ewald

At my company, we develop and maintain a home banking website, that deals with millions of dollars, and the passwords are stored in plain-text. I can't convince management it's a bomb waiting to explode, because the "most senior" programmer doesn't think it's a problem, since "nobody will have access to the database." What should I do?

And it gets better, because everyone on the development team has access to the production database. If anyone hacks any computer of the devs, they can obtain the database and steal millions.

The entire security of hundreds of clients is based on the fact that our network can't be hacked, that an evil employee does not exist, and that the website is invulnerable.

Hi HN!

I guess the title explains itself, so: me and my brother are from Brazil, and we are going to MIX in Las Vegas, then we are going to spend 3 days in San Francisco.

The only thing we have scheduled to do is visit Alcatraz. What else should we do?

Thanks!