Along with all the general discussion, I found the concept of defensive parsing striking a chord when reading this as well: "The Seven Turrets of Babel: A Taxonomy of LangSec Errors and How to Expunge Them", https://langsec.org/papers/langsec-cwes-secdev2016.pdf
I'd love for these ideas to take hold at work, but I'm on the fringes in infosec, not a dev.
Back in the stone age, I worked at 7-Eleven while in university. Nothing was really computerized at the store level then, even cameras were rare.
What was done all the time was a simple, templated, paper-based process that managers went through each month. I believe the gist of it was that it recorded sales for each shift in the month (7am-3pm, 3-11, 11-7), and who worked them. Some simple stats highlighted low sales correlated with employees, to point out who was likely entering smaller prices in the till and pocketing the difference. Now it's all bar-code scans of course, but it was a common problem at the time.
Well, or they could release a patch that simply nerfs the license check on the binary. No risk in terms of lost profits, for software they no longer sell.
That assumes the (a) the source is still available (b) the build environment is still available and working, (c) a staff member is still available that understands the system and/or (d) the time to figure it out and rebuild, test, and create the binary diff/patch ....
Well, yeah. The point was that there are changes that could be made, without having to make it possible for everyone else to build, that would enable continued binary support.
Even still, I have to make sure my KVM switch is connected to the correct laptop. (Work on one side, personal on the other, and shared keyboard / trackball)
It's amazing the technology that we have available, often cheaply. I'd had some suspected infection in my leg one time, where it looked pinker (sunburned?) compared to the other, and I thought it felt warmer. I happen to have a cheap thermal camera, so took some false-color images compared to the other leg, showing that it was indeed warmer. It was great fun to show the doctors, who had to ask, "what exactly am I looking at?" Antibiotics took care of it, whatever was going on.
Yeah, the letters go up by powers of two. So an H would be eight Es, sixteen Ds. Considering the cost of a three pack of the latter, I could only dream of those brutes.
Same here. Even the small motors were expensive at the time. One winter my dad and I figured out how to make our own—rolled the casing out of packing tape, poured the end plug from (I think) Durham‘s rock-hard water putty, then filled with fuel made from a mixture of black powder, sugar, and salt peter. The next summer, getting to use up all the engines we’d stockpiled, was glorious.
I had (maybe still have somewhere?) a book I'd ordered online as a youth, on how to do exactly that. They were somewhat fiddly, in the sense of being slightly lower-impulse, with clay nozzles and a hollow fuel grain. Never quite got around to making any. I should look for that book though. In any case, it's likely harder than it used to be to get saltpeter, which they just carried in the pharmacy.
I've still got mine somewhere, did get some pics with it. I was paranoid about losing it though, so I went with a couple big streamers instead of a parachute to get it closer to the launch site.
I'd love for these ideas to take hold at work, but I'm on the fringes in infosec, not a dev.
reply