165 posts • joined Friday 11th May 2007 20:56 GMT
Re: Not outsourced
"I'd bet heavy money that the hosting is done by Rackspace"
EIther that or they plastered El Reg with RackSpace adverts because they thought they looked pretty - not sure that's a good bet to take.
Re: They won't de-dupe the whole file
Assuming they actually de-dupe the data right now of course, it might just be in there to give them the oppotunity to dedupe in the future (however they decided to do it) without getting everyone to re-agree to the T&Cs.
If I were going to be doing a file hosting service of that size, I'd certainly want the oppotunity to save space at some point in the future.
Re: The company you keep
I agree with your post - but I downvoted it because I've always wanted to see a Black Helicopter (especially now they are robotic!) and being accused of being a fascist pedoterrorist seems like the quickest way to see one in Britain.
"Thus the chain of cyber attacks on U.S. banks will continue this week."
You would have thought that the NAME of the bank would have given away their mis-assumption.
Took me days to figure out why Bullet Storm kept crashing out on my PC without an error message - till I turned my xbox off and my live account was no longer logged in from two places!
GFWL was a really half assed job of ripping off steam.
It's funny because
Your link had session data attached which bombs when anyone else tries to look at the link (IE try it on a computer other than the authors.)
It's funnier because HMRC can't build website for sheeeeeet.
Actual Link: https://esi2calculator.hmrc.gov.uk/hmrctaxcalculator/
In 3's defence - on the topic of subsidising the few - I just called them up to 'upgrade' my blackberry plan (1000 free minutes, 800ish free txts and a few gig of data (AUP style)) which clocked in at £40 a month and got a shiny new Samsung Galaxy s2 with twice as many free minutes and txts, and the true unlimited data plan for £10 less than I was paying before.
I'm sure people are going to rat all over my monthly bill, but I was under the impresion £30 a month isn't that bad a deal - especially as I now don't need an internet connection at home (I'm in the docklands - 3g is faster than anything BT can deliver across copper and Virgin don't come to my home)
It's not the issue itself....it's the mindset
My issue with this, isn't in the bug itself, but how Apple missed it - Windows was inherently insecure because of the 'it's single user so lets just patch security over the top' model they used to use. If Apple are thinking the same way with this then what ELSE is inside the thousands of lines of code in there?
Dear El Troll
I guess the real 'problem' here then, is that Skype tries to use direct connection for its communicatoin instead of routing all calls through a CDN (and that would have to be one hell of a CDN to handle that data.)
So the attack goes:
Attacker: "Skype server, where can I contact x for a call?"
Server: "Here: IP"
Attacker: "HAHAHAHAHA I PWNED YOU WITH TCP/IP!"
The whole point of an IP address is that people know what it is, it would kinda break the Internet Tubes if no one knew each others IP.
PS Dear El Reg, I know you track the IP of my comments - can you please stop invading my personal spaces with your Interweb Servers. Kthxbai.
PPS: Actual 'attack' I've used once.
Someone is pingflooding me through MSN (it was a while ago).
One blank, large, jpeg named 'britneyspears.jpg' was created and sent to them.
Stupid kid accepted the file.
One quick netstat later to find his host name (which was someone's name at AOL) and a message "If I call this lady here: [Name] and tell her what you are doing with her internet connection.....what will she say?" and stupid kid vanishes into the air, assumedly to cry.
This is not new news.
Looks like they really don't care about us
They don't have time to debate debating either :(
I'm quite upset.
They are probably referring to the technology that is used to reduce the effectiveness of the tempest attack - it's really advanced, I think it's called 'low contrst colors' or something like that.
They might also be referring to something along the lines of obscuring window figerprints to stop screen scrapers detecting when a 'secure' window is open (IE I have an application that looks for the spotify window to send it a message to play/pause when I hit the blue thinkpad button on my laptop) and capturing its contents.
"Unconfirmed reports on Twitter suggest that the Currys store in New Cross, south-east London, was ransacked by looters last night."
Ha! The joke is on the looters! They are gonna be PISSED when they try to flog that gear online and realise it isn't worth quite as much as Currys said it was.
I would have punch Ken Livingstone in the face if I were near him for doing that last night. Utter Idiots.
Not that simple
Unfortunatly it's not that simple. The OS has nothing to do with how a website stores its usernames and passwords, the code for the website does that, and while there are libraries to help you do hashing etc, there is no 'make me a ultra secure, scalable website' library you can just plug into a webserver and it 'just works'.
You do get things like dotNetNuke and other CMS solutions which come with secure login bundled in but they have a learning curve that most people don't bother with.
Lastly there is the .NET framework's FormsAuth (lastly that I am aware of, I'm a .NET developer so have no insight over PHP or Java's offerings) which kinda gives people the ability to custom roll a secure area and make it not suck but that is more like a really gentle push in the right direction, it's no way pretty to use if you want to get really custom on it.
So in short, unfortunatly there isn't, and the quickest (IE cheapest) and easiet way to create a website login is just to roll it yourself.
The excuse I usually hear for not hasing passwords is that if a user forgets the password, or the 'business' want to be able to log into customer's area's for testing purposes, it is easier if the password can be extracted from the database. "And no encrytion is not enough because then I might actually have to use some quick and easy to use tool to read the password as opposed to SQL Server Manager."
I wrote it already
......but it only works on a mac
George.....You silly old goat.
My title didnt contain letters or digits.
Yes! Exactly - it isn't technological leap into the future (and seriously, anyone expecting that with a TWELVE YEAR OLD ENGINE is thinking a bit unrealistically) and this isn't your 'slap-on-your-headset-and-get-into-a-team-to-tactically-defeat-cuba' it's a 'sit-with-a-beer-and-pizza-and-laugh'.
"Yesterday was Thursday, today is Friday, tomorrow is Saturday, and Sunday comes after!"
(hmm although, come to think about it - it's not too far from the Jackson 5s ABC)
Scuse me, I need to go wash my ears with bleech.
Reactors 1 and 2 have the external power line, 5 and 6 have generators - in the big wide scheme of things does it really matter which way round it is?
So in a two page article you find one, inconsequential mistake and take a stab at the authors integrity over it.....
<Rude comment removed as it wouldn't have gotten past moderation>
Ya, it works quite well:
then mix up
and you must watch it through to the end as punishment for being such a tool.
Unless you have proof that Anon hackers are related to 419s stfu. gtfo and diaf kthnx bai (and other such 4 letter words).
Saying that, you do get points for giving me a nice mental image of Dade Murphey (ask your nerdy parents kids) sitting in his shades listening to Justin Bieber while he hacks.
Everything I have to say on this can be summed up with the below video, and one line
I hear someone stole their infrastructure - with a bulldozer, and you can't call someone for half a day? Quit your bitching.
To the person who downvoted a Monty Python quote:
Do you want to come back to my place, bouncy bouncy? You great poof.
Dear El Reg
To Whom It May Concern.
I am writing to inform you that we will be issuing The Register for an invoice to fix the hole in the wall of our office which was caused by the developer who sits at this computer running from his seat, straight through the office wall, across the road and into the Google building opposite us, smashing every computer monitor on the desks between this station and the wall.
Please take more consideration when posting articles like this as developers like Chris are extremely excitable after 8 cups of coffee a day. I would suggest next time posting articles like this one before 10am when they are still in that 'hazy morning' state.