Posts by JeffUK

Re: Confirmation checkbox needed

Send what message? If they think they clicked 'Test Message' then they're going to click yes on the confirmation too.

How about confirmation boxes that provide useful information like "Send message to 4,000,000 recipients?"

Wesley Snipes vs Wesley Crusher, Ideally something akin to the Subway fight scene from Blade

Re: I'm touched by the weirdness of this request...

Start at the beginning and carry on until you reach the end.

The first few are a bit amateurish, but there are so many in-jokes and references in the rest you'll miss out If you don't read them.

Re: For the 1,000th time

Good point, I'd never use '00000000' as the password to my car. I suppose it makes sense, the US Govt. has LOADS of nukes laying around and I've only got one car.

Re: There are many different definitions of "smart meter"

Ok, I see why you would want to, than (I seem to remember this being trialled with Aircon in big hotels...) how would it work? would it need to be connected via wifi, or or would it use some sort of Ethernet-over-power malarkey?

Re: Terrified robots will take middle class jobs?

I know several people who could easily be replaced by a magic-eight ball..

Re: It's all about the annual review

Message_First_Word = 'H' + \

'e' + \

'l' + \

'l' + \

'o'

etc. etc.

Re: I'm not buying the "0-day exploit" story.

Well; it was a zero-day at some point...

Re: Budgets, constraints and

Something I've experienced before is security companies giving assurances that they shouldn't give based on the scope of the testing, and not giving adequate caveats.

E.g. testing a web application and not testing the infrastructure yet declaring a web service 'secure.'

Re: |Hmmm... click bait

Agile: I literally had someone tell me "We don't want all the project management and testing, can't we just use agile?"

Certainly, But you'll want to double your budget for project management and testing...

Re: Ah joke wallpaper ...

(Except for Johnny Castaway of course)

Just gave me a massive wave of nostalgia, Someone's compiled the whole lot into this youtube vid:

https://www.youtube.com/watch?v=PqXIKeTVcyA

Re: “A less than really sharp manager agreed,”

As per the Dilbert Principle.. the 'less than sharp' people are consistently promoted to management positions where they can do the least amount of damage. sounds like WG's manager is due a promotion.

We had a few occasions where truck drivers tried to drive off with our forklift drivers still in the trailer unloading... after discussing lots of high-tech and convoluted processes to stop it happening we solved it for £5. By putting a hook on each of the roller-doors in the loading bay.

When the truck comes in, their keys are hung on the hook before the roller-door is opened, leaving the keys hanging 15ft in the air. Then they physically can't get their keys back (or drive off) until the door's closed again.

Re: Can't see why nuclear power is a danger for a data center

Presumably it helps provide some measure of guaranteed base load for the reactor. For cloud processing, you could even offer discounted cycles based on excess power generation (Amazon have a 'run X when it's cheap' option.)

Re: Cyber Warfare vs things that go boom

Someone in the local area took out a major transmission mask with a badly (well?) aimed firework a few years ago... (Google 'Morborne transmitter'))

Re: I'm not sure which is funnier...

Pretty sure that sentence could do with a comma! "was motivated by opposition to US Foreign policy, and support for Palestine"

Re: Lateral thinking

Yeah, Although unfortunately this probably falls under the 'conspiracy theory' banner simply because there's no way of proving it either way, I'm tempted to agree with you!

Without other supporting evidence, there's no way of telling the difference between a genuine vulnerability and a cleverly placed backdoor.

Re: Dunno for teachers, but ...

"or just RTFM and have 2 cents of common sense as an architect." .. ityf 2 cents makes you a Senior Architect

Re: Seems little margin for error...

Interlocking anything to speed relies on the measuring devices working perfectly. e.g. if you couldn't lower your landing gear unless the plane believed you were under 80kts, and your air speed indicator failed (frozen pitot tube f'rinstance) it would be somewhat inconvenient to have to get out and fix the problem prior to landing.

The most popular of the passwords he was able to successfully crack...

Re: "having [..] storage silos is a costly nightmare of managing [..] storage infrastructure"

You have exactly the same problem if you have a centralised data centre. In both scenarios, of course you would keep things local that have a true high-availability requirement. There are, however, lots of other reasons not to want to hand over all your data to a start-up . . .

Re: Annoys me sooo much

so.. who's the mug?

Re: Once again ...

OWASPs Application Security Verification Standard is a good starting point. IT has some weight to it (a lot of people have heard of OWASP) and it's quite pragmatic in its approach.

Off the top of my head; assume they do actually have access to a working email account. (Pushing the 'password reset' problem onto the email provider, in effect) But if everyone did this, you'd only need one password anyway...

Log them in by sending a one-time link to that email that sets an authentication cookie. They want to log in again, they click, 'log in' and get a new link via email.

Simples.

Re: Trust

As I responded to a complaint of "You only changed one line of code, why did it take so long?"

"Changing one line of code: 3 minutes"

"Changing the right line of code: 3 weeks"