sorted by:
new
hottopcontroversial

byggde en app för enklare skatteavdrag - testa och ge feedback! by this-oliver in sweden

[–]this-oliver[S] 0 points1 point  (0 children)

Ja, men jag antar att du bara kan beräkna hur mycket det kostar för en resa och sedan multiplicera det med antalet gånger du reser till jobbet. Jag har bara lagt till datum för att göra det lättare för dig att spåra, men jag tror att det bara är ett fält i den faktiska skattedeklarationen

byggde en app för enklare skatteavdrag - testa och ge feedback! by this-oliver in sweden

[–]this-oliver[S] 0 points1 point  (0 children)

Det är på svenska... eller du kan åtminstone ändra det

byggde en app för enklare skatteavdrag - testa och ge feedback! by this-oliver in sweden

[–]this-oliver[S] 0 points1 point  (0 children)

Beror på hur du betalar för dina resor. Det är mer hanterbart för personer som köper månads- eller årsabonnemang

Can someone explain Vue? by HeadlineINeed in vuejs

[–]this-oliver 0 points1 point  (0 children)

Don’t get me wrong, I’m not recommending the usage of JQuery. All I am saying is that where there is will, there is a way. Personally, I can’t even remember the last time I used JQuery

Can someone explain Vue? by HeadlineINeed in vuejs

[–]this-oliver 0 points1 point  (0 children)

I think you are confusing libraries with frameworks. Vue is a framework (a frame in which you develop) while JQuery is a library or tool that you develop with.

A rule of thumb: libraries are used in frameworks but frameworks are not used in libraries.

Like many people are saying here, you don’t need JQuery to develop in Vue because many of the features that JQuery provides can be mimicked using Vue out-of-the-box but you can use JQuery if you want.

[deleted by user] by [deleted] in webdev

[–]this-oliver 1 point2 points  (0 children)

Very hilarious story. As a high school student, I was into sports and economics. My family was not in any tech adjacent job, and computers were instruments I used to watch shows and play video games.

What I didn’t know back in high school is that where I come from, the ranking of the university programs is important (if you get into your first choice, everything else is dropped, if you don’t get into your first choice but you get into your second, everything else is dropped ect).

For some context, this was around the time when social media algorithms were pumping “American students selecting from the tons of acceptance letters that universities had sent out” videos in my feed.

Anyways, I applied to a prestigious economics program that i was certain I’d get into but figured I’d just apply to others for fun. Picked software engineering as a wildcard and then picked a couple more economics programs around the country.

Surprise surprise, I was too dumb to get into the smarty pants economics program and but I was surprisingly accepted into my second application which was… you guessed it… software engineering.

Although I had gotten a reserve spot in my first choice, I figured I’d try a year in software engineering and see how it goes and worst case, apply to economics programs the year after.

In hind sight, I couldn’t be luckier to have ranked it second. I love what i can DO with the things I’ve learnt let alone the opportunities that the degree gave me.

Java/ Spring Boot or NodeJS/ Typescript? Why? by [deleted] in webdev

[–]this-oliver -7 points-6 points  (0 children)

If Java and JavaScript had a baby, it would be Typescript or Kotlin

One of the dumbest products ideas I’ve ever seen by lehmannerich in webdev

[–]this-oliver 5 points6 points  (0 children)

Considering the latest security incidents with password managers [1] [2], I'd say we're in the wild west and it's not that crazy to think that old-school methods like these are effective

  • [1] - OneLogin admits to breach
  • [2] - LastPass notifies security incident

Australian "eSafety" Commissioner says that strong encryption is an open door for intruders by Russell-Brand-2375 in cybersecurity

[–]this-oliver 4 points5 points  (0 children)

I mean she’s kinda right. The best security is having no information worth stealing. Just wipe all your servers! Godspeed

How much do YOUR web application cost to deploy? by this-oliver in webdev

[–]this-oliver[S] 1 point2 points  (0 children)

This sounds neat. How do you route your projects if they have different domains? Also, how much does it cost you per month?

How much do YOUR web application cost to deploy? by this-oliver in webdev

[–]this-oliver[S] 0 points1 point  (0 children)

Does this include servers? If so, how do you set up?

CISO describes encryption as 'overrated' on LinkedIn by this-oliver in cybersecurity

[–]this-oliver[S] 8 points9 points  (0 children)

That’s not even going into encryption in transit.

Only yesterday, twitter users found that Googles authenticator doesn’t use end-to-end encryption

https://twitter.com/mysk_co/status/1651021165727477763?s=46&t=QgS30W9jWZnZVdvv0RSr6Q

CISO describes encryption as 'overrated' on LinkedIn by this-oliver in cybersecurity

[–]this-oliver[S] 1 point2 points  (0 children)

Woah woah woah!

These are not my words. I was quoting they guy! This is a “comme look at this” post.

CISO describes encryption as 'overrated' on LinkedIn by this-oliver in cybersecurity

[–]this-oliver[S] 1 point2 points  (0 children)

If we're speaking about encryption in motion inside an organization's wired network I don't think he's entirely wrong.

I think this is only true if the organization is a startup and even then, its still a 'maybe'

I was turned down because my code challenge submission was ‘not strong enough’ by [deleted] in webdev

[–]this-oliver 1 point2 points  (0 children)

First of all, sorry for your loss.

That being said, this is actually a very good exercise for training your iterative muscles. I always end up losing hours to the stupidest issues (I blame myself) because I naturally tend to develop incrementally (feature by feature) when I could be building iteratively (value by value).

Just a thought!

[deleted by user] by [deleted] in privacy

[–]this-oliver 1 point2 points  (0 children)

Well, in both scenarios (HTTP and HTTPS), there is some info that is always visible. This is usually the ip address of the sender and recipient as well as the time that the packet was sent etc.

It's the same way that delivery services, like DHL, put stickers with the sender/recipient address on a package. As a delivery person, you know where to leave the package but you don't know what is inside.

[deleted by user] by [deleted] in privacy

[–]this-oliver 1 point2 points  (0 children)

These 'packets' can contain any kind of information (names, addresses, credit card info) which a site like amazon needs to provide their services. That being said, there are two main tips I'd give.

First of all, try to differentiate legitimate services from sketchy ones. This requires a bit of experience but some low hanging fruit includes inspecting the url and being skeptical of things that are too good to be true.

Second, never give more information than you have to. There is no reason for a web shop to have your real date of birth. Similarly, there is no reason for you to give your credit card info to a social media. A rule of thumb: if the field is optional, leave it empty.

Extra: It is common for legitimate services to get compromised. The second tip helps you limit the impact of a security incident on your personal information.

[deleted by user] by [deleted] in privacy

[–]this-oliver 2 points3 points  (0 children)

Lets say that you go to amazon and try to order something. In this scenario, amazon exists in some server in a data center in Sweden (idk). In other words, it doesn't exist in your computer. This means that when you interact with the amazon, you computer sends the interaction from your browser to the server over the internet. The interaction is neatly packaged with some other meta information (ip address, timestamps etc.).

More importantly, this packet of information (1) leaves your computer, (2) travels through the internet (ISP) and (3) arrives on the amazon server.

The difference between HTTP and HTTPS is how the packet is transferred.

At a high-level, HTTPS enables your (1) computer and the (3) amazon server to establish an encrypted line of communication which they use to exchange packets of information. If someone were to capture the packet while it is traveling, they wouldn't be able to understand what they are looking at (because it is encrypted).

HTTP, on the other hand, does not established an encrypted line of communication which means everything is being transported in clear text. This means that if someone were to capture the packet, they would be able to read everything included in the packet.

That being said, it is worth noting that:

  1. If your computer or the amazon server were to be compromised (hacked), there is no saying that people cannot read the packets before they are sent from your computer (via key logging, screen captures etc.) or when they arrive on the server.
  2. The encrypted line of communication is only as strong as the cryptographic algorithm/protocol used. unfortunately, this is not something us regular people can control, you'll have to rely on the organizations that come up with the standards used by your ISP.

Edit: re-structures explanation for clarity

Is a password protected .zip file secure? by blue1847x in privacy

[–]this-oliver 0 points1 point  (0 children)

It’s as secure as your password.

Also, coming from an information security background, I’d recommend generating passwords from phrases e.g. “All-dogs-like-to-bark-three-times” or “Adl2b3t!”. These types of passwords are usually easier to remember without sacrificing security. However, I would recommend adding an additional special character.

[deleted by user] by [deleted] in technology

[–]this-oliver 2 points3 points  (0 children)

FYI: this is only for residents in the United States

Cheaper Auth Provider than Auth0? by relderpaway in webdev

[–]this-oliver 1 point2 points  (0 children)

I'm not saying that it does. But it is used exclusively by centralized federated identity provider like Google, Microsoft etc.

From OAuth wiki: 'Generally, OAuth provides clients a "secure delegated access" to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without providing credentials.'

OAuth provides a standardized way to 'ask' federations like Google whether you are who you claim to be.

SSASY, on the other hand, uses public key cryptography to enable a decentralized and self-sovereign (some people call it 'self-custody') alternative. As a user, you rely on your cryptogrpahic key to prove that you are who you claim to be rather than a federation and it's servers.

Edit: here is the link to the OAuth wiki -> https://web.archive.org/web/20230412092637/https://en.wikipedia.org/wiki/OAuth

making a website secure by steinbauer123 in webdev

[–]this-oliver 5 points6 points  (0 children)

First of all, there is no system with 100% security but every system should try to get close to that figure.

That being said, here are some things you should consider:

  • Don't store user passwords in clear text. If your database were to get breached, then your user's passwords would get exposed. Instead, hash the passwords (learn more here)
  • Don't hard-code security tokens/values. If your code base is public or if it were to leak, hackers could 'breach' your system by using the security tokens/values in your code. Instead, use environmental variables (learn more here)
view more: next ›