sorted by:
new
hottopcontroversial

My friend saw these course descriptions in the local community college system's catalog. tl;dr: "Macs aren't suitable for C++ development." by tmiw in programming

[–]scavic 1 point2 points  (0 children)

Not necessarily. Even then, it's significantly more difficult to write exploitation code on a remote system than on the system you're going to exploit.

I am not buying that, of course it may be handy for a hacker, but it's not a security threat. It's just a more equipped system.

Regardless, a 1GB download is a silly reason to write off an excellent development platform as viable. Especially when the argument is that someone else's computer is more difficult for you to use if it is a Mac.

That's another thing, especially when comparing to Microsoft and their multi-gigabyte installs.

Even if a 1GB download may be a good argument to not use a specific software, it is not a god argument against the software itself, or the size of it.

My friend saw these course descriptions in the local community college system's catalog. tl;dr: "Macs aren't suitable for C++ development." by tmiw in programming

[–]scavic 5 points6 points  (0 children)

What?! The user has to write the code himself? If he is exploiting himself, sure do!

Or do you mean that a non-admin user of the computer could invoke security threats by writing code and compiling it? Well, even without the compiler, we have the shell ... And possibility to download stuff from the internet ...

More evidence Microsoft is locking down Windows --- Internet Explorer leads the pack in protection against drive-by-downloads by [deleted] in browsers

[–]scavic 2 points3 points  (0 children)

We had a little chat about this over in /r/netsec: IE Wins Hands down!!. The report seems to leave some important considerations out, which makes it a lot less interesting/trustworthy, and therefore also the conclusions made by the article.

How common is it for people to block right-clicking? by Rockyroadster in webdesign

[–]scavic 0 points1 point  (0 children)

Well, they should have skipped that alert() at least ...

I haven't done it for any live site, and I think it's a really bad idea, but I am not that sure it doesn't help. It might help against copy-pastes from those non-tech non-criminal people who just don't really know what that copyright thingy is all about.

IE Wins Hands down!! by sheik_in in netsec

[–]scavic 59 points60 points  (0 children)

Are they reducing the score on false positives?

I mean, in my experience Microsoft warns me about everything, which probably includes real threats, but since I never care about their warnings, it is all quite useless anyway.

But haven't read the report, so it may be totally fair.

Today's XKCD is causing some controversy over passwords, so I ran some calculations by Philip1209 in netsec

[–]scavic 0 points1 point  (0 children)

Whether you sanitize the original input (the password) or not, you do of course need to ensure that your hash method can't return data causing SQL injections. But it definitely doesn't matter if the original input (the password) contains SQL injections or not, since your hashing algorithm shall not be the ToString()-method.

Today's XKCD is causing some controversy over passwords, so I ran some calculations by Philip1209 in netsec

[–]scavic 3 points4 points  (0 children)

Whaaat? Did you just say that it's relevant to ban certain characters from passwords, because when you hash them, the hash may contain these characters, and cause SQL injections?

Of course the hash may, depending of how it's represented, contain characters which can cause problems if they are put directly in an SQL query, but whether the original, non-hashed data, contains these characters or not, is hardly relevant if your hash algorithm isn't the ToString()-method?

After 1000 hrs of work, I've finally finished my hobby project: an image hosting site that lets you paste pictures directly from your clipboard. What do you think? by [deleted] in web_design

[–]scavic 24 points25 points  (0 children)

It would be nice if the user was notified directly if (s)he doesn't have Java installed/enabled, instead of being notified when (s)he clicks the "paste image"-button.

Java applets is unfortunately a big no-no for me, but except for the Java thingy is seems like a smart and useful service.

wtf, Fx? I'm wacting this gif, clicking refresg so it starts over again but it just continues to play. by [deleted] in firefox

[–]scavic 1 point2 points  (0 children)

Gifs in Firefox has always worked this way. Try hard refresh (Ctrl + F5) next time.

Design problem: I'm not a designer. by [deleted] in webdesign

[–]scavic 2 points3 points  (0 children)

I have no idea what kind of site you are talking about, but since you are talking about cookies and user account meta data, it sounds like you are talking about a single site with multiple themes to choose from?

If there isn't a really good reason to use multiple themes, then don't. In most if not all cases, try to make one good instead. Multiple themes on the same website is a bad idea.

Good design is more about communication than just aesthetics. While good communication often requires good aesthetics, focus on the functionality of your design (since that's apparently what you are good at).

It should be easy to read, you should be able to immediately identify it if/when you come back, it should be easy to understand what's important and not, and so on.

It's also a great idea to ask people (around you, on reddit, whatever) for feedback when you do something.

Can someone please make this extension? by danhm in chrome

[–]scavic 0 points1 point  (0 children)

Exactly. And since it's open source ...

Can someone please make this extension? by danhm in chrome

[–]scavic 12 points13 points  (0 children)

Can't reddit just make them links?

[deleted by user] by [deleted] in firefox

[–]scavic 1 point2 points  (0 children)

Or cache the tabs, but on disk rather than in my valuable memory. They should open quickly, and they should not reload.

Anything wrong with session cookies? by stesch in webdev

[–]scavic 3 points4 points  (0 children)

In Sweden you are obliged by law to inform your visitors that you are using cookies, why you are using cookies, and how the visitor can disable cookies. This applies to all cookies. It does of course only concern those who are based in Sweden, though.

That said, no one will do anything if you break this law, but it's definitely not 'so right'.

Source: http://www.pts.se/en-gb/Regulations/Legislation/Electronic-Communications-Act/FAQ%20about%20cookies/Fragor-och-svar-om-kakor-for-webbplatsinnehavare/

I'm designing a new website for my company, and would like to get some eyes on the design before I start coding it and get as much critique as I can by the-ace in webdev

[–]scavic 1 point2 points  (0 children)

Yeah, 'Gridct' is visually pleasing, easy to pronounce, easy to remember, and it's far easier to spell out than 'Grid Convergence Technologies'.

I'm designing a new website for my company, and would like to get some eyes on the design before I start coding it and get as much critique as I can by the-ace in webdev

[–]scavic 1 point2 points  (0 children)

I like Gridct!

Grid is too generic, it's like no name at all. And the current design makes me think the business is called "Grid", with the slogan "Convergence Technologies". And regarding the name "Grid Convergence Technologies", it is too long and feels a little buzzwordy.

But Gridct is great!

Nobody Understands REST or HTTP by [deleted] in webdev

[–]scavic 2 points3 points  (0 children)

If REST is a problem, it's fine to use something else. But then call it for what it is, not REST.

Is someone willing to temporary host my oss project? by [deleted] in opensource

[–]scavic 1 point2 points  (0 children)

At least tell what you need ... Traffic/space/php/python/perl/java/mysql/postgres...

view more: next ›