• Redsolo (unregistered) in reply to RichP

Best one. You made me laugh!

• someone (unregistered) in reply to Richard

You know ratios are fractions, right?

1:1 = 1/1 = 1 = 100%.

And, um, 50:50 is also 100%. I'm pretty certain ratios don't work by multiplying both sides by some arbitrary value and then reading the number literally.

• ancow (unregistered) in reply to someone

You know ratios are fractions, right?

They are not, though I don't have the time to explain fully. Using 2:3 as an example, to convert it into fractions you would do:

2/(2+3):3/(2+3) = 2/5:3/5 = 40%:60%

All sides of a ratio, if expressed as a fraction, need to add up to 1. (That goes for more complicated ratios as well, e.g. 2:3:5 = 20%:30%:50%.)

• Richard (unregistered) in reply to someone

Ratios are not fractions; but they can be expressed as fractions. For example "a group of 6 people went to a bar, and the ratio of men to women was 1:1". How many men went to the bar? You're saying 1:1 is 100%, so 6 men, which isn't correct. Hope this helps.

• Richard (unregistered) in reply to someone

Ratios are not fractions; but they can be expressed as fractions. For example "a group of 6 people went to a bar, and the ratio of men to women was 1:1". How many men went to the bar? You're saying 1:1 is 100%, so 6 men, which isn't correct. Hope this helps.

• Brian Boorman (google)

Sliver [sic] lining: One week on the job and she already earned a 1/2 day of paid vacation!

• dpm (unregistered) in reply to Duke of New York

Nobody anywhere talks like the people in this story.

I compliment you on being personally acquainted with several hundred million people, all of whom fit within your idea of "normal speech patterns".

• LzzrdBorth (unregistered) in reply to Eric

Correct! For CVS, you need name & birthdate, for Walgreens, name & address. They DO get suspicious, though, I've discovered, when you go in with a list of 30 "family members" with different last names who've "asked you to pick up their prescriptions" but only one of them actually has an Rx there.

• Carrandas (unregistered)

I suppose that putting a unique constraint on (username, password) would be an impossible change too.

• Erik Gern (unregistered)

this was the best one i've seen in a long while. no Erik Gern unfunny stupidity or snoofle arrogance. good job, would like to see more.

• Sole Purpose of Visit (unregistered) in reply to SD

A far more engrossing and complex story than the OP, if you ask me.

There's a massive difference between a short, well-told sketch, and a tl;dr with weird James Bond references and the occasional unbelievable detail and nowhere in particular to go.

Thanks!

• Duke of New York (unregistered) in reply to dpm

You read pretty much the opposite of what I wrote, but whatever, compliment accepted. With people falling over themselves to say how well-written the story is, I figure i can check in with a little criticism.

• oh god no (unregistered)

Don't know what the bigger wtf is: -this site -the article -the comments

'The biggest wtf' for me is the time spent on this flaming crapfest of a site.

• (nodebb) in reply to oh god no

'The biggest wtf' for me is the time spent on this flaming crapfest of a site.

"What a waste of time spending time on this site", said the person who took the time to visit the site and comment on multiple articles.

Thanks for coming. Like, share, subscribe.

• Anon (unregistered) in reply to LCrawford

You are joking about entering data into dev and cert before prod, right? Or are you making fun about doing a database upgrade in a dev environment first?

Either way - I don't get it.

• Anon (unregistered) in reply to isthisunique

I agree that the proposed fix is incorrect. Mr. Chen's fix was closer to the correct solution to Alexis. First clean the data so it confirms to the system design (username and password identify the user). Then they should have put in the unique constraint.

Changing the unique id to domain\userid is a valuable design change, but first deal with the error at hand.

• Ook (unregistered)

Not a programmer, but a sysadmin perusing TDWTF on a semi-regular basis.

This one left me totally dumbstruck. WTF indeed.

• Earlchaos (unregistered)

At least a funny wtf.

Single Sign On = Throw all usernames and passwords into an email, have some fresh-from-university hack them in some form. That's quite entertaining. What could possibly go wrong?

Trusting a fresh-from-university hacking real data in real database on day 1 - that requires balls of steels - or being completely nuts.

Having a fresh-from-university hack on live-db where Captain \$SmartAss doesn't see the obvious - makes totally sense in that company.

Probably the story would be another one if you ask Chen.

"You know, we had that smart-a\$\$-kid from university, she didn't listen at all and knew everything better."

I might have heard this story before or might have even said it myself...

• Anon (unregistered) in reply to Earlchaos

I don't see in the story where Alexis is "hacking real data". She is a data entry clerk transposing data into the real system. So I don't see the WTF there. I don't know any data clerks that enter data into "dev" and "cert" before prod. In fact, most of them don't even know what "dev" and "cert" are.

The importing mentioned earlier in the story might be cause for some extra caution using a test environment... unless the source is already well-proven, as is the import process.

• oh god no (unregistered) in reply to Lorne Kates

I've made it a habit to return to a place where I left a comment. ('A' comment, not multiple comments).

Good to see your comment. It reinforces my previous conclusion.

• (nodebb) in reply to oh god no

I can see posting history by IP. Good to know you're a liar ontop of being a grouch.

• StarSword-C (unregistered)

"Plaintext passwords used to distinguish accounts"? People like Mr. Chen are why we have hundred million-account data breaches. Alexis should've blown the whistle on these twerps to the SEC.

Also, he's a loony: he asks for a "junior developer" with a laundry list of qualifications, but what he really wants is a temp who can work a keyboard (and it would probably be cheaper to hire one).

• oh god no (unregistered)

awesome. deleting posts without notice. This is geting better all the time.

• Axel (unregistered) in reply to Cabbage

I know all kinds of arcane crap about long-dead tech that I learned from profs who thought they were interesting stories. I could see a lecture about determinism including an anecdote about how some vendor "got it wrong" that stuck in the recesses of her mind. Not far-fetched at all.

Useless trivia (as an example): early drum drives used an oil bath for head-to-surface spacing. That was before they figured out cleaner ways, like--I don't know--air. Some computer rooms needed oil drip pans for leaky drum drives. Now, how could I know that, having graduated long after anyone used drum drives? An older prof mentioned it in a lecture, that's how.

• Allan Mills (google)

I'd can only imagine what would happen with some of the companies when they rang them up to explain why some of their users have been deleted. If the person taking the call understood enough about computer security you'd expect them to stop using their services post haste. That being said, if they understood enough about computer security they wouldn't be handing over the usernames and passwords of their employees.

• Allan Mills (google)

I'd can only imagine what would happen with some of the companies when they rang them up to explain why some of their users have been deleted. If the person taking the call understood enough about computer security you'd expect them to stop using their services post haste. That being said, if they understood enough about computer security they wouldn't be handing over the usernames and passwords of their employees.

• four axiz (unregistered)
Comment held for moderation.