Forgot your password?
typodupeerror

Comment: Re:ERROR (Score 2) 386

by Lord Juan (#39677625) Attached to: US Unhappy With Australians Storing Data On Australian Shores

It isn't just that, the whole security theater is really affecting it.

Me and my girlfriend were recently looking at plane prices to travel to the UK, and then came the realization that we were actually looking for options that did not make a scale in the US, leaving out pretty much any plane from any airline in the US.

I found it sad =/ (and I have to avoid them)

Wikipedia

+ - Wikipedia Censored A Gay Article->

Submitted by Anonymous Coward
An anonymous reader writes "Finnish language Wikipedia administrators have censored an article of the current presidential candidate Pekka Haavisto's (Green League) gay spouse Nexar Antonio Flores. Writing or editing an article about him is now impossible.

The censorship by sysop is valid until the February 7th. The second round of voting will take place on February 5th. The prevention is based on by the administrators that the spouse is "not meaningful" and the Wikipedia users will write "not meaningful" irritating facts on the page, like drunk driving during the first round of the campaign, his habit to fight in bars when drunk and major age difference.

On the discussion page of the Pekka Haavisto, administrators have totally deleted (against Wikipedia rules) many comments and their answers where these published facts of the spouse have been presented. The unpleasant comments have also been oversighted, also against Wikipedia rules and practices on the other pages.

The main page of the Mr. Haavisto is currently protected and any adding the facts concerning his spouse concerning his private life section will be removed quickly. Administrators have threatened that by adding the same facts again to the page, the user will be banned for several days from the Wikipedia. Some users have already been banned for adding these facts to the article and even to the discussion page."

Link to Original Source

+ - Safe hosting services

Submitted by
Suchetha
Suchetha writes "Thanks to SOPA and the DMCA and the takedown of MegaUpload, I am becoming quite leery of hosting content in the USA.

My servers don't hold any infringing content, but this trend scares me.

Do my fellow slashdotters know of any hosting providers that are — if not immune — at least resistant to this rather disturbing trend?"

Comment: Don't trust anything, don't trust anyone. (Score 1) 333

by Lord Juan (#38568566) Attached to: Ask Slashdot: Writing Hardened Web Applications?

That is about the best advice that I can give you, treat every single piece of data that comes from the outside world as malicious input, if you can validate against expected values or patterns, do just that, and discard anything that you aren't expecting.
Once an user is logged in, do not trust them, at all, be very careful with privilege escalation.
Use prepared statements for every single data that interacts with the database if this data leaves your control even for one operation, it doesn't matter if it comes from direct input, from a session variable, from a cookie, you check the data and use prepared statements ALWAYS.
Keep your software updated, if you need this to be secure, you can't just make one installation and feel good, you will have to be prepared to constantly update the software in the server, and there will be no end to this as long as you want a secure platform.
Protect the passwords in the database in case they are stolen, a hash+salt per password is an option to do this.
Security is not about preventing a hack, it is about reducing the chances that a hack occurs. If you have valuable information, you will get experience attacks, and you have very valuable information, you will eventually get hacked, you have to find every single hole in the software, the attacker only needs to find one.

I came, I saw, I deleted all your files.

Working...