User Controls
Posts That Were Thanked by Sophie
-
2016-11-25 at 3:22 AM UTC in Any of you been following #pizzagate?http://www.zerohedge.com/news/2016-11-23/reddit-bans-pizzagate-we-dont-want-witchhunts-our-site
only through this, not aware of detailsThe following users say it would be alright if the author of this post didn't die in a fire! -
2016-11-25 at 3:04 AM UTC in My aunt's illness first became apparent today, 6 years ago"qwit smokkin cigs bra"The following users say it would be alright if the author of this post didn't die in a fire!
-
2016-11-25 at 12:01 AM UTC in The retarded thread: Fuck, §m£ÂgØL made one first edition
idk got meds tomorrow tout ppl may appreciate sumthin roughThe following users say it would be alright if the author of this post didn't die in a fire! -
2016-11-24 at 11:57 PM UTC in AHHHHHH!!!!!! I JUST SAW A GHOST!!!!!!!!Also invisible?The following users say it would be alright if the author of this post didn't die in a fire!
-
2016-11-24 at 8:04 PM UTC in I miss -SpectraLHaha, great post. A bit inaccurate but very fun to read....The following users say it would be alright if the author of this post didn't die in a fire!
-
2016-11-24 at 5:21 PM UTC in May as well get this over with
Originally posted by Bill Krozby um okay… are you going to see your dead father today? whats your excuse? lol
"Let's try to be more positive. I'm a people helper." -Doug (derpadew) Craighead
Truth be told I visit my dead dad far more often than you visit your living daughter. Let that sink in.The following users say it would be alright if the author of this post didn't die in a fire! -
2016-11-23 at 2:27 AM UTC in Y'all niggas are actually pretty greatI was just reading through random threads, got a nice buzz going, and the shit you guys post cracks me up. I spend a lot of my day with people really far up their own ass, it's nice to come home and shitpost with the trillest space niggas I know. Somewhere I can call someone a nigger and it's not a big deal, somewhere I can spit on the floors. Even Bill Krozby contributes in his own way, he may be absolute scum as a human being but when you get gems like:
Originally posted by Bill Krozby my cat actually likes my semen i have to shew him away constantly!
I just can't stay madThe following users say it would be alright if the author of this post didn't die in a fire! -
2016-11-23 at 12:51 AM UTC in Critical thinking is a rare skillOn another note, your gears are polished wheels. Zero edge.The following users say it would be alright if the author of this post didn't die in a fire!
-
2016-11-22 at 6 PM UTC in Lola Monroe for moderatorLight your face on fire and jump into a wood chipperThe following users say it would be alright if the author of this post didn't die in a fire!
-
2016-11-22 at 8:46 AM UTC in Hey guys, what's your favorite truck?The answer is an unqualified yes, jesus fuck
"muh youtube videos"
never seen a youtube video of a german who didn't have a small dick neither, GOOD STANDARD FOR EVIDENCE FAGGOTSThe following users say it would be alright if the author of this post didn't die in a fire! -
2016-11-21 at 5:27 PM UTC in My favorite picture of 2015.(No lolis, promise)Don't lie...
-
2016-11-21 at 6:44 AM UTC in The retarded thread: Fuck, §m£ÂgØL made one first editionhey, we actually see the same post numbers now. Yay!The following users say it would be alright if the author of this post didn't die in a fire!
-
2016-11-21 at 6:24 AM UTC in My favorite picture of 2015.(No lolis, promise)I remember that, from the fern. Timeless classic.The following users say it would be alright if the author of this post didn't die in a fire!
-
2016-11-21 at 5:59 AM UTC in Social experiment: being nice to women for 1 month.only on NIS is not being a piece of shit for a short period considered a 'social experiment'The following users say it would be alright if the author of this post didn't die in a fire!
-
2016-11-21 at 2:18 AM UTC in So at least 100 years ago on Redfern...Well so "infosec people" can describe at least two distinct classes of professional technologist. There are "security researchers" and there's "security contractors" and they may sound like the same thing but they're actually very different. Researchers are the guys who produce CVE tickets, they have their fair share of dumshits, cringe lords, and mediocre joes just trying to collect a paycheck but in general they serve a pretty important role and there's some real talent there. Then there's security contractors that are hired goons whose occupation consists of equal parts fear mongering and beating real programmers over the head with automated extremely primitive "security reports". The latter group is a parasite upon the former who are themselves kind of the jedis of the developmental world: we know they're smart and they need to exist, ultimately they're a good thing but they really are a pain in the ass sometimes.
When you hear IT people or developers bitching about security folks they're generally of the contractor variety.
But I mean security breaches are pretty common, so what is it that makes other people continuously dismissive of some elements in the security community? The answer, at least as I see it, is twofold. The simpler answer is development is hard and most programmers are fucking retarded. Like cargo cult sorry sons of bitches who, if they were carpenters instead of programmers, would be able to hammer nails sorta ok and nothing else who have been carried through their careers because people felt sorry for them. They have a hard time composing systems they haven't seen a hundred times before and any thought towards adversarial usage just isn't there, just a handful of dogmas (null checking in java-land is a great example of this, although not a security issue per se, it demonstrates the ability of people to cobble together software with no actual insight into the process, leaning instead on received wisdom). Sad but true.
But of course that isn't everyone, legitimately smart people will ignore security issues too although usually at a much lower rate. Why does that happen? I mean it's easy to explain "I didn't see this" because systems are complex but when someone turns up at your desk with an issue and you're like "nahhh" isn't that just negligence? On a level yes, but when prod is fucked and an RCA lands at your feet that's a shitty place to be, no one would sign up for that out of laziness. The answer is that the rate of false positives in security analysis (usually automated security analysis, and a similar issue exists with automated analysis in general) is so high as to make it basically meaningless, or at least in most cases I've seen. Donald Norman has done a fair amount of research on this but it's really just lost on sec folks because "lol we're not designers", but it's kind of obvious, when the majority of "security issues" you're confronted with are nothing but fear mongering it's hard to take them seriously.
An anecdote: a dude shows up at my desk the other day. "There's an XSS vulnerability in your project", we look at it, we take a number and render it into the markup without escaping it because of special circumstances. Ok, I understand, automated checker sees there's an unsanitized field getting sent to the user. But it's a number, the type system guarantees us in a formally provable way it's a number, it can render as a string of exactly 10 characters none of which can constitute an escape code or really do anything. "But what if your DB returns something that isn't a number?" Well ok, so let's say the DB randomly stops doing like the one thing it's supposed to do which is maintain relational integrity. Let's say it magically does that for some reason. Then the cast fails, we 500 out, and production support deals with the magical database. "What if it doesn't though?" Fucking what if in an act of divine intervention RNJesus decides every UUID we generate is going to be exactly the same for the next 3 years? Well we're fucked 12 ways to sunday, the world economy is going to collapse and we'll probably all die in a tidal wave but it's not my job to deal with impossible hypotheticals. This shit show went through like 5 levels of managers, all but one of whom couldn't write hello world and the decision comes back I'm wrong so we eat shit and stack another half second of load time onto requests because some dipshit's audit tool needs to be appeased.
Meanwhile I pointed out a timing attack and some architect is all like "nahh, no way anyone's going to figure out that exists" so in a few months a major american financial institution is going to have a product with a known (to three grunt programmers and a lead) timing attack in it and we're all just hoping really hard no one sees that shit. Try escalating it you say? Yeah well that's hard to do when no one who can do anything knows what the fuck time to first byte means, much less what a timing attack is.
IN SHORT technology is fucked and if we're lucky we'll all die from a natural disaster before AI comes about and decides to go all "I have no mouth and I must scream" on us because some dumbshit did something stupid and there's just enough stupidity around him to propagate his fuckup far enough to fuck us all.
Post last edited by Lanny at 2016-11-21T02:20:55.813037+00:00The following users say it would be alright if the author of this post didn't die in a fire! -
2016-11-21 at 1:55 AM UTC in So at least 100 years ago on Redfern...
Originally posted by Sophie
Top lol :)
In anticipation of your elaboration,
Love, Sophie.
tee-hee that's the gif I used when WS posted kraykay's fingerpainting pics :)The following users say it would be alright if the author of this post didn't die in a fire! -
2016-11-20 at 11:29 PM UTC in Battlestations ThreadYou are utterly repulsive, Bill Krozby. My stomach churns when I am unfortunate enough to come across any picture of you. I can only imagine the putrid stench that emanates from your foul corpulent body.
Post last edited by Malice at 2016-11-21T03:02:18.913577+00:00The following users say it would be alright if the author of this post didn't die in a fire! -
2016-11-20 at 11:16 PM UTC in ATTN: AntinatalismGoddammit SophieThe following users say it would be alright if the author of this post didn't die in a fire!
-
2016-11-20 at 11:04 PM UTC in Hey Lan your antiCSRF middleware token crap is cramping my proxy posting style.Could you send me the network log? Something like this:
Fiddler or FF's network log would be fine too.The following users say it would be alright if the author of this post didn't die in a fire! -
2016-11-20 at 10:06 PM UTC in just ordered a bunch of shyt
Originally posted by mashlehash I'll mail you a better face.
If you had access to better faces you wouldn't look like a cave dweller whose heart was ripped out in sacrifice to a sun god.The following users say it would be alright if the author of this post didn't die in a fire!
