I typically embed HTML within my Perl CGI code in order to just get things done initially. The primary focus is on functionality, not aesthetics or maintainability. Once things are functional, it depends on how complex the application is and who will be using/managing it. If it's just a quick and dirty admin script to do a few basic tasks, I wouldn't even worry about it. However, if it is something that is likely to continue to grow and be maintained by many users, I will typically move the HTML out of the main codebase and create HTML template files that can be managed separately and are loaded by the CGI code. While it would be nice to develop all applications this way, often it is not necessary, and you'll never see the benefits of having done so. Then again, once you've created a template framework, it's not terribly difficult to reuse either...
Why not just verify the referring URL before sending out the Podcast archive? This is how most sites avoid people deep-linking into theirs, or loading high-bandwidth content such as videos or even images from their web servers. This can be done by making your RSS feed dynamically generated by a CGI script, or even just using a htaccess file for the directory containing your podcast.
"Isn't 99 cents too much to pay for music that appeals to just a few people?"
I don't think so - as long as the music appeals to YOU, why should you expect to pay any different?
That view is shared by millions of consumers who believe the record companies have been gouging them for years
Records cost $6, tapes were $8, CDs which cost even less to produce cost $15, and now an 18-song album will cost you $18 to download. How come the less it costs to produce the media, physical or virtual, the more it costs? If anything, music shoulc cost less, not more. It's not like the artists will actually see any extra revenue anyway...
It's no secret that the reason for Apple's comeback was the iPod, who's popularity was primarily due to rampant music piracy. Come on, does anyone really think a college kid purchased 10,000 songs for their iPod at $0.99 each?
I've been using Trillian for about 2 years now and think it's a great application. However, there's a reason Yahoo never gave users the ability to send out a mass-message to everyone on your contact list. When programs such as Trillian start including this feature, the potential for abuse is fairly obvious.
Back in 1995, Microsoft Word had a problem with auto-page numbering in the footer of documents that affected the page numbers as well as the font used if changed from the default 12pt Times Roman. 9 years later, this exact same bug remains.
It's been at least a month since Redhat 9 was released, shouldn't we be on release 13 or so by now? Of course that would mean that Redhat officially stopped supporting anything prior to 11 or 12 by now...
Unfotunately, nobody cares when it comes to the consumer. About a year ago a new vulnerability in AuthorizeNet's billing gateway was discovered that would allow someone to submit authorize-only transactions knowing nothing but your AuthorizeNet username, which was often found embedded within the various forms of an online store. One of my e-commerce clients fell victim to this, and had over 600 $0.01 authorize-only transactions submitted in under an hour. Basically what this meant was that someone was using my client's account to verify stolen credit card numbers.
Going through my logs, I was able to get the IP addresses these submissions came from, the e-mail addresses the results were sent to (not sure why they bothered with that), and all information on every single card submitted. This included the card number, expiration date, and the cardholder's name and address. I contacted AuthorizeNet but they said it wasn't their problem. I called Visa and Mastercard but they just asked for a printout to be faxed to them (600 item spreadsheet 5 pages wide). I contacted the FBI and was referred to the NSA. I contacted the NSA and they said call back Monday since at this point it was about 6pm Friday evening.
I was appalled to find out that some identifiable hacker with an arsonal of valid cards was about to be given an entire weekend to sell or use them before anyone would even consider looking into it. I couldn't even get the credit card companies to accept the spreadsheet of THEIR customers so they could at least warn them all that their cards had been compromized.
I finally just gave up and destroyed any evidence of this fraudulent activity having ever taken place. With my luck, not only would the hacker get away, but I'd be the one in hot water for posessing that spreadsheet. It just goes to show you that nobody cares about the consumer.
I actually find current trends to be the opposite of what most people seem to be noticing. As a young professional, I often find myself losing jobs to older people with more experience, not necessarily because they are more qualified. Rather, someone with 20 years more experience than me with mortgage and car payments, a family to support, kids in college, etc will be a lot more likely to accept the same position they are [over]qualified for for a lot less money. Of course when the economy turns around and more senior level positions become available, they'll be gone in a heartbeat. It's just too bad most companies don't take this into consideration.
The only difference here is that there is a very quantifiable cost involved with cell phones
That is the most straightforward way to look at it, but I also look at it in 2 other ways. Filtering through unwanted messages, be it e-mail, SMS or otherwise, takes time. Time is money - if you are a consultant getting paid hourly, you can literally put a monetary value on the time it takes you to filter out the garbage. Since I do my e-mail filtering on the client-side, it can sometimes take as long as 10 minutes to download an entire weekend's worth of messages on a T1-speed cable line.
Using the above example, that would take about 30 times as long if you had dialup, or about 5 hours. When you go away for a weekend and need to tie up a phone line for 5 hours just to download solicitations you never wanted, that's more than just a nuisance - that's a denial of service. The same goes for SMS messages on your wireless phone when you fill up your phone's memory and lose unread messages, new messages are unable to arrive, or you use up your allotted quota of SMS messages for the month.
When you can put a monetary value on both the service and time costs, that's a valid civil case. When you can demonstrate that it is effectively a denial of service attack, that's now a criminal case provided you can somehow pool the spammers together into a single group.
It's been my experience that Linux is Linux, regardless of what distro you use or how you install it. You get different package management tools, varying versions of libraries, and better or worse optimized binaries. But the bottom line is that once you take the time to secure it, the various distributions really are not very different from each other. I think the important thing is to trust yourself and not the vendor. Regardless of how secure a server is, it's still your responsibility to change default passwords, disable services you don't use, stay up to date on security patches, and be aware of new exploits. When you keep this in mind you can really go with your distro of choice and get the same results. I'd recommend selecting a distro based on the package management and support options you want.
As someone who has both worked for several ISPs and co-owned another, I can assure you that disk space, as well as the use of any other resources does in fact cost money. The catch is that a typical web site will be under 2MB and you can easily host 1000 small low-traffic web sites on a single low-end server. Just one user that needs a gigabyte of storage isn't a big deal, but when all 1000 of your users need that much space it really adds up. Combine this with the fact that enterprise storage solutions cost a lot more than consumer products. While anyone can go to CompUSA and buy a 150GB IDE hard drive for $200, the same thing in a hot-swappable scsi version will cost upwards of $1200 each, and you lose around 25% of your capacity due to RAID5 and hot spares in your array. If you use a fibre channel solution, double the cost of your drives again.
According to CNET news.com.com.com.com, it's only $3.99/month and $1.99/month to the people that helped test and develop it. While charging for a service people though was going to be free might not be ideal, come on now - it's 2 bucks a month. Pride for a job well done and good intentions don't pay the bills nor make investors happy. If you don't want to pay for the service, find another comparable solution (or get a job).
The Mozilla mail client (thunderbird). After training it for about a week, I don't think I've had one false positive, and *very* few missed.
I use Mozilla's mail client with spam filtering enabled too - the problem is that it relies too heavily on the user's correct classification of all incoming messages. If you fail to correct a false positive, it will lead to more false positives. I typically get 1 false positive every other day or so, and about 50% of the time they are relatively important messages. It may be easier to switch to an ISP that provides server-side filtering. It won't be as effective as client-side bayesian filtering, but it's effortless and transparent to the user. It will also be refreshing to start over with a new e-mail address that hasn't been harvested and added to any lists yet...
I remember (fondly) a few years ago when open SMTP relays were still considered a standard setup and not a major security risk. The FTC is definitely doing the right thing in alerting admins to the risks they are taking and helping them to learn how to better protect their infrastructure, as well as the burden it inevitably places on the rest of the internet community when a spammer eventually finds their open relay and shares it with others. Kudos...
Why not just use htaccess to password-protect the page. If that's not an option, keep that URL internal and setup a proxy to it using squid or something similar. This is your digital VCR, not corporate espionage prevention; SecureID and other similar options are a bit absurd to even consider for such an application when a simple password will suffice.
If they weren't restricting to credit cards with a US billing address. Like VISA isn't the same globally?
The problem is fraud prevention. Who's to say you couldn't go on a shopping spree and accumulate 1000 new songs overnight with someone else's credit card? As can be seen from the current RIAA vs. Verizon case, the ISP won't likely help identify the thief in a civil suit, and most credit card companies could care less about fraud prevention in a criminal suit so long as they get their money. And that's just in the US - credit card fraud overseas is much more difficult to trace and prosecute. For now, it's probably just a case of cover-your-ass...
There is a way to meet people who live near you. It is called "The World." You should check it out!
What better way to assure you never leave the house than to meet local people online. Try going to a bar or club, or look for local organizations and activities that interest you. Stop by the library or the YMCA and see what classes or intramural sports they have. The internet is a great place for meeting people in general, but there's really no substitute for actual human contact...
To function as a NAS in a production enviroment, I used top of the line components
Production or not, it's still PC hardware running as an NFS/Samba/FTP server. You can use a 300MHz Celeron CPU or quad 2GHz Xeons - it won't perform any differently when the bottleneck is the speed of the hard disk or the network connection. You don't need a high end video card (or really any video card) for a unix server running in console mode, and for $100, you can pickup a decent motherboard if you don't need a million features on it.
Let's start by building a barebones system for our server. Motherboard, CPU, RAM, video card and NIC in a decent case. None of this needs to be top of the line just to run as a SAN solution, so we can opt for a slower celeron CPU, low-end video card, etc. Rather than picking specific components, let's estimate this to be around $300-400 with a decent size power supply in the case. Next we'll add a 3Ware Escalade 7500-8 ATA RAID Controller for $470, and 6 Maxtor DiamondMax Plus 9 200GB 7200rpm hard drives at $279 each. This gives us an even terrabyte of ide raid5 storage for $2144 plus the price of the original barebones machine, so about $2500 total.
Slashdot Mirror
I typically embed HTML within my Perl CGI code in order to just get things done initially. The primary focus is on functionality, not aesthetics or maintainability. Once things are functional, it depends on how complex the application is and who will be using/managing it. If it's just a quick and dirty admin script to do a few basic tasks, I wouldn't even worry about it. However, if it is something that is likely to continue to grow and be maintained by many users, I will typically move the HTML out of the main codebase and create HTML template files that can be managed separately and are loaded by the CGI code. While it would be nice to develop all applications this way, often it is not necessary, and you'll never see the benefits of having done so. Then again, once you've created a template framework, it's not terribly difficult to reuse either...
So I guess any research that would entail searching messageboard or knowledgebase posts would be banned?
Why not just verify the referring URL before sending out the Podcast archive? This is how most sites avoid people deep-linking into theirs, or loading high-bandwidth content such as videos or even images from their web servers. This can be done by making your RSS feed dynamically generated by a CGI script, or even just using a htaccess file for the directory containing your podcast.
"Isn't 99 cents too much to pay for music that appeals to just a few people?"
I don't think so - as long as the music appeals to YOU, why should you expect to pay any different?
That view is shared by millions of consumers who believe the record companies have been gouging them for years
Records cost $6, tapes were $8, CDs which cost even less to produce cost $15, and now an 18-song album will cost you $18 to download. How come the less it costs to produce the media, physical or virtual, the more it costs? If anything, music shoulc cost less, not more. It's not like the artists will actually see any extra revenue anyway...
It's no secret that the reason for Apple's comeback was the iPod, who's popularity was primarily due to rampant music piracy. Come on, does anyone really think a college kid purchased 10,000 songs for their iPod at $0.99 each?
I still have tons of in-house applications that refuse to run under Core 2, particularly those that rely on external libraries...
I've been using Trillian for about 2 years now and think it's a great application. However, there's a reason Yahoo never gave users the ability to send out a mass-message to everyone on your contact list. When programs such as Trillian start including this feature, the potential for abuse is fairly obvious.
I received a Gmail invite through my hotmail account just yesterday without any problems.
Back in 1995, Microsoft Word had a problem with auto-page numbering in the footer of documents that affected the page numbers as well as the font used if changed from the default 12pt Times Roman. 9 years later, this exact same bug remains.
It's been at least a month since Redhat 9 was released, shouldn't we be on release 13 or so by now? Of course that would mean that Redhat officially stopped supporting anything prior to 11 or 12 by now...
Unfotunately, nobody cares when it comes to the consumer. About a year ago a new vulnerability in AuthorizeNet's billing gateway was discovered that would allow someone to submit authorize-only transactions knowing nothing but your AuthorizeNet username, which was often found embedded within the various forms of an online store. One of my e-commerce clients fell victim to this, and had over 600 $0.01 authorize-only transactions submitted in under an hour. Basically what this meant was that someone was using my client's account to verify stolen credit card numbers.
Going through my logs, I was able to get the IP addresses these submissions came from, the e-mail addresses the results were sent to (not sure why they bothered with that), and all information on every single card submitted. This included the card number, expiration date, and the cardholder's name and address. I contacted AuthorizeNet but they said it wasn't their problem. I called Visa and Mastercard but they just asked for a printout to be faxed to them (600 item spreadsheet 5 pages wide). I contacted the FBI and was referred to the NSA. I contacted the NSA and they said call back Monday since at this point it was about 6pm Friday evening.
I was appalled to find out that some identifiable hacker with an arsonal of valid cards was about to be given an entire weekend to sell or use them before anyone would even consider looking into it. I couldn't even get the credit card companies to accept the spreadsheet of THEIR customers so they could at least warn them all that their cards had been compromized.
I finally just gave up and destroyed any evidence of this fraudulent activity having ever taken place. With my luck, not only would the hacker get away, but I'd be the one in hot water for posessing that spreadsheet. It just goes to show you that nobody cares about the consumer.
I actually find current trends to be the opposite of what most people seem to be noticing. As a young professional, I often find myself losing jobs to older people with more experience, not necessarily because they are more qualified. Rather, someone with 20 years more experience than me with mortgage and car payments, a family to support, kids in college, etc will be a lot more likely to accept the same position they are [over]qualified for for a lot less money. Of course when the economy turns around and more senior level positions become available, they'll be gone in a heartbeat. It's just too bad most companies don't take this into consideration.
The only difference here is that there is a very quantifiable cost involved with cell phones
That is the most straightforward way to look at it, but I also look at it in 2 other ways. Filtering through unwanted messages, be it e-mail, SMS or otherwise, takes time. Time is money - if you are a consultant getting paid hourly, you can literally put a monetary value on the time it takes you to filter out the garbage. Since I do my e-mail filtering on the client-side, it can sometimes take as long as 10 minutes to download an entire weekend's worth of messages on a T1-speed cable line.
Using the above example, that would take about 30 times as long if you had dialup, or about 5 hours. When you go away for a weekend and need to tie up a phone line for 5 hours just to download solicitations you never wanted, that's more than just a nuisance - that's a denial of service. The same goes for SMS messages on your wireless phone when you fill up your phone's memory and lose unread messages, new messages are unable to arrive, or you use up your allotted quota of SMS messages for the month.
When you can put a monetary value on both the service and time costs, that's a valid civil case. When you can demonstrate that it is effectively a denial of service attack, that's now a criminal case provided you can somehow pool the spammers together into a single group.
It's been my experience that Linux is Linux, regardless of what distro you use or how you install it. You get different package management tools, varying versions of libraries, and better or worse optimized binaries. But the bottom line is that once you take the time to secure it, the various distributions really are not very different from each other. I think the important thing is to trust yourself and not the vendor. Regardless of how secure a server is, it's still your responsibility to change default passwords, disable services you don't use, stay up to date on security patches, and be aware of new exploits. When you keep this in mind you can really go with your distro of choice and get the same results. I'd recommend selecting a distro based on the package management and support options you want.
Wow nice going inventing a P2P network that finds other nodes via broadcast. Nullsoft invented something that already existed 20 years ago. Nice job!
As someone who has both worked for several ISPs and co-owned another, I can assure you that disk space, as well as the use of any other resources does in fact cost money. The catch is that a typical web site will be under 2MB and you can easily host 1000 small low-traffic web sites on a single low-end server. Just one user that needs a gigabyte of storage isn't a big deal, but when all 1000 of your users need that much space it really adds up. Combine this with the fact that enterprise storage solutions cost a lot more than consumer products. While anyone can go to CompUSA and buy a 150GB IDE hard drive for $200, the same thing in a hot-swappable scsi version will cost upwards of $1200 each, and you lose around 25% of your capacity due to RAID5 and hot spares in your array. If you use a fibre channel solution, double the cost of your drives again.
According to CNET news.com.com.com.com, it's only $3.99/month and $1.99/month to the people that helped test and develop it. While charging for a service people though was going to be free might not be ideal, come on now - it's 2 bucks a month. Pride for a job well done and good intentions don't pay the bills nor make investors happy. If you don't want to pay for the service, find another comparable solution (or get a job).
The Mozilla mail client (thunderbird). After training it for about a week, I don't think I've had one false positive, and *very* few missed.
I use Mozilla's mail client with spam filtering enabled too - the problem is that it relies too heavily on the user's correct classification of all incoming messages. If you fail to correct a false positive, it will lead to more false positives. I typically get 1 false positive every other day or so, and about 50% of the time they are relatively important messages. It may be easier to switch to an ISP that provides server-side filtering. It won't be as effective as client-side bayesian filtering, but it's effortless and transparent to the user. It will also be refreshing to start over with a new e-mail address that hasn't been harvested and added to any lists yet...
I remember (fondly) a few years ago when open SMTP relays were still considered a standard setup and not a major security risk. The FTC is definitely doing the right thing in alerting admins to the risks they are taking and helping them to learn how to better protect their infrastructure, as well as the burden it inevitably places on the rest of the internet community when a spammer eventually finds their open relay and shares it with others. Kudos...
Actually, this just proves that honesty and doing things by the books is not the American way, and the good guy never wins.
Why not just use htaccess to password-protect the page. If that's not an option, keep that URL internal and setup a proxy to it using squid or something similar. This is your digital VCR, not corporate espionage prevention; SecureID and other similar options are a bit absurd to even consider for such an application when a simple password will suffice.
If they weren't restricting to credit cards with a US billing address. Like VISA isn't the same globally?
The problem is fraud prevention. Who's to say you couldn't go on a shopping spree and accumulate 1000 new songs overnight with someone else's credit card? As can be seen from the current RIAA vs. Verizon case, the ISP won't likely help identify the thief in a civil suit, and most credit card companies could care less about fraud prevention in a criminal suit so long as they get their money. And that's just in the US - credit card fraud overseas is much more difficult to trace and prosecute. For now, it's probably just a case of cover-your-ass...
There is a way to meet people who live near you. It is called "The World." You should check it out!
What better way to assure you never leave the house than to meet local people online. Try going to a bar or club, or look for local organizations and activities that interest you. Stop by the library or the YMCA and see what classes or intramural sports they have. The internet is a great place for meeting people in general, but there's really no substitute for actual human contact...
To function as a NAS in a production enviroment, I used top of the line components
Production or not, it's still PC hardware running as an NFS/Samba/FTP server. You can use a 300MHz Celeron CPU or quad 2GHz Xeons - it won't perform any differently when the bottleneck is the speed of the hard disk or the network connection. You don't need a high end video card (or really any video card) for a unix server running in console mode, and for $100, you can pickup a decent motherboard if you don't need a million features on it.
Let's start by building a barebones system for our server. Motherboard, CPU, RAM, video card and NIC in a decent case. None of this needs to be top of the line just to run as a SAN solution, so we can opt for a slower celeron CPU, low-end video card, etc. Rather than picking specific components, let's estimate this to be around $300-400 with a decent size power supply in the case. Next we'll add a 3Ware Escalade 7500-8 ATA RAID Controller for $470, and 6 Maxtor DiamondMax Plus 9 200GB 7200rpm hard drives at $279 each. This gives us an even terrabyte of ide raid5 storage for $2144 plus the price of the original barebones machine, so about $2500 total.