Social Captain (a service to increase a user's Instagram followers) has exposed thousands of Instagram account passwords. The company says it helps thousands of users to grow their Instagram follower counts by connecting their accounts to its platform. Users are asked to enter their Instagram username and password into the platform to get started.

According to TechCrunch : Social Captain was storing the passwords of linked Instagram accounts in unencrypted plaintext. Any user who viewed the web page source code on their Social Captain profile page could see their Instagram username and password in plain text, as they had connected their account to the platform. A website bug allowed anyone access to any Social Captain user's profile without having to log in ; simply plugging in a user's unique account ID into the company's web address would grant access to their Social Captain account and their Instagram login credentials. Because the user account IDs were for the most part sequential, it was possible to access any user's account and view their Instagram password and other account information easily. The security researcher who reported the vulnerability provided a spreadsheet of about 10,000 scraped user accounts to TechCrunch.

Image relevant.

Tried getting puter to talk, puter no want to talk.
Me sad.
Me tell puter to stay put and listen at 4444.

External device doesn't do shit.
Me sad.

Read the docs. Nothing. Written like a 5 year old would.

Be angry, how do I put external device into tcp/ip mode? No one knows, the docs don't know.

I get frustrated and pull the USB cable out of it.
Mfw it starts spitting out requests to my server with no end in sight.

Mfw the requests all just repeat.
Mfw the docs tell me to acknowledge a request I have to respond with a content type of
"application/x-www-form-urlencoded"
How.

Not possible.
Mfw I decide to dissect a request to check it's accept header.

Mfw it says text/plain.
Great, no idea in what format the thing expects it.

Try writing out query string plainly.

It fucking works.

Why can't people just learn to write proper documentation.

So I'm struggling to finish this library which among other things is supposed to write flowing text. And this one's taking foreeeever and I'm hating it so much already.

I just keep daydreaming of starting a "simple" platformer. And then I go, "hm the parallax must be nice, it needs to have as many layers as possible, oh and look at this video, here they're even zooming and each layer rescales differently, good effect, I need to add that too. Also a plain platformer is just boring, it needs to have adventure elements, and even RPG too, yeah why not. Hm, it needs to have some motion blur, but oh I need this 1/48 shutter speed to make it look cinematic. Okay how do I go about adding this blur effect? What? Libgdx doesn't provide one out of the box? I need to use opengl shaders? A shader, eh... I'm not even sure what that is. Okay, let's see how to do it. Wow that's a total mess and resource hungry, and how will I calculate it all as to make it match the 1/48 thing?"

You know... Simple. And in the end, I'll abandon the library and won't get anywhere with the platformer (as usual).

Tsk tsk tsk

For me it was not do much a choice.

I started out using basic and simple text display (graphics existed but was quite difficult).

For a long time I was the sole or part of a pair of devs so specializing was not possible and once we grew to such a size I already was quite proficient in all areas from hardware to customer support and education.

But from that time onto today I have gravitated towards a more backend role mainly because I lack a good sense or visual design.

I know it something looks good, but doing it my self results in more boring or plain designs where more thought goes into UX than nice looking design.

That said, if we do web applications I can still keep up since it usually is more ux heavy ;)

But when it comes to adding background images, nice color sets and such I gladly defer that to colleagues with a better design sense.

I don't know how I should feel it is secure tho

Have been searching on this topic alot lately, but I cant find any good solution, in my opinion.

I have a system where I want to encrypt some data in the database, so it isn't in plain text, but how would you do it properly?
It has to be decrypted to view the data in the system, but how to manage it?

How can I store the keys in the right way? In my current trial, I have a encryption key and an iv, but wouldn't it be wrong to store the encryption key in the config file?

Can't really see how to grasp this the right way and in the same way have it as secure as possible.
Is it just stupid in general?