Become a fan of Slashdot on Facebook


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Responses (Score 1) 200 200

In the case of a password reset, if you change the password and email the new changed password, the password reset may have been requested by someone other than the account holder. Now the account holder's password is changed to something other than what the user expected. Going through account activation or a password reset will force the user to set the password. The system should NEVER change a user's password except to exactly what the user wants the password to be.

The difference is if you generate a one time use token and send it to the user for limited access to change their password, then you're using a one time use token. Yay, as expected.

The other way is to change the password to a random value and send this to the user. Similar to the one time use token, but your F'n abusing the password system to also act as a one time use token.

It doesn't seem like much of a difference, but it's a slippery slope and easier for mistakes to be had when you mix your authentication logic with your one time use logic. I've seem strange abuses or requests for abuse in my time. Make you cringe.

Comment: Re:Rumors and whisperings (Score 1) 131 131

I had no other option in 2009 other than an online degree because I needed to work full time.

A failing of society. Around here, non-trad students with no degrees get paid to go to a State University. I first found out about this when a 30 year old father of two children was going to class full time and working part-time told me the state was paying him just enough to keep going to school and keep his home.

Comment: Re:Good (Score 1) 131 131

That's sad for a "University" to have such low quality database classes. In my first semester we didn't even touch SQL until we spent two weeks starting with Set Theory and working into other concepts of how databases work. By second semester we were learning how to profile queries to make decisions on how and when to create indexes, then covered how we could have better designed the database.

I wandered into my professor's room one day to ask him about his thoughts about World of Wacraft's database. He told me one of his students helped design that custom database and he started going over a lot of the kinds of issues huge high transaction databases can have. He was used to teaching graduate students who specialized in databases.

Over all, I probably learned more out of class talking with my teachers about what we learned in class.

Comment: Re:BS on the Obama comment (Score 2) 131 131

I could see 100s, but not 200s. 100s had a quite a bit of team work, but 200s had even more team work. I didn't go to college to gain knowledge, I went to get educated. As a teacher so eloquently put it, anyone with internet access has access to more knowledge than they know what to do with.

Comment: Re:Today's computer science corriculum is practica (Score 0) 153 153

Whoosh. I fixed your analogy because it was horrible. Maybe I should have used strikethrough, but there is no documentation on how to use strikethrough with slashdot and they don't use any markup tags from the commonly used.

This is /., not a mailing list. Just click the parent button to see the original.

Comment: Re:Today's computer science corriculum is practica (Score 1) 153 153

The thing is, doing them WELL requires the equivalent of multiple PhD's"

Or being interested in them. The GP was arguing that netmasks are not something CS may know. I was getting after that CS should know a lot of everything, including routing. How could someone who understands how routing works not understand netmasks?

Comment: Re:Today's computer science corriculum is practica (Score 0) 153 153

Your analogy is almost as bad as the articles.

CS != IT. This makes as much sense as complaining that your car mechanic knows nothing about engines.

The mechanic may not know how to build an engine, but he damn better understand the ideas behind how they work and be able to do basic maintenence.

Comment: Re:Today's computer science corriculum is practica (Score 1) 153 153

With a CS degree, you should know damn near everything. My cousin had a CS degree and based on required classes, he had to know how to write compilers, kernels, network stacks, design CPUs, 3D game engines. He did not have a lot of practical work in any of those, but he had to learn the theory, data structures, and understand how and why the were designed the way they were, then implement simple versions of what he learned.

He came from a Uni that is a world leader in Bio Engineering, and CS was considered a harder subject because CS is very hard. If it's not hard, you're not doing CS.

Hold on to the root.