In college I took a drafting class,old fashioned method (month long course). Besides learning to
draw everything in isometric views, I learned to
print in all caps. It helped a lot, and now whenever I need to print neatly, it do some drafting!
In a related note, you can put a lock icon on a web page with out using ssl at all. Take a look at the
Chase Bank Homepage. They put a lock in the login box, making users think that the login box is secure, however, it's not completely secure because it's on an unsecured page.
While indead, for most people, the login information will go straight to chase secure servers, it is possible to hack the users session. How? Easy, just modify the chase.com homepage before the user gets it. Either through DNS, proxy or xss. Whatever you do, don't login to your bank account from the chase homepage.
Thank! (I did the programming behind this recipe database way back in 1998. )
I'd recommend the Browse Recipes
http://eat.epicurious.com/recipes/browse_home/inde x.ssf/?/recipes/browse_home/index.html
It lets you drill down based on main ingredient, preparation method, etc.
A lot of the recipies have wonderful photos attached as well, a big plus when deciding on what
to pick. In addition, many customers have
added there tips on alterations to recipe, or good
subsititions for hard to find things.
This is similar to the invention in the book "The Truth Machine". (A great book btw) In that book, some people lived "recorded lives" where everything was saved. The book's invention was even neater in that it stored sound and video. All the info was beamed wirelessly off the device. Great for times when you are worried about someone mugging you or something. So, you cross this with a camera phone and you got a recored life!
Uhm, I had one at my desk and did not like it. I like to feel cozy fabric instead of that plastic feel that you get in this chair. Granted, I don't like leather pants either. If those are for you, you should try this chair.
For those of you that still want to let anyone talk to you, and not have SPIM, trillian pro offers a nice challenge/response solution. The
other person/bot must pass the challenge before
their IM's will be seen by you
It lets you configure your own challenge:
http://www.livejournal.com/users/opalcat/1462640.h tml
I will AIM/GAIM had this.. I should look around for the gaim solution..
I found this to be the worst web development ever. Using javascript to instead of regular links makes it slower and messier. Just because the application may be a little easier to write doesn't make it a good idea. In the email example, the login form submit uses javascript. The link to view the email uses javascript and reloads both frames, very inefficient. It also seem to do multiple submits/redirects just to load one page. One could have just used to highlight the table row, instead of reloading the entire window. Not only that, but the app doesn't even work in Mozilla for me!!
The Verizon system takes longer to connect than the radio based nextel system. This is because it is in effect making a call over the cell network. It still should be faster than a cell call, because it immediately answers on the other end. However, it'll never be as fast as walkie talkies.
Did anyone notice the testimonial at the end? The "Grant Tracking System which had previously been developed with state funds at the office of the Governor." A quick check at GovermentDomain.com shows
this description for the app:
Front end is developed in Microsoft Access 97. The database runs on SQL Server 2000 The online portion of the application requires a windows NT Web Server running IIS 4.0
It doesn't look like the reporter did the research on this example.
it's out, download and look at the program.
You need to have a personal certificate for this to work. It doesn't currently offer the creation of this cert within aim, I imagine this would be provided only by the enterprise version of aim.
You can however go and create a personal cert. somewhere else and import it. It will ask for the cert password everytime you start up AIM.
It puts a lock beside your screenname, then, automatically when two people with the capability talk to each other, it moves up to secure the conversation. Pretty slick.
The only real problem is the generation of the certs. Looking back on previous/. article on PKI, there was a lot of problems. No one seems to be doing it right. (www.thwarte.com has a good 50 step process to get one)
Does anyone know an easier way to get a personal cert to work w/ aim in fewer steps?
Shut down the company.
on
Today's SCO News
·
· Score: 4, Interesting
Turn off any machine that has open source software on it. Windows has some. Solaris does too. Can't have open source? Then you can't run the company.
Do a reply all and tell everyone what a dumbass your CIO is.
We had Roger come to our college in ~1994 to give a talk on the problems wit Challenger. I had spend much of the day talking w/ him about the design and testing of the Columbia. He told me all about the work on the o-rings, the aluminum skin and frame and various testing. As I recall, he wasn't too impressed with the continued safety of the fleet, and he considered there to be a 10% chance of failure on any given flight.
While I like the project, I think the biggest problem is the interface to use the books. They end up in this crappy.txt format. The searching and browsing is slow and painful. If they just spent a little time on the website, they might get more support!
And it seems we'll have the full blown version of it very soon. The book describes people who live "a recorded life" where every action they do is recorded via wireless camera on their watch...
Just look www.WebComics.com, where we have had over 100 daily and weekly webcomics online for years. We also provide resources for online cartoonists for free, like comic scheduling, archiving and promotion. There is also a nice SlashBox of some techie comics from WebComics.com.
I do see your point, however, I will throw it back to you like this: In the same situation where you knew of a hole and did not disclose it to the public, would you feel guilty if it was found by someone else and exploited anyway? Your LACK OF ACTION can have consequences as well. Would you take the blame of not informing the public?
It's unfortunate that the legal system tends to look more at actions instead of inactions. Did you ever see the final episode of "Seinfeld"?
I feel that there is less RISK to users if they know which company / product / website is more risky to use, and know which companies keep up to date on fixing things.
In the end, in my case, the type of bug in the bank's site had been listed in CERT for 2 years, along with how to fix it. I think that it's clearly the company's fault for not building a safe website.
If A decides not to do anything about it (or if they are taking longer to plug the hole than you thought) I don't see how you are morally justified in leaking that info to the world.
Just because you found a hole, it doesn't mean that you are the ONLY one to find the hole. It's possible that any hole you find is an actively exploited hole.
While I'm not familiar with Kevin's case, I've been in a similar situation before. Bank A would not patch their holes in their banking websites. I notified them again and again. After months waiting, I went public. Problem was solved the NEXT DAY! It was simply a matter of getting the right people to make it a priority. I feel that this is completely morally justified and I don't think that the bug was exploited, and I don't think that USERS were harmed just because it was public. It may however have hurt Company A's reputation.
Slashdot Mirror
I think running it yourself is the way to go. You can get dedicated boxes in the $50 to $60 range.. like at managed.com ...
In college I took a drafting class,old fashioned method (month long course). Besides learning to draw everything in isometric views, I learned to print in all caps. It helped a lot, and now whenever I need to print neatly, it do some drafting!
In a related note, you can put a lock icon on a web page with out using ssl at all. Take a look at the Chase Bank Homepage. They put a lock in the login box, making users think that the login box is secure, however, it's not completely secure because it's on an unsecured page. While indead, for most people, the login information will go straight to chase secure servers, it is possible to hack the users session. How? Easy, just modify the chase.com homepage before the user gets it. Either through DNS, proxy or xss. Whatever you do, don't login to your bank account from the chase homepage.
Thank! (I did the programming behind this recipe database way back in 1998. ) I'd recommend the Browse Recipes http://eat.epicurious.com/recipes/browse_home/inde x.ssf/?/recipes/browse_home/index.html
It lets you drill down based on main ingredient, preparation method, etc.
A lot of the recipies have wonderful photos attached as well, a big plus when deciding on what
to pick. In addition, many customers have
added there tips on alterations to recipe, or good
subsititions for hard to find things.
This is similar to the invention in the book "The Truth Machine". (A great book btw) In that book, some people lived "recorded lives" where everything was saved. The book's invention was even neater in that it stored sound and video. All the info was beamed wirelessly off the device. Great for times when you are worried about someone mugging you or something. So, you cross this with a camera phone and you got a recored life!
"We did agree to a one time payment" says marsh in your eweek link.
Uhm, I had one at my desk and did not like it. I like to feel cozy fabric instead of that plastic feel that you get in this chair. Granted, I don't like leather pants either. If those are for you, you should try this chair.
For those of you that still want to let anyone talk to you, and not have SPIM, trillian pro offers a nice challenge/response solution. The other person/bot must pass the challenge before their IM's will be seen by you It lets you configure your own challenge: http://www.livejournal.com/users/opalcat/1462640.h tml
I will AIM/GAIM had this.. I should look around for the gaim solution..
I found this to be the worst web development ever. Using javascript to instead of regular links makes it slower and messier. Just because the application may be a little easier to write doesn't make it a good idea. In the email example, the login form submit uses javascript. The link to view the email uses javascript and reloads both frames, very inefficient. It also seem to do multiple submits/redirects just to load one page. One could have just used to highlight the table row, instead of reloading the entire window. Not only that, but the app doesn't even work in Mozilla for me!!
The Verizon system takes longer to connect than the radio based nextel system. This is because it is in effect making a call over the cell network. It still should be faster than a cell call, because it immediately answers on the other end. However, it'll never be as fast as walkie talkies.
Even less at Overstock.com only $16.99 + $1 shipping at overstock
webcomics.com has hundreds of comics online for free.
FYI:
Download.com will start charging software creators who want their downloads listed. Me things this will not be a good place for free software anymore!
None of your posted links have any solutions. I'll save everyone the trouble of reading all those links.
Link 1: Unfortunately, there does not seem to be a remedy at the moment.
Link 2: I never found a way to make the wheel work without buying a different switch.
Link 3: Was about a Different switch
Next time you post links, don't assume they have meaning full information just because they mention a config file.
it's out, download and look at the program. You need to have a personal certificate for this to work. It doesn't currently offer the creation of this cert within aim, I imagine this would be provided only by the enterprise version of aim. You can however go and create a personal cert. somewhere else and import it. It will ask for the cert password everytime you start up AIM. It puts a lock beside your screenname, then, automatically when two people with the capability talk to each other, it moves up to secure the conversation. Pretty slick. The only real problem is the generation of the certs. Looking back on previous /. article on PKI, there was a lot of problems. No one seems to be doing it right. (www.thwarte.com has a good 50 step process to get one)
Does anyone know an easier way to get a personal cert to work w/ aim in fewer steps?
Turn off any machine that has open source software on it. Windows has some. Solaris does too. Can't have open source? Then you can't run the company. Do a reply all and tell everyone what a dumbass your CIO is.
Even better deal at rackshack.net. I now have a growing cluster of servers there ;-)
We had Roger come to our college in ~1994 to give a talk on the problems wit Challenger. I had spend much of the day talking w/ him about the design and testing of the Columbia. He told me all about the work on the o-rings, the aluminum skin and frame and various testing. As I recall, he wasn't too impressed with the continued safety of the fleet, and he considered there to be a 10% chance of failure on any given flight.
While I like the project, I think the biggest problem is the interface to use the books. They end up in this crappy.txt format. The searching and browsing is slow and painful. If they just spent a little time on the website, they might get more support!
And it seems we'll have the full blown version of it very soon. The book describes people who live "a recorded life" where every action they do is recorded via wireless camera on their watch...
Just look www.WebComics.com, where we have had over 100 daily and weekly webcomics online for years. We also provide resources for online cartoonists for free, like comic scheduling, archiving and promotion. There is also a nice SlashBox of some techie comics from WebComics.com.
It's unfortunate that the legal system tends to look more at actions instead of inactions. Did you ever see the final episode of "Seinfeld"?
I feel that there is less RISK to users if they know which company / product / website is more risky to use, and know which companies keep up to date on fixing things.
In the end, in my case, the type of bug in the bank's site had been listed in CERT for 2 years, along with how to fix it. I think that it's clearly the company's fault for not building a safe website.
Just because you found a hole, it doesn't mean that you are the ONLY one to find the hole. It's possible that any hole you find is an actively exploited hole.
While I'm not familiar with Kevin's case, I've been in a similar situation before. Bank A would not patch their holes in their banking websites. I notified them again and again. After months waiting, I went public. Problem was solved the NEXT DAY! It was simply a matter of getting the right people to make it a priority. I feel that this is completely morally justified and I don't think that the bug was exploited, and I don't think that USERS were harmed just because it was public. It may however have hurt Company A's reputation.
http://www.zabaware.com/representative/aimbot.html
was in existance in early 2000.
http://www.fury.com/aoliza/ was up a week before the filing any others?