Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
HR girl sent a generic email with the job description and benefits of the company but forgot to set it as BCC.
Not 3 minutes passed that all the 73 recipients of the mail (me inlcuded) start replying to all making jokes about it, ranting about HR in general.
An hour later we created a Facebook page called "not-BCC guys" where we keep us posted about opening positions in our companies to bypass future HR hunting interactions.1 -
Worst thing you've seen another dev do? Long one, but has a happy ending.
Classic 'Dev deploys to production at 5:00PM on a Friday, and goes home.' story.
The web department was managed under the the Marketing department, so they were not required to adhere to any type of coding standards and for months we fought with them on logging. Pre-Splunk, we rolled our own logging/alerting solution and they hated being the #1 reason for phone calls/texts/emails every night.
Wanting to "get it done", 'Tony' decided to bypass the default logging and send himself an email if an exception occurred in his code.
At 5:00PM on a Friday, deploys, goes home.
Around 11:00AM on Sunday (a lot folks are still in church at this time), the VP of IS gets a call from the CEO (who does not go to church) about unable to log into his email. VP has to leave church..drive home and find out he cannot remote access the exchange server. He starts making other phone calls..forcing the entire networking department to drive in and get email back up (you can imagine not a group of happy people)
After some network-admin voodoo, by 12:00, they discover/fix the issue (know it was Tony's email that was the problem)
We find out Monday that not only did Tony deploy at 5:00 on a Friday, the deployment wasn't approved, had features no one asked for, wasn't checked into version control, and the exception during checkout cost the company over $50,000 in lost sales.
Was Tony fired? Noooo. The web is our cash cow and Tony was considered a top web developer (and he knew that), Tony decided to blame logging. While in the discovery meeting, Tony told the bosses that it wasn't his fault logging was so buggy and caused so many phone calls/texts/emails every night, if he had been trained properly, this problem could have been avoided.
Well, since I was responsible for logging, I was next in the hot seat.
For almost 30 minutes I listened to every terrible thing I had done to Tony ever since he started. I was a terrible mentor, I was mean, I was degrading, etc..etc.
Me: "Where is this coming from? I barely know Tony. We're not even in the same building. I met him once when he started, maybe saw him a couple of times in meetings."
Andrew: "Aren't you responsible for this logging fiasco?"
Me: "Good Lord no, why am I here?"
Andrew: "I'll rephrase so you'll understand, aren't you are responsible for the proper training of how developers log errors in their code? This disaster is clearly a consequence of your failure. What do you have to say for yourself?"
Me: "Nothing. Developers are responsible for their own choices. Tony made the choice to bypass our logging and send errors to himself, causing Exchange to lockup and losing sales."
Andrew: "A choice he made because he was not properly informed of the consequences? Again, that is a failure in the proper use of logging, and why you are here."
Me: "I'm done with this. Does John know I'm in here? How about you get John and you talk to him like that."
'John' was the department head at the time.
Andrew:"John, have you spoken to Tony?"
John: "Yes, and I'm very sorry and very disappointed. This won't happen again."
Me: "Um...What?"
John: "You know what. Did you even fucking talk to Tony? You just sit in your ivory tower and think your actions don't matter?"
Me: "Whoa!! What are you talking about!? My responsibility for logging stops with the work instructions. After that if Tony decides to do something else, that is on him."
John: "That is not how Tony tells it. He said he's been struggling with your logging system everyday since he's started and you've done nothing to help. This behavior ends today. We're a fucking team. Get off your damn high horse and help the little guy every once in a while."
Me: "I don't know what Tony has been telling you, but I barely know the guy. If he has been having trouble with the one line of code to log, this is the first I've heard of it."
John: "Like I said, this ends today. You are going to come up with a proper training class and learn to get out and talk to other people."
Over the next couple of weeks I become a powerpoint wizard and 'train' anyone/everyone on the proper use of logging. The one line of code to log. One line of code.
A friend 'Scott' sits close to Tony (I mean I do get out and know people) told me that Tony poured out the crocodile tears. Like cried and cried, apologizing, calling me everything but a kitchen sink,...etc. It was so bad, his manager 'Sally' was crying, her boss 'Andrew', was red in the face, when 'John' heard 'Sally' was crying, you can imagine the high levels of alpha-male 'gotta look like I'm protecting the females' hormones flowing.
Took almost another year, Tony released a change on a Friday, went home, web site crashed (losses were in the thousands of $ per minute this time), and Tony was not let back into the building on Monday (one of the best days of my life).10 -
!rant but a story
This happened today. Sorry for long post. A manager from another team in development team, I'll call him junkfellow, called me very very late last night to help them solve an issue in our application's test environment that blocking them from doing testing. They apparently doing integration testing with our application. Now said test environment is not even prepared by our team. We are development team and this test environment prepared by our application's support team. So I politely told junkfellow to get in touch with our support team counterpart as I am from development team. And he began shout at me
junkfellow: "WHY DO YOU THINK I'M FUCKING CALL YOU? IT'S BECAUSE I CAN'T FUCKING REACH ANYONE FROM SUPPORT!"
me: "With due respects sir I have no instructions to assist you and your team in your testing"
junkfellow: "THEN WHAT GOOD ARE YOU? IF YOU DON"T GET ONLINE NOW I WILL FUCKING ESCALATE YOU TO CW!!!"
We all know who CW is and he can make some people life very hard and I didn't want to call my boss so late so I quickly went online and spent the next 4hrs supporting their testing. Next morning I told my boss what happened and he scolded me for not calling him last night. He dropped an email to junkfellow's boss about junkfellow being "unacceptable attitude, disrespectful and threatening to escalate my team mates". My boss always refer to us as team mates, not his staff or his team member.
Then in few minutes, someone walking like a school bully with his chest out came to my boss place and announced himself (he is junkfellow). I say announce because he talking like he wanted everyone to know who is he. My boss stood up promptly, greeted good morning, introduce himself, shook junkfellow hand and sat down. Still young, maybe in late 20's or even younger than me. junkfellow talking to my boss loud enough for most of us to hear. Everyone's neck suddenly long like meerkat and listening:
junkfellow looking down to my boss who is sitting down: "How dare you send email like that to my boss? We are both managers you should act like one, you have a problem with me then you talk to me. You don't bypass me and go directly to my boss. You didn't even give me face!"
my boss sitting down: "So you didn't even ask your boss before picking a fight."
*junkfellow suddenly look confused*
my boss still sitting down talking calm with poker face: "I did give you face. You think by going to your boss I bypassed you and went one level up? No I went one level down!"
junkfellow still look confused and then slowly realized what my boss meant. Now he is staring at floor and can't look my boss in eye after he realized he is screwed!
my boss now standing up: "You treat my team mates like that againi or ask them to do something without my knowledge and I will talk to your boss' boss about it"
boss to me: "Hey tollywood! junkfellow here sincerely regrets what he did last night and wants to apologize to you in person" and boss' poker face turned to his familiar smirk
junkfellow immediately came to me, said "it's ok you no need to stand up", he sat down in a squat and apologized repeatedly. He really looked like he was about to cry and for a moment I pity him. But then I remember what he did and I just enjoyed the moment! Was pure gold :D :D :D11 -
My current project at work: purchase verification, aka anti-fraud.
It's been two weeks, and my boss is flipping out because it isn't done. A robust anti-fraud solution. in two weeks. And he thought one week was a little much.
like, fucking really?
There are companies whose entire service is helping combat fraud. and he wants this done in a bloody week?
What makes me laugh through my tears of frustration is that the company that moved into the previous office? Yep, anti-fraud. Their entire business model is providing anti-fraud services to other businesses. They even tried selling him on it when they moved in. Bossman sales guy turned it around and sold my freaking desk out from under me instead.
But like. They're a small company: they had 9 people when they moved in, and were looking to add three more, so a total of 12 people. (I totally considered jumping ship, but their stack was too different.)
So. Bossman wants me to replace 9-12 people and their entire business in a fucking week. Yeah.
"Oh, but it's just sms verification" says he. What he also wants is the ability to flag users as fraudulent, have sticky verifications so they can't bypass them by backing out, have email checks as well as sms, have deferred verification to allow collecting required info (e.g. phone number), verification fallback, lockouts, manual admin whitelisting, admin blacklisting, and different rules per merchant and rule groups for affiliates to apply to all of their merchants, and of course the ability to customize those merchant/affiliate anti-fraud rules. But he shortens this gigantic list to "I want sms verification," despite actually asking for all of the above. I don't want to know about the mental gymnastics and/or blindfolding required to equate the two, but he's nuts.
Yeah.
All of that.
In a goddamn week.
And I get chewed out when it isn't done? Fuck off.
Go build me a goddamn 5m ft^2 castle out of basalt and marble using only your toothbrush and a rusty garden trowel, and have it done in a week. No outsourcing.
talk about ridiculous.5 -
The stupid stories of how I was able to break my schools network just to get better internet, as well as more ridiculous fun. XD
1st year:
It was my freshman year in college. The internet sucked really, really, really badly! Too many people were clearly using it. I had to find another way to remedy this. Upon some further research through Google I found out that one can in fact turn their computer into a router. Now what’s interesting about this network is that it only works with computers by downloading the necessary software that this network provides for you. Some weird software that actually looks through your computer and makes sure it’s ok to be added to the network. Unfortunately, routers can’t download and install that software, thus no internet… but a PC that can be changed into a router itself is a different story. I found that I can download the software check the PC and then turn on my Router feature. Viola, personal fast internet connected directly into the wall. No more sharing a single shitty router!
2nd year:
This was about the year when bitcoin mining was becoming a thing, and everyone was in on it. My shitty computer couldn’t possibly pull off mining for bitcoins. I needed something faster. How I found out that I could use my schools servers was merely an accident.
I had been installing the software on every possible PC I owned, but alas all my PC’s were just not fast enough. I decided to try it on the RDS server. It worked; the command window was pumping out coins! What I came to find out was that the RDS server had 36 cores. This thing was a beast! And it made sense that it could actually pull off mining for bitcoins. A couple nights later I signed in remotely to the RDS server. I created a macro that would continuously move my mouse around in the Remote desktop screen to keep my session alive at all times, and then I’d start my bitcoin mining operation. The following morning I wake up and my session was gone. How sad I thought. I quickly try to remote back in to see what I had collected. “Error, could not connect”. Weird… this usually never happens, maybe I did the remoting wrong. I went to my schools website to do some research on my remoting problem. It was down. In fact, everything was down… I come to find out that I had accidentally shut down the schools network because of my mining operation. I wasn’t found out, but I haven’t done any mining since then.
3rd year:
As an engineering student I found out that all engineering students get access to the school’s VPN. Cool, it is technically used to get around some wonky issues with remoting into the RDS servers. What I come to find out, after messing around with it frequently, is that I can actually use the VPN against the screwed up security on the network. Remember, how I told you that a program has to be downloaded and then one can be accepted into the network? Well, I was able to bypass all of that, simply by using the school’s VPN against itself… How dense does one have to be to not have patched that one?
4th year:
It was another programming day, and I needed access to my phones memory. Using some specially made apps I could easily connect to my phone from my computer and continue my work. But what I found out was that I could in fact travel around in the network. I discovered that I can, in fact, access my phone through the network from anywhere. What resulted was the discovery that the network scales the entirety of the school. I discovered that if I left my phone down in the engineering building and then went north to the biology building, I could still continue to access it. This seems like a very fatal flaw. My idea is to hook up a webcam to a robot and remotely controlling it from the RDS servers and having this little robot go to my classes for me.
What crazy shit have you done at your University?9 -
Why is the contributing manual of your open source project more thoughtfully cultivated than your code style guide and testing procedure?
Why the fuck do you care about the message in my PR, or even merge vs rebase of commits, when your spaghetti-tomatosource is so richly saturated with critically minced bugmeat?
Why are you standing there, shouting at me about your convoluted rules, in your little brown uniform? Why do I feel like the enemy when I contribute a useful fix, something which makes the code work better?
You know what, fuck all of you, you jilted acetous neckbeards, I will deploy my secret weapon, I will bypass the power you hold over your tiny fascist digital dominions.
If you play it like this, I will summon the nefarious vile side of Open Source. I will usurp your throne. I will stab out your crying eyes, rip out your conceited tongue, impale your lonely heart.
Tremble before me! I wield the almighty, legendary Fork!
The king is dead, long live the king!5 -
*visits pandora*
'this site is not available in your country yet'
*switches to US VPN server*
'discover new music! '
#fuckyeah26 -
What I'm posting here is my 'manifesto'/the things I stand for. You may like it, you may hate it, you may comment but this is what I stand for.
What are the basic principles of life? one of them is sharing, so why stop at software/computers?
I think we should share our software, make it better together and don't put restrictions onto it. Everyone should be able to contribute their part and we should make it better together. Of course, we have to make money but I think that there is a very good way in making money through OSS.
Next to that, since the Snowden releases from 2013, it has come clear that the NSA (and other intelligence agencies) will try everything to get into anyone's messages, devices, systems and so on. That's simply NOT okay.
Our devices should be OUR devices. No agency should be allowed to warrantless bypass our systems/messages security/encryptions for the sake of whatever 'national security' bullshit. Even a former NSA semi-director traveled to the UK to oppose mass surveillance/mass govt. hacking because he, himself, said that it doesn't work.
We should be able to communicate freely without spying. Without the feeling that we are being watched. Too badly, the intelligence agencies of today do not want us to do this and this is why mass surveillance/gag orders (companies having to reveal their users' information without being allowed to alert their users about this) are in place but I think that this is absolutely wrong. When we use end to end encrypted communications, we simply defend ourselves against this non-ethical form of spying.
I'm a heavy Signal (and since a few days also Riot.IM (matrix protocol) (Riot.IM with end to end crypto enabled)), Tutanota (encrypted email) and Linux user because I believe that only those measures (open source, reliable crypto) will protect against all the mass spying we face today.
The applications/services I strongly oppose are stuff like WhatsApp (yes, encryted messages but the metadata is readily available and it's closed source), skype, gmail, outlook and so on and on and on.
I think that we should OWN our OWN data, communications, browsing stuffs, operating systems, softwares and so on.
This was my rant.17 -
A client asked me if I had some software to make an .exe file run on Android.
So I replied with:
Yes, you need to run the RNN through a HM05 then cross-compile the output with a MOSFET.
You might run into an arduino javascript, but you can bypass that with an stackunderflow or XSS6 -
Me: Hello, IT Support? I can't use your system because as I log in I can't bypass a form saying I must confirm my email. But I haven't received any confirmation email. Can you resend it?
Support: We can't resend it, you have to do that yourself. What's your email?
Me: it's <blahblah>.gmail.com
Support: have you checked Junk?
Me: I sure have!
Support: Then please restart your computer and the email should come
Me: ....................
Me: have a nice day7 -
> TeamLeader1: I just discovered SQL is actually super fast! The low responsiveness I've experienced comes from our ORM!
> IHateForALiving: well of course SQL is blazingly fast. SQL has been refined by the best engineers in the world for the past 50 years, its performances are unparalleled for everything you could possibly need, unless you want to scale REALLY big. Sequelize, instead, is an Active Record ORM, so it's bound to struggle with huge amount of data, because every single row will get attached a significant amount of black magic to make sure everything syncs correctly. Why is that?
> TeamLeader1: I have a problem with this frontend component, it doesn't allow pagination. I tried downloading the whole DB to bypass that, but the ORM is slow... so I will bypass the ORM and download the whole table with a raw query. Look at that! It works like a charm, it's super duper fast!'
This mf is downloading some 35 thousand rows every time some user loads a page because he doesn't know how to paginate the fucking table with Angular, there's no way these people are real.
12 -
Long rant ahead.. so feel free to refill your cup of coffee and have a seat 🙂
It's completely useless. At least in the school I went to, the teachers were worse than useless. It's a bit of an old story that I've told quite a few times already, but I had a dispute with said teachers at some point after which I wasn't able nor willing to fully do the classes anymore.
So, just to set the stage.. le me, die-hard Linux user, and reasonably initiated in networking and security already, to the point that I really only needed half an ear to follow along with the classes, while most of the time I was just working on my own servers to pass the time instead. I noticed that the Moodle website that the school was using to do a big chunk of the course material with, wasn't TLS-secured. So whenever the class begins and everyone logs in to the Moodle website..? Yeah.. it wouldn't be hard for anyone in that class to steal everyone else's credentials, including the teacher's (as they were using the same network).
So I brought it up a few times in the first year, teacher was like "yeah yeah we'll do it at some point". Shortly before summer break I took the security teacher aside after class and mentioned it another time - please please take the opportunity to do it during summer break.
Coming back in September.. nothing happened. Maybe I needed to bring in more evidence that this is a serious issue, so I asked the security teacher: can I make a proper PoC using my machines in my home network to steal the credentials of my own Moodle account and mail a screencast to you as a private disclosure? She said "yeah sure, that's fine".
Pro tip: make the people involved sign a written contract for this!!! It'll cover your ass when they decide to be dicks.. which spoiler alert, these teachers decided they wanted to be.
So I made the PoC, mailed it to them, yada yada yada... Soon after, next class, and I noticed that my VPN server was blocked. Now I used my personal VPN server at the time mostly to access a file server at home to securely fetch documents I needed in class, without having to carry an external hard drive with me all the time. However it was also used for gateway redirection (i.e. the main purpose of commercial VPN's, le new IP for "le onenumity"). I mean for example, if some douche in that class would've decided to ARP poison the network and steal credentials, my VPN connection would've prevented that.. it was a decent workaround. But now it's for some reason causing Moodle to throw some type of 403.
Asked the teacher for routers and switches I had a class from at the time.. why is my VPN server blocked? He replied with the statement that "yeah we blocked it because you can bypass the firewall with that and watch porn in class".
Alright, fair enough. I can indeed bypass the firewall with that. But watch porn.. in class? I mean I'm a bit of an exhibitionist too, but in a fucking class!? And why right after that PoC, while I've been using that VPN connection for over a year?
Not too long after that, I prematurely left that class out of sheer frustration (I remember browsing devRant with the intent to write about it while the teacher was watching 😂), and left while looking that teacher dead in the eyes.. and never have I been that cold to someone while calling them a fucking idiot.
Shortly after I've also received an email from them in which they stated that they wanted compensation for "the disruption of good service". They actually thought that I had hacked into their servers. Security teachers, ostensibly technical people, if I may add. Never seen anyone more incompetent than those 3 motherfuckers that plotted against me to save their own asses for making such a shitty infrastructure. Regarding that mail, I not so friendly replied to them that they could settle it in court if they wanted to.. but that I already knew who would win that case. Haven't heard of them since.
So yeah. That's why I regard those expensive shitty pieces of paper as such. The only thing they prove is that someone somewhere with some unknown degree of competence confirms that you know something. I think there's far too many unknowns in there.
Nowadays I'm putting my bets on a certification from the Linux Professional Institute - a renowned and well-regarded certification body in sysadmin. Last February at FOSDEM I did half of the LPIC-1 certification exam, next year I'll do the other half. With the amount of reputation the LPI has behind it, I believe that's a far better route to go with than some random school somewhere.25 -
Today the CEO asked us to create KPIs to follow a junior tasks, daily.
The problem it's he wants KPIs to foretell problems or delays in his tasks.
The junior is analyzing 14 years old C++ code, made by an electrical engineer who had all worsts practices possible when coding.
We explained that we couldn't make real, true KPI that would foretell the advancement due to complexity of the legacy and the fact that the junior had NEVER USED C++.
SO.... He asked to know how many code lines he made daily and an estimate of how many lines he'll have to do to complete the task.... So he could foretell advancement.
....
....
It was the 5th time in less than 60 days, that the CEO bypass totally the CTO to ask some stupid useless shit. So now all developpers have resign, complaining about the CEO actions/stupidity.2 -
Final exams are next week and I'm behind on studying...
If I uninstall devRant, I'll install it back. If I block it using clearlock, I'll find a way to bypass it.
I remember once I accidentally found a way to use devRant on multi window view. I might figure out how to do it again.
So... If you see me on devRant yell at me to get off. I'll be bitter at first, but appreciate it later :)
Oh, and feel free to be as mean as you want. The meaner you are, the less likely I'll go back on.22 -
Best part about the covid19 manufactured crisis?
Liquor stores deliver. Worst part about liquor stores delivering? Needing to use their shoddy websites.
I've been using a particular store (Total Wines) since they're cheaper than the rest and have better selection; it's quite literally a large warehouse made to look like a store.
Their website tries really hard to look professional, too, but it's just not. It took me two days to order, and not just from lack of time -- though from working 14 hour days, that's a factor.
Signing up was difficult. Your username is an email address, but you can't use comments because the server 500s, making the ajax call produce a wonderfully ambiguous error message. It also fades the page out like it's waiting on something, but that fade is on top of the error modal too. Similar error with the password field, though I don't remember how I triggered it.
Signing up also requires agreeing to subscribe to their newsletter. it's technically an opt-in, but not opting-in doesn't allow you to proceed. Same with opting-in to receiving a text notification when your order is ready for pickup -- you also opt-in to reciving SMS spam.
Another issue: After signing up, you start to navigate through the paginated product list. Every page change scrolls you to the exact middle of the next page. Not deliberatly; the UI loads first, and the browser gets as close as it can to your previous position -- which was below that as the pagination is at the bottom -- and then the products populate after. But regardless of why, there is no worse place to start because now you must scroll in both directions to view the products. If it stayed at the very bottom, it would at least mean you only need to scroll upwards to look at everything on the page. Minor, but increasingly irritating.
Also, they have like 198 pages of spirits alone because each size is unique entry. A 50ml, 350ml, 500ml, 750ml, 1000ml, and 1750ml bottle of e.g. Tito's vodka isn't one product, it's six. and they're sorted seemingly randomly. I think it's by available stock, looking back.
If you fancy a product, you can click on it for a detail page. Said detail page lists the various sizes in a dropdown, but they're not sorted correctly either, and changing sizes triggers a page reload, which leads to another problem:
if you navigate to more than a few pages within a 10 or so second window, the site accuses you of using browser automation. No captcha here, just a "click me for five seconds" button. However, it (usually) also triggers the check on every other tab you have open after its next nagivation.
That product page also randomly doesn't work. I haven't narrowed it down, but it will randomly decide to start failing, and won't stop failing for hours. It renders the page just fine, then immediately replaces it with a blank page. When it's failing, the only way to interact with the page is a perfectly-timed [esc], which can (and usually does) break all other page functionality, too. Absolutely great when you need to re-add everything from a stale copy of your signed-out cart living in another tab. More on that later. And don't forget to slow down to bypass the "browser automation" check, too!
Oh, and if you're using container tabs, make sure to open new tabs in the SAME container, as any request from the same IP without the login cookie will usually trigger that "browser automation" response, too.
The site also randomly signs you out, but allows you to continue amassing your cart. You'd think this is a good thing until you choose to sign in again... which empties your cart. It's like they don't want to make a sale at all.
The site also randomly forgets your name, replacing it with "null." My screen currently says "Hello, null". Hello, cruft!
It took me two days to order.
Mostly from lack of time, as i've been pulling 14 hour shifts lately trying to get everything done. but the sheer number of bugs certainly wasted most of what little time i had left. Now I definitely need a drink.
But maybe putting up with all of this is worthwhile because of their loyalty program? Apparently if you spend $500, you can take $5 off your next purchase! Yay! 1%! And your points expire! There are three levels; maybe it gets better. Level zero is for everyone; $0 requirement. There are also levels at $500 and $2500. That last one is seriously 5x more than the first paid level. and what does it earn you? A 'free' magazine subscription, 'free' classes (they're usually like $20-$50 iirc), and a 'free' grab bag (a $2.99 value!) twice per month. All for spending $2500. What a steal. It reminds me of Candy Crush's 3-star system where the first two stars are trivial, and the third is usually a difficult stretch goal. But here it's just thinly-veiled manipulation with no benefit.
I can tell they're employing some "smarketing" people with big ideas (read: stolen mistakes), but it's just such a fail.
The whole thing is a fail.8 -
Just found an admin portal online. There was a modal asking for password, but in background the portal was visible. ctrl + shift + i and then closed the modal.
Voila, the whole portal and actions are accessible. Seriously, who develops things like these?
I am pretty sure it's vulnerable to sqli and xss too.8 -
Splash pages. Remember that crap from 20 years ago? That was a home page with some "click to enter" nonsense to get to the actual home page. Laughably stupid.
Today's empty home pages where you have to scroll down to get to any real content is exactly the same moronic pattern, just by another name: showing off useless design wankery and forcing user interaction to bypass it. Fuck you if you still do that shit.29 -
Just to clarify thing, FaceID isn't the same tech as what we've had on Android.
In Android, it's based on image recognition. That's the reason it was so easy to bypass with a high resolution photograph.
In FaceID, it projects thousands of dots on your face and creates a depth inclusive map which is used for verification. That's the reason why it's supposed to work even if you have glasses on, etc
So please let's stop with the comparison11 -
🐉
I once wrote a room planning application on unity, to allow people in my company to book meetings using tablets attached to the room doors.
Turns out the c# Datetime object unity uses was highly localized and therefore had a different formats on each different device.
I saved those timestamps into a SQL database and eventually all devices crashed due to having some Datetime format they could not parse.
Had to fully bypass the datetime and reinvent it essentially and had to reset the database.
I think it's needless to say I'm not particularly good in dating.4 -
Rant. Always start debugging with the start point :p
We have a lamp with a dimmer.
A day, the dimmer make some noisy noise. Just down it and the lamp never bright again.
I open the dimmer, check all connection, bullshit what is wrong?
I decide to bypass the dimmer with a standard interrupter. But doesn’t work.
Finally.... I check the bulb 💡 and... burned...
Morality: if the bulb doesn’t work, check the bulb!
:p
9 -
This brings joy
https://reddit.com/r/technology/...
Bypass paywall:
A series of scandals and missteps has damaged Facebook's reputation so much that the company is being forced to pay ever larger compensation to hire and retain workers, according to industry recruiters, former employees, and data reviewed by Insider.
The company has always competed aggressively for talent, and the tech job market in general is on fire. But a deteriorating public image means the social-media giant now has to outbid other major tech companies, such as Google.
"One thing Facebook can still do is pay a lot more," said Jose Guardado, an experienced tech recruiter and the founder of Build Talent. "They can easily throw more compensation at people they currently have, and cover any brand tax and pay a little more to get people to come on."
Silicon Valley companies thrive or whither based on their ability to recruit the smartest employees. Without a steady influx of engineers and other technical experts, new products and important updates take longer to release, and rivals can quickly get ahead. Then there's the financial cost: In 2022, Facebook projected, expenses could jump as high as $97 billion from $70 billion this year, in large part because of "investments in technical and product talent." A company spokesperson did not respond to a request for comment.
Other companies, and even whole industries, have had to increase compensation to overcome hiring and retention problems caused by scandal and shifting public perceptions, said Alan Johnson, a managing director at the compensation consulting firm Johnson Associates. "If you're an oil company, if you make cigarettes, if you're in cattle or Wells Fargo, sure," he said.
How well this is working for Facebook is debatable as the company has more than 4,300 open jobs and has seen decreasing rates of acceptance on job offers, according to internal documents reported by Protocol. It's also seen dozens of high-level executives leave this year, and recruiters say employees are now more open to considering jobs elsewhere. Facebook used to be a place that people rarely left, given its reach, pay, and perks.
A former Oculus engineer who left last year said Facebook could now be seen as a "black mark" on someone's career. A hardware engineer who exited in 2020 shared similar sentiments: They said they quit because of concerns about misinformation on the platform and the effect of that on children. Another employee said their department was dissolved in late 2019 by Facebook and, although the company offered another position that paid more, they left last year anyway for a different industry. The workers, and many other people who spoke with Insider for this story, asked not to be identified because of the sensitive nature of the topic.
For those who stick around and people who take new jobs at Facebook, base pay and stock grants have gone up a "sizable" amount in the past year, said Zuhayeer Musa, cofounder of Levels.fyi, a platform that collects pay data based on verified offers and compensation disclosures.
During the second quarter of 2021, the median compensation for an upper-mid-level engineer, an E5, was $400,000, up from $380,000 a year earlier. For an E4, the median pay jumped to $276,000 from $256,000 in the same period. For both groups, the increases were double the gains between 2018 and 2019, Levels.fyi data showed.
Musa, who's firm also offers pay-negotiation coaching, said previously that the total compensation ceiling for an E5 engineer at Facebook was $450,000. "We recently had a client get up to $510,000 for E5," he added.
Equity awards at the company are getting more generous, too. At the group-director and VP levels, Facebook staff are getting $3 million to $6 million in restricted stock units each year, another tech recruiter said. Directors and managers are getting on average $1 million a year. In engineering, a high-level engineer is getting $600,000 in stock and a $75,000 bonus, while even an entry-level engineer is getting $50,000 to $100,000 in stock and a $20,000 to $50,000 bonus, Levels.fyi data indicated.
Even compared to Google, Facebook's stock awards are generous and increasing, Levels.fyi data shows. While base pay is about the same, Facebook offers more in stock grants, significantly increasing total compensation. At Google, entry-level equity awards range from $20,000 to $38,000, while Facebook grants are worth $40,000 to $60,000. Sign-on bonuses at Facebook are often about $50,000, while Google gives about $20,000, according to the data.
"It's not normal, but it's consistent with the craziness that's happening in the market right now," said Aalap Shah, a managing director focused on the tech industry at the consulting firm Pearl Meyer.10 -
Sometimes the pebkac is so strong it continues to amaze me.
Step 1: customer updates pos software
Step 2: customer is presented a perfectly reasonable UAC screen with yes/no choice
Step 3: customer panics and takes no further action
Step 4: a few hours later the first customer enters the store and more panic ensues as the update is still waiting on the uac
Step 5: the customer calls us in panic and acuses us of writing shut incomprehensible software
Wish this was an once in a year exception, untill we wrote a bypass for the whole uac crap this was a daily occurance.3 -
The overreach by a single company near or close to near monopoly on the internet is beyond bone chilling.
To be precise, I am talking about Google extending its reach by forcing people to use AMP in the webpages.
I get insta furious when i see my favorite webpages using them and effectively my entire browsing activity on that page is happily recorded for clicks and ads.
To just bypass that i have to unnecessarily add more and more addons to lock them out of my browsing which in turn WEAKENS my entire browser.
And sincerely saying, this sort of outreach is becoming really annoying. Because plain JS and Cookie Blocking will not work. and slowly people are running out of options.
If posts about AMP are being made earlier, I apologize.8 -
Cracking old recovery CDs for the 9x/2000/XP era shines some light into how companies operated and when concepts came to be in that time:
Packard Bell: An EXE checks that you're running on a Packard Bell machine and reboots if it's not. How do we bypass it? Easy: just fucking delete it. The files to reinstall Windows from scratch come from...
...
C:?
Yup. Turns out Packard Bell was doing the recovery partition thing all the way back to the 9x era, maybe even further. Files aren't even on the restore disc so if your partition table got fucked (pretty common because malware and disk corruption) you were totally fucked and needed to repurchase Windows. (My dad, at the time, only charged at-cost OEM prices for a replacement retail copy. He knew it was dumb so he never sold PB machines.)
Compaq:
Computer check? Nope, remove one line from a BATCH file and it's gone.
Six archives, named "WINA.ZIP" through "WINF.ZIP" (plus one or two extras for OEM software) hold Windows. Problematic? Well... only because they never put the password anywhere so the installer can't install them. (Some interesting on-disc technician-only utils, though!)
Dell:
If not a Dell machine, lock up. Cause? CONFIG.SYS driver masquerading as OAK (the common CD driver) doing the check, then chainloading the real OAK driver. Simple fix: replace the fake driver with the real one.
Issues?
Would I mention this one if there weren't?
Disc is mounted on N:. Subdirectories work, but doing anything in them (a DIR, trying to execute something, trying to view shit in EDIT.COM) kicked you back to the disc root.
Installer couldn't find machine manifest in the MAP folder (it wanted your PC's serial before it'd let you install, to make sure you have the correct recovery disc) so it asked for 12-digit alphanumeric serial. The defined serials in the manifest were something like "02884902-01" or similar (8-2, all numbers) and it couldn't read the file so it couldn't show the right format, nor check for the right type.
Bypassing that issue, trying to do the ACTUAL install process caused nothing to happen... as all BATCHes for install think the CD should be on X:.
Welp.
well that was fun. Now to test on-real-PC behavior, as VBOX and VMWare both don't like the special hardware shit it tries to use. (Why does a textmode GUI need GPU acceleration, COMPAQ?????)4 -
I detected a way to bypass login screen in client's website. I warned them. 48h later nothing changed...6
-
The Linux Kernel is propably the best working example for open source.
Personally I had the most exciting experiences with open source games, like Super Tux Cart, OpenTTD, 0 A.D.
Once I watched a streamer playing OpenRCT2, but the Twitch integration server, which allows to have the names of the people in chat appear in the game, was offline. Because the game is open source, I was able to have a look at the API, write my own server in a couple of hours and share it. Was a really funny stream then!
Wine is a great project, too. I really like the idea that people cooperate with each other to bypass commercial limitations and on this way be able to play their favourite games on a free operating system. -
You mother fucking piece of shit.
Whoever taught you programming should be removed from history.
And whatever form of intelligence you claim to possess, let me assure you: breathing is the limit of it.
--
Some of the projects I'm working on are really the epitome of "YOLO let's turn the poopomat machine on in diarrhea mode".
The worst: I cannot really give examples.
I've seen the last days everything.
(bash scripting, docker, services like nginx /haproxy/...)
Eval as an template generator in bash...
Declaring an whole environment in an Dockerfile, that should never be used as it is only necessary for building... But not checking if an env file is provided, so the whole thing can blow up spectacularly.
A nearly 1k long bash calculator for system limits, reading out all kinds of stuff from /proc and /sys, seemingly partially stolen from NGINX Docker.
Declaring and starting an own DNS Server to bypass the Docker DNS service inside an docker container.
Mkfifo fun for creating several stdout and stderrs for seemingly no reason...
Actively not using bash, instead of creating shell only functions to emulate bash...
I could go on.
But really. I'm getting too old for this shit.3 -
Im gonna turn this topic on its head a little and mention the MOST NECESSARY feature that was never implemented in one of my projects.
It was an iOS client for a medical records system. Since it contained actual confidential medical information, some patient records could be “restricted”. Thos meant if you tried to open them you would be prompted for a reason, and this would be audited.
We already had 2 different iOS apps with this feature in place matching the web app. But for some reason with the 3rd app they just decided not to bother. I discovered that it was because the PO in charge of that project didnt consider it important enough for the demo. So we have one app where you can just bypass the whole auditing process and open restricted patient records freely.3 -
I'll just start off with how I really feel. Fuck big corporations with their career robots and retarded practices!
Now for a story. So I work remotely for most of the time nowadays, since my company has as clients big corporations. Used to be embedded with said clients, but it became kind of painful to work with them all so I asked to be reassigned to a remote position.
Now for the retarded part: The fucking Klingons I'm working with have two tiers to their VPN, but won't let me have the full version because it would be too fucking expensive. I checked and it's fucking 50 bucks per year difference.
So for that the Klingons are making me code through a remote connection that has a "best effort" priority.
Fuck.
Anyway after 3 weeks of writing code at a 400-600ms latency I finally snap.
I try to use a proxy and it. I write one myself, gets balcklisted in 2 days.
After about another week of writing code through a fuck straw I start working on node socket with 2 clients and a server that encrypts the send data, and syncs 2 folders between my workstation and the remote one.
It's been a month now and it is still working. It's not perfect, but I can at least write code without lag.
Question for you peeps: What shenanigans have you pulled to bypass shit like this?3 -
This Russian site (https://kzclip.com) literally cloned the whole of youtube including its channels and also its recommendation logic... i wonder how those crazy bastards did it.7
-
I work as a .Net consultant. Currently I am at a company that blocks all sociale media sites and sites that look like 'em. I don't mind the social media, but YouTube is also blocked and I need my dose of daily epic music world while developing. So, I set up a proxy on my server to easily bypass these blockades. Note: company policy says nothing about not being allowed certain websites, I always read this before using this trick.
Last week, a new guy joined the company and gets a desk just next to me. After a lot of looking at my screens and trying stuff he asks me for the entire office: "Hey how are you going on YouTube? It doesn't see to work for me.". 😫
The rest of the day, I had to explain to co-workers what a proxy is (they don't care about any tech they don't need...). And I had to explain to the pm that I was not hacking their network...
I'm not sure if I will be getting along with this new guy.... 😧1 -
The Turbografx 16 (or Turbografx PC-Engine in Japan) has the most amazing fucking expansion port I've ever seen. Every bus is exposed, plus sound out and IN (unused by anything ever made for the thing), composite out (not included on the console itself, but 3rd-party addons allowed it), VGA out (!!!) and CPU HALTING/CLOCK CONTROL were included over this fucking thing.
You can even power the system with 5v in through the expansion port and bypass the power switch with it.
Info and diagram:
https://gamesx.com/misctech/...
Example:
To get composite out, send pin A22 out and ground the ground wire of the composite to any ground.
For VGA, it's a little more complex:
VGA1 to TG-A23, VGA2 to TG-B23, VGA3 to TG-C23, VGA9 to TG-A2, VGA13 (and VGA10 if you want compatibility with older displays) to TG-B11, VGA14 to TG-A10, VGA5-8 (and 10 if not hooked to TG-B11) to TG-C2
(VGA numbering from Wikipedia diagram)
this thing's fucking cool1 -
When I just started programming I aways added fake loading screens and hard-coded login screens to my c# applications because it looked cool..
But I also always added an invisible panel to the top right so whenever you click that it would bypass the login screen.
I had to do that because 1. I will forget that password after 2 seconds, 2. I got no time for that login screen.2 -
Just found I can bypass CORS / Same-Origin-Policy with anyorigin or crossorigin in Javascript.
Now I can easily scrap motivational quotes, Hell Yeah.
* btw I am building random quotes generator but want to generate quotes with web-scraping *
8 -
Just reminiscing when back in the "old days" video games had cheats built in...
Proton men and the flying Dutchman IN AOE3...
Now have to find hackers to create trainer apps that change values in memory and bypass cheat detection...7 -
my farther, it took me three hours to teach him how to use a mouse, and complains about not being able to find the free WiFi (he expects it to be something physical he can walk up to and take).
but whe he finds out the Internet has porn he (by himself without instructions) hacks the senior community center's router to bypass the porn filter.3 -
So uh, after a gruelling job search, somehow I managed to bypass junior level and became a lead full stack developer on a meaningful project (not at a startup, either). 🤯1
-
One month remaining until the new European Union regulation will be brought into force.
When you search for those letters here, you’ll see a lot of developers bending over to the EU and being happy about it. Some of them are even happy that it will kill a lot of small and medium businesses.
Large companies like Google have found ways to bypass the law, so regulatory forces will earn money by flocking small businesses or individuals with decades-old debts that will be also paid by the grandchildren (40 million euro).3 -
2 hour meeting to brainstorm ideas to improve our system health monitoring (logging, alerting, monitoring, and metrics)
Never got past the alerting part. Piss poor excuses for human being managers kept 'blaming' our logging infrastructure for allowing them to log exceptions as 'Warnings', purposely by-passing the alerting system.
Then the d-head tried to 'educate' everyone the difference between error and exception …frack-wad…the difference isn't philosophical…shut up.
The B manager kept referring to our old logging system (like we stopped using it 5 years ago) and if it were written correctly, the legacy code would be easier to migrate. Fracking lying B….shut the frack up.
The fracking idiots then wanted to add direct-bypass of the alerting system (I purposely made the code to bypass alerting painful to write)
Mgr1: "The only way this will work is if you, by default, allow errors to bypass the alerting system. When all of our code is migrated, we'll change a config or something to enable alerting. That shouldn't be too hard."
Me: "Not going to happen. I made by-passing the alert system painful on purpose. If I make it easy, you'll never go back and change code."
Mgr2: "Oh, yes we will. Just mark that method as obsolete. That way, it will force us to fix the code."
Me: "The by-pass method is already obsolete and the teams are already ignoring the build warnings."
Mgr1: "No, that is not correct. We have a process to fix all build warnings related to obsolete methods."
Mgr2: "Yes. It won't be like the old system. We just never had time to go back and fix that code."
Me: "The method has been obsolete for almost a year. If your teams haven't fixed their code by now, it's not going to be fixed."
Mgr1: "You're expecting everything to be changed in one day. Our code base is way too big and there are too many changes to make. All we are asking for is a simple change that will give us the time we need to make the system better. We all want to make the system better…right?"
Me: "We made the changes to the core system over two years ago, and we had this same conversation, remember? If your team hasn't made any changes by now, they aren't going to. The only way they will change code to the new standard is if we make the old way painful. Sorry, that's the truth."
Mgr2: "Why did we make changes to the logging system? Why weren't any of us involved? If there were going to be all these changes, our team should have been part of the process."
Me: "You were and declined every meeting and every attempt to include your area. Considering the massive amount of infrastructure changes there was zero code changes required by your team. The new system simply worked. You can't take advantage of the new features which is why we're here today. I'm here to offer my help in any way I can with the transition."
Mgr1: "The new logging doesn't support logging of the different web page areas. Until you can make that change, we can't begin changing our code."
Me: "Logging properties is just a name+value pair dictionary. All you need to do is standardize on a name and how you add it to the collection."
Mgr2: "So, it's not a standard field? How difficult would it be to change the core assembly? This has to be standard across all our areas and shouldn't be up to the developers to type in anything they want."
- Frack wads smile and nod to each other like fracking chickens in a feeding frenzy
Me: "It can, but what will you call this property? What controls its value?"
- The look I got from both the d-bags I could tell a blood vessel popped.
Mgr1: "Oh…um….I don't know…Area? Yea … Area."
Mgr2: "Um…that's not specific enough. How about Page?"
Mgr1: "Well, pages can cross different areas, and areas cross different pages…what do you think?"
Me: "Don't know, don't care. It's up to you. I just need a name."
Mgr2: "Modules! Our MVC framework is broken up in Modules."
DevMgr: "We already have a field for Module. It's how we're segmenting the different business processes"
Mgr1: "Doesn't matter, we'll come up with a name later. Until then, we won't make any changes until there is a name."
DevMgr: "So what did we accomplish?"
Me: "That we need to review the web's logging and alerting process and make sure we're capturing errors being hidden as warnings."
Mgr1: "Nooo….we didn't accomplish anything. This meeting had no agenda and no purpose. We should have been included in the logging process changes from day one."
Mgr2: "I agree, I'm not sure why we're here"
Me: "This was a brainstorming meeting as listed in the agenda. We've accomplished 2 of the 4 items. I think we've established your commitment to making the system better. Thank you all for coming."
- Mgr1 and 2 left without looking at me or saying a word.1 -
Started new job at startup and finished all the development environment setup started development it was going smooth for one week.all the created API were working fine on the next day morning without any changes API's were giving cors error.asked my senior what must be the problem he said bypass cors and figure out the problem after trying for 1hrs i couldn't figure out what was the problem but API's were back to normal without any changes. then after sometime same day in zoom call i asked what was the problem he said show me the error but I couldn't reproduced the same cors error he then lectured me for 1 hrs and after that he said that learn to solve by your own dont come with silly mistake like this to me.
I don't know what was the problem he even refused me show to what the problem was.5 -
The best way to describe what I had to do today is I "Channeled Macgyver"... now production is working.
⚪Data wasn't flowing as expected.
⚪Component written by our team was blamed.
⚪Boss asked me to bypass the component so data can flow.
Sure, I can fix that... Give me a car battery, a roll of duck tape and a butter knife. Data will be flowing in production shortly. -
any fucker who has written code for the indian ewaybill portal needs to be fucking assassinated. couldn't even get a simple aspx login page to work. motherfuckers.
They just display a message that if we are having troubles we should try clearing our cache.
Like for fucks sake build it properly. This is the main source of income for this fucking nation, probably.
- the password reset doesn't work.
- the userid reset doesn't work.
- sometimes i show up as not registered. i just fucking transacted yesterday you buffoons.
- there is an error alert, that says "error". i god fucking know there is an error. please fucking tell how may we please your ass to bypass those fucking errors 😭.
fuck every developer that works for that portal 😤. Good for nothings.
thanks for creating devrant, dfox and trogus. feels better now 😌.7 -
Just a quick rant on JavaScript,
So there’s a lot of people hating javascript, and while not a long time ago i was part of them, but I changed my opinion a little.
I think JavaScript is a great way to deal with website programming as it is quick and efficient, but I would not say to program directly on it, use a js-compilable language (CoffeScript, TypeScript, Kotlin(I think), etc.), but then you might say: “Well, no need for js then, compile it in byte code”. That would break the point of how I see web design/dev. The main intent behind webpages is to have an easy and fast way to send code to other computers to render them, that’s why it is interpreted: “Easy to send” and “*All* computers can handle it” with the proper browser. You need to be able to change the way the website is rendered and/or works sometimes, for diverse reasons like copy/pasting data, make it render properly or use plugins/add-ons to change that code to suit your needs.
I think js should be kept as a “readable byte-code”, so that means: {
Keep comments when compiling the js-compilable code,
Add standardized machine-readable comments that will indicate to smart code viewers how to show a particular thing (Like have a higher-end function compiled in js shown as a minimized code with explanations of the function)
Keep it nicely formated and don’t obfuscate (coz that’s annoying)
Etc.
}
So you bypass the quirks and all that pesky js stuff, while keeping it’s good sides.
-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-/-
Part 2:
Web design for non-web:
Ok so things like node.js, electron, react-native and all that stuff; I won’t say they’re bad but...
Why we have this is because web designers wanted to make desktop apps and were like “Hey! Making web pages is easy! Let’s port it to desktop”, the problem is: Web technologies were made to work on a restricted canvas, aka a browser. It’s good on web for reasons mention earlier and more. But it’s not on desktop! You’re trying to push it outside of those boundaries. It’s difficult to make it break that canvas and go outside, make something that really works! For social media clients and that kind of stuff that you want to make a little more inclusive, yes! it’s a great idea (hello devrantron ;), but not if it’s an exact same copy of the website, just use the website. But for things that are supposed to really make use of YOUR computer; no!
I see those PWA (progressive webapps aka mobile app, but it’s an offline website”), I stand for the same positions, social media and those sort of things: yes, great idea! Games? 🤢.
I have way more to say but I have difficulties to remember them while reading, so feel free to comment your thoughts
Lol, “just a quick rant”1 -
Attention guys and gals! If you are using grafana in your home setup, update it asap to 4.6.4 or 5.2.3. versions before those two are affected by an authentication bypass vulnerability. CVE 2018-15727
In the meanwhile, my nginx config is blocking everything but the LAN ips :) -
Why does Google FRP even exist?!
For everyone who doesn't know what FRP is: FRP (Factory Reset Protection) is a partition on an Android device that stores data about the last used Google account on the device. It "protects" the device to be used by a second person (or a thief) even AFTER a factory reset when executed via bootloader.
Last week I bought a HTC One A9 second-hand w/o any documents. I ensured it has been reset, so I took it home... I then wanted to set it up, as following message appeared on the screen: "This device has been reset. Please login using a Google account that has been synced with this device before."
I checked the IMEI for being blacklisted, but it wasn't. Unlocking the bootloader and erasing the frp partition is not an option, because on HTC devices you have to enable OEM unlocking in the settings first. Someone stated on a forum, that you can bypass the bootloader lock with a "RUU Image" (I'm not familiar with this so pls don't blame me for that statement). But since the phone has a branding from Vodafone Germany, I can't find a RUU Image that would flash the device without a CID mismatch...
Why the f*** does Google have to implement a feature that prevents to use the phone when bought from another person that you don't know?12 -
I've had a Xiaomi Mi 8 for a few months now. Although I'm impressed by what I got for the amount I paid (a phone that cost about $250 for 6GB RAM, Snapdragon 845, Android 9 and premium build quality is quite a steal), it definitely comes with a consequence.
MIUI (specifically MIUI 11) is godawful. It is single-handedly the worst Android ROM I've ever used since my shitty Android 2.2 phone back around 2010. If you're gonna buy a Xiaomi phone, plan to install Lineage OS on it (but even that's a pain which I'll explain why later).
- Navigation buttons don't hide while watching a video.
Why? God only knows. The ONLY way to bypass without root this is to use its garbage fullscreen mode with gestures, which is annoying as all hell.
- 2 app info pages?
Yeah, the first one you can access just by going to its disaster of a settings app, apps, manage apps and tap on any one.
The 2nd one you can access through the app info button in any 3rd party launcher. Try this: Download Nova launcher, go to the app drawer, hold on any app and tap "app info", and you'll see the 2nd one.
Basically, instead of modifying Android's FOSS source code, they made a shitty overlay. These people are really ahead of their time.
- Can only set lock screen wallpapers using the stock Gallery app
It's not that big an issue, until it is, when whatever wallpaper app you're using only allows you to set the wallpaper and not download them. I think this is both a fuckup on Xiaomi and (insert wallpaper app name here), but why Xiaomi can't include this basic essential feature that every other Android ROM ever made has is beyond me.
- Theming on MIUI 11 is broken
Why do they even bother having a section to customize the boot animation and status bar when there's not one goddamn theme that supports it? At this point you're only changing the wallpaper and icon pack which you can do on any Android phone ever. Why even bother?
They really, REALLY want to be Apple.
Just look at their phones. They're well designed and got good specs, but they don't even care anymore about being original. The notch and lack of a headphone jack aren't features, they're tremendous fuckups by the dead rotting horse known as Apple that died when Steve Jobs did.
Xiaomi tries to build a walled garden around an inherently customizable OS, and the end result is a warzone of an Android ROM that begs for mercy from its creator. Launchers integrate horribly (Does any power user actually use anything that isn't Nova or Microsoft launcher?), 3rd party themes and customization apps need workarounds, some apps don't work at all. People buy from Xiaomi to get a high end budget Android phone at the price of some ads and data collection, not a shitter iOS wannabe.
They really, REALLY want you to have a sim card
If you don't have a sim card and you're using your phone for dev stuff, you're a 2nd class citizen to Xiaomi. Without one, you can't:
- Install adb through adb
- Write to secure settings
- Unlock your bootloader and get away from this trash Android ROM
What's the point? Are they gonna shadow ban you? Does anyone contact them to unlock their bootloader saying "yeah I wanna use a custom rom to pirate lizard porn and buy drugs"? They made this 1000000000x harder than it needs to be for no reason whatsoever. Oh yeah and you gotta wait like a week or something for them to unlock it. How they fucked up this bad is beyond me.
So yeah. Xiaomi. Great phones, atrocious OS.
11 -
Trying to explain to my remote colleague the ABSOLUTE SODDING MESS he's left behind because he's decided to bypass Apollo/GraphQL and interface directly with the NoSQL db.1
-
## building my own router
I hoped things would go more smoothly :)
Anyway, my new miniPC easily accepted CentOS 8 - no fuss here. And I've got to say - I love CentOS8 so far! Shell has amazing nifty tricks, UI (gnome3) is also snappy, video/audio/ethernet,.. everything works.
What I did NOT expect is hardware being off. Well okay, the price was low - it was obvious smth is not right. But still.. I decided to build my own router so that I could swap wifi card whenever I want. So that I could run my own network services in there. Turns out - the card swapping is not as easy as one might think.
I got the AX200 WiFi6 card for that very purpose. But once plugged in the OS can only see it's bluetooth module. Weird... What's even weirder is that even though the card is PCIe, the OS uses btusb module to talk to that device. What? USB?? emm.. What??
And there it is. After opening it up again I noticed that the mPCIe area is marked with a label: "USB WIFI / WWAN". USB? Does that mean this PCIe slot is wired into the USB bus? Not impossible I guess.
Googling for a "pcie wifi over usb" or smth like that brought me to one reddit (I think?) where someone wanted to build a DIY wifi mPCIe -> USB adapter and someone else adviced hime that (for some reason) at best he could only get bluetooth working (hey! just like me!). It's got to do smth with pcie channels and USB being too weak to handle all that load, or smth.. IDK, I'm not a HW guy.
Well that sucks then! I have a mPCIe slot that does not work as a PCIe. Shit! So I guess the best I could do is to plug back in the same wifi card that came with the device. It smells like 2003 - supports only g protocol. Fine, let's try that. Maybe I'll find a way to work around this mPCIe limitation later on (USB adapter or smth... except there are no USB WIFI6 dongles yet :( ). So I plug it back in and start turning it into a router. Disable NetworkManager, configure static NCs' settings, install dhcpd, hostapd, bind and others. Looks like all is done! Now it's time to start it all. systemctl start hostapd --> FAILED. wtf? journalctl says it could not initialize a driver. umm okay? Why? Forums say I should airodump-ng check and kill whatever's using that device. Fine. airodumo reveals avahi and wpa_suppl are still using it. kill, kill, GOTTA KILL 'EM ALL!! Starting hostapd again -- same shit... wtf?
iw list
My gawd... That shitty network card does not even support AP mode :( I mean.. My USB wifi dongle for 2€ supports 2x more modes, is faster, has better range and is easier to work with than this old tart!
Yeah. That was an interesting day. When enfironment engineers break my testing environments at work I'm glad I have where to spend my time now.
BTW any ideas how to bypass this mPCIe nonsense? Come on, there are USB GPUs out there.. Why can't they make a USB (or dual-USB if they really need to) mPCIe adapter?8 -
How to replace rEFInd bcuz M$ locks linux out of your system if M$ installed first.
-----
This will be long so get your salsa ready.
-----
1. Get your rEFInd from sourceforge
Since we are installing INTO windows, dl the zip.
2. extract to a folder.
2-a-: Install themes if you want any or edit the config if you want/need to, at this stage.
3. open a cmd as Admin and cd to the refind's folder.
4. mount system volume
`mountVol S: /S` will mount it to S:
5. use xcopy to copy as system
`xcopy /E refind-bin-x.xx.x\ S:\EFI\refind`
6tynice: go to System volume and to the refind folder
`S:`
`cd EDI\refind\refind`
7:Set rEFInd as Windows Boot Manager
`bcdedit /set {bootmgr} \EFI\refind\refind\refind_x64.efi`
(It's possible to use ia32 or aa64 for different architectures)
At this point, try plugging a linux thumb drive and restart your computer. Windows Boot Manager should be deactivated and should show refind.
You can use mouse and keyboard to select an OS boot or just set config to start one automatically unless you are holding a "power" button.
rEFInd also offers "fallback" boot for linux, which boots the efi from rEFInd and not from syslinux.4 -
Well I just found a security issue with my company's website thats potentially been there for YEARS
You can just fucjing bypass the login screen and access any file. You do have to know the filename and path from the site root. But I doubt that matters to anyone willing to try hard enough. I'm sure there's tools to find the paths
Especially since the files names are fucking predictable 🙄 😒5 -
to all those Lenovo guys who are wondering how to bypass raid for installing linux:
boot from live usb and rewrite the partition table from raid to something else using gparted. and done. I had this issue long time ago.
p.s. try at ur own risk. data will be lost. -
I hate the US education system, its just designed to fuel capitalism. It keeps getting less funding so that actually passionate, intelligent people get kicked out and replaced with people who only want to be a teacher so they can have power over others.
Why do they block news websites? Why do they block github, so their own robotics team can't even access the essential building blocks for the robot? They make everything more complicated and for the reason that it might distract you. Maybe just make topics engaging and not boring asf, just cramming for the exams so the school gets more funding. Maybe prepare students for jobs, allow them to do projects, pursue classes that interest them, and have any sense of individualism.
Anyways, yeah, the school blocked github so I can't do my FBLA project, I can't access the code for programming our robot for competitions, I can't even download software required for half of these classes. I have a Linksys router, is there any way I could set it up to bypass the firewall?15 -
> IHateForALiving: Mister Supervisor, I need to do X, I know how to do it with Vue but I can't do it in AngularJS, how did you do it in the past?
> Supervisor: It's a mess, you need to do A, B, C, D and E, but webpack interferes so you have to come up with something to bypass the whole thing
> Me: ok whatever thx
> Supervisor: I know it's a problem, a more modern framework would do it in a heartbeat :(
Those are bold words for the guy who saw my first PoC, noticed I was using Vue and made me throw everything in the rubbish, explicitly ordering me to use AngularJS. -
Me : *do the right way to get the data I need, based on functionning project on same framework*
System : *does not working*
Me : *bypass by doing something more random*
System : *give the data I need*
I love frameworks. -
TL;DR: Phone akku is draining, I steal our schools power. And secret plans to become rich.
My phone accumulator (heh, not a battery) DRAINS these days. It's fucking old and the temperatures are so hot that we actually afternoon classes are cancelled 🔥
So anyways, I'm sitting in the library (15 min break) and secretly charging my phone, devRanting on these wrongly configured, distorted monitors of this one computer that is connected with like 20 work stations xD
I'm stealing the schools power but the school owes me time (+2h of more useless sitting at school with my new timetable) - and time is money. And the schools money buys power. So I don't feel bad about it.
Actually a friend and me wanted to develop and install a plugin - when being able to bypass the reset-application in our school network - that uses the schools computers and their power to do crypto mining.
I wouldn't feel bad about it.4 -
Perfect my script to automate YouTube videos to tiktok. The script would take a YouTube url as input and then split the video into 3 minute long pieces ( the longest time allowed for tiktok ) and post it to tiktok. I’ve gotten it before but I had to do some fucked shit bc I couldn’t get puppeteer to bypass tiktok’s bot security so it’s super inconsistent1
-
(Question/0.5Rant)
So I am working on a mixed API (aka reachable from anywhere, but also only accessible by specific allowed devices) and I am struggling with the security of it, its not managing anything hardcore (this API is "is the coffe ready?" kind of level) or I would have just enforced per device registration for example already, but the app that goes with that API is deployed remotely and has to be "ready to go!!!" out of the box, so I can't add any registration, verifications of devices etc.
The main thing I am afraid of is, that one of those agent retards will get his spaghetti phone blasted from the inside, so all the https calls will be read out by some random attacker, which then will be able to "abuse" the API via read out api-key, is there any way for me to have a rescue plan if one of those retards does get hacked and the system then get spammed or something, like if I log all devices that use the API I could just deny access from that device (until resolved) and issue a new app update via new api key.
What's the best way of handling this and is my idea really the only way to handle this? this shitfest is really causing shit ton of ideas in my head, which then I deny literally 20 seconds later, because there's a way to bypass it or once you have the old api key to get a new one by just monitoring it etc.5 -
My most recent workaround occurred last week.
We have a demo very soon and I had to change our iOS app to use a new Web API endpoint for uploading content.
Long story short: The existing code is so awful and rigid and dependant on Core Data that I ended up having to completely bypass the service layer of the app and implement the new endpoint as a raw HTTP request. Its gonna take a long time to refactor the existing service layer. All because the new endpoint has a different content type. -
!rant
iOS 11 have a vulnerability allowing attacker to bypass your lock screen and brick your phone via prepared “dev profile”. Do not download any utrusted stuff untill official fix ;)7 -
Any ideas how to bypass a Linux based paywall? I’m on a cruise and the internet access is ridiculously expensive... The OS boots straight into a session, and opens the login app maximised. Originally I tried unplugging it, cloning its MAC, etc, but that looked quite suspicious 😂 (the BIOS is password protected)
Obviously for research purposes 😇5 -
Typescript is my new favorite and my grudge is the stupid scoping of type assertions. I have an async function that checks whether a variable is set and awaits a change event if it's undefined. This function is working javascript but invalid according to typescript, because it relies on the exact type changing while the function is running. I had to convert it to a mess of promises to bypass this because (and this is the best) the callback-based syntax of identical meaning will reset all type assertions, even locals that are never written after the callback's creation.8
-
I am legit getting tired of trying to help people improve and hit huge roadblocks because nobody seem to care if what we do works for the intended purpose.
I have seen some terrible unstable code that fails 50% of the time on run time and never was reviewed or tested on core software, but since it was worth a lot of story points, people get congratulated for finishing it but nobody bothers checking if it really works in the first place. Story points are meaningless in this Agilefall Frankenstein shit process we use and bosses keep saying they will improve it but nothing gets done.
Worst thing is my work often depends on this shit.
I swear one of my good colleague and I are trying to introduce commit and PR gating, code review, code quality to avoid as much problems as possible while speeding up CI and documentation but 90% of devs do not give a single fuck about it. They just bypass it with admin rights because it supposedly slows them down.
When I bring up to management that the processes are terrible, I get the classic "we can't force people to use these processes because we have to respect their work ethics and it is different from yours." While I get that some things are subjective, in this case that's a lot of words to say they suck and give no fucks.
Sorry for the rant, it is starting affect my morale and efficiency at work, but I know every workplace got its problems.2 -
If anyone knows how to bypass Cloudfare protection, let me aware ! :)
I don't know if that is possible, i need it because a website API block my bot mmmh...5 -
boy all i did around this time period is make money. and try to make more. and try to bypass blue collar temp jobs back into career moves.
wow this time period sucked.
sucks more now that you people have lied for years about the year2 -
Anyone knows if it is possible to do SOAP API with Javascript and bypass CORS, or work with it? if not **** this4
-
so from my aspect if you fill a persons head with pain and try to get them in the habit of being enraged by willful disgusting injustice and then place them in a situation where they either help the offender engage in willful disgusting injustice, with the only other option being engaging in criminal activity to bypass the willful disgusting injustice then you are attempting to trap the person when they engage in the 'criminal' activity to retain control of or eliminate the individual, who being subject to the laws of entropy as time progresses will be less capable of engaging the activities necessary to bypass the disgusting injustice, and so therefore will continue to go in a loop of being subjected to willful disgusting injustice. either way the individual is eventually contained if you can place them through the same cycle over and over again, is my logic sound ?5
-
Pussies banned me from Reddit subreddit. Is there a way to bypass this ban on mobile device? Creating alt account does not work since app has two accounts at the same time and they obviously know. I can bypass on pc easily but app…
Is there a way to purge my account history on app? So I add fresh account. Do you track device mac maybe?24 -
Spent two days writing an automated UAC bypass via the task scheduler because most customers are litteraly too stupid to press the yes button....
Top Tags
Weekly Rant
View