Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by borfast

  1. Greg, I think you're missing the important point: not all the people who find bugs are stupid script kiddies or crackers. Some of those people are people who like to do that (hunting bugs) or simply people who know a lot about it and do it for a living. Those folks usually warn the relevant system administrator or software company before coming to public with the vulnerability. Others will simply disclose the vulnerability without even trying to contact the relevant people. Others will not even tell anyone, keep the knowledge to themselves and use it to gain unauthorized access to other vulnerable systems. It's just like everything else in this life: there's no absolute truth, each person is a different case
  2. Guys, keep in mind the difference between a hacker and a cracker. A hacker is someone who modifies something to make it work in a different way than originally intended. When you flash your iPod firmware to make it do something cool you're hacking it. When you put a new piece in your car to make it run faster, you're hacking your car. We can say that a cracker does the same as the hacker but does it so that he/she can make a system (computer or not) behave in a way that will bypass a security check or provide the cracker with unauthorized access to the system. So the big difference is that a hacker does what he does without mallicious intentions, while a cracker has something usually-illegal in mind. As for the wasted time, also keep in mind that many of these guys who discover security vulnerabilities, audit computer systems for a living. Others discover those vulnerabilities by chance - for example, some time ago I was messing around with some PHP code of a not-so-well-known forum software to make ir work in a different way than it originally did (I was hacking it ) and I found a security vulnerability. But I did not use that vulnerability to gain access to sites that used it (I did not crack into those sites). Either way, they're doing an important work, because if it wasn't for them, those vulnerabilities could remain unknown and sooner or later, someone else would find them. If that person wanted, he/she could keep the knowledge of the vulnerability to himself and exploit it to gain access to computer systems that used the affected software.
  3. Here's another one for those of you who want some books to learn PHP How to Do Everything with PHP and MySQL Here's the Slashdot review.
  4. borfast


    $acl?... are you using Mambo from CVS? The current version of Mambo (4.5) doesn't have ACL (Access Control Lists - which is probably THE reason why I don't suggest it more often as the CMS of choice for some situations.
  5. Try separating them by application - 1 database for an online discussion forum, another for the sales software, another for the tech support software, another for your blog, etc...
  6. Hi Jack. Perhaps you want to try PHP Architect or International PHP Magazine. Onlamp.com also has PHP articles, so maybe they could accept your article, too. Good luck!
  7. Sorry to hear that, Ty. I hope you have better luck in your attempt to recover your data.
  8. Yes, David. You are correct. The basic rule is: if you can read the e-mail address (even if only in the HTML source code), then a spam bot can read it too.
  9. Since there's always lots of people asking for advice on which books to buy for learning HTML, I thought this review of "Spring Into HTML and CSS" on Slashdot would be helpful.
  10. I'm not a Mac user either but I've heard some pretty good things about Transmit and other Panic products.
  11. Great post, Jim! And I'm also glad that you found out what many other people still don't believe: linux is more than ready for the desktop - unless, of course, you want to play games but then again, that's not Linux's fault either, game makers are the ones that are too lazy and so blinded by the bloated DirectX stuff (which they think is great and easy to use... go figure...) to make their games work under Linux. Linux is more than ready to have games played on it, as dozens of available games prove. It's the companies who make games that still live in 1995. Jim, a couple of tips: if some day you find out that you need a program that is only available for Windows, give Wine a try. Also, you may want to activate the Universe repository in the package manager, which will give you hundreds of new packages. Good luck for your future with Linux! If you need any help, you know how to contact me
  12. Rob, as far as I know, it's not an addon for IE, it's a different program that makes use of IE's HTML rendering engine - thus the "Yes, Avant Browser is secure. Since it's based on Internet Explorer, Avant Browser is as secure as Internet Explorer" funny phrase of the day
  13. Exactly. I also have Firefox configured to not allow javascripts to "Disable or replace context menus", among some other things to prevent The-Most-Irritating-Tricks-People-Do-On-Their-Webpages (such as pop-up windows or even links that open in a new window without even asking me if I want to do that) ;) Even non-savvy IE users, if ticked off enough they will start searching for a way to get around those "protection" schemes. And eventually, they'll get past them. So, as I said in a previous post in this thread, I'd spend my time improving some other part of my site
  14. Try here: http://help.totalchoicehosting.com/id207.htm
  15. www.birthdayalarm.com EDIT: Ooops... I posted this before reading that you had used happybirthday.com before... Well, I'd say one of these sites is the easiest choice but you can always create a script that is run by a cron job everyday and checks a database to see if there's any birthday entry for the current day. If so, it will send an e-mail to the corresponding person. Or, you can also search hotscripts.com for it, because I'm sure someone already did something like this
  16. I never noticed anything similar. Try searching Firefox's bugzilla page and see if there's something there.
  17. borfast


    Yes, you can Thomas. But I'm quite sure they won't do that, because they know quite well that they can't stop you from modifying the software.
  18. borfast


    Exactly. I also don't mind about that kind of thing and I wouldn't mind leaving it in a gallery of mine if their README file asked me to do so. I just don't find it acceptable for them to say that their software is Free (they say it's licensed under the GPL) and then saying you can't do certain things with it. It's the kind of (mis-)information that leads people to think that Free software is a bad thing :\
  19. borfast


    Actualy, that goes against the GPL. Since coopermine is GPL based, you can do whatever you want with the code. At most, they can ask people not to remove the line but they can't prohibit anyone from doing so.
  20. .bin and .cue files are CD or DVD image files. EZ CD/DVD Creator should be able to open them and burn them to a CD/DVD. This may seem a bit too obvious but you say have a Zip file, have you decompressed it to get the two .bin and .cue files?
  21. Welcome aboard, sgu. You can also upload all the PEAR modules you want into a directory in your account and use them from there.
  22. Welcome to the family, Stacy Looks like Bruce pointed you to my post in Lorraine's thread, so there's no need for me to repeat all that here. glad to see you managed to get started with Nvu. If you need any help, just ask
  • Create New...