- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Admin
LnNyZWtjYWggZm8gZXN1YWNlYiBzZW1pdCBsYXJldmVzIG5vaW5pcG8gc2lodCBl Z25haGMgb3QgZGVjcm9mIG5lZWIgZXZhaCBJIHR1YiAsc3BwYSBiZXcgeW0gbmkg dG5hdHJvcG1pIHNhdyB5dGlydWNlcyBrbmlodCB0J25kaWQgSQ==
Admin
LnR1byB0aSBlcnVnaWYgcmV2ZW4gbGwneWVodCAsbm9pdHB5cmNuZSA0NmVzYWIgc2lodCBodGl3ICx5cnJvdyB0J25vZA==
Admin
DELETE FROM sdrawkcaB;
Admin
Several years ago my boss wanted email me the results of my yearly review (including how much my pay went up etc) as I was working on a project overseas.
I was not happy with my boss at the time so I reminded him that email was not a secure medium - solely to see what sort of hoops he would jump through in order to satisfy my "desire" for security (not that I really cared if anyone intercepted the email and saw how much I earned).
This resulted in him sending 2 emails. The first with the review results attached in a zipped file with password protection. The second email stated that the password was the name of the company spelt backwords.
So much for a secure system - anyone who was intercepting my email surely knew by now what company I worked for.
Admin
==gUbt5iLuAyVoFGdgkmZgkEIyVmdlJ3clBCdoVGIl52YylHc0VGZgMHdylmbnBCdv92P
Admin
Forum feature requests:
Admin
"Illusion of security" indeed. The zip password protection is a joke. Programs to get past it are easily available on the net. Just like programs to "find your lost AIM password."
Admin
The best part was the ==gUbt5iLuAyVoFGdgkmZgkEIyVmdlJ. That gets me every time...Pure genius!
Now where did I put my ==0ylHc0VGZgjkkeEFSskpqdgkeFGnZZldkenG?
captcha: bathe (sorry - not today!)
Admin
Wow, it reads like a how-to guide on things to avoid when developing a web app.
Admin
Zip password maybe, but try cracking rar with a sufficiently long password... Good luck with that.
Admin
I've implemented pig latin in all of my tables and let me just tell you its ool-cay!
Admin
¡ʎʇıɹnɔǝs ɐɹʇxǝ ɹoɟ ǝpoɔıun ǝsn
Admin
You reminded him that it is not secure and he should do what exactly about this? Encrypt strong and send you the key secure via .... hmm?
You did not mention a way to him to share a secret key with you so why should he "jump through any hoops"? In his stead I'd have replied "so why don't you have a PGP key linked somewhere"?
Admin
Unforunately, "etats" is a word in French ("states").
Admin
Sounds like your boss at the time handled it properly then. That probably took your boss a whole 2 minutes of thought. Why waste the time on something so inane?
Admin
My boss was an idiot and I didn't particularly like him. My whole spiel about email not being secure was delibrately geared to make him dance around for my pleasure. Telling him how to solve the problem would have spoiled that ;-)
And if I thought he could have figured out the issues for himself, I also would not have tried to make him dance.
Admin
Admin
"No words of any known language shall be used for database table or column names"
This makes it obvious what is going on. For true obfuscation, you need to use real words, but not referring to the contents of the column.
Admin
Well he wasted time thinking up a flawed solution but believed that he had done good. That was the "security" issue that I was pointing out.
But getting him to bend to my will by actually doing something (no matter how inane) was my actual goal.
Admin
He could have faxed it...
Admin
You forgot the extra security step - you should have said wqHKjsqHxLHJuW7JlMedcyDJkMm5yod4x50gyblvyZ8gx51wb8mUxLF1biDHnXNu
Admin
"EREHW drowssaP ='' RO '' = ''."; PORD ELBAT sremotsuC;
Admin
I'd say you really need to get laid, but the tone of your post indicates you have not yet reached the age of consent anywhere in this world.
Admin
Bwahaha! That column is called OrderDate! Foiled your insidious plans.
Admin
Better still is to modify the database engine so that column names are not always tied to the same column contents.
Admin
Nate is a very generous guy.
Faced with a technical team so utterly cluelesss, and so stubbornly determined to follow their own idiotic ideas ahead of mine, I'd have acted a little differently.
I'd have made sure that all the pointless expensive crap was phase 1, the sensible simple fixes were phase 2, and that the client's senior management knew exactly who had recommended each.
That way you get paid for both phases and come out shining, and the client sacks the morons and has a slim chance of getting some useful people who you might enjoy working with in future.
Admin
[quote user="NotanEnglishMajor I'd say you really need to get laid, but the tone of your post indicates you have not yet reached the age of consent anywhere in this world.[/quote]
This world you speak of intrigues me .. especially the part that doesn't include idiotic, self serving, vindictive bosses who don't understand the value of keeping employees happy when they are on long term (multiple year) contracts bringing $130/hr into the company for zero effort on the companies part. (and that rate was 10 years ago, and was $US and not $AUD)
Or would I only enter your world via your parents basement door?
Admin
umop apisdn
Admin
You have no chance to survive make your time.
Admin
Admin
I'm dissapointed there wasnt a "!tsrif" post...
Admin
So....what do you tell them when they ask why you wasted all that time and money when you knew what the fix was? And honestly, if their hiring process is so broken that they end up with a full team of idiots, what should lead us to believe that there will be any short-term change? Slim chance, indeed.
Admin
My company has an online training program for new hires that's all about data security (it's a bank). They actually suggested that you do this. "Send the encrypted file in one email, then follow that up with another email stating the password". I guess they either thought it was feasible that a hacker might only be able to snoop one email at a time. Or maybe they just thought the hacker would notice that the first one was encrypted and give up before seeing the password in the second one.
Admin
I'd say that you really need to get laid, but the tone of your post indicates that you're so old and bitter you probably can't even get it up any more.
Admin
LOL! (Though, of course, I did not bother reversing it.)
Question: Did you have to pad your text so you ended up with '==' at the end?
Admin
[quote user="OzPeter"][quote user="NotanEnglishMajor I'd say you really need to get laid, but the tone of your post indicates you have not yet reached the age of consent anywhere in this world.[/quote]
This world you speak of intrigues me .. especially the part that doesn't include idiotic, self serving, vindictive bosses who don't understand the value of keeping employees happy when they are on long term (multiple year) contracts bringing $130/hr into the company for zero effort on the companies part. (and that rate was 10 years ago, and was $US and not $AUD)
Or would I only enter your world via your parents basement door?[/quote]
I have lots of great memories of my parent's basement. Sadly it has been a long time since I was last there. :-)
Seriously though "...getting him to bend to my will..."? Isn't that terribly petty and infantile? In so doing haven't you dragged yourself down to your idiotic, selfserving, vindictive boss' level? You have sold your self respect for a brief moment's gratification and have become your own WTF. The dollar amounts you quote justify nothing.
-Notan
Admin
Admin
My aussie friend Chris would say: "That's not they way to do it, DORK!"
I can't believe that "web developers" blame infrastructure problems for what results from their rubbish work, but what's even worse is imposing senseless security restrictions on consultants when they explain to you why these restrictions are totally worthless.
Admin
I see, so you wanted to order a date with [email protected]. Is that legal?
Admin
gUncgAnbhByY2NmcgY3ZgcWdlJGa0VHIlJXag4WYxByZ1JXYg8mbmJnN04CIgcUdyByJ90zJg42Z gcWZ2NWey1SZidWMzAiZ4ZXe5ZWIKYkY6JHImdGajZXcgkldhh2agEmclFHIqZXe5BSZy5We21mc yBybyRndhFmdhRHIuVmcg4GIxJnbxBCd2lmcupmbs5CIgEkYgIUYyBCUuFGIvJnbnBiesBSMzMzN KcWd
Admin
$ echo ' gUncgAnbhByY2NmcgY3ZgcWdlJGa0VHIlJXag4WYxByZ1JXYg8mbmJnN04CIgcUdyByJ90zJg42Z gcWZ2NWey1SZidWMzAiZ4ZXe5ZWIKYkY6JHImdGajZXcgkldhh2agEmclFHIqZXe5BSZy5We21mc yBybyRndhFmdhRHIuVmcg4GIxJnbxBCd2lmcupmbs5CIgEkYgIUYyBCUuFGIvJnbnBiesBSMzMzN KcWd ' | rev | base64 -di | rev | tr N-ZA-Mn-za-m A-Za-z
Triple? I only did it once... You know that if you do it twice you get the same thing as if you don't do anything, right?
Captcha: kungfu
Admin
[quote user="NotanEnglishMajor] I have lots of great memories of my parent's basement. Sadly it has been a long time since I was last there. :-)
Seriously though "...getting him to bend to my will..."? Isn't that terribly petty and infantile? In so doing haven't you dragged yourself down to your idiotic, selfserving, vindictive boss' level? You have sold your self respect for a brief moment's gratification and have become your own WTF. The dollar amounts you quote justify nothing.
-Notan[/quote]
yes I admit it .. it was petty and infantile and everything else - but I enjoyed it with relish. This came a after significant period of mistreatment (albeit well paid) in which my boss was not responding to my requests and I was getting pretty pissed off with him so it was not something I'd do everyday (or most days). And as I don't proclaim to be the Dalai Lama I think a bit of gratuitous bad behaviour on my part was not unreasonable.
As for the $$ amounts, in a way I think it is relevant. The amount of revenue I brought in (in the order of $3/4 mil over the duration - and I am not in sales. This was actual work) was directly proportional to the hardships I was under in terms of generating that revenue. The situation I was in magnified the bad behaviour of my boss and brought me to the point of not caring much sooner than if I had been in a less stressful situation. The end result being that I eventually had to quit in order to get out of that situation which left my boss high and dry with no one else who could replace me. Thus when the next set of contracts came around he couldn't easily tap into that same revenue stream.
So no, the $$ doesn't justify being petty, but does highlight the short sightedness of my boss.
As an example of his behaviour, in the middle of all of this he came to the country I was in, and changed planes at the airport of the city I was in. And never told me. At the time I was living 10 minutes from the airport and would have welcomed the opportunity to talk with him face to face.
Admin
I work for a bank, and they do that here too.
Captcha: gotcha
Admin
This post is so bad-ass... I reversed the text, then reversed it AGAIN, then encoded it base-64, then DEcoded it. I also translated it into pig-latin, and then back into English.
I bet no one can even read this ;P
Admin
No kidding. If you only do it twice, you might as well not do it at all. You'd have to do it like at least twelve times to see any measurable increase in security.
Admin
You, sir, can now claim the honor of largest e-penis in this thread.
gg all... ::rolleyes::
Admin
Or knew how to download the freeware brute force zip password hack programs.
Admin
"Or maybe they just thought the hacker would notice that the first one was encrypted and give up before seeing the password in the second one."
Well, the solution is obvious then!
Send the password FIRST!
Anyone snooping your E-mail won't know what it's for and will let the data slip away before seeing the encrypted file!
Yes... it is supposed to be a joke.
Admin
begin 644 - M0F%S938T/R
@4D]4+3$S/R@4F5V97)S86QS/R@5VAY)W,@979E<GEO;F4@ M9V]I;F<@=&\@<W5C:"!G<F5A="!L96YG=&AS('=H96X@=&AE>2!C;W5L9"!S M:6UP;'D@=7-E(&%N(&]B<V-U<F4@=&5C:&YI<75E(&QI:V4@555%;F-O9&EN #9S\*end