• (cs) in reply to [anti-ipod]sis - above and beyond the call of duty!
    [anti-ipod]sis - above and beyond the call of duty!:
    PedanticCurmudgeon:
    The Law of the Internet (Troll or be trolled) appears to be in full force today.
    Shove it up your ass, you self-promoting fag.
    Hey, just your type!
  • (cs) in reply to Arthur de Jong
    Arthur de Jong:
    Why did Paul turn down the offer to have him rewrite the system?
    The core of the problem is the customer. They tried to find the cheapest company and apparently didn't care about quality. Those are not the most ideal customers.

    ... then they went for (presumably) some considerably higher-paid ones and still haven't got satisfaction. That smacks to me of severe management incompetence. They should have come to us and we'd have had done it in 3 months - and it would have been good.

  • (cs) in reply to C-Octothorpe
    C-Octothorpe:
    Coyne:
    Why? Why do so many programmers even bother to pretend they know anything about security?
    Because when you're BSing someone, you really only need to know 1% more than the other person to impress them. And because this 1% impresses manager/PM types who have heard the words SHA, encryption, SQL, etc., but don't know how the pieces fit together.
    Points to you.

    But this is why more honest people (read: suckers like me) go down, because they aren't Machiavellian enough to think like this. (No aspersion intended.)

  • [anti-ipod]sis - above and beyond the call of duty! (unregistered) in reply to C-Octothorpe
    C-Octothorpe:
    [anti-ipod]sis - above and beyond the call of duty!:
    PedanticCurmudgeon:
    The Law of the Internet (Troll or be trolled) appears to be in full force today.
    Shove it up your ass, you self-promoting fag.
    Hey, just your type!
    In more ways than one!
  • Herby (unregistered) in reply to redblacktree
    redblacktree:
    Perhaps all managers could learn something from Herbert Hoover: "Engineering ... it is a great profession. There is the fascination of watching a figment of the imagination emerge through the aid of science to a plan on paper. Then it moves to realization in stone or metal or energy. Then it brings jobs and homes to men. Then it elevates the standards of living and adds to the comforts of life. That is the engineer's high privilege.

    The great liability of the engineer compared to men of other professions is that his works are out in the open where all can see them. His acts, step by step, are in hard substance. He cannot bury his mistakes in the grave like the doctors. He cannot argue them into thin air or blame the judge like the lawyers. He cannot, like the architects, cover his failures with trees and vines. He cannot, like the politicians, screen his shortcomings by blaming his opponents and hope the people will forget. The engineer simply cannot deny he did it. If his works do not work, he is damned....

    On the other hand, unlike the doctor his is not a life among the weak. Unlike the soldier, destruction is not his purpose. Unlike the lawyer, quarrels are not his daily bread. To the engineer falls the job of clothing the bare bones of science with life, comfort, and hope. No doubt as years go by the people forget which engineer did it, even if they ever knew. Or some politician puts his name on it. Or the credit it to some promoter who used other people's money ... but the engineer himself looks back at the unending stream of goodness which flows from his successes with satisfactions that few professionals may know. And the verdict of his fellow professionals is all the accolade he wants."

    Life goes on... My Aunt married into a good family!

    A lesson for all to remember.

  • (cs) in reply to Dani
    Dani:
    Craig:
    They are storing it in plaintext. They are only encrypting it after they pull it out of the database in plain text.

    They are not pulling it out of the database in plain text.. they are sending the plaintext password to the database, then encrypt both (the one they sent and the one present in the database) and then compare the encryptions

    It's not really "sent to the db" in plaintext either. The password is stored in plaintext in the DB. The select clause simply compares the SHA1 hash of the stored password against the SHA1 hash of the user input.

  • (cs) in reply to shadowman
    shadowman:
    Dani:
    Craig:
    They are storing it in plaintext. They are only encrypting it after they pull it out of the database in plain text.

    They are not pulling it out of the database in plain text.. they are sending the plaintext password to the database, then encrypt both (the one they sent and the one present in the database) and then compare the encryptions

    It's not really "sent to the db" in plaintext either. The password is stored in plaintext in the DB. The select clause simply compares the SHA1 hash of the stored password against the SHA1 hash of the user input.

    At least it's secured while in-transit... On their own network... And likely on the same machine...

  • your friendly neighborhood zunesis (unregistered) in reply to Coyne
    Coyne:
    But this is why suckers like me go down: because they really like to.

    FTFY. (But any excuse that works for you is fine with me.)

    CAPTCHA: genitus. Yes, even captcha knows me...

  • aptent2 (unregistered) in reply to Dani
    Dani:
    They are not pulling it out of the database in plain text.. they are sending the plaintext password to the database, then encrypt both (the one they sent and the one present in the database) and then compare the encryptions

    Rajesh, is that you?

  • (cs) in reply to QJo
    QJo:
    [ . . . ] the currencies are such that "4 figures" in the UK may be considerably more than 4 figures in the US.
    Well, not "considerably" more actually. Just one more figure, at most. (Since the current rate is ~ £6100 to $10k, it would even be reasonable to say that the US price may only be ~ 2/3rds more of a digit than the UK price.)
  • (cs) in reply to DaveK
    DaveK:
    QJo:
    [ . . . ] the currencies are such that "4 figures" in the UK may be considerably more than 4 figures in the US.
    Well, not "considerably" more actually. Just one more figure, at most. (Since the current rate is ~ £6100 to $10k, it would even be reasonable to say that the US price may only be ~ 2/3rds more of a digit than the UK price.)

    No, not "considerably", but enough to be significant. You can get a good enough car (for UK purposes) for, say, £9000. By "good enough", bear in mind the main difference between the UK and the US. In the UK, 100 miles is a long way. In the US, 100 years is a long time.

  • (cs) in reply to hoodaticus
    hoodaticus:
    So the little piggies were penny-wise and hired outsourced labor to build a straw house, and then the big bad wolf came and huffed and puffed and blew their house in.
    Along with "and the little piggies are now genuinely puzzled as to how the wolf blew their house in."
  • reductio ad ridiculum (unregistered) in reply to redblacktree
    redblacktree:
    I once heard a story about the quality of Indian developers that explained a lot. ...snip...
    +1
  • reductio ad ridiculum (unregistered) in reply to Beta
    Beta:
    Carl:
    redblacktree:
    in the states, noobs eventually become the experienced engineers. In India, they become managers.
    Oh goodie, does that mean we can outsource our managers to India? That would fix a lot!

    How could an overseas manager lose at golf to a vice-president? I've had managers I could have replaced with a very small shell script, if only I could have gotten past that hurdle.

    "I've had managers I could have replaced with a very small shell script"

    My new meme for the day. Many Thanks.

  • Friedrich the Great (unregistered) in reply to reductio ad ridiculum

    I've had memes I could have replaced with very small managers.

  • Do what now? (unregistered) in reply to C-Octothorpe

    I've explained this to many clients. Most get it, but one asked seriously, "Hmmm... What do I have to do to get all three?"

  • QJo (unregistered) in reply to Do what now?
    Do what now?:
    I've explained this to many clients. Most get it, but one asked seriously, "Hmmm... What do I have to do to get all three?"

    That's when you smile slyly because you know you have a logical illiterate on your hands, and if you play him like a particularly large and stupid fish you will (eventually) milk him for an avalanche of money.

    No apology for the mixed metaphors, I wanted to enjoy myself.

  • L. (unregistered) in reply to Patrick Magee

    And ... it's even worse ... they're using the mysql extension (really mysql is already extremely bad, but the one-query-max extension really shows how much of a joke a programmer can be).

  • Kempeth (unregistered) in reply to QJo
    QJo:
    So, metaphoorically speaking: they have a fully-security-approved multi-lock front door, but neglected to use any cement in the brickwork. Shouldn't be a problem, of course, criminals are first and foremost gentlemen and would not dream of using an alternative means of entry into a dwelling but the conventional one.
    No. Metaphorically speaking they have a normal lock door on the house but if you peak through the window you can clearly see the key on the windowsill.
  • jc (unregistered)

    On the contrary, you quite often get a lot less than you paid for.

  • (cs) in reply to QJo

    Fish milk sounds delicious.

  • (cs)

    And nobody except the hackers noticed that the usernames and passwords in the database were not actually encrypted ? Right...

  • Someone who can't be bothered to login from work (unregistered) in reply to C-Octothorpe
    C-Octothorpe:
    shadowman:
    Dani:
    Craig:
    They are storing it in plaintext. They are only encrypting it after they pull it out of the database in plain text.

    They are not pulling it out of the database in plain text.. they are sending the plaintext password to the database, then encrypt both (the one they sent and the one present in the database) and then compare the encryptions

    It's not really "sent to the db" in plaintext either. The password is stored in plaintext in the DB. The select clause simply compares the SHA1 hash of the stored password against the SHA1 hash of the user input.

    At least it's secured while in-transit... On their own network... And likely on the same machine...

    No it's not, not unless the connection to the database is encrypted; which I doubt. The password and username will be sent in their unhashed forms and then hashed at the server, there's no application side hashing going on.

    It's a WTF on pretty much any level, all the way down to using string concatenation instead of parameters.

  • (cs) in reply to Those who live in glass houses...
    Those who live in glass houses...:
    68a6a81ff9352dfd1910c2907451fb726886328b

    "Be sure . . . to drink . . . your . . . Ovaltine?"

    A crummy commercial?

    Son of a bitch.

  • (cs) in reply to Someone who can't be bothered to login from work
    Someone who can't be bothered to login from work:
    C-Octothorpe:
    shadowman:
    Dani:
    Craig:
    They are storing it in plaintext. They are only encrypting it after they pull it out of the database in plain text.

    They are not pulling it out of the database in plain text.. they are sending the plaintext password to the database, then encrypt both (the one they sent and the one present in the database) and then compare the encryptions

    It's not really "sent to the db" in plaintext either. The password is stored in plaintext in the DB. The select clause simply compares the SHA1 hash of the stored password against the SHA1 hash of the user input.

    At least it's secured while in-transit... On their own network... And likely on the same machine...

    No it's not, not unless the connection to the database is encrypted; which I doubt. The password and username will be sent in their unhashed forms and then hashed at the server, there's no application side hashing going on.

    It's a WTF on pretty much any level, all the way down to using string concatenation instead of parameters.

    Oh, you're right. I didn't notice that the SHA1 was quoted as well... I thought it was hashing it server-side and comparing the hashes in the SQL query.

  • A polite request (unregistered)

    If you so smart and have better top grade encryption plz be sending me teh codez.

  • Jay (unregistered) in reply to DaveK
    DaveK:
    QJo:
    [ . . . ] the currencies are such that "4 figures" in the UK may be considerably more than 4 figures in the US.
    Well, not "considerably" more actually. Just one more figure, at most. (Since the current rate is ~ £6100 to $10k, it would even be reasonable to say that the US price may only be ~ 2/3rds more of a digit than the UK price.)

    Well, I'd consider adding a digit to the price of something to be in the category of "considerably more". Buying a car for, say, $4,000 instead of $40,000 is a big difference to me. Maybe to you $40,000 is almost as much as what you spend on lunch in a week.

  • Jay (unregistered) in reply to havokk
    havokk:
    hoodaticus:
    So the little piggies were penny-wise and hired outsourced labor to build a straw house, and then the big bad wolf came and huffed and puffed and blew their house in.
    Along with "and the little piggies are now genuinely puzzled as to how the wolf blew their house in."

    A common scenario that has me crying goes like this:

    Piggy: No, brick is too expensive and takes too long. Let's just build the house from straw.

    Developer: But if you build your house from straw, the big bad wolf will come along and blow it down.

    Piggy: No, there's no way a wolf could blow down a straw house. Straw houses are much stronger than brick. And besides, there are no wolves around here.

    Developer: Umm, I really think that a big bad wolf could blow down a straw house fairly easily. And there have been numerous reports of wolves in this area.

    Piggy: That's ridiculous. You're just trying to con me in to paying you a lot of money to build a brick house. While I'm not going to be fooled. I want a straw house, I tell you! It will be perfectly adequate!

    Then the wolf blows down the house. Next conversation:

    Piggy: Who could have known that that a wolf could blow down a strong house? Who could have predicted such a thing?

    Developer: I'm sorry, but I tried to warn you about this.

    Piggy: You! You're the one who told me that straw houses were stronger than brick! You lied to me!

    Developer: What? I never said that! I said just the opposite!

    Piggy: Oh, trying to escape responsibility for your mistakes, eh?

  • (cs) in reply to Jay
    Jay:
    havokk:
    hoodaticus:
    So the little piggies were penny-wise and hired outsourced labor to build a straw house, and then the big bad wolf came and huffed and puffed and blew their house in.
    Along with "and the little piggies are now genuinely puzzled as to how the wolf blew their house in."

    A common scenario that has me crying goes like this:

    Piggy: No, brick is too expensive and takes too long. Let's just build the house from straw.

    Developer: But if you build your house from straw, the big bad wolf will come along and blow it down.

    Piggy: No, there's no way a wolf could blow down a straw house. Straw houses are much stronger than brick. And besides, there are no wolves around here.

    Developer: Umm, I really think that a big bad wolf could blow down a straw house fairly easily. And there have been numerous reports of wolves in this area.

    Piggy: That's ridiculous. You're just trying to con me in to paying you a lot of money to build a brick house. While I'm not going to be fooled. I want a straw house, I tell you! It will be perfectly adequate!

    Then the wolf blows down the house. Next conversation:

    Piggy: Who could have known that that a wolf could blow down a strong house? Who could have predicted such a thing?

    Developer: I'm sorry, but I tried to warn you about this.

    Piggy: You! You're the one who told me that straw houses were stronger than brick! You lied to me!

    Developer: What? I never said that! I said just the opposite!

    Piggy: Oh, trying to escape responsibility for your mistakes, eh?

    So very sad, so very true.

  • (cs) in reply to Jay
    Jay:
    havokk:
    hoodaticus:
    So the little piggies were penny-wise and hired outsourced labor to build a straw house, and then the big bad wolf came and huffed and puffed and blew their house in.
    Along with "and the little piggies are now genuinely puzzled as to how the wolf blew their house in."

    A common scenario that has me crying goes like this:

    Piggy: No, brick is too expensive and takes too long. Let's just build the house from straw.

    Developer: But if you build your house from straw, the big bad wolf will come along and blow it down.

    Piggy: No, there's no way a wolf could blow down a straw house. Straw houses are much stronger than brick. And besides, there are no wolves around here.

    Developer: Umm, I really think that a big bad wolf could blow down a straw house fairly easily. And there have been numerous reports of wolves in this area.

    Piggy: That's ridiculous. You're just trying to con me in to paying you a lot of money to build a brick house. While I'm not going to be fooled. I want a straw house, I tell you! It will be perfectly adequate!

    Then the wolf blows down the house. Next conversation:

    Piggy: Who could have known that that a wolf could blow down a strong house? Who could have predicted such a thing?

    Developer: I'm sorry, but I tried to warn you about this.

    Piggy: You! You're the one who told me that straw houses were stronger than brick! You lied to me!

    Developer: What? I never said that! I said just the opposite!

    Piggy: Oh, trying to escape responsibility for your mistakes, eh?

    I do hear that story a lot, but I also hear the other side of it:

    Developer: Good news, piggies! Development of your straw houses is going as planned, and should be about done at the end of this quarter.

    Piggy 1: Hmm... straw houses. I was reading an article the other day about brick houses. Yes, I'm quite sure this is the way the industry is headed.

    Developer: Yes, but you want to build this house in a region where there are no wolves, so straw will be fine. Remember? We had this discussion earlier this year, and you chose straw.

    Piggy 2: True, but that was before we learned that our piggy competitors build their houses with brick. We don't want to seem outdated compared to them, do we?

    Developer: But... there aren't any wolves. The other piggies are building their houses out of brick so that wolves can't blow their houses down-

    Piggy 2: Right, so shouldn't we have the same protections?

    Developer: No. For the third time, there aren't any wolves. Wolves can't survive in this climate. It doesn't make sense for us to spend extra money and time shipping in and using more expensive resources in order to solve a non-existent problem.

    Piggy 1: Oh, we didn't say anything about extending the budget or timeline.

    Developer: You're... you're kidding, right?

    Piggy 3: Waah! Waah! I want brick! If you don't build the house out of brick, I'll sue you!

    Piggy 1: Now now, calm down Henderson. Nobody's suing anybody. Our developer friend was just agreeing that brick was the best choice, weren't you Mr. Developer Guy?

    Developer: I... but we're almost done... we'd have to start over...

    Piggy 1: I'm sure you can make it work.

    Developer: But...

    Piggy 1: Thanks, you're a real hero.

    Piggy 2: We'll check back with you in six weeks.

    Piggy 3: Yeah, it better be done by then. Or else!

  • (cs) in reply to A Gould
    A Gould:
    RealUlli:
    There are more than enough low-paid devs out there turning out code this bad. Unfortunately, there's a market for them, too...

    And there always will be, as long as there are companies that think they can go two orders of magnitude cheaper and think they'll get similar quality.

    In contrast, people will spend six-figures for a really nice car, and five-figures for a decent car. If you're only spending four-figures you automatically wonder what's wrong with it.

    There are many people that believe that, since software can't be held in the hand and doesn't weigh anything, it shouldn't cost very much. I did work with one program manager that had a better analogy. He compared software engineering to civil engineering. It's expensive to move dirt around, just like it's expensive to create and modify software.
  • (cs) in reply to Jay
    Jay:
    havokk:
    hoodaticus:
    So the little piggies were penny-wise and hired outsourced labor to build a straw house, and then the big bad wolf came and huffed and puffed and blew their house in.
    Along with "and the little piggies are now genuinely puzzled as to how the wolf blew their house in."

    A common scenario that has me crying goes like this:

    Piggy: No, brick is too expensive and takes too long. Let's just build the house from straw.

    Developer: But if you build your house from straw, the big bad wolf will come along and blow it down.

    Piggy: No, there's no way a wolf could blow down a straw house. Straw houses are much stronger than brick. And besides, there are no wolves around here.

    Developer: Umm, I really think that a big bad wolf could blow down a straw house fairly easily. And there have been numerous reports of wolves in this area.

    Piggy: That's ridiculous. You're just trying to con me in to paying you a lot of money to build a brick house. While I'm not going to be fooled. I want a straw house, I tell you! It will be perfectly adequate!

    Then the wolf blows down the house. Next conversation:

    Piggy: Who could have known that that a wolf could blow down a strong house? Who could have predicted such a thing?

    Developer: I'm sorry, but I tried to warn you about this.

    Piggy: You! You're the one who told me that straw houses were stronger than brick! You lied to me!

    Developer: What? I never said that! I said just the opposite!

    Piggy: Oh, trying to escape responsibility for your mistakes, eh?

    I'm sure that you'd have this conversation even if the warning about wolves was included in the contract, signed by the piggies themselves. That's why so many software warranties say "provided AS IS with no warranty of merchantibility or fitness for a particular (or indeed any) purpose"...

  • C (unregistered) in reply to Matt Westwood
    Matt Westwood:
    I remember pointing out to my boss once that the login process as programmed by a contractor once that went something like: "The username was correct but the password was not" (or words to that effect) was less than optimal but he didn't understand what I was trying to point out. Comms fail.
    Humour me... "Less than optimal" in that it does some unneeded extra checks which don't really do any great harm, or LTO in a more compelling way?
  • (cs) in reply to nonpartisan
    nonpartisan:
    Those who live in glass houses...:
    68a6a81ff9352dfd1910c2907451fb726886328b

    "Be sure . . . to drink . . . your . . . Ovaltine?"

    A crummy commercial?

    Son of a bitch.

    Nice.

  • (cs)

    BAH! Pish-posh! An anomalous example here and there does not constitute proof. Right-Shoring RULES!!

  • (cs) in reply to boog
    <snip>
    Jay:
    Developer: Good news, piggies! Development of your straw houses is going as planned, and should be about done at the end of this quarter.

    Piggy 1: Hmm... straw houses. I was reading an article the other day about brick houses. Yes, I'm quite sure this is the way the industry is headed.

    Developer: Yes, but you want to build this house in a region where there are no wolves, so straw will be fine. Remember? We had this discussion earlier this year, and you chose straw.

    Piggy 2: True, but that was before we learned that our piggy competitors build their houses with brick. We don't want to seem outdated compared to them, do we?

    Developer: But... there aren't any wolves. The other piggies are building their houses out of brick so that wolves can't blow their houses down-

    Piggy 2: Right, so shouldn't we have the same protections?

    Developer: No. For the third time, there aren't any wolves. Wolves can't survive in this climate. It doesn't make sense for us to spend extra money and time shipping in and using more expensive resources in order to solve a non-existent problem.

    Don't forget:

    Piggy 4: Hey, let's also make it so the user can make any shape of house out of whatever they want!

    Piggy 1: But they told us they want a straw house. We asked the questions, and here are the answers. Straw house please.

    Piggy 4: Hmmm. I'll give you a "house framework" and build a straw house using that.

    ....time passes.

    "House" delivery consists of a giant pile of straw, wood, bricks, plastic, silly putty and dried cow dung. The client is told to refer to the building instructions (AKA TFM) if they actually want something they can live in.

  • QJo (unregistered) in reply to C
    C:
    Matt Westwood:
    I remember pointing out to my boss once that the login process as programmed by a contractor once that went something like: "The username was correct but the password was not" (or words to that effect) was less than optimal but he didn't understand what I was trying to point out. Comms fail.
    Humour me... "Less than optimal" in that it does some unneeded extra checks which don't really do any great harm, or LTO in a more compelling way?

    My guess would be: an unsuccessful attempt to break into the system may inform the attacker that a particular username is valid? Then it would merely be a case of cracking the password?

    My understanding is that a failed login attempt should not provide to the attacker any information about the nature of the system being attacked. So letting the attacker know that he's succeeded in guessing a username is therefore, as suggested, "suboptimal".

    I'd put it more strongly than that.

  • QJo (unregistered) in reply to LoztInSpace
    LoztInSpace:
    <snip>
    Jay:
    Developer: Good news, piggies! Development of your straw houses is going as planned, and should be about done at the end of this quarter.

    Piggy 1: Hmm... straw houses. I was reading an article the other day about brick houses. Yes, I'm quite sure this is the way the industry is headed.

    Developer: Yes, but you want to build this house in a region where there are no wolves, so straw will be fine. Remember? We had this discussion earlier this year, and you chose straw.

    Piggy 2: True, but that was before we learned that our piggy competitors build their houses with brick. We don't want to seem outdated compared to them, do we?

    Developer: But... there aren't any wolves. The other piggies are building their houses out of brick so that wolves can't blow their houses down-

    Piggy 2: Right, so shouldn't we have the same protections?

    Developer: No. For the third time, there aren't any wolves. Wolves can't survive in this climate. It doesn't make sense for us to spend extra money and time shipping in and using more expensive resources in order to solve a non-existent problem.

    Don't forget:

    Piggy 4: Hey, let's also make it so the user can make any shape of house out of whatever they want!

    Piggy 1: But they told us they want a straw house. We asked the questions, and here are the answers. Straw house please.

    Piggy 4: Hmmm. I'll give you a "house framework" and build a straw house using that.

    ....time passes.

    "House" delivery consists of a giant pile of straw, wood, bricks, plastic, silly putty and dried cow dung. The client is told to refer to the building instructions (AKA TFM) if they actually want something they can live in.

    ... or even:

    Piggy 5: Even better idea. We don't know what the user wants to build the house out of, so what we will provide is a map to the various sites from which the various raw materials can be sourced. And what's more - we won't charge!

  • foo (unregistered) in reply to C-Octothorpe
    C-Octothorpe:
    Reminds me of the saying: Fast, Cheap, and Good. Pick two...

    Or as they say in India, "Fast, Cheap, and Good: Pick cheap, we don't do the other two."

  • foo (unregistered) in reply to reductio ad ridiculum
    Beta:
    How could an overseas manager lose at golf to a vice-president? I've had managers I could have replaced with a very small shell script, if only I could have gotten past that hurdle.

    It's not worth it. I have replaced a manager with a small shell script. What happened? Did the waste of space and salary get fired? No, he carved out a niche for himself asking for meaningless status reports and reporting incorrect information to his boss, copying data from one doc to another to violate DRY/SSOT, and creating work for others. I went from having a manager who could be replaced by a shell script to a manager who had way too much time and nothing of value to do, and unfortunately the devil makes work for idle managers.

  • QJo (unregistered) in reply to foo
    foo:
    Beta:
    How could an overseas manager lose at golf to a vice-president? I've had managers I could have replaced with a very small shell script, if only I could have gotten past that hurdle.

    It's not worth it. I have replaced a manager with a small shell script. What happened? Did the waste of space and salary get fired? No, he carved out a niche for himself asking for meaningless status reports and reporting incorrect information to his boss, copying data from one doc to another to violate DRY/SSOT, and creating work for others. I went from having a manager who could be replaced by a shell script to a manager who had way too much time and nothing of value to do, and unfortunately the devil makes work for idle managers.

    I replaced three co-workers with a short Fortran program once. That felt good.

  • modo (unregistered) in reply to Those who live in glass houses...
    Those who live in glass houses...:
    I wish all you ivory tower wannabes would get off your high horses. SHA1 is encryption! Do you even know what encryption means? It means to obfuscate. SHA1 is obsfucation. Now STFU.

    An this is for all you pathetic jackwagons posting in SHA1:

    68a6a81ff9352dfd1910c2907451fb726886328b

    [http://www.google.com/#q=encryption|encryption]

  • luptatum (unregistered)

    How do you add a link to a comment here?

  • JJ (unregistered) in reply to Kempeth
    Kempeth:
    ...but if you peak through the window...
    Just be careful not to valley through the window.
  • (cs) in reply to luptatum
    luptatum:
    How do you add a link to a comment here?
    By replying to it, hitting the quote button, or by right clicking the comment number and clicking "Copy Shortcut". Links themselves are explained in the BBCode Okay link.
  • (cs) in reply to QJo
    QJo:
    foo:
    Beta:
    How could an overseas manager lose at golf to a vice-president? I've had managers I could have replaced with a very small shell script, if only I could have gotten past that hurdle.

    It's not worth it. I have replaced a manager with a small shell script. What happened? Did the waste of space and salary get fired? No, he carved out a niche for himself asking for meaningless status reports and reporting incorrect information to his boss, copying data from one doc to another to violate DRY/SSOT, and creating work for others. I went from having a manager who could be replaced by a shell script to a manager who had way too much time and nothing of value to do, and unfortunately the devil makes work for idle managers.

    I replaced three co-workers with a short Fortran program once. That felt good.

    I replaced a couple clerks with an Excel macro once.

  • (cs) in reply to boog
    boog:
    Piggy 3: Waah! Waah! I want brick! If you don't build the house out of brick, I'll sue you!
    I always get a kick out of that one. Those legal wars of financial attrition don't quite have the same dynamic when the contractor is also an attorney, therefore knows how to game the system to generate the maximum billable time for opposing counsel, in a country where everyone pays their own court costs and attorneys' fees.

    I'm not contracting now, but my last contract job was so very bad, that I actually kept an evidence file and complaint outline up to date until the job was done (which was when I manipulated them into triggering my escape clause).

  • (cs) in reply to hoodaticus
    hoodaticus:
    boog:
    Piggy 3: Waah! Waah! I want brick! If you don't build the house out of brick, I'll sue you!
    I always get a kick out of that one. Those legal wars of financial attrition don't quite have the same dynamic when the contractor is also an attorney, therefore knows how to game the system to generate the maximum billable time for opposing counsel, in a country where everyone pays their own court costs and attorneys' fees.

    I'm not contracting now, but my last contract job was so very bad, that I actually kept an evidence file and complaint outline up to date until the job was done (which was when I manipulated them into triggering my escape clause).

    I'm curious. Why aren't you practicing law instead of managing IT?

  • Andre (unregistered) in reply to I don't get it

    Just a matter of pride, I guess! I would have done the same, or charged the six figure for them. "Just so they would learn"

  • (cs) in reply to frits
    frits:
    hoodaticus:
    boog:
    Piggy 3: Waah! Waah! I want brick! If you don't build the house out of brick, I'll sue you!
    I always get a kick out of that one. Those legal wars of financial attrition don't quite have the same dynamic when the contractor is also an attorney, therefore knows how to game the system to generate the maximum billable time for opposing counsel, in a country where everyone pays their own court costs and attorneys' fees.

    I'm not contracting now, but my last contract job was so very bad, that I actually kept an evidence file and complaint outline up to date until the job was done (which was when I manipulated them into triggering my escape clause).

    I'm curious. Why aren't you practicing law instead of managing IT?

    A combination of reasons. I'd make a crappy lawyer, but I'm a pretty good developer. I also used to believe in the law... before law school. Now I'm an anarchist.

    I need to express my creativity, and while legal writing and trial practice do involve creativity, I need to create more than just arguments. Creating object models and letting my systems' behavior sort of emerge from my objects' interactions with each other gets me high.

    Finally, I've been hired to replace the CTO at my company when he retires or has a nasty accident. I have stock options, an office in the corporate HQ, a continental supply chain running on my code, and a shitload of clout.

    I wouldn't trade it for anything.

    The law degree helped get me this position; I was hired by the CTO and the CEO, both of whom were impressed by the doctorate degree. About half of all legal laureates do not ever practice law. Maybe they only got their degrees to please their parents, like me.

Leave a comment on “Top-grade, SHA1 Encryption”

Log In or post as a guest

Replying to comment #:

« Return to Article