It's still the case for me, I am going to negotiate that the terms are changed. It's ridiculous. I understand if the product I'm working on is a conflict of interest, but if it's nothing related to my current employers field why should they own it?
Our website and 2 of our client websites have been compromised like this in the last couple of weeks and they are all across different hosting providers (Zen Hosting and Unlimited Web hosting)
Here is a link to the code we found injected into the index page on our FTP and my attempt at decoding it.. interestingly enough it does relay to javaterm.com as the authors comprimsed site does as well..
We are fairly certain it wasn't achieved through our code as one of the sites is literally 6-7 pages of static html content.
From what we can tell it only ever effects the index page in the root of a servers FTP. In my case all of the shells were deleted(Looking from the FTP logs there were 2-3 uploaded all with different names)
Honestly I don't understand why people get all flustered over email validation, I would probably use something along the lines of this just to check that the email address is along the lines of [email protected], obviously this could do with a little tweaking.
The best way to validate an email address is to send an email to whatever address is supplied to you, if it is a true email address the user will receive an email and it will be validated, if not then their account or query will go unused/unanswered and that will be down to them.
almost $800 to slightly inconvience them isn't worth it, now if it deleted every single file of theirs then I have a few people I would do this to!
It does seem silly that they can't simply remove you from a team without deleting your account, I can't think of anything that would stop them from being able to do that other than not having the time or motivation to implement the feature.
I saw this while browsing around the internet, it seems like quite a simple Idea and is far easier to use than the current system of typing words. But I do remember earlier this year a company came up with a concept of having simple games the user had to play to complete their CAPTCHA, I'm pretty sure that within a week someone had written a program that managed to complete the games with a fairly high success rate. So I was wondering what some of the more knowledgeable members of HN thought? would something like this be easy to bypass with a computer program or is it really as secure as they believe it is?
In some ways I do hope it is secure as it does seem like something I would implement on my website especially is their conversion rates are accurate.