Follow Slashdot stories on Twitter


Forgot your password?

Comment: Re:Paywalls; HTTPS proxy (Score 1) 391

by tepples (#48640943) Attached to: Google Proposes To Warn People About Non-SSL Web Sites

It's not a behind paywall, it's a free site.

Sites that do not require payment still need to distinguish between users that have registered and visitors that have not as well as between users, such as for comment sections (are you LordWabbit2 or someone who Firesheeped his session cookie?) or "free reg. req." policies.

What network administrator in his right mind would hand out the root certificate to the HTTPS proxy?

Anyone who wants his users to know they are connecting to the correct proxy. Remember that a root certificate contains only the public key, not the private key.

Comment: Re:Nice! I was one of the ones hit by these charge (Score 1) 50

by squiggleslash (#48640867) Attached to: T-Mobile To Pay $90M For Unauthorized Charges On Customers' Bills

At least you got some unsolicited text messages ;-) Most victims of this scheme, my wife included, never even got that. There was literally no connection between activity on our accounts and the unauthorized charges.

To this day I find it unfathomable T-Mobile would allow any company to add charges to one of their customer's bills on their say-so. At the very least, I'd expect a "Show an example of a text message FROM customer TO creditor" requirement, something T-Mobile (and apparently the other companies to, according to Legere) never bothered to require.


Comment: Re:The Legit Bay (Score 1) 78

by tepples (#48639519) Attached to: Anyone Can Now Launch Their Own Version of the Pirate Bay

Hate copyright? Change the friggin' law.

How is that possible when all major TV news sources that cover candidates for federal office share a corporate parent with one of the members of the MPAA? Fox=Fox, CBS=Paramount, ABC=Disney, NBC=Universal, and CNN=Warner. A candidate for federal office who openly opposes the excesses of what copyright has become will draw smear campaigns from all five of these studios' co-owned news channels.

Comment: Re:Definition: Secure systems keep working, no mat (Score 1) 309

SQL injection. My work place had a typical example:
INSERT INTO users SET fname='$fname', lname='$lname';

Apart from the fact that you're mixing UPDATE syntax with INSERT syntax, substitution is perfectly valid so long as each string has been sanitized in the correct manner for a particular database connection (that is, not addslashes()). For the MySQLi client library, it looks like this:

$fname = $db->escape_string($fname);
$lname = $db->escape_string($lname);

Don't get me wrong; it's bad practice to escape manually unless you're using operator IN on a database client library that supports neither array parameters nor named placeholders (such as MySQLi). But code that correctly uses $db->escape_string() (or the equivalent for other languages or database drivers) should be safe from SQL injection, just as code that correctly uses htmlspecialchars() should be safe from script injection.

With Clonebox, if a customer's web server is hacked or otherwise damaged, we can switch it over to a ~read-only mirror. Sure that protects against hackers, and some customers have been hacked and used the protection. More often, customers simply screw up and delete important files or databases.

But how long do you keep these mirrors around, in case there's a screw-up that goes undiscovered for a while?

Comment: Welfare to discourage Robin Hood gangs (Score 1) 453

by tepples (#48636211) Attached to: Colorado Sued By Neighboring States Over Legal Pot

The existence of public goods as an argument that taxes are not theft assumes:
1) There is no other way to provide public goods

Please provide a counterexample to the claim "There is no other way [than taxation] to provide public goods" and I'll believe you. Preferably more than one, so that other Slashdot users don't shoot each down as impractical.

would it not be stealing if I took your money and gave it to orphans?

Would it not be stealing if I took your money and used it to shoot other people who try to take not only more of your money but also your life? Police and military are public goods. Giving a reasonable peaceful livelihood to orphans helps reduce the cost of police by keeping orphans from forming gangs that use violence against rich people.

Comment: Re:How naive... (Score 4, Insightful) 81

Your use of the term "naive" suggests you think it's designed that way due to conspiracy.

SS7 is a protocol designed to do all these things because it's designed to manage the phone network. That's it's job. If it didn't do those things, it couldn't be used to route phone calls.

Does it have poor security? Yes in the 2014 world, but at the time it was developed virtually every phone company was a monopoly, and it was just assumed only a small handful of easily accountable giant telcos, usually only one in each nation, would ever use it directly. You might just as well criticize non-networked single-user circa-1977 CP/M for not having logins and user/group ownership of files.

Comment: Re:It would last (Score 2) 78

by tepples (#48636075) Attached to: Anyone Can Now Launch Their Own Version of the Pirate Bay

then the media companies would sue oh behalf of the starving artists as your free music is making them poor now.

What would be the grounds for such a suit, especially given the ruling in Viacom v. YouTube that OCILLA-compliant providers are not liable for their users' copyright infringement?

Our policy is, when in doubt, do the right thing. -- Roy L. Ash, ex-president, Litton Industries