Feeds

BOFH: Ready for the Judgment Day

You're wrong, proton breath. I'll be done with you in time to watch Oprah!

  • alert
  • submit to reddit

Mobile application security vulnerability report

My name is URL

"Yes, but with URL authentication, IP Address recording, presence information, and time-stamping they'll know..."

"I'm sure we'll get the survey to be truly anonymous with no tracking information at all," the Boss says

"So what do you think, David – would you trust that system?"

"I suppose so." David says thoughtfully.

"Which is where the system falls down," I say.

"I thought you said the system falls down through lack of anonymity."

"It falls down several times. It's not too unlike a young person leaving the warmth of a late night entertainment establishment after several hours of unaccustomed drinking. It stumbles, it falls, it gets up, pukes in a dustbin, falls again, hails a cab, pukes one more time, the cab drives off, another puke, a fall, a retch, a couple more retches, a crawl to a late night convenience store for a drink of water, the ringing of Mum for a ride home, the tractor beam-like pull of the kebab shop, another fall, the arrival of mum, the kebab laden puke in the car, a few tears mixed with recrimination, the arrival home, the fall down the stairs and finally the rest of a warm bed. And another puke." I say. "I've seen it dozens of times. This latest fall though, is because the users are too stupid to be allowed to have opinions."

"Hey!" David says.

"No offence," the PFY chips in, "but please! The moment you click 'submit' the POST operation is logged in our proxy and we have a timestamp on when you posted your submission. By simply looking at the aggregated feedback results we'll be able to work out by simple mathematics what your post entailed. And of course your free format comments would be immediately noticeable."

"We could flash an image of you on the desktop of the person you commented about" I say, just spitballing, "with a little speech balloon saying how crap you thought they were."

"But what if I didn't say they were crap?"

"This is an anonymous survey so of course you'll say they're crap. And besides, it's going through our proxy, so you'll be saying they're crap one way or another."

"But it's SSL encoded!"

"Yeah, we recompiled your browsers ages ago. They don't use ssl like they should. The PROXY uses ssl instead."

"But..."

"I know what you're thinking," the PFY says "You're thinking that maybe the survey won't be that anonymous after all. You're thinking you should be careful what you type in future. You're wondering if we kept that stuff you typed into that 'anonymous' chat site. We did. I have no idea what stuff or what chat site, but we'll have it."

"We could post it on people's desktops – with an image of you and a speech balloon..." I add

"I... so this is blackmail?"

"No, no, of course not. Your anonymous feedback about how good we are is up to you – after all it's anonymous. We like things to be anonymous, and positive."

"Although positive and negatives are good too," the PFY chips in.

"Anyway, if you just keep your comments positive I'm pretty sure there'll be no negatives. Tell your friends."

And the rest is history – and we all know by whom history is written.

The Proxy... ®

Bridging the IT gap between rising business demands and ageing tools

More from The Register

next story
THUD! WD plonks down SIX TERABYTE 'consumer NAS' fatboy
Now that's a LOT of porn or pirated movies. Or, you know, other consumer stuff
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
FLAPE – the next BIG THING in storage
Find cold data with flash, transmit it from tape
Seagate chances ARM with NAS boxes for the SOHO crowd
There's an Atom-powered offering, too
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.