HackerTrans
TopNewTrendsCommentsPastAskShowJobs

flotwig

no profile record

Submissions

The First Rule of Programming: It's Always Your Fault (2008)

blog.codinghorror.com
1 points·by flotwig·vor 3 Jahren·1 comments

comments

flotwig
·vor 2 Jahren·discuss
It's funny that you mention NewCookie, there is actually a deprecated Set-Cookie2 header already: https://stackoverflow.com/q/9462180/3474615
flotwig
·vor 2 Jahren·discuss
https://archive.is/lNISY
flotwig
·vor 3 Jahren·discuss
Before reading this, I assumed the method would involve rewriting large parts of the game's graphics code. But it sounds like the author is intercepting draw calls and changing them to use color instead! Looking forward to the rest of this series.
flotwig
·vor 3 Jahren·discuss
I was bracing myself for another "don't support Linux because packaging is a mess" post, but was pleasantly surprised. Only 3 of the Linux reported bugs were Linux-specific - all the others were real cross-platform bugs affecting everyone. Free QA, indeed.
flotwig
·vor 3 Jahren·discuss
I'm glad someone archived this. I had a feeling this was going to happen when I saw how new the posts were.
flotwig
·vor 3 Jahren·discuss
https://archive.ph/3HmM6
flotwig
·vor 3 Jahren·discuss
Looks like cURL and SQLite have the same woes: https://www.sqlite.org/cves.html

Previously I worked on an open source project that pulled in many third party libraries. Users would run their corpo vulnerability scanners on the project and find dependencies with open CVEs and demand fixes, not understanding that in our usage of the libraries, the vulnerability is not exposed.

I think in 4 years, we had users open roughly 50 issues like this, which corresponded to exactly 0 real world exploitable issues.

A central vuln DB makes sense for sysadmins, but too many make it the end-all-be-all.
flotwig
·vor 3 Jahren·discuss
TransUnion is broken for me, has been for years. I have to reset my password every single time.
flotwig
·vor 3 Jahren·discuss
Funny to see another BitCraft here - I own https://BitCraft.io, although it's no longer an active company.
flotwig
·vor 3 Jahren·discuss
If a local university doesn't take them, the IA will - they accept donations of physical materials and will digitize and index them: https://help.archive.org/help/how-do-i-make-a-physical-donat...
flotwig
·vor 3 Jahren·discuss
Please don't "move fast and break things" with nuclear fusion :-)
flotwig
·vor 3 Jahren·discuss
https://archive.ph/FsEaf
flotwig
·vor 3 Jahren·discuss
It sounds like the DOD already does block emails to .ml because of this issue:

> Lt. Cmdr Tim Gorman [...] said that emails sent directly from the .mil domain to Malian addresses “are blocked before they leave the .mil domain and the sender is notified that they must validate the email addresses of the intended recipients”.

I think the issue is people sending emails from personal accounts that the DOD cannot control. The article also mentions travel agents as another source of the email.