qwazix @qwazix@cybre.space

They say next week they'll start giving 30-somethings all the AstraZeneca vaccines the older ones refused to take. You bet I'll be the first in line.

"Sir..."

He never made long-term plans, yet nothing's more permanent than the temporary. In 14 years the word forever never crossed his mind. Yet it's like this deranged one managed to stamp it in his mind.

"Sir!"

"Yes, I'm sorry, how precise is this process?"

"Down to the byte, why?"

"I want 7 bytes purged."

"Forever?"

"Forever"

#tootfic #smallstories

#qwazixcooking sandwiches!

The good thing about software bloat is that once we can't make faster hardware anymore we can continue moore's law for another 20 years by debloating our software. And then all the device hoarding I've been doing will be justified at last.

While we're discussing whether toot should stay or go, the twitter-derived pattern of sometimes using the at-handle and others the "name" is just bad usability. There's no way to know whether the person I mentioned is the same that florped the ping, unless I click on it.

The robot's joints creaked and squeaked a bit more every day. The white marble of the stairs got a bit shinier with every brush of its rubber feet. There, day after day, he opened the black door that creaked like him, dropped the keys to the side shelf, a bit loudly, so she wouldn't be startled.

It had been years now that this was pointless. There wasn't even any point in going to work anymore. But he did, the same old ritual every day, including nodding hello to her empty desk, before heading back down for lubricant.

"Don't forget me", said the post-it on the old laptop with the missing keys.

#tootfic #smallstories

I forgot to take a screenshot but this time the same bank allowed a store to provide payments without https and their redirection service (which was encrypted) had a windows xp (!) screenshot of the firefox warning message "this information will be transferred unencrypted, do you want to proceed" and told me to click continue...

2FA doesn't do jack either. It's in the same iframe so it can be intercepted just as easily.

Yep, they still allow iframes...

This is completely illogical.

Fortunately I have keepass and it won't auto-fill the password to the wrong domain.

I once called another bank to ask if they have a domain under their control (I was 99% sure they did, but I wanted to ask anyway) and the response was "if it has our logo it's legit".

After a lot of pressure the rep said, "it isn't under our control" because they didn't know shit and didn't want to take responsibility.

it turns out it's their credit card processing system under that domain

My bank now requires to log in to their web banking after paying online with my credit card. They are literally setting up their customers to be fishing victims. Any random online store can redirect to a phishing page and who really does check domain names?

Also, a history of allowing verification steps from other domains and iframes has conditioned us well.

Their "solution" is to nag you everywhere about phishing with popups. Yeah, as if.