I posted the linked comment almost a year ago, but the incident happened much closer at the start of Covid. I didn't say it at the time, but I willingly say it now, LiveCode were the perpetrators. They employ the dark pattern of graciously offering free stuff for education during lockdown, because they are such good guys, and then will charge $1500 if someone forgets to cancel their offer. After the dashes is copy of the text from the other comment:
--------
I treat 'free but remember to cancel' plans as scams.
About 10 months ago I got emails from a company that developed an development environment that was I was mildly interested in. They presented an offer with said it was free so that people could help educate themselves during lockdown. Unfortunately the terms was after 1 year you needed to pay something like $1500 if you didn't cancel, these terms were right at the bottom of the page and very hard to spot. Paid through PayPal and the about $1500 was there right in front of me. I cancelled it on the same day.
A company offering that sort of deal waiting for people not to cancel and saying it is to help people during the lockdowns is just awful.
---------
Addenda: Unfortunately I don't have the original email for this any more, as I was annoyed and marked it as spam before copying any text like an idiot, and it vanished. Although I may be able to use the internet archive to recover the page the email sent me to. Aside: if anyone doesn't copy the text they wrote in a webpage to a text editor or something before they press the 'submit' button or equivalent, they may regret as I have a couple of times, if an AI or site error swallows their text, it's a good habit to get into.
Sorry, I just saw this reply. Sorry this happened to you. Obviously it's a long shot since it's been so long, but did you try reaching out to them at the time? I don't work there (I consulted with them long ago) but I still know several of the people there. I'd be surprised and disappointed if they didn't respond to a timely request for a refund.
Parameterized queries and statements are great. They solve problems where the paramaterized queries are used. However care must be taken, a script running on the database after information has been entered can still inject long after the initial parameterized statement put it into the database if that script itself does not use parameterized queries, making a SQL injection still work, in a delayed way.
My bank used to have a virtual keypad, they now have a normal password field. So they actually saw reason. I think there is reason to be optimistic about bank password security getting better; what is known to be good password policies and interfaces are getting more widespread. It may take some time, but it should get better because it is accidental or ignorant password policies from the past, not deliberate attempts to make their customers trip up (unless someone knows better).
As for the asking birthday for security reasons, relic from the past, getting more useless as time goes by. With so many websites asking for that information, and then they get hacked, sold or leaked. Yes, this said the completely obvious, but it still amazes me that any organisation that I have a financial relationship with asks that for identification over the phone, usually my address as well, but that is almost as public.
Steam also allows a user to view the raw information if they want. At least the last time I looked. The option could definitely be more obvious though. Giving the user the ability to see the like/dislike data over time gives them their own ability to decide whether likes/dislikes come from an external source to the page. This information should include a graph of the total views over time as well as likes and dislikes over time in parallel.
Not giving users this information and removing like dislike counts just makes it so that a small number of people at YouTube have even more ability to control what is pushed on that site. With this change users have even less ability to check the validity of a video; validity means different things to different users here. People who stay at YouTube will just have to deal with the fact that they will have videos pushed to their screen for reasons that are hidden to them, that they don't have the ability to check out anything other people think about the video, and can't even signal that there is something wrong to them about the video (sure, they could comment, but any comment can be deleted by the video author and there is the fear of losing your Google account, which can include their email contact to everyone and authentication information also, which can have huge consequences for their ordinary life).
Microsoft could just not give discounts to computer suppliers that don't have UEFI secure boot on forced on.
I definitely recall Microsoft killing hardware manufacturers putting Linux on the machines that they sold by mandating that if they put Linux on any consumer desktop they would not get the OEM discount for a Windows licence for any computer they sold. It stopped new non Windows PC sales dead at the time IIRC. This was something like over a decade ago.
Interestingly just removing the US location restriction it looks quite different, with KDE being far more frequently searched for than the others at the moment. Searches for Linux desktop environments look to have reduced a lot in total since 2004, on Google at least. https://trends.google.com/trends/explore?date=all&q=%2Fm%2F0...
Yeah the lack of consequences for those that administer justice is (I believe) the strongest reason an innocent person is convicted or punished far too harshly for the given crime. The only time I have heard of judges ever getting punished for their judgments is either when it is revealed that they have been taking bribes or their nation lost a war.
