[DUG] Work Wanted in Wellington
John C
jc at sunshinesoftware.co.nz
Thu Jul 3 19:32:50 NZST 2014
To get rid of this hacker, would it perhaps be an idea to change domain name?
Cheers
John Ch
From: delphi-bounces at listserver.123.net.nz [mailto:delphi-bounces at listserver.123.net.nz] On Behalf Of Leigh Wanstead
Sent: Thursday, 3 July 2014 7:22 p.m.
To: NZ Borland Developers Group - Delphi List
Subject: Re: [DUG] Work Wanted in Wellington
Hi Robo,
Thanks for the suggestion.
The issue is once add captcha, the hacker will just simply treat this as a signal and use another cookie and another ip.
Regarding to render the website in Javascript, how are you going to stop the browser driven by script? The hacker does not need to understand the javascript. All he need is just grab dom element.
Regards
Leigh
On 3 July 2014 19:09, Robo <robo555 at gmail.com> wrote:
As a user (and web developer) I would hate to see a website using png as text, not being able to copy and paste and unable to accomodate different screen resolutions (especially in age of tablets and phones) is a severe usability problem.
One of the method used by Amazon is to detect usage pattern, then implementing a delay for every 10 page views, add captcha, etc.
The better alternative to using PNG would be to render the website in JavaScript. So it looks normal when rendered on browsers, but the content or even the whole DOM is built from obfuscated JS. Don't build this yourself, plenty of existing code on the web.
Robo
On Thu, Jul 3, 2014 at 4:49 AM, Leigh Wanstead <leigh.wanstead at gmail.com> wrote:
Hi Jolyon,
Thanks for the answer. That was exactly I am doing for the last two years. I managed to auto detect such bot.
To solve this issue completely, I suggested to my boss to use image instead of text to display html content. This way the hacker must use ocr to extract the text from image. For normal website user, there is not much downside to read a png file compare to read html text. I guess that I manage to protect that valuable information :-)
Regards
Leigh
On 3 July 2014 14:39, Jolyon Smith <jsmith at deltics.co.nz> wrote:
If you can identify this person/bot then you should be able to incorporate some analytics into your website to identify them also. i.e. if there is some obvious pattern to the requests (particular sequence of pages requested) or some frequency with which requests are made from the same IP, which identifies requests from that IP as unusual.
Since you seem able to recognise this miscreant yourself, the first step would be to incorporate this analysis and to log when you believe your analysis has identified the bot.
Once you are satisfied that your analysis is identifying only the bot/rogue user and not throwing up false positives you could then add code to add IP's identified by the analytics to your block list or however you choose to deal with it.
You should also look into what capabilities, if any, your web server platform provides in this area (since this is hardly a new or unique problem - others will already have solved this problem in ways that may be applicable to you).
IIS for example has a Dynamic IP Restrictions Extension which potentially addresses at least some of these issues.
http://www.iis.net/learn/manage/configuring-security/using-dynamic-ip-restrictions
On 3 July 2014 14:22, Leigh Wanstead <leigh.wanstead at gmail.com> wrote:
Hi Cameron,
Thanks for the reply.
It is not google bot. The website is a public website, so I cannot whitelist any ip.
Actually the basic question is how to stop robot to grab the website? I believe the guy want to steal information or want to crash the website (deny of service).
The trouble for me his log request ruin my web log and take up server cpu resource. I sometimes ended up 99% request from him and it was on going day and night.
Regards
Leigh
On 3 July 2014 14:05, Cameron Hart <Cameron.Hart at flowsoftware.co.nz> wrote:
sounds like google bot is indexing you J
you will need to determine his pattern so you can monitor and block it dynamically.
sounds like it’s not a public site as you wont tell the address so you could whitelist your users IP’s and block everything else.
Cameron Hart
Flow Software Limited
Flow
PO Box 302 768, North Harbour
P
+64 9 476 3569 <tel:%2B64%209%20476%203569>
Auckland 0751, New Zealand
M
+64 21 222 3569 <tel:%2B64%2021%20222%203569>
<http://www.flowsoftware.co.nz> www.flowsoftware.co.nz
E
<mailto:cameron.hart at flowsoftware.co.nz> cameron.hart at flowsoftware.co.nz
This message is intended for the addressee named above. It may contain privileged or confidential information. If you are not the intended recipient of this message you must not use, copy, distribute or disclose it to anyone.
P Please consider the environment before printing this email
From: delphi-bounces at listserver.123.net.nz [mailto:delphi-bounces at listserver.123.net.nz] On Behalf Of Leigh Wanstead
Sent: Thursday, 3 July 2014 2:02 p.m.
To: NZ Borland Developers Group - Delphi List
Subject: Re: [DUG] Work Wanted in Wellington
I have a question for you guys related to how to be a good developer to solve the problem :-)
I am developing a website and someone is using some sorts of script to drive a browser to grab all the data from the website. I cannot use login method. I cannot use recaptcha at the time they use the website. I am already using cookie to log behavior. That guy always clear the cookie after I detected him. He is always changing ip address if I block him from that ip address. He is using the ip all over the world i.e. Australia, NZ, usa, Russia.
What to do?
I guess the hacker is not in this email list, so it is ok to discuss it. And please do not ask me the website name I am developing.
Regards
Leigh
On 3 July 2014 13:29, Steve Peacocke <steve at peacocke.net> wrote:
I think there's another few sides to this as well and it all depends on "your" definition of a good developer.
Having lead technical teams for a number of years, I know that you can have not only different skill levels, but different knowledge and specialised areas even within senior developers. In any team, developers have their own specialisations relating to the type of work that the company does. Work can often be given to them because they are the one member in the team who knows about this or that.
For example, I know very senior developers who have never created a component in their lives, or others who are well known and seen as some of the very best in the industry, but may never have done a complete application design. Others may never have created a DLL or linked to external hardware.
I do have a real problem with this "ask specific questions" way to determine if they are a good developer. I know of some who would ask university-type questions to explain some specific UML design without realising that other companies don't actually use UML's, or some others who are convinced you are not a good developer if you can't describe some OO phrase exactly by the book without realising that no-one actually speaks that language outside of university, despite the fact that they program that way by nature.
I do remember being once asked to explain the difference between some obscure technical terms to do with encapsulation (I had never heard a programmer utter those words since coming out of university), but was able to then totally stump the interviewer when I asked back if they could explain the difference between parent and owner.
A Senior Developer in any of the teams that I have lead or worked in could be more easily described by the amount of real world abilities to problem solving and delivery to the users expectations, and their interaction with the customer, yet a good programmer would be one that could program a specific given task - there is a difference.
As for getting a coy of some old code - yes, that might be good but I tend to know programmers who hoard their precious code chunk, taking it with them everywhere and can produce it immediately. On the other hand, I have an old SQL builder program that I add to over the years and use to learn new ways of doing things with and learn how to get under the hood of the database and data structures - but I'd hate for others to see that code as it's forever a work in progress and used solely to learn (although the application is still in use around the world).
Steve Peacocke
+64 220 612-611 <tel:%2B64%20220%20612-611>
On 3/07/2014, at 12:45 pm, Jolyon Smith <jsmith at deltics.co.nz> wrote:
I'd say that if you already have sufficient doubt to trust them to honestly represent their own work then it doesn't really matter what the code looks like, whoever's code it may be. ;)
On 3 July 2014 12:35, Jeremy North <jeremy.north at gmail.com> wrote:
Also how do you know they actually wrote it.
On Thu, Jul 3, 2014 at 10:09 AM, Jolyon Smith <jsmith at deltics.co.nz> wrote:
One possible problem with asking to look at old code is that this would often break confidentiality requirements with a previous employer/client.
I also have to admit that when I read some (SOME!) of my old code it gives me the shivers. People can get better over time y'know. :)
I think perhaps a better approach might be to ask someone what they think of the code they wrote in the past.
On 3 July 2014 12:03, Leigh Wanstead <leigh.wanstead at gmail.com> wrote:
To know if he/she is a good developer is very easy. Just read the code he/she wrote in the past.
On 3 July 2014 11:51, Jolyon Smith <jsmith at deltics.co.nz> wrote:
As you say John, the measure of "good" is a complex issue and may even vary from project to project according to the needs of those projects. Technical proficiency (in any specific area) , mentoring skills or knowledge (OO or again, in whatever area) can all be gained as and when needed but may or may not be relevant to a particular project.
Ultimately it comes down to a combination of knowledge and approach, and the "fit" in these areas that a developer has with the needs of any particular project.
In my experience, the best developers are the curious and caring ones. By which I don't mean the ones that people raise an eyebrow to/at and who get all teary eyed at a soppy movie, but who - when faced with a problem or a challenge - seek first to fully understand it before rolling up their sleeves and cutting code. And when they do produce code, they care about the clarity and structure of it. "Working code" isn't good enough for such people, it must also have some aesthetic other quality.
i.m.e more often than not, ugly code turns eventually out to be wrong code. I know when I'm on the right track to a solution because it not only works, but it makes a sort of obvious sense and has a certain elegance that cannot be simply designed in.
But, as I say, it's a highly complex area and I don't think there is a simple check list of qualities that categorically identify a "good developer".
Which is perhaps why it is also difficult to determine the value of one, resulting in the tendency to place value on more easily measured qualities, such as scarcity, experience (as measured in years), etc etc
On 3 July 2014 11:20, John Bird <johnkbird at paradise.net.nz> wrote:
OK that begs a further discussion!
What in your eyes makes a developer “good” as opposed to thinking they are good – specific qualities please of what the good qualities are. I am wondering if there are many opinions of what a “good” programmer is which might explain why some think they are good whilst others think they are not. What are the more objective measures?
I have worked on numerous projects the last few years and seen a lot of different talents. Some that stick out in my experience are:
* Technical proficiency – ie knowing already what is likely to be the best technology to use to tackle a new problem
* OO depth. Is it innate or learned? How is it best learned?
* Ability to mentor and guide others through existing code
Curious to hear specifics from you as you have the reputation of a Delphi authority!
From: Jeremy North <mailto:jeremy.north at gmail.com>
Sent: Thursday, July 3, 2014 10:23 AM
To: NZ Borland Developers Group - Delphi List <mailto:delphi at listserver.123.net.nz>
Subject: Re: [DUG] Work Wanted in Wellington
I know here (Australia) we would happily pay decent salaries if we found Delphi developers that were actually good and didn't just *think* they were good.
On Thu, Jul 3, 2014 at 8:06 AM, Stefan Mueller <muellers at orcl-toolbox.com> wrote:
As a Swiss Delphi Developer living in New Zealand I find that interesting.
Switzerland isn’t exactly at the top of my mind when I think about the “value for bucks” for outsourcing work to – not because you don’t get the quality, but because salaries there are almost twice what you would have to pay here.
Kind regards,
Stefan Müller,
R&D Manager
ORCL Toolbox Ltd.
Auckland, New Zealand
P Please consider the environment before printing this email
This message is intended for the adresse named above and may contain privileged or confidential information.
If you are not the intended recipient of this message you must not use, copy, distribute or disclose it to anyone.
From: delphi-bounces at listserver.123.net.nz [mailto:delphi-bounces at listserver.123.net.nz] On Behalf Of Tony Blomfield
Sent: Thursday, 3 July 2014 9:29 a.m.
To: 'NZ Borland Developers Group - Delphi List'
Subject: Re: [DUG] Work Wanted in Wellington
Gary.
If you would like to send the details to me I will have a chat with them.
Unfortunately we have had such a bad run with Kiwi Developers we moved our R&D over to Switzerland last year where we get much more cost effective results.
Anyway, I’d like to assess the person myself to see if they are suitable.
Kind regards.
Tony Blomfield
From: delphi-bounces at listserver.123.net.nz [mailto:delphi-bounces at listserver.123.net.nz] On Behalf Of Gary T. Benner
Sent: Wednesday, 2 July 2014 2:32 p.m.
To: delphi at delphi.org.nz
Subject: [DUG] Work Wanted in Wellington
HI All,
This just passed in if anyone can help:
Permanent Developer available in Wellington.
Experienced Senior Delphi Developer looking for a permanent role in or around Wellington.
Open to remote work. Also open to learning a new language if needed. Experienced in picking up code from others and looking after legacy systems as well as new development.
Also experienced as a Development Manager and Product Management.
Anyone with an opportunity can email me at gary at benner.co.nz and I'll pass it on.
cheers
Gary
List Admin
Gary Benner MNZCS ITCP
Information Technology Certified Professional
<http://www.onlearn.co.nz> Onlearn Limited - Online Learning Hosting & Support, Training & Content Development
<http://www.123.net.nz> 123 Internet Limited - Managed Web Hosting, Virtualisation, High Availability Systems & Cluster Technologies
<http://www.semantic.co.nz> Semantic Limited - Software Development & Systems Design, Online Education, e-Commerce
<http://www.diwa.co.nz> Disaster Warning Systems Limited - Public Emergency Warning and Communication Systems
Mob: 021 966 992
DDI: +64 7 543 1206 <tel:%2B64%207%20543%201206>
Email: gary at benner.co.nz
Skype: garybenner
Ref#: 41006
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_____
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at listserver.123.net.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at listserver.123.net.nz with Subject: unsubscribe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listserver.123.net.nz/pipermail/delphi/attachments/20140703/937f8bd0/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 648 bytes
Desc: not available
Url : http://listserver.123.net.nz/pipermail/delphi/attachments/20140703/937f8bd0/attachment-0002.jpe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 4211 bytes
Desc: not available
Url : http://listserver.123.net.nz/pipermail/delphi/attachments/20140703/937f8bd0/attachment-0003.jpe
More information about the Delphi
mailing list