No, what I believe they are saying is that if you work for a company, that collects the money, gives you your jobs, set standards for drivers, etc., then you are an employee of that company.
You can buy a car, advertise all over the place, have the correct insurance, and you are a one person company. It has been going on for a long time, its called "Car Service".

However, this will bring about interesting wage negotiations, in the UK and abroad.

Digital ANYTHING over the air for listening just plain sucks.

If your signal is not perfect you simply don't hear anything. If I am WAY away from an analog broadcast, it might be fuzzy, it might in and out of stereo but I can still HEAR and understand it. With digital, one the signal gets fuzzy is just does not decode it.

This is only one of the reasons why cops and fire fighters hate the new digital radios.

So encryption. What are you protecting? Many Many passwords to your banking, health care, etc. ?

So the question re:

• Data value?
• Data value lifetime?
• Data Recoverilability?

You can build a sophisticated cypher that does not require polynomials, massive primes or any of the stuff that RSA uses in an afternoon with a little imagination that will stifle pretty much anyone except for the most ardent code breakers. So the questions need to be answered.

Create a two dimensional array each dimension being 64K in size of 64 bit integers. Use the key to seed the random number generator, then fill both dimensions with random 64 bit numbers. As always the larger and more complex the key, the better, but use each element of the key to indicate which dimension you will pick the substitution value from. So given the key of 1234567890 you will 1 value from dim1, the next value from dim2 etc.

Each 8 or 16 bit char will be replaced by a 64bit number, that was generated by the entire key value and then selected by the key[n]. If you exhaust the length of the key simply wrap it around.

If a checkbox is not checked does it still not come in on the post / get ?

if not then it is still broken on arrival.

Is a textarea still not a text control?

if not then it is still broken on arrival.

Hey that is a really great post!>

So a couple of things that I would add not to counter, but to perhaps amplify and clarify.

Naval drones are the same idea that Iran is currently contemplating, with a massive surge of small craft carrying warheads of some type. While this has the capability of achieving moderate success I am not sure how they would fair when confronted with a CIWS system with an effective range of 4km and being pretty damned accurate. More than likely current doctrine has been updated to increase the amount of ammunition carried for each deployed unit.

US / Russia conflict. I have some rather serious doubts there will ever be a direct ground war. Napolian and Hitler both discovered, much to their chagrin, that you just don't invade Russia. It will be a proxy war, as it is cooking up to be as I write this, and the only way to win is to put massive boots on the ground to push them back to their border, but no farther. Like it or not, Patton was right and we should have taken Stalin down when we had the chance. The Russians don't have a naval force that would be anything more than annoying. China is a bit of a different story, but they really have no experience fighting the ships they have and there are questions in many circles as to if they can even deploy them into the deep ocean since they no bases or allies to support them whereas the US have many bases around the world and a very large support system in place now. In a conflict I can see a more complete version of Perl harbor being quickly inflicted on their Naval Bases.

Submarine -v Submarine I would have to give a decided edge to the US Fleet. WE have trouble tracking our own. In exercises, even many years ago, we had to put noise makers on the "target" just so we could find them. It is an old joke, but one SONAR guy would ask another SONAR guy, "How do you know if are tracking a Russian submarine?", the classic response was, "If it sounds like and empty trashcan being rolled down an alley at 3am it more then like is a Russian.". Of the likely aggressors China is the one that would give me the most pause; however, I am confident that, with out being overly so, that we would prevail. we currently have at least 2 large shipyards that can crank out submarines with at least one other that could be brought on line pretty quckly

hunter killers of naval warfare. You think you can find them? Best of luck. Lasers don't go far under water and they diffract all over the place in the water column. US Submarines have some of the most sensitive acoustic detection equipment designed. They can hang suspended in the ocean, listening. They can silently go shallow or deep in the water column. Just stick the nose above the main thermocline, or tilt down to just penetrate into the deep sound channel.

If you are a surface ship, and a submarine wants you you are just dead. By the time you hear a MK-48 torpedo, it is too late. You don't even want to be in the same ocean with one those because it will kill you. By the time you detect that harpoon missile you might get the first one but the second one will get you. Your a surface ship, you can't hide, but that submarine can and you cant hear it over the background noise of the ocean.

Look up how many weapons a Virginia class submarine can carry. If you are a surface group dumb enough to be cruising in proximity of each other, they can put a shit load of torpedoes on your ass, turn around, go deep and haul ass while you are still trying to rescue your sinking ship mates.

5 US Nuclear Submarines can deny ANY fleet the Straits of Gibraltar, The Straits of Hormuz. There is not a Navy in the world that can challenge the US Navy at sea. If the Chinese tried to cross Taiwan Strait it would just be a shooting gallery.

Lest anyone think I know not from whence I speak, I spent 10 years in two classes of fast attack submarines in the US Navy. Are motto was then and still is now, "There are two kinds of ships, Submarines and Targets."

Tell that to anyone with a house that is more than 400 sqft and they will laugh in your face. 2.4ghz is radar! It is supposed to be reflected. 2.4ghz is smack in the middle of the "E" band radar spectrum and that is why Wifi has a range of about 100 ft indoors and that is if your house is made after 1950. If you have lathe and plaster, forget about it!

Frankly, no; however, this is not just text as it wants to be taken seriously as a data portal and should therefor be written with just a little more polish and not have to rely simply on the back button.

So Yet Another Web Based Thingy ( YAWBT ) written by academics who don't understand how to write software. There I was in a sample and I clicked on the owner, was taken to the owners page, and yes, no obvious way to get back, except to hit the back button, which as we all know is perfection.

Ok, so here I am with serious mod points and should be modding but I have to take umbrage with your remarks

First of all there have to be parents that are able to interact and for that to happen you need to have at least one parent who is not exhausted after commuting, working long hours and being forced to answer e-mails from PHB's on the weekends and all other times of the day and night and having to drag work home with them to keep up with ludicrous demands.

• We have to get over this "every child must go to college" sickness and realize we actually need skilled trades a recognize the immense value.
• We have to start teaching how to approach and solve problems mathematically, instead of teaching times tables. We have to teach SI for gods sake!
• We have to desperately figure out a way to teach algebra that is not completely mind numbing.
• We have to put industrial arts backing into high schools! When I was in high school I learned to weld, to use a metal lathe and a milling machine, how to cast aluminum and bronze. I could also take serious wood shop ( we built furniture for fucks sake! ) or serious automotive classes.
• We simply MUST get on the metric system, I mean really, we are still doing shit in 12ths, really!?!
• We simply MUST start teaching computer programming as an ART because is IS an art.

Video games are NOT the answer, never have been never will be. We have to stop coddling children and actually educate them. My son is 13 and still I have to keep on him to get his homework done, and that is my job and I have to do it why? Because he IS 13 and just wants to play soccer and hang out with his buddies.

Yes there are some lazy teachers, but the vast majority of them really want to do good AND have parental involvement. Teachers know how to teach if you will let them and stop dumbing everything down, we have to raise our standards, not lower them.

Another thing... I don't give a FUCK what color your skin is, or whatever "troubles" you have. Take a swing at another student and that student didn't swing first, your fucking outa there! Caught with drugs or booze in school, you are fucking outa there. Take a swing at a teacher, your fucking outa there! Be a teacher and fuck a student, you go to prison, Throw a fist at a student who threw a fist and another student, or grabbed my daughters ass, you get a fucking medal!

Parents, you let your kid show up with his pants hanging below his ass? You get called, you either pick them up or the cops come pick you up, the school is NOT your fucking baby sitter!! You let your daughter go to school in Yoga pants leaving no doubt just how deep her camel toe goes or just exactly how deep her cleavage goes? You get called, you either pick them up or the cops come pick you up, the school is NOT your fucking baby sitter!!

School is a learning environment not a dating service or fight club

The best replies I have seen are from Zurk,& Kohath so let me add to that.

Either develop a market or a product that will fill some segment of a market, first before you do anything.

Now let me suggest that you target a market where the predominant players have become lazy and charge a LOT for their software.

This company Zemax started off when optical design software had a few big players. Their software, on average was selling for $30.000 US per seat. The company founder got a PhD in optical design and while he was still at school started writing his software. What he did was build a PC based optical design system that did 98% of what the big players did. But in that 98% he included what a lot of people term is that last 2% which is the really hard work. He left a lot of the simpler things for later. When he released version 1.0 he sold it for $2500.00 per seat ( with the hardest dongle he could buy at the time ) and after the first month he was moving ~ 10 units a month. In 20 years his price for the basic software has only gone up to $3600.00 a seat.

Make no mistake he worked his ass off to do it, he did it by himself for a long time before he hired his first employe. The company is still privately held and the man stopped having to work for a living many years ago, but he still does it because he loves what he does.

And anthropomorphizing on top of it all.

Look until we can find a way to clearly communicate with bats, or any other species other than other humans, and that is a stretch at times, I ain't drinking this particular glass of cool-aid.

Having been a SONAR technician and having used some of the coolest acoustic toys ever made, I think a more likely conclusion might be:

I find that in a group of bats trying to home in one a single insect they frequently target the same insect and interference patterns are formed causing one or more of the bats acoustic homing to be distorted.

I normally do not respond to AC since 99.9999999% they are trolling, but I will reply since it is actually quite simple.

update_user_pword(uname,curpass,newpass);

and it simply returns true or false, 1 or 0 nothing more, nothing less.

An most importantly use ONE WAY ENCRYPTION when storing a user password! Novel's Netware did this and it was NEVER cracked.

In postgres & oracle you can grant execute to the procedure and or function without giving any rights of any kind to the user to the underlying tables.

In oracle you can write procedures to execute using the schema owner permission, but that permission is never granted to the user so it executes safely. Since procedures and functions only take in parameters and those parameters are never executed then they cannot be injected.

There are many many techniques to have the DB time out the user rather than relying on the middle ware or the browser code.

In the previous example the validation function could return either null or a 512 byte hash that is recorded in an internal table with a timestamp which triggers an inactivity timeout. Whenever the user does anything it must be accompanied by that hash and the DB will only return data if the hash matches, else it returns failure. The timestamp need never be returned to the client, only the hash and that hash can be created from anything, time,user name, count of records in a table, current system load, choose anything that will never repeat. At worst a given hash will be valid for only ( timeout period ) minutes. You can even write the web client so it heartbeats and the system returns a new hash every heartbeat, so even if the client connection is severed the hash is only valid for (heartbeat interval) then its time to live has expired.

Designing in solid security is not hard, it just requires the will to do it and to avoid the common programming patterns that have proven themselves to be very, uhm, shall we say, weak.

cool frameworks and Languages too!

When are programmers going to wake up and smell the coffee!

You are screwing around with peoples money. You cannot just slap the latest cool frameworks together, write 50 lines of connection code and call it a system.

I would be willing to bet that there is a single database credential that has rights to insert/update/delete/select on all the tables in the system and its is stored in some xml file that the web application has access to and if the web application has access to it so do all the people trying to break in.

I cannot begin to count just how many times I have seen the following:

select * from users where id=? and password=?

and that returns everything about the user. Every modern database supports either functions or procedures to do something like:

validate_user(uname,upass);

and it simply returns true or false, 1 or 0 nothing more, nothing less.

Far far to often I hear, lets use [ fill in the blank ] framework because that is what everyone else uses and besides look how much more productive we are! And so it is taken upon nothing more than faith and 90% of the time the people saying vehemently that that is the way to go, understand perhaps 10% of the framework code and don't investigate any further. When you are considering a framework that is 100's of thousands of lines of code that more then likely wouldn't pass the particular languages version of Lint or Bounds or any other validation tool you have already lost the security war.

The people who are actively trying to break into large systems do their homework! They spend weeks or months looking at your generated web code looking for patterns that reveal the underlying frameworks and then comb through that code looking for even the most subtle vulnerabilities and then they make a plan and execute it.

When you are building systems like this if you don't start with security as priority #1, for the entire stack you will lose, it is just a matter of time.