So then you forged a message so that it looked like it came from a second victim - and when their mailbox filled up it would bounce them back to the first victim.
Bounces are sent with a null envelope sender, so bounces don't get bounced (outside of the local mail system).
Re:A card is more than just a magnetic strip...
on
The Universal Card
·
· Score: 2, Informative
When a non-physical transaction goes frauduent, the credit card companies have to eat it.
Where did you get that idea? The merchant always loses, not the bank. The bank is more than happy to reverse the transaction and collect their chargeback fee.
Re:A card is more than just a magnetic strip...
on
The Universal Card
·
· Score: 1
(Reversed-by-complaint credit card transactions also carry steep penalty fees on the merchant side... the card issuing bank has to eat all fraudulently presented card cases.)
Wrong! The merchant eats it. Do you really think the banks are going to lose money? Haha. Merchants need Visa more than Visa needs them.
OpenBSD and BSD/OS have one (bsd_auth) that exec()s small helper programs which implement the actual auth methods. These helpers speak a little protocol to the library via stdio.
That sounds very similar to the checkpassword program and interface. Is that a coincidence?
7. UUNet gets really pissed that I bounce 1000 mails to abuse@uunet.com which didn't originate from their network (with some justification).
8. UUNet block all access from my class C to their servers.
[...]
Forward to 2004, I still can't send mail to uunet.com!
You willfully sent them 1000 spam messages that had nothing to do with them to their abuse role account, so they blocked you from mailing them. Sounds reasonable to me.
It's not downloading and doing a separate install that's a problem
Actually, that is the problem for me. I don't care how "free" it is as long as I can download it freely and install it. Java is not free enough for that and thus can't be installed via ports without manually downloading the JDK. That sucks and I won't use Java because of it.
I'm pragmatic when it comes to software. If Java was the perfect programming language, I would use it. But it's not, and there are other free languages that do the same job, so I don't need to put up with the hassle of installing Java.
Not a flame (seriously), but what is the big deal about downloading java and doing a separate install? I've done it lots of times and it's easy enough.
It's a big deal because it's pain to have to do something non-standard to install software. I work with at least a dozen servers on a regular basis. When I need to install a new server, do I want to have to remember how to install Java, or do I simply do a cd/usr/ports/lang/python && make install clean?
Downloading Java for use on FreeBSD is not as simple as fetching a URL. You have to agree to a click through confirmation on Sun's website, which last I checked only works in one of three text mode browsers (links, lynx, w3m), but I don't remember which. Should I need to install a web browser to install Java? Why put up with that when I can install other languages using the standard install method?
To top the entire situation off, GoDaddy charged me a $250 fee to get my domain name back! I am now looking to transfer my domain names to a new registrar, so time to start looking - and time to start considering legal action.
I highly recommend directNIC.com. They have a great interface, great customer service, good prices and most importantly, they don't pull crap like that. There is a reason why so many adult companies register their domains through them. Of course, they are great for anyone, but they certainly don't shut off your domain because of a few spam complaints.
You think the Linux world is any different? VMWare came out with a great product and the next day there were 39 different Open Source virtualizers coming out.
Who cares? People still buy VMware because the open source equivalents pale in comparison. It is likely that VMware will always be better than free alternatives. And if they can't keep up, then they deserve to lose out.
Credit card fraud is a much, much bigger problem, but the banks invariably cover the victim's losses and call it the cost of doing business
Wrong! Any charged back transactions are paid by the merchant, not the bank. To make matters worse, merchants also pay a chargeback fee in addition to losing the original sale amount.
Some of us probably want to hear what features it had that NSIS didn't.
InnoSetup is VERY easy to use. It has a program that writes the config file for you. You can go from installing InnoSetup to having a perfectly working installer in under ten mintes. A disadvantage over NSIS is that the installer size overhead is much greater.
Fortunately, you can't necessarily just "waive your rights" to protection under law, no matter what you sign. I'd be skeptical about PayPal's ability to enforce that one.
PayPal can't directly enforce it. But they can close your PayPal account and keep you from ever opening a new one. They could also bill you for what you owe them, send it to collections or take you to court.
Other than as an amusing tool to utterly confuse any but the most advanced developers, continuations are probably only useful for coroutines, and coroutines are mostly useful for iterator generators, which recent versions of Python have generators nicely packaged in an easy-to-understand syntax (the yield statement).
Continuations are also incredibly useful for massively scalable network applications. They are arguably the best way to write them, in terms of code readability and performance.
The Ruby version is half the length of the Python one, and much more readable. "sys.stdout.write" manages to be both verbose and full of idiosyncratic abbreviations.
you do realize there is a 2-hour radio delay between here and mars, correct?
Wrong. At the farthest possible distance (where it wouldn't be possible to communicate anyway because the sun is in the way), Earth and Mars are ~21 minutes away.
through Zshell (a old exploit of a hardware bug that allowed you to run assembly)
It wasn't a hardware bug, and in fact, wasn't a bug at all. An entry in the custom menu contains a pointer to a memory location, which gets executed when the entry is selected. The menu entry for ZShell (or whatever shell) gets setup using a hacked backup file.
One of the big problems is that you'd just be tying it to a PID or program name, not a particular executable. In other words, if you allowed "mozilla", an attacker could write his own executable called "mozilla" and it'd still be allowed through.
That's why you would use/usr/local/bin/mozilla and not just mozilla.
Slashdot Mirror
So then you forged a message so that it looked like it came from a second victim - and when their mailbox filled up it would bounce them back to the first victim.
Bounces are sent with a null envelope sender, so bounces don't get bounced (outside of the local mail system).
When a non-physical transaction goes frauduent, the credit card companies have to eat it.
Where did you get that idea? The merchant always loses, not the bank. The bank is more than happy to reverse the transaction and collect their chargeback fee.
(Reversed-by-complaint credit card transactions also carry steep penalty fees on the merchant side... the card issuing bank has to eat all fraudulently presented card cases.)
Wrong! The merchant eats it. Do you really think the banks are going to lose money? Haha. Merchants need Visa more than Visa needs them.
OpenBSD and BSD/OS have one (bsd_auth) that exec()s small helper programs which implement the actual auth methods. These helpers speak a little protocol to the library via stdio.
That sounds very similar to the checkpassword program and interface. Is that a coincidence?
7. UUNet gets really pissed that I bounce 1000 mails to abuse@uunet.com which didn't originate from their network (with some justification).
8. UUNet block all access from my class C to their servers.
[...]
Forward to 2004, I still can't send mail to uunet.com!
You willfully sent them 1000 spam messages that had nothing to do with them to their abuse role account, so they blocked you from mailing them. Sounds reasonable to me.
It's not downloading and doing a separate install that's a problem
Actually, that is the problem for me. I don't care how "free" it is as long as I can download it freely and install it. Java is not free enough for that and thus can't be installed via ports without manually downloading the JDK. That sucks and I won't use Java because of it.
I'm pragmatic when it comes to software. If Java was the perfect programming language, I would use it. But it's not, and there are other free languages that do the same job, so I don't need to put up with the hassle of installing Java.
Not a flame (seriously), but what is the big deal about downloading java and doing a separate install? I've done it lots of times and it's easy enough.
/usr/ports/lang/python && make install clean?
It's a big deal because it's pain to have to do something non-standard to install software. I work with at least a dozen servers on a regular basis. When I need to install a new server, do I want to have to remember how to install Java, or do I simply do a cd
Downloading Java for use on FreeBSD is not as simple as fetching a URL. You have to agree to a click through confirmation on Sun's website, which last I checked only works in one of three text mode browsers (links, lynx, w3m), but I don't remember which. Should I need to install a web browser to install Java? Why put up with that when I can install other languages using the standard install method?
For my needs and preferences, Java is "free enough". Anyone who ever has turned Java down in favor of something else, because it is not free?
I have. It's not free enough to be included with Debian or FreeBSD.
To top the entire situation off, GoDaddy charged me a $250 fee to get my domain name back! I am now looking to transfer my domain names to a new registrar, so time to start looking - and time to start considering legal action.
I highly recommend directNIC.com. They have a great interface, great customer service, good prices and most importantly, they don't pull crap like that. There is a reason why so many adult companies register their domains through them. Of course, they are great for anyone, but they certainly don't shut off your domain because of a few spam complaints.
You think the Linux world is any different? VMWare came out with a great product and the next day there were 39 different Open Source virtualizers coming out.
Who cares? People still buy VMware because the open source equivalents pale in comparison. It is likely that VMware will always be better than free alternatives. And if they can't keep up, then they deserve to lose out.
Credit card fraud is a much, much bigger problem, but the banks invariably cover the victim's losses and call it the cost of doing business
Wrong! Any charged back transactions are paid by the merchant, not the bank. To make matters worse, merchants also pay a chargeback fee in addition to losing the original sale amount.
Some of us probably want to hear what features it had that NSIS didn't.
InnoSetup is VERY easy to use. It has a program that writes the config file for you. You can go from installing InnoSetup to having a perfectly working installer in under ten mintes. A disadvantage over NSIS is that the installer size overhead is much greater.
Fortunately, you can't necessarily just "waive your rights" to protection under law, no matter what you sign. I'd be skeptical about PayPal's ability to enforce that one.
PayPal can't directly enforce it. But they can close your PayPal account and keep you from ever opening a new one. They could also bill you for what you owe them, send it to collections or take you to court.
Other than as an amusing tool to utterly confuse any but the most advanced developers, continuations are probably only useful for coroutines, and coroutines are mostly useful for iterator generators, which recent versions of Python have generators nicely packaged in an easy-to-understand syntax (the yield statement).
Continuations are also incredibly useful for massively scalable network applications. They are arguably the best way to write them, in terms of code readability and performance.
The Ruby version is half the length of the Python one, and much more readable. "sys.stdout.write" manages to be both verbose and full of idiosyncratic abbreviations.
[print k+' -> '+v for k,v in adict.items()]
Nice repost of comment #7034877.
you do realize there is a 2-hour radio delay between here and mars, correct?
Wrong. At the farthest possible distance (where it wouldn't be possible to communicate anyway because the sun is in the way), Earth and Mars are ~21 minutes away.
Don't get me wrong, i think the OSS method of security works much better, but ANY time someone brings it up, the only counter example is apache.
BIND
Sendmail
WU-FTPD
I can't get the DOS version of Duke Nukem to run in Windows XP.
Duke3d_w32
through Zshell (a old exploit of a hardware bug that allowed you to run assembly)
t
It wasn't a hardware bug, and in fact, wasn't a bug at all. An entry in the custom menu contains a pointer to a memory location, which gets executed when the entry is selected. The menu entry for ZShell (or whatever shell) gets setup using a hacked backup file.
This is the document that started it all:
http://www.ticalc.org/pub/text/calcinfo/85hack.tx
One of the big problems is that you'd just be tying it to a PID or program name, not a particular executable. In other words, if you allowed "mozilla", an attacker could write his own executable called "mozilla" and it'd still be allowed through.
/usr/local/bin/mozilla and not just mozilla.
That's why you would use
if you go the ROTC route ... you'll also start with a higher rank then if you just enlisted
That's very misleading. If you go the ROTC route, you'll go in as an officer. That is entirely different from being enlisted.
Zounds. Can we expand Godwin's law to Al Queda?
I had exactly the same thought when I read that.
So your delay somehow works on the reciving MTA, not the sending MTA? Please explain.
Very simple. The receiving MTA simply pauses after a certain command, such as the RCPT command, forcing the sender to wait.
If you have have a second system to run as a slave that may work. In quite a few realworld(tm) situations you don't have that luxury.
Then run a second copy of MySQL on the same machine.