Posts by happygeek

Welcome!

According to the fourth annual Web Application Attack Report from Imperva retailers suffer from twice as many SQL injection attacks when compared to other industry sectors. What's more, the United States remains the number one source of all web attacks.

Other key findings of the report include the startling revelation that one website was observed to be under attack for 98% of the time, or 176 out of 180 days if you want to be precise. One web application was seen to receive a mind-boggling 94,057 SQL injection requests in a single day which, if you do the math, works out to 1,567 SQL injection attacks per hour or an average of 26 per minute. The typical attack incident lasted around five minutes, but the worst-case incident was about 100 times longer, lasting more than 15 hours. The overall picture isn't as bad as these extremes, obviously, but even so Imperva reports that most web applications will receive four or more web attack campaigns every month.

The bottom line from the research though is that retailers are hardest hit, with the intensity of attack being quite brutal both in terms of number of attacks per incident and duration. Retail applications received an average of 749 individual attack requests per attack campaign. The Imperva analysis suggests that SQL injection attacks on retail applications consisted of more HTTP requests and lasted longer than SQL injection attacks on other applications. This is largely attributable to the …

New research by Varonis has revealed that only 25% of those companies questioned were able to answer yes to the question: "Are you able to detect when files containing sensitive data are uploaded to a third party cloud service?" Which left a staggering three-quarters of businesses in the dark about the potential for data leakage. It's a growing problem, what with the increasingly widespread availability of public cloud storage such as Dropbox and Google Drive to employees during the last couple of years. The research paper 'Security Incidents and Real-time Alert' also suggests that companies are in the dark about other important security issues. Not least the ability to spot when there has been a data breach.

This 'Red Alert Research Report' was based upon survey data from some 248 information security professionals attending industry events in the UK and US, so the results are about as good a painting of the real-world business IT security landscape as you are going to get. The people being questioned were, after all, those tasked with the job of actually protecting corporate data. Unfortunately, the portrait revealed leaves something of a bad impression. With earlier research showing 67% of data breach incidents taking 'several months' to discover and 70% finding out about them through customers or partners instead of the internal IT department, it's perhaps a little sad to now discover only 6% have implemented any kind of automated breach detection and …

Konami, the Japanese games developer responsible for such genre defining classics as Metal Gear Solid and Silent Hill, has confirmed that tens of thousands of customer accounts have been put at risk due to a breach of the Konami ID portal site. During a period between the 13th June and 7th July, hackers made numerous unauthorised logins. Indeed, during this period it has been suggested that as many as 4 million account hacking attempts were executed. Konami warns that a total of 35,252 customer accounts were hijacked with the attackers having access to personal data including dates of birth, telephone numbers and street addresses as well as passwords of course.

The logins seem to have been made using "IDs and passwords that appear to have been leaked from an external service provider" according to an official Konami statement. Konami went on to apologise "for the trouble this has caused to our valued customers". However, the company was at pains to point out that "no changes to customers' personal information, or unauthorized usage of paid services, have been detected" before suggesting that those customers who use the same passwords for different services should "change to a new and different password". Individual Konami customers whose account details were exposed have been notified by email, and all 35,252 logins have been suspended.

The Konami hack is just the latest in a worrying trend that has seen gamer sites targeted by hackers. Only last week Nintendo was warning users …

Since the blanket ban on firearms, murder rates have skyrocketed, including gun murder rates.

Murder rates have skyrocketed in the UK since the 16th century restriction on carrying weapons and crossbows? Or do you mean when guns were made illegal to carry in public in 1824, is that what you are saying? Or maybe the Gun License Act of 1870 or the Pistols Act of 1903? Or the legislation introduced in 1920, 1937 and 1968 which put more restrictions on the types of firearms that could be licensed? Guns have never been illegal to own here, and still aren't, however there are and always have been very strict controls over ownership.

Murder rates have also increased since the speed limit of 70mph was introduced on the motorways in the UK. I see exactly the same relevance (ie zero) in that correlation, but we can run with it if you like. Bring back unlimited speed limits on motorways and reduce the murder rate, let's start a campaign. I bet murder rates in the US increased after it imposed speed limits as well.

Your argument seems to be 'allow everyone to have guns as it's easier to murder people, with less mess, when they are legal' which is just pure insanity.

Since 1998 after Britains laws were put in place their murder rates doubled

As a Brit, care to expand upon which 'laws' you are talking about and where you get the relevant stats from? I'm guessing you mean the change to the existing regulations regarding pistols? However, what you don't appear to have grasped is that firearms in general are 'banned' here anyway. Possession is only legal under very strict licensing conditions, and usage highly restricted. How you correlate a doubling in murder rates to small changes in the law regarding weapons that were already highly restricted under existing licensing law (the only change was that small firearms/pistols could no longer even be held under license) is, quite frankly, beyond me...

Welcome back! So can you put your finger on anything that prevents you staying longer, what's missing that would help make that connection?

Kryten is a Series 4000 mechanoid, the neurotic robotic servant appearing in cult British sitcom Red Dwarf. So what's he got to do with your computer, apart from the somewhat stereotypical link between geeks and science fiction? Well, the Kryten character was played (in all but the first appearance) by the actor Robert Llewellyn. An actor who has been hired by computer upgrade outfit Crucial.com to present an information video encouraging people, surprise surprise, to upgrade their laptop memory rather than throw it away just because it's running slowly or freezing regularly.

Crucial has undertaken research recently which shows that an estimated 5,528 tonnes of computer scrap is produced in the UK every year from desktop and laptop computers alone. That's the equivalent of 790 double-decker London buses, for example, or more than 580 million British pound coins. Yet 73% of those surveyed admitted they had thrown out a computer, and 38% said they did so as they wanted a device that booted faster, ran faster and could handle multiple simultaneous tasks. This 'scrap' correlation is another link to Llewellyn, interestingly, as he also hosted the popular UK cult TV game show 'Scrapheap Challenge'.

"I'm no stranger to the amount of useful items we throw out in the UK; I've seen all sorts of interesting things that people discard as rubbish" Llewellyn says, adding "although people like me can usually find a use for this so called ‘waste,' it would be much simpler and …

The PowerBank 2000 is the latest in a long line of solar-powered chargers from Sandberg. It's far from being the most powerful backup battery for your smartphone (and yes it will charge Droids as well as iPhones, but as I'm an iPhone user I can only talk about my experiences with that) but it is one of the smallest and lightest. Not that the specs are lightweight per se, with the name giving away the fact that there's 2000mAh worth of capacity in the thing. Producing 1000mA output, the SolarBank will happily charge up my iPhone if I'm away from home and away from another power supply. Although I was told it wouldn't charge the rather more power-hungry iPad that also resides in my manbag, truth be told it did actually manage to power it back from 90% to a 100% charge in just a matter of minutes. I wouldn't rely upon it as an iPad backup battery to be fair, but in case of emergency it may just be enough to get you access to your tablet in order to do what needs doing!

However, as a more eco-friendly alternative to traditional portable battery backups the SolarBank ticks all the right boxes except one for me. So I'll start with the one that remains un-ticked: price. At £32.99 this is not a cheap way of ensuring your iPhone never runs out of juice. Especially when you look at the marketplace out there dealing in …

Although the Opera web browser client is no longer the big 'little player' that it used to be having long since been eclipsed by the likes of Chrome and Firefox in the Internet Explorer alternatives stakes, it can still claim more than 300 million users and a place as world’s most popular browser for mobile phones. So when you learn that Opera Software, the company in Norway behind the Opera browser, has admitted that its internal network infrastructure has been hacked you have every right to be a little concerned. That concern may grow a bit when you discover that "at least one" code-signing certificate was stolen. It starts getting a tad on the large side when, in the next breath, Opera Software also admit that certificate has been used to "distribute malicious software which incorrectly appears to have been published by Opera Software, or appears to be the Opera browser" according to an official spokesperson.

However, for me, my concern turns obese when the public announcement of the hacking and that certificate theft, along with the admission of the malicious software distribution as a direct result, is spun out under the headline of: "Security breach stopped". Erm, hang on a moment, that rather suggests that there is nothing to see here, that the security at Opera Software was all good and the bad guys were thwarted. Or at least it would if the statement that follows didn't take a whole week to arrive after …

There are precious few archaeologists in Japan, and only a handful who produce their own software programs to analyze geographic information. One who does is Professor Izumi Niiro of the Okayama University. A convert from Perl, Professor Niiro now uses Python to perform data analysis via the Geographic Resources Analysis Support System (GRASS) in order to accurately survey the Japanese burial grounds known as Kofun that were built between the third and seventh centuries.

The largest Kofun site in the Okayama Prefecture in Japan is also the fourth largest in the whole of Japan. The 'Tsukuriyama Kofun' is the burial burial mound of the king of the Kibi and was completed in the fifth century. Consisting of a main burial mound and six smaller structures, Professor Niiro explains that "our analysis shows that it was built using very precise procedures using Chinese 'shaku' units of length" (one shaku is 232mm).

"I first became aware of geographic information systems during a sabbatical at Southampton University in 1991," explains Professor Niiro. "I decided to experiment with this technology for archaeological surveying when I returned to Japan. It enables me to visualize and analyze many types of geographical information such as topographic details of maps." He also uses the same systems in order to visualise objects such as a bronze mirror from the early Kofun period in the third century. Using Python, Professor Niiro says he "wrote my own software to visualize the surface of the mirror based on 3D scan …

Time for this thread to cease and desist, it's already been marked solved, and slowly fade away methinks. If postings, on both sides, continue down the current road then I can see the 'keep it pleasant' stick being used to hit participants firmly on the head.

DaniWeb, the 10 year old IT discussion community with more than a million members, is always looking forward and never stops introducing new features and functions for users. When spammers managed to get the better of the (highly customised) vBulletin forum platform which had been driving DaniWeb since the get go, founder and CEO Dani Horowitz got the better of the spammers by re-coding the entire forum platform from the ground up. As a result, DaniWeb users not only got the benefit of a much slicker interface designed specifically for their needs, but the team of volunteer moderators got to go back to spending their time helping the community instead of fighting spam fires.

Being primarily a community of developers and programmers, DaniWeb was historically missing one rather obvious feature: an Application Programming Interface. That glaring gap was plugged recently when Dani announced the arrival of an official DaniWeb API that enables members to put their coding skills to good use and build the DaniWeb app that they have always wanted, access DaniWeb the way they want and manipulate DaniWeb data in new and creative ways. Creativity that quickly became apparent when, within days of the API being made public, a DaniWeb moderator known as diafol (which means Devil in Welsh, and this guy is certainly a coding devil that's for sure) showcased a number of applications including a badge builder for example.

The API is very robust and capable of …

Almost exactly a year ago I was writing about the development of Google Glass here at DaniWeb. In the meantime, the project has turned into a reality and actual product has got into the hands of reviewers and some lucky users with $1,500 to spare. This would all be much more exciting for me were it not for the fact that my vision is severely impaired thanks to suffering from Wet Macular Degeneration in one eye (hence the patch) and the other being very lazy indeed. I get by with the use of a contact lens and high magnification reading glasses, along with other tools and tech to help me at work. I was interested to read, therefore, about the possibility of a prescription version of the Google Glass technology as reported by Engadget earlier this year. Now news is breaking of researchers who are intent on producing the same type of Google Glass tech but in a contact lens.

According to a report in the MIT Technology Review researchers, including those at Samsung research, have successfully embedded a light-emitting diode using nanometric tech into a soft contact lens. Led by Jang-Ung Park from the Flexible Nano-electronics and Biotechnology lab at the Ulsan National Institute of Science and Technology in South Korea, the group has developed what MIT report as being "a transparent, highly conductive, and stretchy mix of graphene and silver nanowires".

I watched Pan's Labyrinth or 'El laberinto del fauno' if you prefer (again, for about the fifth time I think) last night. Guillermo del Toro at his absolute best, before he got too caught up in the whole Hollywood machine thing. You know a movie has achieved greatness when two twelve year old boys who usually prefer 'teen movie crapola' as a genre, and wouldn't touch a subtitled foreign language film with someone else's bargepole, sit captivated for the entire two hours.

According to a new survey of more than 2,000 British workers, 38% of them insisted they were 'content' with their career progression. When it comes to the tech sector, 39% were happy with their career ladder climbing which, according to Randstad Technologies which carried out the research, makes them happier than most. The truth is that while tech professionals are happier than average with their career progression, they are not as happy as you might expect given that 'IT and Telecommunications' (bolstered by demand from a 4G licensing boom) is the sector that has expanded the most during the last three years.

Could this be courtesy of the proliferation of short and medium term contracts within the world of IT I wonder? Certainly this makes any career progression much less defined than it would be otherwise, with workers jumping sideways' from project to project and from sector to sector rather than rising to the top in a structured and linear fashion. Better pay no longer the most important aspect of career progression – doing work that lets me learn new things and meet new people are now the top priority it seems. Still, it could be worse, you could work in media or wholesale where respondents were the least happy with their career progression on 12% and 13% respectively. That said, the 39% satisfaction rating is hardly a clarion call for the sector when compared to insurance workers (the happiest on 73%) or those in property (59%), law (55%) or …

I've also written a news piece about 'Google Ghost' here: http://www.daniweb.com/internet-marketing/search-engine-optimization/news/456005/was-daniweb-hit-by-the-google-ghost-update

First there was Panda, and then there was Penguin, but is there now Ghost as well? Webmasters will immediately know what I'm talking about as far as Penguin and Panda are concerned: updates to the Google search results ranking algorithm designed to make the search experience more relevant for end users by lowering the rank of 'low quality' sites such as content farms and those who use black-hat SEO techniques. Ghost, however, is not only rather spooky but also remains unconfirmed by Google itself.

While anything that makes search better for the user has to be a good thing generally speaking, when you get down to the specifics of Panda there has been a lot of collateral damage to sites such as DaniWeb. There's not a lot of point covering old ground here in too much detail, save to say that a couple of years ago DaniWeb founder and CEO Dani Horowitz became something of a poster girl for the SEO world when she managed to recover from the Panda effect.

Google has already made it clear that Panda will no longer be pushed out manually, instead it will be integrated into the general Google algorithm and therefore become in effect a rolling update. That doesn't mean that sites which are primarily forum-based with mainly User Generated Content (UGC) such as DaniWeb, which have managed to rebuild themselves (in SEO terms) to remain Google friendly are in the clear. In fact, DaniWeb was hit …

I've actually shifted box after box of said T's from van to bar in NYC before now. Mind you, even I don't actually have one... :)

This is the latest upgrade to the Camera Link product from Sandberg, making it compatible with the iPad 3 and iPad 4/Mini; but not at the same time. To get the iPad 4 compatibility rather obviously requires the Lightning connector equipped version, which costs the same as the iPad 3 version. Whichever you need, the premise is the same: upload your photos to your iPad directly from your camera. Insert the SD card into the device, make sure it is toggled to the SD setting, and your iPad will display your images and enable you to import them. If your camera uses a different memory card format, no problem as the Sandberg link lets you connect to a card reader via USB and access your images that way. Finally, that media reading only USB connector (USB A female port) can be used to link directly with your camera itself with a standard USB cable. There are some caveats, namely: only .jpg images are supported and they must be stored in a folder named DCIM.

There's not a lot to say other than 'it worked OK' on the image display front, but there is the small matter of how it compares to the competition. The official Apple Camera Connector Kit may be a lot more expensive than the Sandberg Camera Link at £25, but it's parts are also a lot smaller. In fact, the Apple devices are roughly half the size of the Sandberg one in …

The news that, following a number of pretty high-profile password compromise cases, Twitter is adopting a two-factor authentication for account access is to be welcomed. 2FA, as it is known, applies the better security concept of something you know combined with something you own into the access equation. The thing you know is your password, and the thing you own is your mobile phone.

Here's how it works, once 2FA has been enabled and you try to log into Twitter from a 'new' device a code will be sent by SMS to the mobile phone which you have registered with the service when setting up the two-factor security. This code has to be entered for access from the device to be granted, even if you have the correct password. Without the one, the other will fail. Twitter follows the likes of Dropbox, Facebook, Gmail and iCloud in making 2FA available in order to protect users from the compromised password threat.

However, one security expert warns that 2FA is not a security panacea. David Emm, Senior Security Researcher at Kaspersky Lab, agrees that two-factor authentication will make it harder for accounts to be hijacked but points out that there are still some potential pitfalls with the new approach.

"Twitter’s use of two-factor authentication should be welcomed with open arms. Two- factor authentication makes it difficult for someone to hijack an account, by adding another method of validation. To-date a static password has been the only thing securing Twitter accounts, and all …

OK, here are the head/neck tattoos (immediately after inking, so a bit angry and inflamed - still, better than the swollen head I have this morning) - my take on 'time flies' done in a Trash Polka style.

Security researchers at ESET have revealed that a prolonged and highly targeted data stealing attack aimed at Pakistan, using fake PDF documents, appears to have originated in India.

Using a code signing certificate (issued to what looks like a legitimate company 'Technical and Commercial Consulting Pvt. Ltd') to sign malicious binaries the chances of them being able to distribute the payload was greatly improved. The company concerned, ESET says, was based in New Delhi and the certificate itself was issued in 2011. Documents, mainly PDFs, attached to emails were infected with data stealing malware and signed off with the aforementioned certificate to add authenticity.

ESET malware researcher Jean-Ian Boutin reveals that during the investigation there were several leads that indicated the threat originates from India. "First, the code signing certificate was issued to an Indian company. In addition, all the signing timestamps are between 5:06 and 13:45 UTC, which is consistent with 8-hour work shifts falling between 10:36 and 19:15 in Indian Standard Time" he says, continuing, "we have identified several different documents that followed different themes likely to be enticing to the recipients. One of these is the Indian armed forces". Although Boutin admits that there is no precise information at this point as to which individuals or organisations were specifically targeted by the files. "Based on our investigations" he continues "it is our assumption that people and institutions in Pakistan were targeted".

One of the fake PDF files was delivered through a self-extracting archive called “pakistandefencetoindiantopmiltrysecreat.exe”, …

Growing up, a girl in my neighbourhood had a thing that meant all the guys who knew her well called her a slapper. One for the brits there methinks... ;)

A new survey commissioned by IT solutions specialist GFI Software concludes that, for the vast majority of workers in the small to medium-sized business (SMB) sector at least, the conventional nine-to-five/five day working week is dead; and right there holding the smoking gun is email.

The survey, independently conducted and blind, of 500 employees within the UK SMB workspace, looked at work-related email habits around usage both during the accepted working day and after hours. Although, having looked closely at the results of the survey, the truth of the matter is that the boundaries between work and home have become so blurred as to be almost hypothetical. The fact that 74.6% of people asked admitted that they check their work email at the weekend should come as no surprise at all. I know I do. That said, I'm not amongst the 44% who check work-related email after 11pm although I will admit to checking my inbox while on holiday just like 53.7% of folk do. Outside of 'normal' work hours, 11% check email in real time (whatever that may be) and 27.4% check email 'several times' a day (whatever that may be).

If you want more precisely measured surprises, perhaps even a little bit of shock and awe, then how about these figures:

7.5% have checked work email while attending a child’s school event.

10% have checked work email during a wedding.

6.3% have checked work email while their spouse was giving birth.

Email remains the de-facto method of office …

Following something of a bottom-up redesign last year, DaniWeb now makes use of tags. So you could post your Excel query in the Microsoft Windows sub-category and tag the post with keywords such as 'Excel' and anything else directly relevant in order to increase visibility.

A couple of years ago, a 17 year old was arrested for his part in a denial of service attack against gamers playing the online multiplayer version of Call of Duty: Black Ops. The teenager was accused of selling cheat software called 'Phenom Booter' which prevented others from playing (it's a shell booter) while at the same time enabling the player to boost their scores. As someone who is a bit of a Black Ops obsessive (currently fast approaching 9th Prestige level on Black Ops 2) any kind of cheating really gets my goat. But one that involves preventing me, and others, from playing at all really is at the top of the lame behaviour pile. Which is why I was disappointed to see that Battlefield 3 was taken offline by a DDoS attack earlier this week.

On the afternoon of 8th May, a game spokesperson revealed that "the current Battlefield 3 outages are a result of activity that appears to be aimed at overwhelming our back-end infrastructure. We are working on a variety of solutions to address this problem and are focused on resolution as quickly as possible... We are incredibly disappointed by these activities and the impact they are having on all of our ability to enjoy BF3, thank you for your patience as we work to resolve these issues."

Six hours later, the same person admitted "despite our security measures, we have been working around the clock to mitigate the impact of …

Dana Tamir, Enterprise Security Director for Trusteer has recently uncovered a variation of the TorRAT banking data malware which has been actively configured to target Twitter users. The attack works by "injecting Javascript code into the victim’s Twitter account page" Tamir says, adding that the malware "collects the user’s authentication token, which enables it to make authorized calls to Twitter's APIs, and then posts new, malicious tweets on behalf of the victim". These tweets are used, of course, to spread the malware within the social networking circle by leveraging the trust that is implicit in such networks. Twitter users, generally speaking, follow people and accounts that they trust. When these accounts are compromised by such an attack it becomes quite easy to persuade followers to click through to drive-by-malware pages, simply courtesy of the level of implied trust invested in the original poster.

At the moment this particular attack seems to be confined to the Dutch market, with tweets saying such things as ""Onze nieuwe koning Willem gaat nog meer verdienen dan beatrix. check zijn salaris" which roughly translates to "Our new King William will earn even more than Beatrix. Check his salary" and contains a malicious link.
Of course, the attack vector will most likely soon change as other groups adopt the methodology and adapt the code accordingly.

Dana Tamir provided an excerpt from that injected Javascript code to highlight what is being done:

function _PostTweet() {
        var a = $('input[name="authenticity_token"]').val();
        a.length > 0 && $.post("/i/tweet/create", …

What is Google?
What is being too lazy to do your own homework?
What is the point of taking a course if you cannot be bothered to actually do the work yourself?

Please answer the above questions...

Apply electric shocks to your genitals.

From college dropout to one of the world's youngest self-made billionaires, there is no doubting that Facebook founder and CEO Mark Zuckerberg has made quite an impression in his 28 years on this planet. But who is he really? You could go watch 'The Social Network' movie I guess, but all that does is tell you who he is through the eyes of a scriptwriter and the Hollywood machine. Better, you could trawl the Internet for biographies about and quotes from the man. The trouble with that approach is putting everything in some kind of context, coupled with filtering through all the half-truths, downright lies and inconsequential nonsense out there, takes both a lot of time and a fair amount of background understanding to start with. Best, then, to let someone else do the hard work and track down the relevant and insightful comments from the man himself, organize them by timeline and topic, put them into that context and top and tail them with biographical analysis. That's what George Beahm has done with his book 'The Boy Billionaire: Mark Zuckerberg In His Own Words'.

Collecting nearly a decade's worth of quotations from Zuckerberg's speeches, interviews and writings on subjects including online social engagement, education, hacking culture, personal business strategies and even his views on that movie, this book is a triumph of the editor's art. I say that as a writer and editor, in the technology sector, with two decades of graft behind me. …

What site?
What post?
Why do you want it deleted?
Is it against the terms and conditions of posting at that site?
Is it illegal?
Have you tried reading the help/FAQ about posts at the site concerned?

See also:

http://www.sonoma.edu/math/faculty/falbo/adabyron.html

http://plus.maths.org/content/ada-lovelace-visions-today

and (with a ton of links to further resources about here)

http://womenshistory.about.com/cs/sciencemath1/a/bio_lovelace.htm

My attention was first drawn to the VerticalMouse when I received a press release from Dutch computing ergonomic specialists BakkerElkhuizen. Founded in 1994 by 'movement scientists' and ergonomists, BakkerElkhuizen is committed to linking the human being and their computers in a more natural way. The latest development from the company is a complete work set for the kind of flexible workstations that laptop driven working models demand. Consisting of a laptop holder, a compact keyboard, document holder and a vertical mouse. Regular readers of DaniWeb will know that my vision is impaired due to a medical condition, which requires my keyboard to be twice the size of a standard model (with huge yellow and black keys) so a compact alternative is not for me. Likewise, my laptop is plugged into a very large touchscreen monitor on my desk at work, so the laptop holder is redundant in my case as well. However, as a professional writer for the last twenty years, I am always happy to look at different mice that will help prevent repetitive strain injury; something I have suffered with on and off for the last decade or more. And so it was I found myself confronted by one of the weirdest computer mice I have ever seen: the Evoluent VerticalMouse 4.

This is the latest version of the vertical mouse design from Evoluent, the earlier model having been approved by medical doctors, physical therapists and ergonomists for staff use at …

JxMan - it could be that the voter hit the wrong button as the comment suggests they meant to leave positive rep.

imBaCodes - your post has a zero vote rating at the minute, so maybe someone else upvoted it. That's the way the vote system works, people can vote anonymously without giving a reason (unlike rep where comments must be left and voter identity revealed) - it's a personal opinion thing. Best not get too stressed about it!

Welcome.

Guide you? OK, how about:

1. Read the rules
2. Read the forums that interest you most
3. Contribute to those forums, paying attention to the rules

That's it - simples!

XANTIPIUS - PLEASE READ THIS

If you continue to resort to making racist remarks then I will give you a keep it pleasant infraction (you remember those, you've had them before for making racist remarks). Here's a reminder of the rule:

Do not post anything with malicious intent against another member, including, but not limited to, racist, sexist or religiously prejudiced remarks

While I appreciate that you have not directed your racist opinions against any particular member, and frankly that's the only reason the posts remain intact, I have already received complaints from members who feel offended by your remarks. Resorting to such childish name calling is indicative of someone who has lost the argument already, and I would seriously suggest that if you have nothing to say then you say nothing. Either that, or make more of an attempt to debate and engage rather than simply shouting and ranting.

You may be wondering what a superfecta actually is, and the answer is: the most dangerous and serious threat to business. To clarify, the superfecta as defined by secure cloud hosting outfit FireHost is a group of four attack vectors that comprises of Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), SQL Injection and Directory Traversal.

Cross-Site Request Forgery (CSRF) is an attack mode that forces the end user to execute an unwanted action on a web application in which they are currently authenticated. Cross-Site Scripting (XSS) involves the insertion of malicious code into webpages in order to manipulate website visitors. SQL Injection, as everyone surely knows by now, involves entering malicious commands into URLs and text fields on websites that happen to be vulnerable, usually in an attempt to steal the contents of databases storing valuable data such as credit card details or usernames and passwords. And finally, Directory Traversal (also known as a Path Traversal attack) aims to access files and directories that are stored outside the web root folder.

At the InfoSecurity Europe show yesterday, Firehost revealed its 2013 web application attack statistics for the first quarter of the year which detailed this superfecta as blocked by the firewalls protecting its servers in both Europe and the United States during the period covering January to March 2013.

The volume of Cross-Site Request Forgery (CSRF) attacks was up by an astonishing 132% by the end of the quarter, compared to the same period during …

I'm David on my birth certificate, my mum calls me Dave but pretty much everyone else knows me as Davey. I'm happy enough with it, but then I don't believe that the name defines the person so it makes no difference anyway...

What DaniWeb needs is a 'memorial account' option, similar to Facebook, perhaps?

even that smells better

James, did you really mean to say that given the context? If so, then kudos to you sir! :)

As for the non-censorship option, I'd go for that myself. However, there is a danger in taking the freedome of speech route that aomething really offensive could either go unnoticed or, much worse, get noticed by others but left undealt with by mods for a period of time - enough time to push those of a weaker disposition than you and I away from the site. It only takes one nutter with a bot to cause chaos...

Perforce Software has today shared five essential tips for software development teams to consider by way of spring cleaning the development environment. These management guidelines are designed to help maintain well-organized codebases as well as improving the overall development process.

Randy DeFauw, senior product manager at Perforce Software, told DaniWeb that he has seen the value of breaking down silos over and over again. "Ten years ago I saw a project hit a testing wall because the developers had never seen the test plan before final acceptance began" DeFauw says "Five years ago I saw repeated deployment nightmares because the deployment process was a bunch of sticky notes on someone's desk. And today in product management I'm seeing huge payoffs from making the 'done' criteria more visible."

Having all the important information accessible in one place is a foundation of Agile, DevOps, and continuous delivery. Which is why next week at the Perforce Software 'Merge 2013' conference, one customer in the shape of Intuit is giving a talk that touches on these issues, including using solid branching techniques for deployment data.

"Springtime is when software projects begin to pick up steam, but longer days don't have to equal longer delivery cycles" DeFauw continues "with a well-maintained and well-managed codebase, companies can have peace of mind while ramping up to launch various projects."

Here are those five spring codebase cleaning tips:

ONE

Use one tool to keep track of everything: Studies consistently show …

My Dad died 16 years ago next month, and I still miss him - that never stops. What does stop is the grieving; that turns from mourning his loss to celebrating his life.

A new survey of 1000 commuters in London has revealed that, for a surprisingly large number of people, losing Internet access is more stressful than having no heating or water. Some 38% of those asked said that they would most stressed by a lack of Internet access at home, compared to only 32% with water loss and 18% no heating.

The Internet isn't the only thing people worry about losing though, cash (46%) was top of concern list. Interestingly while a third were worried about losing their personal mobile phone, only %5 could care less about losing their work mobile.

The survey, commissioned by Infosecurity Europe, also asked random commuters just how long they could cope without Internet access at home and 29% said they would be seriously troubled after a few days, and 25% wouldn't last longer than 24 hours without the 'net. Surprisingly, a whopping great 27% insisted that they could not cope at all if the Internet went down! This compares to just 17% in a similar survey the previous year. Are we becoming ever more increasingly dependent upon the Internet at home?

Claire Sellick, a Director of Infosecurity Europe, points out that, actually, it's not just the domestic environment. "When workers were asked what would cause them the most distress at work, a third of people citing this over and above their computer systems going down even worse than a really bad commute to work."

Normally I wouldn't be happy about a frail 87 year old losing her life, but I will make an exception for Thatcher. There have actually been street parties here in the North of England yesterday, people are so happy that the old witch has finally died. Let's not forget that she called Nelson Mandela a terrorist, supported the aparthied regime in South Africa, was a friend of General Pinochet who killed thousands in Chile and, well, the list goes on. And that's without even starting on the misery she brought to the UK...

Writing in the latest edition of Vanity Fair, Kurt Eichenwald states that Facebook has "quietly been pioneering a marketing business model unlike any other" and goes on to praise the social networking Goliath for developing new targeting techniques that give "advertisers an unprecedented ability to reach only the potential audiences they want". Eichenwald comes to this conclusion, he says, following months of interviews with Facebook advertising clients, investors and key executives from Facebook itself.

The picture painted by Eichenwald in Vanity Fair is of a business which has pretty much revolutionised the marketing and advertising space online, and reinvented itself as a result. He talks of the kind of insight that Facebook can deliver to advertisers in order to enable them to deliver highly targeted messages at just the right time, such as tracking down "potential buyers at any point along the purchasing path" with an example used of Facebook users having checked travel prices without completing an order being able to be hit with ads "urging them to pull the trigger on buying".

It all sounds, from the advertising executive perspective at least, like marketing heaven. So why do I feel like I am in some kind of perpetual Facebook advertising hell instead? Seriously, quite where all this clever stuff comes into play I am at a loss to comprehend based upon the adverts that target me. I am vegan, an animal rights activist, an award winning IT security journalist, wear an eye patch and have more …

According to new research from Randstad Technologies, a specialist recruitment company, less than half of those working in the IT and technology industry in the United Kingdom are happy with their levels of pay. By contrast, however, 60% appear to be quite happy with their jobs despite of this. Interestingly, that 60% figure is lower than the national average of 61% across the entire UK workforce whereas the number happy with their pay (47%) is higher than the national average (43%). If you want to be really happy, if you believe the statistics, then perhaps you should quit tech and go work in the utilities sector (96% job satisfaction there) and if you want to be happiest about the money you get paid then go work in insurance (90% happiness rating).

Mike Beresford, Managing Director of Randstad Technologies, says: "In 2011 and 2012 the number one priority for people was job security – now it’s salaries and benefits. Tech employees certainly aren’t the least happy in the UK, but employers must redouble their efforts if they are to attract and hold on to skilled employees as the sector grows. For instance, roles in IT infrastructure are expected to see a 10% increase in salary. However, that’s only half the battle. Last year Tech employees felt they were working the equivalent of one and a half jobs, and it’s clear teams are still as lean as possible. While cost is still a concern, the best employers …

It feels pretty good from where I am sitting...

Are you serious? Maybe if you told us what the error message was, maybe then we could help. Otherwise I think you are on your own bud...

The media, online and off, has been full of scare stories about the 'biggest Internet attack ever' and how a distributed denial of service (DDoS) campaign aimed against anti-spam outfit Spamhaus peaked at an attack volume of 300 Gbps (the highest ever recorded by those who record such things) was 'slowing down the global Internet'. DaniWeb didn't join the rush to shout 'the sky is falling' as, frankly, we didn't believe it as there was precious little evidence to be found that the DDoS attack was impacting anyone other than Spamhaus along with it's anti-DDoS protection service CloudFlare and their upstream providers. Sure it was a serious attack, one that could well have implications on the direction such things are heading in, and potentially could be bad news for all of use. However, the Internet did not slow down and for the vast majority of global users there was no noticeable effect at all. The one area that you might think would be impacted is the amount of spam that reaches your mailbox. After all, if one of the main organisations responsible for keeping the lid on spam distribution channels is taken off air then surely we can expect to see spam levels peak. So when a press release arrived following these attacks which proclaimed that spam is twice as likely to be hitting mailboxes than previously, I was concerned. But only for a few moments, as a bit more reading reassured me that it had nothing to do with …