Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Protect you against SQL injection? Really? (Score 3, Insightful) 96

I would love to hear the explanation of how a general purpose language would protect you against attacks like that, clearly called out in the article.

You're doing the snowflake thing, blaming everyone else for the coders' incompetence and unsuitability for the job. Some dweeb wrote a tutorial and because it's not ready to be cut and pasted into production code, that's the tutorial writer's fault.

NB: Not everyone can code.

Comment Re:I find your lack of faith disturbing... (Score 1) 389

That is basically the God fallacy that many engineers fall into. You think because you wrote it, that it has no bugs, and that it's fully understood?

I find it can be highly instructive to run a debugger even on working code, that is not cludge code.

I generally find it doing all kinds of crazy, inefficient things that I probably could not have predicted, even if I'm the one that actually designed and coded it!

Humans are very, very bad at writing robust systems; we never understand our software fully.

Comment Re:It's sooo easy! (Score 1) 126

Didn't matter a lot. Maybe it was a honeypot, maybe it checked a whole bunch of sites in a man in the middle attack- but I DIDN'T type in my username, so they would have had to check all the lists of millions of entries and do it very quickly, so I don't think so. And it listed out which breach it was, and it matched up. And I think it used a rainbow table for checking it, so they (allegedly) weren't sending my password in the clear.

It makes little difference, I didn't give a shit about any of the accounts, and I changed them all using LastPass to random 16 mixed character passwords.

Comment Re:3 articles referencing the same statement, misu (Score 1) 126

> You have to always assume your pc has been hacked.

LOL. You can't polish a turd. If your PC is hacked they can grab your password as you type it in anyway, so using an online password storage makes no material difference to security as opposed to using your brain, but the online security is much more convenient, and the online stored passwords are much longer and more random, whereas you've admitted that your passwords are total shit.

Comment Re:It's sooo easy! (Score 1) 126

You know what? You're not nearly as smart as you think you are. I first typed in random 'passwords' that weren't my LOW security password, and it said that those hadn't been hacked. And I didn't type in any of my high security passwords, and those are different on each site anyway, so there wouldn't be any point.

"Use a few passwords and variations of those. add caps and exchange letters for numbers aka "l33t"

Hahaha. Don't do that, moron.

Slashdot Top Deals

"You need tender loving care once a week - so that I can slap you into shape." - Ellyn Mustard

Working...