The Daily WTF: Curious Perversions in Information Technology
Welcome to TDWTF Forums Sign in | Join | Help

Search

Page 1 of 80 (794 items) 1 2 3 4 5 Next > ... Last »
  • Re: SharePoint Hosting Companies

    [quote user="blakeyrat"]In a world where Office 365 exists, why would you purchase anything BUT?[/quote]Because their first-level support is a bunch of idiots. We use a lot of Office 365 services beyond just email and Office and we are constantly underwhelmed by the quality of service, both at a technical level (CRM down for an ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 05-19-2014
  • Re: Secure FTP access

    WebDAV can do directory listings with the PROPFIND method. However, once you have your content on a web server, it's trivial to write some server-side code to make directory listing unnecessary. Something as simple as providing a simple URL like http://www.company.com/project/thing/20140418 or ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-18-2014
  • Re: Secure FTP access

    But... there's much more support for scripting HTTP and it's a much more sane protocol. There are very few valid reasons to choose FTP over any alternative, and doing so should always be seen as a "I'm doing this because I have to, but I don't like it" choice. Just because "it worked for you" doesn't make ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-18-2014
  • Re: Secure FTP access

    [quote user="dkf"][quote user="Jaime"][FTP] is literally unsecurable (anyone can hop onto the data connection and download your file, or upload theirs in place of yours).[/quote]Not true; FTPS supports encryption of the data channel and modern crypto is quite good enough to make sure that nobody else can understand the data ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-18-2014
  • Re: Secure FTP access

    [quote user="bighusker"]SFTP (and even FTP) still has its place, especially as part of an automated process.[/quote]FTP has no place in the world anymore. It is literally unsecurable (anyone can hop onto the data connection and download your file, or upload theirs in place of yours). From an automation standpoint, it has no API. The FTP ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-18-2014
  • Re: Long Life bug : Do not use the letter 'j'

    [quote user="HardwareGeek"]All the people named John, Jane, Jim and Joe would like to have a word with you.[/quote]It's a lower-case j, so all those people (and me) would be just fine. C is the reason many modern language are case-sensitive, that's a good enough reason for me to hate it.
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-11-2014
  • Re: My heart bleeds

    [quote user="Buttembly Coder"][quote user="Jaime"]... one of the many available techniques. Example: SecureString. There are a million other ...[/quote] I can think of at least one reason a server running OpenSSL is not likely to use .NET's SecureString...[/quote]If only I would have thought of that possibility and ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-10-2014
  • Re: My heart bleeds

    One thing this has been missed in a lot of discussions of the impact of this bug is that the damage could have been contained with a little defense in depth. For example, memory dumps should have been a lot less useful if sensitive data were handled with one of the many available techniques. Example: SecureString. There are a million other coding ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-10-2014
  • Re: My heart bleeds

    [quote user="heterodox"]The hell are you talking about? The applications are made available via an application server (e.g. Jetty, Tomcat, WebLogic) and those tend to use the JSSE implementation because why the hell would they reinvent the wheel, especially by interfacing with OpenSSL via JNI or something? That'd be ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-10-2014
  • Re: My heart bleeds

    [quote user="heterodox"]Speaking of Java, I'll elaborate on a tag from above: About 99.9% of the infrastructure with which I work wasn't affected. That's because it's pretty much all Java-based. Now, you can say a lot about Java (and I do), but as far as the managed language arguments in this thread: Remember the last ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-10-2014
Page 1 of 80 (794 items) 1 2 3 4 5 Next > ... Last »
Powered by Community Server (Non-Commercial Edition), by Telligent Systems