|
The "good" people at M.S. must have all retired.
|
|
|
|
|
Well, Hanselman's on vacation (and re-marrying apparently), Phil Haack left (for GitHub, though), and The Gu got promoted.
So yeah, maybe you're right.
TTFN - Kent
|
|
|
|
|
FWIW, it's actually a bug in the VS Git Extension, which is a separate project not maintained by MS.
While the patch[^] looks like an ...ahem... misbehavior of some viewmodelbindingstuff, it's pretty appaling to consider that this option might not have been tested.
|
|
|
|
|
Sorry, but in my opinion this is actually his fault. He checked in an unencrypted access key to a repository (private or public does not matter). Additionally he completely relied on the GUI. I would always check for a working software, especially with a new setup. Finally his reaction was way too naive.
Blaming it now on Microsoft or the (free) GitHub extension is understandable, but does not take away the fact that he is responsible for his actions.
Note: Private on GitHub means "not for all GitHub users". It does not mean "exclusive for you". Hence if somebody hacks the GitHub server or has administrative rights, he will be able to see your (private) repositories as well. Checking in unencrypted keys there is just foolish.
|
|
|
|
|
Agreed. Private or public doesn't matter, the cloud is just not the place to store sensitive information.
|
|
|
|
|
Agreed...it's not that hard to install a Git server on your own box and use that instead.
|
|
|
|
|
Couldn't agree more!
|
|
|
|
|
I agree, but it's still a pretty serious bug in the GitHub extension software.
If I delivered such a bug to my clients, free or not, I might lose my job
|
|
|
|
|
Then M$ will have a very big rate of employees renoval
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Nelek wrote: M$ And it'll be spelled MS from now on
|
|
|
|
|
Why, because of the big runaway of users after Win10?
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
I'm happy that at work we use VS6 and our repository system is 7zip.
Geek code v 3.12 {
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- r++>+++ y+++*
Weapons extension: ma- k++ F+2 X
}
If you think 'goto' is evil, try writing an Assembly program without JMP. -- TNCaver
|
|
|
|
|
You'll need to practice ahead of time, but the rest is fairly simple to make your passwords not only easier to manage but also more secure. Or just do what I do and use 'password' everywhere
|
|
|
|
|
Sooo... when a site says my password expired and I have to set a new one?
Another shortcoming would be sites with names that are too short to produce a proper password (HP.com anyone?) - how do you even know what the correct length is? When setting the password, it may tell you the minimum length, but not when trying to login. Or do you just always pad it to some length you expect is "good enough"?
modified 1-Sep-15 16:25pm.
|
|
|
|
|
Simple! Come up with an entirely new algorithm, then memorize which sites use which algorithm. So much easier!
TTFN - Kent
|
|
|
|
|
Or, go back through every site, setting new passwords based on the new key...
|
|
|
|
|
PIEBALDconsult wrote: Or, go back through every site, setting new passwords based on the new key.
Fun! I live for that crap.
Actually though, I don't know if any site has every reset my password without me asking it to.
Hmm... now that makes me wonder...
<rhetorical>Why do we enforce changing our passwords at work so often? </rhetorical>
|
|
|
|
|
I have an Ebay account. I haven't used it for quite a while. I logged in a few days ago. And Ebay said my password had expired and I had to set a new one.
OK, so, maybe they saw that I hadn't set a new password for a while. Maybe they saw that I hadn't logged in for a while. But, maybe they store passwords in plain text and saw that it had low complexity!
|
|
|
|
|
PIEBALDconsult wrote: bay said my password had expired and I had to set a new one
I actually know the answer to that question. It is because EBay was hacked quite some time back and they forced everyone to reset. And, your point about forcing resets is a very good one.
|
|
|
|
|
I use something with "horse staple".
I can't say any more as it could lead to a breach in various accounts including this one
|
|
|
|
|
I'm sure the hackers read xkcd too
TTFN - Kent
|
|
|
|
|
REALLY!? I should change my passwords immediately!
And I'll never believe anything xkcd says again... This password was supposed to be uncrackable!
|
|
|
|
|
Sorry, simple substitution cypher is easily cracked.
Decrease the belief in God, and you increase the numbers of those who wish to play at being God by being “society’s supervisors,” who deny the existence of divine standards, but are very serious about imposing their own standards on society.-Neal A. Maxwell
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
Alliance for Open Media hopes to make the next generation of video codecs free. Did I miss something about Ogg? (Like ever seeing an actual video in that format?)
|
|
|
|
|
Go agile, or die. It sounds overdramatic, and it is a bit of an exaggeration, but it is the reality for a majority of businesses in the software development industry. “To Be Is To Do” “To Do Is To Be” “Do Be Do Be Do”
|
|
|
|