• (disco)

    So, another link to an "invisible" article with a link to an "unlisted" topic once again?

  • (disco) in reply to Anonymous

    IIRC the powers that be don't acknowledge it as a bug and the lack of a true invisibility setting leads to articles being visible early for category watchers.

  • (disco) in reply to aliceif

    Well somebody opened an issue to have it fixed for the front page: https://github.com/tdwtf/WtfWebApp/issues/88

  • (disco) in reply to JBert

    Oh, you guys mean the website bug. I was referring to the Discourse NOTABUG.

  • (disco) in reply to aliceif
    aliceif:
    Oh, you guys mean the website bug. I was referring to the **DiscoBug**.
    [D](http://what.thedailywtf.com/t/discopaedia/3866/4)TFY

    But yes, it's odd that it is visible or even reported for those watching the "Article" category.

  • (disco)

    I have to go traverse the building perimeter to look for physical vulnerabilities!

    Reminded me of this guy. TLDR: pentesting now involves reprising Mission: Impossible.

  • (disco) in reply to Maciejasjmj
    Maciejasjmj:
    >I have to go traverse the building perimeter to look for physical vulnerabilities!

    Reminded me of this guy. TLDR: pentesting now involves reprising Mission: Impossible.

    Computing is the only field in which the verb "traverse" means "visit all parts of", and I wouldn't expect it to be used like that for physical security analysis. So in reality, he is saying that he will cross the perimeter, presumably to go out for a cigarette break.

    Elsewhere, only artillery operators use the word to mean something other than "travel across" (in climbing, to traverse is to climb mostly across (left or right) rather than up or down, whereas to traverse an artillery piece is to swing it sideways (but the piece doesn't travel, just the aim point)...)

  • (disco)

    I was just watching the green position floatie, and it told me (when I was demonstrably at the top of the thread) that I was half-way through (4/8). This was there at the beginning, and I'd imagine that the reason that's given today is just as terrifyingly stupid as it was then. Fix your stuff, guys, or so help me I'll mount the GAU-8 somewhere so I can traverse it...

  • (disco) in reply to Steve_The_Cynic

    That's easy to explain! The green bar shows the number of the lowest visible post. Unless it shows 1.

  • (disco)

    Discourse doesn't even load on my phone. Welp.

  • (disco) in reply to SkylerL
    SkylerL:
    Discourse doesn't even load on my phone. Welp.

    Your problem is your phone is not expensive enough.

  • (disco)

    Working for a provincial government I ran into the same thing. Someone had implemented a security policy that any emails from outside government could not contain the word "password". Not marked as spam, just not allowed through -- kneejerk reaction to phishing emails. So, I had to contact the vendor when the authorization email for software I had purchased never made it to me. Everything was good on their end. It took me quite a few phone calls to find someone who could explain why the message had been blocked at our end. The vendor changed the word "password" to "pwd" in their message, re-sent it, and all was temporarily right with the world again.

  • (disco) in reply to Leafhopper

    the first thing I would expect to go wrong is any email from any security minded company with one of those "we will never ask for your password through email" type disclaimers

  • (disco) in reply to aliceif

    IMO, it's not the end of the world if forum readers get the "perk" of being able to access articles early.

    Filed under: notabugitsafeature

  • (disco) in reply to aliceif
    aliceif:
    That's easy to explain! The green bar shows the number of the lowest visible post. Unless it shows 1.
    Yes, I know *why*. That doesn't stop it being terrifyingly stupid. It's stupid because it's a stupid idea, not because the idea is implemented in a stupid way. It's another example of the Discourse developers doing things their way apparently either just to be different or just because they *can* ignore all conventions and common sense on user interface design.

    Still, at least I haven't seen the red posting-style hints in a while. That's a good thing.

  • (disco) in reply to mark_bowytz
    mark_bowytz:
    IMO, it's not the end of the world if forum readers get the "perk" of being able to access articles early.

    Filed under: notabugitsafeature

    Especially as we're the ones who will be giving Google more food by commenting ;)

  • (disco)

    "I took care of the problem. The network won’t allow anything with the words ‘wire’ and ‘transfer’ in the name. That virus will never get through here again!" - Duane

    Because viruses never change their names to get by filters. Never!

  • (disco) in reply to redwizard

    Actually, that particular build of that particular virus probably contains a hard-coded string for "Wire Transfer" (possibly with some other junk after it, but his substring filtering will still take care of that). What Duane said was correct: that virus (meaning, that build of that specific virus) won't get through their email system again.

    The next version will, but he never said anything about the effectiveness of his method on the next version or different viruses altogether.

  • (disco) in reply to allquixotic

    the next step is to ban all possible string values

Leave a comment on “Security through Idiocy”

Log In or post as a guest

Replying to comment #441872:

« Return to Article