Forgot your password?
typodupeerror

+ - Alleged massive account and password seizure by young pirates group

Submitted by Rigodi
Rigodi (1000552) writes "New York Times reported yesterday, August 5, 2014, a massive collection of stolen email passwords and website accounts accumulated by an alleged russian "crime ring". It is over a 1.2 billion accounts bundle, covering any size of originating websites, from huge companies such as Adobe (the famous) to small websites hacked here.
Attack scheme is told to be using essentially old and well known SQL injection tactic based on botnet armies to test any website robustness.
Information has been made public to coincide with an industry conference to raise debates about the classic security account & password system weaknesses and urge for the need to find a new way to protect user's authenticity.
What do Black Hat security conference participants have to say about that in Vegas?"
Blackberry

+ - BlackBerry Vulnerability Could Allow Access to Enterprise Server->

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "A vulnerability exists in some components of BlackBerry mobile devices that could grant attackers access to instances of the company’s Enterprise Server (BES), according to Research in Motion (RIM), which issued an alert and released a patch for the vulnerability last week via its Knowledge Base support site. BES, the software implicated by the vulnerability, helps companies deploy BlackBerry devices.

The high severity advisory involves the way the phone views Tagged Image File Format (TIFF) files, specifically the way the phone’s Mobile Data System Connection Service and Messaging Agent processes and renders the images.

An attacker could rig a TIFF image with malware and get a user to either view the image via a specially crafted website or send it to the user via email or instant message. The last two exploit vectors could make it so the user wouldn’t have to click the link or image, or view the email or instant message, for the attack to prove successful. Once executed, an attacker could access and execute code on Blackberry’s Enterprise Server"

Link to Original Source
Book Reviews

+ - Enyo: Up and Running 1

Submitted by
Michael Ross
Michael Ross writes "Upon hearing the name "Enyo," one may wonder if the speaker is referring to the Greek war goddess, or if it is the name of some Celtic New Age music with a Latin twist. In the world of front-end software development, Enyo is a cross-platform open-source JavaScript framework that can be used to build HTML5 web applications for the desktop and for mobile devices, including those powered by iOS and Android. The project website bills it as "an object-oriented JavaScript application framework emphasizing modularity and encapsulation." Any programmer interested in learning Enyo — or at least exploring what it is capable of — can consult the online documentation and the forums, but a more time-efficient approach might be to read a book focusing on the topic, such as Enyo: Up and Running, written by Roy Sutton, a contributor to the project.

The book was published by O'Reilly Media on 6 February 2013, under the ISBN 978-1449343125. (My thanks to O'Reilly for providing a review copy.) On the publisher's page, visitors can find limited information about the book and its author, some reader reviews, links to purchase the electronic and print versions, and a page for errata (of which there are none, as of this writing). At 74 pages in length, this title comprises seven chapters, plus an appendix explaining how to set up a local development environment for working with Enyo, with a few options to choose from. Thus, the appendix is where most readers should and likely will start. In the preface, the author notes that the book assumes "some familiarity with HTML, CSS, or JavaScript"; that "or" should be an "and," since all three technologies are foundational to Enyo.

The first chapter introduces Enyo by examining a fairly simple web app — one that displays a traffic light on the web page. Naturally, in a black-and-white book such as this, the red/yellow/green colors are all in grayscale. Much more importantly, of the seven jsFiddle-hosted code examples provided in the chapter, the first five do not work (as of this writing), apparently because in each case there exists in the code some sort of control character, displayed as a red dot. (In the third example, the dot character is in the JavaScript and not the HTML.) Readers should delete that character and click the "Run" button, to see the intended results. The last two examples work only because the dot character comes after the closing </script> tag. It is baffling how these flaws could have gone undetected by the production staff and technical reviewers.

The material seems to raise as many questions as it answers. Assuming that the code printed in the book works (no downloadable code archive is offered), readers will probably be left pondering questions such as: Is create: function() some sort of constructor? Why isn't a new color passed through the call this.colorChanged()? Why is oldValue apparently not used? Where is setColor() defined? While it is a good idea to entice the reader to try a new technology by showing its capabilities, if that reader is expected to understand the example code presented, then it should be fully explained; otherwise, it should not be presented. As an alternative, the author could have limited the discussion to what functionality Enyo provides to the programmer, without listing source code in print or on jsFiddle. This would have provided the reader with greater motivation to invest the time and effort in learning what can be a challenging subject.

As a result of these early problems, this first chapter does not get the book off to a promising start. The second chapter, "Core Concepts," is perhaps the one that should have begun the book, because it describes many of the core ideas critical to Enyo: kinds, encapsulation, published properties, events, signals, inheritance, constructors, and statics. However, the pace is too fast for beginners, and more examples are needed to explain the concepts, step-by-step. By the bottom of page 11, countless readers will likely be bewildered with the terse discussion of getter and setter functions, "changed" functions, construction, and passed values (which are properties or not). Also, readers will again encounter the aforesaid problem of the red dot character breaking the example code on jsFiddle. (Further instances in the book will not be documented here.) The third chapter continues the discussion, focusing on components, menu and form controls, and functions, as well as some components for animation and making web requests. All of the information looks correct. The only puzzling aspect is why break tags are used (on page 22) instead of a CSS display: block; declaration.

User interface is addressed in the next two chapters, the first of which presents layout components commonly needed for Enyo apps — scrollers, repeaters, fittables, lists, and panels. The second one explores CSS styling of an Enyo app, performance considerations of apps on handheld devices, debugging, common mistakes, jsFiddle, internationalization, and localization. With these chapters, the narrative in the book becomes noticeably more comprehensible.

The penultimate chapter — essentially comprising two pages — delineates some options that the Enyo developer has for deploying a newly-built app to any one of the supported platforms. This chapter, like all the earlier ones, ends with a summary that is so brief, and applicable to so few pages, that each one seems pointless. Why do publishers feel obligated to include these useless chapter summaries in almost every technical book? The final chapter is a one-page conclusion, in which the author encourages readers to learn more and become involved in the Enyo community.

This book is more of an introduction, although no reason is provided as to why it was not instead made a more extensive treatment of the subject. Upon completing the book, the average reader will probably conclude that she did not absorb enough knowledge of the Enyo core to begin immediately developing apps using this framework, and the best course of action might be to start over again on page 1, or perhaps seek out a second source, before optionally returning to this one for a second run-through. The material could have been structured so all information is presented sequentially — so the reader does not encounter concepts yet unseen — with more step-by-step explanations.

Rather than presenting the reader with code snippets that have no relation to one another, it would have been much more interesting and motivating if the author had devised and explained code that incrementally builds into a nontrivial app. Furthermore, the example source code should have been made available on the publisher's website, so readers could avoid typing it from the text or extracting it from jsFiddle if they wished to try it in their local development environments.

In terms of typography, the font size of this book is a bit too small, especially for extended reading, and for people with subpar vision. This is even more true for the code snippets, which are in an even smaller font. In many of the lines of prose, the words are too close to one another — a problem exhibited in a few other recent O'Reilly titles. Did the production team feel it necessary to further compress a 74-page book?! In fact, proper names, such as those of components, are oftentimes broken between two lines in the text — sometimes nonsensically, e.g., "FittableR" followed by "owsLayout" (page 32). The book contains several errata: "This is [not] to say" (page viii), "such as [a] local installation" (viii), "url" (27), "we might modify add" (34), "woud" (35), "one [of] the most" (35), and "allow you [to] easily debug" (56). For such a slender volume, the production quality seems to have received less attention than it deserved.

Overall, this offering does not reach O'Reilly's usual high standards. It's a shame, because it seems like such a promising topic — one that could be more thoroughly explored in a larger volume. Perhaps this feedback, and that of other readers, could be folded into a second edition. This is a real possibility, given that the author notes in his conclusion that he considers the book an active project, and intends to keep it up-to-date with the changes to Enyo itself. In the meantime, this is a promising start that can give readers a taste of Enyo's potential for building modern web apps for desktop and mobile platforms.

Michael Ross is a freelance web developer and writer."

Comment: 4d + underground (Score 1) 197

by Rigodi (#42830181) Attached to: No Transmitting Aliens Detected In Kepler SETI Search

first space is not 3d but 4d, chance that two civilizations with electro-magnetic communication systems collide in space-time is somehow very thin.
+
frame of air full communication with electro-magnetic signal, according to our own history, is itself very short. what we see for us is : 1950's, start of massive air broadcast, 2010's communications go underground with fiber optics and wired networks. air broadcasting is already diminishing, ask tower companies about their business models today...

so finding this alien needle in a haystack might be just waste of time & ressources no ?

Comment: Re:Sucks to be you! (Score 1) 516

by Rigodi (#38010324) Attached to: How Do I Get Back a Passion For Programming?

Yeah, move on if you can.

I personally did that two years ago.
I was in a big company, working on nice project with nice guys, well paid, 11 weeks of holidays per year (I'm French, of course) with all the money project required.

But a private equity fund bought the company and slashed it for profit. Ambiance fell down, project became crap. I was asked to work on a technology I don't like and my work turned boring. I was a project manager then, so I quit and hopefully found rapidly a new job, I was lucky. It was 20% cut for my salary, 4 weeks less for holidays and I stepped down to simple programmer. But I accepted it because it was on a technology I like very much (AS3, I know, I know) and things would turn dramatically more simple for me, I needed a break.

What happened then ?
Sure I am not that comfortable I was in the big company, we are always overwhelmed and job is hard, but after two years I found myself as the production manager of the company and I get to office every morning the smile on my face and happy to go. And I love again pissing my PHP/SQL/AS3 code.

Hope it helps,
François le français

Comment: Re:i stopped using avast because of popups (Score 1) 896

by Rigodi (#31527898) Attached to: What Free Antivirus Do You Install On Windows?

I choose Avira three years ago after reading a comparaison test found on the net. Seemed to be tested quite honestly done by triggering attacks with several types of viruses.
Avira went first but it was three years ago. I swapped from Avast that was a bit too fat for my system, Avira turned to be quite light with it.

But today I would not be able to say which one is the best. So far so good, with Avira, no virus detected on my machine, thanks to it, to my firewalls (routers & desktop) and my surval habits on the net.

Comment: Keep it simple, for now (Score 1) 1095

by Rigodi (#24286265) Attached to: How To Encourage a Young Teen To Learn Programming?
Based on personal memories

My father was into it, working on IBM 390 systems and I was eager to get my own computer, to see how it worked and to know how people could program it.
When we received the beast (ZX81) my father just spent a few hours showing me trivias about variables, for-loops and simple input / outputs. That was it.
Then it was just a question of personnal interest, that turned into passion, finaly. Later then the adult can help from time to time or give tips, perpectives, etc.
So my idea is that plain simple basic might be enough. May be just an old VB or a simple PHP sandbox. OOP, web technos can wait a bit. Just start with the 101 and look how your kid responds.
Hope this helps,
F.

It is surely a great calamity for a human being to have no obsessions. - Robert Bly

Working...