You CAN spoof the address, but nearly all mail servers will accept it.
FTFY
I ran a mail server for several years (up until very recently) without setting up reverse dns... it sent out thousands of emails each week for an opt-in mailing list (ecommerce site)... and a small fraction (like 1-2%) bounced because of it.
sites should use a session cookie + a unique value submitted with each post form
if a site leaves out the 2nd part, and you visit a malicious site while logged in.. then that malicious page can submit a hidden post form to the site and the site will process it as if you submitted it.
The idea for AdWords came from Overture. Overture was originally named GoTo.com, and was founded 6 months before Google, and 2 1/2 years before AdWords.
Overture sued Google for infringing its "bid-for-placement" and "pay-for-performance" patents. (article)
And what legal reason do you think they have for requiring that you let them use your files to develop new services? Because that's what it says. Do you really think it's ok if google takes your programming project that you backed up to google drive to develop a new service?
And what legal reason do you think there is for public display and distribution of your files? Because that's what it says... as long as it's for the "purpose of operating, promoting, and improving our Services, and to develop new ones". So if google wants to use your programming project that you backed up to google drive to develop a new service.. you think that is ok?
Looked into this because I thought it was a good idea.. but Webdav in windows is basically non-existant in pre-win7.. and pretty flaky in win 7. So there goes 95% of your market right there.
A) "the powers that be" are the people of the US. Those are the people that benefit from the current system and refuse to change it. Why do you think social security is such a mess?
B) people "eat it up" because they agree with it. The people who call social security reformers 'crazy'? They're social security recipients (and no one else.. because only those who receive social security care enough about it to say anything.)
Politicians lie.. and people on their side think it's ok because it will advance their goals, and they vote for them. So we all get to see more liars in congress. Stop pretending that these people come from out of nowhere... they are Americans.
What you described IS a republic.. which is exactly what the US is. Here's the dictionary definition:
1. a state in which the supreme power rests in the body of citizens entitled to vote and is exercised by representatives chosen directly or indirectly by them.
In other words, we all vote people into office, then those people do whatever the hell they want as our representatives.
If you don't like the morons in office, then why do you (we) keep putting them into office?
* BackTrack is a Live DVD - when you finish using it, everything is wiped out. * It's not a server OS * It's not a desktop OS * It's an OS for a specific purpose.. you use it for pentesting, and then stop using it.
It was stated that DEMO (the follow-on to ITER) will be exactly that.
I acknowledged that in the first sentence. They want to go straight from ITER -> a commercially viable reactor (DEMO). Their 40 year estimate is the rosiest, most optimistic estimate they could come up with.
We want to address that head-on here: aside from a few over-optimistic predictions made in the very early days of magnetic fusion research (the 1950s)...
They then go on to make an over-optimistic prediction, based entirely on best-case scenarios, that it is only 40 years away.
They committed the sin they say others are committing.
This is why fusion has 'the reputation of being “always being thirty years away” (or fifty, or twenty)'...
If you'd read, you'd see the number is 40 years off.
It's 40 years if they go from ITER -> commercial viable reactor.. but further down, they say ITER will produce 10x more energy for minutes at a time. Pretty sure commercial reactors need to produce electricity for a bit longer than that. And I can't imagine anyone would attempt a commercial reactor when the prototype (ITER) can only operate for a few minutes.
It also assumes, they won't discover some problem with ITER, and that ITER will work as expected (ie: best case scenario).
The whole thing is incredibly optimistic.
I have a hard time it's 40 or even 50 years.. more like ITER (in 2030) -> some other reactor -> barely commercially viable reactor -> a demonstrably commercially viable reactor... then someone will actually build a commercial reactor from it.
I've read a half-dozen merchant account agreements over the years.. I've never seen one that says you MUST accept returns. They all say you must post a return policy, and make it clear to the customer what the policy is. The only specifics is when the store is closing -- most agreements say you must post a notice saying "all sales are final" (usually somewhere obvious).
East of the Mississippi? Try everywhere that isn't CA or TX. Fry's is only in 9 states.. and 7 of those states only have 1 or 2 stores http://www.frys.com/ac/storelocator/index.jsp
They're a credit card processor... they have the card number, the expiration date.. they might have the address line 1 + the zip (not required to be sent by the merchant). They may not even have the full address line 1... since the address verification only uses the first 3 digits of the address line 1 (ie: 1234 main st, is shortened to 123).
What id theft do you think is going to occur with that info?
The banks whos cards were stolen were informed. That is SOP. What each bank does is up to them.. in most cases, they replace the card (which Heartland would be required to pay for)... but with 130million.. who knows.
I chased my (previous) bank for three weeks, made numerous phone calls and had to go into a branch twice to get my account re-imbursed the charges
I would suggest changing banks then. I've had my credit card stolen too. I called my bank, they refunded the charge to the card while they investigated, and sent me a letter to sign. Received it a week later, signed it (1 statement, and a checkbox, IIRC), and sent it back. Received a replacement card about the same time. About 6 week later, they sent me a letter saying they finished the investigation, and removed the charge from the account.
I am also quite curious about how you can claim that out of 130,000,000 credit card details that were stolen, a $2,000 settlement to victims who were really "found" is okay.
The lawyers spent $1.5m contacting each of those people asking if they had any losses. 11 is all they could find.
And it isn't like these 130 million people aren't known. After the breach, auditors, forensic investigators come in.. The banks know who each and everyone of these people are. It would have all been disclosed after the breach was discovered.
meh... I don't know... there's a reason the court was ok with awarding $2k to those 11 people.
Fact is, when your credit card is stolen, by law you're limited to paying $50 (and most bank's don't even ask you to pay that). Everything else is recovered from the merchants who accepted the fraudulent charges, and removed from the credit card balance. The bank then replaces the credit card (something Heartland would have been responsible for paying for as part of their merchant agreement).
If your bank removed all of the fraudulent charges, then you do not have a loss. Courts cannot reimburse you for fictional or imaginary losses. Furthermore, this isn't your social security number... when the credit card is replaced, the card number is changed, which means there won't be any additional fraudulent charges.
$2k is probably what those 11 people could prove they were out as a result of the breach.
Is this the same data people get when the request a DVD (under EU laws)? Because if it is, then I'm having a hard time imagining what the problem is... It's basically everything the user has posted on the site + their IP address/last login.
Were people really surprised that the stuff they stored on Facebook was stored on Facebook?
same as during chernobyl... so it doesn't change the number of people who are going to die.
And I see by dismissing Thyroid cancer, you never read the link from the Bulletin of Atomic Scientists. It covers all of this... so you're just showing you don't know what you're talking about.
Slashdot Mirror
You CAN spoof the address, but nearly all mail servers will accept it.
FTFY
I ran a mail server for several years (up until very recently) without setting up reverse dns... it sent out thousands of emails each week for an opt-in mailing list (ecommerce site)... and a small fraction (like 1-2%) bounced because of it.
sounds like a CSRF vulnerability: http://en.wikipedia.org/wiki/Cross-site_request_forgery
sites should use a session cookie + a unique value submitted with each post form
if a site leaves out the 2nd part, and you visit a malicious site while logged in.. then that malicious page can submit a hidden post form to the site and the site will process it as if you submitted it.
gmail was vulnerable to this a could of years ago
The idea for AdWords came from Overture. Overture was originally named GoTo.com, and was founded 6 months before Google, and 2 1/2 years before AdWords.
Overture sued Google for infringing its "bid-for-placement" and "pay-for-performance" patents. (article)
Google settled the suit for $300+ million
Yes, you're right.. I shouldn't be concerned that employees can freely access the data.. and when it hits the media, then google will fire the person.
Why do they have such easy access to everyones data?
how is it fud if it's true? google drive terms of service
And what legal reason do you think they have for requiring that you let them use your files to develop new services? Because that's what it says. Do you really think it's ok if google takes your programming project that you backed up to google drive to develop a new service?
how is it fud if it's true? google terms of service
And what legal reason do you think there is for public display and distribution of your files? Because that's what it says... as long as it's for the "purpose of operating, promoting, and improving our Services, and to develop new ones". So if google wants to use your programming project that you backed up to google drive to develop a new service.. you think that is ok?
You trust google not to access your files? Really? http://www.pcmag.com/article2/0,2817,2369188,00.asp
Looked into this because I thought it was a good idea.. but Webdav in windows is basically non-existant in pre-win7.. and pretty flaky in win 7. So there goes 95% of your market right there.
A) "the powers that be" are the people of the US. Those are the people that benefit from the current system and refuse to change it. Why do you think social security is such a mess?
B) people "eat it up" because they agree with it. The people who call social security reformers 'crazy'? They're social security recipients (and no one else.. because only those who receive social security care enough about it to say anything.)
Politicians lie.. and people on their side think it's ok because it will advance their goals, and they vote for them. So we all get to see more liars in congress. Stop pretending that these people come from out of nowhere... they are Americans.
What you described IS a republic.. which is exactly what the US is. Here's the dictionary definition:
1. a state in which the supreme power rests in the body of citizens entitled to vote and is exercised by representatives chosen directly or indirectly by them.
In other words, we all vote people into office, then those people do whatever the hell they want as our representatives.
If you don't like the morons in office, then why do you (we) keep putting them into office?
Stalin left office in 52. And China did not have ICBMs capable of reaching the US until the 2000's... about 20 years after Mao died.
* BackTrack is a Live DVD - when you finish using it, everything is wiped out.
* It's not a server OS
* It's not a desktop OS
* It's an OS for a specific purpose.. you use it for pentesting, and then stop using it.
I don't see what the issue is.
It was stated that DEMO (the follow-on to ITER) will be exactly that.
I acknowledged that in the first sentence. They want to go straight from ITER -> a commercially viable reactor (DEMO). Their 40 year estimate is the rosiest, most optimistic estimate they could come up with.
We want to address that head-on here: aside from a few over-optimistic predictions made in the very early days of magnetic fusion research (the 1950s)...
They then go on to make an over-optimistic prediction, based entirely on best-case scenarios, that it is only 40 years away.
They committed the sin they say others are committing.
This is why fusion has 'the reputation of being “always being thirty years away” (or fifty, or twenty)'...
If you'd read, you'd see the number is 40 years off.
It's 40 years if they go from ITER -> commercial viable reactor.. but further down, they say ITER will produce 10x more energy for minutes at a time. Pretty sure commercial reactors need to produce electricity for a bit longer than that. And I can't imagine anyone would attempt a commercial reactor when the prototype (ITER) can only operate for a few minutes.
It also assumes, they won't discover some problem with ITER, and that ITER will work as expected (ie: best case scenario).
The whole thing is incredibly optimistic.
I have a hard time it's 40 or even 50 years.. more like ITER (in 2030) -> some other reactor -> barely commercially viable reactor -> a demonstrably commercially viable reactor... then someone will actually build a commercial reactor from it.
Figure 2150... long after we're dead.
500 million yen == 5 million dollars. A lot... but no comparison to many other overpaid American CEOs.
I've read a half-dozen merchant account agreements over the years.. I've never seen one that says you MUST accept returns. They all say you must post a return policy, and make it clear to the customer what the policy is. The only specifics is when the store is closing -- most agreements say you must post a notice saying "all sales are final" (usually somewhere obvious).
Is it illegal to have an "all sales final" policy? Generally, NO... there are many stores with such a policy... including stores going out of business
East of the Mississippi? Try everywhere that isn't CA or TX. Fry's is only in 9 states.. and 7 of those states only have 1 or 2 stores
http://www.frys.com/ac/storelocator/index.jsp
They're a credit card processor... they have the card number, the expiration date.. they might have the address line 1 + the zip (not required to be sent by the merchant). They may not even have the full address line 1... since the address verification only uses the first 3 digits of the address line 1 (ie: 1234 main st, is shortened to 123).
What id theft do you think is going to occur with that info?
The banks whos cards were stolen were informed. That is SOP. What each bank does is up to them.. in most cases, they replace the card (which Heartland would be required to pay for)... but with 130million.. who knows.
I chased my (previous) bank for three weeks, made numerous phone calls and had to go into a branch twice to get my account re-imbursed the charges
I would suggest changing banks then. I've had my credit card stolen too. I called my bank, they refunded the charge to the card while they investigated, and sent me a letter to sign. Received it a week later, signed it (1 statement, and a checkbox, IIRC), and sent it back. Received a replacement card about the same time. About 6 week later, they sent me a letter saying they finished the investigation, and removed the charge from the account.
I am also quite curious about how you can claim that out of 130,000,000 credit card details that were stolen, a $2,000 settlement to victims who were really "found" is okay.
The lawyers spent $1.5m contacting each of those people asking if they had any losses. 11 is all they could find.
And it isn't like these 130 million people aren't known. After the breach, auditors, forensic investigators come in.. The banks know who each and everyone of these people are. It would have all been disclosed after the breach was discovered.
meh... I don't know... there's a reason the court was ok with awarding $2k to those 11 people.
Fact is, when your credit card is stolen, by law you're limited to paying $50 (and most bank's don't even ask you to pay that). Everything else is recovered from the merchants who accepted the fraudulent charges, and removed from the credit card balance. The bank then replaces the credit card (something Heartland would have been responsible for paying for as part of their merchant agreement).
If your bank removed all of the fraudulent charges, then you do not have a loss. Courts cannot reimburse you for fictional or imaginary losses. Furthermore, this isn't your social security number... when the credit card is replaced, the card number is changed, which means there won't be any additional fraudulent charges.
$2k is probably what those 11 people could prove they were out as a result of the breach.
Is it incomplete? It has their entire profile... so what do you think is missing?
Is this the same data people get when the request a DVD (under EU laws)? Because if it is, then I'm having a hard time imagining what the problem is... It's basically everything the user has posted on the site + their IP address/last login.
Were people really surprised that the stuff they stored on Facebook was stored on Facebook?
same as during chernobyl... so it doesn't change the number of people who are going to die.
And I see by dismissing Thyroid cancer, you never read the link from the Bulletin of Atomic Scientists. It covers all of this... so you're just showing you don't know what you're talking about.