Forgot your password?
typodupeerror

Comment: Another proof of concept (Score 1) 34

by Anal Surprise (#37652426) Attached to: Facebook's URL Scanner Vulnerable To Cloaking Attack

A while back I actually wrote a tool for Rickrolling people several months ago:
http://brokenthings.org/
based on poisoned link redirection. It works well enough. The only way to avoid redirector tricks is to follow redirectors all the way to The Actual Page and then use *that* as the reference. Then, at least if the link is poisoned, it'll be obvious.

Comment: "Standard practice"... if you're an asshole (Score 1, Troll) 510

by Anal Surprise (#31977082) Attached to: Mass. Data Security Law Says "Thou Shalt Encrypt"

It's a little irritating to read all the comments about how this is really easy, standard industry practice, etc. Please give me a fucking break.

Suppose you're running a church newsletter. You're not computer-literate. You want to send a newsletter. You write out the names of church members and their mailing addresses on a sheet of paper, and accidentally leave it at the copy shop. This is legal.

Now, you do the same thing on a computer that you keep locked in your church. You use it to print out labels, you put the labels on envelopes, and you put the envelopes in the mail. Is it really reasonable that you've broken the law here? Most of this information is available in public databases anyway. You don't know "encryption" from your asshole. Your computer runs Windows 98, and there's no network.

To my mind, if "creating a list on paper" is legal, "creating a list in a computer" should be too. If you want to hit %%loss or misuse%% of personal information, write a law that does that. Penalize a lack of security, don't legislate what security is, because every situation is not the same.

10.0 times 0.1 is hardly ever 1.0.

Working...