The state of the web in 2020:
discussion sites as a medium are dying. chalk that up to censorship.

reddit is an echochamber. twitter is mostly a marketing platform disguised as (anti)social media. instagram is a self promotion/wannabe eceleb site, and youtube is the new hollywood..quickly becoming irrelevant.

facebook is where I (dont) go to (totally not) ignore all the people important to me.

and email is where I go to send letters bordering on hatespeech to my various local and federal "representatives", in between borderline cyberbullying people stupid enough not to automate their spam marketing in 2020. or talking to left/right self-help grifters about the state of society.

in the grim dark future of 2020, the last bastion of intelligent conversation, free speech, and civility, the one shining icon of hope in a dark world..
is the comment section of pornhub videos where a women got stuck under a bed for the 50,000th time. And all I can think is "wow I never knew how easy it was to get trapped under a bed. They should look into fixing this safety hazard."

newsmedia has jumped so many sharks, the fonz now spins in his grave so fast we could hook him up to a generator. meanwhile people hide in their homes for a disease so deadly you have to be tested to know if you even have it.

while ever more car commercials
are released, set to somber but hopeful piano music to the tune of "in this time of social distancing its important to stay close even when we're apart."

Im beginning to think media has become a poison on society, both television and the internet, and like an ersatz cargo cultist worshipping the great-charles- manson-in-the-sky we should all take a page from the unabomber and smash our televisions with hammers before going outside and sawing down the telephone polls.

I jest of course. But there is no denying the inherent appeal of moving from the unsettling uncertainty of complex societies, driven by expertly manipulated fear cycles, to the beatitude-esque simplicty of pastoral protestant style living, sans witch burning and shoe buckles.

And against the reckoning of utopians who are still fresh from the womb as it were, wet behind the ears and smelling of their mother's pussy, I reject the notion that "up" is a synonym for "forward."
Were it the case, every drinking binge, followed by throwing up, would bring us, with each vomitting, one step closer to heaven. Rather the state of affairs is what it is, and what it is, like most of nature, is a cruel master and a harsh teacher. And while we may binge on digital delusions of grandeur and a greater society, rest easy in the nihilistic and sobering thought that we are little more than 200,000 year old cave men wielding magic bricks, and atomic bombs.

..where water flows more readily from metal tubes in our houses than it does from the nile. where food comes to our door at little more than our beck and call.
where we may bath, and sleep, and *shit*, cleanly, comfortably, and safely, wrapped in the (failing) bubble of delusion we all tenaciously grasp collectively, the thing we call "civilization".

an empire of needful things, wanton and fragile.

if we have not gone mad from boredom, I have no doubt we one day will.

it becomes more and more obvious to me every day, had war never existed, it would have been necessary for man to invent it just to have something to do, that didnt include farming, fucking, or building.

And so enters "political idealogy."

How would we ever have enemies if we were allowed to speak our piece instead of being given the means (and reflex dogwhistle training) to silence and destroy one another?

give a man a gun, he'll rob a bank. give a man a bank, he'll rob the world.
give him a media empire or a tech platform, and he'll lie about the theft and convince one half of millions of lemmings to hate all the other lemmings.

Right, I've been here before.
Our app requires an internet connection, and one of our clients wants to roll it out on a strictly managed network.
We told them which addresses our app communicates with and their network team opened them up for traffic. Should work, right?
Nope, doesn't work.

So I request them to use Fiddler to do some debugging of the network traffic, and lo and behold, it does work when Fiddler is active.
One important detail is that Fiddler uses it's own SSL certificate to debug HTTPS communications. I've had moments where expired certificates were the cause of things not working and running Fiddler "fixes" this because of their own certificate.

So I point this out in numerous mails to their network team, every time I get a response saying "nah, that can't be it".
I keep insisting "I have had this before, please check if any installed Root CA Certificates is expired"
At this point I'm certain they have updates turned off on these machines, and their certificates must not have been updated for a long time.

At one point they come back to me. "Hey, when Fiddler is off, WireShark shows the app communicating with ICMP calls, but when it's on it shows HTTP calls instead".

...YOU'RE THE SUPPOSED NETWORK EXPERTS?! You think data can be send via ICMP? Do you even know what ICMP is? Of course you'll see ICMP calls when the network is rejecting the packages instead of HTTP calls when everything's fine.
(ICMP is used to communicate errors)

I'm trying to keep my patience with these guys until they find exactly what's wrong because even I am somewhat grasping at straws right now. But things like this makes me doubt their expertise...

A few days ago Aruba Cloud terminated my VPS's without notice (shortly after my previous rant about email spam). The reason behind it is rather mundane - while slightly tipsy I wanted to send some traffic back to those Chinese smtp-shop assholes.

Around half an hour later I found that e1.nixmagic.com had lost its network link. I logged into the admin panel at Aruba and connected to the recovery console. In the kernel log there was a mention of the main network link being unresponsive. Apparently Aruba Cloud's automated systems had cut it off.

Shortly afterwards I got an email about the suspension, requested that I get back to them within 72 hours.. despite the email being from a noreply address. Big brain right there.

Now one server wasn't yet a reason to consider this a major outage. I did have 3 edge nodes, all of which had equal duties and importance in the network. However an hour later I found that Aruba had also shut down the other 2 instances, despite those doing nothing wrong. Another hour later I found my account limited, unable to login to the admin panel. Oh and did I mention that for anything in that admin panel, you have to login to the customer area first? And that the account ID used to login there is more secure than the password? Yeah their password security is that good. Normally my passwords would be 64 random characters.. not there.

So with all my servers now gone, I immediately considered it an emergency. Aruba's employees had already left the office, and wouldn't get back to me until the next day (on-call be damned I guess?). So I had to immediately pull an all-nighter and deploy new servers elsewhere and move my DNS records to those ASAP. For that I chose Hetzner.

Now at Hetzner I was actually very pleasantly surprised at just how clean the interface was, how it puts the project front and center in everything, and just tells you "this is what this is and what it does", nothing else. Despite being a sysadmin myself, I find the hosting part of it insignificant. The project - the application that is to be hosted - that's what's important. Administration of a datacenter on the other hand is background stuff. Aruba's interface is very cluttered, on Hetzner it's super clean. Night and day difference.

Oh and the specs are better for the same price, the password security is actually decent, and the servers are already up despite me not having paid for anything yet. That's incredible if you ask me.. they actually trust a new customer to pay the bills afterwards. How about you Aruba Cloud? Oh yeah.. too much to ask for right. Even the network isn't something you can trust a long-time customer of yours with.

So everything has been set up again now, and there are some things I would like to stress about hosting providers.

You don't own the hardware. While you do have root access, you don't have hardware access at all. Remember that therefore you can't store anything on it that you can't afford to lose, have stolen, or otherwise compromised. This is something I kept in mind when I made my servers. The edge nodes do nothing but reverse proxying the services from my LXC containers at home. Therefore the edge nodes could go down, while the worker nodes still kept running. All that was necessary was a new set of reverse proxies. On the other hand, if e.g. my Gitea server were to be hosted directly on those VPS's, losing that would've been devastating. All my configs, projects, mirrors and shit are hosted there.

Also remember that your hosting provider can terminate you at any time, for any reason. Server redundancy is not enough. If you can afford multiple redundant servers, get them at different hosting providers. I've looked at Aruba Cloud's Terms of Use and this is indeed something they were legally allowed to do. Any reason, any time, no notice. They covered all their bases. Make sure you do too, and hope that you'll never need it.

Oh, right - this is a rant - Aruba Cloud you are a bunch of assholes. Kindly take a 1Gbps DDoS attack up your ass in exchange for that termination without notice, will you?

Oh boy, this is gonna be good:

TL;DR: Digital bailiffs are vulnerable as fuck

So, apparently some debt has come back haunting me, it's a somewhat hefty clai and for the average employee this means a lot, it means a lot to me as well but currently things are looking better so i can pay it jsut like that. However, and this is where it's gonna get good:

The Bailiff sent their first contact by mail, on my company address instead of my personal one (its's important since the debt is on a personal record, not company's) but okay, whatever. So they send me a copy of their court appeal, claiming that "according to our data, you are debtor of this debt". with a URL to their portal with a USERNAME and a PASSWORD in cleartext to the message.
Okay, i thought we were passed sending creds in plaintext to people and use tokenized URL's for initiating a login (siilar to email verification links) but okay! Let's pretend we're a dumbfuck average joe sweating already from the bailiff claims and sweating already by attempting to use the computer for something useful instead of just social media junk, vidya and porn.

So i click on the link (of course with noscript and network graph enabled and general security precautions) and UHOH, already a first red flag: The link redirects to a plain http site with NOT username and password: But other fields called OGM and dossiernumer AND it requires you to fill in your age???
Filling in the received username and password obviously does not work and when inspecting the page... oh boy!

This is a clusterfuck of javascript files that do horrible things, i'm no expert in frontend but nothing from the homebrewn stuff i inspect seems to be proper coding... Okay... Anyways, we keep pretending we're dumbasses and let's move on.

I ask for the seemingly "new" credentials and i receive new credentials again, no tokenized URL. okay.

Now Once i log in i get a horrible looking screen still made in the 90's or early 2000's which just contains: the claimaint, a pie chart in big red for amount unpaid, a box which allows you to write an - i suspect unsanitized - text block input field and... NO DATA! The bailiff STILL cannot show what the documents are as evidence for the claim!

Now we stop being the pretending dumbassery and inspect what's going on: A 'customer portal' that does not redirect to a secure webpage, credentials in plaintext and not even working, and the portal seems to have various calls to various domains i hardly seem to think they can be associated with bailiff operations, but more marketing and such... The portal does not show any of the - required by law - data supporting the claim, and it contains nothing in the user interface showing as such.
The portal is being developed by some company claiming to be "specialized in bailiff software" and oh boy oh boy..they're fucked because...

The GDPR requirements.. .they comply to none of them. And there is no way to request support nor to file a complaint nor to request access to the actual data. No DPO, no dedicated email addresses, nothing.

But this is really the ham: The amount on their portal as claimed debt is completely different from the one they came for today, for the sae benefactor! In Belgium, this is considered illegal and is reason enough to completely make the claim void. the siple reason is that it's unjust for the debtor to assess which amount he has to pay, and obviously bailiffs want to make the people pay the highest amount.

So, i sent the bailiff a business proposal to hire me as an expert to tackle these issues and even sent him a commercial bonus of a reduction of my consultancy fees with the amount of the bailiff claim! Not being sneery or angry, but a polite constructive proposal (which will be entirely to my benefit)

So, basically what i want to say is, when life gives you lemons, use your brain and start making lemonade, and with the rest create fertilizer and whatnot and sent it to the lemonthrower, and make him drink it and tell to you it was "yummy yummy i got my own lemons in my tummy"

So, instead of ranting and being angry and such... i simply sent an email to the bailiff, pointing out various issues (the ones

I have a huge deadline coming up. It's important for the future of the project that we show a mostly complete version of the product to the client that day.

They ask if I can do it. I say yes, but it will be very taxing. And by taxing, I mean it's going to use up the remaining energy and motivation I have for anything. And I've made that clear to everyone.

Coworker:
Here's an unrelated task that will take 6.75 hours of your day and I will hound the boss until he makes you do it. And I am going to send you messages after work that foreshadow another day of doing things that aren't deadline related.

So when deadline day comes around and I have to present something that has two work days of work missing, they're going to look at me like I failed. And not that I had two of my days stolen from me doing miscellaneous chores that could have waited.

An intern made a very bad impression on the first day.

This was before I become a developer. I was working in commercial art sales. One day, I had an appointment to onboard two new interns together.

Intern 1 shows up and I ask her for her signed confidentiality agreement. The boss had sent it out a week before and told me the interns were bringing the signed paperwork on their first day. I see the surprised look on her face and she says she forgot. She’s lucky I had access to another copy. If I didn’t, things could have gotten pretty awkward if I had to contact my boss, who was out of office. If there’s no signed agreement, I can’t onboard her and I’d have to send her home. The appointment was made with intern 1’s availability in mind, so intern 1 could have spent her time coming to the office for nothing and being turned away because of a stupid mistake she made.

While we wait for intern 2 to arrive, I try to engage in small talk with intern 1. I try to get to know her a little better and I ask “are you still in college/university?” She word vomits that she thought she had graduated, but six months later she hadn’t received her diploma and she called the school and they told her her pre-college credits had not transferred, so she’s finishing those credits now.

Oh, intern, you should have just simplified all this to “I’m finishing up my degree” or “yes, I’m still in college.” This is TMI. You don’t want to give out information about yourself that could put you in a bad light. You need to know to be discreet about yourself. You’re 22 years old. It’s really bad judgement to say this to your supervisor (me) and we’ve only known each other for ten minutes. I’m not your friend, I’m your supervisor. Honestly, I thought the explanation didn’t make sense because she would have found out about the credits when she tried to transfer them and when she applied for graduation. I didn’t prod for more details.

I did have to tell my boss about intern 1 forgetting the paperwork. It’s not something the intern would be reprimanded for, but it is something that’s not a good sign. The paperwork had been sent by the boss a week prior. It’s troublesome that an intern would forget to complete an important task that was sent by the boss. This was never a problem with prior interns.

Boss did freak out because boss thought I onboarded intern 1 without intern agreeing to the confidentiality agreement. Boss hadn’t considered an intern would forget the paperwork and didn’t tell me what to do if this did happen. I reassured boss that I had printed a new copy and had intern 1 sign the agreement.

I didn’t say anything about the word vomit. The content was troubling, but I was concerned this would be gossip and I wasn’t out to sabotage the intern.

Forgetting the paperwork and the word vomit were signs the intern wasn’t reliable. Intern had trouble taking direction even when it was written down. She’d do stupid things like invite her boyfriend to the office for hours and let BF sit at the boss’s desk—boss caught her and boss’s office is visible from our public viewing floor, so visitor did see this too. I suspected she might have an diagnosed learning disability.

In the end, intern didn’t ask for a reference letter. Boss said that if intern asked for one in the future, the answer would be no.

Intern 1 is the reason why I don’t want to be in change of interns ever again even though I’m not in art sales anymore.

Storytime!

(I just posted this in a shorter form as a comment but wanted to write it as a post too)

TL;DR, smarts are important, but so is how you work.

My first 'real' job was a lucky break in the .com era working tech support. This was pretty high end / professional / well respected and really well paid work.

I've never been a super fast learner, I was HORRIBLE in school. I was not a good student until I was ~40 (and then I loved it, but no longer have the time :( )

At work I really felt like so many folks around me did a better job / knew more than me. And straight up I know that was true. I was competent, but I was not the best by far.

However .... when things got ugly, I got assigned to the big cases. Particularly when I transferred to a group that dealt with some fancy smancy networking equipment.

The reason I was assigned? Engineering (another department) asked I be assigned. Even when it would take me a while to pickup the case and catch up on what was going on, they wanted the super smart tech support guys off the case, and me on it.

At first this was a bit perplexing as this engineering team were some ultra smart guys, custom chip designers, great education, and guys you could almost see were running a mental simulation of the chip as you described what you observed on the network...

What was also amusing was how ego-less these guys seemed to be (I don't pretend to know if they really were). I knew for a fact that recruiting teams tried to recruit some of these guys for years from other companies before they'd jump ship from one company to the next ... and yet when I met them in person it was like some random meeting on the street (there's a whole other story there that I wish I understood more about Indian Americans (many of them) and American engineers treat status / behave).

I eventually figured out that the reason I was assigned / requested was simple:

1. Support management couldn't refuse, in fact several valley managers very much didn't like me / did not want to give me those cases .... but nobody could refuse the almighty ASIC engineers. No joke, ASIC engineers requests were all but handed down on stone tablets and smote any idols you might have.

2. The engineers trusted me. It was that simple.

They liked to read my notes before going into a meeting / high pressure conference call. I could tell from talking to them on the phone (I was remote) if their mental model was seizing up, or if they just wanted more data, and we could have quick and effective conversations before meetings ;)

I always qualified my answers. If I didn't know I said so (this was HUGE) and I would go find out. In fact my notes often included a list of unknowns (I knew they'd ask), and a list of questions I had sent to / pending for the customer.

The super smart tech support guys, they had egos, didn't want to say they didn't know, and they'd send eng down the rabbit hole. Truth be told most of what the smarter than me tech support guy's knew was memorization. I don't want to sound like I'm knocking that because for the most part memorization would quickly solve a good chunk of tech support calls for sure... no question those guys solved problems. I wish I was able to memorize like those guys.

But memorization did NOT help anyone solve off the wall bugs, sort of emergent behavior, recognize patterns (network traffic and bugs all have patterns / smells). Memorization also wouldn't lead you to the right path to finding ANYTHING new / new methods to find things that you don't anticipate.

In fact relying on memorization like some support folks did meant that they often assumed that if bit 1 was on... they couldn't imagine what would happen if that didn't work, even if they saw a problem where ... bro obviously bit 1 is on but that thing ain't happening, that means A, B, C.

Being careful, asking questions, making lists of what you know / don't know, iterating LOGICALLY (for the love of god change one thing at a time). That's how you solved big problems I found.

Sometimes your skills aren't super smarts, super flashy code, sometimes, knowing every method off the top of your head, sometimes you can excel just being more careful, thinking different.

- have/share an agenda as soon as possible
- each talking point should identify a problem. Make a list of strategic questions answers to which would make it perfectly clear what and by whom has to be done to resolve them.
- plan meeting duration according to the list of questions. Make sure you meeting room reservation gives you enough time
- take notes
- be prepared for a need for another meeting(s), if during that meeting it comes clear that:
> more/other people need to be engaged
> some things are not clear and need more investigation before going further
> you have run out of time
> there are other problems tgat need to be worked out and it might cobsume too much time to do this in a current meeting
- do not turn the meeting into a chat. It's counter-productive, tiring to the listeners and a waste of time
- do not try to cover many topics. The less, the better. Unless they are very tightly coupled.
- do not invite people you do not need or there is a very slim chance you will need.
- only schedule meetings when the situation needs to be DISCUSSED among multiple parties
- that being said, do not schedule meetings when it's more convenient to communicate otherwise, like email, chat, etc.
- after the meeting make a summary and send it our to all the participants. They might reply and clarify if you have misunderstood smth or missed some important point.
- during the meeting assign tasks to each other. Verbally. Make notes. After the meeting reflect them in jira, rally, wtv.
- while assigning tasks nake sure the assignees have no blockers to work on them and make sure they understand what, when and how should be done. Some tasks might be dependedt on each other, work the sequence out.
- while assigning tasks ask "for ETAs. They might be as silly as 1-hour-to-2-weeks, but they still let you know what to expect.
- offer your assistance to the task assignees if they need any while working on their tasks

- work on your language, grammar, syntax, etc. Reading texts with typos/mistakes is repelling

- be a leader, an authority everyone is looking up to. Not a boss.
- avoid saying NOs. Be more of a "do we really need this; can we do this some other way/time; I can't promise anythibg but I'll see what I can do about it" kind of person.

So.. i have been doing internship with a good startup for last 2 months. It was supposed to be a 3 month internship and then maybe a job offer. I accepted this , but with a disclaimer that i will be taking leaves for exams.

They looked like they didn't liked this condition, saying "we won't be giving pay for those days" , "you will need your manager's approval", etc, but later i took 5-6 continuous leaves for my papers and my manager( aka the ceo) wouldn't even read my approval mail ( i did got deductions for those leaves tho, but i was fine with it )

Now the situation is that my final end term exams are coming up. They are supposed to go on for 15 days somewhere in December beginning, but i also need an extra 10-15 days to cover the syllabus for it. Apart from those, there are other college stuff like Second Sessionals, internal practicals ,minor project report submission , etc are also coming up, that are supposed to take anywhere from 1 to 5-6 continuous days in the first weeks of November.

So i asked my company for 2 months of leave to handle my college environment. The tasks assigned to me are incomplete , but i am well versed in those and might complete it if i had more time. I gave them an option that i will resume my work from January and complete my 3 months of internship ( i currently am about to complete 2 months , November would have been the 3rd) , but they said that they are "freeing me" in the October only ( i guess this means that my internship is being terminated and am off from company's payroll). They also asked me to contact company once all exam stuff is over, but yesterday i got suddenly removed from the company's slack group. I am not sure how to look at this.

They have also asked me to prepare a report on what i have done. Now i can send them a report like what i would have given to my college : containing more useless info and a few points on my work . Or i could provide them with a deep report on what i did each day, what are the bugs , what are the resources that i found , what are the things that need to be enhanced, links to important groups and people... Etc . I have so much of information that i fear they might hire someone else to complete all stuff that i have started and my material would give him a kickstart.
But on the other hand , it was their office that i worked in, their ideas that i built upon, so i feel a moral obligation to provide all assistance to my replacement.

What should i do?

(tldr : company asking for a report on work you did during internship that was supposed to be converted to job . wwyd?)

I just figured out any emails sent from my Gmail account are sent into the void. Gonna try contacting support.