The Butt Ugly Weblog

Finnish sayings can be stupid, but this has got to be the most stupid ever:

"If you let a piece of cake fall sideways when you take it from the tray, you will get a bad mother-in-law." ("Jos kaataa kakkupalan, saa huonon anopin.")

I mean - COME ON! Your entire relationship with a possibly completely perfect human ENTIRELY RUINED by one fumbled feat of dexterity? Of which any regularly social person will have about a MILLION opportunities to fail before the wedding bells ring?

What about if the cake is just badly constructed? How would it look like if, after several years of torment from a mother-in-law-from-hell someone turned up to your doorstep with a hatchet and demanded revenge over one slippery frosting? Imagine the responsibility and diligence one would have to exercise to ensure a good life for all friends?

This is just fucking insane: Kaleva Travels (and/or Amadeus, not sure which one is the real culprit here) not only stores the user passwords in plaintext, they also routinely share them with the service desk. Check out this email I got (real password blocked out, duh, and some not-so-useful mail headers removed):

Date: Wed, 25 Apr 2012 13:33:02 +0000 (GMT)
From: webmaster@amadeus.net
To: xxxxxxxxxxxxxxx
Cc: e-servicecenter@kalevatravel.fi
Message-ID: <19272339.55056.1335360782390.JavaMail.SYSTEM@relay.amadeus.net>
Subject: Oma salasanasi

Hyvä Janne Jalkanen,
 Salasanasi on: xxxxxxxx
 Kiitos, että käytit yrityksesi online-varausjärjestelmää. Arvostamme asiointiasi.

Note the CC-line.

How could a company at this day and age so blithely ignore customer security is completely beyond me; storing plain text passwords is bad enough, but sharing them with who knows how many people...? In this case, I didn't even request a password reset; they just decided to send it to me at random and made it useless.

I fully realize that this is all done in the name of customer service, but there are far better ways - and secure - ways of doing this than just sharing the password around like it were a big box of cookies.

Also, this highlights the importance of using a different password across all the systems. You never know who's going to leak it.

Update: Our assistant just let me know that she also received the email with my password in it. So now I have no idea how many people have received my email/password combination. This is just fucking great.

Update, May 9th: Someone from Kaleva's Marketing called me and wanted to have a chat about what they could do about this. That's a good response.

I finally managed to see Iron Sky, and even more finally managed to write more about it, aside from an odd tweet. I'm sort of torn: I really want to like this movie, but it just doesn't do it for me. I followed it as closely as anyone could, and chose the Sneak Preview as my method of supporting this uniquely crowdsourced movie, and it had all the right people doing it and a wonderful concept that couldn't be made by any other method than people who don't know that it's not supposed to be done this way.

The movie sounds and looks awesome: The Laibach/Torssonen -effect knocks your teeth out, and I predict a resurgence of nazi aesthetic design values after this movie (steampunk is so old, nazipunk is is the new black). The cast is just perfect, from the wonderful innocence of Julia Dietze to Udo Kier's frightening presence. My personal favourite was Kym Jackson's space commander aboard the you-know-what, who seemed like an anchor of sanity in the middle of all insanity. I would've very much liked to have seen more of her - which may have been in plans at some point, as suggested by this audition tape.

But the but... I just couldn't bring myself to like or hate the characters or the story. The jokes were obvious and bland - and turns out all the big ones had already been spoiled to me. So I guess there's disappointment at the fact that you can really spoil *all* the jokes in the movie in just a couple of paragraphs. That suggests there weren't that many to begin with. And the whole thing had a smell on it; as if too many people had tried to tweak the script instead of just one person carrying a single vision.

But the but of the but: this is still a good movie, definitely worth watching. It's not a masterpiece; it's more like a good summer blockbuster with an insane twist. With the longest both pre-movie and post-movie funding-list ever (you will have finished your popcorn by the time the list of institutions-that-gave-money ends).

I would love to see the director, Timo Vuorensola, make a smaller movie next to hone his skills. And I would love to see Mr. Torssonen, the effects wizard, do something really, really big next, 'cos he's got the skills - and is sufficiently mad - already. (And I would like to see more Kym Jackson (@aussiegirly on Twitter), obviously. :-P)

Hover on the images for more info. The images were captured with my N9, which most definitely isn't designed for this kind of photography, so you can see all sorts of interesting artifacts in the images.

...your Facebook password, seem quite a few companies to say these days. I think their motivation is to ensure that they don't hire "bad" people (for some arbitrary definition of bad), but this practice is probably more damaging than beneficial at large. What people do on their spare time isn't really the employer's concern; and at least in Finland this is even codified into legislation: the Finnish officials take a very dim view on even googling your interviewee, unless they've specifically given permission for it.

(BTW, we're hiring summer interns at Thinglink - be a dear and include links to the relevant profiles that you want us to check out. For example, great Stack Overflow and Github profiles really make you look good. But if you don't tell us about them, we can't know about them...)

Anyhow, my entire issue here is really that of trust: If I, as an employer, asked you to provide your username and password to private information (something that's quite expressly prohibited by Facebook terms of service and is against the first security precaution anyone is ever taught: Never ever share your password with anyone), and you gave it to me willingly - how could I possibly trust you with any confidential information, or even a cash register, knowing that with some pressure, you will cave in and share it all with the next guy who happens to ask?

I know a lot of people don't really think that there's any harm in sharing their Facebook statuses (or their friend's statuses - giving out your password to other people also violates the trust placed on you by these other people), and that people really want these jobs, but still: stop and consider how it makes you look. Signaling that you're an untrustworthy person who will do anything for their own good isn't probably the kind of an image you want to give.