This just goes to show you that the more widespread and popular something is, the more likely it's going to get hacked (whether by the owner, or an outside party) to do something for which it was not originally intended. Mac owners who feel secure because they have Macs should take note of the fact that Apple's platforms do in fact contain exploitable flaws.
Prove it. Seriously, show me the sensitive information they are collecting through their update service. We already know gmail reads your mail - they've admitted as much.
People like you need to back up your statements with fact, or gtfo.
If you know any (humans) with epilepsy, suggest they look into getting a seizure dog. What?! Yep! Trained dogs that follow you around, and tell you that you're about to have a seizure. Scientists think they can cue in on changes in body odor caused by chemical changes. They are remarkably accurate, many kids with epilepsy can lead fairly normal lives with seizure dogs, even go swimming and ride bicycles. Their furry little pals just start barking a few minutes before the seizure is going to occur, they get somewhere safe and notify friends or family.
http://en.wikipedia.org/wiki/Seizure_response_dog
As someone who was a victim of seizures (idopathic partial seizures) as a child, I can say with all certainty that while some people don't know they're about to have one, some of us do. The sensation for me was something very much like a high pitch whine in my ears, accompanied by numbness, usually a sign that i had less than 2 minutes. This is probably a product of which parts of the brain are affected.
Fortunately for me, I grew out of it in my late teens. Some of the drugs they give you are almost as bad as having the seizure - I was on a drug called Tegretol, which is in the same family as tricyclic antidepressants. I could have them asleep or awake, but for some reason they were almost always better when I was awake. When having them asleep I'd usually wake up the following day with migraines far worse than any hangover I've ever had.
The things listed by the parent is, as far as I can tell, good advice. The only thing I'd add is that you give these people you understanding. The experience itself is panic mixed with embarrassment, and not one you ever really get used to. It's good to see that people are making advances in treating this often misunderstood illness.
While it's a neat app, they didn't really revolutionize anything. They just gave you a lot more space than you need and an AJAX interface. The only thing they revolutionized is how they collect data from your emails to better target you with ads.
Microsoft: We're going to actively persue hackers who mod the XBox 360 to play game backups
Slashdot Reaction: They are hellspawn demons from the 5th level of hell. Microsoft should be punished.
Apple: We're going to actively persue hackers who unlock iPhones
Slashdot Reaction: Steve would never do this to us! He's saying it because he has to!...
Wake... up. Steve is not your friend. He's not someone who has your best interests at heart. He's not a philanthropic man with a vision of peace and harmony. He's in business to make money, and this is a profit driven statement. I'm not against you guys loving Apple and their products, but really. You don't get much more blatant than Jobs was in this article. Business is not about the short term - selling an iPhone is great for them. Yes, they got paid, but how long do you think they'll have their carrier agreement if Apple does not try to make it hard, if not impossible, for people to flee to other carriers?
You rock, not only did you get your facts wrong, but you then linked to an article proving yourself wrong.
1) It's "Stac" not "Stak"
2) It was not a question of piracy. RTFA.
No. Every year is "the year of Linux", and every year the people who say it are wrong. Video drivers are only a small part of a larger problem. Porting a few games is not the end solution. First, we need better hardware support. This means I shouldn't have to take special care to order specific kinds of equipment to run Linux. Second, you need commercial software vendor support. While this has improved, it's not nearly to the point it needs to be to make the average user happy - there is always some piece of software considered essential to the average user which Linux is either missing, or hasn't been done very well.
At the rate we're going, it'll be another 10 or 20 years before Linux starts to make any real impact in the home market.
So, no, we haven't been pushed out of the web market by other lauguages. Thanks for asking. =)
By "being pushed", I meant this was still in the process of happening, and from what I've seen it's not without some evidence. Please don't take this as a flame, or as me putting Perl down. I think it's a great language and is not in danger of dying any time soon. I'm just not so sure about Perl on the web.
The charts here, if they are to be believed, suggest that there may be a downward/stunting trend in Perl's popularity. When you take in to account something like PHP is almost always associated with web development, and Perl is only asometimes associated with that, then the numbers may have a much wider gap than anticipated when talking about web related language popularity. Also, ruby is showing a healthy upward trend. For the moment, most people think rails when they hear ruby. My guess would be that it's upward trend will continue (a 1% gain over a year isn't too shabby). My comment was not meant to be malicious, it's just what I see when I talk to people, and when I examine job offerings. I see tons more offers for PHP, Java and VB, than anything else.
If you have any other statistical sources, that are contradictory, or have a better testing method, I'd like to see them.
I find it especially entertaining that people have tagged this article with 'useamac' since macs are *also* vulnerable to this because it's a flaw in Java, not the operating system.
I think this confirms what some suspected - scuttlemonkey doesn't read the articles he approves. If he had, even he would be asking himself how legit this is.
You may support that sort of discrimination, I can't. These forums need to be accessible to as wide a variety of legitimate users as possible. Regardless of how good their spelling and grammar is.
That doesn't work either. You don't have enough permutations to make it particularly challenging for a machine to solve. Someone will brute force that with ease.
Your best bet for forum spam would probably be a bayes filter - much the way you'd deal with email. if it's small scale and non-commercial, you could use akismet. This is generally not a viable solution if you're running a high traffic commercial forum (we looked in to it, it was going to cost us between $15 - $20k per month). In the end, it was more viable to develop our own solutions in house. This won't stop them from making bogus accounts, but it can help to cut down on the amount of garbage that litters your forum.
"All of these seem like they'd only work against random spammers [..]"
That is correct. It's only meant to slow them down, not to eliminate or make it impossible. It's an amazingly difficult problem. At most you really can only hope to make the path rocky enough to buy yourself time, and possibly collect a few IPs.
One of the things I get tasked with at work is handling forum and service spam. Of all the methods I've used to deter spammers, captchas rank among the least effective. A lot of people seem to think the answer is in changing the nature of what the user has to interpret. I've had suggestions ranging from audio captchas to math problems, and dozens of others that lead to the same kinds of problems - you're making it hard, or in some cases, impossible for legitimate users to use your service. Language barriers rank among the biggest problem. Say you have a picture of an apple, and the user is supposed to type 'apple'. It falls short when you realize the person viewing it may not speak english at all, or may have no idea how to spell 'apple' in english. Same with audio captchas.
The most effective (surprisingly) were form fields hidden with CSS so the users don't enter data in to them, but bots will. You can reject the entire post at that point. It's not universally effective (some bots will actually look at your CSS to determine if you're doing this) but it sure cuts down on a lot of bogus posts. Another method is to generate a form key of some kind, and use that to verify that the form is only good once. this slows spammers down because in order to post again and again, they have to reload the page in order to get a new key. many don't do this, and will attempt to use the same key over and over. if you use a few of these methods, and track repeat offenders, you can add them to your firewall rules so they can't even load the page. Of course, most serious spammers will use hundreds of IPs, so it's difficult to get them all.
It's important to realize that this is a fight you simply can't win - if they're serious about getting through, they'll get through. The most you can hope to achieve is to slow them down long enough to come up with an improved solution.
[...]an unknown kernel version, distro filesystem, and GCC version[...]
While this is a valid point (within the context of the post), it's definitely not anything beautiful. It's the source of many headaches, especially where you have to compile your own drivers not included with the distro - like I have to do with my laptop every time I update the kernel.
Strange, I don't seem to have a problem writing in it, or maintaining it. While I'd agree that there is some really bad php out there, the same could be said of Perl. I also agree that PHP lacks some language features that it could use.
Honestly, if I were to reach for another language to get something done, I'd go for Python or Ruby before I even considered Perl as an option. Both are far more elegant choices.
...And then Apple lost because it was the worst business decision Jobs ever made. Not only did he lose, but he went on to throw out the entire Apple II line, going so far as to promote conflict between the Mac and Apple II development teams. Fantastic idea Steve - shit on the very developers who got Apple that far.
Steve Jobs, paradoxically is both the best and the worst thing to happen to Apple.
Slashdot Mirror
This just goes to show you that the more widespread and popular something is, the more likely it's going to get hacked (whether by the owner, or an outside party) to do something for which it was not originally intended. Mac owners who feel secure because they have Macs should take note of the fact that Apple's platforms do in fact contain exploitable flaws.
Patented != Implemented. Perhaps you can provide us with more details than just your speculation.
Prove it. Seriously, show me the sensitive information they are collecting through their update service. We already know gmail reads your mail - they've admitted as much.
People like you need to back up your statements with fact, or gtfo.
As someone who was a victim of seizures (idopathic partial seizures) as a child, I can say with all certainty that while some people don't know they're about to have one, some of us do. The sensation for me was something very much like a high pitch whine in my ears, accompanied by numbness, usually a sign that i had less than 2 minutes. This is probably a product of which parts of the brain are affected.
Fortunately for me, I grew out of it in my late teens. Some of the drugs they give you are almost as bad as having the seizure - I was on a drug called Tegretol, which is in the same family as tricyclic antidepressants. I could have them asleep or awake, but for some reason they were almost always better when I was awake. When having them asleep I'd usually wake up the following day with migraines far worse than any hangover I've ever had.
The things listed by the parent is, as far as I can tell, good advice. The only thing I'd add is that you give these people you understanding. The experience itself is panic mixed with embarrassment, and not one you ever really get used to. It's good to see that people are making advances in treating this often misunderstood illness.
While it's a neat app, they didn't really revolutionize anything. They just gave you a lot more space than you need and an AJAX interface. The only thing they revolutionized is how they collect data from your emails to better target you with ads.
Microsoft: We're going to actively persue hackers who mod the XBox 360 to play game backups Slashdot Reaction: They are hellspawn demons from the 5th level of hell. Microsoft should be punished. Apple: We're going to actively persue hackers who unlock iPhones Slashdot Reaction: Steve would never do this to us! He's saying it because he has to! ...
Wake ... up. Steve is not your friend. He's not someone who has your best interests at heart. He's not a philanthropic man with a vision of peace and harmony. He's in business to make money, and this is a profit driven statement. I'm not against you guys loving Apple and their products, but really. You don't get much more blatant than Jobs was in this article. Business is not about the short term - selling an iPhone is great for them. Yes, they got paid, but how long do you think they'll have their carrier agreement if Apple does not try to make it hard, if not impossible, for people to flee to other carriers?
Yes, everyone is out to get you. Please retreat to your home, pull the covers over your head, and read silently with a flashlight.
You rock, not only did you get your facts wrong, but you then linked to an article proving yourself wrong. 1) It's "Stac" not "Stak" 2) It was not a question of piracy. RTFA.
That's just the red screen of death you're seeing. Please reboot yourself.
Is the year of Linux really upon us?
No. Every year is "the year of Linux", and every year the people who say it are wrong. Video drivers are only a small part of a larger problem. Porting a few games is not the end solution. First, we need better hardware support. This means I shouldn't have to take special care to order specific kinds of equipment to run Linux. Second, you need commercial software vendor support. While this has improved, it's not nearly to the point it needs to be to make the average user happy - there is always some piece of software considered essential to the average user which Linux is either missing, or hasn't been done very well.
At the rate we're going, it'll be another 10 or 20 years before Linux starts to make any real impact in the home market.
So, no, we haven't been pushed out of the web market by other lauguages. Thanks for asking. =)
By "being pushed", I meant this was still in the process of happening, and from what I've seen it's not without some evidence. Please don't take this as a flame, or as me putting Perl down. I think it's a great language and is not in danger of dying any time soon. I'm just not so sure about Perl on the web.
The charts here, if they are to be believed, suggest that there may be a downward/stunting trend in Perl's popularity. When you take in to account something like PHP is almost always associated with web development, and Perl is only asometimes associated with that, then the numbers may have a much wider gap than anticipated when talking about web related language popularity. Also, ruby is showing a healthy upward trend. For the moment, most people think rails when they hear ruby. My guess would be that it's upward trend will continue (a 1% gain over a year isn't too shabby). My comment was not meant to be malicious, it's just what I see when I talk to people, and when I examine job offerings. I see tons more offers for PHP, Java and VB, than anything else.
If you have any other statistical sources, that are contradictory, or have a better testing method, I'd like to see them.
OK, I'll bite, even though this is an obvious trolling. Which MVC framework for perl would you suggest?
It's rough being pushed out of the web market by other langauges, but try not to take it too hard. There are plenty of other good uses for perl.
I take it you've never gone through the changelog for Ruby on Rails either. They have their share of security flaws.
I find it especially entertaining that people have tagged this article with 'useamac' since macs are *also* vulnerable to this because it's a flaw in Java, not the operating system.
I think this confirms what some suspected - scuttlemonkey doesn't read the articles he approves. If he had, even he would be asking himself how legit this is.
You may support that sort of discrimination, I can't. These forums need to be accessible to as wide a variety of legitimate users as possible. Regardless of how good their spelling and grammar is.
That doesn't work either. You don't have enough permutations to make it particularly challenging for a machine to solve. Someone will brute force that with ease.
Your best bet for forum spam would probably be a bayes filter - much the way you'd deal with email. if it's small scale and non-commercial, you could use akismet. This is generally not a viable solution if you're running a high traffic commercial forum (we looked in to it, it was going to cost us between $15 - $20k per month). In the end, it was more viable to develop our own solutions in house. This won't stop them from making bogus accounts, but it can help to cut down on the amount of garbage that litters your forum.
"All of these seem like they'd only work against random spammers [..]"
That is correct. It's only meant to slow them down, not to eliminate or make it impossible. It's an amazingly difficult problem. At most you really can only hope to make the path rocky enough to buy yourself time, and possibly collect a few IPs.
One of the things I get tasked with at work is handling forum and service spam. Of all the methods I've used to deter spammers, captchas rank among the least effective. A lot of people seem to think the answer is in changing the nature of what the user has to interpret. I've had suggestions ranging from audio captchas to math problems, and dozens of others that lead to the same kinds of problems - you're making it hard, or in some cases, impossible for legitimate users to use your service. Language barriers rank among the biggest problem. Say you have a picture of an apple, and the user is supposed to type 'apple'. It falls short when you realize the person viewing it may not speak english at all, or may have no idea how to spell 'apple' in english. Same with audio captchas.
The most effective (surprisingly) were form fields hidden with CSS so the users don't enter data in to them, but bots will. You can reject the entire post at that point. It's not universally effective (some bots will actually look at your CSS to determine if you're doing this) but it sure cuts down on a lot of bogus posts. Another method is to generate a form key of some kind, and use that to verify that the form is only good once. this slows spammers down because in order to post again and again, they have to reload the page in order to get a new key. many don't do this, and will attempt to use the same key over and over. if you use a few of these methods, and track repeat offenders, you can add them to your firewall rules so they can't even load the page. Of course, most serious spammers will use hundreds of IPs, so it's difficult to get them all.
It's important to realize that this is a fight you simply can't win - if they're serious about getting through, they'll get through. The most you can hope to achieve is to slow them down long enough to come up with an improved solution.
[...]an unknown kernel version, distro filesystem, and GCC version[...]
While this is a valid point (within the context of the post), it's definitely not anything beautiful. It's the source of many headaches, especially where you have to compile your own drivers not included with the distro - like I have to do with my laptop every time I update the kernel.
Mod parent up. He's bang on. I've been watching all the stuff he's talking about for years.
Strange, I don't seem to have a problem writing in it, or maintaining it. While I'd agree that there is some really bad php out there, the same could be said of Perl. I also agree that PHP lacks some language features that it could use.
Honestly, if I were to reach for another language to get something done, I'd go for Python or Ruby before I even considered Perl as an option. Both are far more elegant choices.
...And then Apple lost because it was the worst business decision Jobs ever made. Not only did he lose, but he went on to throw out the entire Apple II line, going so far as to promote conflict between the Mac and Apple II development teams. Fantastic idea Steve - shit on the very developers who got Apple that far.
Steve Jobs, paradoxically is both the best and the worst thing to happen to Apple.
Because this is what people who loved the original starcraft want. The same game, but prettier, with new units and functionality.
For better or worse, I know I'll be getting my copy.