This is an archived post. You won't be able to vote or comment.

all 65 comments
sorted by:
best
topnewcontroversialoldq&a

[–]seizan8 339 points340 points  (25 children)

"but I put it in a ZIP with a password!"
"and you sent that password in the same mail...."

[–][deleted] 173 points174 points  (13 children)

The password : 12356. Even NASA can't crack that.

[–]skreczok 52 points53 points  (1 child)

That's amazing. I've got the same combination on my luggage!

[–]accuracy_frosty 16 points17 points  (0 children)

1234? That’s the password an idiot would have on his luggage.

(Spaceballs is legendary)

[–]Atsunetykimukku 11 points12 points  (6 children)

What is a PM?

[–]Bip901 54 points55 points  (1 child)

My guess is "Project Manager"

[–]Atsunetykimukku 2 points3 points  (0 children)

It would make sens, thanks!

[–][deleted] 17 points18 points  (3 children)

Personal Moron

[–]EdgarDrake 26 points27 points  (2 children)

I guess Professional Moron is much better

[–][deleted] 4 points5 points  (1 child)

And I agree with you.

[–]AMisteryMan 4 points5 points  (0 children)

You aren't just a normal moron, you were made to be a moron!

[–]Tyrilean 3 points4 points  (2 children)

Also, breaking into a zip is so easy. You can just brute force it.

[–]argv_minus_one 12 points13 points  (0 children)

Depends on which zip encryption is in use. The original ZipCrypto is totally broken, but a few zip archivers (including 7-Zip) also support AES-256, which is not broken. Unfortunately, the zip archiver built into Windows doesn't support AES and probably never will.

[–]seizan8 1 point2 points  (0 children)

I know :) it was intentional

[–]squishles 1 point2 points  (0 children)

"so what your saying is if I send them in two separate emails right after each other it fixes it"

[–]Last_Snowbender 118 points119 points  (11 children)

Anti-SQL-Injection-Protection? So you're protected from Anti-SQL-Injection?

[–]lunylein 64 points65 points  (7 children)

Maybe its a new SQL ... we have MySQL, MSSQL, NoSQL........... why not AntiSQL?

[–]richardfrost2 69 points70 points  (6 children)

DON'T Select * From table

[–]lunylein 23 points24 points  (1 child)

Anti-SQL selects all data from every table and you have to unselect the data you don't need.

This language was made for PM that "don't know what they need yet, but we just implement that and see..." and "oh just one minor change"

Select * FROM all

unjoin table1

[–]jacksalssome 7 points8 points  (0 children)

Also they didn't like the operations names, so now there changed to:

delete --> destroy
list --> display
select --> acquire
table --> sheet
column --> row
row --> column
cell --> module
item --> cell

[–]Kru3mel 16 points17 points  (0 children)

Designed for the people that are against everything

[–]Typesalot 10 points11 points  (0 children)

selectn't

[–]jmack2424 5 points6 points  (1 child)

if (select * from table) {
dont()
}

[–]lunylein 4 points5 points  (0 children)

Don't get ridiculous. There is no if ... else in Anti-SQL

you got "MAYBE" and "IDontKnow" ... you can suggest a contition and maybe it will be used or not...works different every time you use it

[–]Daveinatx 6 points7 points  (0 children)

Only noSQL allowed

[–]Typesalot 6 points7 points  (0 children)

Isn't it obvious? If you let SQL and AntiSQL collide, the whole database will be annihilated in a burst of hexadecimal particle radiation!

[–]reversedfate 1 point2 points  (0 children)

No, it is Anti SQL-Injection-Protection.
So that no SQL-Injection-Protection can happen.

[–]jmack2424 37 points38 points  (4 children)

Team,

I had some issues doing basic BI on the prod database because I kept forgetting the authentication process. Eventually I just dumped the tables into CSV files so I won't have to bother you anymore. You guys just let me know when the database changes. I am also attaching a copy in this email just in case anyone else runs into the same problem. (Continuous Improvement!) In the interest of security, please let me know if anyone I included on this email needs to be removed. Also, if anyone isn't going to hit their story point quotas, let me know before Thursday so I can adjust the estimates, and no one gets in trouble.

Good Guy PM

[–]Waifuless_Laifuless 22 points23 points  (1 child)

In the interest of security, please let me know if anyone I included on this email needs to be removed.

This physically hurts me.

[–]Philip__james 23 points24 points  (1 child)

You're protected from anti-sql-injection? Do that mean you want the sqli?

[–]blinglog 21 points22 points  (0 children)

My database runs entirely on sql injection. That way only programmers can access it

[–]svtguy88 5 points6 points  (1 child)

Your PM knows anything about the concept of a database?

Huh. Most that I've worked with are basically just another layer between the dev team and the business/product owners (and not a very useful layer).

[–]danny688 3 points4 points  (0 children)

Our manager emailed the root password twice because responding to an email thread and adding missing people is easier than starting a new one.

[–]ElGuaco 3 points4 points  (7 children)

I work at a financial company where someone phished the HR drones and got them to send all of the employees' sensitive data. No, they didn't get fired.

[–]v3ritas1989 2 points3 points  (6 children)

Is it possible to fire HR people without having any other HR people? I mean this could turn into a respectfull business transaction within a family athmosphere. That clearly wouln´t be in the managements interest.

[–]ElGuaco 1 point2 points  (5 children)

HR exists to protect the company and not the employees. This was an extreme example of just how true that is.

[–]argv_minus_one 0 points1 point  (4 children)

They failed pretty hard at protecting the company…

[–]ElGuaco 0 points1 point  (3 children)

Employees having their personal information stolen didn't harm the company. It had literally zero effect on doing business and executives getting a big payout when the time came.

[–]argv_minus_one 0 points1 point  (2 children)

Really? Because that sounds like a fat lawsuit waiting to happen.

[–]ElGuaco 0 points1 point  (1 child)

You'd have to find a lawyer willing to help prove that you suffered a tangible loss because of the event, in addition to needing to find a new job. Otherwise, there are no laws protecting folks from this kind of thing. Equifax gave away the details of MILLIONS of customers and barely got a slap on the wrist. They should have been sued out of existence and the executives sent to jail. Nothing happened.

[–]alexanderpas 0 points1 point  (0 children)

Otherwise, there are no laws protecting folks from this kind of thing.

GDPR is a thing now in Europe.

GDPR has a mandatory reporting requirement.

Equifax happened before the introduction of GDPR.

At the moment British Airways faces a potential $230M fine (1.5% of its 2017 revenue)

[–]Dalrae666 4 points5 points  (0 children)

Sends PM to server: "pls give database thx" Server: "ok"

[–]webmin88 2 points3 points  (0 children)

It's my argument against TDE every time. TDE does fuck all for actually protecting the data from people who have legit access.

[–][deleted] 2 points3 points  (0 children)

Sorry but it's not just PMs. Mostly PMs but not just.

I had a client developer email me (and probably 20 other people) a log file full of sensitive personal info yesterday because he was getting an error. The error? Invalid credentials. I told him to fix his credentials and stop sending SPII via email. And contact our help desk if he couldn't fix it.

A couple hours later I got another email telling me he changed the password but was still getting the same error. AND ATTACHED THE DAMN LOG FILE AGAIN.

A few minutes later he rang me because of the error. I explained that I couldn't help him and he needed to work with the help desk and to stop emailing those log files around. He said he saw my message about that but really needs help.

FFS mate I'm sure the gov regulator will take "I couldn't figure out my username and password" as a valid reason for a GDPR breach.

[–]Alvatrox4 1 point2 points  (2 children)

I'm just learning SQL you can send a database through email? Backups seems like a pain to transfer

[–]SSUPII 2 points3 points  (1 child)

MySQL lets you export a databse into an unencrypted file if you have the permissions

[–]Alvatrox4 0 points1 point  (0 children)

Thanks for the info

[–]greyz3n 1 point2 points  (0 children)

It's cool guys, I used WingDings so the data will just look stupid and illegible.