For various reasons, I've built custom CMSes. What I've committed to doing is limiting the accepted inputs. If something only needs an ID, then the inputs should be scrubbed down to only accept integers. If something only needs a name, scrub the inputs down to a regular expression covering letters, spaces and integers.
Where people get in trouble is not scrubbing their input aggressively.
Scrubbing your input is the wrong approach. The fix for SQL-injection is really simple: use parametrized queries. If you always, always do that, you can accept any input, and it will never accidentally be interpreted as a query. Explicitly scrubbing your input makes it possible, and therefore likely, to forget something. Parametrized queries is the only way to go. Accept no exceptions.
Unfortunately my bank seems to use input scrubbing for passwords, and that frightens me. It gives me the impression that they're incompetent about web security. And they probably are.
I believe that would be an ex post facto law, which is expressly forbidden by the US Constitution. Whether information published after (and if) the law is passed would be protected by the 1st amendment is another issue.
The Republican Party, and many Democrats don't believe that the Constitution applies to non-Citizens.
Doesn't that make all foreigners technically outlaws? This concept makes me extremely uncomfortable, and it feels like it belongs in a highly fascist society.
Of course some people argue that that is exactly what the US is, but I'd expect that only a small minority would actually want their country to go that far.
Lets take a look at the way things are playing out. Starting in Tunisia, we have mass protests that eventually lead to the ouster of Tunisia's ruling elite. These protests started on December 17, 2010. Wikileaks had been releasing cables relating to Tunisia starting on November 30, 2010, more then two weeks before Mohamed Bouazizi self-immolated. Next is Egypt. Demonstrations there started on January 25, 2011. Wikileaks started releasing cables from Cairo on December 13, 2010. Next, Jordan. Protests started there in late-January. Wikileaks began releasing cables regarding Jordan as early as November 30, 2010. It goes on and on...
The fact of the matter is the events taking place there have all been preceded by cable releases that directly apply to those countries. I am surprised Brazil hasn't followed suit--plenty of cables to get people riled up in Brazil.
Brazil is a democracy. People don't need mass protests to overthrow their government. What surprises my is that the US hasn't followed suit.
Yeah, no kidding! It was all of our troops on foreign soil that caused 9/11.
Those Al Qaeda blokes were really chuffed about our lads in Germany and South Korea.
Are you really that dense, or is there a joke in here that I don't get?
Al Qaeda doesn't care about US troops in Germany or South Korea, but they were pretty angry about US troops in Saudi Arabia. You know, that country where muslim holy places like Mecca and Medina are located. To them, that's more offensive than if the US allowed a bunch of Soviet troops to be stationed near Arlington during the height of the Cold War (I'm not sure how offensive that really is; it's hard to come up with a good comparison). Al Qaeda was pretty clear that that was the main thing they were upset about, and one of the primary reasons for the 9/11 attack.
True, but it may also suffer depending on quality.
A movie still may do well, but this rating is a significant cost.
Maybe so, but as I understand it, this rating is also a requirement.
Shoehorning something scary and unsettling into a happy Disney story does not guarantee that ticket sales will actually increase. They're different markets. It's important to be aware of what market you're making your product for. And the fact that another market may be more profitable, does not automatically invalidate your market.
As the user/owner of a non-self aware device, it should obey me, even if my intention is to use it to destroy itself, or others.
The problem is that this is the situation we already have. Our machines obey us,
No they don't. My phone doesn't obey me, it obeys its manufacturer (Motorola). And that sucks, because Motorola doesn't care about it. And because it doesn't obey me, I can't get it to update to a somewhat recent version of Android.
And of course "protect itself" translates to "obey its manufacturer". So it's never really going to be the user's device. I think Asimov had good reason to put his laws in that particular order.
The most important thing is: if the same question and answer appear identically on several sites, show the original site, and not some sleazy paywalled content farm.
It's been my impression that partnerships with Microsoft often don't turn out very well for the other party. I don't doubt this is a great deal for Microsoft, but I'm not so sure about Nokia.
As I understand it, WikiLeaks' submission system used to be full of holes. Some guy ("the architect") took it upon himself to fix it. Then Assange went on an ego-trip and Domscheit-Berg left, and the architect joined him and founded OpenLeaks with him. And yes, took his code with him.
Maybe Assange should have realised a bit earlier that he doesn't run WikiLeaks on his own. WikiLeaks depends on a lot of people, and if he kicks them out, the organisation crumbles.
By the way, WikiLeaks is also suing Domscheit-Berg over a number of documents that Domscheit-Berg has been trying to give to Assange for quite some time now, but Assange keeps ignoring him. At least, that's what my newspaper said about it.
I've been cutting my own hair for years now. After a little practice (like the first time, basically - the stakes are pretty high), you get decent at it. And my wife touches up the back of my head. It's quick, cheap, and easy. The secretary at my last job was a hairdresser and was impressed with the job I did, so it can't be too bad looking.
I started cutting my own hair when I was a poor student with long hair. That's an easy way to start. It gets easier when you use a big setup with 2 big mirrors opposite each other at a slight angle. Eventually I got good enough at it to cut my hair really short in the back and in a wide variety of styles that suit my hair (unlike proffessional hairdressers who seems to ignore what kind of hair I hair or what kind of style I like; I've never been satisfied there). Sometimes I asked someone else (a roommate, my wife) to check the back, especially when I'd done it quickly without double and triple checking everything, but often they're surprised that there's nothing for them to correct, so I guess even the back is okay. Even when I cut it really short by hand.
It's €15 to €30 where I live. For voice, text + data. Anything beyond that is too expensive for anything other than business use. (I had a PCMCIA card with €70/month for 1 GB data from work a long time ago. Useful, but too expensive for personal use.)
I spend €5 per month for my dumb phone, and €30 a month for unlimited data on my Android 'phone' (it's more like a pocket computer). Though my country isn't as big as the US. I guess that matters.
There is no middle ground (from my perspective). You either go “dumb phone” or all out.
I agree. For a long time, I just didn't see the point of smartphones. The screen was too tiny, the input impractical, and you're messing around with that stylus. Besides, there wasn't all that much you could actually do with it. There was equally little point to UMTS too.
And then the iPhone came. Big screen, capacitive multitouch, tons of useful apps, websites designed for mobile usage, affordable data plans. Every high-end smartphone has that now, and it's practical. For me at least. I like having the internet in my pocket, Google Maps with me everywhere, look up useful information on the go, and always something to read, even if I forgot to bring a book.
As for making calls, I still have my old "dump" plastic nokia. Still works. Apparently it runs Java, but I've never been able to figure out if I can do anything with that. But it makes calls and it's cheap.
We have given Mubarak and his jackbooted murderers 60 billion dollars over 30 years. We are one of the main reasons he's stayed in power. Helping to throw him out would have finally signaled that the United States gave a damn about democracy in the middle east
But the US doesn't give a damn about democracy in the middle east. The US cares only about stability in the middle east. And they'll happily support reliable dictators to get it. Any change can be risky.
Knowing Internet could have been restored when it was needed and was not is rather sad. An act of war against a falling dictator is quite a bit less risky. The saddest part of this whole event is not fully supporting 82 million people at the brink of ending their dictatorship and achieving democracy, out of fear of the possibility they won't elect your friends. After 30 years of supporting their dictator, it wouldn't be surprising. I'd think that if the US authorities and media has thrown full support and started egging people on to get real democracy and freedom, there was a good chance they would elect a government for peace and stability, and in the process US-friendly.
Whether it's going to be US-friendly is entirely speculation. And with the fragile situation, the US still committed to support Israel no matter what, and Egypt a major ally of Israel despite most Egyptians hating Israel, I guess the US didn't want to make that gamble. Ideologically, of course the US should support the uprising, but ideology doesn't score much points in US politics anymore.
Dropping an ally like that looks bad, domestically at least as much as abroad, and supporting the wrong side is risky. So the US is careful to be just a bit too much behind in their reactions, so they'll be safely presented with a fait accompli once it's all over. Then the administration can claim they didn't have any time to react, and they can just deal with the new situation as-is, whatever it's going to be.
According to the accounts I've read, the second one was rather desperate to hook up with him, though. She's also the only one who claims to have been raped.
Slashdot Mirror
For various reasons, I've built custom CMSes. What I've committed to doing is limiting the accepted inputs. If something only needs an ID, then the inputs should be scrubbed down to only accept integers. If something only needs a name, scrub the inputs down to a regular expression covering letters, spaces and integers.
Where people get in trouble is not scrubbing their input aggressively.
Scrubbing your input is the wrong approach. The fix for SQL-injection is really simple: use parametrized queries. If you always, always do that, you can accept any input, and it will never accidentally be interpreted as a query. Explicitly scrubbing your input makes it possible, and therefore likely, to forget something. Parametrized queries is the only way to go. Accept no exceptions.
Unfortunately my bank seems to use input scrubbing for passwords, and that frightens me. It gives me the impression that they're incompetent about web security. And they probably are.
So first we make this law, and then we lock up all politicians. I'm okay with that.
I believe that would be an ex post facto law, which is expressly forbidden by the US Constitution. Whether information published after (and if) the law is passed would be protected by the 1st amendment is another issue.
The Republican Party, and many Democrats don't believe that the Constitution applies to non-Citizens.
Doesn't that make all foreigners technically outlaws? This concept makes me extremely uncomfortable, and it feels like it belongs in a highly fascist society.
Of course some people argue that that is exactly what the US is, but I'd expect that only a small minority would actually want their country to go that far.
Lets take a look at the way things are playing out. Starting in Tunisia, we have mass protests that eventually lead to the ouster of Tunisia's ruling elite. These protests started on December 17, 2010. Wikileaks had been releasing cables relating to Tunisia starting on November 30, 2010, more then two weeks before Mohamed Bouazizi self-immolated. Next is Egypt. Demonstrations there started on January 25, 2011. Wikileaks started releasing cables from Cairo on December 13, 2010. Next, Jordan. Protests started there in late-January. Wikileaks began releasing cables regarding Jordan as early as November 30, 2010. It goes on and on...
The fact of the matter is the events taking place there have all been preceded by cable releases that directly apply to those countries. I am surprised Brazil hasn't followed suit--plenty of cables to get people riled up in Brazil.
Brazil is a democracy. People don't need mass protests to overthrow their government. What surprises my is that the US hasn't followed suit.
Yeah, no kidding! It was all of our troops on foreign soil that caused 9/11.
Those Al Qaeda blokes were really chuffed about our lads in Germany and South Korea.
Are you really that dense, or is there a joke in here that I don't get?
Al Qaeda doesn't care about US troops in Germany or South Korea, but they were pretty angry about US troops in Saudi Arabia. You know, that country where muslim holy places like Mecca and Medina are located. To them, that's more offensive than if the US allowed a bunch of Soviet troops to be stationed near Arlington during the height of the Cold War (I'm not sure how offensive that really is; it's hard to come up with a good comparison). Al Qaeda was pretty clear that that was the main thing they were upset about, and one of the primary reasons for the 9/11 attack.
Movies do actually suffer depending on rating.
True, but it may also suffer depending on quality.
A movie still may do well, but this rating is a significant cost.
Maybe so, but as I understand it, this rating is also a requirement.
Shoehorning something scary and unsettling into a happy Disney story does not guarantee that ticket sales will actually increase. They're different markets. It's important to be aware of what market you're making your product for. And the fact that another market may be more profitable, does not automatically invalidate your market.
The story itself was too predictable. An hour or two into the game and you could see where it was going; too many clichés.
For a 2.5 hour movie, that's not such a big problem.
Exactly. That's what Motorola phones do. You can't upgrade their OS. Only Motorola can.
Except when you own a Motorola device, obviously. Then the fixed code is no good to you unless Motorola blesses it. Which they won't.
As the user/owner of a non-self aware device, it should obey me, even if my intention is to use it to destroy itself, or others.
The problem is that this is the situation we already have. Our machines obey us,
No they don't. My phone doesn't obey me, it obeys its manufacturer (Motorola). And that sucks, because Motorola doesn't care about it. And because it doesn't obey me, I can't get it to update to a somewhat recent version of Android.
And of course "protect itself" translates to "obey its manufacturer". So it's never really going to be the user's device. I think Asimov had good reason to put his laws in that particular order.
The most important thing is: if the same question and answer appear identically on several sites, show the original site, and not some sleazy paywalled content farm.
Most people use Stackoverflow for that.
It's been my impression that partnerships with Microsoft often don't turn out very well for the other party. I don't doubt this is a great deal for Microsoft, but I'm not so sure about Nokia.
In case I forget to recharge the more powerhungry one. Despite the plastic Nokia having a much older battery, it still lasts way longer on it.
Besides, my Milestone is currently on T-mobile which has a sucky network here. My Nokia uses KPN which has the best network in the country.
As I understand it, WikiLeaks' submission system used to be full of holes. Some guy ("the architect") took it upon himself to fix it. Then Assange went on an ego-trip and Domscheit-Berg left, and the architect joined him and founded OpenLeaks with him. And yes, took his code with him.
Maybe Assange should have realised a bit earlier that he doesn't run WikiLeaks on his own. WikiLeaks depends on a lot of people, and if he kicks them out, the organisation crumbles.
By the way, WikiLeaks is also suing Domscheit-Berg over a number of documents that Domscheit-Berg has been trying to give to Assange for quite some time now, but Assange keeps ignoring him. At least, that's what my newspaper said about it.
I've been cutting my own hair for years now. After a little practice (like the first time, basically - the stakes are pretty high), you get decent at it. And my wife touches up the back of my head. It's quick, cheap, and easy. The secretary at my last job was a hairdresser and was impressed with the job I did, so it can't be too bad looking.
I started cutting my own hair when I was a poor student with long hair. That's an easy way to start. It gets easier when you use a big setup with 2 big mirrors opposite each other at a slight angle. Eventually I got good enough at it to cut my hair really short in the back and in a wide variety of styles that suit my hair (unlike proffessional hairdressers who seems to ignore what kind of hair I hair or what kind of style I like; I've never been satisfied there). Sometimes I asked someone else (a roommate, my wife) to check the back, especially when I'd done it quickly without double and triple checking everything, but often they're surprised that there's nothing for them to correct, so I guess even the back is okay. Even when I cut it really short by hand.
Big mirrors and lots of light help a lot.
It's €15 to €30 where I live. For voice, text + data. Anything beyond that is too expensive for anything other than business use. (I had a PCMCIA card with €70/month for 1 GB data from work a long time ago. Useful, but too expensive for personal use.)
I spend €5 per month for my dumb phone, and €30 a month for unlimited data on my Android 'phone' (it's more like a pocket computer). Though my country isn't as big as the US. I guess that matters.
There is no middle ground (from my perspective). You either go “dumb phone” or all out.
I agree. For a long time, I just didn't see the point of smartphones. The screen was too tiny, the input impractical, and you're messing around with that stylus. Besides, there wasn't all that much you could actually do with it. There was equally little point to UMTS too.
And then the iPhone came. Big screen, capacitive multitouch, tons of useful apps, websites designed for mobile usage, affordable data plans. Every high-end smartphone has that now, and it's practical. For me at least. I like having the internet in my pocket, Google Maps with me everywhere, look up useful information on the go, and always something to read, even if I forgot to bring a book.
As for making calls, I still have my old "dump" plastic nokia. Still works. Apparently it runs Java, but I've never been able to figure out if I can do anything with that. But it makes calls and it's cheap.
To some, a wife is good enough.
I cut my son's hair too, by the way. It takes a bit getting used to, as his hair is different from mine. But a bit of practice goes a long way.
I hate to say it but it was your own fault. no man should get his hair done and want of them boutique shops, it just ain't right.
I just cut my own hair. No need to waste any time and money to have someone else mess it up.
We have given Mubarak and his jackbooted murderers 60 billion dollars over 30 years. We are one of the main reasons he's stayed in power. Helping to throw him out would have finally signaled that the United States gave a damn about democracy in the middle east
But the US doesn't give a damn about democracy in the middle east. The US cares only about stability in the middle east. And they'll happily support reliable dictators to get it. Any change can be risky.
Knowing Internet could have been restored when it was needed and was not is rather sad. An act of war against a falling dictator is quite a bit less risky. The saddest part of this whole event is not fully supporting 82 million people at the brink of ending their dictatorship and achieving democracy, out of fear of the possibility they won't elect your friends. After 30 years of supporting their dictator, it wouldn't be surprising. I'd think that if the US authorities and media has thrown full support and started egging people on to get real democracy and freedom, there was a good chance they would elect a government for peace and stability, and in the process US-friendly .
Whether it's going to be US-friendly is entirely speculation. And with the fragile situation, the US still committed to support Israel no matter what, and Egypt a major ally of Israel despite most Egyptians hating Israel, I guess the US didn't want to make that gamble. Ideologically, of course the US should support the uprising, but ideology doesn't score much points in US politics anymore.
Dropping an ally like that looks bad, domestically at least as much as abroad, and supporting the wrong side is risky. So the US is careful to be just a bit too much behind in their reactions, so they'll be safely presented with a fait accompli once it's all over. Then the administration can claim they didn't have any time to react, and they can just deal with the new situation as-is, whatever it's going to be.
According to the accounts I've read, the second one was rather desperate to hook up with him, though. She's also the only one who claims to have been raped.