Posts by happygeek

The Serious Organised Crime Agency (SOCA) website remains offline after being hit by a Distributed Denial of Service (DDoS) attack for the second time in the space of a year. Last June it was the hacktivist group LulzSec which claimed responsibility; this time nobody has yet come forward to admit they did it and explain why. However, it seems likely that hacking collective Anonymous could be behind the strike in protest over the decision of the UK's High Court to order all Internet Service Providers to block access to The Pirate Bay.

The SOCA website has been unavailable since late on Wednesday night by the attack which apparently continues unabated. The decision to take the website offline was taken in order to "limit the impact" of the DDoS attack according to a SOCA spokesperson. It has to be said that as the whole point of a DDoS attack is to take down a website by making it impossible to access, the impact of thr attack would appear to be pretty complete. Of course, I understand that there are implications beyond the site in question, and other sites hosted with the same service provider could be impacted by an ongoing attack.

While most commentators and security experts were pointing the finger at 'groups unknown' initially, and suggesting that the recent takedown of some 36 websites selling stolen credit card data could be behind the attack, I'm not so sure this is the case. Cybercriminals …

Thought the days of having to use a particualr web browser client in order to use a specific site were over? Think again if this conversation between a user and eBay support is anything to go by.

As a journalist who has spent the largest part of the last 20 years online, not a great deal makes me sit up and my jaw drop with disbelief anymore. However, when a chap called Mike Hall copied me in on a support conversation he had with eBay, I have to admit I was rather in danger of spitting my coffee all over the keyboard.

The part of the support chat transcript that stood out and grabbed me by the manly bits simply stated: "I suggest that you kindly use Firefox 3.6 (not IE 9.0, Safari or Google Chrome as they aren't compatible)". Yes, you read that right, eBay told a user that three out of the four major web browser clients are not compatible with the eBay site. That, dear reader, is quite simply astonishing.

I might have had less trouble getting my head around this incredible web design FAIL were it 1999, or were the site in question produced and operated by the local corner shop on a budget of 10 dollars and a lot of finger crossing. However, this is 2012 and we are talking about one of the iconic brands of the Internet age, one of the biggest online commerce sites there is.

Yet …

An incredible 69% of IT Administrators are so stressed at work that they have seriously considered changing career as a result, according to a new survey from GFI Software. The 'IT Admin Stress Survey' also revealed that 34% of IT Administrators will work overtime equivalent to an additional 12 weeks each year, and that's without any additional pay for their troubles.

Asking 201 UK-based IT Administrators working at businesses of between 10 and 500 employees, the survey found that 66% of those questioned considered their jobs just as stressful, or more stressful, when compared to others in their immediate social circle. The amount of stress would seem to vary according to the size of the company concerned, with 56% claiming to be stressed where between 10 and 49 staff are employed but 84% where that figure is between 50 and 99.

Perhaps unsurprisingly, the main causes of stress for the IT Admin were considered to be management issues (36%), user issues (21%) and having to meet tight deadlines (15%). What was more surprising was the sheer scale of overtime being put in by IT Admins, with many routinely working beyond the 48 hour working week as laid down in law by the EU Working Time Directive and 34% admitting that they worked for 10 hours or more in overtime during the average week. These long working patterns mean that 42% had missed social functions, 36% missed spending time with their children, 29% suffered from health-related …

New research shows that hackers are becoming increasingly lazy in their search for online exploits, with 98% of Remote File Inclusion and 88% of SQL injection attacks now being fully automated.

It comes as no surprise whatsoever to DaniWeb administrators and moderators that your average cybercriminal is looking for the easiest way to earn a dishonest buck. After all, we have recently completely re-coded the DaniWeb forum from the ground up partly in order to deal with the increasing number of spambot attacks that were being launched against us across much of last year. Spammers have long since used software to automate both the spam-posting process but during the past few years we have seen them increasingly turning to software solutions that automate the forum registration process as well, including breaking the various CAPTCHA-based security systems that forum operators put in place to stop just such occurrences.

The Hacker Intelligence 'Automation of Attacks' report published today by security specialists Imperva suggests that this highly automated approach to law-breaking is rife within the hacking community. The report is a detailed analysis of data collected between January and March 2012, and reveals that as much as 98% percent of Remote File Inclusion (RFI) and 88% of SQL injection attacks are automated, including by two software tools: Havij and sqlmap.

With making money the driving force behind most web application attacks, why would hackers want to waste time actually studying vulnerabilities and learning how to exploit …

Although you may not realise it, dear coder, you apparently have the best job in America. At least that's what the newly published 2012 Jobs Rated Report reckons. The CareerCast research shows that for the second year running the best job in the US is a software engineer. Not surprisingly the demand for programmers is expected to rise by as much as 30% over the next eight years according to the report authors, a rate of increase much steeper than the average for any other occupation.

The report took into account various factors such as income, stress, physical demands and career outlook in order to compile the listings. Report publisher Tony Lee explains that the top-rated jobs all have "few physical demands, minimal stress, a good working environment and a strong hiring outlook".

Unlike those which make the America's worst jobs list which are often physically demanding and low paid, as is the case of lumberjacks and dairy farmers. Which doesn't explain why newspaper reporter and broadcaster also appear in that worst list, says a man who has done both these things and not found them to be particularly physically stressful or badly paid.

“Many jobs in the media are characterized by high stress, short deadlines, long hours and a poor hiring outlook” Tony Lee explained, adding that "despite these poor working conditions, competition is steep for what jobs remain after massive consolidation and layoffs in the media industry.”

Ironically, I would imagine …

The United Nations Global Pulse, along with analytics software specialist SAS, has revealed how social media streams can be used as predictors of national unemployment line spikes.

By analysing more than half a million blogs, forums and news sites, the researchers were able to determine how social media chatter more specifically the 'conversation sentiment' expressed by it, could warn of pending unemployment increases as well as help to inform government policymakers of the likely impact of those increases.

The data analysed came from more than two years worth of social media streams in both the USA and Ireland, and was checked for any references to unemployment and how people hit by it were coping. By using a process of mood scores and conversation volume comparison to the official unemployment statistics in both countries, SAS and the UN Global Pulse researchers were able to determine that increased chatter about 'cutting back' and 'public transportation usage' as well as 'downgrading the car' were positive indicators in predicting an unemployment spike.

Following such a spike, the research showed that social media conversations about holiday cancellations and mortgage foreclosures or eviction surged. OK, maybe that is predictable without doing the social media analysis, but it does nonetheless flag the economic effects of employment downturns as reflected within the social media sphere and could be useful for policymakers looking to mitigate the negative effects of increased unemployment according to the UN Global Pulse team at any rate.

UN …

The latest VIPRE report, detailing the ten most prevalent malware threat detections spotted by GFI Labs and the ThreatNet Detection System, reveals that Google, LinkedIn, Skype and Mass Effect 3 were amongst the big brands being exploited by cybercriminals in order to leverage trust whilst distributing malware-laden emails. As a consequence, GFI software is urging users to question absolutely any and every unsolicited message regardless of the subject matter or purported origin.

The research labs team has documented a high number of spam and malware distribution campaigns during the month of March which have successfully infiltrated users' systems disguised as communications from well-known companies or pretending to be promotions for their services and products.

Christopher Boyd, the senior threat researcher at GFI Software, warns that Internet users are "bombarded with countless emails every day" and these campaigns are exploiting the "reflex-like tendency to click on links and open emails that look like they’re coming from a company we know and trust."

Take Google, for example, which was linked to such malware campaigns by being used as the hook for a couple of nasty scams that Google systems had detected malware on their computer and then, you guessed it, did the old rogue-antivirus thing and directed them to a site where the payload product could be downloaded. There were even emails being sent that claimed to come from Google Pharmacy, which doesn't exist, and offering services as a pharmaceutical interface for the search engine. …

The Flashback Trojan has infected at least 600,000 Apple computers running Mac OS X according to the Russian AV company Dr Web which researched the spread of the malware which was originally discovered at the end of last year and for which Apple issued a security patch just this week.

You can determine if your Mac is one of the machines infected by the Flashback Trojan, which disguises itself as an Adobe Flash Player installer, by running the AppleScripts provided by Mashable in response to the Dr Web discovery and available for download here

Alternatively, you can run the following commands in the Mac OS X Terminal yourself, and get a sense of relief if all of them give the response "The domain/default pair of (...) does not exist" as that means there is no Flashback infection present on your computer.

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES; defaults read /Applications/Safari.app/​Contents/Info LSEnvironment; defaults read /Applications/Firefox.app/​Contents/Info LSEnvironment

If your machine is infected, then F-Secure has published step-by-step instructions for removal which can be found here

Dr Web reveals that most of the infected Macs, some 56%, are located in the United States and around 20% are in Canada. The UK accounts for roughly 13% of infections, and Australia 6%.

Meanwhile, F-Secure warns that upon execution the latest variations of the malware will "prompt the unsuspecting user for the administrator password. Whether or not the user inputs the administrator password, the …

An ongoing attack aimed at users of the Apple Mac platform is being reported by security researchers. AlienVault, which has discovered these weaponised attacks in the wild, warns that regular Mac users without IT security software installed could be at risk of infection and hijacking.

The researchers suspect that the attack stems from the same anti-Tibetan, pro-Chinese, hacking group that has been responsible for attacks targeting Tibetan activist organisations in recent weeks.

According to the lead researcher who made the discovery, Jaime Blasco, the group is "delivering two different Mac trojans" including a new and improved one called MacControl.

The weaponised files themselves are all MS-Office .doc files, and is quite rare in that malicious Office document files are hardly ever used in an attempt to deliver malware payloads to the Mac platform. AlienVault researchers have detailed how the files use a remote code execution vulnerability of MS-Word file handling of malformed records. Blasco warns that an attacker who successfully exploits this vulnerability can take control of the target Mac along with other networked computers.

I'm not sure just how much of a threat this latest in the wild attack actually is though, considering that for a start any Mac user operating without administrative rights is unlikely to be impacted. Nor, for that matter, are those users who have patched their copy of MS Office with the security updates that Microsoft made available way back in 2009. Yes, really, that long …

When you look at the iTunes download charts you will always find an Angry Bird perched towards the top. That's quite simply because this game app has been the undoubted number one commercial and cultural success story of the App Store. The app developers, Rovio, have been accused in the past of cashing in on this success by rehashing the same format with different backgrounds and a new bird or two under the guise of a 'new' game. A new game that will cost you if you want to play, of course. Personally I don't have a problem with this as both Angry Birds Rio and Angry Birds Seasons have been as addicted as ever, and Rovio regularly update them with freely downloadable new levels to play.

But when I heard that yet another new variation was about to be released I have to admit that I felt more than a little disheartened, wondering if Angry Birds Space was going to be an app too far for the franchise. Still, I downloaded the premium 'HD' version for my iPad 2 on the day of release and have been playing it every spare moment since.

Although you do pay a premium for the HD version, $2.99 compared to just $0.99 for the bog standard game, the far from bog standard graphics are worth the extra. It's not as if a couple of bucks more is going to break the bank, is it? But Angry Birds Space …

While the News International phone hacking scandal that saw the demise of the News of the World newspaper cannot have escaped your attention in the US or UK, news from India concerning the latest 'tumble and clone' developments could leave the mobile phone calls of more than just celebrities at risk of hacking.

If you thought it was bad enough that UK newspapers have apparently been hacking into the mobile telephone conversations of celebrities and others 'in the news' in order to gain a competitive advantage when breaking news stories, then wait until you hear the latest reports to come out of India concerning GSM hacking methodologies.

Researchers from an Indian security company called Matrix Shell have demonstrated how it is possible to hack into Indian GMS phones, tumble and clone them, and then make calls using the unique International Mobile Subscriber Identity (INSI) number so as they were charged to the unsuspecting victim's cell account. Furthermore, by using a combination of firmware and customised software, the researchers were able to intercept calls made by the compromised handsets

According to Akib Sayyed from Matrix Shell, many if not most of the Indian mobile network providers use a5/0 instead of a5/1 encryption on GSM which, Sayyed says "is practically no encryption at all." Indeed, such is the weakness of this method that his researchers were able to use open source software to sniff out the data from thin air and listen in …

Thanks. Really not looking forward to tomorrow, but at the same time want to know exactly what I'm facing be it good or bad. Much easier to deal with then.

Microsoft failed to make tablets work with Windows for PEN Computing twenty years ago, so why are some people saying that it is set to dethrone the iPad later this year? Can Windows 8 really prove to be a commercial threat to iOS?

I still have my Compaq Concerto from 1992, which is generally accepted as the first ever mainstream Tablet PC. It ran Windows for PEN Computing Version 1, which was actually just Windows 3.1 with some rather rudimentary pen input add-ons included. Although I have sentimental reasons for hanging on to the world's first real commercial tablet, I will readily admit that it sucked elephants through a straw and the reason why was that damn-awful PEN Windows OS abomination.

So when a press release hit my desk this morning which loudly and proudly promised to explain why Windows 8 is going to be, and I quote "fierce competition" for the iPad, I was all eyes. Especially since I am more used to getting press releases which proclaim how the latest Android-powered device or Android OS iteration knocks the socks off of the Apple tablet.

Ever since the bad start with PEN Windows, Microsoft has never quite managed to cut the mustard as far as the tablet computing market is concerned. So why should Windows 8 be any different? Karl Volkman of SRV Network, Inc. (a Microsoft Gold Certified partner, it should come as no surprise) reckons that Windows …

The only way Wales will not win the GS is if the team has one too many shandies the night before and Andy Powell leads them in a golf cart parade on the M4 in the wrong direction and they miss the kick-off.

I became a grandad for the fourth time today. Gracie is beautiful.

Later thus week I will find out if I am going blind in one eye and how long that process will take, and importantly if it will spread to the other eye. Final tests on Friday, in the meantime my vision is really quite poor indeed. Haemorrhage behind my 'good' eye leaving me with a large distorted area and just my bad 'lazy' eye to rely upon.

Gracie makes up for everything though :)

Your eldest daughter goes into labour with your FOURTH grandchild (and you are not even 50 yet but feel about 75) - woke me up by text message at 5.20am to let me know the contractions had started... <yawn>

Welcome to the DaniWeb experience :)

If you have a problem with a user because of a specific post or PM then you can use the flag bad post/PM facility to bring it to the attention of the admin and moderating teams. The flagging procedure allows you to compose a post explaining why you are reporting it.

If you want to report a user for some other reason, then you are welcome to PM me directly and I will look into your complaint personally...

Really?? How do you get ardav out of mississippi?

Dark glasses, a wig and fake passport...

Following the arrest of 25 suspected members of the Anonymous hacking collective in Europe and South America, the INTERPOL website went offline. Coincidence? I don't think so. After all, Anonymous has already proven it isn't scared, or indeed incapable. of taking down law enforcement sites. Earlier in the month it managed to take the CIA website offline and even managed to listen in to a private conference call between FBI agents and Scotland Yard detectives who were discussing how to deal with Anonymous hacking attacks amongst other things. The fact that the INTERPOL site went down within hours of INTERPOL announcement concerning the arrests, and stayed down most of Tuesday, would seem to suggest that Anonymous were successful in pwning yet another law enforcement site. Indeed, Anonymous member accounts on Twitter soon claimed responsibility for the Distributed Denial of Service (DDoS) attack.

INTERPOL unleashed Operation Unmask , a reference to the V for Vendetta 'Guy Fawkes' mask associated with the Anonymous collective as well as the Occupy movement, across Argentina, Chile, Columbia and Spain in the middle of February. This culminated in the arrest of 25 suspected Anonymous members aged between 17 and 40, the seizure of more than 250 bits of hardware including computers and mobile phones, as well as credit cards and cash from the hackers at 40 different locations within 15 cities in total.

"This operation shows that crime in the virtual world does have real consequences …

So, you are really Debbie Asisdas? :)

I'm a geek.

I'm happy.

Simples :)

Agreed about the sympathy or lack thereof. While downvoted posts are hardly something to get too upset about, at the end of the day it doesn't really matter after all, if it's someone deliberately harassing another member then it is a legitimate concern and one that TPTB should and would be interested in.

Dantin, do you know of anyone you have annoyed or got into a flame war with before the downvoting started? As an admin I cannot find out who downvoted you, as James has said that's something Dani may be able to do but I doubt it would be high on her todo list given the amount of work she's doing re-coding the site at present. I suspect I know who is behind it, however, but have no proof and therefore cannot take any action.

My advice, ignore them and they will (like all petulant children) simply go away.

My name is Davey Winder, and I am a phoneaphobic. At first glance it would appear that I am anything but alone if the results of a recent study into attitudes towards mobile phone usage are to be believed. But first impressions are often misleading and that's the case here, as unlike me it seems that the majority of people do not have a phobia of simply speaking on the phone (or more accurately having my train of thought interrupted by meaningless telephone conversations when an email will usually suffice) but rather the exact opposite. Nomophobia is the fear of losing mobile phone contact, and the survey by SecurEnvoy and OnePoll reveals that an astonishing 66 percent of UK respondents suffer from it. That's up from the first such survey conducted in 2008 when only 53 percent admitted to being nomophobic.

Of the people interviewed, some 41 percent actually have two or more mobile phones in order to ensure such a lack of connectivity never strikes. Women are more likely (70 percent) to be scared of cellphone loss than men (61 percent), while men (47 percent) are more likely to have two phone than women (36 percent). "I’d be inclined to draw the conclusion that, perhaps because more men have two phones, they’re less likely to misplace both and therefore be left phone-less" said Andy Kemshall SecurEnvoy CTO and co founder, adding "there is another study into mobile phone use that found …

The iPad is, as those annoyingly creative TV adverts show us, used for all sorts of things by all sorts of people. However, according to a press release that hit the DaniWeb news desk today, you might be forgiven for thinking that shopping isn't one of them. As usual though, the devil is in the detail.

The press release exclaimed that the Apple iPad was failing to be used by online shoppers and went on to reveal that a nationwide study of consumer habits in the UK had shown that Brits are not embracing tablets for online shopping and claimed that "only 4 percent of Brits are using a tablet for online shopping".

It pays to read on though, as the research wasn't actually showing that people with iPads don't use them to shop, but rather that the majority of people shopping online don’t actually own a tablet. And that's something altogether different.

The survey, commissioned by ecommerce site builder Basekit, is revealing in that it does show that currently the British are not embracing mobile shopping as much as might be expected given the amount of hype surrounding tablet and smartphone usage.

Here's what the research really discovered:

42 percent of Brits still do their online shopping from a Windows-based PC, and 42 percent from a Windows-based laptop. Only 9 percent use an Apple Mac, with laptops twice as popular as desktops in this regard.

4 percent of Brits are using a tablet to shop, …

The Ainslot.L Trojan appears to be much the same as any other at first glance; logging user activity and sending Gmail and Facebook passwords to the bad guys, downloading further malware, taking over your computer and the main payload of being a Banking Trojan stealing account login data. But Ainslot.L has one rather more unusual trick up its sleeve in that it will also scan your system for evidence of other bot-related infections such as Zeus or DarkComet and remove any that it finds. Of course, Ainslot.L isn't doing this in order to cleanse your computer but rather to ensure that it is the only active bot and therefore getting all the gravy in terms of data and system resource access.

PandaLabs , the anti-malware research facility arm of vendor Panda Security, warns that Ainslot.L is distributed via a fake email which claims to be coming from a UK clothing company called CULT and takes the format of a 'you have placed the following order' social engineering scam. The sting being the link which supposedly allows the worried user, who has of course not ordered anything, view the order with a value of UKP 200 which it is claimed has been charged to your credit card. Clicking that link executes a download of Ainslot.L to the victims computer.

The bad guys in this case have done quite a good job of obfuscating their true intentions, with the file name of the executable being the …

The point was to spam this thread, and that spam is now deleted...

CLOSED - I think there have been quite enough obvious explanations added to this sig spam fest of a thread.

The wire.

Literally...

If you use, or operate, a password-free wireless network then legal action being taken in the US by the adult movie industry might just be about to rain on your parade warns one European IT threat mitigation expert.

The lawsuit was filed by Liberty Media Holdings, a producer of adult movie content based in San Diego, and accuses in excess of 50 people in Massachusetts (where the lawsuit has been filed) of downloading and consequently sharing a gay porn movie illegally via BitTorrent. The complaint itself makes a point of claiming that the defendants either have direct responsibility as they downloaded the movie themselves or, importantly, that they contributed to the act of piracy by way of their negligence in not securing the wireless network concerned. In other words, whether they downloaded it themselves or not doesn't matter, they are being held responsible for the controlling, or rather not controlling in this case, access to the Internet which was then used to infringe copyright.

The filing itself claims "Defendants failed to adequately secure their internet access, whether accessible only through their computer when physically connected to an internet router or accessible to many computers by use of a wireless router".

This is being seen as an important test case when it comes to legal liability, as currently there would appear to be no case law which covers such claims for negligence under these circumstances. Worryingly, if the case does go in favour of Liberty (oh the …

The 'you have a problem, give us remote access, pay us a fee to resolve it, and we'll install some malware at the same time' is a very common scam this side of the pond, most often leveraging the reputations of Microsoft or Dell (most likely to hit a victim using either a Dell PC or running Windows) and heavily reported in the tech press over the last 18 months or so - I lose count of the number of words I have written on the subject warning people about the scams, or explaining how they work.

Interestingly, most of these scams use call centre operations set up in India to do the phoning. Looking at the UK caller ID/number you have for the call (0808 189 0481) this links to a company called SugarCRM Consulting which appears to have a connection with Veon Consulting which appears to be based in India- a quick bit of Googling reveals. Not that I'm suggesting that either company is party to any illegal activity, but it might be a good start for any investigation you wish to carry out Dani...

dont get many UK tv in Aus or Can, but, the byline in old
.Net PC_Direct PC_Pro Computer_Life
magazines
The Times on Sunday (2 weeks late)
3 books on my shelves
awards out the wazoo

guru << happygeek

Awww shucks :)

Currently have settled into being Contributing Editor for PC Pro (for past 16 years or so) along with my DaniWeb roles and Contributing Editorships at IT Pro and Cloud Pro as well. Plenty of other stuff in-between, but such is the CV of a jobbing freelance journalist and author I guess.

The Apple iWork office productivity suite for the Mac has been around for ages, and was recently joined by an iOS version. iWork documents have, up until now, been seen as being pretty safe courtesy of the particular implementation of the 128-bit AES encryption Apple used to secure them. I say up until now as it appears that iWork passwords have been pretty comprehensively broken thanks to the latest in a long line of 'password recovery' applications from Russian outfit Elcomsoft.

Of course, truth be told, it has been possible to brute force these iWork document passwords before now but the problem has been one of the resources vs. reward ratio: for the most part it would take too long, or require too much effort, to crack the passwords of random documents on the off chance they contained something of value to the bad guys. That could have all changed now that Elcomsoft has released a version of its Distributed Password Recovery tool that supports the 'recovery' of iWorks passwords on both platforms and across the Numbers, Pages and Keynote applications.

Elcomsoft CTO Andy Malyshev says that as Apple iWork is sold at consumer market price points it is less likely that the average user will have a security policy that enforces a long and complex password, making the distributed attack methodology and its 500 attempts per second barrier worthwhile. What's more he states that they are "likely to re-use their passwords, with little …

Bradley Davies should hang his head in shame, deserved a red - hope gets a ban for that. Not needed at all. Almost cost Wales the match as well....

Very deserved win though, Wales look unstoppable at the moment.

As for the Super Bowl, who wants to watch a bunch of girls in padded shirts flouncing around for a few hours. Seriously, what an overrated and boring game that is. I'd rather watch paint dry... ;) (runs and hides)

I have NO PROBLEM with people responding to old threads as long as:

1. A relevant answer is provided which had not been before
2. The response is not an 'is that job still going' when the OP is 9 years old
3. The response is not a new question hijacking that old thread
4. The response is not just a 'me too' spam in order to get visibility for some links in a signature

PS. I have moved this thread to the Community Feedback forum as it is more appropriate here methinks...

Pah. I'm just glad I work for myself. I'm a really laid back employer :)

I have full sleeves on both arms, a full chest piece, a full back piece that rises up above the shirt/collar line onto the neck. I also have facial piercings - just a few in my ears now, but when I was first carving out a career (as an IT consultant and freelance journalist) I had twenty piercings in one ear, ten in the other, three eyebrow piercings and two nose ones (not to mention the bits you couldn't see). This was at the very start of the 90's and I worked as a consultant for some very large companies such as Microsoft, Royal Mail etc. My appearance did not matter, my ability to solve the problems these companies were looking to deal with did.

Attitudes have changed dramatically since then, and with tattoos etc much more mainstream these days, I think that the kind of employer who thinks it is a problem is the kind of <insert expletive here> you probably don't want to work for anyway...

I should point out that I'm based in the UK so my experiences reflect that.

Erm, no, of course not. If you made the mistake then you should correct it free of charge and not expect your client to pay for your ineptitude.

Welcome aboard squire :)

And how, exactly, would you suggest 'work the most' is measured? Time spent online, number of spammers banned, number of PMs read and replied to, yada yada yada.

Seriously, we've been down this road before with threads suggesting some kind of 'best mod' competition or vote and it always ends up the same way, concluding that it's not something that can be done in any meaningful way.

At the end of the day every single mod is an asset to DaniWeb whether they spend an hour a week here or many hours a day. They all devote as much time as they can, free of charge, to help keep the forums running smoothly.

As far as I am concerned they are all number one...

And while people are at it perhaps they could tell me how long this piece of string is? :)

Yes. But problem fixed now...

You might not have heard about Dirt Jumper yet, but the bad guys have. In fact, the high-risk and highly-effective DDoS toolkit is probably the most aggressive of the malware tools being employed by DDoS attackers at the moment, and the situation is set to get much worse very quickly as versions of Dirt Jumper are now appearing for sale at underground Web marketplaces for as little as $150 a time.

Prolexic Technologies, which specialises in Distributed Denial of Service (DDoS) mitigation services, has today issued an in-depth threat advisory for Dirt Jumper together with a custom-developed scanning tool that can be used to detect Dirt Jumper command and control servers. Neal Quinn, vice president of operations at Prolexic, warns that his company is "seeing this tool used against clients worldwide and it is likely to become more widespread and effective as distribution spreads."

The Prolexic Security Engineering and Response Team (PLXSERT) has certified the toolkit as a high-risk threat following extensive analysis of Dirt Jumper v3. The newest variant, Dirt Jumper September, which comes with an enhanced control panel making it even easier for attackers to use, has been painstakingly analysed and the threat advisory itself includes full details of the payload as well as a detailed breakdown of attack signatures by attack type.

Most interestingly though, PLXSERT has developed a custom tool to scan for suspected HTTP command and control servers utilizing Dirt Jumper strains. Dirt Dozer is being released as a free …

It's the festive season but would you really expect Lady Gaga to give you a free iPad 2? That was the exact message being broadcast from Lady Gaga's Twitter account earlier, promising each and every one of her 17 million followers an iPad 2 and all they had to do was click the link for details.

Of course, there was no iPad. The Lady Gaga Twitter account had been hacked and if you clicked on that link it would take you to a number of different sites via redirects and then dump you at a survey designed to scam you out of valuable personal information. Equally 'of course' as soon as the tweet appeared it was retweeted by thousands of innocent fans keen to spread the apparent good news, meaning the scope of this particular scam is truly epic. Even though the first link in the chain has now been suspended by Bit.ly for being suspicious, the chances are that other links will be out there and still live so don't be sucked into the scam yourself. Even at this time of year, especially at this time of year, there's no such thing as a free iPad.

Lady Gaga was quick to acknowledge the attack and inform her fans "the hacking is over" but the damage has already been done and many will now be wondering if they can trust the Lady Gaga Twitter feed at all.

If that wasn't bad enough, another Free iPad 2 …

You might think that there's not much further for a high-end low budget home entertainment remote control unit to go than the One For All SmartControl that DaniWeb reviewed just over a year ago now. However, One For All does not seem to agree as it has just launched the SmartControl Motion in the UK in time for Xmas, complete with the iPhone inspired gesture controls which provide the difference as well as the 'motion' in the name of the device.

Although the SmartControl Motion we have been playing with did not come with the Sony PS3 adapter that allowed the previously reviewed gizmo to control your PlayStation as well along with the rest of your home entertainment kit, the truth is that the two remote controls are essentially the same. So they both have the same 'smart' learning facility which makes programming the thing for your TV, DVD or Blu-ray player, stereo, set top box and the like a doddle for a start. In fact, the SmartControl Motion was a real delight in this regard, taking the concept even further than before to become a very refined process involving nothing more than pressing a learn button and a single digit for all but the most obscure of electronics brands. Once the remote has been programmed for use with your personal selection of home entertainment kit, it functions the same as before.

This does mean that while the One For All title is pretty …

The sound of spammers dying in my head

Language varies, patterns are spotted in such things as IP grouping, registration details, username etc and that helps us eliminate pools of spambot created accounts.

This particular attack, which we have beaten from the perspective of stopping new registrations but are still fighting with regards to clearing up spam (I estimate there are a couple of hundred accounts yet to post) has lasted over a week now. I would say 7-10 days from start to finish of the main attack phase is pretty average, but the drip effect continues long after.

If you are after help with a coding problem and it is urgent you won't wait, you will go try find the answer elsewhere.

That would be impractical as all moderators are volunteers and already devote a huge amount of their free time to keeping the community running smoothly. Throw in having to actively approve everyone who wants to post here, manually, one by one, would be a step too far when there are 100+ new members joining every day. Perhaps the other sites you mention either have fewer new members to deal with or are moderated by paid staff?