Is visiting many ebay pages ad-hoc social?

One important part of successfully marketing something is broad appeal. Playing a gay protagonist evidently isn't something that appeals to the vast majority of game enthusiasts. Same for movies. If you were an enterprising individual perhaps you can see a lucrative niche?

Here's some references which predate the civil rights movement by about a thousand years. How shadow and light are referenced throughout history, having JACK ALL to do with some one's fucking skin. Black has a variety of meanings throughout history and especially to various cultures. Here's another one, the Yin and Yang, notice the colors?

Think of the children is effective at controlling people, why would there be any exception in today's political climate?

Do they ignore that the average age of gamers is 30s?

Implying they're not works of art already is hilarious. Not every movie, just like games or that chunk of "pottery" made for mom, is a work of art either, but this is where taste comes in. Taste is highly subjective.

Jail I believe should be for violent offenders exclusively, jail time for accessing something, even millions of times is ridiculous. If he obtained protected information (cardholder data, SSNs) maybe, but if it isn't "protected" (say an email, first and last name, type of phone etc.) or doesn't come with any terms, it's fair game and the blame for the boring disclosure resides solely with the company since each request was authenticated by them. We have far too many people in Jail as it is. We're the world leader's in incarcerations and it's a dirty ass privatized business which I don't want to support when we can put these people to work, and fines do a wonderful job along with some community service. If that's the case Google needs to go to jail for indexing, and bing too since bing fed itself off of google. There was no exploit, this was the system operating as intended, supply it with an IMEI and get info. You want someone in jail for randomly trying publicly accessible page, incrementally, much like what google does with google maps mapping vehicles. Why isn't this illegal, it's occurring on public roads, too!? They make copies of the data accessible at these locations, or to use your words, they "steal the information" (addresses are personally identifiable information, but also public).

Authentication is a fuzzy thing, quick google returned: Authentication is the act of confirming the truth of an attribute of a datum or entity. By entering the IMEI this satiated the authentication, pretty shitty authentication. "Yup, address is good!". In regards to the paypal thing, btw paypal isn't a bank in the majority of the countries they do business in. In order to obtain this signature you need to create an account though, which requires a few pieces of information something an IMEI doesn't require. The signature seems like a token and is part of an authentication scheme, not simply a (terrible) username. The first 8 digits of the IMEI are assigned to manufacturers and made public (pretty good for something "private"!), and Apple, for instance, tends to do 'batch' naming for the rest, so if you have one iPhone IMEI you can guess all the others from that batch just by incrementing. That's a terrible authentication idea there, lou.

So if each person (in a large pool of say 250k) accesses one URL, with an IMEI that was generated, it's cool? Rape is cool the first time around then too, eh? This conflicts with below :P

Why would I need permission since they can be derived? It's not something that's secret, or is protected, or has any expectation of privacy, it's even broadcast (to the carrier). Otherwise sites like this http://www.imei.info/ wouldn't exist. Think they burn all of those "passwords"?

I asked this specifically to nail down what an IMEI number is. An IMEI is not a password or a username any more than using a credit card number or social security number is. Unlike SSNs or CC#s it's an identifier for a device which doesn't even identify an owner in many cases (see prepays). These are similar to VINs on cars. How is it illegal to generate and try different combinations of this series of numbers, especially since portions of these numbers are public knowledge, on a website that is/was publicly accessible without any terms of use or limitations imposed by the operators for any clients which request info using a valid IMEI?

Absolutely it does, it's implicit when it's on the web (short for World Wide Web) especially without authentication (doesn't that usually involve username + password?). Ultimately I believe you're arguing about intent of the organization, something the web server and client know nothing about. Requests (not demands) are received, and the web server replies. Private networks are just that, not publicly accessible. This is the digital equiv. of driving down various streets (publicly accessible addresses) incrementally and being provided with information at the end.

How is an organization not responsible for what they put online, after all are they not the ones solely authorized to determine what they want to provide others access to? It's not like this involved a username and password like the online banks or credit cards do.

Remember those folks who would share out their entire drives on file sharing networks? It's not up to a client to determine validity of who is or isn't authorized - that's the job of the people configuring the server. It is up to the entity operating the server to ensure that data is protected, authentication isn't anything new, especially robust systems. Would you defend the government for making a system where simply using a street address would allow one access to information (taxes etc.)? How about your Bank? Explain your reasoning, please.

What does this have to do with my point, you think I like this asshole? Are you under the impression that making an example out of this guy will somehow improve things? If that were the case simply putting a guy through the system, the first time, would've sent the message loud and clear! If you're a customer of this company after this, you're crazy but I can understand how you'd be upset; although you should really focus on WHY THIS HAPPENED. You're ready to punish him for what amounts to an embarrassment. Also, you included email addresses in your rant, FYI email addresses are not private information. They're as private as a phone number is (something listed in directories and/or published in books).

You make a point of mentioning that this occurred thousands of times. What if you clicked on a link via a URL shortening service that directed you to one of these links, do you think you should be put in jail? Is it an exploit only if you do it x number of times? Do you think you should be liable for fraud for entering IMEI#s? What about accessing a website or service when its really busy (DDOS)? What about visiting slashdot and typing in an account name that's a misspelling of yours which happens to have the same password? Swap out slashdot with your bank of choice. Is it criminal now since it's "unauthorized access" of a computer system?

Lazy/incompetent/unprofessional people get no sympathy from me, they've earned this, and the company (developers, sysops, and managers in charge of these systems) need to own up to their shitty half baked design and policies. They deserve to get their feet held to the fire. If they're unable to perform, there isn't a shortage qualified people who would jump at a chance to take their places in a fucking heartbeat.

The fact is both were on web servers. The entire point of a web server is to handle requests, if you don't want something publicly accessible, begin by not putting it online. How are we to determine what is or isn't authorized? If you put something online, and later say that someone wasn't supposed to access it, who is liable?

If only there were some way to flag and block repeated attempts... this is about as brilliant as those folks who decided using a Social Security Number as a means of identification.

TL;DR Defending negligence will not improve things.

s/Auto/Aero/ ?

I, too, read for the comments. What's your plan b? Ycombinator?

I'm interested in realizing something, seems like an great way to contribute. I'm not a perl guy, so grokking Slashcode will require some ramp up. I am familiar and feed myself with web. What makes a site is the community, the hosting for such a project isn't my primary concern, infrastructure is something that can be acquired as need permits. Besides the design my present curiosity is mitigating abuse and request volume for visitors and flagged comments.

As wild as 2/4chan are the focus on what is being said rather than the who is appealing, unfortunately there are some drawbacks, too. I really like ycombinator, too. Based on some of the comments in this story it looks like the main draw for the community is an easy to digest comment section. I'd like to better understand how the mod points are awarded in Slashdcode. Other concerns are popular platform support, such as mobile, RSS, does anyone care about the achievements, blogs etc.? Additional moderation points?

As far as a name, I've got title in mind, something old and something new, only a few characters longer than Slashdot. I realize the switch is coming soon. I've got a few logs on the fire and will not be able to dedicate any serious time for another ~6 weeks. In the mean time I can put some thought into a prototype application design and schema. I don't want a carbon copy, so input is welcome. What's on your mind?

I'm interested in contributing, I've got a couple machines and some bandwidth, but it depends on some other factors. I really enjoy Slashdot, and would love to see this community continue, or if "we" go elsewhere, join that crowd. Maybe we can make a poll or something in what users are interested in feature wise? Slashdot of a certain era for example, or this could be a great time to refactor while keeping a familiar layout and moderation system. What's your skillset?

History of the World, Courtesy of Mel Brooks.

Indeed! To clarify, my point wasn't to slam KHTML, or the GP, but to objectively see where the issue lies. After all Slashdot is frequented by movers and shakers, which the NSA even targets ;) It's a good thing there are people out there who enjoy a challenge and are working to improve things. I understand how expensive software is to maintain especially with larger code bases.

Is this due to webkit specific markup or missing features KHTML side? Have an example page we can examine to see where the issue lies?

That's how forks work, it was split not simply for the awesomeness, but because they wanted to add features. If they were so satisfied with KHTML they wouldn't have forked it.

Chrome is just a dysfunctional Webkit, which is just a dysfunctional Khtml....

While losing Presto, which has been around since the early days, sucks it's not exactly cheap "me-tooing" the other guys. Besides, one of the reasons for the lack of popularity was the obscure rendering issues occasionally encountered with pages. "Whelp, my banking site just doesn't work, gotta switch browsers" type situations weren't exactly uncommon and arguably speak more about the markup than the engine itself but an end user might not be so understanding. Operas approach makes a lot of sense from a technical standpoint. One could dream about an opensource Presto but with the whole software patent blight I don't see that occurring any time soon.

Seems more like a fork, doesn't it? Feature branch the engine, keep the UI. Granted it's still under heavy development, I'm excited about seeing it mature - I'd like to see how their development tools will be integrated (element inspection and whatnot) since the "old" Opera is known for having many useful features baked in. I'd like to see a webkit with some sweet extensible architecture so we might have Firefox level plugins, see Adblock. I realize this is available now but the effectiveness varies from Chrome to Firefox due to how webkit handles network requests, I'd like to think there is an opportunity here. If development time is ultimately saved as a result, hopefully additional features will once again be the focus instead of reinventing the wheel.

You could expect it if were a tablet such as the iPad3 for example, came out late 2012 and features 2048 x 1536px. Your point still stands, keep fighting the good fight. For fun if these "designers" use frameworks try removing the doctype, or moving a submit button outside of a form, change selector cAsEs (.content-holder -> .content-hoIder) (L to i), and seeing how long it takes them to figure it out.