The Daily WTF: Curious Perversions in Information Technology
Welcome to TDWTF Forums Sign in | Join | Help

Search

Page 1 of 80 (795 items) 1 2 3 4 5 Next > ... Last »
  • Re: All the networking equipment goes in the attic

    [quote user="eric76"]Yeah. I'm tempted to pull the wall outlets and see if they connected the pairs correctly. Years ago, I knew someone who wired an office for ethernet but skimped on cables by using two pair of a cable for one connection and two pair for another connection. I hope I never see anyone do that again.[/quote]It ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 08-14-2014
  • Re: SharePoint Hosting Companies

    [quote user="blakeyrat"]In a world where Office 365 exists, why would you purchase anything BUT?[/quote]Because their first-level support is a bunch of idiots. We use a lot of Office 365 services beyond just email and Office and we are constantly underwhelmed by the quality of service, both at a technical level (CRM down for an ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 05-19-2014
  • Re: Secure FTP access

    WebDAV can do directory listings with the PROPFIND method. However, once you have your content on a web server, it's trivial to write some server-side code to make directory listing unnecessary. Something as simple as providing a simple URL like http://www.company.com/project/thing/20140418 or ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-18-2014
  • Re: Secure FTP access

    But... there's much more support for scripting HTTP and it's a much more sane protocol. There are very few valid reasons to choose FTP over any alternative, and doing so should always be seen as a "I'm doing this because I have to, but I don't like it" choice. Just because "it worked for you" doesn't make ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-18-2014
  • Re: Secure FTP access

    [quote user="dkf"][quote user="Jaime"][FTP] is literally unsecurable (anyone can hop onto the data connection and download your file, or upload theirs in place of yours).[/quote]Not true; FTPS supports encryption of the data channel and modern crypto is quite good enough to make sure that nobody else can understand the data ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-18-2014
  • Re: Secure FTP access

    [quote user="bighusker"]SFTP (and even FTP) still has its place, especially as part of an automated process.[/quote]FTP has no place in the world anymore. It is literally unsecurable (anyone can hop onto the data connection and download your file, or upload theirs in place of yours). From an automation standpoint, it has no API. The FTP ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-18-2014
  • Re: Long Life bug : Do not use the letter 'j'

    [quote user="HardwareGeek"]All the people named John, Jane, Jim and Joe would like to have a word with you.[/quote]It's a lower-case j, so all those people (and me) would be just fine. C is the reason many modern language are case-sensitive, that's a good enough reason for me to hate it.
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-11-2014
  • Re: My heart bleeds

    [quote user="Buttembly Coder"][quote user="Jaime"]... one of the many available techniques. Example: SecureString. There are a million other ...[/quote] I can think of at least one reason a server running OpenSSL is not likely to use .NET's SecureString...[/quote]If only I would have thought of that possibility and ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-10-2014
  • Re: My heart bleeds

    One thing this has been missed in a lot of discussions of the impact of this bug is that the damage could have been contained with a little defense in depth. For example, memory dumps should have been a lot less useful if sensitive data were handled with one of the many available techniques. Example: SecureString. There are a million other coding ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-10-2014
  • Re: My heart bleeds

    [quote user="heterodox"]The hell are you talking about? The applications are made available via an application server (e.g. Jetty, Tomcat, WebLogic) and those tend to use the JSSE implementation because why the hell would they reinvent the wheel, especially by interfacing with OpenSSL via JNI or something? That'd be ...
    Posted to "Side Bar" WTF (Forum) by Jaime on 04-10-2014
Page 1 of 80 (795 items) 1 2 3 4 5 Next > ... Last »
Powered by Community Server (Non-Commercial Edition), by Telligent Systems