Security WHAT? 75,000250,000 Hackable ATM's- and the manuals are ONLINE!

"if we were all meant to get along, there would be no people who wait until all the groceries are rung up before starting to look for their damn debit card." -- Dexter Dotnetsky

I just had to laugh at how incredibly stupid people can be after reading this Wired story about how some schmuck got the "Administrator" Keypad password (which you can get right out of the PDF manual, which you can search for, find, and download online -- and that's not the only ATM model you can do this with).

The password basically allows you to reconfigure the machine to think it is holding $5 bills instead of twenties and dispense four times the amount of money you ask for. Use an untraceable prepaid debit card to get the cash, and you got some fun times. Nine days went by until some Good Samaritan customer informed the store owner that she had gotten more money out of the ATM than she asked for. The crook had never reset the Admin password back to "normal".

The lesson here is similar to the one we learn (hopefully) about outwitting terrorists, only it's not as dangerous. It's not enough for the manual to say it's "highly recommended" to change the Administrator 4 - digit passcode -- most owners never bother to do it.

With 75,000 of these boxes out there (and that's just this one brand of ATM) that company better be scrambling big time to get out their "Fix". There are gonna be BIG TIME lawsuits on this one!

Erm, maybe it's time for an in depth security review by a highly qualified OUTSIDE consultant? Naww, that could never happen to us! Better think again corptard!

UPDATE 9/22/2006: Whoa! It's getting worse! Now they've identified a Quarter of A Million of these susceptible boxes from at least three manufacturers. Can people be reallyreallydumb? Erm, I guess so....

I leave you with this gem along these very lines:

"Boy, those Paypal people must need to get some new databases. They've been sending me like 5 emails every week asking me to update my account information!" -- anonymous



Here's the deal: Pope (who ostensibly represents tolerance, love for humankind, etc. around the world) says something that one particular group (Muslims) can misinterpret to be slanderous to Islam. Actually, he was quoting someone else, trying to explain the Vatican's policy that there is no room for violence in religion, but the Muslim fanatics went nuts. Why? Because of the way the MEDIA reported it.

Fanatic Islamic groups around the world respond by protesting and burning Christian Churches. Yo, man!-- It's a self-fulfilling prophecy! Even if the Pope did not -- in any way -- intend for his utterances to be interpreted to say that Islam is bad, Islamist extremists will dutifully react and start burning Christian symbols, knowing full well that the media will report it, thereby proving to all the world that Islam is indeed "bad" - when in actual fact, Islam is a peaceful religion that does not preach violence at all.

Who is responsible for this? THE MEDIA. Because of the slanted, one-sided, myopic way that they report anything sensational, because it sells advertising and it increases ratings. The media does not care -- it is a whore, addicted to the crack of the ratings race.

Make no mistake -- it is THE MEDIA that is SATAN! The media is responsible for the war in Iraq, President Bush, Hillary Clinton, Webtards, Blogtards, high oil prices, e-Coli in your spinach, and everything else!

The MEDIA is like the biblical Jacob - a con-man, a manipulator, a deceiver... and we just suck it up like a Slurpee out of a straw, without even thinking!

Jeesh! I feel so much better, now that I've got all this figured out!


ATLAS vs AJAX - who won? Internet Ad Webtards, and e Coli

Well the good news is out: Microsoft invented Remote Scripting (not a very sexy term, to be sure) and Jesse James Garrett coined AJAX, which has now further been modified to "AB" - see my post here where I make the case that we don't need an acronym at all, based on my interpretation of the new "rules".

They have decided to drop the "ATLAS" moniker and replace it with more "product-y" sounding names, which include the ever - popular but now defunct (according to the guru himself) "AJAX" name:

1) The client-side Atlas javascript library is going to be called the Microsoft AJAX Library. This will work with any browser, and also support any backend web server.

2) The server-side Atlas functionality that nicely integrates with ASP.NET will be called the ASP.NET 2.0 AJAX Extensions. As part of this change the tag prefix for the Atlas controls will change from <atlas:>to <asp:>(Jeesh! I thought they would change it to <ajax:>!) These controls will also be built-in to ASP.NET vNext. ("vNext" ? Does that make what we have now "vLast", or "vCurrent"?)

3) The Atlas Control Toolkit currently is a set of free, shared source controls and components that help you get the most value from the ASP.NET AJAX Extensions. From this point on, the name of the project will change to be the ASP.NET AJAX Control Toolkit.

Good Golly, Mr. Clean!! Really, I think it will be good. I'll just call it "MAL".

Microsoft, who invented Remote Scripting back in 1998 (that's last century, folks) , but didn't have enough marketing savvy to commercialize it properly until browser vendors "got with the program" and implemented XMLHTTP in the browser following their lead, and marketers like Garrett saw an opportunity to pitch books and seminars to hordes of webtard young developers by giving it a new buzzword acronymn name (that he had to change later by admitting the original "spec" was flawed), has now come full - circle by giving their own inventions names that have already become - passé!

I guess the bottom line is, you can call it whatever you want, you can put lipstick and mascara on it until your face turns blue from marketing hype. I'm interested in functionality, programmatic excellence, and ease of use. ATLAS was just fine. Go ahead, confuse us some more with new names! We can take it!

Internet AdverSting Department: Salon.com

That's right, it's not a spelling error. I call this "AdverSting".

Internet advertising is a fact of life. But, there is a balance between effective good taste and blatant "inyourfaceitis". Recently I visited Salon.com to read an article that had a notable quote from Dijkstra:

"It is practically impossible to teach good programming to students that have had a prior exposure to BASIC: as potential programmers they are mentally mutilated beyond hope of regeneration. "

You must (meaning, there is no other choice) click on an ad in order to start reading the article. That's correct. You cannot read the article unless you click on the ad! This brings up an interstitial ad. It didn't even have the courtesy link "skip this ad". You have to click through various screens promoting some nameless hotel chain. Needless to say, I not only did not read the article, I will NEVER visit salon.com again. Up your capitalist ass, webtards! There IS NO advertising revenue when nobody will visit your site because of its aggressive "in your face whether you like it or not" advertising campaign!

e Coli anyone?

Developer1: Hey, man - they just took McDweeb out in an ambulance!
Developer2: Wow, man! Lemme check out his PC - I think it has a bigger hard drive than mine!


Windows Vista RC1 - Upgrade from Windows XP x64? -- NOT!

"We were guessing about Iraq. We are not guessing about Iran. If they get nuclear weapons they will foster terror on a scale that cannot be imagined." -- Benjamin Netanyahu

Well, they put out RC1 today and I think I have been getting wiser in my young age with BETAs and stuff -- I've been smart enough to hold off on the various Vista Betas. Not a bad decision after reading some of the horror story blog entries.

But you know, "RC1" is by definition so substantially a final release that I decided to down it and install on my second hard drive - the one that currently runs Windows XP x64 - and which I hardly use anyway.

So I burned the DVD, booted up into the XP OS, and inserted the DVD and let it come up. Guess what? The Upgrade section is greyed out!

I'm like, "Wait a minute! This is a Release Candidate!"

Bottom line, this is what people are going to get when they buy this and you can't even upgrade over a valid Windows XP x64 edition?

Well then, Vista can wait. I don't know what the technical explanation or rationale for this is, but it's pretty poor in my book! Guys, 64-bit has come of age. If you want feedback from developers and BETA testers on your last push to bring out the product, then give them the tools to upgrade over an existing 64-bit OS, for Christ's sake!

Maybe I'll put it on my notebook which runs XP 32 bit. And then, maybe I'll just make a new partition and put it on that - although I'm not thrilled at having to install second copies of all my "stuff" just to try out this sucker...

N.B. -- I did make a new partition on my x64 Turion notebook, and installed Vista RC1 x64 on it. It seemed to run very nicely, but it didn't recognize my sound card at all. And this is a plain- vanilly Gateway that is extremely popular, they sell out of Best Buy like hotcakes off a grill. Microsoft, you guys need to spend more time on the 64-bit stuff - the drivers, being able to upgrade over an existing Windows XP installation, and more. I don't care if it takes you an extra six months. Get it right -- I can wait!