I've checked out and briefly used Mortimer ( https://github.com/aiaio/mortimer ) before and it seems a decent tool.
"mortimer is a password storage application that supports multiple users and basic permissions. The app relies on public key cryptography to facilitate a multi-user password system whose data remains secure even if the database is compromised. Admin users have permission to all password entries on the system. Users may be given permission on a password-group basis."
The highlight bug was kind of a bug in php as well as phpBB. addslashes(urldecode($somevar)) allowed ' to get through due to the way php handles unicode.
A great opt in solution..... If you don't have SPF records in your DNS, it doesn't mean Hotmail won't accept your mail.
If you DO have SPF record for your domain, and the message wasn't sent from one of the specified IP addresses, then Hotmail may block your message.
But the real kicker is when you recieve a message from someone@hotmail.com. If the IP address used to send the message isn't listed in hotmail's SPF TXT DNS record then you know it's not a message sent from hotmail. And same for Gmail:
They have something RedHat don't, sales offices world wide. They are really pushing the linux message, and are more free software (in beer and freedom) than the pre-Novell SuSE was : open source yast, free downloads for SuSE 9.1. Also they are porting most of their applications to run on linux.
I copied the 550 from the bounce message. So yes, it is a SMTP response code.. but from a bounce message, that also contained the complete attachments.
USER A gets the viris The virus then spoofs an email FROM me to SERVER A SERVER A then sends me a bounce message.
I don't know about you, but I don't want to/download/ the virus.
For those blocking at the server level, please silently drop, DON'T BOUNCE the message, as it has spoofed from addresses. E.g. 1000s of these bounce messages:
host xxx: 550-message rejected -- looks like a virus 550 (attachment 'file.zip' contains executable file
To think that there are so many flaws in windows, and so many critical updates that they have to release them in batches because system admins are over worked constantly patching MS boxes..
Microsoft released its first monthly security update on Wednesday, following a new schedule that attempts to ease the load on overburdened system administrators.
"All of the five critical (vulnerabilities) are, of course, critical, so that means they are wormable," said Jeff Jones, senior director of Microsoft's security business unit.
Quick, everyone type www.SomeRandomLetters.com into the "what's that site running?" box on netcraft.. soon we'll make IIS hosting below the margin of error.
Hotmail's one has a link "click here if you can't see the image" which then proceeds to read you the letters via an audio file which you can then type in.
Although or blind and deaf, you're still out of luck.
Slashdot Mirror
I've checked out and briefly used Mortimer ( https://github.com/aiaio/mortimer ) before and it seems a decent tool.
"mortimer is a password storage application that supports multiple users and basic permissions. The app relies on public key cryptography to facilitate a multi-user password system whose data remains secure even if the database is compromised. Admin users have permission to all password entries on the system. Users may be given permission on a password-group basis."
Because you can do something about the rain forests and the ocean.
If it only lasts 10 seconds, then just hope you are on the other side of earth.
The highlight bug was kind of a bug in php as well as phpBB. addslashes(urldecode($somevar)) allowed ' to get through due to the way php handles unicode.
They are about to.. that was the point of the aticle.
The GPL v2 has been around for 13 years and this is the first time it's been proven valid, even though it's in such widespead use.
I guess it's a testament to the plain english and common sense language of the licence.
A great opt in solution... .. If you don't have SPF records in your DNS, it doesn't mean Hotmail won't accept your mail.
:
If you DO have SPF record for your domain, and the message wasn't sent from one of the specified IP addresses, then Hotmail may block your message.
But the real kicker is when you recieve a message from someone@hotmail.com. If the IP address used to send the message isn't listed in hotmail's SPF TXT DNS record then you know it's not a message sent from hotmail. And same for Gmail
dig -t txt gmail.com
gmail.com. 300 IN TXT "v=spf1 a:mproxy.gmail.com a:rproxy.gmail.com -all"
Which means that the only servers authorized to send mail from @gmail.com are mproxy and rproxy.gmail.com
They have something RedHat don't, sales offices world wide. They are really pushing the linux message, and are more free software (in beer and freedom) than the pre-Novell SuSE was : open source yast, free downloads for SuSE 9.1. Also they are porting most of their applications to run on linux.
Isn't this good news for spammers? Now they can quicky shift their websites round before their hosting companies shut them down.
Cluster Knoppix of course!
Over half of these 100 "Distros" are Knoppix remasters. Here's a list of 60+ Knoppix remasters. The reason there are so many? It's very easy to make your own Knoppix remaster. I'm pretty sure many of these distros have 5 users if the're lucky.
I copied the 550 from the bounce message. So yes, it is a SMTP response code.. but from a bounce message, that also contained the complete attachments.
USER A gets the viris
The virus then spoofs an email FROM me to SERVER A
SERVER A then sends me a bounce message.
I don't know about you, but I don't want to /download/ the virus.
For those blocking at the server level, please silently drop, DON'T BOUNCE the message, as it has spoofed from addresses. E.g. 1000s of these bounce messages:
host xxx: 550-message rejected -- looks like a virus 550 (attachment 'file.zip' contains executable file
are as bad as 1000 viruses..
The film was made predominantly in New Zealand..
.. credit where credit is due and all...
Companies are outsourcing development becasue it can be cheaper, faster and better. Not becasue sys admins are in the way of developers.
To think that there are so many flaws in windows, and so many critical updates that they have to release them in batches because system admins are over worked constantly patching MS boxes..
This cnet article makes entertaining reading
Microsoft released its first monthly security update on Wednesday, following a new schedule that attempts to ease the load on overburdened system administrators.
"All of the five critical (vulnerabilities) are, of course, critical, so that means they are wormable," said Jeff Jones, senior director of Microsoft's security business unit.
World's first physical DDoS?
where have you been?
As far as I know, you still can't buy a so called SCO Linux licence.
If they ever have any Q&A sessions, some well formed questions about this would show the visitors that SCO is full of it.
Quick, everyone type www.SomeRandomLetters.com into the "what's that site running?" box on netcraft.. soon we'll make IIS hosting below the margin of error.
To me the Overall Trend Looks very very good for Apache ( + linux assuming most apache installs run linux )
We don't come here for have grammar
You get $5 ... so who really won?
Lawyer gets : $642,500
So the crazy idea is: why not create a special Linux distro as a gift for the journalist community?
It's called Knoppix. See the article Knoppix : The great linux advocate
Hotmail's one has a link "click here if you can't see the image" which then proceeds to read you the letters via an audio file which you can then type in.
Although or blind and deaf, you're still out of luck.
The problem with that is it returns the 404 HTTP header, which is NOT what we want if the page is actually found.