What are you getting out of this? He worked on php and look how far it came, what have you done?
Your own website was written in php which you took down due to a security vulnerability in a framework... now is it php fault that someone wrote vulnerable code?
"Temporarily offline due to Drupal security vulnerability."
When did I blame php for Drupalgeddon? My web site says "Drupal security vulnerability", not "PHP security vulnerability", so I don't know where you're getting that from.
Back to the point: We're discussing mysql_real_escape_string. What's your excuse for it even existing in the first place, instead of simply fixing the security hole in the original mysql not-so-real escape string function?
Melania Trump's "I REALLY DON'T CARE DO U?" jacket sums up Rasmus Lerdorf's attitude towards security, software quality, programming, stardards, computer science, and unit tests. I just quoted his own words and bug reports that prove that point.
Do you like to leave loaded AK47s strewn around daycare centers, then blame the kids when they shoot each other? Is it ok if after the massacre you realized you made a mistake, and then scatter a few Nerf Guns around so the smart experienced kids who survived will have something safe to play with, but you still leave all the loaded AK47s?
I asked what you did. Then asked if drupals security was phps fault.
Are you seriously this butthurt about a function name, look up where the name came from originally. I also wonder what magical perfect language you use, dont tell me its php...
Not sure where you're going with the rest of this comment so I wont entertain that part. whew...
Yes. Celebrities were spreading photos of fires on other continents and other years and claiming that it was the end of the world.
Their apologists will claim they were "just raising awareness" or "drawing attention to the tragedy," but in reality they're doing more harm than good.
Interesting, I think that climate change, slash and burn agricultural practices on marginal land, and the inability of the biome to re-establish itself is what is doing the harm. I never even once gave a single thought to what "celebrities" or other people that were wrong are saying, just like how I deal with right wingers that deny climate change is occurring.
And I would argue that it's hard to overstate the harm of global warming, so a few ignorant celebrities being incorrect against the mountains of well fund misinformation is not doing more harm than good. They are wrong on the scientifically correct side of the issue, and that matters. They are unlikely to cause harm to anyone, like climate change denier or Jenny McCarthy on vaccines.
The app its self is the weakness not the protocol. But also the article says "that exploited a flaw in WhatsApp-owned servers to help clients hack into the cellphones".
What defines precious cargo? Satellites and astronauts seem to do alright going into space attached to a giant rocket, but I will admit I'm not well versed on the forces created from a electromagnetic launcher.
So here's one way to think about the accelerations. To a first approximation, you need the same total change in velocity to go from standing on the surface of an object to be in orbit at a given altitude. You can choose to spread that change in velocity over any given time and distance interval (those two terms are linked). So if your mass driver accelerates your payload to final velocity in 1/10th the time (and more or less distance), you will get 10x the acceleration.
So the forces you would be subject to will be more or less directly related to how large of a mass driver (in terms of track length) it is relative to the mass of the object you are leaving.
Rockets are actually relatively gentle in comparison, generally <3G for humans. This is because you can apply constant thrust the entire way to orbit (>~400 km on Earth)
With a Mass Driver, you can only apply acceleration for however long your driver is, so you have to get up to speed in a much shorter distance. If you build a 4km driver (length of Heathrow Runway), you have to get up to speed in 1/100th the distance causing drastically higher accelerations.
(note, some poor assumptions here because horizontal distance =/= vertical distance, but the general idea is correct).
Simply layers obscurity, it would be harder to subpoena multiple companies than a single vpn service. (Plus you "own" the vps and can quickly delete or create new services whenever) Before you browse, create a new vpn box, browse..., then delete the box after use. What logs, what box?
Well if you are really after anonymity, you have to also keep in mind your isp and browser fingerprinting and the million other things that can expose you online. :)
Is it guaranteed that your host doesn’t keep connection logs? They’re the endpoint. They see everything going to you and every site you go to regardless of VPN.
Correct, the endpoints are the weakness. My point was about being more difficult to find and not bringing attention by paying for a vpn service, a vps could be anything.
When the vpn company is subpoenaed because someone saw suspicious traffic coming out of their servers, regardless of the number of people, the logs and connections would point directly to you.
Well like others have said before, the company most likely wont go down in flames in order to protect you. Not all, but I assume the major providers will roll over.
I would never expect a company that did log to refuse to give those logs to a court. That would be corporate suicide and executives would end up in actual prisons. I also wouldn't expect a VPN provider to refuse a court ordered warrant to begin logging your particular traffic or something like that. So if a company has appeared in court and failed to produce any logs and the court has accepted that information as not existing, it's hard to get stronger verification than that. And that has occurred with at least a few VPN providers (while a few have provided logs to the courts, proving they log).
The better VPN providers will be set up in a way that makes it difficult to touch them in the first place, e.g. they operate from a jurisdiction that sets a high bar for forcing a company to provide customer information.
I'm no expert on Tor but when I researched it years ago, it seemed like your privacy on tor was only as safe as the exit node you happen to go through. If you're in North Korea trying to get out and happen to go through an exit node run by the NK government, they could theoretically decrypt your traffic in some cases. If all the nodes you're going through are theirs, then they know exactly who you are even if they can't inspect the traffic.
Edit: I must stress I'm not an expert, and would love to hear if the above is wrong.
No, that's not entirely true. No single node in a Tor circuit knows both who the user is and what site they are going to. In order to compromise a user's anonymity, you need to do a traffic correlation attack (where you look at packets going through both the guard node and the exit node and match up the timing of packets). There are some protections against this attack in Tor (guard nodes are not changed often by clients, relays need to be running for a long time in order to be permitted to be guards, and there is some randomised traffic sent to the guard by the client) but it is definitely not a solved problem.
But of course, if you aren't using TLS then your traffic is not encrypted as it leaves the pipe. So obviously you should use TLS over Tor.
This is more or less true. The vulnerability of Tor is certainly the exit point.
Incredibly difficult to pinpoint you as the responsible party - but that information could certainly be outputting virtually anywhere, depending on the exit node.
thats not true, its well documented how various bittorrent clients can work through tor. the main drawback is that its slower than a direct connection, but that does not mean it doesn't work...
If the choice is between my ISP logging all of my traffic for whatever purposes they choose, commercial or otherwise, or adding the hurdle of someone getting a court order to get logs of my traffic, I'll take the added hurdle every time. I'm not worried about my traffic being "suspicious" - I'm not doing anything suspicious. You also aren't limited to using a single VPN. If you value your privacy spreading your browsing habits around to a variety of VPNs can only help you - there's no downside when the alternative is "trusting" your ISP.
