Correct. They were really anti-MIG weapons. They work by getting near the target and blowing up, using the explosion to damage the target without having to actually fly into the target directly (which is a much harder problem at those speeds). They were able to find and explode near SCUDs just fine, but SCUDs are really just big heavy bombs not fragile jets, and the Patriots don't have the punch to effectively damage the warheads inside the SCUDs.
So they started moving to impact weapons instead of close range explosive weapons. Unfortunately that means actually having to hit a target moving very very quickly and dealing with wind, air pockets, etc... The real world success rates of this type of system are woefully unproven. Extremely stacked tests still fail way more than you'd like.
SCUDs and SCUD like missiles are cheap and easy to build, so launching a thousand of them isn't a big deal. Take an insanely expensive anti-SCUD missile with a 50% hit rate (which is generous btw) and you're still letting 500 warheads hit your city, assuming you HAD 1000 anti-SCUDs in the area, which seems unlikely.
I've been VERY pleased with the reliability and speed of my Drobo. If you don't want to spend the time rolling your own, dealing with linux raid drivers and related issues, etc... Just get a Drobo.
As a citizen, I'm scared of McCain and what he's liable to do, and I'm not scared of Obama.
I'm going to vote based on my opinions, not guessing what our "enemies" might be scared of.
I flew with a.45 a few months ago. I locked the gun-case with MY lock, but was told I HAD to use a TSA lock for my suitcase.
Since they don't mark the luggage as containing a firearm, any non-TSA lock on it, is just as likely to be cut off by the TSA as any other piece of luggage.
You could store your valuables inside the gun case itself I suppose....
Getting a merchant account takes about 10 minutes. I have several. One of them ended up with a mis-spelling of my name and a wrong address due to bad handwriting. It would be very hard to trace to me at this point.
Having a merchant account shouldn't give you any authority to pull money from other people, more than a normal account.
You're right, but I will say the combination of practical martial arts and real world fights is better than just the latter. Muscle memory response and a deep familiarity with joints, nerves, strike points, and the like, helps out a lot against a bar brawler who just knows how to swing and duck.
I've worked club security in Boston and been in more than my share of altercations and I can attest that years of Ju-Jitsu absolutely make things easier, But I do agree that someone walking out of a normal dojo and getting into their first fight is almost certainly going to be in for a painful surprise.
Isn't the standard thing to do to append the source IP you (pound or whatever) see to the existing contents of the header (if the header exists) separated by commas? There should be no need for a separate header. This works fine using F5 Load Balancers certainly, although I haven't used Pound myself.
Yeah, Savvis has been a total nightmare whenever I've had to deal with them. Although I could just be unlucky.
PCI isn't that bad to implement
on
PCI Compliance
·
· Score: 2, Informative
I led an effort at a Fortune 100 company to bring their online storefront and it's backing systems into compliance with the PCI Standard. We started with doing a gap analysis, implementing the changes and improvements, doing an internal audit, and then an external audit for Visa.
The requirement language is sometimes a little vague but by using your best judgement and putting your security and customer hats on, it isn't too hard to figure out.
I actually found the requirements a great tool to convince upper management that they need to invest the time and money into really cleaning up the security of the site and backing systems. Most of the gaps were things that should have been fixed, but always fell behind the latest marketing push project for budget and resources. The threat of large fines made it possible to do a thorough analysis and overhaul, resulting in a much more secure system.
Most of it is really common sense:
Limit and log access to your production systems that deal with credit card information
Encrypt PII and credit card data, in storage and transit
Don't keep your encryption keys in CVS with anonymous access turned on, etc...
Use firewalls and keep your machines and networks secure
Make sure your world facing applications don't have nasty SQL or XSS injection vulnerabilities
Log financial action related stuff, and keep the logs around in a reasonably safe from tampering fashion
I think that while the actual wording and guidelines could have been handled better it provides a pretty good start at a baseline of security, and is a good tool to force companies to really address security, instead of always focusing on maximizing profits all the time.
Totally true. That's why I never argue, raise my voice, or do anything other than what's in you first script. However, I've actually never gotten a warning. Must be bad luck. I certainly have never screamed, threatened, or talked back to a cop. Ever.
Whoa. You were pulled over at gunpoint for an expired inspection sticker and had an assault report laughed at and you still argue that that is okay?
You're willing to put up with a lot more than I am. Perhaps not wanting to be roughed up by the cops with no probably cause makes me "annoying, overly nitpicky" or "overly anal". If that's the case I don't want to live in the world where that's all just fine. I think it's hilarious that my opinion is not valid because you think I'm nitpicky. In that case I think your opinion is not valid because I think that you're willing to put up with abuse and call it okay.
Have a nice day!
Fair enough. I'd just love to have one guy pulled from a quota-filling speed trap to fingerprint my door, so that if/when the guy is caught, they can pin my robbery on him too:)
Or perhaps I merely didn't want to spend the time writing full descriptions of each encounter I've had? I'm happy to elaborate on a few of the examples that I mentioned if that would make you happy, although from your tone I doubt I'll convince you, but that's not my aim in my initial post anyway.
I was pulled over for doing 5 mph over the speed limit leaving an airport and ticketed for something around $100. I was riding my motorcycle, driving at a steady pace and straight. Was I speeding, yes. I just would have expected the police to have something better to do than to ticket people going 5 mph over the speed limit. Just seems like oddly place resources. However with the KNOWN ticket quotas in use, it's not surprising.
I was driving home from a party, late, around 3 AM. Note: I am straight edge. I don't drink, I don't smoke, I don't do drugs. I look and dress normally. I was driving a nice sports car and was around 19 years old. I was pulled over by two cops. I've been pulled over for speeding a few times, so I don't react badly to cops. I know to remain calm and courteous, provide my information as requested, etc... The police officers did not ask for my license or registration. Instead they opened my door, and literally pulled me out of the car by my left wrist. I was pushed up against my car, ordered to put my hands on the roof and keep them in sight. I was patted down thoroughly. My car was then searched for about 30 minutes. I was then told to "Go home, and don't be driving around this late!" At no point was I driving badly, exhibiting signs of drug or alcohol use, talking back to or raising my voice to the police officers, or doing anything other than complying with their demands. I'm not stupid. My opinion is that I was profiled for being young, male, in an expensive car, out too late. Perhaps there was another reason, but they didn't provide any justification to me for their actions.
The robbery response I mentioned went as I laid out. Not abusive, but not at all helpful.
I don't think you know people like me:) I haven't had any run ins with the cops since I moved out of Boston (5 years ago) and I certainly don't think of myself as a victim in any area. I just don't have a good feeling about the police (especially in Boston) being, overall, a helpful group of civic minded fellows. My innocence is that I don't drink, drug, smoke, fight, speed (anymore), break the law, get angry, shout, etc...:) Other than speeding (in my past) and downloading the occasional dev build of Leopard I really don't do much "wrong".
You mention that cops are human beings. This is true. However people who strive to become police, a role of authority and the ability to carry a gun/taser/club, often are motivate by two factors. One is that some people really want to help other people. These people end up being good cops. I have no doubt that there are many of them out there. The other factor, and group, are motivated by power, authority, and the weapons. These people typically become bad cops (by my reckoning). Maybe Boston just has more of the bad type than the good type, or maybe I've been unlucky. However even Seattle has it's problems apparently:
http://seattlepi.nwsource.com/local/322199_polices ide03.html/ http://seattlepi.nwsource.com/local/248384_gulla15 .html/
If you really think all cops are great and only act harshly when people give them no choice, you're sadly mistaken.
Having had my apartment robbed, I can tell you that I did call the police. They sent a guy out over 24 hours later, who basically said "yeah, lots of people have been getting robbed around here lately", (note: i lived in a pretty nice area), "you probably won't get anything back. I hope you're insured." and left. No finger printing, no looking at the busted door, no follow up.
Add that to MANY instances of being harassed by cops for my car, my youth, being out late, etc... and it's hard not to have a negative view. I'm sure there are some good cops out there. I don't doubt it. But when I'm robbed they can't send a cop out that day, presumably because they're all too busy pulling over young guys in expensive cars and searching them without probably cause (I'm in tech, I'm not a drug dealer), or issuing speeding tickets for 25 in a 20 to meet their quotas.
Anecdotes don't make a rule, it's true, but they do color a persons opinions. I've interacted with law enforcement many times (speeding tickets, random pull overs, having my apt. robbed, car accident, firearms testing for concealed carry, etc...), probably about 25 interactions. Of those, one was reasonably positive (helped after my car died on the side of the road), a few were neutral (neither helpful not malicious or abusive), and the rest (about 20) were negative (screaming and threats, searches without cause, rough handling, rudeness, apathy, etc...).
Shows that prison populations, murder rates, organized crime, etc... all went UP during prohibition and went down after it ended....
from that source: "The most telling sign of the relationship between serious crime and Prohibition was the dramatic reversal in the rates for robbery, burglary, murder, and assault when Prohibition was repealed in 1933. That dramatic reversal has Marxist and business-cycle crime theorists puzzled to this day. For example, sociologist John Pandiani noted that "a major wave of crime appears to have begun as early as the mid 1920s [and] increased continually until 1933 . . . when it mysteriously reversed itself."[50] Theodore Ferdinand also found a "mysterious" decline that began in 1933 and lasted throughout the 1930s.[51] How could they miss the significance of the fact that the crime rate dropped in 1933?"
Re:for session id's, i think they're ok...
on
Cross Site Cooking
·
· Score: 1
I hate responding to cowards, but hey:
it's certainly not our only means of authentication, but look at the two possibilities:
Use a session cookie (or, god forbid, session id in the url for web apps that MUST support non-cookied users). Trust it completely.
OR
Use a session cookie, verify it against source IP to ensure it's the same user as had initiated the session. Unfortunately this breaks for everyone coming from AOL. We can't ignore them, as they are a lot of customers. So, recognize who's coming from AOL, based on their source IP matching the AOL proxy IP list, and if they're coming through AOL, use forwarded-for to ensure that the forwarded-for source ip is consistent through out the session.
Is that fool proof? Nope. Is it significantly better than option A? You bet!
We all know that you can't totally trust ANY data sent from the client. It's just a matter of making things as secure as you can and still serve your customers. Raising the barrier of entry to a point where it's more trouble than it's worth.
I'm not sure what your job is, but it doesn't sound like you much real world experience with securing real live e-commerce sites.
Sure, but in the case of AOL, their proxies are a nice published list, so that's very doable. And frankly it's better than not being able to do any IP validation. It isn't perfect, but it raises the bar from simple link or cookie thieves.
If only people consistently set the X-FORWARDED-FOR header when proxying requests. AOL doesn't. A fair number of folks do, but AOL is such a large customer base, that business-wise we can't exclude them. I'd love to get the message out to AOL users that despite AOLs advertisements about being all about your security, their refusal to implement a simple feature in their proxies, reduces the security of just about every e-commerce site online.
Anyone want to run a 5 minute special on CNN? *grin*
Re:for session id's, i think they're ok...
on
Cross Site Cooking
·
· Score: 1
It's still very much a problem. It wouldn't even be so bad if they set the X-FORWARDED-FOR header correctly, but they don't. I've contacted them about it, in my role as security architect for a very large company, but the response was basically "Yes, we know about it. No, we aren't going to fix it."
Unfortunately I don't have the freedom to detect AOL IP blocks and return a page saying "Hey, due to our concerns for your security, and AOLs lack of concern for your security, we can't service you until AOL fixes their proxies. Please contact them here...." but hey, that would be nice:)
On the contrary. If you look at the timestamps, you will see I posted this here in Slashdot first. Then I posted the reformatted version. Then I posted the reformatted version on the Apple forums. I am Devon Hillard. You can also see my reply on the Apple forum where I note that analogueblue is me:)
So in fact, I am the same person who posted this on both forums.
You may or may not be a troll, but you are at least underinformed. I appreciate that you were looking out for potential plagiarism though! Had I been plagiarized, that would have been annoying.
I need to preface this by saying that no application is perfect for everyone. Different people have different workflows, different post-processing needs, and different priorities. I'm not saying Aperture is perfect for everyone. Nor should anyone else say Aperture is useless. It may be useless to them, but not to everyone.
I shoot mostly fashion and advertising type work. I'm a pretty serious amateur, in that I have good gear, and I'm very serious about photography, but I have a day job doing something else (security architecture, which I also love). I shoot only RAW as it gives me way more latitude if I want to adjust the exposure after the fact to change or increase a look (i.e. I want to make things darker and moodier, or I want to blow things out a little). My post-processing requirements are usually the following (in order of frequency): Exposure, white point, saturation, sharpening, levels, blemish fixing. On very rare occasion I'll need to do something beyond that.
My pre-Aperture workflow looked a lot like this:
Copy files from CF card. Due to my camera putting them in different folders based on the sequence, I had to write an automator script to pull out just the image files from all the folders and put them in a new folder on my desktop. This works, but takes a little while, and is something I had to write myself.
Create a folder for my project "Sarah-DarkWear hoodie".
Create the following folders inside that: "raws", "all-jpeg", "best-psd", "best-jpeg". Move all the RAWs from my automator action's results folder into the raws folder.
Open up Adobe CS2 Bridge. View the files. Try to pick the best ones. I can't emphasize enough how laborious and time consuming this task is. Out of 200 shots, about 20 are really good, and about 5 are worth using (in a portfolio or ad or whatever). Bridge has no way to compare two pictures other than switching back and forth between them. You also can't see the pictures at 100% so figuring out sharpness or focus is pretty impossible unless you open them up in Photoshop. Which requires a multi-dialog process and a conversion time.
Once I get my 20 good ones, batch convert them all to PSDs using an action I wrote. This takes a while. The PSDs go into the "best-psds" folder. They each take up about 40-70 MB of space vs. 3-6 MB for each RAW file.
Make the levels, saturation, sharpness adjustments as needed with each file. Using another action I wrote, batch convert the best PSDs to full rez jpegs with my copyright notice on them. As this action involves opening a 70 MB file, creating a new layer for my copyright, setting it up, converting to srgb, converting to 8bit, saving as jpeg, this takes a while. Several seconds each file on my dual 2.5 with 2.5 GB ram.
Using another action I wrote, batch covert all the RAWs to small rez jpegs with my copyright notice on them. These are for the model if it's a tfcd shoot, or for my records, or whatever. This takes a good long while. Now my 1 GB of raws are about 2.3 GB of raws, jpegs, psds.
Open up iView Media pro and update it's index so that all my new files are in it.
Done.
With Aperture, I put my card in the reader.
Aperture pops up and asks if I'd like to import these images. I pick a destination, specify the metadata and keywords for this shoot, and it loads them all in.
I turn on auto-stack. I make a few manual stacking adjustments. I start picking the best shoots. Aperture has excellent compare modes, including 2-up, 3-up, more-up, full rez zoom, a loupe tool for instantly checking focus at full resolution, a 0-5 star rating system, a quick-select key for picking an image as five star, a quick-reject key for an image I know is junk. Within in a stack I can promote, demote, and pick the stack "pick" very quickly and easily. I can do this with just the keyboard. I can easily compare any pictures next to each other. I can go full screen with drops off all the unneeded junk and keeps the various
I need to preface this by saying that no application is perfect for everyone. Different people have different workflows, different post-processing needs, and different priorities. I'm not saying Aperture is perfect for everyone. Nor should anyone else say Aperture is useless. It may be useless to them, but not to everyone.
I shoot mostly fashion and advertising type work. I'm a pretty serious amateur, in that I have good gear, and I'm very serious about photography, but I have a day job doing something else (security architecture, which I also love). I shoot only RAW as it gives me way more latitude if I want to adjust the exposure after the fact to change or increase a look (i.e. I want to make things darker and moodier, or I want to blow things out a little). My post-processing requirements are usually the following (in order of frequency): Exposure, white point, saturation, sharpening, levels, blemish fixing. On very rare occasion I'll need to do something beyond that.
My pre-Aperture workflow looked a lot like this:
Copy files from CF card. Due to my camera putting them in different folders based on the sequence, I had to write an automator script to pull out just the image files from all the folders and put them in a new folder on my desktop. This works, but takes a little while, and is something I had to write myself.
Create a folder for my project "Sarah-DarkWear hoodie". Create the following folders inside that: "raws", "all-jpeg", "best-psd", "best-jpeg". Move all the RAWs from my automator action's results folder into the raws folder.
Open up Adobe CS2 Bridge. View the files. Try to pick the best ones. I can't emphasize enough how laborious and time consuming this task is. Out of 200 shots, about 20 are really good, and about 5 are worth using (in a portfolio or ad or whatever). Bridge has no way to compare two pictures other than switching back and forth between them. You also can't see the pictures at 100% so figuring out sharpness or focus is pretty impossible unless you open them up in Photoshop. Which requires a multi-dialog process and a conversion time.
Once I get my 20 good ones, batch convert them all to PSDs using an action I wrote. This takes a while. The PSDs go into the "best-psds" folder. They each take up about 40-70 MB of space vs. 3-6 MB for each RAW file. Make the levels, saturation, sharpness adjustments as needed with each file.
Using another action I wrote, batch convert the best PSDs to full rez jpegs with my copyright notice on them. As this action involves opening a 70 MB file, creating a new layer for my copyright, setting it up, converting to srgb, converting to 8bit, saving as jpeg, this takes a while. Several seconds each file on my dual 2.5 with 2.5 GB ram.
Using another action I wrote, batch covert all the RAWs to small rez jpegs with my copyright notice on them. These are for the model if it's a tfcd shoot, or for my records, or whatever. This takes a good long while.
Now my 1 GB of raws are about 2.3 GB of raws, jpegs, psds.
Open up iView Media pro and update it's index so that all my new files are in it.
Done.
With Aperture, I put my card in the reader. Aperture pops up and asks if I'd like to import these images. I pick a destination, specify the metadata and keywords for this shoot, and it loads them all in. I turn on auto-stack. I make a few manual stacking adjustments. I start picking the best shoots. Aperture has excellent compare modes, including 2-up, 3-up, more-up, full rez zoom, a loupe tool for instantly checking focus at full resolution, a 0-5 star rating system, a quick-select key for picking an image as five star, a quick-reject key for an image I know is junk. Within in a stack I can promote, demote, and pick the stack "pick" very quickly and easily. I can do this with just the keyboard. I can easily compare any pictures next to each other. I can go full screen with drops off all the unneeded junk and keeps the various window and toolbar colors for interfering with my vision on my color calibrated display.
Picking t
Slashdot Mirror
Correct. They were really anti-MIG weapons. They work by getting near the target and blowing up, using the explosion to damage the target without having to actually fly into the target directly (which is a much harder problem at those speeds). They were able to find and explode near SCUDs just fine, but SCUDs are really just big heavy bombs not fragile jets, and the Patriots don't have the punch to effectively damage the warheads inside the SCUDs.
So they started moving to impact weapons instead of close range explosive weapons. Unfortunately that means actually having to hit a target moving very very quickly and dealing with wind, air pockets, etc... The real world success rates of this type of system are woefully unproven. Extremely stacked tests still fail way more than you'd like.
SCUDs and SCUD like missiles are cheap and easy to build, so launching a thousand of them isn't a big deal. Take an insanely expensive anti-SCUD missile with a 50% hit rate (which is generous btw) and you're still letting 500 warheads hit your city, assuming you HAD 1000 anti-SCUDs in the area, which seems unlikely.
I've been VERY pleased with the reliability and speed of my Drobo. If you don't want to spend the time rolling your own, dealing with linux raid drivers and related issues, etc... Just get a Drobo.
As a citizen, I'm scared of McCain and what he's liable to do, and I'm not scared of Obama. I'm going to vote based on my opinions, not guessing what our "enemies" might be scared of.
Not true. At least not everywhere.
.45 a few months ago. I locked the gun-case with MY lock, but was told I HAD to use a TSA lock for my suitcase.
I flew with a
Since they don't mark the luggage as containing a firearm, any non-TSA lock on it, is just as likely to be cut off by the TSA as any other piece of luggage.
You could store your valuables inside the gun case itself I suppose....
Getting a merchant account takes about 10 minutes. I have several. One of them ended up with a mis-spelling of my name and a wrong address due to bad handwriting. It would be very hard to trace to me at this point. Having a merchant account shouldn't give you any authority to pull money from other people, more than a normal account.
You're right, but I will say the combination of practical martial arts and real world fights is better than just the latter. Muscle memory response and a deep familiarity with joints, nerves, strike points, and the like, helps out a lot against a bar brawler who just knows how to swing and duck.
I've worked club security in Boston and been in more than my share of altercations and I can attest that years of Ju-Jitsu absolutely make things easier, But I do agree that someone walking out of a normal dojo and getting into their first fight is almost certainly going to be in for a painful surprise.
I'd let her use my computer any time she wants:)
Isobella Jade's Portfolio
Isn't the standard thing to do to append the source IP you (pound or whatever) see to the existing contents of the header (if the header exists) separated by commas? There should be no need for a separate header. This works fine using F5 Load Balancers certainly, although I haven't used Pound myself.
From wikipedia:
X-Forwarded-For: client1, proxy1, proxy2
Yeah, Savvis has been a total nightmare whenever I've had to deal with them. Although I could just be unlucky.
The requirement language is sometimes a little vague but by using your best judgement and putting your security and customer hats on, it isn't too hard to figure out.
I actually found the requirements a great tool to convince upper management that they need to invest the time and money into really cleaning up the security of the site and backing systems. Most of the gaps were things that should have been fixed, but always fell behind the latest marketing push project for budget and resources. The threat of large fines made it possible to do a thorough analysis and overhaul, resulting in a much more secure system.
Most of it is really common sense:
I think that while the actual wording and guidelines could have been handled better it provides a pretty good start at a baseline of security, and is a good tool to force companies to really address security, instead of always focusing on maximizing profits all the time.
Totally true. That's why I never argue, raise my voice, or do anything other than what's in you first script. However, I've actually never gotten a warning. Must be bad luck. I certainly have never screamed, threatened, or talked back to a cop. Ever.
Whoa. You were pulled over at gunpoint for an expired inspection sticker and had an assault report laughed at and you still argue that that is okay?
You're willing to put up with a lot more than I am. Perhaps not wanting to be roughed up by the cops with no probably cause makes me "annoying, overly nitpicky" or "overly anal". If that's the case I don't want to live in the world where that's all just fine. I think it's hilarious that my opinion is not valid because you think I'm nitpicky. In that case I think your opinion is not valid because I think that you're willing to put up with abuse and call it okay.
Have a nice day!
Fair enough. I'd just love to have one guy pulled from a quota-filling speed trap to fingerprint my door, so that if/when the guy is caught, they can pin my robbery on him too:)
Or perhaps I merely didn't want to spend the time writing full descriptions of each encounter I've had? I'm happy to elaborate on a few of the examples that I mentioned if that would make you happy, although from your tone I doubt I'll convince you, but that's not my aim in my initial post anyway.
s ide03.html/
5 .html/
I was pulled over for doing 5 mph over the speed limit leaving an airport and ticketed for something around $100. I was riding my motorcycle, driving at a steady pace and straight. Was I speeding, yes. I just would have expected the police to have something better to do than to ticket people going 5 mph over the speed limit. Just seems like oddly place resources. However with the KNOWN ticket quotas in use, it's not surprising.
I was driving home from a party, late, around 3 AM. Note: I am straight edge. I don't drink, I don't smoke, I don't do drugs. I look and dress normally. I was driving a nice sports car and was around 19 years old. I was pulled over by two cops. I've been pulled over for speeding a few times, so I don't react badly to cops. I know to remain calm and courteous, provide my information as requested, etc... The police officers did not ask for my license or registration. Instead they opened my door, and literally pulled me out of the car by my left wrist. I was pushed up against my car, ordered to put my hands on the roof and keep them in sight. I was patted down thoroughly. My car was then searched for about 30 minutes. I was then told to "Go home, and don't be driving around this late!" At no point was I driving badly, exhibiting signs of drug or alcohol use, talking back to or raising my voice to the police officers, or doing anything other than complying with their demands. I'm not stupid. My opinion is that I was profiled for being young, male, in an expensive car, out too late. Perhaps there was another reason, but they didn't provide any justification to me for their actions.
The robbery response I mentioned went as I laid out. Not abusive, but not at all helpful.
I don't think you know people like me:) I haven't had any run ins with the cops since I moved out of Boston (5 years ago) and I certainly don't think of myself as a victim in any area. I just don't have a good feeling about the police (especially in Boston) being, overall, a helpful group of civic minded fellows. My innocence is that I don't drink, drug, smoke, fight, speed (anymore), break the law, get angry, shout, etc...:) Other than speeding (in my past) and downloading the occasional dev build of Leopard I really don't do much "wrong".
You mention that cops are human beings. This is true. However people who strive to become police, a role of authority and the ability to carry a gun/taser/club, often are motivate by two factors. One is that some people really want to help other people. These people end up being good cops. I have no doubt that there are many of them out there. The other factor, and group, are motivated by power, authority, and the weapons. These people typically become bad cops (by my reckoning). Maybe Boston just has more of the bad type than the good type, or maybe I've been unlucky. However even Seattle has it's problems apparently:
http://seattlepi.nwsource.com/local/322199_police
http://seattlepi.nwsource.com/local/248384_gulla1
If you really think all cops are great and only act harshly when people give them no choice, you're sadly mistaken.
Having had my apartment robbed, I can tell you that I did call the police. They sent a guy out over 24 hours later, who basically said "yeah, lots of people have been getting robbed around here lately", (note: i lived in a pretty nice area), "you probably won't get anything back. I hope you're insured." and left. No finger printing, no looking at the busted door, no follow up.
Add that to MANY instances of being harassed by cops for my car, my youth, being out late, etc... and it's hard not to have a negative view. I'm sure there are some good cops out there. I don't doubt it. But when I'm robbed they can't send a cop out that day, presumably because they're all too busy pulling over young guys in expensive cars and searching them without probably cause (I'm in tech, I'm not a drug dealer), or issuing speeding tickets for 25 in a 20 to meet their quotas.
Anecdotes don't make a rule, it's true, but they do color a persons opinions. I've interacted with law enforcement many times (speeding tickets, random pull overs, having my apt. robbed, car accident, firearms testing for concealed carry, etc...), probably about 25 interactions. Of those, one was reasonably positive (helped after my car died on the side of the road), a few were neutral (neither helpful not malicious or abusive), and the rest (about 20) were negative (screaming and threats, searches without cause, rough handling, rudeness, apathy, etc...).
JIRA (while not free/open source) does do this, and does it quite well, with sub-tasks time rolling up into parent tasks, etc....
The data presented here: http://www.cato.org/pubs/pas/pa-157.html
Shows that prison populations, murder rates, organized crime, etc... all went UP during prohibition and went down after it ended....
from that source:
"The most telling sign of the relationship between serious crime and Prohibition was the dramatic reversal in the rates for robbery, burglary, murder, and assault when Prohibition was repealed in 1933. That dramatic reversal has Marxist and business-cycle crime theorists puzzled to this day. For example, sociologist John Pandiani noted that "a major wave of crime appears to have begun as early as the mid 1920s [and] increased continually until 1933 . . . when it mysteriously reversed itself."[50] Theodore Ferdinand also found a "mysterious" decline that began in 1933 and lasted throughout the 1930s.[51] How could they miss the significance of the fact that the crime rate dropped in 1933?"
I hate responding to cowards, but hey:
it's certainly not our only means of authentication, but look at the two possibilities:
Use a session cookie (or, god forbid, session id in the url for web apps that MUST support non-cookied users). Trust it completely.
OR
Use a session cookie, verify it against source IP to ensure it's the same user as had initiated the session. Unfortunately this breaks for everyone coming from AOL. We can't ignore them, as they are a lot of customers. So, recognize who's coming from AOL, based on their source IP matching the AOL proxy IP list, and if they're coming through AOL, use forwarded-for to ensure that the forwarded-for source ip is consistent through out the session.
Is that fool proof? Nope. Is it significantly better than option A? You bet!
We all know that you can't totally trust ANY data sent from the client. It's just a matter of making things as secure as you can and still serve your customers. Raising the barrier of entry to a point where it's more trouble than it's worth. I'm not sure what your job is, but it doesn't sound like you much real world experience with securing real live e-commerce sites.
Sure, but in the case of AOL, their proxies are a nice published list, so that's very doable. And frankly it's better than not being able to do any IP validation. It isn't perfect, but it raises the bar from simple link or cookie thieves.
If only people consistently set the X-FORWARDED-FOR header when proxying requests. AOL doesn't. A fair number of folks do, but AOL is such a large customer base, that business-wise we can't exclude them. I'd love to get the message out to AOL users that despite AOLs advertisements about being all about your security, their refusal to implement a simple feature in their proxies, reduces the security of just about every e-commerce site online.
Anyone want to run a 5 minute special on CNN? *grin*
It's still very much a problem. It wouldn't even be so bad if they set the X-FORWARDED-FOR header correctly, but they don't. I've contacted them about it, in my role as security architect for a very large company, but the response was basically "Yes, we know about it. No, we aren't going to fix it."
Unfortunately I don't have the freedom to detect AOL IP blocks and return a page saying "Hey, due to our concerns for your security, and AOLs lack of concern for your security, we can't service you until AOL fixes their proxies. Please contact them here...." but hey, that would be nice:)
On the contrary. If you look at the timestamps, you will see I posted this here in Slashdot first. Then I posted the reformatted version. Then I posted the reformatted version on the Apple forums. I am Devon Hillard. You can also see my reply on the Apple forum where I note that analogueblue is me:)
So in fact, I am the same person who posted this on both forums.
You may or may not be a troll, but you are at least underinformed. I appreciate that you were looking out for potential plagiarism though! Had I been plagiarized, that would have been annoying.
Regards,
Devon
Here is a more readable formatted version:
I need to preface this by saying that no application is perfect for everyone. Different people have different workflows, different post-processing needs, and different priorities. I'm not saying Aperture is perfect for everyone. Nor should anyone else say Aperture is useless. It may be useless to them, but not to everyone.
I shoot mostly fashion and advertising type work. I'm a pretty serious amateur, in that I have good gear, and I'm very serious about photography, but I have a day job doing something else (security architecture, which I also love). I shoot only RAW as it gives me way more latitude if I want to adjust the exposure after the fact to change or increase a look (i.e. I want to make things darker and moodier, or I want to blow things out a little). My post-processing requirements are usually the following (in order of frequency): Exposure, white point, saturation, sharpening, levels, blemish fixing. On very rare occasion I'll need to do something beyond that.
My pre-Aperture workflow looked a lot like this:
Copy files from CF card. Due to my camera putting them in different folders based on the sequence, I had to write an automator script to pull out just the image files from all the folders and put them in a new folder on my desktop. This works, but takes a little while, and is something I had to write myself.
Create a folder for my project "Sarah-DarkWear hoodie".
Create the following folders inside that: "raws", "all-jpeg", "best-psd", "best-jpeg". Move all the RAWs from my automator action's results folder into the raws folder.
Open up Adobe CS2 Bridge. View the files. Try to pick the best ones. I can't emphasize enough how laborious and time consuming this task is. Out of 200 shots, about 20 are really good, and about 5 are worth using (in a portfolio or ad or whatever). Bridge has no way to compare two pictures other than switching back and forth between them. You also can't see the pictures at 100% so figuring out sharpness or focus is pretty impossible unless you open them up in Photoshop. Which requires a multi-dialog process and a conversion time.
Once I get my 20 good ones, batch convert them all to PSDs using an action I wrote. This takes a while. The PSDs go into the "best-psds" folder. They each take up about 40-70 MB of space vs. 3-6 MB for each RAW file.
Make the levels, saturation, sharpness adjustments as needed with each file. Using another action I wrote, batch convert the best PSDs to full rez jpegs with my copyright notice on them. As this action involves opening a 70 MB file, creating a new layer for my copyright, setting it up, converting to srgb, converting to 8bit, saving as jpeg, this takes a while. Several seconds each file on my dual 2.5 with 2.5 GB ram.
Using another action I wrote, batch covert all the RAWs to small rez jpegs with my copyright notice on them. These are for the model if it's a tfcd shoot, or for my records, or whatever. This takes a good long while. Now my 1 GB of raws are about 2.3 GB of raws, jpegs, psds.
Open up iView Media pro and update it's index so that all my new files are in it.
Done.
With Aperture, I put my card in the reader.
Aperture pops up and asks if I'd like to import these images. I pick a destination, specify the metadata and keywords for this shoot, and it loads them all in.
I turn on auto-stack. I make a few manual stacking adjustments. I start picking the best shoots. Aperture has excellent compare modes, including 2-up, 3-up, more-up, full rez zoom, a loupe tool for instantly checking focus at full resolution, a 0-5 star rating system, a quick-select key for picking an image as five star, a quick-reject key for an image I know is junk. Within in a stack I can promote, demote, and pick the stack "pick" very quickly and easily. I can do this with just the keyboard. I can easily compare any pictures next to each other. I can go full screen with drops off all the unneeded junk and keeps the various
Yeah:( I suck at life today. Sorry about that. No way to edit after the fact is there? That's what I get for not hitting preview.....
I need to preface this by saying that no application is perfect for everyone. Different people have different workflows, different post-processing needs, and different priorities. I'm not saying Aperture is perfect for everyone. Nor should anyone else say Aperture is useless. It may be useless to them, but not to everyone. I shoot mostly fashion and advertising type work. I'm a pretty serious amateur, in that I have good gear, and I'm very serious about photography, but I have a day job doing something else (security architecture, which I also love). I shoot only RAW as it gives me way more latitude if I want to adjust the exposure after the fact to change or increase a look (i.e. I want to make things darker and moodier, or I want to blow things out a little). My post-processing requirements are usually the following (in order of frequency): Exposure, white point, saturation, sharpening, levels, blemish fixing. On very rare occasion I'll need to do something beyond that. My pre-Aperture workflow looked a lot like this: Copy files from CF card. Due to my camera putting them in different folders based on the sequence, I had to write an automator script to pull out just the image files from all the folders and put them in a new folder on my desktop. This works, but takes a little while, and is something I had to write myself. Create a folder for my project "Sarah-DarkWear hoodie". Create the following folders inside that: "raws", "all-jpeg", "best-psd", "best-jpeg". Move all the RAWs from my automator action's results folder into the raws folder. Open up Adobe CS2 Bridge. View the files. Try to pick the best ones. I can't emphasize enough how laborious and time consuming this task is. Out of 200 shots, about 20 are really good, and about 5 are worth using (in a portfolio or ad or whatever). Bridge has no way to compare two pictures other than switching back and forth between them. You also can't see the pictures at 100% so figuring out sharpness or focus is pretty impossible unless you open them up in Photoshop. Which requires a multi-dialog process and a conversion time. Once I get my 20 good ones, batch convert them all to PSDs using an action I wrote. This takes a while. The PSDs go into the "best-psds" folder. They each take up about 40-70 MB of space vs. 3-6 MB for each RAW file. Make the levels, saturation, sharpness adjustments as needed with each file. Using another action I wrote, batch convert the best PSDs to full rez jpegs with my copyright notice on them. As this action involves opening a 70 MB file, creating a new layer for my copyright, setting it up, converting to srgb, converting to 8bit, saving as jpeg, this takes a while. Several seconds each file on my dual 2.5 with 2.5 GB ram. Using another action I wrote, batch covert all the RAWs to small rez jpegs with my copyright notice on them. These are for the model if it's a tfcd shoot, or for my records, or whatever. This takes a good long while. Now my 1 GB of raws are about 2.3 GB of raws, jpegs, psds. Open up iView Media pro and update it's index so that all my new files are in it. Done. With Aperture, I put my card in the reader. Aperture pops up and asks if I'd like to import these images. I pick a destination, specify the metadata and keywords for this shoot, and it loads them all in. I turn on auto-stack. I make a few manual stacking adjustments. I start picking the best shoots. Aperture has excellent compare modes, including 2-up, 3-up, more-up, full rez zoom, a loupe tool for instantly checking focus at full resolution, a 0-5 star rating system, a quick-select key for picking an image as five star, a quick-reject key for an image I know is junk. Within in a stack I can promote, demote, and pick the stack "pick" very quickly and easily. I can do this with just the keyboard. I can easily compare any pictures next to each other. I can go full screen with drops off all the unneeded junk and keeps the various window and toolbar colors for interfering with my vision on my color calibrated display. Picking t