* Posts by trancewald

2 publicly visible posts • joined 20 Feb 2024

Over a million Neighbourhood Watch members exposed through web app bug


Software engineering should require a license

It is too easy for people to get jobs as software engineers. Just today I stumbled upon an approved pull request where some new guy was logging all the request cookies and request headers at warning verbosity. All those session cookies, all those authentication headers, all that PII dumped into a log file that 600 people have access to...

Microsoft warns Dev Drive daredevils to back up or beware after latest build


The details matter

There is only one reason to use Dev Drive, and that's for better I/O performance. But how does it improve performance? By excluding it from antivirus protection! Thanks Microsoft but I'm not interested!