I would go nowhere near a drenched feline since the most common version of them is likely in a very bad mood due to being drenched.
I would go nowhere near a drenched feline since the most common version of them is likely in a very bad mood due to being drenched.
clickops
I think I will steal this.
Ah, the horcrux technique.
A reference to the software engineer who worked 20+ years at Microsoft and then became a goose farmer. The LinkedIn post became viral.
Not an answer, but you don’t need an extension to defeat right-click blocking scripts: shift-right-click usually does the trick.
Really true. I hope “new UI” stays optional until I retire or become a potato farmer. I haven’t worked long enough at Microsoft to deserve geese.
That goes into the work profile of my android phone and that profile of switched off after clocking out. Simple as that, I don’t have to carry two phones and get my peace after hours. And my company respects my free time which also helps s lot.
The thing you are thinking about is called TOTP or timed one time password.
When you are allowed into the vicinity of this kind of equipment, you should be able to identify matching shapes without circles in the first place…
Masks don’t only protect from airborne viruses…
Oh, that makes warnings errors and does not mean “ignore errors”. I’m not too familiar with compiler flags. You could do some mental gymnastics to argue that the unused variable causes the compiler to exit and thus the code is not functioning and thus the unused variable is not a warning but an error :^)
I for my part prefer it that way. Makes sure the code stays clean and nobody can just silence the warnings and be done with it. Because why would you accept useless variables that clutter the code in production builds? Imagine coming back after some time and try to understand the code again. At least you have the guarantee the variable is used somehow and not just “hmm, what does this do? … ah, it’s unused”
Unused variable is an error which fails to compile.
And half of them are “curated list of X”
Review is done before code gets into main, but that’s inefficient for most of the non-mission critical projects out there. A better approach is to optimistically merge most changes as soon as not-rocket-science allows it, and then later review the code in situ, in the main branch.
Assuming you have a project with continuous delivery, that is an absolute foot gun. Optimistically merge the change and then realize in situ that you forgot the WHERE
part of your SQL command (or analog statement of the query builder)? No fucking thanks.
Yep, it’s a repost of this one.
One could even think this OP is an alt account.
There are some good points in it but the list feels poorly written as it contains very general tips which feel like fluff to increase the article length like:
Protect the client-side against attacks.
Or just wrong stuff like:
Validate all server-side input data.
If you can trust someone, it’s the server. You should validate data coming from the client on the server side.
Some things even contradict each other like
Implement strong authentication, such as two-factor authentication (2FA).
And
Use secure authentication mechanisms such as OAuth.
Assuming your app is an OAuth client, you have no say in how the identity provider identifies the user.
Good point, but even better than
Monitor file and source code integrity.
is having the application source code read-only, ideally owned by another user to avoid the confused deputy problem.
If all of those servers are yours (which they likely are, since you get ssh access), you can use one key for all. Using different keys would make one compromised key less problematic. But if someone was able to copy one file of your system, they can copy multiple files.
That resolves keeping track of things as well 😄
absolute galaxy brain moment
I am in this post and I don’t like it.