|
Turns out that what you studied is a terrible indicator of infosec skills. So they can play the "dun Dun DUNNNNN!" music?
|
|
|
|
|
They were looking for a soft target I think. Much easier than examining the corporate culture that led to this.
"If you don't fail at least 90 percent of the time, you're not aiming high enough."
Alan Kay.
|
|
|
|
|
14 years of experience in a field does not automatically make one qualified, let alone an expert, in that field. What she did in those 14 years in that field is what's important.
|
|
|
|
|
Surely we didn’t need a computer, this behemoth of technology and innovation, just to talk to each other. Those who do not learn from history are doomed to Reply All loops
|
|
|
|
|
For the first time, a meaningful number of developers are openly questioning the web platform. "There are as many opinions as there are experts."
|
|
|
|
|
First - try to slice a carrot with a spoon...
Second - drop all the spoons from the kitchen as useless tool...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
The first time?!??!!
Someone hasn't got a long memory.
Quote: The Internet was done so well that most people think of it as a natural resource like the Pacific Ocean, rather than something that was man-made. When was the last time a technology with a scale like that was so error-free? The Web, in comparison, is a joke. The Web was done by amateurs. -- Alan Kay.
"If you don't fail at least 90 percent of the time, you're not aiming high enough."
Alan Kay.
|
|
|
|
|
Since deleted, post gave public and private key for Adobe incident response team. Aren't companies supposed to be more transparent?
|
|
|
|
|
According to Avast, the database where the CCleaner hackers were collecting data from infected hosts ran out of space and was deleted on September 12, meaning information on previous victims is now lost to investigators and the number of computers infected with the second-stage backdoor payloads may be larger than initially believed. Mental note: before launching malware campaign, buy new hard drive
|
|
|
|
|
Yes...Best Practices say delete the database if it gets too large.
|
|
|
|
|
The recent CCleaner malware outbreak is much worse than it initially appeared, according to newly unearthed evidence. That evidence shows that the CCleaner malware infected at least 20 computers from a carefully selected list of high-profile technology companies with a mysterious payload. Why weren't we included? I feel slighted now.
|
|
|
|
|
Kent Sharkey wrote: Why weren't we included?
You were...
|
|
|
|
|
These are the moments I'm grateful for:
* Never updating a software if the update doesn't bring any real advantage to me;
* Always keeping an offline installer of the software I use - that is the trusted source;
* Not using messy software like CCleaner. Most of the problems when I worked as an IT assistance man (both as freelance and as coputer shop) where due to programs similar to CCleaner, back in the end of 1990s - beginning of 2000s.
* CALL APOGEE, SAY AARDWOLF
* GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
* Never pay more than 20 bucks for a computer game.
* I'm a puny punmaker.
|
|
|
|
|
You were #21 on the list.
|
|
|
|
|
Researchers have developed a new system that allows programmers to transplant code from one program into another. The programmer can select the code from one program and an insertion point in a second program, and the system will automatically make modifications necessary -- such as changing variable names -- to integrate the code into its new context. plz put codez on my clipboard, kkthx
|
|
|
|
|
Microsoft yesterday revealed the upcoming updates to their Remote Desktop Services (RDS) solution. Someone at Citrix is having a sad day
|
|
|
|
|
Interesting though that Google had this functionality in Chrome at least 3 years ago....
....and that quote starts...
Kent Sharkey wrote that : Microsoft yesterday...
So yesterday, Microsoft. So yesterday.
EDIT
Oh here's the Chrome extension that does that.
Chrome Remote Desktop - Chrome Web Store[^]
|
|
|
|
|
When you are dead, you won't even know that you are dead. It's a pain only felt by others.
Same thing when you are stupid.
modified 19-Nov-21 21:01pm.
|
|
|
|
|
And I live in that extension some days, how could I have forgotten it.
TTFN - Kent
|
|
|
|
|
Do you ever feel over-extended ?
«While I complain of being able to see only a shadow of the past, I may be insensitive to reality as it is now, since I'm not at a stage of development where I'm capable of seeing it. A few hundred years later another traveler despairing as myself, may mourn the disappearance of what I may have seen, but failed to see.» Claude Levi-Strauss (Tristes Tropiques, 1955)
|
|
|
|
|
That's a Chrome extension, not an HTML 5 app. So to get the benefits, you must be using a specific browser. Having it in standard HTML 5, rather than an extension, is an obvious improvement.
"If you don't fail at least 90 percent of the time, you're not aiming high enough."
Alan Kay.
|
|
|
|
|
Gosh, what could possibly go wrong ?
«While I complain of being able to see only a shadow of the past, I may be insensitive to reality as it is now, since I'm not at a stage of development where I'm capable of seeing it. A few hundred years later another traveler despairing as myself, may mourn the disappearance of what I may have seen, but failed to see.» Claude Levi-Strauss (Tristes Tropiques, 1955)
|
|
|
|
|
Oracle has just announced the general availability of Java SE 9, Java EE 8 and the Java EE 8 Software Development Kit (SDK). From now on, it’s all about faster releases and more open source engagement. Best download quickly, before they decide to postpone it another year or two
|
|
|
|
|
Vulnerabilities in Android code -- including but not limited to insecure data storage, unprotected inter-component communication, broken TLS implementations, and violations of least privilege -- have enabled real-world privacy leaks and motivated research cataloguing their prevalence and impact. Researchers have speculated that appification promotes security problems, as it increasingly allows inexperienced laymen to develop complex and sensitive apps. Anecdotally, Internet resources such as Stack Overflow are blamed for promoting insecure solutions that are naively copy-pasted by inexperienced developers. In this paper, we for the first time systematically analyzed how the use of information resources impacts code security.
[...]
The participants were assigned to one of four conditions: free choice of resources, Stack Overflow only, official Android documentation only, or books only. Those participants who were allowed to use only Stack Overflow produced significantly less secure code than those using, the official Android documentation or books, while participants using the official Android documentation produced significantly less functional code than those using Stack Overflow. To assess the quality of Stack Overflow as a resource, we surveyed the 139 threads our participants accessed during the study, finding that only 25% of them were helpful in solving the assigned tasks and only 17% of them contained secure code snippets.
[...]
Taken together, our results confirm that API documentation is secure but hard to use, while informal documentation such as Stack Overflow is more accessible but often leads to insecurity.
Does the results apply to CP too?
|
|
|
|
|
Researchers have speculated that appification promotes security problems, as it increasingly allows inexperienced laymen to develop complex and sensitive apps That is not due to appification, but a choice made by the person spending money. Also not a new trend in IT, and one of the reasons I do not pity any company that is "hacked" after forgetting to lock their door.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|