Precision machining is a very different process than the photo-lithography used for silicon wafer manufacture. Precise mass manufacture of silicon crystal structure is fairly well developed by now.
Seriously. OP bitches about not immediately getting issued a new IP after his other one gets banned... for being a troll. Then trolls the helpdesk guy trying to *gasp* help him out.
1 - Adding crucial seconds to a reload is not going to increase sales of a firearm.
2 - What's saying the government doesn't demand the keys, or insist on a shutdown key sequence? That'd put an end to the 2nd amendment right there - if the government can just jam the guns of every 'insurgent' 'terrorist' cum future patriot, then who cares what the peasants own?
3 - More children die each year drowning in swimming pools... but you don't see pgp-protected ingrounds, do you?
What difference does asyncronicity make with security? Zero.
What difference should AJAX make with security? Zero.
All security should be applied on the server-side portion of your AJAX application. The same way any other web application is secured. End of question.
By hiding the exploit and announcement, it is more akin to denying that the illness exists at all and therefore they will be safer.
-->Wrong.
The best course of action, bar none, is to quietly notify the company and let them patch it.
You gain nothing but bragging points by notifying the public of the details of an exploit before a patch is released, unless there is some drastic action they can take to protect themselves that they shouldn't already be taking from other exploits.
The ONLY other answer here is to announce that you've -found- an exploit, give details on how to protect yourself against it, but do not provide details on how to use the exploit.
Providing details on using the exploit is just plain endangering all of us. Advertising it here doubly so.
That's akin to saying the cure to a virus isn't hiding in a level 4 contamination suit.
Sure, that doesn't equal a cure, but it sure can hold off infection for a while, until a cure is found.
Advertising a security hole most certainly increase the liklihood of exploitation, because instead of just the discovery team, now the whole world knows the hole.
Uh... so what? If you've -forgotten- about the box, likely that's because it's not used nearly as much. No new patches to deal with, no new software installed on it... likely few users (because if you have a lot of users on that box, you likely depend on it enough to know where it is)...
So... this tells us nothing except that you've had the box plugged in to clean power for a long time. I could have a forgotten NT4 box running that long too, were no users using it enough to remember where it was.
In all fairness, most of the examples you listed weren't CIA info. I mean, unless you weren't paying attention to the way the Valerie Plame story went down...
I think documentation goes a lot further than comments. Chances are, with good docs and proper unit testing, I never have to read the source on your object.
Slashdot Mirror
Where does TFA imply fossil fuel? Ethanol could work here...
Precision machining is a very different process than the photo-lithography used for silicon wafer manufacture. Precise mass manufacture of silicon crystal structure is fairly well developed by now.
That's not a hole in google's code. Any website coder can code up a phishing page that looks legit. Where is this Google's security issue?
There's a Tipper Gore joke in here SOMEWHERE...
Seriously. OP bitches about not immediately getting issued a new IP after his other one gets banned... for being a troll. Then trolls the helpdesk guy trying to *gasp* help him out.
1 - Adding crucial seconds to a reload is not going to increase sales of a firearm. 2 - What's saying the government doesn't demand the keys, or insist on a shutdown key sequence? That'd put an end to the 2nd amendment right there - if the government can just jam the guns of every 'insurgent' 'terrorist' cum future patriot, then who cares what the peasants own? 3 - More children die each year drowning in swimming pools... but you don't see pgp-protected ingrounds, do you?
man, I bet even here on /. that joke went above a lot of heads. Nice one tho.
What difference does asyncronicity make with security? Zero.
What difference should AJAX make with security? Zero.
All security should be applied on the server-side portion of your AJAX application. The same way any other web application is secured. End of question.
"You have to realize that, in the meantime, the code for this will be all over the underground forums."
-->Assuming a cracker found it, and not a security researcher...
By hiding the exploit and announcement, it is more akin to denying that the illness exists at all and therefore they will be safer.
-->Wrong.
The best course of action, bar none, is to quietly notify the company and let them patch it.
You gain nothing but bragging points by notifying the public of the details of an exploit before a patch is released, unless there is some drastic action they can take to protect themselves that they shouldn't already be taking from other exploits.
The ONLY other answer here is to announce that you've -found- an exploit, give details on how to protect yourself against it, but do not provide details on how to use the exploit.
Providing details on using the exploit is just plain endangering all of us. Advertising it here doubly so.
How would that be different from what you need to do with IE -all the time-?
That's akin to saying the cure to a virus isn't hiding in a level 4 contamination suit.
Sure, that doesn't equal a cure, but it sure can hold off infection for a while, until a cure is found.
Advertising a security hole most certainly increase the liklihood of exploitation, because instead of just the discovery team, now the whole world knows the hole.
Man, if I tried to sue my dad for anything involving his shed, he'd probably take me out behind it and whip me good.
"Projects where late, missing requirements and so on."
Like this never happens with internal projects...
Uh... so what? If you've -forgotten- about the box, likely that's because it's not used nearly as much. No new patches to deal with, no new software installed on it... likely few users (because if you have a lot of users on that box, you likely depend on it enough to know where it is)...
So... this tells us nothing except that you've had the box plugged in to clean power for a long time. I could have a forgotten NT4 box running that long too, were no users using it enough to remember where it was.
A sexy party ... with clones of yourself?
Uh, I'm white and this is how I'm treated. Welcome to IT, please check your IQ ego at the door.
But find me an exoskeleton who'll pick up the -check-, and we won't need the chick.
Might need another quart of rocket fuel tho...
That would defeat the intents and purposes of metadata in a multiuser (read: most offices) environment...
Most lenses are designed to focus on things in the FAR range - ~10+ feet. Macro lenses can focus on things very close or very small - in the 1' range.
So if you plan on shooting yet another flower and calling it 'art', you need a macro lens.
Note that many recent digitals offer moderate macro functions and do not require a macro lens.
In all fairness, most of the examples you listed weren't CIA info. I mean, unless you weren't paying attention to the way the Valerie Plame story went down...
No lie, got this one from my electronics teacher almost 10 years ago -
...it's the resistor color coding chart;
"Black Brothers Rape Our Young Girls But Violet Gives Willingly."
0BLack 1BRown 2Red 3Orange 4Yellow 5Green 6Blue 7Violet 8Grey 9White
Too true. Or insulting the developer responsible for writing the bloat... :)
Document individual objects & methods.
I think documentation goes a lot further than comments. Chances are, with good docs and proper unit testing, I never have to read the source on your object.