Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Let's not blame the victims entirely, sometimes they just don't understand modern technology
-
I'm torn on this and being a cybersecurity engineer....
I guess it does depend on the situation but I do have zero tolerance for people who apply (very) weak security to accounts which also contain data from other people. -
@linuxxx @alexbrooklyn they don't have to understand, it's our job as developers to make it easy. if they see a lock on their browser and see the domain is correct, they know it's secure, because we, the developers say that means its secure. they don't know their os/browser has registered ca's certificate, the browser checks the signature, and sends an encrypted aes key if it's a legit certificate.
but in this case, they entered sensitive credentials into a website they know is not legitimate. -
@calmyourtities https is so easy to get nowadays
I'm talking about phishing, phone scams, downloading virusses willingly, giving away credentials, using the the same password everywhere, filling in creditcard details on sketchy websites, clicking on malicious ads etc. -
@calmyourtities as developer I never said the site was secure when there's a green padlock. I always explained that the CONNECTION was secure.
-
@linuxxx yeah but i also said the domain is correct too, which means is actually the website if their private key is kept private.
if you're talking about if the website is secure, as in the server itself, that's hard to determine. this is an AMERICAN public education website, that means java server pages and about 2738583 3rd party services, so it's probably not secure.
@alexbrooklyn no see, this isn't a phishing scheme, or even stupidity. this is kids knowingly giving their credentials to an illegitimate site. if they see a lock with the correct domain, they know it's legitimate. this is different. it's a website saying it's not affiliated and will get you your scores early. it is completely illegitimate and kids knowingly gave their credentials away to it. it's like giving someone a key to your house for them to check the mail you just received.
Related Rants
fuck people who need to be hacked to care about security.
i hope everyone who used that early ap scores gets their credit cards stolen because they don't know how to use a vpn.
rant
fuck you
fuck high schoolers