I wonder why banks are always so terribly insecure, given how much money there's for grabs in there for hackers.

Just a while ago I got a new prepaid credit card from bpost, our local postal service that for some reason also does banking. The reason for that being that - thank you 'Murica! - a lot of websites out there don't accept anything but credit cards and PayPal. Because who in their right mind wouldn't use credit cards, right?! As it turns out, it's pretty much every European I've spoken to so far.

That aside, I got that card, all fine and dandy, it's part of the Mastercard network so at least I can get my purchases from those shitty American sites that don't accept anything else now. Looked into the manual of it because bpost's FAQ isn't very clear about what my login data for their online customer area now actually is. Not that their instruction manual was either.

I noticed in that manual that apparently the PIN code can't be changed (for "security reasons", totally not the alternative that probably they didn't want to implement it), and that requesting a forgotten PIN code can be done with as little as calling them up, and they'll then send the password - not a reset form, the password itself! IN THE FUCKING MAIL.

Because that's apparently how financial institutions manage their passwords. The fact that they know your password means that they're storing it in plain text, probably in a database with all the card numbers and CVC's next to it. Wouldn't that be a treasure trove for cybercriminals, I wonder? But YOU the customer can't change your password, because obviously YOU wouldn't be able to maintain a secure password, yet THEY are obviously the ones with all the security and should be the ones to take out of YOUR hands the responsibility to maintain YOUR OWN password.

Banking logic. I fucking love it.

As for their database.. I reckon that that's probably written in COBOL too. Because why wouldn't you.

Inappropriate experience at work: One of our project managers got arrested one day for fraud. Apparently an employee had been in the middle of an online purchase and walked away from their desk. He happened to see the unmasked entry of the CC info (this was before websites cared about masking sensitive form inputs). I guess the temptation was too great…and he was too stupid to realize he’d get caught…and he jotted it all down. He made thousands of dollars in purchases which, naturally, eventually led back to him.

The same guy, before he got arrested, had made a joke when someone in an office team email said “Feel free to have some cake in the break room.” He replied “No need to do anything to me for the cake.” His first name was “Free”.

Alright, I'm gonna need some help from more experienced devs.

tldr: how does my sister test my website if she can't run it?

I'm making a site (for myself, I've talked about this in other rants, most likely won't go online so I don't want to spend money on this), and my sister is helping me with the sales part of the project. It's basicaly a web store.

In a couple of months, she is going to have a baby, and will stay at home for 5 months. Since she helped me with it, and I don't really know all of the steps that go into online purchasing (she kind of works with this, and makes a lot of online purchases, from everyone I know she was the best person to go to), we want her to test it while she's at home with the baby, just in case I missed or didn't understand something.

The problem is: she doesn't understant anything about programing and probably never seen a command line, and since this is laravel, I will need to install a lot of things in her computer, which will be useless for her after she is done, and teach her some commands to run the site.
Also, like I said, i don't want to spend money on this, since she will only make a few tests and that's it, it would go offline after.

She is smart, she could probably do this, so if there is no way of doing this is ok, but if there is it would save her a lot of time while testing and with the baby, and save me my time at work.

I would want something like git, but where I could run the site without a lot of steps.

Does anyone know how she can test it? Is there even a way?
Thank you in advance 😁