Internship number two.

*walks downstairs to get a coffee*
*CTO (my guider) walks in*
CTO: (dead serious face) "linuxxx (not using my first name :P), come with me please"
*walks along to his office, starting to get reallly fucking nervous*
*CTO and me walk into his office, he sits down and looks at me very serious*
*I'm slightly shaking, nervous, sweating*
CTO: "So."
*oh yes here it is its gonna come I did something wrong fuck fml 😫😥😨😩*
CTO: "So you know quite some stiff around security/privacy. Could you tell me some stuff about why I'd want to use VPN and recommend me some good providers? 😀"
😅
*nearly falls onto the ground from relief*

I explained him some stuff and sent him a list of good providers 😀

Senior IT engineer enters the room and quietly talks to a coworker about a job related issue.

Another coworker decided to troll the sysadmin.

CW: *yells* "Open a ticket!" (That's the sysadmin's regular reply)
IT: *ignores*
CW: *trying to get his attention* "Open a ticket first! Then come back"
IT: *gives him the stare of death*
CW: "Go away and open a ticket!"
IT: *silently leaves the room*

After no more than a minute CW gets a reject from all networks outside the company's VPN.

IT comes back into the room, get's intimately close to CW's ear and says "Now open a ticket".

👋

🎤

Tldr :
Office Building : 1
Population: 5000
Number of PC users: 5000
No of Spare mice: 0

Day 1:
Training period commences.
My mouse laser sensor doesn't work.

Solution: Use this mouse to log in to your system.
Open the company portal.
Connect to vpn.
Enter username password.
Create a ticket for mouse replacement.
Done.

Day 3
I bring my own mouse.
Confiscated at security.
Becomes a security violation.

Day 9
I get a call from helpdesk.
Agent- what is the problem?
Me- my mouse is not working.
Agent- why?
Me- what do you mean? Something is wrong with the sensor.
Agent- clean the sensor.
Disconnects call.
Marks ticket as resolved.
Me- WTF just happened!

Naturally, I escalate the issue.

Day 15
Level 2 Agent- what happened? Why have you escalated the issue?
Me- I need a mouse, waiting since 2 weeks.
Him- No mouse is available
Me- you don't have a single spare mouse available in an office with 5000 PC users?
Him- no they're out of stock.
Me- when will it be back in stock?
Him- we will 'soon' launch a tender for quotations from sellers.
Me- time?
Him- 1 week.

Day 34

I email the head of supplies for the city office. Next day I get a used super small mouse, which doesn't have a left button. Anyways, I've given up hope now.

Day 45
I become a master at keyboard shortcuts.
Finish my training.
Get transferred to another city.
No mouse till date.

Surprisingly, this was one of the top recruiters in my country. Never knew, MNCs can be so so inefficient for such simple tasks.
Start-ups are way better in this regard. Latest tech, small community, minimal bureaucracy and a lot of respect and things to learn.

This rant is a confession I had to make, for all of you out there having a bad time (or year), this story is for you.

Last year, I joined devRant and after a month, I was hired at a local company as an IT god (just joking but not far from what they expected from me), developer, web admin, printer configurator (of course) and all that in my country it's just called "the tech guy", as some of you may know.

I wasn't in immediate need for a full-time job, I had already started to work as a freelancer then and I was doing pretty good. But, you know how it goes, you can always aim for more and that's what I did.

The workspace was the usual, two rooms, one for us employees and one for the bosses (there were two bosses).

Let me tell you right now. I don't hate people, even if I get mad or irritated, I never feel hatred inside me or the need to think bad of someone. But, one of the two bosses made me discover that feeling of hate.

He had a snake-shaped face (I don't think that was random), and he always laughed at his jokes. He was always shouting at me because he was a nervous person, more than normal. He had a tone in his voice like he knew everything. Early on, after being yelled for no reason a dozen of times, I decided that this was not a place for me.

After just two months of doing everything, from tech support to Photoshop and to building websites with WordPress, I gave my one month's notice, or so I thought. I was confronted by the bosses, one of which was a cousin of mine and he was really ok with me leaving and said that I just had to find a person to replace me which was an easy task. Now, the other boss, the evil one, looked me on the eye and said "you're not going anywhere".

I was frozen like, "I can't stay here". He smiled like a snake he was and said "come on, you got this we are counting on you and we are really satisfied with how you are performing till now". I couldn't shake him, I was already sweating. He was rolling his eyes constantly like saying "ok, you are wasting my time now" and left to go to some basketball practice or something.

So, I was stuck there, I could have caused a scene but as I told you, one of the bosses was a cousin of mine, I couldn't do anything crazy. So, I went along with it. Until the next downfall.

I decided to focus on the job and not mind for the bad boss situation but things went really wrong. After a month, I realised that the previous "tech guy" had left me with around 20 ancient Joomla - version 1.0 websites, bursting with security holes and infested with malware like a swamp. I had never seen anything like it. Everyday the websites would become defaced or the server (VPN) would start sending tons of spam cause of the malware, and going offline at the end. I was feeling hopeless.

And then the personal destruction began. I couldn't sleep, I couldn't eat. I was having panick attacks at the office's bathroom. My girlfriend almost broke up with me because I was acting like an asshole due to my anxiety issues (but in the end she was the one to "bring me back"(man, she is a keeper)) and I hadn't put a smile on my face for months. I was on the brink of depression, if not already there. Everyday I would anxiously check if the server is running because I would be the one to blame, even though I was trying to talk to the boss (the bad one was in charge of the IT department) and tell him about the problem.

And then I snapped. I finally realised that I had hit rock bottom. I said "I can't let this happen to me" and I took a deep breath. I still remember that morning, it was a life-changing moment for me. I decided to bite the bullet and stay for one more month, dealing with the stupid old server and the low intelligence business environment. So, I woke up, kissed my girlfriend (now wife), took the bus and went straight to work, and I went into the boss's office. I lied that I had found another job on another city and I had one month in order to be there on time. He was like, "so you are leaving? Is it that good a job the one you found? And when are you going? And are you sure?", and with no hesitation I just said "yup". He didn't expect it and just said "ok then", just find your replacement and you're good to go. I found the guy that would replace me, informing him of every little detail of what's going on (and I recently found out, that he is currently working for some big company nowadays, I'm really glad for him!).

I was surprised that it went so smoothly, one month later I felt the taste of freedom again, away from all the bullshit. Totally one of the best feelings out there.

I don't want to be cliche, but do believe in yourself people! Things are not what the seem.

With all that said, I want to give my special thanks to devRant for making this platform. I was inactive for some time but I was reading rants and jokes. It helped me to get through all that. I'm back now! Bless you devRant!

I'm glad that I shared this story with all of you, have an awesome day!

So the new mass surveillance law will be going into effect from the 1st of January.

Of course, since I'm very keen on my security/privacy, I'm going to implement some precautions.

- A few vps's connecting to tor, i2p and VPN provider so that I can always use a secure connection.

- Setup anti tracker/ads/etc etc shit on the VPS's. Probably through DnsMasq and the hosts file.

- Use Tor browser by default. I've tried this for a while now and damn, the tor network has become way faster than only even a year ago! Some pages literally only take a few seconds to load.

- Wipe my laptop, encrypt the harddrive and at least put QubesOS on it together with probably a few other systems.

- Ungoogle my new phone, use it with VPN by default.

- Get rid of all non encrypted communication services. I think that only leaves me with a few account removals because I haven't chatted unencrypted for nearly a fucking year now.

If anyone has any more ideas, please share!

Took yesterday off to sort out a new passport.
Today on the stand:

Manager: "So we've been trying to get app X running on a dev environment for client X but we couldn't expose it to them"

Me: "Well yeah it's a dev environment if you want to give them one give them access to staging"

Manager: "Oh well we're still going to give them access to dev because they asked for it. It's due for 10am but we couldn't get it to run. You have to get it running since we edited the config files"

*accessing dev environment*
half of config files is missing, random files committed to the repo, SSL certs manually edited, eth0 down and found swan vpn installed.

never taking a day off again.

I really, honestly, am getting annoyed when someone tells me that "Linux is user-friendly". Some people seem to think that because they themselves can install Linux, that anyone can, and because I still use Windows I'm some sort of a noob.

So let me tell you why I don't use Linux: because it never actually "just works". I have tried, at the very least two dozen times, to install one distro or another on a machine that I owned. Never, not even once, not even *close*, has it installed and worked without failing on some part of my hardware.

My last experience was with Ubuntu 17.04, supposed to have great hardware and software support. I have a popular Dell Alienware machine with extremely common hardware (please don't hate me, I had a great deal through work with an interest-free loan to buy it!), and I thought for just one moment that maybe Ubuntu had reached the point where it just, y'know, fucking worked when installing it... but no. Not a chance.

It started with my monitors. My secondary monitor that worked fine on Windows and never once failed to display anything, simply didn't work. It wasn't detected, it didn't turn on, it just failed. After hours of toiling with bash commands and fucking around in x conf files, I finally figured out that for some reason, it didn't like my two IDENTICAL monitors on IDENTICAL cables on the SAME video card. I fixed it by using a DVI to HDMI adapter....

Then was my sound card. It appeared to be detected and working, but it was playing at like 0.01% volume. The system volume was fine, the speaker volume was fine, everything appeared great except I literally had no fucking sound. I tried everything from using the front output to checking if it was going to my display through HDMI to "switching the audio sublayer from alsa to whatever the hell other thing exists" but nothing worked. I gave up.

My mouse? Hell. It's a Corsair Gaming mouse, nothing fancy, it only has a couple extra buttons - none of those worked, not even the goddamn scrollwheel. I didn't expect the *lights* to work, but the "back" and "Forward" buttons? COME ON. After an hour, I just gave up.

My media keyboard that's like 15 years old and is of IBM brand obviously wasn't recognized. Didn't even bother with that one.

Of my 3 different network adapters (2 connectors, one wifi), only one physical card was detected. Bluetooth didn't work. At this point I was so tired of finding things that didn't work that I tried something else.

My work VPN... holy shit have you ever tried configuring a corporate VPN on Linux? Goddamn. On windows it's "next next next finish then enter your username/password" and on Linux it's "get this specific format TLS certificate from your IT with a private key and put it in this network conf and then run this whatever command to...." yeah no.

And don't get me started on even attempting to play GAMES on this fucking OS. I mean, even installing the graphic drivers? Never in my life have I had to *exit the GUI layer of an OS* to install a graphic driver. That would be like dropping down to MS-DOS on Windows to install Nvidia drivers. Holy shit what the fuck guys. And don't get me started on WINE, I ain't touching this "not an emulator emulator" with a 10-foot pole.

And then, you start reading online for all these problems and it's a mix of "here are 9038245 steps to fix your problem in the terminal" and "fucking noob go back to Windows if you can't deal with it" posts.

It's SO FUCKING FRUSTRATING, I spent a whole day trying to get a BASIC system up and running, where it takes a half-hour AT MOST with any version of Windows. I'm just... done.

I will give Ubuntu one redeeming quality, however. On the Live USB, you can use the `dd` command to mirror a whole drive in a few minutes. And when you're doing fucking around with this piece of shit OS that refuses to do simple things like "playing audio", `dd` will restore Windows right back to where it was as if Ubuntu never existed in the first place.

Thanks, `dd`. I wish you were on Windows. Your OS is the LEAST user friendly thing I've ever had to deal with.

The stupid stories of how I was able to break my schools network just to get better internet, as well as more ridiculous fun. XD

1st year:
It was my freshman year in college. The internet sucked really, really, really badly! Too many people were clearly using it. I had to find another way to remedy this. Upon some further research through Google I found out that one can in fact turn their computer into a router. Now what’s interesting about this network is that it only works with computers by downloading the necessary software that this network provides for you. Some weird software that actually looks through your computer and makes sure it’s ok to be added to the network. Unfortunately, routers can’t download and install that software, thus no internet… but a PC that can be changed into a router itself is a different story. I found that I can download the software check the PC and then turn on my Router feature. Viola, personal fast internet connected directly into the wall. No more sharing a single shitty router!

2nd year:
This was about the year when bitcoin mining was becoming a thing, and everyone was in on it. My shitty computer couldn’t possibly pull off mining for bitcoins. I needed something faster. How I found out that I could use my schools servers was merely an accident.
I had been installing the software on every possible PC I owned, but alas all my PC’s were just not fast enough. I decided to try it on the RDS server. It worked; the command window was pumping out coins! What I came to find out was that the RDS server had 36 cores. This thing was a beast! And it made sense that it could actually pull off mining for bitcoins. A couple nights later I signed in remotely to the RDS server. I created a macro that would continuously move my mouse around in the Remote desktop screen to keep my session alive at all times, and then I’d start my bitcoin mining operation. The following morning I wake up and my session was gone. How sad I thought. I quickly try to remote back in to see what I had collected. “Error, could not connect”. Weird… this usually never happens, maybe I did the remoting wrong. I went to my schools website to do some research on my remoting problem. It was down. In fact, everything was down… I come to find out that I had accidentally shut down the schools network because of my mining operation. I wasn’t found out, but I haven’t done any mining since then.

3rd year:
As an engineering student I found out that all engineering students get access to the school’s VPN. Cool, it is technically used to get around some wonky issues with remoting into the RDS servers. What I come to find out, after messing around with it frequently, is that I can actually use the VPN against the screwed up security on the network. Remember, how I told you that a program has to be downloaded and then one can be accepted into the network? Well, I was able to bypass all of that, simply by using the school’s VPN against itself… How dense does one have to be to not have patched that one?

4th year:
It was another programming day, and I needed access to my phones memory. Using some specially made apps I could easily connect to my phone from my computer and continue my work. But what I found out was that I could in fact travel around in the network. I discovered that I can, in fact, access my phone through the network from anywhere. What resulted was the discovery that the network scales the entirety of the school. I discovered that if I left my phone down in the engineering building and then went north to the biology building, I could still continue to access it. This seems like a very fatal flaw. My idea is to hook up a webcam to a robot and remotely controlling it from the RDS servers and having this little robot go to my classes for me.

What crazy shit have you done at your University?

Turns out the only thing that was ever needed in order to get IT to fix the VPN was a pandemic outbreak.

Root rents an office.

Among very few other things, the company I'm renting an office from (Regus) provides wifi, but it isn't even bloody secured. There's a captive portal with a lovely (not.) privacy policy saying they're free to monitor your traffic, but they didn't even bother using WEP, which ofc means everyone else out to the fucking parking lot four floors down can monitor my traffic, too.

Good thing I don't work for a company that handles sensitive data! /s But at least I don't have access to it, or any creds that matter.

So, I've been running my phone's connection through a tor vpn and sharing that with my lappy. It works, provides a little bit of security, but it's slow as crap. GET YOUR SHIT TOGETHER, REGUS.

AND WHILE YOU'RE AT IT, CLEAN THE SHIT OUT OF THE FUCKING BATHROOM FFS.

Ugh. $12/day to work in a freaking wind tunnel (thanks, a/c; you're loud as fuck and barely work), hear other people's phone conversations through two freaking walls, pee in a bathroom that perpetually smells like diarrhea, and allow anyone and everyone within a 50+ meter radius to listen to everything my computer says.

Oh, they also 'forgot' to furnish my office, like they promised. Three freaking times. At least I have a table and chair. 🙄

Desk? What desk?
Fucking hell.

Story time!

A little over a year ago I was in the hiring process with a new company and countered their initial offer. I was told by the CTO that it was no problem and they would get back to me soon.

A couple days go by and I'm then informed that they're hiring a new IT director and would like me to interview with him as well. It felt kinda lame since I'd already been offered the job but I rolled with it.

When I showed up to the office for an interview I tried to call and let them know I was there and couldn't get a hold of anyone. 30 minutes later I get a call from the CTO saying they couldn't find the new IT director and when they got him to answer the phone he said he had left early and would call me to do a phone interview.

Obviously the whole experience so far has been pretty lame but I stuck with it because I knew the CTO personally. I did the phone interview and quickly realized this dude was a prick, and would be a terrible boss, but I spoke with the CTO again who told me to stick with it and eventually I did get the job.

Fast forward about a month and it's clear the new director is trash. He literally bragged about firing a dude over an accidental outage (wtf!?).

He had the technical experience you'd expect of a junior help desk and his management skills were pretty clearly sub-par.

He was also, for whatever reason, completely unable to communicate with the only woman on our team. When assigning work he would always feel the need to ask if she could 'handle it' rather than just assigning it to her like it's done for everyone else. He was pretty clearly sexist.

The whole team hates this dude by this point but he's somehow managed to woo the executives into thinking he shits gold.

I was helping him set up a Python venv on his machine when I noticed another VPN client installed which certainly piqued my interest. After a bit of digging it was clear he was using company time and company equipment to continue working for his previous employer.

We turned over logs and he was fired the next day. He tried to add me on LinkedIn afterwards and I have never declined something quicker.

Moral of the story is don't be a dickhead.

Security rant ahead - you have been warned.
It never fails to amuse and irritate me that, despite being in the 2019 supposed information age, people still don't understand or care about their security.
I've travelled to a lot of ports and a lot of countries, but, at EVERY port, without fail, there will be at least one wifi that:
- Has default name/password that has been cracked already (Thomson/SpeedTouch/Netfaster etc)
- Has a phone number as password (reduces crack time to 15-30 mins)
- Someone, to this day, has plain old WEP
I am not talking about cafeteria/store wifi but home networks. WTF people?! I can check my email (through VPN, of course) but it still bugs me. I have relented to try and snoop around the network - I can get carried away, which is bad. Still...
The speed is great though :P

Android, you fucking cunt!

Battery saving, yes it's an important thing. So first you want applications to display a big-ass notification when they're running in the background. Fair enough, it can be hidden away by the user if they want to.

But now there's a big-ass notification and the applications STILL get force closed?!! If I'm browsing Tor and I have Orbot running, don't you think that I might want to KEEP IT RUNNING?!! Or better yet, if I'm connected to my VPN server and the application is actively using the VPNService API, DON'T YOU THINK THAT THAT SHOULDN'T BE CLOSED?!!!

But yeah, ARTIFICIAL FUCKING INTELLIGENCE is doing some leety-ass fucking battery saving. MY FUCKING ASS CAN DO BETTER BATTERY SAVING!!!

The website for our biggest client went down and the server went haywire. Though for this client we don’t provide any infrastructure, so we called their it partner to start figuring this out.
They started blaming us, asking is if we had upgraded the website or changed any PHP settings, which all were a firm no from us. So they told us they had competent people working on the matter.

TL;DR their people isn’t competent and I ended up fixing the issue.

Hours go by, nothing happens, client calls us and we call the it partner, nothing, they don’t understand anything. Told us they can’t find any logs etc.

So we setup a conference call with our CXO, me, another dev and a few people from the it partner.
At this point I’m just asking them if they’ve looked at this and this, no good answer, I fetch a long ethernet cable from my desk, pull it to the CXO’s office and hook up my laptop to start looking into things myself.

IT partner still can’t find anything wrong. I tail the httpd error log and see thousands upon thousands of warning messages about mysql being loaded twice, but that’s not the issue here.
Check top and see there’s 257 instances of httpd, whereas 256 is spawned by httpd, mysql is using 600% cpu and whenever I try to connect to mysql through cli it throws me a too many connections error.

I heard the IT partner talking about a ddos attack, so I asked them to pull it off the public network and only give us access through our vpn. They do that, reboot server, same problems.

Finally we get the it partner to rollback the vm to earlier last night. Everything works great, 30 min later, it crashes again. At this point I’m getting tired and frustrated, this isn’t my job, I thought they had competent people working on this.

I noticed that the db had a few corrupted tables, and ask the it partner to get a dba to look at it. No prevail.

5’o’clock is here, we decide to give the vm rollback another try, but first we go home, get some dinner and resume at 6pm. I had told them I wanted to be in on this call, and said let me try this time.

They spend ages doing the rollback, and then for some reason they have to reconfigure the network and shit. Once it booted, I told their tech to stop mysqld and httpd immediately and prevent it from start at boot.

I can now look at the logs that is leading to this issue. I noticed our debug flag was on and had generated a 30gb log file. Tail it and see it’s what I’d expect, warmings and warnings, And all other logs for mysql and apache is huge, so the drive is full. Just gotta delete it.

I quietly start apache and mysql, see the website is working fine, shut it down and just take a copy of the var/lib/mysql directory and etc directory just go have backups.

Starting to connect a few dots, but I wasn’t exactly sure if it was right. Had the full drive caused mysql to corrupt itself? Only one way to find out. Start apache and mysql back up, and just wait and see. Meanwhile I fixed that mysql being loaded twice. Some genius had put load mysql.so at the top and bottom of php ini.

While waiting on the server to crash again, I’m talking to the it support guy, who told me they haven’t updated anything on the server except security patches now and then, and they didn’t have anyone familiar with this setup. No shit, it’s running php 5.3 -.-

Website up and running 1.5 later, mission accomplished.

I’ve started the process of setting up the new network at work. We got a 1Gbit fibre connection.

Plan was simple, move all cables from old switch to new switch. I wish it was that easy.

The imbecile of an IT Guy at work has setup everything so complex and unnecessary stupid that I’m baffled.
We got 5 older MacPros, all running MacOS Server, but they only have one service running on them.

Then we got 2x xserve raid where there’s mounted some external NAS enclosures and another mac. Both xserve raid has to be running and connected to the main macpro who’s combining all this to a few different volumes.

Everything got a static public IP (we got a /24 block), even the workstations. Only thing that doesn’t get one ip pr machine is the guest network.
The firewall is basically set to have all ports open, allowing for easy sniffing of what services we’re running.

The “dmz” is just a /29 of our ip range, no firewall rules so the servers in the dmz can access everything in our network.

Back to the xserve, it’s accessible from the outside so employees can work from home, even though no one does it. I asked our IT guy why he hadn’t setup a VPN, his explanation was first that he didn’t manage to set it up, then he said vpn is something hackers use to hide who they are.

I’m baffled by this imbecile of an IT guy, one problem is he only works there 25% of the time because of some health issues. So when one of the NAS enclosures didn’t mount after a power outage, he wasn’t at work, and took the whole day to reply to my messages about logins to the xserve.

I can’t wait till I get my order from fs.com with new patching equipment and tonnes of cables, and once I can merge all storage devices into one large SAN. It’ll be such a good work experience.

(Best read while listening to AEnima by Tool, loudly)

Dear Current Workplace,

Fuck you, for the reasons enumerated below.

Fuck your enterprise grey blue offices, the stifling warm air of a hundreds of bodies and sub par "development laptops".

Fuck your shitty carbonated water machines which were a cost saving measure over decent drinkable water.

Fuck your fake "flexi time", "you can do home office whenever you want" bullshit. You're still inviting me to mandatory meetings at 09:00 regularly.

Fuck your shitty, in house, third part IT provider sister company. They're the worst of all worlds. If it was in company, we'd get to give out to them, if it was an external company we'd fire them. And yes, when I quit I will quote the dumpster fire that is our corporate VPN as a major factor.

Fuck your cheery, bland, enterprise communication. Words coming under the corporate letterhead seem to lose all association with meaning. Agile, communication, open are things you write and profess to respect, but it seems your totally lack understanding of their meaning.

Fuck your client driven development. Sometime you actually have to fix the foundations before you can actually add new features. And fuck you management who keep on asking "why are there so many bugs and why is it always taking longer to deliver new releases". Because of you, you fucknuts, Because you can't say "NO" to the customer. Because you never listen to your own experienced developers.

Fuck your bullshit "code quality is important to us" line. If it's so important, then let us fix the heap of shit you're selling so that it works like a quasi functional program.

Fuck you development environment which has 250 projects in a single VS solution. Which takes 5mins plus to compile on a quad core i7 with 32 gb of ram.

Fuck this bullshit ball of mud "architecture". I spend most of my time trying to figure out where the logic should go and the rest of the time writing converters between different components. All because 7 years ago some idiot "architect" made a decision that they didn't have to live with.

Actually, fuck that guy in particular. Yeah, that guy who was the responsible architect for the project for 4 years and not once opened the solution to look a the code.

Fuck the manual testing of every business process. Manual setup of the entities takes 10mins plus and then when you run, boom either no message or some bullshit error code.

Fuck the antiquated technology choices which cause loads of bugs and slow down development. Fuck you for forcing me to do manual tests of another developers code at 20:00 on a Friday night because we can't get our act together to do this automatically.

Fuck you for making sure it's very clear I'm never going to be anything but a code monkey in this structure. Managers are brought in from outside.

Fuck you for being surprised that it's hard to hire competent developers in this second rate, overpriced town. It's hard to hire anywhere but this bland shithole would have anyone with half a clue running away at top speed.

Fuck you for valuing long hours and loyalty over actual performance. That one guy who everyone hated and was totally incompetent couldn't even get himself fired. He had to quit.

Fuck you for your mediocrity.

Fuck you for being the only employer for my skill-set in the region; paying just well enough that changing jobs locally doesn't make sense, but badly enough that it's difficult to move.

Fuck you for being the stable "safe" option so that any move is "risky".

Fuck your mediocrity.

Fuck you for being something I think about when I'm not at work. Not only is it shit from 9 to 5 you manage to suck the joy out of everything else in my life as well?

Fuck you for making me feel like a worse developer every day I work here. Fuck you for making every day feel like a personal and professional failure. Fuck you for making me seriously leave a career I love for something, anything else.

Fuck you for making the most I can hope for when I get up in the morning is to just make it until the night.

What is going on with the web these days? 500 adds, 3 auto play video's per page and now this shit?!

Websites that do this should be removed from Google.
I don't think it's even allowed.

If you block it, it goes to a subdomain 1.<website> and asks for permission again. If you block that one it'll go to 2.<website>, up until 10.<website>, then it switches to either a "get Express VPN" or another website that asks for permission. And that one even claims to be reCAPTCHA! and then another that asks you to press "Allow" in order to watch the video. What video?!

Great finaly get away on vacation 2weeks of just realaxing, 30min before leaving to the airport i get a sms from my server one of my main hard drives fail. No problem just need to swap the drive and start the recover at the airport.
At the airport i connect to my home vpn and start the recovery everything works fine just need to restart the server when done ~12h. next day im in the hotell and my vpn does not accept my connection, okey might be the hotell that block vpn connections i try my external vpn and it works and i try to connect home when i get a lovley text from my server "login attempt has failed from ip:x" then it hits me i have forgotten to add to whitelist. Outsmarted myself to just let i be.
So i finally get 2 weeks off and nothing i can do about it.

@netikras since when does proprietary mean bad?

Lemme tell you 3 stories.

CISCO AnyConnect:
- come in to the office
- use internal resources (company newsletter, jira, etc.)
- connect to client's VPN using Cisco AnyConnect
- lose access to my company resources, because AnyConnect overwrites routing table (rather normal for VPN clients)
- issue a route command updating routing table so you could reach confluence page in the intranet
- route command executes successfully, `route -n` shows nothing has changed
- google this whole WTF case
- Cisco AnyConnect constantly overwrites OS routing table to ENFORCE you to use VPN settings and nothing else.

Sooo basically if you want to check your company's email, you have to disconnect from client's VPN, check email and reconnect again. Neat!

Can be easily resolved by using opensource VPN client -- openconnect

CISCO AnyConnect:
- get a server in your company
- connect it to client's VPN and keep the VPN running for data sync. VPN has to be UP at all times
- network glitch [uh-oh]
- VPN is no longer working, AnyConnect still believes everything is peachy. No reconnect attempts.
- service is unable to sync data w/ client's systems. Data gets outdated and eventually corrupted

OpenConnect (OSS alternative to AnyConnect) detects all network glitches, reports them to the log and attempts reconnect immediatelly. Subsequent reconnect attempts getting triggered with longer delays to not to spam network.

SYMANTEC VIP (alleged 2FA?):
- client's portal requires Sym VIP otp code to log in
- open up a browser in your laptop
- navigate to the portal
- enter your credentials
- click on a Sym VIP icon in the systray
- write down the shown otp number
- log in

umm... in what fucking way is that a secure 2FA? Everything is IN the same fucking device, a single click away.

Can be easily solved by opensource alternatives to Sym VIP app: they make HTTP calls to Symantec to register a new token and return you the whole totp url. You can convert that url to a qr code and scan it w/ your phone (e.g. Google's Authenticator). Now you have a true 2FA.

Proprietary is not always bad. There are good propr sw too. But the ones that are core to your BAU and are doing shit -- well these ARE bad. and w/o an oppurtunity to workaround/fix it yourself.

I just tried to sign up to Instagram. I made a big mistake.

First up with Facebook related stuff is data. Data, data and more data. Initially when you sign up (with a new account, not login with Facebook) you're asked your real name, email address and phone number. And finally the username you'd like to have on the service. I gave them a phone number that I actually own, that is in my iPhone, my daily driver right now (and yes I have 3 Androids which all run custom ROMs, hold your keyboards). The email address is a usual for me, instagram at my domain. I am a postmaster after all, and my mail server is a catch-all one. For a setup like that, this is perfectly reasonable. And here it's no different, devrant at my domain. On Facebook even, I use fb at my domain. I'm sure you're starting to see a pattern here. And on Facebook the username, real name and email domain are actually the same.

So I signed up, with - as far as I'm aware - perfectly valid data. I submitted the data and was told that someone at Instagram will review the data within 24 hours. That's already pretty dystopian to me. It is now how you block bots. It is not how Facebook does it either, at least since last time I checked. But whatever. You'd imagine that regardless of the result, they'd let you know. Cool, you're in, or sorry, you're rejected and here's why. Nope.

Fast-forward to today when I recalled that I wanted to sign up to Instagram to see my girlfriend's pictures. So I opened Chromium again that I already use only for the rancid Facebook shit.. and it was rejected. Apparently the mere act of signing up is a Terms of Service violation. I have read them. I do not know which section I have violated with the heinous act of signing up. But I do have a hunch.

Many times now have I been told by ignorant organizations that I would be "stealing" their intellectual property, or business assets or whatever, just because I sent them an email from their name on my domain. It is fucking retarded. That is MY domain, not yours. Learn how email works before you go educate a postmaster. Always funny to tell them how that works. But I think that in this case, that is what happened.

So I appealed it, using a random link to something on Instagram's help section from a third-party blog. You know it's good when the third-party random blog is better. But I found the form and filled it in. Same shit all over again for info, prefilling be damned I guess. Minor convenience though, whatever.

I get sent an email in German, because apparently browsing through a VPS in Germany acting as a VPN means you're German. Whatever... After translating it, I found that it asks me to upload a picture of myself, holding a paper in my hands, on which I would have a confirmation code, my username, and my email address.. all hand-written. It must not be too dark, it must be clear, it must be in JPEG.. look, I just wanted to fucking sign up.

I sent them an email back asking them to fix all of this. While I was writing it and this rant, I thought to myself that they can shove that piece of paper up their ass. In fact I would gladly do it for them.

Long story short, do not use Instagram. And one final thing I have gripes with every time. You are not being told all the data you'll have to present from the get-go. You're not being told the process. Initially I thought it'd just be email, phone, username, and real name. Once signed up (instantly, not within 24 hours!) I would start setting up my account and adding a profile picture. The right way to ask for a picture of me! And just do it at my own pace, as I please.

And for God's sake, tackle abuse when it actually happens. You'll find out who's a bot and who isn't by their usage patterns soon enough. Do not do any of this at sign-up. Or hell, use a CAPTCHA or whatever, I don't fucking care. There's so many millions of ways to skin this cat.

Facebook and especially Instagram. Both of them are fucking retarded.

Red flags in your first week of your software engineering job 🚩

You do the first few days not speaking to anyone.
You can't get into the building and no one turns up until mid day.
The receptionist thinks you're too well dressed to work in this building, thinks you're a spy and calls security on you.
You are eating alone during lunch time in the cafeteria
You have bring your own material for making coffee for yourself

When you try to read the onboarding docs and there aren't any.
You have to write the onboarding docs.

You don't have team mates.
When you ask another team how things are going and they just laugh and cry.😂😭

There's no computer for you, and not even an "it's delayed" excuse. They weren't expecting you.
Your are given a TI PC, because "that's all we have", even though there's no software for it, and it's not quite IBM compatible.
You don't have local admin rights on your computer.💀
You have to buy a laptop yourself to be able to do your job.

It's the end of the week and you still don't have your environment set up and running.
You look at the codebase and there are no automated tests.
You have to request access every time you need to install something through a company tool that looks like it was made in 2001.

Various tasks can only be performed by one single person and they are either out sick or on vacation.
You have to keep track of your time in 6 minute increments, assigned to projects you don't know, by project numbers everyone has memorised (and therefore aren't written down).
You have to fill in timesheets and it takes you 30 minutes each day to fill them in because the system is so clunky.🤮

Your first email is a phishing test from the IT department in another country and timezone, but it has useful information in it, like how to login to the VPN.
Your second email is not a phishing test, but has similar information as the first one. (You ignore it.)
Your name is spelled wrong in every system, in a different way. 2 departments decide that it's too much trouble, and they never fix the spelling as long as you work there. One of them fixes it after you leave, and annoys you for a month because you haven't filled out the customer survey.

So I manage multiple VPS's (including multiple on a dedicated server) and I setup a few proxy servers last week. Ordered another one yesterday to run as VPN server and I thought like 'hey, let's disable password based login for security!'. So I disabled that but the key login didn't seem to work completely yet. I did see a 'console' icon/title in the control panel at the host's site and I've seen/used those before so I thought that as the other ones I've used before all provided a web based console, I'd be fine! So le me disabled password based login and indeed, the key based login did not work yet. No panic, let's go to the web interface and click the console button!
*clicks console button*
*New windows launches.....*

I thought I would get a console window.

Nope.

The window contained temporary login details for my VPS... guess what... YES, FUCKING PASSWORD BASED. AND WHO JUST DISABLED THE FUCKING PASSWORD BASED LOGIN!?!

WHO THOUGHT IT WOULD BE A GOOD IDEA TO IMPLEMENT THIS MOTHERFUCKING GOD?!?

FUUUUUUUUUUUUUUUUUUUUUUU.

NO FUCKING GOOD NIGHT FOR FLOYD.

THIS MULTI FACTOR AUTHENTICATION IS A FUCKING NIGHTMARE.

So my organisation uses some MFA app as an SSO to access any and everything. Fantastic. Absolutely wonderful. No VPN shit and one password to rule them all.

But, for some reason I accidentally deleted the app from my phone and as any normal human being would do, I also reinstalled the app.

Well, post reinstalling, the app does not detect the linked Org account.

I was cool, when I'll login, the system will throw a prompt to map the phone.

So I login to org URL from my machine and lo and behold, the URL says that MFA is already linked to the phone and I have to enter the Citrix type code to login.

But phone does not show the code because account is no longer linked and web does not have option to change/re-register the phone.

What the actual unholy fuck?????? Bloody retards. How am I suppose to get in now?

So after a Googling for a bit, a thread mentioned that this is most common issue faced by users with this MFA app. The only way to get this resolved is to contact your IT team.

Cool. Let's do that.

I opened the link to my IT portal and it asks me to login via SSO which is what I need help with in first place.

I can't login to Slack because fuckers ask SSO every time the app is exited. So no contact there.

Thankfully bastards allow Outlook so was able to drop a note to one of my team member, whom I connected recently and is very nice, asking her to help me sort this IT team.

If this is the most common use case then why the fuck not add a feature to help people overcome this shit?

And my IT team is absolute nuts. No other way allowed to reset the linking or connect them or any help links provided on login page.

Whoever was behind this design should be dipped in donkey shit and deep fried in pig urine.

Getting corporate VPN access:
PM: Here's the program to get in, it should work.
Me: Won't install.
PM: sorry old version, here is the new one.
Me: Can't get in
PM: create a ticket
Support: Not sure, just try again
Me: Still won't work
Support: We forgot to set some attributes in your account, should work now.
Me: Nope.
Support: We are investigating.
*two weeks later*
Support: should work now.
Me: No it doesn't you stupid f***tards.
*gives up all hope*

Discord and captchas can go get fucked in the ass by a rusty, tetanus ridden 2m pole....
I changed my discord-password yesterday and, naturally it prompted me for a login today. So I enter my new password and that motherfucking spawn from satans anus himself with the name of captcha threw itself at me... I seriously had to select fucking street signs for about 5min before Discord let me know that I apparently logged in from a new IP (thanks VPN) and therefore needed to confirm my e-Mail address. Alright, so off to my inbox I go.
SURPRISE, I also changed my password there yesterday (LastPass Security Challenge, I changed like 30 passwords yesterday) and guess what was waiting for me?... If you guessed a captcha, you just got full fucking marks. So I was busy selecting busses and streets for the next 3min again before I could finally log into that piece of trash and autorize my IP-address and log into Discord

Too everyone who said Europe is DOOMED too due too the recent Lisa of Net Neutrallity,
GO SUCK A BIG FUCKING DICK! AND AFTER THAT GET A ROPE AND FUCKING KILL YOURSELF! AMERICANS FUCKED UP!
AND YOU ALSO CAN GET A COCKFUCKED VPN IF YOUR NOT STUPID ENOUGH!

Working in a bank, using MIcrosoft platform:

To open my email, I need to enter my password and sms OTP.

To open my email using phone, I need to enter my password and sms OTP.

To open Teams, I need to enter my password and sms OTP.

To open Teams using phone, I need to enter my password and sms OTP.

To access Microsoft Azure, I need to enter my password and sms OTP.

To git pull/push, I need to enter my sms OTP.

To check UAT logs, I need to enter my sms OTP.

To get access to UAT DB, I need to connect to VPN, which then asks for OTP.

Did I also mention that I need to do these OTPs every single fucking day?

#OTPDrivenDevelopment

How to NOT write unit tests:

A colleague of mine has developed a new package of software, many of our new projects are going to use. So in his presentation of the new functionalities he also showed us that he used unit tests to cover some of his code. So i asked him to show me that all tests passes.

He: I can show you, but one test suit will fail currently.

Me: Why?? You told us, everything is finished and works fine.

He: That's right, but they will fail because I'm currently not in the customer VPN.

Me: Excuse me, WHAT??

He: Yes, I'm not in the VPN that connects me to this one customers facility in Hungary, where the counterpart of the software is runnung live.

Me: YOU WROTE UNIT TESTS THAT TEST AGAINST A RUNNING LIVE FACILITY??

He: Yes, so I can check, that the telegramms I send are right. If I get back the right acknowledgement, the telegramm structure is right and my code is working.

Me: You know, that is not the porpose of unit tests? You know, that these test should run in any environment?

He: But they are proving, that my code is working. Everytime I change something I connect to the customer and let the tests run.

Me: ...

Despite the help of some other developers we could not convince him that this was not good and he should remove them. So now this package is used in 2 new projects and this test suit is still failing, everytime you execute all unit tests.

Today was a manic-depressive kind of day. Spent the morning helping some developers with getting their code to run a stored procedure to drop old partitions, but it wasn't working on their end. It was a fairly simple proc. But working with partitions is a little like working with an array. I figured out that they were passing the wrong timestamp, and needed to add +1 to delete the right partition. Got that sorted out, and things were good. Lunch time.

After lunch I did some busy work, and then the PO comes up at about 2PM and says he's assigned some requests to me. The first was just attaching some scripts. Easy. The second, the user wants a couple of schemas exported ... at 6PM. I've been in the office since 6:45AM.

While I'm setting up some commands to run for the data export, a BA walks up and asks if I'm filling in for another DBA who is out for a few weeks. Yep. There's a change request that hasn't been assigned, and he normally does the work. I ask when it's due. Well, the pre-implementation was supposed to be done in the morning, but it wasn't, and we're in the implementation window ... half way through. I bring up the change task, and look at. Create new schema and users. That's all it says. The BA laughs. I tell I need more to go on. 10 minutes later he sends an email with the information. There's only two hours left in the window, and I can only use half of it, because the production guys have to their stuff, and we're in their window. Now I'm irritated, because I'm new to Oracle, and it's an unforgiving mistress. Fortunately, another DBA says he'll do it, so that we can get it done in time. But can't work it either, because Dev DBAs don't have access to QA, and the process required access for this task. Gets shelved until the access issue is resolved. It's now after 4:15PM. I'm going to in traffic with that 6PM deadline.

I manage to get home and to the computer by 5:45PM. Log in. Start VPN. Box pops on screen. Java needs to update. I chose skip update. Box pops up again. It won't let me log in until Java is current. Passed.

I finally get logged in, and it's 6:10PM. I'm late getting the job started. I pull up Putty and log into the first box, and paste my pre-prepared command in the command line and hit error. Command not found. I'm tired, so it's a moment to sink in. I don't have time for this.

I log into DBArtisan and pull up the first data base, use the wizard to set the job, and off it goes. Yay. Bring up the second database, and have enter the connect info. Host not found. Wut? Examine host name. Yep, it's correct. Try a different method. Host not found. Go back to Putty. Log in. Past string. Launch. Command not found. Now my brain is quitting on me. Why now? It's after 6:30PM. Fiddle with some settings, reset $Oracle home. Try again. Yay. It works. I'm done. It's after 7PM.

There is nothing like technology to snatch the euphoria of a success away from you. It's a love-hate thing, but I wouldn't trade it for anything else. I'm done. Good night.

Network Security at it's best at my school.
So firstly our school has only one wifi AP in the whole building and you can only access Internet from there or their PCs which have just like the AP restricted internet with mc afee Webgateway even though they didn't even restrict shuting down computers remotely with shutdown -i.
The next stupid thing is cmd is disabled but powershell isn't and you can execute cmd commands with batch files.
But back to internet access: the proxy with Mcafee is permanently added in these PCs and you don't havs admin rights to change them.
Although this can be bypassed by basically everone because everyone knows one or two teacher accounts, its still restricted right.
So I thought I could try to get around. My first first few tries failed until I found out that they apparently have a mac adress wthitelist for their lan.
Then I just copied a mac adress of one of their ARM terminals pc and set up a raspberry pi with a mac change at startup.
Finally I got an Ip with normal DHCP and internet but port 80 was blocked in contrast to others like 443. So I set up an tcp openvpn server on port 443 elsewhere on a server to mimic ssl traffic.
Then I set up my raspberry pi to change mac, connect to this vpn at startup and provide a wifi ap with an own ip address range and internet over vpn.
As a little extra feature I also added a script for it to act as Spotify connect speaker.
So basically I now have a raspberry pi which I can plugin into power and Ethernet and an aux cable of the always-on-speakers in every room.
My own portable 10mbit/s unrestricted AP with spotify connect speaker.
Last but not least I learnt very many things about networks, vpns and so on while exploiting my schools security as a 16 year old.

Linux is shit, OSX and iOS are trash, windows is the only OS that actually works, open source is always inferior to closed source, if you use VPN or encryption youre a criminal, java is slow, vim worse than nano, ..

Now that I've got your attention and you probably raged and downvoted.

Downvotes don't actually work on devrant. (not a bug)

This has been going on for months already - why have that function to begin with, if its just not fucking working? The usual answer to people throwing a fit is "just downvote it", WHY? it doesnt fucking work.

For a while specific options while downvoting DID actually work, but now any of the downvote options are just straight trashed and ignored, they are saved, dont get me wrong (or else it would be too obvious), but they dont affect any of the scores at all.

I understand mass bot downvoting should be prevented, but why take away anyones voice by completely ignoring downvotes. I really dont get it, its not "punishing" the creator of said post or comment, its simply reflecting what the users actually think of said comment or post, it boils my blood how thats even a thing, I am honestly disappointed.

Why should also downvoting something hide it from the feed (especially on the "recent" filter), let me fucking decide what I want on my feed via option then atleast. What if I don't agree with a rant, downvote it, but then want to see what others thought of it? how am I supposed to find it again?

Step 1: Acquire Rasbpery Pi
Step 2: Install Rasbian Lite
Step 3: Install PiHole
Step 4: Setup VPN
Step 5: Get a domain name for the VPN server
Step 6: Install OpenVPN on Phone
Step 7: Connect to Rasbperry PiHole Server

NO MORE ADS MOTHERFUCKERS

I was helping a client launch a new website. We met in a restaurant to do the final launch work. I mentioned I use VPN software to protect my computer on public WiFI and taught him what it means. He said it sounds hackerish and untrustworthy and I had a hard time explaining how it’s actually a countermeasure to hackers.

The next day he calls and says his cell phone is acting up and wants to know what my VPN software might have done to cause that.

How do some people get dressed in the morning?

Aaaaaaaargh!! Fing ashole!!
I got a major blocker reported, tried to connect to client, two of the user accounts were locked out because some genious used the last months password too many times.. FUUUU!! This happens almost every month!! FU! I go to the support dpt to check WTH is with those user accounts and got told the VPN is fucked up anyway so I will not be able to connect in any casr (disconnecting, bad transfer rate, it has a flue or prebirth cramps...whatever...). Ok, I ask if anyone notified our network admins and theirs.. And in response one guy mumbles something... I asked really really pissed off (due to the seriousnrs of the situation, we have max 8h to fix blockers and must check what is going on in minutes) if he is talking to me and answering my question or just talking to himself. He then a little bit more audiably said: we all are unable to work, you are not the only one with this problem & if you have a solutio... I already stormed out. Yes, everyone has problems connecting, no not everyone has a fucking blocker assigned to them!! Mayor malfunction on our system is not the same as archiving old processing data!!!

Simple yes or no question: did anyone notify our network admins & client's network admins?! And client's management that we have technical problems and cannot check the blocker situation immediately?! And I get a mumbling incompetents guy response... OmFG yes, I have a solution for you!! Go and jump of of the terrace!!

Oh boy, finally something to rant about.

I got hired in a "small" company (not even 2000 people in it), then got "shipped" to a way bigger company. Basically, I work for this company (the french biggest internet / phone service provider) but in the name of my own. And this since last wednesday.

First off, I'm fucking stupid. After leaving the big company that I was in before, I swore to myself that from now on, I would work for smaller companies, mainly because I couldn't stand the inertia that big company have. You ask for something, you get it a month and a half after. The old company has about 6000 employees... This company has 98k people in it. Fuck. My. Life.

Now, to the rant: Orange (the company) decided that they had to move their office somewhere else. They set up a lot of things so that all we needed to do was to put things in boxes, to work somewhere else until next monday, then we could go to the new office on tuesday morning.

Keep in mind that I have been there for 8 days: I keep learning how they do their stuff. For example, if I need a specific docker image, I can't get it from the Docker Hub, the download will fail. However, if I hit an Orange subdomain's registry, I will get this image from a mirror. Because fuck logic.

When we join the company, they give us a Windows laptop ("yeaah we have useless but required Orange softwares that don't run on Linux" "Yeeaaah fuck you") that have a specific VPN allowing us to use the Orange network and, in theory, you can download docker images or clone orange repositories from that network.

In practice, you can simply just go fuck yourself. Why? Because whenever you want to curl, wget or pull anything (or even pip install), your connection keeps being shut down while it waits for the response's header.

The worst part? According to my (new) boss's evasive answers, the way to fix that works with glue, sticks and the power of the Force.

WHY THE FUCK DO YOU ENFORCE US A SHITTY OS FOR DEVELOPMENT, WHEN THE TOOLS YOU SHOVE IN IT WITH A FAKE SMILE DON'T EVEN WORK, AND WE HAVE TO HACK OUR WAY TO FUCKING WORK?

Just because I know how to program doesn't mean I know how to fix your goddamn computer. We have an IT support team. Call them!

Don't come to my desk asking about a computer problem, then stand there with a vacant stare when I say I can't help you. I've given you the support team's contact info several times already. I assure you, they specifically get paid to configure your emails, install printers, setup your VPN, etc. Now where the hell was I at...

A lot of things dev say are true, but this one I don't believe as much:
Many devs say that it's important for everybody to learn a bit of a basic programming language, to learn about computers and how programs are made. I disagree, I think that instead people should learn *how* things work. Ex, in my school people always use a VPN to get around the proxy. I don't care if they know basic statements, I think it's more important to learn how a VPN works. Most of them don't even know what VPN stands for. Am I the only one?

I can't get any work done at work... The potatoe they gave me for a laptop is 5 years old, Every day I was approx 2 hours (no joke) for it to power up, open up my visual studio solutions, connect to the VPN, and open my browsers.

Then my fucking shit computer loses connectivity with one of my 2 monitors every 15 min so I need close the lid, reopen it again so it "picks up the monitor" then wait another 5 min for my windows to respond.

Agh!!!!!

It's frustrating too cuz my boss ordered me a new computer 2 months ago. But cuz I work for corporate bozos it took them 2 months just to process/place the order for a new computer. So now I have to wait even longer just to have a functioning computer.

I am at a hotel and these fuckers are blocking outbound connections to port 22. They are also blocking access to any websites mentioning proxy or vpn, seriously fuck them. I managed to get a VNC connection open to one of my servers and I am now trying to set up a VPN tunnel to my servers so I can fucking do my work. >:-(

Dear Target App Developers,

I think you left some debug code in your app...

I know you want to know if someone is using a VPN and that's cool with me, I get it.

But when I'm on a VPN your app constantly pops up a modal with my IP address every time I change a page in your app....

Might want to look things over a bit closer before you put it in production ;)

Internet access at the new Uni is crap. I'm getting so pissed at this shit...
Packet loss spikes to over 50% every 30s or so. Can't keep a single SSH pipe open for longer than a minute. Firewall is so tight infrared light wouldn't get through that shit (understandable. And I use a VPN anyway).
And every. Single. AP. Uses. The. Same. Channel. All of them on 6. At least it's on a tight band... But 1 and 11 are free. 100% clean. You know, you could spread them a bit. That helps. But naaah let's keep everything bundled up. Co-channel interference is OK, right?

Ok, first rant, about my struggles getting reliable internet over the past 6 years. It's not too interesting of a topic, but here we go:

I'm living in a more rural part of Germany and internet here is shit. I pay more than 50 bucks a month for 700kb/s downstream (let's just not talk about upstream...), which is meh by itself but it gets worse. Before this I had roughly 230kb/s downstream using DSL. My provider came out with a new oh-so-fucking-fancy solution for giving people faster internet without upgrading their lame ass fucking backbone and POS infrastructure from 70 years ago: they sell you hybrid internet which combines your shit DSL and an LTE connection using TCP Multicast. Not only do I get only 6 of my promised (and payed for) 50 Mbit, no, It's also a fucking piece of nonworking shit!!!

Let me illustrate:
You constantly have problems with web content (or any remote content) not loading because the host server does not support TCP Multicast. It either refuses connection altogether or it takes about 30-50 seconds to establish a connection. Think about your live when it takes two or three fucking minutes to load 5 YouTube thumbnails or load new tweets at the bottom of the Twitter page! Also, you never know if you a) have an error in your implementation of a new API or if b) the remote host doesn't support TCPMC (there's never an error for that! Fuck you!), your SSH sessions ALWAYS drop in the most inopportune fucking moments because the LTE thing lost connection, you always have to turn on a VPN if you want to visit specific websites (for example your school's website) and so on....

Oh and also, my provider started throttling specific services again these days with Netflix and YouTube struggling to display 240p, fucking 240p video without buffering when I get 600kbit down on steam (ofc the steam download is paused when watching videos). When using a VPN, YouTube 720p and Netflix HD work like a charm again. Fucking Telekom bastards

Then there is the problem with VPNs. The good thing about them is that they solve all the TCP Multicast problems. Yay. Now for the bad things:
First of all, as soon as I use a VPN, access times to remote go up by like fucking 500%. A fucking DNS lookup takes 8-15 seconds!!! The bandwidth is there but it takes forever.. because reasons I guess. Then the speed drops to DSL speeds after a while because the router turns off my LTE connection when it is unused and it does not detect VPN traffic as traffic (again because... Reasons?) And also, the VPN just dies after an hour and you have to manually reconnect (with every VPN provider so far)

And as if that wasn't enough, now the lan is dying on me, too, with the router (the fucking expensive hybrid piece of shit, 230 bucks..) not providing DHCP service anymore or completely refusing all wifi connections or randomly dropping 5Ghz devices, or.....

You get the point.

The worst thing is, they recently layed down 400mbit fiber in my neighborhood. Guess where the FUCKING PIECE OF SHIT CABLE ENDS??? YEAH, RIGHT IN FRONT OF MY NEIGHBORS HOUSE. STREET NUMBER 19 IS SERVED WITH 400MBIT AND MY HOME, THE 20, IS NOT IN THEIR FUCKING SERVICE REGION. Even though there is a fucking cable with the cable companies name on it on my property, even leading up to my house! They still refuse to acknowledge it! FUCK YOU!!!!

Well anyways thanks for reading. Any of you got the same problems? :/

tell my boss on Friday that I'll work through the weekend to get done work done on some python code.

he doesn't give out vpn access so I can't use our company git so I put the project on a flash drive to work on.

come into work and I have an email. on Sunday he did everything I said I was doing (and had done) and then refactors the entire repo so even if he hadn't done the work, all of what I did became useless.

His way is the only way. but good luck getting him to tell you how he wants it. you just have to do a bunch of work only for him to tell you he doesn't like the way you did things and then he does it himself.

makes me realize why their other programmers didn't stick around. because they had to work so closely with this guy.

glad I started looking for other jobs sooner then later.

I need to setup a Windows Server with an AD (and therefore an own domain) that can be reached from a Linux host for a test environment... Holy crap I totally forgot what a huge pain in the ass that crap is!

Pro Tip: If youre connected to a Server via VPN and RDP and you create a domain and subsequently get logged out from the server, you're fucked.

Teamviewer is a piece of shit. I use it to connect to my PRIVATELY OWNED server because it's not located on my lan and I have no other way like VPN. Today teamviewer showed me a suspected commercial use and disconnects all connections after 1 minute and blocks connecting to it for 10. I also use it to connect to my synology nas when I'm not home. The teamviewer support is only for paying customers so you can't even contact them. Why the fuck do I have to pay to get something resolved they screwed up? I know I can be glad that teamviewer is offering a free service but when they offer something for free they should at least get their stuff working.

Soooooo, why is it that so often 'security' just means bloody mindedly getting in your way for no reason?

Coz I fail to see how whitelisting a subnet of private IPs that are already only accessible through company VPN presents any kind of security risk, especially since the blocking software is literally only on our company laptops and can be easily bypassed by being on the VPN on *any other device*. But nooooooo, we have to go to the this other company our umbrella company owns (who by the way are making every dev at our company redundant in six months) and beg them to change each individual IP address every time we create a service.

Really does feel like security often means either 'our parent company doesn't understand security so we just need to go through the motions and *look* like we are doing things properly' or 'we just want to get in your way enough that we win in the who gets made redundant fight because you can't actually get any work done and we can'.

Bonus points: on the website for the blocking software they use, it literally recommends using Internet Explorer for everything. I'm surprised they haven't tried to enforce that on us as well.

SO MAD. Hands are shaking after dealing with this awful API for too long. I just sent this to a contact at JP Morgan Chase.

-------------------
Hello [X],
1. I'm having absolutely no luck logging in to this account to check the Order Abstraction service settings. I was able to log in once earlier this morning, but ever since I've received this frustratingly vague "We are currently unable to complete your request" error message (attached). I even switched IP's via a VPN, and was able to get as far as entering the below Identification Code until I got the same message. Has this account been blocked? Password incorrect? What's the issue?

2. I've been researching the Order Abstraction API for hours as well, attempting to defuddle this gem of an API call response:

error=1&message=Authentication+failure....processing+stopped

NOWHERE in the documentation (last updated 14 months ago) is there any reference to this^^ error or any sort of standardized error-handling description whatsoever - unless you count the detailed error codes outlined for the Hosted Payment responses, which this Order Abstraction service completely ignores. Finally, the HTTP response status code from the Abstraction API is "200 OK", signaling that everything is fine and dandy, which is incorrect. The error message indicates there should be a 400-level status code response, such as 401 Unauthorized, 403 Forbidden or at least 400 Bad Request.

Frankly, I am extremely frustrated and tired of working with poorly documented, poorly designed and poorly maintained developer services which fail to follow basic methodology standardized decades ago. Error messages should be clear and descriptive, including HTTP status codes and a parseable response - preferably JSON or XML.
-----

This whole piece of garbage is junk. If you're big enough to own a bank, you're big enough to provide useful error messages to the developers kind enough to attempt to work with you.

New twist on an old favorite.

Background:
- TeamA provides a service internal to the company.
- That service is made accessible to a cloud environment, also has a requirement to be made available to machines on the local network so you can develop against it.
- Company is too cheap/stupid to get a s2s vpn to their cloud provider.
- Company also only hosts production in the cloud, so all other dev is done locally, or on production non-similar infra, local dev is podman.
- They accomplish service connectivity by use of an inordinately complicated edge gateway/router/firewall/message translator/ouija board/julienne fry maker, also controlled by said service team.

Scenario:
Me: "Hey, we're cool with signing requests using an x509 cert. That said, doing so requires different code than connecting to an unsecured endpoint. Please make this service accessible to developer machines and lower environments on the internal network so we can, you know, develop."
TeamA: "The service should be accessible to [cloud ip range]"
Me: "Yes, that's a production range. We need to be able to test the signing code without testing in production"
TeamA: "Can you mock the data?"
Me: "The code we are testing is relating to auth, not business logic"
TeamA: "What are you trying to do?"
Me: "We are trying to test the code that uses the x509 you provide to connect to the service"
TeamA: "Can you deploy to the cloud"
Me: "Again, no, the cloud is only production per policy, all lower environments are in the local data center"
TeamA: "can you try connecting to the gateway?"
Me: "Yes, we have, it's not accessible, it only has public DNS, and only allows [cloud ip range]"
TeamA: "it work when we try it"
Me: "Can you please supply repro steps so we can adjust our process"
TeamA: "Yes, log into the gateway and try issuing the call from there"
Me: (╯°□°)╯︵ ┻━┻

tl;dr: Works on my server

As someone who uses UNIX and UNIX-like systems on a daily basis, and someone dealing with computer support in a school, I experience so, so many issues, many of which others have already ranted about.

For no reason at all, I find it incredibly frustrating how many high school students' understanding of sudo is limited to this:
Student: Hey, isn't sudo the minecraft command
Me: Erm
Student: You know, the one skeppy uses... to troll players? Anyway, you're doing it wrong. There should be a slash before you run the command
Me: aaargh.
and so on. Happens probably every 10th time I invoke sudo.

I mean, really? Surely these kids, with all their complaints and lines: hacking into the mainframe/whats the admin password/why did you block my VPN/ and so on, would know what sudo is. But NO, they just don't seem to get it. Sometimes I lose my hope in the futures of these kids.

!Rant
The new bill passed the house for ISP to be able to sell data. This get me ticked off. I already ausme that ISP did it under the table. Doesn't make it right. Now it legal for them to breach our privacy. At what leave do i need to run my own internet just to feel safe. VPN can sell the data, ISP can sell data about you. I spend my life teaching how to protect people online and now I can't even say they are safe at home from someone with wrong intention. A quote​ comes to mind.
"Dear lord I need to see some change, because the man in the mirror is wearing a mask"
I shouldn't have to feel every time. I boot my PC, that I need to remind my self that what I'm doing now is being sold so someone can lable me. When will the common man learn to protect their privacy online; And where is the line in the sand?

It not all bad, this event has given me the itch to code. Just to spin some heads I'm going to make a script to make random Google query across the widest array of topics, so my profile is full of contradiction.

The few who read this have a nice day!

ZNC shenanigans yesterday...

So, yesterday in the midst a massive heat wave I went ahead, booze in hand, to install myself an IRC bouncer called ZNC. All goes well, it gets its own little container, VPN connection, own user, yada yada yada.. a nice configuration system-wise.

But then comes ZNC. Installed it a few times actually, and failed a fair few times too. Apparently Chrome and Firefox block port 6697 for ZNC's web interface outright. Firefox allows you to override it manually, Chrome flat out refuses to do anything with it. Thank you for this amazing level of protection Google. I didn't notice a thing. Thank you so much for treating me like a goddamn user. You know Google, it felt a lot like those plastic nightmares in electronics, ultrasonic welding, gluing shit in (oh that reminds me of the Nexus 6P, but let's not go there).. Google, you are amazing. Best billion dollar company I've ever seen. Anyway.

So I installed ZNC, moved the client to bouncer connection to port 8080 eventually, and it somewhat worked. Though apparently ZNC in its infinite wisdom does both web interface and IRC itself on the same port. How they do it, no idea. But somehow they do.

And now comes the good part.. configuration of this complete and utter piece of shit, ZNC. So I added my Freenode username, password, yada yada yada.. turns out that ZNC in its infinite wisdom puts the password on the stdout. Reminded me a lot about my ISP sending me my password via postal mail. You know, it's one thing that your application knows the plaintext password, but it's something else entirely to openly share that you do. If anything it tells them that something is seriously wrong but fuck! You don't put passwords on the goddamn stdout!

But it doesn't end there. The default configuration it did for Freenode was a server password. Now, you can usually use 3 ways to authenticate, each with their advantages and disadvantages. These are server password, SASL and NickServ. SASL is widely regarded to be the best option and if it's supported by the IRC server, that's what everyone should use. Server password and NickServ are pretty much fallback.

So, plaintext password, default server password instead of SASL, what else.. oh, yeah. ZNC would be a server, right. Something that runs pretty much forever, 24/7. So you'd probably expect there to be a systemd unit for it... Except, nope, there isn't. The ZNC project recommends that you launch it from the crontab. Let that sink in for a moment.. the fucking crontab. For initializing services. My whole life as a sysadmin was a lie. Cron is now an init system.

Fortunately that's about all I recall to be wrong with this thing. But there's a few things that I really want to tell any greenhorn developers out there... Always look at best practices. Never take shortcuts. The right way is going to be the best way 99% of the time. That way you don't have to go back and fix it. Do your app modularly so that a fix can be done quickly and easily. Store passwords securely and if you can't, let the user know and offer alternatives. Don't put it on the stdout. Always assume that your users will go with default options when in doubt. I love tweaking but defaults should always be sane ones.

One more thing that's mostly a jab. The ZNC software is hosted on a .in domain, which would.. quite honestly.. explain a lot. Is India becoming the next Chinese manufacturers for software? Except that in India the internet access is not restricted despite their civilization perhaps not being fully ready for it yet. India, develop and develop properly. It will take a while but you'll get there. But please don't put atrocities like this into the world. Lastly, I know it's hard and I've been there with my own distribution project too. Accept feedback. It's rough, but it is valuable. Listen to the people that criticize your project.

Because I am very interested in cyber security and plan on doing my masters in it security I always try to stay up to date with the latest news and tools. However sometimes its a good idea to ask similar-minded people on how they approach these things, - and maybe I can learn a couple of things. So maybe people like @linuxxx have some advice :D Let's discuss :D

1) What's your goto OS? I currently use Antergos x64 and a Win10 Dualboot. Most likely you guys will recommend Linux, but if so what ditro, and why? I know that people like Snowden use QubesOS. What makes it much better then other distro? Would you use it for everyday tasks or is it overkill? What about Kali or Parrot-OS?

2) Your go-to privacy/security tools? Personally, I am always conencted to a VPN with openvpn (Killswitch on). In my browser (Firefox) I use UBlock and HttpsEverywhere. Used NoScript for a while but had more trouble then actual use with it (blocked too much). Search engine is DDG. All of my data is stored in VeraCrypt containers, so even if the system is compromised nobody is able to access any private data. Passwords are stored in KeePass. What other tools would you recommend?

3) What websites are you browsing for competent news reports in the it security scene? What websites can you recommend to find academic writeups/white papers about certain topics?

4) Google. Yeah a hate-love relationship, but its hard to completely avoid it. I do actually have a Google-Home device (dont kill me), which I use for calender entries, timers, alarms, reminders, and weather updates as well as IOT stuff such as turning my LED lights on and off. I wouldn"t mind switching to an open source solution which is equally good, however so far I couldnt find anything that would a good option. Suggestions?

5) What actions do you take to secure your phone and prevent things such as being tracked/spyed? Personally so far I havent really done much except for installing AdAway on my rooted device aswell as the same Firefox plugins I use on my desktop PC.

6) Are there ways to create mirror images of my entire linux system? Every now and then stuff breaks, that is tedious to fix and reinstalling the system takes a couple of hours. I remember from Windows that software such as Acronis or Paragon can create a full image of your system that you can backup and restore at any point to get a stable, healthy system back (without the need to install everything by hand).

7) Would you encrypt the boot partition of your system, even tho all data is already stored in encrypted containers?

8) Any other advice you can give :P ?

Will these fucktards just FUCKING FIX EDUROAM! alright it's a WiFi network that works across the globe and there's challenges with that BUT DON'T MAKE ME HAVE TO MANUALLY RECONNECT EVERY random amount of time!!! I'll shove that fucking MSCHAPv2 down you fucking throats with that sweet sweets PEAP sauce bloody arseholes.
What do you fucking mean it works fine? NO IT BLOODY DOESN'T! Get your shit together and at least handle DHCP leases correctly and make them not expire every fucking minute!!

Also, how the flipping fuck does connecting to the eduroam VPN from within fucking eduroam make it more stable? Only ever so slightly though. Incompetent pieces of dick sucking craptards don't make me have to bring out the ethernet jack EVERY FUCKING TIME at school for christ's sake.
No, it doesn't make it my problem because I'm running Linux. Look on the Internet. The forums are fucking filled with people having issues and your docs are from 5 years ago so please kindly FUCK Off!!!

Gotta love the IoT.

They set up a new surveillance camera in the company, that can stream live footage over the network and that little shit picked the IP adress of a coworker one day AFTER being set up.
Hurray for static routing. Hurray to the person who didn't disable DHCP on the router (Should probably configure my PC to use a static IP as well lel)

Anyways, this happened outta nowhere when I, the only guy who knows shit about IT and is usually present at yhe office, wasn't there and could not connect remotely.

The other, remote programmer, who set up the network, could guide the coworker to get a new IP but, he was worried that we got ourselves an intruder.

Since nobody told me yet that we (should) have static routing, I thought there was a mastermind at work who could get into a network without a wifi-access point and spoof the coworker in order to access the some documents.

The adrenaline rush was real 😨

Scanning the network with nmap solved the mystery rather quickly but thought me that I need to set up a secure way to get remote access on the network.

I would appreciate some input on the set up I thought of:
A raspberry Pi connected to a vpn that runs ssh with pw auth disabled and the ssh port moved.
Would set up the vpn in a similar fashion.

Just rebooted my work station during a video conference because the VPN was flaking out.

After reboot, launch Teams to get back to the meeting. The VPN credentials dialog then pops up, but IS NOT MODAL, so I end up sending my password to the group chat...

Time to change my password, I guess.

So, I move house with my amazing, already configured and stable router with built in VPN, DDNS, Port forwarding and DHCP addresses.

Received ISP shitty router at new address and want to use as modem only, so I go read the manual.

"Bridge mode requires you to configure your other router with PPPoE and the ISP's credentials"

Landline is not working, so I cannot call the number to retrieve my password. After 2 days of waiting, engineer visits, installs master socket, dial tone yaaay.

Call number to get password, automated voice message has such a bad sound quality that I cannot figure out if it's saying F or S, and there are two of those letters.

Put ISP router in bridge mode, set other router to PPPoE and put credentials, nothing. Try with F and F, S and F, F and S, S and S... Nothing. Put it back to dynamic IP address, it works.

I resign myself and manually configure everything I had on the good router to the ISP one. A few issues with my server and DDNS, but hey, internet works.

Start missing the other functionality, try the password idiocy again. Nothing.

Next day, go to work, talk to a colleague that lives close and has the same provider: "I just put it into bridge mode and it worked".

Go back home, bridge mode on ISP router, Dynamic IP on good router, no credentials. It works.

Why do I always overcomplicate stuff?

Fuck these fucking youtube ads! I got blocked on youtube and cant play any video on desktop unless i disable adblocker. Shits so fucking LAME. Fuck off. Switching over to brave browser now and never looking back. Fuck off chrome.

Get fucked google. Now Google dropped to the last place for me from cloud providers. I'll prioritize the pedophille childfucker bill gates Azure cloud over GCP Now! Fuck Off. Shove ur ads into someone elses ass just how bill gates shoves his dick into childrens assholes on the epstein island!

Brave browser found a solution to all this fuckertry! It has built in adblockers for everything including built in vpn IP cloaker trace blocker and so much more for privacy and data integrity. Playing yt videos on brave browser works like a charm with no fucking ads or extensions installed! Everything is the same like chrome including layout development etc, minus ads tracking and data harvesting!

Before:
AWS > GCP > Azure > OCI

After:
AWS > Azure > OCI > GCP

Google ur now worse than a pedophile azure. Deserved to get spot #3 now. Shitheads

So I now bought an iphone 6 again for development and tried just for fun to make it a daily driver and it feels really limited, especially because apparently theres no jailbreak yet for 11.2.5. (I feel near everything could be solved as soon as cydia etc. get fully released to the alibaba jailbreak)

I didnt even remember, that it doesnt have any option to have haptic feedback when typing, such a basic feature has to be jailbroken..? I thought I remembered that it had it, last time I had one - did they remove such a basic feature?

Also the fingerprint reader is really weird compared to other phones from the same year, first getting it to actually fill all fingerprint lines without saying "try again" or it trolling you and vibrating as if it recognized your finger, but actually didnt (really frustrating when its the last 2 lines...) - is a real challenge, might be that I have some mutant fingerprints, but when I asked my s/o to try it out, it also failed most of the times, so you have to position your finger in a very specific position for it to work, even if you add the max amount of 5 fingerprints.

Most ads on iphones feel HORRIBLE, the amount of lag some can add is incredible, wait till it loaded or youre fucked and besides using some shady adblocker vpn, theres no way to block them, without again - a jailbreak.

Another feature that I used many times on my android phone, is controlling it from the desktop, connect it via usb and then just use it for demonstration purposes on a projector or to instruct how things work - theres no such function without a jailbreak, even if you use osx..

Then theres the feature, that instead of just setting your cursor to a specific location, you have to hold and it zooms in, not sure if I just got too used to the android way of doing it, but I can see myself making less mistakes of where I positioned it with the ios way.

The hardware mute switch feels like a great feature, its just sometimes weird, so if you were inside an app that was playing sound and you mute it, it still plays it until you either close and open that app or just change to another one temporarily, so its not an actual hardware switch as I usually thought, more like a request to mute the phone.

The cable that comes with it is too thin, I am afraid to even unwind it, as it would probably break, so I had to get another one.

Please don't turn this into a shitfest from any of the fanboys, I really just wanted to share my image of finally being able to try it first hand again.

whenever I suspend my laptop my openvpn would get stuck on reconnecting and I'd have to ctrl c and wait for like minutes so it would correctly close. so I only used VPN when I really needed it.

but then I found out: mullvad (my VPN host supports wireguard! and so wireguard is a more passive protocol, and doesn't need to keep open the connection. so now I can just set my VPN to "always on" and not worry about it anymore, yay!

ps: you should have seen my face when I found out mullvad gives away free stickers! :D

Long time stalker, but I finally signed up! Maybe I have dragged it out to not get too addicted, but it seems like that plan has failed.. ;)

Now for the question:
Can anyone recommend a VPN provider (well, functionally proxy) that works in (South) China these days? Because of the holidays the CCP is blocking everything they can to ensure that.. well let's not get political.

Priorities: Reliability > Privacy > Cost (trial or guarantee would be great though)

Thanks :)

The CI infrastructure and external tooling at the company I work at is a complete joke. Feels like it was designed by an intern left alone.

95% of the time a build fails or hangs, it's because we are getting race conditions or a hanging VM with our crappy Windows jenkins slaves. Quite possibly because we are not using proper tooling for monitoring those VMs as well. Anyways, I don't have access and control on it and it's not even my job to fix it.

Though, I am being asked to monitors these pieces of junk jenkins jobs outside of my work hours because company devs all over the world use it... but there is no fucking way to know it failed unless I log onto jenkins every hour and check everything manually... which is stupid as fuck for a software engineer.

I can't even implement slack hooks to get notifications or something when it fails because we will stop paying for it soon, so I have to connect to my freaking VPN on my PC and check everything.

And what's the fucking ghetto solution instead of fixing it properly? Restarting VMs and rerunning a build. Because someone in management wants to see a passing build, even though it means jackshit. Half of these jobs are tagged as unstable, so what's the fucking point?

Pisses me off when people work like morons and pressure others to do the same.

Hi all,
I want to get advice about a VPN Service,

Currently NordVPN giving away 75% discount for 3 years subscription which costs $107.55,

Any of you have experience with their service?

Need reviews or opinions

Me: Ok, we'll implement that message tech. But since the clients are servers in that architecture and can't speak IPv6 we've to use a dedicated VPN so the endpoint is able to connect to the servers (clients). Since we have limited network resources we should use VPN cert-encryption and send the actual data plain to save at least some overhead.

Boss: Ok! Let's do it!

Next day.

Boss: Hey! I talked to a guy from that message tech. Their encryption is certified. We should use that instead and get rid of the VPN to save the overhead!

Me: *unable to say a word*

What in "VPN in that architecture is mandatory" is unclear?

Well, I assume we'll kill the architecture then... Fun Time!

Sooner or later, you'll need a VPN access to get an accurate information within the US. The population is fat from garbage food, and now they will be fat in retardness from their media.

My Windows 10 VM gloriously just shat itself so badly, it's now stuck in a BSOD bootloop (first time ever I managed to get a BSOD in a fucking virtual machine btw) and I need to reinstall it. So I need to download the newest Win10.iso.

But I'm also currently working on a university assignment that requires me to be connected to the university-network via a VPN that's slower than my 90s ADSL connection (~1Mbps) (see my previous rant). So to download the 4.7GB iso it'd take.... I'm bad at maths, so let's just say fucking AGES.

So I spin up another VM with a bridged network to download my Win10.iso with Gigabit speed to set up another VM.... wonders of modern technology

My company is supposed to be 'remote friendly'

Any request to work from home is a fight to get approved, regular days frequently get cancelled for vital meetings and best of all our infrastructure is so shit the VPN drops silently every 5-10 mins. Good luck doing a big merge or getting latest code.

Americans will get a 100k$ fine and 20 years in jail if they use tiktok via vpn

What is the point of a vpn if its not giving me anonymity???????

So I reverse engineered the
protocol of QONQR: World in Play and made a mitmproxy addon running locally inside termux that can see when I launch in the game and uses Termux:API to notify me when my ingame resources are replenished.
I direct the traffic through mitmproxy using Drony. I configured it so that by default Drony passes traffic directly to the internet except if it comes from the QONQR app.
The problem is that while Drony is running, there is a chance of network traffic being corrupted so I often get spammed by connection and ssl errors.
So I have to either continue sacrificimg my network integrity or stop getting assistance ppaying QONQR :-/

Does anyone know an alternative to Drony (basically an app that can connect you to a proxy without root using the android vpn api, if possible with filtering by app or ip)?
Also does anyone else have problems with drony on Android 9 or other versions? I don't really have an opportunity to test it.

Edit: It only took 4 tries to post this yay

Don't attempt to debug a crash on startup using visual studio remote debugger over team viewer vpn using the worlds worst German hotel internet connection.

If you do, get a drink while it takes 2 minutes for the debugger to break.

Being victim of an arbitrary worplace's culture on dev experience and documentation makes me a very frustrated dev.

Often I do want to document, and by that, I don't mean laying an inline comment that is exactly the function's name, I mean going full technical writer on steroids. I can and WILL get very verbose, yes, explaining every single way you can use a service - no matter how self explanatory the code might look.
I know developers (and me included) can, and sometimes will, write the best variable and function names at the time, wondering if they reached the peak of clean, DRY code that would make Robert Martin have a seizure and piss himself, only to find weeks later after working on something else that their work is unreadable. Of course.
I know the doc's public, it's me, and I've done this.

But then again explain for the people in the back how the FUUUUCK are we meant to suggest improvements, when we are not the ones who are prioritising features and shit WITH the business?

Just email me when the fucking team recycles, and no new team member knows how to even setup the IDEs because this huge piece of monumental shit called CompanyTM is also run by VPN. Fuck, no one wants to access that garbage, you have no docs.

I once tried setting up a culture for documentation. I did an herculean amount of work studying what solutions were internally homologated, how steep the learning curve would be from what we had at the moment (NOTHING, WE HAD FUCKING NOTHING, jesus christ, I even interviewed SEVENTEEN other squads to PROVE they FUCKING NEED
DOCS
TO WORK

You know what happened to that effort?
It had a few "clap" reactions on a Teams meeting and it never reached the kanban.
It didn't even made it to backlog.

I honestly hope that, someday, an alien fenomenon affects the whole company, making their memories completely reset, only to have the first one - after the whole public ordeal on why our brains became milkshake -, to say: "oh, boy, I wish we had documented this".
Then I will bring them to the back and shoot them.

My beard has grown during the time i've been waiting for Emscripten SDK to get installed

In Syria, my connection speed is 512kbps and Google repositories is blocked, so i had to run OpenVPN using a VPNBook account located in Poland to get everything working, and i guess you all know how connection speed is screwed when you use a VPN, i hardly got 300kbps

The bright side is having to do ZERO configurations on Linux before installation

What the fuck is up with all these vpn articles. It seems like they are everywhere. It's like get this vpn, no buy this one, wait no buy this one. Like I don't need a fucking vpn and it's not a must have.

When I thought things couldn't get crazier that my vmware to win chrome mess.....

Doing an upgrade today when I have to VPN in from my mac to access a Web based secret server to get onto another VPN so I can RDP onto a Windows bastion host to then RDP to client windows servers within the RDP and from those hosts need to use putty to ssh into Linux servers to do the admin activities......

Now I'm obviously all for security but seriously VPN to RDP to RDP to ssh is just a bit mental......

But all of the SSL certs between each env is self signed anyhow......

Oh the joys of working with an Enterprise customer.

Background:
Discussion about service architecture with me, development architect (ArchDev) and integration architect (ArchInt). The topic arises of needing to access int. segment systems for a public facing cloud application.

Me: so we'll just need a s2s vpn and then we can just create a route and call the services normally.
ArchDev: sounds good to me, it will take a few months to get that set up
ArchInt: we done need that, we can just use the gateway and then route all the requests through the ESB.
Me: 😕 do you mean the service gateway?
ArchInt: (drops bomb) no, we decide that all API should be implement in ESB, so ESB will handle traffic
Me: *pauses, steps up to the whiteboard, does latency math* setting aside the fact that isn't how ESB's work, that will add at least 700ms latency to each request.
ArchInt: well that is fine for enterprise, things not usually as fast in enterprise you must expect slowdown to be safe
ArchDev: *starts updating resume on the ladders
Me: 💀🔫

What’re good starter projects for a Raspberry Pi? I would like to get started on hardware and I’m inclined to install recalbox or retropi (cause I love video games), but I’d also like a diy project. Maybe I’ll make a VPN...

AHHHHHHHHHHGGGH

I HATE VPN SETUP

- Trying OpenSwan
Installing open swan on a Debian machine.. setting up the config.
Restarting openswan. Syntax error. No syntax error to be found.
Different tutorial.. it starts! Try to connect.. I can’t connect. Look at the logs. No errors.
Tcpdump. My traffic is coming through.. all fine.. try to connect again.. it works! (Nothing changed!)
Try to ping somewhere else.. no connectivity.
Try to ping an IP in the same network.. works fine. So I have connectivity, just no internet.
Spend an hour finding out about traffic directions of which no one seems to know what they really mean.
Boss tells me to stop using openswan because it’s deprecated and replaced by strong swan..

- Strongswan
Reinstall Debian machine, install strongswan. Copy openswan config. Oh, they’re incompatible? Look up strong swan config, and the service starts.
Connect to the VPN.. it works! Again, no internet, just connectivity in the same network. Spend 2h debugging the config, disable firewalls everywhere, find an ancient bug in the Debian package related to my issues.. ok, let’s try compiling from source.. you know what, let’s not. I’ll throw this Debian machine away and try something completely different.

- pfSense
Ok, this looks easy enough! Let’s just click through the initial setup, change some firewall rules, create an L2TP VPN with a simple wizard.
Try to connect to VPN. First, it times out. Maybe a firewall issue? Turn off firewall.. ah, something happens now. I get an error message right after trying to connect to the VPN. Hmm, the port doesn’t even get opened when I enable the firewall.. this implementation seems a bit buggy.. let’s try their OpenVPN module.

Configure OpenVPN. Documentation isn’t that clear.. apparently a client isn’t actually a client but a user is a client.. ok, there’s a hidden checkbox somewhere.
Now where do I download my certificate? Oh, I need a plug-in for that.. ok, interesting. Able to download the certificate, import it, connect and.. YES!!! I can ping! But, I have no DNS..
Apparently, ICMP isn’t getting filtered but all outbound ports are.. yet the firewall is completely disabled. Maybe I need outbound NAT? Oh. There’s no clear documentation on where to configure it. Find some ancient doc, set it up, still no outbound connectivity.

AHAHAHAHHHHHHHHHHG

Then I tried VyOS. I had a great L2TP VPN working in less than 15 mins. Thank you VyOS for actually providing proper docs and proper software.

I'm working on a JavaEE Webshop (Uni assignment) that has to send and receive JMS messages to and from a server, which is located inside the university network, so I have to use a VPN to run the shop. The problem is, the VPN is so goddamn slow that I get SocketTimeOutExceptions regularely! I have Gigabit-Connection, but with the VPN it slows down to ~1Mbps for whatever reason, which is apparently too slow for Java.

Disclaimer: Technically it's not "our" stack, but we have to use it so....

A webapp we built runs inside the company's network we built it for. Their IT are windows lovers, so everything has to run on Windows servers, even the tablets which are used to access said web app need to have windows.
Their company network isn't accessable from the outside world, so we have access via VPN to get into their network. But this isn't enough to access that shitty windows server our software runs on. After that VPN, you have to connect to a different VPN to which you can only connect to while you're inside the company's network. Then you have access to two servers, one the application is running on and one, well to see if you're changes were deployed correctly because the production server doesn't have a browser on it other than shitty internet explorer 8.

The only way to connect to the server is using RDP. Not even samba or so. To deploy the changes we made to our app, you need to copy paste the files from your local machine to the server. And don't get me started on running mssql migration with the shitty mssql console 😤😤

Why would anyone who isn't a complete idiot use Windows for servers or mssql in the first place????

So, today, I wanted to try setting up a wireguard VPN server on my little raspberry pi at home. I... expected /some/ issues, but what I found dumbfounded me.

1 - I already had the wireguard package from the unstable branch of the main raspbian repo installed... Huh, okay.
2 - Setting up config was extremely easy... Wow, so the rumors were true. Wireguard really is almost dumb-simple.
3 - Failed to create a network interface? Oh, trouble, here it is! So lets see... modprobe wireguard... Nope. Don't have the module? What?
4 - Reconfigure package to rebuild the module - missing kernel headers? Huh... weird

This was the simple stuff... Then I went down the rabbit hole of the Raspberry Pi ecosystem:

1 - There is the Raspberry Pi Bootloader, that is apparently separate from the Kernel itself. And I didn't seem to have any of the standard linux-image-* installed... What? Weird, yet there I was, running a 4.19.42-v7+ kernel...
2 - No kernel and no headers... What... The... Fuck
3 - Okay, so... Lets just... try to install the latest kernel image then? One apt-get install... It downloaded the image, but during package configuration, it failed because... I didn't have... its headers? What? What for? And if it needs them (for whatever reason), why isn't the headers package as a dependency? Ugh, whatever...
4 - Another apt-get install and... Okay, building the initrd image aaaaand...
FAIL
WHAT. What is it this time!?

Oh... Ran... No more space on device? What? Is /boot independent? Of course it is, it has to be, its a bloody different filesystem

Okay, so, lets che-OH MY GOD WTF.

Its just bloody 45 MBs big! The entire /boot is just 45 MBs large. WHY. THE. FUCK.

This was a default raspbian install from I have no idea when. But... Why. Oh WHY would ANYONE pre-configure /boot to be this incredibly tiny!?

No wonder the new init ramdisk couldn't fit in there! Its already used up from 64%!

Thanks, Raspbian Devs, now I gotta reinstall the whole system because, yes, the /boot is, of course, sector 8192. Just far enough from 2048 that there are *some* sectors free - About 3 MBs.

So what did I try? Remove the partition and recreate it from the very beginning. Only... I never tried in in the past, and okay, kernel doesn't like having the partition where its image resides deleted on the fly, it will not give up FDs pointing there or something.

So now, I have a system I cannot reboot, or it will never boot back up :|

Thanks, Raspbian!

I need to get a cheap 1U somewhere or something T.T

!long rant
Trying to work from home is always a pain, since we need to use company laptops (no ifs, ands or buts about it).
Yesterday I took the laptop in to check for updates that just wouldn't run while at home (my first mistake), and I couldn't get past the "Press Ctrl+Alt+Delete to login" screen, laptop keyboard didn't seem to be registering clicks, and an external keyboard wasn't either (and I forgot about the on-screen keyboard). A couple of restarts later with no further changes to the situation, the laptop then didn't get past the BIOS screen.
So I called support (my second mistake) and logged an incident.
Couple of hours later someone comes to my desk and asks about the issue, so I describe it, show them (by now the laptop was once again getting past BIOS screen), and leave them to it. Since these laptops are just used as preconfigured VPN and RDP gateways, I said it would be okay if he just wanted to reinstall the OS (my third mistake).
Several hours later, after staying late last night waiting for it to finish, I loaded my profile, installed updates, shut down, grabbed my stuff and left, without checking VPN or RDP over WiFi (my fourth mistake).
Turns out that some of the buttons on the keyboard just no longer work, but now USB keyboards do work, and I can just use OSK to login while out. I figured this would be my only issue with things, and that it was acceptable.
This morning I attempt to use the laptop, and forgot about OSK and the faulty delete button, so spent a few minutes on that. Try to connect to WiFi and find it can't connect, because of course, it doesn't remember the WiFi password, so I root around for the code in some drawer, enter it, and it works. VPN tries to connect and... get told to insert my smart card, which is already inserted, because the driver is wrong!
So I'm sitting here writing a post, not quite believing that I'm considering cancelling my plans for the day to go into the office because of a bloody driver issue now...

It’s me or Vim on Windows Terminal is barely usable?
I resorted to doubling my laptop’s ram (luckily Dell still produces laptop which can be upgraded and repaired with a set of common screwdrivers) in order to be able to install a FreeBSD VM in which I can finally get a decent terminal based development environment. Sadly since for my work I need a VPN which can run only on Windows and MacOS I cannot just remove Windows and switch to FreeBSD or Linux but I have to make a VM and route its network traffic through work VPN.

I really need to get on a VPN... looking for recommendations. bonus points for affordable family plan so my girlfriend can use it too.
NordVPN? Private Internet Access? others?

So, I've been seeing a lot of people concerned about privacy around here lately.

I completely understand it, and I too, don't want all my data to be available for anyone at any given time. I get it.
However, the only way to get privacy, is to build it yourself.

Buying a phone? Who says (apart from the company itself) that it doesn't have some integrated chip, or that the os lies to you or w/e

When using your phone, who says your Sim provider isn't intercepting all your traffic with a man in the middle attack?

These sound like conspiracies, however, if you really want privacy, either build it yourself (or with other privacy activists) or let go of the comforts of technology (i know, you're not the only source of info about yourself, the only way to shield yourself is to go into the woods and live a simple life.)

It's pretty sad that these are the two options, but I've yet to find a better one.

(ps, I used to have a "no logs, no ip, no anything" VPN provider, and as soon as some agency requested info, they got it, so I wouldn't easily trust the promise of 3rd parties anymore.)

I had the funniest thing today... So our company has some servers off somewhere in a VPN, as well as one server in our own office.

So, for simplicity, S1 is my own laptop, S2 is our office server, S3 is one VPN server, and S4 another.

I want to get a file from S2 to S4. S1 can SSH into S2 and S3, S2 can't ssh into any server, S3 can ssh into S2 and S3, and S4 can't ssh into any server.

So to get a file from S2 to S4, I took the path

S1 pull from S2 -> S1 push to S3 -> S3 push to S4

Part of it was preexisting keys meaning it was easier to send S1 to S4 via S3 than get my pubkey from S1 onto S4, but also S2 not being on the VPN meant I couldn't go straight from S2 to S3 or S4, so I had to route through S1, which I could add to the VPN (I'd sshed into S2 from home and thus couldn't put it on the VPN not to mention permissions, whereas I could put S1 easily onto it)

Twas certainly a fun time :P

Plus, port forwarding from a Docker container on S2 to S2's port to S1's port via ssh was fun to get set up.

Time to document this process :)

In today's episode of "Am I paranoid already?" - Caching Bind resolver forwarding queries to a DoH client connecting to Cloudflare

A fun little thing to configure, and now, anytime I am on my VPN, all my DNS traffic should be completely untrackable.

Does that make me paranoid? Maybe a little... But, the knowledge that noone - not even my ISP, can see what I am doing on the internet, is kinda... Heartarming.

Now, all that's left, is for eSNI to roll out and get implemented by all major web browsers, and most snooping will be completely done for...

Another part of messy network gone.

Caching fucked me hard....

Isn't it just lovely that nowadays you need to nearly wipe a machine to get it from claiming stale data....

And thanks to DNS, HAProxy -/ service names / ... I think I know now why the curse of babel is so powerful.

When you have to think for 2 mins to make sure you've set the zone's right, cause otherwise you need to ProxyJump with SSH through more tunnels than imaginable (VPN/HO) to fix possible caching on several DNS servers.... You'll realize that it's russian roulette with too much bullets. :(

And If a monitoring service asks another monitoring service for status information which asks the first monitoring service which then asks the second monitoring cause you were too late...

You'll get very funky monitoring statistics.

Too slow, had to nuke it (mismatched a DNS name, the second monitoring service should have been a service node).

I think I've had more near death scenarios in the last 2 weeks than I like.

Hopefully I'll never have to do that again.

(Splitting and reordering a few dozen VLANs, assigning proper DNS names, loadbalancer migration....)

Goddammit have tried for several days to get a vpn up and running so we can have a mac as build server.

I have opened the ports on the router, tried l2tp and openvpn, everything works on the local network.

However accessing my static ip from my ISP, it just gives me weird errors from the devices no information. Goddammit what to do....

For our current project, we connect to three different OpenVPNs:

Our dev OpenVPN (to get Jenkins/Artifactory)
The ops team devops OpenVPN (to get to environment)
The vendor's VPN for single signon

All of them have different keys and one connects to LDAP and uses a password we can't change.

*guy* Starts to think of getting into ethical hacking. Downloads Kali and installs fuckload of apps. Doesn't want to get caught so spends first hour on setting up a VPN. Ends up leaving "white stains" on the laptop.

Client's IT department is fine about giving me a laptop for exclusive access to their VPN, security reasons, etc. Ok, fine I get it.

But they do not want to give me a Linux machine - only Windows!

How am I supposed to get shit done.

Need opinion on PIA(Private Internet Access).
Feel free to suggest other VPN provider's too.

First day back at work, lunch time now. So far I've been to one meeting and done no work. I can't get on to the vpn. We get OTP for the vpn via sms. Sms is taking so long to come through that it always expired by the time I get it

The kicker? I work for a cellular provider

II encountered this problem today with a user who couldn't access internet on their own home network or on their company. Everytime they try to access the site. Firewall and Anti-virus settings have blocked the access . Couldn't remote into their PC due to them not being on the domain to setup the VPN client. Reset Browser settings and disabled all Firewall and Anti-virus protocols. User still could not get to any sites..... What did I miss?