I was thinking "sweet" and then I saw the name and started laughing.

Actually there are quite a few good lifestyles available if you charge for licenses of your software and you are a small software shop.

Simple: intersperse ads with results and make it obvious which are the ads.

This sounds like IRC to me.

That's exactly what IRC was to many people. With the death of IRC, that problem is again unsolved.

Death? Come on freenode

I like the idea. More details about how you make money would make for better feedback.

We plan to charge for a premium version of this service (underway).

Did you consider using affiliate links as well?

We're showing some affiliate links (when the recommended merchant happens to be an affiliate), but we're concerned about possible misperceptions of bias.

Good point. Post on your progress, I'm interested :-)

This UI is horrible. But they get the simple things right.

You're doing it wrong.

Talk to a real-live accountant.

What the hell is Tumblr? And what happened to vowels?

You must be new here.

Tumblr is an awesome blogging platform that's dead simple and has some Twitteresque social features (ie following) built in.

Also has a great bookmarklet and a neat api.

And a non-existant QA department apparently?

QA departments are notorious for not being very creative. You'd need a star QA department to find the /admin hole, I think.

No, you just need functional tests. Having these kind of bugs in a spare time project is fine, but if you call yourself a startup and ask customers to trust you with data, you need to seriously consider security issues.

yea i mean it seems to be a first step obvious point.

Uh, this is a scam right?

Evidently. I don't know why they bothered with any code at all let alone the dotimes stuff. Anyone who could get that code to run wouldn't be fooled.

I am not a PS guru. All of that is gibberish to me. I think this is what is going on:

1) There is a single source file foo.ps 2) Since PS is interpreted, there is a statement like: if(filename=="recommendation.ps") { show_recommendation(); } else { show_give_security_clearance(); }

This attack will work on no matter what hash you use because it uses social engineering (i.e., laziness - no one looks inside their PS files)

I think so anyway...

Just RTFA'd. Their attack is much more involved than I describe. However, it should be trivial to do the same thing for an OpenOffice document or Word document. Maybe I will try it...