Our website once had it’s config file (“old” .cgi app) open and available if you knew the file name. It was ‘obfuscated’ with the file name “Name of the cgi executable”.txt. So browsing, browsing.cgi, config file was browsing.txt.
After discovering the sql server admin password in plain text and reporting it to the VP, he called a meeting.
VP: “I have a report that you are storing the server admin password in plain text.”
WebMgr: “No, that is not correct.”
Me: “Um, yes it is, or we wouldn’t be here.”
WebMgr: “It’s not a network server administrator, it’s SQL Server’s SA account. Completely secure since that login has no access to the network.”
<VP looks over at me>
VP: “Oh..I was not told *that* detail.”
Me: “Um, that doesn’t matter, we shouldn’t have any login password in plain text, anywhere. Besides, the SA account has full access to the entire database. Someone could drop tables, get customer data, even access credit card data.”
WebMgr: “You are blowing all this out of proportion. There is no way anyone could do that.”
Me: “Uh, two weeks ago I discovered the catalog page was sending raw SQL from javascript. All anyone had to do was inject a semicolon and add whatever they wanted.”
WebMgr: “Who would do that? They would have to know a lot about our systems in order to do any real damage.”
VP: “Yes, it would have to be someone in our department looking to do some damage.”
<both the VP and WebMgr look at me>
Me: “Open your browser and search on SQL Injection.”
<VP searches on SQL Injection..few seconds pass>
VP: “Oh my, this is disturbing. I did not know SQL injection was such a problem. I want all SQL removed from javascript and passwords removed from the text files.”
WebMgr: “Our team is already removing the SQL, but our apps need to read the SQL server login and password from a config file. I don’t know why this is such a big deal. The file is read-only and protected by IIS. You can’t even read it from a browser.”
VP: “Well, if it’s secured, I suppose it is OK.”
Me: “Open your browser and navigate to … browse.txt”
VP: “Oh my, there it is.”
WebMgr: “You can only see it because your laptop had administrative privileges. Anyone outside our network cannot access the file.”
VP: “OK, that makes sense. As long as IIS is securing the file …”
Me: “No..no..no.. I can’t believe this. The screen shot I sent yesterday was from my home laptop showing the file is publicly available.”
WebMgr: “But you are probably an admin on the laptop.”
<couple of awkward seconds of silence…then the light comes on>
VP: “OK, I’m stopping this meeting. I want all admin users and passwords removed from the site by the end of the day.”

Took a little longer than a day, but after reviewing what the web team changed:
- They did remove the SQL Server SA account, but replaced it with another account with full admin privileges.
- Replaced the “App Name”.txt with centrally located config file at C:\Inetpub\wwwroot\config.txt (hard-coded in the app)
When I brought this up again with my manager..
Mgr: “Yea, I know, it sucks. WebMgr showed the VP the config file was not accessible by the web site and it wasn’t using the SA password. He was satisfied by that. Web site is looking to beat projections again by 15%, so WebMgr told the other VPs that another disruption from a developer could jeopardize the quarterly numbers. I’d keep my head down for a while.”

One of our newly-joined junior sysadmin left a pre-production server SSH session open. Being the responsible senior (pun intended) to teach them the value of security of production (or near production, for that matter) systems, I typed in sudo rm --recursive --no-preserve-root --force / on the terminal session (I didn't hit the Enter / Return key) and left it there. The person took longer to return and the screen went to sleep. I went back to my desk and took a backup image of the machine just in case the unexpected happened.

On returning from wherever they had gone, the person hits enter / return to wake the system (they didn't even have a password-on-wake policy set up on the machine). The SSH session was stil there, the machine accepted the command and started working. This person didn't even look at the session and just navigated away elsewhere (probably to get back to work on the script they were working on).

Five minutes passes by, I get the first monitoring alert saying the server is not responding. I hoped that this person would be responsible enough to check the monitoring alerts since they had a SSH session on the machine.
Seven minutes : other dependent services on the machine start complaining that the instance is unreachable.

I assign the monitoring alert to the person of the day. They come running to me saying that they can't reach the instance but the instance is listed on the inventory list. I ask them to show me the specific terminal that ran the rm -rf command. They get the beautiful realization of the day. They freak the hell out to the point that they ask me, "Am I fired?". I reply, "You should probably ask your manager".

Lesson learnt the hard-way. I gave them a good understanding on what happened and explained the implications on what would have happened had this exact same scenario happened outside the office giving access to an outsider. I explained about why people in _our_ domain should care about security above all else.

There was a good 30+ minute downtime of the instance before I admitted that I had a backup and restored it (after the whole lecture). It wasn't critical since the environment was not user-facing and didn't have any critical data.

Since then we've been at this together - warning engineers when they leave their machines open and taking security lecture / sessions / workshops for new recruits (anyone who joins engineering).

Recently, my CS teacher proudly bragged about how, to this day, no pupil has ever had WiFi Access to the school network (only teachers have access).

What a naive teacher he is ( ͡° ͜ʖ ͡°)

This is a story of me trying out maintaining a game server and eventually making a mistake, although I do not regret experiencing it.

A month ago I set up a small modded minecraft server because I wanted to experience a fun modpack together with some people from reddit. Besides this, I also wanted to see if I was capable of setting up a server with systemd and screen running in the background. This went great and I learned a lot.

The very next day I was playing with $annoyingKid on the server and everything was well. However the second day, $annoyingKid started pushing the idea to start up a normal minecraft server to build a playerbase.

I asked $annoyingKid 'What about financing, staff management and marketing?'

$annoyingKid: "I don't know much about that, but you can do that while I build a spawn!"

He also didn't want to reveal his age, which alerted me that he's young and inexperienced. He also considered Discord 'scary' because there were haxors and they would get his location and kidnap him, or something. So if he was supposed to become owner (which he desired), he had no way of communicating with a community outside of the game.

He also considered himself owner, while I was the one who paid for the server. 'Owners should be people who own the server', no matter how many times I told him that.

$annoyingKid also asked if he could install plugins on his own, I asked him if he knew anything about ssh, wget or bash because I used ssh to set up the server (I know rcon exists, but didn't want to deal with that at the time), he had no idea what any of those terms meant and he couldn't give proper arguments as to why he should get console access.

In the end, he did jack shit, he had no chance of becoming co-owner or even head-admin because he had no sense of responsibility or hard work. I kept him around as an admin because he was the one who came up with the idea. I banned him on day one after he started abusing his power when someone tipped him of. Even after me ordering him to ignore an annoying player he kept going, of course I could have prevented all this by kicking him earlier since all the red flags around him had already formed a beacon of light. He tried coming back, complaining that he should at least have his moderator rank back, but he never got in again.

A week later I got bored, I had had enough fun with ssh and the server processes to know that I didn't want to continue the small project, so I shut it down and went on to do stuff on GitHub.

Lesson learned: Don't let annoying kids with no sense of responsibility talk you into doing things you aren't sure you want to be doing. And only give people power after they've proved to you that they are capable of handling it.

I wrote a node + vue web app that consumes bing api and lets you block specific hosts with a click, and I have some thoughts I need to post somewhere.

My main motivation for this it is that the search results I've been getting with the big search engines are lacking a lot of quality. The SEO situation right now is very complex but the bottom line is that there is a lot of white hat SEO abuse.

Commercial companies are fucking up the internet very hard. Search results have become way too profit oriented thus unneutral. Personal blogs are becoming very rare. Information is losing quality and sites are losing identity. The internet is consollidating.

So, I decided to write something to help me give this situation the middle finger.

I wrote this because I consider the ability to block specific sites a basic universal right. If you were ripped off by a website or you just don't like it, then you should be able to block said site from your search results. It's not rocket science.

Google used to have this feature integrated but they removed it in 2013. They also had an extension that did this client side, but they removed it in 2018 too. We're years past the time where Google forgot their "Don't be evil" motto.

AFAIK, the only search engine on earth that lets you block sites is millionshort.com, but if you block too many sites, the performance degrades. And the company that runs it is a for profit too.

There is a third party extension that blocks sites called uBlacklist. The problem is that it only works on google. I wrote my app so as to escape google's tracking clutches, ads and their annoying products showing up in between my results.

But aside uBlacklist does the same thing as my app, including the limitation that this isn't an actual search engine, it's just filtering search results after they are generated.

This is far from ideal because filter results before the results are generated would be much more preferred.

But developing a search engine is prohibitively expensive to both index and rank pages for a single person. Which is sad, but can't do much about it.

I'm also thinking of implementing the ability promote certain sites, the opposite to blocking, so these promoted sites would get more priority within the results.

I guess I would have to move the promoted sites between all pages I fetched to the first page/s, but client side.

But this is suboptimal compared to having actual access to the rank algorithm, where you could promote sites in a smarter way, but again, I can't build a search engine by myself.

I'm using mongo to cache the results, so with a click of a button I can retrieve the results of a previous query without hitting bing. So far a couple of queries don't seem to bring much performance or space issues.

On using bing: bing is basically the only realiable API option I could find that was hobby cost worthy. Most microsoft products are usually my last choice.

Bing is giving me a 7 day free trial of their search API until I register a CC. They offer a free tier, but I'm not sure if that's only for these 7 days. Otherwise, I'm gonna need to pay like 5$.

Paying or not, having to use a CC to use this software I wrote sucks balls.

So far the usage of this app has resulted in me becoming more critical of sites and finding sites of better quality. I think overall it helps me to become a better programmer, all the while having better protection of my privacy.

One not upside is that I'm the only one curating myself, whereas I could benefit from other people that I trust own block/promote lists.

I will git push it somewhere at some point, but it does require some more work:
I would want to add a docker-compose script to make it easy to start, and I didn't write any tests unfortunately (I did use eslint for both apps, though).
The performance is not excellent (the app has not experienced blocks so far, but it does make the coolers spin after a bit) because the algorithms I wrote were very POC.
But it took me some time to write it, and I need to catch some breath.

There are other more open efforts that seem to be more ethical, but they are usually hard to use or just incomplete.

commoncrawl.org is a free index of the web. one problem I found is that it doesn't seem to index everything (for example, it doesn't seem to index the blog of a friend I know that has been writing for years and is indexed by google).

it also requires knowledge on reading warc files, which will surely require some time investment to learn.

it also seems kinda slow for responses,

it is also generated only once a month, and I would still have little idea on how to implement a pagerank algorithm, let alone code it.

Look, I get that it's really tricky to assess whether someone is or isn't skilled going solely by their profile.

That's alright.

What isn't center of the cosmic rectum alright with the fucking buttsauce infested state of interviews is that you give me the most far fetched and convoluted nonsense to solve and then put me on a fucking timer.

And since there isn't a human being on the other side, I can't even ask for clarification nor walk them through my reasoning. No, eat shit you cunt juice swallowing mother fucker, anal annhilation on your whole family with a black cock stretching from Zimbabwe to Singapore, we don't care about this "reasoning" you speak of. Fuck that shit! We just hang out here, handing out tricks in the back alley and smoking opium with vietnamese prostitutes, up your fucking ass with reason.

Let me tell you something mister, I'm gonna shove a LITERAL TON of putrid gorilla SHIT down your whore mouth then cum all over your face and tits, let's see how you like THAT.

Cherry on top: by the time I began figuring out where my initial approach was wrong, it was too late. Get that? L'esprit d'escalier, bitch. I began to understand the problem AFTER the timer was up. I could solve it now, except it wouldn't do me any fucking good.

The problem? Locate the topmost 2x2 block inside a matrix whose values fall within a particular range. It's easy! But if you don't explain it properly, I have to sit down re-reading the description and think about what the actual fuck is this cancerous liquid queef that just got forcefully injected into my eyes.

But since I can't spend too much time trying to comperfukenhend this two dollar handjob of a task, which I'd rather swap for teabagging a hairy ass herpes testicle sack, there's rushing in to try and make sense of this shit as I type.

So I'm about 10 minutes down or so already, 35 to go. I finally decipher that I should get the XY coords of each element within the specified range, then we'll walk an array of those coordinates and check for adjacency. Easy! Done, and done.

Another 10 minutes down, all checks in place. TEST. Wait, wat? Where's the output? WHERE. THE FUCK. IS. THE OUTPUT?! BITCH GIMME AN ANSWER. I COUT'D THE RETURN AND CAN SEE THE TERMINAL BUT ITS NOT SHOWING ME ANYTHINGGG?! UUUGHHH FUCKKFKFKFKFKFKFKFUFUFUFFKFK (...)

Alright, we have about 20 minutes left to finish this motorsaw colonoscopy, and I can't see what my code is outputting so I'm walking through the code myself trying to figure out if this will work. Oh, look at that I have to MANUALLY click this fucking misaligned text that says "clear" in order for any new output to register. Lovely, 10/10 web design, I will violate your armpits with an octopus soaked in rabid bear piss.

Mmmh, looks like I got this wrong. Figures. I'm building the array of coordinates sequentially, as a one dimentional list, which is very inconvenient for finding adjacent elements. No problem, let's try and fix that aaaaaand... SHIT IM ALMOST OUT OF TIME.

QUICK LYEB, QUICK!! REMEMBER WHAT FISCELLA TAUGHT YOU, IN BETWEEN MOLESTING YOUR SOUL WITH 16-BIT I/O CONSOLE PROBLEMS, LIKE THAT BITCH SNOWFALL THING YOU HAD TO SOLVE FOR A FRIEND USING TURBO C ON A FUCKING TOASTER IN COMPUTER LAB! RUN MOTHERFUCKER RUN!!!

I'm SWEATING. HEAVILY. I'm STEAMING, NON-EROTICALLY. Less than 10 minutes left. I'm trying to correct the code I have, but I start making MORE dumbfuck mistakes because I'm in a hurry!

5 minutes left. As I hit this point of no return, I realize exactly where my initial reasoning went wrong, and how I could fix it, but I can't because I don't have enough time. Sadface.

So I hastily put together skeleton of the correct implementation, and as the clock is nearly up, I write a comment explaining the bits I can't get to write. Page up, top of file, type "the editor was shit LMAO" and comment it out. SUBMIT.

This violent tale of brain damaged badmouth schizoid baby versus badly worded code challenges was brought to you by ButtholeSuffers. Tired of taking low-quality viagra before engaging in unprotected anal sex? Then try ButtholeSuffers, the new way to strengthen your everday erections! You'll be as fucking HARD as a WALL!

Visit triple doble minus you dot triple doble YOU dot doble-u doble www dotbit lyshAdy wwwwww academy smashlikeachamp ai/professional/$$%$X$/0FD0EFF~ \*¨-`++ ifyouclickurstupid for for a FREE coupon to get MINUS NaN OFF on a close-encounter with an inter-continental dick, and use my promo code HOPONBITCH if you'd like it *RAMMED* --FAR-- and D E E P L Y.

(lel ad break should continue I'm cutting it shortt) [CENSORED] grants *physical* access to your pants! Big ups to Annihilate for sponsoring this mental breakdown.

Also hi ;>

android studio is TERRIBLE. why cant they just make a fucking good linux installer? they're a fucking half trillion dollars company and can't get their shit together. its terribly unprofessional, and makes vim look like a god. maybe not all of us has have access to nasa's supercomputer and don't have a month for it to start.

here's a story about the installation of android studio on a (fairly high-end) chromebook running gallium:

I went to the website, which by the way could tell I was on linux but still automatically showed me the windows instructions, and downloaded android studio, 1.2 gb for fucks sake! I have a 16 gb hard drive! then it installed, and I closed it, because I was gonna use it later. I had a problem with it the first time, so I reinstalled, and halfway through the installation, IT DECIDED IT NEEDED SUPERUSER PRIVELEGES. fuck that. I restarted the installer, with sudo, and it took about switch as long this time. then, it made me redownload the sdk and all that other bloatware EVEN THOUGH THEY WERE INSTALLED IN SEPARATE FOLDERS AND ALREADY DOWNLOADED. jesus christ, google.

So I am currently making an app for a retail franchise and that retail franchise is getting a website done by a company. Since the recipes that the guys want are going to be on the website, the web dev company made a mysql db that has all the recipes.

I thought since the people at the head of the retail franchise have spent time gathering these recipes, I'll just get the data for the app from the db.

I called the project manager for the website up (That's the only contact I got) and asked if they could given me access to the db to use for the app or if I could make a script that would get data from it.

Now this is the part where I tell you I'm only 14 years old and these guys know that because of the head of the retail company.

He puts it on speaker and asks me to say it again and I hear quite a bit of people laughing. I knew what was happening. He asks do you know anything about databases, I explained to him what a db was and how I was going to get the data from it and etc. Half way through me telling him that it would be beneficial for both me and the retail guys, he hung up the call and blocked me.

I asked the head of the retail company if he could ask them about it and he said that he didn't know much about tech so he couldn't ask and if I could find an alternative option.

You might be thinking that the company didn't want to give me permission to access the db which is respectable but they have done this previously as well.
I gave them advice on putting a rewards card feature on the site so the customers could track their points on the site as well as on the app and the PM said "We don't want advice from you."

It has now been 3 weeks on and off because of school where I had to code a ui for the lady at the company to enter all her recipes for the app and waste a lot of time communicating with different people to get all the data.

I hate being disrespected because of my inexperience when I can truly do some extraordinary things with software. 😡😤😣

Its also very hard to find a job being 14.

It is the time for the proper long personal rant.

Im a fresh student, i started few months ago and the life is going as predicted: badly or even worse...
Before the university i had similar problems but i had them under control (i was able to cope with them and with some dose of "luck" i graduated from high school and managed to get into uni). I thought by leaving the town and starting over i would change myself and give myself a boost to keep going. But things turned out as expected. Currently i waste time everyday playing pc games or if im too stressed to play, i watch yt videos. Few years ago i thought i was addicted, im not. It might be a effect of something greater. I have plans, for countess inventions, projects, personal, for university and others and ALL of them are frozen, stopped, non existant. No motivation. I had few moments when i was motivated but it was short, hours or only minutes. Long term goals dont give me any motivation. They give as much short lived joy, happines as goals in games and other things... (no substance abuse problems, dont worry). I just dont see point of my projects anymore. Im sure that my projects are the only thing that will give me experience and teach me something but... i passed the magic barrier of univercity, all my projects are becoming less and less impressive... TV and other sources show people, briliant people, students, even children that were more succesful than me

if they are better than me why do i even bother? companies care more for them, especialy the prestigious ones, they have all the fame, money, funding, help, gear without question!
of course they hardworked for ther positions, they could had better beggining or worse but only hard work matters right?

As i said. None of my work matters, i worked hard for my whole life, studing, crafting, understanding: programming, multiple launguages, enviorements, proper and most effcient algorithms, electronic circuits, mechanical contraptions. I have knowlege about nearly every machine and i would be able to create nearly everything with just access to those tools and few days worth of practice. (im sort of omnibus, know everything) But because had lived in a small town i didnt have any chances of getting the right equpment. All of my electronical projects are crap. Mechanical projects are made out of scrap. Even when i was in high school, nobody was impressed or if they were they couldnt help me.
Now im at university. My projects are stagnant, mostly because of my mental problems. Even my lifestyle took a big hit. I neglect a lot of things i shouldnt. Of course greg, you should go out with friends! You cant dedicate 100% of your life to science!
I fucking tried. All of them are busy or there are other things that prevent that... So no friends for me. I even tried doing something togheter! Nope, same reasons or in most cases they dont even do anything...
Science clubs? Mostly formal, nobody has time, tools are limited unless you designed you thing before... (i want to learn!, i dont have time to design!), and in addition to that i have to make a recrutment project... => lack of motivation to do shit.

The biggest obstacle is money. Parts require money, you can make your parts but tools are money too. I have enough to live in decent apartment and cook decently as well but not enough to buy shit for projects. (some of them require a lot or knowlege... and nobody is willing to give me the second thing). Ok i found a decent job oppurtunity. C# corporation, very nice location, perfect for me because i have a lot of time, not only i can practice but i can earn for stuff. I have a CV or resume just waiting for my friend to give me the email (long story, we have been to that corp because they had open days and only he has the email to the guy, just a easier way)
But there are issiues with it as well so it is not that easy.

If nobody have noticed im dedicated to the science. Basicly 100% scientist that want to make a world a better place.

I messaged a uni specialist so i hope he will be able to help me.
For long time i have thought that i was normal, parent were neglecting my mental health and i had some situations that didnt have good infuence on me as well. I might have some issiues with my brain as well, 96% of aspargers symptoms match, with other links included. I dont want to say i have it but it is a exciuse for a test. In addition to that i cant CANT stop thinking, i even tried not thinking for few minutes, nope i had to think about something everytime. On top of that my biological timer is flipped. I go to sleep at 5 am and wake up at 5pm (when i dont have lectures).
I prefer working at night, at that time my brain at least works normaly but i dont want to disrupt roommates...
And at the day my brain starts the usual, depression, lack of motivation, other bullshit thing.

I might add something later, that is all for now.

TL;DR; do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that.

They say verbalising it makes it less painful. So I guess I'll try to do just that. Because it still hurts, even though it happened many years ago.

I was about to finish college. As usual, the last year we have to prepare a project and demonstrate it at the end of the year. I worked. I worked hard. Many sleepless nights, many nerves burned. I was making an android app - StudentBuddy. It was supposed to alleviate students' organizational problems: finding the right building (city plans, maps, bus schedules and options/suggestions), the right auditorium (I used pictures of building evac plans with classes indexed on them; drawing the red line as the path to go to find the right room), having the schedule in-app, notifications, push-notifications (e.g. teacher posts "will be 15 minutes late" or "15:30 moved to aud. 326"), homework, etc. Looots of info, loooots of features. Definitely lots of time spent and heaps of new info learned along the way.

The architecture was simple. It was a server-side REST webapp and an Android app as a client. Plenty of entities, as the system had to cover a broad spectrum of features. Consequently, I had to spin up a large number of webmethods, implement them, write clients for them and keep them in-sync. Eventually, I decided to build an annotation processor that generates webmethods and clients automatically - I just had to write a template and define what I want generated. That worked PERFECTLY.

In the end, I spun up and implemented hundreds of webmethods. Most of them were used in the Android app (client) - to access and upsert entities, transition states, etc. Some of them I left as TBD for the future - for when the app gets the ADMIN module created. I still used those webmethods to populate the DB.

The day came when I had to demonstrate my creation. As always, there was a commission: some high-level folks from the college, some guests from businesses.

My turn to speak. Everything went great, as reversed. I present the problem, demonstrate the app, demonstrate the notifications, plans, etc. Then I describe at high level what the implementation is like and future development plans. They ask me questions - I answer them all.

I was sure I was going to get a 10 - the highest score. This was by far the most advanced project of all presented that day!

Other people do their demos. I wait to the end patiently to hear the results. Commission leaves the room. 10 minutes later someone comes in and calls my name. She walks me to the room where the judgement is made. Uh-oh, what could've possibly gone wrong...?

The leader is reading through my project's docs and I don't like the look on his face. He opens the last 7 pages where all the webmethods are listed, points them to me and asks:
LEAD: What is this??? Are all of these implemented? Are they all being used in the app?
ME: Yes, I have implemented all of them. Most of them are used in the app, others are there for future development - for when the ADMIN module is created
LEAD: But why are there so many of them? You can't possibly need them all!
ME: The scope of the application is huge. There are lots of entities, and more than half of the methods are but extended CRUD calls
LEAD: But there are so many of them! And you say you are not using them in your app
ME: Yes, I was using them manually to perform admin tasks, like creating all the entities with all the relations in order to populate the DB (FTR: it was perfectly OK to not have the app completed 100%. We were encouraged to build an MVP and have plans for future development)
LEAD: <shakes his head in disapproval>
LEAD: Okay, That will be all. you can return to the auditorium

In the end, I was not given the highest score, while some other, less advanced projects, were. I was so upset and confused I could not force myself to ask WHY.

I still carry this sore with me and it still hurts to remember. Also, I have learned a painful life lesson: do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that.

Any Windows Sysadmins here? I have a question for you - How do you do it?

I only very rarely have to do something that would fall under "Windows System Administration", but when I do... I usually find something either completely baffling, or something that makes me want to tear our my hair.

This time, I had a simple issue - Sis brought me her tablet laptop (You know, the kind of tablets that come with a bluetooth keyboard and so can "technically" be called a laptop) and an SD card stating that it doesn't work.

Plugging it in, it did work, only issue was that the card contained file from a different machine, and so all the ACLs were wrong.

I... Dealt with Windows ACLs before, so I went right to the usual combination of takeown and icacls to give the new system's user rights to work with the files already present. Takeown worked fine... But icacls? It got stuck on the first error it encountered and didn't go any further - very annoying.

The issue was a found.000 folder (Something like lost+found folder from linux?) that was hidden by default, so I didn't spot it in the explorer.

Trying to take ownership of that folder... Worked for for files in there, safe for one - found.000\dir0000.chk$Txf; no idea what it is, and frankly neither do I care really.

Now... Me, coming from the Linux ecosystem, bang my head hard against the table whenever I get "Permission denied" as an administrator on the machine.

Most of the times... While doing something not very typical like... Rooting around (Hah... rooting... Get it?! I... Carry on) the Windows folder or system folders elsewhere. I can so-so understand why even administrators don't have access to those files.

But here, it was what I would consider a "common" situation, yet I was still told that my permissions were not high enough.

Seeing that it was my sister's PC, I didn't want to install anything that would let me gain system level permissions... So I got to writing a little forloop to skip the one hidden folder alltogether... That solved the problem.

My question is - Wtf? Why? How do you guys do this sort of stuff daily? I am so used to working as root and seeing no permission denied that situations like these make me loose my cool too fast too often...

Also - What would be the "optimal" way to go about this issue, aside for the forloop method?

The exact two commands I used and expected to work were:
takeown /F * /U user /S machine-name /R
icacls * /grant machine-name\user:F /T

A year ago I built my first todo, not from a tutorial, but using basic libraries and nw.js, and doing basic dom manipulations.

It had drag n drop, icons, and basic saving and loading. And I was satisfied.

Since then I've been working odd jobs.

And today I've decided to stretch out a bit, and build a basic airtable clone, because I think I can.
And also because I hate anything without an offline option.

First thing I realized was I wasn't about to duplicate all the features of a spreadsheet from scratch. I'd need a base to work from.

I spent about an hour looking.
Core features needed would be trivial serialization or saving/loading.

Proper event support for when a cell, row, or column changed, or was selected. Necessary for triggering validation and serialization/saving.

Custom column types.

Embedding html in cells.

Reorderable columns

Optional but nice to have:

Changeable column width and row height.

Drag and drop on rows and columns.

Right click menu support out of the box.

After that hour I had a few I wanted to test.

And started looking at frameworks to support the SPA aspects.

Both mithril and riot have minimal router support. But theres also a ton of other leightweight frameworks and libraries worthy of prototyping in, solid, marko, svelte, etc.
I didn't want to futz with lots of overhead, babeling/gulping/grunting/webpacking or any complex configuration-over-convention.

Didn't care for dom vs shadow dom. Its a prototype not a startup.

And I didn't care to do it the "right way". Learning curve here was antithesis to experimenting. I was trying to get away from plugin, configuration-over-convention, astronaut architecture, monolithic frameworks, the works.

Could I import the library without five dozen dependancies and learning four different tools before getting to hello world?
"But if you know IJK then its quick to get started!", except I don't, so it won't. I didn't want that.

Could I get cheap component-oriented designs?

Was I managing complex state embedded in a monolith that took over the entire layout and conventions of my code, like the world balanced on the back of a turtle?

Did it obscure the dom and state, and the standard way of doing things or *compliment* those?

As for validation, theres a number of vanilla libraries, one of which treats validation similar to unit testing, which seems kinda novel.

For presentation and backend I could do NW.JS, which would remove some of the complications, by putting everything in one script. Or if I wanted to make it a web backend, and avoid writing it in something that ran like a potato strapped to a nuclear rocket (visual studio), I could skip TS and go with python and quart, an async variation of flask.
This has the advantage that using something thats *not* JS, namely python, for interacting with a proper database, and would allow self-hosting or putting it online so people can share data and access in real time with others.

And because I'm horrible, and do things the wrong way for convenience, I could use tailwind.
Because it pisses people off.

How easy (or hard) would it be to recreate a basic functional clone of the core of airtable?

I don't know, but I have feeling I'm going to find out!