As a developer, sometimes you hammer away on some useless solo side project for a few weeks. Maybe a small game, a web interface for your home-built storage server, or an app to turn your living room lights on an off.

I often see these posts and graphs here about motivation, about a desire to conceive perfection. You want to create a self-hosted Spotify clone "but better", or you set out to make the best todo app for iOS ever written.

These rants and memes often highlight how you start with this incredible drive, how your code is perfectly clean when you begin. Then it all oscillates between states of panic and surprise, sweat, tears and euphoria, an end in a disillusioned stare at the tangled mess you created, to gather dust forever in some private repository.

Writing a physics engine from scratch was harder than you expected. You needed a lot of ugly code to get your admin panel working in Safari. Some other shiny idea came along, and you decided to bite, even though you feel a burning guilt about the ever growing pile of unfinished failures.

All I want to say is:

No time was lost.

This is how senior developers are born. You strengthen your brain, the calluses on your mind provide you with perseverance to solve problems. Even if (no, *especially* if) you gave up on your project.

Eventually, giving up is good, it's a sign of wisdom an flexibility to focus on the broader domain again.

One of the things I love about failures is how varied they tend to be, how they force you to start seeing overarching patterns.

You don't notice the things you take back from your failures, they slip back sticking to you, undetected.

You get intuitions for strengths and weaknesses in patterns. Whenever you're matching two sparse ordered indexed lists, there's this corner of your brain lighting up on how to do it efficiently. You realize it's not the ORMs which suck, it's the fundamental object-relational impedance mismatch existing in all languages which causes problems, and you feel your fingers tingling whenever you encounter its effects in the future, ready to dive in ever so slightly deeper.

You notice you can suddenly solve completely abstract data problems using the pathfinding logic from your failed game. You realize you can use vector calculations from your physics engine to compare similarities in psychological behavior. You never understood trigonometry in high school, but while building a a deficient robotic Arduino abomination it suddenly started making sense.

You're building intuitions, continuously. These intuitions are grooves which become deeper each time you encounter fundamental patterns. The more variation in environments and topics you expose yourself to, the more permanent these associations become.

Failure is inconsequential, failure even deserves respect, failure builds intuition about patterns. Every single epiphany about similarity in patterns is an incredible victory.

Please, for the love of code...

Start and fail as many projects as you can.

One day when I was about 8 years old my friend and I were in the library. We decided we wanted to try to make a baseball website because we both likes baseball (this was around 1998). We picked up a book on HTML and my dad took it out for us. My dad was also a programmer so he said he would help us learn. We went home that afternoon and made a little website!

I knew right then that I really enjoyed programming and creating things with code, but I realized I wanted to be a programmer in middle school and high school. One of my friends and I started building Flash games. To see if people were playing them, I added in a call to each game that hit a PHP script on our server. I'll never forget the days/weeks that one of our most popular games caused our sever to get hammered and our shared host said they were going to boot us.

It was an awesome feeling knowing people were enjoying these games that we worked really hard on, and that's one of the main reasons I always wanted to be coding/creating things that people enjoy using.

Was lead developer at a small startup, I was hiring and had a budget to add 3 new people to my team to develop a new product for the company.

Some context first and then the rant!

Candidate 1 - Amazing, a dev I worked with before who was under utilized at the previous company. Still a junior, but, she was a quick learner and eager to expand her knowledge, never an issue.

Candidate 2 - Kickass dev with back end skills and extras, he was always eager to work a bit more than what was expected. I use to send him home early to annoy him. haha!

Candidate 3 - Lets call him P.

In the interview he answers every question perfectly, he asks all the right questions and suggests some things I havent even thought of. CTO goes ahead and says we should skip the technical test and just hire the guy, his smart and knows what his talking about, I agree and we hire him. (We where a bit desperate at this stage as well.)

He comes in a week early to pick up his work laptop to get setup before he starts the next week, awesome! This guy is going to be an asset to the company, cant wait to have him join the team - The CTO at this stage is getting ready to leave the company and I will be taking over the division and need someone to take over lead position, he seems like the guys to do it.

The guys starts the next week, he comes in and the laptop we gave him is now a local server for testing and he will be working off his own laptop, no issue, we are small so needed a testing stack, but wasnt really needed since we had procedures in place for this already.

Here is where everything goes wrong!!! First day goes great... Next day he gets in early 6:30am (Nice! NO!), he absolutely smells, no stinks, of weed, not a light smell, the entire fucking office smells of weed! (I have no problem with weed, just dont make it my problem to deal with). I get called by boss and told to sort this out people are complaining! I drive to office and have a meeting with him, he says its all good he understands. (This was Friday).

Monday comes around - Get a call from Boss at 7:30am. Whole office smells like weed, please talk to P again, this cannot happen again. I drive to office again, and he again says it wont happen again, he has some issues with back pain and the weed helps.

Tuesday - Same fucking thing! And now he doesnt want to sign for the laptop("server") that was given to him, and has moved to code in the boardroom, WHERE OUR FUCKING CLIENTS WILL BE VIEWING A DEMO THAT DAY OF THE PRODUCT!! Now that whole room smells like weed, FML!

Wednesday - We send P a formal letter that he is under probation, P calls me to have a meeting. In the meeting he blames me for not understanding "new age" medicine, I ask for his doctors prescription and ask why he didnt tell me this in the interview so I could make arrangements, we dont care if you are stoned, just do good work and be considerate to your co-workers. P cant provide these and keeps ranting, I suggest he takes pain killers, he has none of it only "new age" medicine for him.

Thursday - I ask him to rather "work" from home till we can get this sorted, he comes in for code reviews for 2 weeks. I can clearly see he has no idea how the system works but is trying, I thought I will dive deeper and look at all of his code. Its a mess, nothing makes sense and 50% of it is hard coded (We are building a decentralized API for huge data sets so this makes no sense).

Friday - In code review I confront him about this, he has excuses for everything, I start asking him harder questions about the project and to explain what we are building - he goes quiet and quits on the spot with a shitty apology.

From what I could make out he was really smart when it came to theory but interpreting the theory to actual practice wasnt possible for him, probably would have been easier if he wasnt high all the time.

I hate interview code tests, but learned a valuable lesson that day! Always test for some code knowledge as well even if you hate doing it, ask the right questions and be careful who you hire! You can only bullshit for so long in coding before someone figures out that you are a fraud.

I absolutely HATE "web developers" who call you in to fix their FooBar'd mess, yet can't stop themselves from dictating what you should and shouldn't do, especially when they have no idea what they're doing.

So I get called in to a job improving the performance of a Magento site (and let's just say I have no love for Magento for a number of reasons) because this "developer" enabled Redis and expected everything to be lightning fast. Maybe he thought "Redis" was the name of a magical sorcerer living in the server. A master conjurer capable of weaving mystical time-altering spells to inexplicably improve the performance. Who knows?

This guy claims he spent "months" trying to figure out why the website couldn't load faster than 7 seconds at best, and his employer is demanding a resolution so he stops losing conversions. I usually try to avoid Magento because of all the headaches that come with it, but I figured "sure, why not?" I mean, he built the website less than a year ago, so how bad can it really be? Well...let's see how fast you all can facepalm:

1.) The website was built brand new on Magento 1.9.2.4...what? I mean, if this were built a few years back, that would be a different story, but building a fresh Magento website in 2017 in 1.x? I asked him why he did that...his answer absolutely floored me: "because PHP 5.5 was the best choice at the time for speed and performance..." What?!

2.) The ONLY optimization done on the website was Redis cache being enabled. No merged CSS/JS, no use of a CDN, no image optimization, no gzip, no expires rules. Just Redis...

3.) Now to say the website was poorly coded was an understatement. This wasn't the worst coding I've seen, but it was far from acceptable. There was no organization whatsoever. Templates and skin assets are being called from across 12 different locations on the server, making tracking down and finding a snippet to fix downright annoying.

But not only that, the home page itself had 83 custom database queries to load the products on the page. He said this was so he could load products from several different categories and custom tables to show on the page. I asked him why he didn't just call a few join queries, and he had no idea what I was talking about.

4.) Almost every image on the website was a .PNG file, 2000x2000 px and lossless. The home page alone was 22MB just from images.

There were several other issues, but those 4 should be enough to paint a good picture. The client wanted this all done in a week for less than $500. We laughed. But we agreed on the price only because of a long relationship and because they have some referrals they got us in the door with. But we told them it would get done on our time, not theirs. So I copied the website to our server as a test bed and got to work.

After numerous hours of bug fixes, recoding queries, disabling Redis and opting for higher innodb cache (more on that later), image optimization, js/css/html combining, render-unblocking and minification, lazyloading images tweaking Magento to work with PHP7, installing OpCache and setting up basic htaccess optimizations, we smash the loading time down to 1.2 seconds total, and most of that time was for external JavaScript plugins deemed "necessary". Time to First Byte went from a staggering 2.2 seconds to about 45ms. Needless to say, we kicked its ass.

So I show their developer the changes and he's stunned. He says he'll tell the hosting provider create a new server set up to migrate the optimized site over and cut over to, because taking the live website down for maintenance for even an hour or two in the middle of the night is "unacceptable".

So trying to be cool about it, I tell him I'd be happy to configure the server to the exact specifications needed. He says "we can't do that". I look at him confused. "What do you mean we 'can't'?" He tells me that even though this is a dedicated server, the provider doesn't allow any access other than a jailed shell account and cPanel access. What?! This is a company averaging 3 million+ per year in revenue. Why don't they have an IT manager overseeing everything? Apparently for them, they're too cheap for that, so they went with a "managed dedicated server", "managed" apparently meaning "you only get to use it like a shared host".

So after countless phone calls arguing with the hosting provider, they agree to make our changes. Then the client's developer starts getting nasty out of nowhere. He says my optimizations are not acceptable because I'm not using Redis cache, and now the client is threatening to walk away without paying us.

So I guess the overall message from this rant is not so much about the situation, but the developer and countless others like him that are clueless, but try to speak from a position of authority.

If we as developers don't stop challenging each other in a measuring contest and learn to let go when we need help, we can get a lot more done and prevent losing clients. </rant>

The project where I realized I wanted to go from chemist to pro dev.

I built a flow-chemistry spectrometer with monitoring backend in Haskell.

Spectroscopy is where you add a reagent to a glass tube, it changes color, and by measuring the exact color it tells you how much of something (for example, a toxin) is present in the sample.

I had to do that a lot on factory samples, writing down measurements using pen & paper.

I'm lazy so I decided to do the logical thing: Automate it. I bought a second hand spectrometer, stripped the casing, did a shitload of glassblowing and hooked up tubes to the production pipelines, so I could get samples, mixing them in the correct ratio with reagents in continuous flows using valves.

I ended up using 2 home-crafted arduino-like boards (etching PCBs is fun!).

One to calibrate the mixture against known samples and control solenoid valves to continuously cycle through various reagents and deionized flushing water, the other to record the measurements and send them to a server running a Haskell/Yesod API.

The server collected the information into InfluxDB (A time series database), displaying all data on a graphite dashboard.

Eventually I wrote Haskell plugins for most of the chemistry processes, from pH & temperature measurements to polymer property and pigment tests (they made a lot of printer ink).

Then I was fired because they didn't need chemists anymore, and the code "could be maintained by the intern" (poor guy)...

But I did find out that I loved functional programming, chemistry automation projects, and crafting my own electronics during that time.

And here comes the last part of my story so far.
After deploying the domain, configuring PCs, configuring the server, configuring the switch, installing software, checking that the correct settings have been applied, configuring MS Outlook (don't ask) and giving each and every user a d e t a i l e d tutorial on using the PC like a modern human and not as a Homo Erectus, I had to lock my door, put down my phone and disconnect the ship's announcement system's speaker in my room. The reasons?
- No one could use USB storage media, or any storage media. As per security policy I emailed and told them about.
- No one could use the ship's computers to connect to the internet. Again, as per policy.
- No one had any games on their Windows 10 Pro machines. As per policy.
- Everyone had to use a 10-character password, valid for 3 months, with certain restrictions. As per policy.
For reasons mentioned above, I had to (almost) blackmail the CO to draft an order enforcing those policies in writing (I know it's standard procedure for you, but for the military where I am it was a truly alien experience). Also, because I never trusted the users to actually backup their data locally, I had UrBackup clone their entire home folder, and a scheduled task execute a script storing them to the old online drive. Soon it became apparent why: (for every sysadmin this is routine, but this was my first experience)
- People kept deleting their files, whining to me to restore them
- People kept getting locked out because they kept entering their password WRONG for FIVE times IN a ROW because THEY had FORGOTTEN the CAPS lock KEY on. Had to enter three or four times during weekend for that.
- People kept whining about the no-USB policy, despite offering e-mail and shared folders.
The final straw was the updates. The CO insisted that I set the updates to manual because some PCs must not restart on their own. The problem is, some users barely ever checked. One particular user, when I asked him to check and do the updates, claimed he did that yesterday. Meanwhile, on the WSUS console: PC inactive for over 90 days.
I blocked the ship's phone when I got reassigned.
Phiew, finally I got all those off my chest! Thanks, guys. All of the rants so far remind me of one quote from Dave Barry:

My first job: The Mystery of The Powered-Down Server

I paid my way through college by working every-other-semester in the Cooperative-Education Program my school provided. My first job was with a small company (now defunct) which made some of the very first optical-storage robotic storage systems. I honestly forgot what I was "officially" hired for at first, but I quickly moved up into the kernel device-driver team and was quite happy there.

It was primarily a Solaris shop, with a smattering of IBM AIX RS/6000. It was one of these ill-fated RS/6000 machines which (by no fault of its own) plays a major role in this story.

One day, I came to work to find my team-leader in quite a tizzy -- cursing and ranting about our VAR selling us bad equipment; about how IBM just doesn't make good hardware like they did in the good old days; about how back when _he_ was in charge of buying equipment this wouldn't happen, and on and on and on.

Our primary AIX dev server was powered off when he arrived. He booted it up, checked logs and was running self-diagnostics, but absolutely nothing so far indicated why the machine had shut down. We blew a couple of hours trying to figure out what happened, to no avail. Eventually, with other deadlines looming, we just chalked it up be something we'll look into more later.

Several days went by, with the usual day-to-day comings and goings; no surprises.

Then, next week, it happened again.

My team-leader was LIVID. The same server was hard-down again when he came in; no explanation. He opened a ticket with IBM and put in a call to our VAR rep, demanding answers -- how could they sell us bad equipment -- why isn't there any indication of what's failing -- someone must come out here and fix this NOW, and on and on and on.

(As a quick aside, in case it's not clearly coming through between-the-lines, our team leader was always a little bit "over to top" for me. He was the kind of person who "got things done," and as long as you stayed on his good side, you could just watch the fireworks most days - but it became pretty exhausting sometimes).

Back our story -
An IBM CE comes out and does a full on-site hardware diagnostic -- tears the whole server down, runs through everything one part a time. Absolutely. Nothing. Wrong.

I recall, at some point of all this, making the comment "It's almost like someone just pulls the plug on it -- like the power just, poof, goes away."

My team-leader demands the CE replace the power supply, even though it appeared to be operating normally. He does, at our cost, of course.

Another weeks goes by and all is forgotten in the swamp of work we have to do.

Until one day, the next week... Yes, you guessed it... It happens again. The server is down. Heads are exploding (will at least one head we all know by now). With all the screaming going on, the entire office staff should have comped some Advil.

My team-leader demands the facilities team do a full diagnostic on the UPS system and assure we aren't getting drop-outs on the power system. They do the diagnostic. They also review the logs for the power/load distribution to the entire lab and office spaces. Nothing is amiss.

This would also be a good time draw the picture of where this server is -- this particular server is not in the actual server room, it's out in the office area. That's on purpose, since it is connected to a demo robotics cabinet we use for testing and POC work. And customer demos. This will date me, but these were the days when robotic storage was new and VERY exciting to watch...

So, this is basically a couple of big boxes out on the office floor, with power cables running into a special power-drop near the middle of the room. That information might seem superfluous now, but will come into play shortly in our story.

So, we still have no answer to what's causing the server problems, but we all have work to do, so we keep plugging away, hoping for the best.

The team leader is insisting the VAR swap in a new server.

One night, we (the device-driver team) are working late, burning the midnight oil, right there in the office, and we bear witness to something I will never forget.

The cleaning staff came in.

Anxious for a brief distraction from our marathon of debugging, we stopped to watch them set up and start cleaning the office for a bit.

Then, friends, I Am Not Making This Up(tm)... I watched one of the cleaning staff walk right over to that beautiful RS/6000 dev server, dwarfed in shadow beside that huge robotic disc enclosure... and yank the server power cable right out of the dedicated power drop. And plug in their vacuum cleaner. And vacuum the floor.

We each looked at one-another, slowly, in bewilderment... and then went home, after a brief discussion on the way out the door.

You see, our team-leader wasn't with us that night; so before we left, we all agreed to come in late the next day. Very late indeed.

One year ago, I quit my job in order to "make life easier". And by that I mean work+home in the same city. I went from 40 minutes commute - to 3 minutes. I had a blast the first week.

Then I realized that it was actually a mistake. I did not like working with "that kind of systems" and "that kind of tasks". It was tedious, stupid, and I was angry every, single day because the previous ones had built a system on 10-15 year old hardware because "it is cheaper".

That continued for a year. I discovered new stupid "solutions" every week that was potentially dangerous for the company. It built up a huge pile of shit and I started to feel that my mental health was disappearing, fast.

And equipment such as servers, switches, routers, storage started to fail because of age. Despite my warnings from day 0 to the CEO who only kinda laughed it off and said "you can to solve that", but I never got the approval to actually buy the equipment that was needed. Because "the company did'nt have the money for it". Somehow, the company had the money to buy expensive cars for the CEO - I can't really figure out that equation.

So today, one VERY old UPS died at our office. It caused some powerspike that killed off some switches and a NAS.
"Whatever" I thought, I just have to find the backup of the files and get a new one.

Then I discovered, that the NAS that acted as a iSCSI target for VM's and document storage was backed up using VEEAM on another server - that was configured to backup everything to the same NAS. I just wanted to cry, because I could not take anymore shit.

So I picked up my phone, called my old employer and asked if I could start working for them again. My old boss got insanely happy and gave me a great offer which I immediately accepted.

So tomorrow, is the day that I am going to walk into my current boss and say that I will quit. My last day will be on Christmas day. And I will start my new year with a few weeks off, and then back to the job that I actually loved.

Life is to short to work with something you hate.

Working 600 km from home on my first big web project, with a raspberry pi as server (located at home). Decided to reboot it today in order to see if it would resolve a problem.

It probably booted up with a different local ip, cant access it anymore with ssh or ftp.

Fuck.

Worst thing you've seen another dev do? Long one, but has a happy ending.

Classic 'Dev deploys to production at 5:00PM on a Friday, and goes home.' story.

The web department was managed under the the Marketing department, so they were not required to adhere to any type of coding standards and for months we fought with them on logging. Pre-Splunk, we rolled our own logging/alerting solution and they hated being the #1 reason for phone calls/texts/emails every night.

Wanting to "get it done", 'Tony' decided to bypass the default logging and send himself an email if an exception occurred in his code.

At 5:00PM on a Friday, deploys, goes home.

Around 11:00AM on Sunday (a lot folks are still in church at this time), the VP of IS gets a call from the CEO (who does not go to church) about unable to log into his email. VP has to leave church..drive home and find out he cannot remote access the exchange server. He starts making other phone calls..forcing the entire networking department to drive in and get email back up (you can imagine not a group of happy people)

After some network-admin voodoo, by 12:00, they discover/fix the issue (know it was Tony's email that was the problem)

We find out Monday that not only did Tony deploy at 5:00 on a Friday, the deployment wasn't approved, had features no one asked for, wasn't checked into version control, and the exception during checkout cost the company over $50,000 in lost sales.

Was Tony fired? Noooo. The web is our cash cow and Tony was considered a top web developer (and he knew that), Tony decided to blame logging. While in the discovery meeting, Tony told the bosses that it wasn't his fault logging was so buggy and caused so many phone calls/texts/emails every night, if he had been trained properly, this problem could have been avoided.

Well, since I was responsible for logging, I was next in the hot seat.

For almost 30 minutes I listened to every terrible thing I had done to Tony ever since he started. I was a terrible mentor, I was mean, I was degrading, etc..etc.
Me: "Where is this coming from? I barely know Tony. We're not even in the same building. I met him once when he started, maybe saw him a couple of times in meetings."
Andrew: "Aren't you responsible for this logging fiasco?"
Me: "Good Lord no, why am I here?"
Andrew: "I'll rephrase so you'll understand, aren't you are responsible for the proper training of how developers log errors in their code? This disaster is clearly a consequence of your failure. What do you have to say for yourself?"
Me: "Nothing. Developers are responsible for their own choices. Tony made the choice to bypass our logging and send errors to himself, causing Exchange to lockup and losing sales."
Andrew: "A choice he made because he was not properly informed of the consequences? Again, that is a failure in the proper use of logging, and why you are here."
Me: "I'm done with this. Does John know I'm in here? How about you get John and you talk to him like that."
'John' was the department head at the time.
Andrew:"John, have you spoken to Tony?"
John: "Yes, and I'm very sorry and very disappointed. This won't happen again."
Me: "Um...What?"
John: "You know what. Did you even fucking talk to Tony? You just sit in your ivory tower and think your actions don't matter?"
Me: "Whoa!! What are you talking about!? My responsibility for logging stops with the work instructions. After that if Tony decides to do something else, that is on him."
John: "That is not how Tony tells it. He said he's been struggling with your logging system everyday since he's started and you've done nothing to help. This behavior ends today. We're a fucking team. Get off your damn high horse and help the little guy every once in a while."
Me: "I don't know what Tony has been telling you, but I barely know the guy. If he has been having trouble with the one line of code to log, this is the first I've heard of it."
John: "Like I said, this ends today. You are going to come up with a proper training class and learn to get out and talk to other people."

Over the next couple of weeks I become a powerpoint wizard and 'train' anyone/everyone on the proper use of logging. The one line of code to log. One line of code.

A friend 'Scott' sits close to Tony (I mean I do get out and know people) told me that Tony poured out the crocodile tears. Like cried and cried, apologizing, calling me everything but a kitchen sink,...etc. It was so bad, his manager 'Sally' was crying, her boss 'Andrew', was red in the face, when 'John' heard 'Sally' was crying, you can imagine the high levels of alpha-male 'gotta look like I'm protecting the females' hormones flowing.

Took almost another year, Tony released a change on a Friday, went home, web site crashed (losses were in the thousands of $ per minute this time), and Tony was not let back into the building on Monday (one of the best days of my life).

Developer: Can you upgrade my machine to Windows 10? I need it for SQL server 2019.

IT Guy: Sure.

Some time later...

IT Guy: Good news, Windows 10 is loaded. Bad news, I need to update TPM to enable Bitlocker but the firewall is blocking me from downloading the update. I will need to download it from home tonight.

Developer: But you're the IT administrator...

IT Guy: Yes...

Developer: ...

Happiness is being home at Friday evening, having a few special beers, doing server setup/stuffs with good music on and genuinely loving what you're doing!

Step 1: Turn off any intellisense and debug tools.
Step 2: Code all day without running the code.
Step 3: Push everything to the build server and avoid looking at the result.
Step 4: Go home.

LIKE A BOSS!

The first time I decided to hack around a bit:D

One of my teachers made a quiz software, which is only used by him(his lectures are about databases), and it is highly unsecure. When I heard that it is written in C# I decided to look in it's source code. The biggest problem I ran into: this program is only available on the computers in his classroom, and he monitors the computers display. However, I successfully put it into my pendrive without getting caught.

So when I got home, I just had to use a .NET decompiler(in this case: dotPeek) to get the fully functional source code. The basic function of the program was to download a quiz from his database server, and when it was finished, grade it client-side. Than, I realized how bad it was: It contains the number of questions, the number of correct and incorrect answers.
I've just made a modified .exe, which contained really little modification(like correctAnswers=maxQuestions, incorrectAnswers=0). Everything looks the same, you just have to click over it, and everytime it will return with 100%.

And the bonus: The program connects to the database as a user with root access, and without password. I was able to log in, download(dropping was available too, but didn't try) databases(with all the answers) and so on.

Never had to use it though, it was just a sort-of experience gaining.:)

I've started my personal git server!!! In my home! Bye bye GitHub 🤗 Yay!

*goes to the local town hall to get my new ID*

A week ago:
Clerk: Sorry sir, our systems don't work anymore, we can't process your request!
Me: Epic. Is there any sysadmin in here that can fix this pronto?
C: No it's a centrally managed system. It's managed by the people in ${another town}.
M (thinking): Well how about you fucking call them then, fucking user. Screaming blood and fire when nothing is wrong server-side but doing nothing when there is. Fucking amazing, useless piece of shit.

One week later, i.e. today:
M: Hey, I'd like to renew my ID card. I've got this announcement document here and my current ID card.
C: Oh no I don't need the announcement document. I need your PIN and PUK code letter.
M (thinking): What the fuck do you need that for.. isn't that shit supposed to be my private information..?
*gives PIN and PUK part of the letter*
C: Alright, to register your new ID card, please enter your PUK and then your PIN in this card reader here twice.
M: Sure, but I'd like to change both afterwards. After all they're written on this piece of paper and I'm not sure that just destroying that will be enough.
C: Sure sure you can change them. Please authenticate with the codes written on the paper.
*Authenticates*
C: So you'd like to change your codes, right?
M: Yeah but I'd like to change it at home. You know, because I can't know for sure that this PC here is secure, the card reader has a wired connection to your PC (making it vulnerable to keyloggers) and so on.
C: Impossible. You can't change your PIN at home. (What about the PUK?!)
M: But I've done that several times with my Digipass for my previous passport.. it is possible and I've done it myself.
C: Tut tut, impossible. I know it's impossible and therefore it is.
M (thinking): Thanks for confirming that I really shouldn't enter my personal PIN on your fucking PC, incompetent bitch.
M: Alright, I'll just keep this PIN, try at home and if it's really impossible because the system changed to remove this functionality (which I highly doubt, that'd be really retarded), I'll come back later.
(Just to get rid of this old stupid woman's ignorance essentially.)
C: Sure sure...
Me: I'd also like to register as an organ donor. Where can I do that?
C: That'd be over there. *points to the other room in the town hall*

FUCKING THANK YOU LORDS OF THE WICKED RAVEN AND THE LIBERATED TUX, TO GET ME AWAY FROM THAT STUPID FUCKING BITCH!!!

.. anyway. I've got my new ID and I'm an official organ donor now 🙂

Worst dev team failure I've experienced?

One of several.

Around 2012, a team of devs were tasked to convert a ASPX service to WCF that had one responsibility, returning product data (description, price, availability, etc...simple stuff)
No complex searching, just pass the ID, you get the response.

I was the original developer of the ASPX service, which API was an XML request and returned an XML response. The 'powers-that-be' decided anything XML was evil and had to be purged from the planet. If this thought bubble popped up over your head "Wait a sec...doesn't WCF transmit everything via SOAP, which is XML?", yes, but in their minds SOAP wasn't XML. That's not the worst WTF of this story.

The team, 3 developers, 2 DBAs, network administrators, several web developers, worked on the conversion for about 9 months using the Waterfall method (3~5 months was mostly in meetings and very basic prototyping) and using a test-first approach (their own flavor of TDD). The 'go live' day was to occur at 3:00AM and mandatory that nearly the entire department be on-sight (including the department VP) and available to help troubleshoot any system issues.

3:00AM - Teams start their deployments
3:05AM - Thousands and thousands of errors from all kinds of sources (web exceptions, database exceptions, server exceptions, etc), site goes down, teams roll everything back.

3:30AM - The primary developer remembered he made a last minute change to a stored procedure parameter that hadn't been pushed to production, which caused a side-affect across several layers of their stack.

4:00AM - The developer found his bug, but the manager decided it would be better if everyone went home and get a fresh look at the problem at 8:00AM (yes, he expected everyone to be back in the office at 8:00AM).

About a month later, the team scheduled another 3:00AM deployment (VP was present again), confident that introducing mocking into their testing pipeline would fix any database related errors.

3:00AM - Team starts their deployments.
3:30AM - No major errors, things seem to be going well. High fives, cheers..manager tells everyone to head home.
3:35AM - Site crashes, like white page, no response from the servers kind of crash. Resetting IIS on the servers works, but only for around 10 minutes or so.
4:00AM - Team rolls back, manager is clearly pissed at this point, "Nobody is going fucking home until we figure this out!!"
6:00AM - Diagnostics found the WCF client was causing the server to run out of resources, with a mix of clogging up server bandwidth, and a sprinkle of N+1 scaling problem. Manager lets everyone go home, but be back in the office at 8:00AM to develop a plan so this *never* happens again.

About 2 months later, a 'real' development+integration environment (previously, any+all integration tests were on the developer's machine) and the team scheduled a 6:00AM deployment, but at a much, much smaller scale with just the 3 development team members.

Why? Because the manager 'froze' changes to the ASPX service, the web team still needed various enhancements, so they bypassed the service (not using the ASPX service at all) and wrote their own SQL scripts that hit the database directly and utilized AppFabric/Velocity caching to allow the site to scale. There were only a couple client application using the ASPX service that needed to be converted, so deploying at 6:00AM gave everyone a couple of hours before users got into the office. Service deployed, worked like a champ.

A week later the VP schedules a celebration for the successful migration to WCF. Pizza, cake, the works. The 3 team members received awards (and a envelope, which probably equaled some $$$) and the entire team received a custom Benchmade pocket knife to remember this project's success. Myself and several others just stared at each other, not knowing what to say.

Later, my manager pulls several of us into a conference room
Me: "What the hell? This is one of the biggest failures I've been apart of. We got rewarded for thousands and thousands of dollars of wasted time."
<others expressed the same and expletive sediments>
Mgr: "I know..I know...but that's the story we have to stick with. If the company realizes what a fucking mess this is, we could all be fired."
Me: "What?!! All of us?!"
Mgr: "Well, shit rolls downhill. Dept-Mgr-John is ready to fire anyone he felt could make him look bad, which is why I pulled you guys in here. The other sheep out there will go along with anything he says and more than happy to throw you under the bus. Keep your head down until this blows over. Say nothing."

Got my front end friend (also my irl best friend) to agree on me setting up a vm/vps on one of my dedi's with a sub domain so he can learn to work with servers.

He agreed on me leaving root access for myself in case he couldn't figure something out and I (a Linux server engineer myself) would have to help him out.

He seemed so excited, will set this up when I get home 😊

Crap.. got myself into a fight with someone in a bar.

Hospitalized, turns out that my knee is bruised and my nose is broken. For some reason the knee hurts much more than the nose though.. very weird.

Just noticed that some fucker there stole my keychain USB stick too. Couldn't care less about the USB stick itself, got tons of those at home and hard drive storage even more so (10TB) but the data on it was invaluable. It held on a LUKS-encrypted partition, my GPG keys, revocation certificates, server backups and everything. My entire digital identity pretty much.

I'm afraid that the thief might try to crack it. On the flip side, if it's just a common Windows user, plugging it in will prompt him to format it.. hopefully he'll do that.

What do you think.. take a leap with fate and see how strong LUKS really is or revoke all my keys and assume my servers' filesystems to be in the hands of some random person that I don't know?

Seriously though.. stealing a fucking flash drive, of what size.. 32GB? What the fuck is wrong with people?

"Arch Linux is actually not that difficult".

I ssh'ed into my home server yesterday.

I was greeted by a message from an ext3 disk about needing fsck. Fine, "I haven't been in here for a while, might as well do some maintenance". fsck /dev/sda6, let's go!

This nicely "repaired" the sshd service (i.e. cleared the sectors), I cursed at myself for pressing enter at "repair (y)" right before the connection broke.

So I connected a display and keyboard... ok so let's just pacman -Sy sshd or whatever. We can do this! Just check the wiki, shouldn't be that hard!

Wait... pacman has not run since 2010? WAIT IT'S ACTUAL UPTIME IS 9 YEARS??? I guess we know why I'm a DB admin and not devops...

Hmm all the mirrors give timeouts? Oh. The i686 processor architecture isn't even supported anymore...?

4 hours, 11 glasses of cognac, 73 Arch32 wiki/forum pages, 2 attempts at compiling glibc, and 4 kernel panics later: "I think I'll buy a new server".

RANT Incoming
Not necessarily dev related but I need to get this off my chest.

So a bit of a backstory. I had to stay late from school the other day and ended up having to take an Uber home. The ride was fine lady was nice. Everything seems to be going well and there were no signs of any payment failure.

Then yesterday, I had to stay late again. I never said that I had an outstanding balance on my account. Apparently Uber was having problems charging my Android pay account.
So I ended up being stuck at school for like 3 hours. Great!😑

So I emailed Uber when I got home. And this is when I started pulling my hair out. I don't know how many replies I had, but each time I had to tell them that I was not using a prepaid card.

This was one of my replies:
"I'm sorry, are you real? If you are, here is a quick summary of the issue. I am using ANDROID PAY with my CHASE DEBIT CARD. Not, NOT, NOT a prepaid card. I happen to know that CHASE DEBIT CARD(which is the card I use, in case you have already forgotten) works with uber because MY FATHER USES THE EXACT SAME TYPE OF CARD with uber. He uses a CHASE DEBIT CARD(again I use that same type of card as well). So by using LOGIC I am able to deduce that a CHASE DEBIT CARD is in fact compatible. AGAIN THIS IS NOT A PREPAID CARD!!! If the card is incompatible, WHY DOES THE APP ALLOW BE TO ADD IT?!?! Also in response to your last email... Because I am using Android pay, do you really think that an ANDROID would be able to use APPLE pay? Also Google wallet is DISCONTINUED! Finally, PayPal DOES NOT CONNECT TO UBER. Returns a "Server Error." So please stop wasting my time with generic help solutions. Believe me, I have already googled my issue, and nothing comes up. That is why I contacted Uber. I want my driver to be paid, and, uber had made it SO painful with unhelpful "Solutions" to problems that don't even APPLY TO MY ISSUE. No not even mention PREPAID cards in your reply or I will consider you a robot built by monkeys banging their heads on a keyboard. Uber HAS my VALID payment information, USE IT! If there is a phone number I can call, please, enlighten me"

And the response was:
"Thanks for reaching out with this.

Happy to help with this issue you are having.

After reviewing your I can see that the only payment method associated with your account is an ANDROID PAY card and it is also a prepaid card. Some cards and methods are not compatible with our billing processes and can't be used with Uber. This includes prepaid cards."

So I concluded that they are monkeys.

Then Uber banned me from logging into my account because I didn't pay.
So now it is impossible for me to pay because I can't do anything with my account.

Now they want my SSN and a bunch of other shit that I won't give them.

I told them that they were being illogical, and I got the exact same response about the prepaid bullshit.

So I sent them this photo as a goodbye.

I get my driver's licence next weekend, so I won't need Uber anymore. YAY!

Also mind grammatical errors, I talked it in and am to lazy to proofread

As a full time remote employee it gets lonely. Im getting ready to turn my home into a co-working space :

* Plenty of space with tables and couches

* Gigabit Internet backed by enterprise networking gear

* Lots of fresh ground coffee

* Local Kubernetes server !

* dog friendly chill space

* kid friendly play areas during the summer

* Mountain home with backyard hiking trails , wildlife lookout (wild deer live in my back yard), and fireplaces

What else would you want in your co-work space-at-my-place (TM)?

Our website once had it’s config file (“old” .cgi app) open and available if you knew the file name. It was ‘obfuscated’ with the file name “Name of the cgi executable”.txt. So browsing, browsing.cgi, config file was browsing.txt.
After discovering the sql server admin password in plain text and reporting it to the VP, he called a meeting.
VP: “I have a report that you are storing the server admin password in plain text.”
WebMgr: “No, that is not correct.”
Me: “Um, yes it is, or we wouldn’t be here.”
WebMgr: “It’s not a network server administrator, it’s SQL Server’s SA account. Completely secure since that login has no access to the network.”
<VP looks over at me>
VP: “Oh..I was not told *that* detail.”
Me: “Um, that doesn’t matter, we shouldn’t have any login password in plain text, anywhere. Besides, the SA account has full access to the entire database. Someone could drop tables, get customer data, even access credit card data.”
WebMgr: “You are blowing all this out of proportion. There is no way anyone could do that.”
Me: “Uh, two weeks ago I discovered the catalog page was sending raw SQL from javascript. All anyone had to do was inject a semicolon and add whatever they wanted.”
WebMgr: “Who would do that? They would have to know a lot about our systems in order to do any real damage.”
VP: “Yes, it would have to be someone in our department looking to do some damage.”
<both the VP and WebMgr look at me>
Me: “Open your browser and search on SQL Injection.”
<VP searches on SQL Injection..few seconds pass>
VP: “Oh my, this is disturbing. I did not know SQL injection was such a problem. I want all SQL removed from javascript and passwords removed from the text files.”
WebMgr: “Our team is already removing the SQL, but our apps need to read the SQL server login and password from a config file. I don’t know why this is such a big deal. The file is read-only and protected by IIS. You can’t even read it from a browser.”
VP: “Well, if it’s secured, I suppose it is OK.”
Me: “Open your browser and navigate to … browse.txt”
VP: “Oh my, there it is.”
WebMgr: “You can only see it because your laptop had administrative privileges. Anyone outside our network cannot access the file.”
VP: “OK, that makes sense. As long as IIS is securing the file …”
Me: “No..no..no.. I can’t believe this. The screen shot I sent yesterday was from my home laptop showing the file is publicly available.”
WebMgr: “But you are probably an admin on the laptop.”
<couple of awkward seconds of silence…then the light comes on>
VP: “OK, I’m stopping this meeting. I want all admin users and passwords removed from the site by the end of the day.”

Took a little longer than a day, but after reviewing what the web team changed:
- They did remove the SQL Server SA account, but replaced it with another account with full admin privileges.
- Replaced the “App Name”.txt with centrally located config file at C:\Inetpub\wwwroot\config.txt (hard-coded in the app)
When I brought this up again with my manager..
Mgr: “Yea, I know, it sucks. WebMgr showed the VP the config file was not accessible by the web site and it wasn’t using the SA password. He was satisfied by that. Web site is looking to beat projections again by 15%, so WebMgr told the other VPs that another disruption from a developer could jeopardize the quarterly numbers. I’d keep my head down for a while.”

So I said I'd rant this yesterday but a long night of server management came in the way!

Yesterday @trogus mentioned in a comment that he thinks everyone deserves a place where they feel like home and this is that place for me along with some sub-places which derived from here.

So in this linux/foss chat yesterday I was trying to get into an IRC chatroom (all people there (or at least a lot) are also like minded on privacy/security). I don't want to use email signup if not absolutely neccesary (don't judge me, everyone there own thing) and I found out very late (after 20 minutes of instructions from a fellow devRanter) that this thing required email signup. I didn't wanna do that so I said that and started typing a whole essay of why I'd rather not do that and what my reasons are (privacy partly) but then the guy said: "haha you got it man".

For one second I forgot that I don't have to explain myself over there on stuff regarding privacy that a lot of people would find paranoid. Man, that feels like being home :).

one day my dad brings home an old blade server from work and a centos distro. we set it up in the garage of our hot Florida house and he gave me his old perl programming books and showed me a few things. I was 12 or 13. that summer I moved my bed to the garage and barely slept as I learned everything I could. I've never looked back.

Was asked to check the sales team server as it was running slow.
Apart from redundant processes and users with too much permissions I found a "Cobol" folder under one of the sales team member's home folder.

If it weren't the sales people I would immediately disregard this as trolling but with them it's quite possible that this is a real attempt to learn programming...
...most likely from the facebook ads with the hooded guys that offer to teach you to code in 10 days for $800.

TLDR; I just screwed a production server and rendered it useless!!!

Long story:

I went to install a product that we built at the customer's site, and was given a Linux running server, to deploy our app.

I work in windows, and barely know the basic Linux commands.

So I look at the files in the home directory, and see that the are a lot of files, so I ask the customer if it is ok that I move all the files to a separate directory.

He agrees, and me thinking that I am smart, proceed to enter the following commands in the terminal:

mkdir old
mv /* old

Of course I got an error that I don't have permission so my next command was:

sudo mv /* old

And that was the end of that computer.

The amazing part of the story is that as soon as it happened, I understood so much about Linux.

The file structure, sudo, the power of the terminal, aliases and so much more...

Some fucker installed a keylogger on my Ubuntu laptop at home and registered it as a systemd service. From Wireshark, it's sending each keystroke to a server in France using irc. Tried accessing the server but the moron shut it down immediately. It's the last time am fucking installing code from prebuilt binaries. If I can't build it from source then fuck off your sniffing cunt. I was about to log in into a database from that machine.

UPDATE: I found the actual file sending the keystrokes but it's binary. Anyone know how I can decode a binary file?

This is my first post on devRant!
Story time:
It was on my first job as a developer, learning a lot but getting paid less than 50% of the minimum monthly wage of my country.
It was settled in the interview that as I gained more experience, I could handle more projects and earn more money.
At the time, I was living with my parents and didn't have to pay rent and some stuff, so I was like "Well, I'm gonna learn a lot and, if I put a lot of effort into it, soon I'll be making more money".
We agreed that I'll only develop, but 4 months into the job, I was already going to clients
and started coding there (having the client on my back every minute, not being able to work properly) and fixing some computer/network issues they had,
because my boss said I should do it.
Things at home started to go south, and suddenly I needed more money, so I kept doing the work and getting paid a little bit more
A year goes by, devs came and go beacuse of the work/payment situation, and I was still there.
From my first "paycheck" to the last day I never got paid on time, and that was the same for everybody else
The last month I was there, I had a job offer with a better salary and weekends free, so I wanted to take it (I worked saturdays there).
We were working at our biggest clients place at the time (a hospital, working in the server room, desk and chair were a total crap),
so I wanted to have a good conversation with my boss and tell him whats up, after all, I was really grateful for the job despite all things.
We headed outside and started talking. He basically begged me to stay, said that he will pay me on time and offered me more money (less than the other company was offering me),
and that he needed me to finish the implementation and "minor issues" with the app.
I thought about it for a couple of days, and decided to stay. I politely rejected the job offer, and even recommended someone else.
As the days passed, regret was building fast inside of me, until the day that I was supposed to get paid.
He never showed up to the client, told me in a call that he will be there sometime in the morning, that he had the money for me.
So I stayed until my day ended, and still no sign of him. I had no money on me, needed some for gas so I could go, and I called him 5 times.
He picked up the last time, talks to me like nothing is happening and I started to shout at him like I never shouted to anybody before,
got all the things of my chest, and when I was done, he said that he will send the money to my account right away.
This happened on a Saturday, so I quit the following Monday, and lost the other job offer.

Today I found out my family does 'hard' shut downs to my home server by unplugging the power cord when I'm not home...

The server for an internal application was acting up, but everything was working fine locally. After an 18 hour day, I just rerouted the traffic to my dev machine and left it on overnight so I could go home.

A piece of me hates myself and also loves myself for that one.

HO. LY. SHIT.

So this gig I got myself into, they have a whitelist of IP addresses that are allowed to access their web server. It's work-at-home. We just got a new internet provider, and it looks like I get a different public IP address everytime I disconnect and connect to the WIFI. And since it looks like the way they work on their codebase is that you either edit the files right on the server or you download the files that you need to work on, make the changes, and then re-upload the file back to the server and refresh the website to see the changes, now I can't access the server because I get different IP addresses. And it's highly inconvenient to keep emailing them to add IP addresses to the whitelist.

No source control, just straight-up download/upload from/to the server. Like, srsly. So that also means debugging is extremely hard for me because one, they use ColdFusion and I've never used that shit before and two, how the hell do you debug with this style of work?

I just started this last Tuesday, and I already want to call it quits. This is just a pain in the ass and not worth my time. I'll be glad to just go back to driving Lyft/Uber to make money while I look for a full-time, PROPER job.

By the way, can I do that to a contracting job? Just call it quits when you haven't even finished your first task? How does this work?

When pandemic hit in 2020 I found myself out of work. Until then I used to have a java based pirate gameserver of a MMORPG as a hobby.

When pandemic hit I noticed that online players count increased from like 70 to 200 without much advertising because purely of people being stuck in home. So i decided to scale and spent 2 years with that. What a wild ride it was.

So i invested a bit in ads, managed to reach around 500 online players, opened my own company and launched a couple other successful spinoffs of that gameserver.

First year it was a goldmine but I was doing 10-14 hour days because I had to take care of everything (web, advertising, payment integrations, player support and also developing the server itself, ddos protections and etc.). I made quite a bit of money, saved for a downpayment for mortgage and got an apartment.

Second year I noticed that there was a lot of competition and online players count dropped, but I double downed on this and invested a lot into the product itself and spent most of the time developing a perfect gameserver that would be the big bang while also maintaining existing ones. Clasic overengineering mistake. As you can guess, I crashed and burned on all levels, never even managed to launch my final project because simply the scope was too big and I had trouble finding decent devs to outsource it to, since it was a very niche gameserver.

In the end I learned a lot especially about my own limits and ownership, now Im back to being a dev but working as a contractor.

I believe having actual business owner experience allows me to have different perspective and I can bring more to the table rather than focusing on crunching tasks.

So last year in highschool, everybody had to make a website project with stores and stuff. Everybody was in groups and you could plan your time on you own, working in class or at home.

So my friend spent hours at home designing his website for his group, and to be honest, it looked amazing.
There was only one problem, all files were located on a server which was accessible by all groups without the teacher even being able to know who had accessed which file.

There was this one group which just spent their time in class playing stupid browser games, 3 people in a group, one of them looking at kpop and puppy's for what seemed like to be hours at a time.

Well to get to the point, about 1-2 days before deadline, they noticed they hadn't done shit.
SO THOSE FUCKING BASTARDS JUST COPIED ALL THE FUCKING CODE MY FRIEND HAD MADE.

AT PRESENTATION TIME THEIR "PROJECT" CAME UP FIRST AND MY FRIEND WAS TO ME LIKE "OH NO THOSE FUCKERS DIDN'T JUST COPY MY WHOLE WEBSITE".
ANYWAYS, THEY CLAIMED MY FRIEND HAD COPIED THEM AND GOT AWAY WITH IT!!! (They got an A on the Project, my friend got a C because the teacher thought he copy pasted the design.)

I spoke to diz dude who copied the code, we knew who it was, because the others in the group probably dont even know what the copy and paste keys were.

He laughed at me and said, "C'mon, it's not a big deal.."

IF YOU ARE TOO INCOMPETENT TO WRITE A SINGLE CODE OF LINE, THEN DONT FUCKING STEAL SHIT FROM OTHERS WHO PUT IN HOURS OF WORK, AND MESS UP THEIR GRADE. TAKE YOUR FUCKING F AND LEAVE THE CLASS!!!

So I did a rookie mistake this week. Connected a webapp for a client using Nginx and installed the SSL cert for the site. I decided to activate the firewall of the server because hey security. All was well. Went home feeling like I am the shit.

Next day I find out I can't log in to the server over ssh. Only to find out that I had forgotten to allow SSH through the firewall.

I had basically locked myself out of the server. 😞

what i did today:

1. start a computer
2. start a xampp server
3. open text editor
4. open bug list
5. realize that i cant do a single thing.
6. steam game invitation shows up (i think it's ok just one game)
7. realize that i spent 10 fcking game
8. tried to fix the bug
9. i failed
10. i do another game
11. and it's time to go home
12. i feel guilty

> me on call
> had to much wine
> suddenly, phone starts making sound
> holy shit, I am on call and I am not supposed to drink
> Calls taxi because shit is looking bad at work. Everything look down according to the sms I get, I had to pay the taxi from my own pocket.
> 40 min later, arrive at work. Walk into the serverroom.
> Go to the the server that is monitoring everything.
> Check networkcable, it is loose. Push it a little.
> Goddamnit, that was it.
> Realize I never doublechecked if stuff really was down from home....

It were around 1997~1998, I was on middle school. It was a technical course, so we had programing languages classes, IT etc.

The IT guy of our computer lab had been replaced and the new one had blocked completely the access on the computers. We had to make everything on floppy disks, because he didn't trusted us to use the local hard disk. Our class asked him to remove some of the restrictions, but he just ignored us. Nobody liked that guy. Not us, not the teachers, not the trainees at the lab.

Someday a friend and me arrived a little bit early at the school. We gone to the lab and another friend that was a trainee on the lab (that is registered here, on DevRant) allowed us to come inside. We had already memorized all the commands. We crawled in the dark lab to the server. Put a ms dos 5.3 boot disk with a program to open ntfs partitions and without turn on the computer monitor, we booted the server.

At that time, Windows stored all passwords in an encrypted file. We knew the exact path and copied the file into the floppy disk.

To avoid any problems with the floppy disk, we asked the director of the school to get out just to get a homework we theorically forgot at our friends house that was on the same block at school. We were not lying at all. He really lived there and he had the best computer of us.

The decrypt program stayed running for one week until it finds the password we did want: the root.

We came back to the lab at the class. Logged in with the root account. We just created another account with a generic name but the same privileges as root. First, we looked for any hidden backup at network and deleted. Second, we were lucky: all the computers of the school were on the same network. If you were the admin, you could connect anywhere. So we connected to a "finance" computer that was really the finances and we could get lists of all the students with debits, who had any discount etc. We copied it to us case we were discovered and had to use anything to bargain.

Now the fun part: we removed the privileges of all accounts that were higher than the trainee accounts. They had no access to hard disks anymore. They had just the students privileges now.

After that, we changed the root password. Neither we knew it. And last, but not least, we changed the students login, giving them trainee privileges.

We just deleted our account with root powers, logged in as student and pretended everything was normal.

End of class, we went home. Next day, the lab was closed. The entire school (that was school, mid school and college at the same place) was frozen. Classes were normal, but nothing more worked. Library, finances, labs, nothing. They had no access anymore.

We celebrated it as it were new years eve. One of our teachers came to us saying congratulations, as he knew it had been us. We answered with a "I don't know what are you talking about". He laughed and gone to his class.

We really have fun remembering this "adventure". :)

PS: the admin formatted all the servers to fix the mess. They had plenty of servers.

Finally got myself a Lytro Illum!
I,v been wanting to buy one since it came out but the company who made it closed down in 2015..
Thoose fuckers just thrown everything in the trash and set it on fire, software, firmware, mobile app etc.. no open source, no archives, your expensive camera is now a paper weight! You’r welcome!
So i got myself a new hobby, started reverse-engineering the fuck out of it, luckily it’s based on android (api17), i have adb and it’s running a hidden DHCP server too so it’s coming along nicely :D
I’m planning to make a camera control mobile app for it and maybe some faster image processing, wifi sharing etc..
I love beeing in home office :D

Spending my 23rd birthday in a server room 700 km away from home, discussing the requirements for app deployment. Yep. Every dev's dream.

Day 1:

Me: 'Hi'

Middleware guy: 'Raise a Jira. We have always been so accommodating. Contact your manager.'

*Jeez*

===

Day 2:

Me: 'Could you please start the server in dev environment? I am a new joiner. I don't have access. Here is a jira.'

Middleware guy: 'Deadlines may be for you. It is not for me. Wait until tomorrow.'

*Damn, did he get a divorce recently?*

===

Day 5: *An urgent delivery asap* 'Hi, could you please do the configuration of the new app in staging?'

Middleware guy: 'So, here is the split up...
Task 1
Task 2
Task 3
Task 4
Task 5 & 6
Your app will be configured by tomorrow first half hopefully.. Oh and you can escalate if it is too late..
'
*What a b...*

===

Day 8:

Me: *Doing late sit for pushing a task* 'Hi, we have an issue. The server is not starting. Could it be due to..'

MW guy in 'second' shift: 'Oh, we don't extend support on unusual hours'

Me: 'But this is second shift.'

MW guy: 'Yeah, but I have to go home early now...'

====

Day 10:

Team Lead: 'Any innovative solutions?'

Me: 'Let's go SERVERLESS!' :D

This happend to me around 2 weeks ago. For some reason, I decied to post this now.

I won the lottery, yey! I mean, bot really, but I am <19yo student, "less than junior dev" in my office, but sonce I am the only one who is capable of working with hardware, I was working month back as a sysadmin for a few days. Our last sysadmin was really good working but really, really toxic guy, so he got fired on a spot after argument with some manager or whatever, no big deal, we could have another guy hired in a week. But, our backup server literally was on fire, all data probably dead because bad capacitor or whatever. This was our only backup of everything at the time. Everyone in full fucking panic mode, we had literally no other working HW we could use for backup, but then comes me, intern employed on his first dev job for 3 months. That day I bought some HW for my own personal server at home (Intel NUC with some Celeron, 4GB DDR4 RAM and two 240GB SSDs for RAID 1. My manager asked everyone in the office for sollution how to survive next 4 days before new server arrives. People there had no idea what tk do and no knowedgle about HW, I just came from a break and offered my components for a week, since there was noone else who can work with HW, servers and stuff like this, manager offered me $500+HW cost if I, random intern, can make it work. I installed Debian on that little PC, created RAID1 from both SSDs, installed MySQL server and mirrored GIT server from our last standing server (we had two before one of them went lit 🔥), made simple Python script to copy all data on that RAID, with some help of our database guy copied whole DB from production to this little computer and edited some PHP so every SQL request made on our server will run on that NUC too. Everything after ±2 hours worked perfectly. Untill a fucking PSU burned in our server and took RAID controller with him in sillicon heaven next night, so we could not access any data unltill we got a new one. Thanks to every god out there, I was able to create software RAID from survived HDDs on our production server and copy all data from that NUC on the servers software RAID and make it working at 3 AM in the night before an exam 😂. Without this, we would be next ±40 hours without aerver running and we might loose soke of our data and customers. So my little skill with Linux, Python, MySQL and most importantly my NUC hardware I got that day running as a backup server saved maybe whole company 😂.
Btw, guess who is now employee of the year with $2500 bonus? 😀
Sorry for bragging and log post, but I was so lucky an so happy when everything worked out, good luck to all sysadmins out there! 👍

TL:DR: Random intern saved company and made some money 😂

2 weeks ago I was writing an `rm -rf --no-preserve-root /` oneliner as a joke - as an answer to a question "I have access to my competitor's server; what should I do?". I was crafting it so that it'd do as much damage to the business (not the server) as it could.

And I accidentally executed it on my work laptop. In the background (with an `&`).

It ran for a good 5-7 seconds on an i7-11850H with an SSD, until I issued a `kill %%`

Good thing it ran as a non-root user. Bad thing - I have no idea what it may have deleted nor whether it touched my /home.

I'm afraid to restart my laptop now :)

whoopsie :)

So I'm moving to a new/bigger place with faster Internet soon so I think it's time to rebuild my current home/remote server setup.

I want to setup the following things:
- vps for server monitoring (open source pushover alternative + netdata)
- Zero tier network for connecting all my servers to the same network
- pihole/pivpn (or the Angristan vpn installer, look it up :)
- second blocking thingy next to pihole to make sure that I literally can't access google/fb etc anymore, even if I really needed/wanted to
- bunch of general servers.

Any ideas?

Logged into server, thought i was inside the project folder and ran rm -rf * on the home folder

Paranoid Developers - It's a long one
Backstory: I was a freelance web developer when I managed to land a place on a cyber security program with who I consider to be the world leaders in the field (details deliberately withheld; who's paranoid now?). Other than the basic security practices of web dev, my experience with Cyber was limited to the OU introduction course, so I was wholly unprepared for the level of, occasionally hysterical, paranoia that my fellow cohort seemed to perpetually live in. The following is a collection of stories from several of these people, because if I only wrote about one they would accuse me of providing too much data allowing an attacker to aggregate and steal their identity. They do use devrant so if you're reading this, know that I love you and that something is wrong with you.

That time when...

He wrote a social media network with end-to-end encryption before it was cool.

He wrote custom 64kb encryption for his academic HDD.

He removed the 3 HDD from his desktop and stored them in a safe, whenever he left the house.

He set up a pfsense virtualbox with a firewall policy to block the port the student monitoring software used (effectively rendering it useless and definitely in breach of the IT policy).

He used only hashes of passwords as passwords (which isn't actually good).

He kept a drill on the desk ready to destroy his HDD at a moments notice.

He started developing a device to drill through his HDD when he pushed a button. May or may not have finished it.

He set up a new email account for each individual online service.

He hosted a website from his own home server so he didn't have to host the files elsewhere (which is just awful for home network security).

He unplugged the home router and began scanning his devices and manually searching through the process list when his music stopped playing on the laptop several times (turns out he had a wobbly spacebar and the shaking washing machine provided enough jittering for a button press).

He brought his own privacy screen to work (remember, this is a security place, with like background checks and all sorts).

He gave his C programming coursework (a simple messaging program) 2048 bit encryption, which was not required.

He wrote a custom encryption for his other C programming coursework as well as writing out the enigma encryption because there was no library, again not required.

He bought a burner phone to visit the capital city.

He bought a burner phone whenever he left his hometown come to think of it.

He bought a smartphone online, wiped it and installed new firmware (it was Chinese; I'm not saying anything about the Chinese, you're the one thinking it).

He bought a smartphone and installed Kali Linux NetHunter so he could test WiFi networks he connected to before using them on his personal device.

(You might be noticing it's all he's. Maybe it is, maybe it isn't).

He ate a sim card.

He brought a balaclava to pentesting training (it was pretty meme).

He printed out his source code as a manual read-only method.

He made a rule on his academic email to block incoming mail from the academic body (to be fair this is a good spam policy).

He withdraws money from a different cashpoint everytime to avoid patterns in his behaviour (the irony).

He reported someone for hacking the centre's network when they built their own website for practice using XAMMP.

I'm going to stop there. I could tell you so many more stories about these guys, some about them being paranoid and some about the stupid antics Cyber Security and Information Assurance students get up to. Well done for making it this far. Hope you enjoyed it.

My parents are real sticklers for who is allowed to be on Netflix. They only let people on when they are present, and they never click 'save password'.

Me being a poor college student and desperate for the Netflix password, created a fake website for one of my parents to sign into.

How did I do this? I created my own localhost server with a backend database for the password to go to. I then copied the Netflix home screen and log in and asked them to log me into their account.

They said I can be on for one hour, and then they were signing me out.

I agreed to these terms.

As a small twist, I had also copied the no internet tab from Chrome for the page to redirect to. Knowing that once they logged in they would be expecting the main UI.

They logged in and then waited for the page to load. I, of course, put in a delay for the page to load and then displayed the no internet tab. They were confused and asked me to refresh, still nothing. I asked them if the router was out, and they went to check.

While they were away I quickly switched back to the real Netflix website and yelled back saying I got it working again. They came back over and saw that it was asking for a password again. They signed in and saw the main homepage and none were the wiser that day.

Once they left I checked inside the DB and found the plaintext password they typed in... The damn password was so simple, I cursed myself for not having figured it out sooner. No matter, I had my parents Netflix password.

So you're probably wondering how they didn't see the URL above and think something was off?

I pressed F11 and fullscreened my entire browser. They did ask, and I simply replied with, I don't like seeing all the crap up above when I'm streaming. No further questions, perhaps I was lucky.

Long rant ahead.. so feel free to refill your cup of coffee and have a seat 🙂

It's completely useless. At least in the school I went to, the teachers were worse than useless. It's a bit of an old story that I've told quite a few times already, but I had a dispute with said teachers at some point after which I wasn't able nor willing to fully do the classes anymore.

So, just to set the stage.. le me, die-hard Linux user, and reasonably initiated in networking and security already, to the point that I really only needed half an ear to follow along with the classes, while most of the time I was just working on my own servers to pass the time instead. I noticed that the Moodle website that the school was using to do a big chunk of the course material with, wasn't TLS-secured. So whenever the class begins and everyone logs in to the Moodle website..? Yeah.. it wouldn't be hard for anyone in that class to steal everyone else's credentials, including the teacher's (as they were using the same network).

So I brought it up a few times in the first year, teacher was like "yeah yeah we'll do it at some point". Shortly before summer break I took the security teacher aside after class and mentioned it another time - please please take the opportunity to do it during summer break.

Coming back in September.. nothing happened. Maybe I needed to bring in more evidence that this is a serious issue, so I asked the security teacher: can I make a proper PoC using my machines in my home network to steal the credentials of my own Moodle account and mail a screencast to you as a private disclosure? She said "yeah sure, that's fine".
Pro tip: make the people involved sign a written contract for this!!! It'll cover your ass when they decide to be dicks.. which spoiler alert, these teachers decided they wanted to be.

So I made the PoC, mailed it to them, yada yada yada... Soon after, next class, and I noticed that my VPN server was blocked. Now I used my personal VPN server at the time mostly to access a file server at home to securely fetch documents I needed in class, without having to carry an external hard drive with me all the time. However it was also used for gateway redirection (i.e. the main purpose of commercial VPN's, le new IP for "le onenumity"). I mean for example, if some douche in that class would've decided to ARP poison the network and steal credentials, my VPN connection would've prevented that.. it was a decent workaround. But now it's for some reason causing Moodle to throw some type of 403.

Asked the teacher for routers and switches I had a class from at the time.. why is my VPN server blocked? He replied with the statement that "yeah we blocked it because you can bypass the firewall with that and watch porn in class".
Alright, fair enough. I can indeed bypass the firewall with that. But watch porn.. in class? I mean I'm a bit of an exhibitionist too, but in a fucking class!? And why right after that PoC, while I've been using that VPN connection for over a year?

Not too long after that, I prematurely left that class out of sheer frustration (I remember browsing devRant with the intent to write about it while the teacher was watching 😂), and left while looking that teacher dead in the eyes.. and never have I been that cold to someone while calling them a fucking idiot.

Shortly after I've also received an email from them in which they stated that they wanted compensation for "the disruption of good service". They actually thought that I had hacked into their servers. Security teachers, ostensibly technical people, if I may add. Never seen anyone more incompetent than those 3 motherfuckers that plotted against me to save their own asses for making such a shitty infrastructure. Regarding that mail, I not so friendly replied to them that they could settle it in court if they wanted to.. but that I already knew who would win that case. Haven't heard of them since.

So yeah. That's why I regard those expensive shitty pieces of paper as such. The only thing they prove is that someone somewhere with some unknown degree of competence confirms that you know something. I think there's far too many unknowns in there.

Nowadays I'm putting my bets on a certification from the Linux Professional Institute - a renowned and well-regarded certification body in sysadmin. Last February at FOSDEM I did half of the LPIC-1 certification exam, next year I'll do the other half. With the amount of reputation the LPI has behind it, I believe that's a far better route to go with than some random school somewhere.

That, my friends, is a Dell Poweredge r610, with 2x e5670 and 48GB of registered ECC memory, mounted underneath my desk at work, using mounts I 3D printed at home.

Roughly £140 all in, and I now have a nice little development server, AND leg heater!

The website for our biggest client went down and the server went haywire. Though for this client we don’t provide any infrastructure, so we called their it partner to start figuring this out.
They started blaming us, asking is if we had upgraded the website or changed any PHP settings, which all were a firm no from us. So they told us they had competent people working on the matter.

TL;DR their people isn’t competent and I ended up fixing the issue.

Hours go by, nothing happens, client calls us and we call the it partner, nothing, they don’t understand anything. Told us they can’t find any logs etc.

So we setup a conference call with our CXO, me, another dev and a few people from the it partner.
At this point I’m just asking them if they’ve looked at this and this, no good answer, I fetch a long ethernet cable from my desk, pull it to the CXO’s office and hook up my laptop to start looking into things myself.

IT partner still can’t find anything wrong. I tail the httpd error log and see thousands upon thousands of warning messages about mysql being loaded twice, but that’s not the issue here.
Check top and see there’s 257 instances of httpd, whereas 256 is spawned by httpd, mysql is using 600% cpu and whenever I try to connect to mysql through cli it throws me a too many connections error.

I heard the IT partner talking about a ddos attack, so I asked them to pull it off the public network and only give us access through our vpn. They do that, reboot server, same problems.

Finally we get the it partner to rollback the vm to earlier last night. Everything works great, 30 min later, it crashes again. At this point I’m getting tired and frustrated, this isn’t my job, I thought they had competent people working on this.

I noticed that the db had a few corrupted tables, and ask the it partner to get a dba to look at it. No prevail.

5’o’clock is here, we decide to give the vm rollback another try, but first we go home, get some dinner and resume at 6pm. I had told them I wanted to be in on this call, and said let me try this time.

They spend ages doing the rollback, and then for some reason they have to reconfigure the network and shit. Once it booted, I told their tech to stop mysqld and httpd immediately and prevent it from start at boot.

I can now look at the logs that is leading to this issue. I noticed our debug flag was on and had generated a 30gb log file. Tail it and see it’s what I’d expect, warmings and warnings, And all other logs for mysql and apache is huge, so the drive is full. Just gotta delete it.

I quietly start apache and mysql, see the website is working fine, shut it down and just take a copy of the var/lib/mysql directory and etc directory just go have backups.

Starting to connect a few dots, but I wasn’t exactly sure if it was right. Had the full drive caused mysql to corrupt itself? Only one way to find out. Start apache and mysql back up, and just wait and see. Meanwhile I fixed that mysql being loaded twice. Some genius had put load mysql.so at the top and bottom of php ini.

While waiting on the server to crash again, I’m talking to the it support guy, who told me they haven’t updated anything on the server except security patches now and then, and they didn’t have anyone familiar with this setup. No shit, it’s running php 5.3 -.-

Website up and running 1.5 later, mission accomplished.

It's vacation for me for two weeks of which one week will be a vacation outside the country and one will be home-time.

Will work on redesigning my entire server 'infrastructure' and an automated website/openvpn/whateverthefuckiwanttodeployorwhatever system solely written in bash/shell scripting.

Partly because it's awesome to learn new Linux-related stuff and partly because I really want to have this functionality and would love to write it myself.

Also working on three side projects of which two will become a service and one will be released into the open :)

But, tomorrow will be dancing my ass off to quite some of my favourite producers :D

In a moment of boredom I decided to pen test the new system I've been writing on the live server. Ran sqlmap but forgot to proxy my connection.

DDOS protection kicked in and blocked the entire offices connection to the server, had to drive home quickly to use my home internet to un-blacklist my office ip. 😂

We need to use VPN to ssh into the university's server when on a university WiFi, but not at home.

#ohTheSecurity

Inception.
Today I needed to check something in a remote server: this was the easiest way:
1: teamviewer to my home pc from university
2: started a vm on that machine with vpn connection to my work office
3: rdp to a windows server vm
4: ssh to a vm on our hosting cluster
5: from there, ssh to the server that I needed access to

I starten when I was 12 years old. I got bullied and got interested in computers. One day I crashed my dads computer and he reinstalled it. After that my dad made two accounts. The regular user (my account) and the Administrator user (my dads account). He also changed the language from Dutch to English. Gladly I could still use the computer by looking at the icons :')

Everytime I needed something installed I had to ask my dad first (for games mostly because there was no cable internet at that time). Then I noticed the other user account while looking over my dads shoulders. So I tried to guess the password and found out the password was the same as the label next to the password field "password".

At that point my interest in hacking had grown. So when we finally got cable internet and my own computer (the old one) MSN Messenger came around. I installed lots of stuff like flooders etc. Nobody I knew could do this and people always said; he is a hacker. Although it is not.

I learned about IP-address because we sometimes had trouble with the internet. So when my dad wasn't home he said to me. Click on this (command prompt) and type in; ipcondig /all. If you don't see an IP-address you should type in; ipconfig /renew.

Thats when I learned that every computer has a unique address and I started fooling around with hacking tools I found on internet (like; Subseven).

When I got older I had a new friend and fooled around with the hacking tools on his computer. Untill one day I went by my friend and he said; my neighbor just bought my old computer. The best part was that he didn't reinstall it. So we asked him to give us the "weird code on the website" his IP-Address and Subseven connected. It was awesome :'). (Windows firewall was not around back then and routers weren't as popular or needed)

At home I started looking up more hacking stuff and found a guide. I still remember it was a white page with only black letters like a text file. It said sometime like; To be a hacker you first need to understand programming. The website recommended Visual Basic 6 for beginners. I asked my parents to buy me a book about it and I started reading in the holliday.

It was hard for me but I really wanted to hack MSN accounts. When I got older I just played around and copy -> pasted code. I made my own MSN flooders and I noticed hacking isn't easy.

I kept programming and learned and learned. When I was 16/17 I started an education in programming. We learned C# and OOP (altho I hated OOP at first). I build my own hacking tool like "Subseven" and thats when I understood you need a "server" and "client" for a successful connection.

I quit the hacking because it was getting to difficult and after another education I'm now a fulltime back-end developer in C#.

That's my story in short :)

Installed an SSH server on my desktop so I can use the shell from my laptop...while still sitting in front of my desktop. Keyboard is less than a foot beyond my reach because leaning back, but laptop is in reaching distance.

Still have that SSH server up for mainly the same reason. Decided to also open it to WAN so I can do shit while I'm not home too.

It all started in the year 2013.
I was 13 years old back then. I was a fan of Minecraft and so I learned how to setup a bukkit server and ran it. Installing plugins was fun, because I could be a "hacker" and change the configs.
After a while, (~2014), when I was in the 9th grade of elementary school, I saw Unity. A free game engine. Of course, me being a 14 year old I was intrigued and so I downloaded it, made an account and a new project. I had absolutely ZERO knowledge of programming. Didn't even know what languages existed, so i resorted to presets and poorly put together characters + weapons.
After some time fiddling around with Unity, I've gotten a hang of the basics (not programming related).
My actual programming started when I started High School (year 2016). It's a computer engineering school and for the first part of the year, I've learned from my teacher in C# (Console.WriteLine/ReadLine/Loops/Variables). At the second semester I started to gain interest and motivation to program at home. I did the programs we made in school (random number guessing game) but better. Improved it, added colors.
After that, I started developing in Unity - Actually learning something and having the ability to develop something all by myself. It keeps driving me on. In the second year (the year I'm visiting right now) I tought myself HTML, CSS, JavaScript, jQuery, PHP. I'm very happy and also can't wait to discover and learn new things in these languages!
My latest project was an Android application for my father that he asked for (it calculated the price of the 3D print he would make).

// Sorry for the long post!

EDIT: Forgot to add a fun little detail. All my classmates make fun of me because I program so much !
Also: Tabs > Spaces

Fucking cloud providers always trying to steal your shit and spy on your things, fucking prying eyes. That's why i've decided to go back hosting my own private cloud from home. Running on some very energy efficient shit: dual core intel atom cpu (so slow that it can't fucking run windows normally), 16gb of ram, because why the fuck not? and 1tb 2.5"hdd, along with unlimited data - 100/100 Mbit/s internet connection with a server response time less than 95ms just to backup my shitty Iphone selfies and cat pics, host some very important files and regularly back up my contacts. This shit runs CentOS, Nginx, https, bitch! This platform is more trustworthy than your shitty dropbox or whatever other shit they offer you. I can choose whether i back-up my shit from local network or over internetz, Costing me no more than 25€ annually(just to keep the machine on 24/7/365).

Preface: My company took over another company. A week ago I inherited their IT.

"IT" !!!! Are you fucking kidding me?!

Their server stood at an ex employees homeoffice. So I drove to her and she had 0 idea about IT. Server was just "Running". I tore that fuck down and saw an aweful lot of Hentai in all home folders.

WTF?!

Not enough, their crm was a makroinfested access table. Shit was protected so I couldn't even edit the makros. The retarded fucktards hardcoded paths to serverside folder \\fuck\you\hard\cavetroll

Just so that server will never see the light of my domain! Damn you? Mothership of sisterfucking dickgirls!

Im going to fucking murder the QA team if they don't stop sender bullshit issues!

QA: hey dev, there is an error with attached files.
Me: okay what's the issue?
QA: it's just a random file that gets attached. Can you fix it by the end of the sprint(tomorrow)?
Me: I need to investigate it a bit before I can tell you how long it will take, how can I reproduce it?
QA: idk, it was just there.
*several hours of testing later*
Me: I've tried to cause the 'issue' on my local server, the test server and the live server. But I haven't seen it and I have no clue what could cause it.
*30min. before I go home*
QA: dev you have to fix it before you go home! Because we have some other important issues you have to fix tomorrow!

FUCK YOU AND YOUR IMAGINARY ISSUES I'M GOING HOME

1 - Please hack his/her facebook account for me.

2 - (at home) I used to block wifi access by mac filtering and if there's legit server down and wifi isn't working, everyone blames me.

(I am freelancer and mostly work from home)

3 - almost all of my relatives think I don't work.

4 - I am first choice for everyone's phone, PC and hardware repair.

This one is classic

GET A REAL JOB, you need to go out in the field for work.

Visual Studio Code.

I've tried you because of hearing a lot of good stuff about you. I'd switch back to netbeans regardless because I love netbeans and I always try to use as little as possible from companies like Google/microsoft/facebook (and others) but what you're pulling right now is un-fucking-believable.

I've disabled ANY AND EVERY form of calling home I could (find) in your settings. Crash reports, automatic updates, metrics, you name it. I've searched all the fucking settings but I can't find any other home calling thing that's enabled and yet:

I'm monitoring every goddamn DNS request (through my own DNS server) and I'm still seeing calls to a Microsoft owned domain. Closed all my browser sessions and you as well and it stopped. Started browser again but not you, nothing.
Started you again: BAM. Calls to that damned Microsoft owned domain again.

If you can't honour my decision for disabling any form of home calls, go fuck yourself.

Netbeans, I'm back, I've missed you 💜

My school just tried to hinder my revision for finals now. They've denied me access just today of SSHing into my home computer. Vim & a filesystem is soo much better than pen and paper.

So I went up to the sysadmin about this. His response: "We're not allowing it any more". That's it - no reason. Now let's just hope that the sysadmin was dumb enough to only block port 22, not my IP address, so I can just pick another port to expose at home. To be honest, I was surprised that he even knew what SSH was. I mean, sure, they're hired as sysadmins, so they should probably know that stuff, but the sysadmins in my school are fucking brain dead.

For one, they used to block Google, and every other HTTPS site on their WiFi network because of an invalid certificate. Now it's even more difficult to access google as you need to know the proxy settings.

They switched over to forcing me to remote desktop to access my files at home, instead of the old, faster, better shared web folder (Windows server 2012 please help).

But the worst of it includes apparently having no password on their SQL server, STORING FUCKING PASSWORDS IN PLAIN TEXT allowing someone to hijack my session, and just leaving a file unprotected with a shit load of people's names, parents, and home addresses. That's some super sketchy illegal shit.

So if you sysadmins happen to be reading this on devRant, INSTEAD OF WASTING YOUR FUCKING TIME BLOCKING MORE WEBSITES THAN THEIR ARE LIVING HUMANS, HOW ABOUT TRY UPPING YOUR SECURITY, PASSWORDS LIKE "", "", and "gryph0n" ARE SHIT - MAKE IT BETTER SO US STUDENTS CAN ACTUALLY BROWSE MORE FREELY - I THINK I WANT TO PASS, NOT HAVE EVERY OTHER THING BLOCKED.

Thankfully I'm leaving this school in 3 weeks after my last exam. Sure, I could stay on with this "highly reputable" school, but I don't want to be fucking lied to about computer studies, I don't want to have to workaround your shitty methods of blocking. As far as I can tell, half of the reputation is from cheating. The students and sysadmins shouldn't have to have an arms race between circumventing restrictions and blocking those circumventions. Just make your shit work for once.

**On second thought, actually keep it like that. Most of the people I see in the school are c***s anyway - they deserve to have half of everything they try to do censored. I won't be around to care soon.**

I’ve started the process of setting up the new network at work. We got a 1Gbit fibre connection.

Plan was simple, move all cables from old switch to new switch. I wish it was that easy.

The imbecile of an IT Guy at work has setup everything so complex and unnecessary stupid that I’m baffled.
We got 5 older MacPros, all running MacOS Server, but they only have one service running on them.

Then we got 2x xserve raid where there’s mounted some external NAS enclosures and another mac. Both xserve raid has to be running and connected to the main macpro who’s combining all this to a few different volumes.

Everything got a static public IP (we got a /24 block), even the workstations. Only thing that doesn’t get one ip pr machine is the guest network.
The firewall is basically set to have all ports open, allowing for easy sniffing of what services we’re running.

The “dmz” is just a /29 of our ip range, no firewall rules so the servers in the dmz can access everything in our network.

Back to the xserve, it’s accessible from the outside so employees can work from home, even though no one does it. I asked our IT guy why he hadn’t setup a VPN, his explanation was first that he didn’t manage to set it up, then he said vpn is something hackers use to hide who they are.

I’m baffled by this imbecile of an IT guy, one problem is he only works there 25% of the time because of some health issues. So when one of the NAS enclosures didn’t mount after a power outage, he wasn’t at work, and took the whole day to reply to my messages about logins to the xserve.

I can’t wait till I get my order from fs.com with new patching equipment and tonnes of cables, and once I can merge all storage devices into one large SAN. It’ll be such a good work experience.

I've got to say, arriving at my teeny tiny rented room after a long day of distribution center work and sitting down behind my monitors with a good beer and doing some programming/server stuff really feels like coming home 😍.

TLDR: Small family owned finance business woes as the “you-do-everything-now” network/sysadmin intern

Friday my boss, who is currently traveling in Vegas (hmmm), sends me an email asking me to punch a hole in our firewall so he can access our locally hosted Jira server that we use for time logging/task management.

Because of our lack of proper documentation I have to refer to my half completed network map and rely on some acrobatic cable tracing to discover that we use a SonicWall physical firewall. I then realize asking around that I don’t have access to the management interface because no one knows the password.

Using some lucky guesses and documentation I discover on a file share from four years ago, I piece together the username and password to log in only to discover that the enterprise support subscription is two years expired. The pretty and useful interface that I’m expecting has been deactivated and instead of a nice overview of firewall access rules the only thing I can access is an arcane table of network rules using abbreviated notation and five year old custom made objects representing our internal network.

An hour and a half later I have a solid understanding of SonicWallOS, its firewall rules, and our particular configuration and I’m able to direct external traffic from the right port to our internal server running Jira. I even configure a HIDS on the Jira server and throw up an iptables firewall quickly since the machine is now connected to the outside world.

After seeing how many access rules our firewall has, as a precaution I decide to run a quick nmap scan to see what our network looks like to an attacker.

The output doesn’t stop scrolling for a minute. Final count we have 38 ports wide open with a GOLDMINE of information from every web, DNS, and public server flooding my terminal. Our local domain controller has ports directly connected to the Internet. Several un-updated Windows Server 2008 machines with confidential business information have IIS 7.0 running connected directly to the internet (versions with confirmed remote code execution vulnerabilities). I’ve got my work cut out for me.

It looks like someone’s idea of allowing remote access to the office at some point was “port forward everything” instead of setting up a VPN. I learn the owners close personal friend did all their IT until 4 years ago, when the professional documentation stops. He retired and they’ve only invested in low cost students (like me!) to fill the gap. Some kid who port forwarded his home router for League at some point was like “let’s do that with production servers!”

At this point my boss emails me to see what I’ve done. I spit him back a link to use our Jira server. He sends me a reply “You haven’t logged any work in Jira, what have you been doing?”

Facepalm.

Great finaly get away on vacation 2weeks of just realaxing, 30min before leaving to the airport i get a sms from my server one of my main hard drives fail. No problem just need to swap the drive and start the recover at the airport.
At the airport i connect to my home vpn and start the recovery everything works fine just need to restart the server when done ~12h. next day im in the hotell and my vpn does not accept my connection, okey might be the hotell that block vpn connections i try my external vpn and it works and i try to connect home when i get a lovley text from my server "login attempt has failed from ip:x" then it hits me i have forgotten to add to whitelist. Outsmarted myself to just let i be.
So i finally get 2 weeks off and nothing i can do about it.

So probably about a decade ago at this point I was working for free for a friend's start-up hosting company. He had rented out a high-end server in some data center and sold out virtualized chunks to clients.

This is back when you had only a few options for running virtual servers, but the market was taking off like a bat out of hell. In our case, we used User-Mode Linux (UML).

UML is essentially a kernel hack that lets you run the kernel in user space. That alone helps keep things separate or jailed. I'm pretty sure some of you can shed more light on it, but that's as I understood it at the time and I wasn't too shabby at hacking the kernel when we'd have driver issues.

Anyway, one of the ways my friend would on-board someone was to generate a new disk image file, mount it, and then chroot to that mount path. He'd basically use a stock image to do this and then wipe it out before putting it live.

I'm not sure exactly what he was doing at the time, but I got a panicked message on New Years Day saying that he had deleted everything. By everything, he had done an rm -fr /home as root on what he had thought was the root of a drive image.

It wasn't an image. It was the host server.

In the stoke of a single command, all user data was lost. We were pretty much screwed, but I have a knack for not giving up - so I spent a ton of time investigating linux file recovery.

Fun fact about UML - since the kernel runs in user space as a regular ol' process, anything it opens is attached to that process. I had noticed that while the files were "gone", I could still see disk usage. I ended up finding the images attached to their file pointers associated with each running kernel - and thankfully all customers were running at the time.

The next part was crazy, and I still think is crazy. I don't remember the command, but I had to essentially copy the image from the referenced path into a new image file, then shutdown the kernel and power it back on from the new image. We had configs all set aside, so that was easy. When it finally worked I was floored.

Rinse and repeat, I managed to drag every last missing bit out of /proc - with the only side effect being that all MySQL databases needed to be cleaned up.

“sEniOr tEcHniCiaN”: “I don’t know what Blazor is. I write my projects in ASP.NET. You should just use ASP.NET”

Me: …”Blazor *is* ASP. This project is running on ASP.NET 6.”

“seNioR tEchNiCiaN”: “As previously stated, I don’t use Blazor. I don’t care what version it is.”

Yes, this is a real exchange from my ongoing problems with this idiot.
His attitude is what ticks me off the most.
He doesn’t know what CORS is.
He doesn’t understand that “ASP.NET” covers Blazor, Razor Pages, the old MVC stuff, web APIs, and more.
He doesn’t understand the difference between a web request being initiated from the browser via Fetch and a web request being initiated from the server. (“My ASP site is shown in the browser, so requests to the third party API aren’t originating from the server.”)

And yet has the arrogance to repeatedly talk down to me while I try to explain basic concepts to him in the least condescending way possible.

After going around and around in circles with him, he finally admitted to me that “he doesn’t actually know what the CORS configuration looks like or how to modify it, to be honest.”

I just wanna go home.

Fuck strict corporate software policies, just let me WORK (⁠╯⁠°⁠□⁠°⁠）⁠╯⁠︵⁠ ⁠┻⁠━⁠┻

When I came to this new workplace I was given a Windows laptop. And it came with a bunch of pre-installed corporate stuff and policies like automatic mandatory frequent driver and windows updates. Although I prefer linux, I thought, maybe I'll switch later, first let's see how everything works here, since on Windows I had all VPNs, certificates and other corpo stuff pre-configured out of the box. But imagine missing a standup, because of windows update in the morning. Or missing audio, because of drivers update in the middle of the meeting. And make it every week or so. Also, I couldn't not install my portable DAC drivers, because limited access, blah blah fuck me. And many other small things that I vaguely remember by now.
Later corpo decided to add a tracking plugin into a browser and that was it for me. Gladly, corpo policy allows using Linux (they have their own modified Ubuntu version), which has MUCH less of this crap. I mean, it's still somewhat managed by corpo (like I can't get rid of duplicated PPA, lol.. and sometimes I need to wait like 1-2 mins to login to my laptop because of login server timeout), but that's still better...

Linux, home, sweet home, I missed you <3

Also, I dodged the bullet. Win11 upgrade was a funny shit show to watch :D

That's it. That's all I have for my home server setup. I don't even know why we have that sticky red thing, but today it came handy. And now I can SSH anytime I want, it's never going get shutdown 😂

Thanks to @C0D4 I rediscovered Folding@Home!

I've been running this on a very powerful server at home at full-speed for a few days now (quite some cores being used to the max right now, it's like I have a vacuum cleaner running full-time in my place 😄)

Then, last night it hit me that I have quite a few servers running close to idle (rented ones).....

I'm now running a total of 4 servers at full capacity with Folding@Home.

Can recommend!

One of those things that put a smile on my face happened today.

I (like many devs) am fond of Linux. So I use Linux on everything.

I'm currently doing an internship abroad in Finland(Linus Torvald's country!) for my college.

So there is this Finnish student who uses Linux. And after a while he asked what I was using so I told him that I'm running linux(arch+i3 like all the cool kids).

So one day he was like; But can you game on Linux?
I was like, yeah sure, might not work as well as Windows but some games run native and some can be emulated through wine. He was like; Hmm maybe I'll try it out.

So he installed Linux mint on his laptop and came to work. I was rather proud (even though he installed the bastard child of Debian and Ubuntu).

So far I've helped him set up streaming games from his pc to Linux and port forwarding.

But then came the big boy. Since I always try to teach him some stuff since they don't teach him a lot at his school.

He asked me if I could help him set up a plex streaming server on Linux.

So we took an old computer and installed Ubuntu Server(Lot's of information for it).

Installed and configured plex server, qtbittorrent-knox and all kind of goodies.

I started showing him how to use ssh, how the rights system works, etc.

It broke my heart a little that he want to be able to teamviewer in it.(since it's running openSSH daemon)

So he installed Ubuntu's desktop ontop of it as well as teamviewer.

It ran slow as hell because the PC has an old crummy core2duo and ddr2 2gb of ram. It chokes when multitasking.

So seeing that as well as telling him everything that can be done with a GUI can be done in CLI.

I saw the lightbulb lighting up. He gets it now. He understand the power of Linux.

That just made me smile all the way home.

My first job was actually nontechnical - I was 18 years old and sold premium office furniture for a small store in Munich.
I did code in my free time though (PHP/JS mostly, had a litte browsergame back then - those were the days), so when my boss approached me and asked me whether I liked to take over a coding project, I agreed to the idea.

Little did I know at the time: I was supposed to work with a web agency the boss had contracted to build their online shop. Only that he had no plan or anything, he basically told them "build me an online shop like abc(a major competitor of ours at the time)"

He employed another sales lady who was supposed to manage the shop (that didn't exist yet). In the end, I think 80% of her job was to keep me from killing my boss.

As you can imagine, with this huuuuge amout of planning and these exact visions of what was supposed to be, things went south fast and far. So far that I could visit my fellow flightless birds down in the Penguin's republic of Antarctica and still need to go further.

Well... When my boss started suing the web agency, I was... ahem, asked to take over. Dumb as I was, I did - I was a PHP kid and thought that Magento, being written in PHP, would be easy to master. If you know Magento, you know that was maybe the wrongest thing I ever said.

Fast forward 3 very exhausting months, the thing was online. Not all of it worked yet, but it was online and fairly secure.

I did next to everything myself, administrating the CentOS box the shop was running on, its (own) e-mail server, the web server, all the coding required for the shop (can you spell 12 hour day for 8 hour pay?)

3 further months later, my life basically was a wreck, I dragged myself to work, the only thing I looked forward being the motorcycle ride home. The system worked though.

Mind you, I was still, at the time, working with three major customers, doing deskside support and some admin (Win Server 2008R2 at the time) - because, to quote my boss, "We could not afford a full time developer and we don't need one".

I think i stopped coding in my free time, the one hobby I used to love more than anything on the world, somewhere Decemerish 2012. I dropped out of the open source projects I was in, quit working on my browser game and let everything slide.

I didn't even care to renew the domains and servers for it, I just let it die without notice.

The little free time I had, I spent playing video games and getting drunk/high.

December 2013, 1.5 years on the job, I reached my breaking point and just left, called in sick at least a week per month because I just could not see this fucking place anymore.

I looked for another job outside of ALL of what I did before. No more Magento, no more sales, no more PHP. I didn't have to look for long, despite what I thought of my skills.

In February 2014, I told my boss that I quit. It was still seven months until my new job started, but I wanted him to know early so we could migrate and find a replacement.

The search for said replacement started in June 2014. I had considerably less work in the months before, looks like he got the hint.

In August 2014, my replacement arrived and I got him started.

I found a job, which I am still in, and still happy about after almost half a decade, at a local, medium sized ISP as a software dev and IT security guy. Got a proper training with a certificate and everything now.

My replacement lasted two months, he was external and never really did his job - the site, which until I had quit, had a total of 3 days downtime for 3 YEARS (they were the hoster's fault, not mine), was down for an entire month and he could not even tell why.

HIS followup was kicked after taking two weeks to familiarize himself with the project. Well, I think that two weeks is not even barely enough to familiarize yourself with nearly three years of work, but my boss gave him two days.

In 2016, the shop was replaced with another one. Different shop system, different OS, different CI. I don't know why and I can't say I give a damn.

Almost all the people that worked at the company back with me have left for greener pastures, taking their customers (and revenue) with them.

As for my boss' comments, instructions and lines: THAT might not be safe for work. Or kids. Or humans in general. And there wouldn't be much left if you put it through a language filter...

Moral of the story: No, it's not a bad thing to leave a place if you're mistreated there. Don't mistake loyalty with stupidity!

And, to quote one of my favourite Bands: "Nothing matters when the pain is all but gone" (Tragedy + Time by Rise Against).

Back when I migrated my file server to a VM, I used robocopy to copy everything over (and caused quite a few fuckups before it'd behave halfway decent.. or so I thought). Now I tried to add my desktop's SSH key to the authorized_keys on said server but it wouldn't accept my key after that. After a bit of digging I've found that my entire home directory (where the file server hosts its mirror of my D: drive) had everything set to 777, and that's why the key isn't accepted. Great permission mode, isn't it? Much secure, very wow! Thank you so much robocopy!!!

I just discovered that my dedicated server is a tamagotchi laying around at somebody's home. While benchmarking cpu I discovered that it performed worse than my 4yr old chromebook with mediatek processor.

!dev

The school I went to didn't have PCs when I first joined (had some RISC OS machines instead). They got Windows 95 PCs eventually and networked them. I had no experience with networking before this, but had a PC at home. We all had mapped drives to resources on the server. The PCs were pretty locked down - no "Run" command etc.

Anyway, one day the head of IT came in to one of the lessons and asked me "how I did it".

What had I done? Well, clearly he had seen something I'd taught one of my friends. I wrote it down for him.

1. Right-click the desktop
2. New shortcut
3. \\nameofserver
4. OK

Such hax, being able to see the file shares on the server.

Shortly after this, all computer areas had signs saying "no shortcuts allowed"...

This one was probably last week of my highschool education so everyone including myself were drunk as fuck like 90% of the time.

Came home drunk one evening and woke up in the morning with a working keylogger waiting to be deployed on school computers. Apparently I've even implemented FTP upload, some basic firewall bypasses and autostart feature. Everything was actually quite good, excluding my stupidness to upload captured data on server through FTP, but there was anyways no-one smart enough in that school to decompile a Windows executable binary.

What's more interesting is until that moment I've never written anything remotely so complicated - I was doing examples from the book and didn't think I have enough knowledge to make program that has any real life application.

After that day it started coming to me that one day I could actually earn for life with programming.

Was office SharePoint bitch at one point. This guy wanted me to build a workflow for him that would enforce insane checks on his (peer) colleagues. Asked if his manager approved and obviously they hadn't. So this guy started telling me he would build his own application from scratch and host it on his home server if I didn't help him. Pointing out the business might object to their confidential data being put on his home server didn't put him off. Getting laid off a few months later for gross incompetence did however.

!Rant

Story, only read this if you feel like wasting your time

Ok so I live in a small village and it takes around 15 minutes to get to the next city by car. I can't drive yet because I am 15 and so I would need my parents to drive me there. There are also no buses anymore which drive to the city after 2pm.

Most of my friends live in that city, none of them code. We always meet on a discord server and then play games or do some other shit. Today I got online at around 3pm and when I joined the discord server they asked me if I wanted to go see the movie 'IT' with them tonight, I said yeah of course (I am a huge fan of horror movies), but only if my parents come home early enough to drive me there.
Time passed and then my last friend left the discord server because he had to walk to the cinema.
I was the last one still on the server and also the one with the farest way to the cinema. I already knew that my parents wouldn't come home in time anymore and so I decided to just start coding something. I usually code while listening to some music and so I switched over to spotify to choose a playlist. I just randomly clicked on the first playlist spotify recommended me and the song started playing: 'Sound of silence'.

Fuck you spotify algorithm.

I know that not being able to go to the cinema with your friends is a fucking stupid reason to be sad but I just feel very sad right now. Sitting alone in my dark room staring at my computer screen.

Sorry for wasting your time

My Sunday Morning until afternoon. FML. So I was experiencing nightly reboots of my home server for three days now. Always at 3:12am strange thing. Sunday morning (10am ca) I thought I'd investigate because the reboots affected my backups as well. All the logs and the security mails said was that some processes received signal 11. Strange. Checked the periodics tasks and executed every task manually. Nothing special. Strange. Checked smart status for all disks. Two disks where having CRC errors. Not many but a couple. Oh well. Changing sata cables again 🙄. But those CRC errors cannot be the reason for the reboots at precisely the same time each night. I noticed that all my zpools got scrubbed except my root-pool which hasn't been scrubbed since the error first occured. Well, let's do it by hand: zpool scrub zroot....Freeze. dafuq. Walked over to the server and resetted. Waited 10 minutes. System not up yet. Fuuu...that was when I first guessed that Sunday won't be that sunny after all. Connected monitor. Reset. Black screen?!?! Disconnected all disks aso. Reset. Black screen. Oh c'moooon! CMOS reset. Black screen. Sigh. CMOS reset with a 5 minute battery removal. And new sata cable just in cable. Yes, boots again. Mood lightened... Now the system segfaults when importing zroot. Good damnit. Pulled out the FreeBSD bootstick. zpool import -R /tmp zroot...segfault. reboot. Read-only zroot import. Manually triggering checksum test with the zdb command. "Invalid blckptr type". Deep breath now. Destroyed pool, recreated it. Zfs send/recv from backup. Some more config. Reboot. Boots yeah ... Doesn't find files??? Reboot. Other error? Undefined symbols???? Now I need another coffee. Maybe I did something wrong during recovery? Not very likely but let's do it again...recover-recover. different but same horrible errors. What in the name...? Pulled out a really old disk. Put it in, boots fine. So it must be the disks. Walked around the house and searched for some new disks for a new 2 disk zfs root mirror to replace the obviously broken disks. Found some new ones even. Recovery boot, minimal FreeBSD Install for bootloader aso. Deleted and recreated zroot, zfs send/recv from backup. Set bootfs attribute, reboot........
It works again. Fuckit, now it is 6pm, I still haven't showered. Put both disks through extensive tests and checked every single block. These disks aren't faulty. But for some reason they froze my system in a way so that I had to reset my BIOS and they had really low level data errors....? I Wonder if those disks have a firmware problem? So that was most of my Sunday. Nice, isn't it? But hey: calm sea won't make a good sailor, right?

Just found out that Microsoft Edge sends unbelievable many requests to the Server if you keep Holding Ctrl + R (Reload site)
Don't tr it at home haha
Now i got temporarily blocked on StackExchange (for About 8 h):

The story of the shittiest, FUCKING WORST day of work.

TLDR: shitty day at work, car crash to end the day.

So, let tell you about what could possibly be the worst day I had since I started working.

This morning, my alarm didn't work, woke up 30 minutes before an appointment I had with a client.

Arrived late at the client, as I start deploying. They don't have any way to transfer the deployment package to the secured server. Lost 45 minutes there.

Deployment goes pretty well. My client asks me to stay while they load some data into the app. Everything's pretty easy to work out. Just need to input 3 CSV with the correct format (which the client defined since the beginning).
I end up watching an Excel Macro called "Brigitte" (I'm not fucking kinding, could'nt have thought of that) work for 4 hours straight. Files are badly formatted and don't work.

Troubbleshooting thoses files with a fucking loader that does not tell you anything about why it failed (our fault on that one)

I leave the client at 7:30pm, going back at work, leave at 9pm.

At this point, I just want to buy some food, go home and watch series.

But NO, A FUCKING MORRON OF A BUS DRIVER had to switch lanes as I was overtaking him. Getting me crushed between the bus and the concrete blocks.

Cops were fucking dickheads, being very mean even tho I was still shaking from the adrenaline.

In conclusion, the day could have been worst. The devs at the clients are pretty cool guys and we actually had some fun troubleshooting. At work, there was still one of my colleagues who cheered me up telling me about his day.
And when I think of it, I could have got really hurt (or even worst) in the crash.

A bad day is a bad day, tomorrow morning I'm still going to get up and go to a job I love, with people I love working with.

Very big rant (sorry about that if someone's still reading)

I miss old times rants...So i guess, here it goes mine:

Tomorrow is the day of the first demo to our client of a "forward-looking project" which is totally fucked up, because our "Technical Quality Assurance" - basically a developer from the '90-s, who gained the position by "he is a good guy from my last company where we worked together on sum old legacy project...".
He fucked up our marvellous, loose coupling, publish/subscribe microservice architecture, which was meant to replace an old, un-maintainable enormous monolitch app. Basically we have to replace some old-ass db stored functions.
Everyone was on our side, even the sysadmins were on our side, and he just walked in the conversation, and said: No, i don't like it, 'cause it's not clear how it would even work... Make it an RPC without loose coupling with the good-old common lib pattern, which made it now (it's the 4th 2 week/sprint, and it is a dependency hell). I could go on day and night about his "awesome ideas", and all the lovely e-mails and pull request comments... But back to business

So tomorrow is the demo. The client side project manager accidentally invited EVERYONE to this, even fucking CIO, legal department, all the designers... so yeah... pretty nice couple of swallowed company...

Today was a day, when my lead colleague just simply stayed home, to be more productive, our companys project manager had to work on other prjects, and can't help, and all the 3 other prject members were thinking it is important to interrupt me frequently...

I have to install our projects which is not even had a heart beat... not even on developer machines. Ok it is not a reeeeaaally big thing, but it is 6 MS from which 2 not even building because of tight coupling fucktard bitch..., But ok, i mean, i do my best, and make it work for the first time ever... I worked like 10 ours, just on the first fucking app to build, and deploy, run on the server, connect to db and rabbit mq... 10 FUCKING HOURS!!! (sorry, i mean) and it all was about 1, i mean ONE FUCKING LINE!

Let me explain: spring boot amqp with SSL was never tested before this time. I searched everything i could tought about, what could cause "Connection reset"... Yeah... not so helpful error message... I even have to "hack" into the demo server to test the keystore-truststore at localhost... and all the fucking configs, user names, urls, everything was correct... But one fucking line was missing...
EXCEPT ONE FUCKING LINE:
spring.rabbitmq.ssl.enabled=false # Whether to enable SSL support.

This little bitch took me 6 hours to figure out...so please guys, learn from my fault and check the spring boot appendix for default application properties, if everything is correct, but it is not working...

And of course, if you want SSL then ENABLE it...
spring.rabbitmq.ssl.enabled=true

BTW i really miss those old rants from angry devs, and i hope someone will smile on my fucking torture

I wanted to be able to physically start a home computer remotely.

- raspberry pi
- power relay to simulate the button
- a messenger chatbot linked to my account only

Now my local server is startable from anywhere

Another incident which made a Security Researcher cry
[ NOTE : Check profile to read older incidents ]
-----------------------------------------------------------
So this all started when I was at my home (bunked the office that day xD) and I got a call from a..... Let's call him Fella as I always do . So here we go . And yeah , our Fella is a SysAdmin .
-----------------------------------------------------------
Fella - Hey man sup!
Me - Good going mate , bunked the office , weather's nice , gonna spend time with my girl today . So what's goinon?
Fella - Bruh my network sharing folders ain't working no more .
Me - Did you changed or modified anything?
Fella - Nope
Me - Okay , gimme your login creds lemme check .
Fella - Check your inbox *texts me the credentials*

*I logged in and what I'm seeing is that server runs on Windows2008R2 , checked the event logs , everything's fine and all of a sudden what I found is fucking embarrassing , this wise man closed SMB service*
Me - Did you closed SMB service?
Fella - Yeah
Me - You know what it does?
Fella - Yeah it's a protocol , I turned it off to protect the server from Wannacry .
Me - Fuckerrrr!!!!! Asshole dumbass you fuckin piece of Dodo's shit!! SMB is the service responsible for files and network sharing!!!
Fella - But....I just wanted protection
Me - 😭😭😭

*A long conversation continues with a lot of specially made words to decrease the rate of frustration which I used already*

Fella - Okay I'm turning it on .
Me - Go on....... Asshole
Fella - It worked! Thanks a lot bro
Me - Just leave me and my soul away from evil and hang up .

*Now the question is , who the hell gives them the post of SysAdmin? While thinking this question , I almost thought of committing suicide​ but then my girl came with coffee and my rubber duck*

A nice side effect of running a neural network on my home server is that I no longer need a white noise machine

Got my first serious project about a year ago. Made it clear to the client that we are developing a Windows app. After around 80-100 hours of work client just goes "how about we make this a web app?" Got a "financial support" instead of the agreed payment. Got around 4 times less money than agreed upon. They never ended up using some parts of the software (I ran the server so I knew that they weren't using it)

I once had a nightmare explaining to the client that he cannot use a 30+ MB image as his home page background. Average internet speed in my country is around 1-2 MB/s. I even had to do the calculation for him because he couldn't figure out the time it took for the visitor to load the image.

He shutdown the server went home thinking it was his VM. Didn't take a second look at what happened.
--my past

"here s your new server"
*Suse 12*
*Fs Layout is a mess*
*Ext3 everywhere*
*Docker is poorly supported, but supposed to be the heart of the server*
Can i go home please?

While trying to install OpenSUSE on my home server, something has gone wrong...

I appear to have installed OpenSUSE onto the flash drive plugged into my server instead... 😐

Working with DigitalOcean boxes for so long has spoiled me.

I went to setup something on my home server today, and couldn't figure out what I was doing wrong for like 30 minutes...

Until I realized that I never forwarded port 80.

*sigh.

hello devranters,

been a while, past few weeks have been a painful one for me.

I finally got that second monitor and also built the small home server( I'll give details in another rant).

been a lot going on around me, there's a protest going on and a lot of young "unarmed" people including children killed, lots of gory images, all we were asking for was to stop police brutality, they're still shooting at people. it's a lot going on here. I can't even concentrate. I took some time off social media because all the bodies I was seeing was beginning to get into my head.
I really can't Express how I feel right now. we were expecting the international community(I really dont know who exactly) to come to our aid, lol
It's all over Twitter. images, videos, everything.
I just hope everything gets better.

the image is my new setup. I just log hello world on the console and that's all I do with it.
my table is basically two wooden slabs supported by textbooks on chairs(at last I found use for them since I never read them in school ). server is under the table.

keep us in your prayers. thanks

last day, 1 h 50 minutes left

now they ask about passwords, how is it with the backups and so on.

Well told him 3 months ago that the backups is on my server at home and I will remove the backups today ...

Personally I am starting to think that any development tools, resources and sites should not be allowed to use marketing dribble.

It should go
-> Land on home page
-> Hi, we are a realtime database cloud host
-> no you cannot host it yourself
-> here is code to speak to our servers
-> here is the cost
->now take it or go.

Something like that, and not

We provide clients with the leading cloud and hosted data solutions that can scale vertically and horizontally on and offline data management keeping people connected and saving kittens.

Fuck you show me one kitten you saved? Lying pieces of shit that do not want to just say hey this is what we have , this is ours, it may not be much but it is what we believe in and if you would like to use it here is how , thank you now move the fuck along our server can't handle so many concurrent connections.

A few days ago Aruba Cloud terminated my VPS's without notice (shortly after my previous rant about email spam). The reason behind it is rather mundane - while slightly tipsy I wanted to send some traffic back to those Chinese smtp-shop assholes.

Around half an hour later I found that e1.nixmagic.com had lost its network link. I logged into the admin panel at Aruba and connected to the recovery console. In the kernel log there was a mention of the main network link being unresponsive. Apparently Aruba Cloud's automated systems had cut it off.

Shortly afterwards I got an email about the suspension, requested that I get back to them within 72 hours.. despite the email being from a noreply address. Big brain right there.

Now one server wasn't yet a reason to consider this a major outage. I did have 3 edge nodes, all of which had equal duties and importance in the network. However an hour later I found that Aruba had also shut down the other 2 instances, despite those doing nothing wrong. Another hour later I found my account limited, unable to login to the admin panel. Oh and did I mention that for anything in that admin panel, you have to login to the customer area first? And that the account ID used to login there is more secure than the password? Yeah their password security is that good. Normally my passwords would be 64 random characters.. not there.

So with all my servers now gone, I immediately considered it an emergency. Aruba's employees had already left the office, and wouldn't get back to me until the next day (on-call be damned I guess?). So I had to immediately pull an all-nighter and deploy new servers elsewhere and move my DNS records to those ASAP. For that I chose Hetzner.

Now at Hetzner I was actually very pleasantly surprised at just how clean the interface was, how it puts the project front and center in everything, and just tells you "this is what this is and what it does", nothing else. Despite being a sysadmin myself, I find the hosting part of it insignificant. The project - the application that is to be hosted - that's what's important. Administration of a datacenter on the other hand is background stuff. Aruba's interface is very cluttered, on Hetzner it's super clean. Night and day difference.

Oh and the specs are better for the same price, the password security is actually decent, and the servers are already up despite me not having paid for anything yet. That's incredible if you ask me.. they actually trust a new customer to pay the bills afterwards. How about you Aruba Cloud? Oh yeah.. too much to ask for right. Even the network isn't something you can trust a long-time customer of yours with.

So everything has been set up again now, and there are some things I would like to stress about hosting providers.

You don't own the hardware. While you do have root access, you don't have hardware access at all. Remember that therefore you can't store anything on it that you can't afford to lose, have stolen, or otherwise compromised. This is something I kept in mind when I made my servers. The edge nodes do nothing but reverse proxying the services from my LXC containers at home. Therefore the edge nodes could go down, while the worker nodes still kept running. All that was necessary was a new set of reverse proxies. On the other hand, if e.g. my Gitea server were to be hosted directly on those VPS's, losing that would've been devastating. All my configs, projects, mirrors and shit are hosted there.

Also remember that your hosting provider can terminate you at any time, for any reason. Server redundancy is not enough. If you can afford multiple redundant servers, get them at different hosting providers. I've looked at Aruba Cloud's Terms of Use and this is indeed something they were legally allowed to do. Any reason, any time, no notice. They covered all their bases. Make sure you do too, and hope that you'll never need it.

Oh, right - this is a rant - Aruba Cloud you are a bunch of assholes. Kindly take a 1Gbps DDoS attack up your ass in exchange for that termination without notice, will you?

Just spend the last 2 hours fixing the email server for sites which get next to no visits and no one uses the contact form.

It's Friday evening FFS I don't care if it's a 'Company Priority' I just want to go home.

Last night tried to use VLC to rip DVDs for my home media server.

All three failed in some manner! What a waste of time! Trying HandBrake today.

What kinda blockhead moron at my ISP decided that I require a new modem & router that is managed by THEM! I'm not really baffled by the privacy concerns but more about that I am unable to manage my home network. I literally cant open ports, manage ip adresses and do other shit I NEED FOR WORKING AT HOME.
I cant print!
I cant read mail!
I cant access my network drives!
My website is down!
Colleagues are asking why the Minecraft server is offline!
And using the new brick they gave me as a modem only, is not possible as there is no setting to be found to turn the router off!
And if I call their imbecile's of support they tell my that if they change a setting, that my phone will disconnect. (The phone line is also connected to the modem!) And right after the support guy said that and wanted to start explaing me further steps, his settings apply and I get kicked off the line. Bruh! You knew this would happen so why didnt you work around it?!?!?!!
Thing is, this new modem isnt even necessary as it doesnt use a different standard like fiber for example.
If I cant figure out how to get my stuff to work again, I swear to god I will turn on full Karen mode and ramble into their next store looking to get some manager fired!
(Ill post an update soon!)

Bought a new hard drive, it's great and all BUT WHY DIDN'T THEY INCLUDE A SATA CABLE!!??

now I have to order a SATA cable and wait 2/3 days -.- I just wanted to increase my home server storage...

Hey, looks like some employee of this hosting company failed to 750 his home directory and 640 the files...
I was SSHing around on our hosting account when I slipped into his home direcory where at least two(!) SSH public keys of his admin account for the server were readable!

Being an honest guy, I had to call them...
It's fixed now.

Planning a telegram bot + home web server, possibly using the Bluetooth to combine with an android and make a self driving go kart, but that seems a bit ambitious, especially considering most of the GPU acceleration isnt supported with Raspberry Pi.

I was reminded of people's posts about preferred text editors in another post, so I thought I'd do the same, but also add some super old technology that I used along the way.

The first text editor I consistently used was pico. I used it to write my first webpage at school.edu/~username. It was a natural choice, because the it was the default text editor in pine, which is what we would all use for our email after opening a serial connection to the college's Digital Unix server. Or if we were the lucky ones who had a computer in a wired dorm, telnet. My dorm was not wired until my sophomore year.

I got my first job in tech in 2001, working as a night shift tier-one support technician. By this time, most people were using web based email, or POP3, but I wanted to keep using pine (or elm, or mutt) because I was totally in love with the command line by this time, and had been playing with Linux for two or three years by now. I arranged a handshake deal with a guy in my home town who had a couple well-connected NetBSD servers, to let me have an account on one for email and web hosting (a relatively new idea at the time).

I recall telnetting into my shared hosting account from the HP-UX workstations we had in the control room. I would look at webpages on HTML conventions and standards, and I kept seeing references to this thing called vi. I looked into it more deeply, and found that it was a text editor, and was the reason I always had to CTRL-Z out of elm. I was already finding pico to be lacking, so I found a modern implementation of vi called vim that was already installed on the aforementioned NetBSD server, and read through vimtutor on it. I was hooked instantly. The modality massively appealed to me, and I found editing files to be an absolute delight, compared to pico, and its nascent open source offspring/successor, nano.

My position on that hasn't changed in the years that have passed since then.

What's your text editor origin story?

Started the year well :D
Making an app to view our home energy usage and output (solar panels).
Raspberry pi is connected to our energy meter and is used as a server.

But some of you may not like this...
The Pi is running Windows IOT :P

So, last night I came home from work and "Kung Fu Hustle" was on (cable). I watched it for like ten minutes and then turned it off. Didn't even think about it after.

Just a couple of hours ago I was on YouTube and a clip from that movie came up as a suggested video. On a browser where I'm not logged in. On a computer that's not mine. That is behind a proxy server. That is in a continent far away from me.

Am I crazy or that is actually Google doing that?

I am great at getting raspberry pi projects about 97% done...

But absolute shit at that last 3%.

Working on a home built WiFi repeater and deauther (front) and a 1TB SSD nextcloudpi server (back). Definitely outside my comfort zone, especially the first one. Despite having mad time on terminal, and SSH every day, I am very soft on this networking shit.

wpa_supplicant, though I do not now, I will come to understand your mysteries.

(long post is long)
This one is for the .net folks. After evaluating the technology top to bottom and even reimplementing several examples I commonly use for smoke testing new technology, I'm just going to call it:

Blazor is the next Silverlight.

It's just beyond the pale in terms of being architecturally flawed, and yet they're rushing it out as hard as possible to coincide with the .Net 5 rebranding silo extravaganza. We are officially entering round 3 of "sacrifice .Net on the altar of enterprise comfort." Get excited.

Since we've arrived here, I can only assume the Asp.net Ajax fiasco is far enough in the past that a new generation of devs doesn't recall its inherent catastrophic weaknesses. The architecture was this:

1. Create a component as a "WebUserControl"
2. Any time a bound DOM operation occurs from user interaction, send a payload back to the server
3. The server runs the code to process the event; it spits back more HTML

Some client-side js then dutifully updates the UI by unceremoniously stuffing the markup into an element's innerHTML property like so much sausage.

If you understand that, you've adequately understood how Blazor works. There's some optimization like signalR WebSockets for update streaming (the first and only time most blazor devs will ever use WebSockets, I even see developers claiming that they're "using SignalR, Idserver4, gRPC, etc." because the template seeds it for them. The hubris.), but that's the gist. The astute viewer will have noticed a few things here, including the disconnect between repaints, inability to blend update operations and transitions, and the potential for absolutely obliterative, connection-volatile, abusive transactional logic flying back and forth to the server. It's the bring out your dead approach to seeing how much of your IT budget is dedicated to paying for bandwidth and CPU time.

Blazor goes a step further in the server-side render scenario and sends every DOM event it binds to the server for processing. These include millisecond-scale events like scroll, which, at least according to GitHub issues, devs are quickly realizing requires debouncing, though they aren't quite sure how to accomplish that. Since this immediately becomes an issue with tickets saying things like, "scroll event crater server, Ugg need help! You said Blazorclub good. Ugg believe, Ugg wants reparations!" the team chooses a great answer to many problems for the wrong reasons:

gRPC

For those who aren't familiar, gRPC has a substantial amount of compression primarily courtesy of a rather excellent binary format developed by Google. Who needs the Quickie Mart, or indeed a sound markup delivery and view strategy when you can compress the shit out of the payload and ignore the problem. (Shhh, I hear you back there, no spoilers. What will happen when even that compression ceases to cut it, indeed). One might look at all this inductive-reasoning-as-development and ask themselves, "butwai?!" The reason is that the server-side story is just a way to buy time to flesh out the even more fundamentally broken browser-side story. To explain that, we need a little perspective.

The relationship between Microsoft and it's enterprise customers is your typical mutually abusive co-dependent relationship. Microsoft goes through phases of tacit disinterest, where it virtually ignores them. And rightly so, the enterprise customers tend to be weaksauce, mono-platform, mono-language types who come to work, collect a paycheck, and go home. They want to suckle on the teat of the vendor that enables them to get a plug and play experience for delivering their internal systems.

And that's fine. But it's also dull; it's the spouse that lets themselves go, it's the girlfriend in the distracted boyfriend meme. Those aren't the people who keep your platform relevant and competitive. For Microsoft, that crowd has always been the exploratory end of the developer community: alt.net, and more recently, the dotnet core community (StackOverflow 2020's most loved platform, for the haters). Alt.net seeded every competitive advantage the dotnet ecosystem has, and dotnet core capitalized on. Like DI? You're welcome. Are you enjoying MVC? Your gratitude is understood. Cool serializers, gRPC/protobuff, 1st class APIs, metadata-driven clients, code generation, micro ORMs, etc., etc., et al. Dear enterpriseur, you are fucking welcome.

Anyways, b2blazor. So, the front end (Blazor WebAssembly) story begins with the average enterprise FOMO. When enterprises get FOMO, they start to Karen/Kevin super hard, slinging around money, privilege, premiere support tickets, etc. until Microsoft, the distracted boyfriend, eventually turns back and says, "sorry babe, wut was that?" You know, shit like managers unironically looking at cloud reps and demanding to know if "you can handle our load!" Meanwhile, any actual engineer hides under the table facepalming and trying not to die from embarrassment.

My colleague and I have been trying to setup a VPN server for devs who wanted to work from home. We asked our sysadmin (who's in another office in another country) to try connecting to the server. She replied after a while that she was unable to connect. We then asked her what port she tried connecting on and she replied, "No, I didn't use any port. I am connecting directly using the hostname".

Ransomware has the effect to destroying data and my will to live.

I come in to work yesterday to see everyone panicking. We got hit by WannaCry. The boss is with IT dealing with it and sends all of us home. No biggie, since all of my work data is backed up on an offsite server.

I come back into work to still see everyone in a frenzy. I think they are still overreacting to the attack, so I go to my corner in the office. I boot up to see the Ubuntu logo, which is a huge problem, not for me of course, but for everyone else who can barely work Windows. I barge in on my boss and ask him why the fuck is Ubuntu on the PC's.

He replies, "I looked it up, Linux is not affected by viruses".

What the fuck is wrong with people? After I tell him to revert back to Windows because he's being a fucking retard, he goes ahead to send all of us home.

I can only hope he doesn't install Zorin or Elementary because I will quit.

I actually never felt the need to scream at a co-worker so let's talk about that time a co-worker screamed at me instead.

tl;dr : some asshole boss screamed and threatened me because someone else's project was shit and didn't work.

Context: I was in my third year of school internship (graded) and my experience is C, C++, C#, Python all in systems programming, no web.

I was working as an intern for a shit company that was selling a shit software to hospitals (though not medically critical, thank God) the only tech guy on site was the DBA (cool guy) the product was maintained by a single dev in VB from his house, the dude never showed up to work (you'll understand why) and an other intern who couldn't dev shit.

I was working with the DBA on an software making statistical analysis from DB exports, worked nice, no problems here if we forget the lack of specs or boundaries (except must work in ieShit).

The other intern was working on something else (don't ask me what it is) I just remember it was in GWT before the community revived it. His webapp was requesting the company http server for a file instead of having one of it's java servlet to fetch it (both apps ran on sane server) which caused a lot of shit especially CORS error. That guy left (end of contract) and leaves his shit as is, boss asked me to deploy the app, I fiddle with it to see if it works and when I find out it doesn't then that asshole starts screaming at me in front of every other employee present, starts threatening to burn me in the tech world and have me thrown out of my school for no goddamn reason than the other dude's project doesn't work.

After the screaming I leave and warn my school immediately.

I guess that's why the other dev never came to work.

I had three weeks of internship left, that I did from home and worked probably less than 2 hours a day so suck it asshole.

Still had a good grade because I was reviewed by the DBA and he was happy with the work I did.

It was only later that I realized that what he did was categorizing as harassment (at least in France) and decided that never again this would happen without a response from my lawyer.

Client contacts our company that his site is down, we do some investigating and the only way we can access the site is on a mobile phone. From the office computers the site never loads and times out. Since we don't host the site and I've never logged into it before I don't have a lot of details so I suggest they contact whoever hosts their site. This is where things get weird.

Client tells me that the site is hosted on someone's home server. I tell him that this is quite strange in 2018 and rather unlikely and ask if he was ever given access to the site to log in or if he has access to his domain registration, GoDaddy.

He says he doesn't understand any of this and would rather I just contact his current developer and figure it out with him. We agree that he needs to get access to his site so we are going to migrate it once I get access to it.

I email his current developer letting him know the client has put me in contact with him to troubleshoot the issues with the site. I ask him some standard questions like: where is the site hosted? Can you access it from a computer? Do you have some security measures in place to block certain IP ranges? Can you give me from access to get the files? Will you send me a backup of the site for me to load up on my server?

*2days pass*

Other dev: Tell me the account number and I'll transfer the domain.

Me: I'll have to get back to you on that once I talk to the client and set up his GoDaddy account since we believe the business owner should own their domain, not their developers. In the meantime you didn't answer any of the questions I asked. Transferring the domain won't get the site on my server so I still need the files.

*3 days pass*

OD: You are trying the wrong domain. The correct domain is [redacted].com I'll have my daughter send you the files when she gets in town. We will transfer the domain to you, the client will forget to pay and the site will go down and it'll be your fault.

Me: I appreciate your advice, but the client will own their domain. I'm trying to get the site online and you have no answered any of my questions. It's been a week now and you have not transferred the domain, you have not provided a copy of the site, you have not told me where the site is hosted. The client and I are both getting impatient at this point when will we receive a backup of the site and the transfer of the domain?

OD: Go fuck yourself, tell the client they can sue me.

If the client is that terrible, wouldn't you want to hand them off to anyone willing to take them? I have never understood why developers and agencies try to hold clients hostage by keeping their domain or website and refusing access. From what I can tell this is a freelance developer without a real company so a legal battle likely isn't going to go well since the domain is worthless to him as the copyright to the name is owned by the client. This isn't the first time we've had to help clients through this sort of thing.

Hi everyone,
I got an hardware question. Im planning on getting a personal home server. I want to use it as a small gitlab server, continues integration, and the like for personal projects.
It has to be power efficient otherwise my dad will start crying.
I want it to be relatively cheap and running linux.
Ive got no clue what the best thing todo is. Should I get a prebuild one or build one myself.
For prebuild ones, what brands should I look at?
For a custom built what hardware do you recommend me?

At the age of 10 I got interest in ''changing computer'' things. I started to watch over the shoulder (I don't know if you can say that in English ¯\_(ツ)_/¯ ) of my dad. He programmed I2C and other microcontroller.
I started with little batch files and Visual Basic. I think we all know the ''Virus'' with shutdown 😂
At school in the computer lesson we learned a few other languages. I was the only one who learned these languages at home too. The biggest problem is that you think ''I learn at school and at home I can play games''.
Some day I started to learn PHP and Java at home. I came to Java with Minecraft. Yes, Minecraft. You can learn so many things (like the structure of a network packages from the server) and you can visualize everything with blocks.
Since the professional colleague we learn C# and Python which I use in some projects at home too, for example for the rasperrypi.
Now I'm 17 and I can C#, Visual Basic, PHP, JS, Python, JS and HTML

Our school had for an open source way of dealing with home schooling and managing the school network and so on.

Now the government forced a "proprietary" system on our school and everyone hates it. The teachers didn't want it the pupils didn't want it but who cares "what we do is the best".

Btw the proprietary system costs a fuck load of money even though they just mixed many open source projects and made it their own proprietary thing.
And this company now get's loads of money for their shitty system that never really worked once since we got it.

They blocked so many ip's that we can't even access google and it's services on the school wifi and the bandwith dropped severely with the new system.

Oh and many random ip's e.g. one of my vps is accessible but the other one not.
Discord is blocked.
Web whatsapp.
And so on...

Now....

I need to learn for tests next week and need to access that stuff on the portal but...

Now they decided to switch the LDAP server to the new system and since a few hours i can't access this fucking thing.

It seems like the platform now contacts the new server which isn't even up and running....

Never change a fucking running system....

Oh and we got smart boards and it runs on android and they didn't block adb. Now i installed clash of clans on one of those things. Haha whoops.
These boards cost 7000€ and have security patches from 2 years ago....and Android 8

Accidentally dragged-n-dropped a very important folder into some other folder because of some hiccup when hovering in an Explorer window using remote desktop against our production server. Then left for home. Gotta love GUIs...

I've been trying to get my job to start using Git cause they currently don't use any version control. So today I told my supervisor that I was going to set us up our server so we can host our own repositories and he was like no need we will just set your computer up so you can vpn in from home. I'm like wtf? why go through so much trouble to set that up? That still doesn't solve the problem of accidental file overwriting.-_-

Todays story: conversation between me and my brain about a app that i have planned for a long while.

The application is just a huge, specyfic json editor/manager for a game that i like. The game uses json files to determine unit charactetistics. So in order to make modding easier i want to make a tool for that that is fancier and easier to use than a notepad.

Brain> Lets make a app that allows you to mod the game easier!
Me> Good idea. How would you want to make it?
Brain> Lets use C# cause you main that lang currently and you have experience with json parser lib.
Me> That is true. So what do you wanna implement first?
Brain> Oh. I have thought about it before! I want to implement: (10 000 features) and maybe few more later!
Me> It sounds like a infinity project, shouldnt you implement like 1 or 2 features at first and then jump to other ones?
Brain> Yes... but i dont wanna refactor those features latter so let just implement them all at once!
Me> Dammit brain! Let just implement just one feature now! Like a simple json editor. You can use inhieritance to reuse the code later.
Brain> Ok...
* Starts with that one feature but one day later starts coding 6 more *
* Cant publish the app yet, the code looks like shit, gui is unfinished because brain wanted only to test those 6 unfinished features without propely implementing them *
Me> Brain WTF! You said that you are going to focus on one feature at the time!
Brain> I got carried a bit...
Me> ...
Me> Ok. I understand. Let just refactor the code and clean the project out of those unfinished features.
Brain> No. I have a depression now...
Me> FUCK.

* 2 month passes by without any progress on ANY of my projects*

current day

Brain> I still have depression...
Me> Ok i dont care about that anymore! Tell me something that i dont know!
Brain> Oh I have good news as well!
Me> ???
Brain> What about the home server that is going to store all mods made by the users so they can share it? It would be a good practice with networking!
Me> * Gives up *

Warning: This contains spoilers for Silicon Valley S4 E10:
.
.
.
.
.
.
.
.
.
.
.
.
.
At 5:35 Gilfoyle says: "In order to hold that much data we would have to go RAID 0. [...] If we lose even one platter, we lose Melcher's data. Permanently."
But my question is: Why use RAID at all? Just storing the data without RAID would reduce the complexity, and if one disk fails, only the data on that one disk is lost. Also, I doubt speed is a priority at that point, since the whole thing is running on a home broadband connection, which something like a WD Gold data-center-harddrive (200+ MB/s) can easily max out.

Also, wouldn't it be easier to pay the broadband bill out of their own pocket, instead of moving tons of server equipment to Stanford?

telco sysadmin: hey maybe we should secure our SMTP server with SSL and password verification so our clients can e-mail safely!
senior exec be like: nah just filter incoming connections for our own IP-range, that'll do.

result: I can impersonate any client of the telco and send e-mail in their name (from any home network connected to that provider), but I can't send e-mail over cellular network.

Since I am running a home server and want to be updated on what the stats are, I did create a webpage where I can get the "renewed" information via ajax (not with jQuery) in every 5 seconds. The thing is that I don't get the "new" information. It's still the old information that keeps reshown in the div.
I checked the server.php file. It keeps getting regenerated. Since, that is the case, it isn't the server to blame. But more likely the client.php is the one that is causing problems. May someone know how to deal with that?

Me: Runs Dedicated Server from home, cheap easier to admin and easy to keep up with upgrades and hardware for my needs.

UKWeather: HA ya I given you 3 good years of OK weather so now you have some super hot weather as I know your brits have no AC haha.

Me: Well darn (alt F4, shutdown - reason: Two Hot )

Time to drill holes move cables and relocate the server to a more cooler place in the home :P

More of a rave than a rant.

My Dad was having some trouble with a game disconnecting on the PS4 and he read somewhere that it might be a problem with our home router. I didn't think it would be, as every other game works fine. But there was no talking him out of it. And to be fair the current router WAS kind of old.

So I have a look at the one he's decided to buy and it's some massive triple-antenna beast for well over a hundred pounds. I felt like such a weapon might be overkill for 2 people in a house, but did say that it would definitely help with connection issues in some rooms and I kind of wanted to play with it.

So he got it and oh am I glad he did. It has so many fun toys, including a built in VPN. Right now I live abroad so there's a few services I used at home that I can't access, I was literally just considering buying a vpn the other day. I found this while setting up port-fortwarding for my Raspberry Pi to run a discord bot I'm building. I had condisered putting a VPN server on the Pi but this works too!

It also has built in DDNS from ASUS, which IS cool, but our IP hasn't changed in years so I'm not sure we'll need it. I set it up anyway just in case though!

Teamviewer is a piece of shit. I use it to connect to my PRIVATELY OWNED server because it's not located on my lan and I have no other way like VPN. Today teamviewer showed me a suspected commercial use and disconnects all connections after 1 minute and blocks connecting to it for 10. I also use it to connect to my synology nas when I'm not home. The teamviewer support is only for paying customers so you can't even contact them. Why the fuck do I have to pay to get something resolved they screwed up? I know I can be glad that teamviewer is offering a free service but when they offer something for free they should at least get their stuff working.

Recently made a sub 750 euro in home server with raid 1, to back up all pc's laptops and smartphones in the house to. Never been better!

Using a simple little daily backup tool on all pc's, and another app to sync 2 way to my phone, i was able to have all my data safe on that home server.

It even allows me to edit content on my phone which will sync overnight, because of the way usb access is shit on android since.. 5.0?

I am loving it! Worth every penny and week of setup effort.

TLDR: There's some days where the Gods of IT are not with you. Just lost a whole day of work.

So this morning, we (me and my team) big performance issues with our web app. Lot's of requests time out, big latency, etc

Try to ssh to VPS, latency of 10 seconds between user input and output.

Usual checks: RAM ok, Proc ok, hard drive ok, reboot server (20 minutes), update/upgrade

We decide to call OVH. After 15 minutes call, we try to reboot in rescue mode. Reboot fails at 60% + everything freezes.

After an hour, OVH opens an incident ticket on +200 vps instances (including mine) everything is down during +1h

Finally everything is okay ! Even had time to migrate my new database schema.

Still, quick heavy on the mind but feels good to go home with everything working out correctly

Since few days I’m sick. Literally, I look like shit and feel even worse. Some combo disease with fever, diarrhea and things like that. And despite that, I tried to work from home today. And surprisingly - I’ve made everything I planned to do: 100% PHP multi process server, which sends push messages via GCM and APN, emails and SMS (using different operators API and talking AT commands directly to modems). I’m a bit proud of myself. And now I feel like I’m dying, so it’s time to get some pills and take a looong nap ;)

Linux software RAID and LVM are pretty powerful.

Bought a new server case for my home file server / VM host. 3U with 16 hotswap bays. Had 2x software RAID1 mirrors already with everything on them. Inserted 2 new disks with system running. Created new RAID10 array using these, with their mirrors as "missing".

Created new physical volume. Extended volume group into it, then used pvmove to transfer every logical volume across. Shrunk volume group to no longer use the old RAID1 array, disassembled that array, added its disks to the new array... Now just waiting for the mirror disks to sync up.

All this, with the system and several VMs still running.

And with a backup, of course ;)

Going back home for the holidays means becoming tech support for pretty much the whole family, unluckly.

As soon as I enter my grandparent's home, my grandpa says "Could you print some emails?". I open his laptop, and I start sweating as soon as I see the Windows XP logo popping up. He (obviously) doesn't remember his password, and the only way to access his (mostly defunct) web mail service is Outlook 2003. For some reason, the web mail provider's POP3 server dies, and i spend half an hour trying to explain it. I ended up leaving with him saying "Why are you even going to a computer engineering university."

Ah, family.

I was setting up a small home server running CentOS to my closet and was fighting with a USB Wifi adapter that wouldn't stay "awake". Googled the error messages and nothing...

Decided to about it on the CentOS forums and mentioned (MENTIONED, WASNT THE POINT) CWP (CentOS WebPanel) in my question, an admin came, COMMENTED A LINK TO A FORUM POST THAT TOLD "CWP IS NO WAY LINKED TO CENTOS" AND CLOSED THE QUESTION!
FUUUCKKKKK, i wanted to hit something sooo hard. The admin basically turned my point from A to X.

I was a c# - sql server dev in every other project I was in.. now in this new project I'm doing only sql server, checking on procedures and data, to calculate risk indicators for financial instruments. I'm away from home 5/7 days a week 😭 I miss C# . I'm so sad 😭 😭

Any other Screeps players here?

for the people running into a "Screeps is not defined":
Screeps is a MMO RTS where you code your "army" to do stuff in Javascript (a la NodeJS).
Code how your harvesters should behave, how your soldiers should behave, how your builders should behave etc. etc.

So far, it is quite a fun game, tho my (Intel Nehalem based) laptop has issues handling it (thanks to a awfully slow GPU...) so it's difficult to play for me at the moment (I'm on holiday, my home PC is a LOT faster).
It costs about 15 euro on steam, and if you're into this stuff, it's well worth it.
Just make sure you finish the tutorial first... I didn't and I regretted it when I bought the game (it's a huge pain in the buttocks to get started if you don't understand the API and such).

Currently just playing on my own localhosted private server to discover how the game works and such, but will be setting up a public server later down the road to play with others.
Tho it would be nice if Screeps would allow for "team-based" gameplay as well so it'll be slightly harder for early players to bully the newer ones.

Fuck XCode! -
Yesterday I had the stupid idea to rename an icon file. Checked that XCode was building the application still fine. Ran it over the build server: Failed, complaining about the old missing icon file! Checked again and again, but there was no friggin' reference to the old file in the whole repo.
Log in to the machine clear the build folder and try to build the component again. Bang still same error and the references to no longer existing files reappear.
Turns out XCode was caching those references somewhere in the home directory as "DerivedData" and after deleting those, I could build again... but why on earth are you building a cache if you cannot properly invalidate it? Just to waste our time?
(@xcodesucks)

Global variables destroyed my day

Of course you can call me a bad programmer and all. When you have the idea, sometimes globals make it seem easy, accessible and "saving resources". They are devils.

The app was connected to a suite of applications. So I ended up silently destroying it neighbors. I committed and pushed the shit. Just when the testers made their weed high smoke tests, a server stopped working.

I got an email that boss wanted the latest version, I reverted the wrong branch, which had code unrelated to its name, pushed shit again and voila.

I went to the bathroom and laughed. I had to take a smoke. I'm still laughing while typing this. The damage is too much and I can't help it. I'll go home, leave this pc on and work remotely through the night. It might be the hysterics speaking now, but I messed up, and I need magic by friday morning.

So my first dev job has ended up as fucking dat entry after one of the contractors got bored and left.

I’m an SQL Developer (at least that is my job title) and all I do is fuck around with exchange rates in spreadsheets.

The only “proper” development work they gave me hasn’t even been applied to the test server yet (should have been done over a month ago)

And the project they gave me to look into migrating from sourcesafe to GitLab has ground to a halt.

I’ve been here 4 months and I want to quit already, that must be a record (for me at least)

I was keen an full of energy, willing to do some work from home etc. But a little piece of me dies every time i open Excel