Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:Yes! (Score 1) 470

Most programmers I know (myself included) hate doing UI work. We feel that there are people far more qualified to do layouts and graphical design than we. Unfortunately, this usually falls on deaf ears for management, who feel that it's a lot cheaper to have one person do mediocre work, than two people do something that actually looks good/is usable.

Comment Re:you have got to be kiddinbg me (Score 4, Informative) 371

Sending the account number out in a URL over SSL should not be that big of a hole

Exposing an internal ID in such fashion is not only foolish, but very much a beginner error. I would expect this from some half-assed forum software - not a bank. That said, I've worked for the government before, and seen the same stupid mistake repeated time and time again. A salted hash would have been a lot less idiotic. The fact that there was no authorization performed makes compounds the issue, however, and one wonder who these people hired to write their infrastructure.

Slashdot Top Deals

Save yourself! Reboot in 5 seconds!