|
jcdevnet wrote: how often can they go to the restr
That's terrible right? You need so much of room fresheners to keep off the odour!
|
|
|
|
|
That's what it says in the contract, but they do get free soda and diapers
I'm largely language agnostic
After a while they all bug me
|
|
|
|
|
Still, I'm not signing for that job
WM.
What about weapons of mass-construction?
"What? Its an Apple MacBook Pro. They are sexy!" - Paul Watson
My blog
|
|
|
|
|
No kidding. I bet it starts to smell after a short while...
"Any sort of work in VB6 is bound to provide several WTF moments." - Christian Graus
|
|
|
|
|
MidwestLimey wrote: free soda and diapers
|
|
|
|
|
well said PhilDanger
Regards,
Satips.
Don't walk in front of me, I may not follow;
Don't walk behind me, I may not lead;
Walk beside me, and just be my friend. - Albert Camus
|
|
|
|
|
Vasudevan Deepak Kumar wrote: A very interesting observation. A developer had accessed a particular DB item from Cache. When we asked him what happens if the Cache gets NULL, he was telling the following points:
1) The cache never gets NULL.
This is precisely where you smack him upside the head with a baseball bat and ask him to repeat what happens when the Cache is empty. Repeat this process until he figures it out.
|
|
|
|
|
When the cache gets NULL the DB goes to the bank to get more?
|
|
|
|
|
He probably asked on CP and was given a link to a thread saying something like, "always hit the cache!"
|
|
|
|
|
Nah, probably more like an MSDN article!
|
|
|
|
|
"Any sort of work in VB6 is bound to provide several WTF moments." - Christian Graus
|
|
|
|
|
Security? Security?
`Security' isn't a dirty word, Blackadder. `Crevice' is a dirty word, but `security' isn't.
Where I work there are several chiefs, but only one indian - namely me. Now these "chiefs" are all highly "experienced", so clearly what I suggest is completely without merit.
Such as when I suggested that Application Security and User Permissions should be handled in the Application, and not left to the Database's role management, this was rebutted with "in all the applications I've ever worked on, that approach has never been successful".
And when I suggested that the Application should have one, limited!, user account/role in the Database, this was laughed off, and in went the developer creating a seperate database account for each and every user.
And then, when I was reaching the end of my tether, I suggested that password security was absolutely critical, I was later surprised to find in the registry, under the application's settings a Key containing connections. Further investigation showed that each connection contained the user name and PLAIN TEXT password for each user, including the Administrator. And not just an Application Administrator, but a fully fledged SQL Server 2005 Administrator.
;P
|
|
|
|
|
Wow. The only way to improve on this would be to have the sa account use the same password as all the users, and for that password to be password.
|
|
|
|
|
|
Regards,
Satips.
Don't walk in front of me, I may not follow;
Don't walk behind me, I may not lead;
Walk beside me, and just be my friend. - Albert Camus
|
|
|
|
|
Might as well just sticky-note the password to the front of the server and e-mail it to the whole company...
|
|
|
|
|
May as well keep the key to the front door under the door mat, too
"Any sort of work in VB6 is bound to provide several WTF moments." - Christian Graus
|
|
|
|
|
They don't happen to do anything with credit card data, do they? What's that company name again??
|
|
|
|
|
The current cast of idiots, no - but the last crowd...
When I worked for this bunch of simpletons (in the pre-HMV/Waterstones days: http://en.wikipedia.org/wiki/Ottakar's[^]
They had an "online ordering" system powered by Access '97, called 'Snowy'. One day 'Snowy' bit the bullet, and muggins here was called in to sort out the mess. Unfortunately I was unable to save the 'wonderous' GUI end of the application, however I did walk away with the data aspect of the system...
...and what a system! Hundreds of un-normalized tables, no relationships, only a passing attempt at primary keys... and thousands of plain text user details received over the web (which I later found out were sent via email from the website to the "Internet" Dept, including, but not limited to: passwords, personal info such as date of birth and security confirmation questions and credit card details - including expiry dates!
I burned the entire shooting match to CD - I still have it somewhere
|
|
|
|
|
martin_hughes wrote: ...and what a system! Hundreds of un-normalized tables, no relationships, only a passing attempt at primary keys... and thousands of plain text user details received over the web (which I later found out were sent via email from the website to the "Internet" Dept, including, but not limited to: passwords, personal info such as date of birth and security confirmation questions and credit card details - including expiry dates!
You didn't happen to save the coloring books, did you? I mean what other documentation could they have had?
|
|
|
|
|
Sadly not - but I did liberate a (new, untouched) copy of E-Commerce for Dummies from the IT & Communication Manager's office
|
|
|
|
|
Apparently they were too embarassed to read it. Nor have they watched the News either, bringing up all kinds of credit card fiascos in the last 5 years. Management - what do we pay them for again?
|
|
|
|
|
This very dangerous for you, because such chiefs are running your company into trouble.
"Get Away while you can"
Greetings from Germany
|
|
|
|
|
Too true - but the comedy value of things going horrible wrong all the time is worth it
|
|
|
|
|
I know the "Mouse is starring at the snake" Story too much out of my own experience, so I made the princiole decision, if I am in such case I gotta do something. One option is ALWAYS "run away".
Greetings from Germany
|
|
|
|