Sales employee Bob wants a clickable blue button.

Bob tells product owner Karen about his unstoppable desire for clickable blue buttons.

Karen assigns points for potential and impact (how much does a blue button improve Bob's life, how many people like Bob desire blue buttons)

Karen asks the button team how hard it is to build a button. The button team compares the request to a reference button they've built before, and gives an ease score, with higher score being easier (inverse of scrum points).

These three scores are combined to give a priority score. The global buttonbacklog is sorted by priority.

Once every two weeks (a "sprint") the button team convenes, uses the ease scores to assign scrum points. Difficult tasks are broken up into smaller tasks, because there is a scrum point upper limit. They use the average of the last 5 sprints to calculate each developer's "velocity".

The sprint is filled with tasks, from the top of the global button backlog, up to the team's capacity as determined by velocity. Approximate due dates are assigned, Bob is a happy Bob.

What if boss Peter runs into the office screaming "OUR IMPORTANT CLIENT WANTS A FUCKING PINK BUTTON WHICH MAKES HEARTS APPEAR"?

Devs tell boss to shut the fuck up and talk to Karen. Karen has a carefully curated list of button building tasks sorted by priority, can sedate boss with valium so he calms the fuck down until he can make a case for the impact and potential of his pink button.

Karen might agree that Peter's pink button gets a higher priority than Bob's blue button.

But devs are nocturnal creatures, easily disturbed when approached by humans, their natural rhythms thrown out of balance.

So the sprint is "locked", and Peter's pink button appears at the top of the global backlog, from where it flows into the next sprint.

On rare occasions a sprint is broken open, for example when Karen realizes that all of the end users will commit suicide if they don't have a pink heart-spawning button.

In such an event, Peter must make Bob happy (because Bob is crying that his blue button is delayed). And Peter must make the button team of devs happy.

This usually leads to a ritual involving chocolate or even hardware gift certificates to restore balance to the dev ecosystem.

First world problems...

I've been working at this startup as a tech lead for a little over a year, and we've grown from 3 to over 150 employees, and a bit over a million end users.

I've spent tens of thousands on high end displays and chairs for your lazy butts, on external consultants to help and train you, even those fucking dirty recruiters have leeched their shares of the pie. I built an amazing luxury kitchen with a fridge, beer cooler, induction plates and a blender for all your crossfitting bodybuilder meals, but forgot to think of my own needs.

NOW I JUST WANT TO BUY A GOOD COFFEEMAKER AND ALL THESE FUCKING TEASLURPING FAKE DEV-BROS SUDDENLY START SCREAMING ABOUT BUDGETS AND HOW COFFEE IS NOT NECESSARY IF YOU MEDITATE. FUCK YOU, WE'RE LIKE THE ONLY STARTUP IN THE COUNTRY RUNNING A FAT PROFIT. I DON'T CARE ABOUT YOUR STUPID MINDFULNESS IOS APP. GIVE ME MY FUCKING ESPRESSO OR I'LL BLEND YOUR BALLS INTO A PROTEIN SHAKE.

What end users seem like

BETA USER: Is this feature working? When I add a link I get an error that says "URL cannot be more than 255 characters."

ME (biting my tongue): Hi ****, Yes it works. The link you're trying to add is too long. Please try a shorter URL.

BETA USER: Oh, it should tell you that!

😳🤪🤬

The way 90% of the population wears their face masks really explains a lot about their approach to using software, apps & websites as well.

I feel like giving up.

I am not a developer for the salary, or just to solve analytical puzzles. Those are motivators, but my main drive is to make the world more comfortable and enjoyable, better optimized, build ethical services which bring happiness into people's lives. I want to improve society, even if it's just a tiny bit.

But if users invest absolutely zero percent of their limited brain capacity into understanding a product that already has a super-clean design and responds with helpful validation messages...

...why the fuck bother.

I used to think of the gap between technology and tech-incompetent people as an optimization problem.

As something which could be fixed by spending a fortune on UX research. Write tests, hire QA employees, decrease tech debt, create a bold but unified & simple design.

But the technologically incompetent just get more entitled with every small thing you simplify.

It's never fucking fool-proof enough.

Why can't I upload a 220MB PDF as profile picture? Why doesn't the app install on my 9 year old Android Froyo phone? Why can't I sign up if my phone number contains a  U+FFFC? Why does this page load so slowly from my rural concrete bunker in East Ukraine? WHY DO I HAVE PNEUMONIA, HOW DID I GET INFECTED EVEN THOUGH I WAS WEARING A MOUTH MASK ON MY FOREHEAD?

This is why I ran away from Frontend, to Backend, to DBA.

If I could remove myself further from the end user, I would.

At least I still have a full glass of tawny port and a huge database which needs to be normalized & migrated.

Fuck humans, I'm going to hug a server.

!rant

This was over a year ago now, but my first PR at my current job was +6,249/-1,545,334 loc. Here is how that happened... When I joined the company and saw the code I was supposed to work on I kind of freaked out. The project was set up in the most ass-backward way with some sort of bootstrap boilerplate sample app thing with its own build process inside a subfolder of the main angular project. The angular app used all the CSS, fonts, icons, etc. from the boilerplate app and referenced the assets directly. If you needed to make changes to the CSS, fonts, icons, etc you would need to cd into the boilerplate app directory, make the changes, run a Gulp build that compiled things there, then cd back to the main directory and run Grunt build (thats right, both grunt and gulp) that then built the angular app and referenced the compiled assets inside the boilerplate directory. One simple CSS change would take 2 minutes to test at minimum.

I told them I needed at least a week to overhaul the app before I felt like I could do any real work. Here were the horrors I found along the way.

- All compiled (unminified) assets (both CSS and JS) were committed to git, including vendor code such as jQuery and Bootstrap.
- All bower components were committed to git (ALL their source code, documentation, etc, not just the one dist/minified JS file we referenced).
- The Grunt build was set up by someone who had no idea what they were doing. Every SINGLE file or dependency that needed to be copied to the build folder was listed one by one in a HUGE config.json file instead of using pattern matching like `assets/images/*`.
- All the example code from the boilerplate and multiple jQuery spaghetti sample apps from the boilerplate were committed to git, as well as ALL the documentation too. There was literally a `git clone` of the boilerplate repo inside a folder in the app.
- There were two separate copies of Bootstrap 3 being compiled from source. One inside the boilerplate folder and one at the angular app level. They were both included on the page, so literally every single CSS rule was overridden by the second copy of bootstrap. Oh, and because bootstrap source was included and commited and built from source, the actual bootstrap source files had been edited by developers to change styles (instead of overriding them) so there was no replacing it with an OOTB minified version.
- It is an angular app but there were multiple jQuery libraries included and relied upon and used for actual in-app functionality behavior. And, beyond that, even though angular includes many native ways to do XHR requests (using $resource or $http), there were numerous places in the app where there were `XMLHttpRequest`s intermixed with angular code.
- There was no live reloading for local development, meaning if I wanted to make one CSS change I had to stop my server, run a build, start again (about 2 minutes total). They seemed to think this was fine.
- All this monstrosity was handled by a single massive Gruntfile that was over 2000loc. When all my hacking and slashing was done, I reduced this to ~140loc.
- There were developer's (I use that term loosely) *PERSONAL AWS ACCESS KEYS* hardcoded into the source code (remember, this is a web end app, so this was in every user's browser) in order to do file uploads. Of course when I checked in AWS, those keys had full admin access to absolutely everything in AWS.
- The entire unminified AWS Javascript SDK was included on the page and not used or referenced (~1.5mb)
- There was no error handling or reporting. An API error would just result in nothing happening on the front end, so the user would usually just click and click again, re-triggering the same error. There was also no error reporting software installed (NewRelic, Rollbar, etc) so we had no idea when our users encountered errors on the front end. The previous developers would literally guide users who were experiencing issues through opening their console in dev tools and have them screenshot the error and send it to them.
- I could go on and on...

This is why you hire a real front-end engineer to build your web app instead of the cheapest contractors you can find from Ukraine.

string excuses[]={
"it's not a bug it's a feature",
"it worked on my machine",
"i tested it and it worked",
"its production ready",
"your browser must be caching the old content",
"that error means it was successful",
"the client fucked it up",
"the systems crashed and the code got lost" ,
"this code wont go into the final version",
"It's a compiler issue",
"it's only a minor issue",
"this will take two weeks max",
"my code is flawless must be someone else's mistake",
"it worked a minute ago",
"that was not in the original specification",
"i will fix this",
"I was told to stop working on that when something important came up",
"You must have the wrong version",
"that's way beyond my pay grade",
"that's just an unlucky coincidence",
"i saw the new guy screw around with the systems",
"our servers must've been hacked",
"i wasn't given enough time",
"its the designers fault",
"it probably won't happen again",
"your expectations were unrealistic",
"everything's great on my end",
"that's not my code",
"it's a hardware problem",
"it's a firewall issue",
"it's a character encoding issue",
"a third party API isn't responding",
"that was only supposed to be a placeholder",
"The third party documentation is wrong",
"that was just a temporary fix.",
"We outsourced that months ago.","
"that value is only wrong half of the time.",
"the person responsible for that does not work here anymore",
"That was literally a one in a million error",
"our servers couldn't handle the traffic the app was receiving",
"your machines processors must be too slow",
"your pc is too outdated",
"that is a known issue with the programming language",
"it would take too much time and resources to rebuild from scratch",
"this is historically grown",
"users will hardly notice that",
"i will fix it" };

Dev: Ok issue fixed, you just need to log out and back in again on your end to receive the fix

User: It’s still not working

Dev: Did you log out and in again?

User: No why would I want to do that?

Dev: It’ll reset your locally saved login information which is causing the issue

User: I thought you said the issue was fixed?

Dev: On our end yes, we just need you to reset your end in order to receive the fixed version

User: Look I have been dealing with this issue for 6 months. Fixing bugs are your responsibility. I have too much to do, you have to get this fixed. *click*.

Dev: Yeah you submitted the bug ticket yesterday night though

Email from users manager later that day: <User> is saying you are refusing to fix this bug. This is unacceptable. Fix it or else I will escalate this. Also there are other bugs we noticed today too, fixing them is absolutely critical!

Dev: …

Dev: What other bugs did you notice?

*no response for 2 weeks and then:

User: Hey you can close this ticket, the issue seems to have resolved itself.

Dev: ….muppet.

"could you please just use the standard messaging/social networking thingies? That way it'll be way easier to communicate!!"

Oh I don't mind using standard tools/services which everyone uses at all.

Just a few requirement: they don't save information that doesn't need to be saved, leave the users in control of their data (through end to end encryption for example) and aren't integrated in mass surveillance networks.

Aaaaaand all the standard options which everyone uses are gone 😩

Be more passive

I always get involved in everything, at every company. Not to further my career through ass-kissing and overperforming.

I regularly piss off people. When C-level has a discussion about strategy, I'm usually ahead of them, ask too many questions, criticize every detail they've missed, cause frustration by making them look incompetent.

Can't help it, when I see retards destroy a great product I have to intervene.

Some people appreciate it. I often defend both devs and end users, when others don't dare speak up.

But fuck it, I'm getting older. I'm gonna coast a bit more. Sit back, relax.

If a product manager doesn't prepare enough tasks — that's cool, I still have a Factorio savegame to work on.

If another team designs an incredibly stupid feature — they'll discover the issues eventually by themselves. Maybe I'll warn once, just to be nice.

*Pours another chocolate milk*

Also gonna spend at least 4h/d with my daughter. She's a better human than most of my coworkers, and the work we do using her Legos is honestly more important for humanity than the Jira backlog.

End users ...

I have been a mobile developer working with Android for about 6 years now. In that time, I have endured countless annoyances in the Android development space. I will endure them no more.
My complaints are:

1. Ridiculous build times. In what universe is it acceptable for us to wait 30 seconds for a build to complete. Yes, I've done all the optimisations mentioned on this page and then some. Don't even mention hot reload as it doesn't work fast enough or just does not work at all. Also, buying better hardware should not be a requirement to build a simple Android app, Xcode builds in 2 seconds with a 8GB Macbook Air. A Macbook Air!

2. IDE. Android Studio is a memory hog even if you throw 32GB of RAM at it. The visual editors are janky as hell. If you use Eclipse, you may as well just chop off your fingers right now because you will have no use for them after you try and build an app from afresh. I mean, just look at some of the posts in this subreddit where the common response is to invalidate caches and restart. That should only be used as a last resort, but it's thrown about like as if it solves everything. Truth be told, it's Gradle's fault. Gradle is so annoying I've dedicated the next point to it.

3. Gradle. I am convinced that Gradle causes 50% of an Android developer's pain. From the build times to the integration into various IDEs to its insane package management system. Why do I need to manually exclude dependencies from other dependencies, the build tool should just handle it for me. C'mon it's 2019. Gradle is so bad that it requires approx 54GB of RAM to work out that I have removed a dependency from the list of dependencies. Also I cannot work out what properties I need to put in what block.
4. API. Android API is over-bloated and hellish. How do I schedule a recurring notification? Oh use an AlarmManager. Yes you heard right, an AlarmManager... Not a NotificationManager because that would be too easy. Also has anyone ever tried running a long running task? Or done an asynchronous task? Or dealt with closing/opening a keyboard? Or handling clicks from a RecyclerView? Yes, I know Android Jetpack aims to solve these issues but over the years I have become so jaded by things that have meant to solve other broken things, that there isn't much hope for Jetpack in my mind 😤

5. API 2. A non-insignificant number of Android users are still on Jelly Bean or KitKat! That means we, as developers, have to support some of your shitty API decisions (Fragments, Activities, ListView) from all the way back then!

6. Not reactive enough. Android has support for Databinding recently but this kind of stuff should have been introduced from the very start. Look at React or Flutter as to how easy it is to make shit happen without any effort.

7. Layouts. What the actual hell is going on here. MDPI, XHDPI, XXHDPI, mipmap, drawable. Fuck it, just chuck it all in the drawable folder. Seriously, Android should handle this for me. If I am designing for a larger screen then it should be responsive. I don't want to deal with 50 different layouts spread over 6 different folders.

8. Permission system. Why was this not included from the very start? Rogue apps have abused this and abused your user's privacy and security. Yet you ban us and not them from the Play Store. What's going on? We need answers.

9. In Android, building an app took me 3 months and I had a lot of work left to do but I got so sick of Android dev I dropped it in favour of Flutter. I built the same app in Flutter and it took me around a month and I completed it all.
10. XML.

If you're a new dev, for the love of all that is good in this world, do NOT get into Android development. Start with Flutter or even iOS. On Flutter and build times are insanely fast and the hot reload is under 500ms constantly. It's a breath of fresh air and will save you a lot of headaches AND it builds for iOS flawlessly.

To the people who build Android, advocate it and work on it, sorry to swear, but fuck you! You have created a mess that we have to work with on a day-to-day basis only for us to get banned from the app store! You have sold us a lie that Android development is amazing with all the sweet treat names and conferences that look bubbly and fun. You have allowed to get it so bad that we can't target an API higher than 18 because some Android users are still using devices that support that!

End this misery. End our pain. End our suffering. Throw this abomination away like you do with some of your other projects and migrate your efforts over to Flutter. Please!

#NoToGoogleIO #AndroidSummitBoycott #FlutterDev #ReactNative

users are the ultimate testers

More sysadmin focused but y’all get this stuff and I need a rant.

TLDR: Got the wrong internship.

Start working as a sysadmin/dev intern/man-of-many-hats at a small finance company (I’m still in school). Day 1: “Oh new IT guy? Just grab a PC from an empty cubicle and here’s a flash drive with Fedora, go ahead and manually install your operating system. Oh shit also your desktop has 2g of ram, a core2 duo, and we scavenged your hard drive for another dev so just go find one in the server room. And also your monitor is broken so just take one from another cubicle.”

Am shown our server room and see that someone is storing random personal shit in there (golf clubs propped against the server racks with heads mixed into the cabling, etc.). Ask why the golf clubs etc. are mixed in with the cabling and server racks and am given the silent treatment. Learn later that my boss is the owners son, and he is storing his personal stuff in our server room.

Do desktop support for end users. Another manager asks for her employees to receive copies of office 2010 (they’re running 2003 an 2007). Ask boss about licensing plans in place and upgrade schedules, he says he’ll get back to me. I explain to other manager we are working on a licensing scheme and I will keep her informed.

Next day other manager tells me (*the intern*) that she spoke with a rich business friend whose company uses fake/cracked license keys and we should do the same to keep costs down. I nod and smile. IT manager tells me we have no upgrade schedule or licensing agreement. I suggest purchasing an Office 365 subscription. Boss says $150 a year per employee is too expensive (Company pulls good money, has ~25 employees, owner is just cheap) I suggest freeware alternatives. Other manager refuses to use anything other than office 2010 as that is what she is familiar with. Boss refuses to spend any money on license keys. Learn other manager is owners wife and mother of my boss. Stalemate. No upgrades happen.

Company is running an active directory Windows Server 2003 instance that needs upgrading. I suggest 2012R2. Boss says “sure”. I ask how he will purchase the license key and he tells me he won’t.

I suggest running an Ubuntu server with LDAP functionality instead with the understanding that this will add IT employee hours for maintenance. Bosses eyes glaze over at the mention of Linux. The upgrade is put off.

Start cleaning out server room of the personal junk, labeling server racks and cables, and creating a network map. Boss asks what I’m doing. I show him the organized side of the server room and he says “okay but don’t do any more”.

... *sigh* ...

Worst of 2020:

Seeing company get stuck in an organizational swamp. Devs tend to be reasonably good at working from home...

Management isn't. Meeting quality has gone down the drain, half of management thinks "if the boss can't see me why work at all?", the other half has constant calls with tiny working groups where nothing is final and everyone is left confused.

I'm convinced: Everything management is afraid of about allowing devs to work from home is based on projection of their own weaknesses.

They're not passionate enough to work without oversight. They might not be introverts, but extroverts are perfectly able to communicate poorly, especially when a few digital hurdles get in the way.

The average developer might actually be more attuned to the intricacies of emotionless text chats, and preventing disruptive elements in video calls.

Also, unless someone physically helps a manager to remove their head from their own ass once in a while, their "gut feelings" about the market and products are actually just amplified bias caused by their endless self-absorbed yelling into the echo chamber that is their stretched out rectum.

Holy motherfucking hell, have I seen some weird projects float by in 2020, pooped out by isolated product managers whose brain clearly has melted when they had to survive without office fruitbaskets and organizational post-it walls.

Yeah let's promote our international character, by giving away travels and hotel bookings, using pictures of happy hugging people in foreign countries... Great promo during a pandemic.

Or let's get "woke" and promote the "colored users" on our platforms, by training ML to categorize people by skin pigment (Apart from how illegal and ethically insane that is on multiple levels, about 85% of our users pick shit like anime characters and memes for their avatar).

Or how about we make a Microsoft Store app, even though the vast majority of our end users are students using cheap Android phones, older iPhones, Macbooks and Chromebooks.

😡

Anyway, now that I have dressed up my Christmas tree with some manager intestines...

Best of 2020:

I got to play through my Steam backlog, work on hobby projects, and watch a lot of YouTube.

All this pandemic insanity has convinced me all the more that I want to work way more in Rust, and publish way more on open source projects.

I became maintainer/collaborator on a bunch of semi-prominent libraries & frameworks, and while no community is perfect, I enjoy my laid-back coffee-fueled debugging on those packages much more than listening to another crack addicted cocksucker in a suit explain their half-assed A/B test idea to me at 9AM.

So, 2021 will be me half-assing through the spaghetti at my official fuckfest of a job so I can keep filling my bank account — and investing way more time and effort into stuff I find truly engaging, into projects with a heart and a soul.

Our website once had it’s config file (“old” .cgi app) open and available if you knew the file name. It was ‘obfuscated’ with the file name “Name of the cgi executable”.txt. So browsing, browsing.cgi, config file was browsing.txt.
After discovering the sql server admin password in plain text and reporting it to the VP, he called a meeting.
VP: “I have a report that you are storing the server admin password in plain text.”
WebMgr: “No, that is not correct.”
Me: “Um, yes it is, or we wouldn’t be here.”
WebMgr: “It’s not a network server administrator, it’s SQL Server’s SA account. Completely secure since that login has no access to the network.”
<VP looks over at me>
VP: “Oh..I was not told *that* detail.”
Me: “Um, that doesn’t matter, we shouldn’t have any login password in plain text, anywhere. Besides, the SA account has full access to the entire database. Someone could drop tables, get customer data, even access credit card data.”
WebMgr: “You are blowing all this out of proportion. There is no way anyone could do that.”
Me: “Uh, two weeks ago I discovered the catalog page was sending raw SQL from javascript. All anyone had to do was inject a semicolon and add whatever they wanted.”
WebMgr: “Who would do that? They would have to know a lot about our systems in order to do any real damage.”
VP: “Yes, it would have to be someone in our department looking to do some damage.”
<both the VP and WebMgr look at me>
Me: “Open your browser and search on SQL Injection.”
<VP searches on SQL Injection..few seconds pass>
VP: “Oh my, this is disturbing. I did not know SQL injection was such a problem. I want all SQL removed from javascript and passwords removed from the text files.”
WebMgr: “Our team is already removing the SQL, but our apps need to read the SQL server login and password from a config file. I don’t know why this is such a big deal. The file is read-only and protected by IIS. You can’t even read it from a browser.”
VP: “Well, if it’s secured, I suppose it is OK.”
Me: “Open your browser and navigate to … browse.txt”
VP: “Oh my, there it is.”
WebMgr: “You can only see it because your laptop had administrative privileges. Anyone outside our network cannot access the file.”
VP: “OK, that makes sense. As long as IIS is securing the file …”
Me: “No..no..no.. I can’t believe this. The screen shot I sent yesterday was from my home laptop showing the file is publicly available.”
WebMgr: “But you are probably an admin on the laptop.”
<couple of awkward seconds of silence…then the light comes on>
VP: “OK, I’m stopping this meeting. I want all admin users and passwords removed from the site by the end of the day.”

Took a little longer than a day, but after reviewing what the web team changed:
- They did remove the SQL Server SA account, but replaced it with another account with full admin privileges.
- Replaced the “App Name”.txt with centrally located config file at C:\Inetpub\wwwroot\config.txt (hard-coded in the app)
When I brought this up again with my manager..
Mgr: “Yea, I know, it sucks. WebMgr showed the VP the config file was not accessible by the web site and it wasn’t using the SA password. He was satisfied by that. Web site is looking to beat projections again by 15%, so WebMgr told the other VPs that another disruption from a developer could jeopardize the quarterly numbers. I’d keep my head down for a while.”

It's funny to see how a coworker of mine and me are very similar minded on some privacy stuff. He's a very cool/open guy and just a regular consumer (used the default services etc) but he shares quite some of my views. This is a convo we had today:

*got to the WhatsApp subject somehow*
Him: oh right, you didn't use that haha
Me: yeah 😅
Him: why was that again, privacy reasons or something, right? xD
Me: uhm yes *help*
Him: Well fair enough.
Me: so you'd think I'm right? I mean it uses end to end crypto... (I'm entirely with him in the next few lines but I always approach it carefully)
Him: they veeeery probably have some kinda fucking masterkey.
Me: why'd you think that?
Him: it has over a billion users, the owner is facebook, fb is directly integrated with several mass surveillance programs, they are known to work closely with one particular one, the intelligence interests are way too high for letting such an opportunity pass and after all, THE FUCKER IS CLOSED SOURCE AKA NO ONE CAN FUCKING VERIFY THE CRYPTO NOR THE APP ITSELF.
Me: I agree haha 😅
Him: it's not rocket science, it's modern day mass tracking/surveillance logic :)

I like that guy.

Privacy & security violations piss me off. Not to the point that I'll write on devRant about it, but to the point that coworkers get afraid from the bloodthirsty look in my eyes.

I know all startups proclaim this, but the one I work at is kind of industry-disrupting. Think Uber vs taxi drivers... so we have real, malicious enemies.

Yet there's still this mindset of "it won't happen to us" when it comes to data leaks or corporate spying.

Me: "I noticed we are tracking our end users without their consent, and store not just the color of their balls, but also their favorite soup flavor and how often they've cheated on their partner, as plain text in the system for every employee to read"

Various C-randomletter-Os: "Oh wow indubitably most serious indeed! Let's put 2 scrumbag masters on the issue, we will tackle this in a most agile manner! We shall use AI blockchains in the elastic cloud to encrypt those ball-colors!"

NO WHAT I MEANT WAS WHY THE FUCK DO WE EVEN STORE THAT INFORMATION. IT DOES IN NO WAY RELATE TO OUR BUSINESS!

"No reason, just future requirements for our data scientists"

I'M GRABBING A HARDDRIVE SHREDDER, THE DB SERVER GOES FIRST AND YOUR PENIS RIGHT AFTER THAT!

(if it's unclear, ball color was an optimistic euphemism for what boiled down to an analytics value which might as well have been "nigger: yes/no")

Data scientist: we need to whitelist a pod to connect to a database
Me: Whitelist? We don't use whitelists on private databases
DS: It's the new data warehouse database
Me: is it on <X> VPC?
DS: I'm not sure what that means but its ip is <real world ipv4>
Me: Are you hosting a publicly accessible database with all our end users information?!
DS: ...
Me: There goes our SOC2 audit controls...
DS: how long until you can white list it?
Me: I won't be whitelisting it. You need to put it on a private VPC and peer with the cluster, you'll have to rebuild all the Terraform and redeploy
DS: We didn't use Terraform because it takes too long, just white list the pods IP.
Me: No. I'm contacting the CISO and CTO...

Buckle up kids, this one gets saucy.

At work, we have a stress test machine that trests tensile, puncture and breaking strength for different materials used (wood construction). It had a controller software update that was supposed to be installed. I was called into the office because the folks there were unable to install it, they told me the executable just crashed, and wanted me to take a look as I am the most tech-savvy person there.

I go to the computer and open up the firmware download folder. I see a couple folders, some random VBScript file, and Installation.txt. I open the TXT, and find the first round of bullshit.

"Do not run the installer executable directly as it will not work. Run install.vbs instead."

Now, excuse me for a moment, but what kind of dick-cheese-sniffing cockmonger has end users run VBScript files to install something in 2018?! Shame I didn't think of opening it up and examining it for myself to find out what that piece of boiled dogshit did.

I suspend my cringe and run it, and lo and behold, it installs. I open the program and am faced with entering a license key. I'm given the key by the folks at the office, but quickly conclude no ways of entering it work. I reboot the program and there is an autofilled key I didn't notice previously. Whatever, I think, and hit OK.

The program starts fine, and I try with the login they had previously used. Now it doesn't work for some reason. I try it several times to no avail. Then I check the network inspector and notice that when I hit login, no network activity happens in the program, so I conclude the check must be local against some database.

I browse to the program installation directory for clues. Then I see a folder called "Databases".

"This can't be this easy", I think to myself, expecting to find some kind of JSON or something inside that I can crawl for clues. I open the folder and find something much worse. Oh, so much worse.

I find <SOFTWARE NAME>.accdb in the folder. At this point cold sweat is already running down my back at the sheer thought of using Microsoft Access for any program, but curiosity takes over and I open it anyway.

I find the database for the entire program inside. I also notice at this point that I have read/write access to the database, another thing that sent my alarm bells ringing like St. Pauls cathedral. Then I notice a table called "tUser" in the left panel.

Fearing the worst, I click over and find... And you knew it was coming...

Usernames and passwords in plain text.

Not only that, they're all in the format "admin - admin", "user - user", "tester - tester".

I suspend my will to die, login to the program and re-add the account they used previously. I leave the office and inform the peeps that the program works as intended again.

I wish I was making this shit up, but I really am not. What is the fucking point of having a login system at all when your users can just open the database with a program that nowadays comes bundled with every Windows install and easily read the logins? It's not even like the data structure is confusing like minified JSON or something, it's literally a spreadsheet in a program that a trained monkey could read.

God bless them and Satan condemn the developers of this fuckawful program.

Wow... this is the perfect week for this topic.

Thursday, is the most fucked off I’ve ever been at work.

I’ll preface this story by saying that I won’t name names in the public domain to avoid anyone having something to use against me in court. But, I’m all for the freedom of information so please DM if you want to know who I’m talking about.

Yesterday I handed in my resignation, to the company that looked after me for my first 5 years out of university.

Thursday was my breaking point but to understand why I resigned you need a little back story.

I’m a developer for a corporate in a team of 10 or so.

The company that I work for is systemically incompetent and have shown me this without fail over the last 6 months.

For the last year we’ve had a brilliant contracted, AWS Certified developer who writes clean as hell hybrid mobile apps in Ion3, node, couch and a tonne of other up to the minute technologies. Shout out to Morpheus you legend, I know you’re here.

At its core my job as a developer is to develop and get a product into the end users hands.

Morpheus was taking some shit, and coming back to his desk angry as fuck over the last few months... as one of the more experienced devs and someone who gives a fuck I asked him what was up.

He told me, company want their mobile app that he’s developed on internal infrastructure... and that that wasn’t going to work.

Que a week of me validating his opinion, looking through his work and bringing myself up to speed.

I came to the conclusion that he’d done exactly what he was asked to, brilliant Work, clean code, great consideration to performance and UX in his design. He did really well. Crucially, the infrastructure proposed was self-contradicting, it wouldn’t work and if they tried to fudge it in it would barely fucking run.

So I told everyone I had the same opinion as him.

4 months of fucking arguing with internal PMs, managers and the project team go by... me and morpheus are told we’re not on the project.

The breaking point for me came last Wednesday, given no knowledge of the tech, some project fannies said Morpheus should be removed and his contract terminated.

I was up in fucking arms. He’d done everything really well, to see a fellow developer take shit for doing his job better than anyone else in [company] could was soul destroying.

That was the straw on the camels back. We don’t come to work to take shit for doing a good job. We don’t allow our superiors to give people shit in our team when they’re doing nothing but a good job. And you know what: the opinion of the person that knows what they’re talking about is worth 10 times that of the fools who don’t.

My manager told me to hold off, the person supposed to be supporting us told me to stand down. I told him I was going to get the app to the business lead because he fucking loves it and can tell us if there’s anything to change whilst architecture sorts out their outdated fucking ideas.

Stand down James. Do nothing. Don’t do your job. Don’t back Morpheus with his skills and abilities well beyond any of ours. Do nothing.

That was the deciding point for me, I said if Morpheus goes... I go... but then they continued their nonsense, so I’m going anyway.

I made the decision Thursday, and Friday had recruiters chomping at the bit to put the proper “senior” back in my title, and pay me what I’m worth.

The other issues that caused me to see this company in it’s true form:
- I raised a key security issue, documented it, and passed it over to the security team.
- they understood, and told the business users “we cannot use ArcGIS’ mobile apps, they don’t even pretend to be secure”
- the business users are still using the apps going into the GDPR because they don’t understand the ramifications of the decisions they’re making.

I noticed recently that [company] is completely unable to finish a project to time or budget... and that it’s always the developers put to blame.

I also noticed that middle management is in a constant state of flux with reorganisations because in truth the upper managers know they need to sack them.

For me though, it was that developers in [company], the people that know what they’re talking about; are never listened to.

Fuck being resigned to doing a shit job.

Fuck this company. On to one that can do it right.

Morpheus you beautiful bastard I know you’ll be off soon too but I also feel I’ve made a friend for life. “Private cloud” my arse.

Since making the decision Thursday I feel a lot more free, I have open job offers at places that do this well. I have a position of power in the company to demand what I need and get it. And I have the CEO and CTO’s ears perking up because their department is absolutely shocking.

Freedom is a wonderful feeling.

!!privacy
!!political

I had a discussion with a coworker earlier.

I owed him for lunch the other day, and he suggested I pay him back either with cash (which I didn't have), Venmo, or just by him lunch the next time (which I ended up doing).

I asked about Venmo, and he said it was like paypal, but always free. that sounded a bit off -- because how are they in business if it's always free? -- so I looked it up, and paid special attention to their privacy policy.

The short of it: they make money by selling your information. That's worth far more than charging users a small fee when sending $5 every few weeks. Sort of what I expected when I heard "always free," but what surprised me is just how much they collect. (In retrospect, I really shouldn't have been surprised at all...)

Here's an incomplete list:
* full name, physical address, email, DoB, SSN (or other government IDs, depending on country)
* Complete contact list (phone numbers, names, photos)
* Browser/device fingerprint
* (optional) Your entire Facebook feed and history
* (optional) all of your Facebook friends' contact info
* Your Twitter feed
* Your FourSquare activity
(The above four ostensibly for "fraud prevention")
* GPS data
* Usage info about the actual service
* Other users' usage info (e.g. mentioning you)
* Financial info (the only thing not shared with third parties)

Like, scary?

And, of course, they share all of this with their parent company, PayPal. (The privacy policy does not specify what PayPal does with it, nor does it provide any links that might describe it, e.g. PayPal's "info-shared-by-third-parties" privacy policy)

So I won't be using Venmo. ever.

I mentioned all of this to my coworker, and he just doesn't understand. at all. He even asks "So what are they going do with that, send me ads? like they already do?"

I told him why I think it's scary. Everything from them freely selling all of your info, to someone being able to look through your entire online life's history, to being able to masquerade around as you, to even reproducing your voice (e.g. voice clips collected by google assistant), to grouping people by political affiliations.

He didn't have much to say about any of them, and actually thought the voice thing was really cool. (All I could think of was would happen if the "news" had that ability....) All of his other responses were "that doesn't bother me at all" and/or "using all of these services is so convenient."

but what really got me was his reaction to the last one.

I said, "If you're part of the NRA, for example, you'd be grouped with Republicans. If they sell all of this information, which they do, and they don't really care who buys it or what they do with it... someone could look through the data and very very easily target those political groups."

His response? "I don't have to worry about that. I'm a Democrat, and have always voted Democrat. I'll tell anyone that."

Like.
That's basically saying every non-democrat is someone you should be wary of and keep an eye on. That's saying Democrats are the norm and everyone else is deviant and/or wrong.

and I couldn't say anything after this because... no matter what I said, it would start a political conflict, and would likely end with me being fired (since the owner is also a democrat, and they're very buddy-buddy). "What if they target democrats?" -> "They already do!" or "What if democrats use it against others?" -> "They deserve it for being violent and racist, but we never would" (except, you know, that IRS/tea-party incident for example...)

But like, this is coming from someone who firmly believes conservatives are responsible for all of the violence and looting and rioting and mass shootings in the country. ... even when every single instance has been by committed by democrats. every. single. one.

Just...
jfl;askjfasflkj.

He doesn't understand the need for privacy, and his world view is just... he actually thinks everyone with different beliefs is wrong and dangerous.

I don't even know how to deal with people like this. and with how prevalent this mindset is... coupled with the aforementioned privacy concerns... it's honestly *terrifying.*

A programmer once explained Nietzsche like this:
A long time ago, god created the world, but forgot to leave a developer documentation, thus the whole world was like legacy code...
And humans are like the end user of this world, and some among them spent time studying it, using the Moral API, hoping to get a result of "http 200 ok" from our world for the peace of mind. But the true operation of this world is still yet unknown...
As time passes, humans begin to find that in Moral API, good and evil are two base classes, and all the other moral properties (like ethic, justice and stuff) are just other classes based on those two classes through multiple inheritance.
One day, when programmer Nietzsche was observing the world's runtime behavior, he came up with a question:
"Did god really use good and evil as base classes? Could it be that they are actually derived classes?"
Most of the world is currently in the favor of mankind, and god must've wrote individual user cases for it's end users, he thought.
This made Nietzsche thinking: if end users are considered into two cases: the strong and the weak, how would the world be designed base on its user story?
Let's think about the strong, they can bully the weak as they please, and there's nothing the weak can do to stop them. In this case whether the Moral API exists or not doesn't fulfill the need of the strong.
But when it comes to the weak, Nietzsche thinks that because the weak cannot fight the strong, they need to belittle bullying and praise the strong for being nice. When the weak does this, it covers their powerless state to some extent, making them look somehow equal to the strong by being capable of commenting.
God might have coded the Moral API to fit the weak's requirement, also adding some public methods for the weak to comment on the strong. If the strong takes care of the weak, they call him nice and good, if the strong bullies people, they call him bad and evil.
That's when Nietzsche realized, that good and evil are both derived classes from the weak, and the base class should be the strong and the weak.
Then he started a series of studies about the Moral API, and got some thesis that persuaded lots of other end users...

Lately, Namecheap has been forcing their users to change passwords once every six months. Otherwise, they bombard you with annoying popups. When I finally changed mine, this is how they did it on their end. I just can't deal with the irony of this whole situation...

So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)

Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.

Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.

Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.

It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.

I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.

So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.

I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.

Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.

An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:

"please reenter card number to validate."

Bupkiss. Dead end.

OR SO YOU WOULD THINK.

One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:

"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"

One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:

With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.

So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.

Oh boy, the startup managers are writing a roadmap today. Can't wait.

5 mIlLiOn DaIlY aCtIvE uSeRs By EnD oF Q1! (2022!!!)

1 MiLlIoN dAiLy ReVeNuE bY tOmOrRoW!

zErO bUgS aNd KnOwN iSsUeS iN sYsTeM bY 5Pm ToDaY!

tHoUsAnDs Of NeW cUsToMeRs WiThIn ThE nExT hOuR!

The list would be quite long.

I think Google is still making good tools, but just like Apple the integrations get all so tight and constricting... And with their data, if it goes wrong, it will go wrong hard.

I feel like YouTube is gliding into a state where cheap clickbait floats to the top and finding quality gets more difficult as well, their algorithm is more and more tuned to choose recent popular stuff over good older gems.

Microsoft is all pretend lovey dovey cuddling open source, but I'm still suspicious it's all a hug of death. I was never a big fan, but they're seriously dropping balls when it comes to windows-as-a-service, taking away so much personal control from end users even though they can't be trusted to babysit either.

Amazon is creeping it's way through the internet, charging $10/m to join the vip club infesting houses with spytubes to sell more plastic crap. Bezos' only right to keep wasting oxygen is BlueOrigin, but he'll probably fuck that up as well turning spaceflight into a decadent prime consumer orgy instead of something inspiring.

Facebook... Well, that's self explanatory. Fuck it, everything it pretends to be, and everyone who still has an account with a rusty spike.

Uber and AirBnB, with their fake ass mission of a green shared economy, but they trample over employees, customers and neighbors to build their ivory towers of progressive illusions.

Then there's a million declining brands.

I liked Skype for example when it was first released, Just like how I started out liking (and then hating) Discord, Slack, etc... They're all tools which seem fast and easy, but then they get us further away from solid protocols, get us entrenched into limiting, bloated and sometimes even dangerous tools. As my dad used to say: "Companies are like women, if you go for cheap, fast and easy you'll end up with a burning dick and half your savings gone"

You know what, fuck all tech companies.

OK, devrant is still pretty nice... For now.

1. Try to stay sane in startup chaos
2. Use more vacation days
3. Separate work and free time a bit more
4. Get out into nature more
5. Hire 50+ good developers & get company to 15M active end users while doing all of the above

It's funny. Although I try to only use open source software which is free (at least as in freedom but also as in beer mostly), I'd gladly pay for using it!
But no way on fucking earth I'd pay for proprietary software.

Why?

Because I'd love to support the people behind the free software! They made something awesome and the most awesome thing is, they made it in a way that ensures that the end users can modify it to suit their needs! That's so fucking awesome!

That's why I'd never pay for proprietary software. Can it have awesome features? Yes, of course! But can anyone except for the devs easily modify it to suit their needs? No. And that's why I'd never pay for it.

Well, it all started off with hardware-level programming involving jumpers and stuff like that... Then came Assembly, which was good.. B, C compilers. Finally came the interpreted languages, and that's where in my opinion the abstraction should've ended. But no, we needed more frameworks, more libraries, even more abstraction! Where does it end? As it seems to be going, I guess that users will have kid toys - no iToys! - for electronics and we'll be programming on with bloated Scratch GUI's. Nothing against Scratch, but that shit ain't proper programming anymore. God I can't wait for the future.

ABSTRACT ALL THE THINGS!!!

Oh and not to mention that all software will be governed in political correctness by some Alex SJW AI shit that became sentient. Not a single programming term will be non-offensive anymore, no matter how hard you try to not offend anyone, or God forbid - don't care about it because you just want to make something that's readable, usable and working!! Terms, UI names for buttons, heck even icons! REMOVE IT BECAUSE IT OFFENDS SOMEONE THAT I DON'T EVEN KNOW JACK SHIT ABOUT!!!

What I'm posting here is my 'manifesto'/the things I stand for. You may like it, you may hate it, you may comment but this is what I stand for.

What are the basic principles of life? one of them is sharing, so why stop at software/computers?
I think we should share our software, make it better together and don't put restrictions onto it. Everyone should be able to contribute their part and we should make it better together. Of course, we have to make money but I think that there is a very good way in making money through OSS.

Next to that, since the Snowden releases from 2013, it has come clear that the NSA (and other intelligence agencies) will try everything to get into anyone's messages, devices, systems and so on. That's simply NOT okay.
Our devices should be OUR devices. No agency should be allowed to warrantless bypass our systems/messages security/encryptions for the sake of whatever 'national security' bullshit. Even a former NSA semi-director traveled to the UK to oppose mass surveillance/mass govt. hacking because he, himself, said that it doesn't work.

We should be able to communicate freely without spying. Without the feeling that we are being watched. Too badly, the intelligence agencies of today do not want us to do this and this is why mass surveillance/gag orders (companies having to reveal their users' information without being allowed to alert their users about this) are in place but I think that this is absolutely wrong. When we use end to end encrypted communications, we simply defend ourselves against this non-ethical form of spying.
I'm a heavy Signal (and since a few days also Riot.IM (matrix protocol) (Riot.IM with end to end crypto enabled)), Tutanota (encrypted email) and Linux user because I believe that only those measures (open source, reliable crypto) will protect against all the mass spying we face today.
The applications/services I strongly oppose are stuff like WhatsApp (yes, encryted messages but the metadata is readily available and it's closed source), skype, gmail, outlook and so on and on and on.

I think that we should OWN our OWN data, communications, browsing stuffs, operating systems, softwares and so on.

This was my rant.

End users - the verb seems better than the noun!

So yesterday our team got a new toy. A big ass 4k screen to display some graphs on. Took a while to assemble the stand, hang the TV on that stand, but we got there.

So our site admin gets us a new HDMI cable. Coleague told us his lappy supports huge screens as he used to plug his home TV in his work lappy while WFHing. He grabs that HDMI, plugs one end into the screen, another - into his lappy and

.. nothing...
Windows does not recognize any new devices connected. The screen does not show any signs of any changes. Oh well..

Site IT admin installs all the updates, all the new drivers, upgrades BIOS and gives another try.

Nothing.

So naturally the cable is to blame. The port is working for him at home, so it's sure not port's fault. Also he uses his 2-monitor setup at work, so the port is 100% working!

I'm curious. What if..... While they are busy looking for another cable, I take that first one, plug it into my Linux (pretty much stock LinuxMint installation w/ X) lappy,

3.. 2.. 1..

and my desktop is now on the big ass 4k fat screen.

Folks. Enough bitching about Linux being picky about the hardware and Windows being more user friendly, having PnP and so. I'm not talking about esoteric devices. I'm talking about BAU devices that most of home users are using. A monitor, a printer, a TV screen, a scanner, wireless/usb speaker/mouse/keyboard/etc...
Linux just works. Face it

P.S. today they are still trying to make his lappy work with that TV screen. No luck yet.

I'm sure this has probably been posted before, but it never fails to drive me nuts, and customers never stop doing it, so:

Why do end users think "it's broken" is all they have to put into the support ticket?

It's a web app, not a goddamn pretzel.

If the turn signal on your car stops working, do you drop your car off at the mechanic, hand them the keys, and say "its broken, fix it!"?

While I'm on the topic, "I tried to do {x} and it gave an error" is better than "its broken", but still: why do you think what the actual error says would be completely irrelevant, especially when we put in the effort to give you relatively meaningful error messages?

I mean, is "there was a problem sending the email" so utterly gibberish to you that it is indistinguishable from "error: 0x000351e6"?

If so, I'm sorry, but you're too stupid to use a goddamn computer!

Continuation of the story with Linux Mint 20 Cinnamon on the old Core2 Duo with 2 GB RAM and HDD. The guy has had that PC under Linux for 1.5 months now, had never had Linux before, has no IT background, and is over 70.

Upon visit, I checked how the machine was doing. OK, he had forgotten to apply the updates, so I highlighted paying attention to the red icon in the tray. Launched the updates, all ran through.

Otherwise, he had managed to install Skype all by himself (network effect because of his family...) and had bought a webcam plus a microphone. Linux had just recognised everything without any fuzz. Even his Skype buddies were impressed, he said.

On top of that, he likes how much faster that PC is compared to his much more current Win 10 laptop and actually uses the old Linux PC more than the laptop.

He also enjoys that Linux doesn't do weird things all by itself all the time. That's not his experience with Win 10.

Front-end vs backend

Let me tell you a story:
One upon a time poor lil PonySlaystation received a call. It was a nice guy who cried about his WordPress website had been hacked. So the clusterfuck began...

He gave me the login credentials for the hosting back-end, DB, FTP and CMS.
A hacked WP site was not new for me. It was probably the 6th of maybe 10 I had to do with.
What I didn't expect was the hosting back-end.
Imagine yourself back in 1999 when you tried to learn PHP and MySQL and all was so interesting and cool and you had infinite possibilities! Now forget all these great feelings and just take that ancient technology to 2018 and apply it to a PAID FUCKING HOSTING PROVIDER!
HOLY FUCKING ASSRAPE!
Wanna know what PHP version?
5.3.11, released the day before gomorrah was wiped.
The passwords? Stored in fucking plaintext. Shown right next to the table name and DB user name in the back-end. Same with FTP users.
EXCUSE ME, WHAT THE FUCK?!

I have to call Elon Musk and order some Boring Company Flame Throwers to get rid of this.

Long story long, I set up a new WP, changed all passwords and told the nice guy to get a decent hoster.

So today was the worst day of my whole (just started) career.

We have a huge client like 700k users. Two weeks ago we migrated all their services to our aws infrastructure. I basically did most of the work because I'm the most skilled in it (not sure anymore).

Today I discovered:
- Mail cron was configured the wrong way so 3000 emails where waiting to be sent.
- The elastic search service wasn't yet whitelisted so didn't work for two weeks.
- The cron which syncs data between production db en testing db only partly worked.

Just fucking end me. Makes me wonder what other things are broken. I still have a lot to learn... And I might have fucked their trust in me for a bit.

>> this === rant
<< true

At beginning of this year, I only knew HTML, JS, and CSS so I just applied for offers like "Jr Apprentice Dev in Front-End"
In a interview call, the woman told me that they will send me a test asking about my JS and HTML5 knowledge.
When I look in my inbox, the mail subject says "Back-end Test".

Then I call the woman:

Me: "Hello, I have received the test mail, but maybe it's wrong. I applied for a Front-End position and the test is about backend! "

She: "Do you have skills in JS and HTML5?"

Me: "Yes!, and CSS3"

She: "Well, the test is about that. JS, jQuery, and HTML5"

Me: "..."

Me: "Sorry, that languages are Front-End. In the subject say 'Back-End' and Back-End is PHP, SQL, MySQL, Java, .Net... I don't know nothing about that. I only know HTML, JS, CSS."

She: "It's the same"

Me: "I sorry but it's not the same. Fron-End is client-side, what users sees. Animation, colors, FXs, buttons, forms... And Back-End is server-side, what users doesn't see."

She: "Well, JS, HTML, and CSS is backend for us. We call it that way too"

Me: "Sorry but that is wrong. I invite you to read some basic info. Now I am confused"

Of course that I am not confused. That idi0t was wrong.
Perhaps recruiters should take some info about areas where they are recruiting... (:T)

This rant is particularly directed at web designers, front-end developers. If you match that, please do take a few minutes to read it, and read it once again.

Web 2.0. It's something that I hate. Particularly because the directive amongst webdesigners seems to be "client has plenty of resources anyway, and if they don't, they'll buy more anyway". I'd like to debunk that with an analogy that I've been thinking about for a while.

I've got one server in my home, with 8GB of RAM, 4 cores and ~4TB of storage. On it I'm running Proxmox, which is currently using about 4GB of RAM for about a dozen VM's and LXC containers. The VM's take the most RAM by far, while the LXC's are just glorified chroots (which nonetheless I find very intriguing due to their ability to run unprivileged). Average LXC takes just 60MB RAM, the amount for an init, the shell and the service(s) running in this LXC. Just like a chroot, but better.

On that host I expect to be able to run about 20-30 guests at this rate. On 4 cores and 8GB RAM. More extensive migration to LXC will improve this number over time. However, I'd like to go further. Once I've been able to build a Linux which was just a kernel and busybox, backed by the musl C library. The thing consumed only 13MB of RAM, which was a VM with its whole 13MB of RAM consumption being dedicated entirely to the kernel. I could probably optimize it further with modularization, but at the time I didn't due to its experimental nature. On a chroot, the kernel of the host is used, meaning that said setup in a chroot would border near the kB's of RAM consumption. The busybox shell would be its most important RAM consumer, which is negligible.

I don't want to settle with 20-30 VM's. I want to settle with hundreds or even thousands of LXC's on 8GB of RAM, as I've seen first-hand with my own builds that it's possible. That's something that's very important in webdesign. Browsers aren't all that different. More often than not, your website will share its resources with about 50-100 other tabs, because users forget to close their old tabs, are power users, looking things up on Stack Overflow, or whatever. Therefore that 8GB of RAM now reduces itself to about 80MB only. And then you've got modern web browsers which allocate their own process for each tab (at a certain amount, it seems to be limited at about 20-30 processes, but still).. and all of its memory required to render yours is duplicated into your designated 80MB. Let's say that 10MB is available for the website at most. This is a very liberal amount for a webserver to deal with per request, so let's stick with that, although in reality it'd probably be less.

10MB, the available RAM for the website you're trying to show. Of course, the total RAM of the user is comparatively huge, but your own chunk is much smaller than that. Optimization is key. Does your website really need that amount? In third-world countries where the internet bandwidth is still in the order of kB/s, 10MB is *very* liberal. Back in 2014 when I got into technology and webdesign, there was this rule of thumb that 7 seconds is usually when visitors click away. That'd translate into.. let's say, 10kB/s for third-world countries? 7 seconds makes that 70kB of available network bandwidth.

Web 2.0, taking 30+ seconds to load a web page, even on a broadband connection? Totally ridiculous. Make your website as fast as it can be, after all you're playing along with 50-100 other tabs. The faster, the better. The more lightweight, the better. If at all possible, please pursue this goal and make the Web a better place. Efficiency matters.

“Don’t learn multiple languages at the same time”

Ignored that. Suddently I understood why he said that. Mixed both languages. In holiday rechecked it and it was ok.

Sometimes mistakes can lead to good things. After relearning I understood it much better.

“Don’t learn things by head” was another one. Because that’s useless. If you want to learn a language, try to understand it.
I fully agree with that. I started that way too learning what x did what y did, ... But after a few I found out this was inutile. Since then, I only have problems with Git

Another one. At release of Swift, my code was written in Obj-C. But I would like to adopt Swift. This was in my first year of iOS development, if I can even call it development. I used these things called “Converters”. But 3/4 was wrong and caused bugs. But the Issues in swift could handle that for me. After some time one told me “Stop doing that. Try to write it yourself.”

One of the last ones: “Try to contribute to open source software, instead of creating your own version of it. You won’t reinvent the wheel right? This could also be usefull for other users.”

Next: “If something doesn’t work the first time, don’t give up. Create Backups” As I did that multiple times and simply deleted the source files. By once I had a problem no iOS project worked. Didn’t found why. I was about to delete my Mac. Because of Apple’s WWDR certificate. Since then I started Git. Git is a new way of living.

Reaching the end: “We are developers. Not designers. We can’t do both. If a client asks for another design because they don’t like the current one tell them to hire one” - Remebers me one of my previous rants about the PDF “design”

Last one: “Clients suck. They will always complain. They need a new function. They don’t need that... And after that they wont bill ya for that. Because they think it’s no work.”

Sorry, forgot this one: “Always add backdoors. Many times clients wont pay and resell it or reuse it. With backdoors you can prohibit that.”

I think these are all things I loved they said to me. Probably forgot some.

Rant.
So I work in the service desk and the moment and one of our clients use Mac's.

One of the end users called up saying that it was being slow and sluggish.
End user: hi my Mac is being slow.

Me: when did you last reboot it?
End user: last night
*Remotely connects*
*Runs uptime in terminal*
Me: are you sure you rebooted it last night?
End user: yes I close the lid every night...

The up time was 68 days...

[ATTENTION if you're an apple fan this rant could hurt your religion]
- I used a mc for about 12 hours, only to fix the ios version of an app in Xamarin, it was a nightmare:
- I took the only free mac available, it's the latest macbook pro with the "amazing" touch bar, mac os wash freshly reinstalled
- I switch it on, set it up and after few minutes the screen become black, I thought went in standby (the "amazing" touch bar still was working), I try to switch it on but nothing, I asked for help to mac users in office and they choose a genius solution: forced switch off and on
- Finally after took all the adapters I can start to work
- I notice that's not possible to snap 2 or more windows (without 3rd party apps)
- It's not possible to automatically enlarge the Window almost full screen without cover the bottom and top bar, there is only full screen option but it's not the best
- Inverted scroll by default, on mouse doesn't make sense (on trackpad and touch screen yes)
- Multimonitor sucks...and it doesn't recognize 2 monitors connected in chain
- It's not possible disable standby if you're on battery and you close the lid
- Too often I had to see that annoying rainbow progress also for stupid actions
- Like Windows it's not possible to install 2 software at same time
- Like Windows after some updates is required to reboot
- Finally I switched back to my lovely Dell XPS 15 with Windows 10, but I had to go back on the mac for one more fix, so I search again for the adaptor, I reconnect everything and mouse and keyboard doesn't work, after few minutes the mac reboot by himself and appear a crash report dialog...of course I send them a nice feedback
- At the end of the day, as the mac asked more than once, I install the updates... after about an hour, when we try to switch it on again, it doesn't... so once again forced switch off and on

if you want to use it for nice picture on Facebook or Instagram "just woks" ... but for serious work I'm so grateful to choose a Dell XPS 15 with Windows 10

--- iOS-Jailbreak-AppStore "Cydia" shuts down ---

This Friday, Jay Freeman, the maintainer of the iOS-Jailbreak-AppStore "Cydia", announced that he will shut-down his services.
"Cydia" is a app store for people that jailbreaked their iPhones and allows them to buy and download apps. Apple's AppStore doesn't allow jailbreaked apps, that's the reason it was created in 2009.

Jay Freeman, also known as "Saurik", explained that he wanted to shut down the service at the end of 2018 anyways.
Now, a recent security issue, threatening the data of all users, caused that the store no longer existed with immediate effect.
In addition to the security issue, "Cydia" was said to be no more profitable.
To calm you breakers down: Previous purchases can still be downloaded!

The software itself will continue to exist, but without a back-end for payments and stuff like that. Users are still able to do payments through third-party repositories, which already happened anyway, so that lowers the impact of the shut-down.

Just like "Cydia", other services are shutting down too.
One of the three big Cydia-repositories, ModMyi, said they wont allow any new apps and archived all existing ones.
ZodTTD and MacCiti will also be discontinued.
"Bigboss" is the only repository remaining.

Jailbreaks just lost their popularity over the last years. There's still no jailbreak for iOS 11! This shows that Apple is getting better and better at preventing jailbreaks.
On the other hand, it shows that the need for jailbreaks is not quite as high anymore and therefore the developers don't spend too much energy for breaking up iOS anymore.

Did you use Cydia, or any of the other services? Write us in the comments!

Thanks for reading!

I've found and fixed any kind of "bad bug" I can think of over my career from allowing negative financial transfers to weird platform specific behaviour, here are a few of the more interesting ones that come to mind...

#1 - Most expensive lesson learned

Almost 10 years ago (while learning to code) I wrote a loyalty card system that ended up going national. Fast forward 2 years and by some miracle the system still worked and had services running on 500+ POS servers in large retail stores uploading thousands of transactions each second - due to this increased traffic to stay ahead of any trouble we decided to add a loadbalancer to our backend.

This was simply a matter of re-assigning the IP and would cause 10-15 minutes of downtime (for the first time ever), we made the switch and everything seemed perfect. Too perfect...

After 10 minutes every phone in the office started going beserk - calls where coming in about store servers irreparably crashing all over the country taking all the tills offline and forcing them to close doors midday. It was bad and we couldn't conceive how it could possibly be us or our software to blame.

Turns out we made the local service write any web service errors to a log file upon failure for debugging purposes before retrying - a perfectly sensible thing to do if I hadn't forgotten to check the size of or clear the log file. In about 15 minutes of downtime each stores error log proceeded to grow and consume every available byte of HD space before crashing windows.

#2 - Hardest to find

This was a true "Nessie" bug.. We had a single codebase powering a few hundred sites. Every now and then at some point the web server would spontaneously die and vommit a bunch of sql statements and sensitive data back to the user causing huge concern but I could never remotely replicate the behaviour - until 4 years later it happened to one of our support staff and I could pull out their network & session info.

Turns out years back when the server was first setup each domain was added as an individual "Site" on IIS but shared the same root directory and hence the same session path. It would have remained unnoticed if we had not grown but as our traffic increased ever so often 2 users of different sites would end up sharing a session id causing the server to promptly implode on itself.

#3 - Most elegant fix

Same bastard IIS server as #2. Codebase was the most unsecure unstable travesty I've ever worked with - sql injection vuns in EVERY URL, sql statements stored in COOKIES... this thing was irreparably fucked up but had to stay online until it could be replaced. Basically every other day it got hit by bots ended up sending bluepill spam or mining shitcoin and I would simply delete the instance and recreate it in a semi un-compromised state which was an acceptable solution for the business for uptime... until we we're DDOS'ed for 5 days straight.

My hands were tied and there was no way to mitigate it except for stopping individual sites as they came under attack and starting them after it subsided... (for some reason they seemed to be targeting by domain instead of ip). After 3 days of doing this manually I was given the go ahead to use any resources necessary to make it stop and especially since it was IIS6 I had no fucking clue where to start.

So I stuck to what I knew and deployed a $5 vm running an Nginx reverse proxy with heavy caching and rate limiting linked to a custom fail2ban plugin in in front of the insecure server. The attacks died instantly, the server sped up 10x and was never compromised by bots again (presumably since they got back a linux user agent). To this day I marvel at this miracle $5 fix.

God damn fucking Windows bullshit.

Why is the fuck does Microsoft HATE its users?

Latest updates, and no fuck Windows 11, completely BREAKS all of my WSL environments.

Home directories are gone, or the environments are corrupt and won't even run.

99% of the issues these dense shit-fucks cause are because they RaNdOmLy reboot for their dumbass updates instead of scheduling them with the end user. During these rebots, do you thing they wait for everything to shut down?

HELL NO!

They just shut that shit down like they fucking own it. Editors? Gone. Browsers? Gone. WSL Consoles? Gone. Docker containers? Gone. IEdge? Hey, we have great news, we made IE your default browser again! BTW, your upgrade to Windows 11 is free until we force you to upgrade!

I'm so fed up with it.....so fucking tired of it...

The only reason why I even use WSL these days is to ssh into my Linux devices or run some quick dev tests in containers. Why not use PuTTY for SSH? Because it fucking SUCKS that's why.

I'm feeling so many emotions right now over bullshit that shouldn't even be happening. I'm literally at the point that I'm just going to install Linux on this device and just create a Windows VM on one of my hosts so I can still do "work" things that involve leadership.

Story of a penguin fledgling, one of my end users whom I migrated from Win 7 to Linux Mint. She had been on Windows since Win 98 and still uses Windows at work.

Three months before. Me, Linux might not be as good, but Win 10 is even worse. User, mh.
Migration. User, looks different, but not bad.
One month later. User, it's nice, I like it.
Three months later. User, why does Windows reboot doing lengthy stuff?
Six months later. User, I hate Windows. Why is everyone using this crap?
One year later. Malware issues at work. User to IT staff, that wouldn't have happened with Linux. Me, that's the spirit!

Fuck Apple and its review system

So, this started in december. We wanted to publsih an app, after years of development.

Submit to review, and passes on the first try. Well, what do you know. We are on manual release option, so we can release together with the android counterpart. Well yes, but someone notices that the app name is not what was aggreed (App Name instead of AppName). Okay, should be easy, submit the same app, just the name changed. If it passed once, it will pass again, right? HAH

Rejected, because the description, why we use the device’s camera is too general. Well... its the purpose of the app... but whatever, i read the guidelines, okay, its actually documented with exapmles. BUT THEN WHY THE FUCK COULDNT YOU SAY THAT ON THE FIRST UPLOAD?

Whatever, fix it, new version, accepted, ready to release just in time.

It doesindeed roll out,but of course, we notice that the app has a giant issue, but only on specific phones. None of our test phones had this problem, but those who have, essentially cannot use our program. Nasty as it is, the fix is really easy, done in 5 minutes. Upload it asap, literally nothing changed from user point of view, except now it doesnt crash on said devices. Meanwhile 1 star reviews are arriving from these users - of course with all the right. Apple should allow this patch quickly, right? HAH

THE REAL BULLSHIT COMES NOW

With only config files changed, the same binary uploaded we get rejected? What now? Lets read it. “Metadata rejected, no need to upload new binary”.... oh fine only the store page is wrong? Easy. Read the message, what went wrong. “Referencing third party content is nit permitted on the app store” meaning that no android test device should be shown. Fine, your rules. They even send a picutre of the offending element. BUT ITS NOT EVEN ON THE STORE. THATS A SCREENSHOT OF THE APP. HOW IS THAT METADATA? I ask about this, and i get a reply, from either a bot, or a person who cant speak or read english, and only pasted a sample answer, repeating the previous message. WTF. Fine, i guess you are dumb, but since they stop replying to our queries, do the only sensible thing, re-record the offending tutorial video that actually contained an android device. This is about 2 weeks, after the first try to apply a simple patch to a broken app. And still, how did it pass the review 2 times?

Whatever, reupload again, play the waiting game for a week, when the promised average wait time is 2 days, they hit us with a message, that they want to know what patent we use in our apps core functionality. WTF WHY NOW? It didnt bother you for a month, let it release ti production and now you delay a simple patch for this? We send them what they know. Aaaaand they reply: sorry we need more time to review your app. FUUUUUUCKKK YOUUU. You are reviewing a PATCH with close to zero functional change!!! Then, this shit goes on, every week we ask about an ETA, always asking for patience... at the end it took another 3 weeks... so december 15 to jan 21 in total...

FOR. A. SINGLE. FUCKING. PATCH

Bottom line is what is infurating, apple cares that there is an android device in the tutorial video, but they dont care that a significant percentage of our users simply cannot use the app.

Im done

Just finished our BIG update including a big change in the backend (PHP => NODEJS). So I hope our users will enjoy this one because we are not yet public and our competitor get a lot of clients each day but if we compare our product to their product: Ours is responsive as fucked and have much more stability but less fonctionnalities so we have to add more fonctionnalities before releasing our product to the public. I hope we will be able in a few weeks! With only me and my back-end dev (My employee and friend at the same time) to work on it and they have 2 more devs to their team to use Bubble.. (They are now 6 or 8 devs (wannabes and using a drag and drop website) in total vs 2 (us) real programmers).

A well deserved night of sleep :P

Linux desktop fanboys: proprietary hardware support is a huge issue in all major Linux distros. It is the fault of the hardware companies.

Also Linux desktop fanboys: hardware issues are the fault of the beginner/novice end user.

Windows/mac users: *installs any component they want and has it work flawlessly without even having to read a single word from the manual*

I absolutely hate software that throws error message boxes that look identical to their "please enter new password" message box.

User called and said they needed their password reset. I give them a temp pin and tell them to press ok to the prompt and then put new password in. She says it is still saying invalid pin. This goes on for 10 minutes. I hang up and try on my laptop. Works fine. Then it hits me.

The message boxes look the same. Have the same width and height and shitty little yellow triangle with ! In the middle. The only difference between them is the text in size 9 font.

Gotta read people...cause sometimes the people developing your software assume you can. And to all the software people out there....end users don't want to fucking read.

OK< been a long time user of Unity.

Tried the latest update as I and others were enthusiastic about creating a joint project of gamers and developers.

As I was building up a started website and we were getting things with Unity ready...BOOM,. They Fuck up the installs.

Not just a minor thing here or there but not finding its own Fucking file locations where it installs shit. You try and say, Hey Unity you fucking twat, install here in this folder.

Boom again, it installs part of it there, and then continues installing shit everywhere else it wants to. Then the assholes at Unity give this Bullshit claim "the bug has been fixed."

Just reinstall.

Fuck you, its never that simple, You have to delete all sorts of fucking files to make sure conflicts from a previous corruption isn't just loaded on top of so it does not fuck up later.

So we did all that from programs, program data, program(x86), AppData Local, Local Low, and Roaming.

For added measure we manually removed all the crap from the registry folders (that was a pain but necessary), and then ran a cleaner to make sure all the left over shit was gone.

Thinking, OK you shit tech MoFo's we are clean and here we go.

HOLY SHIT BALLS, Its fucking worse with the LTS version it recommends and Slow as Fuck with their most recent version which is like 2020 itself, and insane piece of fucking bloated garbage and slower than a brick hard shit without fruit.

So we were going to all go post on the forums, and complain the fix section isn't fixed for shit.

Fuck us running backwards naked through a field of razor grass. Its so overloaded with complaints that they shut down further posts.

What makes this shit worse is we cannot even get the previous fucking versions of the editor before all this to work where our only option is without using the fucking Hub demand is just install 2018.

great if we started coding and testing in that. We cannot get shit where we were at back on track because you cannot fucking backward load an exported saved asset file.

Unity's suggestion? Start over.

Our Suggestion? Stop fucking smoking or using whatever fucking drug you assholes are on, you fucking disabled the gear options so we can resolve shit ourselves, and admit you did that shit and other sneaky piece of shit back stabby, security vulnerable data leak bullshit things to your end users.

Listen to your fucking experienced and long time users and get rid of the Fucking backward stepped hub piece of shit everyone with more brains than whatever piss ant pieces of shit praised that the rest of us have hated from day fucking one!

And while fixing this shit like it should be fucking fixed if you shit head bastards want to continue to exist as a fucking company, overhaul the fucking website or get the fuck out of business with now completely worthless SHIT.

Phew:
Suffice it to say....

We are now considering dealing with the learning curve and post pone our project going with unreal just because of these all around complete fuck ups that herald back to shit games of versions 3.0 and earlier.

Having pets is a good way to prepare yourself for working in a brown-field environment.

When your cat or dog shits on the floor, you get the same feeling as when you need to dive into a legacy code base.

You know you can't just leave it there, and yet you still want to find anything else to do except for touch the pile of shit in the middle of the room.

Meanwhile you know your users are going to end up trampling over it and mashing it into your carpet.

How devs should treat End users...

I'm starting to get sick of people calling out js for being what it is, a terrible pile of shit, without taking any effort learning the language. just because you wrote an app in java or python doesn't mean you're entitled to a free certificate in any language with a name that makes it sound easier.

in fact, I'd claim that for an experienced programmer, Java is much easier to pick up than JavaScript.

but, if all you want to do is sit here and complain, and you can find no joy in reading pages on end of documentation... well then, the only thing you're missing out on is the biggest fucking platform of the world. so don't worry I guess. it'll be fine. right? eventually the users will see that the web is just a nuisance for developers and they'll all start using native apps...

It's my second rant about Windows here in two days, but here we go:

Windows used to be a cool OS (and in part it still is). Yes, it's made for the end user, not power users, yes it has many flaws. But it was my gateway to computers and programming. I have fond memories of my first PC, playing around with the old win98 themes (my favorite was the baseball one!).

However, I am very disappointed now. I just had to basically force Windows 10 to stop hogging my bandwidth. It was an actual battle, with the OS simply (I kid you not) running update and other services EVEN AFTER I SPECIFICALLY DISABLED THEM. I just saw the Windows update service running, while its status was disabled. It's absurd.

Sorry Windows, but that's not what I want. I want to choose what happens on my own OS. Linux gives me exactly that, why can't you?

Let me tell you the story of how a feature request no one asked for got put in an early grave:

PM walks into weekly meeting with a single use case that one user called in about, despite never having this issue during the past year and a half that our app has been in production. PM's boss (genuinely one of the best people i have ever worked with) happens to sit in this particular meeting for no reason other than he felt like he should once in a while.

PM brings up use case and wants to devote 3 weeks' development time and another 3 weeks to test RIGHT NOW while other projects are already in motion. PM's boss speaks up with this: "Listen if this guy is really this upset, we can just tell him to build his own service. All the other end users have no problems with this, so it's not worth spending the resources on, i don't think."

And that is how i went from "this is bullshit" to "i love you" in the span of 20 minutes.

iPhones are ridiculously picky when it comes to finding a mate- um charger. And knowing why doesn't really make it any easier to understand why. If anything it baffles me more.

So, let's start with appliances that are not phones. Think Bluetooth headsets, keyboards, earbuds, whatever. Those are simple devices. They see 5V on the VCC line and 0V on ground, and they will charge at whatever current they are meant to. Usually it will not exceed 200mA, and the USB 2.0 spec allows for up to 500mA from any USB outlet. So that's perfectly reasonable to be done without any fuss whatsoever.

Phones on the other hand are smarter.. some might say too smart for their own good. In this case I will only cover Android phones, because while they are smarter than they perhaps should be, they are still reasonable.

So if you connect an Android phone to the same 5V VCC and 0V ground, while leaving the data lines floating, the phone will charge at 500mA. This is exactly to be within USB 2.0 spec, as mentioned earlier. Without the data lines, the phone has no way to tell whether it *can* pull more, without *actually* trying to pull more (potentially frying a charger that's not rated for it). Now in an Android phone you can tell it to pull more, in a fairly straightforward way. You just short the data lines together, and the phone will recognize this as a simple charger that it can pull 1A from. Note that shorting data lines is not a bad thing, we do it all the time. It is just another term for making a connection between 2 points. Android does this right. Also note that shorted data lines cannot be used to send data. They are inherently pulled to the same voltage level, probably 0V but not sure.

And then the iPhones come in, Thinking Different. The iPhones require you to pull the data lines to some very specific voltage levels. And of course it's terribly documented because iSheep just trying to use their Apple original white nugget charger overseas and shit like that. I do not know which voltage levels they are (please let me know!), but it is certainly not a regular short. Now you connect the iPhone to, say, a laptop or something to charge. An Android phone would just charge while keeping data transmission disabled (because they can be left floating or shorted). This is for security reasons mostly, preventing e.g. a malicious computer from messing with it. An iPhone needs to be unlocked to just charge the damn thing. I'm fairly sure that that's because the data lines need to be pulled up, which could in theory enable a malicious computer to still get some information in or out of it. USB data transmission works at at least 200mV difference between the data lines. It could be more than that. So you need to unlock it.

Apple, how about you just short your goddamn data lines too like everyone else? And while you're at it, get rid of this Lightning connector. I get it, micro USB was too hard for your users. I guess they are blind pigs after all. But USB-C solved all of that and more. The only difference I can think of is that the Lightning connector can be a single board with pads on either side on the connector, while in USB-C that could be at the socket end (socket being less common to be replaced). And at the end of the day, that really doesn't matter with all the other things that will break first.

Think Different. Think Retarded. Such tiny batteries and you can't even fucking charge them properly.

Worst collaboration experience story?

I was not directly involved, it was a Delphi -> C# conversion of our customer returns application.

The dev manager was out to prove waterfall was the only development methodology that could make convert the monolith app to a lean, multi-tier, enterprise-worthy application.

Starting out with a team of 7 (3 devs, 2 dbas, team mgr, and the dev department mgr), they spent around 3 months designing, meetings, and more meetings. Armed with 50+ page specification Word document (not counting the countless Visio workflow diagrams and Microsoft Project timeline/ghantt charts), the team was ready to start coding.
The database design, workflow, and UI design (using Visio), was well done/thought out, but problems started on day one.
- Team mgr and Dev mgr split up the 3 devs, 1 dev wrote the database access library tier, 1 wrote the service tier, the other dev wrote the UI (I'll add this was the dev's first experience with WPF).
- Per the specification, all the layers wouldn't be integrated until all of them met the standards (unit tested, free from errors from VS's code analyzer, etc)
- By the time the devs where ready to code, the DBAs were already tasked with other projects, so the Returns app was prioritized to "when we get around to it"

Fast forward 6 months later, all the devs were 'done' coding, having very little/no communication with one another, then the integration. The service and database layers assumed different design patterns and different database relationships and the UI layer required functionality neither layers anticipated (ex. multi-users and the service maintaining some sort of state between them).

Those issues took about a month to work out, then the app began beta testing with real end users. App didn't make it 10 minutes before users gave up. Numerous UI logic errors, runtime errors, and overall app stability. Because the UI was so bad, the dev mgr brought in one of the web developers (she was pretty good at UI design). You might guess how useful someone is being dropped in on complex project , months after-the-fact and being told "Fix it!".

Couple of months of UI re-design and many other changes, the app was ready for beta testing.

In the mean time, the company hired a new customer service manager. When he saw the application, he rejected the app because he re-designed the entire returns process to be more efficient. The application UI was written to the exact step-by-step old returns process with little/no deviation.

With a tremendous amount of push-back (TL;DR), the dev mgr promised to change the app, but only after it was deployed into production (using "we can fix it later" excuse).

Still plagued with numerous bugs, the app was finally deployed. In attempts to save face, there was a company-wide party to celebrate the 'death' of the "old Delphi returns app" and the birth of the new. Cake, drinks, certificates of achievements for the devs, etc.

By the end of the project, the devs hated each other. Finger pointing, petty squabbles, out-right "FU!"s across the cube walls, etc. All the team members were re-assigned to other teams to separate them, leaving a single new hire to fix all the issues.

This rings true even if the customer is internal. Built a feature and provided documentation on how to use it and one of the end users still used it wrong.

It was a simple validation process too. Input the member ID then click validate, the app then checks if the person is in the system and fills in some other fields and does some other backend stuff. How could you get that wrong?! 🤔

Relatable

Flash has made Java programs look desirable. And anyone keeping up with me knows I despise Java and C#, despite having written C# and currently working on deciphering a Java server to create documentation.

Before I begin, I want to make this clear: IT IS TWO THOUSAND AND FUCKING EIGHTEEN. 2018. WE HAVE BETTER TECH. JAVASCRIPT HAS TAKEN OVER THIS BITCH. So, firstly, FUCK FLASH. Seriously, that shit's a security liability. If you work for a company that uses it, find a new job and then fucking quit, or go mutany and get several devs to begin a JS-based implementation that has the same functionality. There is no excuse. "I'm fired?" That's not an excuse - if there is a way to stop the madness, then fucking hit the brakes on that shit or begin job hunting. Oh, and all you PMs who are reading this and have mandated or helped someone else to mandate work on an enterprise flash program, FUCK YOU. You are part of the problem.

The reason for this outburst seems unreasonable until you realize the hell I went through today. At my University, there is a basic entry-level psychology course I'm taking. Pearson, a company I already fucking hate for some of the ethically sketchy shit they pulled with PARCC as well as overreach in publishing to the point they produce state tests here in the US - has a product called "My PsychLab" and from here on out, I'm referring to it as MPL. MPL has an issue - it is entirely fucking Flash. Homework assignments, the textbook, FUCKING EVERYTHING. So, because of that, you need to waste time finding a browser that works. Now let me remind all of you that just because something SHOULD WORK does NOT mean that it actually does.

I'm sitting on my Antergos box a few days ago: Chromium and Firefox won't load Flash. I don't know why, and don't care to find out. NPAPI and whatnot are deprecated but should still run in a limited mode or some shit. No go on Antergos.

So, today I went to the lab in the desolated basement of an old building which is where it's usually empty except a student hired by the university to make sure nobody fucks things up. I decided - because y'all know I fuckin' hate this - to try Windows. No go in Chrome still - it loaded Flash but couldn't download the content. So I tried Firefox - which worked. My hopes were up, but not too long - because there was no way to input. The window had buttons and shit - but they were COMPLETELY UNRESPONSIVE.

So the homework is also Flash-based. It's all due by 1/31/18 - FOUR CHAPTERS AND THE ACCOMPANYING HOMEWORK - which I believe is Tuesday, and the University bookstore is closed both Saturday and Sunday. No way to get a physical copy of the book. And I have other classes - this isn't the only one.

Also, the copyright on the program was 2017 - so whoever modded or maintained that Flash code - FUCK YOU AND THE IRRESPONSIBLE SHIT YOUR TEAM PULLED. FUCK THE SUPERIORS MAKING DECISIONS AS WELL. Yeah, you guys have deadlines? So do the end users, and when you have to jump through hoops only to realize you're fucked? That's a failure of management and a failure of a product.

How many people are gonna hate me for this? Haters gonna hate, and I'm past the point of caring.

Users and Bosses.

I honestly don't know who is worse, the end user or the boss.

The boss thinks all you do is click a button and everything just works, so everything should take 30 minutes to complete, why on earth would it take a week to do something?

The user seems to think every tiny idea is the most important thing ever to add, so they tell said boss it must be added, and boss normally agrees.

I get it, Marge (Fake name), adding in a copy button because you're too dumb to press ctrl + c is way more important than updating the security after a Ransomware attack.

No boss, I can't add in 30 new things and make sure the security protocols are updated all before the meeting in 15 minutes.

If you think it's all so easy and just pressing buttons, why did you hire me? Anyone who can read and press a button should be able to do it....

I love it when people make a mistake and break something on their website then act as tho the are losing millions of pounds every second like they are going to have to remortgage their house "life is over", if it's not fixed in 30 seconds the world will end!

Then you look at their website and you think they probably have about two users every week, and the website looks like it has been built by a one armed monkey. Delusional

End User: The program isn't working
Me: What were you trying to do?
End User: blah blah blah
Me: Are you using IE?
End User: Yes, I always use IE everything should work with it.
Me: Didn't you see the email to the listserv explicitly saying not to use IE?
End User: I did, but I only like to use IE.
Me: (bangs head against desk & loses all hope)

"It works on our end", the sentence that made me lose my shit.

I've been working on a project were we're supposed to integrate an API into our system.

When trying to get some user id's (UUID) from said API, we got a type-error in the response (???), so I called their integration support and asked what the fuck they were doing (not really, i was kinda calm at this point).

The answer I got was following:

Integration guy: "Uh, bro, like, I don't even know, it's probably on your end"

Me: "We literally used this endpoint with the same parameters yesterday, and got a result we expected. I noticed you updated your API this morning, did you make any major changes?"

Integration guy: "Yeah we changed the type of user id from string to number"

Me: "So, you changed the type of a UUID (uuid4) from string to number? How did you not think that would be an issue? I can see in your forums that everyone else is having the same issue."

Integration guy: "Nah, it's probably a bug in your code, it works on our end"

Me in my mind: *IT WORKS ON YOUR END?!? IT DOESN'T FUCKING MATTER IF IT WORKS ON YOUR END, FUCKTARD.*

What I actually said: "Uhm, I'm not sure if works on your end either, I'm not even sure how this change made it to production. But hey, thanks I guess, bye."

WHY AM I NOT ABLE TO YELL AT PEOPLE WHEN THEY ARE BEING RETARDED???

But really though, when you're maintaining an API, you shouldn't fucking care if things work on your end in your dev environment. What matters is how it works in production, for the end user/users.

And I know that 99% of cases it's the users fault by entering the wrong parameters or trying to request with wrongly setup auth and what not, but still.

Don't ASSUME nothing's wrong on your end. It's your fucking job to fix the issues.

And guess what? The problem was on their side.
I'm going fucking bald.

My ideal job:
Getting payed to develop for awesome open source projects from home, at any time I like.

My current job:
Full time 9 to 6, outsourced security sysadmin, dealing with bullshit systems and stupid end users.
Getting home with barely enough strength to self learn and develop my own projects.

Just kill me

When your manager who claims to be a Wordpress "developer" says to you oh my God, why are you using notepad to write the page when there is an editor?

My response, because I am a developer. I write code and I can write better HTML than any editor can. I then said I do add editors for my projects where required, not for me, but for the end users that cannot write HTML. He walked away 😂

Just another big rant story full of WTFs and completely true.

The company I work for atm is like the landlord for a big german city. We build houses and flats and rent them to normal people, just that we want to be very cheap and most nearly all our tenants are jobless.
So the company hired a lot of software-dev-companies to manage everything.

The company I want to talk about is "ABI...", a 40-man big software company. ABI sold us different software, e.g. a datawarehouse for our ERP System they "invented" for 300K or the software we talk about today: a document management system. It has workflows, a 100 year-save archive system, a history feature etc.
The software itself, called ELO (you can google it if you want) is a component based software in which every company that is a "partner" can develop things into, like ABI did for our company.

Since 2013 we pay ABI 150€ / hour (most of the time it feels like 300€ / hour, because if you want something done from a dev from ABI you first have to talk to the project manager of him and of course pay him too). They did thousand of hours in all that years for my company.

In 2017 they started to talk about a module in ELO called Invoice-Module. With that you can manage all your paper invoices digital, like scan that piece of paper, then OCR it, then fill formular data, add data and at the end you can send it to the ERP system automatically and we can pay the invoice automatically. "Digitization" is the key word.

After 1.5 years of project planning and a 3 month test phase, we talked to them and decided to go live at 01.01.2019. We are talking about already ~ 200 hours planning and work just from ABI for this (do the math. No. Please dont...).

I joined my actual company in October 2018 and I should "just overview" the project a bit, I mean, hey, they planned it since 1.5 years - how bad can it be, right?

In the first week of 2019 we found 25 bugs and users reporting around 50 feature requests, around 30 of them of such high need that they can't do their daily work with the invoices like they did before without ELO.
In the first three weeks of 2019 we where around 70 bugs deep, 20 of them fixed, with nearly 70 feature requests, 5 done. Around 10 bugs where so high, that the complete system would not work any more if they dont get fixed.

Want examples?
- Delete a Invoice (right click -> delete, no super deep hiding menu), and the server crashed until someone restarts it.
- missing dropdown of tax rate, everything was 19% (in germany 99,9% of all invoices are 19%, 7% or 0%).

But the biggest thing was, that the complete webservice send to ERP wasn't even finished in the code.
So that means we had around 600 invoices to pay with nearly 300.000€ of cash in the first 3 weeks and we couldn't even pay 1 cent - as a urban company!

Shortly after receiving and starting to discussing this high prio request with ABI the project manager of my assigned dev told me he will be gone the next day. He is getting married. And honeymoon. 1 Week. So: Wish him luck, when will his replacement here?

Deep breath.
Deep breath.

There was no replacement. They just had 1 developer. As a 40-people-software-house they had exactly one developer which knows ELO, which they sold to A LOT of companies.

He came back, 1 week gone, we asked for a meeting, they told us "oh, he is now in other ELO projects planned, we can offer you time from him in 4 weeks earliest".

To cut a long story short (it's to late for that, right?) we fought around 3 month with ABI to even rescue this project in any thinkable way. The solution mid February was, that I (software dev) would visit crash courses in ELO to be the second developer ABI didnt had, even without working for ABI....

Now its may and we decided to cut strings with ABI in ELO and switch to a new company who knows ELO. There where around 10 meetings on CEO-level to make this a "good" cut and not a bad cut, because we can't afford to scare them (think about the 300K tool they sold us...).

01.06.2019 we should start with the new company. 2 days before I found out, by accident, that there was a password on the project file on the server for one of the ELO services. I called my boss and my CEO. No one knows anything about it. I found out, that ABI sneaked into this folder, while working on another thing a week ago, and set this password to lock us out. OF OUR OWN FCKING FILE.
Without this password we are not able to fix any bug, develop any feature or even change an image within ELO, regardless, that we paid thausend of hours for that.

When we asked ABI about this, his CEO told us, it is "their property" and they will not remove it.
When I asked my CEO about it, they told me to do nothing, we can't scare them, we need them for the 300K tool.

No punt.
No finish.

Just the project file with a password still there today

Today was a manic-depressive kind of day. Spent the morning helping some developers with getting their code to run a stored procedure to drop old partitions, but it wasn't working on their end. It was a fairly simple proc. But working with partitions is a little like working with an array. I figured out that they were passing the wrong timestamp, and needed to add +1 to delete the right partition. Got that sorted out, and things were good. Lunch time.

After lunch I did some busy work, and then the PO comes up at about 2PM and says he's assigned some requests to me. The first was just attaching some scripts. Easy. The second, the user wants a couple of schemas exported ... at 6PM. I've been in the office since 6:45AM.

While I'm setting up some commands to run for the data export, a BA walks up and asks if I'm filling in for another DBA who is out for a few weeks. Yep. There's a change request that hasn't been assigned, and he normally does the work. I ask when it's due. Well, the pre-implementation was supposed to be done in the morning, but it wasn't, and we're in the implementation window ... half way through. I bring up the change task, and look at. Create new schema and users. That's all it says. The BA laughs. I tell I need more to go on. 10 minutes later he sends an email with the information. There's only two hours left in the window, and I can only use half of it, because the production guys have to their stuff, and we're in their window. Now I'm irritated, because I'm new to Oracle, and it's an unforgiving mistress. Fortunately, another DBA says he'll do it, so that we can get it done in time. But can't work it either, because Dev DBAs don't have access to QA, and the process required access for this task. Gets shelved until the access issue is resolved. It's now after 4:15PM. I'm going to in traffic with that 6PM deadline.

I manage to get home and to the computer by 5:45PM. Log in. Start VPN. Box pops on screen. Java needs to update. I chose skip update. Box pops up again. It won't let me log in until Java is current. Passed.

I finally get logged in, and it's 6:10PM. I'm late getting the job started. I pull up Putty and log into the first box, and paste my pre-prepared command in the command line and hit error. Command not found. I'm tired, so it's a moment to sink in. I don't have time for this.

I log into DBArtisan and pull up the first data base, use the wizard to set the job, and off it goes. Yay. Bring up the second database, and have enter the connect info. Host not found. Wut? Examine host name. Yep, it's correct. Try a different method. Host not found. Go back to Putty. Log in. Past string. Launch. Command not found. Now my brain is quitting on me. Why now? It's after 6:30PM. Fiddle with some settings, reset $Oracle home. Try again. Yay. It works. I'm done. It's after 7PM.

There is nothing like technology to snatch the euphoria of a success away from you. It's a love-hate thing, but I wouldn't trade it for anything else. I'm done. Good night.

Dear customer, disregarding the bullshit your agency has dumped into Figma, I hereby deliver a clean, minimalist, and usable website without carousel sliders, chatbots, call-to-action teasers for newsletter signup, and muted auto-play videos consuming your end users' bandwidth.

One day you will understand and be grateful, too!

While I work on my devRant client, I always end up thinking, "how would dfox do it for the backend".

Some of the functions I have include:
-fetching new rants, 250 at a time
-remembering the ones I've read and filtering those out (kinda similar to Algo)
-checking for updates from followed users and new notifications

My implementions are kinda spammy though part of it is because I need to use the existing API.

But even so, how would/does he implement these so all the users' requests don't end up bringing down the server, and efficiently store and retrieve everyone's view history?

My problems are small compared to his... How do you think and deal with problems at that scale though?

Static HTML pages are better than "web apps".

Static HTML pages are more lightweight and destroy "web apps" in performance, and also have superior compatibility. I see pretty much no benefit in a "web app" over a static HTML page. "Web apps" appear like an overhyped trend that is empty inside.

During my web browsing experience, static HTML pages have consistently loaded faster and more reliably, since the browser is immediately served with content useful for consumption, whereas on JavaScript-based web "apps", the useful content comes in **last**, after the browser has worked its way through a pile of script.

For example, an average-sized Wikipedia article (30 KB wikitext) appears on screen in roughly two seconds, since MediaWiki uses static HTML. Everipedia, in comparison, is a ReactJS app. Guess how long that one needs. Upwards of three times as long!

Making a page JavaScript-based also makes it fragile. If an exception occurs in the JavaScript, the user might end up with a blank page or an endless splash screen, whereas static HTML-based pages still show useful content.

The legacy (2014-2020) HTML-based Twitter.com loaded a user profile in under four seconds. The new react-based web app not only takes twice as long, but sometimes fails to load at all, showing the error "Oops something went wrong! But don't fret – it's not your fault." to be displayed. This could not happen on a static HTML page.

The new JavaScript-based "polymer" YouTube front end that is default since August 2017 also loads slower. While the earlier HTML-based one was already playing the video, the new one has just reached its oh-so-fancy skeleton screen.

It would once have been unthinkable to have a website that does not work at all without JavaScript, but now, pretty much all popular social media sites are JavaScript-dependent. The last time one could view Twitter without JavaScript and tweet from devices with non-sophisticated browsers like Nintendo 3DS was December 2020, when they got rid of the lightweight "M2" mobile website.

Sometimes, web developers break a site in older browser versions by using a JavaScript feature that they do not support, or using a dependency (like Plyr.js) that breaks the site. Static HTML is immune against this failure.

Static HTML pages also let users maximize speed and battery life by deactivating JavaScript. This obviously will disable more sophisticated site features, but the core part, the text, is ready for consumption.

Not to mention, single-page sites and fancy animations can be implemented with JavaScript on top of static HTML, as GitHub.com and the 2018 Reddit redesign do, and Twitter's 2014-2020 desktop front end did.

From the beginning, JavaScript was intended as a tool to complement, not to replace HTML and CSS. It appears to me that the sole "benefit" of having a "web app" is that it appears slightly more "modern" and distinguished from classic web sites due to use of splash screens and lack of the browser's loading animation when navigating, while having oh-so-fancy loading animations and skeleton screens inside the website. Sorry, I prefer seeing content quickly over the app-like appearance of fancy loading screens.

Arguably, another supposed benefit of "web apps" is that there is no blank page when navigating between pages, but in pretty much all major browsers of the last five years, the last page observably remains on screen until the next navigated page is rendered sufficiently for viewing. This is also known as "paint holding".

On any site, whenever I am greeted with content, I feel pleased. Whenever I am greeted with a loading animation, splash screen, or skeleton screen, be it ever so fancy (e.g. fading in an out, moving gradient waves), I think "do they really believe they make me like their site more due to their fancy loading screens?! I am not here for the loading screens!".

To make a page dependent on JavaScript and sacrifice lots of performance for a slight visual benefit does not seem worthed it.

Quote:

> "Yeah, but I'm building a webapp, not a website" - I hear this a lot and it isn't an excuse. I challenge you to define the difference between a webapp and a website that isn't just a vague list of best practices that "apps" are for some reason allowed to disregard. Jeremy Keith makes this point brilliantly.
>
> For example, is Wikipedia an app? What about when I edit an article? What about when I search for an article?
>
> Whether you label your web page as a "site", "app", "microsite", whatever, it doesn't make it exempt from accessibility, performance, browser support and so on.
>
> If you need to excuse yourself from progressive enhancement, you need a better excuse.

– Jake Archibald, 2013

you wanna know what the most hilarious shit is? hackernews users AKA the 6 figure startup bros that "rule the world" in terms of code and software...

trying to argue the best way to build a website 😂😂😂😂😂😂😂😂😂

here's some select quotes:

"I believe the most minimalistic and productive way is to just use php"

^ this guy must not know its 2023 now

"Unless you are a web developer I don't see the point of a CSS framework, it's much easier to roll your own."

^ this guy must not know the pain and suffering that is 'rolling your own' in CSS

"Sadly, I just don't have the time to generate the content I wanted to do, so the site sits."

^ this guy just... wait, what?

but you know what? these guys clearly know WAY more than me in terms of software, it's good they get infinite salad bar and prime rib every day at silicon valley's best and brightest!

please fucking kill me i want it to end

Our CEO had a virtual town hall using Zoom and now have a sign language interpreter box as a regular feature... To go along with all the Inclusion stuff...

The most immediate problem though is they didn't turn on auto-captions...

I don't know sign but am deaf so needed the captions which it turns out you can get using the Google Recorder app on Pixels. (This is literally like a fuck you to non-Pixel users and Zoom which disables Live Captions in conferences and recording full transcripts).

Anyway I left it own and near the end, a speaker was like "we're getting a lot of likes and positive feedback about the interpreter box! See how small changes make such a big difference?!"

And well of course in my mind I'm going "uh.... No."

I'll just go back to not caring about anything that isn't related to how much I make.

End user when criticizing a developer for 'taking long' to create something of value from scratch:
(4 hours later): "What's taking you so damn long? Are you retarded?"

Oh I don't know, maybe I have to make sure that tests in my code run well, maybe I have to evaluate everything to meet the custom satisfactions of the user for his ever-so-custom requirements and I also have to make sure I discard what they don't like? And maybe it takes time to deliver a quality product, and so on?
Or would you prefer I deliver an untested product that I didn't bother to think about and I haven't bothered to make sure it matches with their requirements?

What end users don't understand is the involvement in a quality product.

made a Facebook app once that allowed users to submit their stories for a competition to win a tablet. The HTML form had no limit on length but ORM defaulted to 1000 characters in database, imagine the sourprise when we exported the data for the client at the end...

This was not exactly the worst work culture because the employees, it was because the upper level of the organization chart on the IT department.

I'm not quite sure how to translate the exact positions of that chart, but lets say that there is a General Manager, a couple of Area Managers (Infrastructure, Development), some Area Supervisors (2 or 3, by each area), and the grunts (that were us). Anyway, anything on the "Manager" was the source of all the toxicity on the department.

First and foremost, there was a lack of training for almost any employee. We were expected to know everything since day-1. Yes, the new employees had a (very) brief explanation about the technologies/languages were used, but they were expected to perform as a senior employee almost since the moment they cross the door. And forget about having some KT (Knowledge Transfer) sessions, they were none existent and if they existed, were only to solve a very immediate issue (now imagine what happened when someone quit*).

The general culture that they have to always say "yes" to the client/customer to almost anything without consulting to the development teams if that what was being asked to do was doable, or even feasible. And forget about doing a proper documentation about that change/development, as "that was needed yesterday and it needs to be done to be implemented tomorrow" (you know what I mean). This contributes to the previous point, as we didn't have enough time to train someone new because we had this absurd deadlines.

And because they cannot/wanted to say "NO", there were days when they came with an amount of new requirements that needed to be done and it didn't matter that we had other things to do. And the worst was that, until a couple of years (more or less), there was almost impossible to gather the correct requirements from the client/user, as they (managers) "had already" that requirement, and as they "know better" what the user wants, it was their vision what was being described on the requirements, not the users'...

And all that caused that, in a common basis, didn't have enough time to do all this stuff (mainly because the User Support) causing that we needed to do overtime, which almost always went unpaid (because a very ambiguous clause of the contract, and that we were "non-union workers"**). And this is my favorite point of this list, because, almost any overtime went unpaid, so basically we were expected to be working for free after the end of the work day (lets say, after the 17:00). Leaving "early" was almost a sin for the managers, as they always expected that we give more time to work that the indicated on the contract, and if not, they could raise a report to HR because the ambiguous clause allowed them to do it (among other childish things that they do).

Finally, the jewel of the crown, is that they never, but never acknowledge that they made a mistake. Never. That was impossible! If something failed on the things/systems/applications that they had assigned*** it was always our fault.

- "A report for the Finance Department is giving wrong information? It's the DBA's fault**** because although he manages that report, he couldn't imagine that I have an undocumented service (that runs before the creation the report) crashed because I modified a hidden and undocumented temporal table and forgot to update that service."

But, well, at least that's on the past. And although those aren't all the things that made that workplace so toxic, for me those were the most prominent ones.

-

* Well, here we I live it's very common to don't say anything about leaving the company until the very last day. Yes, I know that there are people that leave their "2-days notice", but it's not common (IMHO, of course). And yes, there are some of us that give a 1 or 2-weeks notice, but still it's not a common practice.

** I don't know how to translate this... We have a concept called "trusted employee", which is mainly used to describe any administrative employee, and that commonly is expected to give the 110% of what the contract says (unpaid overtimes, extra stuff to do, etc) and sadly it's an accepted condition (for whatever reasons). I chose "non-union workers" because in comparison with an union worker, we have less protections (besides the legal ways) regarding what I've described before. Curiously, there are also "operative workers", that doesn't belong to an union, but they have (sometimes) better protections that the administrative ones.

*** Yes, they were in charge of several systems, because they didn't trust us to handle/maintain them. And I'm sure that they still don't trust in their developers.

**** One of the managers, and the DBA are the only ones that handle some stuff (specially the one that involves "money"). The thing that allows to use the DBA as scapegoat is that such manager have more privileges and permissions than the DBA, as he was the previous DBA

I'm hal laughting, half facepaling.

Use multiple servers they said
It's gonna balance automaticlly your load they said.

Well, they didn';t accoubnt for a MEGA badly writen API whic can block a whole server for a minute.

Or, but it's not the end !!!

So you see ? 1 at 100%, 1 at 0% ? Quick maths : Average 50%.

Autoscaling kicks in at average 40% for 2 minutes.

So it kicks in... Created a 3d server... Which is still booting !!

And some trafic redirected there.

Sooo. Users on a 100% server : Bad bad bad for them
Users on 0% server : No problems
users on a new 3d server : Wait 15 seconds, then it's like 0%.

Fun fun fun. At least I know now which fucking API does that.

This was a while back. I was hosting a site at a hosting company's 'vps'. I had 1gig for the mysql databases. Problem is, for some reason the server didnt let me have more than 300mbs including everything (there were some videos on the site). I contacted them and they only replied that its ok on their end. Okay, makes sense. So i opened ssh and started looking for the problem. After a bit, i figured out that my site is hosted on a 1tb drive and i could see all the other partitions. Meaning they just slapped a bunch of users data on the same drive. So i wrote an assembly program to offset the mysql files by ~500 mbs. Turns out that put me in an unoccupied 100gb partition and the site was still working properly. So i offset everything to there and i had a 100gb vps for like $5.

more of my favorite "about" sections from various users:

Jilano
"nothing."

Humble like a monk.

kindawonderful
"This user likes to keep secrets about himself."

Aw, hes shy!

molaram
"Part time evil corporation hater & armed infidel trying to blow off some steam."

Is that you Elliot?

dmonkey
"Computer Science student and Math lover."

Your love of math is suspect. I have not seen you participate in any of my math shitposting.

And under his skills
"I was ending up becoming a front-end developer, now I'm thinking to become a farmer after uni."

The total state of frontend in 2021. "Fuck it, I'd rather shovel horse shit than learn another
framework!"

Have you tried Horseshit.JS for that?

What about shove.js?

Forms with autofocus. What are your opinions on that?

My boss keeps asking us to always give autofocus to the first input of a form, without any UX study to support it, just his opinion ("I think it makes sense"). I fucking hate it. He says it's nice for keyboard users, but I'm a keyboard user myself and I say that's what the tab key is for. To fucking focus stuff.

It really annoys me to no end when things like this are requested, but it's ok to have buttons, checkboxes, etc without fucking :focus and :active styles. Just :hover is not enough ffs.

And "links" that work with "onclick". Damn how I want to kill anyone that does that.

So first of all I'm not a dev.

I'm a software tester and my test manager is a douche, but this is not it.

Today I went to the end user place along with him to teach them how to test properly and how to manage the software test cycle in JIRA.

I did a demo and showed the users the software the dev team developed and of course there were a lot of rants about it.
Users noted down a list of things to be changed and we kept going.

By the end of the demo, my test manager started discussing the fact that I told these guys to open Bugs without test objects on Jira.

I mean, we don't have a test cycle or test cased yet but these guys found issues already, what's the point?

So here's the funny part.

He then starts telling users (which ignore testing fundaments) to create a test cycle called 'meeting of today dd/mm/yyyy" and create tests below it which were named with the names of who created them.
All of that without a logic and ignoring the fact that these tests were not tests.

I was laughing my ass off while assisting this total mess and I almost lost control.

And this is my manager.

Luckily, tomorrow is Saturday.

Forcing amazingly complex password requirements on end-users... Which expire every X days.

Back when I used be a junior fresh out of school, my senior used to say, when releasing a first version or a major version of any software, app or website always implement easy to fix bugs.

End users or clients, especially the ones that tasked you with the creation of it, will look for a bug until they find one, if it isn't one you will spent hours trying to figure it out, instead give them one.
You know how to fix it and the client is satisfied they found one.

To this day, i still do that, although mostly not even aware of it. Eg: I know that's a bug but i'll fix that when (not if, when) they complain about it.

I even find myself telling the juniors, i develop with, giving them similar if not the same advice.

And that is what experience means, skill is something they teach you in school.
Experience is what makes you a senior or a junior, not your level of skill or the amount of keywords on your Linked In profile.

Alright, who is rigging the "Top Tags" results? Where is Arch?

Arch users: we should aim to get `arch` into the devRant top tags by the end of the year

Markdown. It is now used by MDN Web Docs and supported by Google Docs. End users will slowly pick up. Then even more (proprietary) flavors of markdown and their accompanying JS-frameworks will follow. All with good intentions, but it can only to end in a big mess and confusion like USB or USB 3.2 Gen 1.

I worked all weekend to reach a deadline monday for testing, fixed all issues detected and made the release document, change elements, everything required by end of tuesday. And sent it to release manager. He calls me back immediately and tells me the release Windows was closed monday and it will have to wait until next month. Noone told me the deadline for release changed, and the users are invited to a training and release event next week. Gotta love working for a huge company and being the little guy noone keeps informed. #releaseblocked

I think the reason why git beginners have a hard time with it is because the api is a bit untuitive.

For example: if you want to "unstage" staged changes, you run git reset, and if you want to "delete" those changes from your working copy, you git checkout those files.

But then, you find out that you can do all of that if you git add . and git reset --hard.
So you're like "huh..."

And then you discover that if you end the resethard with a branch name/commit id then you also make current branch point to the commit or that branch/commit (respectively).
So you're like "huh..."

And also if you add a commit id or branch name to git checkout, you change the current branch to specified/enter detached state with HEAD pointing to that commit (respectively).

Oh and you don't use git branch to create branches, you use git checkout -b because it's a lot shorter.

So here's a rundown: git reset mutates things related to files, but also mutates things related to branches.
git checkout also mutates things related to files and mutates things related to branches too (in a diff way). Also, creates new branches.

I don't think this is intuitive. We users use the same commands for different purposes with just a different flag.
Commands shouldn't mutate different types of things. But don't composite commands (as in, "smart" commands that mutate different things) shoudln't be a flag in an existing command, it should be a single new command of its own.

Maybe if I reread the internals of git now, I'll be able to disgest the dozens of technical terms they throw at you (they are many). And in my mind, the api will cognitively fit to the explanations.

Here's another one that feels weird too.
If you want to make your changes start on top of someone else's commit, you do git rebase.
But git rebase -i can be used for that, and also to delete, modify changes or message of, reorder or combine previous commits of the current branch.

Maybe the reason why several things we do overlap with the same commands is because they internally do similar things, and while not separating those commands might make it less intuitive, it makes them more sensible? i dunno...

disclaimer: I'm not setting this opinion in stone though, and am aware that git was created by one of the most infuential programmers.

🪙 The golden age of tech is coming to an end. We currently live in a world of tech built by engineers and great minds; both Windows and Linux are great in their own ways. PCs are the peak of engineering, both desktops and laptops because of how versatile, powerful and universal they are. They serve engineers, designers and end users. You can do anything you can imagine; because the great people who built it, did it in such way that they themselves could use and enjoy it.

📱 The tech of the future will become ever more limited. The next generation of humans will use Chrome OS gladly and not even feel limited because they never experienced the freedom provided by a true personal computer device. Android OS is already getting ever closer to restricting 3rd party APK installers. Big tech will do everything they can to limit freedoms and make everyone use cloud, where they can charge $ for every damn click.

☎️The consumer-facing tech will become increasingly dumbed-down over time. The programmers and engineers will be still able to use "true" tech, but only for work. In everyday life, they will have to be content with the dumb limited tech.

And there is nothing we can do to stop it.

I'm pissed off as fuck. By far these were the worst fucking 2 weeks in a very long time.

My grandma died. At work I had to do shitty tasks and IT support for stupid end users, like an overpayed PC technician. I couldn't find any time to write a single line of code on any of my personal projects.

And I still can't find a fucking developer job. I feel like I'm stuck in this IT hell forever.

Kill me

Let's talk about the cargo cult of N-factor authentication. It's not some magic security dust you can just sprinkle onto your app "for security purposes".

I once had a client who had a client who I did server maintenance for. Every month I was scheduled to go to the site, stick my fingerprint in their scanner, which would then display my recorded face prominently on their screens, have my name and purpose verified by the contact person, and only then would the guards let me in.

HAHA no of course not. On top of all of that, they ask for a company ID and will not let me in without one.

Because after all, I can easily forge my face, fingerprints, on-site client contact, appointment, and approval. But printing out and laminating a company ID is impossible.

---

With apologies to my "first best friend" in High School, I've forgotten which of the dozens of canonicalisations of which of your nicknames I've put in as my answer to your security question. I've also forgotten if I actually listed you as my first best friend, or my dog - which would actually be more accurate - and actually which dog, as there are times in my High School life that there were more tails than humans in the house.

I have not forgotten these out of spite, but simply because I have also forgotten which of the dozen services of this prominent bullshit computer company I actually signed up for way back in college, which itself has been more than a decade ago. That I actually apparently already signed up for the service before actually eludes me, because in fact, I have no love for their myriad products.

What I have NOT forgotten is my "end of the universe"-grade password, or email, or full legal name and the ability to demonstrate a clear line of continuity of my identity from wherever that was to now.

Because of previous security screwups in the past, this prominent bullshit company has forced its users to activate its second, third, and Nth factors. A possibly decade-old security question; a phone number long lost; whatever - before you can use your account.

Note: not "view sensitive data" about the account, like full name, billing address, and contact info. Not "change settings" of the account, such as changing account info, email, etc. Apparently all those are the lowest tier of security meant to be protected by mere "end of the universe"-grade passwords and a second factor such as email, which itself is likely to be sold by a company that also cargo cults N-factor auth. For REAL hard info, let's ask the guy who we just showed the address to "What street he lived in" and a couple others.

Explaining this to the company's support hotline is an exercise in...

"It's for your security."

"It's not. You're just locking me out of my account. I can show you a government ID corroborating all the other account info."

"But we can't, for security."

"It's not security. Get me your boss."

...

"It's for security."

Why is it that you guys are not seeing the big picture and reading between the fucken lines... why is it that people always have to run to legislation to fix their problems .... THIS IS WHY.. the other generation accomplished so much more because when there’s a problem they came up with a solution many times better than the status quo.
Those people are few and far between now.. those folks are the innovators. You know whom I’m referring to... those people didn’t whine to create laws to fix or protect their industry from competitors.
We need to stop looking toward our government to fix our issues... especially regarding this issue.. WHY because the people in government ARE NOT TECH PEOPLE!!! THEY DONT EVEN KNOW HOW COMPUTERS WORK! for Pete’s sake folks we had a lady in there who thought the term whip the server ment to literally clean it with a rag... come-on guys, do what they did years ago you don’t like something FIX IT.. by creating something new!
There’s a reason our grandparents generation made it to the fucken moon with less technology than a calculator, BECAUSE THEY PROBLEM SOLVED!
What have we achieved in the last 5 years that is really “big”... fucken apps

Unite together build the next internet learning from the issues we’ve seen with the internet over the last 30 years.. No it won’t be quick no it won’t be easy but nothing revolutionary is easy.
It took 6 years to land a man on the moon, I think we can rebuild the network infrastructure in that time OR FAR LESS if we unite together! Without the government interference we can eliminate the ISPs from the equation and screw them over for screwing us for so long

My group is has the solution, the vision and need, to get this done be we can’t do it alone I will make the official public statement within 24 hours of the vote results...
explaining everything, the plan, the work, EVERYTHING.
We need more people.
For reference the plan can be summarized like this.. nonprofit CoOp Tier 1 ISP.. members being the end users from both sides of the equation ...

TILL THEN
Contact me here,
Or SnapChat: theqsolution
Until I release all the contact info.

So I've created this account specifically for this rant. I usually just browse anonymously.

I've recently been hired in a big company that is one of the biggest Microsoft users in the world and my essentially revolves on making it easier for our collaborators to work with SharePoint (and other ms software)

Never in my life have I hit that much of a roadblock. So for the past week I've been trying to integrate what Ms calls webparts. And to modify the default webparts Ms provides you need to their properties (or Metadata). Except here's the big problem these are NOT documented anywhere (unless I failed to find it, if you do know where it is documented please HMU), so I've found myself trying to reverse engineer the js scripts that are served with SharePoint to figure out what the webpart properties are called and what type of data they are! I've been going through endless github repos using the CSOM nuget package (it's the library everyone uses to interact with SharePoint) and I finally found out about this other library called PnP which is a wrapper around CSOM that makes it easier to use. That wrapper has a way for me to load existing page and look at the properties of existing webparts. So here I thought it was the end of my suffering and I could finally get an idea of what it should be. Turns out this method doesn't work because one of the dependencies it has has had breaking changes and they still updated it even though it breaks their code! So for the past two days I've been trying random combinations of key values with different data types and json serialization methods.

Oh and yeah I've also looked at all the http calls via the chrome network tab, the metadata is not served as an individual file but is computed by Ms servers when they're serving you their html files.

So uh yeah run from CSOM if you can..

Saw this sent into a Discord chat today:

"Warning, look out for a Discord user by the name of "shaian" with the tag #2974. He is going around sending friend requests to random Discord users, and those who accept his friend requests will have their accounts DDoSed and their groups exposed with the members inside it becoming a victim as well. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Discord is currently working on it. SEND THIS TO ALL THE SERVERS YOU ARE IN. This is IMPORTANT: Do not accept a friend request from shaian#2974. He is a hacker.

Tell everyone on your friends list because if somebody on your list adds one of them, they'll be on your list too. They will figure out your personal computer's IP and address, so copy & paste this message where ever you can. He is going around sending friend requests to random discord users, and those who accept his requests will have their accounts and their IP Addresses revealed to him. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Saw this somewhere"

I was so angry I typed up an entire feature-length rant about it (just wanted to share my anger):

"1. Unless they have access to Discord data centres or third-party data centres storing Discord user information I doubt they can obtain the IP just by sending friend requests.

2. Judging by the wording, for example, 'copy & paste this message where ever you can' and 'Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him.' this is most likely BS, prob just someone pissed off at that user and is trying to ruin their reputation etc.. Sentences equivalent to 'spread the word' are literally everywhere in this wall of text.

3. So what if you block the user? You don't even have their user ID, they can change their username and discrim if they want. Also, are you assuming they won't create any alts?

4. Accounts DDoSed? Does the creator of this wall of text even understand what that means? Wouldn't it be more likely that 'shaian' will be DDoSing your computer rather than your Discord account? How would the account even be DDoSed? Does that mean DDoSing Discord's servers themselves?

5. If 'shaian' really had access to Discord's information, they wouldn't need to send friend requests in order to 'DDoS accounts'. Why whould they need to friend you? It doesn't make sense. If they already had access to Discord user IP addresses, they won't even have to interact with the users themselves. Although you could argue that they are trolling and want to get to know the victim first or smth, that would just be inefficient and pointless. If they were DDoSing lots of users it would be a waste of time and resources.

6. The phrase 'Saw this somewhere' at the end just makes it worse. There is absolutely no proof/evidence of any kind provided, let along witnesses.

How do you expect me to believe this copypasta BS scam? This is like that 'Discord will be shutting down' scam a while back.

Why do people even believe this? Do you just blindly follow what others are doing and without thinking, copy and paste random walls of text?

Spreading this false information is pointless and harmful. It only provides benefits to whoever started this whole thing, trying to bring down whoever 'shaian' is.

I don't think people who copy & paste this sort of stuff are ready to use the internet yet.

Would you really believe everything people on the internet tell you?

You would probably say 'no'.

Then why copy & paste this? Do you have a reason?

Or is it 'just because of 'spread the word''?

I'm just sick of seeing people reposting this sort of stuff

People who send this are probably like the people who click 'Yes' to allow an app to make changes in the User Account Control window without reading the information about the publisher's certificate, or the people who click 'Agree' without actually reading the terms and conditions."

Stackoverflow started 8 years ago.
Is there no hope for us "noobs" to ever see the 'k' at the end of our points?
All these 100K + users and i'm over here rejoicing in the 48 points that I was able to muster up with some effort T-T

A couple of years ago, we decide to migrate our customer's data from one data center to another, this is the story of how it goes well.

The product was a Facebook canvas and mobile game with 200M users, that represent approximately 500Gibi of data to move stored in MySQL and Redis. The source was stored in Dallas, and the target was New York.

Because downtime is responsible for preventing users to spend their money on our "free" game, we decide to avoid it as much as possible.

In our MySQL main table (manually sharded 100 tables) , we had a modification TIMESTAMP column. We decide to use it to check if a user needs to be copied on the new database. The rest of the data consist of a savegame stored as gzipped JSON in a LONGBLOB column.

A program in Go has been developed to continuously track if a user's data needs to be copied again everytime progress has been made on its savegame. The process goes like this: First the JSON was unzipped to detect bot users with no progress that we simply drop, then data was exported in a custom binary file with fast compressed data to reduce the size of the file. Next, the exported file was copied using rsync to the new servers, and a second Go program do the import on the new MySQL instances.

The 1st loop takes 1 week to copy; the 2nd takes 1 day; a couple of hours for the 3rd, and so on. At the end, copying the latest versions of all the savegame takes roughly a couple of minutes.

On the Redis side, some data were cache that we knew can be dropped without impacting the user's experience. Others were big bunch of data and we simply SCAN each Redis instances and produces the same kind of custom binary files. The process was fast enough to launch it once during migration. It takes 15 minutes because we were able to parallelise across the 22 instances.

It takes 6 months of meticulous preparation. The D day, the process goes smoothly, but we shutdowns our service for one long hour because of a typo on a domain name.

Started off with a prototype with about 20 backend data points per hour and 10 concurrent front-end users. Total dataset in the 10,000s.

Now about 5 backend data points per second and 500 concurrent front-end users. Total dataset in excess of 20,000,000.

Patience is not slapping a non-technical end user when they explain how easy it is going to be to make a change to an application.

- A girl asks on FB how to deal with a problem in her Windows computer: the system is asking her to introduce the serial key.

- I comment her the possibility of using Linux in case her use cases are simple enough (web, music, videos).

- First reactions are even enthusiastic, some people who had good experiences join the thread to express their delight with Linux.

- Then a guy arrives to tell us how irresponsible we are, telling a poor girl who does not even know how to introduce the serial key... to use Linux (a super complex system!)

- So I tell the guy that Windows is not simple at all, and that most of the times, people just rely o knowing someone else with higher expertise than them, who always end up paying the price of solving the problems caused by Windows, so the users don't really feel how painful is Windows compared to other systems.

- The girl, who was enthusiastic at first, and seems to be not very bright, to say the least, completely misunderstands my answer. She interprets that I'm insulting the poor guys that act as IT service for free, and calls me a "know-all/smartass" (those words are not even close to their Spanish counterpart on pushing down people who know stuff, we are experts on that there, we didn't loose an empire in the 17th century by respecting the wise ones).

This is, in part, why I stopped helping those dumbasses 18 years ago. I forbid myself to learn anything new about Windows (at user level) so I couldn't help these ungrateful and ignorant people who don't make any effort to learn anything by themselves.

These ignorant comments about arch are starting to get on my nerves.

You ranted or asked help about something exclusive to windows and someone pointed out they don't have that problem in arch and now you're annoyed?

Well maybe it's for good.

Next comes a very rough analogy, but imagine if someone posts "hey guys, I did a kg of coke and feeling bad, how do I detox?"

It takes one honest asshole to be like "well what if you didn't do coke?".

Replace the coke with windows.
Windows is a (mostly) closed source operating system owned by a for profit company with a very shady legal and ethical history.

What on earth could possibly go wrong?

Oh you get bsod's?
The system takes hours to update whenever the hell it wants, forces reboot and you can't stop it?
oh you got hacked because it has thousands of vulnerabilities?
wannacry on outdated windows versions paralyzed the uk health system?

oh no one can truly scrutinize it because it's closed source?

yet you wonder why people are assholes when you mention it? This thing is fucking cancer, it's hundreds of steps backwards in terms of human progress.

and one of the causes for its widespread usage are the savage marketing tactics they practiced early on. just google that shit up.

but no, linux users are assholes out to get you.

and how do people react to these honest comments? "let's make a meme out of it. let's deligitimize linux, linux users and devs are a bunch of neckbeards, end of story, watch this video of rms eating skin off his foot on a live conference"

short minded idiots.

I'm not gonna deny the challenges or limitations linux represents for the end user.

It does take time to learn how to use it properly.
Nvidia sometimes works like shit.
Tweaking is almost universally required.
A huge amount of games, or Adobe/Office/X products are not compatible.
The docs can be very obscure sometimes (I for one hate a couple of manpages)

But you get a system that:
* Boots way faster
* Is way more stable
* Is way way way more secure.
* Is accountable, as in, no chance to being forced to get exploited by some evil marketing shit.

In other words, you're fucking free.
You can even create your own version of the system, with total control of it, even profit with it.

I'm not sure the average end user cares about this, but this is a developer forum, so I think in all honesty every developer owes open source OS' (linux, freebsd, etc) major respect for being free and not being corporate horseshit.

Doctors have a hippocratic oath? Well maybe devs should have some form of oath too, some sworn commitment that they will try to improve society.

I do have some sympathy for the people that are forced to use windows, even though they know ideally isn't the ideal moral choice.
As in, their job forces it, or they don't have time or energy to learn an alternative.

At the very least, if you don't know what you're talking about, just stfu and read.

But I don't have one bit of sympathy for the rest.

I didn't even talk about arch itself.
Holy fucking shit, these people that think arch is too complicated.

What in the actual fuck.

I know what the problem is, the arch install instructions aren't copy paste commands.
Or they medium tutorial they found is outdated.

So yeah, the majority of the dev community is either too dumb or has very strong ADD to CAREFULLY and PATIENTLY read through the instructions.

I'll be honest, I wouldn't expect a freshman to follow the arch install guide and not get confused several times.
But this is an intermediate level (not megaexpert like some retards out there imply).

Yet arch is just too much. That's like saying "omg building a small airplane is sooooo complicated". Yeah well it's a fucking aerial vehicle. It's going to be a bit tough. But it's nowhere near as difficult as building a 747.

So because some devs are too dumb and talk shit, they just set the bar too low.

Or "if you try to learn how to build a plane you'll grow an aviator neckbeard". I'll grow a fucking beard if I want too.

I'm so thankful for arch because it has a great compromise between control and ease of install and use.

When I have a fresh install I only get *just* what I fucking need, no extra bullshit, no extra programs I know nothing about or need running on boot time, and that's how I boot way faster that ubuntu (which is way faster than windows already).

Configuring nvidia optimus was a major pain in the ass? Sure was, but I got it work the way I wanted to after some time.

Upgrading is also easy as pie, so really scratching my brain here trying to understand the real difficult of using arch.

1. It's gonna be more and more specialized - to the point where we'll equal or even outdo the medical profession. Even today, you can put 100 techs/devs into a room and not find two doing the same job - that number will rise with the advent of even more new fields, languages and frameworks.

2. As most end users enjoy ignoring all security instructions, software and hardware will be locked down. This will be the disadvantage of developers, makers and hackers equally. The importance of social engineering means the platform development will focus on protecting the users from themselves, locking out legitimate tinkerers in the process.

3. With the EU getting into the backdoor game with eTLS (only 20 years after everyone else realized it's shit), informational security will reach an all-time low as criminals exploit the vulnerabilities that the standard will certainly have.

4. While good old-fashioned police work still applies to the internet, people will accept more and more mass surveillance as the voices of reason will be silenced. Devs will probably hear more and more about implementing these or joining the resistance.

5. We'll see major leaks, both as a consequence of mass-surveillance (done incompetently and thus, insecurely) and as activist retaliation.

6. As the political correctness morons continue invading our communities and projects, productivity will drop. A small group of more assertive devs will form - not pretty or presentable, but they - we - get shit done for the rest.

7. With IT becoming more and more public, pseudo-knowledge, FUD and sales bullshit will take over and, much like we're already seeing it in the financial sector, drown out any attempt of useful education. There will be a new silver-bullet, it will be useless. Like the rest. Stick to brass (as in IDS/IPS, Firewall, AV, Education), less expensive and more effective.

8. With the internet becoming a part of the real life without most people realizing it and/or acting accordingly, security issues will have more financial damages and potentially lethal consequences. We've already seen insulin pumps being hacked remotely and pacemakers' firmware being replaced without proper authentication. This will reach other areas.

9. After marijuana is legalized, dev productivity will either plummet or skyrocket. Or be entirely unaffected. Who cares, I'll roll the next one.

10. There will be new JS frameworks. The world will turn, it will rain.

Error mesage on my 4GB ram "smart" phone, running a "smart" application.

'Oh no ! Something went wrong. Re-try'

Whatttttttt!!!

WHY DOES A "SMART" APPLICATION GIVE SUCH A STUPID ERROR MESSAGE.

IT IS MY PHONE, PLEASE PROVIDE A HELPFUL ERROR MESSAGE, WHY IS IT SO HARD.

I JUST HATE SOFTWARE THAT TREATS THE END USERS AS STUPID ANIMALS.

It all started with an undelivereable e-mail.

New manager (soon-to-be boss) walks into admin guy's office and complains about an e-mail he sent to a customer being rejected by the recipient's mail server. I can hear parts of the conversation from my office across the floor.

Recipient uses the spamcop.net blacklist and our mail was rejected since it came from an IP address known to be sending mails to their spamtrap.

Admin guy wants to verify the claim by trying to find out our static public IPv4 address, to compare it to the blacklisted one from the notification.
For half an hour boss and him are trying to find the correct login credentials for the telco's customer-self-care web interface.
Eventually they call telco's support to get new credentials, it turned out during the VoIP migration about six months ago we got new credentials that were apparently not noted anywhere.

Eventually admin guy can log in, and wonders why he can't see any static IP address listed there, calls support again. Turns out we were not even using a static IP address anymore since the VoIP change. Now it's not like we would be hosting any services that need to be publicly accessible, nor would all users send their e-mail via a local server (at least my machine is already configured to talk directly to the telco's smtp, but this was supposedly different in the good ol' days, so I'm not sure whether it still applies to some users).

In any case, the e-mail issue seems completely forgotten by now: Admin guy wants his static ip address back, negotiates with telco support.
The change will require new PPPoE credentials for the VDSL line, he apparently received them over the phone(?) and should update them in the CPE after they had disabled the login for the dynamic address. Obviously something went wrong, admin guy meanwhile having to use his private phone to call support, claims the credentials would be reverted immediately when he changed them in the CPE Web UI.

Now I'm not exactly sure why, there's two scenarios I could imagine:
- Maybe telco would use TR-069/CWMP to remotely provision the credentials which are not updated in their system, thus overwriting CPE to the old ones and don't allow for manual changes, or
- Maybe just a browser issue. The CPE's login page is not even rendered correctly in my browser, but then again I'm the only one at the company using Firefox Private Mode with Ghostery, so it can't be reproduced on another machine. At least viewing the login/status page works with IE11 though, no idea how badly-written the config stuff itself might be.

Many hours pass, I enjoy not being annoyed by incoming phone calls for the rest of the day. Boss is slightly less happy, no internet and no incoming calls.

Next morning, windows would ask me to classify this new network as public/work/private - apparently someone tried factory-resetting the CPE. Or did they even get a replacement!? Still no internet though.
Hours later, everything finally back to normal, no idea what exactly happened - but we have our old static IPv4 address back, still wondering what we need it for.

Oh, and the blacklisted IP address was just the telco's mail server, of course. They end up on the spamcop list every once in a while.

tl;dr: if you're running a business in Germany that needs e-mail, just don't send it via the big magenta monopoly - you would end up sharing the same mail servers with tons of small businesses that might not employ the most qualified people for securing their stuff, so they will naturally be pwned and abused for spam every once in a while, having your mailservers blacklisted.

I'm waiting for the day when the next e-mail will be blocked and manager / boss eventually wonder how the 24-hours-outage did not even fix aynything in the end...

Since my first post was a success, here's another shameless hack-- in this case, ripping a "closed" database I don't usually have access to and making a copy in MySQL for productivity purposes. That was at a former job as an IT guy at a hardware store, think Lowes/Rona.

We had an old SCO Unix server hosting Informix SQL (curious, anyone here touched iSQL?), which has terminal only forms for the users to handle data, and has keybindings that are strangely vi based (ESC does commit changes. Mindfsck for the users!). To add new price changes to our products, this results to a lengthy procedure inside a terminal form (with ascii borders!) with a few required fields, which makes this rather long. Sadly, only I and a colleague had access to price changes.

Introducing a manager who asks a price change for a brand- not a single product, but the whole product line of a brand we sell. Oh and, those price changes ends later after the weekend (twice the work, back at regular price!)

The usual process is that they send me a price change request Excel document with all the item codes along with the new prices. However, being non technical, those managers write EVERYTHING at hand, cell by cell (code, product name, cost, new price, etc), sometimes just copy pasted from a terminal window

So when the manager asked me to change all those prices, I thought "That's the last time I manually enter all of this sh!t- and so does he". Since I already have a MySQL copy of the items & actual (live) price tables, I wrote a PHP backend to provide a basic API to be consumed to a now VBA enhanced Excel sheet.

This VBA Excel sheet had additional options like calculating a new price based on user provided choices ("Lower price by x $ or x %, but stay above cost by x $ or x %"), so the user could simply write back to back every item codes and the VBA Excel sheet will fetch & display automatically all relevant infos, and calculate a new price if it's a 20% price cut for example.

So when the managers started using that VBA sheet, I had also hidden a button which simply generate all SQL inserts for the prices written in the form, including a "back to regular price" if the user specified an end date, etc.

No more manual form entry for me, no more keyboard pecking for the managers with new prices calculated for them. It was a win/win :)

Me during a presentation of a website for university project. It's a simple project for our university where there is internships offer for our field, stack : php, js, css (bootstrap), and the presentation was on my computer, so on localhost.
In that projet i have implemented a back office to manage all the offers, basic CRUD functionality, and as lazy as I am, for delete confirmation i used a simple javascript alert for that.
Me during the presentation :"so here is the back-office to manage users and internships offer, and for deleting one offer you just have to click on this trash icon *click*".
Ze professor : "hold on hold on, why it's showing 'localhost' "
Me : "it's javascript alert"
Prof : "but why 'localhost' "
Me : "oh, because i'm running the website on my computer as a server"
Prof : "but why localhost, it's not professional"
Me : *god please "it's javascript alert rendered by the browser, we can't do anything about it, and for a simple application it's sufficient"
Prof : "but why it's bigger than the message, and if we host that, do we steal have that localhost"
Me to end that : "I'm sorry i made a mistake on that".
Fortunately i had a good mark on that project.
It's my first story here, and sorry for ze bad English ^^

Been working a year and a half on an offer for a client to plan their new system. Today they wanted us to construct the whole system and call it a beta only to pay 10% of the total costs. They said it is our responsibility to make the budget work as they are merely the "end users and not tech people". I am considering to tell them to go f**k themselves tomorrow.

Non-Developer : (noun) Also known as users or end user.

A long long time ago ( 2007 I think ) I worked for a company that made landing sites, so basically an email campaign would go out, users would be sent to a 1 page website with a form to capture their data, ready to be spammed even more. You know how it was back then.

So I worked with a guy who we had just hired, I didn't do the hiring but his CV checked out, so I gave him one of my tasks. Now most pages were made with js and html, with a PHP backend ( called with Ajax). Now this guy didn't know PHP so I was like all good, ASP works too at the end of the day we don't judge, we do like 2 or 3 of these a day and never look at them again. So he goes of and does is thing.

3 weeks later, the customer calls up to me they still haven't received their landing page. Ok so he probably forgot to email the customer np, I tell him to double check he has emailed the customer. Another week goes by end the customer calls back, same problem. At this point I'm getting worried, because we're days away from the deadline and it was originally my task.

So I go back to the guy and I tell him I want that landing page so I can send it myself, half thinking to myself that we had a freeloader, that guy that comes in to companies for 3 weeks, doesn't work, but still cashes his pay. But no, this was much worse.

So he tells me he has finished yet. I ask him why, what's the blocker ? You had 4 weeks to tell me you were blocked and couldn't progress. And his answer was simply, because I wasn't blocked I have been working on it this whole time. So I tell him to zip his project up and email it to me. We didn't do SVN or git back then, simply wasn't worth it. So he comes back to me and says the email server is telling him attachments can't be bigger then 50mb. At this point I'm thinking he didn't properly sized the art or something, so I give him a flash drive to put it on.

When I then open the flash drive, the archive is 300mb, thinking to myself, the images weren't even that big to begin with.
So I open it up, and I don't even find any images, just a single asp page. About 500mb. When I opened that up and it finally loaded, I saw the most horrendous things ever.

The first 500 lines was just initializing empty vars. Then there was some code that created an empty form with an onChange event that submits the form. After that.. it was just non stop nested if's. No loops, no while, for, foreach, NO elseif's, just nested if's, for every possible combination of the state the form could be in. Abou 5000 of them, in a single file. To make matters worse, all the form ( and page ) layout was hardcoded in the if's. Includes inline css, base64 encoded images, nothing but as dynamic, based on the length of the form he changes the layout, added more background etc. He cut the images up for every possible size of the page and included them in the code.

I showed it to my boss, he fired the guy on the spot. I redid the work from scratch, in under 4 hours. Send it to the client. they had no ammends to make, happy as Larry. Whish I kept the code somewhere.

Morale of the story, allways do a coding test on interviews, even if small things just to sanity check.

Backend devs (and yes, even full-stack folks) who naively dismiss the nuance of a frontend dev role have clearly never tried to do a really good job at it. Or, don't realize the fullness of the responsibilities, more like.

Frontend devs have to reconcile all the requirements (and sometimes whims) of the following people:
- End Users, obviously
- Desires of Business stakeholders
- Visual Designers
- UX (Yes, it's a different discipline from vis design)
- Fellow frontend devs
- Performance budgets
- Accessibility specialists
- Content Authors (if using a CMS)

And rarely are they ever ALL aligned. Some days, it feels less like development and more like brokering deals and compromises.

A time I (almost) screamed at co-worker?
Too many times to keep up with.

Majority of time its code like ..
try
{
using (var connection = new SqlConnection(connectionString))
{
// data access code that does stuff
}
catch (Exception e)
{
// Various ways of dealing with the error such as ..
Console.WriteLine("Here");
ShowMessage("An error occured.");
return false;
// or do nothing.
}
}

Range of excuses

- Users can't do anything about the error, so why do or show them anything?
- I'll fix the errors later
- Handling the errors were not in the end-user specification. If you want it, you'll have to perform a cost/benefit analysis, get the changes approved by the board in writing, placed in the project priority queue ...etc..etc
- I don't know.
- Users were tired of seeing database timeout errors, deadlocks, primary key violations, etc, so I fixed the problem.

On my tip of my tongue are rages of ..

"I'm going to trade you for a donkey, and shoot the donkey!"
or
"You are about as useful as a sack full of possum heads."

I haven't cast those stones (yet). I'll eventually run across my code that looks exactly like that.

I'm writing a book that teaches everything I have learned in the past 20 years about writing small niche software and selling it.

Need some help from my fellow DevRanters.
Anyone who comments here with something constructive gets a free copy when it's done.

When I say:
"Why don't you just write your own software and sell it to end users"

What is the first thing that pops into your head?

Is it "I don't know how to advertise"
or
"that's a pipe dream"
or
"I tried starting my own business, but _______"
or
"I am doing that, i have this side project "
(how long have you spent on that side project?)

I need to know all your concerns questions fears, skepticism etc around the idea of writing your OWN software.

After 20 years I have like, so much knowledge, but it's sometimes hard to get it all out, UNLESS someone has a question or concern, then, out it comes.

So, I'm going to (hopefully) collect all the questions here ... and answer them, and it'll help me out a lot to extract this knowledge.

A lot of stuff I do without even thinking and realizing all the years it took to even know that.

What would you like to know the most?

You have the skills, you have the know how, you can probably see it in your head, so what's stopping you from making the leap?

ZNC shenanigans yesterday...

So, yesterday in the midst a massive heat wave I went ahead, booze in hand, to install myself an IRC bouncer called ZNC. All goes well, it gets its own little container, VPN connection, own user, yada yada yada.. a nice configuration system-wise.

But then comes ZNC. Installed it a few times actually, and failed a fair few times too. Apparently Chrome and Firefox block port 6697 for ZNC's web interface outright. Firefox allows you to override it manually, Chrome flat out refuses to do anything with it. Thank you for this amazing level of protection Google. I didn't notice a thing. Thank you so much for treating me like a goddamn user. You know Google, it felt a lot like those plastic nightmares in electronics, ultrasonic welding, gluing shit in (oh that reminds me of the Nexus 6P, but let's not go there).. Google, you are amazing. Best billion dollar company I've ever seen. Anyway.

So I installed ZNC, moved the client to bouncer connection to port 8080 eventually, and it somewhat worked. Though apparently ZNC in its infinite wisdom does both web interface and IRC itself on the same port. How they do it, no idea. But somehow they do.

And now comes the good part.. configuration of this complete and utter piece of shit, ZNC. So I added my Freenode username, password, yada yada yada.. turns out that ZNC in its infinite wisdom puts the password on the stdout. Reminded me a lot about my ISP sending me my password via postal mail. You know, it's one thing that your application knows the plaintext password, but it's something else entirely to openly share that you do. If anything it tells them that something is seriously wrong but fuck! You don't put passwords on the goddamn stdout!

But it doesn't end there. The default configuration it did for Freenode was a server password. Now, you can usually use 3 ways to authenticate, each with their advantages and disadvantages. These are server password, SASL and NickServ. SASL is widely regarded to be the best option and if it's supported by the IRC server, that's what everyone should use. Server password and NickServ are pretty much fallback.

So, plaintext password, default server password instead of SASL, what else.. oh, yeah. ZNC would be a server, right. Something that runs pretty much forever, 24/7. So you'd probably expect there to be a systemd unit for it... Except, nope, there isn't. The ZNC project recommends that you launch it from the crontab. Let that sink in for a moment.. the fucking crontab. For initializing services. My whole life as a sysadmin was a lie. Cron is now an init system.

Fortunately that's about all I recall to be wrong with this thing. But there's a few things that I really want to tell any greenhorn developers out there... Always look at best practices. Never take shortcuts. The right way is going to be the best way 99% of the time. That way you don't have to go back and fix it. Do your app modularly so that a fix can be done quickly and easily. Store passwords securely and if you can't, let the user know and offer alternatives. Don't put it on the stdout. Always assume that your users will go with default options when in doubt. I love tweaking but defaults should always be sane ones.

One more thing that's mostly a jab. The ZNC software is hosted on a .in domain, which would.. quite honestly.. explain a lot. Is India becoming the next Chinese manufacturers for software? Except that in India the internet access is not restricted despite their civilization perhaps not being fully ready for it yet. India, develop and develop properly. It will take a while but you'll get there. But please don't put atrocities like this into the world. Lastly, I know it's hard and I've been there with my own distribution project too. Accept feedback. It's rough, but it is valuable. Listen to the people that criticize your project.

A message to designers and developers:

please please please stop being so touchy about your designs/software. The final work is meant to be used/enjoyed by end users, customers, clients, young people, old people, disabled people, short attention span people, irrational people, patient people etc. So if they say it's not good enough accept it go back and make it simpler (not necessarily better but simpler) and move on!!

Stop going into defence mode and start throwing your toys out the pram or giving people the silent treatment.

Sorry just been on the receiving end and boy is childish.

Never launch on the front camera!

There is not a single reason for a mobile phone camera software to launch on the front camera. Programmers of the software might believe it is "smart to memorize the last used camera", but in actuality, launching on the front camera is a common reason for not being able to capture events fast ehough.

Did the developers really think users will say "oh thank you, dear camera app, for not forgetting the last camera I used!" ?

Or, likelier than not, will they end up taking a selfie while the moment passes by behind the phone?

I don't work for Walmart, but they almost put my job in jeopardy today. I have a console app in production that pushes Walmart orders from their marketplace into our system for fulfillment. For half a year, I have handled thousands of orders, but overnight, all customers were getting massive price cuts on products in the Walmart feed! I looked at the data and initially thought it was my error due to using a quotient instead of a product in the code. But upon closer inspection, some fool at Walmart had changed code on their end without telling my team! Broke all the things. Lucky we were able to pull a full stop before we lost disgusting amounts of money, but you would think that a big player like Wally would at least announce a breaking code change to their users. 😲😡

Today I answered 3 not trivial SO questions spending about 30 minutes at each of them, caring about formatting, explanation, sources, documentation, links and tests, and also paying attention at catching questions immediately after they were posted and without other answers by faster users.

End of the day: 0 points

I overhauled an entire program, and everyone is really happy with the results. But the best part, I predicted that it would take 2 months to complete, and then I completed it in two months.

The overhaul was a beast, mind you; swimming through backend spaghetti code and having to redo the entire front end was tiresome, but I'm happy with the results.

More importantly, i'm really happy that people are no longer complaining about crashes. Our original program suffered from some really horrible crashes; some crashes that couldn't even be explained by stackoverflow. Whatever I did during the overhaul corrected for these weird errors.

Time to celebrate. Before more minor bugs are found by users. (i.e. Universe always makes a better idiot)

Rant about IT teacher

(This happened a few months ago)

I go to highschool and in ninth grade you learn about Excel and databases in general. In the first half of the year we learned how to use excel and in the second part of the year we learned about SQL databases.
So we learned SQL and how to set up a database using LibreOffice Base. At the end of the year we had to do one final project which was setting up a database and writing some queries.
We had to do it in groups of two and we had to choose for what we wanted to make a database.
We had like 5 minutes time to discuss it in the groups and me and my friend decided to do something like GitHub, so a database with tables for all the users, repositories, etc.
Then we had to tell our teacher what we wanted to do. Others made databases for hospitals, shops, netflix, app stores. The teacher asked the other groups, they told him what they wanted to do and he wrote it down. Here is how it went down with my group:
Teacher: So what do you want to do?
Me: A database for something like GitHub
Teacher: For what?
Me: GitHub
Teacher: what?
Me (very slowly): G I T H U B
Teacher: what is github?
Me: ...
(I was very surprised that he didn't know GitHub)
Me: well, you can upload files and work on them together with other people. There are also things like branches...
Teacher: Ah ok, so a cloud service
(I was done and wanted to end the conversation)
Me: Yes... it's a cloud service...
(Me in my mind: why do i have to be here)

We named our project 'GitGud', a little bit passiv aggresive.

Yeah so apparently my IT teacher doesn't know GitHub, however he installed Ubuntu on some of the school computers so I guess that's nice

We got an A so that's good.

Why is it that so many developers have trash tier hardware? Sometimes I feel like 90% of developers are hardware retards. You work on a computer all day why the fuck are you running one from the early 2,000's that takes a year to boot and can barely run the applications you need? Hardware is a lot cheaper than time and better hardware will save a huge amount of time. And why the fuck do so many devs use laptops? Trashy little craptastic aluminium shit cans folding under the weight of the heat they produce. The more work you do the slower they go. Meanwhile I sit back on my heavily over clocked, water cooled, desktop and fly through workloads that laptop users wouldn't begin to be able to think about. So basically buy a desktop with high end hardware and you'll be amazed what you can get done and how much less painful stuff will be. And if you need to go mobile just grab a Chromebook and remote into your desktop. You'll be happy you did.

I told you fucking moron clients doing that "little" change would be complicated and in the worst case it would end fucking up your whole spaghetti crap. A really HUGE spaghetti monster of that you aren't aware because you guys don't know a shit about coding conventions.

*Clients call me complaining about their software is broken*

-Hey, we're in serious trouble. Our users aren't being able to see the proper calculated values. Why that little change had so much side effects?
- I already told you why.
- Can you fix it asap? Our clients are complaining.
- No. Deploy an old copy of the affected modules while you give me a prudent time to refactorize that crap.
- Refactorize?
- ...

I used to work in their place, 3 years later I quit that crappy job and decided to make them my clients. I escaped from the micromanaging thing but I didn't from their ugly practices.

Anyways, I have to fix this shit asap. Money talks, at least until I can find a better client.

I'm still studying computer science/programming, I still have one year to do in order to graduate (Master). I am in a work study program so I'm working for a company half of the time, and I'm studying the other half. It is important to mention that I am the only web developer of the company

When I arrived in the company 9 months ago, I was given a Vue project which had been developed by a trainee a few weeks before my arrival and I was asked to correct a few things, it was mostly about css. Then, I was ask to add a few functionalities, nothing really hard to code, and we were supposed to test the solution in a staging environment, and if everything was ok, deploy it to prod.

However, the more I did what I was asked, the more functionalities I had to implement, until I reached a point where I had to modify the API, create new routes, etc. I'm not complaining about that, that's my job and I like it. But the solution was supposed to be ready when I arrived, it was also supposed to be tested and deployed.

The problem is, the person emitting these demands (let's call him guy X) is not from the IT service, it's a future user of the website in the admin side. The demands kept going and going and going because, according to him, the solution was not in a good enough state to be deployed, it missed too many (un)necessary features. It kept going for a few months.

The best is yet to come though : guy X was obviously a superior, and HIS superior started putting pressure on me through mails, saying the app was already supposed to be in production and he was implying that I wasn't working fast enough. Luckily, my IT supervisor was aware of what was going on and knew I obviously wasn't to blame.

In the end, the solution was eagerly deployed in production, didn't go through the staging environment and was opened to the users. Now, guy X receives complaints because none of what I did was tested (it was by me, but I wasn't going to test every single little thing because I didn't have time). Some users couldn't connect or use this or that feature and I am literally drowning in mails, all from guy X, asking me to correct things because users are blocked and it's time consuming for him to do some of the things the website was doing manually.

We are here now just because things have been done in a rush, I'm still working on it and trying to fix prod problems and it's pissing me off because we HAVE a staging environment that was supposed to prevent me from working against the clock.

On a final note, what's funny is that the code I'm modifying, the pre-existing one needs to be refactored because bits and pieces are repeated sometimes 5 times where it should have been externalized and imported from another file. But I don't know when and if I will ever be able to do that.

I could have given more context but it's 4am and I'm kinda tired, sorry if I'm not clear or anything. That's my first rant

!!!rant

Most exited I've been about some code? Probably for some random "build a twitter clone with Rails" tutorial I found online.

I've been working on my CS degree for a while (theoretical CS) but I really wanted to mess with something a bit more practical. I had almost none web dev experience, since I've been programming mostly OS-related stuff till then (C). I started looking around, trying to find a stack that's easy to learn since my time was limited- I still had to finish with my degree.

I played around with many languages and frameworks for a week or two. Decided to go with Ruby/Rails and built a small twitter clone blindly following a tutorial I found online and WAS I FUCKING EXITED for my small but handmade twitter clone had come to life. Coming from a C background, Ruby was weird and felt like a toy language but I fell in love.

My excitement didn't fade. I bought some books, studied hard for about a month, learned Ruby, Rails, JavaScript, SQL (w/ pg) and some HTML/CSS. Only playing with todo apps wasn't fun. I had a project idea I believed might be somewhat successful so I started working on it.

The next few months were spent studying and working on my project. It was hard. I had no experience on any web dev technology so I had learn so many new things all at once. Picked up React, ditched it and rewrote the front end with Vue. Read about TDD, worked with PostgreSQL, Redis and a dozen third party APIs, bought a vps and deployed everything from scratch. Played it with node and some machine learning with python.

Long story short, one year and about 30 books later, my project is up and running, has about 4k active monthly users, is making a profit and is steadily growing. If everything goes well, next week I'll close a deal with a pretty big client and I CANT BE FKING HAPPIER AND MORE EXCITED :D Towards the end of the month I'll also be interviewed for a web dev position.

That stupid twitter clone tutorial made me excited enough to start messing with web technologies. Thank you stupid twitter clone tutorial, a part of my heart will be yours forever.

I begin with the optimism and the joy that I am creating something new that will improve people's lives.

I listen to the user and analyze the current process in depth.

I try to suggest additional value to the system for the users consideration. Sometimes they do not realize we can improve 10x rather than 2x.

I learn what the users goals are and what they want out of the system. We think about reports and downstream value. Sort of working from the end to the beginning (data ingests and upstream processes that will feed the system).

After the user signs off on the requirements and deliverables and I have a realistic project plan I begin to code.

It works and has worked for me every time for a long long time.

MySQL 5.5 end of life’d in 2010. In 2021 my company started an upgrade to 5.6. The outdated dependencies meant we needed 25 engineers for 2 months full-time to make the upgrade as invisible to users as possible. We still took about 90 minutes of downtime on cutover day. Not upgrading MySQL on time meant we paid way more in terms of engineering hours. The reason we call it debt, is because you pay interest when you don’t tKe care of it right away.

Multi User, One Account, and other shit

I'm gonna rant about something as a user, and someone who makes stupid web stuff.

My bank has been updating their web banking over time and they decided that every individual on an account, should have their own login. They really want to push this on their users, I suspect specifically folks like me and my wife who share one login for the joint accounts we have at the bank together.

Why share one login, because it's the only sure fire way I know that I and my wife can see all the same shit no doubt about it.

The banks never tell you what you can see or can't with joint accounts, I doubt it is even documented on their end, but in every damn case something is hidden or different in some weird way.

Messages to the bank people? If I send it, my wife often can't. I get that for security reasons that's a thing, but it makes no sense for a joint account.

ANY difference to me breaks online banking ENTIRELY. Joint accounts are supposed to be... well one account that is the same.

Other banks we used where we had different logins for the joint account, each login actually had separate bill pay accounts per user. So if I went to bill pay and scheduled something to be paid, my wife had no idea, same if she did.

Right fucking there, banking is just broken entirely!

So no Mr. Bank, fuck you we're both logging in via the same login.

Fast forward to N00bPancakes making a thing.

So my employer has a customer (Direct Customer). Direct Customer wants a thing that makes communication with their customer (Indirect Customer) easier.

The worst thing about making something for your customer's customer is that Direct Customer always imagines that Indirect Customer is gonna be super ninja power users....

But no, that's not the case... in fact almost nobody is a power user, and absolutely nobody WANTS to be a power users.

Worse yet in my case the only reason this tool exists is because Direct Customer and Indirect Customer can't communicate well enough anyway... that should tell you something about the amount of effort Indirect Customer is willing to expend.

So with that tool, this situation constantly comes up:

Direct Customer thinks it would be great if every user from Indirect Company had some sort of custom messaging, views, and etc in of Cool Communication Tool. The reason is because that's what Direct Customer loves about Ultra Complex Primary Tool that they use ....

Then I have to fight the constant fight of:

NOBODY WANTS TO BE A POWER USER, NOBODY EVEN WANTS TO DO MUCH OF ANYTHING ON THE INTERNET THAT ISN'T SCREAMING AT OTHER PEOPLE OR POST MEMES OR WATCH SHITTY VIDEOS. THE MOMENT ANYONE AT INDIRECT COMPANY LOGS IN AND SEES ANY INFO THAT IS DIFFERENT FROM THEIR COWORKER THEY'LL SHIT THEMSELVES, FLOOD EVERYONE WITH 'OH GAWD SOME NON SPECIFIED THING IS WRONG' AND RESPOND TO EMAILS LIKE A JELLYFISH DROPPED OFF IN NEW MEXICO... AND NOTHING WILL GET DONE!!!

God damn it people.

Also side rant while I'm busy fighting the good fight to keep shit simple and etc:

People bitch about how horrible the modern web is and then bitch at web devs like we're rulers of the internet or something.... What really pisses me off about that is other devs who do that.... like bro, do you make policy at your company? You decide not to sell some info or whatever shit your company sells? Like fuck off with your 'man I miss html' because you got scared by some shitty JS error and ran back to your language of choice and just poked your head out of the the basement and got scared... and you shit on another developer about that? Fuck you.

I don't consider myself a guru in JavaScript (hell I studied theoretical chemistry), but I do hate much of the rationalization behind building a Jenga stack of libraries, frameworks, dependencies... for building everything web related.

Many of the problems I see people solving with these giant stacks could be easily solved understanding how websites work (html, css, js and how interact with each other) with no dependencies giving smaller (for end users at least) and more maintainable code (in the sense it would not require updating dependencies that may be discontinued...)

I do imagine situations where these are ideal... Since there are not absolutes and developing is very context sensitive, but man if I have js article fatigue for ridiculous scenarios.