|
Me neither, they tend to RAM those SCSI jokes down our throats.
"the debugger doesn't tell me anything because this code compiles just fine" - random QA comment
"Facebook is where you tell lies to your friends. Twitter is where you tell the truth to strangers." - chriselst
"I don't drink any more... then again, I don't drink any less." - Mike Mullikins uncle
|
|
|
|
|
Disk kind of joke really bugs me. Get with the program! Your output will be monitored and if you do not comply you will be sent to the back of the bus.
( Oh Mother I’m board)
If you can't laugh at yourself - ask me and I will do it for you.
|
|
|
|
|
Short of a good return; let me float this by you: while() we push our luck, our pop-ularity may remain undefined.
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
|
Anyone who tells hardware jokes is ASIC puppy.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
|
Like going to the PROM on the IDEs of March? Yeah I know that one ISA bit of a stretch, but I was getting ANSI.
"the debugger doesn't tell me anything because this code compiles just fine" - random QA comment
"Facebook is where you tell lies to your friends. Twitter is where you tell the truth to strangers." - chriselst
"I don't drink any more... then again, I don't drink any less." - Mike Mullikins uncle
|
|
|
|
|
I diskn't think it would get this bad. Not sure if I have enough memory to deal with it.
However, I keyboard most of the time, so I'll try.
Repo Man
|
|
|
|
|
This thread is a flop but it int your fault!
"Go forth into the source" - Neal Morse
"Hope is contagious"
|
|
|
|
|
A good one! Throw it on the stack!
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
I just got a call "can you help me set up this API?"
"Sure, what do you need?"
"I got an example application in VB.NET and now I want to mimic the call in Postman, it simply gets the customer by an ID."
"Ok, sounds simple enough."
So I open up this VB code expecting to find some HttpClient with a GET and probably some authentication method.
Now, I've seen some horrors (a 41,000+ tables database, or anything with Crystal Reports, anyone?), but nothing could've prepared me for what I was about to witness...
What I found was that this API is not running on HTTPS and instead this company requires their customers to implement their own encryption exactly the way they want it
Steps to connect:
We take our API key and create an MD5 hash.
Then we take the first 16 characters of our API secret and use it together with the hash in some SHA256 algorithm.
We need a JSON like { "id": "1234" } (this is the ID of the customer we want to get) and then encrypt it using a Rijndael object and the SHA256 algorithm (I don't do this daily, can't tell you the specifics).
Take the resulting encrypted key and convert it to base64.
Then trim the ='s at the end and replace slashes and hyphens with underscores and some other character.
Now put our deformed base64 encrypted body in a form field named "data".
Include the key in the URL like so "http://baseaddress.com/getCustomer/apikey=[key]".
Do a POST.
Call an unsecure HTTP endpoint.
On the plus side, they provided a 100+ page document with examples in .NET and PHP on how to call something that should've been a standard REST API (I even think they're calling it that).
The company that created this abomination is named PRO[something].
I can tell you one thing, these people aren't pro's (in fact, I'd go as far to say these people aren't even developers (or at least not worthy of the title))
|
|
|
|
|
Tell me you dont want us using your API without saying 'We dont want you to use our API'
|
|
|
|
|
An attempt at security by obscurity?
|
|
|
|
|
Maybe an attempt at security without having any knowledge whatsoever and Googling "[language of your choice] cryptography".
I think if they really wanted it to be safe they'd use this and HTTPS, but the fact that it's running on HTTP tells me they have not a single clue...
Everything is right there in their docs, so it's not really obscure.
I'd bet these people actually believe they're following best practices
|
|
|
|
|
On the plus side, they can't hack into it if they already killed themselves
|
|
|
|
|
|
Sander Rossel wrote: I can tell you one thing, these people aren't pro's Are they getting paid?
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|
|
I guess so, which makes them professionals, but I'd argue professional bunglers or even scammers, because no way in hell someone who is worth his salt would write this giant turd of an API
|
|
|
|
|
Yeah, this is them thinking "obscurity and complexity" equals "security".
The problem is they are dependent on their customers to "roll their own" implementation of the client-side code, then depending on the customer to keep that code and keys secured themselves.
Absolute garbage.
|
|
|
|
|
Dave Kreskowiak wrote: Yeah, this is them thinking "obscurity and complexity" equals "security". I wonder if they thought about it at all
If they really wanted security, why not do this and use HTTPS?
It's not even that obscure because it's right there in their docs.
These people may actually think this is good practice
|
|
|
|
|
Quote: "Sure, what do you need?"
This is the point where you lost me!
Get me coffee and no one gets hurt!
|
|
|
|
|
|
Hahaha nice.
Real programmers use butterflies
|
|
|
|
|
This little wanderjahr in the wilderness of mind and imagination, was written twenty years ago, when bill was at his last full-time gig as programmer; his employer, a software company (gaming) which dreamed of (hallucinated ?) glory in "business visualization space"— which shall remain nameless.
i had not been there a full year and, if i quit, would not receive the hiring bonus. When the day came for the inevitable lay-offs, i reacted with joy, at first, since i'd get the bonus, and i'd escape what was, for me, not really interesting work in a culture (gung-ho mass gaming) i didn't care about, and, couldn't relate to
Then, i felt regret: the man (also laid off) who got me the job was an old friend, a genius i'd worked with at Adobe inventing what became Acrobat; he had a family, he had bought a house in the area. And, there were people at the company i cared about.
i felt guilty for feeling happy as some of the bright young lay-off-ees around me were crying, or raging.
As often, in this life, i turned to writing to— uhhh— try and distill sense from chaos.
Hope you enjoy the story !
published under the CPOPL (CodeProject Open Poetic License) license, © copyright assigned to CodeProjectcoffee on another day of apocalypse
the return of the sun made me feel like i wanted to put on a parade, to welcome an old friend come back wrapped in a flag for heroic deeds in foreign wars.
i would line the streets with children holding the tiny banners of love's small triumphs, waving.
this waking fantasy, i soon enough realized as my first few sips of coffee pulled me up from the depths where my psyche was a temporary master of all realities, was—
but, may i just mention —before proceeding to the inevitable juicy stuff—
there was a nice melodic resonance there at the last rung of the ladder coming out of that turquoise pool of the factory of memories— a hint of Neil Young's immortal chorus "we are stardust, we are golden—"
— yeah, kind of a sixties' thing.
but, there was nothing sixtyish in the strong probability that lay ahead this day: no "band playing in my head"— even though I thought of the image of "living in a burned out basement" so many times, so many ways.
well, if there was a band, it would have been one of those state funeral type brigades of black-hatted shuffling military zombies where one muted trumpet yowls over the slow harmonic swells of tubas and French horns.
because today was the day— now it became all too clear—
— sounds of arctic ice floes breaking up—
that today i would probably be re-assigned, fired, re-orged, turned inside out by an organizational psychodrama that i long had seen coming, and which had very little to do, actually, with this particular bag of dreams and his mid-life cultivated computer chops.
and, as i accepted this, as i dropped the smoking gun of my all too strong ability to spend far too long buying tchotchkes in the visitors' center of the game preserves of endangered metaphors—
i wondered why my coffee tasted so damn good.
«The mind is not a vessel to be filled but a fire to be kindled» Plutarch
|
|
|
|
|
I remember on corporate parting of the ways where in five minutes my thoughts went from
"How dare they?"
"What am I going to do?"
"Hey, my stomach doesn't hurt anymore!"
"Time flies like an arrow. Fruit flies like a banana."
|
|
|
|
|