Forgot your password?
typodupeerror
Privacy

+ - Passwords of a leading Swedish newpaper leaked 1

Submitted by Goglu
Goglu (774689) writes "Aftonbladet, a leading Swedish newspaper, was hacked yesterday and the usernames and passwords of their employees leaked on the Internet. This attack was considered "an assault on democracy". It will of course be investigated by the police.
All this said, a competitor to Aftonbladet was happy to point out that several users protected their precious information with only their first name as a password...
Question to the community: Does leaking these usernames and passwords in the open, and forcing the newspaper to take basic security measures (such as a password policy) really is "an assault on democracy"?
Online translation tool from Swedish to English for the Swedish-challenged folks..."
Programming

+ - Are you proud of your code? 6

Submitted by Anonymous Coward
An anonymous reader writes "I have a problem and I am hoping /. group therapy is the cure, so get on with the +5 comments, post haste! I am downright embarrassed by the quality of my work; specifically, my code. It is buggy, slow, fragile, and a nightmare to maintain. Documentation, requirements, automated tests? Does not exist. Do you feel the same way? If so, then what is holding you back from realizing your full potential? More importantly, what if anything are you planning to do about it? This picture, which many of you have already seen, captures several project failure modes. It would be humorous if it weren't so depressingly true. I enjoy programming and have from a young age (cut my teeth on BASIC on an Apple IIe). I have worked for companies large and small in a variety of languages and platforms. Sadly the one constant in my career is that I am assigned to projects that drift, seemingly aimlessly, from inception to a point where the client runs out of funding and the project is abandoned. Like many young and idealistic university graduates I hoped to spend my life programming passionately, but ten years later I look in the mirror and see a whore. I'm just doing it for the money. Have any developers here successfully lobbied their company to stop or cut back on 'cowboy coding' and adopt best practices? I'm not talking about the methodology-of-the-week, I'm referring to good old fashioned advice like keeping SQL out of the UI layer. For the big prize: has anyone convinced their superiors that the customer isn't always right and saying no once in awhile is the best course of action? Thanks in advance for your helpful advice."
Mozilla

+ - Firefox 3 to support offline apps

Submitted by thinkingpen
thinkingpen (1031996) writes "Read/Write web is carrying an interesting story about Firefox 3. From the article — "An interesting tidbit came out of the recent Foo Camp New Zealand (which unfortunately I wasn't able to attend). Robert O'Callahan from Mozilla, who is based in NZ but drives the rendering engine of Mozilla/FireFox, spoke about how Firefox 3 will deliver support for offline applications. This is significant because you'll be able to use your web apps — like Gmail, Google Docs & Spreadsheets, Google Calendar, etc — in the browser even when offline. I deliberately mentioned all Google web apps there, because of course this plays right into Google's hands." Now thats web 3.0 ?"
PHP

+ - Month of PHP bugs

Submitted by
PHP
PHP writes "Stefan Esser is the founder of both the Hardened-PHP Project and the PHP Security Response Team (which he recently left). During an interview with SecurityFocus he announced the upcoming "Month of PHP bugs" initiative: "We will disclose different types of bugs, mainly buffer overflows or double free(/destruction) vulnerabilities, some only local, but some remotely trigger-able (for example, because they are in functions usually exposed to user input). Additionally there are some trivial bypass vulnerabilities in PHP's own protection features. [...] As a vulnerability reporter you feel kinda puzzled how people among the PHP Security Response Team can claim in public that they do not know about any security vulnerability in PHP, when you disclosed about 20 holes to them in the two weeks before. At this point you stop bothering whether anyone considers the disclosure of unreported vulnerabilities unethical. Additionally a few of the reported bugs have been known for years among the PHP developers and will most probably never be fixed. In total we have more than 31 bugs to disclose, and therefore there will be days when more than one vulnerability will be disclosed. The Month of PHP bugs will take place in March 2007.""

Every nonzero finite dimensional inner product space has an orthonormal basis. It makes sense, when you don't think about it.

Working...