Posts by Tom Sparrow

Re: No privacy for the public

I think the original way round is correct - for example it would allow you to provoke someone in what they think is a group message but is actually private. When they reply with abuse to you, it looks like to the rest of the group as if it's come out of the blue.

Or possibly, ask them to share information with the group that they shouldn't so they get the blame instead of you.

All of these require you to be a member of the group in the first place though, as far as I can see. If you invite the FBI into your group chat, you've really only got yourself to blame.

Re: It's actually used a lot

@Sitaram In business, how many users actually choose their mail client though? Not many I'd bet, whether they like it or not.

I don't really care for the Notes client any more, it's got it's advantages but they're nowhere near enough to outweigh the problems. On the server/admin side though, I'd take it over exchange any day, even with it's flaws.

Not sure where you get that headers thing - I get a full sized window with everything in quite happily.

As for the sort by subject line, I couldn't say when it arrived, but if it really was that late then any half decent dev/admin team could have added it in - it's about 30 seconds work to make the change, and maybe a couple of minutes to apply it to the entire organisation, for a small/medium site anyway.

I tend to use iNotes webmail these days, but used the Domino back end with Thunderbird quite happily for a while, and have users that do so now without any problems. It's got a full IMAP server buried in there as well.

I wonder if Ubuntu touch will *ever* be ready for practical use.

The post is required, and must contain letters.

Re: "The actual, long URLs are thus effectively public"

@Lusty - but I think the point is with a predictable sequence of short urls on a known domain, the brute force enumeration is a realistic option. Enumerating all possible URLs on even one domain is not practical, let alone the whole internet.

ISP Email

@massivelySerial - Virgin outsourced their webmail to google a long time ago. It's branded, but it's still gmail. I think I remember BT went to Yahoo for theirs, though that could just be my imagination.

Re: dont overdo it

Didn't the sisterhood say they had been called to Galifrey or did I imagine that? I guess it found them (presumably some point in the 4.5.billion years the Dr had been away)

Re: Ask the person on the Clapham omnibus?

Re Anon Coward: I don't think you're pronouncing Skype the way the rest of us are, or is that me (& everyone I know)?

Re: Excuse my ignorance please

My issue with AWS (which we do use for certain tasks) is it's so hard to see what you're actually going to be paying. CPU cycles, IO cycles, bandwidth in & out & between AWS instances, storage etc etc etc. It's never ending.

I don't want to care how many IO requests my web server makes a day, I just want a server with enough disk space. I don't mind paying for bandwidth separately, but make it simple.

Re: Zzzzzzzzzt!

Would that not have been EBCDIC Art, or was that earlier still?

Re: change the web address??

The way I read the info (on the original report directly), it's not that it was possible to read another users list of items, you have to know the user ID and item (certificate) ID. The items were sequentially numbered, but you had to know which user has which ID to find it.

It's still wrong, but not quite as simple as looking up another users entire item list - there's at least 2x10^13 possible combinations judging by the numbers on his report, and only 1/4,000,000 will produce a result.

I assume he tested by setting up a second account (or just logging out), so didn't access any records he shouldn't have access to. He'd also knew the account ID & record ID he was looking for, so wouldn't trip any alarms scanning through a million incorrect combinations first.

Re: Photobox too

I haven't looking into photobox app, or whether there is a similar API problem there, so I can't really comment. You can close your photobox account without having to contact customer services though, so the platform is obviously not completely identical.

I simply closed that account because the company is clearly insufficiently motivated to protect my privacy,

Re: They're FibreCity

CityFibre own the infrastructure in Bournemouth, but don't offer end user packages directly - that's what Gigler do. (Gigler could be a subsidiary/brand name, not looked into that)

And it's far too small an amount of coverage if you ask me, or at least in the wrong area. And yes, by wrong area, I mean not my house, and yes it's just sour grapes. It's painful to be so close and yet so far from a Gb connection.

not quite

SMTP is how you send outgoing emails, but it's also how the mail servers transfer emails between themselves. You may need log into your mail server to send mails, but only when sending to domains not hosted on that server (i.e. when relaying).

If it's the host server for the domain, there's no need to log in before it will accept your email.

Re: My project...

See here http://www.saveonheatingbills.co.uk/ for details.

Pretty much what I thought - it's Philips ambilight on a pair of glasses.

I'd have to agree with Ken

My IP address is definitely personal data - it's a static address, and if you run a reverse DNS lookup it resolves to my name. Perhaps in hindsight not the smartest choice for a username, but I've had it for years and a static address is hard to come by in the consumer space these days so I'm not about to give it up.

I'd click the anonymous button, but there doesn't seem much point really.

Linux

WebOS is linux.

Unless they've changed it since my Pixi, proper linux too - terminal access via USB cable with novacom or directly with a small app install.

I don't think it would be too hard, by phone/tablet standards (though way above most people) to install your own distro on there. Be nice to to see it running meego...

Have a look on ebay

There's loads of random chinese tablets running on intel processors. I think they'd be pretty good for the price (if they turn up).

Been thinking about buying one for a while to try with Unity, and/or other linuxes.

@AC

Sorry, but he's talking sense. Yes reducing accidents may be a nobler aim, but the police are there to catch criminals. If you break the speed limit then you are a criminal.

Yes the speed limit is a fairly arbitrary value, but it's not an injust law (or morally suspect) so you have to stick to it. If you don't like it, campaign against it. If you break the law, live with the consequences.

If it's a choice between giving fines to people who break the law and upping the tax in any other way, I know which I'd opt for.