Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
Suppose an actor A has the site of an actor B in iFrames. There is no difference in the sites except the url. Urls are totally different. Should the actor A ask a permission of the actor B for using B's site? Is there any law that forbid placing other site on a site in iFrames?
Not a programming question, but at least let me help you with a link to a site. The owner of plagiarismtoday.com have had some of your concerns and, although not a lawyer, have collected quite a bit of information.
http://www.plagiarismtoday.com/2009/04/07/is-the-diggbar-content-theft/
Read The Law on Framing and follow the link to the case of Washington Post v. TotalNews
You should also check your country and local state laws, there is no such thing as a standard legal solution because it changes from one place to the other and many countries do not have laws on what you are asking. However, let me tell you, the web seems to be dominated by two frame of mind, or law philosophy:
lex mercatoria: these folks tend to think the web is commerce and commerce laws should apply, which are mostly derived by mores and civil laws
lex retis: these folks say the web is anarchy, no law should govern it
PS: I am a lawyer. Even if this is a bit complicated, I hope you can get an idea.
As far as I can tell, it only becomes a legal problem if the iframe is used to perpetrate fraud, deceptive marketing, or somesuch. Short of that, it's merely annoying. You can always use framebusters/framekillers if it bothers you enough.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 1 year ago.
Improve this question
I have to write the "assumptions" part of a pentest report and I am having trouble understanding what I should write. I checked multiple pentest reports (from https://github.com/juliocesarfort/public-pentesting-reports) but none of them had this paragraph. Also I found this explanation "In case there are some assumptions that the pen-tester considers before or during the test, the assumptions need to be clearly shown in the report. Providing the assumption will help the report audiences to understand why penetration testing followed a specific direction.", but still what I do have in mind it is more suited for "attack narative".
Can you provide me a small example (for one action, situation) so I can see exactly how it should be written?
I would think the "assumptions" paragraph and the "Attack narrative" paragraph are somehow overlapping. I would use the "Assumptions" paragraph to state a couple of high level decisions made before starting the attack, with whatever little information the pentester would have on the attack. I would expand on the tools and techniques used in the "Attack narrative" paragraph
For example an assumption could be:
"The pentester is carrying on the exercise against the infrastructure of a soho company with less than 5 people It is common for soho companies to use consumer networking equipment that is usually unsecure, and left configured as defualt. For this reason the attacker focused on scanning for http and ssh using a database of vendors default username and passwords"
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 5 years ago.
Improve this question
For a beginner hobbyist, it seems fairly common to create everything in the order it will be viewed by the user, regardless of its importance, and to intertwine back-end and front-end development.
Obviously, this isn't the most efficient method and would probably be avoided by more experienced developers. I've been exploring different ways to order software development, but I'd like to know if there's a standard that's widely accepted or recommended by the industry.
That is what software development processes are for.
Thing is: there are many different processes; thus there are many different answers to your question.
In 2017, most organisations use processes around the "agile" mindset (or they try to get there), thus your first stop could be Agile software development.
And to give a direct answer to your question:
when you start an agile project, you simply don't know about "all the things the user will view"
instead, you collect requirements
you translate requirements into "user stories"
then the development team and the users (or user representatives) decide on the priority of those user stories
and then, during the development iterations (sprints) a subset of the "most important" user stories is implemented
The key part here: requirements and their priorities are subject to change. The idea to collect everything upfront, to then define an order over all items is simply rejected nowadays.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 7 years ago.
Improve this question
I'm currently involved in a scrum project for a small organization.
Some events have led us to believe the organization doesn't understand their role in the scrum process. We've already gone as far as arguing about the size of the development team which, in my opinion, shouldn't be something for them to worry about (negative conclusion to this project has little to no impact on their end and large impact on us).
Learning the lingo as they go, they've asked us if they could see our backlog.
I don't have a ton of experience with scrum but is it wise to show it?
I fear we might get a lot of negative feedback because they don't understand the process all that well.
(Additional context: we are students and this situation is not covered by our classes, our teacher hasn't responded to our e-mails yet.)
Scrum is transparent. Everything the team does is open and visibile to all interested parties. Regular showcases are held to demonstrate completed work and both the sprint and project backlogs are public.
If you are following the Scrum framework then you will have a Product Owner who represents the business and is fully engaged with the team. It is the Product Owners responsibility to engage with stakeholders (i.e. other business users) to explain the contents of the product backlog.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Locked. This question and its answers are locked because the question is off-topic but has historical significance. It is not currently accepting new answers or interactions.
I'm thinking of forming a Hackers Club at work. My idea is that we would meet monthly and at each meeting one member would present an interesting hack he had created. (The hacks presented wouldn't necessarily have to be software hacks; they could also be the sort of things you read about in MAKE magazine.)
There would also be ANSI standard pizza, veggie pizza, and beer and pop available for socializing afterward. I'm even thinking of calling the club "TMRC" even though it will have nothing to do with model railroads.
Has anyone ever tried doing something like this or have any advice?
We do this at the office. I call it 'Developer Fight Club'
Usually do challenges of varying difficulty and compete against one another.
At the end of it, we go over our solutions, do code-reviews and discussions, and then use either benchmark results or other people as the deciding factor for who wins.
Typically, the loser has to buy lunch for the winner :)
For ideas of things to do, try stuff from Top Coder, programming questions on Stack Overflow, or even simple "crackme" applications available on different programming sites.
The main rules you'll need to adhere to are:
Make It Fun
Make It Educational Make
Make It Fair
Try to rotate the challenges, so either everyone is really good at the subject, equally bad, or at least mix it up often enough that it doesn't favor one person's skillset too much.
If there are women in your 'hacker' group, consider the advice given in the Howto Encourage Women in Linux. Especially the 'meeting places and times' section.
This is a little beyond what you asked, but there is good info on how to plan for hackers and how to resolve issues among members in a polite, hackerly manner.
Overview:
http://events.ccc.de/congress/2007/Fahrplan/events/2133.en.html
Videos:
http://chaosradio.ccc.de/23c3_m4v_1500.html
http://chaosradio.ccc.de/24c3_m4v_2133.html
My favorite is the Tuesday Pattern:
If there's a scheduling conflict such that no day of the week is good for everybody, just hold the event on Tuesday. No exceptions! Simple and fair :-)
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I haven't been to enough of these "live" events to really determine which, if any, are worth the time / money. Which ones do you attend and why?
For conventions, if you're still in university, and can make it to Montreal, Canada, the Canadian Undergraduate Software Engineering Conference (CUSEC) has been extremely enjoyable. See the 2009 site for the next event, and for a take on what previous years have been like, take a look at the 2008 speakers (note: it included Jeff Atwood).
I attend CUSEC primarily because our software engineering society on campus makes a point of organizing a trip to it, but also because of the speakers that present there, and the career fair.
I used to belong to my local Linux User Group which I co-founded but I treated it more as a social event than anything else but obviously a social event full of geeks is still a great way to get a great debate going :)
Conventions and the like I've not got much out of other than being pestered by businesses who can offer me nothing that is apart from a bunch of Linux and Hacker ones where I've met loads of people who I consider friends offline, again great for the social aspect but pretty worthless to me in other respects.
That's not to say I never got any business out of attending various events it's just that treating them as social occasions meant any business that did come my way was a bonus so I never left an event feeling like it was a waste of time.