Slashdot Mirror


User: budgenator

budgenator's activity in the archive.

Stories
0
Comments
10,671
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,671

  1. Re:Ghostbusters on Perspectives on Spamhaus's Dilemma · · Score: 1

    First of all it's not the United States, it's the state of Illinios, Secondly I have no Idea how the State of Illinios in their wildest dreams hope to impose their order on ICANN, which I understand to be a function of the United States Dept. of Commerce.

  2. Re:Payback's a bitch. on Geekspeak Baffles Web Users · · Score: 1

    Even people who use the acronyms and terms regularly have trouble without a little bit contextual help. Every heard the one about the Hindi Cardiologist who died of a heart attack in K-Marts while rushing to aid the victim of a blue-light special in isle 3?

  3. Re:Sure, blame the "untrained" developers.... on How Prevalent Are SQL Injection Vulnerabilities? · · Score: 1
    bash$ telnet example.com 80
    GET /vulnerable_app.php?id=%2310 HTTP/1.1
    the above starts a telnet client which is connected to the webserver at example.com over the standard HTTP port, 80. The operator then starts a standard HyperText Transfer Protocal version 1.1 , by using telnet the operator can see all of the transactions the server makes with the client. Then the operator requests the server sends the page vulnerable_app.php?id=%2310. Any webmaster that doesn't understand using a telnet client to troubleshoot a seriously borked webserver probally has more issues than just SQL injection.

    I've seen Good sysadmins running a webserver in the debuger and tracing the entire process, while connecting to it with telnet to trouble-shoot particulary nasty problems.
  4. Re:Unfortunately: Not Surpirsing on How Prevalent Are SQL Injection Vulnerabilities? · · Score: 1
    #!/usr/bin/perl
    use LWP::UserAgent;
    use HTTP::Headers;
    use HTTP::Request;
    my $hostname="http://localhost/cgi-bin/printenv";
    my $lwp= LWP::UserAgent->new(timeout=>10);
    my $h=HTTP::Headers->new;
      $h->content_type('application/x-www-form-urlencod ed');
    my $request=HTTP::Request->new("POST",$hostname,$h,$r equestcontent);
    my $res=$lwp->request($request);
    my $contents=$res->content($res);
    print $contents;
    exit();
    Just make $requestcontent what USPS expects and change the URL as appropriate and pipe the output to safari
  5. Re:Unfortunately: Not Surpirsing on How Prevalent Are SQL Injection Vulnerabilities? · · Score: 1
    #!/usr/bin/perl
     
    use LWP::UserAgent;
    use HTTP::Headers;
    use HTTP::Request;
    my $hostname="http://localhost/cgi-bin/printenv";
    my $lwp= LWP::UserAgent->new(timeout=>10);
    my $h=HTTP::Headers->new;
      $h->content_type('application/x-www-form-urlencod ed');
    my $request=HTTP::Request->new("POST",$hostname,$h,$r equestcontent);
    my $res=$lwp->request($request);
    my $contents=$res->content($res);
    print $contents;
    exit();
    whoo that was hard; all using POST is going to do is get you a slightly better quality hacker cracking your site. If I was really uptitght about website security in addition to doing all the usualy, I'd install a nonce system. Add a couple hidden fields, one would be a checksum of the sesion id, a hidden field and the nounce and it would only be acepted one time. The user would only have a new one on each request; the site might still be hackable, but it would make the hacker play with the tarbaby!
  6. Re:Criminalize? on How Prevalent Are SQL Injection Vulnerabilities? · · Score: 1

    Some places in Detroit, they'll steal the bricks off your house!
    The internet is like the Wild West, the Sherrif is a bit crooked, and the Marshal is over worked. The no-good dirty rotten cattle russelers have gotten to good at keeping a border between them and the law so sometime you just have to get yourself a hired-gun to even things up for a while. Of course if you've brought up a gun-slinger for a job, it helps to point'em in the right direction. So to do that I'm collected the domains and websites that hire spammers, you know the ones, their spamm emails say "buy V1agra at http://sleezeysite.example.com/", I want all the sleezySite.example.coms. I got a little program called chummer that I'm working on, (I've written about it in my journal, feel free to take a peek), it sends bogus data to phishing sites. It spits out bogus data just as well in the POST method as it does in the GET method, so don't think POST help your sites security one bit. I figure that the phishers pretty much don't do much with the data except sell it, and if the data is full of bogus shit, the real buyers of the data will either go back and break the phisher's kneecaps, or more likely they'll just quit buying and move on to another type of scam. Either way I don't see it hurting civilized folks much and and if we draw the spammers and the phishers into a cross-fire, hooowee the worse that could happen is we'd start a von Nuemann loop in email that turns the universe into a blackhole; but more likely we'd just burn a hole in their bandwidth budget!

    So If your so inclined to help, just send a text file of spammer domains to my user name at gmail and when I get 300 or 400 hundred unique spammer domains I'll test chummer to see what happens.

  7. Re:Not a Good Business Model for Enterprise on Why is OSS Commercial Software So Expensive? · · Score: 1

    In my business we have what we call H customers. Some of us think that means "customers from Hell" but it really means High maintence customers. Luckily we have enough normal customer and even a few low maintence customers that it all ballances out in the end. I would expect if I had a software library that was available both OSS and under Commercial license that the Commercial Licensees would invariably be High maintence and sock it to 'em. They'd be High Maintence for no reason than they just don't get OSS and would need constant hand-holding every step of the way.

  8. Re:Overkill for medical systems? on GeV Acceleration In 3 Centimeters · · Score: 1

    I just scanned through Michigan's yellow book (Ionizing Radiation Rules) and the section on particle accelerators = > 1MeV, talks about site surveys for shielding, interlocks ect. to the point it make any idea of portable and particle acceleator an oxymoron irregardless of flux density.

  9. Re:Capturing the Dearly Departed on GeV Acceleration In 3 Centimeters · · Score: 2, Funny

    Your not supposed to admit your old enough to have seen a Pre-alien movie with Weaver in it, in public.

  10. Re:That's not how a PET scanner works on GeV Acceleration In 3 Centimeters · · Score: 1

    Our local non-hospital, hosptial sponcered out-patient health facility shares a PET scanner with several other places. I'ts mounted in a semi-trailor and docks right up to the building, one day out of the week. There was some guy in Alaska who bought a medical cyclotron not too long ago and Ancharge city officials freaked out, so I don't think they are too expensive. The physics involved is doable by an astute high-schooler who took physics, electronics and welding. A linear accelator of up to 250 Kev is trivial.

  11. Re:Forgive me for my lack of knowledge on GeV Acceleration In 3 Centimeters · · Score: 1

    the laser over there do have a lot of oomph, but they are still 300mW or 0.3 watts, the lasers in the article are 9TW or
    0.3 vs. 9,000,000,000,000 watts. 9 TW doesn't melt plastic, it shreds atoms.

  12. Re:Hmmm.... on Magnetic Ring Could Launch Satellites, Weapons · · Score: 1

    OOPS either take out the decimal point or take off the percent sign. Actually I was in the Army for 4 years and National Guard for almost 20. While in the Guard one of our Warrent Officers's "Civilian" job was US Government's liason officer to Canadian Defense Contractors, he actually explained why a toilet seat could cost $435.00, why that probably wasn't a bad thing. Seems that most contracts stippulate that all of the part to build an end item could only exceed the cost of the whole end item by a certain percentage when purchased indivdually. Common hardware like bolts and screws are easily as they are commodity item with market prices; Parts that are actualy likely to need replaceing frequently are carefully priced for fear that someone else will start producing and compete with the prime contractor. The rest is spread out over the remaining part without much thought because they are likely never to be needed. When a congress-critter goes postal over $435.00 toilet seats, the contractor says "OOPs decimal in the wrong place" and quickly changes it and while they are at it they distribute the $429.50 into the parts that are actually used to hit the contracted total parts price. So when they save us money, they probably cost us even more.

  13. Re:Globalists would trade with Nazi Germany on Rough Guide to Outsourcing In China · · Score: 1

    so the Indian sub-continent got off light with the middle-east, but that's pretty much the whole world, or at least as much as anybody else managed. If memory serves me correctly they forced a lot of the world kicking and screaming into civilaization, and their furry little pets brought us the plague and triggered the dark ages, but that was an accident.

  14. Re:Anyone confirm this? on Magnetic Ring Could Launch Satellites, Weapons · · Score: 1

    well our 81 mm Mortar used to shoot up to 1510 mills elevation and 1600 is straight up, that's pretty much shooting yourself in the head, the rounds land 50 m infront of you; we can get over pretty much anything right know. The real problem is stuff like that are area weapons in an age that expects surgical point target weapons. It would be cool to actually target a door and have a chance of hitting it with artillery.

    If your wondering what a mills is it's a milliradian rounded off to 6400 in a circle so you can do the math in your head, it gave us a maximum error of 4 m at our maximum range in 81 mm mortars.

  15. Re:Here: on Magnetic Ring Could Launch Satellites, Weapons · · Score: 1

    It amazing that the things don't blow up randomly.
    It's not a question of IF, it's a question of how often, because they do. When they do, usually it's just out of the barrel and called a barrel-burst. When the Artty shoots, they have a safety zone in front of the guns; any rounds that go off prematurely but past the safety zone are high enough that there is no real risk to people on the ground. Yes that's right, the real-estate agent showed you the house on monday because he didn't really want you to know that the National Guard would be shooting 8 inch howitzers over it all weekend untill after you bought it. When it happens it's a real pain in the ass, you have to stop every thing, re-pack all the ammunition, do a whole shitpile of paper-work, find all the ammo with the same lot numbers, investigations and interviews. When we're done they'll know everybody who had ever touched the ammo. What comparetively more likely is the round doesn't detonate at all, just goes down range and thud not boom! Now you've got live explosives in the ground, a detonator that needs just a nth more to make it go boom; add in some stupid people who think it's neat to ride their dirt bikes out in the impact areas and you can imagine what's possible.

    What's the most fun is mortars, some times you drop one down the barrel and it doesn't go Kerboom and shoot out. Then your team has to take the barrel off the baseplate and tip it very carefully and slowly and catch the mortar round with an armed fuse with your hands, without touching the detonator until after you've put the safety pin back in.

  16. Re:I left my subject in my other pants. on Magnetic Ring Could Launch Satellites, Weapons · · Score: 1

    that line alone shows why the film was fiction, everybody knows that you can't build just two for twice as much. The first one bids up the manufacturing facilities and engineering staff, so the second costs more like twice the square root of 2 as much or about 1.41% of the first

  17. Re:shake lights vs. generator lights on Rough Guide to Outsourcing In China · · Score: 1

    Have a battery inside isn't necessarily a bad thing, a lot of "solar" calculators have a 3 V rechargeable lithium cell inside so if that the case it's OK. The flashlight that my wife bought, I left on to see how long it wound last without shakeing and it stayed lit for two days, then it was completely dead, muhahahah, time for dissection! First thing I tryed was holding a compass near it to check for deflection nothing, no magenet inside!! Next was the good'ol bulk tape eraser, turn that baby on and it shakes in your hand at 60Hz, that should "recharge it likity split" still nothing. I guess the thing was engineered pretty good, who would blame a product for only lasting 48 hours when you only use it for 30 seconds a day on average!

    Still there is nothing complicated about the things, wouldn't be hard to get all "Tim Taylor" and make the Ummagumma Jr. shake-light. Pick up a few dangerously strong rare earth magnets, and some good'ol, well insulated 30 ga kynar insulated wire wrap wire and build something that suck power outa 375KVAC power-lines a quarter mile away !

  18. Re:Globalists would trade with Nazi Germany on Rough Guide to Outsourcing In China · · Score: 1

    Well China owns Mongolia, and the Mongol's whooped ass on pretty much the whole world a time or two does that count?

  19. Re:China on Rough Guide to Outsourcing In China · · Score: 1

    Big three how's that Honda, Toyota, GM?
    I've imagined all of those Daimler engineers who used to lay awake at night wondering why in the hell Chrysler didn't do this or that and how screwed they'd be in the NA market if they did, now that's what they're doing themselves. It's really a case of a competitor know a company better than the company knows itself, they might eventually turn Chrysler back into Chrysler.

  20. Re:the operative word on Rough Guide to Outsourcing In China · · Score: 1

    I don't think that outsourcing is the problem, the problem is the mentality the chases after "reduced ;abor costs" like it was the holy grail is the same mentality that will not spend an extra nickel on a five dollar part to get better quality. The companies that are importing crap form overseas would be making crap domesticlly if they couldn't. The other part is most oversea sources are so used to dealing with these cheapskates they think everyone in North America is the same.

  21. Re:Inefficiencies? on Two Tiny Gas Turbines · · Score: 1

    well lets see generator effiecency is 95%, rated at 100 watts, and normally you want an engine to "cruise" at 80% max throtle so (100/0.95)/0.8=131 watts or 0.176 Hp; torque = .0176*7124/500,000 = 0.0025 NM so not much of either. Personally the thought occured to me that by gearing down 20:1 you'd have a way-cool turbo-prop engine for you scale model aircraft!

  22. Re:Uncontained turbine failure = bad Ju Ju on Two Tiny Gas Turbines · · Score: 2, Informative

    well i've got a 150K RPM turbine in my hand right now, from a dental High-speed handpiece, I'd feels about half the weight of a nickel so that 2.5 grams, and I'd estimate 3/4 the weight is bearings and shell so the rotating portion would be about 0.75 grams for the actual turbine, the shaft and the 1 mm press to release chuck.

  23. Re:Inefficiencies? on Two Tiny Gas Turbines · · Score: 1

    I didn't see where they talked about the turbine effiency, just the generator they connected to the turbine, it's like listening to politicians; they rarely lie to you, but they're real good at wording things so you'll think they said things they didn't.

  24. Re:Inefficiencies? on Two Tiny Gas Turbines · · Score: 1

    no not really, my right-angle grinder running at 25K RPM has quite a bit of gyroscopic precession, but the hi-speed dental handpieces running at 250K RPM have none that can be felt. I wish them well because if they hit a million, chancs are we'll get some bearings that last more than 6 months at 100-250K RPM

  25. Re:The version after Perl 5 is Python on Perl's State of the Onion 10 · · Score: 1

    10,000 lines of Perl is a mess unless you're a very disciplined programmer
    you say that like 10K of undisciplines anything isn't, I know people who can turn 1,000 lines of COBOL into a mess. Programmer discipline isn't a function of the language used.