Posts by happygeek

A successful tournament poker player from Japan, with earnings estimated at $1.5 million from his prowess at bluffing and holding his nerve under pressure, has been arrested and charged with being behind an Android malware distribution operation that netted even more: $3.9 million according to Symantec.

The Chiba Prefectural Police in Japan arrested a total of nine people in connection with distributing spam emails with download links to the Android.Enesoluty malware. Symantec reports that one of these was 50 year old Masaaki Kagawa, president of an IT firm from Shibuya, Tokyo. "His passion for taking chances and risks has paid off in the game of Poker" says Symantec employee Joji Hamada, who continues "but it’s not looking good for his gambling with Android malware."

It would appear that the Android malware operation was running between September 2012 and April 2013, with some 150 domains registered to the malicious apps which managed to collect more than 37 million email addresses from over 800,000 Android devices. This address list was then used to spam people in order to lure them to a fake online dating service, which in turn was where the profits of 390 million Yen are thought to have been made.

Please try again with an actual question :)

Welcome

Agreed with Dani. Can't see why something you posted might not be as useful/interesting/worthy or equally annoying/pointless/wrong as it was a month/year/decade ago.

As a spammer yourself garyson02, hope you enjoy your ban by the way, you should know what a SPLOG (Spam Blog) is...

Welcome John. What's the story behind the unusual middle name, Mulvehill?

My Private Messages counter (at top of page) wasn't showing any new messages when I logged on just now, nor did the 'you have a new PM wanna read it' box pop up. However, I did have a bunch of unread new PMs sitting in my inbox (email notifications told me).

UK home shopping pioneers Lakeland have sent an email to all customers past and present to warn them that the retailers website has been hacked. What Managing Director Sam Rayner calls a "sophisticated and sustained attack" took place late on Friday 19th July. Measures were taken at the time to block that attack and repair the system, however the ongoing investigation has revealed that two encrypted databases were compromised.

In that email to customers, Rayner states that the company has been "unable to find any evidence that the data has been stolen" but nonetheless has taken immediate action to delete all customer passwords used on the site. Customers logging in will be required to choose a new password.

Although further details are scarce at this point in time beyond the hack using "a very recently identified flaw in the Java software used by the servers", Lakeland is to be applauded for a timely and honest disclosure of the breach. Rayner calls this a "policy to be open and honest with our customers" and although he continues to state that it is not known for certain that the hackers succeeded in stealing data Rayner does wisely admit that there is a 'theoretical risk' and as such think it best to be "proactive in alerting" customers. Obviously there is some careful wording being used here to try and mitigate any brand damage, and I'm no great fan of the whole 'potential/theoretical' language approach when disclosing such attacks …

Welcome

Welcome!

According to the fourth annual Web Application Attack Report from Imperva retailers suffer from twice as many SQL injection attacks when compared to other industry sectors. What's more, the United States remains the number one source of all web attacks.

Other key findings of the report include the startling revelation that one website was observed to be under attack for 98% of the time, or 176 out of 180 days if you want to be precise. One web application was seen to receive a mind-boggling 94,057 SQL injection requests in a single day which, if you do the math, works out to 1,567 SQL injection attacks per hour or an average of 26 per minute. The typical attack incident lasted around five minutes, but the worst-case incident was about 100 times longer, lasting more than 15 hours. The overall picture isn't as bad as these extremes, obviously, but even so Imperva reports that most web applications will receive four or more web attack campaigns every month.

The bottom line from the research though is that retailers are hardest hit, with the intensity of attack being quite brutal both in terms of number of attacks per incident and duration. Retail applications received an average of 749 individual attack requests per attack campaign. The Imperva analysis suggests that SQL injection attacks on retail applications consisted of more HTTP requests and lasted longer than SQL injection attacks on other applications. This is largely attributable to the …

Maybe hosted/outsourced support forums are something that DaniWeb could look at? Either as a revenue stream (by charging for the service) or as a potential 'rank raiser' option.

[edit] Should have read to the end of the thread before posting. Doh. Schoolboy error of the day number one :) [/edit]

[edit] Certainly something we can push in the next newsletter - I'm all over it like a badly fitting suit [/edit]

See 'About us' for the easy answer...

Looks fine from here. Are you still unable to see it?

New research by Varonis has revealed that only 25% of those companies questioned were able to answer yes to the question: "Are you able to detect when files containing sensitive data are uploaded to a third party cloud service?" Which left a staggering three-quarters of businesses in the dark about the potential for data leakage. It's a growing problem, what with the increasingly widespread availability of public cloud storage such as Dropbox and Google Drive to employees during the last couple of years. The research paper 'Security Incidents and Real-time Alert' also suggests that companies are in the dark about other important security issues. Not least the ability to spot when there has been a data breach.

This 'Red Alert Research Report' was based upon survey data from some 248 information security professionals attending industry events in the UK and US, so the results are about as good a painting of the real-world business IT security landscape as you are going to get. The people being questioned were, after all, those tasked with the job of actually protecting corporate data. Unfortunately, the portrait revealed leaves something of a bad impression. With earlier research showing 67% of data breach incidents taking 'several months' to discover and 70% finding out about them through customers or partners instead of the internal IT department, it's perhaps a little sad to now discover only 6% have implemented any kind of automated breach detection and …

That's when I get up, and am in the office for 5.30am most mornings...

And goodbye. What a shame he turned out to eb a spammer, cut and pasting content from all over the web just so he could have his sig links exposed. Now cooling down with a 3 month ban...

Welcome Younis

Welcome William

Your code was not deleted (have just checked the editing history, no moderator deleted anything) - perhaps your edit fell outside the allowed time window for such things by the time you had finished and so wasn't actually applied?

Tumblr, the hugely popular blogging service which was bought by Yahoo! last month, has advised mobile users to change their passwords, and change them immediately. In a posting to the Tumblr staff blog, a spokesperson states "We have just released a very important security update for our iPhone and iPad apps addressing an issue that allowed passwords to be compromised in certain circumstances." The precise details of the vulnerability that enabled this password compromise appear to be rarer than rocking horse crap, however there's a pretty big clue in a footnote to that staff blog post which defines 'certain circumstances' as being "sniffed in transit on certain versions of the app".

From which we can fairly confidently extrapolate that the iPhone and iPad Tumblr apps have not been logging users into the platform securely, leaving anyone who has used them from an airport lounge or hotel lobby vulnerable to those who would hack your stuff. The Register broke the story after a security conscious reader carried out an audit on the Tumblr app to see if it was secure enough to use on his corporate devices. "The Tumblr iOS app is sending the password over plain text and not over SSL" the auditor discovered. So the Tumblr app wasn't logging in using an HTTPS connection, and was therefore sending all login data as in-the-clear unencrypted text. Text that is stupidly simple for a drive-by hacker to sniff and grab out of the ether. …

Hello and welcome. I stopped building computers from scratch when I started using laptops instead of desktops. Mind you, a laptop home-build could be an, erm, 'interesting' project I guess :)

Easiest interim method to stop this is a bit of sticky tape over the webcam. Instant on, and instant visibility off...

Welcome RR!

Welcome!

Welcome!

Global online cash provider Ukash, founded in 2001 and with a presence in more than 50 countries across 6 continents, has warned users not to get scammed by a loan company con doing the rounds at the moment. Ukash works on a code basis, with the user buying a voucher in a shop or petrol station for example, and the unique 19 digit code it contains is used to pay for stuff anywhere online that accepts Ukash transactions (the codes can also load 'cash' into prepaid cards and e-wallets).

Reports are emerging that conmen claiming to represent 'The Start-ups Loan Company' amongst other loan providers, are scamming people out of their Ukash codes. “The official Start-Up Loans Company is a government backed organisation and is not associated with providing loans to individuals, but is one of the names criminals are using to conduct this scam,” warns Miranda McLean, a director of Ukash. “The criminals have access to personal information provided to loan broker websites and claim to have approved a loan, but need a fee to be paid in advance."

The advice is, obviously, that Ukash voucher codes should never be given to a third-party by any method other than through an official Ukash partner site. “No genuine loan company will ask for a fee to be paid in advance" McLean advises, continuing "the simple message is to treat Ukash with the same security as you would physical cash. We continue to work …

You don't say? ;)

That's just about the most common genuine reason for delete requests where code is concerned, it has to be said.

Welcome to the DaniWeb community

Did you have a question to ask?

Welcome

Having checked the thread(s) in question (http://www.daniweb.com/software-development/csharp/threads/452839/divide-a-number-equal-to-the-input#post1964686) and (http://www.daniweb.com/software-development/csharp/threads/452839/divide-a-number-equal-to-the-input#post1963853) plus the reason you state for removing them of "Not exactly what I want. And it not gets proper solution. so its better if you delete this thread" I have to say that there is no good reason at all for either to be deleted. DaniWeb members have put efffort into replying and providing code examples, deleting it would suggest those efforts were futile/unwanted - and neither is true. The postings do not break the rules anyway, and as such will not be deleted I'm afraid.

Who are you again? ;)

Konami, the Japanese games developer responsible for such genre defining classics as Metal Gear Solid and Silent Hill, has confirmed that tens of thousands of customer accounts have been put at risk due to a breach of the Konami ID portal site. During a period between the 13th June and 7th July, hackers made numerous unauthorised logins. Indeed, during this period it has been suggested that as many as 4 million account hacking attempts were executed. Konami warns that a total of 35,252 customer accounts were hijacked with the attackers having access to personal data including dates of birth, telephone numbers and street addresses as well as passwords of course.

The logins seem to have been made using "IDs and passwords that appear to have been leaked from an external service provider" according to an official Konami statement. Konami went on to apologise "for the trouble this has caused to our valued customers". However, the company was at pains to point out that "no changes to customers' personal information, or unauthorized usage of paid services, have been detected" before suggesting that those customers who use the same passwords for different services should "change to a new and different password". Individual Konami customers whose account details were exposed have been notified by email, and all 35,252 logins have been suspended.

The Konami hack is just the latest in a worrying trend that has seen gamer sites targeted by hackers. Only last week Nintendo was warning users …

Back in December 2011, reports were circulating regarding a data breach at one of the big Chinese social networking sites, Tianya.cn that suggested the login credentials of some 40 million users were potentially exposed. Clear text usernames and password combinations were stolen by hackers during the breach, although a Tianya spokesperson at the time said that only those users who registered before November 2009 would have had clear text logins as after that the service had implemented encryption (!) - quite why the existing membership data could not have been encrypted at this point is, frankly, beyond me. Word on the webvine at the time was that unencrypted data was not secured or deleted when the servers and systems were upgraded, and the Tianya administrators had to shoulder that failure. While the 40 million figure bandied around at the time seemed huge, later reporting suggested it wasn't that bad; 'only' 4 million users ended up having their usernames and passwords published online by the hackers for everyone to see.

Fast forward to now, and the Tianya story just keeps on giving. Steve Thomas, the co-founder of PwnedList, was interviewed recently and reckons that his outfit has managed "to find over 28 million credentials, including plaintext passwords" from that breach in 2011. The data was, according to Thomas, provided by a Chinese hacker who pointed PwnedList at a 'leak share' site including the Tianya dataset.

If you are concerned that your logins may have been compromised, you can run …

Since the blanket ban on firearms, murder rates have skyrocketed, including gun murder rates.

Murder rates have skyrocketed in the UK since the 16th century restriction on carrying weapons and crossbows? Or do you mean when guns were made illegal to carry in public in 1824, is that what you are saying? Or maybe the Gun License Act of 1870 or the Pistols Act of 1903? Or the legislation introduced in 1920, 1937 and 1968 which put more restrictions on the types of firearms that could be licensed? Guns have never been illegal to own here, and still aren't, however there are and always have been very strict controls over ownership.

Murder rates have also increased since the speed limit of 70mph was introduced on the motorways in the UK. I see exactly the same relevance (ie zero) in that correlation, but we can run with it if you like. Bring back unlimited speed limits on motorways and reduce the murder rate, let's start a campaign. I bet murder rates in the US increased after it imposed speed limits as well.

Your argument seems to be 'allow everyone to have guns as it's easier to murder people, with less mess, when they are legal' which is just pure insanity.

Since 1998 after Britains laws were put in place their murder rates doubled

As a Brit, care to expand upon which 'laws' you are talking about and where you get the relevant stats from? I'm guessing you mean the change to the existing regulations regarding pistols? However, what you don't appear to have grasped is that firearms in general are 'banned' here anyway. Possession is only legal under very strict licensing conditions, and usage highly restricted. How you correlate a doubling in murder rates to small changes in the law regarding weapons that were already highly restricted under existing licensing law (the only change was that small firearms/pistols could no longer even be held under license) is, quite frankly, beyond me...

Have a good one Dani!

A better question would have been 'what is semantic search' as you need to understand that in order to be able to focus your SEO efforts to get the best out of it. Read the Wikipedia entry on semantic search for a quick overview.

If you read the rules, especially this one: 'Do not write in all uppercase or use "leet", "txt" or "chatroom" speak' and then try againhaving thought through exactly what it is you want to ask, you may get some sensible answers. That said, if you really want to know if e-commerce is a new way to make money then I very much doubt you will. The answer, by the way, is no it is not new at all...

Surely someone running a company that develops ecommerce sites, and more importantly advertises as a magento developer, would already know that? Or are you just here for the spamming perhaps? Sigh...

Retina support refers, I would assume, to Apple high pixel density displays. Quite what that has to do with SEO, on the other hand, I have abso-fricking-lutely no idea.

Note that the OP is banned for spamming, by the way...

Welcome back! So can you put your finger on anything that prevents you staying longer, what's missing that would help make that connection?

You work for a company called Imenucards. It wouldn't happen to develop a 'restaurant app' for you to plug in a minute, now would it? Sigh...

Kryten is a Series 4000 mechanoid, the neurotic robotic servant appearing in cult British sitcom Red Dwarf. So what's he got to do with your computer, apart from the somewhat stereotypical link between geeks and science fiction? Well, the Kryten character was played (in all but the first appearance) by the actor Robert Llewellyn. An actor who has been hired by computer upgrade outfit Crucial.com to present an information video encouraging people, surprise surprise, to upgrade their laptop memory rather than throw it away just because it's running slowly or freezing regularly.

Crucial has undertaken research recently which shows that an estimated 5,528 tonnes of computer scrap is produced in the UK every year from desktop and laptop computers alone. That's the equivalent of 790 double-decker London buses, for example, or more than 580 million British pound coins. Yet 73% of those surveyed admitted they had thrown out a computer, and 38% said they did so as they wanted a device that booted faster, ran faster and could handle multiple simultaneous tasks. This 'scrap' correlation is another link to Llewellyn, interestingly, as he also hosted the popular UK cult TV game show 'Scrapheap Challenge'.

"I'm no stranger to the amount of useful items we throw out in the UK; I've seen all sorts of interesting things that people discard as rubbish" Llewellyn says, adding "although people like me can usually find a use for this so called ‘waste,' it would be much simpler and …

The Mobile Development forum might be a good place, which is why I've moved this thread here...

Is there a question in that, or is it just some badly phrased spam of some sort?

What router?

What is it connected to?

What problems are you having?

The PowerBank 2000 is the latest in a long line of solar-powered chargers from Sandberg. It's far from being the most powerful backup battery for your smartphone (and yes it will charge Droids as well as iPhones, but as I'm an iPhone user I can only talk about my experiences with that) but it is one of the smallest and lightest. Not that the specs are lightweight per se, with the name giving away the fact that there's 2000mAh worth of capacity in the thing. Producing 1000mA output, the SolarBank will happily charge up my iPhone if I'm away from home and away from another power supply. Although I was told it wouldn't charge the rather more power-hungry iPad that also resides in my manbag, truth be told it did actually manage to power it back from 90% to a 100% charge in just a matter of minutes. I wouldn't rely upon it as an iPad backup battery to be fair, but in case of emergency it may just be enough to get you access to your tablet in order to do what needs doing!

However, as a more eco-friendly alternative to traditional portable battery backups the SolarBank ticks all the right boxes except one for me. So I'll start with the one that remains un-ticked: price. At £32.99 this is not a cheap way of ensuring your iPhone never runs out of juice. Especially when you look at the marketplace out there dealing in …