The problem is using the framework in the first place
Ember was named after the dull red glow that's all that remains of your phone battery after using it for five minutes.
The problem is using the framework in the first place
Ember was named after the dull red glow that's all that remains of your phone battery after using it for five minutes.
@Jaloopa said in Enlightened:
tracking things is how you improve them
Wow. Just wow.
Maybe Carsten's paymaster just finished working out how many billable hours it took him to compose that opus.
@Gurth said in What is the deal with "Your ____ ran into a problem"?:
What’s wrong with something like, “Your PC ran into a problem and needs to restart. This will happen automatically in a few moments.”?
Not aggressive enough.
"You touched something, didn't you. We warned you not to do that. Over and over, we warned you. But you did it anyway, and now you've broken it. We'll try to fix it for you but we're making no promises. What you have to do now is SIT THERE AND KEEP YOUR HANDS TO YOURSELF while we try to figure out how much permanent damage you've done.
"By the way, we're going to restart your PC, which will probably mean tying it up for two hours while we install updates afterwards. No, you can't go get a coffee. Sit down and shut up and maybe you'll finally learn something."
I've recently decided to become a financial adult and actually invest in a few things instead of leaving all my savings lounging about lazily in scruffy low-interest accounts. And that means I've started dealing with share registries.
Oh. My. Fn. God. And I thought banks were bad. Who is responsible for this crap?
To get past that login page, the only secret I need to know is a Holder Identification Number or HIN. That's a number issued to me by my broker. It seems to function as a combined username and password. It's the same for all the stocks I've bought via that broker, even those registered with registries other than the one I'm dealing with here. If it leaks, I have no way of changing it.
And that "security code"? Nothing to do with website security. All that is, is the stock exchange codename for one of the stocks I own. That control is a dropdown list of all the stocks registered with this registry. Any one I own will work.
Bam. Logged in.
Now I want to update bank account details and my tax file number, so my dividends will get paid to me without ridiculous amounts of withholding tax deducted. So I click Update Details, and get this:
Not too much there. Click TFN/ABN Update:
They want a PIN. I don't have a PIN. Let's get one. Click "Issue a PIN":
Oh for 's sake.
s in this dialog:
After "shortly" has been more than two days, I log in again with my sooper seekrit HIN and send off a complaint via the contact form:
First Name*
Myname
Surname*
MySurname
Email*
identifier@provider.tld
Telephone
Comments*
I have been trying to get a PIN issued so I can update my tax file number,
but nothing comes through to my inbox.
Method of Contact*
Email
And they send an email that reads
Dear Myname,
Please provide the full name and address on the holding or the HIN/SRN,
for me to locate and advise.
Thanks & Kind Regards
Helpdesk Person
(snip massive disclaimer footer)
I was logged on when I used that contact form, but it apparently doesn't pass along the details that stare me in the face on every other page of the site. OK, whatever. Fukkit. Let's send everything sufficient to impersonate me on their stupid site over unsecured email to somebody I've never met.
Name: Myname Middlename Surname
Address: My address
HIN: My sooper seekrit HIN
Holdings are CODE and CODE
And back comes the astonishingly helpful reply:
Dear Myname,
Please note that we do not have any email address recorded for your
holdings under that HIN. Kindly login again and click on issue a PIN
and follow the prompts.
To update your TFN only, you can email the number to our office and
we can update it for you.
Kind Regards
Helpdesk Person
TFN (tax file number) is a government-issued quasi-secret as well; sending that off in an email is a breach too far. Let's stick with the idiotic "Issue a PIN" dance...
That's exactly what I'd already done, twice, before contacting you via
the form. Why should it work any differently this time?
Also, how is logging onto your web site, which requires only information
I've already sent you from this email address, any more secure than you
just issuing the PIN from your end?
I'll do it again all the same.
Done (see attached screenshots). As expected, still no PIN in my inbox.
No PIN in my Spam folder either.
And back it comes:
Hi Myname,
I am not sure too.
However, will ask the IT team here to reset your PIN settings.
Kindly login tomorrow to issue a new PIN.
Kind Regards
Helpdesk Person
Now, I'm pretty sure I know what's going to be the problem here. It's going to be the answers to my security questions. I used the same pattern for those I always use - a base of five groups of five lowercase letters randomly generated by KeePass, followed by the last word of the question to make the answers unique.
Given how utterly shit-grade the entire design of this farcical excuse for a website obviously is, I'd bet money that the answers to the security questions have a length limit that the frontend doesn't validate, and that the backend silently truncates them and then silently fails when both questions have identical answers.
Let's see how long it takes these clowns to sort this out. I'm not holding my breath.
@Salamander said in I'm getting tired of this npm shit:
whatever 'ramda' is
lambda with a speech impediment?
The next speakers were Bobby and Jane Mann.Jane Mann said she is a local native and is concerned about the plants that make the community beautiful.
She is a retired Northampton science teacher and is concerned that photosynthesis, which depends upon sunlight, would not happen and would keep the plants from growing. She said she has observed areas near solar panels where the plants are brown and dead because they did not get enough sunlight.
She also questioned the high number of cancer deaths in the area, saying no one could tell her that solar panels didn’t cause cancer.
“I want to know what’s going to happen,” she said. “I want information. Enough is enough. I don’t see the profit for the town.
“People come with hidden agendas,” she said. “Until we can find if anything is going to damage this community, we shouldn’t sign any paper.”
Bobby Mann said he watched communities dry up when I-95 came along and warned that would happen to Woodland because of the solar farms.
“You’re killing your town,” he said. “All the young people are going to move out.”
He said the solar farms would suck up all the energy from the sun and businesses would not come to Woodland.
Maciej Ceglowski in top form.
Gone is the gimmicky TouchBar, gone are the four USB-C ports that forced power users to carry a suitcase full of dongles. In their place we get a cornucopia of developer-friendly ports: two USB 3.0 and Thunderbolt 2 ports, a redesigned power connector, and a long-awaited HDMI port.
...
What hasn't changed: Apple has kept the beautiful Retina display, and storage and memory are the same as before. The new machines will be slightly thicker (to accomodate the USB ports) and 200 grams heavier, but it's not clear how this will affect battery life.
...
The most obvious change is the redesigned keyboard. Removing the Touchbar creates room for a row of physical function buttons and, in a nice touch, an escape key. This isn't a perfect solution: the function buttons map to a confusing series of actions that can send windows flying around the screen with an errant keystroke, and the new physical off switch is too close to the backspace key. But it is certainly a huge step forward, and it will be interesting to see how software developers take advantage of this clever new feature.Everything about the new machine seems designed for typists. The trackpad has been made smaller, so you're less likely to brush against it with your palm. The keys themselves are much more comfortable to type on, with improved key travel, a softer feel, and more satisfying tactile feedback. You no longer feel like you're tapping on the glass surface of an iPad. And not having a TouchBar means no longer having to look down at your hands all the time.
Despite the many improvements, Apple is actually dropping the price on its flagship 15" MacBook Pro by $400, another sign that they're serious about winning over developers.
Benjamin Button explained for those unaware of the reference.
It's census night here in Oz. Time to try out the online census form that the Australian Bureau of Statistics has been at pains to convince as many people as possible to use this year instead of filling in the paper form.
So can http://www.census.abs.gov.au/ handle the load it should have been designed to expect?
Can it fuck. Right now it's got cooties that make look reliable.
You'd think that a department whose sole reason for existence is crunching numbers would be capable of setting up a high-capacity data collection server... unless you were a regular TDWTF reader. Then you'd expect to see exactly what's happening here.
Paper forms it is then.
I heard the eye in the pyramid on US dollar bills is an actual functioning eye.
These instructions sound awfully familiar.
That will be because they only apply to devices new enough to have the microwave oven fast-charge feature.
@cartman82 said in I'm getting tired of this npm shit:
You don't need 17 curried fucking function calls to compare 2 numbers.
This is 2016. You're just a Luddite who fears change. Get with the program.
@Lorne-Kates said in After reading some UX stuff on Medium:
you end up with a gigantic, ornate doornob. It is too high for most people to reach (though it's just fine for the manager's height). It was installed in the middle of the door, so that it would more prominently feature-- even though physics says a handle in the middle of a door is retarded. Because it's in the middle of the door, the engineers haven't been able to get a way to hook up a latch system yet-- no one can drill a hole that deep, or find a latch that long. So the door is just propped closed, making the handle useless. Also, because there's no latch, the door will randomly either jam or swing open.
Well, that's clearly fucked. So what we need to do now is flatten the doorknob into a clean, minimalist icon of itself. It will be much more intuitive that way.
@flabdablet said in Wish-it-was password security:
Given how utterly shit-grade the entire design of this farcical excuse for a website obviously is, I'd bet money that the answers to the security questions have a length limit that the frontend doesn't validate, and that the backend silently truncates them and then silently fails when both questions have identical answers.
Nailed it (though to be fair, it might not have been the length; it might have been the spaces). After telling their Issue a PIN form that my pet's name is am0iq4zhhgrb9ka5 and my mother's maiden surname is ic73msl743xjb7fd, it actually issued a PIN.
Dear Investor(s)
We welcome you as a registered member of Our Shitgrade Registry Investor Online Service.
Your New Security PIN is 829057
Please do not write your PIN anywhere but store it in a secure place.
Please contact our office on +61 9 9999 9999 should you have any queries.
Kind Regards
So there you go. It's perfectly OK for them to send my wish-it-was-a password over unsecured email, but it's not OK for me to write it down. And yet I'm supposed to "store it in a secure place". Perhaps I am supposed to read it out loud into one of those modern wax cylinder recording doodads, then drive my horse and buggy down to the bank to put that in my safety deposit box?
Secure place, my arse.
(now there's an idea)
Edit: turns out that every form that can alter any of my details has an input box for my PIN. Do you even sessions, bro?
Time to close this support ticket.
After a bit more messing about with your online Issue A Pin form, I
finally got it to issue one.
Turns out that "agipc fhhsb bgwax mijfb suylw pet" and "agipc fhhsb
bgwax mijfb suylw surname" are unacceptable names for my pet and my
mother's maiden surname. "1k39inv7sz1017uk" and "2trghi3g0i0067cw", on
the other hand, work just fine.
Please pass on the following feedback to your IT team:
Words cannot begin to express my dismay at your website's astonishingly
poor security design. Who built it, the CEO's nephew? Whoever it was,
they weren't worth what you paid them.
@øtter Linus Tørvalds ønce bit my sister.
@masonwheeler said in Apple's newest iPhone, 2016:
I heard a rumor that they were going to add wireless charging technology to the latest model. Any truth to that one?
They've had that since iPhone 4. Just pop it in the microwave for thirty seconds and it's good to go.
@Claire-Collins I appear to have crapped in my pants but I don't seem to be laughing. Please advise.
@flabdablet said:mysqli_real_escape_string_honest_this_time_we_mean_itFTFY
mysqli_real_escape_string_no__this_time_we_mean_it
mysqli_real_escape_string_honest_this_time_we_mean_it
@Arantor said in This is how it feels to learn Javascript in 2016:
it's like all the problems that were solved twenty years ago are suddenly new problems again
To be fair, this time around they're web scale!
All you need to remember from now on is that Microsoft loves you, Microsoft cares for you, Microsoft has your best interests at heart, and Microsoft knows what you want far better than you could possibly know that yourself.
Relax. Accept. Obey. Share and enjoy.
Microsoft will keep you safe from the bad men who want to hurt you.
Microsoft will give you an unlimited supply of corrasable bond.
Microsoft is your biggest fan and just wants to be your friend.
Microsoft likes to watch you while you sleep.
To be fair, with proper rendering support you may see APL source code, so it's arguable whether you'd be any better off.
@tufty said in No thread about the GitLab fuckup yet?:
95% of the data had been backed up to /dev/null
To be fair, you can write a shitload of data to /dev/null before it fills up.
management having a strong belief in "The more developers you put in, the more work gets done in a shorter amount of time"
You need this posted on your cube wall:
Confession: I wrote this.
# define morse (((((((0
# define di * 2)
# define da * 2 + 1) /* pay no attention */
# define dit * 4 + 1) /* to the man behind */
# define dah * 4 + 3) /* the curtain */
# define _ * 2)
# define ascii * 256 +
static const uint16 morse_table[] =
{
morse dit _ _ _ _ _ _ ascii 'e',
morse dah _ _ _ _ _ _ ascii 't',
morse di dit _ _ _ _ _ ascii 'i',
morse di dah _ _ _ _ _ ascii 'a',
morse da dit _ _ _ _ _ ascii 'n',
morse da dah _ _ _ _ _ ascii 'm',
morse di di dit _ _ _ _ ascii 's',
morse di di dah _ _ _ _ ascii 'u',
morse di da dit _ _ _ _ ascii 'r',
morse di da dah _ _ _ _ ascii 'w',
morse da di dit _ _ _ _ ascii 'd',
morse da di dah _ _ _ _ ascii 'k',
morse da da dit _ _ _ _ ascii 'g',
morse da da dah _ _ _ _ ascii 'o',
morse di di di dit _ _ _ ascii 'h',
morse di di di dah _ _ _ ascii 'v',
morse di di da dit _ _ _ ascii 'f',
morse di da di dit _ _ _ ascii 'l',
morse di da da dit _ _ _ ascii 'p',
morse di da da dah _ _ _ ascii 'j',
morse da di di dit _ _ _ ascii 'b',
morse da di di dah _ _ _ ascii 'x',
morse da di da dit _ _ _ ascii 'c',
morse da di da dah _ _ _ ascii 'y',
morse da da di dit _ _ _ ascii 'z',
morse da da di dah _ _ _ ascii 'q',
morse di di di di dit _ _ ascii '5',
morse di di di di dah _ _ ascii '4',
morse di di di da dah _ _ ascii '3',
morse di di da da dah _ _ ascii '2',
morse di da di da dit _ _ ascii '\n', /* AR, end of message */
morse di da da da dah _ _ ascii '1',
morse da di di di dit _ _ ascii '6',
morse da di di di dah _ _ ascii '-', /* BT, pause */
morse da da di di dit _ _ ascii '7',
morse da da da di dit _ _ ascii '8',
morse da da da da dit _ _ ascii '9',
morse da da da da dah _ _ ascii '0',
morse da di di da dit _ _ ascii '/',
morse di di di da di dah _ ascii '\f', /* SK, end of contact */
morse di di da da di dit _ ascii '?',
morse di da di da di dah _ ascii '.',
morse da da di di da dah _ ascii ','
};
@Kian You should consider leaving the boldface markup off the correct answers, as it makes your test too easy.
I don't know why automatic updates fail on some of them.
It's because Windows Update is a complicator's gloves solution with far, far too many moving parts.
Windows Update fetches its updates using Background Intelligent Transfer Service (BITS) which, if you've been in this industry for any length of time, you will immediately recognize from the name alone as a Broken Stupid Transfer Service.
BITS does a reasonably good job of not stomping on other uses for your network connection, but that's about all it's good at. It downloads files in little chunks (making any caching HTTP proxy virtually useless unless you configure it specially) and occasionally it will fuck up one of those transfers but fail to notice (probably because it uses a Jet database internally to keep track of what it's up to). That results in a corrupted update, which will always fail to install, but which Windows will never bother trying to re-fetch because BITS said everything was Jes' Fine.
Windows Update will then proceed to retry installing that broken update forever until you deliver the appropriate scientific slap upside its head.
I don't know and I don't care to participate in this dumbness
Modified UA: I don't know and I don't care to participate in this dumbness
So that'll be why you're seeing the two-box version then.
The writing part of creative writing isn't fun.
There was a curmudgeon called blakey,
Whose enjoyment of language was shaky.
Though he loved a good gripe
He just hated to type:
It was boring and made his hands achy.
That still doesn't explain why you'd choose shitty tools over good tools.
No, but it could go some way toward explaining why you have so many disagreements with so many people about what constitutes shittiness.
can you see why?
This is just ReSharper's passive-aggressive way of saying that C# needs a ??= operator.
@another_sam On the contrary, that's exactly why you do use C. If you're going to program crazy murdering robots, you're going to want some plausible deniability.
@dcon Turns out I don't need to do even that much work to get quite a convincing result.
Original form:
#!/bin/sh
convert -density 300 "$1[0]" -strip -colorspace gray -virtual-pixel white wrinkles.jpg -blur 5 -compose multiply -composite -rotate 0.3 -crop 2480x3508+0x0 -monochrome "${1%.pdf}.tiff"
By playing Super Mario World just so, it can be turned into Flappy Bird.
https://www.youtube.com/watch?v=hB6eY73sLV0
via Metafilter.
On two occasions I have been asked, 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question; though my new business partner, lately having amassed a modest fortune at Three-card Monte, has devised an ingenious method for monetising it.
@Lorne-Kates said in The Official Status Thread:
soon they'll be wielding
which is like carrying, only dwarfier
couldn't understand why I went into panic mode when I found a Windows 95 PC with internet access
It's well known in certain quarters that Windows 95 is actually more secure than any modern Windows because none of the extant malware is compatible with it any more.
@homoBalkanus said in In other news today...:
What could possibly go wrong?
Nothing that isn't already industry standard practice.
We keep finding more sensitive data that we need to cleanup. I didn't realize how much of the internet was sitting behind a Cloudflare CDN until this incident.
The examples we're finding are so bad, I cancelled some weekend plans to go into the office on Sunday to help build some tools to cleanup. I've informed cloudflare what I'm working on. I'm finding private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings. We're talking full https requests, client IP addresses, full responses, cookies, passwords, keys, data, everything.
As MeFite zachlipton wonders: "Why exactly did we think it was a good idea to have a single company MITM a giant chunk of the internet?"
@RaceProUK said in No thread about the GitLab fuckup yet?:
It's a bit like that question "If a tree falls and there's no-one to hear it, does it make a sound?"
More like "if a tree falls but nobody had ever actually bothered to plant it", surely?
@Fox That of course is a trick condition, because Google wasn't even invented until 1492.
Not long after Melbourne's Crown Casino first opened, I visited it to see what all the fuss was about.
Inside this huge windowless climate controlled carpeted piped muzak space, carefully constructed so as to disconnect the occupants from anything that might remind them of the passing of time, are row upon row upon row of bleeping flashing poker machines. And in front of almost every one there sat a dead eyed loser feeding in coin after coin after coin.
Every now and then, somewhere on the gaming floor a machine would make a joyous electric noise and disgorge a handful of dollar coins into its payout tray. I saw this happen twice. And both times, the player didn't even crack a smile. They just picked up all the coins and started feeding them straight back into the machine.
Righto, I thought. I've worked for a mob that makes these hellish engines. I know how they're programmed and I know about their little payout percentage thumbwheel. But I'm buggered if I'm going to go to the trouble of pedalling my bike all the way here without getting into the spirit of the thing.
So I found this rather small machine stuck on a pillar in the middle of the space. It was plain white and not at all flashy, and it didn't have a screen, but it did have a slot at the top and a payout tray at the bottom. So I fed a $2 coin into the top slot, pressed the button, and was instantly gratified with a rattle of dollar coins into the tray.
When in Rome... I took that pair of dollar coins and fed them straight back into the slot. And two more rattled straight back out.
Ripper, I says to myself, I can't lose here. So I fished around in my pocket and fed all my loose coins into the slot. And with a rattle and a clank, Crown Casino's change machine took my $3.85 and gave me back three shiny dollar coins.
The house always wins.
Disclaimer: all "likes" attached to this post are bullshit.
38
Continuing the discussion from How is it possible someone in the lounge could be an asshole?:
Yeah well you know what's awesome? Now I have to click 40 bullshit likes or whatever, just so I have access to those threads so I can police my own personal information. Because none of the fucking mods or users here are doing the fucking job, I guess there's no choice but to do it myself.
Happy to help out. Let's get started.
https://www.youtube.com/watch?v=3HSxXCwBgog
Disclaimer: all "likes" attached to this post are bullshit.
Disclaimer: all "likes" attached to this post are bullshit.
25