Without it, there is a hell of lot we just simply cannot do anymore.
What did break down causing this loss? The webmasters' brains? Or just their work morale and ethics?
Saying that 90% of websites should be redesigned in such a fashion is quite comical.
Actually, he is saying that 90% of the script using websites can be redesigned in such a fashion. Which is less than 90% of all websites. Much less. Because, you know, most websites actually get by just fine without any scripts. But of course the ones that do need tend to stick out more, so people might get the wrong impression.
But when we LAUGH at them, when we are able to rise above the hatred they wish to foment by turning their ideals into the butt of jokes (and you gotta admit, "Springtime for Hitler" from The Producers is a masterstroke of comedic genius), that's how we win.
Problem with this approach is, such "humor" hurts the victims (or their survivors) just as much as the Nazis. Turning concentration camps into the butt of jokes cheapens the human suffering that happened therein...
To be sure, we aren't trivializing the destruction and deaths they cause,
... but it's a very thin line to walk, and it takes lots of skill to pull this off without offending the wrong parties...
Even mentioning that not all Hitler did was downright evil gets you labeled as a Nazi,
Even worse: just saying that your party had the fastest raise in popularity since the Nazis also gets you labeled as one... The subject of Hitler and Nazis is best avoided altogether if you don't want to be confused with one.
Oddly enough most Germans still enjoy their fast cars and cruising down the speedlimitless Autobahnen...
If a German politician wants to end a discussion quickly he will just mention that the Nazis did it that way.
On the Internet, that's called invoking Godwyn's law...
No human being in existence can remember all the passwords you'll need if you used a different password for each site that demands a password.
Let your browser remember the passwords to unimportant web sites, or keep them in an (encrypted) text file. That way you only need to remember the important passwords, and the password for the one encrypted file. Works quite well for me.
It's possible, but it seems more like wishful thinking for the way things should be.
The author didn't even publish a picture himself, so how could it be wishful thinking? (Well... without a picture, it would be doubly wishful thinking, but that would really be stretching things a little bit too much...)
I think most people would expect the hackers to actually attack the service that they want to hack, rather than attacking a unrelated service in the hopes that the other, unrelated, service might have the same username and password as hotmail.
Hotmail has a "wider audience". And other services may have passwords that are easier to get to. Then just put one and one together...
In particular, the morons who say "maybe Gmail was hacked"...
You surely know that there are other online services than just hotmail and gmail? What if the PC Pro editor surfed gayromeo in a cybercafe, and the hot dude on the table next to him snarfed his password, and then checked whether the same password also worked on the hotmail address linked from the gr account?
Using the same password for all your accounts is a risk. Deal with it.
...sound like moronic Microsoft sycophants.
If you check my posting history, you'll see that I'm in no way a Microsoft sycophant (Ballmer is a tad to sweaty for my taste...)
Any rational person would expect the spam email to sent from Gmail instead of Hotmail if Gmail was the service hacked.
Maybe the PC Pro editor's gayromeo bedmates were indeed spammed too? And maybe the PC pro editor is still in the closet, and thus preferred to not mention this tidbit in his story?
Why? How should a bank discover the fraud, if everything is authenticated correctly?
Because they (possibly) enabled the fraud to take place. Quoting from the artcle:
According to the Süddeutsche Zeitung, the transfer occurred three months after he entered ten transaction numbers, or TAN codes, on what turned out to be an illegally manipulated version of his bank’s website.
So, how was the site manipulated? Did the attacker actually modify the bank's server? ==> In that case, bank clearly bears the responsibility, as they have a duty to keep their service secure.
Or did the attacker take advantage of a fault in the user's OS or browser. ==> in that case, at first glance, the user would be responsible to run such shoddy software where this is possible. However, in the past, and possibly even now, many banks forced/are forcing their users to use such vulnerable software. If this is the case, again the bank should be responsible. The user would be well advised to go through the "General Conditions" for the web service of the last ten years, and search for any clauses such as "the user agrees to only use Windows and/or Internet Explorer to access the service". If any are found, he should clearly get his money back.
Is a bank also responsible for your losses if a guy comes to your front door, poses as a bank clerk and you cut him a cheque?
Yes, if the bank habitually conducts its business in such a fashion.
What is relevant is that hotmail is apparently open to being bruteforced. Now, *THAT* is a fail.
Who says that it was hotmail which was brute forced? This guy used the same password on multiple online services, maybe another one got cracked, and the cracker just checked whether the same credentials also worked on hotmail...
I'm curious to know how strong this password, used in multiple places really was.
... and how multiple the places really were, and how trustworthy all of them actually were...
And a "place" doesn't actually need to be actively malicious, just sloppy/misguided. Such as making you log in over unsecured http, enabling a malicious third party to easily snoop. Some large chat/meetup site that I use only enables premium members to log in via https. Other must use plain http.
Bah. In any large organization, there is bound to be one person who doesn't understand the 'Reply to All' button, no matter how many Sunday afternoons you have put aside to teach them the basics of emailing. Said person should be fired
hehe, maybe that's what happened.
Seriously, you'd be astonished about how little people know about e-mail in some industries. Run-on lines, messed up quoting, huge signatures: September indeed never ended, it now continues in the corporate world! Nowadays, you can call yourself happy if you find one person who does know about emailing.
How many "How you really feel" comments went around during this time that people are going to now have to live with.
Probably none. People looked at the To: line and noticed that everybody was on there (why would the sender bother to Bcc, if there is only one intended recipient?). And those that didn't notice were reassured by their coworkers: "don't worry, it's a mistake, everyone got that email".
Well I'm not French either, but given the size of France, and its importance within Europe, this sure as well affects more than just "French internal politics". Merkel (Germany) and Sarkozy (France) have been throwing their weight around a little bit too much lately, pressuring neighboring countries to drop their banking secrecy laws, and it will be refreshing to see some more reasonable mind replacing Sarkozy (hopefully...).
Who are these people who buy a server and need the hardware vendor to pre-install an OS on it?
People who set up software platforms in remote data centers and want to save on travel costs? So rather than having the server delivered to head-quarters, installing the software, and then shipping the servers to the data center where they are needed, they can now have the server delivered directly to the remote data center with OS pre-installed and install any additional software configuration via ssh.
Of course, HP-iLO makes this somewhat moot (if it can be made to work over a long-distance link).
Actually, the city did recently enact a local law about nudity in that if you sit down while nude, you need to sit on something like a towel. You couldn't very well have such a law if there were a blanket prohibition on nudity.
So, is it ok to sit down on a blanket? Or is there a towel prohibition against this?
But what if the lawn gnomes then commit mischief elsewhere? Shouldn't the owner be held responsible? Just look at what happened to France, after some sloppy gardener didn't pay attention to his gnome...
Slashdot Mirror
... whereas in reality he was just arrested for running a scam whereby his organization made bacteria to boot his antibiotics sales numbers...
Is that a virus that you can pass on even when wearing a trojan?
Without it, there is a hell of lot we just simply cannot do anymore.
What did break down causing this loss? The webmasters' brains? Or just their work morale and ethics?
Saying that 90% of websites should be redesigned in such a fashion is quite comical.
Actually, he is saying that 90% of the script using websites can be redesigned in such a fashion. Which is less than 90% of all websites. Much less. Because, you know, most websites actually get by just fine without any scripts. But of course the ones that do need tend to stick out more, so people might get the wrong impression.
Frankly, I only need it when I surf porn sites and there,
Why don't you just put a condom on your ethernet jack when surfing porn? Stops viruses 100%...
So yes, it was a coincidence and/or another unknown hack.
Not necessarily so... The following scenario could have happened:
Interesting, didn't know this... but what about the Volkswagen Käfer?
But when we LAUGH at them, when we are able to rise above the hatred they wish to foment by turning their ideals into the butt of jokes (and you gotta admit, "Springtime for Hitler" from The Producers is a masterstroke of comedic genius), that's how we win.
Problem with this approach is, such "humor" hurts the victims (or their survivors) just as much as the Nazis. Turning concentration camps into the butt of jokes cheapens the human suffering that happened therein...
To be sure, we aren't trivializing the destruction and deaths they cause,
... but it's a very thin line to walk, and it takes lots of skill to pull this off without offending the wrong parties...
Even mentioning that not all Hitler did was downright evil gets you labeled as a Nazi,
Even worse: just saying that your party had the fastest raise in popularity since the Nazis also gets you labeled as one... The subject of Hitler and Nazis is best avoided altogether if you don't want to be confused with one.
Oddly enough most Germans still enjoy their fast cars and cruising down the speedlimitless Autobahnen...
If a German politician wants to end a discussion quickly he will just mention that the Nazis did it that way.
On the Internet, that's called invoking Godwyn's law...
No human being in existence can remember all the passwords you'll need if you used a different password for each site that demands a password.
Let your browser remember the passwords to unimportant web sites, or keep them in an (encrypted) text file. That way you only need to remember the important passwords, and the password for the one encrypted file. Works quite well for me.
It's possible, but it seems more like wishful thinking for the way things should be.
The author didn't even publish a picture himself, so how could it be wishful thinking? (Well... without a picture, it would be doubly wishful thinking, but that would really be stretching things a little bit too much...)
I think most people would expect the hackers to actually attack the service that they want to hack, rather than attacking a unrelated service in the hopes that the other, unrelated, service might have the same username and password as hotmail.
Hotmail has a "wider audience". And other services may have passwords that are easier to get to. Then just put one and one together...
In particular, the morons who say "maybe Gmail was hacked"...
You surely know that there are other online services than just hotmail and gmail? What if the PC Pro editor surfed gayromeo in a cybercafe, and the hot dude on the table next to him snarfed his password, and then checked whether the same password also worked on the hotmail address linked from the gr account?
Using the same password for all your accounts is a risk. Deal with it.
...sound like moronic Microsoft sycophants.
If you check my posting history, you'll see that I'm in no way a Microsoft sycophant (Ballmer is a tad to sweaty for my taste...)
Any rational person would expect the spam email to sent from Gmail instead of Hotmail if Gmail was the service hacked.
Maybe the PC Pro editor's gayromeo bedmates were indeed spammed too? And maybe the PC pro editor is still in the closet, and thus preferred to not mention this tidbit in his story?
Why? How should a bank discover the fraud, if everything is authenticated correctly?
Because they (possibly) enabled the fraud to take place. Quoting from the artcle:
According to the Süddeutsche Zeitung, the transfer occurred three months after he entered ten transaction numbers, or TAN codes, on what turned out to be an illegally manipulated version of his bank’s website.
So, how was the site manipulated? Did the attacker actually modify the bank's server? ==> In that case, bank clearly bears the responsibility, as they have a duty to keep their service secure.
Or did the attacker take advantage of a fault in the user's OS or browser. ==> in that case, at first glance, the user would be responsible to run such shoddy software where this is possible. However, in the past, and possibly even now, many banks forced/are forcing their users to use such vulnerable software. If this is the case, again the bank should be responsible. The user would be well advised to go through the "General Conditions" for the web service of the last ten years, and search for any clauses such as "the user agrees to only use Windows and/or Internet Explorer to access the service". If any are found, he should clearly get his money back.
Is a bank also responsible for your losses if a guy comes to your front door, poses as a bank clerk and you cut him a cheque?
Yes, if the bank habitually conducts its business in such a fashion.
What is relevant is that hotmail is apparently open to being bruteforced. Now, *THAT* is a fail.
Who says that it was hotmail which was brute forced? This guy used the same password on multiple online services, maybe another one got cracked, and the cracker just checked whether the same credentials also worked on hotmail...
, but when you have to be an expert to properly use a consumer-grade service, the real problem lies squarely with the service, not the user.
How is it the services fault if the user uses the same password on all services?
I'm curious to know how strong this password, used in multiple places really was.
... and how multiple the places really were, and how trustworthy all of them actually were...
And a "place" doesn't actually need to be actively malicious, just sloppy/misguided. Such as making you log in over unsecured http, enabling a malicious third party to easily snoop. Some large chat/meetup site that I use only enables premium members to log in via https. Other must use plain http.
Bah. In any large organization, there is bound to be one person who doesn't understand the 'Reply to All' button, no matter how many Sunday afternoons you have put aside to teach them the basics of emailing. Said person should be fired
hehe, maybe that's what happened.
Seriously, you'd be astonished about how little people know about e-mail in some industries. Run-on lines, messed up quoting, huge signatures: September indeed never ended, it now continues in the corporate world! Nowadays, you can call yourself happy if you find one person who does know about emailing.
How many "How you really feel" comments went around during this time that people are going to now have to live with.
Probably none. People looked at the To: line and noticed that everybody was on there (why would the sender bother to Bcc, if there is only one intended recipient?). And those that didn't notice were reassured by their coworkers: "don't worry, it's a mistake, everyone got that email".
do you know who really loves that though? couple of choice carriers.
... so carriers will start pushing it. Users will still lap it up, and only notice too late that the Skype on their new phone is not actually usage.
Quite cunning!
Well I'm not French either, but given the size of France, and its importance within Europe, this sure as well affects more than just "French internal politics". Merkel (Germany) and Sarkozy (France) have been throwing their weight around a little bit too much lately, pressuring neighboring countries to drop their banking secrecy laws, and it will be refreshing to see some more reasonable mind replacing Sarkozy (hopefully...).
I'm moving to Somalia then...
Who are these people who buy a server and need the hardware vendor to pre-install an OS on it?
People who set up software platforms in remote data centers and want to save on travel costs? So rather than having the server delivered to head-quarters, installing the software, and then shipping the servers to the data center where they are needed, they can now have the server delivered directly to the remote data center with OS pre-installed and install any additional software configuration via ssh.
Of course, HP-iLO makes this somewhat moot (if it can be made to work over a long-distance link).
Actually, the city did recently enact a local law about nudity in that if you sit down while nude, you need to sit on something like a towel. You couldn't very well have such a law if there were a blanket prohibition on nudity.
So, is it ok to sit down on a blanket? Or is there a towel prohibition against this?
But what if the lawn gnomes then commit mischief elsewhere? Shouldn't the owner be held responsible? Just look at what happened to France, after some sloppy gardener didn't pay attention to his gnome...
"Here goes your facebook ID, oops so bad, you had a bank account interconnected to it...."
That would be Paypal ID, not facebook, and it's not as if nobody had told you so already one million times
As long as the h4ckZ0rs only switch my channel from NatGeo to CNN I do not really care much,
Na, they'll switch your channel from Disney Channel to Playboy instead, and then you will care...