a) The Department of Justice is subject to the same corruption as the rest of the Federal Government. The money points away from enforcing that law.
b) The law is carefully worded such that "fraudulent intent" is required. All the company needs to do is say "sorry, we thought it was ours!" and they're off free. The burden would be on the Government to prove fraudulent intent, and good luck with that.
c) Organizations like GEMA who have warped national laws such that they legally do own all music within their country unless it has been properly opted out (that being nigh impossible by design) would be unaffected.
Time Warner Cable has begun making it impossible to fast forward through ads on some of their On Demand channels now (the box refuses to fast forward at all on such protected content). Fair warning.
Mod parent up. I'm pretty far left, supported Obama when he was elected, but the parent is absolutely speaking truth. The only good solution I can see to getting the insurance companies out of the mix is single payer, and the second anyone sees that they think "OMG SOCIALISM" because that's what they've been taught, even though it works in just about every other first world country.
They're unvested options. Zynga is basically saying stay and don't get the stock, or get fired and don't get the stock (since you lose all unvested stock options upon leaving the company, same as anywhere else). They're "graciously" allowing them to keep their jobs since the options aren't guaranteed to them by their employment contract. They're still dicks, but let's not blame the employees subject to such a demand.
Using mysql_real_escape_string WILL NOT PROTECT YOU from SQL injections.
Yes, it will. SQL injection means that a user input is passed on directly to the database without escaping, so a malicious user can inject (get it?) SQL by ending the string as seen by the DBMS and adding SQL afterward. mysql_real_escape_string et al escape the possible methods of breaking out of SQL user input strings, so you can't affect the outside query.
The function is made for escaping strings incase it contains a character that would break SQL. It's up to you to filter your inputs.
Yes, and this shows you're confusing SQL injection with cross-site scripting, which does require you to filter your inputs (typically by removing HTML from user inputs where it's not necessary and heavily filtering it when it is).
PHP does not inherently promote SQL injections. Stupid design patterns do.
Agreed. That said, I wish PHP would put a little more effort into educating people about best security practices (e.g. in the manual) since a lot of developers get their start on PHP due to its low barrier to entry.
Those aren't true interstitials. When I say interstitials, I don't just mean something that loads over the content, I mean something that loads before the content. These could be programmed such that the actual content would not be transferred to the user without some sort of challenge verifying they had viewed the ad.
If Adblock becomes common, interstitials are going to win. They are the only form of ad that could be coded such that they cannot be blocked (e.g. make the interstitial send a message to the site at the beginning and end of the ad, and/or require the user to enter some content from the ad before the site sends the actual content of the website to the user).
If they win, adding more ads will only make the user not want to use your interface since it means a further delay until the website's content can be viewed.
Twitter should identify accounts that are repeatedly Tweeting the same thing to public hashtags or accounts, then disable them and their previous tweets until a human operator completes a challenge of some kinda (like a ReCAPTCHA).
I've been a "contractor" who was really an employee before (hourly, scheduled work on whatever they wanted). Based on Revenue Canada's guidelines I was an employee though, so I filed as such and they eventually agreed even though it meant I would be paying significantly less taxes. Not sure if they ever went after my previous employer for the unemployment / Canada Pension Plan contribution or not, but we still have a decent relationship.
FFS, if you're depending on phpMyAdmin for your database security, you're doing it wrong. If phpMyAdmin, out of the box, can access your MySQL server, it means you haven't given a password to the root user on MySQL. Which means anyone that can connect to your MySQL server at all has full access.
Unless setup in a very specific way, all phpMyAdmin does is pass along your authentication information to MySQL.
Even if it ships without a password out of the box (and I think it does), that shouldn't allow free access to the database, unless their database accepted a connection, from the root user, with no password. Someone there doesn't know how to setup MySQL.
Really, I just hate the term "The Cloud" in the first place. It's so vague as to be unusable. Virtualized servers? OK, I get that, and it's specific about what it means. But "on the cloud" tends to just mean "on the internet somehow". Maybe it's on a physical box, maybe it's virtualized, maybe it's run by your company (but probably not), maybe it's managed by a third party. It means I have to ask additional questions, meaning the term is a waste of time.
Slashdot Mirror
I don't bash Microsoft much but I was surprised by their heavy support of Apache. Good on them, especially considering IIS.
a) The Department of Justice is subject to the same corruption as the rest of the Federal Government. The money points away from enforcing that law.
b) The law is carefully worded such that "fraudulent intent" is required. All the company needs to do is say "sorry, we thought it was ours!" and they're off free. The burden would be on the Government to prove fraudulent intent, and good luck with that.
c) Organizations like GEMA who have warped national laws such that they legally do own all music within their country unless it has been properly opted out (that being nigh impossible by design) would be unaffected.
Time Warner Cable has begun making it impossible to fast forward through ads on some of their On Demand channels now (the box refuses to fast forward at all on such protected content). Fair warning.
Said Facebook data will be fed into their publicly available Facebook database, to be released in a week.
Those Russian guys are about to get hired.
Mod parent up. I'm pretty far left, supported Obama when he was elected, but the parent is absolutely speaking truth. The only good solution I can see to getting the insurance companies out of the mix is single payer, and the second anyone sees that they think "OMG SOCIALISM" because that's what they've been taught, even though it works in just about every other first world country.
Who would be dumb enough to give up the stock?
They're unvested options. Zynga is basically saying stay and don't get the stock, or get fired and don't get the stock (since you lose all unvested stock options upon leaving the company, same as anywhere else). They're "graciously" allowing them to keep their jobs since the options aren't guaranteed to them by their employment contract. They're still dicks, but let's not blame the employees subject to such a demand.
Also apparently I stuttered when typing cross-site scripting. Sorry about that.
Where do I begin?
Using mysql_real_escape_string WILL NOT PROTECT YOU from SQL injections.
Yes, it will. SQL injection means that a user input is passed on directly to the database without escaping, so a malicious user can inject (get it?) SQL by ending the string as seen by the DBMS and adding SQL afterward. mysql_real_escape_string et al escape the possible methods of breaking out of SQL user input strings, so you can't affect the outside query.
The function is made for escaping strings incase it contains a character that would break SQL. It's up to you to filter your inputs.
Yes, and this shows you're confusing SQL injection with cross-site scripting, which does require you to filter your inputs (typically by removing HTML from user inputs where it's not necessary and heavily filtering it when it is).
PHP does not inherently promote SQL injections. Stupid design patterns do.
Agreed. That said, I wish PHP would put a little more effort into educating people about best security practices (e.g. in the manual) since a lot of developers get their start on PHP due to its low barrier to entry.
Those aren't true interstitials. When I say interstitials, I don't just mean something that loads over the content, I mean something that loads before the content. These could be programmed such that the actual content would not be transferred to the user without some sort of challenge verifying they had viewed the ad.
If Adblock becomes common, interstitials are going to win. They are the only form of ad that could be coded such that they cannot be blocked (e.g. make the interstitial send a message to the site at the beginning and end of the ad, and/or require the user to enter some content from the ad before the site sends the actual content of the website to the user).
If they win, adding more ads will only make the user not want to use your interface since it means a further delay until the website's content can be viewed.
Twitter should identify accounts that are repeatedly Tweeting the same thing to public hashtags or accounts, then disable them and their previous tweets until a human operator completes a challenge of some kinda (like a ReCAPTCHA).
I'm kinda surprised they're not doing this now.
I've been a "contractor" who was really an employee before (hourly, scheduled work on whatever they wanted). Based on Revenue Canada's guidelines I was an employee though, so I filed as such and they eventually agreed even though it meant I would be paying significantly less taxes. Not sure if they ever went after my previous employer for the unemployment / Canada Pension Plan contribution or not, but we still have a decent relationship.
I'm not in game development and I already want to preorder it.
Bonus points if the command is an inscrutable acronym that refers to itself.
And you wouldn't get paid, so I guess it would be about even.
I know at least one freelancing website that also allows employers to require a feed of the contractor's webcam.
Echoing this sentiment. Every package management system I've used to setup MySQL asked to set a root password.
FFS, if you're depending on phpMyAdmin for your database security, you're doing it wrong. If phpMyAdmin, out of the box, can access your MySQL server, it means you haven't given a password to the root user on MySQL. Which means anyone that can connect to your MySQL server at all has full access.
Unless setup in a very specific way, all phpMyAdmin does is pass along your authentication information to MySQL.
Even if it ships without a password out of the box (and I think it does), that shouldn't allow free access to the database, unless their database accepted a connection, from the root user, with no password. Someone there doesn't know how to setup MySQL.
Looking good so far. It'll be interesting to see what kind of posts actual sponsors make when we get there.
Really, I just hate the term "The Cloud" in the first place. It's so vague as to be unusable. Virtualized servers? OK, I get that, and it's specific about what it means. But "on the cloud" tends to just mean "on the internet somehow". Maybe it's on a physical box, maybe it's virtualized, maybe it's run by your company (but probably not), maybe it's managed by a third party. It means I have to ask additional questions, meaning the term is a waste of time.
...that the first outing of the sponsored Ask Slashdot is a Geeknet company.
In any case, as usual, it depends on the kind of data. I believe medical data has be encrypted though, no?
By itself probably a lot, but remember it's mostly text. They'll be able to compress the hell out of it.
That's awesome. They should open source that component.