I was writing an application for creating a manifest for JavaScript. I was unable to do it using DOM; instead I wrote my own application for parsing JavaScript files. It is little tough to peek into JavaScript objects, initial I could only get the members and fields using for-in. but that was not enough, what if someone stored a file locally and I have to write code to execute it, I would be able to get only the members, just executing members without passing the required input parameter if any will not work. The code below will parse the file and give me the options as to what input is required and if something is returned what it could possibly be returning except primitive types. Knowing these things in advance makes it easier to execute the code. Well it worked for me; let’s see how it works for you. I know many people are looking for something like this.
The real danger is the gradual erosion of individual liberties through the automation, integration, and interconnection of many small, separate record-keeping systems, each of which alone may seem innocuous, even benevolent, and wholly justifiable. -----U.S. Privacy Protection Study Commission, 1977
The Privacy Rights Clearinghouse (PRC) is a nonprofit consumer organization with a two-part mission -- consumer information and consumer advocacy. It was established in 1992 and is based in San Diego, California. It is primarily grant-supported and serves individuals nationwide.
The PRC's goals are to: * Raise consumers' awareness of how technology affects personal privacy. * Empower consumers to take action to control their own personal information by providing practical tips on privacy protection. * Respond to specific privacy-related complaints from consumers, intercede on their behalf, and, when appropriate, refer them to the proper organizations for further assistance. * Document the nature of consumers' complaints and questions about privacy in reports, testimony, and speeches and make them available to policy makers, industry representatives, consumer advocates, and the media.Advocate for consumers' privacy rights in local, state, and federal public policy proceedings, including legislative testimony, regulatory agency hearings, task forces, and study commissions as well as conferences and workshops.
Google Code for Educators - Introduction to Web Security
Topic: Technology
10:47 am EDT, Jul 30, 2007
Nice to see a corporation reaching out to academia in this fashion. I'm sure part charity, part if you want something done right (in this case developer education), do it yourself.
Sounds MAD! Mutual assured destruction (MAD) is a doctrine of military strategy in which a full-scale use of nuclear weapons by one of two opposing sides would effectively result in the destruction of both the attacker and the defender.
Software patent does not have a universally accepted definition. One definition suggested by the Foundation for a Free Information Infrastructure is that a software patent is a "patent on any performance of a computer realized by means of a computer program".
There is intense debate over the extent to which software patents should be granted, if at all. Criticisms of software patents include:
* Whether software is patentable; and * Whether the inventive step and non-obviousness requirement is too easily satisified for software.
For example, an attacker could determine that a specific website visitor “Bob” has called an embarrassing number such as an escort service. An attacker can also trick or force Bob into dialing any other telephone number without his consent such a 900-number owned by the attacker or an international number. Finally, an attacker can lock Bob’s phone forcing Bob to either make the call or hard-reset his phone resulting in possible data loss.
Told you it would mention an escort service.
Should of said: For example, an attacker could determine that a specific website visitor “Dick” has called an embarrassing number such as an escort service.
Solving the Web security challenge | CNET News.com
Topic: Technology
1:00 pm EDT, Jun 28, 2007
"We have information on security practices out there. The disconnect is that we don't have an intermediary that says how these things apply to you as you build Web 2.0 or other applications," Hoffman said. "Will a nonprofit or some other group arise that tries to publish standards? Probably. We definitely need a central clearing house of good information, because there is a lot of bad information out there."
Are there any articles on Web 2.0 security out there that are not made up of Billy Hoffman quotes? I hope not..
acidus@hatter:~$ cat purchase.txt
SPI will be purchased by HP in June or July
acidus@hatter:~$ md5
md5 md5sum md5sum.textutils
acidus@hatter:~$ md5sum purchase.txt
98a358d372c87da29509a44cc3ec387f purchase.txt
acidus@hatter:~$
RE: Boing Boing: Google Maps is spying on my cat, says freaked out BB reader
Topic: Technology
10:05 am EDT, May 31, 2007
Decius wrote: Yes, if you walk out of a strip club and your girlfriend is driving by, its not like she was doing anything wrong. She didn't violate your privacy.
Are the chances of being caught by the Google Van more likely than being caught by someone you know personally? Being caught in the act of something shady and anyone being able to Google it is more permanent, but I think people should be more concerned with the Kevin Bacon effect than Google Street View for now. By the way, I’m pretty sure the guy Decius made an example out of doesn’t have a girlfriend, so he should be in the clear. Maybe we should be more worried about insecure private cameras.
Decius wrote: You've no 4th amendment right to privacy in regard to the phone numbers you've dialed, because the phone company presumptively knows them, and you have to presume that they might tell the police. However, generally you wouldn't.
Your point about phones goes for security cameras as well. As we become increasingly more watched, and with the government able to subpoena video footage taken from a "private" security cameras, we’re getting closer to enabling totalitarian surveillance but at the same time enabling justice to better be served.
This service will really help people that need landmarks to follow directions and navigate today's urban jungle. In my opinion the benefits of street view navigation out weigh the privacy concerns.
Microsoft UK's national technology officer, Jerry Fishenden, has called for a single professional body with powers to strike off IT professionals in the same way the General Medical Council (GMC) can discipline doctors.
Both public and private sector organizations experience a high failure rate for IT projects. Fishenden said a professional body with powers of imposing sanctions for failure or incompetence, such as the GMC being able to strike off doctors, could improve the standing of the IT profession.
He said: "If you look at what you regard as the traditional professions--doctors, teachers, lawyers--their professional bodies can fire people, can investigate complaints, can impose penalties, and the ultimate sanction is to remove them from the profession, so you can't practice any more. It would be good, if we want to be respected as a profession, for there to be some method of ensuring the industry as a whole maintains professional standards, otherwise it just seems to be hollow words."
The UK body that charters IT professionals is the British Computer Society (BCS), which currently has no powers of censure equivalent to the GMC's. Fishenden said giving bodies such as the BCS more power would be "sensible."
He said: "There are bodies like the BCS, which charters IT professionals, and other standards. It would be sensible to build on these rather than start again; otherwise it will take even longer to get something into place."
David Clarke, chief executive of the BCS, agreed with Fishenden that in principle there should be a body which could strike off incompetent IT practitioners but said, in practice, it would be difficult to achieve.
Although the BCS can revoke the Chartered IT Professional (CITP) qualification, this makes little difference to employers, who prefer more specific IT qualifications, such as database management, said Clarke.
He added: "If we chuck someone out and revoke their CITP it makes little difference to their getting a job, because employers mostly go for people whose certification is job specific, say, in Oracle databases. The battle we have is to get employers convinced that they must look for general qualifications of professional competency."
There is little appetite in government for an Act of Parliament to license IT professionals in the way doctors are licensed, as there would currently not be enough CITPs to satisfy demand, Clarke added. The usual driver for an Act of Parliament to license professionals is a disaster--such as people dying, in the case of doctors' malpractice. Although IT projects can be financial disasters, people rarely die as a direct result, said Clarke.
The relative youth of the IT industry compared with other professions would make it hard to set up a professional body with "clout" similar to the GMC, Fishenden added.
He said: "It's quite a hard challenge for what's a pretty junior industry really. We're still learn... [ Read More (0.1k in body) ]
