Hacker News new | past | comments | ask | show | jobs | submit | sytringy05's comments login

I worked for an aircraft parts manufacturer, they closed an entire factory / production site rather than try and upgrade the manufacturing system or move the part production onto the new one they had implemented.

500 people out of work. Tell me again how simple everything is to fix.


No-one's saying everything is simple to fix.


The issue with myki wasn't the card technology, it was the fact they wanted to have standardised ticketing across the entire state.

eg Tap on a bus, tram and train in Melbourne, get off in Wangaratta and tap on to a bus there.

There was going to be something like 29 zones, and all the requirements / edge cases / mucking around sent the cost through the roof.


What I'm trying to say is that it was mismanagement, which was well known at the time. Hong Kong also has Metro, trains (at the time), buses, trams, ferries. All from different companies. In Melbourne they are actually mostly under the same government agency.


<7000 lines of cut / paste YAML later> “it’s that easy!”


I'd love to see 7K of YAML as every time I've asked, no one's been able to show me a fully worked, end-to-end example.


It’s from the original borne / korn shell in Unix. Ctrl H was backspace, but the pc keyboards would send a different control character. you often had to map the backspace on the pc keyboard to make it work properly. Set -o or something like that.


And then it got even worse when you mixed in X Windows. "Delete" or something.


Pretty interesting way to run what's in effect a XSS attack.


It's interesting to hear that because IHMO one of the reasons OAuth and JWT took over the world is that you can base64 decode the tokens and see whats inside them, compared to Kerb or NTLM which you eventually learn to spot based on their binary headers or whatever (eg NTLM tokens in HTTP Headers always start with "TRIM" for some reason)

I get the problem though, many of the libraries are not great or simply difficult to use


Well hopefully someone has taken the time to, or there will be nasty surprises

I certainly don't want people building security sensitive parts of an app to be slinging the features out.


The whole point of access tokens is to not do expensive checks on every request. Signature checks out and isn't expired - you are free to go. This is a core design thing of OAuth, once access tokens are out the door they are very hard to stop, so only let them last for 5 or 10 mins and use refresh tokens to get new access tokens.

Refresh tokens are your chance to do all the expensive checks - maybe you are IP restricted or want to step up with MFA etc etc. Check revocation etc


Yes, single log out is an ongoing nightmare. <Stares at Ping> As many here have said the size and range of use cases that OAuth and OIDC support is off its head. And that's with the big boys who have millions of users, throw in ${EveryCorp} that implements its own token server and bespoke implementation of the auth, well.. good luck to the AI trying to take over our jobs.


lol, here's my visual flow which consists of "start" -> "script node" -> "end"

Still, people buy Dell Boomi and Mulesoft, so it's not like there's no market for this rubbish


Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: