I've read many of the comments on here, and man am I feeling like a heel. I know I'm not the only web developer that doesn't give a hoot about that little W3C compliant icon. As long as the site operates properly in Firefox, Safari, Opera, and IE ( as I've designed it to operate ), then that suites me fine. After 5 years of developing the same site, the only complaints I receive on it are ones about my poor design.
This brings to mind the software developers that howl about their Interface Standards ( I can't even remember the acronym they use for these standards ) I've supported the development of software for the past 3 years, and have yet to look at these Interface Standards.
I focus on the end-users eyeballs. If some developer comes along and wants to complain about my syntatical correctness - they can either copy/past my HTML to make it better - or provide a patch for my software. The regular users are quite satisfied.
I just went and watched Ice Age 2. It had a preview for The Simpsons. The preview was of a SuperMan shield scrolling up, and then an image of Homer sitting on a couch. The preview stated The Simpsons Movie would be out July 27th 2007 ( almost a year away!..one heck of a trailer )
When I started programming a website, I knew I needed a database. I also knew absolutely nothing about php, sql, or even what they stood for. I was using a Perl based hacked link farm that used a flat-text database storage. Someone then pointed me to a php link farm that used MySQL. The installation text that came with the app was so easy to follow for a newbie, I had the link farm up and running in no time. I went to Books-A-Million a few weeks later, and found many books on PHP, MySQL, php/mysql - and nothing on PostgreSQL. When I finally did read up on RDBMS, found out that PostgreSQL did some functionality that MySQL didn't (at the time); I already had most of my site designed in php/mysql. I looked more into sub-queries in PostgreSQL, but the community structure was so scattered and non-newbie friendly, I decided to stick it out with MySQL (and havn't regretted it once). So my reasons for preference have nothing to do with wanting a windows version, different language, or other such assumption. Instead, my reasons are:
* as everyone says, the name is catchy: MySQL
* when I first was introduced to it, and to this day, Michael 'Monty' Widenius takes a personal interest in his work, and is a real down to earth guy ( had the pleasure of emailing him once) [you can probably still see him posting on the mysql dev lists these days..though I havn't followed it in a couple of years]
* Extensive script language support for web development
* Books for newbs and professionals (many books)
* I like their website more..always have
Good question - it took me years of outsourcing work to find a reliable and efficient web frontend that contained an abundant developer community. I ran across guru.com by luck and have used them ever since. They provide the most ideal web based frontend for project developers - while they do have that annoying "gold, platinum" other such nonsense that the un-enlightened tend to use - their graphic-less website with simple CSS layout provides a refreshing UI that puts you directly in touch with those whom you are working with.
Ajax is a nice approach at web development; but developers are losing sight of the heaviness that comes with the extra features. While I find the features of drag-n-drop, dynamic tree menus, sliding menus, and interactive one-time-load pages to be nice, it does not justify the additional load time required to include these features.
How longs does it take to load the web page. That should still be amongst the foremost concern to the webmaster. When you use AJAX (javascript/xml/css) your browser must still download the content. Even content that is not currently in use is downloaded and only used upon demand. How then does this minimise the total size of the page? It doesn't. A user will wait about 3 seconds for a page to load at max. Once you begin getting past that point for the page-load time, you are risking losing that visitors interest. AJAX is a good approach for dedicated traffic use. Examples being: allowing a user to dynamically design their profile page with drag-n-drop features, permitting a logged in visitor to manage their blog entries through drag-n-drop and dynamic category creation with real-time folder image representation, and other such user-specific features. These features are handy and a visitor is seeking the interaction that allows for a little extra page-load time. But to require all users to wait for your AJAX aproach to load an interactive calendar that half your traffic will not use is bloat.
Take it from top websites which understand this. Yahoo! is a prime example. Visit their page and browse around. Do you see DHTML/AJAX heavy feature-bloating? Not at all, instead you see simple CSS, minimum graphics and fast page loads. The only location you do see those heavy features is in user-specific areas.
This aproach though has been around for several years that I am aware.
Firefox is definately a sucess story. It caught on primarily due to one mans eagerness to assist developers, and then assist newcomers in fixing bugs. Hmm, havn't we seen this similiar type of movement before? I seem to remember an enthusiastic developer named Linus Torvalds mentioning a new idea for an free operating system
Its great to see Europe taking such a greater interest in the project as well. Perhaps EU will recognise now the political and business gain in open source development.
And while your at it, go ahead and let the government ensure that reporters must release sources of information for "the good of the public".
And today, we form the Galactic Empire..
This is a democratic society, built upon the ideals and beliefs that the government works "for" the people, "by" the people; NOT "sanction" the people. For that, go with an Imperalistic government (move to China)
Games are not always properly rated
Video games are also sometimes rated too strictly. Movies are sometimes incorrectly rated, as are books. The end result: The concerned parent will research the content prior to exposing their children. I say again the concerned parent will research the content prior to exposing their children to it.
- Ratings are confusing(why not use the same system as the movie industry?)
Because we are rating Video Games, not movies. The ESRB ratings are available for full review in many online stores, websites, and storefront retailers to describe the system.
- Stores don't enforce ratings, ever.
Oh you are just so wrong here with this statement. Folks, most stores will not sell a video game unless it is ESRB rated. Those stores that _do_ sell non ESRB rated video games are fly by night storefronts, selling fly by night video games. Every respectable video game company has ESRB ratings as part of their publishing standards.
- Stores don't even advise on ratings hardly ever.
Stores also don't tell me to read the Surgeon General's warning on a pack of smokes before I purchase them. They don't tell me to read the side effects of medicine before I purchase it. And they definately don't tell me to review the ingredients of multi-syllable words on my can of processed pairs before eating them. Why then are you recommending that stores, of all things, enforce the reading of a rating system for video games?
- There are so many games out there all jumbled together, for older parents who are not gamers themselves, its pretty much impossible to tell one thing from another.
Good thing the gaming companies keep their focus on the young adult audience then. The nerve of them though; to focus on a targetted audience and leave a group out. But then again, perhaps they havn't. Maybe they make software games that have practical purposes as well. Dunno
Good question. The concerned parents will review the ESRB and ensure the content is suitable for little Joey. But truly, does the parent whom gives the 50 dollar gift certificate to their child show that much concern over content? Instead, they rely upon the retailer to not sell anything over explicit in content ( x-rated ). And to this end, the ESRB ensures proper ratings are available to retailers.
But no, let's legislate the fuck out of the video-game industry because Hillary Clinton is running for president.
But it looks so great in a resume: Set up the FTC to legislate video game rating standards to ensure compliance with government santioned regulations
But a good dose of government oversight is exactly what is needed, says Rep. Joe Baca, D-California. He has been trying for three years to get legislation passed that would require the FTC to determine if the video game industry's labeling practices are unfair or deceptive.
The ESRB is finding itself under the scrutiny of political strife. I commend the ESRB President on her steadfastness and willingness to state "don't hold your breath".
The ESRB was developed by congress, however it is not a government operated entity. It does not conform to any government pre-sanctioned template of acceptable usage, and that is as it should be. In fact, ESRB ratings is not by law required to be placed on video games. Through its retailer acceptance however, retailers often _require_ that a game be ESRB rated; or they will not sell that game in their stores.
I believe the ESRB is doing a fine job in their approach at handling video game ratings. The whole kickoff of this political campaign was by Senator Clinton receiving a 'hacked' copy of a video game, that as I understand was attainable only through "less than acceptable" means. Tell the boys in the thinktank to get off the eMule servers and focus on the public released versions in use. They will find that the ESRB ratings are in keeping with the standards of the industry.
I ran into this problem some time ago. I had a client account that was logged into with this brute force attack. Luckily the client was in the shell at the time and terminated the login, then notified me about the problem. I went to the drawing board immediately. This is the solution I use across my small network farm of Linux servers.
Read the common server log files with a PHP script and wrapped through the PAM authentication module ( a quick call for the script through/etc/hosts.deny )/var/log/messages/var/log/secure/var/log/xfer.log/var/log/maillog using regular expression, determine any failed password attempts. This gets tricky when dealing with RedHat boxes, as the logger will compress numerous "like" messages in something similiar to: "Last message repeated x number of times". Keeping this in mind, check for failed logins for _any_ account by the same IP X number of times.
What I found was the brute force scripts used numerous names: admin, root, webmaster, user, temp, etc.. ; therefore you are unable to use the detection system on a per-user basis, instead it must be per-IP basis.
If the IP attempts X number of failed logins, ban them in/etc/hosts.deny and add them to the firewall through IPTABLES.
Problems that arose due to this:
Some clients are just all thumbs on the keyboards. To augment this, a modification to the script to first read/etc/hosts.deny is performed. If an IP is already in/etc/hosts.deny, then do not block it. I will manually go into/etc/hosts.deny and #comment out any valid user IP to prevent them from triggering what I call 'the mitigator'.
This system has worked to prevent ssh brute force and rumple style dictionary bombing against sendmail.
The only problem I have run into with the script was when I ported it to a new server and forgot to add that servers IP to a 'safe_list'. Oops. A quick firewall flush though fixed the issue and the mitigator was back in business.
It's caused by poor programming practices and general laziness. The php language will only do what you allow it to do. If you accept any $_POST data that is thrown your way, without verifying the validity of the originating poster, you wreap what you sew.
Database access is given through the php script, if you fail to double check the content being drawn, ( example: SELECT * FROM user_table, opposed to SELECT * FROM user_table WHERE id=blaat ), this is poor program security.
A majority of the OpenSource php scripts/programs are (how to put it eloquently), "a mess". Script code is thrown in with html, no seperation of library routines, no program flow, little in the way of architecture, etc etc. This includes a number of popular OpenSource works ( phpbb, phpnuke are the only ones that fall under this category that I have reviewed ). I have not reviewed the Drupal source (probably never will), but the acceptable OpenSource standards when dealing with php programming practices should be raised.
I would surmise that some php OpenSource developers learnt their trade through Script style approach, opposed to general programming practices in standard languages ( C, C++ ), and therin lies the numerous library flaws.
Do not let security flaws in popular projects deter your decision to take full advantage of the fluency that PHP has to offer, instead ask yourself if you have enough knowledge and programming skill to develop a robust and secure portal.
Drupal requires security patching, shipped XML_RPC pear library in php vulnerable, phpBB open to spam hacks, phpnuke and derivs allow remote url inclusion for DDOS hackers:: pants as he sends out client update emails and applies patches::
This is just another PHP growing pain. Sysadmins continue to watch the patches. Perl mongers.. "I told you so" is over rated...
So, OS/2. May you rest in peace. And please stop scratching the coffin from the inside. It upsets the bereaved Ahh hah hah hah!:: wipes a tear from eye::
What I really find interesting is that IBM has offered a migration HOWTO for the OS users, and its to Linux. Always nice to have the big boy support.
This is so horribly full of conjectures, uncontrolled data resources, and just pure speculation. The figures are based off Alexa Toolbar users, and one website visitor ratio. The author uses these as the base of forumlating a simple division/multiplication approach to postulating the gross users of the internet.
Suggestion for more accurate collection of information. Talk to ICANN or that nifty website senderbase.org that has a broader view on traffic flow across the internet.
This is just poor business modeling. The current solution to alleviate the concerns of the outraged players is to now get with larger organisations charging a fee to seek out contracts or licensing terms. It is clear the developers intentions is to wreap some spending capitable benefits off their products, and rightly so. Doing so in this manner though will lead to a loss in users and community support (IMHO). There are other methods to capitalise on a product. Im not a big LARP fan, but basic business management and a little ingenuity should put some copper in their pocket.
The dot-com era was the first thing that came to mind. Because a company claims you are worth 800 million, doesn't mean it will draw that amount in shareholder earnings. Just from the brief summary above, it looks as though visitor traffic is playing a large role in the estimated worth of the network. From the overall negative remarks below, to the consideration that the intended audience for such a network organisation are non-tax paying youths; I would second guess before going public. Better to sell it on eBay and count yourself lucky if you get a cool million.
I believe the way the open-source community works right now has some fundamental flaws that have got to be addressed. We need to address how this open-source intellectual property is developed, routed, and sold. Thousands of software developers send code to contribute to open-source projects -- but there isn't a protective device for the customer using the software to ensure they're not in violation of the law by using stolen code.
In tracking this roller coaster, it hadn't occurred to me till just now that the overall target isn't Linux itself, rather the Open Source movement. I see more concern in this statement about Open Source development, than I do about Linux code infringement.
Or is Open Source questioning just an added bonus tacked onto SCO claims.
The Rhino 120 GPS is what I've used for the past 6 months in and around the middle east. It is lightweight, and interacts with the PC to support uploading of Rastermaps. Zoom capabilities allow for viewing at global scale, down to a 10 digit grid.
The Rhino is fully customisable, and comes with a few games for those days that you just don't feel like doing anything =). The map upload support is the best feature of this little gadget IMHO.
Waypoints, paths taken, current location, remote location of others using the Rhino, walkie talkie, basic security measures, multiple grid system formats (lat/long,GDS,MGRS,Asian/European,etc..) .
It eats up batteries, so make sure to have some rechargables around.
I use 3 types of GPS systems when out and about. A basic military PLGR, the latest technology in GPS that costs more than I make in 5 years, and this handy little Rhino. When I'm asked for my current location, the Rhino is the first thing I grab.
I had thought such was the case, but wasn't certain it applied to all governments. I do not forsee the bill passing, but the thought that it was even recommended for legislature is what raises my eyebrows. Most modern democracies stay clear of copyright enforcement legislature; instead they provide the structure which allows those whom have been infringed upon to seek retribution in a legal manner (plus it gives intellectual property attorney's something to do).
I touched on this recomendation in my META TAGS thread below. But you can use a NOINDEX rule which is already an acceptable standard by search engines.
This will provide the lawyers a finer focus on whom to go after in regards to cacheing copyrighten data.
Any information can be copyrighted. Simply placing your name and year next to an original work provides copyright protection. Countries have different methods and laws governing copyright works, so I would wonder how feasible it is to place this type of regulation on information that is gained through public access.
Recently I looked into META tags, and saw a copyright META TAG. I found it odd, but this _could_ provide a solution for indivuals. But in further looking, I see the robots: NOINDEX rule, which would prevent a search engine from cacheing a page at all. The "good" search engines adhere to the NOINDEX rule, while the other "less than forward" engines will ignore it. This can be used as a cross-hair for the copyright lawyers to focus on.
The problem of authors being concerned over copyrighten work can not be solved by making it illegal to cache a page; you then open up a can of worms in regards to search engines, web browsers, and software programs which all cache data in one form or other. By using an already emplaced acceptable standard such as NOINDEX, a webmaster can ensure their copyrighten work is accessible only by direct visitation.
While your counterstrike game is down, try playing a mud instead. They are online text games, and provide a more entertaining level of interaction for those with an imagination.
I didn't even get a chance to view the website before it got/.'d.
From the article headline though, it looks like a pretty kewl hack. Maybe when iPOD gets bigger, it'll be a usefull software cary-around tool.
My understanding is that it is a multiple query system.
Let's say you are just learning to ride a horse, and you want to know of positions to sit on the horse. You'd search for something like: 'good riding positions' A current search return for this statement would deliver you everything from: Xaviers House Of Pleasures, to Yokels Horse Taming Ranch.
What this system does is refine your query for you, based off cached google pages, and using: page popularity and keyword algorithms.
The search would return results like: "how to ride your woman" "positions open on the dude ranch" "popular riding positions for horses"
A tree is built with all these returns, and their system filters out the "junk", and returns the nearest pages you are looking for "popular riding positions for horses"
This is a pretty nice approach. Quoted from the news article "The technique has managed to distinguish between colours, numbers, different religions and Dutch painters based on the number of hits they return, the researchers report in an online preprint.", it shows that common terminology can be drawn. In the end though, this is a refined search routine for Google IMHO. This would be good for scholar searches perhaps, or even a dynamic thesaurus. But when using terms such as: does windows use linux, the derived results would be broken down into: "linux" "windows" "use" . Google cached pages containing these terms vary so greatly in content. But, if searching for something along the lines of "dutch painters favorite colors", would produce desired results like the control method used in the news article
Slashdot Mirror
I've read many of the comments on here, and man am I feeling like a heel. I know I'm not the only web developer that doesn't give a hoot about that little W3C compliant icon. As long as the site operates properly in Firefox, Safari, Opera, and IE ( as I've designed it to operate ), then that suites me fine. After 5 years of developing the same site, the only complaints I receive on it are ones about my poor design.
This brings to mind the software developers that howl about their Interface Standards ( I can't even remember the acronym they use for these standards ) I've supported the development of software for the past 3 years, and have yet to look at these Interface Standards.
I focus on the end-users eyeballs. If some developer comes along and wants to complain about my syntatical correctness - they can either copy/past my HTML to make it better - or provide a patch for my software. The regular users are quite satisfied.
I just went and watched Ice Age 2. It had a preview for The Simpsons. The preview was of a SuperMan shield scrolling up, and then an image of Homer sitting on a couch. The preview stated The Simpsons Movie would be out July 27th 2007 ( almost a year away!..one heck of a trailer )
When I started programming a website, I knew I needed a database. I also knew absolutely nothing about php, sql, or even what they stood for. I was using a Perl based hacked link farm that used a flat-text database storage. Someone then pointed me to a php link farm that used MySQL. The installation text that came with the app was so easy to follow for a newbie, I had the link farm up and running in no time. I went to Books-A-Million a few weeks later, and found many books on PHP, MySQL, php/mysql - and nothing on PostgreSQL. When I finally did read up on RDBMS, found out that PostgreSQL did some functionality that MySQL didn't (at the time); I already had most of my site designed in php/mysql. I looked more into sub-queries in PostgreSQL, but the community structure was so scattered and non-newbie friendly, I decided to stick it out with MySQL (and havn't regretted it once). So my reasons for preference have nothing to do with wanting a windows version, different language, or other such assumption. Instead, my reasons are:
* as everyone says, the name is catchy: MySQL
* when I first was introduced to it, and to this day, Michael 'Monty' Widenius takes a personal interest in his work, and is a real down to earth guy ( had the pleasure of emailing him once) [you can probably still see him posting on the mysql dev lists these days..though I havn't followed it in a couple of years]
* Extensive script language support for web development
* Books for newbs and professionals (many books)
* I like their website more..always have
My shallow reasons..
Good question - it took me years of outsourcing work to find a reliable and efficient web frontend that contained an abundant developer community. I ran across guru.com by luck and have used them ever since. They provide the most ideal web based frontend for project developers - while they do have that annoying "gold, platinum" other such nonsense that the un-enlightened tend to use - their graphic-less website with simple CSS layout provides a refreshing UI that puts you directly in touch with those whom you are working with.
Ajax is a nice approach at web development; but developers are losing sight of the heaviness that comes with the extra features. While I find the features of drag-n-drop, dynamic tree menus, sliding menus, and interactive one-time-load pages to be nice, it does not justify the additional load time required to include these features.
How longs does it take to load the web page. That should still be amongst the foremost concern to the webmaster. When you use AJAX (javascript/xml/css) your browser must still download the content. Even content that is not currently in use is downloaded and only used upon demand. How then does this minimise the total size of the page? It doesn't. A user will wait about 3 seconds for a page to load at max. Once you begin getting past that point for the page-load time, you are risking losing that visitors interest. AJAX is a good approach for dedicated traffic use. Examples being: allowing a user to dynamically design their profile page with drag-n-drop features, permitting a logged in visitor to manage their blog entries through drag-n-drop and dynamic category creation with real-time folder image representation, and other such user-specific features. These features are handy and a visitor is seeking the interaction that allows for a little extra page-load time. But to require all users to wait for your AJAX aproach to load an interactive calendar that half your traffic will not use is bloat.
Take it from top websites which understand this. Yahoo! is a prime example. Visit their page and browse around. Do you see DHTML/AJAX heavy feature-bloating? Not at all, instead you see simple CSS, minimum graphics and fast page loads. The only location you do see those heavy features is in user-specific areas.
This aproach though has been around for several years that I am aware.
Firefox is definately a sucess story. It caught on primarily due to one mans eagerness to assist developers, and then assist newcomers in fixing bugs. Hmm, havn't we seen this similiar type of movement before? I seem to remember an enthusiastic developer named Linus Torvalds mentioning a new idea for an free operating system
Its great to see Europe taking such a greater interest in the project as well. Perhaps EU will recognise now the political and business gain in open source development.
And while your at it, go ahead and let the government ensure that reporters must release sources of information for "the good of the public".
And today, we form the Galactic Empire..
This is a democratic society, built upon the ideals and beliefs that the government works "for" the people, "by" the people; NOT "sanction" the people. For that, go with an Imperalistic government (move to China)
Games are not always properly rated
Video games are also sometimes rated too strictly. Movies are sometimes incorrectly rated, as are books. The end result: The concerned parent will research the content prior to exposing their children. I say again the concerned parent will research the content prior to exposing their children to it.
- Ratings are confusing(why not use the same system as the movie industry?)
Because we are rating Video Games, not movies. The ESRB ratings are available for full review in many online stores, websites, and storefront retailers to describe the system.
- Stores don't enforce ratings, ever.
Oh you are just so wrong here with this statement. Folks, most stores will not sell a video game unless it is ESRB rated. Those stores that _do_ sell non ESRB rated video games are fly by night storefronts, selling fly by night video games. Every respectable video game company has ESRB ratings as part of their publishing standards.
- Stores don't even advise on ratings hardly ever.
Stores also don't tell me to read the Surgeon General's warning on a pack of smokes before I purchase them. They don't tell me to read the side effects of medicine before I purchase it. And they definately don't tell me to review the ingredients of multi-syllable words on my can of processed pairs before eating them. Why then are you recommending that stores, of all things, enforce the reading of a rating system for video games?
- There are so many games out there all jumbled together, for older parents who are not gamers themselves, its pretty much impossible to tell one thing from another.
Good thing the gaming companies keep their focus on the young adult audience then. The nerve of them though; to focus on a targetted audience and leave a group out. But then again, perhaps they havn't. Maybe they make software games that have practical purposes as well. Dunno
Good question. The concerned parents will review the ESRB and ensure the content is suitable for little Joey. But truly, does the parent whom gives the 50 dollar gift certificate to their child show that much concern over content? Instead, they rely upon the retailer to not sell anything over explicit in content ( x-rated ). And to this end, the ESRB ensures proper ratings are available to retailers.
But no, let's legislate the fuck out of the video-game industry because Hillary Clinton is running for president.
But it looks so great in a resume: Set up the FTC to legislate video game rating standards to ensure compliance with government santioned regulations
But a good dose of government oversight is exactly what is needed, says Rep. Joe Baca, D-California. He has been trying for three years to get legislation passed that would require the FTC to determine if the video game industry's labeling practices are unfair or deceptive.
The ESRB is finding itself under the scrutiny of political strife. I commend the ESRB President on her steadfastness and willingness to state "don't hold your breath".
The ESRB was developed by congress, however it is not a government operated entity. It does not conform to any government pre-sanctioned template of acceptable usage, and that is as it should be. In fact, ESRB ratings is not by law required to be placed on video games. Through its retailer acceptance however, retailers often _require_ that a game be ESRB rated; or they will not sell that game in their stores.
I believe the ESRB is doing a fine job in their approach at handling video game ratings. The whole kickoff of this political campaign was by Senator Clinton receiving a 'hacked' copy of a video game, that as I understand was attainable only through "less than acceptable" means. Tell the boys in the thinktank to get off the eMule servers and focus on the public released versions in use. They will find that the ESRB ratings are in keeping with the standards of the industry.
I ran into this problem some time ago. I had a client account that was logged into with this brute force attack. Luckily the client was in the shell at the time and terminated the login, then notified me about the problem. I went to the drawing board immediately. This is the solution I use across my small network farm of Linux servers.
/etc/hosts.deny ) /var/log/messages /var/log/secure /var/log/xfer.log /var/log/maillog
/etc/hosts.deny and add them to the firewall through IPTABLES.
/etc/hosts.deny is performed. If an IP is already in /etc/hosts.deny, then do not block it. I will manually go into /etc/hosts.deny and #comment out any valid user IP to prevent them from triggering what I call 'the mitigator'.
Read the common server log files with a PHP script and wrapped through the PAM authentication module ( a quick call for the script through
using regular expression, determine any failed password attempts. This gets tricky when dealing with RedHat boxes, as the logger will compress numerous "like" messages in something similiar to: "Last message repeated x number of times". Keeping this in mind, check for failed logins for _any_ account by the same IP X number of times.
What I found was the brute force scripts used numerous names: admin, root, webmaster, user, temp, etc.. ; therefore you are unable to use the detection system on a per-user basis, instead it must be per-IP basis.
If the IP attempts X number of failed logins, ban them in
Problems that arose due to this:
Some clients are just all thumbs on the keyboards. To augment this, a modification to the script to first read
This system has worked to prevent ssh brute force and rumple style dictionary bombing against sendmail.
The only problem I have run into with the script was when I ported it to a new server and forgot to add that servers IP to a 'safe_list'. Oops. A quick firewall flush though fixed the issue and the mitigator was back in business.
It's caused by poor programming practices and general laziness. The php language will only do what you allow it to do. If you accept any $_POST data that is thrown your way, without verifying the validity of the originating poster, you wreap what you sew.
Database access is given through the php script, if you fail to double check the content being drawn, ( example: SELECT * FROM user_table, opposed to SELECT * FROM user_table WHERE id=blaat ), this is poor program security.
A majority of the OpenSource php scripts/programs are (how to put it eloquently), "a mess". Script code is thrown in with html, no seperation of library routines, no program flow, little in the way of architecture, etc etc. This includes a number of popular OpenSource works ( phpbb, phpnuke are the only ones that fall under this category that I have reviewed ). I have not reviewed the Drupal source (probably never will), but the acceptable OpenSource standards when dealing with php programming practices should be raised.
I would surmise that some php OpenSource developers learnt their trade through Script style approach, opposed to general programming practices in standard languages ( C, C++ ), and therin lies the numerous library flaws.
Do not let security flaws in popular projects deter your decision to take full advantage of the fluency that PHP has to offer, instead ask yourself if you have enough knowledge and programming skill to develop a robust and secure portal.
Drupal requires security patching, shipped XML_RPC pear library in php vulnerable, phpBB open to spam hacks, phpnuke and derivs allow remote url inclusion for DDOS hackers :: pants as he sends out client update emails and applies patches::
This is just another PHP growing pain. Sysadmins continue to watch the patches. Perl mongers.. "I told you so" is over rated...
So, OS/2. May you rest in peace. And please stop scratching the coffin from the inside. It upsets the bereaved :: wipes a tear from eye ::
Ahh hah hah hah!
What I really find interesting is that IBM has offered a migration HOWTO for the OS users, and its to Linux. Always nice to have the big boy support.
This is so horribly full of conjectures, uncontrolled data resources, and just pure speculation. The figures are based off Alexa Toolbar users, and one website visitor ratio. The author uses these as the base of forumlating a simple division/multiplication approach to postulating the gross users of the internet.
Suggestion for more accurate collection of information. Talk to ICANN or that nifty website senderbase.org that has a broader view on traffic flow across the internet.
This is just poor business modeling. The current solution to alleviate the concerns of the outraged players is to now get with larger organisations charging a fee to seek out contracts or licensing terms. It is clear the developers intentions is to wreap some spending capitable benefits off their products, and rightly so. Doing so in this manner though will lead to a loss in users and community support (IMHO). There are other methods to capitalise on a product. Im not a big LARP fan, but basic business management and a little ingenuity should put some copper in their pocket.
The dot-com era was the first thing that came to mind. Because a company claims you are worth 800 million, doesn't mean it will draw that amount in shareholder earnings. Just from the brief summary above, it looks as though visitor traffic is playing a large role in the estimated worth of the network. From the overall negative remarks below, to the consideration that the intended audience for such a network organisation are non-tax paying youths; I would second guess before going public. Better to sell it on eBay and count yourself lucky if you get a cool million.
I believe the way the open-source community works right now has some fundamental flaws that have got to be addressed. We need to address how this open-source intellectual property is developed, routed, and sold. Thousands of software developers send code to contribute to open-source projects -- but there isn't a protective device for the customer using the software to ensure they're not in violation of the law by using stolen code.
In tracking this roller coaster, it hadn't occurred to me till just now that the overall target isn't Linux itself, rather the Open Source movement. I see more concern in this statement about Open Source development, than I do about Linux code infringement.
Or is Open Source questioning just an added bonus tacked onto SCO claims.
The Rhino 120 GPS is what I've used for the past 6 months in and around the middle east. It is lightweight, and interacts with the PC to support uploading of Rastermaps. Zoom capabilities allow for viewing at global scale, down to a 10 digit grid.
The Rhino is fully customisable, and comes with a few games for those days that you just don't feel like doing anything =). The map upload support is the best feature of this little gadget IMHO.
Waypoints, paths taken, current location, remote location of others using the Rhino, walkie talkie, basic security measures, multiple grid system formats (lat/long,GDS,MGRS,Asian/European,etc..) .
It eats up batteries, so make sure to have some rechargables around.
I use 3 types of GPS systems when out and about. A basic military PLGR, the latest technology in GPS that costs more than I make in 5 years, and this handy little Rhino. When I'm asked for my current location, the Rhino is the first thing I grab.
I had thought such was the case, but wasn't certain it applied to all governments. I do not forsee the bill passing, but the thought that it was even recommended for legislature is what raises my eyebrows. Most modern democracies stay clear of copyright enforcement legislature; instead they provide the structure which allows those whom have been infringed upon to seek retribution in a legal manner (plus it gives intellectual property attorney's something to do).
I touched on this recomendation in my META TAGS thread below. But you can use a NOINDEX rule which is already an acceptable standard by search engines.
This will provide the lawyers a finer focus on whom to go after in regards to cacheing copyrighten data.
Any information can be copyrighted. Simply placing your name and year next to an original work provides copyright protection. Countries have different methods and laws governing copyright works, so I would wonder how feasible it is to place this type of regulation on information that is gained through public access.
Recently I looked into META tags, and saw a copyright META TAG. I found it odd, but this _could_ provide a solution for indivuals. But in further looking, I see the robots: NOINDEX rule, which would prevent a search engine from cacheing a page at all.
The "good" search engines adhere to the NOINDEX rule, while the other "less than forward" engines will ignore it. This can be used as a cross-hair for the copyright lawyers to focus on.
The problem of authors being concerned over copyrighten work can not be solved by making it illegal to cache a page; you then open up a can of worms in regards to search engines, web browsers, and software programs which all cache data in one form or other. By using an already emplaced acceptable standard such as NOINDEX, a webmaster can ensure their copyrighten work is accessible only by direct visitation.
While your counterstrike game is down, try playing a mud instead. They are online text games, and provide a more entertaining level of interaction for those with an imagination.
I didn't even get a chance to view the website before it got /.'d.
From the article headline though, it looks like a pretty kewl hack. Maybe when iPOD gets bigger, it'll be a usefull software cary-around tool.
My understanding is that it is a multiple query system.
Let's say you are just learning to ride a horse, and you want to know of positions to sit on the horse. You'd search for something like:
'good riding positions'
A current search return for this statement would deliver you everything from: Xaviers House Of Pleasures, to Yokels Horse Taming Ranch.
What this system does is refine your query for you, based off cached google pages, and using: page popularity and keyword algorithms.
The search would return results like:
"how to ride your woman"
"positions open on the dude ranch"
"popular riding positions for horses"
A tree is built with all these returns, and their system filters out the "junk", and returns the nearest pages you are looking for "popular riding positions for horses"
It's a smarter smart search engine (filter)
This is a pretty nice approach. Quoted from the news article "The technique has managed to distinguish between colours, numbers, different religions and Dutch painters based on the number of hits they return, the researchers report in an online preprint.", it shows that common terminology can be drawn. In the end though, this is a refined search routine for Google IMHO. This would be good for scholar searches perhaps, or even a dynamic thesaurus. But when using terms such as: does windows use linux, the derived results would be broken down into: "linux" "windows" "use" . Google cached pages containing these terms vary so greatly in content. But, if searching for something along the lines of "dutch painters favorite colors", would produce desired results like the control method used in the news article