Tag: elegant-bride

Senate advances “online sales tax” by 74-20 vote

Your tax-free days of online shopping are numbered. If S743 , also known as the Marketplace Fairness Act, becomes law, the millions of Americans who have been able to avoid sales tax online will have to start paying it. Given the broad support shown by today’s US Senate vote, some version of it is likely to come to fruition. The bill will compel companies having annual online sales of more than $1 million to collect sales tax on those purchases. Interstate sales have long been exempted from sales tax, but brick-and-mortar businesses have just as long complained about the edge that online businesses have since they avoid collecting taxes. A key opponent of online taxation, retail giant Amazon, recently switched sides after losing some key legal and political battles over taxation. Amazon already collects taxes on sales in nine states , including California, New York, and Texas. Technically this wouldn’t be a new tax, since California residents who make purchases from an online company are responsible for paying those taxes. But there’s never been an efficient way to collect such taxes so it rarely happens. Read 5 remaining paragraphs | Comments

Original post:
Senate advances “online sales tax” by 74-20 vote

How “Kessler’s Flying Circus” cookie-stuffed its way to $5.2M from eBay

Wikimedia Commons Between May 2006 and June 2007, Brian Andrew Dunning made $5.2 million— all of it from eBay. Dunning wasn’t selling Velvet Elvis posters and antique dinner plates through the auction site, however. He earned the money from affiliate commissions, getting paid whenever he directed people to eBay and they made purchases or won auctions. He was so successful at driving this traffic to eBay that his company, Kessler’s Flying Circus, became the number two eBay affiliate in the entire world. His numbers grew so high and so fast that eBay began asking awkward questions almost immediately. How exactly, eBay wanted to know, was Dunning driving all of this traffic to the site? The company was well aware of the wide variety of tricks that affiliates could use to boost their stats, including one called “cookie stuffing.” With cookie stuffing, affiliates would surreptitiously “stuff” their own eBay cookie into user computers. The next time the user visited eBay, the cookie would credit any sales commissions to the affiliate’s account. (Each cookie contained an affiliate ID number; if a computer already had an eBay cookie on it, the most recently created one was used to pay out affiliate commissions.) These commissions weren’t measured in pennies, either. At the time, eBay was offering $25 to affiliates for every single new “active user” and a whopping 50 percent commission on any user’s auction wins so long as they exceeded $100 within a week’s time. eBay worried that Kessler’s Flying Circus had cookie-stuffed its way into the second place affiliate slot. But Dunning told an eBay employee looking into the matter that he was “absolutely confident” that he was operating “in line with the intended spirit of the terms.” Dunning’s partner told eBay separately that any problems were simply “coding errors.” Read 10 remaining paragraphs | Comments

Visit site:
How “Kessler’s Flying Circus” cookie-stuffed its way to $5.2M from eBay

Google to acquire Provo, Utah’s fiber, transform it into Google Fiber

Less than 10 days after announcing that Austin will be Google Fiber’s second city (Kansas City, KS and MO, and surrounding small towns  qualified as Google’s first), the company announced suddenly that Provo, Utah will become the “third Google Fiber City.” Interestingly, Google isn’t laying its own fiber this time, but rather purchasing an existing network. “In order to bring Fiber to Provo, we’ve signed an agreement to purchase iProvo, an existing fiber-optic network owned by the city,” the company wrote in a blog post . “As a part of the acquisition, we would commit to upgrade the network to gigabit technology and finish network construction so that every home along the existing iProvo network would have the opportunity to connect to Google Fiber. Our agreement with Provo isn’t approved yet—it’s pending a vote by the City Council scheduled for next Tuesday, April 23. We intend to begin the network upgrades as soon as the closing conditions are satisfied and the deal is closed.” Read 2 remaining paragraphs | Comments

Follow this link:
Google to acquire Provo, Utah’s fiber, transform it into Google Fiber

ColdFusion hack used to steal hosting provider’s customer data

A vulnerability in the ColdFusion Web server platform, reported by Adobe less than a week ago, has apparently been in the wild for almost a month and has allowed the hacking of at least one company website, exposing customer data. Yesterday, it was revealed that the virtual server hosting company Linode had been the victim of a multi-day breach that allowed hackers to gain access to customer records. The breach was made possible by a vulnerability in Adobe’s ColdFusion server platform that could, according to Adobe, “be exploited to impersonate an authenticated user.” A patch had been issued for the vulnerability on April 9  and was rated as priority “2” and “important.” Those ratings placed it at a step down from the most critical, indicating that there were no known exploits at the time the patch was issued but that data was at risk. Adobe credited “an anonymous security researcher,” with discovering the vulnerability. But according to IRC conversation  including one of the alleged hackers of the site, Linode’s site had been compromised for weeks before its discovery. That revelation leaves open the possibility that other ColdFusion sites have been compromised as hackers sought out targets to use the exploit on. Read 5 remaining paragraphs | Comments

Read the original post:
ColdFusion hack used to steal hosting provider’s customer data

New anti-speech low: buyer sued over negative eBay feedback

Ratings are important on eBay. Lots of buyers use them to assess the quality and reliability of particular sellers, and lots of sellers will go to great lengths to keep perfect or near-perfect ratings. But an Ohio company named Med Express has shown it’s willing to go further than other sellers: it’s willing to litigate. When Med Express got its first piece of negative feedback, it filed a lawsuit , insisting that the feedback be removed from eBay. Amy Nicholls paid $175 for a microscope light, as well as $12 for shipping. She was annoyed when she had to pay an extra $1.44 in postage due and left feedback complaining about that inconvenience. Med Express asked her to remove the feedback and she refused. The company complained that because it offered to refund her the $1.44, she should have taken down the feedback, which had the potential to hurt its business. (In the past six months, Med Express has 142 pieces of positive feedback and only one negative review.) Read 3 remaining paragraphs | Comments

Continue Reading:
New anti-speech low: buyer sued over negative eBay feedback

How an accountant created an entire RPG inside an Excel spreadsheet

A communique from the emperor, above, expresses interest at my formidable skill in killing bunnies and koalas with rocks. Sometimes it’s not always easy (or possible) to install your favorite games on your work computer. Sometimes, some Solitaire or maybe a little collaborative Bomberman is as much as you can get away with when you can’t install anything downloaded from the Internet. And you’d better make sure whatever you’re playing actually looks like work to any nearby screen snoopers around the office. Throughout a few months ending this past February, Cary Walkin created the perfect solution to this problem: an entire RPG made of a spreadsheet and many macros. The game, called  Arena.Xlsm , is a turn-based RPG encompassed entirely in an Excel file. Users can download that and use it to progress through levels, collect items, and battle enemies and bosses with melee and ranged attacks as well as spells. Read 8 remaining paragraphs | Comments

Visit site:
How an accountant created an entire RPG inside an Excel spreadsheet

New security protection, fixes for 39 exploitable bugs coming to Java

A dialog box presented by Java when it encounters an application that isn’t signed by a digital certificate. Java.com Oracle plans to release an update for the widely exploited Java browser plugin. The update fixes 39 critical vulnerabilities and introduces changes designed to make it harder to carry out drive-by attacks on end-user computers. The update scheduled for Tuesday comes as the security of Java is reaching near-crisis levels. Throughout the past year, a series of attacks hosted on popular websites has been used to surreptitiously install malware on unwitting users’ machines. The security flaws have been used to infect employees of Facebook and Apple in targeted attacks intended to penetrate those companies. The vulnerabilities have also been exploited to hijack computers of home and business users. More than once, attackers have exploited one previously undocumented bug within days or weeks of patching a previous “zero-day,” as such vulnerabilities are known, creating a string of attacks on the latest version of the widely used plugin. In all, Java 7 Update 21 will fix at least 42 security bugs, Oracle said in a pre-release announcement . The post went on to say that “39 of those vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.” The advisory didn’t specify or describe the holes that will be patched. Security Exploration, a Poland-based security company that has discovered dozens of “security issues” in Java, has a running list of them here . Read 5 remaining paragraphs | Comments

Follow this link:
New security protection, fixes for 39 exploitable bugs coming to Java

New F-1B rocket engine upgrades Apollo-era design with 1.8M lbs of thrust

NASA has spent a lot of time and money resurrecting the F-1 rocket engine that powered the Saturn V back in the 1960s and 1970s, and Ars recently spent a week at the Marshall Space Flight Center in Huntsville, Alabama, to get the inside scoop on how the effort came to be . But there’s a very practical reason why NASA is putting old rocket parts up on a test stand and firing them off: its latest launch vehicle might be powered by engines that look, sound, and work a whole lot like the legendary F-1. This new launch vehicle, known as the Space Launch System , or SLS, is currently taking shape on NASA drawing boards. However, as is its mandate, NASA won’t be building the rocket itself—it will allow private industry to bid for the rights to build various components. One potential design wrinkle in SLS is that instead of using Space Shuttle-style solid rocket boosters, SLS could instead use liquid-fueled rocket motors, which would make it the United States’ first human-rated rocket in more than 30 years not to use solid-fuel boosters. The contest to suss this out is the Advanced Booster Competition , and one of the companies that has been down-selected as a final competitor is Huntsville-based Dynetics . Dynetics has partnered with Pratt Whitney Rocketdyne (designers of the Saturn V’s F-1 engine, among others) to propose a liquid-fueled booster featuring an engine based heavily on the design of the famous F-1. The booster is tentatively named Pyrios , after one of the fiery horses that pulled the god Apollo’s chariot; the engine is being called the F-1B. Read 34 remaining paragraphs | Comments

More:
New F-1B rocket engine upgrades Apollo-era design with 1.8M lbs of thrust

BlackBerry wants SEC to investigate “false reports” of Z10 returns

Yesterday, brokerage firm Detwiler Fenton claimed that more people were returning BlackBerry Z10s than had bought them at retail in the first place. Today, BlackBerry responded , saying not only that the Detwiler report was incorrect, but that it was going to ask the Securities and Exchange Commission in the US and the Ontario Securities Commission in Canada to review the report. Of the reports, BlackBerry CEO Thorsten Heins said, “Return rate statistics show that we are at or below our forecasts and right in line with the industry. To suggest otherwise is either a gross misreading of the data or a willful manipulation. Such a conclusion is absolutely without basis and BlackBerry will not leave it unchallenged.” The smartphone company also noted that Detwiler refused to make its report or methodology available. How more phones could be returned than were sold isn’t clear. Detwiler Fenton is the same firm that predicted that Microsoft would sell 2-3 million Surface Pro units in the fourth quarter of 2012, despite the fact that Microsoft explicitly said the device wouldn’t ship until three months after the Surface RT’s October launch. Read 2 remaining paragraphs | Comments

More here:
BlackBerry wants SEC to investigate “false reports” of Z10 returns

A beginner’s guide to building botnets—with little assembly required

Original photo by Michael Kappel / Remixed by Aurich Lawson Have a plan to steal millions from banks and their customers but can’t write a line of code? Want to get rich quick off advertising click fraud but “quick” doesn’t include time to learn how to do it? No problem. Everything you need to start a life of cybercrime is just a few clicks (and many more dollars) away. Building successful malware is an expensive business. It involves putting together teams of developers, coordinating an army of fraudsters to convert ill-gotten gains to hard currency without pointing a digital arrow right back to you. So the biggest names in financial botnets—Zeus, Carberp, Citadel, and SpyEye, to name a few—have all at one point or another decided to shift gears from fraud rings to crimeware vendors, selling their wares to whoever can afford them. In the process, these big botnet platforms have created a whole ecosystem of software and services in an underground market catering to criminals without the skills to build it themselves. As a result, the tools and techniques used by last years’ big professional bank fraud operations, such as the ” Operation High Roller ” botnet that netted over $70 million last summer, are available off-the-shelf on the Internet. They even come with full technical support to help you get up and running. Read 63 remaining paragraphs | Comments

Read this article:
A beginner’s guide to building botnets—with little assembly required