An anonymous reader writes "A few months ago I stumbled across an interesting security hole with my webhost. I was able to access any file on the server, including those of other users. When I called the company, they immediately contacted the server team and said they would fix the problem that day. Since all you need when calling them is your username, and I was able to list out all 500 usernames on the server, this was rather a large security breach. To their credit, they did patch the server. It wasn't a perfect fix, but close enough that moving to a new web host was moved down on my list of priorities. Jump a head to this week: they experienced server issues, and I asked to be moved to a different server. Once it was done, the first thing I did was run my test script, and I was able to list out everyone's files again. The hosting company only applied the patch to old server. I'm now moving off this web host all together. However, I do fear for the thousands of customers that have no clue about this security issue. With about 10 minutes of coding, someone could search for the SQL connection string and grab the username/password required to access their hosting account. What's the best way to handle this type of situation?"
Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!
Forecasters are tossing around words like "unprecedented" and "bizarre" (see this Washington Post blog entry) for the intensity and timing of Hurricane Sandy, which is threatening to hit the east coast of the U.S. early next week. Several people I know in the mid-Atlantic region have been ordering generators and stocking up on flashlight batteries and easy-to-prepare foods. Are you in the projected path of the storm? If so, have you taken any steps to prepare for it? (Are you doing off-site backup? Taking yourself off-site?)
An anonymous reader writes "Like some Slashdot users, I began attending university last month for computer science. The experience represents my first time away from home and I'm almost constantly with my peers, many of whom are also computer science students. Recently, I have become cognizant of the many negative opinions associated with a 'normal' person's perspective of what a nerd is like. Conversing with my college computer science peers (many of whom are quite nerdy), I have noticed that many of them are extremely arrogant. Upon introspection, I have come to the realization that I am also very similar to them and am very curious, but worried. I have noticed similar personality characteristics on Slashdot. Where does this nerd arrogance come from? How can it be rectified? I am concerned that, if I do not abolish these annoying tendencies, I may have trouble later on in life with my career and relationships. Has anybody run into problems in life with the arrogance that seems to be so prevalent with nerds? If so, how did you handle the situation?"
First time accepted submitter blandcramration writes "I have recently decided to further my education with a technical school associates degree. I am a first quarter student in my third week as an IT student. I have taught myself Python and have been working with computers for over 10 years. We've been learning C++ and though my instructor appears to know how to program, he doesn't really understand the procedure behind the veil, so to speak. In a traditional learning environment, I would rather learn everything about the computer process rather than fiddle around with something until I figure out how it works. I can do that on my own. I think the real issue is I'm not feeling challenged enough and I'm paying through the nose to go to school here. Am I even going to be able to land a decent job, or should I just take a few classes here and move on to a traditional college and get a computer science degree? I'm much more interested in an approach to computer science like From NAND to Tetris but I feel as if I should get a degree in something. What are your thoughts?"
An anonymous reader writes "Neal Stephenson's 1999 Cryptonomicon was a great yarn. It was also a thoroughly enjoyable (and too short) romp through some mathematics. Where can I find more of that? I should say that I don't want SF — at least none of the classic SF I read voraciously in the 70s; it's just not the same thing, and far too often just a puppet-theatre for an author's philosophical rant. Has any author managed to hit the same vein as Stephenson did? (Good non-fiction math-reads are also gratefully accepted. What have you got?)"
kramer2718 writes "I have worked for about a decade as a software engineer. I am almost never hired to build new software from scratch, so my work satisfaction tends to be proportionate to quality of the legacy code I have to work with. Some legacy code has been good. Most of it is bad. I know a few questions to ask during an interview to determine the code quality: Are recent technologies used? Are there code review processes? Is TDD practiced? Even so, I still encounter terrible quality code. Does Slashdot have any advice for other questions to ask? Any other ways to find out code quality beforehand?"
Rexdude writes "Firefox continues to be criticized for their new versioning system and being a memory hog. People talk about Chrome, IE9, Opera as alternatives — but do Slashdotters ever use Seamonkey? I've never seen anyone mention it in any discussion on browsers. The successor to the original Mozilla Suite, it has a full-blown email/news/RSS client, Chatzilla, and an HTML editor. Also several other default features that would require separate extensions for Firefox. And they don't update their versions like crazy either; the current version is 2.13.1. I've been quite happy with it so far — it's snappier to use than Firefox. How many people on Slashdot use Seamonkey, and what has been your experience? (Note — I'm not affiliated with the project.)"
First time accepted submitter icepick3000 writes "There are probably many digital photoframes unused these days laying around. Mine is from the first generation meaning you can only insert a compact flash card and display photos. Newer models nowadays can display weather, news, and stocks. Anyone have some good idea's how to give these old frames a second life? I have been thinking about compact flash cards that support wifi... maybe someone has a better idea?"
SternisheFan writes "My Android phone (an unrooted OptimusV running 2.2.2) and my Android tablet (Arnova 7g3 running 4.1) have been subjected to hacking via either 'forced Bluetooth attack' or through the Wi-Fi signals in the home where I currently rent a room. I got an Android phone at the start of this year after my 'feature phone' was force Bluetooth hacked hoping for better security, yet I still have major security issues. For instance, my Optimus's Wi-Fi again shows an error, although I am sure that a hack is causing this since when I reset the device when it's out of range from this home's signal the Wi-Fi works fine. And now the tablet (as of recently) can't access this home's open Wi-Fi, though it works fine when at other outside hot-spots. So, my question is: Are there any good (free?) security apps out there that would actually prevent this from occurring? It's not like I'm doing nefarious things on the internet, I just want to keep it private."
New submitter cellurl writes "I run wikispeedia, a database of speed limit signs. People approach us to mirror our data, but I am quite certain it will become a one-way street. So my question is: How can I give consumers peace of mind in using our data and not give up the ship? We want to be the clearing house for this information, at the same time following our charter of providing safety. Some thoughts that come to mind are creating a 'Service Level Agreement' which they will no doubt reject, or MySQL-clustering, or rsync. Any thoughts, (technically, logistically, legally) appreciated."
acer123 writes "Lately I have replaced several home wireless routers because the signal strength has been found to be degraded. These devices, when new (2+ years ago) would cover an entire house. Over the years, the strength seems to decrease to a point where it might only cover one or two rooms. Of the three that I have replaced for friends, I have not found a common brand, age, etc. It just seems that after time, the signal strength decreases. I know that routers are cheap and easy to replace but I'm curious what actually causes this. I would have assumed that the components would either work or not work; we would either have a full signal or have no signal. I am not an electrical engineer and I can't find the answer online so I'm reaching out to you. Can someone explain how a transmitter can slowly go bad?"
madsdyd writes "I am a long-time user of Linux (since 1997) and have not been using Windows since 1998. All PCs at home (mine, wife's, kids') run Linux. I work professionally as a software developer with Linux, but the Windows installs at my workplace are quite limited, so my current/working knowledge of Windows is almost nil. At home we have all been happy with this arrangement, and the kids have been using their Nintendos, PS2/3's and mobile phones up until now. However, my oldest kid (12) now wants to play World of Warcraft and League of Legends with his friends. I have spent more hours than I like to admit getting this to work with Wine, with limited success — seems to always fail at the last moment. I considered an Apple machine, but they seem to be quite expensive. So, I am going to bite the bullet, and install Windows 7 on a spare Lenovo T400 laptop, which I estimate will be able to run both Windows 7 and the games in question." Read on for more about the questions this raises, for someone who wants to ensure that a game-focused machine stays secure.
kc600 writes "Say you're a freelancer, using mainly open source solutions. You notice that customers, although they don't object to the whole open source idea, don't see the point in paying you for the time it costs you to properly open source your code. As a result, code is not released, because it would take too much time to factor out the customer-specific stuff, to debate architecture with the other developers, look at bug reports, et cetera. You feel there's something to contribute that many might benefit from. The code would also be better maintained if more people would use it, so the customer's project would also benefit. But you're not going to do it in your free time; you have enough on your mind and the bill is paid, right? What useful tricks can you think of to encourage yourself — and your customers — to properly share code, to the benefit of all, and get paid for it?"
First time accepted submitter kfsone writes "I've experienced, first-hand, some of the ways in which spindle disks die, but either I've yet to see an SSD die or I'm not looking in the right places. Most of my admin-type friends have theories on how an SSD dies but admit none of them has actually seen commercial grade drives die or deteriorate. In particular, the failure process seems like it should be more clinical than spindle drives. If you have X many of the same SSD drive and none of them suffer manufacturing defects, if you repeat the same series of operations on them they should all die around the same time. If that's correct, then what happens to SSDs in RAID? Either all your drives will start to fail together or at some point, your drives will become out of sync in-terms of volume sizing. So, have you had to deliberately EOL corporate grade SSDs? Do they die with dignity or go out with a bang?"
New submitter connorblack writes "My very gifted nephew is about to turn nine this month and I would love to get him some sort of fun, engaging book or game to introduce him to the basic concepts of programming. I have a feeling if approached correctly he would absolutely devour the subject (he is already working through mathematics at an 8th grade level). What I first was looking at were the Lego Mindstorm programmable robots- which would have been perfect, if only they weren't around 300 dollars... So if there's anything similar (or completely new!) you've either heard praise about or used yourself with your kids, it would be great to get a recommendation. Also if possible I would want to stick to an under 100 dollar budget." Would a nine year old be able to follow The Little Schemer?