Forgot your password?
typodupeerror

Comment: Re:USE BIND VARIABLES (Score 1) 288

by wsapplegate (#35643426) Attached to: MySql.com Hacked With Sql Injection

Not to be a dick, but mysql.com is written in php and you cannot bind variables in php (based on a simple google search).

Are you sure you actually fired up a Google search? The second result of a search for "php mysql bind variables" leads you directly to this function. Not to mention ADOdb can fake it even if you don't use the mysqli driver, and I'd bet PDO and the other libraries can do the same. Seriously, even if you're a PHP developer (I'm one), you have NO EXCUSES for not using bind variables. The hassle is quite low, and the peace of mind is priceless...

Comment: Re:Two more questions (Score 2) 194

by wsapplegate (#35614466) Attached to: SSL Cert Weaknesses Exposed By Comodo Breach

1. Why was a key-gen server connected to the Internet? Shouldn't certificates be delivered out-of-band, such as on a CD delivered to the indicated registered address?

For the very same reason some resellers of this pitiful excuse for a CA deliver certificates to you before you've even scanned a single document proving you're authorized to ask for it (yes, seriously): Because it would be Bad For Business[tm]. People want to start their damn online shops Real Quick, and people who make these shops don't want to irk the customer by asking for lots of papers and delaying the setup. Like always, business efficiency and security do not mix well.

2. Why exactly do we still trust Comodo as a CA, when the like of cacert.org cannot meet the "requirements" to be added as a CA in Mozilla products?

According to CAcert, we (or rather, the browser vendors) trust anybody who passes an expensive audit by those guys. The CAs are just like registrars, they've a big incentive to sell as much certificates as they can, they can have resellers even more hungry for business, and everything goes naturally downhill from there. Here's an alternative idea: IRL, who does certify your identity (or that of your business) and has pockets deep enough to handle any liability lawsuit if they made a mistake? Right: Your government. Hence, they're in the best position to know if you can legitimately ask for a certificate in the name of ACME Corp. Let certificate issuing be a public service, then. Personal certificates are already being embedded in some ID cards (IIRC, Belgium provides something like this). Why not getting an account to generate SSL server certs tagged with your identity along with your passport (or the identity of your business along with your certificate of incorporation)? I know I would trust such certificates much more than those issued by a random corporation on the basis of (at best) crappy scans or facsimiles that could as well have been photoshopped in the first place.

As for certificates that are just domain validated and do not embed any identity in addition to the CN, browser vendors should (1) relax the audit procedures so there can be people providing those certificates for a negligible sum (or even for free, at least one real CA already does it) so people can easily encrypt their communications without revealing their identity, and (2) find a conspicuous way to inform the user about the real assurances provided by a certificate. Sorry, but it is now painfully obvious that the nice closed lock in the address bar means absolutely nothing, and I very much doubt most people are paying attention to those blue and green bars after years of having been told to "look at the lock and the HTTPS URL".

My .2 €

Comment: Re:Am I stupid or what? (Score 1) 126

by wsapplegate (#35340448) Attached to: Cracks Showing in the Libyan Firewall?

*Sigh* No flames, but if I may say so, a bit of investigation wouldn't have hurt, either. Two command lines (dig -t ns ly. and whois `dig +noall +answer bit.ly | cut -f7`) would have told you two things:

  • The .ly ccTLD has got secondary nameservers outside Lybia, courtesy of RIPE, UUNet and the University of Oregon
  • bit.ly uses a Lybian domain but is hosted in the US (by NTT)

As far as the "Lybian firewall" is concerned, it appears to exist, in a very crude form (they drop their BGP sessions, which cuts them off from the rest of the Internet as a matter of fact), but it seems it's intermittently on and off (currently, I can reach LTT's network, at least). As to what is really going on, I haven't the faintest clue.

Comment: Re:By Sending the Police (Score 1) 214

by wsapplegate (#35199066) Attached to: Italian Police Seize Blog Over 'Kill Berlusconi' Satire
Like the AC above, I hold Italian citizenship (amongst others, so I may be a bit less biased, though), and I think I can say without a doubt that I wish Berlusconi would be sent away (the nearest galaxy would be a tolerable distance in my eyes). Still, I've to agree with him: Your analysis shows that you never went to Italy, and never had a serious look at it over the usual stereotypes. The “brute squad” was maybe used by Mussolini in the 30s, and there's has been an ugly period of leftist (and not-so-leftist: Gladio, anyone?) terrorism in the seventies, but to imply that Berlusconi can actually unleash thugs against opponents just bewilders me. Instead of inventing mob squads going around like in some weird African country, people would be better advised to have a look at some less violent but still disturbing events. For instance, the number of break-ins by mysterious “thieves” into judges and photographers' offices (some sources for Italian readers: 1, 2). Just sayin'...

Comment: Re:Overhead wires (Score 1) 168

by wsapplegate (#34714014) Attached to: South Korea Launches First Electric Bus Fleet

The city of Nice, in France, did the sums recently and still dug up the roads and built a tramway with overhead cables.

There was no choice: Batteries are still not powerful enough, plus you can't expect the trams to spend dozens of minutes at the termini while the batteries charge (BTW, Nice's trams have got propulsion batteries, but they only serve on two limited stretches where the OHLE is absent for dubious æsthetic reasons). There was talk of using a sophisticated third rail system for line 2, but I think this was one more of Mr. Estrosi's regular wild proclamations without actual consequences.

This is a city that has run all its vehicles (buses, cars) on natural gas for decades

Actually, the CNG buses are only part of the fleet, and at least the non-articulated ones are disliked by the drivers (who have nicknamed them “gas stoves”) for being unreliable and lacking torque in the hilly landscape. Indeed, the most recently acquired buses have been diesel ones.

Comment: Re:Overhead wires (Score 1) 168

by wsapplegate (#34713854) Attached to: South Korea Launches First Electric Bus Fleet

Sure there are many other vehicles that interrupt the flow of traffic - so the more the merrier? I don't see your point at all, one less is still better.

My point is that I don't see yours either: You didn't point to a trolleybus-specific property that makes them more prone to interrupt the flow of traffic (I can see why a frequently-stopping transport vehicle can impede traffic flow, of course, but a bus, tram or truck would have the same issues).

However, playing devil's advocate here, but batteries or a diesel generator drive up cost significantly whereas the OP was promoting trolleybuses because they are cheaper.

Depends. A few batteries to pass works areas or obstacles in the way do not add that much (Rome has such a system to avoid running the overhead wires in the historic city center). Anyway, the added flexibility and efficiency in my opinion more than make up for the added cost.

"The people" being everyone. Unreliable trolleybuses are bad for motorists, but I would say probably even worse for the people that attempt to use them. So no, my comments weren't some one-sided rant against people that use public transport in the slightest, barking up the wrong tree there.

I think we can agree that unreliable trolleybuses are bad, but precisely because they're unreliable. Well-maintained trolleybuses don't keep breaking down (disclaimer: My experiences with trolleys was primarily in Lyon and Milan. Other cities may have had more trouble; for instance, Nancy and their weird guided trolleybus had a huge lot of teething problems). As for my supposition, I've probably grown so accustomed to hear motorists moaning about every surface public transport that I just made a bad assumption.

I agree that this is totally subjective and you of course have a right to judge the aesthetics of power lines any way you please, but you're the first person I've met to like the chaotic scenery they create.

For the record, I also like streetcar tracks (and trains, and the looks of technical infrastructures in general. This is news for /nerds/, remember? ;-)

Comment: Re:Overhead wires (Score 1) 168

by wsapplegate (#34709934) Attached to: South Korea Launches First Electric Bus Fleet

For one, they are a nuisance on the road - they really do interrupt the flow of traffic and often get in the way.

How exactly is this specific to trolleybuses? I can think of lots of vehicles interrupting the flow of traffic: Delivery vans parked anarchically, for instance.

Another one is the fact that if one breaks down, it can either a) completely block the flow for other trolley buses or hopefully b) create a large obstacle which other trolley buses have to somehow pass very slowly because their "antlers" have a limited reach, which of course means 2 lanes of road that get clogged.

It looks like Moscow's mayor is a cheapskate who didn't pay a little more to buy trolleybuses equipped with onboard batteries/diesel generators like every modern system has done since the eighties. Well, tough. Anyway, without that oversight, this is a non-issue

With this year's winter, loads of them stalled as well because the lines frosted over, etc.

Again, having no backup system is dumb, plus not performing a defrosting run in the morning (with a trolleybus pole-equipped diesel truck, for instance) is even dumber. Don't blame trolleybuses, blame the dumb people running them.

I will grant you that I'm sure there are ways to minimize these effects that aren't implemented here in Moscow because... well because no one gives a shit what the people have to endure, basically.

I suppose you define “the people” as “the motorists”. I can see each day people served by frequent public transport taking their cars to commute, then complaining that the traffic is unbearable and they've to wake up early to find free parking space. Well, duh! They're just part of the problem.

Trolley buses vs buses in a nutshell: 1) Less reliable 2) Impede traffic

Allow me to point out that the first point is just wrong (electric vehicles are less prone to mechanical failure, not more) and the second, like I said above, is due to bad technical choices. Also, you forget to mention that trolleybuses are more durable (less vibrations than a diesel engine, hence less load on the chassis) and quieter, in addition to being cleaner.

The power lines aren't exactly pretty either =)

Beauty is in the eye of the beholder. I personally like the overhead line's arabesques. Also, a practical advantage is that they advertise the public transport offer to local residents.

Comment: Another stupid (or disingenuous) idea (Score 3, Informative) 297

by wsapplegate (#33873380) Attached to: French City To Use CCTV For Parking Fines

OK, I suppose I should comment on this since I live in that city, and am only two blocks from the building where cops watch those video cameras. Actually, there are pros and cons to this idea (but mainly cons):

  • Pro: Nice is an old city, squeezed between hills, which doesn't exactly spell “car-friendly”. Large avenues are few, and traffic regularly suffers from congestion (even more so since the main avenue has been nearly closed to traffic when they built the light rail line). Obviously, idiots parked in the middle of the road, on bus stops, on pedestrian passages, etc., do nothing to help and should be fought
  • Pro: Due to perceived lax enforcement, local motorists have got a bad rep for driving like monkeys. Since I know for a fact that people can't change their habits unless you hit at their wallet, this initiative looks actually good (red light running cameras are also being installed, before you ask)
  • Cons: This is at best a money grabbing scheme. While (as told above) motorists park just about anywhere, the lack of car parks may have something to do with that. The underground geology prevents digging very far, and surface real estate is at a premium, but still, there aren't IMHO enough car parks compared to the cars driving around (especially outside the central business district). The existing car parks are not cheap, either, which means people who have a car but can't rent a garage can hardly use them. That doesn't excuse rogue parking habits, but I would like such an initiative to get a companion car-park-building effort
  • Cons: At worst, it shows that those cameras are going to be abused for whatever suits the local politicians' goals. The previous mayor “solved” the issue of homeless people by removing them forcefully to some shelter kilometres away (and letting them return on foot. I'm all for eradicating homelessness, mind you, just not that way). The next iteration of this kind of stunt will be even easier thanks to Estrosi's all-singing, all-dancing, repurposable cameras
  • Cons: Mayor Estrosi made a big deal of his cameras having allegedly permitted to arrest a few dozens violent people, but the cameras have been placed everywhere, not just in places known for frequent muggings. This basically means the people behind those screens can track your movements throughout the city. But that's OK, you say, because those people are police? Well yes, they're police, but the municipal police, paid by the city, and less competent than a nationwide law enforcement agency (for instance, they have no investigative powers).And reliability of cops in this case is paramount: Nice (like the whole southeastern area and Corsica) has been infamously known for corruption affairs regularly showing up at the municipality. The perspective of having a corrupt official persuading a cop to spy on an innocent citizen doesn't exactly please me. At a minimum, I would have liked the system to be manned by personnel unconnected with the city council

In short, this is a truly bad idea, but since no one cares (and since ethnic issues and the accompanying fear-mongering run high at the moment), politicians can happily bamboozle people into thinking they should accept any weird proposal in the name of security. Trying to explain the underlying issues to the average city dweller (which are basically seniors and right-wingers) will just get you a “think-of-the-children”-like answer (the best line I've found is pointing out how the cameras won't do shit to prevent an attacker from hitting them, and that their tax money would have been better spent on more policemen on the beat). I suspect it will be some time before people actually realise the dangers of this global surveillance system, and when they do, it may well be much too late. Just like all those people that go around yelling that the law “protects too much the criminals' rights”—until of course, a relative of them gets beaten at the hands of the police *sigh*

"No problem is so formidable that you can't walk away from it." -- C. Schulz

Working...