|
Shame Boy posted:i was just looking up an nginx module's documentation and instead found this third-party one I'll admit, I never anticipated anyone being dumb enough to write an nginx module to do the same thing.
|
#
?
Aug 8, 2019 03:29
|
|
|
|
| # ? Jun 9, 2024 16:48 |
|
|
Jabor posted:the delete link is actually perfectly idempotent, in that opening it multiple times will still only delete the post once fair enough, nerd e: wait, no, I bet it returns an error the second time! ha! (nonetheless...) Subjunctive fucked around with this message at 04:11 on Aug 8, 2019 |
|
#
?
Aug 8, 2019 04:03
|
|
|
love to reset my password 3 times before realizing the website's lovely auth system will accept passwords of any length but actually silently truncate them at 15 characters.
|
|
#
?
Aug 8, 2019 04:07
|
|
|
Microsoft?
|
|
#
?
Aug 8, 2019 04:09
|
|
|
Lol I had a D-link router that did that
|
|
#
?
Aug 8, 2019 04:11
|
|
|
Jabor posted:the delete link is actually perfectly idempotent, in that opening it multiple times will still only delete the post once yeah, delete links run afoul of the safety requirement, not the idempotentcy requirement
|
|
#
?
Aug 8, 2019 04:26
|
|
|
Ur Getting Fatter posted:love to reset my password 3 times before realizing the website's lovely auth system will accept passwords of any length but actually silently truncate them at 15 characters. I hate this, but I once encountered something even worse. On some website I've forgotten, I changed/set my password, and then it redirected me to a page like "cool, you're done, now you can log in", but when when I typed my credentials it kept saying they were wrong. I was about to say gently caress it and give up on the site before I finally figured out what was happening: When I set the password, it silently truncated it to ~15 characters. However, when you log in, it compared using the full input without truncating it.  g0del posted:A few years ago I noticed some strange log entries on a few of the servers. I eventually tracked it down to a research server - evidently one of the CS grad students was tired of using ssh to start/stop/whatever his research stuff, so he wrote a 5 line php script that took everything in the query string and passed it to exec, then returned the output of the command. Someone else eventually found it and was trying to use it to pivot into our other servers. Too bad no one ever created a simple service with minimal or no auth where you could just tell a computer what to do over the network. Maybe I should try making it. I'll call it TellNet or something like that.
|
|
#
?
Aug 8, 2019 04:33
|
|
|
g0del posted:A few years ago I noticed some strange log entries on a few of the servers. I eventually tracked it down to a research server - evidently one of the CS grad students was tired of using ssh to start/stop/whatever his research stuff, so he wrote a 5 line php script that took everything in the query string and passed it to exec, then returned the output of the command. Someone else eventually found it and was trying to use it to pivot into our other servers. better to have a module that is specifically is written to do a dangerous thing than to let people write their own
|
|
#
?
Aug 8, 2019 04:33
|
|
|
The correct question here is why does a delete link respond to GET, not whether it is idempotent
|
|
#
?
Aug 8, 2019 08:47
|
|
|
pseudorandom posted:I hate this, but I once encountered something even worse. Let me one up this one. OSX allows you to set full disk encryption using a custom keyboard layout that is stored on the disk itself. If you use a non-US layout, this lets you type keys that are not available on the default US layout (for example, ç or ü). When the OS boots while encrypted, it prompts you for your password, but using a US layout. If you don't have the little recovery code noted somewhere safe where you know to find it, you just rendered all your data unusable. There are no warnings or whatever, you just find about it the hard way.
|
|
#
?
Aug 8, 2019 14:18
|
|
|
infernal machines posted:Microsoft? sounds like a goofy oracle thing
|
|
#
?
Aug 8, 2019 14:18
|
|
|
pseudorandom posted:I hate this, but I once encountered something even worse. I had that problem with Origin a few years back. I spent an hour trying to figure out why my password resets weren't working... Turns out my password was 16 characters long so it just removed the last character.
|
|
#
?
Aug 8, 2019 14:23
|
|
|
BangersInMyKnickers posted:sounds like a goofy oracle thing microsoft accounts used to do this in some scenarios, specifically after they merged everything under the "live ID" banner. depending on where your account was created originally you could have a password longer than 16 characters, but some of the systems, notably their volume licensing portal, would silently truncate it to 16. this was exactly as confusing as you might expect
|
|
#
?
Aug 8, 2019 14:44
|
|
|
infernal machines posted:Microsoft? The website for Brother printers. COACHS SPORT BAR posted:Lol I had a D-link router that did that Fuuuck d-link. the only reason I figured out this was happening now is because years ago I wasted a whole weekend trying to get into a d-link router that had some settings I desperately need and hadn't backed up and it would not let me in despite me being 100% positive that I had the correct password. I never recovered them, but after I gave up and reset the router and had it happen again, I finally realized what had happened. gently caress. D-Link.
|
|
#
?
Aug 8, 2019 15:39
|
|
|
MononcQc posted:Let me one up this one. I managed to do this to one of my Pis (I plugged in a keyboard at first boot and set a password then couldn't SSH in because the keyboard map was  but my keyboard was  ).Didn't break anything permanently but I felt pretty drat stupid when I realized what happened (which, to be fair, isn't an uncommon feeling for me but realizing how I did the dumb is).
|
|
#
?
Aug 8, 2019 15:47
|
|
|
the fact that keyboards still have maps in 2019 is irritating like, look at this poo poo: quote:Note gently caress everybody involved pseudorandom name fucked around with this message at 16:31 on Aug 8, 2019 |
|
#
?
Aug 8, 2019 16:07
|
|
|
https://twitter.com/katelibc/status/1159355614704783360?s=21
|
|
#
?
Aug 8, 2019 16:12
|
|
|
before you install this spouseware, please read our acceptable abuse policy
|
|
#
?
Aug 8, 2019 16:28
|
|
|
"spouseware"?
|
|
#
?
Aug 8, 2019 16:32
|
|
|
spyware by another name, marketed specifically to people wanting to track their SO's activity on the computer
|
|
#
?
Aug 8, 2019 16:33
|
|
|
i've actually installed that before for a concerned parent, they had a 15y old daughter that was talking to random older guys and probably getting into hard drugs so it seemed warranted
|
|
#
?
Aug 8, 2019 16:41
|
|
|
Because technical fixes to behavioral problems* are well-known for their effectiveness, ammirite? *: 
|
|
#
?
Aug 8, 2019 16:43
|
|
|
good: having all of a minor child's passwords to keep an eye on them for real dangerous poo poo, iff you agree not to say or do fuckall about anything that isn't obviously danger not good: reading your spouse's anything
|
|
#
?
Aug 8, 2019 16:52
|
|
|
infernal machines posted:spyware by another name, marketed specifically to people wanting to track their SO's activity on the computer What's in a name? That which we call spyware By any other name would be just as poo poo;
|
|
#
?
Aug 8, 2019 17:21
|
|
|
Is this known as the OPSEC thread or is it the SECFUCK thread, or are those the same, or how many are there across the forums?
|
|
#
?
Aug 8, 2019 17:33
|
|
|
the old opsec thread died because everyone insisted on making it yos-spam instead of loling at the president using a compromised phone
|
|
#
?
Aug 8, 2019 17:35
|
|
|
this is the secfuck thread
|
|
#
?
Aug 8, 2019 17:37
|
|
|
Sir, this is the secfuck drivethrough
|
|
#
?
Aug 8, 2019 17:43
|
|
|
This is the cloudflare thread
|
|
#
?
Aug 8, 2019 18:21
|
|
|
Rufus Ping posted:This is the cloudflare thread more like cloutflare amirite
|
|
#
?
Aug 8, 2019 18:25
|
|
|
Rufus Ping posted:This is the buttflare thread
|
|
#
?
Aug 8, 2019 18:29
|
|
|
This is page 69 of the buttflare thread!??
|
|
#
?
Aug 8, 2019 18:32
|
|
|
Schadenboner posted:Because technical fixes to behavioral problems* are well-known for their effectiveness, ammirite? framing a desire to not see a child OD and/or get raped as parental tyranny is strikingly lovely even coming from you
|
|
#
?
Aug 8, 2019 18:41
|
|
|
Dumb Lowtax posted:This is page 69 of the buttflare thread!?? posting on the nice page
|
|
#
?
Aug 8, 2019 18:43
|
|
|
ground floor
|
|
#
?
Aug 8, 2019 18:51
|
|
|
Farmer Crack-rear end posted:framing a desire to not see a child OD and/or get raped as parental tyranny is strikingly lovely even coming from you This is a behavioral problem not a technical one. Technical solutions will only ever inspire false confidence and, because they do not address (much less resolve) the underlying behavioral issue, will never improve the situations. Also: go gently caress yourself. Schadenboner fucked around with this message at 19:01 on Aug 8, 2019 |
|
#
?
Aug 8, 2019 18:53
|
|
|
flakeloaf posted:good: having all of a minor child's passwords to keep an eye on them for real dangerous poo poo, iff you agree not to say or do fuckall about anything that isn't obviously danger if I feel that need I’ll probably get a family friend to hold the passwords and check for badness if I ask, because you can’t un-learn things
|
|
#
?
Aug 8, 2019 18:54
|
|
|
https://www.bbc.co.uk/news/technology-49252501quote:About one in four companies revealed personal information to a woman's partner, who had made a bogus demand for the data by citing an EU privacy law.
|
|
#
?
Aug 8, 2019 18:56
|
|
|
Subjunctive posted:if I feel that need I’ll probably get a family friend to hold the passwords and check for badness if I ask, because you can’t un-learn things i feel like this is one of the most horrifying things about having a child in the digital age. i don't, but a lot of my friends do as of the last few years and i can't imagine how they're going to deal with the morass of privacy, safety, and trust issues that are exacerbated by access to social media
|
|
#
?
Aug 8, 2019 19:00
|
|
|
|
| # ? Jun 9, 2024 16:48 |
|
|
Schadenboner posted:
the logout button is a technical solution that solves the behaviour of your lovely posting, wontfix Subjunctive posted:if I feel that need I’ll probably get a family friend to hold the passwords and check for badness if I ask, because you can’t un-learn things  you ain't kiddinlet's all take a minute to be silently impressed with how our parents sit wordlessly on all sorts of that poo poo got a co-worker who peeps all that stuff, when his kids were young they just accepted it and as they got older and earned their privacy he had to back off. funny part was them coming to him later and saying "omg dad you knew this why didn't you say anything?" and he basically said that wasn't the deal, you weren't in danger, not my wheelhouse
|
|
#
?
Aug 8, 2019 19:01
|
|