generic_dev_47 (u/generic_dev_47)

generic_dev_47 commented on GitHub notification emails used to send malware ianspence.com/blog/2024-0... · Posted by u/crtasm

thephyber · a year ago

It’s a numbers game.

Nobody is perfect. The more features of credibility, most likely there will be a higher percentage of conversions. But not everybody has excellent vision, is not time-pressured, and is not tired/exhausted.

There are lots of conditions that make otherwise difficult fraud targets more easy to trick.

And if it can be done at large scale / automated, then small conversion rates turn into many successful frauds (compromised accounts).

generic_dev_47 · a year ago

Agree, I once fell for a scam that I think I otherwise wouldn't because of string of circumstances: Being tired and stressed, it being Christmas time and I had actually ordered stuff but also because I had just upgraded iOS to the first version that put the address bar in Safari on the bottom of the screen instead of the top so I forgot to check the domain!

I've since changed the address bar back to the top…

In the end I didn't loose anything but it was a good wakeup call for sure.

generic_dev_47 commented on Ask HN: I have diagnosed ADHD and cannot work with Slack anymore – advice? · Posted by u/throwaway91021

civilized · 3 years ago

I don't know how anyone lives without this. I have six desktops on my MBP with a similar organization:

1. Communication apps

2. Project management, todo lists

3+. Data science and work tools - RStudio, Excel, etc

There is a left-to-right flow: communication influences project roadmaps and to-do lists, which influence what actually gets done. You hang out on the right unless you need info from the left.

generic_dev_47 · 3 years ago

Thanks for explaining the reasoning of the left to right ordering, makes total sense! Will try this setup on Monday :-)

generic_dev_47 commented on Klarna users are being signed in to random accounts twitter.com/esraefe/statu... · Posted by u/danielstocks

AtNightWeCode · 5 years ago

I would expect this to happen if an option in the line of "serve stale content if target server is unreachable" is enabled.

generic_dev_47 · 5 years ago

Yes, you are right!

generic_dev_47 commented on Klarna users are being signed in to random accounts twitter.com/esraefe/statu... · Posted by u/danielstocks

generic_dev_47 · 5 years ago

I worked in a project over 10 years ago where something very similar happened!

We had built and authentication service that, among other things, was used by a SyncML service that was used back in the day of feature phones to syncs contacts etc. You can imagine that getting someone else's contacts on your phone isn't exactly ideal. This was how we came to know about the problem, from customers getting other customers data!

The error was caused by a CDN switch. Our instructions to the the CDN team responsible for the switch was "Make sure the CDN honors our cache headers, if our HTTP responses say something can be cached do so, if they say that the response should not be cached then don't". We were in at least three meetings where we repeated this mantra.

I believe that the CDN team thought that they had setup the CDN correctly but they had missed an edge case. The CDN was in fact setup to cache even uncacheable responses, and served those, _only_ when it could not reach our servers.

So if there was a traffic spike and the CDN determined that our authentication servers were unreachable it would fall back to serving data that should never have been cached in the first place! Happily returning tokens to random users that had authenticated just before the traffic spike...