Jesus? Things would be oh so much better if we just prayed for a solution, right? It's not like we can change the world. Only God can do that! That's what you really wanted to say, wasn't it?
Did you see any hint at religion on that post? Or do you just take any opportunity to take on a crusade against religion?
As for testing - that's a later stage in the process of development.
Testing and code reviews should occur at the earliest possible moment and be integrated throughout development. Bugs cost less when they are found earlier.
"OK, so we have now our first code review session. So far we have written only
So why are Fitbit users’ profiles able to be searchable in Google? It’s not really Fitbit’s fault. When you create a profile, the default privacy setting allows profiles to be found in search results (Google, Bing, etc). If you don’t unclick this setting, it will obviously make your profile public for anyone to find.
It is very clearly Fitbit's fault. This option should be unchecked by default, so that users who don't notice it don't accidentally make their profiles public.
But seriously, this is scary stuff. I like the idea of a big IT house using the best and brightest to shut-down malware, but who decides what malware is? How are they making money from this?
-Matt
Nice software you have here. Would be a shame if it were classified as malware...
CC-BY-SA eliminates the need to contact the copyright holder, because the rights have already been granted: the right to publish derivative works, with attribution, under essentially the same license.
Well, that's not completely true. If you publish something through CC-BY-SA, you grant those rights provided you had the neccesary rioghts to do so. If someone decided to put Harry Potter on the net under CC-BY-SA, you still would not get the rights to distribute it by downloading it there, unless J. K. Rowling (or the publisher, I'm not sure who actually owns the rights) approved it.
Now imagine a text added under CC-BY-SA by the author, but under pseudonym without any way to find out the actual author. Now someone else comes, claims he was the author, and he never put it there under CC-BY-SA, nor authorized anyone to do so. If the real author (or submitter) was known, it would probably be trivial to show that he couldn't reasonably have gotten a copy from that other person, because the two were completely unrelated, and there was no publication of that stuff at the time he uploaded it (and even if there was a relation, that person might be able to provide evidence that he wrote it himself; and even if not, there are now two persons claiming authorship, with the uploader in slight advantage because he's the only one known top have access to the text at that time). However if the submitter isn't known, you have no way to refute that claim.
Maybe a middle ground would be that authors put their real name and possible other identifying data in the system, but the system doesn't display it to the public if they didn't explicitly request it (an opt-in option in the preferences would do). Then if any copyright dispute happens, they can use the stored name to proof their authorship (of course in that case, they cannot avoid revealing it; however I think you can't have a copyright dispute without revealing your identity anyway).
I can't tell about the situation in the USA, but at least he's completely right about the impossibility of putting something into public domain in some countries (I don't know if it's most countries, as stated, though). That's why CC-0 exists: CC-0 grants explicitly all rights that can be granted everywhere else (and explicitly puts it in public domain whereever this is possible).
That would not work. Let's say that id is a string and contains "blabla AND 1 = 1". "SELECT * FROM table WHERE Id = " is a string. id is a string. The + operator has a string on its left and a string on its right. Therefore, it will do a string-on-string operation, yielding "SELECT * FROM table WHERE Id = blabla AND 1 = 1". And THEN, there will be a type conversion to safe_string. But it is too late! How exactly do you think you can sanitize the string now?
In general, when you build a query, there are strings you want to sanitize, and other strings which you do not want to sanitize. Consider the following:
string a = "SELECT * from "; string b = table; string c = " WHERE id = "; string d = id; safe_string query = a + b + c + d;
We want to sanitize b and d, but we don't want to sanitize a and c (or the result would not be a query). How exactly is your type system (or any type system for that matter) supposed to figure this out? You're just screwed. The only way your system can work is if the user explicitly marks every single string that must be sanitized, but that completely defeats the purpose.
With C++0x user string literals and a type "sqlstring" where conversion from string to sqlstring sanitizes input, I think you could do:
sqlstring a = "SELECT * from "sql;//sql suffix means "Do not sanitize" string b = table; sqlstring c = " WHERE id = "sql; string d = id; sqlstring query= a + b + c + d;// implicit conversion from string to sqlstring sanitizes input.
You probably would just write:
sqlstring query = "SELECT * from "sql + table + " WHERE id = "sql + id;
Double left click, right click, left click, triple right click, A, A, B, A, Up, Up, Up and I can see almost see slashdot as any other forum!
It's pretty much the same command in Emacs.
Actually in Emacs it's Meta double left click, Ctrl right click, Shift Alt left click, triple right click, Super A, Meta A, Ctrl Meta B, Shift Alt A, Super Shift Up, Ctrl Shift Up, Super Alt Up.
The faulty ones, the fake ones, the overpriced ones, the wrongly labelled ones, everything is imported.
And the working, reasonably prized, correctly labelled ones are imported, too.
No hate, maybe?
Did you see any hint at religion on that post? Or do you just take any opportunity to take on a crusade against religion?
It never rains in Atacama,
but girl, don't they warn ya,
it snows,
man it snows
A gimbaledl is a pivotedled supportedl that allows the rotationedl of an objectedl about a single axisedl. Isn't that obviousedl? :-)
I was using C++. In C++, main has an implicit return 0;.
As for testing - that's a later stage in the process of development.
Testing and code reviews should occur at the earliest possible moment and be integrated throughout development. Bugs cost less when they are found earlier.
"OK, so we have now our first code review session. So far we have written only
Any comments on this?"
But who tests those scripts?
If you honestly think that sentence makers even sense, you are clearly not qualified to comment on my sig.
From the article:
So why are Fitbit users’ profiles able to be searchable in Google? It’s not really Fitbit’s fault. When you create a profile, the default privacy setting allows profiles to be found in search results (Google, Bing, etc). If you don’t unclick this setting, it will obviously make your profile public for anyone to find.
It is very clearly Fitbit's fault. This option should be unchecked by default, so that users who don't notice it don't accidentally make their profiles public.
Oh noes; I've got a bad thing in my MBR; what shall I do? Tip: boot to command line (F8 at boot time) and a quick FDISK /MBR will take care of it.
Yeah, because there's no way the malware could have modified FDISK to write an infected MBR back ...
Are inverted comas states of unusually intense consciousness? :-)
>> The proof's in the pudding.
NO! The proof of the pudding is in the eating.
Regards,
Proverb Nazi.
But the proof is in the pudding. I know for sure, because I just put it there. You know, sort of a fortune pudding. :-)
Botnet shuts-down You!
But seriously, this is scary stuff. I like the idea of a big IT house using the best and brightest to shut-down malware, but who decides what malware is? How are they making money from this?
-Matt
Nice software you have here. Would be a shame if it were classified as malware ...
Then creating an indestructible botnet is possible, right?
Yes, but under that premise destructing an indestructible botnet is possible, too.
"Locklin's technology uses ingeniously simple, inexpensive and scalable chemistry."
I've heard almost the same thing about "free energy" magnetic motors. Tell us what the chemicals are or it's bullshit.
Somehow I think using bullshit would make your feet smell more (but admittedly it wouldn't be the typical foot smell) :-)
Well, socks that only start to smell after removing them in the evening would already be a great win.
What about the surface of the sun?
No, their last bid would of course have been $googol = $10^100 - after all, they named their company after that number!
They could at least have rounded to the full number of digits available, i.e. $3,141,592,653.59
And of course, people interested in privacy are less likely to choose Chrome anyway ...
CC-BY-SA eliminates the need to contact the copyright holder, because the rights have already been granted: the right to publish derivative works, with attribution, under essentially the same license.
Well, that's not completely true. If you publish something through CC-BY-SA, you grant those rights provided you had the neccesary rioghts to do so. If someone decided to put Harry Potter on the net under CC-BY-SA, you still would not get the rights to distribute it by downloading it there, unless J. K. Rowling (or the publisher, I'm not sure who actually owns the rights) approved it.
Now imagine a text added under CC-BY-SA by the author, but under pseudonym without any way to find out the actual author. Now someone else comes, claims he was the author, and he never put it there under CC-BY-SA, nor authorized anyone to do so. If the real author (or submitter) was known, it would probably be trivial to show that he couldn't reasonably have gotten a copy from that other person, because the two were completely unrelated, and there was no publication of that stuff at the time he uploaded it (and even if there was a relation, that person might be able to provide evidence that he wrote it himself; and even if not, there are now two persons claiming authorship, with the uploader in slight advantage because he's the only one known top have access to the text at that time). However if the submitter isn't known, you have no way to refute that claim.
Maybe a middle ground would be that authors put their real name and possible other identifying data in the system, but the system doesn't display it to the public if they didn't explicitly request it (an opt-in option in the preferences would do). Then if any copyright dispute happens, they can use the stored name to proof their authorship (of course in that case, they cannot avoid revealing it; however I think you can't have a copyright dispute without revealing your identity anyway).
I can't tell about the situation in the USA, but at least he's completely right about the impossibility of putting something into public domain in some countries (I don't know if it's most countries, as stated, though). That's why CC-0 exists: CC-0 grants explicitly all rights that can be granted everywhere else (and explicitly puts it in public domain whereever this is possible).
That would not work. Let's say that id is a string and contains "blabla AND 1 = 1". "SELECT * FROM table WHERE Id = " is a string. id is a string. The + operator has a string on its left and a string on its right. Therefore, it will do a string-on-string operation, yielding "SELECT * FROM table WHERE Id = blabla AND 1 = 1". And THEN, there will be a type conversion to safe_string. But it is too late! How exactly do you think you can sanitize the string now?
In general, when you build a query, there are strings you want to sanitize, and other strings which you do not want to sanitize. Consider the following:
string a = "SELECT * from ";
string b = table;
string c = " WHERE id = ";
string d = id;
safe_string query = a + b + c + d;
We want to sanitize b and d, but we don't want to sanitize a and c (or the result would not be a query). How exactly is your type system (or any type system for that matter) supposed to figure this out? You're just screwed. The only way your system can work is if the user explicitly marks every single string that must be sanitized, but that completely defeats the purpose.
With C++0x user string literals and a type "sqlstring" where conversion from string to sqlstring sanitizes input, I think you could do:
sqlstring a = "SELECT * from "sql; //sql suffix means "Do not sanitize" // implicit conversion from string to sqlstring sanitizes input.
string b = table;
sqlstring c = " WHERE id = "sql;
string d = id;
sqlstring query= a + b + c + d;
You probably would just write:
sqlstring query = "SELECT * from "sql + table + " WHERE id = "sql + id;
I got it.
Double left click, right click, left click, triple right click, A, A, B, A, Up, Up, Up and I can see almost see slashdot as any other forum!
It's pretty much the same command in Emacs.
Actually in Emacs it's Meta double left click, Ctrl right click, Shift Alt left click, triple right click, Super A, Meta A, Ctrl Meta B, Shift Alt A, Super Shift Up, Ctrl Shift Up, Super Alt Up.