|
HIPAA.
|
# ? Dec 18, 2017 07:48 |
|
|
# ? May 25, 2024 03:03 |
|
iospace posted:Friendly reminder that code that determines if someone's health insurance paid out at a former job was the poster child for "spaghetti code". 1000 line functions, no comments, no one knew how it worked, even the people who originally wrote it. return false; was too obvious, I guess
|
# ? Dec 18, 2017 16:02 |
|
Munkeymon posted:return false; was too obvious, I guess Yuuuuuuup. Ranzear posted:Isn't HIPPA per-violation though, so if you leak 10,000 instances you get fined 10,000 times or some poo poo? I know the big one we got told about was a Blue Cross/Blue Shield company. They got fined 18.5m for 57 hard drives getting stolen: https://www.fiercehealthcare.com/payer/blue-cross-spends-18-5m-hipaa-violation
|
# ? Dec 18, 2017 16:10 |
|
Ranzear posted:Isn't HIPPA per-violation though, so if you leak 10,000 instances you get fined 10,000 times or some poo poo? In theory, yeah. I worked at a company that had an open submitted web form portal where the admin(every single person in the company including marketers and random fresh hire support techs) had full access to every client's patients submitted symptoms and stuff. Not full medical history, but enough. I looked it up and it would have instantly bankrupted the company(something like 500 violations at $50,000 each) if a successful HIPAA violation suit went down. This company also kept submitted legacy credit card info in plain text and for some reason just refused to delete this even though it wasn't even relevant to the clients. Good poo poo.
|
# ? Dec 18, 2017 20:00 |
|
You should have reported them. Be the whistleblower people need.
|
# ? Dec 18, 2017 21:00 |
|
necrotic posted:You should have reported them. Be the whistleblower people need. This, seriously. That's an enormous failure of both management and development (and IT) and put every clients privacy at risk, and possibly also their finances and identity!
|
# ? Dec 19, 2017 01:17 |
|
we were interviewing a programmer once for a position and he mentioned how he built an analytics portal for this random medical firm and he popped open his laptop and logged in and showed us all a bunch of confidential medical records. he was a real class act. his side job was automating the "buying things on amazon for cheap and reselling them on ebay" process. we didn't hire him.
|
# ? Dec 19, 2017 03:15 |
|
Giga Gaia posted:In theory, yeah. I worked at a company that had an open submitted web form portal where the admin(every single person in the company including marketers and random fresh hire support techs) had full access to every client's patients submitted symptoms and stuff. Not full medical history, but enough. I looked it up and it would have instantly bankrupted the company(something like 500 violations at $50,000 each) if a successful HIPAA violation suit went down. HIPAA is awful, dealing with it is awful, the software dealing with it makes you write is awful, but instantly bankrupted the company? That's what insurance is for.
|
# ? Dec 19, 2017 04:32 |
|
KernelSlanders posted:That's what insurance is for. Oh bitter irony!
|
# ? Dec 19, 2017 06:30 |
|
KernelSlanders posted:HIPAA is awful, dealing with it is awful, the software dealing with it makes you write is awful, but instantly bankrupted the company? That's what insurance is for. surely you can't get a blanket insurance policy against any and all HIPAA fines, who would want to underwrite that
|
# ? Dec 19, 2017 07:32 |
|
KernelSlanders posted:HIPAA is awful, dealing with it is awful, the software dealing with it makes you write is awful, but instantly bankrupted the company? That's what insurance is for. This would be a sort of regulatory malfeasance insurance, though. More correctly, this is what internal auditors are for.
|
# ? Dec 19, 2017 14:04 |
|
https://twitter.com/ricoviq/status/942821352532307968
|
# ? Dec 19, 2017 14:49 |
|
This is one way to get people off IE.
|
# ? Dec 19, 2017 15:08 |
|
That's just what a disqus does before you throw it
|
# ? Dec 19, 2017 15:11 |
|
Multi-monitor horror: Not all the same height.
|
# ? Dec 19, 2017 16:06 |
|
Bet you this is some kind of CSS failure, where they have an animated style sheet for a loading icon or something and its attributes are getting mis-assigned.
|
# ? Dec 19, 2017 18:05 |
|
It is. The css class that spun a loader around wasn't getting removed in IE after content load. Its the first reply to that tweet.
|
# ? Dec 19, 2017 18:17 |
|
Hope Disqus fixes their site on Chrome.
|
# ? Dec 19, 2017 18:47 |
|
necrotic posted:You should have reported them. Be the whistleblower people need. Probably. Me and another guy mostly tried to fix it as best we could then I quit and kind of forgot all about it until that guy posted about HIPAA. Hopefully they've done something about that. I found my old password file from the same company a few months back and tried a couple for a lark, apparently they never changed any sort of corporate account or server passwords either. I reported that to a friend who still foolishly works there and deleted the file. Her problem now!
|
# ? Dec 19, 2017 21:59 |
|
So they haven't done poo poo and you left it in the hands of someone who apparently also doesn't give a poo poo. Thank you for your service. edit: Like, do those unchanged server passwords give you access to data? Because holy gently caress REPORT THEM.
|
# ? Dec 19, 2017 22:29 |
|
Giga Gaia posted:Probably. Me and another guy mostly tried to fix it as best we could then I quit and kind of forgot all about it until that guy posted about HIPAA. Hopefully they've done something about that. It's your responsibility as a developer (and a human being) to loving sort this poo poo out. This info is probably already circulating the darknet, man.
|
# ? Dec 19, 2017 22:38 |
|
The CEO who thinks he's good at engineering told me not to write unit tests for the software I am developing. I wrote a bunch anyways. I have now caught at 4 edge case bugs, 2 major bugs, and two memory leaks.
|
# ? Dec 19, 2017 22:39 |
|
ratbert90 posted:The CEO who thinks he's good at engineering told me not to write unit tests for the software I am developing. Maybe he just assumed that you were at least as good at engineering as he is..[/s]
|
# ? Dec 19, 2017 23:50 |
|
ratbert90 posted:The CEO who thinks he's good at engineering told me not to write unit tests for the software I am developing. I have one of those. The logic appears to be not just that it takes longer to develop features if you write tests for them, but that it's harder to change the code to meet new requirements if there's tests to change too. I'm just glad there were engineers around with enough experience he valued their opinion I could let have the argument.
|
# ? Dec 20, 2017 03:10 |
|
Hughlander posted:Maybe he just assumed that you were at least as good at engineering as he is..[/s] I also didn't write the code I wrote tests for. :shh: Except for one. I was a noob and forgot a * (char) in a malloc. Edit* In my defense, I very rarely use mallocs. As I am a embedded programmer, most of the stuff doesn't need to be dynamically allocated.
|
# ? Dec 20, 2017 03:40 |
|
Edison was a dick posted:I have one of those. The logic appears to be not just that it takes longer to develop features if you write tests for them, but that it's harder to change the code to meet new requirements if there's tests to change too. I run into this argument more often than I would like. Hey, here's a hot take: if changes in requirements mean that tests aren't useful any more, then delete the tests and rewrite them! I save more time by having tests in the change in which I add the tests just because they force me to properly exercise the code and I invariably find bugs that would have been difficult to find through manual testing.
|
# ? Dec 20, 2017 04:10 |
|
necrotic posted:edit: Like, do those unchanged server passwords give you access to data? Because holy gently caress REPORT THEM. Nah. That poo poo is all on an in-house server, as in literally in a back office. I was talking about their web servers they host the sites/blogs on. Giga Gaia fucked around with this message at 04:26 on Dec 20, 2017 |
# ? Dec 20, 2017 04:21 |
|
spotted on FB
|
# ? Dec 20, 2017 16:43 |
|
canis minor posted:spotted on FB Ah, a classic @KevlinHenney (check out his twitter if you don't know it yet, it's full of 'computer errors in public spaces'. The most surprising thing is that those 10 by 10 pixel icons are apparently encoded as PNGs.
|
# ? Dec 20, 2017 19:25 |
|
Carbon dioxide posted:Ah, a classic @KevlinHenney (check out his twitter if you don't know it yet, it's full of 'computer errors in public spaces'. Or maybe they're not and someone thought they could stick a png in there.
|
# ? Dec 20, 2017 20:09 |
|
Coworker, to vendor: "Hey I ran into a problem on Dev. Can you take a look?" Vendor: "Sure, just zip up the database and put it on the server where we can see it." Coworker: "Sure thing." *creates 2GB ZIP of the database* I've mentioned it elsewhere, but not in this thread: the Dev database contains a copy of our Production data and is not sanitized in any way. Hope the vendor properly scrubs all this criminal justice data and SSN's! My last day is tomorrow.
|
# ? Dec 21, 2017 23:36 |
|
Wow. The ad network I worked at didn't even let devs see production data without scrubbing it first.
|
# ? Dec 22, 2017 00:21 |
|
Shader debugging is of the devil. https://twitter.com/FioraAeterna/status/944015464174305280
|
# ? Dec 22, 2017 02:26 |
|
Absurd Alhazred posted:Shader debugging is of the devil.
|
# ? Dec 22, 2017 06:55 |
|
Absurd Alhazred posted:Shader debugging is of the devil. Gotta love computers.
|
# ? Dec 22, 2017 09:40 |
|
Absurd Alhazred posted:Shader debugging is of the devil. I'm not sure I get it. Is it the shader compiler doing an unsafe transformation of floating point code? Using one kind of operation in one place and a slightly different kind in another, and erroneously considering them equivalent?
|
# ? Dec 22, 2017 11:41 |
|
hackbunny posted:I'm not sure I get it. Is it the shader compiler doing an unsafe transformation of floating point code? Using one kind of operation in one place and a slightly different kind in another, and erroneously considering them equivalent? If I understand correctly FMA(a, b, c) operates at 'full' internal precision and then rounds, but a*b+c will round twice. So they're not equivalent.
|
# ? Dec 22, 2017 12:03 |
|
vOv posted:If I understand correctly FMA(a, b, c) operates at 'full' internal precision and then rounds, but a*b+c will round twice. So they're not equivalent. I think it's a good idea to just never put a loop in a shader that depends on floating point math to exit, there are so many ways that it can go wrong.
|
# ? Dec 22, 2017 21:31 |
|
floats were a mistake.
|
# ? Dec 22, 2017 22:36 |
|
|
# ? May 25, 2024 03:03 |
|
All of humanity's problems can be traced back to the invention of numbers.
|
# ? Dec 22, 2017 23:03 |