God is in the Details
Haley is a bulldog you wouldn't want locked on your jewels. The lady is persistent and today's post in very interesting to me. But, it from the former programmer side.
A lot of programming involves either the easy way or the right way. It isn't the devil in the details. He shows up when you ignore the fundamentals.
Everything earlier pointed to a backdoor. Backdoor exist for a variety of reason. The government want them to trample our constitutional liberties. Business wants them to monitor details that may be personal in nature. They show up all over the place. Often I'd program one in that'd be removed in the distribution version.
Anyway, I had the idea you needed to get to the server farms backdoor using something like a VPN client to do the deed. Such a client is a dangerous animal and need security on top of security. But knowledge is hard to keep secure; especially when you throw in
90-percenters. So, insiders knowing using some form of god mode is plausible. It isn't best practice programming but it is quite plausible.
Instead, the email Haley points to an email which changes the whole idea of the programming and security on UB.
Programming is hard enough without security. Adding it later is next to impossible. That's why you hear about banks, operating systems, and all sorts of applications being cracked. It is similar to the problem and effort that had to be expended for the “Y2K bug” which wasn't a problem until it was a problem. Window's registry is a similar piece of stupidity. It was a kludge brought about by underpowered computers being the typical system that MS was marketing Windows 3.0 to. When you do such design, it will haunt the system throughout time. Among its other weakness, and they are legion, is that it has zero security. Most folks don't know what it is so it also becomes a place to hide stuff.
So, it starts off with the “security” being the lowest form possible. With the highest forms still having vulnerability, even if the application was properly designed; the simplistic method of using “God Mode” smacks of stupidity from design through implementation.
What is disclosed is that every session was capable of seeing all the cards. That meant that all the cards were likely or at least capable of being distributed to every seat at every table. Communicating data exposes data – duh! That's been the problem since runners carried coded messages between commanders. Security is a combination of levels but adding on to each is the need to know. That was ignored completely with the approach used. Seeing how sloppy all this is, my guess is that they just sent all the data and made the program limit exposure. Either way, it is amateur night.
What it all looks like is that this system was designed to cheat from the git-go. Good practices would have never provided the type of system all this exposes. It looks like the designers didn't care about any of the things that required reasoned consideration.
Here at the end, I'm asking myself a question, “What would I have done if I got hold of that little .reg file?” We think we're righteous but that's seldom tested. This would be the ne plus ultra test. I know I would have installed it – to verify it was what it was, if nothing else. Even if I never bet a dime using it, it is an alluring beast. There truly is a godlike aspect. For a poker player, it is better than sex.
That is an unbelievable state. It makes Descartes look like a flounder.
Cognito ergo sum my ass.
NOTE: I used 90-percenter above. Its what drunken programmers commiserate with each other over. “90-percent of all problems associated with a program are caused by what is attached to the keyboard.” 🙂