Aggregator

Chery has launched in the UK and its 7 CSH 'Super Hybrid' SUV is the cheapest way into the brand. Freda Lewis-Stempel reviews the long range hybrid SUV to see it it offers bang for buck.

The average cost of annual home insurance fell by 9% from £218 to £198 year-on-year in January, data from Compare the Market reveals.

joshuark writes: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. VMware Aria Operations is an enterprise monitoring platform that helps organizations track the performance and health of servers, networks, and cloud infrastructure. The flaw has now been added to the CISA's Known Exploited Vulnerabilities (KEV) catalog, with the U.S. cyber agency requiring federal civilian agencies to address the issue by March 24, 2026. Broadcom said it is aware of reports indicating the vulnerability is exploited in attacks but cannot confirm the claims. "A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress," the advisory explains. Broadcom released security patches on February 24 and also provided a temporary workaround for organizations unable to apply the patches immediately. The mitigation is a shell script named "aria-ops-rce-workaround.sh," which must be executed as root on each Aria Operations appliance node. There are currently no details on how the vulnerability is being exploited in the wild, who is behind it, and the scale of such efforts.

Read more of this story at Slashdot.

We mostly don't pick on bad SQL queries here, because mostly the query optimizer is going to fix whatever is wrong, and the sad reality is that databases are hard to change once they're running; especially legacy databases. But sometimes the code is just so hamster-bowling-backwards that it's worth looking into.

Jim J has been working on a codebase for about 18 months. It's a big, sprawling, messy project, and it has code like this:

AND CASE WHEN @c_usergroup = 50 AND NOT EXISTS(SELECT 1 FROM l_appl_client lac WHERE lac.f_application = fa.f_application AND lac.c_linktype = 840 AND lac.stat = 0 AND CASE WHEN ISNULL(lac.f_client,0) <> @f_client_user AND ISNULL(lac.f_c_f_client,0) <> @f_client_user THEN 0 ELSE 1 END = 1 ) THEN 0 ELSE 1 END = 1 -- 07.09.2022

We'll come back to what it's doing, but let's start with a little backstory.

This code is part of a two-tier application: all the logic lives in SQL Server stored procedures, and the UI is a PowerBuilder application. It's been under development for a long time, and in that time has accrued about a million lines of code between the front end and back end, and has never had more than 5 developers working on it at any given time. The backlog of feature requests is nearly as long as the backlog of bugs.

You may notice the little date comment in the code above. That's because until Jim joined the company, they used Visual Source Safe for version control. Visual Source Safe went out of support in 2005, and let's be honest: even when it was in support it barely worked as a source control system. And that's just the Power Builder side- the database side just didn't use source control. The source of truth was the database itself. When going from development to test to prod, you'd manually export object definitions and run the scripts in the target environment. Manually. Yes, even in production. And yes, environments did drift and assumptions made in the scripts would frequently break things.

You may also notice the fields above use a lot of Hungarian notation. Hungarian, in the best case, makes it harder to read and reason about your code. In this case, it's honestly fully obfuscatory. c_ stands for a codetable, f_ for entities. l_ is for a many-to-many linking table. z_ is for temporary tables. So is x_. And t_. Except not all of those "temporary" tables are truly temporary, a lesson Jim learned when trying to clean up some "junk" tables which were not actually junk.

I'll let Jim add some more detail around these prefixes:

an "application" may have a link to a "client", so there is an f_client field; but also it references an "agent" (which is also in the f_client table, surpise!) - this is how you get an f_c_f_client field. I have no clue why the prefix is f_c_ - but I also found c_c_c_channel and fc4_contact columns. The latter was a shorthand for f_c_f_c_f_c_f_contact, I guess.

"f_c_f_c_f_c_f_c" is also the sound I'd make if I saw this in a codebase I was responsible for. It certainly makes me want to change the c_c_c_channel.

With all this context, let's turn it back over to Jim to explain the code above:

And now, with all this background in mind, let's have a look at the logic in this condition. On the deepest level we check that both f_client and f_c_f_client are NOT equal to @f_client_user, and if this is the case, we return 0 which is NOT equal to 1 so it's effectively a negation of the condition. Then we check that records matching this condition do NOT EXIST, and when this is true - also return 0 negating the condition once more.

Honestly, the logic couldn't be clearer, when you put it that way. I jest, I've read that twelve times and I still don't understand what this is for or why it's here. I just want to know who we can prosecute for this disaster. The whole thing is a quadruple negative and frankly, I can't handle that kind of negativity.

.comment { border: none; } [Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!

Machine Gun Kelly was accompanied by his daughter Casie at a Paris Fashion Week event on Wednesday.

Mr solicitor who did probate also drew up a deed saying that I was trustee along with my cousin's daughter who is a lot younger than me.

The OBR said alongside the Spring Statement that it would look at high marginal tax rates, while investment platform IG says it is holding back investment.

New bin collections will be rolling out very soon

LIVE UPDATES: Follow the latest on the US-Israel war with Iran as the conflict enters its fifth day as the Middle East faces further chaos with Gulf states embroiled in Iranian retaliatory attacks.

The 41-year-old star, who is notably the daughter of the late Ozzy Osbourne and Sharon Osbourne, was greeted with applause from the live audience as she joined the panel of other judges.

A heartbroken mother has spoken out after her Deadliest Catch star son's final moments were captured on camera.

A retreat operator has been charged with manslaughter four years after a ceremonial ritual involving frog poison left one man dead.

Kelvedon Against Urban Sprawl launches silent auction to fund opposition to the Kings Dene 5,000-home development in Essex amid road infrastructure concerns.

The area could see a number of changes over the coming years

Lower app store fees are on the way, plus an on-ramp for third party digital bazaars

Google has spelled out changes it will make to the fees it charges developers who use its app store and payment services, and says they represent the end of its long legal battle with Epic Games.…

The colony can be seen coming back from the sea early in the morning after collecting lantern fish, squid and krill to feed their family at Volunteer Point on East Falkland.

A new investigation into an infamous UFO conspiracy claims to have uncovered proof that top-secret documents labels as fakes are actually real.

Offers booming customer accelerator biz as evidence, while VMware props up its software business

Broadcom will soon deploy multiple gigawatts worth of custom accelerators at Meta, OpenAI, and Anthropic, a feat it says shows AI companies and hyperscalers can’t successfully develop and deploy their own silicon any time soon.…

When 20-year-old Anya Randall started her period at just 10 years old, the pain was excruciating.

Saturday morning, Pasteur Street, central Tehran. Inside a vast walled compound (pictured) sits Beit Rahbari - the residence of Iran's ageing Supreme Leader Ayatollah Khamenei.