Slashdot Mirror

← Back to Users

User: TGandalf

TGandalf's activity in the archive.

Stories
0
Comments
12
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12

  1. I Was Plagiarized, Again on Electronic Pricetag Alteration · · Score: 1

    I would like the plagurism of AlphaKinetic and Saalim Chowdhury exposed. My work, and the work of others, is the subject of a recent SlashDot article called "Electronic Pricetag Alteration", although we are not attributed. I published an article which was plagurized by Saalim Chowdhury and used as the subject of a press release. An article was subsequently published by TheTelegraph and mentioned by TheRegister. This article was cited by ZDNet, syndicated to Yahoo, then this article was cited by SlashDot.

    I published an article called "Flaws In ECommerce Systems" in the Autumn issue of 2600 Magazine. This article is available at http://www.xirium.com/product/mtecs/doc/secure/ and http://www.basketlogic.com/doc/secure/ . This article:

    • States how loosely integrated ECommerce sites do not check prices.
    • Cites a wine merchant with such a vunerability.
    • Cites a domain name re-seller with such a vunerability.
    • Explains how to move decimal points to reduce prices and why this action should succeed, but has never been substantiated.

    On 25 Jan 2001, TheRegister reported an article in TheTelegraph which:

    • Cites an undisclosed "glitch" that allows prices to be modified.
    • Cites a domain name re-seller with such a vunerability.
    • Cites Saalim Chowdhury as the "chief executive of e-commerce software development company Alphakinetic which discovered the flaw".
    • Omits all references to moving

    AlphaKinetic press releases 4 and 5:

    • State that AlphaKinetic "found this security hole whilst developing our own secure e-commerce system, and our forthcoming e-commerce solutions".
    • Cites the purchase of wine by this method.
    • AlphaKinetic does not specialise in security.
    • "What astonished us was when we contacted our secure payment provider about this they stated that they had be aware about the possibility of this hole existing for the last 5 years".

    All attempts to contact all parties have been ignored. This inaccuracy has now been extensively propagated during the last two days. The additional information that was unsubstantiated is now the subject of recent articles and the estimated proportion of vunerable sites has risen from 10%-20% to 40%.

    There is circumstantial evidence that Saalim Chowdhury read my work in 2600 Magazine (the source of the information) and this can be verified by checking domain name registrations. 2600 has a pre-occupation with purchasing domains of the form *sucks.com then printing the "cease and desist" "nastygrams" from lawyers. AlphaKinetic (the source of the plagurism) is highly anomalous because they have registered alphakineticsucks.com themselves, although this problem only affects large companies.

  2. RFC2324! on First Ever Webcam to Come Offline · · Score: 2

    RFC2324: Hyper Text Coffee Pot Control Protocol. My favourite response code is "418 I'm a teapot". Oddly though, Apache refused to accept this config. Maybe, I'll have to send a bug report.

  3. This is MSInnovate on MUD Shell · · Score: 1
    Seems pretty MSInnovative to me.

    N, MSInnovate is when you copy ideas. I genuinely did not know about about previous efforts. I have even met a member of SlashDot who had done one of the previous implementations. Is seems like many people have had similar ideas independantly.

    Anyhow, mentioning MSInnovate, I just knew I forgot to add something to the denied domain list. Well, if you see anything like MUD Shell from MicroSoft, you saw it here first. The rest of the logs are also interesting.

    tide84.microsoft.com - - [27/Feb/2001:17:15:48 -0500] "GET /tech/mud-shell/index.html HTTP/1.0" 200 4747
    tide78.microsoft.com - - [27/Feb/2001:17:15:48 -0500] "GET /blank.gif HTTP/1.0" 200 85
    tide85.microsoft.com - - [27/Feb/2001:17:15:48 -0500] "GET /logo.gif HTTP/1.0" 200 590
    tide70.microsoft.com - - [27/Feb/2001:17:16:12 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.0" 200 8330
    tide23.microsoft.com - - [27/Feb/2001:17:19:59 -0500] "GET /tech/mud-shell/index.html HTTP/1.0" 200 4747
    tide23.microsoft.com - - [27/Feb/2001:17:19:59 -0500] "GET /blank.gif HTTP/1.0" 200 85
    tide23.microsoft.com - - [27/Feb/2001:17:19:59 -0500] "GET /logo.gif HTTP/1.0" 200 590
    tide78.microsoft.com - - [27/Feb/2001:17:27:29 -0500] "GET /tech/mud-shell/download/index.html HTTP/1.0" 200 5400
    tide92.microsoft.com - - [27/Feb/2001:17:27:59 -0500] "GET /tech/mud-shell/idea/index.html HTTP/1.0" 200 15697
    tide84.microsoft.com - - [27/Feb/2001:17:45:43 -0500] "GET /tech/index.html HTTP/1.0" 200 5703
    tide83.microsoft.com - - [27/Feb/2001:17:45:44 -0500] "GET /image/logo/index.gif HTTP/1.0" 200 2490
    tide83.microsoft.com - - [27/Feb/2001:17:45:44 -0500] "GET /image/blank.gif HTTP/1.0" 200 85
    tide79.microsoft.com - - [27/Feb/2001:17:45:44 -0500] "GET /image/button/xirium.gif HTTP/1.0" 200 2394
    tide70.microsoft.com - - [27/Feb/2001:17:45:44 -0500] "GET /image/button/logoab8.gif HTTP/1.0" 200 1286
    tide88.microsoft.com - - [27/Feb/2001:17:46:14 -0500] "GET /tech/mud-shell/download/mudsh HTTP/1.0" 200 15415
    tide92.microsoft.com - - [27/Feb/2001:17:59:17 -0500] "GET /product/index.html HTTP/1.0" 404 212
    tide91.microsoft.com - - [27/Feb/2001:17:59:21 -0500] "GET /user/index.html HTTP/1.0" 200 3438
    tide92.microsoft.com - - [27/Feb/2001:17:59:26 -0500] "GET /index.html HTTP/1.0" 200 8225
    tide87.microsoft.com - - [27/Feb/2001:17:59:27 -0500] "GET /style/nav0_4.gif HTTP/1.0" 200 14889
    tide92.microsoft.com - - [27/Feb/2001:17:59:34 -0500] "GET /babelparam/ HTTP/1.0" 200 5481
    tide85.microsoft.com - - [27/Feb/2001:17:59:34 -0500] "GET /babelparam/source/root.js HTTP/1.0" 200 5728
    tide86.microsoft.com - - [27/Feb/2001:17:59:35 -0500] "GET /babelparam/source/graphic.js HTTP/1.0" 200 2630
    tide92.microsoft.com - - [27/Feb/2001:17:59:35 -0500] "GET /babelparam/source/style.js HTTP/1.0" 200 15481
    tide84.microsoft.com - - [27/Feb/2001:17:59:37 -0500] "GET /babelparam/blank.gif HTTP/1.0" 200 85
    tide75.microsoft.com - - [27/Feb/2001:18:29:07 -0500] "GET / HTTP/1.0" 200 8225
    tide109.microsoft.com - - [27/Feb/2001:18:33:13 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.0" 200 8330
    tide109.microsoft.com - - [27/Feb/2001:18:33:13 -0500] "GET /blank.gif HTTP/1.0" 200 85
    tide109.microsoft.com - - [27/Feb/2001:18:33:13 -0500] "GET /logo.gif HTTP/1.0" 200 590
    tide109.microsoft.com - - [27/Feb/2001:18:39:59 -0500] "GET /tech/mud-shell/download/index.html HTTP/1.0" 200 5400
    tide117.microsoft.com - - [27/Feb/2001:18:49:15 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.0" 200 8330
    tide117.microsoft.com - - [27/Feb/2001:18:49:16 -0500] "GET /blank.gif HTTP/1.0" 200 85
    tide117.microsoft.com - - [27/Feb/2001:18:49:16 -0500] "GET /logo.gif HTTP/1.0" 200 590
    tide94.microsoft.com - - [27/Feb/2001:18:57:09 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.1" 200 8330
    tide94.microsoft.com - - [27/Feb/2001:18:57:09 -0500] "GET /blank.gif HTTP/1.1" 200 85
    tide94.microsoft.com - - [27/Feb/2001:18:57:09 -0500] "GET /logo.gif HTTP/1.1" 200 590
    tide94.microsoft.com - - [27/Feb/2001:18:58:54 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.1" 304 -
    tide94.microsoft.com - - [27/Feb/2001:18:58:54 -0500] "GET /blank.gif HTTP/1.1" 304 -
    tide94.microsoft.com - - [27/Feb/2001:18:58:54 -0500] "GET /logo.gif HTTP/1.1" 304 -
    tide94.microsoft.com - - [27/Feb/2001:19:58:33 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.0" 200 8330
    tide94.microsoft.com - - [27/Feb/2001:19:58:33 -0500] "GET /logo.gif HTTP/1.0" 200 590
    tide94.microsoft.com - - [27/Feb/2001:19:58:33 -0500] "GET /blank.gif HTTP/1.0" 200 85
    tide94.microsoft.com - - [27/Feb/2001:21:14:35 -0500] "GET /tech/mud-shell/download/index.html HTTP/1.0" 200 5400
    atoms.research.microsoft.com - - [27/Feb/2001:21:14:58 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.0" 200 8330
    atoms.research.microsoft.com - - [27/Feb/2001:21:14:58 -0500] "GET /blank.gif HTTP/1.0" 200 85
    atoms.research.microsoft.com - - [27/Feb/2001:21:14:58 -0500] "GET /logo.gif HTTP/1.0" 200 590
    tide94.microsoft.com - - [27/Feb/2001:21:15:16 -0500] "GET /tech/mud-shell/index.html HTTP/1.0" 200 4747
    tide94.microsoft.com - - [27/Feb/2001:21:15:34 -0500] "GET /tech/mud-shell/idea/index.html HTTP/1.0" 200 15697
    tide117.microsoft.com - - [27/Feb/2001:21:19:25 -0500] "GET /tech/mud-shell/index.html HTTP/1.0" 200 4747
    tide117.microsoft.com - - [27/Feb/2001:21:19:41 -0500] "GET /tech/mud-shell/idea/index.html HTTP/1.0" 200 15697
    tide70.microsoft.com - - [27/Feb/2001:23:27:22 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.0" 200 8330
    tide141.microsoft.com - - [28/Feb/2001:05:44:14 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.1" 200 8330
    tide141.microsoft.com - - [28/Feb/2001:05:44:15 -0500] "GET /blank.gif HTTP/1.1" 200 85
    tide141.microsoft.com - - [28/Feb/2001:05:44:16 -0500] "GET /logo.gif HTTP/1.1" 200 590
    tide120.microsoft.com - - [28/Feb/2001:05:49:02 -0500] "GET /tech/mud-shell/ HTTP/1.0" 200 4747
    tide120.microsoft.com - - [28/Feb/2001:05:49:06 -0500] "GET /blank.gif HTTP/1.0" 200 85
    tide121.microsoft.com - - [28/Feb/2001:05:49:06 -0500] "GET /logo.gif HTTP/1.0" 200 590
    tide93.microsoft.com - - [28/Feb/2001:21:24:37 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.0" 200 8330
    tide93.microsoft.com - - [28/Feb/2001:21:24:38 -0500] "GET /blank.gif HTTP/1.0" 200 85
    tide93.microsoft.com - - [28/Feb/2001:21:24:39 -0500] "GET /logo.gif HTTP/1.0" 200 590
    tide70.microsoft.com - - [01/Mar/2001:20:35:04 -0500] "GET /tech/mud-shell/example/index.html HTTP/1.0" 304 -
    tide78.microsoft.com - - [01/Mar/2001:20:35:05 -0500] "GET /blank.gif HTTP/1.0" 304 -
    tide85.microsoft.com - - [01/Mar/2001:20:35:05 -0500] "GET /logo.gif HTTP/1.0" 304 -
    tide70.microsoft.com - - [02/Mar/2001:13:02:59 -0500] "GET /tech/mud-shell/ HTTP/1.0" 200 4747
    tide92.microsoft.com - - [02/Mar/2001:13:04:16 -0500] "GET /tech/mud-shell/idea/index.html HTTP/1.0" 304 -
    tide78.microsoft.com - - [02/Mar/2001:13:05:16 -0500] "GET /tech/mud-shell/download/index.html HTTP/1.0" 304 -
  4. Re:Is this the start? on MUD Shell · · Score: 1

    I found cut and paste of file *handles* extremely counter-intuitive. Cut and paste is a kludge to compensate for other bad design decisions. If the OS was less obtuse and less intrusive then cut and paste would be more liquid, like MacOS. Of course, both are flawed application-centric designs rather than data-centric. The only thing that was standardised for applications was the File and Edit menus. Great, not! So, the only consistancy is: load data into application, save, (application-centric) printing, and cut and paste of data to other applications. If you have a data-centric environment, File and Edit are redundant.

  5. Re:Non-GUI interfaces on MUD Shell · · Score: 1

    People just don't understand how directories work. Most lamers just keep all there work in a flat folder. Most web sites are the same and this practice is actively rewarded because web pages in subdirectories are penalised by many search engines. If people can harmlessly explore the filing system, they might learn something: how directories work.

  6. Re:Adventure Shell... old hat? on MUD Shell · · Score: 1

    I was unaware of the Adventure Shell, and as I have discovered, so are many other people that have had similar ideas. I *now* know of at least five different implementations, some with many variants.

  7. Re:Is this the start? on MUD Shell · · Score: 1

    The film hackers is much more realistic if you consider all of the on screen action to be a metaphor of what is supposed to be happening. Think of it as a cinematic convention for how the characters percieve an otherwise plain screen of text.

  8. Weird Symbols Again on Corel Linux - Not Quite Dead Yet · · Score: 2

    Taco: are you posting stories with exploder?

  9. Re: AmigaOS scheduler - "list is more" on Java Performance under Linux · · Score: 1

    It seems that the Irix lower level scheduler would be a duplication of effort and too little too late. (have to wait for efficient ordering.) AmigaOS inserts threads into an ordered linked list to absorb the O(n) cost immediately. Both methods require O(n) time for each of n threads, making O(n^2). Irix reduces the impact by using an O(n) algorithm most of the time. AmigaOS reduces this overhead by amortising cost. Both algorithms fail "when there are lots of threads that have roughly equal goodness".

    I suggest the use of the sorted list shortcut to stuff lower priority tasks behind the head of the list. This is linear for all situations and only suboptimal when there is a large number of unequal tasks, in which case the processor has plenty to do anyhow.

  10. Re:First Extension To XHTML! on XHTML 1.0 now a W3C Recommendation · · Score: 1


    Announcing the Ecsponent Message DTD that can be accessed at: http://www.ecsponent .com/opt/xml/message-xml1_0-strict.dtd .
    Hopefully it works as well -;@}=.



    Dean Swift


    Ecsponent - The future of ECommerce


  11. Re: School URL on Red Hat Linux Available Free To UK Schools · · Score: 1

    The URL is: http://www.parrswoodhighschool.org.uk/ .

    NetCraft Stats says Apache on Unix (Solaris). Good stuff, although I am curious why they have .org.uk rather than .sch.uk reserved for schools.



    Dean Swift, dean@xirium.com
    Xirium, http://www.xirium.com/

  12. Re:Have provider give you subdomains for EMail on On The Subject of Web Hosting · · Score: 1

    y, i done this with Pair.Net. i suspect they don't get many requests for this.

    anyway, if you have .site.domain, and create and subdomain .user.site.domain then the web and mail DNS can be hosted by different organisations, as well as the web and mail itself. this gives you ultimate redundancy and tolerance.

    if you have problems with any provider, you can change immediately, usually before users notice. additionally, i forward my EMail to two different sites. (y, you can have multiple lines in your .forward.) this allows me to check EMail if my usual EMail server is off line.

    Dean Swift, dean@xirium.com
    DNS Administrivia
    Xirium