Releasing this Webkit hack is a good thing mostly. Sure malicious folks 'Might' use it for their purposes. My question is why hasn't Google provided a patch fix for versions prior to 2.2 and/or are they working on one avaliable for download?
Depending on whose maps as original source documents for Google maps was, that Google at least played a significant part in this international incident. I would kindly suggest that Google do an in depth review of their Google Maps App and in the doing of same, insure that they are using accurate original source data. In the mean time, Google would better serve the world if for a time they took down Google maps so as not to be a cause of potential cause of future incidents such as this one lest someone get injured of killed as a result unnecessarily.
Seems that the 'Pirates' web sites that were earlier
DDos attacked by MPAA members web sites were in turn
counter attacked. Shades of "sew the wind, reap the
whirlwind"? From my perspective this battle is heating up
in exactly the wrong direction and may spread beyond what
both factions may have expected of desire. The whole
tit-for-tat attitude is not going to solve the precieved
problems of either... It also seems relatively evident that
if the MPAA and it's members websites had taken proper
and available security precautions to protect their
Intellectual property in the first place the "Pirates"
would have been thwarted long ago now...
agreed that this is absolutely ridiciolous. What this article/story doesn't tell you is that often times via certain sorts of malicious cookies and javascripts malicious "Uploads" to your computer/PC as hidden graphic files can and are often sent to you. Livewire is famous for this sort of activity.
As someone that once maintained the NWP-16 ( Nucular publication #16 ) which amongst other things, documented the detination frequencies and fail safe codes of all nucular weapons the united states had and has today, their is a possibility that even with revolving random frequency transmission via MUX gear a hacker could pre-detinate or emergency distruct one of more existing warheads not currently deployed. Other than that the remainder of this report is of very little actual value or accurately demonstrates any threat from cyberterrorists.
Regards, CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827
Well isn't this just peachy! How utterly ludicrous in the extreme. Next thing you know is that the RIAA as plaintiffs will be asking for a summery judgment without the objection of the defense or the judges further consideration.
It's simply not believable that the RIAA
or any judge that deserves to be sitting
on the benchm Judge Bybee being one that
might be an exception for the moment, could
possible allow such nonsense. I am surprised
that this judge did not hold the RIAA lawyers
in contempt for such a motion.
Jeffrey A. Williams J.D
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@ix.netcom.com
My Phone: 214-244-4827
Two possible if no likely soon to be recognized
problems with this plan. First Verisign, once
owned by Networksolutions will be the signing
authority for the root servers it currently
manages under contract for the USG, and second
NIST's recently released standard for signing
of these certs for DNSSEC are well known to be
weak amongst security professionals like myself.
Jeffrey A. Williams
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@ix.netcom.com
My Phone: 214-244-4827
Again we see how inane the RIAA has become, and how "Often Wrong" their assertions in objection often are. Seems to me that the Federal court system has properly gotten clued on the lack
of good juris prudence the RIAA often seems to practice. I have to wonder when ICANN's vaunted IPC Constituency will be disbanded of which the RIAA is a prominant member. Frankly the RIAA is making the IPC look bad if not preditory.
In the future, we all should be hopful that the DOJ doesn't follow suit especially sense 6 of the new Intelectual Property Divisions were hired away from law firms that represented landmark legal cases for the RIAA, of which several were
badly lost. As such this does not engender to
me a very good win/loss track record, nor demonstrating the best interests of the public
as a whole.
FWIW it would be a very good idea for the
RIAA to rethink it's legal stratagy as it would
for the DOJ's new IP divisions additions, and
for ICANN's IPC to rethink it's membership.
Regards,
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402
E-Mail jwkckid1@ix.netcom.com
My Phone: 214-244-4827
Well here comes the $$ factor... Nearly 50% profit! Gee seems a
bit greedy to me, and that's without the service access fees.
I wonder, does this come with fries, or maybe a few free
book choices at least? >:) Yes we can! >:) Maybe their
pricing guru's were hired from recently laid off Wall Street
traders/execs explains this whopping rip off... Or maybe
the price reflects the Amazon executive bonus program? Whichever
no sale here. I am not that big of a sucker...
Good hacker/crackers that sometimes supply spam bots
will not likely share their code for free. They want
real bucks for that stuff. They know that it will cost
huge sums to eventually circumvent their code or methods
and they also have a pride consideration as well. Black
hat hackers and dedicated spammers can at any time sooner
rather than later, build new code to address stronger
security.
CAPTCHA is too easy to circumvent or route around. Good
strong encryption is the best solution, and requiring
encrypted sign on's as well as passwords that are
changed frequently will serve far better than CAPTCHA
has or ever will. CAPTCHA only thwarts the rookies.
Regards,
Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"YES WE CAN!" Barack ( Berry ) Obama
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@ix.netcom.com
My Phone: 214-244-4827
First of all I personally believe that this case was justly
decided, nor decided strictly on the facts. But obviously
the swedish court disagreed with my personal belief.
I don't see Google being largely effected by this case,
unless ACTA will contain new global copywrite provisions
and is ratified by congress and signed by the president,
that would uphold copywrite violations of any sort however
remote upon any countries peoples or corporations in any
other country by statute, OR Google's service is not
adaquately legally protected as to how it's users
access and download copywritten material. Ergo they
could potentially, but unlikely be partly liable as
aiding and abeting such piracy of copywritten material
by any of it's users and did not take specific precautions
to prevent such occureances on their managed systems
accordingly, even if hacked or hijacked temporarly.
Regards,
Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@ix.netcom.com
My Phone: 214-244-4827
As a CSO myself I see that there is both wisdom and dragons
in this decision by Barack. The wisdom in a nutshell is
that he is not technically bias, which says allot of
innovation and capitalizing on that. The Dragons are
many and varried. He could be snowed into believing in
smoke and mirrors technology that is dangerous to users
of government systems and new proposes systems such
as EMR Electronic medical records for medicare/medicade
and the Vetrans administration, that may not fully protect
members of the public appropriately or fully. Another
dragon is that he will be pulled in several directions
by big players such a Google and Microsoft of which
Google is a known favorite of Vivek Kundra, CIO for
the administration. As we all know Google is not now
nor has it ever been particularly interested in users
privacy or data security of PII data as their TOS'es clearly
indicate numorous court cases have documented, and have
demonstrated, with too early releases of Chrome, ect.,
as a glaring examples and MS has done with Vista.
Regards,
Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@ix.netcom.com
My Phone: 214-244-4827
Several problems with CIPAV that are
not well known. 1.) is that some
spyware dectors can detect and remove
CIPAV immediately upon detecting. 2.)
CIPAV doesn't work well with pooled
or shared IP addresses, 3.) CIPAV doesn't works at all with IPv6, IPv8,
or the Chinese IPv9, and 4.) Any evidance CIPAV collects does not assume that
the IP it is tracking could have been hijacked to begin with and inserting web page addresses, MAC addresses, ect., ect. But of course the FBI will never tell anyone this nor will they easily admit same if challanged.
Regards,
Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"YES WE CAN!" Barack ( Berry ) Obama
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@ix.netcom.com
My Phone: 214-244-4827
First, thank you Richard for highlighting this bug and the overall problems with Google support for Apps., ect. Second, some time ago ( I don't recall exactly when ) one of my engineers that does security pro-active testing of SAAS apps., and many others, found this very problem and reported it to Google accordingly, and got the first response Richard got repeatedly after repeatedly reporting this bug. This seems to be very concerning as some of you may know that Veveck Kundra is very pro Google and will be looking towards Google to help the USG's many interactive Apps. as a solution, as he has done in the past. So when Google takes 3 weeks to finally address an already previously reported bug, and than finnaly addresses it, such becomes very worrysome and not boad well for applying Google based Apps. solutions to USG's needs, even if the price is right.
To me, as a security professional ( CTO ) this concerns me and other security pros like myself rather significantly.
Regards,
Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!) "Obedience of the law is the greatest freedom" -
Abraham Lincoln "YES WE CAN!" Barack ( Berry ) Obama
"Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827
FWIW and in my own opinion only, from my close following
of the RIAA and MPAA's legal history, thanks to Ray
and others, I cannot see how anyone could find any
RIAA lawyer, given their legal tactics and poor success
in court, to be a Nice Guy/Nice guys. Frankly as other
judges have already found, the RIAA's legal abilities,
and most especially the RIAA's tactics to be far less
then ethical, and certainly not friendly. However that
said, the RIAA's clients want a junk yard dog type lawyer
of legal team, but they also need to be very compitant,
which it seems more than clear the RIAA's legal council,
members are not.
Regards,
Jeffrey A. Williams
jwkckid1@ix.netcom.com
My Phone: 214-244-4827
I read the article:
http://slashdot.org/comments.pl?sid=04/06/21/22392 47
and the interview:
http://interviews.slashdot.org/article.pl?sid=04/0 2/02/1415224&tid=106
regarding "More On The Open Sourcing Of Iraq"
with great interest. But was a little disappointed in not seeing anything regarding.IQ ccTLD and internet activity or connectivity
in Iraq as of today. Any info on that Adam?
Regards,
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Be precise in the use of words and expect precision from others" -
Pierre Abelard
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Registered Email addr with the USPS
Contact Number: 214-244-4827
I was very surprised that even a suggestion
of not attacking security holes in software
is even being considered.
Yes we must as software developers seek
to design and write better software without
security holes. But for those vendors that
have known and identified security holes
that take a lack luster attitude towards
fixing them are aiding in injuring the customer
and user base's confidence and creditability
towards ecommerce. That would be a very bad thing.
Regardsp
A number of our members have made me aware that the FCC was most likely in a bit of a pickel here as they must have had a fairly large number of complaints from citizensp as well as special intereset groups as well as other media comepetitors. They had to do something that made a point.
Regards,
Jeffrey A. Williams Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. E-Mail jwkckid1@ix.netcom.com
Registered Email addr with the USPS Contact Number: 214-244-4827
This is certainly NOT a smart idea at all.
It is to easy of an approach for potential
and in my opinion, definate future abuse.
I frequently get spam form AOL email
addresses. SO to blacklist in this manner
would backfire on AOL unless they are unwilling
to block or blacklist their own Domain.
I doubt they will do this...
Slashdot Mirror
Releasing this Webkit hack is a good thing mostly. Sure malicious folks 'Might' use it for their purposes. My question is why hasn't Google provided a patch fix for versions prior to 2.2 and/or are they working on one avaliable for download?
Depending on whose maps as original source documents for Google maps was, that Google at least played a significant part in this international incident. I would kindly suggest that Google do an in depth review of their Google Maps App and in the doing of same, insure that they are using accurate original source data. In the mean time, Google would better serve the world if for a time they took down Google maps so as not to be a cause of potential cause of future incidents such as this one lest someone get injured of killed as a result unnecessarily.
Seems that the 'Pirates' web sites that were earlier DDos attacked by MPAA members web sites were in turn counter attacked. Shades of "sew the wind, reap the whirlwind"? From my perspective this battle is heating up in exactly the wrong direction and may spread beyond what both factions may have expected of desire. The whole tit-for-tat attitude is not going to solve the precieved problems of either... It also seems relatively evident that if the MPAA and it's members websites had taken proper and available security precautions to protect their Intellectual property in the first place the "Pirates" would have been thwarted long ago now...
agreed that this is absolutely ridiciolous. What this article/story doesn't tell you is that often times via certain sorts of malicious cookies and javascripts malicious "Uploads" to your computer/PC as hidden graphic files can and are often sent to you. Livewire is famous for this sort of activity.
As someone that once maintained the NWP-16 ( Nucular publication #16 ) which
amongst other things, documented the detination frequencies and fail
safe codes of all nucular weapons the united states had and has today,
their is a possibility that even with revolving random frequency
transmission via MUX gear a hacker could pre-detinate or emergency
distruct one of more existing warheads not currently deployed. Other
than that the remainder of this report is of very little actual value
or accurately demonstrates any threat from cyberterrorists.
Regards,
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@ix.netcom.com
My Phone: 214-244-4827
Well isn't this just peachy! How utterly ludicrous in the extreme. Next thing you know is that the RIAA as plaintiffs will be asking for a summery judgment without the objection of the defense or the judges further consideration. It's simply not believable that the RIAA or any judge that deserves to be sitting on the benchm Judge Bybee being one that might be an exception for the moment, could possible allow such nonsense. I am surprised that this judge did not hold the RIAA lawyers in contempt for such a motion. Jeffrey A. Williams J.D Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827
Two possible if no likely soon to be recognized problems with this plan. First Verisign, once owned by Networksolutions will be the signing authority for the root servers it currently manages under contract for the USG, and second NIST's recently released standard for signing of these certs for DNSSEC are well known to be weak amongst security professionals like myself. Jeffrey A. Williams CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827
Again we see how inane the RIAA has become, and how "Often Wrong" their assertions in objection often are. Seems to me that the Federal court system has properly gotten clued on the lack of good juris prudence the RIAA often seems to practice. I have to wonder when ICANN's vaunted IPC Constituency will be disbanded of which the RIAA is a prominant member. Frankly the RIAA is making the IPC look bad if not preditory. In the future, we all should be hopful that the DOJ doesn't follow suit especially sense 6 of the new Intelectual Property Divisions were hired away from law firms that represented landmark legal cases for the RIAA, of which several were badly lost. As such this does not engender to me a very good win/loss track record, nor demonstrating the best interests of the public as a whole. FWIW it would be a very good idea for the RIAA to rethink it's legal stratagy as it would for the DOJ's new IP divisions additions, and for ICANN's IPC to rethink it's membership. Regards, CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827
Well here comes the $$ factor... Nearly 50% profit! Gee seems a bit greedy to me, and that's without the service access fees. I wonder, does this come with fries, or maybe a few free book choices at least? >:) Yes we can! >:) Maybe their pricing guru's were hired from recently laid off Wall Street traders/execs explains this whopping rip off... Or maybe the price reflects the Amazon executive bonus program? Whichever no sale here. I am not that big of a sucker...
Good hacker/crackers that sometimes supply spam bots will not likely share their code for free. They want real bucks for that stuff. They know that it will cost huge sums to eventually circumvent their code or methods and they also have a pride consideration as well. Black hat hackers and dedicated spammers can at any time sooner rather than later, build new code to address stronger security. CAPTCHA is too easy to circumvent or route around. Good strong encryption is the best solution, and requiring encrypted sign on's as well as passwords that are changed frequently will serve far better than CAPTCHA has or ever will. CAPTCHA only thwarts the rookies. Regards, Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "YES WE CAN!" Barack ( Berry ) Obama "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827
First of all I personally believe that this case was justly decided, nor decided strictly on the facts. But obviously the swedish court disagreed with my personal belief. I don't see Google being largely effected by this case, unless ACTA will contain new global copywrite provisions and is ratified by congress and signed by the president, that would uphold copywrite violations of any sort however remote upon any countries peoples or corporations in any other country by statute, OR Google's service is not adaquately legally protected as to how it's users access and download copywritten material. Ergo they could potentially, but unlikely be partly liable as aiding and abeting such piracy of copywritten material by any of it's users and did not take specific precautions to prevent such occureances on their managed systems accordingly, even if hacked or hijacked temporarly. Regards, Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827
As a CSO myself I see that there is both wisdom and dragons in this decision by Barack. The wisdom in a nutshell is that he is not technically bias, which says allot of innovation and capitalizing on that. The Dragons are many and varried. He could be snowed into believing in smoke and mirrors technology that is dangerous to users of government systems and new proposes systems such as EMR Electronic medical records for medicare/medicade and the Vetrans administration, that may not fully protect members of the public appropriately or fully. Another dragon is that he will be pulled in several directions by big players such a Google and Microsoft of which Google is a known favorite of Vivek Kundra, CIO for the administration. As we all know Google is not now nor has it ever been particularly interested in users privacy or data security of PII data as their TOS'es clearly indicate numorous court cases have documented, and have demonstrated, with too early releases of Chrome, ect., as a glaring examples and MS has done with Vista. Regards, Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827
Several problems with CIPAV that are not well known. 1.) is that some spyware dectors can detect and remove CIPAV immediately upon detecting. 2.) CIPAV doesn't work well with pooled or shared IP addresses, 3.) CIPAV doesn't works at all with IPv6, IPv8, or the Chinese IPv9, and 4.) Any evidance CIPAV collects does not assume that the IP it is tracking could have been hijacked to begin with and inserting web page addresses, MAC addresses, ect., ect. But of course the FBI will never tell anyone this nor will they easily admit same if challanged. Regards, Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!) "Obedience of the law is the greatest freedom" - Abraham Lincoln "YES WE CAN!" Barack ( Berry ) Obama "Credit should go with the performance of duty and not with what is very often the accident of glory" - Theodore Roosevelt "If the probability be called P; the injury, L; and the burden, B; liability depends upon whether B is less than L multiplied by P: i.e., whether B is less than PL." United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947] Updated 1/26/04 CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of Information Network Eng. INEG. INC. ABA member in good standing member ID 01257402 E-Mail jwkckid1@ix.netcom.com My Phone: 214-244-4827
First, thank you Richard for highlighting this bug
and the overall problems with Google support for
Apps., ect.
Second, some time ago ( I don't recall exactly when )
one of my engineers that does security pro-active
testing of SAAS apps., and many others, found this
very problem and reported it to Google accordingly,
and got the first response Richard got repeatedly
after repeatedly reporting this bug. This seems to
be very concerning as some of you may know that
Veveck Kundra is very pro Google and will be looking
towards Google to help the USG's many interactive Apps.
as a solution, as he has done in the past. So when
Google takes 3 weeks to finally address an already
previously reported bug, and than finnaly addresses
it, such becomes very worrysome and not boad well
for applying Google based Apps. solutions to USG's
needs, even if the price is right.
To me, as a security professional ( CTO ) this
concerns me and other security pros like myself
rather significantly.
Regards,
Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"YES WE CAN!" Barack ( Berry ) Obama
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@ix.netcom.com
My Phone: 214-244-4827
FWIW and in my own opinion only, from my close following of the RIAA and MPAA's legal history, thanks to Ray and others, I cannot see how anyone could find any RIAA lawyer, given their legal tactics and poor success in court, to be a Nice Guy/Nice guys. Frankly as other judges have already found, the RIAA's legal abilities, and most especially the RIAA's tactics to be far less then ethical, and certainly not friendly. However that said, the RIAA's clients want a junk yard dog type lawyer of legal team, but they also need to be very compitant, which it seems more than clear the RIAA's legal council, members are not. Regards, Jeffrey A. Williams jwkckid1@ix.netcom.com My Phone: 214-244-4827
I read the article: http://slashdot.org/comments.pl?sid=04/06/21/22392 47
and the interview:
http://interviews.slashdot.org/article.pl?sid=04/0 2/02/1415224&tid=106
regarding "More On The Open Sourcing Of Iraq"
with great interest. But was a little disappointed in not seeing anything regarding .IQ ccTLD and internet activity or connectivity
in Iraq as of today. Any info on that Adam?
Regards,
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Be precise in the use of words and expect precision from others" -
Pierre Abelard
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Registered Email addr with the USPS
Contact Number: 214-244-4827
I was very surprised that even a suggestion of not attacking security holes in software is even being considered. Yes we must as software developers seek to design and write better software without security holes. But for those vendors that have known and identified security holes that take a lack luster attitude towards fixing them are aiding in injuring the customer and user base's confidence and creditability towards ecommerce. That would be a very bad thing. Regardsp
All,
A number of our members have made me aware
that the FCC was most likely in a bit of a
pickel here as they must have had a fairly
large number of complaints from citizensp
as well as special intereset groups as well
as other media comepetitors. They had to do
something that made a point.
Regards,
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Registered Email addr with the USPS
Contact Number: 214-244-4827
This is certainly NOT a smart idea at all. It is to easy of an approach for potential and in my opinion, definate future abuse. I frequently get spam form AOL email addresses. SO to blacklist in this manner would backfire on AOL unless they are unwilling to block or blacklist their own Domain. I doubt they will do this...