Hi Aneesh, In that case I guess we can create on long letter together. First we will create a short official part addressed to whosoever it concerns- it should be short and contain only requests and short description of problems. To that, we will attach a technical part detailing whatever we know about the problems. Right now, I am down with a fever and there is the impending exams. I will prepare the first draft as soon as I sort out these issues.
Regards, Gokul Das On May 13, 5:57 pm, Aneesh A <aneesh...@gmail.com> wrote: > They c\also are not ready to give passwords. > > They simply delete that entry and told to reregister. > > Regarding draft of the letter, I have no idea about creating one. > > Can someone help me?? > > > > On Wed, May 13, 2009 at 2:20 AM, Visakh <gokulda...@gmail.com> wrote: > > > Hi, > > > On May 12, 6:52 pm, Aneesh A <aneesh...@gmail.com> wrote: > > > No proper software testing. That is the problem, As I think. > > > Yes. I agree. That would explain both the operability issues, security > > issues and compatibility issues. > > > > On student side, no problem in using firefox. > > > On administrator side, ie, teacher's verification, there appears no > > photos > > > Well, if we place a complaint we will have to be very specific- like a > > bug report. Exact nature and ways to recreate it will have to be > > specified. For example, if there is a firefox/W3C incompatibility, we > > will have to show atleast one instance, or define exact problem. The > > problem you mentioned could be an abnormal case. However, if it can be > > recreated multiple times in multiple platforms (like different > > systems, OSs or browser - even just 2 cases would suffice), it would > > qualify as an ideal example. > > > > Also my friend tried to register, He got all SQL queries and all.. > > > Exactly the kind of flaw that I am talking about. Whenever a server > > returns an error message, either it should be a standard message (like > > 404 file not found) or a Web app exception handled message. Anything > > else will contain sensitive information about internal system- like > > Web server configuration, Database information, SQL code etc. Did I > > mention that this server sent me back a portion of the web app's ASP > > code when tested? Just more information for a cracker to further his > > attempt. Anyway, that info about SQL is useful. > > > > To Vishak, You are pretty good hacker. (Didn't meant hacker). > > > I presume it was a compliment. Thanx! :D But I don't qualify as hacker > > by either Free software community definition or security community > > definition (cracker). My field is actually electronics & communication > > engg. I know more about protocols, encryption and security than web > > programming and designing. In other words, somebody else with > > expertise in these will have to explain to the university why their > > design is insane! > > > > I am not blaming ASP. I wished that it had been done using php.... that's > > all. > > > Technically, Java EE would satisfy these needs (security, scalability, > > responsiveness) better than either ASP or PHP. It has FOSS > > implementations too. But I know this is not point you make. This is > > not the first time public agencies are taking a contradictory stance > > on FOSS. Remember the e-VAT and PPT in +2 issues? We already have > > along list of these. Its about time they get reminded about this. > > > > Also there is no password recovery form... It is a real problem as I > > explained in blog. > > > No arguments there. They simply didn't do their homework. To get > > password back, we have to first face their apathy. Even then, they > > just can't avoid accidentally causing password mixups! > > > Regards, > > Gokul Das > > -- > Call me: > 9447926826 > > For all hardware and software services, Computer assembling, Linux & Windows > Installation etc. > > Visit my blig > > http://xtenders.blogspot.com/ > > Earn money > > http://www.rupeemail.in/rupeemail/invite.do?in=MTY0NTQxJSMlaHlzaUt4V2... > > http://www.inboxdollars.com/?r=ref4064290 --~--~---------~--~----~------------~-------~--~----~ "Freedom is the only law". "Freedom Unplugged" http://www.ilug-tvm.org You received this message because you are subscribed to the Google Groups "ilug-tvm" group. To post to this group, send email to ilug-tvm@googlegroups.com To unsubscribe from this group, send email to ilug-tvm-unsubscr...@googlegroups.com For details visit the website: www.ilug-tvm.org or the google group page: http://groups.google.com/group/ilug-tvm?hl=en -~----------~----~----~----~------~----~------~--~---
