Slashback: Stapler, Interface, Gaming

Slashback tonight (read on below) has updates on next-generation aircraft, KDE user-interface improvements and suggestions, a special warning for those obsessed with Milton's stapler from Office Space, SmartFilter's attitude toward SourceForge, and more.

You've got to admit it's getting better all the time. Gentu writes: "In parallel to the KDE 3.1-alpha release today, OSNews published an interesting article discussing a number of User Interface issues found on KDE 3. The article suggests a number of changes, some small, some pretty drastic. Towards the end of the two-part article, the author discusses the 'integration' problem found in today's X11 desktop environments, and how fixing this issue would bring Unix closer to average Joe's desktop."

Yes, you're allowed to have more than one friend. A NuKeFaN writes: "Following the article titled Are you a Friend of GNOME I wanted to point you out that the most used GPL'd software for the Web, PHP-Nuke, also has a similar page/system for their friends. It's a Club (MandrakeClub like) where you can be a member for a little monthly fee and you can get some extra benefits. You can access the Club area to know more about it. This can be, maybe, another example of how to get some money to fund a free software project, the matter is if we, as users, will support those project's developers this way? I think we can."

Wait, the scam was to take just a few pennies from everyone! MrBlue VT writes "In reference to the previous Slashdot article about the red Swingline Staplers, I click on the add to cart button on the Swingline website, and it pops open an ordering window with a 4 staplers added to the shopping cart. Ok, I think it's a little strange, but change the quantity back to 1, and hit continue to checkout. Next thing I know, I'm looking at an order form with all the text boxes filled out with somebody else's personal information. He's from Bellvue, WA apparently (I'm in Virginia). It also has his credit card number and expiration date!

This has to be the worst security I've ever seen in an online shopping site. The company who apparently provides the online shopping service for Swingline appears to be an outfit called SureSource.

I just wanted to let anyone who happened to order from them know about this. Your credit card info could very well be compromised."

Please fasten your belts. hondo77 submitted this follow-up to this article about next-generation aircraft, writing "Boeing says that their blended-wing aircraft will be ready for test flights in 2006. The article also has a picture of a 3% scale model. See, it doesn't look like the B-2 at all."

But thanks anyhow. flonker writes "Smartfilter no longer lists sourceforge.net! Link for those who want to see for themselves."

Great at stealing them, too. MrDingusMcGee writes "After the recent posting about a study suggesting that video games decrease brain activity, I thought it would be interesting to read the results of another study which has shown that video game players score better on a range of attention tasks (mirror here)done by Shawn Green at the University of Rochester Brain and Cognitive Sciences Department, and that this could possibly rate video game players as better drivers. Worth seeing the other side of the argument and having some validation for those hours of gaming."

Swingline's site

[CheechBG]

it would appear that they took out the online purchase option, opting instead for phone orders through SureSource. Oh well, I really had no need for a fire-engine red stapler anyway :)

Staplers Now Off-Line

[Myriad]

I just checked the Swingline website and it looks like the on-line order button has been removed and replaced with:

To place an order for the Rio Red Stapler (SKU#: S7074740), Please call SureSource at: 1-800-544-3243.

Shopping Cart

[jfroot]

These kind of errors are usually caused by the shopping cart using your IP address to identify your session. If you and someone else are both shopping on the site and are going through the same proxy, you will see each others cart.

Re:Staplers Now Off-Line

[Anonymous Coward]

...it looks like the on-line order button has been removed...

But other products [swingline.com] still have the order button.

Weird.

And they're slashdotted, too! Poor Swingline.

Re:Staplers Now Off-Line

[douglas jeffries]

it appears they just commented out the html. seems like a quick hack, but who views source anyway?

<!--<a href="#"onClick="javascript:popUp2('http://www.acc o-store.com/cgi-bin/sgic0101.exe?HKW=CO01DIV01+COD IV=0101+QTY=1+UID=1613471026418266609+ITN=S7074740 ')"><img border="0" src="/images/sw/sw-add-to-cart.gif" alt="Buy from SureSource"></a>-->

As found on Google:

[datastew]

Its a fax number for a printer-supplies co. that spammed someone named jeffrey back in Feb. 2002.
The google search [google.com]

The top google link [goldmark.org]

Jeffrey's notes on spammers that he has toll-free numbers listed for. [goldmark.org]

You're right, I still don't see the connection. Maybe timothy is trying for a fax slashdotting.

But they already do...

[marm]

I would hope that in the future developers would start putting a small description of their program within the About menu item.

Ummm, have you actually used KDE or are you simply pontificating pointlessly?

Open Konqueror. Go to Help->About Konqueror. In the about box that pops up, on the default 'About' tab, it says: 'Web browser, file manager, ...' which sums up pretty well what Konq does.

Similarly, in the same place in KMail: 'The KDE Email client'.

Or in Kate: 'Kate - KDE Advanced Text Editor'.

Or in KSirc: 'KDE Irc Client'.

Or in Konsole: 'X terminal for use with KDE.'

Pretty much every KDE program has exactly this. You get the about dialog for free when you use the KDE framework, and all the developer has to do is fill in a few blanks.

Not to mention, of course, that the app gets a description in the K Menu as well - for instance, KMail's entry looks like:
KMail (Mail Client)

Perhaps GNOME doesn't do these things, I can't tell you (I haven't had GNOME 1.4 installed for about a year and GNOME 2.0 was installed for a total of about an hour whilst I checked it out and decided I didn't like it) but as far as KDE is concerned, you're dead wrong.

Arrested.

[phriedom]

Umm...not that it is actually important to your point, but unless you are foolish or unlucky, you very rarely get caught by the police in GTA3. You can jack a car right in front of a cop, and he will chase you for about 30 seconds, but then stop if you don't commit any more crimes (like running over pedestrians) along the way. But run over a cop or shoot one, and you better make a quick run to the pay'n'spray to get your car repainted so they cops won't recognize you. The cops seem to get pretty upset about any grenade use too, though molotov cocktails are fine. When you get arrested, you lose some money, your weapons, and your car to bribe your way out. On one mission, a bad cop pays you to kill a stoolie in the witness protection program. All of which I use to illustrate that there are no good guys in GTA3. Its just a game.

So I agree with you, games don't cause social ills. If a parent doesn't want their 13 old playing GTA3, and I wouldn't, then don't let them play. Parents are legally responsible for their 13 year olds.

The thing I find most interesting...

[ArchAngelQ]

about these silly studies is that, they generally don't go into much detail about what type of video games that the people in the study tend to play. Are you telling me that 3 years of playing sports games for 6 hours a day is the same as 3 years of playing 6 hours of actions games a day is the same as 3 years of playing 6 hours of rpgs a day? As a gamer, I somehow think it's rather insulting that it gets overgeneralized as such, into simply, 'video games kill kids brains' and not, boring, repetative tasks that require no brain power turns kids brains into putty. On the other hand, I'd argue that, stratagy (both kinds, tbs and rts), rpg, and puzzle games all help to stimulate problem solving skills in various ways. Ah well, just my 2p

Re:Grand Theft Auto III

[macdaddy]

The game isn't to blame. The parents of those 4 13 year olds are to blame. Do you want to prohibit rated R movies too because some damned parent is too lazy to keep tabs on their kids. Why don't we outlaw alcohol and cigarettes because some 16 year old junkie is working behind the counter a your local 7-11 and is selling kids the goods without checking their IDs? Might as well. Oh, and lets outlaw automobiles too because some minor stole a car and drove it into a tree. Might as well. You seem to think that parents aren't responsible for their kids. You're wrong there. That's why they are call "adults". That's why they are called "Mom" and "Dad". They are responsible for their children's actions because they are adults and know better.

I hope you never have children.

Re:Staplers

[Anonymous Coward]

First of all, the Swingline website was down this morning. And no, it was not Slashdotted -- it was Wall Street Journaled. (Really, you people amaze me. Any international news website gets more hits in an hour than Slashdot gets in a day. Consequently, the potential for a real news site to DOS a website is incredible. Slashdot is not a big deal to anyone who isn't a Linux-loser FUDdite.) Swingline's bandwidth was hosed and they put up a "we are fixing a technical problem" message for a few hours.

When the site finally came back up, tens of thousands of Office Space fans rushed in, wanting they're very own 'tapler.

Unfortunately, SureSource -- the unprofessional cockgobblers whom Swingline unfortunately chose as their e-commerice parter -- are apparently a bunch of amateurs. Either they were running a blatantly broken web application, or they never did any load testing. Either way, their shopping cart got confused and lost track of which cookies belonged to which sessions. Consequently, when User A tried to add a red Swingline to his shopping cart, he may have been adding it to User B's shopping cart. So, when User B went to check out, he might have seen several more staplers in his shopping cart than he expected to see. User B would then try to go back and delete the extra staplers, but in fact was deleting staplers from User C's cart. And because SureSource stores the user's already-entered personal data in the session, User C might see User B's name, address, phone number, and email address prepopulating the address form when he goes to check out.

That, my friends, is a problem. But the really big fucking problem is that SureSource were storing already-entered credit-card information somewhere in the session, too. There's a chance that anyone who tried to check out saw anyone else's credit card data.

I know this because I, very happy to finally be ordering the stapler after several hours of Swingline's downtime, attempted to fix my shopping cart several times before coming to the conclusion that SureSource are a bunch of fucktards. I was not very happy when, several hours later, I received several warning emails from some kind souls who happened to see my contact information and credit card info. I also received several phone calls.

I would like to take this opportunity to thank everyone who emailed or phoned any person whose personal data they saw to warn them. For some of you, those were long distance phone calls. We are very, very grateful.

Swingline heard about the fiasco pretty quick, and pulled the SureSource shopping cart link from their website. They've added a SureSource telephone number that you can call to order instead. Ha! In order for their telephone operators to fuck up as badly as they're "web developers" did, they would have to answer the phone by saying, "Hello, this is SureSource, would you like several people's credit card and billing information free of charge?"

The bottom line is that SureSource are unprofessional scum. I have never seen such maliciously broken software on the Web in years, and I hope that they get their dumb asses shut down by the Better Business Bureau. Hey, guys! If you're a bunch of lightweights, don't take contracts from companies with real volume!

Swingline, I hope, will drop SureSource by the end of the week. You, reader, can expedite that. Please, don't call SureSource and order a 'tapler. Instead, contact Swingline and tell them that you will not purchase a stapler until they find a different e-commerce partner. As it is, Swingline is a party to what is one of the most potentially damaging credit card problems I've seen on the Web. I'm not bullshitting you. The Wall Street Journal has a large userbase, and that link propagated to sites like Slashdot well before the morning was over. Think about how many people have seen that page. Think about how many have ordered. And think about the fact that for every person kindhearted enough to warn his fellow man to watch his credit card statement, there is probably another person evil enough to cut'n'paste the data into a text file. SureSource gave those people my name, billing address, email address, phone number, credit card number, credit card type, and expiration date. If that isn't enough to pull of some heinous identity theft, I don't know what is.

And if you don't boycott Swingline for others' sake, do it for your own sake. If SureSource is unprofessional enough to use untested software on an e-commerce site -- and believe me, that's the kind of shit that QA folks find pretty quick -- then who's to say that their internal credit card databases aren't just as easily compromised?

Even Milton, my friends, didn't need his 'tapler that bad.

Thank you for your time.

PHPNuke and GPL Issues

[crisco]

Why contribute to PHPNuke when only a year ago they were considering [newsforge.com] abandoning [thebix.com] the GPL because of petty personal differences.

Why not support PostNuke [postnuke.com], a fork of PHPNuke that has a much better attitude toward open source development and security.

Swingline, Credit Cards, security

[pavera]

From reading the site, now that the link to actually purchase online is gone, it does not seem as if this is Swingline's fault as the poster states:

"The company who apparently provides the online shopping service for Swingline appears to be an outfit called SureSource."

Whereas the site clearly states:

" * Please note that you will be purchasing from SureSource, a distributor of Swingline products.
To place an order for the Rio Red Stapler (SKU#: S7074740), Please call SureSource at: 1-800-544-3243."

SureSource is simply a distributor, and as such, Swingline would have about as much control over their e-commerce site as I do over the weather.