I suspect those were worm requests (W32-Nachi tries to overflow the buffer that handles SEARCH requests in IIS), rather than a particular person attempting to 0wn your webserver. I had to start filtering the request strings out of my log files becaues they were filling up the/var partition every two weeks.
Naturally, security-related validation stays on the server side. Depending solely on the client to do proper validation for non-trivial applications is asking for trouble regardless of whether the information is security related.
I tinkered briefly with writing a MUD server and came across some guidelines about what (not) to do in order to have a successful game community. In the logistics section, the cardinal rule was "Don't trust the client for anything. The client is in the hands of the enemy." I took that to heart for all my projects. Even before that, my father has a mug printed with a number of computer principles and rules one of which is "If the input routine is designed to reject all bad data, some ingenious idiot will find a way to get bad data past it."
I know what you mean about multiple clients. It's frustrating dealing with poorly written clients for otherwise good games.
I was reading up on XForms a bit when the story about XHTML2 was posted to/.. There were a few things of which I took note in the XForms spec:
A form's action is now separate from its layout on the page. I've occasionally found myself wishing I could have a button inside a form submit to a different action URI from its parent. XForms allows this.
Client-side error checking and requirements enforcement. If the standards are implemented correctly it means most of the work I do on the server side to handle forms (validation, etc.) can be handled by the client and I no longer have to worry as much about logistics. This depends on clients not being stupid, however.
Accessibility - most of the changes will be better for accessibility. Image buttons are just a different type of label element and label elements can contain several alternate forms of the label, e.g. image, text, audio.
<select1> and <select> work essentially the same, whereas radio and checkbox use somewhat different syntax.
It's nothing huge but it will make my life easier as a developer.
I don't know if the Windows XP burning software will burn DVDs but it certainly burns CDs. It's nothing spectacular but it does the job. Mostly. Still, I don't know many people who use the integrated burning software since Nero or Easy CD Creator are much better alternatives.
I can't speak for everyone but having broadband, the number of CDs I burn is increasing regardless of how much disk space I have. It's good to be able to play TV shows I've downloaded on my DVD player, for example. With DVD recorders dropping in price I doubt I'll be abandoning recordable optical media any time soon.
A rhetorical "what's next" question such as the one in the root post is rarely a reasonable one. The point of asking the question is to illustrate how ridiculous one believes the concept to be. It rarely adds anything valuable to the discussion.
Eating meat? What's next, eating children? That's a very poor argument against eating meat.
We only need to be wary of a slippery slope if the next step follows reasonably from the previous.
"What's next, x?" is a bogus argument but I'll bite. So, as devil's advocate, why would it be stupid for pages being required to conform to the standards? It would certainly require browser work and a lot of pages would have to be updated but there would be a net benefit for web developers. Write once, read anywhere. In terms of accessibility for the disabled, requiring sites to be standards compliant would be a huge leap forward. Website bandwidth usage would go down, especially with cached CSS for styles.
The article's about Germany so I can understand why you mentioned them specifically (and I happen to agree that this law is fairly useless and counter-productive) but what provoked the random France and Canada bashing?
I tried Opera and while I was generally happy with it, I still prefer Firefox. Personally I find Opera's interface busy (though not cluttered like, say, Avant). Firefox is straightforward and unobtrusive.
To each his own, though and the more browsers the better.
Installing over a previous version can cause problems. Delete the installation directory before you install the new version and it should work fine. Bookmarks, Themes, and Extensions should all be stored in your profile directory and won't be touched. You'll probably have to reinstall plugins, however.
Removing IE will not remove the vulnerability. The vulnerability is in the MS-HTML control not in the Internet Explorer executable. Any application that uses the MS-HTML control is vulnerable.
Not sure what you've heard about the banking system but I've never really had any complaints.
There's four big banks in Canada - CIBC, Royal Bank, Scotia Bank, and TD Canada Trust (there used to be five but TD and Canada Trust merged). There's also innumerable Credit Unions and a few self-serve-type services like ING Direct or President's Choice Financial. I can walk into any bank branch and change American money in for Canadian.
Personally I use President's Choice Financial. There's no fees for day-to-day banking. For savings accounts they were paying 5% interest with no minimum balance when they launched. It's down to 2% now but it's better than some of the banks where a daily interest savings account actually loses money because of service fees unless you maintain a balance of $1000 or more.
I walked into the President's Choice pavilion at my local supermarket with no credit rating. Half an hour later I walked out with a chequing account (free cheques!) and a savings account. My hold limit (the amount I can withdraw immediately when depositing cheques, etc.) was $200 and my daily withdrawl limit was $1000. Neither account costs me any money as long as I use CIBC's bank machines.
Contrast this with my experience in New York State where they wouldn't change my Canadian money for American unless I was a customer and wanted $200 USD just to open an account.
We certainly have our issues but I don't think banking and interest rates are one of them.
Broadband internet access is generally wider spread in Canada, and cheaper, because Canadians are more urban than our American counterparts.
That and the CRCT (somewhat like the FCC in the U.S.) has capped the price of broadband at $50 CDN.
In particular, if you can't shovel snow, Toronto's the place for you, because if it ever snows more than 3 cm, they'll declare a state of emergency and call the army in to shovel your driveway for you.
Okay, Toronto got itself into a bit of trouble during some snowstorms in recent years but you're exaggerating. I can only recall one storm where Toronto ended up declaring a state of emergency when there was relatively little snow - it had to do with the snowplows being put away for the season and then a big snowstorm hitting. That and you're lucky if you have a driveway living in Toronto.
Saskatchewan is big. And flat. And there's really not much there except wheat and old people. At least that was my experience when visiting relatives in Moose Jaw. Admittedly we didn't stay in Regina or Saskatoon so I don't know what city life is like there.
British Columbia is gorgeous and the weather is mild but (if I remember my statistics right) Vancouver has the highest cost of living in Canada.
The Eastern Provinces have a lower cost of living but unemployment tends to be higher there, particularly in Newfoundland.
The Enigmail Extension is the killer app for Thunderbird for me. I'm switching away from Outlook for e-mail, though I still use it for contacts and calendar. Enigmail makes GPG signing and encryption a snap.
A View Source on his site would put an end to that argument pretty quickly. Either the information gets submitted to his site, or to Odeon's. Forms can only have one action URI.
This is something I think FireFox has gotten very right. Don't want to mess around with settings? Great. It works right out of the box.
I've installed FireFox for about a dozen people now. So far only two have even bothered to open the Options dialog. They don't care how the options are set, as long as they can browse. The two who have opened the Options dialog think the customizability is great but those two are not the majority of users.
Agreed, a lot of LiveJournals are outlets for whining about life but that's a bit of an unfair generalization.
I have a LiveJournal myself. I post the mundane day-to-day details of my life, no bitching involved. My journal is limited to my real-life friends and a few people who posted interesting, well-written entries to one of the communities I watch (customers_suck, for example). Most of the people on my friends list have similar journals.
Unfortunately, so many journals on the site are as you've described that they set the tone for the site and weblogs in general. I don't believe it's the idea or the code that's the problem, it's the culture surrounding the current incarnation of the idea. One doesn't see this sort of behaviour on technical weblogs, for example.
[The Exporting Harm report] says that between 50 percent and 80 percent of the e-waste collected for recycling in the western United States is not recycled domestically, but rather shipped to destinations such as China. Market realities force even well-intentioned recyclers to take part in dumping.
At my corporation (the one where I work, that is) a lot of people are installing Mozilla or Firefox despite corporate policy. Sooner or later corporate's going to have to catch on and either clamp down or make it official policy that we can use either or both.
Don't forget to uninstall 0.8 first. If you install overtop of the old version you may end up with strange bugs (I did). Removing the browser won't touch your profile.
SP2 will make the situation better than it is now.
Internet Explorer still renders HTML even if it's served up as Content-Type: text/plain. Try it some time. There used to be a bug where you could crash Internet Explorer by serving:
<html><form><input type crash></form></html>
as text/plain. As a web developer, I'm ecstatic that they're finally fixing this.
I'll have to agree with the other child posts. Firefox runs consistently faster than Internet Explorer on any of my machines including my laptop, an anemic Pentium 233.
What was the last version of Firefox you used? If you haven't tried the 0.9 release, I suggest you download it and try it again - the speed improvement from 0.8 was noticable.
Slashdot Mirror
I suspect those were worm requests (W32-Nachi tries to overflow the buffer that handles SEARCH requests in IIS), rather than a particular person attempting to 0wn your webserver. I had to start filtering the request strings out of my log files becaues they were filling up the /var partition every two weeks.
Maybe the PR rep chose it on purpose in protest of the BSA's ridiculous stance on copyrights.
Now that would be funny.
Naturally, security-related validation stays on the server side. Depending solely on the client to do proper validation for non-trivial applications is asking for trouble regardless of whether the information is security related.
I tinkered briefly with writing a MUD server and came across some guidelines about what (not) to do in order to have a successful game community. In the logistics section, the cardinal rule was "Don't trust the client for anything. The client is in the hands of the enemy." I took that to heart for all my projects. Even before that, my father has a mug printed with a number of computer principles and rules one of which is "If the input routine is designed to reject all bad data, some ingenious idiot will find a way to get bad data past it."
I know what you mean about multiple clients. It's frustrating dealing with poorly written clients for otherwise good games.
I was reading up on XForms a bit when the story about XHTML2 was posted to /.. There were a few things of which I took note in the XForms spec:
It's nothing huge but it will make my life easier as a developer.
No argument here. I use Nero and / or Alcohol 120% for burning CDs.
I don't know if the Windows XP burning software will burn DVDs but it certainly burns CDs. It's nothing spectacular but it does the job. Mostly. Still, I don't know many people who use the integrated burning software since Nero or Easy CD Creator are much better alternatives.
I can't speak for everyone but having broadband, the number of CDs I burn is increasing regardless of how much disk space I have. It's good to be able to play TV shows I've downloaded on my DVD player, for example. With DVD recorders dropping in price I doubt I'll be abandoning recordable optical media any time soon.
A rhetorical "what's next" question such as the one in the root post is rarely a reasonable one. The point of asking the question is to illustrate how ridiculous one believes the concept to be. It rarely adds anything valuable to the discussion.
Eating meat? What's next, eating children? That's a very poor argument against eating meat.
We only need to be wary of a slippery slope if the next step follows reasonably from the previous.
"What's next, x?" is a bogus argument but I'll bite. So, as devil's advocate, why would it be stupid for pages being required to conform to the standards? It would certainly require browser work and a lot of pages would have to be updated but there would be a net benefit for web developers. Write once, read anywhere. In terms of accessibility for the disabled, requiring sites to be standards compliant would be a huge leap forward. Website bandwidth usage would go down, especially with cached CSS for styles.
The article's about Germany so I can understand why you mentioned them specifically (and I happen to agree that this law is fairly useless and counter-productive) but what provoked the random France and Canada bashing?
I tried Opera and while I was generally happy with it, I still prefer Firefox. Personally I find Opera's interface busy (though not cluttered like, say, Avant). Firefox is straightforward and unobtrusive.
To each his own, though and the more browsers the better.
Installing over a previous version can cause problems. Delete the installation directory before you install the new version and it should work fine. Bookmarks, Themes, and Extensions should all be stored in your profile directory and won't be touched. You'll probably have to reinstall plugins, however.
Removing IE will not remove the vulnerability. The vulnerability is in the MS-HTML control not in the Internet Explorer executable. Any application that uses the MS-HTML control is vulnerable.
Not sure what you've heard about the banking system but I've never really had any complaints.
There's four big banks in Canada - CIBC, Royal Bank, Scotia Bank, and TD Canada Trust (there used to be five but TD and Canada Trust merged). There's also innumerable Credit Unions and a few self-serve-type services like ING Direct or President's Choice Financial. I can walk into any bank branch and change American money in for Canadian.
Personally I use President's Choice Financial. There's no fees for day-to-day banking. For savings accounts they were paying 5% interest with no minimum balance when they launched. It's down to 2% now but it's better than some of the banks where a daily interest savings account actually loses money because of service fees unless you maintain a balance of $1000 or more.
I walked into the President's Choice pavilion at my local supermarket with no credit rating. Half an hour later I walked out with a chequing account (free cheques!) and a savings account. My hold limit (the amount I can withdraw immediately when depositing cheques, etc.) was $200 and my daily withdrawl limit was $1000. Neither account costs me any money as long as I use CIBC's bank machines.
Contrast this with my experience in New York State where they wouldn't change my Canadian money for American unless I was a customer and wanted $200 USD just to open an account.
We certainly have our issues but I don't think banking and interest rates are one of them.
There's a "Three Dead Trolls in a Baggie" song about burning down the Whitehouse, actually. They're a band from Alberta.
To be fair, you guys burned down the town of Newark (now Niagara-on-the-Lake) first. And there were only women and children there at the time.
That and the CRCT (somewhat like the FCC in the U.S.) has capped the price of broadband at $50 CDN.
Okay, Toronto got itself into a bit of trouble during some snowstorms in recent years but you're exaggerating. I can only recall one storm where Toronto ended up declaring a state of emergency when there was relatively little snow - it had to do with the snowplows being put away for the season and then a big snowstorm hitting. That and you're lucky if you have a driveway living in Toronto.
Saskatchewan is big. And flat. And there's really not much there except wheat and old people. At least that was my experience when visiting relatives in Moose Jaw. Admittedly we didn't stay in Regina or Saskatoon so I don't know what city life is like there.
British Columbia is gorgeous and the weather is mild but (if I remember my statistics right) Vancouver has the highest cost of living in Canada.
The Eastern Provinces have a lower cost of living but unemployment tends to be higher there, particularly in Newfoundland.
The Enigmail Extension is the killer app for Thunderbird for me. I'm switching away from Outlook for e-mail, though I still use it for contacts and calendar. Enigmail makes GPG signing and encryption a snap.
A View Source on his site would put an end to that argument pretty quickly. Either the information gets submitted to his site, or to Odeon's. Forms can only have one action URI.
This is something I think FireFox has gotten very right. Don't want to mess around with settings? Great. It works right out of the box.
I've installed FireFox for about a dozen people now. So far only two have even bothered to open the Options dialog. They don't care how the options are set, as long as they can browse. The two who have opened the Options dialog think the customizability is great but those two are not the majority of users.
Agreed, a lot of LiveJournals are outlets for whining about life but that's a bit of an unfair generalization.
I have a LiveJournal myself. I post the mundane day-to-day details of my life, no bitching involved. My journal is limited to my real-life friends and a few people who posted interesting, well-written entries to one of the communities I watch (customers_suck, for example). Most of the people on my friends list have similar journals.
Unfortunately, so many journals on the site are as you've described that they set the tone for the site and weblogs in general. I don't believe it's the idea or the code that's the problem, it's the culture surrounding the current incarnation of the idea. One doesn't see this sort of behaviour on technical weblogs, for example.
No problem with the patch for me. Running Win2K, all current updates, PIII 750, 128MB, Firefox 0.9.2.
Sadly enough, there are some "recycling" programs that do involve the electronics ending up in less-developed countries.
Relevant quote from the article:
They rolled it back to just allowing update.mozilla.org after this problem was pointed out in the comments.
At my corporation (the one where I work, that is) a lot of people are installing Mozilla or Firefox despite corporate policy. Sooner or later corporate's going to have to catch on and either clamp down or make it official policy that we can use either or both.
Don't forget to uninstall 0.8 first. If you install overtop of the old version you may end up with strange bugs (I did). Removing the browser won't touch your profile.
SP2 will make the situation better than it is now.
Internet Explorer still renders HTML even if it's served up as Content-Type: text/plain. Try it some time. There used to be a bug where you could crash Internet Explorer by serving:
as text/plain. As a web developer, I'm ecstatic that they're finally fixing this.I'll have to agree with the other child posts. Firefox runs consistently faster than Internet Explorer on any of my machines including my laptop, an anemic Pentium 233.
What was the last version of Firefox you used? If you haven't tried the 0.9 release, I suggest you download it and try it again - the speed improvement from 0.8 was noticable.