This is absurd and impossible to remember, you should instead have at least 3 levels of password strenght, one high strenght for base services that are used to retrieve other accounts like facebook and e-mail, other for important services, and another for crap.
You're not expected to remember them all, you're expected to either wrote them down or use a password manager. That way you only really need to remember one very strong password.
Except that my 3 level system failed ages ago.
Originally I had one, then with more sites coming - several with bogus or recless implementation - it was extended to the aforementioned 3 tier one just to get f*cked up by 'knowing it better' god complex but stupid enforcers requesting or forbidding (!! how stupid is that!) characters. Not to mention leaks forcing me to introduce new ones, having eventually 5 layers with variations on each level because of the highly arbitrary rules of enforcers blocking my well thought of secure passwords.
All led to the situation that I have an encoded file on my computer with passwords (most just referrals/reminders/instructions not the actual password characters).
How stupid is that!
Writing down passwords!
Even into secured files, still, increased level of risk. A method with doubtful protection when someone is targeted for his/her secrets personally.
Stupid but that is reality.
Made necessary by recless developers.
The whole password infrastructure is dead as means of protection. It does not work against serious attackers, only agains random wanderers. And more and more against rightful users!
And the most was done to ruin it by those enforced the users to solve the problem on the user side that in fact lying in the system side.
Passwords will not fullfill their task if:
- allowing parties without permission to enter
- locking out righful parties
Very strict enforcers corrupt the system through the second point. Narrowmindedly focusing on not letting in unwanted elements cause the whole system to case working as intended, locking out and disallowing users to use it, defying the very purpose of existence.
Encouraging users not to use passwords that ever used by someone is just an extremely very radical level of enforcing and again trying to make users fix the inadequacy of the system developers.....
This is not solving systematic problems just conserving a bad habit plus making a bad situation even worse.
this one is quite amazing, I expected it to be one of the weakest around today, I certainly would include it in one of my first attempts if I tried to brute force any password.
There’s no guarantee those accounts hold any value, though. A throwaway account is the perfect chance for such a password — you won’t forget it and won’t care if you lose it.
Excellent point, I have developed in asp.net mvc for quite a while, but I am currently doing a asp.net core project, and it is a nightmare, there is absolutely nothing but the most basic libraries ported to core, even entity framework itself doesn't have lazy loading yet, which is the most basic feature anyone would want from ef.
My current dragon to slay is doing things with pdfs and reporting on asp.net core, there is nothing truly open source.
We tried actually, but the oddest thing happened to us, we could not connect to our database that way.
I even created a brand new .net core app and changed to target 4.7 as soon as the change is made we lose connection to database
VS 2017 has a template that lets you create a ASP.Net Core project using the .Net 4.6 Framework. You get all of the goodness of .Net Core Asp.Net and the compatibility of .Net 4.6
Do you actually ask them to do this on a piece of paper?
because I went through an interview process not too long ago, and they asked me to take a test that was actually very simple stuff, fibonacci sequence, dealing with strings, etc.
And for the life of me I just couldn't do it on paper, if I was still in college I might have done it, but now that I'm a professional developer, I DON'T code on paper anymore, it feels weird and awkward.
Maybe do a test, and let a few take the test on the computer, doesn't have to be in an IDE, just let them hack away at notepad, or something.
I know most people believe developers should be those guys that can code their way out of any problem with just matchsticks or something, but really, would you ever encounter a situation where you need a developer to actually write code on paper?
And before anyone says I'm just a bad programmer, I am usually the go to guy at my workplace, the guy that usually solves hard issues, and the more competent I become at actually useful stuff, and actual day to day programming challenges, the more I feel far from things like your test.
Alternatively, you could also use a real world problem, I think there is nothing that can get a guy to prove they are a good developer than making subtle bugs in some code and asking the guy to fix them.
I am not used to travel through air, but "Social Airline Tickets Bidding" got me kind of confused, I only undertood after reading below.
That is, if I understood. From what I gather, I sign up, name a price and a place, and you will Email me with offers that match my destination and price range?
And I can send to my friends through social networks?
Or am I wrong here?
Like I said, I don't travel through air much, and I don't live in the USA, so I wouldn't use a service like that, but that's me.
Also, make sure your link is in your header, it just says "Show HN:"
I could spend a little more time searching for a list of exclusively free habit forming tools (or prepare one) but that's not necessary to prove my point.
True, they may not disappear completely, but they definitely get filtered out over time. And imagine you're 25 years old and someone wants to bring up old, explicit photos of you at age 15...they would immediately open themselves up to some very serious criminal charges. So I would agree that these are likely to more or less fade away into the recesses of the internet.
Really? Are you in enterprise software or something? We (WePay) see less than 1% of our traffic and revenue from IE<=7, and that includes the data from our embeddable checkout flow. And of that tiny amount, most is related to our API.
We still officially support 7 for our offsite/embeddable stuff, but from the chatter I hear of the devs that are working on that stuff, the maintenance cost sounds higher than the revenue. Then again, that cost to us is yet another reason that people like our API, since its one less tedious thing for other devs to worry about in their checkout process.
International ecommerce, including China, I can't speak to the exact numbers but the revenue from 6 and 7 is in the millions so we're not quite out of that maintenance cost to revenue hasn't quite tipped yet. Though we do display the ie6countdown.com banner along (and I may have messed it up a bit to display for 7 as well.)
I don't think it would be THAT hard to add back in support for IE7. Also, I'm sure that not long after the release someone will make a forked version that supports IE7, since so many of us still need to support IE7.
In fact, it will be hard! They will use `box-sizing: border-box;`, which changes everything about width calculation and IE7 does not support this property.
There's a great reason. Browsers are advancing, and it makes sense to gradually take advantage of features as most of the mainstream browsers start supporting them.
The hacks required to make older versions behave tend to pile up with time, increasing complexity and maintenance overhead for the developers. There gets to be a point where the complexity and overhead is no longer worthwhile to appease a very slim demographic.
Just use older Bootstrap versions if you want older browser support. I don't want your legacy users slowing down the progression for the rest of the modern world :)
This 'very slim demographic' is more than 1 in 20 people on the web still, and catering to them has typically required very little (maybe a few extra lines of CSS; otherwise, modern websites work fine on IE7, just without the nice rounded corners and such). I'll be using Bootstrap 2.x until that statistic drops much lower.
Additional data point for all the people arguing about it deeper in comments: Firefox 3.6 had its last security update 9 months ago (2012-03-13) and hit official end of life from Mozilla a month later.
It's the 16th most popular user agent seen across the ~60,000 websites tracked by W3Counter. IE7 is the 7th. Dropping support for both will affect 1 in 20 visitors of the 'average' website (your particular audience may vary).
Hospitals and big companies lock down the computers, you can't install anything. If it comes with IE7, that's all you got.
And it's not because of these companies.
E.g. they need to run a specific custom version of SAP (accounting), which on turn crashes if any other browser is present. Upgrading would cost over $30M, so forget it for a while.
Or the hospital needs to validate the hardware + OS + software. Until GE does not support feature X they are stuck with the old version which requires a specific list of software to be installed.
You don't want to hear "sorry about the bad news last week that you have cancer - actually it was just a rendering glitch on your MRI due to the new Chrome version".
So life is a bit more complex than "just upgrade"...
To a degree, definitely. As someone who works in healthcare (both as a practitioner - paramedic), and whose other job is healthcare IT...
I know your example is exaggerated for effect, but there is (or should) be a difference between "general use" PCs in a hospital, and Patient Care / Management PCs (EHR, workflow automation, digital diagnostic imaging, pharmacy and the like). That in itself is a failling of healthcare IT policy.
Sure, your critical systems should all be be "certified", but even that is an area ripe for disruption - witness DrChrono in EHR, and I myself am working, or brainstorming on, better "field reporting" (i.e. 911 response laptops / tablets - most software in this field is horrific for usability, though admittedly there is pretty cool functionality, the ability to transmit 12-lead ECG to the hospital for prepping cath labs is fantastic) - definitely willing to talk to people interested in such a thing.
Edit: as an aside, I'm yet to see MRI software that wasn't driven by a Solaris backend, or even Irix, though that does demonstrate how this area works.
Not a lot, but they are there. I just pulled the Google Analytics numbers for one of my sites and over the past 30 days (3.3M visits) there were 3,003 visits with Firefox 3.6 (1.2% of all FF visits and .09% of all visits).
IE 7 is more common, there were 67,841 IE 7 visits. Worse still is the 12,188 IE 6 visits. Amazingly there were 78 IE 5.5 visits, the web must be a crazy place with IE 5.5.
I was using it this spring (2012) because I had a netbook running Ubuntu 9.04 (9.10 had failed to work properly). But after Google Docs began refusing to let me edit, I finally gave in and upgraded the netbook to 12.04, which has an up-to-date Firefox.
Still, I don't doubt that there are lots of public computers (in libraries, for example) running Firefox 3.6 today. I've seen even older.
