Posts by TeeCee

...as Google asked him to provide information that was only accessible if he logged in...

All too common these days. When MFA is involved, trying to get back in when locked out ranges from "shitshow" to "fucking impossible".

My all time favourite example was attempting to use Google's own service to find where I'd mislaid my phone when away from home.

1) Find another computer - check

2) Get the owner to allow me to use it - check

3) Log into Google while thanking Fuck, Shit and all their little pixies that I had stuck with a password than I can actually remember rather than allowing some POS that I now cannot use to generate one.

4) Great. now I just need to enter a 2FA authentication code.... Ah.... Right... That'll be on the phone that I'm trying to find... feeling less smug about the password...

5) 2hr Drive home.

6) Find device using another machine that I own and which is thus already set up and previously thumped in the "don't give me that 2FA shit" button.

7) Find device.

8) 2hr drive back to get it.

This does not seem like a practical way of doing things to me..

the company claims is "nutritious, vegan, and caters to every diet"

TL;DR - tastes like chicken

Saving the planet, one falsified metric at a time

Isn't that Ed Milliband's job description?

It's very, very simple.

If you want to hire cheap, off-the-peg eejits to run your shit, then it must be simple, utterly standard and well-documented.

If, on the other hand, you want to lead the market with bleedin' edge rocket science shit, then you need to pay bleedin' edge rocket scientists whatever the fuck they want to look after it.

.. working on multiple parallel paths to speed recovery.

Aka: Running around like headless chickens.

Today we've seen it in action, holding platforms to account...

They really are utterly deluded, aren't they?

As 4chan's lawyers have already pointed out in a legal response (TL;DR - "Fuck Off"), 4chan has no assets in the UK and the chances of anyone getting a confiscation order by stomping all over their First Amendment rights in the US is about 0% of the square root of bugger-all.

So all this is actually meaningless.

One of my personal favourites, from an ex-colleague.

At a place he used to work they were old skool, having just the one server for both test and live, with separate environments.

One day, they were running very short of space and since a release had recently gone live so the test environment was no longer in use, it was decided to remove the test environment's data until more disk was aquired. This resulted in the following exchange:

"Er, ${regomised_name}? Is there anything you'd like to tell me about the test Customer table?".

"Oh, right. We were short of space and we were only reading from it, so I hardlinked it to the live one. Why, is there a problem with it...?"

'...a group calling itself "Scattered Lapsus$ Hunters"'...

s'kiddies then?

A shade unfair there.

"...application programmers not taking into account two digits."

In many cases that would be because all the date functions in the language they were working with were six digit only. If the system calls didn't have any way of returning the four digit year and all the manipulation / conversion / comparison functions were six digit only, you didn't have much choice.

Much of the affected stuff was written in languages developed in the '60s and 70s, when memory and storage were hideously expensive and in short supply, so nobody used four digits where two would do the job.

In the place I was at the time, we chose "60" as the window for Y2K work. The company didn't exist before that, so anything "before" 60 was 20something. I heard of one place that chose 30 for some reason. I now wonder how their humungous "replace it all" project went/is going and if they're getting nervous?

Extra, extra:

Bloke who runs IVR systems company turns out to be massive c*nt!

(There ought to be a paper called the Daily Bleedin' Obvious, to report this sort of thing)

The biometric elephant in the room.

...including fingerprint information...

Right. So just how do you change your fingerprints once their data is compromised?

Biometrics may well be flavour of the month for security, but that needs a practical answer. I can't see it being long before someone works out exactly how to reverse engineer a fingerprint analogue from the biometrics associated with it.

Once that happens, biometric security just boils down to an arms race between the scanner manufacturers and the hackers. This will differ from previous security arms races in that both embedded scanners and fingers are not upgradeable, so the good guys are on a hiding to nothing.

Hmm.

This is all just a convoluted excuse to buy a new cattle prod on expenses billed as a "fast charger", isn't it?

Here's how this works.

1) Aircraft gets towed taxi rather than doing so under power.

2) While queueing for runway, aircraft performs engine startup.

3) The APU trips and there's a total power loss.

4) Entire airport sits and twiddles its thumbs while a trolley-ack runs out to provide power to start the now-immobilised aircraft stalling the queue.

What? You mean you haven't been on one that's had 3 happen at the gate? You need to fly more often. This is usually accompanied by increasing murmurings of panic from the more nervous passengers sitting in the darkness while the staff whistle up a trolley-ack, despite this only taking the odd couple of minutes at the gate. It'll be fun to see what happens when they have to wait for one to traipse out to the runway queue.