Security schmecurity!
-
A customer of mine was considering a third party product for some functionality they want. It's kind of a niche market and there is basically only this one vendor in the Netherlands for the product. There's another vendor, apparently, but they're not very big (and they have bad experiences with them), and there is one company who wrote their own. So anyway, I just went to this one vendor's website and the login/registration page, where I enter a username and password, company name, business identifier number, email and some other info, and IT'S NOT HTTPS!? :wtf: It literally says "Not secure" right there in the browser and somehow everyone is okay with this!? And it's not like I went to the HTTP site while I should've gone to the HTTPS site (but seriously, HSTS?) there really is no HTTPS available... If this is what they're offering I don't have much hope for their services, which is SOAP so my expectations weren't too high to begin with :sigh: The sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cost... :sigh:
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
-
A customer of mine was considering a third party product for some functionality they want. It's kind of a niche market and there is basically only this one vendor in the Netherlands for the product. There's another vendor, apparently, but they're not very big (and they have bad experiences with them), and there is one company who wrote their own. So anyway, I just went to this one vendor's website and the login/registration page, where I enter a username and password, company name, business identifier number, email and some other info, and IT'S NOT HTTPS!? :wtf: It literally says "Not secure" right there in the browser and somehow everyone is okay with this!? And it's not like I went to the HTTP site while I should've gone to the HTTPS site (but seriously, HSTS?) there really is no HTTPS available... If this is what they're offering I don't have much hope for their services, which is SOAP so my expectations weren't too high to begin with :sigh: The sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cost... :sigh:
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
Sander Rossel wrote:
The sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cost... :sigh:
Until something goes wrong and a lot of money is lost. Then they'll ask you why you didn't warn them :laugh:
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
-
Sander Rossel wrote:
The sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cost... :sigh:
Until something goes wrong and a lot of money is lost. Then they'll ask you why you didn't warn them :laugh:
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
Eddy Vluggen wrote:
Then they'll ask you why you didn't warn them
Oh, I'm going to :D This is a mortal sin and I'm going to smite some IT justice! :cool:
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
-
A customer of mine was considering a third party product for some functionality they want. It's kind of a niche market and there is basically only this one vendor in the Netherlands for the product. There's another vendor, apparently, but they're not very big (and they have bad experiences with them), and there is one company who wrote their own. So anyway, I just went to this one vendor's website and the login/registration page, where I enter a username and password, company name, business identifier number, email and some other info, and IT'S NOT HTTPS!? :wtf: It literally says "Not secure" right there in the browser and somehow everyone is okay with this!? And it's not like I went to the HTTP site while I should've gone to the HTTPS site (but seriously, HSTS?) there really is no HTTPS available... If this is what they're offering I don't have much hope for their services, which is SOAP so my expectations weren't too high to begin with :sigh: The sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cost... :sigh:
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
Sander Rossel wrote:
...something or other...
So anyway, I am currently drinking Dutch Windmill as it is selling for AUD$30.00 a carton and beer prices haven't been that cheap in Australia since like the turn of the century. Am I drinking the Netherlands equivalent of Fosters? Have you heard of it? On the side it says it is made in the Netherlands so not some Australian company taking the piss.
Michael Martin Australia "I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible." - Mr.Prakash One Fine Saturday. 24/04/2004
-
Sander Rossel wrote:
...something or other...
So anyway, I am currently drinking Dutch Windmill as it is selling for AUD$30.00 a carton and beer prices haven't been that cheap in Australia since like the turn of the century. Am I drinking the Netherlands equivalent of Fosters? Have you heard of it? On the side it says it is made in the Netherlands so not some Australian company taking the piss.
Michael Martin Australia "I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible." - Mr.Prakash One Fine Saturday. 24/04/2004
In holland we call this: 'Slootwater' or 'Uilenzijk'… 'course, I've never been there - but doesn't sound good... :~
-
Sander Rossel wrote:
...something or other...
So anyway, I am currently drinking Dutch Windmill as it is selling for AUD$30.00 a carton and beer prices haven't been that cheap in Australia since like the turn of the century. Am I drinking the Netherlands equivalent of Fosters? Have you heard of it? On the side it says it is made in the Netherlands so not some Australian company taking the piss.
Michael Martin Australia "I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible." - Mr.Prakash One Fine Saturday. 24/04/2004
Michael Martin wrote:
... so not some Australian company making the piss.
Michael Martin
FTFY!
Sent from my Amstrad PC 1640 Never throw anything away, Griff Bad command or file name. Bad, bad command! Sit! Stay! Staaaay... AntiTwitter: @DalekDave is now a follower!
-
A customer of mine was considering a third party product for some functionality they want. It's kind of a niche market and there is basically only this one vendor in the Netherlands for the product. There's another vendor, apparently, but they're not very big (and they have bad experiences with them), and there is one company who wrote their own. So anyway, I just went to this one vendor's website and the login/registration page, where I enter a username and password, company name, business identifier number, email and some other info, and IT'S NOT HTTPS!? :wtf: It literally says "Not secure" right there in the browser and somehow everyone is okay with this!? And it's not like I went to the HTTP site while I should've gone to the HTTPS site (but seriously, HSTS?) there really is no HTTPS available... If this is what they're offering I don't have much hope for their services, which is SOAP so my expectations weren't too high to begin with :sigh: The sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cost... :sigh:
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
Well, Honesty goes a long way[^]... :-D
Anything that is unrelated to elephants is irrelephant
Anonymous
-----
The problem with quotes on the internet is that you can never tell if they're genuine
Winston Churchill, 1944
-----
Never argue with a fool. Onlookers may not be able to tell the difference.
Mark Twain -
Sander Rossel wrote:
...something or other...
So anyway, I am currently drinking Dutch Windmill as it is selling for AUD$30.00 a carton and beer prices haven't been that cheap in Australia since like the turn of the century. Am I drinking the Netherlands equivalent of Fosters? Have you heard of it? On the side it says it is made in the Netherlands so not some Australian company taking the piss.
Michael Martin Australia "I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible." - Mr.Prakash One Fine Saturday. 24/04/2004
Affectionately known as Slootwater by the locals.
Wrong is evil and must be defeated. - Jeff Ello
-
A customer of mine was considering a third party product for some functionality they want. It's kind of a niche market and there is basically only this one vendor in the Netherlands for the product. There's another vendor, apparently, but they're not very big (and they have bad experiences with them), and there is one company who wrote their own. So anyway, I just went to this one vendor's website and the login/registration page, where I enter a username and password, company name, business identifier number, email and some other info, and IT'S NOT HTTPS!? :wtf: It literally says "Not secure" right there in the browser and somehow everyone is okay with this!? And it's not like I went to the HTTP site while I should've gone to the HTTPS site (but seriously, HSTS?) there really is no HTTPS available... If this is what they're offering I don't have much hope for their services, which is SOAP so my expectations weren't too high to begin with :sigh: The sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cost... :sigh:
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
It could be fixed in about 10 minutes and for free, there are services like cloudflare that will allow you to redirect the dns in order to serve HTTPS.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
Sander Rossel wrote:
...something or other...
So anyway, I am currently drinking Dutch Windmill as it is selling for AUD$30.00 a carton and beer prices haven't been that cheap in Australia since like the turn of the century. Am I drinking the Netherlands equivalent of Fosters? Have you heard of it? On the side it says it is made in the Netherlands so not some Australian company taking the piss.
Michael Martin Australia "I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible." - Mr.Prakash One Fine Saturday. 24/04/2004
I've never heard of Dutch Windmill, but I don't drink beer.
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
-
Sander Rossel wrote:
...something or other...
So anyway, I am currently drinking Dutch Windmill as it is selling for AUD$30.00 a carton and beer prices haven't been that cheap in Australia since like the turn of the century. Am I drinking the Netherlands equivalent of Fosters? Have you heard of it? On the side it says it is made in the Netherlands so not some Australian company taking the piss.
Michael Martin Australia "I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible." - Mr.Prakash One Fine Saturday. 24/04/2004
-
Sander Rossel wrote:
...something or other...
So anyway, I am currently drinking Dutch Windmill as it is selling for AUD$30.00 a carton and beer prices haven't been that cheap in Australia since like the turn of the century. Am I drinking the Netherlands equivalent of Fosters? Have you heard of it? On the side it says it is made in the Netherlands so not some Australian company taking the piss.
Michael Martin Australia "I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible." - Mr.Prakash One Fine Saturday. 24/04/2004
-
A customer of mine was considering a third party product for some functionality they want. It's kind of a niche market and there is basically only this one vendor in the Netherlands for the product. There's another vendor, apparently, but they're not very big (and they have bad experiences with them), and there is one company who wrote their own. So anyway, I just went to this one vendor's website and the login/registration page, where I enter a username and password, company name, business identifier number, email and some other info, and IT'S NOT HTTPS!? :wtf: It literally says "Not secure" right there in the browser and somehow everyone is okay with this!? And it's not like I went to the HTTP site while I should've gone to the HTTPS site (but seriously, HSTS?) there really is no HTTPS available... If this is what they're offering I don't have much hope for their services, which is SOAP so my expectations weren't too high to begin with :sigh: The sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cost... :sigh:
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
My town's council website (a subdomain under .GOV.UK no less) has a Security/Privacy policy that proudly states that all data is secured using SSL protocols and that they take security very seriously. Go to the login, forgot password (which invites you to enter a new password and sends a confirmation link to you), or signup pages - all are on plain HTTP. Of course both my browser and my antivirus barf at that, and I have to explicitly override the warnings. I've told them several times now but they don't seem bothered. For one thing, they don't have many people using the online services. I wonder why not... :doh:
-
A customer of mine was considering a third party product for some functionality they want. It's kind of a niche market and there is basically only this one vendor in the Netherlands for the product. There's another vendor, apparently, but they're not very big (and they have bad experiences with them), and there is one company who wrote their own. So anyway, I just went to this one vendor's website and the login/registration page, where I enter a username and password, company name, business identifier number, email and some other info, and IT'S NOT HTTPS!? :wtf: It literally says "Not secure" right there in the browser and somehow everyone is okay with this!? And it's not like I went to the HTTP site while I should've gone to the HTTPS site (but seriously, HSTS?) there really is no HTTPS available... If this is what they're offering I don't have much hope for their services, which is SOAP so my expectations weren't too high to begin with :sigh: The sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cost... :sigh:
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
Sander Rossel wrote:
he sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cos
So what profession do you have that might interest their clients, like your employer?
CQ de W5ALT
Walt Fair, Jr., P. E. Comport Computing Specializing in Technical Engineering Software
-
Sander Rossel wrote:
he sad truth is that most of their clients don't care about IT and/or security, it's just a necessary evil and a huge cos
So what profession do you have that might interest their clients, like your employer?
CQ de W5ALT
Walt Fair, Jr., P. E. Comport Computing Specializing in Technical Engineering Software
Their clients (and my client) are all in the meat business, slaughterhouses, butchers, even the breeders. They deal with (dead) animals, not with IT. Since it's a multi-million € business that's heavily regulated by the government they can't quite do without IT though, but only the bare minimum.
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
-
My town's council website (a subdomain under .GOV.UK no less) has a Security/Privacy policy that proudly states that all data is secured using SSL protocols and that they take security very seriously. Go to the login, forgot password (which invites you to enter a new password and sends a confirmation link to you), or signup pages - all are on plain HTTP. Of course both my browser and my antivirus barf at that, and I have to explicitly override the warnings. I've told them several times now but they don't seem bothered. For one thing, they don't have many people using the online services. I wonder why not... :doh:
Isn't it even against EU regulations now with GDPR and all? According to this blog it is...[^]
Best, Sander sanderrossel.com Continuous Integration, Delivery, and Deployment arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
