Become a fan of Slashdot on Facebook


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Comment Re:The CA's are not doing their due dilligence (Score 1) 64

I switched to DigiCert a few months ago and they are much more "rapid" than rapidssl was ever for us.

Our original account with Rapid was under one company name. We subsequently changed the holding company's name on a later request and apparently our account was flagged for manual validation 100% of the time. Each time we renewed it would take 4 or 5 days of faxing forms, confirmations, phone calls from hell, etc.

The nice thing was, at the time, they were one of the few SSL providers to allow unlimited re-issuance. Digicert does too, and has even better prices AFAIK.

(Note: I don't work for them or have any financial interest in them)

Comment Re:ACID3 (Score 1) 493

Did you actually use MS's implementation of web fonts? They made some proprietary font for no reason at all. They are trying to open it as a W3C standard now but that will hopefully fail completely. We already have enough font standards without introducing yet another format.

Comment Community more unsecure than the language (Score 1) 229

The community and fleet of developers available to PHP is far and away the more vulnerable than register_globals could ever be.

Modern code bases, books, and examples are STILL being written using string concatenation to build SQL! These examples are teaching these dated, insecure methods to novices, thus guaranteeing these horrible practices will propagate for a long, long time.


Submission + - Panic of failing QuikSCAT satellite overlown (

daeg writes: We previously read and discussed about the aging QuikSCAT weather satellite used to help predict tropical storms. It turns out that the panic is likely overblown and the loss of the satellite won't have any dramatic effects on forecasting at all. Some in the National Hurricane Center are now calling for Director Proenza's resignation over this and his overall handling of the center.

Submission + - Passwords in small companies

daeg writes: As any person in a small company can tell you, we have too many passwords and too many people know them because the defined job roles are very lax. The programmers know our shipping password because they've had to ship things before and the administrative assistants know our printer passwords, for instance. Are there any easy ways to manage these types of passwords securely? If an employee leaves, we have to change all of the passwords (particularly for the places that do not allow multiple delegate user accounts) and simultaneously tell everyone the new password, which is tedious and error prone, at best. What are some methods that have worked in your small companies?

Submission + - PHP 5.2.2 and 4.4.7 Released

daeg writes: PHP 5.2.2 and 4.4.7 have been released with a plethora of security updates. Many of the security notifications come from the Month of PHP Bugs effort, and range from double freed memory to bugs in functions that allow attackers to enable register_globals, to memory corruption with unserialize(), to input validation flaws that allow e-mail header injections, with an unhealthy sprinkling of other bugs and flaws fixed. All administrators that run any version of PHP are encouraged to update immediately.

Submission + - China net use may soon surpass US

GuerillaRadio writes: The BBC is reporting that China could soon overtake the US to have the world's largest number of internet users, according to a state-controlled think-tank.
"We believe it will take two years at most for China to overtake the US," an official at the China Internet Network Information Center told state media. China had 137m internet users by the end of 2006, an increase of 23% from the year before, the centre reported. This figure means that more than 10% of the population is now online.

"The most important thing in a man is not what he knows, but what he is." -- Narciso Yepes