Even if it did... how are people using ad-blockers even going to find out?
Good point. I will find out because I use several computers and not all have ad-blocking. The ones I use more rarely do not. But that is likely not the typical situation, so most people will not find out. Still a boycott. If you look at what it gave it its name, Mr. Boycott finally had to leave the country because nobody did any business with him anymore. An end to it is not necessary for a boycott. Incidentally, Mr. Boycott seems to have had business practices about as despicable and repulsive as the ad industry.
That can get excessively expensive. But no doubt some semi-competent wannabe "developers" are doing it this way.
According to the actual blog-posting, the passwords are protected by bcrypt(). While they also say passwords are protected by an 2048 bit RSA-key, that is likely a mistake and refers only to credit card numbers, social security numbers and tax form information.
Still, you do never use production data on test-systems that are not specially isolated, i.e. far more so than the production systems. This will likely be one of the first thing the security firm that they have hired will tell them. Ideally, you would only test with synthetic data, but that has rather strong limits in practice. Hence you test everything with outside connectivity with synthetic data, test everything that needs real data with the machines completely isolated and hope that is enough. Of course you also make sure to be able to roll back after deployment and of course this costs more money and needs more competent engineers than just using production data on non-isolated test systems.
As usual, somebody needs to lose their job over this. I strongly recommend making it the person that _hired_ those that messed up or authorized this use of production data.
The public does not know enough to understand what "hashed" means and even less so what bcrypt is. Hence this nonsensical talk about "encrypted" passwords. Nobody does that on server-side, not event those that have absolutely no clue.
Bcrypt means that if you have a reasonable password and they used a reasonable cost-factor, then it is secure. It also means that a good password remains secure regardless of cost-factor, but a good password is secure after a single, non-salted conventional crypto-hash.
Could not agree more. I started looking into blocking only when the flashing and animation insanity started. Blocking was not a lot of effort, but suddenly I could find the web again under all that trash. Will keep blocking, unless they make all ads non-intrusive and they get the problem of malicious ads fixed effectively and permanently. As neither will be happening...
Same here. Last was the full edition of the latest Batman disaster ("Asylum" and "City" were fine), and no issues at all resulted. Maybe they have a detector for people that abuse the system by driving this to extremes.
And if you have played less than 1 hour (or what it two?) Anyways, I recently used this on the latest Batman PC game, which really sucked in all regards, and had the money back shortly afterwards.
I just get "not encoded for your device", which is funny. Maybe my final de-installation of Flash a few months back is to blame?
That will cut down on the need to advertise. That products nobody sane really wants get heavily advertised for is no surprise, and the advertising is the lesser unethical thing there.
The problem is that a lot of seemingly anonymous data can be de-anonymized very easily. There is no harmless "analytics" data.
I am sure people very much like her have bragged about that in the past. Some people barely qualify as human. She is one of them.
Going the speed of light is bad for your age.