NB: what is it about small and local news sites, usually TV stations, but also newspapers and such, which cannot * CLEARLY * indicate where in the world they are?
"Ocean Beach" is a pleasantly anonymous place name (I can think of several neighborhoods matching this, the U.S. Gazetteer of Places identifies it as Ocean Beach, NY), affording very little by way of actual location.
In an age before widespread Internet use, I experienced similar frustrations while listening to clear channel AM radio broadcasts in the back country. It wasn't uncommon to pull in strong signals from hundreds to a thousand miles away. And while there's something delightfully surreal in listening to the mundania of local traffic and news reports, if you happen to be in a wilderness location trying to find a reliable weather forecast, "area conditions" doesn't do much for you.
I've noticed the same thing, and I can't figure out why they do it. You can usually get hints about where they are by the advertisers they have, or in the case of TV or radio stations, by looking up their call letters on wikipedia: http://en.wikipedia.org/wiki/KGTV
FYI, Ocean Beach in this case isn't even a town, it's a neighborhood in San Diego, CA. Ocean Beach, NY is a beach town with very, very few permanent residents because it's only accessible by ferry or bicycle.
A local news outlet in the town of Springfield doesn't typically need to place the town name in absolute terms. The locals know what they mean. Springfield is the place (right here) that they all know and love.
The onus falls on national/international news outlets to make those clarifications when necessary.
Also, for accurate weather, you should tune your radio accordingly:
Completely agree. "Where are you?" is basic information when location is at all relevant, and site designers frequently make the false assumption that every visitor is a local who knows exactly what you meant.
And it's not just news sites -- I once made a service reservation at a Toyota dealership in another state because it had the same name as the one I wanted and no indication of where it was in any global assets (it was buried on a "directions" page).
I don't mind a local news channel using local references in headlines, but it would have been nice for the submission title to be modified accordingly.
I can see an argument for intentionally leaving that info off. They are a local site and don't really care about one off traffic like mine or yours, we won't be coming back anyway. And specifying that info may make the site feel less local to the actual repeat audience.
Years ago (jesus, has it been 15 years?), I was in computer class on the old Macintoshes they had with Mavis Beacon Typing Tutor. We were supposed to type out the sentences we read to increase our typing speed, and learn the home row. I hated home row, and insisted that hunt-and-peck was more comfortable for me. But the teacher was adamant I use home row only, which was annoying. I was also not very fast at either form of typing.
I discovered by accident that if I hit the spacebar for each letter in each word, the program interpreted it as a successful spelling. All I had to do was keep typing the spacebar to complete the words. So i'd put my fingers on the home row, moving my fingers up and down, and pressing the spacebar with my thumb. I got 120 words per minute.
I remember discovering a similar (maybe the same) bug in my typing classes. I was a fairly good typist, so I would finish the assignment as quickly as I could and then play games on the computer. The teacher wasn't very happy with this and wanted me to continue typing. So, in frustration and boredom, I just typed a bunch of spaces and was quite surprised when it accepted it as correct. I told a few of my friends about this and it quickly spread. The teacher became suspicious of the scores, and I got blamed for discovering the flaw. The teacher then decided she had to watch me complete every one of the typing excercises to make sure I wasn't cheating. Luckily for me, after a few weeks of that she let me go back to completing the assignments quickly and playing games. I still wish my school would have had a more knowledgeable computer teacher to push me to do programming excercises or something more productive than wasting that time playing games.
Haha that's stupid. Did the program not bother checking to see what the keycodes were? Did it have just a function OnKeyPress that incremented the counter?
Laziness! Why do I bother writing decent software when there's so much junk floating around that people BUY?
In high school we had a similar class that required us to use Mavis Beacon (or some similar typing application) and report our words per minute. I thought this a waste of time and annoying, so I wrote a program to simulate the keystrokes and type for me. I think the teacher knew something was amiss though when it showed that I was typing at over 5000 words per minute.
So I told this story to my wife, because at first I was a little envious (wishing my boy did this)...then her being the devil's advocate made me realize something...if a 5-year-old can bypass Xbox's verification by pressing space keys and enter then it says volumes about Xbox's verification checks.
Who was sleeping at the wheel when Xbox didn't add empty strings to password verification checks?
As I read the article I kept expecting the part where he was suspended from school for the rest of the semester for breaking the school's zero tolerance policy on "cyber attacks" or something.
It's really refreshing to see a family embrace their son's inventiveness and tenacity rather than reprimand the kid for breaking past the parental controls
It may have just been a way to get into local accounts, which I wouldn't consider "major". Also four games, one year of live, and $50 is more than $120.
I was thinking the same. If you value a video game at $50, it comes closer to $300 but that still seems paltry for a vulnerability that seems to give full access (from the console at least) to a user's account.
It was noted as a backdoor. Presumably that means it was purposefully programmed in for testing (and possibly even production), and made its way into the delivered software. So the under-the-hood speculation being a simple if statement allowing for all-space passwords to grant access.
Not sure, but I had a similar bug once due to a trim() combined with an out-of-order string length check. But that would imply that Xbox Live does not allow passwords with spaces or something.
what level of crime is this? Does this count as computer trespass in NY? If so, that's a class E felony.
§ 156.10 Computer trespass.
A person is guilty of computer trespass when he or she knowingly uses,
causes to be used, or accesses a computer, computer service, or computer
network without authorization and:
1. he or she does so with an intent to commit or attempt to commit or
further the commission of any felony; or
2. he or she thereby knowingly gains access to computer material.
Computer trespass is a class E felony.
Oh sure. When he bypasses child locks he gets rewarded by his parents and Microsoft. When I bypassed child locks and parental controls when I was younger, I got in trouble and my computer taken away. :D
This is indicative of disorganized program structure. Form validation shouldn't be unique to separate forms; they should all be piped through the same place, where validation is done.
When I was 5 years old all I could do was sort Duplo blocks by color, and I don't even have a memory of it :(. I get sort of jealous if I see how smart small kids can be.
I don't think its that surprising, kids have all the time in the world. When I was a kid I worked on cracking the Fridge lock.. Perhaps my time was poorly spent.
Maybe I'm just cynical, but given that the father is a security researcher, does anyone else think that he himself found the vulnerability but concocted the story to get some free press?
[+] [-] dredmorbius|12 years ago|reply
"Ocean Beach" is a pleasantly anonymous place name (I can think of several neighborhoods matching this, the U.S. Gazetteer of Places identifies it as Ocean Beach, NY), affording very little by way of actual location.
In an age before widespread Internet use, I experienced similar frustrations while listening to clear channel AM radio broadcasts in the back country. It wasn't uncommon to pull in strong signals from hundreds to a thousand miles away. And while there's something delightfully surreal in listening to the mundania of local traffic and news reports, if you happen to be in a wilderness location trying to find a reliable weather forecast, "area conditions" doesn't do much for you.
[+] [-] fps|12 years ago|reply
FYI, Ocean Beach in this case isn't even a town, it's a neighborhood in San Diego, CA. Ocean Beach, NY is a beach town with very, very few permanent residents because it's only accessible by ferry or bicycle.
[+] [-] ef47d35620c1|12 years ago|reply
The onus falls on national/international news outlets to make those clarifications when necessary.
Also, for accurate weather, you should tune your radio accordingly:
[+] [-] atacrawl|12 years ago|reply
And it's not just news sites -- I once made a service reservation at a Toyota dealership in another state because it had the same name as the one I wanted and no indication of where it was in any global assets (it was buried on a "directions" page).
[+] [-] eddieroger|12 years ago|reply
[+] [-] anarchy8|12 years ago|reply
[+] [-] furyofantares|12 years ago|reply
[+] [-] chanced|12 years ago|reply
Not to be "that guy" or anything but I suspect it is pretty normal for a child to hold down a button.
First, what kind of lousy lock wouldn't safeguard against, what was likely either the only or one of a few buttons, being held down?
Second, sounds like proud father has made at least a few false connections. He is a geeky equivalent of a creationist museum tourist.
[+] [-] 0xbadcafebee|12 years ago|reply
Years ago (jesus, has it been 15 years?), I was in computer class on the old Macintoshes they had with Mavis Beacon Typing Tutor. We were supposed to type out the sentences we read to increase our typing speed, and learn the home row. I hated home row, and insisted that hunt-and-peck was more comfortable for me. But the teacher was adamant I use home row only, which was annoying. I was also not very fast at either form of typing.
I discovered by accident that if I hit the spacebar for each letter in each word, the program interpreted it as a successful spelling. All I had to do was keep typing the spacebar to complete the words. So i'd put my fingers on the home row, moving my fingers up and down, and pressing the spacebar with my thumb. I got 120 words per minute.
[+] [-] davidb_|12 years ago|reply
[+] [-] 72deluxe|12 years ago|reply
Laziness! Why do I bother writing decent software when there's so much junk floating around that people BUY?
[+] [-] kilink|12 years ago|reply
[+] [-] quackerhacker|12 years ago|reply
Who was sleeping at the wheel when Xbox didn't add empty strings to password verification checks?
[+] [-] kmfrk|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] quux|12 years ago|reply
[+] [-] yincrash|12 years ago|reply
[+] [-] theandrewbailey|12 years ago|reply
[+] [-] samelawrence|12 years ago|reply
[+] [-] watty|12 years ago|reply
[+] [-] wil421|12 years ago|reply
[+] [-] zacharytamas|12 years ago|reply
[+] [-] ilbe|12 years ago|reply
[+] [-] binarymax|12 years ago|reply
[+] [-] rgo|12 years ago|reply
[+] [-] zemo|12 years ago|reply
[+] [-] dkrich|12 years ago|reply
[+] [-] lawnchair_larry|12 years ago|reply
[+] [-] vectorpush|12 years ago|reply
[+] [-] crystalmace|12 years ago|reply
[+] [-] elwell|12 years ago|reply
[+] [-] Aardwolf|12 years ago|reply
[+] [-] SwiftCeipt|12 years ago|reply
[+] [-] Evolved|12 years ago|reply
[+] [-] S4M|12 years ago|reply
[+] [-] raptorious|12 years ago|reply
[+] [-] snorkel|12 years ago|reply
> At age 1, Kristoffer got past the toddler lock screen on a cell phone by holding down the home key.
... uh ... pretty sure because that's because he watched his father doing in order to use the phone.
[+] [-] elwell|12 years ago|reply
[+] [-] 67726e|12 years ago|reply
[+] [-] FLUX-YOU|12 years ago|reply
As an aside, this gave me an idea: Grey hat SEO/reputation consulting for your kids' reputations.
[+] [-] Gracana|12 years ago|reply
[+] [-] pervycreeper|12 years ago|reply
[+] [-] wzy|12 years ago|reply