AggressivelyPassive @ agressivelyPassive @feddit.de

Posts

28

Comments

2,513

Joined

2 yr. ago

If you can't join a call without authorization, and (implied) you only grant access for authorized persons, no content can leak.

It is a sound statement, but given the Bundeswehr's reputation, I would be surprised, if that implication above actually holds true.

Selling for parts. Techtechpotato did a rough estimate and RAM/CPUs alone are currently worth and 1M (using eBay prices). If you add all the support components (network cards, mainboards, PSUs) it might be worth it.

Absolut, sollte man auch. Aber es ist eben ein systemisches Problem und weniger individuelle Doofheit.

What are you even trying to achieve here?

The Datenelch (data moose) was actually a pretty good meme around 37c3.

https://hessen.social/@anno/111702349514780488

And I have yet to encounter a single smug vegan. Not online, not offline.

But I've seen countless people like you fighting the just fight against vegan windmills (awesome Rügenwalder double reference for the German people here).

So where exactly are those vegans? Are they in the room with us right now? Or are you defining every mere mentioning of veganism as an attack because you deep down are afraid of actually having to confront the cognitive dissonance you're living under?

Ich hoffe, die kommt bei dir bald raus. Hat mein Leben verändert und war es absolut wert.

Gerade für die Profis ist das aber leider per Gesetz gezwungenermaßen so.

Ein Arzt kann nicht einfach sagen "lohnt nicht", sondern ist rechtlich quasi gezwungen, immer auch das letztmögliche zu tun, um die Person am Leben zu erhalten - außer die Angehörigen sagen was.

Natürlich wird in der Praxis da schon mal heftig weggeguckt, aber im Zweifel macht sich der Arzt strafbar.

Frag bei deiner IT nach, was so an Passwortchanges ansteht. Evtl. auch irgendwelche Inaktivitätsdinge bedenken. Es kann sein, dass dein Account irgendwo gesperrt wird, wenn du dich nicht einmal pro Zeiteinheit anmeldest oder auch, dass dein VPN sich nicht mehr verbindet, weil du zu lange keine Updates gemacht hast.

Why is the nose necessary? Standard wojak and a flag would have been fine.

Generally these weird roundabout constructions used in English (not my native language). Like "I'm going forward to do X". There's always a bit of padding in language, but English seems to be very "paddy".

Oh, and very non-descriptive words for very specific things. Like washer. What is a washer? It doesn't do any washing. In German, we call these things Unterlegscheibe. A disk (Scheibe) to put (legen) under (unter) something. Says exactly what it's doing.

Can't or won't?

Seriously, though, I wouldn't be surprised, if a bunch of suicides or "retractions" are happening soon.

How about 2 million if you shut up? No? How about we publish this dirt on you? Would be a shame, if some nameless robber orphans your children.

God those guys are stupid. I've seen one literally having an aphid on its head and ignoring it.

But seeing them "hunting" is actually kind of scary, I almost feel bad for the aphids.

Well, I would say it absolutely is possible, but it costs money directly, up front and in an accountable manner. Security incidents vanish in the fog of responsibility diffusion and nobody specifically can be blamed. That means for each individual responsible party, it is the rational choice to do just enough not to be blamed, pull off theater to seem engaged, but avoid anything that would actually cost money.

So, you're kind of right, but for the wrong reasons. It's a systemic issue, that almost inevitably happens in large organizations, but at the root is not inherent complexity, but a perverse incentive structure.

The reality is: security is often non-existent in larger corporations. It's all about optics and insurance. Hardly any project I've been involved with actually did something for security. It's a cobbled together mess with just enough security theater to not be legally liable. That's it.

Case in point: I know of a database that holds data for pretty much all adult persons in Germany, Austria, Switzerland and some people from surrounding countries. The root password contains the company's name and the year the DB was initially set up.

"Self-inflicted". If you don't comply, we'll break your computer, and that's your fault. Why did you make us do that???

Spring annotations in general. There's a completely hidden bean context where every annotation seems to throw interceptors, filters, or some reflection crap into. Every stacktrace is 200 lines of garbage, every app somehow needs 500mb for just existing and if you add something with a very narrow scope, that suddenly causes something completely unrelated to stop working.

Realistically, DI and all the Spring crap does not add anything but complexity.

16 years ago was 2008 (which is shocking in itself, I'm old), SSL was seen as very very optional until 2013, when Snowden dropped his CIA/NSA leaks.

I wouldn't be surprised, is the security is "trust me, bro".

What really baffles me is how bad we (as an industry) are at actually using engineering to leverage these frameworks.

It seems to me, like 90% of the regular, boring business software falls into a handful of categories, where in each category the same problems get solved again and again and again. Frameworks do help, but by far not as much as I'd expect.

Just think about how much software is essentially form>validation>transformation>persistence>messaging. It's always the same, yet if you'd want to write one of these apps, you'd start with a rather bare bones Spring Boot/Quarkus app and maybe a React frontend, that doesn't have any connection to the backend, so you have to manually plug them into each other.

Ganz schlechte Idee. Überleg mal, welche Demographie da immer hochmotiviert wählen wird - und welche nicht.