top Ubuntu Releases 13.04, Sticks To 6-Month Release Rhythm
I think the spyware has been a radioactive enough issue that any derivatives are going to make a point of cutting it out.
That said, I don't see the need. As much as I don't like what Ubuntu did with the shopping lens, I've long switched to Xubuntu anyway, which is more sanely managed. (The original reason was to get away from Unity, and their avoidance of subsequent Canonical brain damage cemented the deal.)
Significantly, when you use [KX]ubuntu, you still benefit from all the release engineering work of Ubuntu proper, including security updates---a point on which I'm a little more wary of derivatives like Mint.
about a year and a half ago
top Security Fix Leads To PostgreSQL Lock Down
I know it's not always easy, but most data input into web forms is quite straightforward. The application should not be checking whether the data is invalid - it should be checking that it's valid. That's a subtle distinction, and I'm probably going to fail to explain it!
You'd probably have an easier time explaining it as whitelisting versus blacklisting. A developer can't hope to ever enumerate all the bad things an app should reject, so s/he should instead enumerate the much smaller set of things it should accept. Same deal if you're using a regex or whatnot to sanitize input instead of matching against a list.
about a year and a half ago
top Companies Advise Tighter Security After Honan Hack
Assuming no one can hack SSL
The bad guys don't have to hack SSL. They only have to hack a certificate authority.
(IIRC, this is how the Chinese government broke into the Gmail accounts of various dissidents/activists.)
top Court Rules Passwords+Secret Questions=Secure eBanking
Attacker posts the malicious transfer form and performs the query to tell the bank to send out a text message. Attacker displays a fake copy of the verification form where you are supposed to enter the info from the text message. You read the text message, especially the part describing a $20,000 transfer to Zurich. You don't enter the verification code.
Fixed that for you.
top Pee On Your Phone STD Test
You're thinking about HIV, you're right, that takes months. The clap (ghonorhea) will show up the next day as will several others (actually, most STIs will show positive the next day). There's no cheap test that separately identifies Herpes Simplex 1 from Simplex 2, there is a cheap test that does not distinguish and will show positive if you have either.
The cheap herpes test works that quickly, too? My understanding is that HSV is harder to detect, not least because the virus isn't always being shed.
If the test is reliable, and quick to yield a positive, that would be pretty good---given that condoms don't necessarily protect against HSV, and we don't have a cure for it as yet...
top Pee On Your Phone STD Test
What I'd like to know is, does this test have the problem of most STD tests where you have to wait ~6 months after infection to get a positive result, since it only detects STD-antibodies (and not the STD itself) and it takes about that long for them to build up sufficiently high?
top Where Are the Joysticks For Retro Gaming?
this what you're looking for?
top Google Launches Public DNS Resolver
Since you've got real stratum-1 NTP servers, you could skip the pool altogether and add them to the
official NTP time server list.
AFAIU, the NTP pool is meant more for lower-stratum servers, like users on static-IP cable modems, so your machines wouldn't be doing as much good there.
top jQuery Dev Bemoans Overwhelming Spam On Google Groups
PGP/GPG is overkill. Just drop messages that fail an SPF check. Spoofing is part of the problem here, and SPF was tailor-made to address spoofing.
If you do use PGP/GPG, you don't need an extra header for the signature; it's usually added as a small attachment, and better mail clients already pick up on that for verification.
top Washington Post Says Use Linux To Avoid Bank Fraud
What about a Windows XP Live CD?
"Sir, there are some gentlemen here who say they are from an organization called the BSA. They want to see the license certificates for those Windows CDs we've been handing out..."
top Interview With Jeremy Howard of FastMail.fm
Server-side Sieve filtering/sorting File storage, optionally Web-accessible (I use this to serve up a simple, static-only Web site) Various authentication options (reduced-access password, one-time logins, passwords via SMS, etc.) Teh Google is not reading your mail, so you can put your tin-foil hat away :-)
top Bratz Dolls May Give Young Girls Unrealistic Expectations Of Head Size
Yeah, I thought so too---quite a slip for the
Onion's usual pitch-perfect satire.
They should have gone with something like, "One day, I found her staring at herself in the mirror, wearing her older brother's football helmet..."
top White House Wins Ruling On E-mail Records
it is my fervent wish that there were no such camps and that the deaths of millions were through ignorance, starvation and disease rather than through evil. You cannot assert that "no human being/society would ever do evil thing X." It may be unthinkable for you, and unimaginable for all but the most deranged of your fellow countrymen. But if you look throughout the world, and throughout history, you will find that every iron-clad boundary that you believe to exist has not only been crossed before, but been crossed many, many times. It seems to me that the most convincing evidence you'll find that the Holocaust is real is the present-day horror taking place in Sudan. If you were to absorb the totality of that tragedy, the Third Reich would become less a difference of kind, and more of degree.
Straker Skunk hasn't submitted any stories.
Straker Skunk has no journal entries.