Showing headlines posted by TxtEdMacs

( 1 2 ... 3 ) Next »

Web Input - Securing Data, Hybrid Approach

  • LXer Linux News; By Herschel Cohen (Posted by TxtEdMacs on Jun 30, 2008 5:35 AM EDT)
  • Story Type: LXer Features; Groups: PHP

LXer Feature: 30-Jun-2008

In this installment, I will cite an example of automated email code designed for another purpose. Nonetheless, I see it is a critical step to confirm the validity of the form's input. Moreover, unless and until I have received the expected human confirmation, that input is left in limbo [1.]. This is another means to prevent spurious, but uncaught data inputs. Thus, this limited human energy expenditure is a high return investment.

Web Input - Securing Data, Second Level of Defense

  • LXer Linux News; By Herschel Cohen (Posted by TxtEdMacs on Jun 4, 2008 11:51 AM EDT)
  • Story Type: LXer Features

LXer Feature: 04-Jun-2008

My implicit presumption in this series is that break ins are unplanned, opportunistic occurrences. Break in attempts are triggered by encountering an input form. As I mentioned previously, do not give information away needlessly. Moreover, I strongly suggest you consider becoming passively aggressive by making your presentation of the form and its expected input somewhat unpredictable. Moreover, I advise turning your data input into a simple waste of time and effort for those not trained to use the entry way.

Web Input - Securing Data, First Level of Defense


LXer Feature: 19-May-2008

This article focuses upon testing the reliability user input at the lowest level. The first line of defense is use of automated searches that might detect malicious inputs. Personally I wish there were a better option. Being realistic, we are confronting coders with superior skills that have added advantage of surprise, stealth and economic incentives. Whereas we are reactive to new or suspected threats as they arise or worse discovered later.

Secure Web Input - Data Analysis

LXer Feature: 03-May-2008

In the introductory article for this series I painted my intent out in broad strokes. Now my task is to determine the absolute minimum data set I need to extract from the user input form. That is, what is sufficient to build dynamic content into the Open Source Today (dot) org site. The constraints I use may seem arbitrary, however, you too should use whatever is afforded you to simplify your tasks.

Introduction to Secure Web Data Input

LXer Feature: 25-Apr-2008

The html form can be an effective means of allowing screened content onto a web site. My focus is upon trusted members that need to deposit articles and news. Moreover, this route is designed to circumvent restricted environments that do not allow them logging directly onto the site. While security is certainly an issue, my suggestions will be limited in scope.

A star is born beside the dustbin

  • Guardian UnlimitedSpecial reports on-line site; By Michael Parkin (Posted by TxtEdMacs on Jan 14, 2006 4:57 PM EDT)
  • Story Type: News Story; Groups: Community
With all the recent comments and stories posted by the self-satisfied realists, where they insist any idealistic endeavor is doomed to fail, this is a very telling antidote: "Mr Graham Hosty, of Huddersfield, has discovered a nova with nothing more to help him than an O-Level in astronomy, keen eyesight, one half of a broken pair of binoculars that cost him £10, and an observatory housed in a wooden shed in the yard of his back-to-back house."

Ed Felten and partner 2006 Predictions

  • Freedom to Tinker site; By Ed Felten (Posted by TxtEdMacs on Jan 6, 2006 6:08 PM EDT)
  • Story Type: Editorial; Groups:
Twenty three predictions for the upcoming year and none will be wrong. "... Each prediction is supported by at least one of us, except the predictions that turn out to be wrong, which must have slipped in by mistake."

And they are fearless: "A name-brand database vendor will go bust, unable to compete against open source."

Unless it was one of the mistakes. What's your guess Oracle or Microsoft? Not too likely.

SCO out to kill SuSE

Calm down not quite as dire as the headline. It's just that SCO is filing for permission to revise its claims against Novell and that's where the attack against SuSE arose. It seems to have been reborn as part of a generalized counter attack against Novell and its version of Linux due to the latter's dismemberment of the formers original claims. Ah, the practice of corporate law is almost as good as minting your own money, provided there is a sufficient supply of dumb, rich clients.

Found on lwn.net listing.

Another Attack Upon Quinn

Her title says it better: "David Coursey's Massachusetts FUD", however, I thought it might mislead certain types such as myself into thinking this was a new popular culture dance craze. Nonetheless, where pulling "facts" from strange, smelly places is de rigueur I guess such trash has its place. In any case, see its dismemberment here. I just regret the readership of the former is so much larger than for the latter.

Better Than CAN-SPAM If You Live in the U.K.

  • Guardian (Technology area) site; By Paul Lewis (Posted by TxtEdMacs on Dec 28, 2005 1:40 PM EDT)
  • Story Type: News Story; Groups: Community
In the U.S. stopping SPAM by central government connivance is really ineffective. Whereas a small precedent has been set in a U.K. court that if followed, the financial return on SPAM could be lessened. Or as the Guardian put it: "A legal claim against an internet marketing company which has been accused by the recipient of spamming could herald the end to junk-filled inboxes, it emerged yesterday."

Tokyo Exchange Struggles With Snarls in Electronics

  • New York Times on-line (registration required) December 13, 2005; By MARTIN FACKLER (Posted by TxtEdMacs on Dec 14, 2005 2:16 AM EDT)
  • Story Type: News Story
Probably can't blame this on Microsoft, since it's Fujitsu's design. So here is how it begins: "What exactly is going on at the Tokyo Stock Exchange?

Last month, a computer glitch shut down trading on the exchange, the world's second-largest after the New York Stock Exchange, for almost an entire day. Then last week, a typographical error by the Mizuho Securities brokerage generated a $330 million loss. On Friday, the prime minister demanded corrective steps, and regulators began an investigation. "

IBM to support OpenDocument in 2006 - On Web Based Shared Applications

IBM plans to implement web based applications using Open Data Formats (ODF) where users share the application and data by passing the desktop entirely. Apparently this is aimed primarily at rising economies of India and China where " ... They don't have the legacy of having everything saved in Microsoft Office to transition from...This is an opportunity to start out right." If true there is another very interesting aspect to this article: the claim that Microsoft's Open XML format is to be submitted to both " ... standards bodies ECMA International and ISO." The latter was not mentioned previously in what I have read and would be a much harder environment for Microsoft to sell its version of "openness". (Found on slashdot.)

Macedonia Deploys 5,000 GNOME in Public Schools

When the Republic of Macedonia decided to deploy Linux in 468 schools and 182 computer labs nationwide, they chose GNOME on an Ubuntu distribution. Arangel Angov met with Darko Arso, Technology Integration Manager at the Education Development Center, to find out more about their reasons for using GNOME. [Found on lwn.net site.]

New York State Attorney General might get tough with Sony

  • Ars Technica site; By Nate Anderson (Posted by TxtEdMacs on Nov 29, 2005 11:58 AM EDT)
  • Story Type: News Story
Despite Sony's claim to have ordered the recall of the rootkit protected music CDs, those discs were easily purchased by investigators at major outlets. The action taken by the office were letters to the retailers advising them to promptly return their entire inventory of these security risk discs back to Sony. Since it seems Mr. Spitzer is well aware of the security issues and the laggard pace of removal it may be likely that legal action from the State of New York may be pursued against Sony.

Microsoft Burnt Our House Down!

Texas family suing Microsoft. It's not the new Xbox that created the problem, just the old one. Microsoft was in the process of recalling the units due to a known power supply problem. This time MS is going to have some serious legal difficulties. If they decide to fight, because unlike software EULA is not sufficient protection. With what may only be incipient evidence, it appears the MS fails to learn the lessons of their past errors:

It seems the recent failures on the new 360 Xboxes may be mostly attributable to overheating of the power supplies. One fix described is to hang the box above the floor with string to allow cooling from below. Hey, do you think I could patent the idea that some stray pieces of Lego blocks (or knock offs) at strategic corners can efficiently cool defective Microsoft game machines? Sounds reasonable to me. Talk to Tom on where to send the checks, it's just a numbered account in Switzerland so that I can properly credit your account for using my IP. Warning to MS - IT'S MINE, BACK OFF!!

Open document formats and the path to world domination

Microsoft's never ending fight to remain relevant while defeating nasty attacks upon its bulwark, which unnecessarily distracts this valiant company from more worthy tasks such as getting a lock on the Internet nearly matching its hold on both the PC desktop and most of the Office type applications. Woe unto them that do not recognize how unworthy they are to desire the fruits that this company so assiduously picked off so many dead, dying, decaying and those still living but consigned to a similar fate. Companies that hold any shred of property (IP or otherwise) that Microsoft desired, becomes theirs. Be warned ODF will suffer the same fate. Though the path may be long and the dead will strewn alongside our skewed path. Be fearful you lackeys, open source, free types we shall not rest until your are gone or if we are forced to we will compromise if we must. But until then: the world belongs to us and anything you own too is ours. Just kidding, I think.

Open Source Media Gets the Message: They Are Not OSS.

OSM was mislead by a bunch of "suits" into changing their name to Open Source Media (despite their being very unopen) from their erstwhile choice of Pajama Media. It could have been worse, one possibility was Jellyfish Media. The Pajama Media at least had the value of reversing the direction of the established media taunt that blog writers wrote trivialities while in their jamies. That is, Pajama Media had a modicum of humor, unlike real professionals that screw it up while well dressed and pimping for corrupt pols. At least these latter professionals are ambidextrous. In conclusion little else can be said for so many professionals.

MS is Right: Kill Linux just like ...

Read this and you will understand that MS's only intentions are benign and it is just trying to protect you from that vile monster! Just like Mary S. thought should be done.

The Real Reason SAP Is Attacking OSS(?)!

  • SAP's own web pages "opening" the SAP DB; By unknown (found lead in comment on /. by AKAImBatman (238306)) (Posted by TxtEdMacs on Nov 11, 2005 6:54 AM EDT)
  • Story Type: Announcements; Groups: Community, MySQL
The link begins with a notice that the web pages are no longer maintained. At the time I heard the code was terrible. On my connection, the opening page moved to a combined MySQL AB and SAP page http://www.mysql.com/products/maxdb/ and MaxDB. Thus, by pure logic alone Open Source methods suck! It could not even save a crappy product. Guess it just Maxed Out.

Censor the net by Congressional Action?

While I have not followed this story in detail, i.e. actually reading the content of the proposed legislation I tend to look askance at legislative attempts to limit speech particularly when the conventional press/media has been so very timid. Hence, consider their petition: "Mike Krempasky of Red State and I have jointly signed a letter (PDF) urging the U.S. House of Representatives to reject H.R. 4194 -- a stealth effort to regulate online political voices by pretending to defend them. The letter, drafted by our own Adam B, is: November 9, 2005 Dear Member of Congress,..."

( 1 2 ... 3 ) Next »