Bunch of amateurs!

After all the excessive spending for the eUP project, you might think the project is at least done professionally. Well, that's a nice thought! But if you come close to the different systems, you'll see telltale signs of amateurism on the part of those who developed them.

Most basic: SSL Certificate. It's supposed to be for testing purposes only but the self-signed, test-only certificate has made it all the way to production, say, in SAIS.

What?! eUP cannot procure a legitimate SSL Certificate?! Or do eUP people even know how to set up that thing? Either way, it does not invite confidence in the largest, most wasteful/wasted project of the PAEP administration. Visit the SAIS website and your own browser will scare you off!

In one of earlier instructions from eUP developers, they couldn't even resolve the language issue:

Indeed, may the odds be in UP's favor! Because it's certainly a tough sell from our end. And you still wonder why the project is doomed?

See more amateurism (er, imcompetence) here!


Quick Update

Finally, after over a year in "production," a legitimate SSL certificate has been used. It's a Cloudflare certificate set up correctly across major eUP systems but, as of this update (August 15, 2015), the concerned eUP servers remain vulnerable to BEAST attacks. Check here if the issue remains. However, the dafault now is non-secure (non-httpS) connection, which is actually even more irresponsible, given the sensitivity of UP records involved. With unencrypted login, eUP sites become vulnerable to man-in-the-middle attacks.


Well, that was 5 days ago. Now, it's back to old errors. I rest my case.


Update: November 4, 2015

Right now, eUP's Human Resource Information System (HRIS) and Financial Management Information System (FMIS) are not even on encrypted connection.

The incompetence of these people is bottomless. Irresponsible!