Yea, and why not apply reflection's methods against the platform itself? "Reflect", reverse, and modify the framework appropriately to gain a hook. Java isn't the only language to use reflection, c# has it, but I don't think I've ever seen it used, which may be a testament to it's usefulness more than it's security.
Something like http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language has been trying to solve this problem, also there's multi-step authentication that say requires your password and a randomly generated pass code from you phone. The google tool is cool though, and a lot easier to set up and use than what I'm mentioning. The goal with password management is to reach the common user after all.
Considering that reflection is basically injecting code at runtime, I'd say most things in the Java world don't need it, not sure if it's on or off by default, but in 99% of scenarios I believe it should be set to off.
That happened to be exactly what I thought, except I believe the reason netflix doesn't have "fresh" content typically is licensing costs I believe. And the current redbox has movies around the time they come out to dvd. Still, even if it was a whole year's wait, it'd be better than never getting the movie with netflix.
Could it possibly be that some of the 600 or so additives found in cigarettes but not in pot lead to the difference in cancer rates among pot smokers and cigarette smokers?
I've never been "hired" by HR, have you? They just screen resumes, a wise career adviser once recommend to me to tailor my resume to the job description if I really want it and include a cover letter. In grateful's case I'd simply state I made this badass project and have all the skills necessary to do it for the potential company, I wouldn't mention the words "entrepreneur", or "own company" anywhere, they play the buzz word game, so should you, it's only fair after all.
Sounds like you're an engineer, when your career single tracks on say C programming, you may have to expand your search to national to effectively land a job. Moving is good for you anyways, but it sounds like you proved / demonstrated your skills with your self-start project showing employers a side of you that was either missing or under-represented opening doors. A good example of how to re-enter the job market and demonstrate your value to an org.
*shrug* so be smarter than a sheep and get out as the high tide starts to recede (2-3y is the trend I believe), you only have yourself to blame for outstaying your usefulness. It's just how IT is nowadays, the days when knowing html could net you 6 figures are long gone. If employers start to see their workers rotate themselves, it just might motivate them to improve conditions in IT and offer incentives. Live to work man, live to work...
A lot more on EHR difficulties and regulation there. This is more about asking free labor students to fix the problem for senior industry "professionals".
Still.. the linksys v4200v1 was supported by dd-wrt (v2 jewed out, it's locked I believe). It's got some documented bugs though, not sure if they ever got fixed, they weren't for stuff I was using and ssh worked fine. I can see why dd-wrt has fallen out of favor though, they've commercialized, but still it's a pain in the ass to learn new router interfaces & nuances, so I'll stick w dd-wrt at least for now.
Medicare presents the other extreme of the situation: doctors loading patients up on prescriptions saying here try this and try that, no problem medicaid will pay it for you, can you afford $3? The problem is some of these medications cause other problems to arise, etc..., etc... the liver can only take so much. Make sense?
Right... as I said: how close implying there's no email rules from them. The org is a bit skiddish, but mostly doesn't want to make minor changes that don't justify validation leading to recurring bugs that only get fixed with major updates.
That's the beauty of the internet, some poor shmuck decides to read the small book that is a typical TOS "contract" finds something alarming like instagram's new rules, or Sony's clause against class action lawsuits and then posts it to the internet for the rest of us who don't bother. As long as there's whistleblower's and given the current state of TOS... it can get worse, but let's hope cases like this make it better. The lesson learned with instagram and the internet is informedusers will avoid your business and switch to a competitor if they don't agree with your shady business practices.
So... it's EHR systems and systems that use those systems, anything that handles customer data basically... for us that's most of our systems, does it send an email to the customer? regulations! Exchange, active directory, & stuff like terminal services have nothing to do with the EHR whatsoever. I also wonder how close HIPAA requirements came to requiring encrypted emails for EHR data.
So either the server failed, or the data in the database was missing / corrupt. He said crash implying a software bug... rolling back the database: not an option. If they didn't have failover in place that can get into regulations real quick, but sounds like a software bug, not acceptable in a medical system.
Dunno, could be the beginning of a new trend of websites not updating their TOS based on their CEO's mood of the day, but rather consulting with their user base first? Might take a couple more of these types of cases to pop up before new business practices are drawn.
That administrative fee is just that, administrative, somebody has to go get the document and email it to you. I don't think there's any fully automated secure HIPAA compliant self-retrieval system out there. Charging on a per page level is just an aspect of business and is like one of those $100 to email zutterberg type things to prevent abuse of the system. I'm not exactly quite sure who owns your medical records though, or if there's a free way to get at them, maybe in the non-electronic realm.
Sure, every network anything has had security issues and will. Imho, remote web management is only useful to a very few select users, to get back home, ssh is the way to go... which you'd set up in web management:)
There was also a vulnerability late last year that revolved around a specific service. The scope is different though, you can turn off a router service inconveniencing yourself till a patch is released... the article didn't provide enough detail on what's affected on the linksys firmware leading me to suspect stock firmware, stock settings... aka the most vulnerable of the vulnerable users group.
I'm contracting in the industry right now, and...
The problem with e-records is draconian HIPAA requirements. Also all our systems have to be able to pass an audit by the FDA, meaning if I add a piece of javascript to check for numerics... re-validation! I'm not saying the government should back down, medical records need to be private, but they've got IT management and senior staff here trembling at the mention of their existence. Supposedly, it's kept the main production system from being update for the last couple of decades or so simply because nobody wants to take on the responsibility of potentially getting the business shut down... then again that's operations, and they can be a bit dirka dir, but it's definitely a problem from both sides of the fence.
Slashdot Mirror
Where are my mod points when I need them? ;;
Yea, and why not apply reflection's methods against the platform itself? "Reflect", reverse, and modify the framework appropriately to gain a hook. Java isn't the only language to use reflection, c# has it, but I don't think I've ever seen it used, which may be a testament to it's usefulness more than it's security.
Potential Reflection scenarios: http://stackoverflow.com/questions/2488531/what-is-the-use-of-reflection-in-java-c-etc
Something like http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language has been trying to solve this problem, also there's multi-step authentication that say requires your password and a randomly generated pass code from you phone. The google tool is cool though, and a lot easier to set up and use than what I'm mentioning. The goal with password management is to reach the common user after all.
Java's had issues with reflection before: http://stackoverflow.com/questions/3002904/what-is-the-security-risk-of-object-reflection .
Considering that reflection is basically injecting code at runtime, I'd say most things in the Java world don't need it, not sure if it's on or off by default, but in 99% of scenarios I believe it should be set to off.
Could their response have anything to do with the death star by chance?
Anybody posting on here from an inner city public school by chance? *chirp* anybody?
That happened to be exactly what I thought, except I believe the reason netflix doesn't have "fresh" content typically is licensing costs I believe. And the current redbox has movies around the time they come out to dvd. Still, even if it was a whole year's wait, it'd be better than never getting the movie with netflix.
The Death Star would provide ample justification... because we would've had a death star, that's why.
Could it possibly be that some of the 600 or so additives found in cigarettes but not in pot lead to the difference in cancer rates among pot smokers and cigarette smokers?
I've never been "hired" by HR, have you? They just screen resumes, a wise career adviser once recommend to me to tailor my resume to the job description if I really want it and include a cover letter. In grateful's case I'd simply state I made this badass project and have all the skills necessary to do it for the potential company, I wouldn't mention the words "entrepreneur", or "own company" anywhere, they play the buzz word game, so should you, it's only fair after all.
Nope, that's 44:45:41:44 .
Try this to get the joke.
Sounds like you're an engineer, when your career single tracks on say C programming, you may have to expand your search to national to effectively land a job. Moving is good for you anyways, but it sounds like you proved / demonstrated your skills with your self-start project showing employers a side of you that was either missing or under-represented opening doors. A good example of how to re-enter the job market and demonstrate your value to an org.
*shrug* so be smarter than a sheep and get out as the high tide starts to recede (2-3y is the trend I believe), you only have yourself to blame for outstaying your usefulness. It's just how IT is nowadays, the days when knowing html could net you 6 figures are long gone. If employers start to see their workers rotate themselves, it just might motivate them to improve conditions in IT and offer incentives. Live to work man, live to work...
This story feels like a continuation of yesterday's discussion here: Health Care Providers Failing To Adopt e-Records, Says RAND
A lot more on EHR difficulties and regulation there. This is more about asking free labor students to fix the problem for senior industry "professionals".
To help troubleshoot, that flashing hex value was: 3a:28 .
Still.. the linksys v4200v1 was supported by dd-wrt (v2 jewed out, it's locked I believe). It's got some documented bugs though, not sure if they ever got fixed, they weren't for stuff I was using and ssh worked fine. I can see why dd-wrt has fallen out of favor though, they've commercialized, but still it's a pain in the ass to learn new router interfaces & nuances, so I'll stick w dd-wrt at least for now.
Medicare presents the other extreme of the situation: doctors loading patients up on prescriptions saying here try this and try that, no problem medicaid will pay it for you, can you afford $3? The problem is some of these medications cause other problems to arise, etc..., etc... the liver can only take so much. Make sense?
Right... as I said: how close implying there's no email rules from them. The org is a bit skiddish, but mostly doesn't want to make minor changes that don't justify validation leading to recurring bugs that only get fixed with major updates.
That's the beauty of the internet, some poor shmuck decides to read the small book that is a typical TOS "contract" finds something alarming like instagram's new rules, or Sony's clause against class action lawsuits and then posts it to the internet for the rest of us who don't bother. As long as there's whistleblower's and given the current state of TOS... it can get worse, but let's hope cases like this make it better. The lesson learned with instagram and the internet is informedusers will avoid your business and switch to a competitor if they don't agree with your shady business practices.
So... it's EHR systems and systems that use those systems, anything that handles customer data basically... for us that's most of our systems, does it send an email to the customer? regulations! Exchange, active directory, & stuff like terminal services have nothing to do with the EHR whatsoever. I also wonder how close HIPAA requirements came to requiring encrypted emails for EHR data.
So either the server failed, or the data in the database was missing / corrupt. He said crash implying a software bug... rolling back the database: not an option. If they didn't have failover in place that can get into regulations real quick, but sounds like a software bug, not acceptable in a medical system.
Dunno, could be the beginning of a new trend of websites not updating their TOS based on their CEO's mood of the day, but rather consulting with their user base first? Might take a couple more of these types of cases to pop up before new business practices are drawn.
That administrative fee is just that, administrative, somebody has to go get the document and email it to you. I don't think there's any fully automated secure HIPAA compliant self-retrieval system out there. Charging on a per page level is just an aspect of business and is like one of those $100 to email zutterberg type things to prevent abuse of the system. I'm not exactly quite sure who owns your medical records though, or if there's a free way to get at them, maybe in the non-electronic realm.
Sure, every network anything has had security issues and will. Imho, remote web management is only useful to a very few select users, to get back home, ssh is the way to go... which you'd set up in web management :)
There was also a vulnerability late last year that revolved around a specific service. The scope is different though, you can turn off a router service inconveniencing yourself till a patch is released... the article didn't provide enough detail on what's affected on the linksys firmware leading me to suspect stock firmware, stock settings... aka the most vulnerable of the vulnerable users group.
I'm contracting in the industry right now, and... The problem with e-records is draconian HIPAA requirements. Also all our systems have to be able to pass an audit by the FDA, meaning if I add a piece of javascript to check for numerics... re-validation! I'm not saying the government should back down, medical records need to be private, but they've got IT management and senior staff here trembling at the mention of their existence. Supposedly, it's kept the main production system from being update for the last couple of decades or so simply because nobody wants to take on the responsibility of potentially getting the business shut down... then again that's operations, and they can be a bit dirka dir, but it's definitely a problem from both sides of the fence.