[Han's mom walks in]
Mom: That's no moon!
[Han's mom walks in]
Still, you have to admit that it brings new meaning to the phrase: "Do you want fries with that?"
feel sorry for the guys that need to wade through 100m of oil to change a part.
From the pictures in TFA, it appears the oil and the servers are contained in tanks that are about the size and shape of a small dumpster. Swapping out a server would entail removing it vertically via its handles. So, it would seem the ickiness is kept to a minimum. Certainly no wading through 100 m of oil.
A co-worker of mine had just finished implementing a new caching system for a legacy app that interfaced between multiple systems and the mainframe to track progress and shipping of pilot production runs. Due to a bug in his code, in a very specific use case, one of the cached systems would not get flushed. This was identified a few days after the production release when the company (a multi-billion dollar food sciences multi-national corporation) received a phone call from a Pastor in BFE, Minnesota asking why we had sent him almost 500 gallons of ice cream. Apparently, his church's address was in the system from some charity event we had sponsored, since the ID and business type didn't flush from the previous transaction, when the pilot plant told the software to print labels for the next order, it pulled the shipping address from the wrong database and the ID just happened to collide.
The cost of shipping the ice cream back for disposal was ridiculous. So the company told the Pastor to have a huge ice cream social.
The responsible developer was not fired, but there were running gags about him being the Ice Cream Man for the next year.
But where did the cats go? I've got a great bag right here...
My concern is how to keep someone between your server and the subscriber's MUA from compromising "possession", or how to establish "possession" the first time.
If you follow the same model with account creation, then you already have possession established. If someone compromises your email account, and knows your user account for this site, and knows your security answers, then yeah, you're borked. But if someone has all of that information already, I'm pretty sure you've been borked for a while and in significantly worse ways than someone having your college transcripts.
I just use a PRNG. If I need it as a GUID, I request 120 random bits and format them as a type 4 UUID. Is that good enough?
"Good enough" is a question that is best answered by the asker. Security isn't a Boolean implementation. You aren't secure or insecure, you are at some level of security across a very wide range. Storing passwords in clear text is vastly more secure than having no authentication on a system at all, but it is vastly less secure than storing a hashed password. And that is vastly less secure than storing a 1-way hashed password. And even that is meaningless if you don't have a secured communication layer, or if you aren't correctly exchanging public/private keys. etc...
Are you trying to keep script kiddies from spamming your content management site with pictures of dicks, or are you trying to keep banking details, SSNs, and credit histories locked up with controlled access via the internet?
With that said, you're likely more on the 'secure' side using a v4 UUID, assuming the rest of your implementation follows the appropriate patterns.
[quote]So how do you encrypt this UUID?[/quote]
You don't. It's just a GUID or some other low collision rate hash.
[quote]And what do you send for a password reset?[/quote]
You send them a new UUID in a link. When the link is hit, the UUID resolves back to their account and they are directed to enter a new password, just like a first time user.
The combination of time (the UUID can be time boxed), activity (a successful login nullifies the UUID), and possession (control of the account's registered email address), and if you want to get really wild, knowledge of a security question, creates a scenario where there are no good purely technical solutions for the attacker.
An attacker could, in theory, create a colliding GUID for an account they know the name of (but not password), manually enter the UUID link, and set the new password (assuming there is no security question).
But if an attacker manages to consistently generate colliding GUIDs*, they have accomplished something so monumental that they should be heralded as the second coming of Steve Jobs or something.
(*Assuming the coders didn't decide to come up with their own GUID generation algorithm that is easily reverse engineered and seeded)
But if things don't work right for them, they have the power to force them to. Thereby forcing standards to the lowest common denominator, ie Safari, just like happened with IE6.
What do you mean? Every single web view on iOS uses Safari's renderer. It's against the App Store rules to have your own renderer. The problem is that sure, if you design a website around Safari it'll work everywhere else, but it's a pain in the ass to design it to a 5 year old standard when all the other major browsers support other upgrades, extensions and capabilities that can make code easier/faster/better. It's most apparent when an open standard has replaced an Apple designed one that's inferior, and Apple refuses to change, such as WebSQL/IndexedDB.
Well, speaking of strawmen...
Yes, there are people not following the terms of the license. Just like there are people not following the terms of other licenses.
But conflating those people with the people who are following the terms of the license -- people who say "Sorry, I can't use GCC, so I have to go play in the LLVM sandbox over here, and btw, if you want me to be able to contribute to projects in the future, the GPL is a non-starter" -- thinking or representing that those saying they cannot use your code are the same people as those illegally using your code -- that is just wrong.
First of all, gstoddart didn't conflate people who "whine" about the restrictions of the GPL (whether they violate the license or not) with those who respect it and avoid GPL code on principle and in good faith. He only spoke of the former, who indeed want to "steal" GPL code whether or not they actually do.
Second, compiling your code with GCC does not infect your source-code, or the compiled binary, with the GPL. Unless you static-link to a GPL library, but that's avoided easily by linking dynamically.
Don't forget... They didn't build the A-10 and decide to put the GAU-8 in it - they took the GAU-8 and gave it wings. It's hard to beat that kind of focused purpose.