Comment Re:Definitely interesting.... (Score 1) 220
But if you are vulnerable to automated attacks, then you most certainly are also vulnerable to directed attacks, no? The attacker can just use a known (or new) attack against WordPress once they see that that is what you are running:
"Aha! From the Meta Tags I can tell they're running WordPress. Looks like it's version X. I'll do a POST to site/wp-admin/tiny-mce/lang/en-us/takefile.php of a PHP script. If they didn't apply the patch that was released yesterday I should be able to upload my PHP script which will allow me write access or at least read access..." If you were not up-to-date in your install (or if you haven't audited any plugins you used), then the entire hack might takes just a few minutes, and could be done by someone with only rudimentary skills.
No?
Comment Re:Definitely interesting.... (Score 4, Insightful) 220
A non-custom CMS like WordPress is very often the target of massive automated attacks: a new bug is discovered in WP and a tool is written to seek out vulnerable installations and exploit that bug. If you have the skill or $$ to pour over the code, you can probably find your own bugs before they become publicly known.
On the other hand, if your site is specifically targeted, then your custom CMS is as vulnerable or more than the WordPresses out there. You might have a bit of security through obscurity (in a standard WP install, the attacker might know file names and locations, variable names, classes, etc.) but this will probably do you little good if you weren't able to harden the code.
Lesson: you are screwed if a rich, powerful, or smart attacker singles you out. A standard CMS can land you in hot water if you don't have a knowledgeable person administering it (and who has that?).
Comment Re:Realistic analysis of he daa (Score 1) 299
Your analysis seems messed-up to me. I assume you are referring to this chart http://www.conceivablytech.com/wp-content/uploads/2011/02/browser2.jpg Chrome's rate of growth might have slowed a bit, but it still grew by what looks like 10%. IE has had negative growth pretty consistently. Safari's growth rate seems to be much lower than Chrome's. Since your understanding of the data seems so far off the mark, I doubt your conclusions are accurate.
Submission + - Firefox, Chrome, Safari: what can extensions do? (wordpress.com)
jamienk writes: Firefox defined add-ons in the browser. But Chrome and now Safari offer programmers and users ways to easily extend the abilities of their browsers. What are the differences in capabilities of the 3 systems? Which is best?
Submission + - Breakthroughs in HTML Audio & JavaScript (vocamus.net)
jamienk writes: Imagine if you could grab and manipulate audio with JavaScript just like you can images with canvas... Firefox experimental builds let you do just that: crazy audio visualizations, a graphic equalizer, even text-to-speech, all in JavaScript! Work in progress, you need a special build of Firefox (videos available), being worked on via W3C. Weren't people just saying that Firefox doesn't innovate?
Comment Re:Fundamentally different things, though (Score 3, Interesting) 224
The conceptions of what we "do" with music and film have been limited by the sales and "IP" models. Remixing, adding/replacing tracks, mashups, even sampling, all come about as a consequence of ignoring the "consumption" model as you describe it. So does all "traditional" or "folk" music. There are places that film and music can go that we can't easily think of today. Try to come up with your own examples of what can be done. If you can't think of anything or if your ideas don't seem all that revolutionary or important, maybe you're not an artist.
Submission + - CSS "flexible box model" holy grail of layout? (mozilla.org)
jamienk writes: I don't know how I missed this, but a new method of layout has worked it's way into the CSS3 spec — it allows web developers to stack, columnize, and otherwise control our HTML boxes. You can easily make same-height columns, you can reverse or precisely control the order of elements, you can flex the boxes however you like. Looks complicated, but very very cool. It seems like they still have to work out a few edge cases. Firefox, Chrome, and Safari only so far. IE sucks.
Comment To get software truly correct... (Score 4, Insightful) 596
Since when does MS have the right to say "To get software truly correct..."? They KNOW how to make software secure?
Comment iPhone Games (Score 1) 268
My 3 year old son urges me to download games on the iPhone. I get all the free ones listed for each category and listed under "most popular." He and I agree that 99% of the games we see are some of the worst crap you can imagine. There are a few types:
* Stuff that requires a lot of downloading, rendering, entering passwords, connecting to various multiplayer networks, answering their questions, etc. It takes 5 minutes before the game starts, but by then, we've both lost patience.
* The games are obnoxiously crippled -- they offer only teases, or they constantly try to trick you into clicking to their ordering system, or their ads, or they suddenly stop in the middle of play. You feel interrupted, short-changed, and ripped off.
* The games themselves strike us as weirdly unimaginative. The graphics are retreds of crap I've been seeing since the 80s, or else they look like the standard manga stuff. They often have cliched, muzak-style "soundtracks" and have the game equivalents of a laugh-track: clapping, "awww"-ing, etc.
In sum: these games suck. How they can represent some sort of billion-dollar-industry is so baffling that I suspect a hyped bubble; I can't imagine masses of people paying for this junk. It's more fun to kill time by flipping a coin. It feels like there are no original artists in the game-making work, just "industry" hacks. Maybe one day game-making will somehow be more democratic like website creation and some will try to innovate.
Comment Deserving (Score 0, Troll) 1006
When the lamb has struggled so long and hard to get food fight illness and brave the elements, don't you think it deserves to not be killed by the lion? WinZip, that succulent little lamb, will be eaten by us, the vicious software pirates, however we moralize. It is our nature.
Submission + - What soda does to your body
DeadboltX writes: Healthbolt.net has a story outlining what happens inside your body when you drink a coke
"# In The First 10 minutes: 10 teaspoons of sugar hit your system. (100% of your recommended daily intake.) You don't immediately vomit from the overwhelming sweetness because phosphoric acid cuts the flavor allowing you to keep it down.
# 20 minutes: Your blood sugar spikes, causing an insulin burst. Your liver responds to this by turning any sugar it can get it's hands on into fat."
The article goes on to explain how the caffeine binds itself to calcium, magnesium and other nutrients and gather in your bladder to get expelled rather than go to a bone to make it stronger as well as a few other effects.
"# In The First 10 minutes: 10 teaspoons of sugar hit your system. (100% of your recommended daily intake.) You don't immediately vomit from the overwhelming sweetness because phosphoric acid cuts the flavor allowing you to keep it down.
# 20 minutes: Your blood sugar spikes, causing an insulin burst. Your liver responds to this by turning any sugar it can get it's hands on into fat."
The article goes on to explain how the caffeine binds itself to calcium, magnesium and other nutrients and gather in your bladder to get expelled rather than go to a bone to make it stronger as well as a few other effects.
Submission + - Latest Firefox build passes Acid2!
claar writes: The Firefox Acid2 bug (bugzilla #289480) has officially been marked as FIXED and VERIFIED, and merged into the official development build (to be part of Firefox 3). Hurray! Thanks goes especially to David Baron for his hard work on the Reflow Branch.
Submission + - Plone Keynote: Moglen on Social Justice and OSS
NewsCloud writes: "What does Firefox have to do with social justice? How will the one laptop per child project discourage genocide? How soon will Microsoft collapse? Watch Eben Moglen's inspiring keynote from the 2006 Plone Conference (Archive.org: mp3 or qt; or YouTube). The video presentation is ordinary, so the mp3 is an equally good format.
"If we know that what we are trying to accomplish is the spread of justice and social equality through the universalization of access to knowledge; If we know that what we are trying to do is build an economy of sharing which will rival the economies of ownership at every point where they directly compete; If we know that we are doing this as an alternative to coercive redistribution, that we have a third way in our hands for dealing with long and deep problems of human injustice; If we are conscious of what we have and know what we are trying to accomplish, when this is the moment for the first time in lifetimes, we can get it done.
Servers, Hackers, and Code In the Movies 445
Billosaur writes "As with anything, Hollywood has a weird way of viewing computer technology and the people who use it. To help quantify things, take a look at The Top 20 Movie Hackers, the Top Ten Movie Servers, and the things code doesn't do in real life." From the servers article: "3. UNIX environment - Jurassic Park (1993). The UNIX environment here is a classic geek joke. Everything we saw was real - created by Silicon Graphics and called IRIX. InGen was the corporation funding the island, and from an IT perspective they let the worst possible thing happen: they allowed one programmer to design the infrastructure with no supervision. What's worse, they obviously required no documentation of what was done. The result was a kid had to hack in and gain ROOT privileges. The likelihood of a young kid knowing a way to get ROOT (and not a more experienced programmer) is pretty hard to swallow. The hardware for this server was probably minimal, running door locks and starting Quicktime movies. 'We spared no expense!' You would think that with the millions of dollars they spent on the park, they could have hired a couple newbie programmers and added a server on the backend."
