Stupid corporate anti-virus firewall blocking my incoming broadcast packets
Spent an entire day asking whyyyyyy
Double checking that I was binding to the right interface
Testing other packet types - unicast, multicast
And it was the firewall blocking incoming broadcast packets to the socket
Turns out, though, that if you use the same socket to send any data out, it allows broadcast packets to be received on that socket for about 3-5s
So now, I am adding a "Firewall Workaround" option, where all it does it pick a random port, and periodically sends out a dud packet
Just had to vent.
The joys of getting around network firewalls. I had something similar in one of my projects where sometimes multicast traffic wouldn't get through... for a system where nodes discovered each other through multicast! Fun!
I ran into a problem a while back where all of a sudden all my web requests sent programatically were getting a 403. Seems IT had the brilliant idea to block all versions of JAVA but ONE and not tell anyone. I spent HOURS debugging my shit. And guess what? ITS HAPPENING AGAIN!!! What version of JAVA is it this time? No one seems to know. Fantastic!
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
+1
Options
jaziekBad at everythingAnd mad about it.Registered Userregular
edited January 2013
More MVC Nub questions
ok, so I got the dropdown lists to populate from the database table that I want them to, so that's fine, but when I select my item and hit submit, it doesn't actually pass the selected item to the create method properly.
What I'm trying to do is create a pair by selecting two players from a list of all players. Then (haven't actually done this yet, but it'll be easy) infer the Pair type (mixed, mens, ladies) based on the genders of the two selected players.
//
// GET: /Pair/Create
public ActionResult Create()
{
ViewBag.Players = new SelectList(db.Players, "PlayerID", "playerName");
return View();
}
//
// POST: /Pair/Create
[HttpPost]
public ActionResult Create(DoublesPair doublespair)
{
if (ModelState.IsValid)
{
db.Pairs.Add(doublespair);
db.SaveChanges();
return RedirectToAction("Index");
}
return View(doublespair);
}
and there's the relevant controller code.
In the debugger I can see that the values which I thought would be set by selecting an item in the dropdown are apparently still null. So what do I need to do to actually get them to post?
In my mind, my code is pretty much the same as the tutorial I'm using, but it just isn't working.
Haha oh man... So my coworker is trying to reset his password for his student loans. In the "These are the password requirements" section the following shows up:
Haha oh man... So my coworker is trying to reset his password for his student loans. In the "These are the password requirements" section the following shows up:
I'm sure they're checking it before hashing it when you set your password to make sure you're meeting their minimum password strength requirements.
The strength requirement is fine. But why limit the upper bound? And, why limit what character they can use? They're expressly forbidding quotes and parenthesis, and punctuation of most sorts (SQL specific punctuation in this case, commas and periods most notably)
Once you hash why do you give a fuck if it looks like little bobby tables?
That screams "I am storing this in plain text."
You'd also be surprised at just how many people don't know what the fuck hashing is or why it's important. I got into a fight with someone on reddit because he told me hashing a SSN was useful. And also I had to explain the difference between 1-way and 2-way encryption. That was a load of laughs. Makes me wonder what these people who pay for that fancy 4 year degree really learned or paid for.
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
Government systems are the worst... My wife's government retirement plan has a 8 digit password length limit. However if you are logged in it'll let you change your password to more than 8 characters... Resulting in locking you out and having to request a password reset where they send you the reset password in a print out through the actual USPS.
And now for Jimmy's adventures in deciphering code written by a fucking retard.
Our old sms platform had some integration with a hospital where we would send out sms appointment reminders. They upload an xml file to us, the format of which has never been documented, to an ftp server, which has also never been documented. Today I have to figure out how this works so that our property that made this deal can work to get it set up with a different provider. I figure I'll start by searching the old c++ code for "appointment" and I find this.
bool ProcessAppointmentData(CNIVoteData &niVoteData); // implemented in NIVoteProcessSCAGameData.cpp
CNIVoteData... because an appointment reminder is an sms poll/vote, right? And implemented in NIVoteProcessSCAGameData? SCA is an online random number/drawing based gaming vendor. So, yeah, implementing hospital appointment reminders there makes total sense.
If you want me to hunt you down and kill you, you goddamned stupid son of a bitch
That's bad. In order to set up direct deposit for SSI, you need to have a password printed out and sent to your address.
You can't do it online. At all. Maybe they've changed it in the past 6 months. Silly government.
Yeah, my local county can e-mail me my password to get into my county account for paying local taxes, etc. I sent them a giant ass tirade about it, but never got a response and it hasn't changed in well over a year since I did that.
I'm going to assume that people who made the comment to me on reddit about hashing SSNs as a totally legit way to store that information work for local and state governments because no one else will hire them. Not that all those people are dumb or anything, but golly gee some of those people sure do make terrible decisions.
bowen on
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
Makes me wonder what these people who pay for that fancy 4 year degree really learned or paid for.
The answer is most likely "nothing practical". Or maybe that was just my experience. Like, I'm sure I got a decent foundation that still helps to this day but without the Internet I would be completely clueless.
On government systems sucking... if I ever want to use our state job search site again (all state jobs, some private jobs) I have to call my local employment office to reset my password. Or something. I haven't done it or even tried logging in in a few years.
But it could be worse. There's one state website (I forget what) that only works with IE 6-8. As in, it will most certainly not work with IE 9. At least that was the case last year.
I'm sure they're checking it before hashing it when you set your password to make sure you're meeting their minimum password strength requirements.
The strength requirement is fine. But why limit the upper bound? And, why limit what character they can use? They're expressly forbidding quotes and parenthesis, and punctuation of most sorts (SQL specific punctuation in this case, commas and periods most notably)
Once you hash why do you give a fuck if it looks like little bobby tables?
That screams "I am storing this in plain text."
You'd also be surprised at just how many people don't know what the fuck hashing is or why it's important. I got into a fight with someone on reddit because he told me hashing a SSN was useful. And also I had to explain the difference between 1-way and 2-way encryption. That was a load of laughs. Makes me wonder what these people who pay for that fancy 4 year degree really learned or paid for.
I am confused. Are you saying you wanted them to encrypt (aka two way) the SSN instead of hashing it? Or are you complaining that they aren't using a salt with the hash?
0
Options
GnomeTankWhat the what?Portland, OregonRegistered Userregular
I'm going to assume that people who made the comment to me on reddit about hashing SSNs as a totally legit way to store that information work for local and state governments because no one else will hire them. Not that all those people are dumb or anything, but golly gee some of those people sure do make terrible decisions.
No, it's pretty much true. Working for the federal government, I can tell you that an abnormally high amount of developers here are the dregs of developer society. I don't think many of them could actually work at a commercial software development house.
Some of the laziest developers I've ever met, in terms of pride in their code output and attention to detail, I've met here.
Checking in broken code is kind of a 'thing' here, and no one gets in trouble for it. Hell, we have a couple of guys who very routinely don't even do a simple build/run test before checking code in. We've seen people check in classes without interface implementations (which obviously a simple re-build would point out). I became the defacto person to explain MVVM, Prism and composite applications to some of these people. A true lesson in frustration.
They have our executive assistant doing phone interviews now. He has a "cheat sheet" for when he asks questions to get the appropriate answer. The guy can't even make coffee and we're putting him in charge of hiring developers?
I'm sure they're checking it before hashing it when you set your password to make sure you're meeting their minimum password strength requirements.
The strength requirement is fine. But why limit the upper bound? And, why limit what character they can use? They're expressly forbidding quotes and parenthesis, and punctuation of most sorts (SQL specific punctuation in this case, commas and periods most notably)
Once you hash why do you give a fuck if it looks like little bobby tables?
That screams "I am storing this in plain text."
You'd also be surprised at just how many people don't know what the fuck hashing is or why it's important. I got into a fight with someone on reddit because he told me hashing a SSN was useful. And also I had to explain the difference between 1-way and 2-way encryption. That was a load of laughs. Makes me wonder what these people who pay for that fancy 4 year degree really learned or paid for.
I am confused. Are you saying you wanted them to encrypt (aka two way) the SSN instead of hashing it? Or are you complaining that they aren't using a salt with the hash?
That a 1 way encryption is useless for an SSN.
Are you using it for a login ID or password? Well that's kind of pointless. I guess you could do it. Why would you want to? The only way a 1-way encryption (hash) makes sense for an SSN is if someone is inputting it. Why would you want someone to do this on a regular basis? (thus, you can compare the hash values)
Do you need it? Okay, I'm going to assume you're a financial or a hospital that needs to recall the SSN. How does hashing help you? You can't reverse it to get the original back. So your obvious solution there is to encrypt it. You could store it plain text, I suppose, but that's a pretty risk thing to do if you database gets jacked.
So hashing an SSN has 0 practical purposes. You can just as easily substitute a user ID in place of it.
This guy was adamant that storing SSN as a hash was useful for security purposes, which, yes, hashing is secure okay. But what good did that do you? Like I said there are other security concerns there if it's a type of field that can be hashed (userid/password).
bowen on
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
No, it's pretty much true. Working for the federal government, I can tell you that an abnormally high amount of developers here are the dregs of developer society. I don't think many of them could actually work at a commercial software development house.
That is an absolutely terrifying quote given the incompetence of developers I've run into in commercial software shops.
I'm sure they're checking it before hashing it when you set your password to make sure you're meeting their minimum password strength requirements.
The strength requirement is fine. But why limit the upper bound? And, why limit what character they can use? They're expressly forbidding quotes and parenthesis, and punctuation of most sorts (SQL specific punctuation in this case, commas and periods most notably)
Once you hash why do you give a fuck if it looks like little bobby tables?
That screams "I am storing this in plain text."
You'd also be surprised at just how many people don't know what the fuck hashing is or why it's important. I got into a fight with someone on reddit because he told me hashing a SSN was useful. And also I had to explain the difference between 1-way and 2-way encryption. That was a load of laughs. Makes me wonder what these people who pay for that fancy 4 year degree really learned or paid for.
I am confused. Are you saying you wanted them to encrypt (aka two way) the SSN instead of hashing it? Or are you complaining that they aren't using a salt with the hash?
That a 1 way encryption is useless for an SSN.
Are you using it for a login ID or password? Well that's kind of pointless. I guess you could do it. Why would you want to? The only way a 1-way encryption (hash) makes sense for an SSN is if someone is inputting it. Why would you want someone to do this on a regular basis? (thus, you can compare the hash values)
Do you need it? Okay, I'm going to assume you're a financial or a hospital that needs to recall the SSN. How does hashing help you? You can't reverse it to get the original back. So your obvious solution there is to encrypt it. You could store it plain text, I suppose, but that's a pretty risk thing to do if you database gets jacked.
So hashing an SSN has 0 practical purposes. You can just as easily substitute a user ID in place of it.
This guy was adamant that storing SSN as a hash was useful for security purposes, which, yes, hashing is secure okay. But what good did that do you? Like I said there are other security concerns there if it's a type of field that can be hashed (userid/password).
Your presumption on banks not asking for a SSN means you haven't dealt with fraud / insurance calls / and other higher level account problems over the phone. In some of those cases they will require you give them a SSN / partial SSN as a step of the verification. In both of those cases you don't want the teller / agent to know the correct SSN so they can't leak it. It makes sense than to use 1 way hash in those use cases. And on to this that US banks require a SSN to open an account and you can see why it has been chosen as a part of the unique identification of customers when dealing with in person or on the phone.
The argument is pretty pointless, SSN is a bad form of identification, but I doubt it will go away any time soon.
Yeah that's the only case where the hash would be useful. Even then, you've still got to know the first X digits you're not asking. So you'd still have to either have the encrypted form as well as the hash (kind of defeats the hash if someone jacks the DB, still), or, you're asking for the full monty over the phone (which could be a security risk with people). I'd trust the person who jacks the DB more than my own employee, actually. It's less likely to occur, anyways.
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
Yeah that's the only case where the hash would be useful. Even then, you've still got to know the first X digits you're not asking. So you'd still have to either have the encrypted form as well as the hash (kind of defeats the hash if someone jacks the DB, still), or, you're asking for the full monty over the phone (which could be a security risk with people). I'd trust the person who jacks the DB more than my own employee, actually. It's less likely to occur, anyways.
You can store the last 4 hashed and the full SSN hashed...
You never show valid SSN to employees no matter the way you store them (hash/encrypt/plain text).
That's true, you could do it that way. No point in storing the full SSN hash either way? You can't transmute the 4 digit into the 9 digit hash without knowing the other 5. Unless I'm vastly overthinking it.
I guess you could write a custom special "SSN Hash" that allows you to additive a 5 digit hash and a 4 digit hash to get the full 9 digit hash?
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
No, it's pretty much true. Working for the federal government, I can tell you that an abnormally high amount of developers here are the dregs of developer society. I don't think many of them could actually work at a commercial software development house.
That is an absolutely terrifying quote given the incompetence of developers I've run into in commercial software shops.
That's true, you could do it that way. No point in storing the full SSN hash either way? You can't transmute the 4 digit into the 9 digit hash without knowing the other 5. Unless I'm vastly overthinking it.
I guess you could write a custom special "SSN Hash" that allows you to additive a 5 digit hash and a 4 digit hash to get the full 9 digit hash?
You could. I was thinking of just storing the 9 and 4 in two different fields.
0
Options
GnomeTankWhat the what?Portland, OregonRegistered Userregular
No, it's pretty much true. Working for the federal government, I can tell you that an abnormally high amount of developers here are the dregs of developer society. I don't think many of them could actually work at a commercial software development house.
That is an absolutely terrifying quote given the incompetence of developers I've run into in commercial software shops.
It is equally bad everywhere.
It's indicative of the fact that software development is still a boom industry, and still has more jobs than people to fill them. It's compounded by the fact that colleges are still turning out students strong in theory, yet completely incapable of doing real world development.
I guess in some ways, we should all be happy the industry still supports bottom feeders. That means there are plenty of jobs still available for us, even if we have to displace those people.
No, it's pretty much true. Working for the federal government, I can tell you that an abnormally high amount of developers here are the dregs of developer society. I don't think many of them could actually work at a commercial software development house.
That is an absolutely terrifying quote given the incompetence of developers I've run into in commercial software shops.
It is equally bad everywhere.
It's indicative of the fact that software development is still a boom industry, and still has more jobs than people to fill them. It's compounded by the fact that colleges are still turning out students strong in theory, yet completely incapable of doing real world development.
I guess in some ways, we should all be happy the industry still supports bottom feeders. That means there are plenty of jobs still available for us, even if we have to displace those people.
I work work with some great Government employees. I expect the quality of employee is related to the division and the tasks you are working on. If you are writing internal CRUD code I expect lesser quality devs compared to people writing something like next generation reactor design.
Software's only a boom industry if you consider the fact most people want me to work for $20,000 a year with no benefits.
And that there's a shortage of qualified candidates with 15 years of experience in windows 8 and WPF.
Part of that is where you live broheimer. You live in like the wasteland of technology, middle America. If you live on the coasts, development jobs are plentiful, and no one is asking you to take 20k with no benefits.
No, it's pretty much true. Working for the federal government, I can tell you that an abnormally high amount of developers here are the dregs of developer society. I don't think many of them could actually work at a commercial software development house.
That is an absolutely terrifying quote given the incompetence of developers I've run into in commercial software shops.
It is equally bad everywhere.
It's indicative of the fact that software development is still a boom industry, and still has more jobs than people to fill them. It's compounded by the fact that colleges are still turning out students strong in theory, yet completely incapable of doing real world development.
I guess in some ways, we should all be happy the industry still supports bottom feeders. That means there are plenty of jobs still available for us, even if we have to displace those people.
I work work with some great Government employees. I expect the quality of employee is related to the division and the tasks you are working on. If you are writing internal CRUD code I expect lesser quality devs compared to people writing something like next generation reactor design.
We have some great developers here, I didn't say they were all terrible. My direct team has some great guys on it, but we are also like the Navy SEALS of development for this agency. We literally get HALO jumped in to failing projects to fix them and get them back on budget and schedule. I've seen first hand the destruction wrought by incapable developers that can't be gotten rid of because they are government employees with tenure.
Software's only a boom industry if you consider the fact most people want me to work for $20,000 a year with no benefits.
And that there's a shortage of qualified candidates with 15 years of experience in windows 8 and WPF.
Part of that is where you live broheimer. You live in like the wasteland of technology, middle America. If you live on the coasts, development jobs are plentiful, and no one is asking you to take 20k with no benefits.
East coast here man. I'm 6 hours from NYC or Boston.
It's been improving lately though, I saw a 40k one for a business that offered me $10 an hour 3 years ago.
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
Software's only a boom industry if you consider the fact most people want me to work for $20,000 a year with no benefits.
And that there's a shortage of qualified candidates with 15 years of experience in windows 8 and WPF.
Part of that is where you live broheimer. You live in like the wasteland of technology, middle America. If you live on the coasts, development jobs are plentiful, and no one is asking you to take 20k with no benefits.
East coast here man. I'm 6 hours from NYC or Boston.
It's been improving lately though, I saw a 40k one for a business that offered me $10 an hour 3 years ago.
Thought you lived in Wisconsin.
I have a C# developer buddy who lives in NJ, and he never gets offered less than 100k a year. To be fair, that's at NJ/NY costs of living, but still. I still go with the fact that it's the specific area you live in. Out here on the Left Coast, I've never even been sniffed at for less than 90k+ benefits.
In fact, I would say being that close to Boston/NYC without being in Boston/NYC hurts you. All the best development jobs are going to be in those cities.
Software's only a boom industry if you consider the fact most people want me to work for $20,000 a year with no benefits.
And that there's a shortage of qualified candidates with 15 years of experience in windows 8 and WPF.
Part of that is where you live broheimer. You live in like the wasteland of technology, middle America. If you live on the coasts, development jobs are plentiful, and no one is asking you to take 20k with no benefits.
East coast here man. I'm 6 hours from NYC or Boston.
It's been improving lately though, I saw a 40k one for a business that offered me $10 an hour 3 years ago.
Thought you lived in Wisconsin.
I have a C# developer buddy who lives in NJ, and he never gets offered less than 100k a year. To be fair, that's at NJ/NY costs of living, but still. I still go with the fact that it's the specific area you live in. Out here on the Left Coast, I've never even been sniffed at for less than 90k+ benefits.
In fact, I would say being that close to Boston/NYC without being in Boston/NYC hurts you. All the best development jobs are going to be in those cities.
I agree with this. Boston/NYC jobs even with cost of living difference are better paying than upstate NY.
+1
Options
GnomeTankWhat the what?Portland, OregonRegistered Userregular
Upstate New York is almost famous (infamous?) for being a shit hole for developers to work. Unless you are one of the lucky few who got one of those 100% telecommute jobs Global Foundries had up for a while (one of my ex-coworkers got one of those, he's working from his bungalow in Costa Rica...no I'm not kidding).
Posts
ok, so I got the dropdown lists to populate from the database table that I want them to, so that's fine, but when I select my item and hit submit, it doesn't actually pass the selected item to the create method properly.
What I'm trying to do is create a pair by selecting two players from a list of all players. Then (haven't actually done this yet, but it'll be easy) infer the Pair type (mixed, mens, ladies) based on the genders of the two selected players.
@model Tournament.Models.DoublesPair @{ ViewBag.Title = "Create"; } <h2>Create</h2> @using (Html.BeginForm()) { @Html.ValidationSummary(true) <fieldset> <legend>DoublesPair</legend> <div class="editor-label"> @Html.LabelFor(model => model.Player1) </div> <div class="editor-field"> @Html.DropDownList("Players", String.Empty) @Html.ValidationMessageFor(model => model.Player1.PlayerName) </div> <div class="editor-label"> @Html.LabelFor(model => model.Player2) </div> <div class="editor-field"> @Html.DropDownList("Players", String.Empty) @Html.ValidationMessageFor(model => model.Player2.PlayerName) </div> <p> <input type="submit" value="Create" /> </p> </fieldset> } <div> @Html.ActionLink("Back to List", "Index") </div> @section Scripts { @Scripts.Render("~/bundles/jqueryval") }// // GET: /Pair/Create public ActionResult Create() { ViewBag.Players = new SelectList(db.Players, "PlayerID", "playerName"); return View(); } // // POST: /Pair/Create [HttpPost] public ActionResult Create(DoublesPair doublespair) { if (ModelState.IsValid) { db.Pairs.Add(doublespair); db.SaveChanges(); return RedirectToAction("Index"); } return View(doublespair); }In my mind, my code is pretty much the same as the tutorial I'm using, but it just isn't working.
^(?=.*[a-zA-Z])(?=.*[0-9])[a-zA-Z0-9~!@#$%^&*]{8,20}$How is a person, who isn't a CS nerd, going to figure that out?
They aren't.
And if it was hashed, you could use any fucking thing as your password. Anything.
The strength requirement is fine. But why limit the upper bound? And, why limit what character they can use? They're expressly forbidding quotes and parenthesis, and punctuation of most sorts (SQL specific punctuation in this case, commas and periods most notably)
Once you hash why do you give a fuck if it looks like little bobby tables?
That screams "I am storing this in plain text."
You'd also be surprised at just how many people don't know what the fuck hashing is or why it's important. I got into a fight with someone on reddit because he told me hashing a SSN was useful. And also I had to explain the difference between 1-way and 2-way encryption. That was a load of laughs. Makes me wonder what these people who pay for that fancy 4 year degree really learned or paid for.
Nintendo ID: Incindium
PSN: IncindiumX
Our old sms platform had some integration with a hospital where we would send out sms appointment reminders. They upload an xml file to us, the format of which has never been documented, to an ftp server, which has also never been documented. Today I have to figure out how this works so that our property that made this deal can work to get it set up with a different provider. I figure I'll start by searching the old c++ code for "appointment" and I find this.
CNIVoteData... because an appointment reminder is an sms poll/vote, right? And implemented in NIVoteProcessSCAGameData? SCA is an online random number/drawing based gaming vendor. So, yeah, implementing hospital appointment reminders there makes total sense.
You can't do it online. At all. Maybe they've changed it in the past 6 months. Silly government.
The answer is most likely "nothing practical". Or maybe that was just my experience. Like, I'm sure I got a decent foundation that still helps to this day but without the Internet I would be completely clueless.
On government systems sucking... if I ever want to use our state job search site again (all state jobs, some private jobs) I have to call my local employment office to reset my password. Or something. I haven't done it or even tried logging in in a few years.
But it could be worse. There's one state website (I forget what) that only works with IE 6-8. As in, it will most certainly not work with IE 9. At least that was the case last year.
I am confused. Are you saying you wanted them to encrypt (aka two way) the SSN instead of hashing it? Or are you complaining that they aren't using a salt with the hash?
No, it's pretty much true. Working for the federal government, I can tell you that an abnormally high amount of developers here are the dregs of developer society. I don't think many of them could actually work at a commercial software development house.
Some of the laziest developers I've ever met, in terms of pride in their code output and attention to detail, I've met here.
Checking in broken code is kind of a 'thing' here, and no one gets in trouble for it. Hell, we have a couple of guys who very routinely don't even do a simple build/run test before checking code in. We've seen people check in classes without interface implementations (which obviously a simple re-build would point out). I became the defacto person to explain MVVM, Prism and composite applications to some of these people. A true lesson in frustration.
That a 1 way encryption is useless for an SSN.
Are you using it for a login ID or password? Well that's kind of pointless. I guess you could do it. Why would you want to? The only way a 1-way encryption (hash) makes sense for an SSN is if someone is inputting it. Why would you want someone to do this on a regular basis? (thus, you can compare the hash values)
Do you need it? Okay, I'm going to assume you're a financial or a hospital that needs to recall the SSN. How does hashing help you? You can't reverse it to get the original back. So your obvious solution there is to encrypt it. You could store it plain text, I suppose, but that's a pretty risk thing to do if you database gets jacked.
So hashing an SSN has 0 practical purposes. You can just as easily substitute a user ID in place of it.
This guy was adamant that storing SSN as a hash was useful for security purposes, which, yes, hashing is secure okay. But what good did that do you? Like I said there are other security concerns there if it's a type of field that can be hashed (userid/password).
Your presumption on banks not asking for a SSN means you haven't dealt with fraud / insurance calls / and other higher level account problems over the phone. In some of those cases they will require you give them a SSN / partial SSN as a step of the verification. In both of those cases you don't want the teller / agent to know the correct SSN so they can't leak it. It makes sense than to use 1 way hash in those use cases. And on to this that US banks require a SSN to open an account and you can see why it has been chosen as a part of the unique identification of customers when dealing with in person or on the phone.
The argument is pretty pointless, SSN is a bad form of identification, but I doubt it will go away any time soon.
You can store the last 4 hashed and the full SSN hashed...
You never show valid SSN to employees no matter the way you store them (hash/encrypt/plain text).
I guess you could write a custom special "SSN Hash" that allows you to additive a 5 digit hash and a 4 digit hash to get the full 9 digit hash?
It is equally bad everywhere.
You could. I was thinking of just storing the 9 and 4 in two different fields.
It's indicative of the fact that software development is still a boom industry, and still has more jobs than people to fill them. It's compounded by the fact that colleges are still turning out students strong in theory, yet completely incapable of doing real world development.
I guess in some ways, we should all be happy the industry still supports bottom feeders. That means there are plenty of jobs still available for us, even if we have to displace those people.
And that there's a shortage of qualified candidates with 15 years of experience in windows 8 and WPF.
I work work with some great Government employees. I expect the quality of employee is related to the division and the tasks you are working on. If you are writing internal CRUD code I expect lesser quality devs compared to people writing something like next generation reactor design.
Though it would not surprise me if the quality for that was also... sub-par compared to a commercial vendor.
I would love to see what the code quality of something like AutoCAD is currently.
Part of that is where you live broheimer. You live in like the wasteland of technology, middle America. If you live on the coasts, development jobs are plentiful, and no one is asking you to take 20k with no benefits.
We have some great developers here, I didn't say they were all terrible. My direct team has some great guys on it, but we are also like the Navy SEALS of development for this agency. We literally get HALO jumped in to failing projects to fix them and get them back on budget and schedule. I've seen first hand the destruction wrought by incapable developers that can't be gotten rid of because they are government employees with tenure.
East coast here man. I'm 6 hours from NYC or Boston.
It's been improving lately though, I saw a 40k one for a business that offered me $10 an hour 3 years ago.
It would probably be surprising! Like quake's source code.
Thought you lived in Wisconsin.
I have a C# developer buddy who lives in NJ, and he never gets offered less than 100k a year. To be fair, that's at NJ/NY costs of living, but still. I still go with the fact that it's the specific area you live in. Out here on the Left Coast, I've never even been sniffed at for less than 90k+ benefits.
In fact, I would say being that close to Boston/NYC without being in Boston/NYC hurts you. All the best development jobs are going to be in those cities.
I agree with this. Boston/NYC jobs even with cost of living difference are better paying than upstate NY.