• Sarge2009 (unregistered)

    The constant problem: "a little bit of knowledge is a dangerous thing"

    Lack of knowledge is not a problem in itself, it is the refusal to accept that you lack knowledge that causes problems. :)

  • (cs)

    This just in: some managers are incompetent pricks. More at 11.

  • Mike D. (unregistered)

    Random TDWTF WTF: The last time a comment was "featured" was a comment that pointed out the "Reading Comprehension" dupe. The last one before that was "Misconstrued" on October 23.

    Alex must think we suck as comment writers.

  • (cs) in reply to Mike D.
    Mike D.:
    Random TDWTF WTF: The last time a comment was "featured" was a comment that pointed out the "Reading Comprehension" dupe. The last one before that was "Misconstrued" on October 23.

    I suck as a comment writer.

    FTFY and I agree.

    If I were Alex I wouldn't feature your shitty comment either. When you come up with something worthy of front pageness, then complain.

  • SR (unregistered) in reply to Mike D.
    Mike D.:
    Alex must think we suck as comment writers.

    He's right!

  • Sam (unregistered) in reply to Sarge2009
    Sarge2009:
    Lack of knowledge is not a problem in itself, it is the refusal to accept that you lack knowledge that causes problems. :)

    Very true! Every committee meeting should start with everyone round the table saying "I can be wrong".

  • Burdieburd (unregistered)

    But did he become a man?

  • Anonymous (unregistered)

    TRWTF is that he has one too few negatives:

    Life at MegaBank is not without its shortage of WTFs

  • Bill M (unregistered) in reply to Sam
    Sam:
    Sarge2009:
    Lack of knowledge is not a problem in itself, it is the refusal to accept that you lack knowledge that causes problems. :)

    Very true! Every committee meeting should start with everyone round the table saying "I can be wrong".

    I believe that Robert Heinlein defined a committee as an animal with 6 or more legs and no brain :)

  • Management Safari Guide (unregistered) in reply to Sam
    Sam:
    Sarge2009:
    Lack of knowledge is not a problem in itself, it is the refusal to accept that you lack knowledge that causes problems. :)

    Very true! Every committee meeting should start with everyone round the table saying "I can be wrong".

    And then some d-bag at the table will sagely nod and (indicating the sucker who just said "I can be wrong") say "Indeed, he can be wrong, and usually is."

    And then much hilarity will ensue.

  • Anon (unregistered) in reply to Mike D.
    Mike D.:
    Random TDWTF WTF: The last time a comment was "featured" was a comment that pointed out the "Reading Comprehension" dupe. The last one before that was "Misconstrued" on October 23.

    Alex must think we suck as comment writers.

    I can understand that maybe Alex can't be bothered going through every thread and picking out the gems, but if that's that case, at least implement a feature allowing (logged in) users to vote up posts. Let those of us that are already wasting time do the work for you!

  • Anonymous (unregistered)

    This wasn't a very interesting anecdote to be honest. Dev says "x", manager says "y", manager uses Google to prove "y" but Google actually says "x". Great. But I'm not complaining; on the contrary, the complete lack of decent content on TDWTF recently is surely a good sign. Maybe there are no good WTFs because our profession is maturing and improving and these sorts of things just aren't happening as often..... AHAHAHAHAHAHAHAHAHAHAHAHA! Sorry folks, I couldn't say it with a straight face, we all know this is profession is a quagmire of ineptitude!

  • Ben (unregistered) in reply to Anonymous
    Anonymous:
    TRWTF is that he has one too few negatives:

    Life at MegaBank is not without its shortage of WTFs

    No, he wanted to say the company had a shortage of WTFs so they bought more.

    CAPTCHA: An image with a misspelled word.

  • please... (unregistered)

    TRWTFs:

    ...anything to get the stupid the development manager was spouting out of his mouth.

    He was extracting the manager's stupid from his own mouth?

    Life at MegaBank is not without its shortage of WTFs:

    This writing is without a shortage of WTFs.

  • mikolajl (unregistered)

    "Greg would incredulously ask why the developers would dare even suggesting that they may try to implement the features he had told them to implement several weeks ago".

    You mean to say that the developers did what they were told without even asking for ocnfirmation via email?

  • (cs)

    I can tell this guy is useless because he has nothing better to nitpick than the password retrieval mechanism.

    Also, I must know his reaction to the email from Google. I hope it was satisfying.

  • Big Guy Surprise (unregistered)

    Am I the only person surprised at the deterioration of spelling and grammar checks in each post? I swear I re-read some sentences several times to make sure I'm following along properly, a la "He thought that he had considered every angle and that he here he was going to be proved out to be a fool." Also, who doesn't think of Google password recovery when they're trying to think about how different sites do password recovery?

    Side comment: has anyone else been getting terribly long page load time? I wait about a full minute or longer for TDWTF to load an uncached page most days. Hate to complain about something that's free, but still!

  • Bryan (unregistered)

    TRWTF is actually that they used "Click Here" as the link to reset a password. "Click Here" is soooooo 1990.

  • Dazed (unregistered) in reply to Anonymous
    Anonymous:
    This wasn't a very interesting anecdote to be honest.
    But doesn't it give you a warm fuzzy feeling that just once in a while a pointy-haired boss gets a rather public come-uppance?
  • TheStandardWay (unregistered)

    This guy should not become "a man" anyway. The fact he didn't (couldn't?) bring up the "we don't know the passwords because they are stored as a hash in the db" argument shows he doesn't know what he is doing. I want to know what bank keeps it's passwords so they can be decrypted so I can avoid it. No excuse for a bank to be able to send a user a pwd in an email. Should be, at a minimum, a hash that is stored in the DB.

  • Vollhorst (unregistered) in reply to Bryan
    Bryan:
    TRWTF is actually that they used "Click Here" as the link to reset a password. "Click Here" is soooooo 1990.
    So, what is better?

    "Click here, yes here, oh, come on, click already! The link is about to end, come on, click, damnit! Ohh. Too late. All your money belongs to us!"

  • (cs)

    "He also considered burying his face into his palms, or perhaps bang his forehead against the desk repeatedly" You just summarized every meeting I've had where management made technical decisions.

  • Dr Headdesk (unregistered)

    Why the hell is "Person Was Mistaken" a WTF??

  • (cs)

    meh! Dude, I bet you have even better stories on your Inbox. This one just sucks. There's no WTF here, just some dumb ass manager with double personality syndrome.

  • Inhibeo (unregistered) in reply to TheStandardWay
    TheStandardWay:
    This guy should not become "a man" anyway. The fact he didn't (couldn't?) bring up the "we don't know the passwords because they are stored as a hash in the db" argument shows he doesn't know what he is doing. I want to know what bank keeps it's passwords so they can be decrypted so I can avoid it. No excuse for a bank to be able to send a user a pwd in an email. Should be, at a minimum, a hash that is stored in the DB.

    Agreed. This manager probably became an uninformed moron in the first place because his technical people were too spineless to tell him when he was wrong, and why.

    This retarded security model could have compromised thousands of accounts. I'd rather get shitcanned for being right than six months later for costing the company millions.

  • The version I wanted to see (unregistered)

    Google emails Greg with his password, which Michael P promptly reads when Greg triumphantly shows him the email to prove how Google does it.

    Michael P goes home, reads Greg's email, finds an incriminating one to Greg's mistress (or create one if necessary) and Greg's wife's email address, and has Greg accidentally misuse the forward button. This process would definitely demonstrate to Greg that emailing passwords is not a secure practice.

  • Michael (unregistered) in reply to Anon
    Anon:
    Mike D.:
    Random TDWTF WTF: The last time a comment was "featured" was a comment that pointed out the "Reading Comprehension" dupe. The last one before that was "Misconstrued" on October 23.

    Alex must think we suck as comment writers.

    I can understand that maybe Alex can't be bothered going through every thread and picking out the gems, but if that's that case, at least implement a feature allowing (logged in) users to vote up posts. Let those of us that are already wasting time do the work for you!

    So you're suggesting that he spend time (and likely not a small amount thereof) implementing a new feature to TDWTF's blogging/article system to save him a few minutes a day looking over the comments, which should be part of the moderation he does on a daily basis anyways?

    ...take a good, hard look at your first revision and just say to yourself, "gloves."

  • Huh? (unregistered) in reply to Dr Headdesk
    Dr Headdesk:
    Why the hell is "Person Was Mistaken" a WTF??

    No it was, GMail does it this way, so we have to too. Reminds me of my old boss in charge of the Web development group. He saw breadcrumbs on a site, and said we MUST have them on our site. Every single breadcrumb was Home -> ... Our pages only went one layer deep.

    Needless to say, the guy was a moron.

  • snz (unregistered) in reply to TheStandardWay
    TheStandardWay:
    This guy should not become "a man" anyway. The fact he didn't (couldn't?) bring up the "we don't know the passwords because they are stored as a hash in the db" argument shows he doesn't know what he is doing. I want to know what bank keeps it's passwords so they can be decrypted so I can avoid it. No excuse for a bank to be able to send a user a pwd in an email. Should be, at a minimum, a hash that is stored in the DB.

    hash, that's your problem for everything!

  • Nurse Footstool (unregistered) in reply to Dr Headdesk
    Dr Headdesk:
    Why the hell is "Person Was Mistaken" a WTF??

    Because the person in question was a manager who was about to make an all-too-typically bad technical decision based on his limited technical knowledge until he proved himself wrong. Seems like a textbook WTF to me.

  • Beggar is not a chooser (unregistered) in reply to Anon
    Anon:
    I can understand that maybe Alex can't be bothered going through every thread and picking out the gems, but if that's that case, at least implement a feature allowing (logged in) users to vote up posts. Let those of us that are already wasting time do the work for you!

    +5; Funny

    In soviet TDWTF, comment vote you up!

  • anon (unregistered) in reply to Sarge2009
    Sarge2009:
    The constant problem: "a little bit of knowledge is a dangerous thing"

    Lack of knowledge is not a problem in itself, it is the refusal to accept that you lack knowledge that causes problems. :)

    To be ignorant of one's ignorance is the malady of the ignorant. ~ Amos Bronson Alcott

  • (cs) in reply to mikolajl
    mikolajl:
    "Greg would incredulously ask why the developers would dare even suggesting that they may try to implement the features he had told them to implement several weeks ago".

    You mean to say that the developers did what they were told without even asking for ocnfirmation via email?

    You're assuming that the manager would acknowledge the contradiction, even when written evidence was produced. I've worked with a couple different "Greg"s, and believe me, facts are no obstacle to stupidity.

  • rewind (unregistered) in reply to Huh?
    Huh?:
    He saw breadcrumbs on a site, and said we MUST have them on our site. Every single breadcrumb was Home -> ... Our pages only went one layer deep.

    Needless to say, the guy was a moron.

    Breadcrumbs on a site are untidy and can only show how unprofessional (and messy) the development staff is!

    Captcha: jumentum: Cousin of momentum;

  • (cs)

    Twitter-ized Version:

    Manager thought he knew more than Michael P. Manager offered proof. Proof vindicated Michael P. Article abruptly ends.

  • Les (unregistered)

    The same thing happened to me, except that the PHB was arguing that the link shouldn't expire. He went through his old emails, found a password link, clicked on it and got a "this link has expired" message. The look on his face was priceless.

  • (cs) in reply to GalacticCowboy
    GalacticCowboy:
    You're assuming that the manager would acknowledge the contradiction, even when written evidence was produced. I've worked with a couple different "Greg"s, and believe me, facts are no obstacle to stupidity.

    This is why you must always have written proof of everything. Even if you meet the manager in a hallway for a verbal discussion, the first thing you do when you get back to your desk is write him an email saying "OK, to summarize, this is what we discussed in the hallway, and I will be doing A, B, and C."

    And yes, I thought the real WTF was that Greg was about to expose his Google password to everyone in tne room just to prove a point.

  • (cs) in reply to TheStandardWay
    TheStandardWay:
    This guy should not become "a man" anyway. The fact he didn't (couldn't?) bring up the "we don't know the passwords because they are stored as a hash in the db" argument shows he doesn't know what he is doing. I want to know what bank keeps it's passwords so they can be decrypted so I can avoid it. No excuse for a bank to be able to send a user a pwd in an email. Should be, at a minimum, a hash that is stored in the DB.

    Banks, in the UK at least, often ask you for a sub-set of characters from your password, rather than the whole password. That rather necessitates storing the password in a manner which enables them to read single characters from it. Hashing or encrypting a single character is a little pointless.

    They usually ask you for another piece of information too; both of of mine use a numeric ID, PIN code and three random letters from a password to do a login.

    One of them requires you to supply some extra information if it's the first time you've logged in from a machine. They also show a picture and phrase you set when you registered, after you've supplied your ID, to confirm the site is actually them (although frankly a fishing site could bypass that easily enough).

    I've never had to reset my password with either of my banks, but I'm fairly sure neither of them will allow me to do it with a simple password reminder; I'd probably have to ask for a new one-time one, which would get posted to me. Possibly split between two separate letters.

  • (cs) in reply to Beldar the Phantom Replier
    Beldar the Phantom Replier:
    Article abruptly ends.

    Probably because the next line was “then the manager had him store the passwords plain-text and email them to people anyway”.

  • Romeo (unregistered) in reply to Vollhorst
    Vollhorst:
    Bryan:
    TRWTF is actually that they used "Click Here" as the link to reset a password. "Click Here" is soooooo 1990.
    So, what is better?

    "Click here, yes here, oh, come on, click already! The link is about to end, come on, click, damnit! Ohh. Too late. All your money are belong to us!"

    FTFY

  • Anon (unregistered)

    "Why can't we give the user their password in the e-mail?" Greg asked, in the same tone of voice you might expect if someone had told you they couldn't eat their soup because the spoon was upside down.

    This doesn't make any sense at all. If the words "same tone" compare Greg to the guy who told about the soup thing, then I don't see how the tones could be the same. If, however, they refer to someone who answers the crazy upside-down spoon guy, it's hard to imagine someone answering that advice with anything resembling a simple question.

    Maybe it was supposed to be "...the same tone of voice you might expect if someone asked you why they couldn't eat their..."

  • A Gould (unregistered) in reply to Dr Headdesk
    Dr Headdesk:
    Why the hell is "Person Was Mistaken" a WTF??
    I thought the WTF was a guy being hassled by his boss for doing what his boss told him to do. (Sadly, a common malady around here.)
  • (cs)

    This article gave me warm fuzzy feelings. Sadly, the opening was interesting but the ending just sort of dropped.

  • Ben4jammin (unregistered)

    Two thoughts:

    For all of those complaining that articles are sometimes hard to read due to grammatical errors and such, I have found that what works best for me is to "speed read" and just basically skim over the article. After doing this for some time now, my brain is learning to filter out all the errors and still give me the gist of the story. That said, I still sometimes end up with WTF? after the first reading.

    facts are no obstacle to stupidity
    Rarely have truer words been spoken.
  • Brendan (unregistered)

    TRWTF is that Google apparently isn't data-mining your password (or maybe they send you a reset link so you THINK they have it hashed..).

  • (cs) in reply to Brendan
    "Why can't we give the user their password in the e-mail?" Greg asked.

    The answer to that question being, of course, that most countries have federal banking regulators with information systems rules and those regulators would fine you millions of dollars if you did that.

  • NoCanDo (unregistered)

    I hate thos m'f'ing pricks of managers. They go all high n mighty but when it comes to the actual issue they stand clueless.

    I've had my share of such meetings, with more than enough idiots as (project)managers.

    When they have this attitude, I kindly repay them back when they come to me for advice and then I pretty much do like I have no idea what they are about. Works, almost every time, like a charm.

    Okay, it got me almost fired twice, but I had proof that the manager was a complete idiot, so it went to my favor.

  • Design Pattern (unregistered) in reply to Bryan
    Bryan:
    TRWTF is actually that they used "Click Here" as the link to reset a password. "Click Here" is soooooo 1990.
    So you claim someone send around "Click Here" links in mails in 1990, one year before the first web browser was introduced on a NeXT system and three years before the release of a Web browser for MS Windows?
  • Blue Collar (unregistered)
    Mike D.:
    Random TDWTF WTF: The last time a comment was "featured" was a comment that pointed out the "Reading Comprehension" dupe. The last one before that was "Misconstrued" on October 23.

    Alex must think we suck as comment writers.

    Everyone here is so damn critical, if I was alex I wouldn't want to read through these comments either. Why read through these comments and feel LESS satisfaction for doing something for free, I know I wouldn't.

  • (cs) in reply to hikari
    hikari:
    Banks, in the UK at least, often ask you for a sub-set of characters from your password, rather than the whole password.

    Then I submit that banks in the UK are often doing it very wrong, just like US banks that think asking a security question counts as "two-factor authentication".

Leave a comment on “The Standard Way”

Log In or post as a guest

Replying to comment #290841:

« Return to Article