my SQL queries are sent to the database through a library that does the escaping
Just a question in passing, why do you need to send SQL text to the database in the first place? Why not use stored procedures? It seems simpler to me and also cleaner from an architecture perspective (i.e., separating database model from application logic). It also prevents any and all kind of attack against the database, making them impossible even if you for instance forget to escape your strings somewhere.
Also Opera did break a lot on a lot of sites and apps, so it was almost unusable for quite a while; to the very least it was out of the question to advise it to coworkers who were still using IE6, you had to push them to FF because with Opera they would come back to you after five minutes asking "why doesn't it work?" The Opera team used to hate to be reminded of that fact and they did vehemently defend their software, arguing that it was all the fault of developers testing against IE6 and FF and calling it a day, so FF had ind of a "free pass" regarding Javascript compatibility, and that they had done everything humanely possible to take care of this issue.
Then out of the blue came Chrome with a totally different JS engine but for whatever reason it "just worked" on 95% of all sites, even at the very beginning. After that, Opera's level of compatibility did quickly improve up to a point where with version 11 it seems now to be 98% compatible with the web (Google apps excepted but I've read it's by design from the G team, is that true?). So it seems they did find a way to improve things once it was obvious that others were doing better - competition does look quite beneficial to the industry, doesn't it?
Plus Chrome did some real hardcore advertising, like giant posters in Paris subway and probably lots of other things I'm not aware of. I don't think any other browser ever did anything similar, or even any other piece of software as far as I know. The Google guys definitely have some capacity at moving the lines.
The problem of pollution in China is not restricted to solar energy, far from it; they dump a lot of nasty shit around with no regards for the population or the environment, this is the very basis of their economic "miracle". But regarding solar panels, I read earlier also that they used to use a lot of rare minerals and create toxic waste as a byproduct but that this is less and less the case with progress in technology (same thing here, too lazy to google it).
You have to take into account the amount of investments that have been poured in solar or generally speaking renewable energy and compare it to the same figure for nuclear.
Basically the argument that "Fukishima was an old design and newer reactors won't have the same flaws" applies to renewable energy equally.
I remember an interview from a hacker, possibly the English guy who broke into the DoD servers looking for documents about UFOs, who was saying that while he was on the servers he noticed he was not alone, there were several other intruders there with him. The interview must probably be somewhere around on the Internet to be found if anybody cares. The possible motivations to penetrate networks and leave backdoors available there are just too many for me to bother enumerating them, especially for a foreign government or agency.
Yes, I will laugh as they ger raped in prison, because they are criminals.
Ok but consider one thing: imagine that your son would do something stupid one day, like selling 1g of hemp to a friend to help him out or crack into a government website for the lulz, and gets caught. He's a criminal now. Will you still be laughing as he gets raped in prison? If you answer "no", then you're definitely a stinking asshole and a filthy motherfucker, because you want harsh penalties for others but will beg for them not applied to you. And if you answer "yes", then you're definitely a stinking asshole and a filthy motherfucker. So now please take a good look in the mirror and say hello.
I see that many people here on/. seem very bitter and angry about those kids. First let me tell you that "laughing you ass off when they get raped in prison" only shows that you're a very mean and despicable individual. But apart from that those kind of hackers are really doing people a favor by exposing clearly to the general public how terrible the security of their personal data is. Rest assured that for every bragging Lulzsec there are ten quiet hackers from different governmental and criminal groups, silently collecting your data and placing back doors in your systems, and not saying a word about it. Without public exposure authorities and corporations will naturally do all they can to swipe the problem under the rug. The kind of very visible but mostly harmless actions from the likes of Lulzsec is what's necessary to have them move their ass and finally do something about the security issue. I for one see them more as the vaccine that will eventually help the Internet grow some real security than the hateful vandals that old grumps of your kind want to portray.
That's ridiculous, of course the browser need to strive as much as it can to render correctly as many sites as possible; they're not here as a showcase of technology, they're here to be used as a tool.
I don't know about your issue, I don't seem to ever bump into it, however to me the one and only drawback with Opera is that there are still a number of web sites or web application that don't render correctly with it or plainly don't work at all. I considered switching to Chrome lately, which seems to be the only reasonable alternative, however I had to give up after spending two week fighting against the speed dial and fit-to-width extensions. I have resigned myself to using Opera mainly and fire Chrome or FF for the rare instances when Opera doesn't cut it. Not perfect but there doesn't seem to be any other way to go.
It seems governments have realised that legislative oversight is a bit of a nuisance, and it's just easier to coerce and/or bribe big business to get what you want.
I think you have it the wrong way, I would rather say: "It seems big business have realised that legislative oversight is a bit of a nuisance, and it's just easier to coerce and/or bribe governments to get what you want." The push behind those schemes comes from copyright holders and they have the means do what is necessary to get to their goal.
The problem with adblock and conversely the advantage of privoxy is that it works with all of your browsers, so if you tend to use or need to use anything else than FF sometimes, adblock is not enough. It's possible that privoxy with default config lets a very few ads through although I don't really notice; the advantage is it's a two-click load/install process, then configure proxy in the browser, and never think about it afterwards.
Some small yet critical for some user website breaks in opera
This is the one and only problem with Opera, as I mentioned in another post above. If you start using Opera you won't ever want to use anything else, except you'll need to keep a second browser handy to access some sites that don't work with it. For instance for me currently Picasa doesn't work and Oracle sites are inaccessible using Opera, so I must use Chrome for these. These are not small sites, in fact they're essential to me, but their JS breaks Opera.
As a very long time Opera user, what I can say is that:
Opera is the perfect browser in any and all aspects (it's the fastest, the leanest and has the most well-thought and consistent UI) except for its one and only serious flaw: many applications and a few sites do not display correctly or even at all with it. There used to be quite a lot of sites that were unusable with Opera in the past, it looks like the dev team have made a lot of efforts in this respect lately and today those sites are much more limited, in fact I personally never come across one. However many applications that use lots of Javascript will not work with Opera and only with FF, just like in the past they used to only be coded for IE6.
This used to be a major problem with the browser and a point of heated debate with the dev team on the forums. The developers insist that the situation is due to the fact that application and site developers only test against FF, just as they only tested against IE6 before; basically FF has become the IE6 of the Internet. While this makes sense, it appeared that when Chrome came out it was quite a bit better in this area. My feeling is that since, possibly in fact because of the competition introduced by Chrome, they did quite a bit of improvement there and now many applications do work flawlessly with Opera (I can use for instance Oracle Enterprise Manager and Oracle BIEE in Opera now). However Picasa for instance doesn't seem to work currently (it used to though, which shows that it also depends on the application).
Regarding the competition:
Firefox: to me it's unusable. When I install a browser on a new machine, and I tend to do that quite often, it has to work immediately. I'm not going to download half-a-dozen additional plugins before being able to surf. With Opera once downloaded I have to click four or five check boxes and I'm ready to go - speed dial, download manager, fit-to-width, search shortcuts, synchronization, everything I need is available out-of-the-box. Also FF consistently feels slow, jittery and unresponsive compared to Opera. I hate it.
Chrome: when it came I started to use it more and more, up to a point where I felt I was on the verge of switching to it 100%, mostly because it was as fast as Opera but didn't break on any site or app. But after a few unsuccessful attempts at installing a working fit-to-width plugin I gave up, it just doesn't work. Same thing for speed dial or search shortcuts, they're butt ugly and don't Just Work (tm). I mean it's not ok for me to have to copy/paste or edit a URL, anything more than a right-click is unacceptable.
So I once again fell back to Opera, and since they have apparently fixed most of the problems with JS compatibility it's all gravy. I reluctantly fire off Chrome sometimes (for Picasa for instance) and even (so help me) FF when some stupid web application require it. But quiting Opera when you know it would feel like switching from a Jaguar to a Trabant.
Hum interesting, although some of your claims seem a bit far-fetched. Obviously the guy could (would) be using the wifi point to communicate with a zombie through ssh or openvpn, so no way of sniffing the content of the traffic. Nonetheless as you mention the communication with the wifi router would still be visible, but would it be sufficient to pinpoint to the physical location of the laptop? I doubt it, especially in a city like London where you would most probably be part of a large compex of tiny flats.
But even so in the end this doesn't change the fact that the cops would find nothing on the laptop itself, not a single bit of evidence whatsoever. The IP address was not his, the MAC address neither. No a single clue on the hard drive. So all what would remain would be their conviction that "the signal seemed to roughly come from this general area". I don't think this would ever stand in front of a judge; in fact I don't think they would even bother prosecute with so little evidence.
Also I don't buy the story about Mi-5 breaking in the apartment and planting something on the laptop, this definitely looks too James Bondish to me. Anyway since the laptop drive would be encrypted there's not much they could do with it. Possibly plant some kind of physical key-logger somewhere, but again at this point this is not realistic any longer. In my opinion the situation at hand is much simpler, they caught some idiot with LOIC on his hard drive and called it a day. Also the guys at NSA/Mi-5 might have some powerful tools but I doubt they're using them chasing Lulzsec, they definitely have got much bigger fishes to fry. Interesting discussion nonetheless.
Oh look, here's an area of data on the hard drive that we can't decrypt using our forensic tools.
That's not how it works, a truecrypt shadow volume is indistinguishable from "no data at that particular location on the disk surface", that's its raison d'être.
I wonder how much of one another's real identity they know of. Pretty little I imagine, why would someone from such a group share any private detail with others?
Also correct me if this sounds too simplistic but I imagine the very first thing I'd do if I were from such a group would be to never connect from anything else than a neighbor's open or cracked wifi (with my dedicated hack station of course, I'd have plenty of normal traffic on the other ones). Is there really still much of a chance to get identified with such a basic security measure?
Now obviously in addition to that any related activity would take place from a shadow truecrypt volume or something like that.
Slashdot Mirror
my SQL queries are sent to the database through a library that does the escaping
Just a question in passing, why do you need to send SQL text to the database in the first place? Why not use stored procedures? It seems simpler to me and also cleaner from an architecture perspective (i.e., separating database model from application logic). It also prevents any and all kind of attack against the database, making them impossible even if you for instance forget to escape your strings somewhere.
Also Opera did break a lot on a lot of sites and apps, so it was almost unusable for quite a while; to the very least it was out of the question to advise it to coworkers who were still using IE6, you had to push them to FF because with Opera they would come back to you after five minutes asking "why doesn't it work?" The Opera team used to hate to be reminded of that fact and they did vehemently defend their software, arguing that it was all the fault of developers testing against IE6 and FF and calling it a day, so FF had ind of a "free pass" regarding Javascript compatibility, and that they had done everything humanely possible to take care of this issue.
Then out of the blue came Chrome with a totally different JS engine but for whatever reason it "just worked" on 95% of all sites, even at the very beginning. After that, Opera's level of compatibility did quickly improve up to a point where with version 11 it seems now to be 98% compatible with the web (Google apps excepted but I've read it's by design from the G team, is that true?). So it seems they did find a way to improve things once it was obvious that others were doing better - competition does look quite beneficial to the industry, doesn't it?
Plus Chrome did some real hardcore advertising, like giant posters in Paris subway and probably lots of other things I'm not aware of. I don't think any other browser ever did anything similar, or even any other piece of software as far as I know. The Google guys definitely have some capacity at moving the lines.
The problem of pollution in China is not restricted to solar energy, far from it; they dump a lot of nasty shit around with no regards for the population or the environment, this is the very basis of their economic "miracle". But regarding solar panels, I read earlier also that they used to use a lot of rare minerals and create toxic waste as a byproduct but that this is less and less the case with progress in technology (same thing here, too lazy to google it).
You have to take into account the amount of investments that have been poured in solar or generally speaking renewable energy and compare it to the same figure for nuclear. Basically the argument that "Fukishima was an old design and newer reactors won't have the same flaws" applies to renewable energy equally.
solar (nasty chemicals in the fabrication process)
Care to elaborate?
I remember an interview from a hacker, possibly the English guy who broke into the DoD servers looking for documents about UFOs, who was saying that while he was on the servers he noticed he was not alone, there were several other intruders there with him. The interview must probably be somewhere around on the Internet to be found if anybody cares. The possible motivations to penetrate networks and leave backdoors available there are just too many for me to bother enumerating them, especially for a foreign government or agency.
Yes, I will laugh as they ger raped in prison, because they are criminals.
Ok but consider one thing: imagine that your son would do something stupid one day, like selling 1g of hemp to a friend to help him out or crack into a government website for the lulz, and gets caught. He's a criminal now. Will you still be laughing as he gets raped in prison? If you answer "no", then you're definitely a stinking asshole and a filthy motherfucker, because you want harsh penalties for others but will beg for them not applied to you. And if you answer "yes", then you're definitely a stinking asshole and a filthy motherfucker. So now please take a good look in the mirror and say hello.
I see that many people here on /. seem very bitter and angry about those kids. First let me tell you that "laughing you ass off when they get raped in prison" only shows that you're a very mean and despicable individual. But apart from that those kind of hackers are really doing people a favor by exposing clearly to the general public how terrible the security of their personal data is. Rest assured that for every bragging Lulzsec there are ten quiet hackers from different governmental and criminal groups, silently collecting your data and placing back doors in your systems, and not saying a word about it. Without public exposure authorities and corporations will naturally do all they can to swipe the problem under the rug. The kind of very visible but mostly harmless actions from the likes of Lulzsec is what's necessary to have them move their ass and finally do something about the security issue. I for one see them more as the vaccine that will eventually help the Internet grow some real security than the hateful vandals that old grumps of your kind want to portray.
The estimate seem unreliable.
That the whole study is an obvious pile of stinking bullshit is the less politically correct way of saying it.
On paper: check.
That's ridiculous, of course the browser need to strive as much as it can to render correctly as many sites as possible; they're not here as a showcase of technology, they're here to be used as a tool.
I don't know about your issue, I don't seem to ever bump into it, however to me the one and only drawback with Opera is that there are still a number of web sites or web application that don't render correctly with it or plainly don't work at all. I considered switching to Chrome lately, which seems to be the only reasonable alternative, however I had to give up after spending two week fighting against the speed dial and fit-to-width extensions. I have resigned myself to using Opera mainly and fire Chrome or FF for the rare instances when Opera doesn't cut it. Not perfect but there doesn't seem to be any other way to go.
But I thought the magical invisible hand of the market would solve all problems and then make the coffee?
OMG but Wikileaks are terrists, haven't you heard? Why are you anti-America?
America you're a fucked up country, and you'll deserve what's coming to you. Sorry to have to say that.
It seems governments have realised that legislative oversight is a bit of a nuisance, and it's just easier to coerce and/or bribe big business to get what you want.
I think you have it the wrong way, I would rather say: "It seems big business have realised that legislative oversight is a bit of a nuisance, and it's just easier to coerce and/or bribe governments to get what you want." The push behind those schemes comes from copyright holders and they have the means do what is necessary to get to their goal.
No, privoxy doesn't count
The problem with adblock and conversely the advantage of privoxy is that it works with all of your browsers, so if you tend to use or need to use anything else than FF sometimes, adblock is not enough. It's possible that privoxy with default config lets a very few ads through although I don't really notice; the advantage is it's a two-click load/install process, then configure proxy in the browser, and never think about it afterwards.
Some small yet critical for some user website breaks in opera
This is the one and only problem with Opera, as I mentioned in another post above. If you start using Opera you won't ever want to use anything else, except you'll need to keep a second browser handy to access some sites that don't work with it. For instance for me currently Picasa doesn't work and Oracle sites are inaccessible using Opera, so I must use Chrome for these. These are not small sites, in fact they're essential to me, but their JS breaks Opera.
As a very long time Opera user, what I can say is that:
Opera is the perfect browser in any and all aspects (it's the fastest, the leanest and has the most well-thought and consistent UI) except for its one and only serious flaw: many applications and a few sites do not display correctly or even at all with it. There used to be quite a lot of sites that were unusable with Opera in the past, it looks like the dev team have made a lot of efforts in this respect lately and today those sites are much more limited, in fact I personally never come across one. However many applications that use lots of Javascript will not work with Opera and only with FF, just like in the past they used to only be coded for IE6.
This used to be a major problem with the browser and a point of heated debate with the dev team on the forums. The developers insist that the situation is due to the fact that application and site developers only test against FF, just as they only tested against IE6 before; basically FF has become the IE6 of the Internet. While this makes sense, it appeared that when Chrome came out it was quite a bit better in this area. My feeling is that since, possibly in fact because of the competition introduced by Chrome, they did quite a bit of improvement there and now many applications do work flawlessly with Opera (I can use for instance Oracle Enterprise Manager and Oracle BIEE in Opera now). However Picasa for instance doesn't seem to work currently (it used to though, which shows that it also depends on the application).
Regarding the competition:
So I once again fell back to Opera, and since they have apparently fixed most of the problems with JS compatibility it's all gravy. I reluctantly fire off Chrome sometimes (for Picasa for instance) and even (so help me) FF when some stupid web application require it. But quiting Opera when you know it would feel like switching from a Jaguar to a Trabant.
And in addition to that a distraction.
Hum interesting, although some of your claims seem a bit far-fetched. Obviously the guy could (would) be using the wifi point to communicate with a zombie through ssh or openvpn, so no way of sniffing the content of the traffic. Nonetheless as you mention the communication with the wifi router would still be visible, but would it be sufficient to pinpoint to the physical location of the laptop? I doubt it, especially in a city like London where you would most probably be part of a large compex of tiny flats.
But even so in the end this doesn't change the fact that the cops would find nothing on the laptop itself, not a single bit of evidence whatsoever. The IP address was not his, the MAC address neither. No a single clue on the hard drive. So all what would remain would be their conviction that "the signal seemed to roughly come from this general area". I don't think this would ever stand in front of a judge; in fact I don't think they would even bother prosecute with so little evidence.
Also I don't buy the story about Mi-5 breaking in the apartment and planting something on the laptop, this definitely looks too James Bondish to me. Anyway since the laptop drive would be encrypted there's not much they could do with it. Possibly plant some kind of physical key-logger somewhere, but again at this point this is not realistic any longer. In my opinion the situation at hand is much simpler, they caught some idiot with LOIC on his hard drive and called it a day. Also the guys at NSA/Mi-5 might have some powerful tools but I doubt they're using them chasing Lulzsec, they definitely have got much bigger fishes to fry. Interesting discussion nonetheless.
Ok thanks for the clarification.
Anyone who's actually interested could easily be a decent blackhat by 19.
Are you fucking kidding me? I could have been a decent blackhat at 14, and I'm definitely not the sharpest out there.
Oh look, here's an area of data on the hard drive that we can't decrypt using our forensic tools.
That's not how it works, a truecrypt shadow volume is indistinguishable from "no data at that particular location on the disk surface", that's its raison d'être.
I wonder how much of one another's real identity they know of. Pretty little I imagine, why would someone from such a group share any private detail with others?
Also correct me if this sounds too simplistic but I imagine the very first thing I'd do if I were from such a group would be to never connect from anything else than a neighbor's open or cracked wifi (with my dedicated hack station of course, I'd have plenty of normal traffic on the other ones). Is there really still much of a chance to get identified with such a basic security measure?
Now obviously in addition to that any related activity would take place from a shadow truecrypt volume or something like that.
Very probably, I imagine they would go something like "Well done old sport" and deal with it.