It's correct that the 7110 is pretty old; I just discarded my old 7110 after two and a half years of faithful service. It should be noted, though, that it doesn't have any real email support; no POP and no SMTP, only a network-dependent feature which would let you send an sms to a messaging centre which would then convert your message to an email.
My new Ericsson T68, on the other hand, fully supports POP and SMTP, and is far from the first phone to do so.
A question for you... how do you get by tying session keys to request IP? I'd love to do that for my web app, and I think it's far from pointless (IP spoofing is beyond the level of the sort of person who would try to hack my system), but I'm stumped by the fact that some ISPs (including AOL) will give its users different IPs from one request to the other. How do you handle that? Or doesn't your app have AOL-using users?
I have little to no knowledge about how the whole engineer certification thing works in the states, but I thought I'd share my situation anyway. If anyone would like to enlighten me about how it works in the states in a reply, I'd be most grateful.
I live in Norway, and I'm currently three quarters through the first year of a 5-year study to become a civil engineer in "computer technology". Although it may not sound like it, this study branches into eight different subjects, most of which are entirely software oriented. In four years, I'll graduate as a civil software engineer, every bit as much of an engineer as an engineer of electronics or other traditional engineering sciences. There are similar degrees in such diverse subjects as chemistry, industrial economics and technology management, mathematics, and communication technology.
Just in case the sarcasm didn't get through to all of you; a good slashdotting is *not* what he needs. Here's a link to a rant about his bandwidth costs, for good measure.
This is actually very new. This is no rug; it's actual snow which they create on the fly as the contraption rotates. Sounds pretty silly to me, and even if they do manage to make it work, I can't imagine it'll be any sort of a hit.
I'm really wondering why they had to make it a rotating structure though; I don't see why they couldn't use a conveyor belt-like design. People will get dizzy this way.
Are you saying your contract with these beta-clients didn't deal with this issue? The company I work for has been in the exact same situation; we made damn sure the issue was dealt with in advance, in the contract.
I suspect you might be lucky in this case though; even without a contract I don't see how they would be able to successfully argue that they own part of the IP.
Speaking of looking weird, I was thinking of getting a bluetooth headset for my new Sony Ericsson T68 cell phone. But the fact that they didn't even have the guts to show a picture of someone using it sort of tipped me off to the weirdness factor. What turned me off in the end, though, was the price tag... which rivals that of the phone itself.
This is a common misconception, but as with most misconceptions, it's *not* true. The Coriolis effect is not powerful enough to overcome the effect of minuscule imperfections in the structure of the sink/bathtub/toilet/whatever. Not by a long stretch.
(If you think this is off topic, read the dept. line. If you still want to mod this down; go ahead, I can afford it.:) )
There may very well be similar linux issues, but couldn't you have found better examples?
2) The Alan Cox changelog story isn't about security through obscurity, it's a silly political statement regarding the DMCA. And the other link is about Red Hat preemptively releasing a security advisory in an attempt to *avoid* obscurity.
3) The bug in this story is a *local* root hole, which doesn't even apply to most windows versions, and which certainly doesn't make for a relevant comparison in this case.
Those of you who read the articles will consider this redundant, but I've seen so many different interpretations of how the exploit works (and many wrong ones modded up), so I thought I'd clear it up:
You make a trojan or other malicious executable, and name it 'something.txt'. Then you make your HTTP server tell browsers that this file has content type 'application/octet-stream'. IE will read the content type header and realize that it's an executable, and ask you if you want to open it or download it. But since the file name indicates a text file, there's absolutely no indication that a program will be executed if you choose "open".
DISCLAIMER: I haven't tried this. This is just my interpretation of what I've read in the various articles. Also note that some versions of IE will use the word "execute" instead of "open" in the pop-up dialog, which might help tip some users off.
No, you have it the wrong way around. The file can be called 'something.txt', but the web server swears the content type is 'application/octet-stream' (in other words, an executable), so IE will execute it. It *will* ask you first, but it will use the word "open" instead of "execute", and since the file looks like a text file pretty much anyone could be fooled.
Yes, I think they're sure. What they're talking about is a file named something.txt but which is transmitted accompanied by a "Content-Type: application/octet-stream" header, or equivalent.
Don't you get it? They're afraid because these pirate-types are now paying the same amount for Windows XP as they are for that joint finnish/british operation to take over the world. And as with everything else, the worth of software *must* be measured by the amount you pay for it.
Slashdot Mirror
I hate tracking down bugs.
What do you mean, not those kind of bugs?
It's correct that the 7110 is pretty old; I just discarded my old 7110 after two and a half years of faithful service. It should be noted, though, that it doesn't have any real email support; no POP and no SMTP, only a network-dependent feature which would let you send an sms to a messaging centre which would then convert your message to an email.
My new Ericsson T68, on the other hand, fully supports POP and SMTP, and is far from the first phone to do so.
A question for you... how do you get by tying session keys to request IP? I'd love to do that for my web app, and I think it's far from pointless (IP spoofing is beyond the level of the sort of person who would try to hack my system), but I'm stumped by the fact that some ISPs (including AOL) will give its users different IPs from one request to the other. How do you handle that? Or doesn't your app have AOL-using users?
I have little to no knowledge about how the whole engineer certification thing works in the states, but I thought I'd share my situation anyway. If anyone would like to enlighten me about how it works in the states in a reply, I'd be most grateful.
I live in Norway, and I'm currently three quarters through the first year of a 5-year study to become a civil engineer in "computer technology". Although it may not sound like it, this study branches into eight different subjects, most of which are entirely software oriented. In four years, I'll graduate as a civil software engineer, every bit as much of an engineer as an engineer of electronics or other traditional engineering sciences. There are similar degrees in such diverse subjects as chemistry, industrial economics and technology management, mathematics, and communication technology.
"Offer people a good product, at the price the market is willing to bear, and they will buy it."
Um... well, obviously. The question here is more about whether the market is willing to bear any viable price at all.
Just in case the sarcasm didn't get through to all of you; a good slashdotting is *not* what he needs. Here's a link to a rant about his bandwidth costs, for good measure.
... a good slashdotting is just what Piro needs.
This is actually very new. This is no rug; it's actual snow which they create on the fly as the contraption rotates. Sounds pretty silly to me, and even if they do manage to make it work, I can't imagine it'll be any sort of a hit.
I'm really wondering why they had to make it a rotating structure though; I don't see why they couldn't use a conveyor belt-like design. People will get dizzy this way.
"I felt observed, and immediately thought of Heisenberg." -- Richard Papen from The Secret History.
Damn, I did not know that. Thanks for the information; I'll keep it in mind when shopping for my next laptop.
Maybe most are, but you can't get much more portable than this. It has integrated firewire, in addition to all the other goodies.
"..or even say it better than I can."
Are you implying that any of us could be more eloquent than you? Impossible!
:)
Are you saying your contract with these beta-clients didn't deal with this issue? The company I work for has been in the exact same situation; we made damn sure the issue was dealt with in advance, in the contract.
I suspect you might be lucky in this case though; even without a contract I don't see how they would be able to successfully argue that they own part of the IP.
We have a potential conflict here. Megabytes and gigabytes are often referred to as "megs" and "gigs", right? Problem is, gibs is taken.
"Maybe Byte"?
Speaking of looking weird, I was thinking of getting a bluetooth headset for my new Sony Ericsson T68 cell phone. But the fact that they didn't even have the guts to show a picture of someone using it sort of tipped me off to the weirdness factor. What turned me off in the end, though, was the price tag... which rivals that of the phone itself.
This is a common misconception, but as with most misconceptions, it's *not* true. The Coriolis effect is not powerful enough to overcome the effect of minuscule imperfections in the structure of the sink/bathtub/toilet/whatever. Not by a long stretch.
:) )
(If you think this is off topic, read the dept. line. If you still want to mod this down; go ahead, I can afford it.
Am I to understand that stealing cars is illegal in Australia? How... weird.
Andy Tanenbaum, in 1992:
5 years from now everyone will be running free GNU on their 200 MIPS, 64M SPARCstation-5.
There may very well be similar linux issues, but couldn't you have found better examples?
2) The Alan Cox changelog story isn't about security through obscurity, it's a silly political statement regarding the DMCA. And the other link is about Red Hat preemptively releasing a security advisory in an attempt to *avoid* obscurity.
3) The bug in this story is a *local* root hole, which doesn't even apply to most windows versions, and which certainly doesn't make for a relevant comparison in this case.
Those of you who read the articles will consider this redundant, but I've seen so many different interpretations of how the exploit works (and many wrong ones modded up), so I thought I'd clear it up:
You make a trojan or other malicious executable, and name it 'something.txt'. Then you make your HTTP server tell browsers that this file has content type 'application/octet-stream'. IE will read the content type header and realize that it's an executable, and ask you if you want to open it or download it. But since the file name indicates a text file, there's absolutely no indication that a program will be executed if you choose "open".
DISCLAIMER: I haven't tried this. This is just my interpretation of what I've read in the various articles. Also note that some versions of IE will use the word "execute" instead of "open" in the pop-up dialog, which might help tip some users off.
I think you mean HTTP, not HTML.
No, you have it the wrong way around. The file can be called 'something.txt', but the web server swears the content type is 'application/octet-stream' (in other words, an executable), so IE will execute it. It *will* ask you first, but it will use the word "open" instead of "execute", and since the file looks like a text file pretty much anyone could be fooled.
Yes, I think they're sure. What they're talking about is a file named something.txt but which is transmitted accompanied by a "Content-Type: application/octet-stream" header, or equivalent.
Don't you get it? They're afraid because these pirate-types are now paying the same amount for Windows XP as they are for that joint finnish/british operation to take over the world. And as with everything else, the worth of software *must* be measured by the amount you pay for it.