top BBC: ISPs Should Assume VPN Users Are Pirates
This is the problematic part from TFA:
the BBC Worldwide indicates that ISPs should be obliged to monitor their customers' activities.
If anything, ISP's should be regulated never to monitor their customers activities - I really think ISP looking into what I am transferring should be illegal. Just like a phone company should never listen to my conversations, ISP should never look into my data.
about a month and a half ago
top Gmail Recognizes Addresses Containing Non-Latin Characters
What software (or library) is programmed to recognize that two chars
look the same and therefore allows them based on the appearance rather than their encoding?
I am not aware of any. My "solution" to this problem is to allow only unambiguous characters to be used. I really mostly have to deal with only about 60 characters in total which I allow people use for unique fields, so it's manageable.
top Gmail Recognizes Addresses Containing Non-Latin Characters
That kind of phishing already exists, even more sophisticated: a bug that a lot of software contains is not distinguishing between same looking characters in different alphabets. E.g. you can sign up on many forum/bbs platforms as Administrator if your leading A is
cyrillic A instead of latin A. Both look the same but have different html entity codes and are different unicode chracatres, which is true for most vowels and many consonants (e.g. cyrillic B and latin B, C and C, E and E...). Or, for more fun, look at this (single) character which looks exactly as "lj".
Those of us with customers who use two alphabets constantly have known about this problem for a long time and we've seen phishing on all different kinds of platforms using this strategy.
IDN (internationalized domain names) solves this problem in domain names with policy: you can't register a domain which looks exactly like some other domain except for that change in character. Still though, you can register both casino.it and casinò.it and that's where the real phishing potential is. I think, at least most native English speakers, would probably be fooled easier by a domain such as paypal-customer-division.com than paypàl.com.
top Ikea Sends IkeaHackers Blog a C&D Order
The owner of trademark has to "protect" it or they will lose the exclusive right to use it. It's described
here. Lawyers have to send C&D letters and sue for infringement because that's what the law says they have to do in order to keep the right to use their trademark.
IkeaHackers does use IKEA's logo and it really can be mistaken for IKEA's trademark, so the lawyers had to act. It was routine, and it wasn't some evil corporate guy who just wanted to make that blogger's life miserable.
top Gaining On the US: Most Europeans To Be Overweight By 2030
When I was visiting my parents once, after getting out of shower all wet and with a towel on, I got an epic line from my father: "Go back to the bathroom, put on some clothes, and lose 10 kilos, before you enter the living room".
In many parts of Europe (I can speak for the Balkans for sure), it's perfectly normal to comment on weight and friends and family. It's not said out of malice, it's with best intentions. And if anything, when everybody you know starts commenting on how fat you are getting, you start and think if it's time to go on a diet. It also usually means that you can get some support from family and friends if you need to change your lifestyle to lose weight, so it can work out good.
It's different with children though - they can be rough and tease/bully you for being fat. For some kids that can be an incentive to take up a sport, for some it will be nothing but trauma.
top Hulu Blocks VPN Users
1. Rent a cheap VPS
2. Tunnel connection through it (e.g. via a SOCKS proxy) or set up your own VPN
3. Keep the IP to yourself so you don't get flagged
That's how I get to watch BBC's premiers at the same time people in London do, and if I care about something in the US, I just switch to another VPS.
top Band Releases Album As Linux Kernel Module
point being, nobody would have heard of this without this gimmick, so bravo for them for the gimmick. but let me ask you this, will you seek this song a year from now?
Honestly, it's not my cup of tea and alternative music generally takes some acquiring of taste before it can be enjoyed.
Still, I'm sure they'll find the audience, and they certainly get +100 geek points for this release.
top Band Releases Album As Linux Kernel Module
De gustibus non est disputandum. I just heard about this band for the first time and I would categorize them as an "alternative electronic" band. I was first introduced to that kind of music during the mid nineties, just before the Internet came to my country, as it was swapped by artists on a BBS I frequented. I think it appealed to artistic geeks because they could create it with a heavy use of their favorite toy in their bedroom.
We even have a show dedicated to this kind of music on a national radio station, so it has its audience...
top In a Hole, Golf Courses Experiment With 15-inch Holes
Most every other sport has human interaction as a core element: US football/rugby has people crashing in to each other as a core element, baseball has a pitcher throwing a ball to a batter and the pitcher can directly affect the batters performance, in basketball you could be the best 3 point shooter on an empty court but you've got to get the ball past the defensive players trying to block it.
Except, of course, for track & field, swimming, skiing, ski jumps, kayaking, rowing, running, synchronized swimming, gymnastics, weightlifting, luge, skeleton, boblseigh, and pretty much any other sport which doesn't involve a ball or direct combat. Some you do regardless of other contestants, like weightlifting, some you do alongside others, like running a marathon, but no interaction is allowed. So, whatever you do in practice you should be allowed to repeat in competition.
Sports like football (real or American) and basketball may be good television, but they hardly constitute "most sports".
top Apache OpenOffice Reaches 100 Million Downloads. Now What?
For most users that I've known who were willing to try OpenOffice, Calc worked fine for them.
When they ask about why it looks different, I just tell them "oh, this is the newer version.", and they're fine.
You are describing my experience with home users, e.g. people who use Word to type out a school assignment or a project report and then print it.
People who do "serious" work with Office have real problems migrating. Excel formulas will not always successfully transfer to Calc, which means old spreadsheets can't be used and they can't be shared with people still using MS products.
Write and Word do have incompatibilities. E.g. one bug lingers around for years: when a header is saved in OpenOffice format and then saved as a Word document, it will appear on all pages and not only on the first page.
I never tried to open a MS Access database in OpenOffice Base, but Base does have stability and bug issues, at least on Mac (just yesterday I had problems with it crashing).
I won't even go into macros, templates, etc.
Switching from MS Office to OpenOffice / LibreOffice is not easy at all for power users. To put into geek terms: imagine switching from Apache to Lighttpd. For most things, it will be great. But, if you have some serious .htaccess magic going on or are relying on mods which exist only for Apache - well, you are out of luck and you are probably not going anywhere.
Fresh start with OO/LO, on the other hand, is a breeze :)
top Ask Slashdot: Moving From Tech Support To Development?
I am in a South-Eastern European country and I don't have a degree in a related field, but I didn't have a hard time finding my first programming jobs.
Keep several things in mind:
1. Good developers are in demand. If Eastern Europe is anything like the Balkans in that regard, people are looking for competent programmers. At any particular job interview for a programmer most of the people who apply don't know anything about programming, have never used a relational database, etc. Use that to your advantage.
2. Small companies don't have HR departments to veto you just because you don't have a degree or enough years of work experience.
3. You have 6 months to beef up your resume. You can always invent free-lance work, as long as you have knowledge to back it up.
4. You can always find for-peanuts work on various "hire a freelancer" website. You will not earn good money there, nor will you get any enterprise application experience, but you will have an "Aha!" moment if you never programmed for money before. When you are developing as a hobby, you tend to adjust requirements to your knowledge and spare time, but when somebody else gives you requirements, you will quickly discover how to learn quickly and do things efficiently. That's what employers want from their programmers.
5. When negotiating a salary, keep in mind that the price you suggest will tell a lot to your employer about what you are worth. I know this may be a mistake, but when I was interviewing people for jobs, I took more seriously people who expected higher-than-indurstry-average salary than people who wanted to work for peanuts. If you come to me and ask for a salary that's half, or a third, of what I know most company in my city pay their developers, I will assume that you don't have much experience.
top Why Buy Microsoft Milk When the Google Cow Is Free?
Fair enough. I don't think I have a problem with particular practices as much as I do with general philosophy. I try to be security aware whatever I do and I am put off by any sort of thinking where security breach is something that happens to others.
When you host your own stuff and use your own services, you can be proactive about safety and devise and enforce good policies. While you can develop good practices when using "cloud" technology, it always will be next in line to convenience and your policies have to fall in line with your cloud provider.
top Why Buy Microsoft Milk When the Google Cow Is Free?
I am lucky enough to work for an organization where using LibreOffice came from the top down: if the boss sends you an OpenOffice/LibreOffice document, you tend to install it and aren't too lazy to share work by email or shared directories.
Another organization I worked for used Google Apps.I tried to point out flaws of it (security problems, what happens when you are offline, etc.) to them, but I got: "Google is not evil, we trust them". This worked OK until one guy managed to incidentally invite a completely unrelated person to edit a document in which they stored a bunch of sensitive passwords and information ("so it's all in one place").
Even with that wonderful experience, that same organization still uses Google Apps ("it won't happen again"), and even though I relay this experience to other orgs I work for, "it's just too convenient, Google is not using our data in an evil way and you can incidentally email passwords to anyone anyway".
top Hungarian Law Says Photogs Must Ask Permission To Take Pictures
I don't think you would go to jail for taking a picture of e.g. St. Stephen's Basilica (which would be impossible to take without anyone in the shot) or the Parliament building in Budapest. Firstly, I doubt the punishment would be anything other than a fine. Secondly, I strongly suspect this law has little to do with privacy and tourism and much more to do with e.g. making sure nobody can take pictures of anti-government protests.
TFA is kind of lacking details and I don't follow Hungarian politics that closely, but my first instinct has to do with Viktor Orban's government - he's known for some controversial laws curbing media freedom and changes to their constitution which got the entire EU worried.
The main confusion is that consent can be given in many different ways: implicit consent is still a consent and the article mentions one of their government ministers saying you are fine as long as nobody is explicitly asking you not to take a picture.
Unfortunately, Hungarian is so hard to understand that even with Google Translate I can't follow their newspapers and columns, so we are at the mercy of second-hand journalism and skimpy stuff such as TFA, but indeed this looks like one of the laws enected to be used selectively against well defined targets.
Meanwhile, don't cancel your Hungarian vacation just yet - it's a lovely country with things to see and do, even without taking a camera :)
P.S. Personally, I welcome this law. When traveling through Hungary, I can stop paying Hungarian vignette (road tax) and when I drive under highway cameras, I'll just wave my arms in explicit objection to having my picture taken :)
top Daylight Saving Time ...
So you're saying that midday should occur at 1pm instead of noon. Why? Did our ancestors get the definition wrong?
So we get more daylight when we leave work. Regardless, two people at two opposite boundaries of the same time zone will get midday at different times anyway, so why should we care about it?
top The New PHP
mysql_real_escape_string is a wrapper of a C function. Does that make C the laughing stock for you as well?
I keep saying this on Slashdot: PHP has it's weaknesses, but inconsistent naming conventions isn't a major problem. What made PHP the laughing stock is looking at incompetent coders' code and thinking that's how you do things in PHP.
PHP is a good language for web development. It has an easy learning curve and gives you power to shoot yourself in the foot. Combine those two and you get a bunch of atrocious code floating around the web from the hands of incompetent. But you also get rapid development with very readable code where new programmers can easily jump in in the hands of competent.
P.S. mysql_real_escape_string is now deprecated. PHP has come a long way since its atrocious beginnings and TFA talks about that (clue is in the title).
top Why We Need To Teach Hacking In High School
While both hacking and cracking should be available to gifted students, most of them need to learn a simple skill that will take them far in life:
how to file a bug report.
More companies nowadays depend on their software and good feedback from users is very hard to find. In such environment, those who can file a proper bug report, or write up an understandable feature request, can genuinely prosper.
Those who can properly ask for e.g. a data report from IT, or explain what's wrong with company's intranet website's feature that they use, usually get what they want and their productivity increases.
Any IT education should start there. Those who get hooked will learn how to "hack" (or crack...) regardless of their high school curriculum.
top Hackers Sweep Up FTP Credentials For the New York Times, UNICEF and 7,000 Others
While I don't know what's NY Times' excuse, Cpanel, which powers a lot of servers on the internet still relies heavily on FTP. And Cpanel, while primarily designed to manage shared hosting, is not limited to shared hosts only, many people
choose to have it installed on their VPS or dedicated server.
For many web developers, process of deployment is still uploading via FTP, which is both insecure and inconvenient, but I see it very often.
top Yep, People Are Still Using '123456' and 'Password' As Passwords In 2014
So many sites nowadays require you to register so I use throwaway emails in combination with throwaway passwords. E.g. if I want to try out Trove (that was mentioned in a previous article), I really don't want to put in more than a few seconds thought into it, so my email will be firstname.lastname@example.org and password probably something along the lines of asdf1234. If I find the service useful, Firefox will remember my email and password for login and/or I'll be able to recover the password using their system. If, more likely, I forget about them, I don't care if my credentials get compromised.
top Ask Slashdot: What Makes You Uninstall Apps?
It doesn't even have to be updates asking for more rights. I usually uninstall software I don't use once it starts bothering me with upgrades at all. On Linux, I never have that problem as I generally know which software I need and don't just try out new programs without a good reason, but on OS X and Android, where I mostly install things through their respective app stores, some applications will be asking to update themselves more often than I consider polite.
On Linux I usually apt-get update once a week (and I do the same with macports), but when particular app wants my attention even if I don't feel like upgrading - it gets old quickly.
dejanc has no journal entries.