As a long-time iPhone user, I am really sorry to say it but I think Apple has completed their transition to being a company that is incompetent when it comes to software development and software development processes.

I’ve grown tired of hearing some developers tell me about Apple’s scale and how software development is hard and how bugs should be expected. All of those are true, but like most rules of law, incompetence and gross negligence trumps all of that.

I’m writing this because of the telugu “bug”/massive, massive security issue in iOS 11.2.5. I personally think it’s one of the worst security issues in the history of modern devices/software in terms of its ease of exploitation, vast reach, and devastating impact if used strategically. But, as a software developer, I would have been able to see past all of that, but Apple has shown their true incompetence on this issue and this isn’t about a bug.

It’s about a company that has a catastrophic bug in their desktop and mobile platforms and haven’t been able to, or cared to, patch it in the 3 or so days it’s been known about. It’s about a company, who as of a view days ago, hasn’t followed the basic software development process of removing an update (11.2.5) that was found to be flawed and broken. Bugs happen, but that kind of incompetence is cultural and isn’t a mistake and it certainly isn’t something that people should try to justify.

This has also shown Apple’s gross incompetence in terms of software QA. This isn’t the first time a non-standard character has crashed iOS. Why would a competent software company implement a step in their QA, after the previous incident(s), to specifically test for issues like this? While Android has its issues too and I know some here don’t like Google, no one can deny that Google at least has a solid and far superior QA process compared to Apple.

Why am I writing this? Because I’m fed up. Apple has completely lost its way. devRant was inaccessible to iOS users a couple of times because of this bug and I know many, many other apps and websites that feature user-generated content experienced the same thing. It’s catastrophic. Many times we get sidetracked and really into security issues, like meltdown/spectre that are exponentially harder to take advantage of than this one. This issue can be exploited by a 3 year old. I bet no one can produce a case where a security issue was this exploitable yet this ignored on a whole.

Alas, here we are, days later, and the incompetent leadership at Apple has still not patched one of the worst security bugs the world has ever seen.

I fucking hate toxic positivity. Every fucking corporation pushes the notion that "lifE iS aWeSomE, wE cArE abOuT pEoPle" and other such bullshit, and when you point it out, they call you a bad, toxic person.

No, you don't care about your community, let alone the whole world. You're just trying to make people believe that spyware, wage slavery and being fired by a neural network is the norm. You're making money off of those who don't have a choice.

If you account all people, not just American white rich 1%, it turns out that for the vast majority of people life is either an uphill battle or straight up nightmare. People are working in shifts and have no time or emotional resource to spend on themselves. Most of the people can't afford a house or a flat. Even those who can still suffer from mental illnesses, to the point where there are more mentally challenged people than mentally healthy ones. The word "neurotypical" meaning "mentally healthy" is wrong.

You want nothing but to sell your stuff and earn more money off of Chinese and Indian factory workers who work 16-hour shifts. Maybe your life is great, but aggressively pushing this notion is a big, wet spit in the face of humanity.

Fuck you. Fuck your space rockets. Fuck your twitter accounts. Fuck your institutionalized exploitation of the weak. Fuck your products. Fuck your "open source". Fuck your "GDPR compliance". Fuck your offshores, your hedge funds and your tax evasion. Fuck your bailouts. Fuck your ships spilling tons of crude oil, fuck your factories, fuck your slave labor, fuck your anti-suicide nets in Chinese dormitories.

One day, because of you, our planet will become unlivable. You will hop into your fancy space rocket to go to that top-1% elite Mars colony. Nice job.

But I will pray for a solar flare to hit you and turn you and your fucking rocket into radioactive ash.

Dear people who think Microsoft buying GitHub is fine because Microsoft is more supportive of open source than before.

Here's the facts.

1) Microsoft is a large tech company investing in many things. That's a fact.

2) If Microsoft were to exploit GitHub, it would be a benefit to other departments in Microsoft. This is also a fact.

(For example, if tomorrow GitHub was tied to azure or some annoying shit like that.)

3) If such exploitation occurs, it will most likely be to the detriment of the free community of developers. This is a highly probable outcome.

4) The only question now is this.

"Does Microsoft care about open source enough to cut down on potential profit."

The answer of any sane, unbiased individual had to be no.

This is why people leave GitHub today. It is NOT because some childish hatred for Microsoft. In fact, I would've personally moved out of GitHub if "any" other large tech company had bought it, thereby compromising it's neutrality.

Edit: spelling

Hackathons? No thanks, I don't participate in self exploitation tournaments.

Clicks "Exploitation and Enumeration" category.
Clicks "Python (HARD)" challenge.

"What is a key that passes the code?"

Opens Python file and sees one line of nested lambda expressions spanning 1,846 characters (no spaces)
*Cries*

Putty remote executuon vulnerability(no patch yet)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to unspecified input validation error when processing data, received from SSH server. A remote attacker can trick the victim to connect to a specially crafted SSH server and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

"What's new" for the latest MIUI update on my phone. I wonder how they finally managed to convince the alarm clock to work on holidays. 🤔

Websites that show a notification dot the first time I visit with zero interaction from my end: I hope you die. This is terrible exploitation of UX, and unless I really need something, I'm leaving the site within seconds.

I have mixed feelings about Qbit research. On one hand, I want it to be open source as much as possible. But the the same time, we give "them" faster access to faster and easier manipulation and exploitation of many things than ever.

(edit: grammar, I'm drunk)

(Part 2/2?)

THE RAT-RACE ARC:

I get a mail 2 months into this fiasco telling me to register on their website and take up another test. I was already over with my emergency and was working my full-time default. (Fortunately I found another internship during this time which was one of the best initiatives I've worked with).

It asks me to register as a new user, take up the test and "share" my results. Not pushing it on insta/fb but legitimately share my test results link to my friends manually like a referral code. The more shares the more marks I'll get in the test. Why the test you ask. Of course to sign you up for the same Whatsapp trickery bullshit.

Luckily these nutcases didn't know they could be bypassed. I simply opened the link in incognito and logged in with my own account and that counted as a point. So I automated that shit.

Surprise surprise. The same fucking "Hello everyone" message into my mail. To my surprise I was relatively lucky to get ghosted after my attempt. This story is quite depressing in general cases. You're supposed to do this assignment shit for 2 months and then they ask for 2000 INR for a training period, past which you are paid between 1000/- and 7000/-. Though I didn't get the chance but I'm willing to bet you get 1000/- per month in a 2-MONTH INTERNSHIP. WTF.

You also have the other option of ranking first in their 3 consecutive competition that they hold. The theme is again to create chunks of their actual outsourced work.

WHY NOW:

The reason why this rant sparked is because I recently received an email with my results of the aptitude exam that I first took before the Whatsapp fiasco. I imagine they just pushed out a new update to their test thingy and forgot to set it's limit.

THE CORRECTION ARC:

I pushed this message to Internshala. They were kind enough to remove them from their website. I also shot down their Angel and Indeed listings. I sent a strongly worded email counting their con-artist operations and how I've alerted authorities (obviously a bluff but I was enjoying it). They most probably are not affected by this though. They might still be continuing their operations on their website.

I'm sharing the story here with the moral of:

Don't do jackshit if they're not compensating you for it

Always check for reviews before you start working at a place.

Be cautious of bulk messages (and the infamous HEY GUYS!! opening)

Don't do anything outside your work specification at least while doing an assignment.

You're free to question and inquire respectfully about the proceedings.

If you're good at your job you'll get good working place. No need to crush yourself with an oppressive job due to external restrictions.

And if you manage a company, please don't take advantage of helplessness.

There's no good ending to this tale as I have not received a follow-up. Though I want to see scumbags of their calibre shot down without remorse.

Good bye and thank you for listening.

Since graduation, I have worked in IT for 2 years, mostly in testing and implementation side. Finally I got a developer position in the field I wanted (Data Engineering). I had never thought that it would be such a soul crushing experience. My current company is very notorious for its bad management practices, but there is indeed a bigger picture to this. The IT industry in general has devolved into a gigantic ponzi scam built on exploitation and BS. Quality of solution and quality of work was replaced with a ‘Does it work now?’ approach with zero contingency. And the fact that geeks and nerds are naive only helps the white collar crooks to exploit them as code monkeys. Fuck all of this!

I don't really know what I should be feeling right now.

So its been 2 years at my company and im still considered a junior dev. There's a pay freeze, meaning there's no chance for me to move up the ladder.

And yet, as of today, I am being asked to head up both the design AND development of a prototype file cloud sync engine that will replace our current sync application that's been worked on for 4+ years now (yeah, its legacy). And I'm 100% on my own, at least for a while, untill someone else comes around.

I still reside under the title 'junior dev' and am paid as such. I don't mind challenges, but this just feels like a bit much. Heck, I'm sure maybe I could even do it too, but I don't feel like im being compensated or given a higher title to reflect that sort of responsibility. I've tried to tell my manager I don't feel comfortable with this, but they've insisted I head this up.

I feel kind of locked up inside, I don't even really want to start working on it because I feel angry that I would be given such a huge project to do all on my own, while being called a junior, and without anyone to fall back on.

What should I do? Do I refuse the responsibility? Do I see it as a challenge that will help me grow? Or do I see it as an exploitation?

Finally ordered "Hacking: The Art of Exploitation" from Amazon :) Really looking forward to this new read!

I read this rant on Quora. Is this true ?

“The IT industry has devolved into a gigantic ponzi scam built on exploitation and BS. Quality of solution and quality of work was replaced with a ‘Does it work now?’ approach with zero contingency.
And the fact that geeks and nerds are naive only helps the white collar crooks to exploit them as code monkeys.”

SCRUM it’s just another form of exploitation.

I just got a call from Satya. He informed me that Microsoft has successfully acquired the Linux kernel and all future development will be closed sourced.

Here's a sneak peek of the official announcement:

There will be a newer version released tomorrow that will include the Windows desktop environment as well as patch a critical 0-day security flaw that was recently discovered in all versions of Linux.

To prevent exploitation, we will activate a kill switch which will disable all systems running any flavor of Linux next week.

Thus we advise you upgrade ASAP, existing users can get the latest version online for $500.

So I’m reading this book called Hacking: The art of exploitation and I’ve got to admit. It’s one of my favourite books I’ve read. It really gets into the nitty gritty of how programs are laid out in memory and goes over how assembly works, among some other low level concepts. Highly recommend.

Today my teacher said to not even touch our PC's because we can destroy them... It's not like we're already 18 and he's supposed to teach us how to use and repair them because the school subject is called "exploitation of computer technology devices". Also he said we can use books while exams so I wasted my time on learning where is every option in kmail, hopefully there was more questions about terminal and FTP... (I wanted to pass this exam with my own knowledge to learn anything and there's my 100%). This guy is so annoying :/

If a pentester find a very critical bug and the boss is not aware of him knowing this type of exploitation (no one is expecting him to find such flaws)

Should he report it ? Or reporting will make him suspicious ?

PHP is so insecure and vulnerable that it makes me feel unsafe. It has so many features and settings that can lead to security risks, such as register_globals, magic_quotes, and allow_url_fopen. It also has so many functions that can execute arbitrary code or commands, such as eval, exec, and system.

It is like PHP was designed by a bunch of hackers who wanted to exploit every possible loophole.

How can I efficiently learn from a book?

For example: I recently bought the books Violent Python and the art of exploitation. Just read those books, try to understand it and then pratice?

just another day of developer exploitation

!dev

Personal rant, but as one shouldn't bottle up emotions, probably not so bad idea....

Started with diet and exercise in the vacation, as finally a certain thing starting with C calmed down...

Its maddening how fucked up the world is. Now as a lil private info (that might not be so unknown, shared multiple times here) - my body is a train wreck.

Lungs are fucked, muscle distrophy, some other things are fucked.

I'm the kind of thing every gym trainer dreads - the client that needs not only a lot of ass whooping, but also has a lot of problems that need to be taken care of.

Which is why I rather do exercise at home, cause... My experiences with humans in gyms are bad. Most trainers behave like fucking chimpanzees screaming commands while not listening what one tells them...

First challenge: Find a low impact cardio training.

What one mostly finds is a female chick (which is sad cause I like men more for obvious reasons), that should gain some weight, screaming at ya how great sport is while jumping around like a bunny on ecstasy.
Low impact isn't really low impact when you jump around, lil bunny... And it isn't low impact when you just let yourself fall to the floor and start doing push ups.

If an obese person like me did that, it would end in pain, frustration and an empty fridge TM.

So one has to painfully look and skip through 20 min vids of "Non low impact low impact YouTube / ... vids" to find one that is doable without wrecking the body even further... Yaaaay. That makes one totally not feel depressed :-)

The other thing that I always hate is dieting. Note that I don't have to change much - I'm basically on a diet since years, holding weight the whole time.

The jolly fun is that I can't take off with just an diet. If you never heard that such thing is possible, a lil advice: It is possible. Nothing hurts more than being told that eating less solves all problems magically - cause it doesn't.

What I usually need is added protein, as I suffer from muscle dystrophy in my left side. (hence the low impact vids).

If you go to a grocery store, you most likely find *tons* of protein stuff.

The fun thing is that roughly 80 % of that are - like all things in a supermarket - completely bullshit.

I know one could avoid using protein powder / ... - but that makes dieting a very very very hard task, as one has to not only do a lot of planning, but cooking and eating becomes a depression palooza... It just doesn't make fun when you have to scale components for every meal or force yourself to eat e.g. 250 g of low fat curd cheese to gain the necessary proteins.

Why is supermarket stuff so shitty....

Added sugar / saccharides . When one has been dieting for long for health reasons, one finds out pretty quick that most products (especially those labeled as healthy / fat reduced / "weight loss") are perfectly made to lead to a sugar crisis and binge eating.

I've found protein drinks containing up to 25 g of sugar per drink (330 ml).

A coke has 27 g of sugar per 250 ml...

:) Now isn't that jolly...

I've found my stuff of joy not so long ago (not advertising here, but depending on flavor it has only up to 3 g (!)) of sugar per drink)...

It just annoys me and pisses me off how much money is made - in my opinion deliberately - on the suffering of other people...

Most laws by the way end up being blocked by lobbyists - most nutrient scores etc are just "wrong" or better to unspecific... Making exploitation pretty easy.

It's funny how everyone has an opinion on obese people, everybody is pointing fingers and explaining how stupidly easy it is to take off... And at the same time no one gives a damn about shit like that.

That's all folks. Feeling better now.

By the way, I'm doing fine. I lost 7 kg already, though the train wreck of body was pretty pissed the last two weeks as everything hurts.

Another reason why motivational speeches are dumb in videos: Pain isn't fun. :)

Dev ranting about US foreign policy. Trigger warning!

US has a track record of funding the bloodiest regimes, funding terrorists and then using it to create problems for neighbouring regions. I'll tell you step by step how that's done.

1. Look for opposition in non-aligned/sovereign or even-allied country but opposing viewpoints. (Remember spying on German chancellor, Merkel?)
2. Covertly provide them support (providing fundings, potentially arming them).
3. Slow media propaganda, claim the country is undemocratic.
4. Opposition might stir things up.
5. Paint the current leadership in the sovereign country same as Hitler.
6. Continuous bombardment of propaganda using MSM like CNN, MSNBC, Fox, France24, or bribed insiders.
7. Once the regime is finally toppled, black out the media, and see deals can be made with the opposition (Oil, Military bases, or whatever)
8. Reality: these countries are worse now, but no media coverage because exploitation is complete and no-one gives a shit about democracy or whatever. (If you watch few videos about Iraq, Libya their own people says they shouldn't have toppled their leader.).

What is the best source for learning x86 asm and binary exploitation? Got any recommendations for me? (books?) I already know godbolt.org I'd also be interested in optimisation.

HOW TO HIRE A HACKER TO RECOVER SCAMMED CRYPTO HIRE ADWARE RECOVERY SPECIALIST

The journey towards recovering lost or stolen cryptocurrency can often feel like a perilous trial, fraught with uncertainty and the ever-present risk of falling victim to malicious scams. Website info: https ://adware recovery specialist. com
This was the experience I faced when I found myself in the midst of an Ethereum (ETH) recovery ordeal, navigating a maze of false promises and deceptive tactics. WhatsApp info:+12723 328 343
Just when hope seemed to dwindle, a glimmer of light emerged in the form of ADWARE RECOVERY SPECIALIST, a service that would prove instrumental in guiding me through the treacherous waters of crypto recovery. What began as a straightforward attempt to reclaim my rightful ETH holdings quickly descended into a disheartening encounter with a sophisticated hoax. Seemingly legitimate recovery "experts" emerged from the shadows, offering their services and assurances of a swift and successful resolution. Lured by their convincing rhetoric and the prospect of regaining my lost assets, I entrusted them with sensitive information, only to watch helplessly as they vanished into the digital ether, taking my ETH with them. Email info: Adwarerecoveryspecialist@ auctioneer. net The emotional toll of this betrayal was immense, as I grappled with the realization that my efforts had been thwarted by unscrupulous individuals exploiting the vulnerabilities of the crypto landscape. Just when I had resigned myself to the possibility of a permanent loss, I discovered ADWARE RECOVERY SPECIALIST, a service that would ultimately prove to be my salvation. Unlike the charlatan recovery "experts" I had encountered, ADWARE RECOVERY SPECIALIST approached my case with a level of professionalism, empathy, and unwavering commitment that restored my faith in the recovery process. Through their meticulous investigations, cutting-edge techniques, and dogged determination, they were able to trace the path of my stolen ETH and orchestrate its safe return to my rightful possession. The trial of recovery had been arduous, marked by setbacks and the constant threat of further exploitation. Yet, with the steadfast support of ADWARE RECOVERY SPECIALIST, I emerged from this ordeal with a renewed appreciation for the resilience of the human spirit and the power of legitimate, ethical service providers to navigate the complex and often treacherous world of cryptocurrency recovery. Telegram info: https ://t.me/adware recovery specialist1 This experience has forever shaped my understanding of the crypto ecosystem and the importance of exercising caution and discernment when seeking assistance in such matters. To anyone facing the same heart-wrenching situation, don't waste any more time or money on companies that are only interested in making empty promises. ADWARE RECOVERY SPECIALIST stands as a beacon of professionalism in a field often riddled with scams. Their efforts are genuine, their expertise is unmatched, and their results speak for themselves. Thanks to them, my ETH is back where it belongs, and I couldn’t be more grateful.

Get in Touch with them via info below
WhatsApp +12249352948
Email: chat@botnetcryptorecovery.info

My recent experience with B O T N E T C R Y P T O R E C O V E R Y has not only restored my faith in humanity but also reaffirmed my belief in the power of perseverance and compassion. As a seasoned doctor based in Atlanta, Georgia, I've encountered countless individuals who have fallen victim to online scams, their lives irrevocably altered by the devastating consequences of trusting the wrong entity with their personal and financial information. It was one such patient, suffering from Tinnitus, whose harrowing ordeal compelled me to seek out assistance from B O T N E T C R Y P T O R E C O V E R Y. From the moment I reached out to (chat@botnetcryptorecovery.info), I was met with professionalism, empathy, and unwavering dedication to righting the wrongs inflicted upon innocent victims. Their team, composed of cybersecurity experts and digital investigation specialists, wasted no time in assessing the situation and formulating a comprehensive strategy to recover my patient's lost funds. What truly sets B O T N E T C R Y P T O R E C O V E R Y apart is their genuine concern for their client's well-being. Despite being strangers to my patient and me, they approached our case with the same level of urgency and care as if it were their own loved one in distress. Their commitment to transparency and communication throughout the recovery process served as a beacon of hope during what would otherwise have been a dark and uncertain time. Beyond their technical prowess and strategic acumen, B O T N E T C R Y P T O R E C O V E R Y operates with integrity. They understand the importance of fostering trust and confidence in their clients, especially those who have been victimized by unscrupulous individuals preying on their vulnerabilities. Their emphasis on educating clients about the risks associated with online interactions underscores their dedication to not only resolving immediate crises but also preventing future harm. As someone who has dedicated her life to healing and protecting others, I cannot overstate the impact of B O T N E T C R Y P T O R E C O V E R Y intervention in my patient's life. Not only did they succeed in recovering over USD 69,000 in stolen funds, but they also restored a sense of hope and justice that had been shattered by deceit and exploitation. In an industry plagued by skepticism and doubt, B O T N E T C R Y P T O R E C O V E R Y stands as a beacon of integrity, compassion, and excellence. Their unwavering commitment to their client's well-being sets a standard for ethical conduct and professionalism that should be emulated by all who seek to make a positive difference in the world. I endorse B O T N E T C R Y P T O R E C O V E R Y to anyone who finds themselves ensnared in the tangled web of online scams and fraud. Their expertise, empathy, and integrity are unparalleled, making them a trusted ally in the fight against cybercrime. With B O T N E T C R Y P T O R E C O V E R Y by your side, there is justice, restitution, and ultimately, healing.

Online investment schemes have become increasingly popular, promising high returns with minimal effort. However, it is crucial to be aware of the significant risks associated with these schemes. Many online investment platforms, particularly those in the cryptocurrency space, operate with limited regulation and oversight, which makes them fertile ground for scams and fraudulent activities. Recent personal experiences have underscored these risks, highlighting the importance of vigilance and due diligence when engaging in online investments. My unfortunate journey began with a company called "CryptoTX," which presented itself as a legitimate crypt0currency trading platform. Initially, I was drawn in by the promise of lucrative returns and was reassured by my assigned account manager, Sarah Malone. She portrayed CryptoTX as a reputable firm with a track record of success. During our interactions, I mentioned my previous experience with another online trading platform, "Click’s Dealer." I had encountered significant issues with Click’s Dealer, and Sarah Malone assured me that it was a scam, further reinforcing my trust in CryptoTX. I started with an initial investment of $1,000, which, at first, seemed promising. I saw some trades yielding returns and even experienced what appeared to be substantial profits. Encouraged by these early successes, I decided to invest more, eventually committing a total of $180,000. However, this initial optimism soon turned into a nightmare. The tipping point came when I began to notice inconsistencies in the information provided by Sarah Malone. Each time I was contacted, I was urged to invest more money to cover "bad trades" or to capitalize on supposed new opportunities. Despite my growing concerns, I continued to follow their advice, largely due to the pressure exerted by the account manager and the desire to recover my previous losses. It became clear that CryptoTX promises were unfounded. My investments, which had initially shown some potential for profit, quickly dwindled. I found myself losing all of my hard-earned savings, amounting to a staggering $180,000. This sum represented my life savings, intended to secure my financial future and support me in retirement. The financial loss was devastating, not only due to the amount but also because of the emotional and psychological toll it took on me. In the aftermath of this experience, I realized that the terms and conditions I had agreed to likely included clauses that absolve CryptoTX of responsibility for investment losses. Many online investment schemes use such disclaimers to shield themselves from liability, arguing that investment inherently involves risk and that they cannot guarantee returns. This legal shield makes it challenging to hold them accountable, despite their misleading practices. Determined to recover my lost funds, I explored various avenues for redress. During my search, I discovered GRAYWARE TECH SERVICES, a consultancy and recovery firm that specializes in helping victims of online investment fraud. The firm had received positive reviews for its success in assisting individuals who had been defrauded by unregulated brokers. Deciding to give them a chance, I contacted GRAYWARE TECH SERVICES. Engaging with GRAYWARE TECH SERVICES turned out to be one of the best decisions I made. Their team provided expert guidance and support, working tirelessly to investigate my case and facilitate the recovery of my funds. Through their dedicated efforts, I was able to retrieve a significant portion of my losses, which was a tremendous relief. This experience has underscored the importance of exercising caution when dealing with online investment schemes. Many of these platforms operate with minimal regulation and oversight, making them ripe for exploitation. It is crucial to conduct thorough research before committing funds, be wary of platforms that promise guaranteed returns, and understand the terms and conditions associated with any investment. while the online investment landscape can offer lucrative opportunities, it is fraught with risks and potential pitfalls. Scammers and fraudulent schemes are prevalent, and it is essential to be proactive in protecting oneself from such threats. Educate yourself about common warning signs of fraud, seek professional advice if needed, and remain vigilant to safeguard your financial well-being.

GRAYWARE TECH SERVICES CONTACT INFO: What's App: +447421348767
Best Regards,
Ben Agnes.