Cable stations pay for content. Hulu pays for content. I understand that the cable companies don't like Hulu taking business away from them. My question is, why is that anyone else's problem? It's called competition. If I own Target, should I force my customers to shop at Wal-Mart too?
I don't mind Hulu having commercials, but they are a little excessive. They're up to 3 commercials per break now, and if you skip forward or backward over a commercial break, you usually have to watch them again. Amazon Prime doesn't have commercials, though, so that makes Hulu odd man out of three.
As long as they're doing it legally, there's nothing wrong with playing the game by the game's rules.
It doesn't make any sense to me at all. If "liking" a page is not speech, then it's meaningless, and therefore there's no issue. But if a "like" requires constitutional protection, then is IS speech, period.
Yes, you can be fired for stating your opinion on an issue. Actually, you can be fired for any reason at all, as long as they make up a good reason for it.
All true. But tips would no longer be taxable under Fair Tax, so the waiter who was previously dodging some of their income tax would be forced to pay increased sales tax on their personal purchases. Same with any individual who's under-reporting.
For businesses, yes, sloppy record keeping or false record keeping would be a serious problem. But it is already. What Fair Tax does is ensure that the person paying a tax is different than the person who's reporting the tax, thereby altering the incentives for cheating. I can no longer simply lie on my tax return - I'd have to conspire with someone.
My thinking is that companies are less likely to under-report their income than individuals are. Plus, there are fewer companies to audit than there are individuals. When I buy something, the company doesn't know if I'm an auditor or not, and all I have to do is look at my receipt to know if they're charging sales tax. Yes, the company could keep the tax money for themselves, but I'd call that embezzlement. There may be one or two companies willing to try it, but probably not many.
Yeah, that is true. Encouraging saving is good, except when you're talking about the rich who are hoarding cash. Even so, the thing I like about Fair Tax is that it significantly increases compliance, while hopefully decreasing cost somewhat. For example, illegal immigrants pay tax on their purchases, but presumably don't get the prebate.
I'm no expert, but if you eliminate the IRS and all of its expenses, and you eliminate the cost of tax preparation for individuals, and then you raise the same number of tax dollars as before, it would seem that the net effect on the tax payer would be slightly positive, and the net revenue for the government would be very positive.
They send notices if a bill payment gets scheduled, or if someone changes my address or phone number. I can also get balance alerts or notices if my credit card payment is overdue. Combined with the ability to log in and check my transactions, all of this makes it much faster to identify fraud. If someone intercepts my email they might gain more information about me, but no truly sensitive information.
Most phishing scams are rather obvious
Yes. I found an email in my spam filter the other day that claimed to be a notice from my bank. It was worded the same way that notices from my bank are worded. The From address was right. One small detail - it was full of broken images. And, of course, all the links pointed to a site in another country.
Of course the phisher should be responsible, and when they track him down he will be. But good luck with that, and even then, you'll be lucky to get the money back.
His computer was infected with a trojan that made it look like it was his bank's web site.
How much like it? Was it his bank's url at the top? I have actually seen one phishing site in my life that attempted to graphically overwrite the url bar, but it was a little off.
Anyway, malware or not, in this case he should have asked himself why he was entering the codes. (What is this TAN code shit anyway?)
In other cases you might have an argument, because not everyone is observational enough to realize if their bank's site has been altered, or if an ATM has had a skimmer attached.
Right. The concept is intuitive, but putting it into words takes education, just like everything else.