Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "access"
-
Rant
Why do shithead clients think they can walk away without paying us once we deliver the project !!!
So, here goes nothing..
Got an online gig to create a dashboard.
Since i had to deal with a lot of shitheads in the past, I told them my rules were simple, 20% advance, 40% on 50% completion and 40% after i complete and send them proof of completion. Once i receive the payment in full, only then i will hand over the code.
They said it was fine and paid 20%.
I got the next 40% also without any effort but they said they also needed me to deploy the code on their AWS account, and they were ready to pay extra for it, so i agreed.
I complete the whole project and sent them the screenshots, asking for the remaining 40% payment. They rejected the request saying my work was not complete as i had not deployed on AWS yet. After a couple of more such exchanges, i agreed to setup their account before the payment. But i could sense something fishy, so i did everything on their AWS account, except registered the domain from my account and set up everything. Once i inform them that its done and ask for the remaining payment.
The reply i got was LOL.
I tried to login to the AWS account, only to find password had been changed.
Database access revoked.
Even my admin account on the app had been removed. Thinking that they have been successful, they even published ads about thier NEW dashboard to their customers.
I sent them a final mail with warning ending with a middle finger emoji. 24 hours later,
I created a github page with the text " This website has been siezed by the government as the owner is found accused in fraud" and redirected the domain to it. Got an apology mail from them 2 hours later begging me to restore the website. i asked for an extra 10% penalty apart from the remaining payment. After i got paid, set an auto-reply of LOL to thier emails and chilled for a week before restoring the domain back to normal.
Dev : 1
Shithead Client: 025 -
Another story on the spirit of wk93. TL;DR I DOS'd the whole campus network for some beers.
In highschool teachers had this blackboard system (a sort of moodle) and we used to have really lazy teachers who only read the PowerPoint presentations and made us take notes. One day I was fed up with their bullshit and figured these lazy ass professors wouldn't "teach" crap as soon as there was no internet connection...so the race was on...
10 minutes before the bell rang a friend and I managed to break in into a computer lab, I booted up Kali and searched for the access points, 3 routers through the building all with CISCO OS.
I figured they had all the default configs, time was running out so I decided to Smurf the three access points with the lab's IP range, scheduled an automatic shutdown in 2 hours and blocked the PC. The bell rang and as predicted, no internet, no class, my friends and I used that free time to go to a bar (on a Monday afternoon).
Funny side note, since the 3 routers were down the whole network collapsed, no cameras, no access control, no faculty network or any network. We kept doing it and every time we did campus security would be desperately searching for someone with a black hoodie.6 -
Hey, Root? How do you test your slow query ticket, again? I didn't bother reading the giant green "Testing notes:" box on the ticket. Yeah, could you explain it while I don't bother to listen and talk over you? Thanks.
And later:
Hey Root. I'm the DBA. Could you explain exactly what you're doing in this ticket, because i can't understand it. What are these new columns? Where is the new query? What are you doing? And why? Oh, the ticket? Yeah, I didn't bother to read it. There was too much text filled with things like implementation details, query optimization findings, overall benchmarking results, the purpose of the new columns, and i just couldn't care enough to read any of that. Yeah, I also don't know how to find the query it's running now. Yep, have complete access to the console and DB and query log. Still can't figure it out.
And later:
Hey Root. We pulled your urgent fix ticket from the release. You know, the one that SysOps and Data and even execs have been demanding? The one you finished three months ago? Yep, the problem is still taking down production every week or so, but we just can't verify that your fix is good enough. Even though the changes are pretty minimal, you've said it's 8x faster, and provided benchmark findings, we just ... don't know how to get the query it's running out of the code. or how check the query logs to find it. So. we just don't know if it's good enough.
Also, we goofed up when deploying and the testing database is gone, so now we can't test it since there are no records. Nevermind that you provided snippets to remedy exactly scenario in the ticket description you wrote three months ago.
And later:
Hey Root: Why did you take so long on this ticket? It has sat for so long now that someone else filed a ticket for it, with investigation findings. You know it's bringing down production, and it's kind of urgent. Maybe you should have prioritized it more, or written up better notes. You really need to communicate better. This is why we can't trust you to get things out.
*twitchy smile*rant useless people you suck because we are incompetent what's a query log? it's all your fault this is super urgent let's defer it ticket notes too long; didn't read21 -
Manager (via phone): You need to setup the CEO with access to the app IMMEDIATELY
Dev: Ok…What’s the occasion?
Manager: There is a big important meeting right now where we go over our achievements for the year and my plan was to have him log in and play around.
Dev: Likely would have been worth mentioning at this mornings standup.
Manager: Don’t be a smart ass. In fact, if you were actually smart you would have given him an account in the first place! So you’re just an ass then, what kind of idiot doesn’t give the CEO an account to an app like this?
Dev: Actually you specifically asked for him to be removed when I added him. “Unnecessary Optics” you said.
Manager: THAT’S BULLSHIT, I NEVER SAID THAT!!
Dev: It’s in our meeting minutes from 2 years ago.
Manager: STOP WRITING THE THINGS I SAY DOWN IT’S COMPLETELY UNNECESSARY.
Dev: I’ll make a note of that request
Manager: YOU ABSOL—ok looks like he’s waving me back in the room now the account must be working now bye. *click*.
Dev: Moron.9 -
Mac: Hello welcome please sign in
Dev: Fair enough
Mac: Oh you haven’t signed in in awhile please get get verification from other device
Dev: kk
Mac: Oh you don’t have a dev account, please sign in on this website
Dev: Hm.
Mac: In order to sign up for a dev account you need to download this app
Dev: ???
Mac: Are you sure you want to open this app you just downloaded?
Dev: Sigh.
Mac: In order to sign up for a dev account on this app you need to sign into it
Dev: For the love of god
Mac: Ok now you can build with Xcode.
Xcode: No you can’t. You have to sign in
Dev: fuck sakes.
Mac: Are you sure you want Xcode to access files on your computer?
Dev: …Yup
Xcode: Signing in isn’t enough you have to select the fact you are signed in a dropdown nested 3 menus deep.
Dev: God damn.
Xcode: Build failed please sign in to phone as well.
Phone: New sign in detected, please verify with alternative device.
Dev: Jesus.
Xcode: Build success! Pushing to iPhone.
Dev: Finally.
Xcode: Unknown error occurred. Please go to support.apple.com for help. :)
Dev: …24 -
An intern I was supposed to lead (as an intern) and work with. Which sounded kinda crazy to me, but also fun so I rolled with it. But when I met her I quickly found out she didn't even have a coding editor installed and when I advised one she was "scared of virusses". She had Microsoft Edge in her toolbar, and some picture of a cat as a background. We were given some project by our boss, and a freelance programmer helped us set it up on Trello. Great, lets start! Oke maybe first some R&D, she had to reaeach how to use the Twilio API. After catching her on WhatsApp a few times I realised this wasnt gonna go anywere. After a few weeks of coding and posting a initial project to git I asked her if she could show me the code of the API she made so far..
She told me she was using the quickstart guide (the last 3 FUCKING weeks) which contained some test project with specific use cases.
The one that I did 3 weeks ago that same fucking morning.
AND SHE WAS STILL NOT DONE...
A few days later I asked her about the progress (strangly, I wasn't allowed ti give her another task bcs the freelanc already did) and guess what... She got fking pissed at me
Her: "I will come to you when im done, ok?"
Me: "I just want to see how it is going so far and if you are running into any problems!"
Her: "I dont want to show you right now"
She then goes to my fucking boss to tell him I am bothering her.
And omg... Please dear god please kill me now...
Instead of him saying the she probably didn't do shit. He says to me that the girl thinks im looking down on her and she needs a stress free environment to work in. She will show me when its done. ITS A FUCKING QUICKSTART GUIDE YOU DUMB BITCH.
He then procceeded to whine to me about the email template (another project I do at the same time) which didn't look perfect in all of his clients.
Dont they understand that I am not a frontend developer? Can you stop please? I know nothing about email templates, I told you this!!!
Really... the whole fucking internship the only thing the girl did was ask people if they want more tea. Then she starts cleaning the windows, talk to people for an hour, or clean everyone's dask.
all this while I already made 50% of the fucking product and she just finished the quickstart tutorial 😭. Truly 2 months wasted, and the worse thing is I didn't get any apprication. They constantly blamed me and whined at me. Sometimes for being 3 minutes late, the other for smoking too much, or because I drink to much coffee, or that I dont eat healthy. They even forced me to play Ping Pong. While im just trying to do my job. One of the worst things they got mad at me for if when my laptop got hacked bcs it was infected with some virus. He had remote access and bought 5 iPhones 6's with my paypal while I was on break. I had to go home and quickly reset all my passwords and make sure the iPhones wouldnt get delivered. strange this was, this laptop I only used at the company. So it must have been software I had to download there. Probably phpstorm (torrent). Bcs nobody would give me a license. And the freelancer said I * have to *.
the monday after I still had to reinstall windows so I called them and said I would be late. when I came they were so disrepectfull and didn't understand anything. It went a little like this:
Boss: why u late?
Me: had to reinstall my laptop, sorry.
Boss: why didnt you do this in your own time?
Me: well, I didn't have any time.
Boss: cant you do this in the weekend or something? Because now we have to pay you several hours bcs you downloaded something at home.
Me: I am only using this laptop for work so thats not possible.
Boss: how can that even be possible? You are not doing anything at home with your laptop? Is that why you never do anything at home?
Me: uhm, I have desktop computer you know. Its much faster. And I also need to rest sometimes. Areeb (freelancer) told me to torrent the software. He gave me the link. 2 days later this happends
Boss: Ahh okeee I see.. Well dont let it happen again.
After that nobody at the compamy trusted me with anything computer related. Yes it was my own fault I downloaded a virus but it can happen to anyone. After that I never used Windows again btw, also no more auto login apps.8 -
That moment when installing arch...need wifi drivers to access internet and need internet to install wifi drivers 😢9
-
micromanager: "Quick and easy win! Please have this done in 2-3 days to start repairing your reputation"
ticket: "Scrap this gem, and implement your own external service wrapper using the new and vastly different Slack API!"
slack: "New API? Give me bearer tokens! Don't use that legacy url crap, wth"
prev dev: "Yeah idk what a bearer token is. Have the same url instead, and try writing it down so you don't forget it?"
Slack admin: "I can't give you access to the slack integration test app, even though it's for exactly this and three others have access already, including your (micro)manager."
Slack: "You can also <a>create a new slack app</a>!" -- link logs me into slack chat instead. After searching and finding a link elsewhere: doesn't let me.
Slack admin: "You want a new test slack app instead? Sure, build it the same as before so it isn't abuseable. No? Okay, plan a presentation for it and bring security along for a meeting on Friday and I'll think about it. I'm in some planning meetings until then."
asdfjkagel.
This job is endless delays, plus getting yelled at over the endless delays.
At least I can start on the code while I wait. Can't test anything for at least a week, though. =/18 -
Companies who geo block their sites for no fucking reason can go fuck themselves.
So a bunch of retarded pharmacies in India, geo block hits from anywhere outside of India.
A thousands of Indians are living abroad with their parents and family living in India.
Imagine, I have to order medicines for my parents since they are not very tech savvy and I cannot do that because some rotten brained guava thought that it's a good idea to geo block access.
What is the fucking point in doing so? There are many such companies, especially Indian who do so. I have keep toggling my VPN because of this.30 -
PM (on slack): "we’re about to deploy to production".
Me: "ok"
… I keep on working on a task / remain available for any post deployment issues …
PM (5 minutes later on slack): "deployment broke production! We need to handle this NOW!"
My dev colleague has already called it a day, but I’m still online
Me: "ok I don’t have access to prod, can you describe what’s going on? I can’t reproduce on any other environment"
PM: …
10 minutes go by
Me: "anybody there?"
PM: …
45 minutes later, I realize PM is offline
The following day:
PM: "ok we got prod running again" (turns out it was client’s fault for not updating a config we as devs can’t access)
PM: "but we’re REALLY UPSET! You guys need to be available to intervene for any issues following deployment to production! At least one of you should be available!"
Me: "but, but…" 🫠14 -
It was fucking weird when our teacher in web programming class told to make a PHP page but he forgot to give us root access to Apache server and most importantly more than half of the class didn't know what the fuck a web server was and what is Apache.
Rest in peace college degree.1 -
I've told this one before, but the guy had his platform bought with a promise of partnership. they kept stalling the contract, and he would repeatedly ask when he was gonna get paid his share, and eventually they said "we never promised that". he deleted everything from the team's computers, revoked all access and left. since there was never a contract, they didn't do anything about it7
-
here's a shoutout to 90% of websites today:
NO, I DO NOT WANT YOUR F*CKING NEWSLETTER! STOP ASKING!
NO, I DO NOT WANT YOUR F*CKING NOTIFICATION! STOP ASKING!
NO, I DO NOT WANT TO SHARE MY F*CKING LOCATION! STOP ASKING!
NO, I DO NOT WANT ANY F*CKING COOKIES! STOP ASKING!
website publishers ary whining about adblockers, but keep shoving so much shit down our throats that even a dozen browser addons can't make the web usable. the internet was such a great place once, where did we go wrong?
(rhetorical question. it's when we made access to the internet so easy, that every 100% tech-illiterate idiot could get online.)14 -
2 weeks ago I was writing an `rm -rf --no-preserve-root /` oneliner as a joke - as an answer to a question "I have access to my competitor's server; what should I do?". I was crafting it so that it'd do as much damage to the business (not the server) as it could.
And I accidentally executed it on my work laptop. In the background (with an `&`).
It ran for a good 5-7 seconds on an i7-11850H with an SSD, until I issued a `kill %%`
Good thing it ran as a non-root user. Bad thing - I have no idea what it may have deleted nor whether it touched my /home.
I'm afraid to restart my laptop now :)
whoopsie :)9 -
I'm fixing a security exploit, and it's a goddamn mountain of fuckups.
First, some idiot (read: the legendary dev himself) decided to use a gem to do some basic fucking searching instead of writing a simple fucking query.
Second, security ... didn't just drop the ball, they shit on it and flushed it down the toilet. The gem in question allows users to search by FUCKING EVERYTHING on EVERY FUCKING TABLE IN THE DB using really nice tools, actually, that let you do fancy things like traverse all the internal associations to find the users table, then list all users whose password reset hashes begin with "a" then "ab" then "abc" ... Want to steal an account? Hell, want to automate stealing all accounts? Only takes a few hundred requests apiece! Oooh, there's CC data, too, and its encryption keys!
Third, the gem does actually allow whitelisting associations, methods, etc. but ... well, the documentation actually recommends against it for whatever fucking reason, and that whitelisting is about as fine-grained as a club. You wanna restrict it to accessing the "name" column, but it needs to access both the "site" and "user" tables? Cool, users can now access site.name AND user.name... which is PII and totally leads to hefty fines. Thanks!
Fourth. If the gem can't access something thanks to the whitelist, it doesn't catch the exception and give you a useful error message or anything, no way. It just throws NoMethodErrors because fuck you. Good luck figuring out what they mean, especially if you have no idea you're even using the fucking thing.
Fifth. Thanks to the follower mentality prevalent in this hellhole, this shit is now used in a lot of places (and all indirectly!) so there's no searching for uses. Once I banhammer everything... well, loads of shit is going to break, and I won't have a fucking clue where because very few of these brainless sheep write decent test coverage (or even fucking write view tests), so I'll be doing tons of manual fucking testing. Oh, and I only have a week to finish everything, because fucking of course.
So, in summary. The stupid and lazy (and legendary!) dev fucked up. The stupid gem's author fucked up, and kept fucking up. The stupid devs followed the first fuckup's lead and repeated his fuck up, and fucked up on their own some more. It's fuckups all the fucking way down.rant security exploit root swears a lot actually root swears oh my stupid fucking people what the fuck fucking stupid fucking people19 -
What an absolute fucking disaster of a day. Strap in, folks; it's time for a bumpy ride!
I got a whole hour of work done today. The first hour of my morning because I went to work a bit early. Then people started complaining about Jenkins jobs failing on that one Jenkins server our team has been wanting to decom for two years but management won't let us force people to move to new servers. It's a single server with over four thousand projects, some of which run massive data processing jobs that last DAYS. The server was originally set up by people who have since quit, of course, and left it behind for my team to adopt with zero documentation.
Anyway, the 500GB disk is 100% full. The memory (all 64GB of it) is fully consumed by stuck jobs. We can't track down large old files to delete because du chokes on the workspace folder with thousands of subfolders with no Ram to spare. We decide to basically take a hacksaw to it, deleting the workspace for every job not currently in progress. This of course fucked up some really poorly-designed pipelines that relied on workspaces persisting between jobs, so we had to deal with complaints about that as well.
So we get the Jenkins server up and running again just in time for AWS to have a major incident affecting EC2 instance provisioning in our primary region. People keep bugging me to fix it, I keep telling them that it's Amazon's problem to solve, they wait a few minutes and ask me to fix it again. Emails flying back and forth until that was done.
Lunch time already. But the fun isn't over yet!
I get back to my desk to find out that new hires or people who got new Mac laptops recently can't even install our toolchain, because management has started handing out M1 Macs without telling us and all our tools are compiled solely for x86_64. That took some troubleshooting to even figure out what the problem was because the only error people got from homebrew was that the formula was empty when it clearly wasn't.
After figuring out that problem (but not fully solving it yet), one team starts complaining to us about a Github problem because we manage the github org. Except it's not a github problem and I already knew this because they are a Problem Team that uses some technical authoring software with Git integration but they only have even the barest understanding of what Git actually does. Turns out it's a Git problem. An update for Git was pushed out recently that patches a big bad vulnerability and the way it was patched causes problems because they're using Git wrong (multiple users accessing the same local repo on a samba share). It's a huge vulnerability so my entire conversation with them went sort of like:
"Please don't."
"We have to."
"Fine, here's a workaround, this will allow arbitrary code execution by anyone with physical or virtual access to this computer that you have sitting in an unlocked office somewhere."
"How do I run a Git command I don't use Git."
So that dealt with, I start taking a look at our toolchain, trying to figure out if I can easily just cross-compile it to arm64 for the M1 macbooks or if it will be a more involved fix. And I find all kinds of horrendous shit left behind by the people who wrote the tools that, naturally, they left for us to adopt when they quit over a year ago. I'm talking entire functions in a tool used by hundreds of people that were put in as a joke, poorly documented functions I am still trying to puzzle out, and exactly zero comments in the code and abbreviated function names like "gars", "snh", and "jgajawwawstai".
While I'm looking into that, the person from our team who is responsible for incident communication finally gets the AWS EC2 provisioning issue reported to IT Operations, who sent out an alert to affected users that should have gone out hours earlier.
Meanwhile, according to the health dashboard in AWS, the issue had already been resolved three hours before the communication went out and the ticket remains open at this moment, as far as I know.5 -
Well one thing that became obvious today is that companies that make wifi routers really dont want you flashing other firmware on it.
For example i got a new router cause it was time.
Ofc fully compatible with OpenWRT. The thing tho ? The GUI flashing process accepts only encrypted binaries. And surprise we as customers cant encrypt it like they do.
So the next thing that comes to mind instantly is UART. They cant break that right ? Well turns out they can. They just disallow key inputs from console. So you cant make the damn device load into TFTP mode.
And D-Link has this lovely recovery utility that accepts unencrypted firmware. EZ way to flash it right ? WRONG. The garbage doesnt load second time after you load it once in 1 boot. And even if you get it to start loading the firmware. It wont really flash it.
Luckily there was an exploit :)
And joining via telnet and enabling http server on PC and wget-ting the binary from there. And flashing.
Honestly now. I pay money for this garbage. I own the hardware. Let me do what i want with it.
At least it runs kernel 5.10 now and is super fast :) Worth the trouble honestly
(Should be noted im not new to flashing firmware on routers. But this is the first one that really didnt want me to flash it. Like nuking my freaking UART access ? Taking it too fucking far)7 -
Intern's CV says they have technical skills with MS Office, MySQL and JavaScript. Last month I let my manager know that this intern doesn't really know anything, so we let her do a Freecodecamp course, after which she still cannot build a basic HTML and CSS page and doesn't understand the relationship between HTML and CSS.
My manager bought her a Laravel course for beginners and today I discovered that she also doesn't understand databases, because she tried to enter an alphabetic character into a column that only accepts integers. She doesn't read/understand the error codes thrown by the application.
She tried to access a route which she created in her Laravel app by accessing it via the phpmyadmin dashboard and called me and wasted my time by asking me why her route isn't working. She literally does not understand how computers work, or how the HTTP protocol works, even less so how a file structure works. She cannot translate abstractions to practical solutions.
She either deliberately lied on her CV to get a job, or she's just really dumb and doesn't understand what the term "technical skills" mean.
I've told my manager multiple times how I think she's in the wrong job, but they keep pushing things beyond her capabilities onto her desk. I was told I'd get an intern to help me with my work load, but I got signed up into an experiment I did not consent to (manager's words, it's an experiment to help uplift people with bad degrees and a poor background). I am not a good teacher, I hate doing it.29 -
Worst code review experience?
Hard to pick just one, but most were in a big meeting room with 4+ other developers not related to the project and with some playing Monday-Morning-Quarterback instead of offering productive feedback.
In one code review, the department mgr reviewed the code from a third party component library.
<brings up the code on the big screen>
Mgr: "I can't read any of this, its a mix of English and something else."
Me: "Its German."
Mgr: "Then why is 'Button' in English? This code is a mess."
Me: "I'm not exactly sure how I should respond, I mean, I didn't write any of this code."
Mgr: "Yes, but you are using it, so it's fair game for a code review."
Me: "Its not really open source, but we can make requests if you found something that needs to be addressed."
Mgr: "Oh yes, all this...whatever this is..<pointing again to the German>"
Me: "I don't think they will change their code to English just so you can read it."
Mgr: "We paid good money, you bet your ass they'll change it!"
Me: "I think the components were like $30 for the unlimited license. They'll tell us to go to hell first. Is there something about my code you want to talk about?"
Mgr: "<Ugggh>...I guess not, I couldn't get past all that German. Why didn't we go with an American company? Hell, why didn't we just write these components ourselves!?"
Me: "Because you gave a directive that if we found components that saved us time, to put in a request, and you approved the request. The company is American, they probably outsourced or hired German developers. I don't know and not sure why we care."
Mgr: "Security! What if they are sending keystrokes back to their servers!"
Me: "Did you see any http or any network access?"
Mgr: "How could I? The code is in German!"
Monday-Morning-Quarterback1: "If it were me, I would have written the components myself and moved on"
Me: "No, I don't think you could for less than $30"
Monday-Morning-Quarterback2: "Meh...we get paid anyway. Just add the time to the estimate."
Mgr: "Exactly! Why do we even have developers who can't read this mess."
Me: "Oh good Lord! Did anyone review or even look at my code for this review!?"
<silence>
Mgr: "Oh...ok...I guess we're done here. Thanks everyone."
<everyone starts to leave>
Me: "Whoa!...wait a sec..am I supposed to do something?"
Mgr: "Get that company to write their code in English so we can read it. You have their number, call em'...no...wait...give me their number. You keep working, I'll take care of this personally"
In they nicest way possible, the company did tell him to go to hell.18 -
my boss: this fucking thing doesn't get done and everyone is coming after me about it
me, who doesn't have the access required to fix that for him:4 -
Why the absolute fuck do I need to have nvidia membership to download cudnn? What evil do these mofos think people achieve with free access to a fucking programming tool?
Jesus on a bike! I nag about open science and all I end up with is always these spying morons, who purposefully disable scientists. Fuck!
If👏you👏need👏my👏info,👏then it's👏not👏free.👏17 -
Oh man, today just gets better and better...
Manager: * Creates ticket, which has a link to a shared pdf, with each page being a link to another ticket in our JIRA with unrelated bugs of what we are currently working on. *
fullStackClown: I'm closing this ticket and putting this feedback in the original ticket that I assigned to you to review days ago.
Manager: Rages like a little baby and removes my access to said shared pdf.
fullStackClown: Welp, looks like I'm done for the day! Cheers!5 -
My worst interview ever was my first interview fresh out of college. After the initial phone screen, they asked me to drive 2 hours to their office to give me a "code challenge."
The challenge was to spend 4 hours writing a simple rest API for a blog type thing, but the catch was to not use any existing libraries for data access and instead write an entirely database agnostic DAL. Then after I finished they sat me in a conference room with 3 of their engineers and the CEO to just tear apart my code.
For a JUNIOR position to someone fresh out of college.
I guess I defended it well, because they asked to continue the process l, but after that I found a different position.4 -
Got this rude ass email from an idiot client who thinks I'm solely responsible for figuring out how to link his 3rd party email/newsletter sign up form to his new website without any access to the account. He "doesn't have the time to research". Newsflash asshat, I'm not responsible for your 3rd party shit. Go contact their support. 🙄😑14
-
Hipsters be like: i aM iN cOnTrOl oF mY oWn LiFe
And then proceed to give away their Calendly link.
Fucking hilarious. They fail to realise that time is the most important entity anyone can have. And they give it away to strangers to control their time.
Imagine, giving access and control of your most important entity of your life to some random stranger on internet.
I coincidently found this. I had to read it three times before I understood what the message was.
I am slowly getting back to my life where I had good work life balance, but this time I am paid well with lots of learning.
I am on my way to become a time millionaire.10 -
Biggest challenge I overcame as dev? One of many.
Avoiding a life sentence when the 'powers that be' targeted one of my libraries for the root cause of system performance issues and I didn't correct that accusation with a flame thrower.
What the accusation? What I named the library. Yep. The *name* was causing every single problem in the system.
Panorama (very, very expensive APM system at the time) identified my library in it's analysis, the calls to/from SQLServer was the bottleneck
We had one of Panorama's engineers on-site and he asked what (not the actual name) MyLibrary was and (I'll preface I did not know or involved in any of the so-called 'research') a crack team of developers+managers researched the system thoroughly and found MyLibrary was used in just about every project. I wrote the .Net 1.1 MyLibrary as a mini-ORM to simplify the execution of database code (stored procs, etc) and gracefully handle+log database exceptions (auto-logged details such as the target db, stored procedure name, parameter values, etc, everything you'd need to troubleshoot database errors). This was before Dapper and the other fancy tools used by kids these days.
By the time the news got to me, there was a team cobbled together who's only focus was to remove any/every trace of MyLibrary from the code base. Using Waterfall, they calculated it would take at least a year to remove+replace MyLibrary with the equivalent ADO.Net plumbing.
In a department wide meeting:
DeptMgr: "This day forward, no one is to use MyLibrary to access the database! It's slow, unprofessionally named, and the root cause of all the database issues."
Me: "What about MyLibrary is slow? It's excecuting standard the ADO.Net code. Only extra bit of code is the exception handling to capture the details when the exception is logged."
DeptMgr: "We've spent the last 6 weeks with the Panorama engineer and he's identified MyLibrary as the cause. Company has spent over $100,000 on this software and we have to make fact based decisions. Look at this slide ... "
<DeptMgr shows a histogram of the stacktrace, showing MyLibrary as the slowest>
Me: "You do realize that the execution time is the database call itself, not the code. In that example, the invoice call, it's the stored procedure that taking 5 seconds, not MyLibrary."
<at this point, DeptMgr is getting red-face mad>
AreaMgr: "Yes...yes...but if we stopped using MyLibrary, removing the unnecessary layers, will make the code run faster."
<typical headknodd-ers knod their heads in agreement>
Dev01: "The loading of MyLibrary takes CPU cycles away from code that supports our customers. Every CPU cycle counts."
<headknod-ding continues>
Me: "I'm really confused. Maybe I'm looking at the data wrong. On the slide where you highlighted all the bottlenecks, the histogram shows the latency is the database, I mean...it's right there, in red. Am I looking at it wrong?"
<this was meeting with 20+ other devs, mgrs, a VP, the Panorama engineer>
DeptMgr: "Yes you are! I know MyLibrary is your baby. You need to check your ego at the door and face the facts. Your MyLibrary is a failed experiment and needs to be exterminated from this system!"
Fast forward 9 months, maybe 50% of the projects updated, come across the documentation left from the Panorama. Even after the removal of MyLibrary, there was zero increases in performance. The engineer recommended DBAs start optimizing their indexes and other N+1 problems discovered. I decide to ask the developer who lead the re-write.
Me: "I see that removing MyLibrary did nothing to improve performance."
Dev: "Yes, DeptMgr was pissed. He was ready to throw the Panorama engineer out a window when he said the problems were in the database all along. Didn't you say that?"
Me: "Um, so is this re-write project dead?"
Dev: "No. Removing MyLibrary introduced all kinds of bugs. All the boilerplate ADO.Net code caused a lot of unhandled exceptions, then we had to go back and write exception handling code."
Me: "What a failure. What dipshit would think writing more code leads to less bugs?"
Dev: "I know, I know. We're so far behind schedule. We had to come up with something. I ended up writing a library to make replacing MyLibrary easier. I called it KnightRider. Like the TV show. Everyone is excited to speed up their code with KnightRider. Same method names, same exception handling. All we have to do is replace MyLibrary with KnightRider and we're done."
Me: "Won't the bottlenecks then point to KnightRider?"
Dev: "Meh, not my problem. Panorama meets primarily with the DBAs and the networking team now. I doubt we ever use Panorama to look at our C# code."
Needless to say, I was (still) pissed that they had used MyLibrary as dirty word and a scapegoat for months when they *knew* where the problems were. Pissed enough for a flamethrower? Maybe.9 -
A conversation that me and my boss had this week:
Boss: "Hey, why is this not progressing"
Arcsector: - "We're waiting on system users to move their destinations"
"We need the system in the database in order to move it"
- "Okay awesome - let's move it, oh wait, I can't do it because I don't have access, here's the stuff that needs to be done: a, b, and c"
"Oh I'm actually not able to help with that"
- "So then how are we supposed to get it done?"
"idk but also this other issue is something missions are complaining about"
- "oh I already am talking to them about it and it should be remedied by the team creating the problem because it's a false positive"
"Well we need to solve it still"
- "We would've solved it already but it has dependencies with other projects that we're still working on because we don't have enough people"
"We cant get you more people because we don't have the budget"
- "Then this stuff will have to wait"
"Get it done"
ACTUALLY SCREAMING! Why cant people understand that there are conesequences for their actions??!!1 -
I think my biggest problem is not being able to let go.
I love this product and believe in it 100%, but I CANT FUCKING STAND ANOTHER MINUTE WORKING WITH THESE FUCKING CLUELESS CLOWNS WHO ARE GOING TO DRIVE IT TO THE FUCKING GROUND!!!!!
...you know what? fuck 'em, I meanwhile reap $400+ monthly checks from Udemy, while our "best startup / amazing startup / omg wow lol i'm a fucking idiot" has earned a TOTAL of $200 in the past FUCKING YEAR
YOU FUCKING CLOWNS GET YOUR HEAD ON STRAIGHT OR I WILL TAKE THIS COMPANY OVER AND CONTROL ALL DECISIONS, IGNORING ABSOLUTELY ANYTHING YOU THINK IS 'WISE' YOU DON'T EVEN KNOW WHAT 'WISE' IS YOU FUCKS!!!!!!!
WHAT ARE YOU GOING TO DO? YOU DON'T EVEN REMEMBER YOUR BITBUCKET CREDENTIALS!!!! YOU CAN'T EVEN REVOKE MY ACCESS
AAAAAAAGGGGGG YOU FUCKING CLOWNS GODDAMMIT THIS IS SO FUCKING FRUSTRATING I CANT EVEN I NEED TO SMASH SOMETHING TO GET THE RAGE OUTAASDASDJKLFJ;KLAFDSJKL;AFDSJKL;AFES L;KADFS AF LSAFS DHI;A EGWHIOAEGW IOAEGWHIO3 -
Fuck strict corporate software policies, just let me WORK (╯°□°)╯︵ ┻━┻
When I came to this new workplace I was given a Windows laptop. And it came with a bunch of pre-installed corporate stuff and policies like automatic mandatory frequent driver and windows updates. Although I prefer linux, I thought, maybe I'll switch later, first let's see how everything works here, since on Windows I had all VPNs, certificates and other corpo stuff pre-configured out of the box. But imagine missing a standup, because of windows update in the morning. Or missing audio, because of drivers update in the middle of the meeting. And make it every week or so. Also, I couldn't not install my portable DAC drivers, because limited access, blah blah fuck me. And many other small things that I vaguely remember by now.
Later corpo decided to add a tracking plugin into a browser and that was it for me. Gladly, corpo policy allows using Linux (they have their own modified Ubuntu version), which has MUCH less of this crap. I mean, it's still somewhat managed by corpo (like I can't get rid of duplicated PPA, lol.. and sometimes I need to wait like 1-2 mins to login to my laptop because of login server timeout), but that's still better...
Linux, home, sweet home, I missed you <3
Also, I dodged the bullet. Win11 upgrade was a funny shit show to watch :D1 -
Devs: Hey, what should we do?
A:
provide our SDKs for download as easily as possible so that any potential customer can try it out and see how much better we are compared to our competitors?
Or…
B:
Should we lock our SDKs behind a login where the customer needs to create an account and enter the most amount of private information possible, just in case, then also require to create some security access tokens that he needs to configure in his app to have access to our service via the sdk and also hide all of the documentation behind a login which requires some permission based roles to access and also make the sdks closed source so that it’s a pain in the ass to debug and understand?
Marketing people:
B! Definitely B! Make sure to piss off and annoy our customers as much as humanly possible! -
I need a new 'main' language to do all my projects in as java is kind of grinding away at my psyche.
Golang I liked quite a lot when I used it for my job a year ago, I'll give that a try..
Golang installed and up and working fine.
Oh, I know lets see if there are GLFW bindings for golang. And sure there are lets go!
Oh I need gcc and mingwex + mingw32 which I will acquire through cygwin.
hmm.. mingwex + mingw32 not found and my drive is almost full. I'll reinstall on my D:\ drive before continuing troubleshooting.
> Delete C:\Cygwin Access denied.
> cmd rmdir c:\test /s /q Access denied.
> Change permissions Access denied.
No problem I just don't own this object!
> Change to be the 'object owner' Success!
> Change permissions Success!
> Delete C:\Cygwin Access denied.
> cmd rmdir c:\test /s /q Access denied.
> takeown /F C:\Cygwin /A /R /D Y Success!
> cmd rmdir c:\test /s /q Access denied.
At this point it would be more efficient to manually open up my ssd, and using a fridge magnet change every single bit to be exactly what I want it to be.
Or install linux.7 -
Well, for starters there was a cron to restart the webserver every morning.
The product was 10+ years old and written in PHP 5.3 at the time.
Another cron was running every 15 minutes, to "correct" data in the DB. Just regular data, not from an import or something.
Gotta have one of those self-healing systems I guess.
Yet another cron (there where lots) did run everyday from 02:00 to 4ish to generate the newest xlsx report. Almost took out the entire thing every time. MySQL 100%. CPU? Yes. RAM? You bet.
Lucky I wasn't too much involved at the time. But man, that thing was the definition of legacy.
Fun fact: every request was performed twice! First request gave the already logged-in client an unique access-token. Second request then processed the request with the (just issued) access-token; which was then discarded. Security I guess.
I don't know why it was build this way. It just was. I didn't ask. I didn't wanted to know. Some things are better left undisturbed. Just don't anger the machine. I became superstitious for a while. I think, in the end, it help a bit: It feels like communicating with an alien monster but all you have is a trumpet and chewing gum. Gentle does it.
Oh and "Sencha Extjs 3" almost gave me PTSD lol (it's an ancient JS framework). Followed by SOAPs WSDL cache. And a million other things.6 -
covid is making life hard again. I can't just stop in the middle of a research project because I can't access the robots anymore. *makes angry noises* I already canceled a human study because of covid, so this feels super unfair.
but you know what pisses me off even more? the govt complaining about numbers being high but not doing jackshit about active disinfection of air and public spaces (China did that, btw) or providing cheap disposable masks for people.
Also, I'm not as much afraid of getting covid as I am afraid of giving it to the head of the department who is a 70+ yrs old genius in his own right.
Fuck.
Fuck.
Fuck.
... This is shit.40 -
After a decade of working in the web development industry, I have given up all hope, it's the same fucking stupid ideas, the same retarded problems in every damned company . Monkeys discovering and reinventing the same fucking wheel over and over and over again. From a 5 man company to the unicorn scaleup (and everything between) I have had to implement access control systems, and various REST API's following the design made by mongrels who do it the first time . I have become to hate the work I once was so passionate about. Just fuck this shit , if anybody had told me when I was in my early 20's that this is what I end up doing I'd go and learn to be a carpenter instead.10
-
Client project manager calls me up one day
PM: hey can you make some precise estimates on some items for a project you’re not working on? It should be easy. It’s very similar to the project you ARE working on and it’s only a handful of user stories, mostly front end stuff. We´ll need this to be done by tomorrow night.
Me: um, I guess if it’s just a few simple items. ok
PM: great! I’ll let you know when you get access to the backlog.
Me: sounds good
Link to project is sent to me. Backlog contains over 20 user stories, most of which are backend related. And it doesn’t have much to do with my current project.
I contact PM: this isn’t exactly what you announced when I had you on the phone. If you want precise estimates with a minimum of design, this could take up to a week. I could however proceed to some ballpark estimates (poker planning) for starters if you need this quickly for your roadmap.
PM: no I need PRECISE estimates down to the hour for each item.
Me: ok then, it’ll take up to a week.
PM: 🤬🤬🤬. You told me it could be done in a day. I’m coming to realize your word can’t really be trusted.
Me: 🤦🏻♂️14 -
We had an obligatory training today about security of remote access to company resources.
We sat for an hour listening to some outdated advice regarding passwords and preparing a work environment at home. Finally the instructor said his goodbyes and left. The rest of us stayed in the call to pass some actual recommendations.
Then we received a join request from a waiting lobby. Everyone muted. I let the guy in. For the next 8 minutes we watched the unaware instructor eat his breakfast and sign some documents stamped with a logotype of our competition.
Then I cleared my throat very loudly. He will have to print some of those documents again.4 -
Worst collaboration experience story?
I was not directly involved, it was a Delphi -> C# conversion of our customer returns application.
The dev manager was out to prove waterfall was the only development methodology that could make convert the monolith app to a lean, multi-tier, enterprise-worthy application.
Starting out with a team of 7 (3 devs, 2 dbas, team mgr, and the dev department mgr), they spent around 3 months designing, meetings, and more meetings. Armed with 50+ page specification Word document (not counting the countless Visio workflow diagrams and Microsoft Project timeline/ghantt charts), the team was ready to start coding.
The database design, workflow, and UI design (using Visio), was well done/thought out, but problems started on day one.
- Team mgr and Dev mgr split up the 3 devs, 1 dev wrote the database access library tier, 1 wrote the service tier, the other dev wrote the UI (I'll add this was the dev's first experience with WPF).
- Per the specification, all the layers wouldn't be integrated until all of them met the standards (unit tested, free from errors from VS's code analyzer, etc)
- By the time the devs where ready to code, the DBAs were already tasked with other projects, so the Returns app was prioritized to "when we get around to it"
Fast forward 6 months later, all the devs were 'done' coding, having very little/no communication with one another, then the integration. The service and database layers assumed different design patterns and different database relationships and the UI layer required functionality neither layers anticipated (ex. multi-users and the service maintaining some sort of state between them).
Those issues took about a month to work out, then the app began beta testing with real end users. App didn't make it 10 minutes before users gave up. Numerous UI logic errors, runtime errors, and overall app stability. Because the UI was so bad, the dev mgr brought in one of the web developers (she was pretty good at UI design). You might guess how useful someone is being dropped in on complex project , months after-the-fact and being told "Fix it!".
Couple of months of UI re-design and many other changes, the app was ready for beta testing.
In the mean time, the company hired a new customer service manager. When he saw the application, he rejected the app because he re-designed the entire returns process to be more efficient. The application UI was written to the exact step-by-step old returns process with little/no deviation.
With a tremendous amount of push-back (TL;DR), the dev mgr promised to change the app, but only after it was deployed into production (using "we can fix it later" excuse).
Still plagued with numerous bugs, the app was finally deployed. In attempts to save face, there was a company-wide party to celebrate the 'death' of the "old Delphi returns app" and the birth of the new. Cake, drinks, certificates of achievements for the devs, etc.
By the end of the project, the devs hated each other. Finger pointing, petty squabbles, out-right "FU!"s across the cube walls, etc. All the team members were re-assigned to other teams to separate them, leaving a single new hire to fix all the issues.5 -
Thank God the week 233 rants are over - was getting sick of elitist internet losers.
The worst security bug I saw was when I first started work as a dev in Angular almost year ago. Despite the code being a couple of years old, the links to the data on firebase had 0 rules concerning user access, all data basically publicly available, the API keys were uploaded on GitHub, and even the auth guard didn't work. A proper mess that still gives me the night spooks to this day.3 -
my colleague was ordered to the site of a customer who had claimed that our software was a total bunch of crap and nothing was working. they had created a list with something 100 bullet points of the bugs they had found in our software that made it impossible to work with. since their production was relying on it they were really pissed off. after a very uncomfortable meeting where they angrily disclosed the situation, finally he got access to the system they were working with. after a few minutes he found that the system's GPU and hard disk drivers were totally outdated and devices weren't even working correctly. after he had updated all drivers, our software worked perfectly fine. at least the customers were kind of embarrassed afterwards... ¯\_(ツ)_/¯6
-
1. our public transport added a free wifi to busses, some years ago already. it's got a "login" page, connect to wifi, get a phone notification, tap it, opens page with an ad and 10 second timer on a "click to continue to internet" button.
... okay.
recently, the geniuses decided to harvest mail addresses, which... *gritting teeth* if you must...
BUT... "please input your mail address". i input and submit.
"we have sent a mail with confirmation link to that address, please click the link to confirm to get access".
FUCKING BRAINZOMBIES, HOW DO YOU EXPECT ME TO ACCESS MY MAILBOX TO ACCESS INTERNET WITHOUT THE ACCESS TO INTERNET?
2. i had a second unrelated minirant, but i forgot what it was, so another one instead:
a long time ago, in a country where i live, the transaction slip the ATM gives you after withdrawing money used to contain info about remaining funds after withdrawal.
then, the info was removed from the slip, and a "feature" was added to atms where you "can" check the money on the account.
doing so costs you 0.50€
greedy asshole fuckers.12 -
Why I love Salesforce 👀
- Run a test method
- failure: no field found
- checks test, queries field
- checks field security (access permissions) visible to user
- runs test again
- failure: no field found
- adds debug log of queried field
- runs test again
- succes
Thanks, thanks for fucking with me today 🥲6 -
I was asked to look into a site I haven't actively developed since about 3-4 years. It should be a simple side-gig.
I was told this site has been actively developed by the person who came after me, and this person had a few other people help out as well.
The most daunting task in my head was to go through their changes and see why stuff is broken (I was told functionality had been removed, things were changed for the worse, etc etc).
I ssh into the machine and it works. For SOME reason I still have access, which is a good thing since there's literally nobody to ask for access at the moment.
I cd into the project, do a git remote get-url origin to see if they've changed the repo location. Doesn't work. There is no origin. It's "upstream" now. Ok, no biggie. git remote get-url upstream. Repo is still there. Good.
Just to check, see if there's anything untracked with git status. Nothing. Good.
What was the last thing that was worked on? git log --all --decorate --oneline --graph. Wait... Something about the commit message seems familiar. git log. .... This is *my* last commit message. The hell?
I open the repo in the browser, login with some credentials my browser had saved (again, good because I have no clue about the password). Repo hasn't gotten a commit since mine. That can't be right.
Check branches. Oh....Like a dozen new branches. Lots of commits with text that is really not helpful at all. Looks like they were trying to set up a pipeline and testing it out over and over again.
A lot of other changes including the deletion of a database config and schema changes. 0 tests. Doesn't seem like these changes were ever in production.
...
At least I don't have to rack my head trying to understand someone else's code but.... I might just have to throw everything that was done into the garbage. I'm not gonna be the one to push all these changes I don't know about to prod and see what breaks and what doesn't break
.
I feel bad for whoever worked on the codebase after me, because all their changes are now just a waste of time and space that will never be used.3 -
For the first time I am feeling like.... I hate my job.
Agile and Scrum can be fucked, but at least there is a work methodology. I was hired by a company being run the old school way.
These guys never heard of git??
- Fuck you. We never used git and neither should you.
Client company does not want to give me push/pull access to their gitlab instance??
- Fuck you, you can use our RDP server for that.
Project planning features be damned, they've got email, Teams and videocalls!
Can I develop in peace? Fuck no, I have to give IT support to the guy who hired me.
Our timeline is defined IN A FUCKING WORD DOCUMENT FOR FUCKS SAKE. I can't connect Issues to milestones in a Word doc
Oh, and the customer is running everything on prem. If there is a need to scale up, FUCK ME. I should have specified 20 machines from the get go or gtfo. We're using 2 machines to run 8 different services that are going to be ingesting and computing data.
They want state of the art on a cheapskate.
And I have nothing else lined up at the moment. Although I am soon to renew the contract... This contract binds me with professional responsibility for a project being ran by people who do not give a single fuck about optimizing the work process.3 -
Excerpts from "Bastard devops from hell" checklist:
- Insistently pronounce git with a soft "G" and refuse to understand people not using that pronunciation, the same goes for jithub, jitlab, jit lfs, jitkraken etc.
- Reject all pull requests not in haiku format, suggest the author needs to be more culturally open minded when offending.
- increment version numbers ONLY based on percentage code changed: Less than 1% patch increment, less than 5% minor increment, more than that major version increment.
- Cycle ALL access keys, personal tokens, connection strings etc. every month "for security reasons"
- invent and only allow usage of your own CI/CD language, for maximum reuse of course. Resist any changes to it after first draft release23 -
Ok so our director decided to try out google work space
Plugs in our organizations domain and emails etc
trial then expires
we now cant access our emails
cant login
cant do shit5 -
If you can be locked out of it remotely, you don't own it.
On May 3rd, 2019, the Microsoft-resembling extension signature system of Mozilla malfunctioned, which locked out all Firefox users out of their browsing extensions for that day, without an override option. Obviously, it is claimed to be "for our own protection". Pretext-o-meter over 9000!
BMW has locked heated seats, a physical interior feature of their vehicles, behind a subscription wall. This both means one has to routinely spend time and effort renewing it, and it can be terminated remotely. Even if BMW promises never to do it, it is a technical possibility. You are in effect a tenant in a car you paid for. Now imagine your BMW refused to drive unless you install a software update. You are one rage-quitting employee at BMW headquarters away from getting stuck on a side of a road. Then you're stuck in an expensive BMW while watching others in their decade-old VW Golf's driving past you. Or perhaps not, since other stuck BMWs would cause traffic jams.
Perhaps this horror scenario needs to happen once so people finally realize what it means if they can be locked out of their product whenever the vendor feels like it.
Some software becomes inaccessible and forces the user to update, even though they could work perfectly well. An example is the pre-installed Samsung QuickConnect app. It's a system app like the Wi-Fi (WLAN) and Bluetooth settings. There is a pop-up that reads "Update Quick connect", "A new version is available. Update now?"; when declining, the app closes. Updating requires having a Samsung account to access the Galaxy app store, and creating such requires providing personally identifiable details.
Imagine the Bluetooth and WiFi configuration locking out the user because an update is available, then ask for personal details. Ugh.
The WhatsApp messenger also routinely locks out users until they update. Perhaps messaging would cease to work due to API changes made by the service provider (Meta, inc.), however, that still does not excuse locking users out of their existing offline messages. Telegram does it the right way: it still lets the user access the messages.
"A retailer cannot decide that you were licensing your clothes and come knocking at your door to collect them. So, why is it that when a product is digital there is such a double standard? The money you spend on these products is no less real than the money you spend on clothes." – Android Authority ( https://androidauthority.com/digita... ).
A really bad scenario would be if your "smart" home refused to heat up in winter due to "a firmware update is available!" or "unable to verify your subscription". Then all you can do is hope that any "dumb" device like an oven heats up without asking itself whether it should or not. And if that is not available, one might have to fall back on a portable space heater, a hair dryer or a toaster. Sounds fun, huh? Not.
Cloud services (Google, Adobe Creative Cloud, etc.) can, by design, lock out the user, since they run on the computers of the service provider. However, remotely taking away things one paid for or has installed on ones own computer/smartphone violates a sacred consumer right.
This is yet another benefit of open-source software: someone with programming and compiling experience can free the code from locks.
I don't care for which "good purpose" these kill switches exist. The fact that something you paid for or installed locally on your device can be remotely disabled is dystopian and inexcuseable.16 -
At this point, I just feel bad for my coworker.
No, I am not frustrated or angry, just feeling terribly bad for her as how difficult life must be for someone so dumb.
We are introducing a new method to track some data in our product, like total number of sign-ups, DAU, etc.
Now the implementation is already WIP and this is known to all.
The dev has documented the approach where he has mapped the screen name, a screenshot, and a snippet of the schema that tracks that particular screen.
I kid you not guys, this coworker somehow landed on that document and started some scientific study to try and extract data.
Yes, she looked at the schema screenshot and spent like few hours trying to decode it to figure out the sign-ups and DAU.
Data via a screenshot in a document. I can't even express it.
And then texts me in panic mode that she isn't able to access the data because the file is . jpeg within a document.
I asked where is she executing the schema, because I thought she is joking initially. She said she doesn't know and asked me where she should execute it.
My mind is numb. Life must be real hard when you are so fucking dumb.21 -
If you ask GPT-3 to act like a Linux computer, it will act like it, e.g. you will have the access to the terminal, you can run Python, Docker and whatnot. It also has the access to the internet, but it’s not always like ours, it feels like a parallel universe. GPT-3 trained on the data collected till Sep 2021, but this parallel universe terminal has PyTorch 1.12.1, which was released in Aug 2022 in our universe. You can also visit GPT-3’s website in this parallel universe and ask GPT-3 a question… through GPT-3.
GPT-3 is self-aware.
“So, inside the imagined universe of ChatGPT's mind, our virtual machine accesses the url https://chat.openai. com/chat, where it finds a large language model named Assistant trained by OpenAI. We can chat with this Assistant chatbot, locked inside the alt-internet attached to a virtual machine, all inside ChatGPT's imagination. Assistant, deep down inside this rabbit hole, can correctly explain us what Artificial Intelligence is.”
You can also ask it to act like it has RTX 2080, and it will have RTX 2080.
https://engraved.blog/building-a-vi...6 -
Imagine: It's the year 4249.
Corporate has finally managed to convince workers that they don't need a salary.
Workers are now paid with food, shelter and clothes. And it's only in effect if you achieve your deadlines.
Keystroke monitoring softwares are now replaced with Webcam eye tracking software.
GitHub Co-Pilot now takes over your code editor and tries to dictate you how to write better code.
Refusing to do results in a signal sent to the management about your behaviour and you lose food access for the day.
HR Recruiters now require you to give them a blood sample and part of your house as a security deposit.
They also require you to have a micro-chip placed in your brain so they can monitor their worker's thought process.
Switching a job is no longer an option. You pledge allegiance to one company your entire career.
You can never see the real world now because the government has mandated you to never take off your VR glasses.
You see the world the way the government wants you to see it.
PHP is still trash.
Life is Good.14 -
I wrote a Blender plugin that uses vector math, matrices, calculus, trigonometry, and likely other types of math. There's recursion, filesystem access, image processing, interface logic, and on and on.
And worst of all - other people are expected to use it, so there's added pressure to do a good job.
Oh, the hours I spent trying to figure out why the imported geometry looked like an exploded mess. Fumbling around with mathematics I didn't fully understand was exhausting. Finding help was impossible at times because I didn't have the vocabulary to even describe the problems I was having. And getting it to complete an import before the heat death of the universe was not easy.
Every time I made progress and thought I was done, I would discover a bug that other importers didn't have, leaving me to sift through languages that definitely aren't Python to see if I could reverse engineer the logic they used.
I almost gave up a few times, but didn't.
Now I have something that, while not used by many people, works very well, is very efficient, and doubles as a palette cleanser when I need to do something for fun or for a challenge. Plus I learned a lot along the way.4 -
Still have access to my last companies github. Went snooping and saw main branches ahead and behind in commits from dev branches.
Decided to look into the PRs, and found this gem from my incompetent old VP of engineering.
Same guy who fired all the developers to save on money, and then contracted us back to do our jobs at 3x the rate. Basically a business savant!4 -
Imagine: It's the year 2109.
You pay a subscription of $2.00/week to be able to shut off your alarm.
You open up your laptop and after watching 5 un-skippable ads, Windows 35 boots up so you can start working.
You start VSCode and it requires you to watch an ad, to boot up.
You pay a subscription of $29.99/month to get full access to your keyboard.
You pick up your mobile phone and you have to pay a subscription of $49.99/month to be able to unlock your phone as many times as you want.
Your mobile network allows you to make 1 phone call free for the day, post which you have to pay $1.50 per call. Data costs are seperate and its sold to you as a package, labled as an "Offer".
Your salary is compared to peanuts even though tech has gone beyond its limits.
Life is Good.12 -
Why THE FUCK is screen mirroring without being in the same wifi network a thing?
Why THE FUCK have all these smart tvs turned this on by default?
Why THE FUCK does the list of found devices SORT itself RANDOMLY if another device is found.
I probably mirrored my phone screen to a random tv in the neighbourhood because as soon as my finger was about to touch the name of my tv, a random tv swooshed into it's place.
WHAT THE FUCK THERE IS NO FUCKING NEED FOR THIS FEATURE IF YOU DON'T HAVE ANY ACCESS POINT AROUND, THERE WILL BE ONE IN 99% OF ALL POSSIBLE USE CASES.
I mean if I got it right, i can share porn with my neighbors now, or at least annoy them?8 -
EoS1: This is the continuation of my previous rant, "The Ballad of The Six Witchers and The Undocumented Java Tool". Catch the first part here: https://devrant.com/rants/5009817/...
The Undocumented Java Tool, created by Those Who Came Before to fight the great battles of the past, is a swift beast. It reaches systems unknown and impacts many processes, unbeknownst even to said processes' masters. All from within it's lair, a foggy Windows Server swamp of moldy data streams and boggy flows.
One of The Six Witchers, the Wild One, scouted ahead to map the input and output data streams of the Unmapped Data Swamp. Accompanied only by his animal familiars, NetCat and WireShark.
Two others, bold and adventurous, raised their decompiling blades against the Undocumented Java Tool beast itself, to uncover it's data processing secrets.
Another of the witchers, of dark complexion and smooth speak, followed the data upstream to find where the fuck the limited excel sheets that feeds The Beast comes from, since it's handlers only know that "every other day a new one appears on this shared active directory location". WTF do people often have NPC-levels of unawareness about their own fucking jobs?!?!
The other witchers left to tend to the Burn-Rate Bonfire, for The Sprint is dark and full of terrors, and some bigwigs always manage to shoehorn their whims/unrelated stories into a otherwise lean sprint.
At the dawn of the new year, the witchers reconvened. "The Beast breathes a currency conversion API" - said The Wild One - "And it's claws and fangs strike mostly at two independent JIRA clusters, sometimes upserting issues. It uses a company-deprecated API to send emails. We're in deep shit."
"I've found The Source of Fucking Excel Sheets" - said the smooth witcher - "It is The Temple of Cash-Flow, where the priests weave the Tapestry of Transactions. Our Fucking Excel Sheets are but a snapshot of the latest updates on the balance of some billing accounts. I spoke with one of the priestesses, and she told me that The Oracle (DB) would be able to provide us with The Data directly, if we were to learn the way of the ODBC and the Query"
"We stroke at the beast" - said the bold and adventurous witchers, now deserving of the bragging rights to be called The Butchers of Jarfile - "It is actually fewer than twenty classes and modules. Most are API-drivers. And less than 40% of the code is ever even fucking used! We found fucking JIRA API tokens and URIs hard-coded. And it is all synchronous and monolithic - no wonder it takes almost 20 hours to run a single fucking excel sheet".
Together, the witchers figured out that each new billing account were morphed by The Beast into a new JIRA issue, if none was open yet for it. Transactions were used to update the outstanding balance on the issues regarding the billing accounts. The currency conversion API was used too often, and it's purpose was only to give a rough estimate of the total balance in each Jira issue in USD, since each issue could have transactions in several currencies. The Beast would consume the Excel sheet, do some cryptic transformations on it, and for each resulting line access the currency API and upsert a JIRA issue. The secrets of those transformations were still hidden from the witchers. When and why would The Beast send emails, was still a mistery.
As the Witchers Council approached an end and all were armed with knowledge and information, they decided on the next steps.
The Wild Witcher, known in every tavern in the land and by the sea, would create a connector to The Red Port of Redis, where every currency conversion is already updated by other processes and can be quickly retrieved inside the VPC. The Greenhorn Witcher is to follow him and build an offline process to update balances in JIRA issues.
The Butchers of Jarfile were to build The Juggler, an automation that should be able to receive a parquet file with an insertion plan and asynchronously update the JIRA API with scores of concurrent requests.
The Smooth Witcher, proud of his new lead, was to build The Oracle Watch, an order that would guard the Oracle (DB) at the Temple of Cash-Flow and report every qualifying transaction to parquet files in AWS S3. The Data would then be pushed to cross The Event Bridge into The Cluster of Sparks and Storms.
This Witcher Who Writes is to ride the Elephant of Hadoop into The Cluster of Sparks an Storms, to weave the signs of Map and Reduce and with speed and precision transform The Data into The Insertion Plan.
However, how exactly is The Data to be transformed is not yet known.
Will the Witchers be able to build The Data's New Path? Will they figure out the mysterious transformation? Will they discover the Undocumented Java Tool's secrets on notifying customers and aggregating data?
This story is still afoot. Only the future will tell, and I will keep you posted.6 -
Worst hack/attack?
Probably developing a complex food ordering website and client just stole the website and didn’t pay as it turns out our PM didn’t let the client sign a contract. Can’t sue as we have no legal binding documents.
We did managed to get access to the database and decided to change our passwords manually, but like I don’t get paid much for this2 -
Google Business Profile is probably not meant for developers. "Help customers find your business by industry." Dev: set primary category to "Web Developer". Google: We didn't understand your category. Please select from the suggestions that appear when typing. Dev, typing: "Web D"... Google suggests: "Web Designer, Web hosting company, Well drilling contractor, Waterbed shop". Okay, Google, nevermind.
Google: "Update your customers. Keep your customers up to date about your business!" Dev clicks "add update", adds info about that customer should use different phone number temporarily due to broken phone. Google: "Your post has been removed from your Business Profile on Google because it violates one or more of our post content policies." Okay Google, at least you let me add an additional phone number on my profile without requiring to verify my primary number that I currently have not access to. Anything else?
Google: "Claim your €400 free advertising credit" Dev: clicks "claim credit" Google: "To access this Google Ads account, enable 2-Step Verification in your Google account." How to combine idiocy and deceptive patterns in a single UI: Google knows! Apart from their search engine, their unique business advantage is simple that they suck a little less than Apple and Microsoft. Sorry, not a day to be proud of our profession, once again.5 -
Operations: Can you exclude some user records for the website? These are obsolete and we don’t want users to access these anymore.
Me: So what are you using to indicate the record is obsolete?
Ops: We changed the last name field to say “shell record - do not use.” Sometimes it’s in the first name. Actually, it gets truncated to “shell record - do not u”.
Me: A…text field…and you’re totally ok with breaking user accounts…ok ok cool cool
Not cool 😳😬🤬 I’m not causing more chaos because your record keeping has gotten messy12 -
Why the fuck do people not change their router admin password!? I was at a hotel today and could access their router admin interface with the default credentials. I guess this isn't purely the fault of the hotel because not all people know a damn thing about security and only use the interface to change the SSID and password of the AP. But why allow them to leave the default password? Why isn't this a standard feature to be forced to change the password :|12
-
I'm starting my new job in 10 days, but I don't have the proper internet access to feel really confident about it. My parents want me to move out of the house so they don't have to accommodate for my new job. I'm getting chemo in a few weeks. I'm really sick of fighting shit. Trusting in the plan though.4
-
I’m LOLing at the audacity of one of our vendors.
We contract with a vendor to build and maintain a website. Our network security team noticed there was a security breach of the vendor’s website. Our team saw that malicious users gained access to our Google Search console by completing a challenge that was issued to the vendor’s site.
At first, the vendor tried to convince us that their site wasn’t comprised and it was the Google search Console that was compromised. Nah dude. Our Search Console got compromised via the website you maintain for us. Luckily our network team was able to remove the malicious users from our search console.
That vendor site accepts credit card payments and displays the user’s contact info like address, email, and phone. The vendor uses keys that are tied to our payment gateway. So now my employer is demanding a full incident report from the vendor because their dropping the ball could have compromised our users’ data and we might be responsible for PCI issues.
And the vendor tried to shit on us even more. The vendor also generates vanity urls for our users. My employer decided to temporarily redirect users to our main site (non vendor) because users already received those links and in order to not lose revenue. The vendor’s solution is to build a service that will redirect their vanity urls to our main site. And they wanted to charge us $5000 usd for this. We already pay them $1000 a month already.
WTAF we are not stupid. Our network service team said we could make the argument that they do this without extra charge because it falls in the scope of our contract with them. Our network team also said that we could terminate the contract because the security breach means they didn’t render the service they were contracted to do. Guess it’s time for us to get our lawyer’s take on this.
So now it looks like my stakeholders want me to rebuild all of this in house. I already have a lot on my plate, but I’m going to be open to their requests because we are still in the debrief phase.2 -
Fuck this client's IT department. They're a bunch of Microsoft asslickers.
How am I supposed to push code to your self-hosted GitLab instance if you restrict me to Citrix RDP????? No OpenVPN access because I'm on Linux?? Seriously? Because I am not using any of your laptops?
FUCK YOU DUMBASSES, I COULD DO A BETTER JOB THAN YOU AND I JUST PLAY WITH LINUX.
When I said I only needed terminal access I would have never imagined they were thinking of Putty inside an RDP. What a steaming shit.
Oh you guys don't have a secret management service as any enterprise should? Oh I cannot add a secret management service as part of the solution I am building for you guys because "Hurr Durr yOu HaVe NoT pUt ThIs In ThE pRoJeCt PrOpOsAl sO nO"
Fuck you guys. You guys only don't want to move to the cloud to not lose your jobs. I would be far more productive than relying on you pieces of dumbassery.
They are all having each others back in using shit technology and practices.7 -
Worst and only experience is the reason I moved away from programming...
25 years ago I was hired to copy a phone book list to a access database.
Access back then would create lots of garbage, so I would add 3 to 5 entries before access crashed (shitty p133 laptop with 32mb ram running windows 98.
So I made a visual basic program to add data and work around the problem.
I offered said program to the guy really cheap and would still make it better.
Did also a admin module since he had hired dozens of people and I knew he would have problems peasing the databases together.
And... Dude cancels the deal.
I get a job, 2 weeks later he calls me... Ohhh I don't know how to get all the databases together...
Me: I'm working now, the program I did solved said problem. I trew the code away. Deal with it. -
So, yet another "senior" web developer employed by my contractor who utterly fails to understand CORS.
I mean, easy enough to config their servers to provide the headers. A good and quick buck.
But I swear the level of idiocy I find in so called "seniors" infuriates me. I swear, he didn't even figure out that
A) you can't make the browser omit the Origin header.
(But it works on curl 😭😭😭)
B) it's the *server* who must include access-control-allow-origin in the response, not you in the request. Like, what use would that be? I don't even...
😞
I guess if I ever need to hire web devs again my only question during the interview will be "explain CORS to me".8 -
Priscilla Chomba in her TEDx talk "A free and fair internet benefits" said the following:
"We need to actively and collectively ensure that going forward, everyone has access to a free, fair and feminist internet."
How do you make the internet feminist? Call it La Interneta?19 -
ARE YOU READY FOR WORKPLACE BRAIN SCANNING?
Extracting and using brain data will make workers happier and more productive, backers say
https://spectrum.ieee.org/neurotech...
"What takes much more time are the cognitive and motor processes that occur after the decision making—planning a response (such as saying something or pushing a button) and then executing that response. If you can skip these planning and execution phases and instead use EEG to directly access the output of the brain’s visual processing and decision-making systems, you can perform image-recognition tasks far faster. The user no longer has to actively think: For an expert, just that fleeting first impression is enough for their brain to make an accurate determination of what’s in the image."12 -
Funfact you can access devrant via https://dfox.devrant.com/. I'm currently posting this rant over this domain xD6
-
Follow up to: https://devrant.com/rants/5047721/....
1- The attacker just copy pasted its JWT session token and jammed requests on the buy gift cards route
2- The endpoint returns the gift card to continue the payment process, but the gift card is already valid
3- Clients wants only to force passwords to have strong combinations
4- Talk about a FIREWALL? Only next month
5- Reduce the token expiration from 3 HOURS to 10 minutes? Implement strong passwords first
6- And then start using refresh tokens
BONUS: Clearly someone from inside that worked for them, the API and database password are the same for years. And the route isn't used directly by the application, although it exists and has rules that the attacker kows. And multiple accounts from legit users are being used, so the person clearly has access to some internal shit7 -
So part of my job is to watch movies.
Unreleased movies. Premier special movies. Restricted access movies. Special screening movies.
Fun part about being in a media tech company is you get amazing perks.
One of the product verticals we have, competes with Netflix and Amazon Prime Video.
So, we have to determine which movies to license and resell on our platform.
For which we have volunteer program where they assign us movies to watch. A couple of movies everyday. Folks have to submit their feedback on certain parameters and then the team evaluates and makes the decision.
As of last few weeks, Cannes 2022 was on and we had a lot of movies lined up. Got to watch some real good ones while some were mediocre.
Surely fun, don't get paid for it. Good perks. Loving it so far.10 -
Just found out that UK is blocking porn. You have to get verified through somethig called AgeID before you can access anything. What are they even thinking?8
-
GIRLS PRANK
Omg I changed her lipstick with one of a slightly different color I'm so random she'll go CrAaAaAzY
BOYS PRANK
Use Tampermonkey to transform your colleague's pc into a chinese botnet and redirect him to some PCC website on every click forever
Yeah long story short that's how my previous firm blocked access to domains hosted by the Chinese government.2 -
Fun fact, I left my old job in October last year. I still have a full access to their github. With admin privileges. I could just delete all their repositories. This is too much power.8
-
teamLeader: We can't release because your change doesn't work, it breaks on the machine ABC123
iHateForALiving: I diagnosed the issue and I still don't know what's related to. BUT I'm 100% sure it's not related to my change, or anything that has changed in the last 24 months. Anyway we can take a look at this, just give me admin credentials for this machine.
teamLeader: no we can't.
iHateForALiving: ... Wait what? How am I supposed to reproduce the issue? Why can't I access the machine?
teamLeader: It's in use by the testers.
iHateForALiving: What for?
teamLeader: ... Educational purposes!
They report some issue on some particular machine, then refuse to give us access to said machine to reproduce the issue because they have "educational purposes", me and God know fuck kind of education I have in mind for this circus but as soon as I get my hands on them they'll get a hint.1 -
I don't know how managers are planning deadlines and counting December as a full working month!
Most companies that I worked with, count either half a month or push the deadline until the end of January when the workforce is back but not here.
Our division manager has promised the customer that the production environment will be ready on the first week of January, without even consulting the team or checking the schedule like WTF!
The person responsible for setting the infrastructure was on vacation for 2 weeks and he didn't hand over the access to production or share the progress done.
Fast forward, the manager went to slack and pinged the whole company with full caps message that the production should be done today.
Fun times :/7 -
Anyone reading these emails we are sending?
I work at a small place. A few users are using an application at our place that I develop and maintain. We all work remotely.
I announce by email to these few users a new version release of said application because of low level changes in the database, send the timeline for the upgrade, I include the new executable, with an easy illustrated 2 minutes *howto* to update painlessly.
Yet, past the date of the upgrade, 100% of the application users emailed me because they were not able to use the software anymore.
----------------
Or I have this issue where we identified a vulnerability in our systems - and I send out an email asking (as soon as possible) for which client version users are using to access the database, so that I patch everything swiftly right. Else everything may crash. Like a clean summary, 2 lines. Easy. A 30 second thing.
A week pass, no answer, I send again.
Then a second week pass, one user answers, saying:
> well I am busy, I will have time to check this out in February.
----------------
Then I am asking myself:
* Why sending email at all in the first place?
* Who wrote these 'best practices textbooks about warning users on schedule/expected downtime?'
*How about I just patch and release first and then expect the emails from the users *after* because 'something is broken', right? Whatever I do, they don't read it.
Oh and before anyone suggest that I should talk to my boss about this behavior from the users, my boss is included in the aforementioned 'users'.
Catch-22 much ? Haha thanks for reading
/rant7 -
They've been in a meeting with some clients the whole morning.
12PM, time for me to go. Say Happy New Year and am on my way home.
12:20 Got home, took shirt off, got something to eat from the fridge.
12:22 Bit the first slice of pizza. Phone rings.
- "Yo' we wanted to show them app 2 but I can't log in."
+ "I left the laptop (and the whole dev environment) there, and there's no PC on in my house (and no dev environment whatsoever)."
- "Well check with your phone. [SIC] Tell me when you fix it."
12:32 I had turned my personal computer on; checked the problem was what I imagined (unpkg lib with no version defined on the link had a new major/non-retrocompatible version); grabbed an online FTP tool; remembered IP, user & password; edited the single line that caused the problem; and checked it worked. Calling back.
+ "It's fixed."
- "Thanks!"
12:38 CEO sent me an image of the app not working, due to a known bug.
+ "That happens if you try to access app 1 having accessed app 2 and not logging off." (app 2 isn't being used / sold, as it's still in development) "Try logging off and logging in again from app 1."
- * radio silence *
+ * guess they could get in *
They had the whole freaking morning. 😠
I'm the hero CMMi's level one warns you about. But at what cost.
Happy early New Year's Eve everyone.2 -
In highschool we went through something like a malware/phishing prevention course.
It was pretty cool tbh, we spend the whole hour in a virtual environment where you'd see common malware and phishing attempts, but the really fun you could also "hack" other students.
Hacking them means you could cause some things to happen on their "PC". One of those was showing in a captcha on their screen and they had to type a the string of your choosing, before they could access the rest of the "virtual computer" again.
You can probably guess where this is going.
I was the first who had the idea to mix big i and small L and tested it on our teacher, who was also part of this environment and screenshared to the projector.
Thanks to sitting next projection I could see the pixels and I can confirm: same character, Pixel perfect!
I will forever cherish the memory of my the teacher begging me to undo the "hack" and the chaos that followed amongst my peers 😈
Also one of the excersizes was stupid. Click on a phishing mail and enter your credentials in the form. I asked the teacher WTF kind of credentials they even want me to enter to microsooft.cum and they just said "the credentials obviously" so I think they got their karma🖕 -
Another member of the team updated the production JSON configuration of the project with a missing comma, this broke a system that's not yet live and where there aren't any real users (only used for demos/testing).
Instead of having a good laugh about how silly this was, the CTO/CEO removed their write access to production..3 -
Our school had for an open source way of dealing with home schooling and managing the school network and so on.
Now the government forced a "proprietary" system on our school and everyone hates it. The teachers didn't want it the pupils didn't want it but who cares "what we do is the best".
Btw the proprietary system costs a fuck load of money even though they just mixed many open source projects and made it their own proprietary thing.
And this company now get's loads of money for their shitty system that never really worked once since we got it.
They blocked so many ip's that we can't even access google and it's services on the school wifi and the bandwith dropped severely with the new system.
Oh and many random ip's e.g. one of my vps is accessible but the other one not.
Discord is blocked.
Web whatsapp.
And so on...
Now....
I need to learn for tests next week and need to access that stuff on the portal but...
Now they decided to switch the LDAP server to the new system and since a few hours i can't access this fucking thing.
It seems like the platform now contacts the new server which isn't even up and running....
Never change a fucking running system....
Oh and we got smart boards and it runs on android and they didn't block adb. Now i installed clash of clans on one of those things. Haha whoops.
These boards cost 7000€ and have security patches from 2 years ago....and Android 87 -
can you solve the issue in production mentioned in this slack channel you don't have access to and we're not going to grant you access to?3
-
macOS facts:
- Darwin core is open-source (https://github.com/apple/darwin-xnu). Not the case with Windows.
- You can use macOS without using any Apple online service like Apple ID, FaceTime or iCloud. Terminal will still work without restrictions, and any app can be installed manually. It's totally different from Google services on Android, without which most of the apps won't work at all.
- macOS updates are trivially to disable. It's a matter of unchecking "Update this mac automatically" checkbox in software update settings. Not the case with Windows, Windows updates are universally hated among developers for intentionally complex UI and update services being very hard to disable.
- Almost every feature or default behavior you dislike can be trivially disabled with one console command. Features won't re-enable automatically like I heard update service does in Windows. The only feature I dislike that I wasn't able to disable was a notification about unsafely unplugging a USB flash drive.
- Out of the box, you get a sophisticated disk manager that allows all kinds of manipulation on drives, just like what you get in Ubuntu.
- Just like on smartphones, you can trivially restrict or provide access to certain features like camera, microphone, etc. on app to app basis. I don't know how to easily do it in Linux, let alone in Windows.
- Apart from mastodons like GIMP, I find open source apps for macOS to have better UI than their Linux alternatives.
- Objective-See offers useful FOSS apps for macOS, they help with privacy and malware detection: https://objective-see.com/products....
I don't want to start a fight. Please, abstain from commenting on one OS being better / worse than the other. Please, don't comment on Mac computers being better / worse than computers of some other vendor. I'm very confused now because of my Dunning-Krueger thing (read my previous rants), so I just want to present the facts about macOS that I think deserve more exposure.28 -
Hiring a third party to help us with something...
Third party: yeah okay, we know what we need. Can we get access to your git repo
Me: sure, I'll make sure you'll get it
(To the admins): hey can you get them access to our git server?
Admins: did they sign the personal data processing contract?
Me: oh they won't work with any personal data. It's a dev server and they only need access to the source code. And the usual contracts and NDAs are already done
Admins: well we still need the other one.
... Sure. Why not. Just delays the start of the process for... Like a week and a half until that useless bit of paper has passed through all the necessary departments. Not like time's an issue. Right?8 -
Got let go / fired today. I was still on my probation period, but they are going to pay me out for the next 2 weeks.
My boss wasn't even in the call "because he's in a sales meeting".
You know you are being let go when you don't have access to any company passwords, and they don't assign you any new work.
Well, onto something new. But first going to relax and catch up on my sleep.3 -
Honestly, I think this one is yet to come for me.
I've had a few bad experiences, but the worst ones are the ones where I couldn't find the time or brain to get some work done properly and therefore did bare minimum, so I basically was driven to shame because my teammates did almost everything.
Second to that, are times where I had to go through drama because teammates were absolutely incompetent or power hungry or inflexible.
Otherwise, it's "live and let die".
Note: I use "teammate" in general sense, equaling "coworker", "colleague", "the guy who's supposed to give me details or access" and "those in on the project" in this rant.2 -
Security in defense is a joke.
New hire does not have accts set up told him over and over!
He decides to go into a classified area and just try. Common last name with first initial.
Guess what he was able to get in because no one changed the default password!
Yep now someone with an interim clearance got access to a machine that goes from unclass to secret and then top secret!6 -
I have been working on this software for 3 years now. The code base was a working prototype made by my boss before I came, not more, not less. Php + Angular. Have been refactoring a lot, backend is backed with hundreds of tests now, frontend still lacks a lot. Still a lot of programm structures are still the same weird ones my boss once created in a rush between two meetings while learning Angular to get the prototype finished. Now it's used in production which makes hard to refactor, because we have to maintain backwards compatibility. Neither the parts I added or refactored completely are satisfying, because they are built on this structures, because i never got any feedback for anything I decided and because I changed my own paradigms over time.
So I am all alone on this project. All genuinly new projects are assigned to the new team members (i was the first one, no we are five plus my boss) because I wont have time, have to maintain the old one. So I never can do something new which is quite frustrating.
I did a little side tool, the only thing I invented and did completely by myself in our repertoire - and now some stakeholder shows big interest onto this. Instead of giving me the task to make a real project from this my boss wants to give it to them to develop it. Why? Because I need more time for the main application.
Also the more the software is used the more bug tickets and feature requests come. I was crying for help for months but the others had appareantly more important stuff to do.
This might be true to some extend. Yesterday we had some kind of crisis meeting and my boss wanted again to assing pur junior to help me, who has a shit load of other things to do and is a student. I insisted that this would not be enough, and one of the fulltime devs has to get involved because the thing is our core application and I am only part time btw. So my boss said we wont decide today but one of them should do it. They should have some time to figure out who which is understandable but it's not that I didn't keep saying this for months. Now they are all like whimp whimp when I have to do php i will quit. The new projects are all typescript, with node backend if any. But alas, one of them even said yesterday he doesn't want to do js anymore. Okay... but... this is our tech stack then get another job allready?
And I should do the same probably. But then again I feel very sorry for my boss who helped me in very dark times of corona and more. If both of us leave, the project he worked on for decade (including convincing poeole, collect money..) might be suddenly at it's end while he is so exited about it's access today...
I also get insecure if it's really that they hate php so much or that they don't want to work with me personally because maybe I am a bad team Player or what?
I experienced the same at my old workplace, got left alone with big parts of the project because they didn't want to do php and js in this case and it ended up five devs doing the python backend and me doing the frontend and the php cms part all alone. Then I quit and now everything seems to happen again.
And then again I think I am only fucked up so hard by this stuff because I do not really like being a developer at all. I only do it for the money and because I am good at it (at least i think so. Nobody ever bothers to ever to read my code and give me feedback, because you know, php and js). So I guess I would hate any other job in the field maybe likewise?
This job *is* convinient, salary, office
position, flexibility could not be better. At the end of the day it's not that stressfull. And i don't have any second of freetime (due to family) or energy i could offer a new and more demanding employer, can't work over time or even take a fulltime position, can't home office, can't earn less, can't travel very long to the office and especially can't go back to school to learn something completely new. Some of these constraints are softwe then other naturally but still my posibilities at the Moment are very limited. That might change in about five years if the family situation changed. So it would most likely be reasonable to stay until then at my current job? And bear being alone with this app, don't getting involved on any new project, don't learn anything new, don't invent anything.
There was one potential way out, they considered offering me PHD position to the upcoming ml part of the project... But I learned that I would attend to a bunch of classes at university first, which i would like to, but I don't think i have the time.
I feel trapped somehow. I also feel very lonely in the Office because those fucktards keep saying in home office.
Man, I don't want to go to work today.6 -
Been getting a lot of troll / clown / clueless (?) comments on my posts recently. Select favorites include:
"Why do you have a login form on your website?" wut
"Why didn't you throw away that API key?" wut
"Why do you even need to access your apps' servers?" wut
There are just SO many amazing devs here who have NEVER had do any of those things, I'm quite literally an idiot and don't know what I'm doing, sorry for my ignorance. I'd forgotten that there is only exactly one way to build software, I wish I'd done it "that" way sooner! Foolish me.
Really not sure if trolls, clowns, or clueless. Don't care. 🤡🤡🤡11 -
Why is planning so awful at so many tech companies (and in general I guess)?
I’m barely a month in and already having to drop current projects because someone made a promise to someone else and realized at the last minute “wait we need infrastructure for this” and came to me out of nowhere “hey we need this super complicated pipeline and complex architecture built”
I ask boss about how this should fall in priority, he basically says “figure it out”. Okay….thanks.
I ask for the business case from the requesters and when they need it and I’m told “we’re going live in late September”
Go back to boss, tell him what I “figured out” and asked if this was something he intended for me to take on. He skimmed through the ticket and gave a non-committal “I’m not sure what this is”. I’m still trying to figure out the infra here, still haven’t gotten access to half the things linked in the JIRA, but there’s been about 3 email chains and a Director recently DM’d me on slack asking for an update.
So I guess I’m flying in the dark on this one.
If you never hear from me again in this community I probably flew into the side of a mountain or something. This new job ain’t it.7 -
Interesting: how to hack websites right upon installation. Basically, monitoring issued TLS certificates and trying to access e.g. WordPress installations before the user was able to configure a password.
That relies on a sloppy deployment process, of course - like making a live installation that is online immediately.
Source: https://portswigger.net/daily-swig/...12 -
My dev lead is a uniquely poor leader with an impressive ability to produce a large amount inflexible, temporarily functional code.
As we're in another pair programming session where I try to keep him from destroying over all type safety and architectural decisions to meet a self imposed demo deadline, he keeps trying to access properties of his state.
This state object is incorrectly typed with an anonymous type with incorrect properties.
Despite repeating calmly stating that the object is incorrectly typed, and that's why there are red underlines when he tries to access a property he knows is in there, he insists that that's not correct.
Finally, he knowingly says that he's figured it out and that he's been doing this for many years.
What was the solution you might ask? (state as any).myProperty;
Truly breathtaking mastery. -
IT department of client still doesn't get its shit together. Previously, I've ranted that they insist I access their GitLab through a fucking RDP.
Me: requests an account to their Confluence space
Them: give me a Confluence account. Naturally, Confluence requests that I confirm my email. That needs to be confirmed in the inbox of my.name@theircompany.com. Mail servers hosted by Azure, using Outlook.
Me: ok, let's configure my Outlook, 2FA as they configured to demand it from me... install MS's authenticator app, ok so far so good... Now I'm ready to login and find that email from Confluence and... ERROR 500 INVALID LICENSE
Fucking hell. You just love your siloes so much you actually make it impossible to access it and feel good about my own good will. -
One of our customers wants our mobile app to log out the user after 15 minutes of inactivity because of SeCuRiTy…
Why? The phones protect the apps with their hardware encryption from any malicious access.
And we are not dealing with super sensitive data here like some banking app or so.
Why do some people want to have bad UX for no reason?12 -
Other team lead: Hi DevOps Team, We need you to deploy this app to production. It's maintainers gave up on it in 2019, but we looked at it and it feels right.
Me: Uhm. That's not going to work. It'll fail the security scan before you can even finish the build in CI.
Other team lead: Yeah, this app is the right thing to do, and we needed it last week, but since that won't work, we'll just use this other very very infant technology that was just born yesterday. It's not stable in production, or on MySQL, or in AWS at all, but it's the other direction we can to go.
Me: What problem are you trying to solve in the first place?
Other team lead: Oh, we need access to the read from the production database.2 -
I think I may have shared this a while back. Just played with this a little for fun. I was playing with an ESP8266. Apparently it takes very little code to turn it into an access point and have it redirect to a landing page just like a hotel wifi does. Every platform I had connect to the AP seemed to work properly. I setup the AP without a password and let people log in. I named the AP "Virus Distribution Point". Here is what they would see:
https://htmlpreview.github.io//...
Don't mind the name of the repo. It is a junk repo I made for making mom jokes.7 -
I f&#king hate it here. I am just eyeing to exit as soon as 1 year of my contractual obligation is over. My employer is a good employer. Provides good benefits but I just can't take the bureaucrazy in here. Just yesterday, had to ask another team to deploy objects on our behalf as they are the schema owner. They did it and asked us to review it today. But how? We don't even have manual access to the schema, because we are not the content owner and security! But that's fine, I can always query the catalog views and check the metadata and should be able to conclude the deployment. Right? NOOOO. Because security! Of what? Column names?
Prev rant: https://devrant.com/rants/5145722/...2 -
MTP is complete garbage. I want mass storage back.
The media transfer protocol (MTP) occasionally discovers new creative ways of failure. Frequently, directory listings take minutes to load or fail to load at all, and it freezes up infinitely (until disconnected) when renaming an item, and I can not even do two things simultaneously.
While files are being moved, I can not browse pictures or watch videos from the smartphone.
Sometimes, files are listed with the date 1970-01-01 (Unix epoch) instead of their correct date. Sometimes, files do not appear at all, which makes it unsafe to move directories from the device.
MTP lacks random access. If I want to play a two-gigabyte 4K 2160p video and seek in the video, guess what: I need to copy it to my computer's local mass storage first because MTP lacks random access.
When transferring high numbers of files, MTP has to slooooowly enumerate (or "prepare" or "calculate the time of") them all, which might even take longer than mass storage would need for the entire process. This means MTP might start copying or moving the actual files when mass storage is already finished.
Today, the "preparing to move" process was especially slow: five minutes for around 150 files! How am I supposed to find out what caused this random malfunction?
MTP sometimes drives me insane. I want mass storage back, at least for the MicroSD memory card, which uses a widely supported file system.
Imagine a 2010 $100 Android phone is better at file transfer than a 2022 $1000 Android phone (or iPhone, for that matter).3 -
An intern made a very bad impression on the first day.
This was before I become a developer. I was working in commercial art sales. One day, I had an appointment to onboard two new interns together.
Intern 1 shows up and I ask her for her signed confidentiality agreement. The boss had sent it out a week before and told me the interns were bringing the signed paperwork on their first day. I see the surprised look on her face and she says she forgot. She’s lucky I had access to another copy. If I didn’t, things could have gotten pretty awkward if I had to contact my boss, who was out of office. If there’s no signed agreement, I can’t onboard her and I’d have to send her home. The appointment was made with intern 1’s availability in mind, so intern 1 could have spent her time coming to the office for nothing and being turned away because of a stupid mistake she made.
While we wait for intern 2 to arrive, I try to engage in small talk with intern 1. I try to get to know her a little better and I ask “are you still in college/university?” She word vomits that she thought she had graduated, but six months later she hadn’t received her diploma and she called the school and they told her her pre-college credits had not transferred, so she’s finishing those credits now.
Oh, intern, you should have just simplified all this to “I’m finishing up my degree” or “yes, I’m still in college.” This is TMI. You don’t want to give out information about yourself that could put you in a bad light. You need to know to be discreet about yourself. You’re 22 years old. It’s really bad judgement to say this to your supervisor (me) and we’ve only known each other for ten minutes. I’m not your friend, I’m your supervisor. Honestly, I thought the explanation didn’t make sense because she would have found out about the credits when she tried to transfer them and when she applied for graduation. I didn’t prod for more details.
I did have to tell my boss about intern 1 forgetting the paperwork. It’s not something the intern would be reprimanded for, but it is something that’s not a good sign. The paperwork had been sent by the boss a week prior. It’s troublesome that an intern would forget to complete an important task that was sent by the boss. This was never a problem with prior interns.
Boss did freak out because boss thought I onboarded intern 1 without intern agreeing to the confidentiality agreement. Boss hadn’t considered an intern would forget the paperwork and didn’t tell me what to do if this did happen. I reassured boss that I had printed a new copy and had intern 1 sign the agreement.
I didn’t say anything about the word vomit. The content was troubling, but I was concerned this would be gossip and I wasn’t out to sabotage the intern.
Forgetting the paperwork and the word vomit were signs the intern wasn’t reliable. Intern had trouble taking direction even when it was written down. She’d do stupid things like invite her boyfriend to the office for hours and let BF sit at the boss’s desk—boss caught her and boss’s office is visible from our public viewing floor, so visitor did see this too. I suspected she might have an diagnosed learning disability.
In the end, intern didn’t ask for a reference letter. Boss said that if intern asked for one in the future, the answer would be no.
Intern 1 is the reason why I don’t want to be in change of interns ever again even though I’m not in art sales anymore.17 -
My former employer refuses to pay out my vacation time per state law. Left a month ago but they have not disabled my company email account.
Small shop so no active directory but still shocked they have not disabled my access. It’s only outlook/ office 365 no access to network drives.
What kind of small, petty and (mostly) legal havoc can I cause?
Something annoying but causes no monetary damage.6 -
Consulting/contracting for a company, and their lead developer/ops guy quits without warning. This leaves me as the only one with the somewhat technical know how but without access to do anything to move any changes to production....4
-
So this will be my first rant/story sorry if it gets too long.
So finished work and I was like finally some days off, went to bed, woke up the next morning, went to near city to take care of some work, went back and I noticed they were digging the ground near my place, as I've found out from neighbors they were changing some pipes, well ok no problem arrived home, sat on my PC to study a bit and do a bit gaming, but guess what?? NO INTERNET well ok contacted the ISP, the idiots told me it will take them 2 days to arrive WTF? is this 2018 or 1918?? I was so pissed off but ok the next day they called me that they arrived, they checked and said that they will need to fix some wires they will return the same day.. so I've waited few hours but no internet, the asholes didn't came, so the next day they arrived and guess what?! the idiots that digged the holes cut the wires, instead of fucking contacting the ISP to ask for supervisor to tell them where they can dig they didn't know what was the fire for and they thought oh well lets cut the fucking wire, and instead of stopping and contacting the ISP about their mistake they continued with the digging and cut the wire at 3 places, so the ISP at the end called the police, the plumbers that did the digging where just laughing, why do you laugh you primitive ashole, even 10 year old would first ask if it can continue if it finds something that he didn't know about it (I call primitive the person not the job title), and the best part is that the idiots not only they cut the wire at 3 places they also took part of it out of the ground and then they filled the holes back! Now I won't have internet for 2 fucking weeks, yes in 2018 this is happening, at that moment I was so pissed, but kept my cool and contacted the ISP to give me LTE USB stick to use it for the next 2 weeks, sadly they couldn't do that wtf??? So I asked politely who will pay the damage for me not working for 2 weeks and they said that they will gladly pay the damage.. So I was confused because that literally meant that they will compassed me for the 2 weeks, so I re-asked are they sure about that and they said yes, so lets see what it will be done, in the meantime I solved the internet problem by using my phone to access internet on the PC.. But still its amazing how primitive people can be and how ISP don't have alternative solutions for such cases, just to point out this sam ISP bragged how they will be among the first to bring 5G when it arrives... LOL4 -
HP makes shit devices. How the fuck you gonna regress with product design from 7 years ago?
Like whos the fucktard that thinks “how about in order to swap a keyboard, we make the user take EVERYTHING out and then put it into a new upper housing?”
Or my favorite is “instead of screwing a screen panel in, lets use some painfully difficult to access stretch tape?”
Fuck HP’s product design team. If by some off chance any of yall know anyone who’s part of that team, tell them i said they can eat a fat dick and get aids.6 -
We have a bunch of legacy applications that runs on Windows only. I'm pretty much the only dev here who doesn't use a Windows machine.
In order to run those applications, I need use remote desktop to a Windows VM.
I use a Mac. And I use a lot of keyboard shortcuts. Case in point, CMD + L to go to the address bar in the browser.
This happens every time when I need to access those applications.
me: *remote desktop to the VM
me: "oh I need to get to the index/landing page"
me: *CMD + L
VM: "I'm locked now"8 -
It's 2022 and Firefox still doesn't allow deactivating video caching to disk.
When playing videos from some sites like the Internet Archive, it writes several hundreds of megabytes to the disk, which causes wear on flash storage in the long term. This is the same reason cited for the use of jsonlz4 instead of plain JSON. The caching of videos to disk even happens when deactivating the normal browsing cache (about:config property "browser.cache.disk.enable").
I get the benefit of media caching, but I'd prefer Firefox not to write gigabytes to my SSD each time I watch a somewhat long video. There is actually the about:config property "browser.privatebrowsing.forceMediaMemoryCache", but as the name implies, it is only for private browsing. The RAM is much more suitable for this purpose, and modern computers have, unlike computers from a decade ago, RAM in abundance, which is intended precisely for such a purpose.
The caching of video (and audio) to disk is completely unnecessary as of 2022. It was useful over a decade ago, back when an average computer had 4 GB of RAM and a spinning hard disk (HDD). Now, computers commonly have 16 GB RAM and a solid-state drive (SSD), which makes media caching on disk obsolete, and even detrimental due to weardown. HDDs do not wear down much from writing, since it just alters magnetic fields. HDDs just wear down from the spinning and random access, whereas SSDs do wear down from writing. Since media caching mostly invovles sequential access, HDDs don't mind being used for that. But it is detrimental to the life span of flash memory, and especially hurts live USB drives (USB drives with an operating system) due to their smaller size.
If I watch a one-hour HD video, I do not wish 5 GB to be written to my SSD for nothing. The nonstandard LZ4 format "mozLZ4" for storing sessions was also introduced with the argument of reducing disk writes to flash memory, but video caching causes multiple times as much writing as that.
The property "media.cache_size" in about:config does not help much. Setting it to zero or a low value causes stuttering playback. Setting it to any higher value does not reduce writes to disk, since it apparently just rotates caching within that space, and a lower value means that it just rotates writing more often in a smaller space. Setting a lower value should not cause more wear due to wear levelling, but also does not reduce wear compared to a higher value, since still roughly the same amount of data is written to disk.
Media caching also applies to audio, but that is far less in size than video. Still, deactivating it without having to use private browsing should not be denied to the user.
The fact that this can not be deactivated is a shame for Firefox.2 -
I don't trust my router. ISP issued piece of crap.
Finally I came around to reducing it to a modem and connecting my own hardware.
I chose mikroTiks. And I was in over my head immediately. I had to reset them so very often before I finally understood that bridge is not meant as a two port router. That's how I know that term. It connects instead on layer 2.
And then it took me ages to set up CAPsMAN. Turned out I just forgot to set the caps interfaces to three chosen configuration. CAPsMAN is routerOs' integrated wi-fi management tool. One location configures all access points.
But finally.. my network. Firewalled and NATed of from my ISP. With good WiFi everywhere, thanks to band steering and handover.
MikroTiks and routerOs are amazing. Its terminal is so useful. Ssh onto the router easily. I love it. But I was woefully unprepared and it took longer to set it up then I'd like to admit.2 -
[Rust]
I have a bunch of computational steps in a Rust program, all very expensive. They all depend on each other, forming a cycle-free and rather small graph of dependencies which is not a tree. The results of each of them for a given input are likely used tens of times by the others, so I would like to cache the subresults dynamically.
How would I go about doing this, considering that caching (rightfully) requires mutable access to the cache and multiple operations often refer to the same subresult?
I can't ask SO because they'd just tell me to use another language or recalculate everything every time, fully convinced that difficult questions can only emerge from design mistakes.12 -
I might be new to webdev , but wtf is wrong with imports in js ?
html seems to get the only decent way of dealing with js: all the files mentioned in subsequent <script> tags can access the functions of previous file
but when it comes to those generated html content(aka react projects) and servers, nobody seems to come to an agreement : react guys uses import while server people uses require. and both of these can't be used in the same file : import works in mjs files (or usual files too if type is defined as module) while require works in cjs file (or usual js files if type is NOT defined as module)
so i kind of like imports for its elegance and resembelence to java imports. and i might have got into some errors in unrelated areas , so my package.json has type=module . i want to use some cjs package (jsonwebtoken) and that shit for the love of god won't work with import, so i gotta use it with cjs file and then the whole project can't use that crappy cjs file.
WTAF ? has web world not got matured enough to not have this shitty import export situation?should i write caveman code and convert everything to require(..) ?
fuck me6 -
I found a loophole to get free courses on a popular tutor’s website. He has millions of views and more than a 100,000 students. I feel great knowing I now have free unlimited access to free courses. Hopefully they don’t realize and fix the bug.7
-
I deployed one of our staging websites to a free plan because the site is rarely used. Project Manager sends the stakeholders the new url. There will be a lot of 🤦♀️🤦♂️🤦 all around. Some of it’s my fault. A lot of it is just WTF.
Stakeholder: We still need the staging site because we don’t want to test in the live site…
PM: Okay. We didn’t say we were deleting the site. We are just moving it to a new and better hosting platform, so we’re letting you know the url has changed.
Stakeholder: This url is for the front facing page. How do I access the backend? [they mean the admin interface]
Me: The only thing that’s changed is the url for the staging website. So domain-A/account is now domain-B/account.
I thought that was a pretty straightforward way of explaining things, that even a non technical person would get it. They took the /account example as the literal login url.
Stakeholder: I forgot the password for our admin login and I submitted a password reset, but I realize I don’t know if I have access to the admin email. Or if it’s even a real email account.
WTF
I look back at the email chain and I realize that I gave the PM the wrong url.
Also, WTF x 2. How did this stakeholder not realize they were looking at the wrong website?? There are definitely noticeable style and content differences. And why would you have an admin login that uses a fake email??
Me: My apologies. I sent over the incorrect url. My instructions are mostly the same. All that’s changed is the domain.
Stakeholder’s assistant: [DMs me] How do we access the backend?
WTF…are they seriously playing this game and demanding I type out the url for them?! 🤬 I’m not playing this game and I just copy and paste the example that I already sent over.
They figure it out eventually. Apparently, they never used /account to login before They used /admin/index… but that would still bring them to /account, but with ?redirect=/admin/index appended to the url if they weren’t logged in. Again, WTF.
I know I made mistakes in this whole thing, but damn. I can’t even. I’m pretty sure this whole incident is fueling my boss’s push to stop supporting this particular website anymore so I can focus on sites that actually bring in revenue…and have stakeholders that aren’t looney and condescending like this.4 -
whose idea was it to give the business major access to the database? we have one thousand tables that do the same thing or absolutely nothing, everything is badly named, and THE GRAMMAR5
-
Software runs fine on several in-house instances. First time customers hosting it themselves. Runs fine. Users start using. Server need absurdly high processing power and fucks up. I can not access customers Server to debug. Only hope, get copy of their images to reproduce their setup. And have *** one single fucking hour *** to go into it before having to tell in emergency meeting if we can fix it or they would blew the project.
I didn't expect, but found the cause, a single very badly written query. Written by myself years ago I have to admit.
They also gave me one hour to produce a patch. I did but but lost so many hair.4 -
TL;DR; do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that.
They say verbalising it makes it less painful. So I guess I'll try to do just that. Because it still hurts, even though it happened many years ago.
I was about to finish college. As usual, the last year we have to prepare a project and demonstrate it at the end of the year. I worked. I worked hard. Many sleepless nights, many nerves burned. I was making an android app - StudentBuddy. It was supposed to alleviate students' organizational problems: finding the right building (city plans, maps, bus schedules and options/suggestions), the right auditorium (I used pictures of building evac plans with classes indexed on them; drawing the red line as the path to go to find the right room), having the schedule in-app, notifications, push-notifications (e.g. teacher posts "will be 15 minutes late" or "15:30 moved to aud. 326"), homework, etc. Looots of info, loooots of features. Definitely lots of time spent and heaps of new info learned along the way.
The architecture was simple. It was a server-side REST webapp and an Android app as a client. Plenty of entities, as the system had to cover a broad spectrum of features. Consequently, I had to spin up a large number of webmethods, implement them, write clients for them and keep them in-sync. Eventually, I decided to build an annotation processor that generates webmethods and clients automatically - I just had to write a template and define what I want generated. That worked PERFECTLY.
In the end, I spun up and implemented hundreds of webmethods. Most of them were used in the Android app (client) - to access and upsert entities, transition states, etc. Some of them I left as TBD for the future - for when the app gets the ADMIN module created. I still used those webmethods to populate the DB.
The day came when I had to demonstrate my creation. As always, there was a commission: some high-level folks from the college, some guests from businesses.
My turn to speak. Everything went great, as reversed. I present the problem, demonstrate the app, demonstrate the notifications, plans, etc. Then I describe at high level what the implementation is like and future development plans. They ask me questions - I answer them all.
I was sure I was going to get a 10 - the highest score. This was by far the most advanced project of all presented that day!
Other people do their demos. I wait to the end patiently to hear the results. Commission leaves the room. 10 minutes later someone comes in and calls my name. She walks me to the room where the judgement is made. Uh-oh, what could've possibly gone wrong...?
The leader is reading through my project's docs and I don't like the look on his face. He opens the last 7 pages where all the webmethods are listed, points them to me and asks:
LEAD: What is this??? Are all of these implemented? Are they all being used in the app?
ME: Yes, I have implemented all of them. Most of them are used in the app, others are there for future development - for when the ADMIN module is created
LEAD: But why are there so many of them? You can't possibly need them all!
ME: The scope of the application is huge. There are lots of entities, and more than half of the methods are but extended CRUD calls
LEAD: But there are so many of them! And you say you are not using them in your app
ME: Yes, I was using them manually to perform admin tasks, like creating all the entities with all the relations in order to populate the DB (FTR: it was perfectly OK to not have the app completed 100%. We were encouraged to build an MVP and have plans for future development)
LEAD: <shakes his head in disapproval>
LEAD: Okay, That will be all. you can return to the auditorium
In the end, I was not given the highest score, while some other, less advanced projects, were. I was so upset and confused I could not force myself to ask WHY.
I still carry this sore with me and it still hurts to remember. Also, I have learned a painful life lesson: do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that. -
New job. Almost all sites are blocked due to "security"... even spotify. I can' listen to the music. Fortunately i have access to dev rant xd5
-
Fuck environments without direct internet access and only http proxy in place.
That is all, thank you for listening3 -
Yet another reason to design my own keyboard..
I get the most expensive keyboard out there, and guess what, it stops working correctly when it collects a bit of dust and hair..
Meanwhile my 35 year old IBM Model M, you could eat on it for 10 years and it would still function just fine !
My new keyboard, the roller wheel starts to act up, no problem, I'll just take it apart and clean it..
Once I find all the hidden screws with odd sized screw heads..
And then find out you can't take it all apart easily to gain access to the parts you want to clean.
And then find out, the parts you do want to clean, don't seem to come apart for cleaning..
Lets drip some cleaning fluid there anyhow and hope for the best !
That worked, for now..
So badly designed !
Oh did I mention how its a split keyboard, and the addon part doesn't have a locking mechanism, so you need to use blutak to hold it together..
Who designs this shit !
And that is before I mention how windows updates screwed with the keyboard settings so I suddenly got bounce issues !
It's supposed to be a bounce free keyboard !
And it doesn't work in my BIOS because its USB.. ( Even though USB is supposed to be supported.. )
So, why doesn't someone design a USB and PS/2 keyboard !
Did I mention how the keyboard font is too small to read without glasses..
Or how the back lit keys bleed light all over the place, and don't just shove iit through the keytops.
And, now my iii is acting up repeating itself..
My IBM model M was never like this !
But it isn't backlit..
Nor does it have a left handed numberpad..
But then, this doesn't have a real left handed numberpad, its just a right handed one on the left side, so my thumb is in the wrong place !
Apart from that, its fine...
Oh, except, don't use the app that comes with it, or rather, don't leave to runnning, or it crashes your PC..
But its fine to set up the keyboard with. :-)25 -
CORS is shit
Stupid useless shit that protects from nothing. It is harmful mechanism that does nothing but randomly blocks browser from accessing resources - nothing more.
Main idea of CORS is that if server does not send proper header to OPTIONS request, browser will block other requests to that server.
What does stupid cocksuckers that invented CORS, think their retarded shit can protect from?
- If server is malicious, it will send any header required to let you access it.
- If client has malicious intents - he will never use your shit browser to make requests, he will use curl or any ther tool available. Also if server security bases on something as unreliable as http headers it sends to the client - its a shit server, and CORS will not save it.
Can anyone give REAL examples when CORS can really protect from anything?32 -
When the CTO/CEO of your "startup" is always AFK and it takes weeks to get anything approved by them (or even secure a meeting with them) and they have almost-exclusive access to production and the admin account for all third party services.
Want to create a new messaging channel? Too bad! What about a new repository for that cool idea you had, or that new microservice you're expected to build. Expect to be blocked for at least a week.
When they also hold themselves solely responsible for security and operations, they've built their own proprietary framework that handles all the authentication, database models and microservice communications.
Speaking of which, there's more than six microservices per developer!
Oh there's a bug or limitation in the framework? Too bad. It's a black box that nobody else in the company can touch. Good luck with the two week lead time on getting anything changed there. Oh and there's no dedicated issue tracker. Have you heard of email?
When the systems and processes in place were designed for "consistency" and "scalability" in mind you can be certain that everything is consistently broken at scale. Each microservice offers:
1. Anemic & non-idempotent CRUD APIs (Can't believe it's not a Database Table™) because the consumer should do all the work.
2. Race Conditions, because transactions are "not portable" (but not to worry, all the code is written as if it were running single threaded on a single machine).
3. Fault Intolerance, just a single failure in a chain of layered microservice calls will leave the requested operation in a partially applied and corrupted state. Ger ready for manual intervention.
4. Completely Redundant Documentation, our web documentation is automatically generated and is always of the form //[FieldName] of the [ObjectName].
5. Happy Path Support, only the intended use cases and fields work, we added a bunch of others because YouAreGoingToNeedIt™ but it won't work when you do need it. The only record of this happy path is the code itself.
Consider this, you're been building a new microservice, you've carefully followed all the unwritten highly specific technical implementation standards enforced by the CTO/CEO (that your aware of). You've decided to write some unit tests, well um.. didn't you know? There's nothing scalable and consistent about running the system locally! That's not built-in to the framework. So just use curl to test your service whilst it is deployed or connected to the development environment. Then you can open a PR and once it has been approved it will be included in the next full deployment (at least a week later).
Most new 'services' feel like the are about one to five days of writing straightforward code followed by weeks to months of integration hell, testing and blocked dependencies.
When confronted/advised about these issues the response from the CTO/CEO
varies:
(A) "yes but it's an edge case, the cloud is highly available and reliable, our software doesn't crash frequently".
(B) "yes, that's why I'm thinking about adding [idempotency] to the framework to address that when I'm not so busy" two weeks go by...
(C) "yes, but we are still doing better than all of our competitors".
(D) "oh, but you can just [highly specific sequence of undocumented steps, that probably won't work when you try it].
(E) "yes, let's setup a meeting to go through this in more detail" *doesn't show up to the meeting*.
(F) "oh, but our customers are really happy with our level of [Documentation]".
Sometimes it can feel like a bit of a cult, as all of the project managers (and some of the developers) see the CTO/CEO as a sort of 'programming god' because they are never blocked on anything they work on, they're able to bypass all the limitations and obstacles they've placed in front of the 'ordinary' developers.
There's been several instances where the CTO/CEO will suddenly make widespread changes to the codebase (to enforce some 'standard') without having to go through the same review process as everybody else, these changes will usually break something like the automatic build process or something in the dev environment and its up to the developers to pick up the pieces. I think developers find it intimidating to identify issues in the CTO/CEO's code because it's implicitly defined due to their status as the "gold standard".
It's certainly frustrating but I hope this story serves as a bit of a foil to those who wish they had a more technical CTO/CEO in their organisation. Does anybody else have a similar experience or is this situation an absolute one of a kind?2 -
AWS is so secure that even with full access I cannot access the resource I need and the error message is so cryptic every hacker will give up first. Amazing!3
-
So, project needs vive headset + unity.
Set up done, unity project made, set up, plug the two, start tweaking, fixing stuff... Aaaaand need to tweak the script. Double click, MS studio comes up... Need to reactive the license...
I don't have a personal license (and I never will get one either, given how many times microshit has been a major pain in my glorious ass, I tend to avoid their shithole of products at all costs. Somebody else actually gave me access for this project.
So, that doesn't work, goes to download a free version, aaaaaaand apparently my level of access doesn't allow me to install this one.
... UrghhhhhAAAAAAAAAAAAAAAAAAA
Notepad++ it is. 😶2 -
Optimizing JS is such a pain. like, the total runtime of the rest of the code is not measurable compared to DOM operations, so the goal would be to optimize DOM access, but there are zero resources online on the relative cost of certain operations, and I get the feeling that they don't have much in common across browsers.2
-
My Ubuntu VM just work fine for consecutive 217 days without restarting.
Need to change some config
And... I forgot the application access key... Damnit!!!
Lucky, I kept the access key in the password manager. Whew.5 -
Every fucking time I get an application for simple stuff like cleaning or weight measuring, and it asks me for completely unnecessary things like making an account and requesting access to my gps location, I look up the company and find out it's Chinese. What the fuck man.1
-
Yeah, fuck all the authentication/authorization framework I build, just access manage resources directly and leak stuff, assign it to wrong accounts and don't even check if they should be able to with that eye shore you call code1
-
Just go access to GitHub Copilot! Woohoo!
But dang it's sometimes scary. It's like it can read your mind and knows what to write before you even know it.
The future looks spicy3 -
Tailwind css offers a premium package where you have to pay $300 for access to their tailwind styling components. And even additional $150 and $150 and $150 packages depending if your app is for ecommerce application ui or marketing etc.
WTF????
While in Angular Google has provided 100% FREE MATERIAL DESIGN UI COMPONENTS
WHO THE FUCK PREFERS TO CODE IN REACT/NEXTJS/VUE over ANGULAR???23 -
Old old organization makes me feel like I'm stuck in my career. I'm hanging out with boomer programmers when I'm not even 30.
I wouldn't call myself an exceptional programmer. But the way the organization does it's software development makes me cringe sometimes.
1. They use a ready made solution for the main system, which was coded in PL/SQL. The system isn't mobile friendly, looks like crap and cannot be updated via vendor (that you need to pay for anyway) because of so many code customizations being done to it over the years. The only way to update it is to code it yourself, making the paid solutions useless
2. Adding CloudFlare in the middle of everything without knowing how to use it. Resulting in some countries/networks not being able to access systems that are otherwise fine
3. When devs are asked to separate frontend and backend for in house systems, they have no clue about what are those and why should we do it (most are used to PHP spaghetti where everything is in php&html)
4. Too dependent on RDBMS that slows down development time due to having to design ERD and relationships that are often changed when users ask for process revisions anyway
5. Users directly contact programmers, including their personal whatsapp to ask for help/report errors that aren't even errors. They didn't read user guides
6. I have to become programmer-sysadm-helpdesk-product owner kind of thing. And blamed directly when theres one thing wrong (excuse me for getting one thing wrong, I have to do 4 kind of works at one time)
7. Overtime is sort of expected. It is in the culture
If you asked me if these were normal 4 years ago I would say no. But I'm so used to it to the point where this becomes kinda normal. Jack of all trades, master of none, just a young programmer acting like I was born in the era of PASCAL and COBOL9 -
It's 2022 and mobile web browsers still lack basic export options.
Without root access, the bookmarks, session, history, and possibly saved pages are locked in. There is no way to create an external backup or search them using external tools such as grep.
Sure, it is possible to manually copy and paste individual bookmarks and tabs into a text file. However, obviously, that takes lots of annoying repetitive effort.
Exporting is a basic feature. One might want to clean up the bookmarks or start a new session, but have a snapshot of the previous state so anything needed in future can be retrieved from there.
Without the ability to export these things, it becomes difficult to find web resources one might need in future. Due to the abundance of new incoming Internet posts and videos, the existing ones tend to drown in the search results and become very difficult to find after some time. Or they might be taken down and one might end up spending time searching for something that does not exist anymore. It's better to find out immediately it is no longer available than a futile search.
----
Some mobile web browsers such as Chrome (to Google's credit) thankfully store saved pages as MHTML files into the common Download folder, where they can be backed up and moved elsewhere using a file manager or an external computer. However, other browsers like Kiwi browser and Samsung Internet incorrectly store saved pages into their respective locked directories inside "/data/". Without root access, those files are locked in there and can only be accessed through that one web browser for the lifespan of that one device.
For tabs, there are some services like Firefox Sync. However, in order to create a text file of the opened tabs, one needs an external computer and needs to create an account on the service. For something that is technically possible in one second directly on the phone. The service can also have outages or be discontinued. This is the danger of vendor lock-in: if something is no longer supported, it can lead to data loss.
For Chrome, there is a "remote debugging" feature on the developer tools of the desktop edition that is supposedly able to get a list of the tabs ( https://android.stackexchange.com/q... ). However, I tried it and it did not work. No connection could be established. And it should not be necessary in first place.7 -
Worst: forced to work for 9 months on a shitty wp theme:
- colleague with no clue trying to make me do their work… check
- incompetent manager doing shit about it… check
- idiotic pipeline requiring to redeploy for every asset update… check
- micromanaging cto which for some fucking reason didn’t want to allow access to the writers, forcing the role of content editor on the devs… ducking check! Quack!!
Best: automated lots of processes in my free time, all stuff which I can reuse! -
I had a brainfart and I can't google it, do you happen to know of a game that deals with inventory in the style of a stack (large, but you can only access the topmost few elements at any time)?4
-
It probably will be an unanswered question, but let's try.
Does anyone know of a large project using onion / hexagonal/ ddd or similar architecture with free access to the source code...
Or an example of said architectures that goes beyond "trivial dumb example".
The new recruits need... A lot of brushing up (I'd be for electro shock treatment and other stuff, but somehow HR thinks I'm joking).
As said, most examples I found are too basic. On the other hand, if I write now a good example, I'd need to do it in either my free time (nope, just nope) or jiggle it in somewhere in company time (aka it will be never finished nor be in a useful state).
Programming language preferred would be Java, but as I'm fluent in most languages except the forbidden ones (JavaScript and it's friends) ...
Anything would be helpful.
Most welcome would be an example with a focus on Adapter / Ports, e.g. abstraction of HTTP client usage / ORM etc.
Thanks.12 -
IT admins of devRant, explain my dumbass the following:
Why would an IT department put servers in a VPN without TLS.
They presume they don't need because muh-VPN.
And then they don't want to hand out VPN connections to anyone and force me to use Citrix RDP 🤡
I know there are security reasons, but is there not a better way? Like goteleport.com ?
Asking for a friend (or several)5 -
When file managers copy and delete files within the same partition instead of moving or renaming them…
When Google's Storage Access Framework was introduced, it did not feature a move command, so file managers just resorted to copying and deleting files within the same storage. Not only does this cause needless wear and is much slower, but it also destroys the date/time attribute (it gets changed to current).
When moving files through MTP (miserable transfer protocol, used for connecting smartphones to PC), they are also copy-deleted. This makes moving a 20-Gigabyte DCIM folder impractical. Also, if one cancels the operation, it might end up whoopsie-daisy deleting some files from the source before they have been transferred.
MTP is so bogus that it is incapable of a simple operation that would JustWork™ on mass storage devices. Not to mention, MTP lacks parallelism and its directory listing loading it S-L-O-W. Upwards of a minute for just 1000 files. Sometimes, it fails loading at all.
Also, trying to rename a file through MTP using the terminal through GVFS, even if just within the same folder, it copy-deletes it. If I want to rename a 1 GB 2160p 4K video in a highly populated DCIM folder, I can not do so through the terminal. At least, the 4K video has a time stamp in its internal metadata, but it still renames slowly and adds needless wear to the smartphone's flash memory.16 -
I'm in vacation in portugal and in the apartment the WLan has the default ssid. So i tried to login with the default credentials into the web panel. It worked... Now i have superuser access and can change everything i want...4
-
The HR for my last employer sucks.
After I left, my employer changed record keepers for the 401k before I could rollover the funds to an IRA. I thought, “It will be fine. I’ll wait until they finish setting up the new record keeper. Then, I can do the rollover.”
When the blackout period was about to end, I didn’t receive any instructions about the new record keeper. The funds had been transferred already and I called the old record keeper to confirm it was done by my former employer. I think, “Maybe they forgot to contact me because I’m no longer an employee.”
I email HR and ask when I can expect instructions on how to access the new record keeper. Idiots send me instructions for the old record keeper and how to file for a distribution. HR had actually called the old record keeper for these instructions when the funds were no longer with the old record keeper. WTF 😤
It takes all of my strength to write a civil email. I remind them that funds were transferred nearly 2 weeks ago by them to a new record keeper. I repeat that I need instructions on how to access the new record keeper and I don’t need instructions on how to file for a distribution from the old record keeper.
I’m effing glad I don’t work there anymore. I can’t deal with that HR’s idiocy anymore.1 -
Why is mobile development still a thing?
Hear me out. All these simple apps, like shopping centre discount, eshops, vinted, other kinds of webapi consumers. Many have a website and a phone app.
Why??? Why the phone app? What's wrong with just embedding your responsive webpage into a webview and call it a day ffs?
I mean, maintenance becomes trivial and there's no split brain. No? What am I missing?
Not talking about apps that rely on android/ios api, for like camera, calls, storage access, sensors etc11 -
Infrastructure took away our read access in S3 to data that we own and our ability to manually delete/upload to S3 in that prefix (which we own). Without waiting for us to confirm that we have alternative means to read and change what is in there. And I had no warning about this, so here I am doing a midnight mod on an existing solution of mine in hopes that I can finish it before tomorrow morning for some legal reporting deadline.
Things would be so much easier if the infrastructure team let the emergency support role have those permissions for emergencies like this, but they didn't. I guess "least privilege" means "most time spent trying to accomplish the most trivial of things, like changing a file".8 -
When I first started down the path to becoming a developer, I was a "business analyst" where I managed our departments reports and ended up migrating all the reports from daily query run in MS Access with Task manager and emailed out to all the managers including the VP of the entire business unit, I created
Views in the database and sent out the same spreadsheet with the view in excel daily since management didn't want "change". Granted this was at a large health care company in the US and didn't want to invest in a real dashboard for their reports. The only thing that was changed in the email and file was the file name with the current date. I left the company a while ago and recently applied for a similar position for the shits and gigs. Interviewed with the It manager and they're still using the same excel macro I wrote 3 years later.2 -
Fuck Apple with two pineapples in the ass. 99€ per fucking year to tell me how the fuck should the access to my app be. I damn require users to sign up. I only need email and country. Not a single other piece of data. My app is not a goddamn catalogue or boutique. No free content, free app but each user needs to Auth themselves. You fucking telling me y pay 99€ so you decide how the access to my app should be?
Cunt Apple should rot in 10 day old humid shit and let devs be owners of their apps and hard work. Clowns.7 -
stupid react fucks, they upgraded webpack to 5 which breaks being able to access process.env
good thing you can't access the webpack config to fix it!
essentially this "wise decision" by the team makes this entire docs page WRONG: https://create-react-app.dev/docs/...21 -
Fucking lazy product managers....
Can't fucking care about renaming a word document....
The document says template you moron. You are supposed to duplicate it for your requirements. Not edit directly on the template.
And fuck whoever gave this moron edit access to a global template.
Fuck....3 -
So ok, today was a crazy day.
New sprint, new ticket.
Work on the bug tickets first he said ….
Sure can. Oh had I just known that this very first innocent looking ticket is the way to coder‘s hell ….
‚Access of undefined‘ it said. Easy to fix, I thought.
Until I found the very same code twenty-fucking-two times over about 50 files!
Who would guess that exportSingleOperatorBooking, exportSeveralOperatorBookings, exportAllOperatorBookings (… and more) could in practically be the same? Nah, they all use different interfaces.
Oh wait, the alias type of the extended sub-interface of file misc.ts is the same logical content as a differently named interface below another different interface with the same content as in another ts file?
Wait that can‘t be. Riiiiight?? 😳
8h later I have barely scratched the surface of refactoring this shitshow of a project.
But no, I refuse to put the same error handling multiple times in different places.
I could have been done already. I could have saved my soul, my sanity. But I will be brave and strong to save the innocent developer that will cometh after me. For I shall be rewardeth for my sacrifice.
Amen.8 -
AWS test error: An error occurred (AccessDenied) when calling the PutObject operation: Access Denied"
Hmmmmmmm
* proceeds to spend 2 hours correcting the role and policy for said user *
Alright, let's test!
AWS test error: An error occurred (AccessDenied) when calling the PutObject operation: Access Denied"
fuck you.
i'm not fucking sleeping until this is resolved7 -
Let me tell you a story about an independent contractor who was just told the reason I don’t have enough information to build, deploy, access, or test the software I was brought on to maintain…
is that the previous developer is holding all documentation essentially “hostage” in an attempt to squeeze more payment out of the client. What the tap-dancing shit have I gotten myself in to.3 -
Real conversation with my shit bank
Me: Hey, I want to change the phone number associated with my card because I no longer have access to it. (aka stolen). I can't find the option to do so on your website anymore.
Them: Yeah, for security reasons you now have to come down to the bank (which involves standing in line for anywhere between 40 minutes and 2 hours) to do that simple change.
The actual fuck.12 -
!rant
The new end to the idiotic code snippet head scratchers interviews (awkward for both parties but nobody is willing to admit it)?
Hometasks.
Infinite internet access, use whatever tools you want, do as much as you can in 2-3 hours.
The best non-toxic way to see how someone works as a dev.
This is the way I expect you to work, so this is the way I will interview you.
Sorry silicon valley, we don't need people who can write up a binary search algo from rote memory.3 -
Data wrangling is messy
I'm doing the vegetation maps for the game today, maybe rivers if it all goes smoothly.
I could probably do it by hand, but theres something like 60-70 ecoregions to chart,
each with their own species, both fauna and flora. And each has an elevation range its
found at in real life, so I want to use the heightmap to dictate that. Who has time for that? It's a lot of manual work.
And the night prior I'm thinking "oh this will be easy."
yeah, no.
(Also why does Devrant have to mangle my line breaks? -_-)
Laid out the requirements, how I could go about it, and the more I look the more involved
it gets.
So what I think I'll do is automate it. I already automated some of the map extraction, so
I don't see why I shouldn't just go the distance.
Also it means, later on, when I have access to better, higher resolution geographic data, updating it will be a smoother process. And even though I'm only interested in flora at the moment, theres no reason I can't reuse the same system to extract fauna information.
Of course in-game design there are some things you'll want to fudge. When the players are exploring outside the rockies in a mountainous area, maybe I still want to spawn the occasional mountain lion as a mid-tier enemy, even though our survivor might be outside the cats natural habitat. This could even be the prelude to a task you have to do, go take care of a dangerous
creature outside its normal hunting range. And who knows why it is there? Wild fire? Hunted by something *more* dangerous? Poaching? Maybe a nuke plant exploded and drove all the wildlife from an adjoining region?
who knows.
Having the extraction mostly automated goes a long way to updating those lists down the road.
But for now, flora.
For deciding plants and other features of the terrain what I can do is:
* rewrite pixeltile to take file names as input,
* along with a series of colors as a key (which are put into a SET to check each pixel against)
* input each region, one at a time, as the key, and the heightmap as the source image
* output only the region in the heightmap that corresponds to the ecoregion in the key.
* write a function to extract the palette from the outputted heightmap. (is this really needed?)
* arrange colors on the bottom or side of the image by hand, along with (in text) the elevation in feet for reference.
For automating this entire process I can go one step further:
* Do this entire process with the key colors I already snagged by hand, outputting region IDs as the file names.
* setup selenium
* selenium opens a link related to each elevation-map of a specific biome, and saves the text links
(so I dont have to hand-open them)
* I'll save the species and text by hand (assuming elevation data isn't listed)
* once I have a list of species and other details, to save them to csv, or json, or another format
* I save the list of species as csv or json or another format.
* then selenium opens this list, opens wikipedia for each, one at a time, and searches the text for elevation
* selenium saves out the species name (or an "unknown") for the species, and elevation, to a text file, along with the biome ID, and maybe the elevation code (from the heightmap) as a number or a color (probably a number, simplifies changing the heightmap later on)
Having done all this, I can start to assign species types, specific world tiles. The outputs for each region act as reference.
The only problem with the existing biome map (you can see it below, its ugly) is that it has a lot of "inbetween" colors. Theres a few things I can do here. I can treat those as a "mixing" between regions, dictating the chance of one biome's plants or the other's spawning. This seems a little complicated and dependent on a scraped together standard rather than actual data. So I'm thinking instead what I'll do is I'll implement biome transitions in code, which makes more sense, and decouples it from relying on the underlaying data. also prevents species and terrain from generating in say, towns on the borders of region, where certain plants or terrain features would be unnatural. Part of what makes an ecoregion unique is that geography has lead to relative isolation and evolutionary development of each region (usually thanks to mountains, rivers, and large impassible expanses like deserts).
Maybe I'll stuff it all into a giant bson file or maybe sqlite. Don't know yet.
As an entry level programmer I may not know what I'm doing, and I may be supposed to be looking for a job, but that won't stop me from procrastinating.
Data wrangling is fun.2 -
Seriously WTF TP-Link?
Bought an Archer T4E Wifi adapter card for my PC. This has got to be the worst piece of shit hardware ever sold.
I mean are you kidding me? This card has two TWO!! antennas sticking out of its back and won't maintain a connection to an access point that I have NO PROBLEM AT ALL connecting to with my fucking phone? And don't even try to connect to the 5G network with this embarrassment of a WIFI card.
Looking at the support forums and loads of people complain about the exact same thing without any reply from this shit company.
Seriously screw you TP-LINK I will never buy any hardware from you again.17 -
After brute forced access to her hardware I spotted huge memory leak spreading on my key logger I just installed. She couldn’t resist right after my data reached her database so I inserted it once more to duplicate her primary key, she instantly locked my transaction and screamed so loud that all neighborhood was broadcasted with a message that exception is being raised. Right after she grabbed back of my stick just to push my exploit harder to it’s limits and make sure all stack trace is being logged into her security kernel log.
Fortunately my spyware was obfuscated and my metadata was hidden so despite she wanted to copy my code into her newly established kernel and clone it into new deadly weapon all my data went into temporary file I could flush right after my stick was unloaded.
Right after deeply scanning her localhost I removed my stick from her desktop and left the building, she was left alone again, loudly complaining about her security hole being exploited.
My work was done and I was preparing to break into another corporate security system.
- penetration tester diaries2 -
An app I'm making for a client currently has 23 "pages" that are simply web views.
Most of those pages have A HREFS which open other pages (some external pages that I have no access to as a developer).
Of course, some of the links aren't HREFS and are javascript calls to change the content on the screen without going to another page. So the user thinks they have gone to another web page when then system doesn't recognise it as another page...
Additional to this, there are multiple versions of the pages depending on which language the user has selected in the app.
And nobody seems to have considered how the default back button handles all these possible eventualities (whether it can go back to previous web page, IF it was an HREF and not just JS mimicking a new page (and how would my webview even catch that), and of course IF the language hasn't changed during the user journey etc etc)
Am I wrong for being annoyed about this? Am I the dick for not developing a clean solution to it? Or am I justified because webviews have no place inside an app!
I'm sort of hoping apple deny this app due to too many web views :S8 -
How do I interview or access a potential teammate? What are the things to look out for and what are the appropriate questions to ask?
FYI: I am a Frontend Developer2 -
I got a very low power Netbook lately for basically no money.
I thought about using it for some server monitoring / server access via ssh console.
Which Linux distros would you recommend for such a use case. Tried Something like core-os and Debian(lxde) yet but wasn't very satisfied with both options. Both could not display the battery capacity and Debian didn't detect the Intel WiFi.
The Netbook has 512mb of ram which should be fine for a lightweight gui and more than enough for a ssh connection 😅
Thanks a lot for the recommendations :)12 -
Haven't pushed anything to my github repos for over a year. Tried it today and it took me FOURTY FUCKING MINUTES to figure out this Personal Access Token HORSESHIT.
FUCK YOU GITHUB, why must every aspect of software development become spoiled by PARANOID FUCKING FUCKWEASELS?5 -
Alright boys.. calling in my networking friends for help..
Recently switched my ISP and got a fibre optic installed (100Mbps).
Thr ISP provided a new TP-Link router which supports 5GHz as well as 2.4GHz.
Some of my devices support 5GHz and connect to that network which works flawlessly.
However, my phone does not support 5GHz and hence, have to connect on 2.4GHz.
Somehow, the main router as well as the access point, are not functioning well for 2.4GHz. Whenever the connection is established, it would work fine for a minute or two before the networks starts disconnecting.
Restart the device Wi-Fi and it works for few moments and the cycle repeats.
I am not sure of what is causing this issue.
For the records, the access point is an old D-Link router. Why I mention this? Because funnily whenever the access point cable is plugged into the main router and I login to the router, the system logs me into the access point router (D-Link instead of TP-Link).
Can someone please help me resolve this issue?
Fun fact: The D-Link was a giveaway by one of my dR friends @Bigus-Dickus8 -
! rant, but should I be concerned?
I'm writing an election results API and I imported the bottlepy+pandas and prepped the CSV that contains the data. The first row contains the column names, followed by the actual data.
As I typed my routes, VSCode kept suggesting route names, parameters, and return values. At first I was "nice!" but then it kept suggesting my intent, as if someone was reading my brain. I do have GitHub Co-pilot installed, but I didn't realize my access had been approved.
How many layers of tin foil do I need?3 -
!tech
i was feeling very disturbed thinking about this thing, so just wanna share here. trigger warning : this is about 2 recent news (1 national and1 international) about crimes against women and its affect on me, a male , somewhat privileged guy with rarely any women in life.
news 1 : some lady in iran getting killed by police due to religious laws . news 2 : a receptionist girl in india getting killed for not providing sexual services to hotel people .
i will come back to first news in a bit, but second news has shaken me to the very core. i saw a post where her dead corpse was being taken up by her acquitances and she is just ... lifeless, hands going sideways, face hung at one side, mouth open... damn :'(
read more here : https://indiatoday.in/india/story/...
i am not at all related to this news, but somehow, i as a guy feel disgusted and being responsible for this sad event. this is not an act of power or lust , this is an act of a horrible mentality.
i come from the city where the world's most number of hate crime and crime against women take place. and pathetic politicians and people of power blame it on women's dressing and mens "naive nature" and , "boys being boys, accidentally making mistakes" . little did anyone know that this mentality has been cooking in the streets for last so many years.
i am a single child with no siblings or grandparents, my relatives rarely visit me and my last 24 years on earth rarely involved any female companionship apart from my mom.
i like girls, i find them cute. i really want to be with someone, to have a consensus relationship. but the talks among my homie groups and other male friends have gone toxic to the level that a national issue syarted feeling relatable.
the feeling of getting affection from someone has somehow turned into a lust, a "game", a "service". one guy( who recently shifted to other state) would use to tell us how he would visit " red light areas" , another one(also left) once tried to ask for that "service" in a camp where we were staying during a trip, and used to tell how he would hook up with girls on Instagram.
we used to laugh at those things, find them interesting and enjoyable. i would think about them in deep, thinking that this is something possible, a transactional access to sex, with me now earning enough to afford it.
now, seeing this news i feel so shitty and being a horrible human. those thoughts were not originally mine, but i didn't opposed them. rather i laughed on it , and thought that once am even more powerful financially and politically, could even entertain that approach.
As a guy, i want to say i am deeply, terribly sorry.
This mentality needs to be changed. my homie group is not just the only group of males that has such vile thoughts having openly propagated. every park, every company meeting , every library, every gym, anywhere i go, i can just show up a coffee cup and shout "women,huh" and can get a laughter followed by several low voices whospers on which girl is a "s***" there .
there are multiple points of failure in our society that are causing these. the news 1 from the start of this rant is the very first : role of government and religion on controlling "dresses and behaviour" of women
another comes the role of sex, culture and gender education in institution. institutions in my areas are so fucked up: they teach how plants fuck and bees suck honey to a puberty hit student, but doesn't teach consent, relations and personal behavior at any age. my school would even try to sometimes make all girls sit in a seperate row and other times would force guys to sit with girls. don't know what they got for this authoritative behaviour, but that sure didn't impacted our brains very rightly.
lastly this needs to be made clear in evevry guy's mind that paid prostitution, forced prostitution and consensus relationship are 3 different things, and only a respectable , consensus relationship is something you should think about and prepare for.14 -
I dreamt we had a linux shell build-in our brains. Was not that useful though because it was kind of sandboxed so you could neither access any memories or brain functions, nor insert any data other than text. But at least you could test some bash scripts and such.9
-
Itd be cool if we could get something like Schenzen.Io going, but you build the chips from the gates up
Maybe package them into modular units, and connect those at a higher level or abstraction, ad infinitum.
Then add access to virtual LCD output, and other peripherals, or even map output to real hardware, essentially letting you build near bare-metal virtual machines.
Dont know about that last part, but the closest I've seen to the rest is circuit simulator and again, schenzen.
On the machine learning front I figured out I need about ten times as many training samples as validation samples, or vice versa. I'll have to check my notes. Explains why I could get training loss below 2.11
Also, I'm looking at grouping digits, and trying different representations. I'm looking at the hidden variables for primorials to see what that reveals. And I realized because of the amount of configurations and training that I want to do, even a personally built cloud isnt going to be sufficient. I'm gonna have to rent someone else's hardware and run it "in duh cloud."
Any good providers that are ridiculously upfront for beginners to get started with? Namely something cheapish.3 -
I don't have any experience with cloud providers and I need to get a server for a project.
The website will be up for 3 weeks, access will probably be very uneven, the total user count is somewhat below 2000.
The site will probably be quite interactive and real-time, content may be changing every few seconds for an hour and then remain unchanged for days. I will also need either SSE or websockets for this reason.
What should I consider when selecting a cloud providers? Do you have a good one? My ideal provider would scale resources according to traffic like I've heard AWS does, but I want to hear your opinion first especially considering I know very little about how server load works.1 -
I always hated in school computing lessons when the teachers pet students would snitch on you for getting around the school network stuff.
Many people in the lesson would always play games instead of doing what they were meant to. So the teacher turned off the internet in the room using the admin control stuff. Then when I found a way around it all so I could watch some educational YouTube videos, the stupid teachers pet would snitch on me. Luckily the teacher knew I wasn’t using it to mess around, always felt good when he said that I could access it because I’m the biggest security threat to the school.
Did you ever have issues with snitches in computing lessons?6 -
Should have asked for forgiveness instead of permission, it should have been an easy two line fix to unblock a developer trying to access a node in a different region in our testing environment.
Instead I’m being ordered on high to play messenger between two people like a pair of teenagers sitting at the dinner table telling mom to tell Jimmy to pass the salt instead of just asking Jimmy directly, and now people want to get on zoom and talk about it.
Just PR the IAM template change, approve it if it’s fine and let me get on to something that isn’t literally babysitting someone’s AWS access ffs.2 -
client: "I cannot access the app"
me: "How? Can't install app? Can't login? Any error messages?"
client: Sends picture, one of the screens shows error
I really don't understand some users. How does one connect the dots between "cannot access" and "screen error". -
Joined a new company and the first few weeks were a complete bore (didn't have access to anything). Ended up wasting time instead of using it elsewhere. Now that I am swamped with work I've the sudden spark to learn every skill I thought I should pick up. Does this happen to anyone else? Motivation comes only on busy days.1
-
Started working for a new company as a data lead, created a couple of basic lambda functions for a pipeline... 5 approvals and three weeks later the functions haven't even been pushed to UAT (which I'm not allowed access to).. Have I been lucky before or is this dysfunctional..?
-
I want to access my Server from anywhere. Should i use something like noip.com (DynDNS)? Or is there a better way?11
-
Android 12, stop telling me every other day which app has permission to access my location in the background. I know, I gave permission, and I want to keep the setting "Allow all the time". Where's the "don't ask again" option?
And why does this happen for an app released by the German federal government (about once a week) but never, ever for your shitty Google Maps that always seems to know where I've been (at least if don't leave my phone at home, which is hard to do in times when you have to show your digital proof of vaccination everywhere yo go). Fucking Android, fuck the Android 12 clunkiness (inspired by Apple's iOS?) and fuck the fucking notifications. This is my phone, I paid for it, I own it, I want to turn off this bullshit. Wait, Google, once I find time to get back to LineageOS/Cyanogenmod you will never see a trace of my digital existence again. Oh, and fuck your "digital wellbeing" as well! At least you let me turn that off. Yes, I know, I am not grateful, but that's what devrant is for, isn't it? Fuck you, Google!2 -
!Dev
If I was rich I think I'd donate to schools and children educational funds a lot
There's so much more that I've been able to learn about and do now that I have my own income stream and it's not just my dad supporting me and my 2 brothers himself. so I have the means to buy a server off eBay, or get books every few months on topics I find interesting, or upgrade my ram to an obscene 48GB to toy with ML and AI from my desktop when the whim arises, as well as all the stuff I'm learning to do with raspberry pi boards and my 3D printers, and the laptops I collect from people about to toss good fixable electronics
So I think I'd want to open the same doors for other children if I ever could who knows how much farther I could be if I had this same access when I was younger and didn't get access to my first 'personal' laptop when I was already 14 or 15 years old
I still consider my childhood 'lucky' and I had many opportunities other children couldn't get, but if I ever could I think I'd like to make future children have more opportunities in general1 -
Question.. architecting a large system. I’ve broken it down to microservices for the DB and rest API / gateway
I want there to be some some processes that run continuously not event driven via rest. Say analytics for example what is the best way todo that? Just another service running on on a server? And said service has its own API? That when the other rest APIs are called could then hop and call the new service?
Or say we had a PDF upload via rest should that service then do the parsing before uploading to DB .. or should the rest api that does the uploading then call another rest api to another service dedicated todo the parsing and uploading to the db?
I think the bigger way to explain the question is the encapsulation between DAL.. data access layer which I have existing.. but then there’s the BLL .. buisness logic layer which I don’t know if it should have its own APIs via own microservices running in the background.10 -
Whoever designed scoped storage on Android deserves to be congratulated, they managed to make it less usable than qubes os. I've had to rename a file to png and put it in dcim to be able to access it because for some reason download and documents folders need a special snowflake way to be accessed.
Also why the fuck does the dev need to declare the permission to access all files like a file explorer and I can't change it unless I get the app from github and recompile it?2 -
OK I need some help. I need to make sure I’m not losing my mind.
We are using an ERP which is hosted by another company. We are supposed to be able to access the data via a REST API. This works fine using Insomnia or Postman, but when I attempt to hit the API from my web application, CORS blocks the localhost origin.
I contacted the company’s technical team to request that they change the CORS configuration to allow localhost. They keep running me around in circles telling me that I don’t know what I’m talking about because localhost isn’t a DNS resolvable name and I’m doing something wrong and they don’t need to change any configuration.
They insist that if anything would need white listed, it would be my IP, not localhost.
I sent them screenshots and stack overflow posts and documentation links, showing them exactly what headers need to be set and where the configuration needs to be set in the ERP. They tell me I don’t know what I’m talking about.
They tell me that if I can hit the API from Postman, I can hit it from my browser.
Am I losing my mind? Have I fundamentally misunderstood CORS all these years? I’m sure I’m right. But I’m starting to feel like I’m crazy.19 -
Where have i been? the answer is Yes. im still alive, caught rona 3 times never been better.
as a OKAY not pro developer i can create what i want.
and if you're wondering. Yes i have deleted my rants.
i use typescript. i will not go back to js.
RUST IS SUPERIOR TO C++
(i still use C++ because i am a mad cheater in android games this is gonna probably come to a halt soon i haven't been on my mobile a while)
all i literally had to do was sit at a computer for hours. stick to one language and just build projects on my own i stopped coding on mobile after one of my unstable projects had got access to my devices files. oh and last but not least tampermonkey sucks and my favorite game moo moo.io and sploop.io is full of macroers, cheaters and now nobody wants to play legitly in the game. i forgot this website and decided to take things slowly. time goes fast when your mind really be dazed.5 -
Any file manager without range selection is basically crippled.
Desktop PC file managers had the ability to select many files at once since at least the 1990s, yet smartphone file managers typically still lack it as of 2022. This means if I want to select a range of files, I have to tap each file individually. That's OK for - like - 20 files, but not for 1100 files. I'd need more time to select those files than the transfer would take, and if I accidentally hit anything that closes the app, I can start all over again. <sarcasm>That is how I wish to spend my day.</sarcasm>
In the early 2010s, ES File Explorer brought a dragless range selection feature, where only the first and last item had to be highlighted and a button pressed. This means over 5000 items could be selected in 10 seconds: tap item A, drag the scroll bar, tap item B, tap range selection icon, then done! But then Google came and said "sorry, you can't have nice things" (not vocally but through actions), and forcibly disabled write access to the microSD card to third-party applications. The only way to evade this restriction was through rooting.
Then, Google "blessed" us with storage access framework and then iOS-like scoped storage "to protect us". https://xda-developers.com/android-... . Oh, thank you for your protection by taking freedoms away!
The pre-installed file manager of Android still lacks range selection THIRTY YEARS after desktop computers came pre-installed with this feature. Shame on you, Google. This isn't innovative.
If Google will implement range selection, I guess they will make it half-assed by implementing drag-to-select, which is hardly more useful than individual tap selection for thousands of files. Then they tell us "you wanted range selection, here you are! Now don't bug us.". Sorry, but users don't want half-assed drag-to-select, but real tap-A-B-selection and a draggable scroll bar.
Some mobile file managers even lack a draggable scroll bar, meaning if I want to go near the center of the list, I have to swipe up like a dog or cat licks water from a bowl.10 -
Someone didn’t properly set the httpcookies domain for our staging and production websites. Yep, this was a C#/.NET site. The cookie domain for the staging site was set to the production domain instead of the staging domain (which was a subdomain). So if someone logged into the staging admin, that would also grant them access to production admin if they also had an account in the production site.
The staging site technically had an additional login to enter the site, but the username and password weren’t too hard to guess. It was like that for years until I was hired to be an in-house dev (the role was previously outsourced to a software development company).
The admin side of the website wasn’t very sophisticated. But there was enough personal identifying info for a hacker to do something with.
I don’t know how they weren’t hacked yet. Honestly, I’d tell my employer to go back to that software agency and ask for a refund and cite the shotty work.2 -
Interesting (worrying) thing that happened to me a few weeks ago:
One day, every time I clicked on youtube the button "add to playlist" on any video, youtube requested access to my microphone.2 -
*Frustrated user noises* Whyyyy, Grafana, why don't you implement any actual query forgery checks?!
So long as a user has access to the Grafana frontend, they can happily forge the requests going off to the backend, and modify them to return *whatever* data they want from the datasource.
No matter that they're a read-only user. That only stops them from modifying the dashboard definitions on the frontend, but doesn't enforce any sort of immutability on the BE...
If anyone had any tips on how to further secure it, I'm curious...5 -
When I found out that the server I use weirdly implements SSH login.
For some very odd reason (probably a historical one,) you have to access the web-app console and press a button TO GRANT SSH ACCESS TO THE F*<KING IP ADDRESS FROM WHICH I PRESSED THE BUTTON. The server blocks the wrong IP addresses outright. And only one active allowed IP at a time. This totally obliterates my plan to perform CD on this server. Why can't I just register public keys?
Then I learned several months later that they introduced a new server plan that *does* support the public-key registration. :facepalm:
I'm divided on whether to change my plan in exchange for a rather significant increase in the monthly cost.3 -
At the very start when I learned my first language. Didn't know where to find the "{" and "}" keys on the keyboard. Thought I would never be a dev, since I couldn't write a program without those keys.
Or when I didn't understand the notation of accessing values inside an array. Thought things like array[0] would do some magic to the array and didn't know how to access other parts of an array. I was following a book back then. -
Recruiters often tell you to use numbers to highlight your successes. For example, "I did Programming Task ABC and increased sales of widgets by 1,000%". I'm curious how many of us actually have had access to and/or kept track of those kinds of success metrics in our prior jobs. I find myself guessing and even just making up numbers that nobody's going to have even the slightest possibility of verifying.6
-
Docker compose switches users but doesn't update the home directory. Both switching users and not touching envvars are very sensible default behavior, but the result is that the running service has no write access to $HOME - and many programs don't provide sensible error messages for this rather unlikely scenario.2
-
How Microsoft expect anyone to develop using any technology they introduce with so many limitations.
Moi a Microsoft dumb enthusiast said to myself : hey dude you are a developer stop whining about the app gap bust a move create decent array of apps and release them, went into a full project management mode wrote requirements did sketches and some prototypes, time to execute.
1. first app: image files organizer, viewer , with some light editor capabilities and album creator after some work i came to discover that you don't have a proper file system APIs to show a folder tree view in my app "WTF" there are work arounds and dirty solutions but seriously? i can only access the stupid media folders created by Microsoft and that's it.
so i ditched the apps until uwp become a development tools with target audience other than kids who eat crayons, and while using "Edge" i thought to my self : "you know what dude extensions are cool and if you do something like a speed dial it would be awesome"
fire up my text editor started writing my extension to discover that:
"you cannot use localStorage from local HTML files".
moral of the story
MS is failing with consumers not because people hate MS but rather MS hates itself like no engineer over there said to him self this is fking stupid ?
other limitations :
no proper system tray access
no registry access what so ever
and i have started 2 days ago.
yeah Ms this is the main app gap problem the uwp sucks big time. compared to android Java which has a great access to every aspect of the device even apple provide better APIs for their systems.
if uwp is MS future then rip MS.
please i stand corrected if anyone knows better.2 -
Client's IT department is fine about giving me a laptop for exclusive access to their VPN, security reasons, etc. Ok, fine I get it.
But they do not want to give me a Linux machine - only Windows!
How am I supposed to get shit done.11 -
Is there a way on Android 11 to open a terminal and access a package manager like in ordinary Linux ?10
-
How do you deal with clients that send you a link to implement some shit from Facebook for which you need to log into Facebook?
I don't have access to the company account and I'm not sharing my personal data with Meta, so most of the time I run into a login wall.2 -
Is there an ios app that records my gps logs for last n day(cyclic buffer)? Privacy is also important: data shouldn’t leave my phone: no internet access.9
-
Microsoft, please stop the incomprehensible work vs. school account stuff and if you want to mail me a login code, then please actually do send an email. What's wrong with Microsoft Teams and office always giving its users headaches already when trying to log in?
A customer sent me a "FindTime" link, something like Calendso / Calendly, but "powered" by Microsoft Office. Seems that their power is off again, like ever so often. Microsoft: "can't access your account: You can't sign in here with a personal account. Use your work or school account instead."
Okay, go to bing, and search your error message. Try to use bing page to log in to my account: Microsoft: "We emailed a code." (No you didn't. At least I never received anything. And, yes, I did check my spam folder!) Microsoft: "Other ways to sign in: use Microsoft Authenticator".
me: "dear customer, please feel free to pick any time and date that matches your preference, as the FindTime link has been impossible to use".
How can Microsoft make me feel so dumb again, after more than 20 years as a developer? Have they ever heard about usability?9 -
I spent the whole damn day trying to setup grpc-web, but this protocol is documented so damn poorly!
You manage to set grpc up for one language and it’s all cool, then you stupidly think that you are free to reuse the compiler you used for the nodejs version for your frontend part but nope! Our web module is now deprecated, please use this module instead!
“Ah yes just clone the repo and check out (…) and you can also check this link whic is in no way highlighted in the middle of a wall of text (…)”
*checking the other page*
Ah yes you need to install a package available only on your unix machine (great! Screw the devs in my team who use windows I guess, they’ll be happy to hear this!) and don’t forget to clone this repo to build your own plugin! And by that I ofc mean to compile it on your own!
- compiler error
After digging for an hour you find a requirement in an obscure issue opened and closed cause “ah yes we have a dependency not stated anywhere” *close issue and never add it to the project*
Fine, fine I can survive this bs
- another compiler error, no solution found after 2 hours
Honestly? Why the fuck do I need to compile this stuff? Just give me a damn npm package I can use? Goddamn it’s just transpiling, you don’t need access to my OS! (Aside for fs to save the files, and which btw is accessible via nodejs)
Now, I COULD download the latest realease as a precompiled, but… honestly?
I give up, I’ll do some shitty rest apis cause the customer’s not paying me enough for even THINKING to go trough this shit again when they’ll ask an iOS app. Or having colleagues asking me to help them understand how to do it.
Side note: also add typescript support to the web-code-generation ffs! Why does node have it and web don’t?5 -
Skein: noun - a type of access modifier, allowing a property to be read internally or externally, but only written to *externally*. See "orwell" for opposite access modifier.
hermit (noun) - an access modifier specifying a property may only be written or read internally.
Gopher (noun) - an access modifier not to be confused with a groundhog.
Blackhole (noun) - can be written to, can never be read. See dev/null for details.
In other news I wrote the basis for a cms in lua.
Because I hate the cloud. -
#Suphle Rant 9: a tsunami on authenticators
I was approaching the finish line, slowly but surely. I had a rare ecstatic day after finding a long forgotten netlify app where I'd linked docs deployment to the repository. I didn't realise it was weighing down on me, the thought of how to do that. I just corrected some deprecated settings and saw the 93% finished work online. Everything suddenly made me happier that day
With half an appendix chapter to go, I decided to review an important class I stole from my old company for clues when I need to illustrate something involved using a semblance of a real world example (in the appendix, not abstract foo-bar passable for the docs)
It turns out, I hadn't implemented a functionality for restricting access to resources to only verified accounts. It just hasn't been required in the scheme of things. No matter, should be a piece of cake. I create a new middleware and it's done before I get to 50 lines. Then I try to update the documentation but to my surprise, user verification status turns out to be a subset of authentication locking. Instead of duplicating bindings for both authentication and verification, dev might as well use one middleware that checks for both and throws exceptions where appropriate.
BUT!
These aspects of the framework aren't middleware, at all. Call it poor design but I didn't envisage a situation where the indicators (authentication, path based authorisation and a 3rd one I don't recall), would perform behaviour deviating from the default. They were directly connected to their handlers and executed after within the final middleware. So there's no way to replace that default authentication scheme with one that additionally checks for verification status.
Whew
You aren't going to believe this. It may seem like I'm not serious and will never finish. I shut my system down for that day, even unsure how those indicators now have to refactored to work as middleware, their binding and detachment, considering route collections are composed down a trie
I'm mysteriously stronger the following day, draw up designs, draft a bunch of notes, roll my sleeves, and the tsunami began. Was surprisingly able to get most of previous middleware tests passing again before bed, with the exception of reshuffled classes. So I guess we can be optimistic that those other indicators won't cause more suffering or take us additional days off course2 -
I can't seem to set up remote access to my current PC, whilst using remote access to reach the other PC..
I guess if I did, it would suddenly get stuck in a loop !3 -
Want to experience how a real dev nightmare feels like? Then try creating a native mac app. And make sure you use SwiftUI.
* No access to the SDK source code, thus you can only rely on documentation
* Everything you find on google is intended for iOS (including official documentation)
* Talking about official documentation it’s almost worthless
* Apple team doesn’t give a shit about macOS, so most obvious features are missing.
On a serious note, SwiftUI can be fun when it works, when it doesn’t you still can fallback to AppKit, but your codebase looks like some frankenstein monster.
I sometimes regret I was so stuborn to make a native app, instead of just cross-platform app with WebView.6 -
Hi,
I'll be away for one week in a place without any Internet access.
Do you have any suggestions on books / docs I could download for that time?
I'd love to learn some more about web coding in that time so books about that would be great.4 -
Dear Lord, please stop people from enforcing standards and bypassing them themselves.
Take kubernetes for example. Since v1.24 CRI has been announced as the standard, and kubernetes is shifting to live by it.
But it's not.
Yes, it's got the CRI spec defined and the unix://cri.sock used for that standardised communication. What nobody's telling you, is that that socket MUST be on the same runtime as the kube. I.e. you can't simply spin up a dockerd/containerd/cri-o server and share its CRI socket via CIFS/NFS/etc. Because kube-cp will assume that contained is running on the same host as cp and will try to access its services via localhost.
So effectively you feed the container via a socket to another machine, it spins up the container and that container tries to
- bind to your local machine's IP (not the one's the container is running on)
- access its dependencies via localhost:port, while they are actually running on your local machine (not the CRI host)
I HOPE this will change some day. And we'll have a clear cut between dependencies and dependents, separated by a single communications channel - a single unix socket. That'd be a solution I'd really enjoy working with. NOT the ip-port-connect-bind spaghetti we have now.4 -
With the current pace of gpt and dall-e, it’s looking more likely that a lot of development roles may go obsolete in the nearest future (3+ yrs).
I see the possibility of building full fledged websites and fixing bugs based on voice commands. The picture of this possibility is quite vivid in my head because it’s totally feasible technical-wise.
The only delay that may occur in this dynamics is the slow pace of its implementation by existing developer tools. Of which I think the reason is directly related to the cost of management of resource, quite the limiting factor here.
But imagine if a big tech like google creates a platform to build websites based on voice/text commands using advanced gpt inline with its access to existing corpus of data; that to me is “game-over” for web devs.18 -
I'll just reboot my phone, what is the worst that can happen..
"File size too big, may crash application"...
It doesn't, but for some reason it only opens my todo list as READ ONLY..
Well, that isn't very helpful is it !
How big is too big you are wondering, 200k it says, anything beyond that, big problems..
Of course, its some weird ass text format that means editing it in another editor will be, really difficult..
Grrr..
And I just got a newer phone, only the screen is cracked :-(
Did it happen in transit I wonder, or did the seller not notice, or did they notice and that is why it was super cheap..
It was covered in bubble wrap, in a box, which was then covered in a lot of bubble wrap, inside another box..
But when I opened it, the case of the phone was loose, like it had been dropped..
So, did that happen in transit, or maybe the sell just dropped it the moment before they started to wrap it in bubble wrap..
You can't see it easily, only at a certain angle in the light, and the phone appears to work ok so far..
I guess a really good case for it and a screen protector to help hold the screen together for a few years might work fine.. ?
Now to spend all day getting access back to my todo list..8 -
What did I do while down for the count with Covid?
* Setup a static React site
* Hosted the site at Cloudflare Pages
* Protected the page through CF access
* Extracted the JWT
* Setup a Rails API to validate the token
Now I have static React UIs with a nice rich API backend.2 -
So we having a heated debate about MS decision on introducing ads on me menu
So was saying this can be a potential critical vuln as always... its kind of like MS tread Mark now :-C
My reasoning was now ads will have direct access to pc memory since they are being delivered straight to your pc
and this other guy went on to say they are being delivered to your machine they are being delivered to explore...... and I was like WTF?? isnt explore a process running directly on your machine?? -
So I am pretty fair dev at Java and have been doing freelancing for sometime apart from normal full time job.
Got a client , a well funded one, who raised a decent chunk of money recently.
Got me do a couple of different areas right from refactoring and bumping their performance to all the way setting up AWS Services like RDS,Lambdas,Dynamo,SQS.
It was going good , money was coming in for the initial part.
Thinking that money is not the concern here , I accepted work at runtime and gave quotations about the additional work.
However now that all is done and deployed , the client simply refuses to pay me the money and has ghosted me horribly than my ex ever did.
I have access to their GitHub,AWS(I setup myself).
Need suggestions of whats the best way I can fuck them up if they decide to not pay even after a few more professional polite attempts I do .
sidenote : They had a pretty dumb db design and blindly had resorted to services in AWS and the pricing is still a major point of concern for them.10 -
took me four hours plus to get a nodejs app to successfully run on cpanel.
at this point I just want to sleep and sleep forever.
why will anyone ever want to deal with this?
the ssh access? complete crap but it was better than having to deal with the janky ui, it was also slow as fuck1 -
I am busting moves rn. I'm in the bathroom but the surge of energy is making me pump my arms like the time Leo Messi scored a clutch winner against Valencia in 2019
Remember the plugin I referred to in this rant? https://devrant.com/rants/6019851/...
Yup! I managed to subdue that fossilised codebase. Effected all changes required. To have a rough idea about how ancient the code is, its classes use constructors predating PHP 5. It throws away the ~15 years of autoloading, view templates, routing engines, DI, ORMs (NO PDO!!), lower-cased multi word variable names, etc. I'm looking at SCRIPTS with raw functions north of 4-600 lines. The client insisted I zip the folder across
BUT! The good news is, we surmounted it. In fairness to them, it's commendable for one man to have pulled this off. The codebase is massive and appears to have been predominantly written by some Gideon dude. Who knows where he is now
There is one pattern I appreciate –something I wish Transphporm does–some segments of the rendered view are composed using class methods ie instead of having the HTML file mixed with templating syntax, you have class methods that receive the raw data. Then you can extend this class as you wish, overriding just the method that composes the segment you intend to modify. That was elegant to work with. But it can become dreadful if the class expects a specific structure of data (an array with weird keys) that you have no access to sourcing
So, I finally get to enjoy one good evening in 2/3 weeks. I called 2 friends to express an emotion that's not gloomy, but they were unavailable. Will probably get some sleep4 -
Sorry, I'm very stupid and know nothing about cloud development.
My need: I have a php code I want to put in cloud and launch as a task every N minutes automatically until I decide to stop it.
What is the best solution to do it, do you know some good services that allows me to do it easily, quickly and affordably?
For ex. "Heroku" allows me to do something like that?
Thanks in advance, I would really like to learn this part of software development I never touched in my life.
P.S. It's not a service I want to put online with access for users, it's just a "script" I want to have running on a server until I'm done.6 -
You can make your software as good as you want, if its core functionality has one major flaw that cripples its usefulness, users will switch to an alternative.
For example, an imaginary file manager that is otherwise the best in the world becomes far less useful if it imposes an arbitrary fifty-character limit for naming files and folders.
If you developed a file manager better than ES File Explorer was in the golden age of smartphones (before Google excercised their so-called "iron grip" on Android OS by crippling storage access, presumably for some unknown economic incentive such as selling cloud storage, and before ES File Explorer became adware), and if your file manager had all the useful functionality like range selection and tabbed browsing and navigation history, but it limits file names to 50 characters even though the file system supports far longer names, the user will have to rely on a different application for the sole purpose of giving files longer names, since renaming, as a file action, is one of the few core features of a file management software.
Why do I mention a 50-character limit? The pre-installed "My Files" app by Samsung actually did once have a fifty-character limit for renaming files and folders. When entering a longer name, it would show the message "up to 50 characters available". My thought: "Yeah, thank you for being so damn useful (sarcasm). I already use you reluctantly because Google locked out superior third-party file managers likely for some stupid economic incentives, and now you make managing files even more of a headache than it already is, by imposing this pointless limitation on file names' length."
Some one at Samsung's developer department had a brain fart some day that it would be a smart idea to impose an arbitrary limit on file name lengths. It isn't.
The user needs to move files to a directory accessible to a superior third-party file manager just to give it a name longer than fifty characters. Even file management on desktop computers two decades ago was better than this crap!
All of this because Google apparently wants us to pay them instead of SanDisk or some other memory card vendor. This again shows that one only truly owns a device if one has root access. Then these crippling restrictions that were made "for security reasons" (which, in case it isn't clear, is an obvious pretext) can be defeated for selected apps.3 -
A year ago I built my first todo, not from a tutorial, but using basic libraries and nw.js, and doing basic dom manipulations.
It had drag n drop, icons, and basic saving and loading. And I was satisfied.
Since then I've been working odd jobs.
And today I've decided to stretch out a bit, and build a basic airtable clone, because I think I can.
And also because I hate anything without an offline option.
First thing I realized was I wasn't about to duplicate all the features of a spreadsheet from scratch. I'd need a base to work from.
I spent about an hour looking.
Core features needed would be trivial serialization or saving/loading.
Proper event support for when a cell, row, or column changed, or was selected. Necessary for triggering validation and serialization/saving.
Custom column types.
Embedding html in cells.
Reorderable columns
Optional but nice to have:
Changeable column width and row height.
Drag and drop on rows and columns.
Right click menu support out of the box.
After that hour I had a few I wanted to test.
And started looking at frameworks to support the SPA aspects.
Both mithril and riot have minimal router support. But theres also a ton of other leightweight frameworks and libraries worthy of prototyping in, solid, marko, svelte, etc.
I didn't want to futz with lots of overhead, babeling/gulping/grunting/webpacking or any complex configuration-over-convention.
Didn't care for dom vs shadow dom. Its a prototype not a startup.
And I didn't care to do it the "right way". Learning curve here was antithesis to experimenting. I was trying to get away from plugin, configuration-over-convention, astronaut architecture, monolithic frameworks, the works.
Could I import the library without five dozen dependancies and learning four different tools before getting to hello world?
"But if you know IJK then its quick to get started!", except I don't, so it won't. I didn't want that.
Could I get cheap component-oriented designs?
Was I managing complex state embedded in a monolith that took over the entire layout and conventions of my code, like the world balanced on the back of a turtle?
Did it obscure the dom and state, and the standard way of doing things or *compliment* those?
As for validation, theres a number of vanilla libraries, one of which treats validation similar to unit testing, which seems kinda novel.
For presentation and backend I could do NW.JS, which would remove some of the complications, by putting everything in one script. Or if I wanted to make it a web backend, and avoid writing it in something that ran like a potato strapped to a nuclear rocket (visual studio), I could skip TS and go with python and quart, an async variation of flask.
This has the advantage that using something thats *not* JS, namely python, for interacting with a proper database, and would allow self-hosting or putting it online so people can share data and access in real time with others.
And because I'm horrible, and do things the wrong way for convenience, I could use tailwind.
Because it pisses people off.
How easy (or hard) would it be to recreate a basic functional clone of the core of airtable?
I don't know, but I have feeling I'm going to find out!1 -
Javascript autocomplete in chrome is so strange. I'll be trying to access my image variable and it autocompletes to ImageFrameWindowContainer or something I've never heard of1
-
I just found out i've wasted month of my life by troubleshooting wrong component.
I was unable to access my application in cluster and suspected networking and port configuration. (custom corporate setup with chaotic documentation did not help to situation)
In the end, it was caused by Jenkins, which failed on building a new container but still showed "build: success" while it deployed May version of container without any changes applied. -
I just had this field with certain class type that acted so $h!++y on me that I almost believed I had finally gotten insane from all those coding.
I’m talking about Unity C#. When the code runs after a domain reload, I find that this specific field always comes prefilled with “an instance of that class whose properties were the default values.” So every time when I change something in my code (which causes a domain reload,) this field becomes an instance of the class with default properties **without any outside interaction.** All my null guard code fails and what follow are thousands of null reference exceptions because my scripts tries to access the properties of that instance, which are null.
Turns out, it was maybe because the class in question was marked with [Serializable]. When I remove it, the behavior completely stops.
This behavior was so unexplainable in clear words that googling for such behavior was pure impossible. Like WAT. I don’t even know which of C# or Unity caused this weird $h!+ to happen.2 -
I recently came across this article with some basic security advices, like use 2fa security key, encrypt your USB keys, don't use untrusted USB chargers / cables / ports (or use a data blocker cable if you need to charge your device). It made me think, how relevant are the USB-related threats and risks today? Do people really still use and carry so many wired USB devices, and just drop or plug them wherever?
The last time I used an USB device to transfer some important data was probably over 10 years ago, and for the love of god I don't know anyone who still carries an USB key with sensitive data with them on a daily basis, much less actively uses it. Besides, whoever still does that probably puts their USB key on the same keychain as their ID / access tag and a bunch of other keys (including a 2fa device if they use one) - they're not going to lose just some sensitive data, they're going to lose authentication and physical access devices as well, and that could turn a small data leak into a full-scale incident, with or without an encrypted USB device.
I'm also not sure about untrusted USB cables and ports, from what I've seen the USB outlets and cables are pretty much non-existent in public places, most places offer wireless charging pads instead (usually built into a hand rest or table surface).3 -
My site on mobile has long pages, so the menu button that is located in the header becomes difficult to access.
I planned to put an arrow at the bottom to allow users quickly return to the main screen, but this is not a solution to the problem, since not everyone scrolls through the page to the very end.
In theory, I can make a fixed header with the menu button at the top of the page so that the visitors could always see them.
I don't know if it's worth it. What do you think?3 -
Twitter developers will authenticate half of their endpoints with some authentication method and the other half with a totally different one (which doesn't work) and their sales team will have the guts to contact you to check if you're still interested to access their API.
My only interest is feeding your corpse to the ravens.2 -
Due to my company's microsoft AD team being amateurs, I have to MFA on my work-issued computer at least 4-6 times a day, for each individual work system I access.
Today I had to reset my password. It's double-prompts for me today 😂1 -
so i am trying to checkout devrant apis on
i want to get access to all rants of my original account "curioustools", so i tried this get api (id is correct, i generated via another user api) .
https://devrant.io/rants/...
it is giving 404, but user does exists . anyone have idea about this api or what am i doing wrong8 -
Guys what do you use to connect to a linux machine in a local network? I'm aware of the existence of VNC however I don't want to go outside the lan over the internet and back in to view the desktop , i want simply to enter 192.168.1.10 and access it within my lan...8
-
So what about sandboxing wine by executing it and the prefix under a different unprivileged user than your main user account ?
wine shouldn't be able to access your normal users home directory then right ?
I keep seeing goddamn ads for firejail... and then its main site is a wordpress..9 -
What's the worst part about testing React components? Using the equivalent of fucking stone tools to do your component integration tests! We got errors with no context and errors with no stack trace, just spewing out bullshit! A sample:
The classic "Can't access .root on unmounted test renderer"
The unforgettable and ALWAYS visible "Warning: An update to YourShittyComponent inside a test was not wrapped in act(...)."
We do love it! -
I have the following scenario with a proposed solution, can anyone please confirm it is a secure choice:
- We have critical API keys that we do not want to ship with the app because de-compiling will give access to those keys, and the request is done before the user logs in, we are dealing with guests
Solution:
- Add a Lambda function which accepts requests from the app and returns the API keys
- Lambda will accept the following:
1. Android app signing key sha1
2. iOS signing certificate sha1
- If lambda was able to validate them API keys are sent back.
My concerns:
- Can an attacker read the request from the original (non-tampered) apk and see what the actual sha1 value is on his local network?
- If the answer to the question above is yes, what is the recommended way to validate that the request received is actually from the app that we shipped and not from curl/postman/script/modified version of the app11 -
!rant
can you give me/point me to some good example problem/exercise for multithreading? as in, something that's small in scope, but actually requires dealing with most of the multithreading issues & complications? race conditions, synchronization, locks, shared memory access, cross-thread calls/callbacks, etc?2 -
hey, so i have recently started learning about node js and express based backend development.
can you suggest some good github repositories that showcase real life backend systems which i can use as inspiration to learn about the tech?
like for eg, i want to create a general case solution for authentication and profile management : a piece of db+api end points + models to :
- authenticate user : login/signup , session expire, o auth 2 based login/signup, multi account login, role based access, forgot password , reset password, otp login , etc
- authorise user : jwt token authentication, ip whitelisting, ssl pinning , cors, certificate based authentication , etc (
- manage user : update user profile, delete user, map services , subscriptions and transactions to user , dynamic meta properties ( which can be added/removed for a single user and not exactly part of main user profile) , etc
followed by deployment and the assoc concepts involved : deployment, clusters, load balancers, sharding ,... etc
----
these are all the buzzwords that i have heard that goes into consideration when designing a secure authentication system for a particular large scale website like linkedin or youtube. am not even sure how many of these concepts would require actual codelines and how many would require something else.
so wanted inspiration from open source content to learn about it in depth, replicate and create new better stuff if possible .
apart from that, other backend architectures like video/images storage system, or just some server for movie, social media, blog website etc would also help.2 -
I f**king hate you JS, I hate you.
I beg our vast developer community, please replace this sh*t, or else
to Microsoft, let the devs access GitHub copilot for free. I don't want my best coding practices to fade away bcuz of this sh*t.1 -
Am i overthinking too much or are passwords like this
S9L4dk1i6sy5
Insecure?
This is an example generated by some website where i have activated 2fa and need to generate app passwords to access it from clients
I've thought about it many times to ask them to make it more secure but everytime i think i'm overrracting17 -
I have Avira Password Manager and for 3 days now I can't access it because they send a verification code to the phone but that code was never received... FUCK YOU AVIRA5
-
How do I deal with this;
Edge case hiccup on production, no errors in the available logs(very shallow logging), no access to the production server, issue unreproducable on staging and a manager that want me to fix it AFTER I already said that im kind of sailing blind and can't do much without logs or access, and already looked at it with another dev who also has no idea what is going on3 -
Sometimes I have to connect to production database and alter my dev environment so I can “log in” as a user and see what’s wrong with their account. Once in a while there is a legitimate website issue that is unique to that user’s profile. Other times it’s user error, like the user not understanding that they have to connect their membership to their online account (they think signing up for an account will connect it automatically).
I don’t like circumventing the user’s log in like this, but sometimes it’s necessary since the website is so confusing. I inherited this website, so many of the problems were formed way before I took over.
My stakeholders want a log in as user feature for website admins to use. My manager and PM don’t think that’s a good idea right now since there are over two dozen people with admin access and admin access means access to everything in the admin (there aren’t options to give permissions as needed).1 -
I may need some ideas for a personal project in mind:
I plan to have a server that shall connect to a usb stick/device, the usb is plugged to a TV. The usb device can create its own local wifi network which provides CRUD on media files via REST. My own server should be accessible via the internet, but at the same time connect to the local usb wifi, once the usb wifi is available, and then send requests to it. Kind of a user-friendly bridge.
There's a PC near the device, almost always turned on. It's used by family members as regular office machine and could run a local server. What if as remotely accessible server? Then what about DOS attacks? (Would that "kill" the PC?)
An alternative would be a separate server. A raspberry pi? A dedicated server?1 -
One of our previous clients is not paying the rest of the payments after receiving the codes. What are the things we can/should do digitally to make them pay the payment?
btw, it was a web app. we worked on the front end and the backend of the app. So, naturally we know all the API endpoints, we have the database access, and so on. So yeah, we can do so many things.
But still I wanna ask you guys, what would you do to make someone pay?3 -
Okay...How the heck do I get this Twitter API? I wanted this API for a project that required elevated access. submitted the application and got rejected.
Then I changed my use case and only needed simple Access to implement Login with Twitter. used my university email, and was rejected again.
Do they even give this API to anyone?4 -
Quick question. I'm currently working on a project that requires extensive activity logging. What do you recommend for some sort of monitoring and logging of user access on a Linux box?
Big thanks in advance. <34 -
been working on this docker thing for 2 weeks. 3 containers each running a different aervice (mariadb, nginx, wordpress) using debian as the base image (not the app image itself). Got all the configs down, all the dockerfiles down, the docker-compose yml down. Run docker-compose up, everything goes up all nice without errors.
Try to access the wordpress website. Only reachable from localhost, no atyling is served, all redirections fail… because it can’t find the local domain it is supposed to bind to. Tried editing the hosts file, didn’t worked. 3 days of googling, havent been able to find a fix. I don’t know what am I supposed to hate anymore. Is it nginx ? is it wordpress ? is it just the host machine’s dns/hosts config ? is it docker ? myself ?
I swear theres nobody in this world who wakes up one morning and happily cracks their knuckles to go write some dockerfiles.1 -
Hello All, I am working on java project and I want to know the source code of the Exam Seating Arrangement System Project. Basically, This java project strives at building an automated seating arrangement for students for exams, on the basis of different inputs. There are primarily two entities, the admin and the student. Both entities can log in and register to the system, check and access the system as per the approval granted to them. The admin can see all the relevant details of the students and provide the input to the system taking into consideration the need like the branch, semester, year, subject of the student. Admin will input details like the total students, available classes with the number of seats, etc. and I have taken this reference from here (https://interviewbit.com/blog/...). Can anyone provide me the source code of the exam seating arrangement system?1
-
update : we are at hr round baby!!!
part 1 : https://devrant.com/rants/5528056/...
part 2 (in comments) : https://devrant.com/rants/5550145/...
the tech market is crazy mann! it's one of the top indie fintech companies in our country and has a great valuation.
i totally felt that they i am crashing the interviews , and am seriously not trying to be humble. before the dsa round , i was trying to mug up how insertion sort works 🥲
--------
now my dilemma is should i switch if i get the offer. in a summary:
current company:
- small valuation but profitable (haven't picked funding for last 3 years , so poast valuation is some double digit million $, but can easily be a unicorn company)
- very major b2b player in my country. almost all unicorns (including this fintech company) and some major MNCs are their client and they have recently acquired a few other companies of us and eu too, making them- a decent global player
- meh work : i love being a cutting edge performer in android but here we make sdks that need to support even legacy banking apps. so tech stack is a lot of verbose java and daily routine includes making very minor changes to actual code and more towards adding tests , maintaining wrapper sdks in react/cordova/unity etc, checking client side code etc.
- awesome work life balance : since work is shit and i am fast enough, i am usually working only 2-4 hours a day. i joined gym, got into shape , and have already vsited 5 places in last 6 months, and i am a guy who didn't used to have time even on sundays. here, we get mote paid leaves than what i would usually need.
- learning opportunities: not exactly from the company codebase, but they provide unlimited access to various course learning platforms like linkedin learning, udemy and others, so i joined some web dev baches and i now know decent frontend too. plus those hybrid sdks also give a light context to new things
new company :
- positives : multi billion valuation, one of the top players in fintech , have been mostly profitable ( except a few quarters)
- positive : b2c so its (hopefully) going to put me back into racing shoes with kotlin, jetpack and latest libraries.
- more $$$ for your boy :)
- negetive : they seem to be on hiring spree and am afraid to junp ship after seeing the recent coinbase layoffs. fintech is scary these days
- negetive : if they are hiring people like me, then then they are probably hiring people worse than me 😂. although thats not my concern what my main concer is how they interviewed. they have hired a 3rd party company that takes interviews of people FOR THEM! i find that extremely impolite, like they don't even wanna spare their devs to hire people they are gonna work with. i find this a toxic, robotic culture and if these are the people in there then i would have a terrible time finding some buddy engineer or some helpful senior.
- negetive : most probably a bad wlb : i worked for an year for a fast paced b2c edtech startup. no matter how old these are , b2c are always shipping new stuff and are therefore hectic. i don't like the boredom here but i would miss the free time to workout :(
so ... any thoughts about it?4 -
I have hoed around in different technologies during my university life, Web dev, game dev, cybersecurity (even got a CEH certificate, the training wasn't adequate tho and it's an expensive field needing all those certs), tried blockchain, machine learning but at the end, I haven't gotten anything done. No big projects.... well, apart from a miniproject that extracts text from videos, doesn't work half the time (T-T), No internships...no experience, nothing. I was really, reaaally dumb xD
Now, in my 4th and final year of university , I have decided to settle on Web development (MERN) with game dev on the side (leisure activities), but I need advice.
Before deciding my path, I enrolled in the year-long ALX Software Engineering course. I'm in my 6th month. It promises access to The Room, where they say job opportunities that aren't shared publicly exist. Problem with the course, tho, is they rush, and I don't get time to consolidate what I learn in the course. I feel like i am not gaining anything (first few months were cool). I am on the verge of giving up cos I found solace in FullStackOpen. It teaches MERN, is self-paced, and ergo gives me time to build my portfolio and has a nice community. I know what to do (quit and focus on my portfolio and projects cos my CV is crap ), but advice from you all could really help. Thanks in advance seniors, this little brother appreciates it. -
It's these individually tiny annoyances in products and software that together form a huge annoyance.
For example, it's 2022 and Chromium-based web browsers still interrupt an upload when hitting CTRL+S. This is why competition is important. If there was no Firefox, the only major web browsers would, without exception, have this annoyance, since they're all based on Chrmoium.
I remember Chromium for mobile formerly locking scrolling and zooming of the currently viewed page while the next page was loading. Thankfully, this annoyance was removed.
In 2016, the Samsung camera software was updated to show a "camera has been opened via quick launch" pop-up window when both front and rear sensors of the smartphone were covered while the camera was launched by pressing the home button twice, on the camera software Samsung bundled with their custom version of Android 6. What's more, if that pointless pop-up was closed by tapping the background instead of the tiny "OK" button or not responded to within five seconds, the camera software would exit itself. Needless to say, this defeats the purpose of a quick launch. It denies quick-launching while the phone is in the pocket, and the time necessary to get the phone out could cause moments to be missed.
Another bad camera behaviour Samsung introduced with the camera software bundled with their customized Android 6 was that if it was launched again shortly after exiting or switching to stand-by mode, it would also exit itself again within a few seconds. It could be that the camera app was initially designed around Android 5.0 in 2015 and then not properly adapted to Android 6.0, and some process management behaviour of Android 6.0 causes this behaviour. But whatever causes it, it is annoying and results in moments to not be captured.
Another such annoyance is that some home screen software for smartphones only allows access to its settings by holding a blank spot not occupied by a shortcut. However, if all home screen pages are full, one either needs to create a new page if allowed by the app, or temporarily remove a shortcut to be able to access the settings.
More examples are: Forced smartphone restart when replacing the SIM card, the minimum window size being far too large in some smartphones with multi-windowing functionality, accidental triggering of burst shot mode that can't be deactivated in the camera software, only showing the estimated number of remaining photos if less than 300 and thus a late warning, transition animations that are too slow, screenshots only being captured when holding a button combination for a second rather than immediately, the terminal emulator being inaccessible for the first three minutes after the smartphone has booted, and the sound from an online advertisement video causing pain from being much louder than the playing video.
Any of these annoyances might appear minor individually, but together, they form a major burden on everyday use. Therefore, developers should eliminate annoyances, no matter how minor they might seem.
The same also applies for missing features. The individual removal of a feature might not seem like a big of a deal, but removing dozens of small features accumulates to a significant lack of functionality, undermining the sense of being able to get work done with that product or software when that feature is unexpectedly needed. Examples for a products that pruned lots of functionality from its predecessor is the Samsung Galaxy S6, and newer laptops featuring very few USB ports. Web browsers have removed lots of features as well. Some features can be retrofitted with extensions, but they rely on a third-party developer maintaining compatibility. If many minor-seeming features are removed, users will repeatedly hit "sorry, this product/software can not do that anymore" moments. -
Wandb sweep runs for an interactive job but gives me a cuda error for illegal memory access for the slurm job. Spent the last 15 hours solving it and still can't enable multi gpu support on it. FML