The government has decided to borrow Rs 12 lakh cr in the current fiscal, compared to Rs 7.8 lakh cr earlier. 

They may not be pretty, smart or successful, but they strike a note. Why is it that some of the most lovable characters in popular culture have been far from perfect, flawed even?

In the book “The World of _____” by Bennett Alan Weinberg and Bonnie K Bealer, there is a photograph of a label from a jar of pharmaceutical-grade crystals. It reads:

“WARNING: MAY BE HARMFUL IF INHALED OR SWALLOWED. HAS CAUSED MUTAGENIC AND REPRODUCTIVE EFFECTS IN LABORATORY ANIMALS. INHALATION CAUSES RAPID HEART RATE, EXCITEMENT, DIZZINESS, PAIN, COLLAPSE, HYPOTENSION, FEVER, SHORTNESS OF BREATH. MAY CAUSE HEADACHE, INSOMNIA, VOMITING, STOMACH PAIN, COLLAPSE AND CONVULSIONS.”

Fill in the blank.

Workoutable © 2007 IndiaUncut.com. All rights reserved.
India Uncut * The IU Blog * Rave Out * Extrowords * Workoutable * Linkastic

No Starch Press: $49.95

If you are a security engineer, a researcher, a hacker or just someone who keeps your ear to the ground when it comes to computer security, chances are you have seen the name Michal Zalewski. He has been responsible for an abundance of tools, research, proof of concepts and helpful insight to many over the years. He recently released a book called "The Tangled Web - A Guide To Securing Modern Web Applications".

Normally, when I read books about securing web applications, I find many parallels where authors will give an initial lay of the land, dictating what technologies they will address, what programming languages they will encompass and a decent amount of detail on vulnerabilities that exist along with some remediation tactics. Such books are invaluable for people in this line of work, but there is a bigger picture that needs to be addressed and it includes quite a bit of secret knowledge rarely divulged in the security community. You hear it in passing conversation over beers with colleagues or discover it through random tests on your own. But rarely are the oddities documented anywhere in a thorough manner.

Before we go any further, let us take a step back in time. Well over a decade ago, the web was still in its infancy and an amusing vulnerability known as the phf exploit surfaced. It was nothing more than a simple input validation bug that resulted in arbitrary code execution. The average hacker enjoyed this (and many more bugs like it) during this golden age. At the time, developers of web applications had a hard enough time getting their code to work and rarely took security implications into account. Years later, cross site scripting was discovered and there was much debate about whether or not a cross site scripting vulnerability was that important. After all, it was an issue that restricted itself to the web ecosystem and did not give us a shell on the server. Rhetoric on mailing lists mocked such findings and we (Packet Storm) received many emails saying that by archiving these issues we were degrading the quality of the site. But as the web evolved, people starting banking online, their credit records were online and before you knew it, people were checking their social network updates on their phone every five minutes. All of a sudden, something as small as a cross site scripting vulnerability mattered greatly.

To make the situation worse, many programs were developed to support web-related technologies. In the corporate world, being first to market or putting out a new feature in a timely fashion trumphs security. Backwards compatibility that feeds poor design became a must for any of the larger browser vendors. The "browser wars" began and everyone had different ideas on how to solve different issues. To say web-related technologies brought many levels of complexity to the modern computing experience is a great understatement. Browser-side programming languages, such as JavaScript, became a playground for hackers. Understanding the Document Object Model (DOM) and the implications of poorly coded applications became one of those lunch discussions that could cause you to put your face into your mashed potatoes. Enter "The Tangled Web".

This book puts some very complicated nuances in plain (enough) english. It starts out with Zalewski giving a brief synopsis of the security industry and the web. Breakdowns of the basics are provided and it is written in a way that is inviting for anyone to read. It goes on to cover a wide array of topics inclusive to the operation of browsers, the protocols involved, the various types of documents handled and the languages supported. Armed with this knowledge, the reader is enabled to tackle the next section detailing browser security features. As the author puts it, it covers "everything from the well-known but often misunderstood same-origin policy to the obscure and proprietary zone settings of Internet Explorer". Browsers, it ends up, have a ridiculous amount of odd dynamics for even the simplest acts. The last section wraps things up with upcoming security features and various browser mechanisms to note.

I found it a credit to the diversity of the book that technical discussion could also trail off to give historical notes on poor industry behavior. When it noted DNS hijacking by various providers it reminded me of the very distinct and constantly apparent disconnect between business and knowledge of technology. When noting how non-HTTP servers were being leveraged to commit cross site scripting attacks, Zalewski also made it a point to note how the Internet Explorer releases only have a handful of prohibited ports but all other browsers have dozens that they block. The delicate balance of understanding alongside context is vital when using information from this book and applying it to design.

Every page offers some bit of interesting knowledge that dives deep. It takes the time to note the odd behaviors small mistakes can cause and also points out where flawed security implementations exist. This book touches on the old and the new and many things other security books have overlooked. Another nice addition is that it provides security engineering cheatsheets at the end of each chapter. To be thorough, it explains both the initiatives set out by RFCs while it also documents different paths various browser vendors have taken in tackling tricky security issues. Google's Chrome, Mozilla's Firefox, Microsoft's Internet Explorer, Apple's Safari and Opera are compared and contrasted greatly throughout this book.

In my opinion, the web has become a layer cake over the years. New shiny technologies and add-ons have been thrown into the user experience and with each of them comes a new set of security implications. One-off findings are constantly discovered and documented (and at Packet Storm we try to archive every one of them), but this is the first time I have seen a comprehensive guide that focuses on everything from cross-domain content inclusion to content-sniffing. It is the sort of book that should be required reading for every web developer.

 -Todd

Every time the U.S. holds midyear elections, the country almost always goes against the incumbent President’s party, which is always sobering to whomever holds The White House. And this week’s elections were no exception.

Halifax Regional Municipality of Nova Scotia, Canada, is the first Canadian city to use an in-pipe hydroelectric generation system within a pressurized water distribution pipeline, according to Halifax Water. On Nov. 13, a 32-kW generating system within a drinking water distribution control chamber for Halifax Water began providing power.

Ending a year-long race that had been nip-and tuck every month, renewable energy sources cumulatively provided more new electric generating capacity in 2014 than did natural gas.

The possibility of producing shale gas in some European countries has triggered a very heated debate about the environmental and social impacts of the technique used to extract gas from shale rocks (today only in the US and Canada); this technique is widely known as hydraulic fracturing or fracking.

What’s the next big opportunity for geothermal? According to panelists at last week's Renewable Energy World North America international geothermal session, it’s emerging markets. Kicking off the two-hour discussion, special guest Agnes Dasewicz of the U.S. Agency for International Development (USAID) explained the Power Africa initiative, which launched in June 2013. USAID is attempting to unlock energy growth in six countries: Kenya, Tanzania, Ghana, Nigeria, Liberia, and — of particular interest to the geothermal crowd — Ethiopia.

Ohio is debating the sharpest break from a three-decade campaign by 29 U.S. states to reduce reliance on fossil fuels by promoting power from renewable sources.

Nearly half of the declared chemical weapons in Syria have been removed from the country, a U.N. monitoring mission said Thursday.

UK Pensions Speedbrief: Age discrimination challenge to judicial pension scheme succeedsThe Employment Tribunal has handed down its

Pr�t� � Manchester United par le Shanghai...

In a letter to the mayor, Dr. Shimon Samuels said that there is “a growing pandemic of antisemitic stickers in and around the Gare du Nord and Gare de l’Est area.

Hong Kong is sweltering on its hottest Mother’s Day in more than half a century, with the mercury hitting 36 degrees Celsius in some areas and triggering this year’s first “very hot weather warning”.The Observatory in Tsim Sha Tsui issued the warning at 1.15pm on Sunday after the temperature there hit 32.2 degrees.At Tai Mei Tuk in Tai Po, the temperature hit 36.1 degrees. Yuen Long Park in Yuen Long also recorded 35.1 degrees, and Sheung Shui 35 degrees.It is the hottest Mother’s Day since…

At Mutobo camp, former fighters spend three months being rehabiliated after returning from the DRC

SUKKUR: The 199th Urs of Sufi saint and mystic poet Hazrat Sachal Sarmast was observed without the traditional celebrations accompanying the festival due to the social distancing in vogue due to...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

PESHAWAR: Minister for Health and Finance Taimur Saleem Jhagra on Saturday said the health system was being upgraded to deal with the coronavirus as well as dengue and polio.He was talking to...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Professor Ashutosh Varshney of Brown University analyzes the current state of India's democratic system as well as the strengths and challenges in this rapidly growing nation. Full interview.

The skywatching event lasts about a week, with the best views arriving before dawn on Tuesday.

"The fact that they are not alive means they don't have to play by the same rules that living things play by," a virologist said.

हिमाचल प्रदेश में कोरोना वायरस के दो और पॉजिटिव मामले आए हैं। दोनों ही हिमाचल के निवासी नहीं हैं।

The pandemic has had a huge impact on the economy. However, even with all that’s happened, Wipro CMO Ved Bhat sees opportunities for companies to stand apart, and to take their products and brands to the next level. In a recent CMO Talks discussion, Bhat focused on people as he answered ITWC President and CEO…

The Rhaegal cargo drone pivots to new possible military missions under a U.S. Air Force contract

Of all the Halloween costumes out there, this guy and his girlfriend blew everyone away.

Canadian Georges St-Pierre, who ruled the UFC welterweight division before putting a bow on a glittering career by winning the middleweight title in his final outing, is headed to the UFC Hall of Fame.

Now dozens of scientists are waiting in quarantine for the all-clear to join a year-long Arctic research mission aimed at improving the models used for forecasting climate change, just as the expedition reaches a crucial phase. News of the pandemic caused jitters among those already on board, said Matthew Shupe, an atmospheric scientist at the University of Colorado and co-leader of the MOSAiC expedition. The rest of the crew will be exchanged with the help of two other German research ships that will meet the Polarstern on the sea ice edge.

Spencer, a native of Montreal who trains in Orlando, Fla., joins Canadians Alexis (Ally-Gator) Davis and Valerie (Trouble) Letourneau in challenging for UFC women's titles.

She was just one of many celebrities put on by Harrell.

Inter Milan midfielder Christian Eriksen has revealed that he has been living at the club's training ground after the coronavirus outbreak cut short his house search.

Learn how to take simple x/y coordinates, and create map polygons shaped like holiday images, that can be plotted using SAS/Graph's PROC GMAP.

The digital adoption rate of SMEs in Malaysia remains low and its e-commerce industry is still in its infancy.

The post Malaysia’s ambition to become a digital economy hub still at the halfway mark appeared first on DealStreetAsia.

The omnibus bill on job creation limits increases in the minimum wage and eases conditions for firing employees.

The post Indonesia halts job creation bill targeting foreign investment appeared first on DealStreetAsia.

For a while, the international mission looked like it might have to be called off, as country after country went into lockdown because of the virus, scuppering plans to bring fresh supplies and crew to the German research vessel Polarstern that's been moored in the high Arctic since last year.

Nico Rosberg thinks the perfect strategy in Malaysia will involve getting as much out of one stint on the option tyre as possible during Sunday's race

As a general rule, you probably shouldn’t be getting your Personal Protective Equipment (PPE) from the party store. But these are exceptional times, and rather than potentially depriving medical professionals the equipment they so desperately need on the front lines, the team at [Robots Everywhere] has been looking into improvised …read more

Volunteers who help the British Grand Prix run smoothly want to get back trackside but questions remain on safety and testing

“We are like one big family,” says Carolyn Doyle of the bond between the marshals of the British Grand Prix. “We are there because we love it and we want to achieve the same thing – that’s what makes it really special.”

Much as it does bring great pleasure to this selfless collective, the sport knows their presence is invaluable. As Silverstone considers hosting two consecutive races behind closed doors in July, the volunteer marshals are having to consider the new realities imposed on Formula One by the coronavirus crisis.

As the nation celebrates the indomitable spirit of motherhood on Sunday, Bollywood celebrities also dedicated heart-warming messages to their mom's on the occasion of Mother's Day."

Sara Ali Khan shared a heart-melting throwback picture where she is seen as an infant in the arms of her grandmother while her mother is looking at baby Sara in a moment of affection. The actor captioned the post as, "Meri Maa ki Maa. Thank you for creating Mommy. #HappyMothersDay."

 

 

 

View this post on Instagram

Meri Maa ki Maa 💁🏻‍♀ï¸ÂðŸ¤°ðŸ¤±ðŸ»ðŸ™‡ðŸ»‍♀ï¸Â Thank you for creating Mommy 💝🙏🏻👩‍👧‍👧🐣🐥🐤 #HappyMothersDay

A post shared by Sara Ali Khan (@saraalikhan95) onMay 9, 2020 at 11:45am PDT

Vicky Kaushal put out a childhood throwback picture on Instagram where the actor is seen caught in a moment of mischief as he jogs at the shore of a beach, while his mother is seen scolding him. Along with the picture Vicky wrote," Dodging them till date. Keep them coming Maa. Love you! 

 

 

 

View this post on Instagram

Dodging them till date. Keep them coming Maa. Love you! ❤ï¸Â

A post shared by Vicky Kaushal (@vickykaushal09) onMay 9, 2020 at 5:40pm PDT

Ananya Panday shared an adorable video from her childhood days where she is seen sporting a while kurta-churidar with a red dotted dupatta. The video initiates with a question by a person behind the camera who asks, "Whom do you love the most in the world?"

 

 

 

View this post on Instagram

it’s clear where I get my crazy from 😜 happy Mama’s day to my Mama and all the beautiful mama’s out there ❤ï¸Â

A post shared by Ananya 💛💫 (@ananyapanday) onMay 9, 2020 at 12:15pm PDT

To which baby Ananya innocently replies, "Mama."

And he asks, "And the second?"

She smilingly replies, "Nobody."

 

 

 

View this post on Instagram

The answer is still the same 😜 love u @bhavanapandey ❤ï¸Â

A post shared by Ananya 💛💫 (@ananyapanday) onMay 9, 2020 at 12:16pm PDT

Along with the caption she wrote, "The answer is still the same. love u @bhavanapandey."

Recalling his childhood moments spent with her mom, Ishaan Khatter shared a couple of throwback pictures with his mom in an Instagram post.

 

 

 

View this post on Instagram

Mom for president ✌🏼

A post shared by Ishaan (@ishaankhatter) onMay 9, 2020 at 1:16pm PDT

The special post featured 3 pictures of which the first one shows baby Ishaan lying in bed while his mother is seen pecking a kiss on his little arms. The second one shows his mom in a glamorous monochromatic picture, and the third one shows baby Ishaan in his childhood days, where he is seen sitting in his mother's lap and passing a smile at the camera.Along with the post he wrote, "Mom for president."

Catch up on all the latest entertainment news and gossip here. Also, download the new mid-day Android and iOS apps.

Mid-Day is now on Telegram. Click here to join our channel (@middayinfomedialtd) and stay updated with the latest news

This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever

A day after the new BMC chief Iqbal Chahal took over, he spent the day visiting Nair Hospital, which is a designated facility for COVID-19 patients, and Dharavi which has the highest concentration of positive cases in the city. Apart from taking stock of the situation at both places, Chahal also had discussions with the hospital staff, patients as well as residents of Dharavi.

Chahal visited the Nair premises on Saturday morning, accompanied by Additional Municipal Commissioner Suresh Kakani and hospital dean Dr Mohan Joshi. Chahal also interacted with the doctors and nurses about the issues they are facing, and told them that they could raise their concerns with him. "He wore a PPE and also visited the wards and met with patients to inquire about their health. The purpose of the visit was to understand the ground realities and also take feedback from the staff.

Chahal took stock of the community toilets in Dharavi. Pic/Suresh Karkera

He has asked the hospital staff to approach him with any requirements," said Dr Gautam Bhansali, consultant physician with Bombay Hospital who accompanied Chahal. After Nair Hospital, Chahal visited Mukund Nagar in Dharavi. He also took a round of the community toilets. He asked the ward officials to ensure that the toilets have a steady supply of handwash and that they are cleaned regularly.

He directed the ward officials to take up contact tracing more comprehensively. "The commissioner has asked for the total number of people, who tested positive from dense slum pockets and those who lived in residential buildings. He wanted to understand the ratio of patients who have tested positive from both areas. He has also asked us to identify more high-risk patients and place them under quarantine," said an official.

Catch up on all the latest Mumbai news, crime news, current affairs, and a complete guide from food to things to do and events across Mumbai. Also download the new mid-day Android and iOS apps to get latest updates.

Mid-Day is now on Telegram. Click here to join our channel (@middayinfomedialtd) and stay updated with the latest news

This paper aims to provide an introduction to and overview of the social investment market for policy makers. Social investment is the provision of finance to organisations with the explicit expectation of a social, as well as financial, return. It has become increasingly relevant in today’s economic environment as social challenges have mounted while public funds in many countries are under pressure.

Climate change and, more generally, environmental damage have quantifiable economic and health costs, which weigh on long-term growth and well-being. If left unchecked, climate change is projected to decrease global GDP by 0.7 to 2.5 % by 2060. At the same time, the costs to society of air pollution already appear substantial–equivalent to some 4% of GDP across OECD countries and even higher in some rapidly developing economies.

Chairman's statement of the OECD Steel Committee's 78th session, Paris, 11-12 May 2015.

Immediate action is needed to address the challenge of excess global steel capacity, according to industry and government officials at the OECD’s Steel Committee meeting in Paris on 30 November and 1 December 2015.

Imports of counterfeit and pirated goods are worth nearly half a trillion dollars a year, or around 2.5% of global imports, with US, Italian and French brands the hardest hit and many of the proceeds going to organised crime, according to a new report by the OECD and the EU’s Intellectual Property Office.