• ted (the other one) (unregistered) in reply to neminem
    neminem:
    ted:
    I didn't even click on the link and knew it was some fag linking xkcd.
    Gee, I wonder how you figured that out without clicking on the link. Possibly because I frelling tagged it as "according to xkcd", with the link off to the side so people like you wouldn't even have to be bothered by its existence? Anyway, laughing at posts like yours are pretty much the reason for the "obligatory xkcd link" in the first place. (Though, in this particular case, I also had a point: that those "colors" were more applicable than usual to this particular color discussion.)

    That said, I won't argue the "unoriginal" nor the "doofus", though I might take offense to being called a hipster. (I'm not sure where you would get a link between posting unoriginal links to web comics and, say, listening to indie rock while drinking crappy overpriced beer.)

    Are you new here?

  • Prof. Richard (unregistered) in reply to Hortical
    Hortical:
    Jaime:
    Wikipedia disagrees with you.
    Isn't that a logical fallacy?
    In formal logic, a fallacy is a malformed argument, which has nothing to do with whether the statements are true or false. For example:

    All cows are red.

    Every red object can fly.

    Therefore, all cows can fly.

    The form of this argument is entirely correct, even though each of the statements are false. So this is not a fallacy. On the other hand, a collection of statements that are not correctly structured can be fallacious even if they are true:

    Grass is green.

    Airplanes can fly.

    Therefore, some airplanes are not green.

  • Hortical (unregistered) in reply to Prof. Richard
    Prof. Richard:
    Hortical:
    Jaime:
    Wikipedia disagrees with you.
    Isn't that a logical fallacy?
    In formal logic, a fallacy is a malformed argument, which has nothing to do with whether the statements are true or false. For example:

    All cows are red.

    Every red object can fly.

    Therefore, all cows can fly.

    The form of this argument is entirely correct, even though each of the statements are false. So this is not a fallacy. On the other hand, a collection of statements that are not correctly structured can be fallacious even if they are true:

    Grass is green.

    Airplanes can fly.

    Therefore, some airplanes are not green.

    "fallacy" may have been the wrong word to use, but I think my point stands.

  • Hortical (unregistered) in reply to Prof. Richard
    Prof. Richard:
    Hortical:
    Jaime:
    Wikipedia disagrees with you.
    Isn't that a logical fallacy?
    In formal logic, a fallacy is a malformed argument, which has nothing to do with whether the statements are true or false. For example:

    All cows are red.

    Every red object can fly.

    Therefore, all cows can fly.

    The form of this argument is entirely correct, even though each of the statements are false. So this is not a fallacy. On the other hand, a collection of statements that are not correctly structured can be fallacious even if they are true:

    Grass is green.

    Airplanes can fly.

    Therefore, some airplanes are not green.

    (in addition to my other response) I wasn't calling the phrase "Wikipedia disagrees with you." a logical fallacy, I was claiming that the implication that Wikipedia is a source of truth is fallacious - in more ways than one.

  • (cs) in reply to C-Octothorpe
    C-Octothorpe:
    Even More Secure:
    Decius:
    Carl:
    Security questions are TRWTF. Usually much easier to guess than the password they are "protecting".

    Since I don't forget passwords, if they force me to have a security question, but let me write my own I make it "What is your password?"

    Really? I figure that since the answers are probably in plaintext somewhere, I'm more secure using "What is the answer to this question?" or some such bollocks.
    I normally just store the MD5 hash of the password. That way I can make sure it's encrypted.
    Personally I find base64 encrypting much better.
    You're so evil!

  • (cs) in reply to C-Octothorpe
    C-Octothorpe:
    Even More Secure:
    Decius:
    Carl:
    Security questions are TRWTF. Usually much easier to guess than the password they are "protecting".

    Since I don't forget passwords, if they force me to have a security question, but let me write my own I make it "What is your password?"

    Really? I figure that since the answers are probably in plaintext somewhere, I'm more secure using "What is the answer to this question?" or some such bollocks.
    I normally just store the MD5 hash of the password. That way I can make sure it's encrypted.
    Personally I find base64 encrypting much better.
    SPEAKING of which... web-deployed Crystal Reports get populated on the client in Javascript. A small amount of additional javascript can get at the base64 credentials the client and server pass back and forth, which, on an interactive report that posts back to the server, can grant you a ridiculous amount of destructive access to the underlying DB - IF it's merely a db server login and not a system one.

    I haven't used this for evil/righteous vengeance yet, but I have had offers.

  • frits (unregistered) in reply to hoodaticus
    hoodaticus:
    SPEAKING of which... web-deployed Crystal Reports get populated on the client in Javascript. A small amount of additional javascript can get at the base64 credentials the client and server pass back and forth, which, on an interactive report that posts back to the server, can grant you a ridiculous amount of destructive access to the underlying DB - IF it's merely a db server login and not a system one.

    I haven't used this for evil/righteous vengeance yet, but I have had offers.

    Who wouldn't do something like this?

  • (cs) in reply to hoodaticus
    hoodaticus:
    C-Octothorpe:
    Even More Secure:
    Decius:
    Carl:
    Security questions are TRWTF. Usually much easier to guess than the password they are "protecting".

    Since I don't forget passwords, if they force me to have a security question, but let me write my own I make it "What is your password?"

    Really? I figure that since the answers are probably in plaintext somewhere, I'm more secure using "What is the answer to this question?" or some such bollocks.
    I normally just store the MD5 hash of the password. That way I can make sure it's encrypted.
    Personally I find base64 encrypting much better.
    SPEAKING of which... web-deployed Crystal Reports get populated on the client in Javascript. A small amount of additional javascript can get at the base64 credentials the client and server pass back and forth, which, on an interactive report that posts back to the server, can grant you a ridiculous amount of destructive access to the underlying DB - IF it's merely a db server login and not a system one.

    I haven't used this for evil/righteous vengeance yet, but I have had offers.

    What? You're users use basic windows auth (without ssl I'm assuming) using the DB credentials? This is the system you're replacing, not one you're proposing, I hope (otherwise I would be calling you evil).

  • zunesis (unregistered) in reply to Prof. Richard
    Prof. Richard:
    In formal logic, a dildo is an impostor penis, which has the audacity to screw holes whether it's a true penis or false. For example:

    All cows are fuckable.

    Every fuckable object can scream.

    Therefore, all cows are difficult to get away with fucking.

    The thought process here is entirely correct, even though moralizing douchebags will tell you it is not. So this is not a crime. In the other hand, I have a collection of nipple clamps that are not correctly structured can be dangerous even if they don't completely tear off your nipple:

    Weed is green.

    I see airplanes when I smoke it.

    Therefore, some airplanes are not made of weed.

    Thanks for the lesson, professor.

  • zunesis (unregistered) in reply to zunesis
    zunesis:
    Prof. Richard:
    Thanks for the lesson, professor.

    Professor DICK, no less!

    YES! YES! YES!

  • (cs) in reply to C-Octothorpe
    C-Octothorpe:
    hoodaticus:
    C-Octothorpe:
    Even More Secure:
    Decius:
    Carl:
    Security questions are TRWTF. Usually much easier to guess than the password they are "protecting".

    Since I don't forget passwords, if they force me to have a security question, but let me write my own I make it "What is your password?"

    Really? I figure that since the answers are probably in plaintext somewhere, I'm more secure using "What is the answer to this question?" or some such bollocks.
    I normally just store the MD5 hash of the password. That way I can make sure it's encrypted.
    Personally I find base64 encrypting much better.
    SPEAKING of which... web-deployed Crystal Reports get populated on the client in Javascript. A small amount of additional javascript can get at the base64 credentials the client and server pass back and forth, which, on an interactive report that posts back to the server, can grant you a ridiculous amount of destructive access to the underlying DB - IF it's merely a db server login and not a system one.

    I haven't used this for evil/righteous vengeance yet, but I have had offers.

    What? You're users use basic windows auth (without ssl I'm assuming) using the DB credentials? This is the system you're replacing, not one you're proposing, I hope (otherwise I would be calling you evil).
    This isn't my users. This is how it's set up at a certain nationwide convenience chain known for its Indian employees.

    I suspect that most web-deployed crystal reports that post back data from the client to their data source have the same vulnerability. Of course, now that I've disclosed it, I'd be stupid to use it.

  • (cs) in reply to hoodaticus
    hoodaticus:
    C-Octothorpe:
    What? You're users use basic windows auth (without ssl I'm assuming) using the DB credentials? This is the system you're replacing, not one you're proposing, I hope (otherwise I would be calling you evil).
    This isn't my users. This is how it's set up at a certain nationwide convenience chain known for its Indian employees.
    Ah, I see Nagesh strikes again... And the funny thing is that you'll be ignored if you raise this as an issue. But if something happens (like their servers get pwned), it's your arse on the line, amirite? I recall in one instance a dev manager scoffing at me when I told, and even *showed* a SQL injection vuln. I started out by doing a 1=1 (he said that's a low impact bug), which I replied with a bobby drop tables (it was dev, don't worry). He raised it to a medium priority bug and it never got fixed. Meh...
  • (cs) in reply to C-Octothorpe
    C-Octothorpe:
    hoodaticus:
    C-Octothorpe:
    What? You're users use basic windows auth (without ssl I'm assuming) using the DB credentials? This is the system you're replacing, not one you're proposing, I hope (otherwise I would be calling you evil).
    This isn't my users. This is how it's set up at a certain nationwide convenience chain known for its Indian employees.
    Ah, I see Nagesh strikes again... And the funny thing is that you'll be ignored if you raise this as an issue. But if something happens (like their servers get pwned), it's your arse on the line, amirite? I recall in one instance a dev manager scoffing at me when I told, and even *showed* a SQL injection vuln. I started out by doing a 1=1 (he said that's a low impact bug), which I replied with a bobby drop tables (it was dev, don't worry). He raised it to a medium priority bug and it never got fixed. Meh...
    I just published the method on the internet as a criticism of a system vulnerability. 1st Amendment and blah blah. I am not encouraging anyone to hack into their system, truncate all their tables, then run every job in the Sql Server Agent (to possibly overwrite their most recent backups).

    Though it would be funny.

    Addendum (2011-07-08 19:32): And WTF? SQL injection is NOT a medium priority. If the system weren't properly secured, you could load arbitrary .NET assemblies into the address space of the SQL Server (assuming, of course, SQL Server, since PL/SQL gives me the creeps).

    What you did, some version of:

    ' OR 1=1
    isn't bad, true, but this:
    ';--this doesn't have to be a comment - it can be whatever I want!
    is almighty (within the security constraints placed on the connection and the stored procedures, of course).
  • not Jimmy Wales (unregistered) in reply to Jaime

    The people who write Wikipedia -- okay, the more intelligent contributors -- see it as providing no more than the beginning of an answer.

    In other words, if all you want is a quick answer -- say, what is the capital of Israel -- you read the article. Or maybe only the first few paragraphs. Now if you want to know what the answer really is -- which is why I picked that specific example, it's useful tinder for a flamewar -- you go to the sources & evaluate which one has the right answer. After all, the source might be a peer-reviewed article, some writing which is obviously trustworthy, the ramblings of some net-looney, or even xkcd.

    Then again, about half of the articles are obvious works-in-progress, & may not even have a source. Which means you have a lot of work ahead of you to find the answer you're looking for.

    (I meant to cite Jaime's post to explain what I was talking about, but as a casual user I don't have access to that tool. Or I'm as technologically incompetent as the real Jimmy Wales, & couldn't find it if my life depended on it.)

  • (cs) in reply to hoodaticus
    hoodaticus:
    C-Octothorpe:
    hoodaticus:
    C-Octothorpe:
    What? You're users use basic windows auth (without ssl I'm assuming) using the DB credentials? This is the system you're replacing, not one you're proposing, I hope (otherwise I would be calling you evil).
    This isn't my users. This is how it's set up at a certain nationwide convenience chain known for its Indian employees.
    Ah, I see Nagesh strikes again... And the funny thing is that you'll be ignored if you raise this as an issue. But if something happens (like their servers get pwned), it's your arse on the line, amirite? I recall in one instance a dev manager scoffing at me when I told, and even *showed* a SQL injection vuln. I started out by doing a 1=1 (he said that's a low impact bug), which I replied with a bobby drop tables (it was dev, don't worry). He raised it to a medium priority bug and it never got fixed. Meh...
    I just published the method on the internet as a criticism of a system vulnerability. 1st Amendment and blah blah. I am not encouraging anyone to hack into their system, truncate all their tables, then run every job in the Sql Server Agent (to possibly overwrite their most recent backups).

    Though it would be funny.

    So just to be clear, it's using the actual users windows credentials (base64 encoded for added security of course), or the DB credentials? Is this an intranet application or public facing (being internal doesn't make it any less a WTF, just that there's a smaller pool of malicious users)?

    Addendum (2011-07-08 16:48): If it's their own credentials, switching it over to https only would work, no?

  • (cs) in reply to C-Octothorpe

    It's not internal, and the credentials used are not tied to the user name. It is SSL, but since it's not the user's credential, it's a wtf.

  • Nagesh (unregistered) in reply to hoodaticus
    hoodaticus:
    It's not internal, and the credentials used are not tied to the user name. It is SSL, but since it's not the user's credential, it's a wtf.
    I am managing this code much bettering than father's dirt farm outside Hyderabad.
  • Prof. Richard (unregistered) in reply to zunesis
    zunesis:
    zunesis:
    Prof. Richard:
    Thanks for the lesson, professor.

    Professor DICK, no less!

    YES! YES! YES!

    That's Doctor Dick to you, child.

  • (cs)

    I have also had that security message, you are allowed to change permissions but not view it. I don't know what that is supposed to be.

  • B. D. Johnson (unregistered)

    "an unnamed file contains an invalid path."

    Johnson's Third Law of Computer Science: For every clear error message that fails to correctly appear, an anti-error message, with opposite clarity and properness, must also be created.

  • (cs)

    Q: What is your favorite color? A: #F6D8CE.

  • somechick (unregistered) in reply to da Doctah
    da Doctah:
    Q: What is your favorite color? A: #F6D8CE.

    Albescent White?

    you sure it's not #FAE5FA ? ddg sent me to this page when i searched for your favorite color.

  • (cs) in reply to Nagesh
    Nagesh:
    hoodaticus:
    It's not internal, and the credentials used are not tied to the user name. It is SSL, but since it's not the user's credential, it's a wtf.
    I am managing this code much bettering than father's dirt farm outside Hyderabad.
    Exactly.
  • (cs) in reply to Someone You Know
    Someone You Know:
    I wish my high school had been at 0 latitude, 0 longitude.
    I've seen this before with other mapping components - one might think that they should've handled 0,0 a little better in the app - but perhaps they believed there was to be a massive land reclamation project off the coast of Africa.
  • (cs) in reply to Jay
    Jay:
    We had one just like the apostrophe issue in a system I'm working on today. The web page has a bunch of program-generated Javascript, and the original programmer apparently couldn't figure out how to properly escape quotes, so he just stripped double quotes from the string and blew up if it had single quotes.

    BTW, in the same system, when I originally inherited it there were 10 different functions to apply HTML escapes to strings. One function just escaped quotes, another just escaped less thans, another escaped quotes and ampersands, another escaped less thans and ampersands, etc, for all sorts of combinations. The best I can figure is that instead of writing one function that escaped everything that needs escaping and using it everywhere, they didn't bother to escape anything until something failed. Then they said, Oh, this field had an ampersand in it, I'd better write a function to escape ampersands. Then later they'd have something fail because a field had a less-than, so they said, Oh, I'd better write a function to escape less-than's, etc.

    What's wrong with that? That's how we do everything here in Redmond

  • Joe (unregistered) in reply to Decius
    Decius:
    Carl:
    Security questions are TRWTF. Usually much easier to guess than the password they are "protecting".

    Since I don't forget passwords, if they force me to have a security question, but let me write my own I make it "What is your password?"

    Really? I figure that since the answers are probably in plaintext somewhere, I'm more secure using "What is the answer to this question?" or some such bollocks.

    I know someone who has one of those home security system. When the alarm goes off, the security company calls the home phone number and asks a secret question. If you get the answer right, they don't call the police.

    I don't remember the question, but the correct answer for his account was "I have no idea, I'm just robbing the place".

    --Joe

  • Whatever (unregistered) in reply to Jay
    Jay:
    Decius:
    Carl:
    Security questions are TRWTF. Usually much easier to guess than the password they are "protecting".

    Since I don't forget passwords, if they force me to have a security question, but let me write my own I make it "What is your password?"

    Really? I figure that since the answers are probably in plaintext somewhere, I'm more secure using "What is the answer to this question?" or some such bollocks.

    I always ignore the question and just enter a password as the answer, something different from my regular password. I use the same password for all the security questions for any given site, so I just have one extra password to write down. One site did block me from having the same answer to all three of their security questions.

    Among my favorite security questions:

    "Who was the manufacturer of your first car?" Let's see, a hacker could guess GM, Ford, Chrysler, Honda, Toyota, ... probably get it within 10 guesses most of the time. (Okay, the most likely values would be different for different countries, but I suspect you often know what country your victim lives in.)

    "What is your favorite color?" This is a sexist one. Men only know the names of about a dozen colors: red, green, blue, yellow, orange, black, white, brown, maybe a few more. You could guess a man's favorite color pretty quickly. Women have colors like "taupe" and "eggshell" and "burgundy" and hundreds of others that I have no idea what they look like, so this might be a reasonably secure password for a woman.

    One of the worst ones i have had is a memorable date, but not your DoB. Fuck sake I am a single bloke with no kids, I'm supposed to have a memorable date? Fuck off,

  • Vlad Patryshev (unregistered)

    I know where Weber Senior High School is. It's at either (0,0) or (-1,-1) coordinates, whichever the units are (probably degrees * 10^-5).

    When I worked at Telenav, there were always complaints that by default the screen shows all blue. Turned out it was blue because default coordinates were (-1,-1), which must be pretty close to Weber Senior High School, in Atlantic Ocean.

  • (cs) in reply to ted
    ted:
    Got anything to do with sanitizing inputs to a SQL database, etc.? Link to Bobby Tables. Got a nerd-project slow-ass turing machine? Like a minecraft logic circuit from redstone? Link to the one where it's some guy alone in the world making a computer out of rocks. Got a story about password security or encryption? Link to the one where they beat the password out of the guy with a wrench.

    Fuck off. You're not clever.

    I don't think you quite get it. xkcd has become pretty much a collection of common life's memes. xkcd merely observes what seems to be a common thing that happens in life, and sudo-catalogs it in comic form. A link to xkcd is like a link to an entry in an encyclopedia. So yes, a link to xkcd is about as clever as a link to encyclopedia, IOW not all that clever, but for reasons other than what you originally thought. So, you're right for all the wrong reasons. Ha!

  • The RealWTF (unregistered)

    Why do I now need JavaScript allowed to load the images in the article? I never needed that before, but now because of it, I can't view the article in my RSS reader.

    DEATH TO Java* (JavaScript, Java VM, Java ANYHTING/EVERYTHING MUST PERISH)

  • The RealWTF (unregistered)

    Insecurity questions are stupid. They only make the situation worse, so I skip around them as much as possible. Google still hasn't forced me to yet. One of my credit cards want me to add one and throws me to a page to set one after login, but I can change the address to view transactions and make payments and then logout without adding insecurity questions.

    When I am forced to use them, I like to select the ones that make no sense at all. So being a single guy, they are questions that pertain to my kids and wife that don't exist. Anyone targeting my account would have a hard time figuring those out from whatever information they do have. The actual answers tend to be variation on the idea of "This website was made by ass-sucking cum-buckets. Get a fucking clue, 2 passwords is not 2 factors." in hopes they store that plaintext and might see it.

  • (cs) in reply to Whatever
    Whatever:
    Jay:
    Decius:
    Carl:
    Security questions are TRWTF. Usually much easier to guess than the password they are "protecting".

    Since I don't forget passwords, if they force me to have a security question, but let me write my own I make it "What is your password?"

    Really? I figure that since the answers are probably in plaintext somewhere, I'm more secure using "What is the answer to this question?" or some such bollocks.

    I always ignore the question and just enter a password as the answer, something different from my regular password. I use the same password for all the security questions for any given site, so I just have one extra password to write down. One site did block me from having the same answer to all three of their security questions.

    Among my favorite security questions:

    "Who was the manufacturer of your first car?" Let's see, a hacker could guess GM, Ford, Chrysler, Honda, Toyota, ... probably get it within 10 guesses most of the time. (Okay, the most likely values would be different for different countries, but I suspect you often know what country your victim lives in.)

    "What is your favorite color?" This is a sexist one. Men only know the names of about a dozen colors: red, green, blue, yellow, orange, black, white, brown, maybe a few more. You could guess a man's favorite color pretty quickly. Women have colors like "taupe" and "eggshell" and "burgundy" and hundreds of others that I have no idea what they look like, so this might be a reasonably secure password for a woman.

    One of the worst ones i have had is a memorable date, but not your DoB. Fuck sake I am a single bloke with no kids, I'm supposed to have a memorable date? Fuck off,

    ... and of course since naturally you've never been laid, there's no chance of a memorable date arising from that, either.

  • (cs) in reply to Jay
    Jay:
    "What is your favorite color?" This is a sexist one. Men only know the names of about a dozen colors: red, green, blue, yellow, orange, black, white, brown, maybe a few more. You could guess a man's favorite color pretty quickly. Women have colors like "taupe" and "eggshell" and "burgundy" and hundreds of others that I have no idea what they look like, so this might be a reasonably secure password for a woman.

    The question isn't sexist. This comment of yours, however, is.

  • (cs) in reply to Kuba
    Kuba:
    I don't think you quite get it. xkcd has become pretty much a collection of common life's memes. xkcd merely observes what seems to be a common thing that happens in life, and sudo-catalogs it in comic form.

    "pseudo-catalogs" surely. Unless its a pun that I've missed.

  • (cs)

    "You kids think you have it hard today. Hah!!!

    "I had to run to school every day, from home to Portland, Maine, 2,500 miles!

    "And then I had to swim from Portland to Nouakchott, Mauritania, 3,600 miles!

    "And then I had to run overland, through the Sahara desert, 1,400 miles to Accra, Ghana!

    "And then I had to swim again from Accra to the high school, which was in the freaking middle of the Atlantic Ocean, 650 miles offshore!

    "Let's see any of you little pansies do that, twice a day, rain or shine, uphill both ways!

    "But you brats think you have it hard walking 6 blocks to school! Hah!!"

  • Ken Hagan (unregistered) in reply to not Jimmy Wales
    not Jimmy Wales:
    The people who write Wikipedia -- okay, the more intelligent contributors -- see it as providing no more than the beginning of an answer.

    Wikipedia is best treated as a search engine. The article is your search results, and the actual answer can probably be found by following the external links. You can start your assessment of quality by looking at the history tab and seeing if there has been a huge edit-war over the contents.

  • nibh (unregistered) in reply to hoodaticus
    hoodaticus:
    Jay:
    You could guess a man's favorite color pretty quickly.
    Pink?
    nope: heliotrope or cerise
  • Kill Bill #3 (unregistered) in reply to C-Octothorpe
    C-Octothorpe:
    hoodaticus:
    C-Octothorpe:
    What? You're users use basic windows auth (without ssl I'm assuming) using the DB credentials? This is the system you're replacing, not one you're proposing, I hope (otherwise I would be calling you evil).
    This isn't my users. This is how it's set up at a certain nationwide convenience chain known for its Indian employees.
    Ah, I see Nagesh strikes again... And the funny thing is that you'll be ignored if you raise this as an issue. But if something happens (like their servers get pwned), it's your arse on the line, amirite? I recall in one instance a dev manager scoffing at me when I told, and even *showed* a SQL injection vuln. I started out by doing a 1=1 (he said that's a low impact bug), which I replied with a bobby drop tables (it was dev, don't worry). He raised it to a medium priority bug and it never got fixed. Meh...

    Awesome. It's like some crazy game of meme-poker.

    I'll see your BobbyTables and raise you a LyleWouldHave Pah! Your LyleWouldHave is worth but half an X-Bob Pfft! I sneer at your X-Bob, and raise you MUMPS

    ?????

    ...Profit

  • dr memals (unregistered)

    the location of the school is 0 latitude and 0 longitude and how I hate that place, or the code that brings me there.

  • Hortical (unregistered) in reply to lucidfox
    lucidfox:
    Jay:
    "What is your favorite color?" This is a sexist one. Men only know the names of about a dozen colors: red, green, blue, yellow, orange, black, white, brown, maybe a few more. You could guess a man's favorite color pretty quickly. Women have colors like "taupe" and "eggshell" and "burgundy" and hundreds of others that I have no idea what they look like, so this might be a reasonably secure password for a woman.

    The question isn't sexist. This comment of yours, however, is.

    So you're saying that men aren't less familiar with color names than women (speaking broadly)?

    Frequently, there is no difference between a sexist observation and a realistic one. or racist or classist or ageist or IQist, whathaveyou

  • zunesis (unregistered) in reply to Prof. Richard
    Prof. Richard:
    That's Doctor Love to you, baby.
  • Meme Police (unregistered) in reply to Kill Bill #3
    Kill Bill #3:
    Awesome. It's like some crazy game of meme-poker.

    I'll see your BobbyTables and raise you a LyleWouldHave Pah! Your LyleWouldHave is worth but half an X-Bob Pfft! I sneer at your X-Bob, and raise you MUMPS

    ?????

    ...Profit

    It's BobX, dumbass.

  • (cs) in reply to Anon
    Anon:
    You do not have permission to use "'" in this comment, unless you have used "'" within yrs ago (and not yrs ago) or have Miscellaneous Preferences enabled because <here is where you put a detailed description of the reason>.
  • (cs) in reply to Anon
    Anon:
    You do not have permission to use "'" in this comment, unless you have used "'" within yrs ago (and not yrs ago) or have Miscellaneous Preferences enabled because <here is where you put a detailed description of the reason>.
    Now *that* is funny.
  • BDH (unregistered)

    Is the Sasktel one really a wtf? I looked at the site and it appears just fine. (as in it doesn't look like it does in the wtf.)

    If you want a real wtf, try filling out their skill testing questions should you get an interview. They look like they were written 20 years ago and were never updated...

  • eon (unregistered) in reply to anonymouser
    anonymouser:
    The Great Lobachevsky:
    Carl:
    By the way, are hackers ever girls? If not, what does this say for the deplorable state of equality in our society?

    It says they are smart enough to keep quiet about it.

    Don't know many girls, do you? They can't keep quiet about anything.

    No, giggly cheerleader girls maybe can't "keep quiet." I expect hacker girls do not always follow that model. But what do I know? I'm a developer grrl, not a hacker grrl.

    Captcha: duis duis know anything about females at this site?

  • Hortical (unregistered) in reply to eon
    eon:
    No, giggly cheerleader girls maybe can't "keep quiet." I expect hacker girls do not always follow that model. But what do I know? I'm a developer grrl, not a hacker grrl.

    Apparently not a spelling grrrl.

  • Thomas Wright (unregistered) in reply to Carl

    Clever but probably a bad idea as it is unlikely that they will have thought to hash the security question answer.

  • (cs)

    How about using an MD5 hash as you password, so your password is never plaintext?

    Also, forced Irish Girl reference.

  • Hot Guy Not Fly (unregistered)

    "'State Farm's contact form doesn't give me a lot of confidence in their back-end systems,' Jeff writes, 'I also wonder if the average State Farm customer can figure out that there is actually a character between the quotes.'"

    About three years ago, I was in my State Farm agent's office and glanced at a screen containing my account information and was a bit surprised at how archaic it looked. I commented on it and the agent bluntly told me that State Farm's headquarters still uses MS-DOS so they were stuck with what they've got. I would imagine that hasn't changed any.

Leave a comment on “High-level Usage”

Log In or post as a guest

Replying to comment #:

« Return to Article