So you think your company is bad about security. The company just wants to make money. How could exploiting the lack of security surrounding what your company does affect the bottom line? What about lawsuits? Could your code be sold and used by a company, and when a security hole in your software is used and that company's customer data is stolen, is your company liable?
Figure out how to show your managers how to improve the bottom line, or to prevent losses, and you'll hopefully see a change.
Maybe even offer to branch a "hardened" version of your service/software, if that's the business you are in, for more money, improving the bottom line.
I went to the site to try to download the X11 version 2.4.0 but it is not there. I get an error. What's up with that? Anyone else finding problems (or success) in getting 2.4.0 for OSX? Even the x11 version?
How do you know your phone service has never been out in 60 years? Do you monitor it? How many calls a day do you make? Are you home 24/7 and do you use the phone all the time, as in more than 10,000 minutes per month?
Sure, you've never been affected by an outage of your phone service, but that doesn't mean it hasn't been out of service ever.
Plus, you pay for it too. At $30-40/month per line, you expect minimal outages. When you are paying $30/year or even nothing, a two day outage, while annoying, isn't surprising, especially when operated on a public network. Your phone line is on a private, dedicated network. You simply can't compare the two when it comes to uptime.
If all of Skype's customers paid $30-40/month, I'm much more confident that they wouldn't have had this outage.
Virtualization I'm sure has an effect on the numbers. I installed Vista on my MacBook Pro. I don't use it very often, but I did install it. I still have a MBP, I still run OSX day to day.
Numbers these days are becoming less and less useful as virtualization use increases. Just like "hits" or page views for web sites is less and less useful a number due to AJAX. Show us some numbers that mean something.
I had a developer build a windows-based tool that extracted the data from a Peachtree install into mysql, so I could write web-based tools for my client. He did fine, and I was pretty happy with the product. The only problem is that RAC seems to stay in between the coder and the client, making communication difficult sometimes. But it worked out for both me and my client.
I can see how RAC could be more of a pain in the butt for more complex things, both for the coder and the client. RAC seems ideal for small, one-off jobs. Once the relationship is made, you could exclude RAC and deal with the coder/client directly. Of course, you lose some of the protections RAC offers, but if you have a good relationship, you should be able to handle that yourself, expecially if RAC arbitration is not very fair.
Tossable Digits provides a disposable phone number that allows YOU to control who calls and when. It's cheap and does what you want it to -- control calling.
TossableDigits.com
I knew CmdrTaco before he started slashdot. While I know Kathleen thinks he's a god (and well, he is) he isn't really all that photogenic. I don't think a signed photograph of CmdrTaco is really worth as much or more than an Alienware laptop. Sorry man.:-) You know I love ya. heh.
My pager went off at 1:48am EDT. Was able to get to my boxes from my Verizon connection, but couldn't get to other hosts via L3. Put in a ticket at 2:15am that L3 was having problems. Stupid L3 sucking woke me up. Grrrr.
MySQL supports Native Clustering over 100mbps/1gbps ethernet. It's like RAID, only you are using PCs instead of disks. You can add storage nodes as you grow (storage node == cheap PC with lots of memory).
Here's the setup:
2+ front end SQL boxes -- run all your SQL queries here. I _believe_ you store the full DB on disk here, but maybe you store it on the storage nodes.
3+ storage nodes -- the data resides here, in memory. You need 40GB? 8GB memory in 6 storage nodes will do ya. (giving you 8GB to grow)
1 back end administration machine, doesn't have to be 100% for this task, but should be highly available.
This way if one of your SQL boxes goes down, there is a second (or more) to cover. If one of your storage nodes goes down, you have enough to cover. Just like RAID baby, except for databases.
Why build it yourself when you could use an existing system to do it for you?
Though I might not store the images in the DB, it is a possibility...
Why not teach the Police about the idea with the flash mob, and start using that to deploy forces? Build in some hierarchy of some sort, but really, if we can do it, why can't they?
Right now, I can walk to the DC Metro, slap my whole wallet on the reader, and it gets the correct signal, and deducts my account.
If I could rub my crotch against this reader, have the reader ask:
Which card would you like to use?
* MBNA Mastercard
* BofA Visa (Checkcard)
* Citibank Visa
so I'd never have to take cards out of my wallet? That would rule. In addition, you could probably build a system where a single chip could store (encrypted, with the challenge-response system purported/suggested to be used in this case) all my cards, so I could carry a single mini card on my keychain, that would rock. Of course, I would want a master pin that would give me access to my cards, so that even if my card was stolen, they couldn't use it without knowing the pin.
I have an issue with IP based calls. Now granted, Sprint may not stop/reduce the number of packets sent when I'm not talking, or there is a pause in the conversation, but I HATE it when I can't hear the background noise -- the ambient noise that always occurs on the other end. Stuff like another person saying something. Analog? I can hear them. Digital/IP? Most times either I don't know the call is being IP packetized, or I hear absolute silence and then maybe it cuts in. It's like a friggin' speakerphone.
If Sprint goes IP (and maybe a lot of other providers already have too) I sure hope they don't do compression of the signal to the point where I hear nothing (not even ambient noise).
I still think analog is better -- audiophiles will agree.
Have you sued the spammers? I've written a database for myself that keeps track of the spam I receive. Since May 2002, I've gotten 20,000+ spams.
I filed a suit against PrintPal in VA (great spam laws for ISPs and consumers alike) and won. However, getting my judgment registered in Oregon is a bit more of a pain, and PrintPal is being difficult.
Do you think a grass-roots onslaught of hundreds or thousands of these smaller lawsuits ($300-800) against the companies who are advertising (not the spam sender) will help to reduce spam enough to make the effort worthwhile?
The $7M lawsuits against spammers by Verizon don't seem to make a real impact.
I think PHP is great, better than perl, for web-based programming. Perl is nice and powerful and all, but PHP was written AFAIK for web applications. It supports good, Perl-based RE string parsing, an file open function which supports URLs, and best of all, many of the functions that deal with HTML, databases and the web specifically are built-in. Such as "htmlentities()" which changes a string to an HTML entities (& -> &).
Almost all the popular databases are supported (granted they are either dynamically loaded or compiled in). MySQL, Postgres, Sybase, Oracle, ODBC and others.
Honestly, outside of the web applications, I don't see PHP as a strong language. But I do find PHP's speed and simplicity to be a strong point, and the fact that I can tune it and play with it so as to scale well makes me even happier about it. Plus, if well written, it's pretty secure. At least I've never had any problems with it being any more or less insecure than well-written Perl.
I won a judgment against Printpal.com (owned by Piggyback.com, Inc) in Oregon from VA for $580 plus court costs ($43)! I am in the process of collecting it. Check it out:
I hope to offer a service soon that will help VA residents (and other states which have anti-spam laws) sue spammers. If we can all do our part, thousands of lawsuits against spammers will get them to stop!
Sugar cane processing produces this distilled alcohol. That's great that is is cheaper than gasoline NOW, but what happens when the demand increases? Let's say someone builds a distilled alcohol passenger plane. Demand increases for distilled alcohol. All of a sudden, demand for distilled alcohol creates a demand for more sugar and thus more sugar cane. Sugar cane growth is limited by the land and regions it can be grown. And growing it takes some time, so there is an increase in demand and supply stays the same. Distilled alcohol prices rise above gasoline quickly and all of a sudden the whole distilled alcohol plane is starting to cost you MORE than the gasoline did.
Sure, gasoline refining takes time. And the oil it is made from took thousands/millions of years to create, and it is limited (we haven't planted future oil fields!). Growing sugar cane and letting it ferment and then distilling the alcohol from it takes time too.
Diesel cars used to be hot in the early 80's because diesel was so much cheaper than unleaded or regular. Economics screwed that up because diesel cars got to be big enough that regular gas stations (not just truck stops) started to carry diesel. That increased the gas stations cost, and thus raised the price of diesel to the same or higher levels compared to unleaded.
I don't see how, in the long run, this will save the world.
I get approximately 4 calls from marketers a day. I work from home, which is how I know. One system calls me 5-6 times a week, is from "Out of Area," I cannot call-trace it (*57 here, DC/Virginia), and the phone company says I have to pay them $5/month to make them stop. I cannot ask them to put me on a DNC (do not call) list because nobody ever answers, it's just an empty line for 5 seconds then it clicks to a dial tone. When callers who ARE human do call, I ask to be put on their DNC list AFTER I get the name, address, phone number and all sorts of other information so I can sue them later.
It really is a problem in the US, espcially here in the Washington DC area.
I don't want to know that the disk is copy-protected, I want a disk that IS NOT copy-protected, DRMed or screwed in any way to attempt to prevent me from making a copy for personal use. I also don't want DRM or copy-protection schemes built into the hardware I buy to play my copies on. I'd much rather pay additional fees in my media and components (as I already do) than be prevented (in some way someone will break) from making a copy.
Bastards. "1 million movies a day" -- Jack "Stupid" Valenti.
I want contact list, exportable and importable in any which way intelligently, a calendar with alerts, and that's about it. I don't need apps like SSH and IMAP and crap. If I can make calls that sound good, look up contacts, call people and get alerts for calendar events, that's enough. And enough memory so I don't have to delete old events to add new ones!
Lawyers will usually not charge you for an initial consultation. If you are upfront with them, tell them your situation, they'll usually spend 10 or 20 minutes with you and decide if you might need their services or not. If they say you do, they'll most likely ask for a retainer of some sort. Depending on how serious the lawyer believes your situation to be, it could be between $1,000 and $5,000. On top of the retainer, you have to pay the fees they bill until you "close your account" with them.
Some smaller lawyers will just bill against the retainer, while larger firms will require payment in addition to the retainer, but will return the retainer in full at your request when you close an account with them.
Most lawyers charge between $150-$300 an hour unless it is a case where they believe you will win a settlement (in this case, it doesn't seem so; however, you might be able to get lawyer fees if you need to sue if the CEO sues).
IANAL, but I'm married to one and had to use some for my old business.
Just go look up a lawyer or get a referal (highly recommended) and see what they say. They'll know better than any of us on slashdot (unless they are lawyers).
With the beautiful folk at OSDN, you have sourceForge and Freshmeat. Someone will create a open-sourced solution to all of this. You download it, install it on your server, and voila. You have your profiles stored on your own server which you control.
So you are not a geek? Text-based stuff shouldn't be too network heavy; I would forsee a few donation-supported sites, or even ISPs who will host your info for you. It's all easily downloaded to your local machine in XML format, so you can change providers easily and quickly.
Why do we have to use.net for this stuff? Build a standard, use it, build open-source software for it, and allow people to run their own if they are security conscious. But I don't want to give my info to Liberty,.Net or.Mac frankly, I'd rather set up a server for me, my friends and family. If every geek did this for their small subset of friends and family, everyone would be taken care of!
Slashdot Mirror
So you think your company is bad about security. The company just wants to make money. How could exploiting the lack of security surrounding what your company does affect the bottom line? What about lawsuits? Could your code be sold and used by a company, and when a security hole in your software is used and that company's customer data is stolen, is your company liable?
Figure out how to show your managers how to improve the bottom line, or to prevent losses, and you'll hopefully see a change.
Maybe even offer to branch a "hardened" version of your service/software, if that's the business you are in, for more money, improving the bottom line.
I went to the site to try to download the X11 version 2.4.0 but it is not there. I get an error. What's up with that? Anyone else finding problems (or success) in getting 2.4.0 for OSX? Even the x11 version?
How do you know your phone service has never been out in 60 years? Do you monitor it? How many calls a day do you make? Are you home 24/7 and do you use the phone all the time, as in more than 10,000 minutes per month?
Sure, you've never been affected by an outage of your phone service, but that doesn't mean it hasn't been out of service ever.
Plus, you pay for it too. At $30-40/month per line, you expect minimal outages. When you are paying $30/year or even nothing, a two day outage, while annoying, isn't surprising, especially when operated on a public network. Your phone line is on a private, dedicated network. You simply can't compare the two when it comes to uptime.
If all of Skype's customers paid $30-40/month, I'm much more confident that they wouldn't have had this outage.
I LOVE mootools. I've tried others, and mootools is the best.
Virtualization I'm sure has an effect on the numbers. I installed Vista on my MacBook Pro. I don't use it very often, but I did install it. I still have a MBP, I still run OSX day to day.
Numbers these days are becoming less and less useful as virtualization use increases. Just like "hits" or page views for web sites is less and less useful a number due to AJAX. Show us some numbers that mean something.
I had a developer build a windows-based tool that extracted the data from a Peachtree install into mysql, so I could write web-based tools for my client. He did fine, and I was pretty happy with the product. The only problem is that RAC seems to stay in between the coder and the client, making communication difficult sometimes. But it worked out for both me and my client.
I can see how RAC could be more of a pain in the butt for more complex things, both for the coder and the client. RAC seems ideal for small, one-off jobs. Once the relationship is made, you could exclude RAC and deal with the coder/client directly. Of course, you lose some of the protections RAC offers, but if you have a good relationship, you should be able to handle that yourself, expecially if RAC arbitration is not very fair.
Tossable Digits provides a disposable phone number that allows YOU to control who calls and when. It's cheap and does what you want it to -- control calling. TossableDigits.com
I knew CmdrTaco before he started slashdot. While I know Kathleen thinks he's a god (and well, he is) he isn't really all that photogenic. I don't think a signed photograph of CmdrTaco is really worth as much or more than an Alienware laptop. Sorry man. :-) You know I love ya. heh.
My pager went off at 1:48am EDT. Was able to get to my boxes from my Verizon connection, but couldn't get to other hosts via L3. Put in a ticket at 2:15am that L3 was having problems. Stupid L3 sucking woke me up. Grrrr.
MySQL supports Native Clustering over 100mbps/1gbps ethernet. It's like RAID, only you are using PCs instead of disks. You can add storage nodes as you grow (storage node == cheap PC with lots of memory).
Here's the setup:
2+ front end SQL boxes -- run all your SQL queries here. I _believe_ you store the full DB on disk here, but maybe you store it on the storage nodes.
3+ storage nodes -- the data resides here, in memory. You need 40GB? 8GB memory in 6 storage nodes will do ya. (giving you 8GB to grow)
1 back end administration machine, doesn't have to be 100% for this task, but should be highly available.
This way if one of your SQL boxes goes down, there is a second (or more) to cover. If one of your storage nodes goes down, you have enough to cover. Just like RAID baby, except for databases.
Why build it yourself when you could use an existing system to do it for you?
Though I might not store the images in the DB, it is a possibility...
Why not teach the Police about the idea with the flash mob, and start using that to deploy forces? Build in some hierarchy of some sort, but really, if we can do it, why can't they?
Right now, I can walk to the DC Metro, slap my whole wallet on the reader, and it gets the correct signal, and deducts my account.
If I could rub my crotch against this reader, have the reader ask:
Which card would you like to use?
* MBNA Mastercard
* BofA Visa (Checkcard)
* Citibank Visa
so I'd never have to take cards out of my wallet? That would rule. In addition, you could probably build a system where a single chip could store (encrypted, with the challenge-response system purported/suggested to be used in this case) all my cards, so I could carry a single mini card on my keychain, that would rock. Of course, I would want a master pin that would give me access to my cards, so that even if my card was stolen, they couldn't use it without knowing the pin.
If they can get there, then I'm in.
I have an issue with IP based calls. Now granted, Sprint may not stop/reduce the number of packets sent when I'm not talking, or there is a pause in the conversation, but I HATE it when I can't hear the background noise -- the ambient noise that always occurs on the other end. Stuff like another person saying something. Analog? I can hear them. Digital/IP? Most times either I don't know the call is being IP packetized, or I hear absolute silence and then maybe it cuts in. It's like a friggin' speakerphone.
If Sprint goes IP (and maybe a lot of other providers already have too) I sure hope they don't do compression of the signal to the point where I hear nothing (not even ambient noise).
I still think analog is better -- audiophiles will agree.
... for the simple reason that if I were there first, I would piss on it.
Ironic that a watch that detects atomic particles in the air can't set itself via the US atomic clock...
Barry --
Have you sued the spammers? I've written a database for myself that keeps track of the spam I receive. Since May 2002, I've gotten 20,000+ spams.
I filed a suit against PrintPal in VA (great spam laws for ISPs and consumers alike) and won. However, getting my judgment registered in Oregon is a bit more of a pain, and PrintPal is being difficult.
Do you think a grass-roots onslaught of hundreds or thousands of these smaller lawsuits ($300-800) against the companies who are advertising (not the spam sender) will help to reduce spam enough to make the effort worthwhile?
The $7M lawsuits against spammers by Verizon don't seem to make a real impact.
I think PHP is great, better than perl, for web-based programming. Perl is nice and powerful and all, but PHP was written AFAIK for web applications. It supports good, Perl-based RE string parsing, an file open function which supports URLs, and best of all, many of the functions that deal with HTML, databases and the web specifically are built-in. Such as "htmlentities()" which changes a string to an HTML entities (& -> &).
Almost all the popular databases are supported (granted they are either dynamically loaded or compiled in). MySQL, Postgres, Sybase, Oracle, ODBC and others.
Honestly, outside of the web applications, I don't see PHP as a strong language. But I do find PHP's speed and simplicity to be a strong point, and the fact that I can tune it and play with it so as to scale well makes me even happier about it. Plus, if well written, it's pretty secure. At least I've never had any problems with it being any more or less insecure than well-written Perl.
I won a judgment against Printpal.com (owned by Piggyback.com, Inc) in Oregon from VA for $580 plus court costs ($43)! I am in the process of collecting it. Check it out:
http://purplecow.com/vaspam/
I hope to offer a service soon that will help VA residents (and other states which have anti-spam laws) sue spammers. If we can all do our part, thousands of lawsuits against spammers will get them to stop!
Sugar cane processing produces this distilled alcohol. That's great that is is cheaper than gasoline NOW, but what happens when the demand increases? Let's say someone builds a distilled alcohol passenger plane. Demand increases for distilled alcohol. All of a sudden, demand for distilled alcohol creates a demand for more sugar and thus more sugar cane. Sugar cane growth is limited by the land and regions it can be grown. And growing it takes some time, so there is an increase in demand and supply stays the same. Distilled alcohol prices rise above gasoline quickly and all of a sudden the whole distilled alcohol plane is starting to cost you MORE than the gasoline did.
Sure, gasoline refining takes time. And the oil it is made from took thousands/millions of years to create, and it is limited (we haven't planted future oil fields!). Growing sugar cane and letting it ferment and then distilling the alcohol from it takes time too.
Diesel cars used to be hot in the early 80's because diesel was so much cheaper than unleaded or regular. Economics screwed that up because diesel cars got to be big enough that regular gas stations (not just truck stops) started to carry diesel. That increased the gas stations cost, and thus raised the price of diesel to the same or higher levels compared to unleaded.
I don't see how, in the long run, this will save the world.
I get approximately 4 calls from marketers a day. I work from home, which is how I know. One system calls me 5-6 times a week, is from "Out of Area," I cannot call-trace it (*57 here, DC/Virginia), and the phone company says I have to pay them $5/month to make them stop. I cannot ask them to put me on a DNC (do not call) list because nobody ever answers, it's just an empty line for 5 seconds then it clicks to a dial tone. When callers who ARE human do call, I ask to be put on their DNC list AFTER I get the name, address, phone number and all sorts of other information so I can sue them later.
It really is a problem in the US, espcially here in the Washington DC area.
I don't want to know that the disk is copy-protected, I want a disk that IS NOT copy-protected, DRMed or screwed in any way to attempt to prevent me from making a copy for personal use. I also don't want DRM or copy-protection schemes built into the hardware I buy to play my copies on. I'd much rather pay additional fees in my media and components (as I already do) than be prevented (in some way someone will break) from making a copy.
Bastards. "1 million movies a day" -- Jack "Stupid" Valenti.
I want contact list, exportable and importable in any which way intelligently, a calendar with alerts, and that's about it. I don't need apps like SSH and IMAP and crap. If I can make calls that sound good, look up contacts, call people and get alerts for calendar events, that's enough. And enough memory so I don't have to delete old events to add new ones!
Lawyers will usually not charge you for an initial consultation. If you are upfront with them, tell them your situation, they'll usually spend 10 or 20 minutes with you and decide if you might need their services or not. If they say you do, they'll most likely ask for a retainer of some sort. Depending on how serious the lawyer believes your situation to be, it could be between $1,000 and $5,000. On top of the retainer, you have to pay the fees they bill until you "close your account" with them.
Some smaller lawyers will just bill against the retainer, while larger firms will require payment in addition to the retainer, but will return the retainer in full at your request when you close an account with them.
Most lawyers charge between $150-$300 an hour unless it is a case where they believe you will win a settlement (in this case, it doesn't seem so; however, you might be able to get lawyer fees if you need to sue if the CEO sues).
IANAL, but I'm married to one and had to use some for my old business.
Just go look up a lawyer or get a referal (highly recommended) and see what they say. They'll know better than any of us on slashdot (unless they are lawyers).
With the beautiful folk at OSDN, you have sourceForge and Freshmeat. Someone will create a open-sourced solution to all of this. You download it, install it on your server, and voila. You have your profiles stored on your own server which you control.
.net for this stuff? Build a standard, use it, build open-source software for it, and allow people to run their own if they are security conscious. But I don't want to give my info to Liberty, .Net or .Mac frankly, I'd rather set up a server for me, my friends and family. If every geek did this for their small subset of friends and family, everyone would be taken care of!
So you are not a geek? Text-based stuff shouldn't be too network heavy; I would forsee a few donation-supported sites, or even ISPs who will host your info for you. It's all easily downloaded to your local machine in XML format, so you can change providers easily and quickly.
Why do we have to use
1...2...3...4...6..9....30..laskdf has it been 20 seconds yet? Why do I have to wait?
Poop.