WTF Bites
-
Bought Minecraft (for raisins).
Was surprised when BoA decided it was an international transaction...
-
@tsaukpaetra Hmmn. Paypal is in the US (San Jose, CA, to be specific), but the developer of Minecraft, Markus Persson, is from a Sweden, and his publishing house, Mojang, is located in Stockholm.
So the question becomes, does BoA base the international fee on the source of the product, or the company the funds are transferred to? Or does it depend on how the transaction is brokered (e.g., are they treating Paypal as the recipient of the funds, or as simply being a broker for the deal)? Given how they billed it, I'm going guess the latter is the case - that they consider Paypal a go-between rather than the one getting the cash, so the seller of record would be Mojang.
-
@tsaukpaetra said in WTF Bites:
Bought Minecraft (for raisins).
How many raisins does it take to buy Minecraft?
@scholrlea said in WTF Bites:
@tsaukpaetra Hmmn. Paypal is in the US (San Jose, CA, to be specific), but the developer of Minecraft, Markus Persson, is from a Sweden, and his publishing house, Mojang, is located in Stockholm.
So the question becomes, does BoA base the international fee on the source of the product, or the company the funds are transferred to? Or does it depend on how the transaction is brokered (e.g., are they treating Paypal as the recipient of the funds, or as simply being a broker for the deal)? Given how they billed it, I'm going guess the latter is the case - that they consider Paypal a go-between rather than the one getting the cash, so the seller of record would be Mojang.
Or the currency in which the transaction is processed. If the amount is in EUR or SEK or whatever, they'll charge a fee. If it's in USD, I would not expect a fee.
-
@scholrlea I don't know if any of that is still relevant, though, since Notch hasn't been involved with Minecraft since selling it to Microsoft a few years ago. Maybe the non-Windows-10-store version is still sold from Sweden.
-
I also found this - insulation torn off an apartment building. "Shouldn't we anchor this better, boss?" "What, you think it's gonna get blown away?"
Do they not actually finish building exteriors in Blekistan or something?
-
@dreikin yeah they should slam some of that extremely flammable UK cladding over that
-
@hardwaregeek said in WTF Bites:
If it's in USD, I would not expect a fee.
I once bought software from a Canadian company. The transaction was in USD, but the credit card still dinged me for a foreign transaction fee.
-
@greybeard It's a bank; they'll probably charge you a fee if the currency is different or the seller is international or any other reason they can think of to make it plausible.
-
And so they lost one of their valued customers. I’m so disappointed I didn’t have the time last weekend to check the rollout of the new version for SQL injection vulnerabilities. Which I would’ve found for sure!
-
And so they lost one of their valued customers. I’m so disappointed I didn’t have the time last weekend to check the rollout of the new version for SQL injection vulnerabilities. Which I would’ve found for sure!
Who?
-
TLDR: 'I've bought wanky IOT lights but using the App to control them is a pain in the ass. How do I hide an Arduino behind the mechanical lightswitch so it can it can send WiFi on/off commands when I toggle the switch?'
-
and with any code a simple # or a * out of place can really mess things up
-
@pie_flavor said in WTF Bites:
and with any code a simple # or a * out of place can really mess things up
Maybe they send the password over DTMF?
-
@kt_ Alphanumeric usernames… whatever. Alphanumeric passwords… that's so far against current recommended practice it isn't funny.
-
@pie_flavor said in WTF Bites:
and with any code a simple # or a * out of place can really mess things up
That is of course the crux of the , but by favourite quote is actually:
we do understand the need for secure credentials but unfortunately this is not allowed by our system
-
@maciejasjmj
Oh... God....
-
@pie_flavor said in WTF Bites:
and with any code a simple # or a * out of place can really mess things up
That is of course the crux of the , but by favourite quote is actually:
we do understand the need for secure credentials but unfortunately this is not allowed by our system
I think it's pretty hard to beat their conclusion: "this has been fixed... can now contain only alphanumeric characters".
(Mobile is a to trying to make sure that quote is word-for-word.)
-
@anotherusername So, when they say their security is 'fixed', they mean it in the veterinary sense, then?
And oh, yes, the tacit admission that they aren't scrubbing their URIs and password input is a delightful piece of information to release to the public, too. Their customers are so lucky to have such a competent firm at their back.
-
@kt_ Alphanumeric usernames… whatever. Alphanumeric passwords… that's so far against current recommended practice it isn't funny.
My passwords are all 63 character alphanumeric strings. I've had too many problems with a symbol in a password being accepted on the password-setting page but not on the login page.
-
@ben_lubar said in WTF Bites:
My passwords are all 63 character alphanumeric strings.
You'll be fine… up until someone decides that 8 alphanumeric characters are enough for anybody.
-
@ben_lubar said in WTF Bites:
My passwords are all 63 character alphanumeric strings. I've had too many problems with a
symbol in a password being acceptedlong password being silently truncated on the password-setting page but not on the login page or vice versa.FTFM
-
@ben_lubar said in WTF Bites:
My passwords are all 63 character alphanumeric strings.
You'll be fine… up until someone decides that 8 alphanumeric characters are enough for anybody.
That reminds me of a recent experience trying to buy tickets online
- Go to site, add tickets to basket
- Check out
- log in or register? Well, I don't think I've used the site before so I'll register
- Generate password in KeePass, register
- This email address is already in use
- try one of my standard passwords from before I started using password managers
- Logged in
- Basket has emptied
- Decide I might as well set my password to something secure
- Change password page. Set it to the KeePass generated password
- Password must be between 8 and 15 characters
- Change KeePass setting to 15
- Password must be between 8 and 15 characters
- grumble grumble. Change KeePass to remove spaces, high ascii and special
- Password set
- Find event again. Select tickets
- Go to basket
- Check out
- Add a new card, because the card on record is 6 years old
- Review order
- Billing address and postal address (even though it's E tickets) are a 6 year old address
- No way to change details on the review page, so cancel order and go to account details
- Change address
- Find event again because the basket has emptied again
- Add tickets
- Basket
- Check out
- Select card
- Review order. Everything's fine at last
- Order
-
Change KeePass to remove spaces, high ascii and special
I figure that the likelihood of spaces and high ASCII being broken is so high that it's not worth even trying. Unless the other rules are so dumb (like < 15 characters), I can generally get >100 bits of entropy even without them.
-
@hardwaregeek My approach is to turn everything on, then reduce the sanity until it matches the site
-
That reminds me of a recent experience trying to buy tickets online
On the plus side, it didn't sell out in the mean time.
-
-
reduce the sanity until it matches the site
Look where you are now!
Not sure if referring to @Jaloopa's sanity, being on TDWTF, or both.
-
-
And so they lost one of their valued customers. I’m so disappointed I didn’t have the time last weekend to check the rollout of the new version for SQL injection vulnerabilities. Which I would’ve found for sure!
https://meta.discourse.org/t/bug-smtp-password-field-does-not-escape-comment-sign-hash/23344
Hi !!!
-
@boomzilla said in WTF Bites:
And so they lost one of their valued customers. I’m so disappointed I didn’t have the time last weekend to check the rollout of the new version for SQL injection vulnerabilities. Which I would’ve found for sure!
https://meta.discourse.org/t/bug-smtp-password-field-does-not-escape-comment-sign-hash/23344
Hi !!!
Well, he’s always strived for excellence, especially when doing it wrong.
It’s probably an issue with their password escaping CDN.
-
@boomzilla said in WTF Bites:
And so they lost one of their valued customers. I’m so disappointed I didn’t have the time last weekend to check the rollout of the new version for SQL injection vulnerabilities. Which I would’ve found for sure!
https://meta.discourse.org/t/bug-smtp-password-field-does-not-escape-comment-sign-hash/23344
Hi !!!
Well, he’s always strived for excellence, especially when doing it wrong.
It’s probably an issue with their password escaping CDN.
Come to think of it, they really should switch to a password CDN.
-
@kt_ Even better would be if they switch to a password CNN; nobody would bother hacking them because 99% of the information would be useless.
-
@pie_flavor but would all the passwords be banana?
-
@jaloopa I mean, if they could incorporate emojis, then they'd be better than most of the password systems I've seen.
-
@boomzilla said in WTF Bites:
And so they lost one of their valued customers. I’m so disappointed I didn’t have the time last weekend to check the rollout of the new version for SQL injection vulnerabilities. Which I would’ve found for sure!
https://meta.discourse.org/t/bug-smtp-password-field-does-not-escape-comment-sign-hash/23344
Hi !!!
Apparently, having the password surrounded in quotes (or double-quotes) is ambiguous, but any number of spaces/tabs is not.
Filed under: Fun fact: One of my passwords is "It's a !%#$ing Pbuttword, Moron!"
-
Note that naturally if your window isn't wide enough (queue 3 pixel jokes from morons) there is no Print icon in that toolbar.
-
@blakeyrat TR is using Bing Maps. Or Bing anything, really. What does it have that Google Maps doesn't?
-
@blakeyrat said in WTF Bites:
queue
cue
@blakeyrat said in WTF Bites:
morons
I cannot confirm or deny these allegations.
-
@cursorkeys said in WTF Bites:
TLDR: 'I've bought wanky IOT lights but using the App to control them is a pain in the ass. How do I hide an Arduino behind the mechanical lightswitch so it can it can send WiFi on/off commands when I toggle the switch?'
Today, our hero learns about false economies.
-
@blakeyrat I'm confused, they can intercept the print view to show that message but they require you to click their print button to get something you can actually print? That's like bricking up your front door with a message saying to go through the window right next to the door.
-
@blakeyrat I'm confused, they can intercept the print view to show that message but they require you to click their print button to get something you can actually print? That's like bricking up your front door with a message saying to go through the window right next to the door.
More like the media queries hide everything so it shows that when using the browser's print. Google does something similar, but better.
-
@tsaukpaetra said in WTF Bites:
@blakeyrat I'm confused, they can intercept the print view to show that message but they require you to click their print button to get something you can actually print? That's like bricking up your front door with a message saying to go through the window right next to the door.
More like the media queries hide everything so it shows that when using the browser's print. Google does something similar, but better.
More accurately, Google Maps intercepts the CTRL+P and displays a print dialog (although it's kinda hard to notice if you're expecting the fullscreen thing.
EDIT: And forcing a print (via menu) works fine, displaying a printable map, not a "oops,
you done hitted print wrongCOMPUTER SAYS NO"
-
@lb_ Yeah, they obviously wrote a print stylesheet (the print button that may or may not be on the toolbar depending on how wide the window is is hooked up correctly), but instead of having the browser just use the print stylesheet when you hit its print button, they created a new stylesheet that nags to you use the other print button.
I have no idea why.
-
@blakeyrat said in WTF Bites:
I have no idea why.
I had a sneaking suspicion, but it looks like Edge does the same thing.
https://i.imgur.com/DmningR.png
-
and I saw a gust of wind
I just watched the Smithsonian channel's program on the Oklahoma City tornado from 1999 (the new "I survived" series). Pah. That's not wind. That tornado had the highest winds ever recorded - anywhere.
-
@dcon The planet Nepture has winds measured at 1,200 MPH.
Wiki is more careful about the wording to avoid pedantic dickweeds like me.
-
@blakeyrat said in WTF Bites:
@dcon The planet Nepture has winds measured at 1,200 MPH.
Wiki is more careful about the wording to avoid pedantic dickweeds like me.
Damn - shoulda known... and I was going to type "globally" originally... (I blame work for distractions)
-
@ben_lubar said in WTF Bites:
@blakeyrat said in WTF Bites:
queue
cue
"Queue" could be correct, if he is expecting a litany of jokes to be posted.
-
this is not how you handle this
MyClass GetRecord(string columnName, string columnValue, bool quoteValue) { ... ... string.Format("{0}={2}{1}{2}", columnName, columnValue, quoteValue ? "'" : string.Empty) ...
-
I've run into this several times now, so I'm thinking it might not be a fluke that it keeps occurring.
If I have a Windows update waiting to restart the computer, but I keep delaying it, eventually the audio devices attached to the system quit working and videos on webpages won't play either.
I have to restart the computer in order to get those functionalities back.This is a Win7 Ent 64-bit laptop with a Logitech headset and a dock.