- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Sounds like a fun High School
Admin
That's funny, I have the "worst" word you can use all over my account. must have been put in later, and never requested old members to change them.
Admin
Which moron thought that one up? You would think people would learn one day, but all too many people are immune to learning. Actually, even the term "moron" was originally coined as a neutral, inoffensive replacement for "idiot" - you see how well that worked.
Admin
Euless Tx, home of the Trinity Trojans.
Admin
Whoever thought it up, was, in the immortal words of Bugs Bunny "What a maroon!"
Admin
I was surprised when Wells Fargo's online banking wouldn't let me refer to the account I share with my wife as "Joint Checking".
What a bunch of idiots...
Admin
Admin
Admin
I believe the thinking is far more obtuse. Those that have various mental handicaps are often found to be gifted in other areas. It takes work to recognize these areas of excellence. With that said, maybe I'm the one handicapped, as I don't have something to seriously overcome my gifts aren't recognized by society. I now command you all to call me "Nominally Gifted"
Admin
Almost anything can come to be this, even unintentionally. I went on vacation once a few years ago to a nice little Bavarian town called Helen in Georgia. When I got back my co-workers asked me where I went. My answer, "I spent the whole week in Helen." The problem, That's my other half's name also. I got some funny looks before I realized what I said. We were a close knit group and had a good laugh after that.
Admin
Because they chop logs in two?
Admin
It's "Euphemism Treadmill". Believe it or not, "Idiot", "Imbecile", and "moron" were once legitimate, neutral term before they were tainted with pejorative connotation.
I have a friend who always had trouble getting through email filters because her email address has the word "aishite" in it. (it's japanese word means "love")
Admin
A phisher doesn't care about this and still only needs to phish once. They get the username, password, and answers to the security question(s), and they're done with the end user. Then they log onto BoA, from their own computer, just like an end user would.
Now, the supposedly "secure" part of this is where they display the key to the user so he supposedly knows he's not at a phishing site. Well, fine, but if average users had any inkling about this sort of thing, they wouldn't fall for phishing scams in the first place. A phishing site just won't show any site key at all, and harvest all the user information in plain text.
The problem is, you're counting on end users to get accustomed to a specific sign-on process and be suspicious if the process is ignored. The users who fall for phishing scams won't think that way. They'll just think "oh, thank God, they finally took away those stupid security questions and cryptic keys!"
Admin
Don't forget Panasonic's real name!
Matsushita Electric Industrial Co.
Admin
I have a file on my HDD called wtf.docx that I use to compile my own collection of amusing screenshots. Pages 10-13 are devoted to an amazing little experience I had with Bank of America. They recently made me choose a "Site Key." This involved selecting a picture from a bunch of stock images, and then assigning it some kind of description.
Only at the end of the process did I realize the true nature of the site key. It's not something I have to remember to get into their site (which is a good thing, since I was really having trouble figuring out how to memorably describe a picture of a chess pawn in 6 characters, as opposed to just 4). The site key is something that THEY "have to" remember to show me or I'm not supposed to log on to their site.
The problems with this are manifold:
I don't care if they show me a flipping castle (my sitekey image) or not; I seriously doubt I would ever notice if they forgot it. If they did omit the castle, they would be omitting a non-sequitur, which to me is an improvement, not a problem.
The kind of user this system is supposed to protect (i.e. someone who would navigate to a bogus URL and then disgorge personal info) is likely dumber than I, and even less likely to benefit from the site key.
The connection between the site key image and the site key verbiage is unclear to me. The example they give has a picture of a picnic basket w/ the description "basket." This seems logical, but it's not very secure, in that one really needs only to obtain half of the site key (picture or verbiage) and the other half follows logically. (Gee, the verbiage is "basket"... I wonder which image goes with it?). The alternative to using a meaningful description is to use a meaningless description, which adds another non-sequitur to the "security" process.
3)The whole thing seems geared toward those not literate in English, who are neither a good nor appropriate credit risk IMHO.
BTW, I just realized that I have shared half of my sitekey, by alluding to my castle picture. I bet you'll never guess my description though! Otherwise you could just send me a link to bankofamerica.yu or the like, show me a castle and my super-secret descirption of the CASTLE (hint, hint), and I would promptly divulge deep personal secrets!
I am sure some wannabe KGB security analyst will protest, but the sitekey business (and just about everything else BoA does lately IT-wise) is a huge WTF.
Captcha: Tesla. Bože Pravde!
Admin
I think you mean "gifted"
Stumpy
captcha: smile
Admin
The system my bank lately introduced seems pretty secure to me. First, enter user ID (9-digit number) and PW. Site gives you a 8-digit number. Take out the card reader they've given you, insert bank card. Type the number the site gave. Enter card PIN, copy 8-digit number the reader gave you in the site's dialog.
That requires you to: know user ID and PW, OK those could be grabbed by phishing. Then, you need the physical bank card, and its PIN. That's much harder. Of course there's the drawback that you need to have the reader with you. They offer a portable keyring one though.
Admin
Maybe "Hedgehog" (see http://en.wikipedia.org/wiki/Ron_Jeremy (the nickname) & http://en.wikipedia.org/wiki/Hedgehog) would be OK instead?
Admin
Only in America...
Admin
That's going to cause some embarassing conversations don't you think with conflicting old and new definitions. "Gifted" kids with intellectual disabilities vs. "gifted" kids with high intelligence or skills. (generally IQ 120-160 - then you go up a level to genius) "Special needs" is not the same as gifted, it's generally the opposite. That's just plain confusing. Who thought of that? (of course, it gets even more confusing if the person is both moronic and gifted, especially since you can't use the term idiot-savant any more. Or moron. )
Admin
As for terms like idiot, imbecile, and moron, well, all three were once technical terms for retardation, but idiot has held roughly its current meaning for thousands of years. (Or so my etymological dictionary says.) Imbecile meant weak or slow since the dark ages. Moron was the only one "invented" for the purpose, being brought back from dead greek vocabulary.
Admin
I started to think it's just the WTF part of management convention.
For Indiana case, it would seems that all gifted and retarded childs all go into the same big "special needs" umbrella education department. My guess is too many parents hated their oh-so-gifted child being called "special needs child". Therefore, requiring to rename the whole thing "gifted". Confused as ever, yet everyone is happy.
Now on the plus side, those mentally retarded childs got a free upgrade! How cool is that?
CAPTCHA: howdy
Admin
Admin
It occurs to me that a euphemism for the pubic area, male or female is Bush, which in some ways is so appropriate for the current state of American government. Captcha: gotcha (by the short & curlies!)
Admin
I have a suspicion that Party Poker founder Anurag Dikshit hasn't got an account with Bank of America...
Admin
I had that same problem I went to Beaver River Central School
GO BEAVERS!!!!
Admin
Yes there is, north of Pittsburgh
Admin
Viva Le Amerique! The land of Hypocrisy at its finest.
Admin
Admin
It's "Gifted" with the apostrophes, and nor gifted. When you speak about "gifted" people you have to make apostrophes with your hand...
Admin
Then there's http://www.beaverliquors.com/ (motto "Or Customers Come First")
Admin
Jesus! Another wacky security scheme with an even whackier twist. First, if it is a secret question, then asking AND giving it over the phone should be out of the question. Things that REQUIRE absolute ID need to be done in person at the bank office with a photo ID.
As to anti-phishing, there always has to be a secondary security token, "something you have", in addition to "what you know", the password. That can be a pin calculator, a code card with a selection of 30 numbers from witch you have to enter a random one(least secure, people have kept their entire code cards in cellphones or typed them dutifully into phishing site, list of use once codes or an ID card with a pin. Around here small sums can be transfered with the code card and that limit is lessened constantly. The pin calculator or ID card with RSA certificates are now recommended. The last being pretty much unstealable by phishing.
Admin
It gets worse, the current term, according to part of a radio show I heard, is that "gifted" is out and "exceptional" is in.
Admin
Cough That's Badger son, not beaver.
Admin
But exceptional is a fitting word, whereas gifted is not. How is that worse?
Admin
well, what about it? hate puritans...
Admin
Ah, the Scunthorpe Problem...
http://www.bbc.co.uk/comedy/clue/clips/ram/isihac_notts2.ram
Admin
Yeah, reminds me of a woman that called me for assistance when she had trouble signing up for something.
The problem was: Her name was filtered because of the same "reason" "Beaver" is filtered... So apperantly its a problem to have the family name "Mösenlechner" (not uncommon here in southern germany)... Now "Möse" here means the same as "Beaver" does for you.
Now what to do?I ended up calling the Bank (or what it was) to fix the Problem, cause using various ways to rewrite the Name all failed and using a totally wrong name for a bank account wasnt a good idea...
Admin
mushroom mushroom
Admin
Not only is there a Beaver County and city of Beaver just north of Pittsburgh PA, but it's near Moon Township. So when driving to the Pittsburgh Airport there is a huge sign over the interstate directing you to one lane for Beaver and another for Moon.
Admin
1984
Admin
Hmm we got Bush and Gore. Sex and violence all in one presidential term! What more could you ask for?
Admin
Thankyou Poindexter, not only has that joke (can you call it that??) been made multiple times in this thread, a badger an entirely different beast than the effeminate beaver.
Once again, I'm reminded that although I'm lead to believe we're a smart bunch on TDWTF, there's a lot of readers who are no more intelligent than the drivel that I get sent via MSN and whilst playing online games.
CAPTCHA: xevious, because sometimes thats how I feel.
Admin
Admin
ROTFLMAO
They've shot themselves in the foot with these idiotic PC euphemisms in such a bad way, that soon enough we will go back to call them retards, just to make sure to be understood. :)
Admin
But that's only half the joke. Remember who is VP? DICK Chaney.
But now the secret service is probably coming after me--captcha: doom
Admin
"Gee Ward, you were kind of hard on the Beaver last night". June Cleaver.
Admin
As a security geek, what I do when confronted with these systems is to make up random-password-style answers to the questions. Then, I record them in my password-safe program (which stores them encrypted, of course), right alongside the actual password.
These "security questions" are philosophically just secondary passwords, so I treat them like that. A lot of banks are going to these and calling it "two-factor authentication", which it's not. (An RSA SecurID, or the paper equivalent, would be a real second factor).
Admin
Good gravy. Heaven help us if there are significantly more people who can't count to 4 - or like to re-use the number 2. ;->
Admin
I guess nobody from Beaver, Utah need apply...