|
by Tansin A. Darcos (TDARCOS) 05/10/2012, 6:44pm PDT |
|
 |
|
 |
|
Ray of Light wrote:
(3:44:03 PM) Ray: Ooom posts to complain about the eroding value of competence
(3:44:43 PM) Ray: then ES, jeep, and TDARCOS come along and act out the sort of situation I had in mind, using their actual personalities
(3:45:28 PM) Ray: ITT: ES is the "A" programmer, jeep the "B" manager, and TD the "C" programmer hired by jeep
(3:45:47 PM) Ray: from his POV, they both have a lot of shit to say and sound like they went to school
(3:45:58 PM) Ray: (PS they don't both sound like they went to school)
(3:46:42 PM) Ray: ES says "go with me and I can make clalims like 'this will scale' and 'this will give accurate results'" -- TDARCOS says "I have invented perpetual motion!"
(3:48:24 PM) Ray: jeep, despite being a decent manager, is not skilled enough to tell the difference, and goes with whatever is already in place / ready to go (TDARCOS' solution)
(3:48:40 PM) Ray: fast forward 18 months: ONE JILLION CREDIT CARDS COMPROMISED
The only relation to reality your comment has is the eroding value of competence or the eroding level of competence in supposedly educated people.
The only reason places are having credit card compromization events is they fail to provide adequate safeguards. Databases are to be encrypted so you can't access them except through the approved applications. When people can examine databases the level of examination should be restricted to what they need to know. A person who answers questions needs to see one person's information at a time. And that's all they should be able to see. The only time someone should be able to access or read multiple people's information is if they are involved with developing an application that's handling batch processing such as system for generating bills. And in such cases, you have two people when this is done, one who is doing the work and the second - who doesn't know them, but is also a technically qualified person - to watch them to make sure they're not copying files. And even in their case, they need to access the data base one record at a time.
If you access a system from outside like a web inquiry system, it should be able to read one record, yours. But often the databases are stored unencrypted on portable equipment that can be stolen - I think the biggest reports of credit card compromises are because someone had the entire company's transaction history on a laptop that got stolen - or because someone figured a way to break into a database system or file server and used it to deliver up and disgorge their data. So guess what: proper security means that even if your external DMZ or firewall fails and they get through, all the attacker was got several hundred megabytes of garbage, because the file data is encrypted.
Security is pure overhead and a lot of places don't want to spend the money on what should be done. The smart companies do and they're the ones that will survive when things go bad. Auto Zone has its data center in Memphis built on base isolators, the same thing used in really earthquake-sensitive areas to allow a building to resist even massive earthquakes. Memphis hasn't been in a really bad earthquake since the New Madrid quake series back in 1811-1812, but the ones the New Madrid Zone had were bigger than anything that hit California, and the region generally has ones big enough to feel on a yearly basis. If that area has another big one, there will be massive devastation, this is straight from FEMA. So, if anything goes wrong such as a major earthquake, Auto Zone will still be able to operate its store network. It was probably much more expensive to build the building on base isolators, but if anything happens, the "insurance premium" they paid will be nothing in comparison. If nothing ever happens, they still had the protection from disaster and would have been able to continue to operate, and complaining about the cost is like complaining because you paid for fire insurance and your building never caught fire. The same - that they can continue to operate - can't be said for anyone else operating in the same area if anything goes wrong.
And sometimes even against known and expected potential disaster some people think obvious and necessary security expenses are "luxuries" that need to be cut in bad times.
The Chief of the San Francisco Fire Department has to go to the City Council every year to justify the expense of keeping two fully operational fire boats available 24/7. The council always asks why they have to cover the expense. Nobody seems to remember that when the city has had earthquakes (like the one in 1989 that shut down the World Series) it lost access to the fire hydrant system, which went dry, and the only systems available for providing water to fight fires are the fire boats that can pump seawater out of the bay. Security is expensive and if you don't handle it properly the results can be worse.
Credit Card exposure events are the equivalent of shutting down the fire boats and not caring if the city burns to the ground, as if you have faith the hydrants will never fail due to earthquake. "Faith" here is probably the operative word, since your security solution is basically "pray to God." Well, let me tell you, I'm an agnostic, I don't believe that's a valid solution!
|
|
 |
|
 |
|
|
|
Jesus Fucking Christ. People. by Oom Shnibble 04/17/2012, 11:10pm PDT 
Context? by Entropy Stew 04/18/2012, 12:57am PDT
Re: Context? by Oom Shnibble 04/18/2012, 1:43am PDT
I have some news for you, Om by Tansin A. Darcos (TDARCOS) 04/18/2012, 1:07am PDT
Um by Fullofkitttens 04/18/2012, 5:14am PDT
This is correct. You're a much better programmer than TDARCOS by Entropy Stew 04/18/2012, 8:26am PDT
Oh, and storage space is also increased by Entropy Stew 04/18/2012, 8:36am PDT
Using a tree structure is an overcomplicated method, at least now by Tansin A. Darcos (TDARCOS) 04/19/2012, 10:22am PDT
You're a disaster by Entropy Stew 04/19/2012, 1:06pm PDT
I forgot to mention your insane touting of this as a better approach vs trees NT by Entropy Stew 04/19/2012, 1:35pm PDT
Actually, I know what I'm doing. Do you what you are doing? by Tansin A. Darcos (TDARCOS) 04/19/2012, 7:43pm PDT
Your data structure is analogous to a hash table with 27 buckets by Entropy Stew 04/20/2012, 1:02am PDT
Re: Your data structure is analogous to a hash table with 27 buckets by Tansin A. Darcos (TDARCOS) 04/20/2012, 5:43pm PDT
Get dunked, son by Entropy Stew 04/20/2012, 9:26pm PDT
Re: Get dunked, son by Tansin A. Darcos (TDARCOS) 04/21/2012, 2:28am PDT
Oh Jesus I get it now. by The Happiness Engine 04/21/2012, 9:02am PDT
Oh, it's just a really shitty skip list, then NT by Entropy Stew 04/21/2012, 9:26am PDT
There's more than one way to implement a hash table by Entropy Stew 04/21/2012, 10:40am PDT
His data structure is analogous to 27 buckets of shit. NT by Orange Devil Bat 05/12/2012, 9:13am PDT
hey tansin by jeep 04/21/2012, 6:10pm PDT
Re: hey tansin by Entropy Stew 04/22/2012, 6:07am PDT
Re: hey tansin by jeep 04/22/2012, 8:10am PDT
you would not believe the fucking scrub phds I've been handed to work with by jeep 04/22/2012, 8:19am PDT
PhD is the rubber stamp indicating either greatness or utter uselessness by Entropy Stew 04/22/2012, 10:18am PDT
I've learned to avoid the master's ones altogether by jeep 04/22/2012, 6:36pm PDT
Re: hey tansin by Tansin A. Darcos (TDARCOS) 04/24/2012, 1:53am PDT
Re: hey tansin by jeep 04/24/2012, 5:57am PDT
What is Pascal and why it is used by Tansin A. Darcos (TDARCOS) 04/19/2012, 9:31am PDT
Pascal is a terrible tinkertoy dead programming language. NT by Too boring, didn't read 04/19/2012, 4:26pm PDT
Pascal/Delphi by Oom Shnibble 04/19/2012, 11:34pm PDT
Also (Mini-rant) by Oom Shnibble 04/19/2012, 11:44pm PDT
Re: Also (Mini-rant) by Dangerous Dave 04/20/2012, 7:20am PDT
The schools around here (Big Ten) start with Python then go to C++. by Fullofkitttens 04/20/2012, 7:39am PDT
Re: Also (Mini-rant) by Tansin A. Darcos (TDARCOS) 04/20/2012, 6:22pm PDT
Re: Also (Mini-rant) by Dangerous Dave 04/20/2012, 9:37pm PDT
Re: Also (Mini-rant) by Entropy Stew 04/20/2012, 10:40pm PDT
Re: Also (Mini-rant) by Tansin A. Darcos (TDARCOS) 04/20/2012, 5:54pm PDT
Re: Also (Mini-rant) by Entropy Stew 04/20/2012, 9:44pm PDT
Re: Also (Mini-rant) by Tansin A. Darcos (TDARCOS) 04/21/2012, 4:24pm PDT
Corection, I mean "one block of 511K free" in above article NT by Tansin A. Darcos (TDARCOS) 04/21/2012, 4:24pm PDT
That's just a smart allocator. Even C has them by Entropy Stew 04/22/2012, 5:32am PDT
It's still automatic garbage collection by Tansin A. Darcos (TDARCOS) 04/24/2012, 2:00am PDT
No it isn't, you ignorant motherfucker. How can you be wrong so often? by Entropy Stew 04/24/2012, 3:46am PDT
So you really think insulting someone is going to get them to listen to you? NT by Tansin A. Darcos (TDARCOS) 04/27/2012, 5:37pm PDT
Pretty sure he's serious about the ignorant part, maybe even the mother fucker! NT by Worm 04/27/2012, 6:04pm PDT
I never fucked my mother. She charged too much. NT by Tansin A. Darcos (TDARCOS) 05/10/2012, 6:07pm PDT
OH GOD HIS FEELINGS NT by Entropy Stew 04/27/2012, 6:36pm PDT
SPOILERS: He so fucked up the cheeseburger. It's amazing, you should check it ou NT by The Happiness Engine 04/27/2012, 8:53pm PDT
Re: Pascal/Delphi by Tansin A. Darcos (TDARCOS) 04/20/2012, 5:34pm PDT
What the fuck does this have to do with pointers? NT by Entropy Stew 04/18/2012, 8:44am PDT
Re: What the fuck does this have to do with pointers? by Ice Cream Jonsey 04/18/2012, 9:07am PDT
Exactly right, Jonsey, you nailed it! by Tansin A. Darcos (TDARCOS) 04/19/2012, 10:32am PDT
I got yer back, Commander. NT by Ice Cream Jonsey 04/19/2012, 11:55am PDT
Counterpoint by Ray of Light 05/06/2012, 1:49pm PDT
HAHAHAHAH by Entropy Stew 05/06/2012, 5:35pm PDT
Re: HAHAHAHAH by jeep 05/10/2012, 6:41pm PDT
also I hope you mean I don't sound like I went to school for cs by jeep 05/10/2012, 6:42pm PDT
Neither did I NT by Entropy Stew 05/10/2012, 8:16pm PDT
Your degree is in scare quotes! NT by We Miss QB 05/10/2012, 8:33pm PDT
I did! NT by Scot Thompson, ex-Yahoo CEO 05/14/2012, 2:38am PDT
Oh please, this has nothing to do with application development by Tansin A. Darcos (TDARCOS) 05/10/2012, 6:44pm PDT
Well I definitely feel safe now *hands over millions of credit card numbers* by Entropy Stew 05/10/2012, 9:36pm PDT
Re: Well I definitely feel safe now *hands over millions of credit card numbers* by Tansin A. Darcos (TDARCOS) 05/12/2012, 8:43am PDT
You know less about security than you do data structures NT by Entropy Stew 05/12/2012, 4:11pm PDT
Hi, my name is Ray by Ray of Light 05/14/2012, 1:49am PDT
Re: Hi, my name is Ray by jeep 05/14/2012, 1:28pm PDT
TDARCOS: wrong enough to summon Ray back from 2fort by Entropy Stew 05/14/2012, 6:19pm PDT
Accessing one item at a time by Tansin A. Darcos (TDARCOS) 05/16/2012, 3:28am PDT
Context: it matters NT by Entropy Stew 05/16/2012, 4:04pm PDT
Part Two of this. by Oom Shnibble 05/25/2012, 9:19am PDT
Re: Part Two of this. by Tansin A. Darcos (TDARCOS) 05/27/2012, 9:51am PDT
What? Isn't the issue that you can't cast to an unrelated class? NT by Entropy Stew 05/27/2012, 1:34pm PDT
yes by Rafiki 05/27/2012, 1:58pm PDT
I don't get how TDARCOS understood it was casting, then failed to understand the NT by Entropy Stew 05/27/2012, 2:05pm PDT
I think I did get most of it by Tansin A. Darcos (TDARCOS) 05/28/2012, 10:57pm PDT
He is close enough for government work -nt- NT by Oom Shnibble 05/29/2012, 11:56am PDT
The Future of Perl NT by Kerr 02/21/2025, 2:37pm PST
|
|
