Programmer Humor

It's a sequence of problems that lead to this:

• The kernel driver should have parsed the update, or at a minimum it should have validated a signature, before trying to load it.
• There should not have been a mechanism to bypass Microsoft's certification.
• Microsoft should never have certified and signed a kernel driver that loads code without any kind signature verification, probably not at all.

Many people say Microsoft are not at fault here, but I believe they share the blame, they are responsible when they actually certify the kernel drivers that get shipped to customers.

I saw one rumor where they uploaded a gibberish file for some reason. In another, there was a Windows update that shipped just before they uploaded their well-tested update. The first is easy to avoid with a checksum. The second...I'm not sure...maybe only allow the installation if the windows update versions match (checksum again) :D

It's not hindsight, it's common sense. It's gross negligence on CS's part 100%

Great! Now when I brute force the login, I can tell my program to not waste time trying '_', 'b' and '8' and add Pi to the 6th place in every password, along with 2 capitals, 2 numbers and 2 other special characters.

Furthermore, I don't need to check passwords with less than 26 characters.

The modern direction is actually going the other way. Tying identity to hardware, preventing access on unapproved or uncompliant hardware. It has the advantage of allowing biometrics or things like simple pins. In an ideal world, SSO would ensure that every single account, across the many vendors, have these protections, although we are far from a perfect world.

Sorry, I don’t understand. Do you mean there have to be 6 digits of Pi in there, or the sixth character must be π? I’m down either way.