“I’m a bit reluctant to visit American states with these… um… what are they called? Shoot your gun laws?”
“Stand your ground laws?”
“Yeah… those…”
“I’m a bit reluctant to visit American states with these… um… what are they called? Shoot your gun laws?”
“Stand your ground laws?”
“Yeah… those…”
The more absurd the idea, the more complex the defense…
A: (ANY STATEMENT)
B: I disagree!
A: Thank God we’re not all pod-people.
Simple test:
If you double click something in the user interface, the interface redraws and rearranges controls at the exact same moment causing your double click to end up on something else, then you know you’re dealing with a miserable excuse for a user interface… (Apple? Microsoft? If you’re interested… No? Why am I not surprised?)
If you have to explain why every adult citizen in a democracy must be allowed to vote, you’re having serious problems with your democracy!
Photo credit: SUXSIEQ on VisualHunt.com / CC BY-NC
When developers say a piece of work will take 2-4 hours what really happens is one of three things:
Header image from Visualhunt
My first, and probably last, attempt at security programming was back in the 80ies, on a Spectravideo. I remember spending some hours on the program, and I had an if-clause to check for a password, and if the password was wrong, obviously the program needed to be protected… so I deleted it from memory…
Some BASIC along the line of:
1820 IF password <> "******" THEN NEW
…of course, after some hours of programming I’d forgotten the password… and forgotten that I didn’t knew it so I typed in the wrong one and off my program went…
…did I save it to cassette before I tested it. Nope. Did I learn the cassette equivalent of the “ctrl-s”-reflex. Yup!
Does this in any way resemble modern security programming? In my experience? It is as if nothing has happened since the 80ies. In fact, I’m fairly certain there are systems out there that will format c:
if you fail to type in the right password too many times.
Or like moron Azure DevOps. What happens if you try to view a page you don’t have access to? Yup, you get a 404 error (as in page does not exist, not a 403=you don’t have access). They’re even helpful enough to tell you so. You know, so no one will know that the page do in fact exist. If they don’t have access. How many people spend how many hours bug hunting that one? Do we bill Microsoft? Ah, no, they’re billing us, right…
format azuredevops:
It seems that if it’s about security and doing the wrong thing makes something explode and burn, some security manager somewhere will have mental, or not so mental, orgasms… But I guess usable security systems will be hacked because the users will be too comfortable using them… right…?
Marketing:
“I’ll give you a $100 discount!”
“Wow, what will that give me?”
“A sandwich… with cheese… If you want ham it’s $200…”
“…”
Header image: by Maria Mastrafchieva on Visualhunt / CC BY-NC
Step 1: Ban abortions
Step 2: Ban contraceptives
Step 3:
And then I’m not even commenting on what’s going to happen to USA’s already abysmal maternal mortality rate… (Oh yeah, American women die during birth more often than women in any other developed country! Abortion bans will not help…)
Did you really vote for this?
Character encoding-dong the document is dead!
Photo credit: James Abley on Visualhunt.com / CC BY-NC-ND