Re: Sites also a problem
I usually go for Shift-Insert first, failing that using a built-in web debugger.
90 posts • joined 18 Oct 2007
I usually go for Shift-Insert first, failing that using a built-in web debugger.
Received emails from old BT Yahoo! accounts suggesting a password reset recently, a little surprised to find they were still active. Rather bothersome to have relative's actual security answers out in the wild now, just re-enforcing my view that they should always be made-up.
In addition to http://www.openstreetmap.org/#map=14/52.0745/0.1964&layers=N
Since the Romanian entry is in my top 5 from this year’s contenders. Oh well, could just be seen as not making it through the semi-finals like 21 other countries.
What's disgraceful are the sites that don't allow passwords to be set up from any Unicode characters of any length. Worse still the ones that allow you to set a password but then only log in with the DB clipped 15 characters of it. Particularly bothersome has been BBC ID and UK GOV, where passwords have to be downgraded to work through mobile authentication. I keep notes on the rejected characters and weird rules for the various sites. I'm also developing a new system with proper client and server-side salted hashing and SSL/TLS.
Edge still feels like an under development browser. It currently breaks our major work web portals unlike any other browser out there, even with feature detection and sane browser sniffing where utterly necessary. An irritating one for me is client-side XSLT outputting Document instead of XmlDocument from a transform to XML.
It's worth pointing out that OpenStreetMap's coverage of speed limits is very much a work in progress. That significantly affects the routing decisions of satellite navigation using its data. Most of the time it works well enough, but there are roads that without tagging are presumed to be 60 mph but are likely a lower limit in reality.
For some reason Apple took the weird decision to only use years out of date OpenStreetMap data and then only use it partially.
My favourite problem with Santander is the ever increasing page height in Firefox as they add div upon div to the page every second. Even though I pointed it out to them, twice, over a year I suspect that's still there.
So, had he just locked his desktop like any sane employee then he’d have got away with it?
Why bother with SSIDs when the MAC address is available and far more unique?
Erm, shouldn’t resetting security on an account cause a new password to be in place and thus wouldn’t the celebritards notice fairly swiftly that something’s up?
1. Map updates aren't free
2. Updates aren't available to older kit
3. Map reports take years to get fixed
Solution? Something that's free to use, quick to fix and non-proprietary. OpenStreetMap comes to mind, but there's still a few years to go before it has complete UK road network coverage.
Is it me or have the number of Flash security updates dropped off over the last few months?
There was no backdoor, Google just spidered the links mentioned at http://lolhax.org/2011/12/03/can-you-crack-it/#more-114 (warning: contains answer and solution technique)
Disappointingly this is not the version in which an official 64-bit release becomes available, as https://bugzilla.mozilla.org/show_bug.cgi?id=471090 illustrates. Flash 64-bit? Check. Java 64-bit? Check. Performance gain? erm… Roll on 20th December (for Fx9).
If only OpenStreetMap.org was up to the job.
Proof positive that Apple care about your security.
If an exploit can run as administrator surely there are bigger problems to be concerned about?
Actually the modern OS GPS sticks have sub-millimeter precision using OS' own radio broadcast network of around 85 high frequency stations from known positions.
Can someone enlighten me?
Whether Adobe are in it with the crooks.
Contactless payment with no authorisation for transactions under £15 GBP means no inserting card into a specific slot, no typing in a PIN number followed by an entry key, probably quicker than cash too.
The real failure was the Scottish Qualifications Authority in providing dates as string format. What happens next time when SQA fills in the spreadsheet with a different date format? Presumably the person doing the import has been spoken to, and perhaps their import tool changed to warn of unexpected data rather than going ahead blindly with defaults.
I advise a full system image clone before touching Diskeeper, due to fond memories of it corrupting NTFS’ Master File Table.
Another instance of 'Ok', which reads in my mind as 'Ock'. It should either be the word "Okay" or the short form "OK".
13 years of patches to XP and Microsoft still reckon it will need patching in 2014? Yet stopping the release of security patches via Windows Update will surely reduce the number of active exploits since there’ll be nothing to reverse-engineer.
What happened to the $166,501 that would have otherwise meant a sum of $40 million USD? I suspect someone already has their yacht.
£500 per month for 48 months = £24,000 - but I can't help but foresee a technically superior vehicle with greater range and affordability coming to market within those same 4 years.
Time for a new email address :(
A greasemonkey script at http://userscripts.org/scripts/show/29651 does just that for me :)
I would prefer to see less fatal accidents as a result of drivers falling asleep or drifting into the path of oncoming traffic due to distraction. The technology aids are primarily there to enhance safety for those brief moments where they can make a worthwhile intervention.
One for my car, one for my house - but I usually only ever carry one at a time.
I long for a future where my phone can provide access to house, transport and small payments for that magical key-less future.
I've uninstalled Flash entirely (and disabled Chrome's built-in Flash too). Roll on Firefox 4 and WebM HTML5 codec support.
If you want start up speed go for Chrome. If you want standards then opt for Opera. If you want IE then see a clinical psychologist.
I'm not sure <60% market share counts as 'almost everyone' any more.
Most users think IE is 'the internet', the blue E. Making them aware that other browsers exist is a good thing. It will certainly make people consider why they are using IE. Claiming that IE should continue to be used while also stating that systems don't work with IE8 is madness itself. If the vendors lock you in to IE but don't support the latest recommended release then should you be using those vendors at all? Is it really so hard to create web systems that make use of, erm, standards? Most credible developers have been coding to standards and then IE as an exception for quite some time. They hate that latter part, and lack of interoperability.
With the notification I got when running Firefox as standard user about the patch being available :)
As of right now IE8, Firefox 3.6 and Safari 4 are all insecure with solutions pending, according to Secunia. The worst potential of those is with Firefox so the German government is taking responsible action. Regardless, running your desktop with admin rights is asking for it.
PSI locks the Flash ActiveX file while in use, which means that trying to patch Flash will fail to remove the previous file, which means that next time around PSI will report that a file is still insecure. So currently I downloaded the patches, then close fully, apply them, and reopen the application. If you close the application before the downloads complete then they are kindly terminated immediately. Improvements are most welcome.
v.3.6, released 21st January 2010
v.3.5.8, released 17th February 2010
For those who want to run 2 minor revisions behind?
So... Windows 2000 support is nearly over and there's this debate over Vista and Windows 7. Excuse me while I look confused why they aren't choosing XP SP3...
I tried Office 2007, it left Outlook Express only able to spellcheck in French and Excel charting graphs were no longer able to use time for the x-axis. I reinstalled Office XP after that.
Makes me think that perhaps I should perform that monthly backup before patching :) Either that or wait until the Friday for the ill effects of those critical patches to be discovered.
...shows a new, empty 'Jump to File' dialog window for me on start-up every now and then :)
You don't have to be paranoid to use Foxit Reader. Just being fed up of the pathetically slow start-up speed of Adobe Reader is enough. Foxit patches problems quicker to boot!
I think Mozilla did push M$ into releasing a browser with near CSS 2.1 compatibility, so congratulations to them for inspiring that. Commiserations to the majority of the world still running IE6.