Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "leaks"
-
I had a secondary Gmail account with a really nice short nickname (from the early invite/alpha days), forwarded to another of my mailboxes. It had a weak password, leaked as part of one of the many database leaks.
Eventually I noticed some dude in Brazil started using my Gmail, and he changed the password — but I still got a copy of everything he did through the forwarding rule. I caught him bragging to a friend on how he cracked hashes and stole and sold email accounts and user details in bulk.
He used my account as his main email account. Over the years I saw more and more personal details getting through. Eventually I received a mail with a plaintext password... which he also used for a PayPal account, coupled to a Mastercard.
I used a local website to send him a giant expensive bouquet of flowers with a box of chocolates, using his own PayPal and the default shipping address.
I included a card:
"Congratulations on acquiring my Gmail account, even if I'm 7 years late. Thanks for letting me be such an integral part of your life, for letting me know who you are, what you buy, how much you earn, who your family and friends are and where you live. I've surprised your mother with a cruise ticket as you mentioned on Facebook how sorry you were that you forgot her birthday and couldn't buy her a nice present. She seems like a lovely woman. I've also made a $1000 donation in your name to the EFF, to celebrate our distant friendship"31 -
This story is 100% true.
I got hired onto a team of construction workers to build a house. We set up a meeting with Management to find out what kind of house they wanted us to build, where’s the floor plan, what it’s going to be used for, who it’s for, etc. Management said that they didn’t know all that, we should just get started. They told us that we were going to use “Agile” which means that we just work on small deliverables and build the thing incrementally.
The developer team lead argued that we at least need to know how big the thing is going to be so that we can get started pouring the foundation, but Management told him they just don’t know. “What we do know,” Management said, “is that the house is going to have a bathroom. Just start there, and we’ll know more when it’s done. You have two weeks.”
So we just bought a port-a-potty, and screwed around on the internet for two weeks. Management was outraged. “You call this a house? This is the worst house ever! It doesn’t even have a tv!”
So we bought a tv and put it in the port-a-potty, attached to an outdoor generator. We were going to buy a a dvd player and get it hooked up to cable, but Management rejected the expense request, saying that they didn’t know if we needed it, and we’d come back to that later.
Management decided that we definitely need storage space, so we bought a boxcar and duct-taped the port-a-potty to it. Then to our horror they set up some desks and put a few miserable business interns in there. It went on like this…
After a few years the boxcar grew into a huge, ramshackle complex. It floods, leaks, it’s frozen in the winter and an oven in the summer. You have to get around in a strange maze of cardboard tubes, ladders and slides. There are two equally horrible separate buildings. We’re still using just the one outdoor generator for all power, so electricity is tightly rationed.
Communication between the buildings was a problem. For one of them, we use a complex series of flag signals. For the other we write notes on paper, crumple the paper up, and toss it over. Both of these methods were suggested as jokes, but Management really liked them for some reason. The buildings mostly talk to each other but they have to talk through us, so most of what we do is pass messages on.
It was suggested that we use paper airplanes instead of crumpled up balls, but the fat, awkward fingers of the Business Majors who inevitably take those jobs couldn’t be trained to make them. I built an awesome automatic paper airplane folder, but once again they couldn’t be trained to use it, so they just went back to crumpling the notes up in balls.
The worst part of all this is that it’s working. Everyone is miserable, but the business is making money. The bright side is that this nightmare complex is done so now we know what kind of building they actually needed in the first place, so we can start work on it. Obviously we can’t tell Management anything about what we’re doing until it’s finished. They noticed the gigantic hole in the ground where the foundation is coming in, but we told them that it’s a cache reset, and they mostly ignore it except when the occasional customer falls in.
I’ll probably be out of here before the new building gets finished. I could get a 50% raise by switching jobs, but Management still doesn’t think I should get a raise because I missed a couple sprints.7 -
Me, a junior dev: * reports an important issue and a possible fix *
Senior dev 1: nah, it'll do just fine.
Senior dev 2: that won't be an issue, don't you see? It's under control, man.
Senior 3: why are you even here? Why are you even talking?
Manager: yeah, what could possibly go wrong?
* a year after releasing the product, one of the seniors got fired and another one was hired *
New senior: this thing is bananas, code is inconsistent and there's memory leaks everywhere, how does that even work?
Me: nobody believed me when I said that.
Manager: it did work very well, where's the issue?
Me: it's everywhere, goddammit! Don't you see?
New senior: junior dev is right.
Me: I've been a WHOLE YEAR saying that!
Manager: did you? Really? Nah, you didn't.
...
I'm tired of this shit.15 -
It finally hit me the other day.
I'm working on an IoT project for a late-stage ALS patient. The setup is that he has a tablet he controls with his eye movements, and he wants to be able to control furnishings in his room without relying on anyone else.
I set up a socket connection between his tablet and the Raspberry Pi. From there it was a simple matter of using GPIO to turn a lamp or fan on or off. I did the whole thing in C, even the socket programming on the Pi.
As I was finishing up the main control of the program on the Pi I realized that I need to be more certain of this than anything I've ever done before.
If something breaks, the client may be forced to go days without being able to turn his room light on, or his fan off.
Understand he is totally trapped in his own body so it's not like he can simply turn the fan off. The nursing staff are not particularly helpful and his wife is tied up a lot with work and their two small children so she can't spend all day every day doting on him.
Think of how annoying it is when you're trying to sleep and someone turns the light on in your room; now imagine you can't turn it off yourself, and it would take you about twenty minutes to tell someone to turn it off -- that is once you get their attention, again without being able to move any part of your body except your eyes.
As programmers and devs, it's a skill to do thorough testing and iron-out all the bugs. It is an entirely different experience when your client will be depending on what you're doing to drastically improve his quality of life, by being able to control his comfort level directly without relying on others -- that is, to do the simplest of tasks that we all take for granted.
Giving this man some independence back to his life is a huge honor; however, it carries the burden of knowing that I need to be damned confident in what I am doing, and that I have designed the system to recover from any catastrophe as quickly as possible.
In case you were wondering how I did it all: The Pi launches a wrapper for the socket connection on boot.
The wrapper launches the actual socket connection in a child process, then waits for it to exit. When the socket connection exits, the wrapper analyzes the cause for the exit.
If the socket connection exited safely -- by passing a special command from the tablet to the Pi -- then the wrapper exits the main function, which allows updating the Pi. If the socket connection exited unexpectedly, then the Pi reboots automatically -- which is the fastest way to return functionality and to safeguard against any resource leaks.
The socket program itself launches its own child process, which is an executable on the Pi. The data sent by the tablet is the name of the executable on the Pi. This allows a dynamic number of programs that can be controlled from the tablet, without having to reprogram the Pi, except for loding the executable onto it. If this child of the socket program fails, it will not disrupt its parent process, which is the socket program itself.13 -
Started talking with someone about general IT stuff. At some point we came to the subject of SSL certificates and he mentioned that 'that stuff is expensive' and so on.
Kindly told him about Let's Encrypt and also that it's free and he reacted: "Then I'd rather have no SSL, free certificates make you look like you're a cheap ass".
So I told him the principle of login/registration thingies and said that they really need SSL, whether it's free or not.
"Nahhh, then I'd still rather don't use SSL, it just looks so cheap when you're using a free certificate".
Hey you know what, what about you write that sentence on a whole fucking pack of paper, dip it into some sambal, maybe add some firecrackers and shove it up your ass? Hopefully that will bring some sense into your very empty head.
Not putting a secure connection on a website, (at all) especially when it has a FUCKING LOGIN/REGISTRATION FUNCTION (!?!?!?!!?!) is simply not fucking done in the year of TWO THOUSAND FUCKING SEVENTEEN.
'Ohh but the NSA etc won't do anything with that data'.
Has it, for one tiny motherfucking second, come to mind that there's also a thing called hackers? Malicious hackers? If your users are on hacked networks, it's easy as fuck to steal their credentials, inject shit and even deliver fucking EXPLOIT KITS.
Oh and you bet your ass the NSA will save that data, they have a whole motherfucking database of passwords they can search through with XKeyScore (snowden leaks).
Motherfucker.68 -
Thanks for @PonySlaystation for coming up with this idea!
Wrote my first ever Firefox extension. It loads a json list from a server containing domains which, according to the snowden leaks of 2013, are integrated within a US powered mass surveillance network.
If it finds any urls on the page being loaded, it puts a fullscreen red background with a warning text and the links which match the surveillance criteria.
There's no way to continue to the web page yet, will try to add that later on.30 -
iPhone app riddled with memory leaks from a team of interns. Big series of demos coming up. Managements solution?
Send instructions to the person giving the demo to kill the app every 20 mins or so.1 -
Senior development manager in my org posted a rant in slack about how all our issues with app development are from
“Constantly moving goalposts from version to version of Xcode”
It took me a few minutes to calm myself down and not reply. So I’ll vent here to myself as a form of therapy instead.
Reality Check:
- You frequently discuss the fact that you don’t like following any of apples standards or app development guidelines. Bit rich to say the goalposts are moving when you have your back to them.
- We have a custom everything (navigation stack handler, table view like control etc). There’s nothing in these that can’t be done with the native ones. All that wasted dev time is on you guys.
- Last week a guy held a session about all the memory leaks he found in these custom libraries/controls. Again, your teams don’t know the basic fundamentals of the language or programming in general really. Not sure how that’s apples fault.
- Your “great emphasis on unit testing” has gotten us 21% coverage on iOS and an Android team recently said to us “yeah looks like the tests won’t compile. Well we haven’t touched them in like a year. Just ignore them”. Stability of the app is definitely on you and the team.
- Having half the app in react-native and half in native (split between objective-c and swift) is making nobodies life easier.
- The company forces us to use a custom built CI/CD solution that regularly runs out of memory, reports false negatives and has no specific mobile features built in. Did apple force this on us too?
- Shut the fuck up5 -
Yesterday was Friday the 13th, so here is a list of my worst dev nightmares without order of significance:
1) Dealing with multithreaded code, especially on Android
2) Javascript callback hell
3) Dependency hell, especially in Python
4) Segfaults
5) Memory Leaks
6) git conflicts
7) Crazy regexes and string manipulations
8) css. Fuck css.
9) not knowing jack shit about something but expected by others to
produce a result with it.
10) 3+ hours of debugging with no success
Post yours27 -
The best I have seen and exploited was years ago with a web shop that allowed me to set my own check-out price by just inspecting the element and setting the desired price. It just happily advanced to the next step where they invoked the payment provider with my custom price. Unfortunately the shop doesn't exist anymore. I have encountered many more security leaks but this one was so easy and lucrative to exploit.3
-
Half a week later I finally found out why my DNS server "wasn't working" on any of my servers.
Let's just say that MullVad's anti-dns leaking technology works extremely well.
It was tunneling all DNS requests through its own servers to prevent DNS leaks and I never thought of it a single fucking time!
😅4 -
Privacy & security violations piss me off. Not to the point that I'll write on devRant about it, but to the point that coworkers get afraid from the bloodthirsty look in my eyes.
I know all startups proclaim this, but the one I work at is kind of industry-disrupting. Think Uber vs taxi drivers... so we have real, malicious enemies.
Yet there's still this mindset of "it won't happen to us" when it comes to data leaks or corporate spying.
Me: "I noticed we are tracking our end users without their consent, and store not just the color of their balls, but also their favorite soup flavor and how often they've cheated on their partner, as plain text in the system for every employee to read"
Various C-randomletter-Os: "Oh wow indubitably most serious indeed! Let's put 2 scrumbag masters on the issue, we will tackle this in a most agile manner! We shall use AI blockchains in the elastic cloud to encrypt those ball-colors!"
NO WHAT I MEANT WAS WHY THE FUCK DO WE EVEN STORE THAT INFORMATION. IT DOES IN NO WAY RELATE TO OUR BUSINESS!
"No reason, just future requirements for our data scientists"
I'M GRABBING A HARDDRIVE SHREDDER, THE DB SERVER GOES FIRST AND YOUR PENIS RIGHT AFTER THAT!
(if it's unclear, ball color was an optimistic euphemism for what boiled down to an analytics value which might as well have been "nigger: yes/no")12 -
So today (or a day ago or whatever), Pavel Durov attacked Signal by saying that he wouldn't be surprised if a backdoor would be discovered in Signal because it's partially funded by the US government (or, some part of the us govt).
Let's break down why this is utter bullshit.
First, he wouldn't be surprised if a backdoor would be discovered 'within 5 years from now'.
- Teeny tiny little detail: THE FUCKING APP IS OPEN SOURCE. So yeah sure, go look through the code! Good idea! You might actually learn something from it as your own crypto seems to be broken! (for the record, I never said anything about telegram not being open source as it is)
sources:
http://cryptofails.com/post/...
http://theregister.co.uk/2015/11/...
https://security.stackexchange.com/...
- The server side code is closed (of signal and telegram both). Well, if your app is open source, enrolled with one of the strongest cryptographic protocols in the world and has been audited, then even if the server gets compromised, the hackers are still nowhere.
- Metadata. Signal saves the following and ONLY the following: timestamp of registration, timestamp of the last connection with the server (both rounded to the day so not on the second), your phone number and your contact details (if you authorize it) (only phone numbers) in HASHED (BCrypt I thought?) format.
There have been multiple telegram metadata leaks and it's pretty known that it saves way more than neccesary.
So, before you start judging an app which is open, uses one of the best crypto protocols in the world while you use your own homegrown horribly insecure protocol AND actually tries its best to save the least possible, maybe try to fix your own shit!
*gets ready for heavy criticism*19 -
So as quite some people know on here, I am strongly against closed source software and have a very strong distrust in it as well.
So next to some principles (and believes etc etc etc) there is one specifc 'event' which triggered the distrust in CSS (No not Cascading Style sheet, I mean Closed Source Software :P). So hereby the story about what happened.
I think it was about 5 years ago when a guy joined my programming class (I wasn't in uni although I studied but for the sake of clarity, lets just call it uni for now (also, that makes me feel smarter so why the fuck not!)) in uni. He knew a shitload about programming for his age but he was convinced that he was always right. (that aside)
Anyways, at some point we had to work in groups on this project (groups for specific tasks) and he chose (he loved it, we hated it, he had the final say) Trello for 'project management'. He gave everyone (I was running Windows for a little bit at that moment because the project was in C# and the Snowden leaks had not arrived yet so I was not extremely uncomfortable with using Windows, just a lot) this addon program thingy he created for Trello which would make usage easier. I asked if it was open source, he replied with 'No, because this is my project.' and although I did understand that entirely, I didn't feel comfy using it because of it's closed source nature. Everyone declared me paranoid and he was annoyed as hell but I just kept refusing to use it and just used the web interface.
*skips to 2 years later*
I met that guy again at the train station at a random day! Had the usual 'how are you and what's up after a few years' talk with him and then he told me something that changed my view on closed source software for most probably the rest of my life.
"Hey by the way, do you remember that project of a few years back where you didn't want to use my software because of your 'closed-sourceness paranoia'? I just wanted to say that I actually had some kind of backdooring feature build in which (I am not going to say what) allowed me to (although I didn't use it) look at/do certain things with the 'infected' computers. I really wanted to say that I find it funny how you, the only one who didn't give in to my/the peer pressure, were the only one who wasn't affected by my 'backdoor' at that moment! Also your standards towards the use of closed source software probably played a big part probably. I find that pretty cool actually!"
Although I cannot confirm what he said, he was exactly the type of guy who would do this IMO (and not only IMO I think).
So yeah, that's one of the reasons AND the story behind a big part of why I don't trust closed source software :).5 -
Googled "prevent memory leaks in delphi".
Came across a library called TCondom.
Talk about naming your classes aptly.4 -
My code review nightmare part 3
Performed a review on/against a workplace 'nemesis'. I didn't follow the department standards document (cause I could care less about spacing, sorted usings, etc) and identified over 80 bugs, logic errors, n+1 patterns, memory leaks (yes, even in .net devs can cause em'), and general bad behavior (ex.'eating' exceptions that should be handled or at least logged)
Because 'Jeff' was considered a golden child (that's another long TL;DR), his boss and others took a major offense and demanded I justify my review, item by item.
About 2 hours into the meeting, our department mgr realized embarrassing Jeff any further wasn't doing anyone any good and decided to take matters into his own hands. Thinking 'well, its about time he did his job', I go back to my desk. About an hour later..
Mgr: "I need you in the conference room, RIGHT NOW!"
<oh crap>
Mgr: "I spoke to Jeff and I think I know what the problem is. Did you ever train him on any of the problems you identified in the review?"
Me: "Um, no. Why would I?"
Mgr: "Ha!..I was right. So lets agree the problems are partially your fault, OK?"
Me: "Finding the bugs in his code is somehow my fault?"
Mgr: "Yes! For example, the n+1 problem in using the WCF service, you never trained him on how to use the service. You wrote the service, correct?"
Me: "Yes, but it's not my job to teach him how to write C#. I documented the process and have examples in the document to avoid n+1. All he had to do was copy/paste."
Mgr: "But you never sat with Jeff and talked to him like a human being? You sit over there in your silo and are oblivious to the problems you cause. This ends today!"
Me: "What the...I have no idea what you are talking about. What in the world did Jeff tell you?"
Mgr: "He told me enough and I'm putting an end to it. I want a compressive training class developed on how to use your service. I'll give you a month to get your act together and properly train these developers."
3 days later, I submit the power-point presentation and accompanying docs. It was only one WCF with a handful of methods. Mgr approved the training, etc..etc. execute the 'training', and Jeff submits a code review a couple of weeks later. From over 80 issues to around 50. The poop hits the fan again.
Mgr: "What's your problem? When are you going to take your responsibility seriously?"
Me: "Its pretty clear I don't have the problem. All the review items were also verified by other devs. Its not me trying to be an asshole."
Mgr: "Enough with the excuses. If you think you can do a better job *you* make the code changes and submit them for Jeff for review. No More Excuses!"
Couple of days later, I make the changes, submit them for review, and Jeff really couldn't say too much other than "I don't see this as an improvement"
TL;DR, I had been tracking the errors generated by the site due to the bugs prior to my changes. After deployment, # of errors went from thousands per hour to maybe hundreds per day (that's another story) and the site saw significant performance increases, fewer customer complaints, etc..etc.
At a company event, the department VP hands out special recognition awards:
VP: "This award is especially well earned. Not only does this individual exemplify the company's focus on teamwork, he also went above and beyond the call of duty to serve our customers. Jeff, come on up and get this well deserved award."19 -
Although it might not get much follow up stuffs (probably a few fines but that will be about it), I still find this awesome.
The part of the Dutch government which keeps an eye on data leaks, how companies handle personal data, if companies comply with data protection/privacy laws etc (referring to it as AP from now on) finished their investigation into Windows 10. They started it because of privacy concerns from a few people about the data collection Microsoft does through Windows 10.
It's funny that whenever operating systems are brought up (or privacy/security) and we get to why I don't 'just' use windows 10 (that's actually something I'm asked sometimes), when I tell that it's for a big part due to privacy reasons, people always go into 'it's not that bad', 'oh well as long as it's lawful', 'but it isn't illegal, right!'.
Well, that changed today (for the netherlands).
AP has concluded that Windows 10 is not complying with the dutch privacy and personal data protection law.
I'm going to quote this one (trying my best to translate):
"It appears that Microsofts operating system follows every step you take on your computer. That gives a very invasive image of you", "What does that mean? do people know that, do they want that? Microsoft should give people a fair chance for deciding this by themselves".
They also say that unless explicit lawful consent is given (with enough information on what is collected, for what reasons and what it can be used for), Microsoft is, according to law, not allowed to collect their telemetrics through windows 10.
"But you can turn it off yourself!" - True, but as the paragraph above said, the dutch law requires that people are given more than enough information to decide what happens to their data, and, collection is now allowed until explicitly/lawfully ok'd where the person consenting has had enough information in order to make a well educated decision.
I'm really happy about this!
Source (dutch, sorry, only found it on a dutch (well respected) security site): https://security.nl/posting/534981/...8 -
Me and my girlfriend's pillow talk about memory leaks
Me: **... So garbage collection is a means to stopping a memory leak from occuring
Gf: what 's a memory leak ?
Me: a memory leak is like when you want a pizza, and the guy gives you pizza. But you don't eat the pizza and you ask for another pizza. You keep doing this repeatedly. Until the pizza guy realizes what you're doing and decides to kill you. He then takes back all his pizzas
Gf: why would you do that though?
Me: Lazy ass programmers who don't clean up after themselves.6 -
My first dev job was a paid internship at Oak Ridge National Laboratory. But I wasn't in the computing division with the supercomputer and the 30-foot 18-screen wall display. In a way, I was doing something more exciting. I was in the Hollifield Radioactive Ion Beam Facility.
That meant that I was working next to a radioactive ray gun that they fired at different targets to try and make new kinds of particles. To refine the beam components, there was a tower with the world's highest voltage Van de Graf generator at 25,000 kilovolts. I got training on how to put on a radiation suit, and was told that if I got locked in the wrong room and red lights began to flash, I had about five seconds to run to the far wall and push the E-stop, before I got irradiated and died slowly over the next five weeks.
But, I was reassured, that never happened. Radiation leaks are rare too (that's why we wore dosimeters). More likely, there would be a leak in the generator tower. To explain why that's bad, that tower wasn't filled with normal air. 25,000 kilovolts would punch through that like nothing, arc against the walls, and we'd lose the electric charge. No, instead, the tower was filled to a few atmospheres of pressure with sulfur hexafluoride gas. You know how helium makes your voice go up? This stuff makes your voice go down. It's heavier than air, and it kills you by displacing and starving your lungs of oxygen.
So, while I was happily coding away on PHP, CSS and the Bash shell, making a log book for all the ion gun settings and targets the scientists used in their experiments, I was keeping an ear out for the oxygen alarm. I had a blast!2 -
Started working on a pihole alternative a while ago.
I like pihole a lot but one of the features I am missing is to be able to define a list of mass surveillance related domains (Snowden leaks; PRISM program and such) and show statistics based on dns queries containing blacklisted domains, prases/words and surveillance-related domains/words (google/facebook/microsoft/apple etc).
Started working on one based on an existing (php based) dns server which is open source and slowly but surely developed something which worked.
Then, I found out that the php resolving function (dns resolving) uses the system default, which can, of course, be google's dns as well. Changing this would be ideal but while the documentation suggested that it could be done some way, it didn't work for me so I chose a library which can do it with specific dns servers (to use as external dns servers).
This library used a different way of showing the retrieved dns query results and really wasn't in for converting everything by hand so i kinda quit the project a while ago.
A few days ago I thought fuck it and started again.
Now have a working version based on the new dns resolving library and made some other good improvements.
For those who are wondering why I chose PHP for this: why the fuck not?
Happy happy happy.rant php fuck mass surveillance fuck microsoft fuck google dns server yes i love php fuck facebook dns16 -
its 2016, and they still believe that office skillz are enough for CS101..
boy u have to allocate memory in runtime without leaks by end of semester, not just make a text bold with a fancy font..2 -
Man I really need to get this off my chest. So here goes.
I just finished 1 year in corporate after college. When I joined, the team I got was brilliant, more than what I thought I would get. About 6 months in, the project manager and lead dev left the company. Two replacements took their place, and life's been hell ever since.
The new PM decided it was his responsibility to be our spokesperson and started talking to our overseas manager (call her GM) on our behalf, even in the meetings where we were present, putting words in our mouth so that he's excellent and we get a bad rep.
1 month in, GM came to visit our location for a week. She was initially very friendly towards all of us. About halfway through the week, I realized that she had basically antagonized the entire old team members. Our responsibilities got redistributed and the work I was set to do was assigned to the new dev (call her NR).
Since then, I noticed GM started giving me the most difficult tasks and then criticizing my work extra hard, and the work NR was doing was praised no matter what. I didn't pay much attention to it at first, but lately the truth hit me hard. I found out a fault in NR's code and both PM and GM started saying that because I found it, it was my responsibility to fix it. I went through the buggy code for hours and fixed it. (NR didn't know how it worked, because she had it written by the lead dev and told everyone she wrote it).
I found out lately that NR and PM got the most hike, because they apparently "learnt" new tech (both of them got their work done by others and hogged the credit).They are the first in line to go onsite because they've been doing 'management work'. They'd complained to GM during her visit that we were not friendly towards them. And from that point on if anything went wrong, it would be my fault, because my component found it out (I should mention that my component mostly deals with the backend logic, so its pretty adept at finding code leaks).
What broke my patience is the fact that lately I worked my ass off to deliver some of the best code I'd written, but my GM said in front of the entire team that at this point "I'm just wasting money". She's been making a bad example out of me for some time, but this one took the cake. I had just delivered a promising result in a task in 1 week that couldn't be done by my PM in 4 weeks, and guess what? "It's not good enough". No thank you, no appreciation, nothing. Finally, I decided I'd had enough of it and started just doing tasks as I could. I'd do what they ask, but won't go above and beyond my way to make it perfect.
My PM realized this and then started pushing me harder. Two days back, I sent a mail to the team with GM in cc exposing a flaw in the code he had written, and no one bothered to reply (the issue was critical). When I asked him about it, he said "How can you expect me to reply so soon when it's already been told that when anything happens we should first resolve within the team and then add GM in the loop?" I realized it was indeed discussed, but the issue was extremely urgent, so I had asked everyone involved, and it portrayed him in a bad light. I could've fixed it, but I didn't because on the off chance if it broke something, they'd start telling me that I broke the tool, how its my fault and how its a critical issue I have to fix ASAP, etc. etc., you get the idea.
Can anyone give me some advice of how to deal with this kind of situation? I would have left but with this pandemic going on, market being scarce and the fact that I'm only experienced by 1 year, I don't think I qualify for a job switch just now.16 -
Trash, trash, trash.
Who the fuck writes this shit?
Who the fuck lets these trash should-be-junior devs roll their own crypto? and then approves it?
The garbage heap of a feature (signing for all apis) doesn't follow Ruby standards, doesn't follow codebase conventions, has `// this is bridge` style comments (and no documentation), and it requires consumer devs to do unnecessary work to integrate it, and on top of all this: it leaks end-user data. on all apis. in plaintext.
Fucking hell.8 -
My first actual rant on devRant:
Fuck corporate companies. Fuck agile development.
In the last 8 months I’ve been with this company, I’ve 1) made the app layout (which was super fucked) compatible with iPad. 2) reduced the apps size by 1/3 of the original size. 3) improved memory usage by double the efficiency, nearly eliminated all memory leaks. 4) gotten employee of the quarter for some of the above mentioned.
After all of this I got a talking to from product manager that “he knows I am a good developer but needs more consistency” after I spent a sprint on one story trying to consolidate front end validation logic and make a “validatableTextField” actually do some validation. So much for the MVVM you promised me.
Also, was promised I’d get some experience with Android, and with a team of 8 devs 6 of which have droid backgrounds and other two are juniors, guess whose only even built the droid project once in 8 months? You guessed it. This company has drained me of all of my knowledge, went against most of its promises to me, and values pushing features to the point of adding tech debt faster than I can solve it.
Unfortunately my personal life relies on this job or I’d quit right away. But you bet your ass I’m passively looking for something and I can’t wait till I get a job offer and quit on these ungrateful hypocrites.5 -
Ooof.
In a meeting with my client today, about issues with their staging and production environments.
They pull in the lead dev working on the project. He's a 🤡 who freelanced for my previous company where I was CTO.
I fired him for being plain bad.
Today he doesn't recognize me and proceeds to patronize me in server administration...
The same 🤡 that checks production secrets into git, builds projects directly in the production vm.
Buckle up... Deploys *both* staging and production to the *same* vm...
Doesn't even assign a static IP to the VM and is puzzled when its IP has changed after a relaunch...
Stores long term aws credentials instead of using instance roles.
Claims there are "memory leaks", in a js project. (There may be memory misuse by project or its dependencies, an actual memory leak in v8 that somehow only he finds...? Don't think so.)
Didn't even set up pm2 in systemd so his services didn't even relaunch after a reboot...
You know, I'm keeping my mouth shut and make the clown work all weekend to fix his own hubris.9 -
Soooo I think I have finally come to the point that I may have to create a YouTube channel, to teach software engineering from the ground up... and teach it the way the universities and everyone else should be teaching it, so that they have a solid foundation.... throwing hello world, and loops and variables at folks out of the box without any of the environment context or low level embedded register, even logic gate understanding
That lack of understanding is why, soooo many college students and younger folks, are actually pretty shitty engineers. Everything is high level languages and theoretical concepts to them. Nothing practical, that’s why there’s sooo many python and java developers that can’t for the life of them understand memory management, low level hardware interfacing etc, because the colleges don’t teach it the way it use to be taught.
I seriously fear 30 years from now or sooner when there are few embedded engineers only left till retirement, as without those folks the whole pyramid of electronics falls to pieces.
Java, C#, python, all that shit don’t run on the bare metal... there’s this magical layer of C, and assembler that does all the work just so folks can abstract their thoughts.
Either 1 of two situations will happen.. price of electronics will rise because the embedded guys are few and far between therefore salaries skyrocket... OR everything starts running shit like java on the metal, where there are a over abundance of developers, their salaries will be low because there are soo many but the processing power, space, and energy needed to run java natively causes electronics cost to increase
but regardless 30 years from now if those script kiddies are building everything I fear it cuz there’s gonna be memory leaks, and overflow issues everywhere.. shit be blowing up more than 4th of July.. lol
Soooo in effort to prevent that and keep the embedded engineers up, or atleast properly educate the script kiddies, I’m gonna make that YouTube channel.. 1 maybe 2 videos a week, 1-2 hours sessions each.. starting at the fucken ground and building up.39 -
Crappy day, entirely related to cars and trucks and other wheeled implements of doom and annoyance.
My car died this morning.
It has been slowly dying for weeks in a very unusual way (something electrical; we're not sure what), but today it finally gave up and just wouldn't start anymore.
We replaced the crap battery (it had been a crap freebie from my parents), which fixed the not-starting issue for now, but it still has lots of other problems. Fluid leaks, disintegrating paint, some lights suddenly or randomly not working, super long clutch distance, sporadic grinding sounds, shifter randomly not engaging, pieces literally falling off, bits of the interior breaking (like the driver's side door handle), the wiper sprayers bloody missing the windshield, etc., etc., etc. My poor, poor car. It was super cheap, and I've had it for a long time, so I'm not surprised, but. I love my car, so it makes me really sad. ☹
Anyway, we finally got the car starting again, and I drove to work about four hours late. I had worked super late the previous night (11:45pm), and had let my boss know already, so whatever.
As for the trip, I work ~40 minutes away, and with the poor quality of drivers here there's usually something dumb happening. Today... well. Today was one of the bad days.
Someone was in the fast lane doing 50mph. The usual speed of traffic is 80mph. They got annoyed whenever someone passed them. Minor, but worth including.
Later on, people slowed way down and gawked at... a port-a-potty. Seriously, a port-a-potty. It was on the shoulder where there had been some construction, so it's not surprising or anything. People seriously dropped from 80mph down to 20mph just to stare at this thing, and it wasn't even occupied or anything. It was just a port-a-potty! There was nothing else around! What could possibly be so interesting?!
There was also a random Penske (moving) truck doing 35mph on the freeway holding up traffic like 10 minutes later; no idea why. Traffic usually does ~70mph there. No blinkers or anything, it was just being slow and causing everyone to go around in a pretty traffic-heavy area.
The truck in front of me for ~40% of the trip kept waiting way too long to stop, and would then slam on the breaks. I almost hit him twice because of this, and I couldn't see around him, either. It was some giant pickup staying just in the wrong spot. I ended up driving partially in the shoulder so I could gauge when to stop by the car in front of him. He slammed on the breaks like twelve more times before he finally left. Jerk.
The same thing happened again like 85% of the way to work, but this time it was a different pickup, and there was a semi was behind me, which obviously couldn't stop very quickly. Fortunately for both of us, there was a gap in traffic to my right, so I slipped out of the way before getting squished. ><
Bloody hell.
Today has not been fun.
Nobody flipping me off or was doing their damnedest to prevent me from changing lanes today, though, so I suppose it could have been worse. Also I didn't die, so there's that.2 -
MAINTENANCE OF STACKOVERFLOW PLANNED
SHARE TO YOUR NEAREST DEV FRIENDS
Stackoverflow and its relative partners will be closed for two days due to maintenance, new design, and moving server infrastructure from United States to 1km below the Switzerland Alps for extra layers of security. This decision was made by the recent CloudFlare data leak.
Now our servers will be able to handle data leaks because even though the data was leaked, it will fill the empty places in the rocks resulting inaccessible from attackers.
Stackoverflow and its relative partners' maintenance estimated time is February 29 - 30. We will try to finish as fast as possible and bring you guys the best experience. If the maintenance delayes, we will tweet via @StackStatus or post details in our status blog.
Thank you for your support and have a happy day.
Best regards,
Stack Exchange team6 -
Looks like /dev/body got tainted.. nasal memory leaks all over the place 😷
$ kill -9 $(pidof cold)
... Nothing.
$ sudo !!
I said kill the fucking cold!!! Y u no listen to your admin?! 😠
> User condor is not in the sudoers file. This incident will be reported.
RRRRRRRRREEEEEEEEE!!!! 😣😣😣
I just want to finish my goddamn power supply project, instead of getting bed-ridden by a cold, and running through paper towels like there's no tomorrow 😭5 -
When you Valgrind your program for the first time for memory leaks and get "85000127 allocs, 85000127 deallocs, no memory leaks possible"4
-
Dev: Hi Guys, we've noticed on crashlytics that one of your screens has a small crash. Can you look?
Me: Ok we had a look, and it looks to us to be a memory leak issue on most of the other screens. Homepage, Search, Product page etc. all seem to have sizeable memory leaks. We have a few crashes on our screens saying iPhone 11's (which have 4gb of ram) are crashing with only 1% of ram left.
What we think is happening is that we have weak references to avoid circular dependencies. Our weak references are most likely the only things the system would be able to free up, resulting in our UI not being able to contact the controller, breaking everything. Because of the custom libraries you built that we have to use, we can't really catch this.
Theres not really a lot we can do. We are following apples recommendations to avoid circular dependencies and memory leaks. The instruments say our screens are behaving fine. I think you guys will have to fix the leaks. Sorry.
Dev 1: hhhmm, what if you create a circular dependency? Then the UI won't loose any of the data.
Dev 2: Have you tried looking at our analytics to understand how the user is getting to your screens?
=================================
I've been sitting here for 15 minutes trying to figure out how to respond before they come online. I am fucking horrified by those responses to "every one of your screens have memory leaks"2 -
In january 2023 i was contacted by a recruiter offering me a job position.
I DID NOT ASK FOR A JOB.
I WAS NOT LOOKING FOR A JOB.
THEY contacted ME.
Ok. So i went along with it and see how it goes. They probably wont hire me nor would i give a shit. Chatted with this recruiter for a while. She forgets to answer my message for 5 fucking days. Twice. Once because she was doing God knows what and the second time because she was on paid vacation. Fine i don't give a shit about you at all anyways.
So this recruiter chatting has been stretched out for several days. I think over a WEEK. So she forwarded me to their lead developer.
I applied to work as a full stack java spring boot backend + angular frontend engineer.
So:
- java backend
- angular frontend
- full stack
- shitload of devops
- shitload of projects i built
- worked with clients
- have CS degree, graduated
- worked a job at their rival company
What could go fucking wrong with all of these stats right?
During technical + hr interview (3 of us on google meets) they asked me what salary I'd be comfortable with.
I said $1500/month straight out.
keep in mind:
- In my country $500 or $600 is a salary for engineers per month
- You get a raise of +$150 which is around $750 after working for 1+ year
- You can earn $1000+ after you work for +2 years
- Rent here is $200-300 a month at minimun. And because of inflation its just getting worse especially with food. So this salary is not for living but for survival.
Their lead engineer gave me a WHOLE ASS FUCKING PROJECT TO BUILD and i had to code it within 10 days. Great so at least 17+ days of my fucking life to waste on these fucktards who contacted ME.
The project was about building a web app coffee shop literally what mcdonalds has when you order via those tablets. I had to build this in java spring boot and angular. I had to integrate:
- docker, devops
- barmen, baristas, orders
- people can order at the table or to go
- each barista can take 5 orders at a time
- each coffee has different types of fields and brewing time
- each barman brews each coffee different period of time
- barista cant take more than 5 orders for to go until barman finishes the previous order
- barista can take more than 5 orders but if those orders were ordered from table, and they have to be put in queue
- had to build CRUD admin functionality coffee's
- had to export them all of the postman routes
- had to design a scalable database infrastructure for all of this alone
- shitload of stuff more
And guess what. After 10 painful days I BUILT THE WHOLE THING MYSELF AND I BUILT EVERYTHING THEY ASKED FOR. IT WAS WORKING.
Submitted it. They told me they'll contact me within 7 days to schedule the final Technical interview after they review what i built. Great so another 17+7 days of my fucking time wasted.
OH and they also told me to send them THE WHOLE GITHUB REPOSITORY AND TRANSFER OWNERSHIP TO THEIR COMPANY'S OWNERSHIP. once you do this you cant have your repository back. WTF? WHY CANT YOU JUST REVIEW THE CODE FROM MY PUBLIC REPOSITORY? That was so weird but what can i fucking do argue with these dickheads?
After a week of them not answering i contacted them via email. They forgot and apologized. Smh. Then they scheduled an interview within 3 days. Great more of my time wasted.
During interview i was on a google meets with their lead engineer, 1 backend java spring boot engineer and 1 angular frontend developer. They were milking me dry for 1 whole fucking hour.
They only pointed out the flaws in what i built, which are miniscule and have not once congratulated me on the rest of the good parts. I explained them i had to rush those parts so the code may not be perfect. I had other shit to do in my life and not work for your shitty project for $0/hour for 10 days you fucking dickriders.
So they quickly ran over to theory. They asked me where is jwt token stored. Who generates it. How the backend knows to authenticate user by it. I explained.
What are solid principles. I said i cant explain what is it but i understand how it works, why its needed and how to implement it (they can clearly see in the project i just build that i applied SOLID principles everywhere) - but i do admit i dont know the theory behind it 100% clearly.
Then they asked me about observables and promises in angular. I explained them how they work and how subscribe method is used (as they can clearly see that i used it in the code). Then they asked me to explain them under the hood of how observables work. The fuck? I dont know and dont care? But i can learn it as i work there?
Etc
Final result: after dragging this for 1 fucking month for miserable $1500/month they told me: we can either hire you now but for a much lower salary which you probably wont be happy with, or you can study more these things we discussed "and know why the car leaks oil" and reapply back to us in 2-3 months!23 -
- Let's write some code to check for memory leaks
- Oh shit, memory is leaking like crazy
- In fact the program crashes within 10 minutes
*Some hours of debugging and not finding the cause later*
- Starts thinking about the worse
- Hell yeah, the memory leak is caused by the code that checks for memory leaks. But fucking how
- Finds out the leak is caused by the implementation of the std C lib
- In the fucking printf() function
- Proceeds to cry5 -
Why do people jump from c to python quickly. And all are about machine learning. Free days back my cousin asked me for books to learn python.
Trust me you have to learn c before python. People struggle going from python to c. But no ml, scripting,
And most importantly software engineering wtf?
Software engineering is how to run projects and it is compulsory to learn python and no mention of got it any other vcs, wtf?
What the hell is that type of college. Trust me I am no way saying python is weak, but for learning purpose the depth of language and concepts like pass by reference, memory leaks, pointers.
And learning algorithms, data structures, is more important than machine learning, trust me if you cannot model the data, get proper training data, testing data then you will get screewed up outputs. And then again every one who hype these kinds of stuff also think that ml with 100% accuracy is greater than 90% and overfit the data, test the model on training data. And mostly the will learn in college will be by hearting few formulas, that's it.
Learn a language (concepts in language) like then you will most languages are easy.
Cool cs programmer are born today😖31 -
At a restaurant in Augustow there was a sign: "please wait for the waiter"
it confused me. If I'm waiting for the waiter, then what/who's the waiter: the one who's being waited for or the one waiting?
If I'm waiting for the waiter, do I become the waiter?
I think this is a good spot for a recursion bug to occur, resulting in waiter leaks.4 -
Spent a month working on a website that relied on crawled data
Got the memory leaks and usage down from 700mb to ~150mb
CPU usage from ~100% to <5%
Shrink-wrapped the DB requirements based on data
Created self-supporting services and what not
When everything FINALLY worked good enough for me to look at it and go "damn, this actually worked"
the whole monitoring sys got dyed in red :v
A quick look up and my crawlers exhausted my godaddy's per-user db limits.
Kill me.
Just fuckin kill me.7 -
The cleaning lady saga continues...
(previous: https://devrant.com/rants/1850777)
Had an appointment with their manager, stuff gets discussed and coordinated at a 3x slower pace than if I'd done it myself (as usual because fuck efficiency when there's muggles involved -_-), yada yada.
*mail addresses for contact start getting discussed*
Incompetent fuck of a manager: And you $realName, your email address is $company@nixmagic.com, then changed to $nickname@nixmagic.com? Mind explaining this?
Me: Oh yeah that's just because I give out different email addresses to each contact person when it involves public forms or registrations, helps with spam prevention and putting the company name of the correspondent in there helps with easy recognition when some company's database leaks and I start getting a lot of spam on that mailbox.
IFOM: Really.. we actually weren't sure whether we should reply to something with our company name in it.. you know, not sure whether it's legit etc. Why would anyone want to use one of our email addresses as theirs?
… Let that sink in for a moment. They think that $company@nixmagic.com is theirs? Just because it's their domain (minus TLD) in front of MY FUCKING DOMAIN? How about you start by learning how email addresses work first, because clearly you have no fucking clue about it. Are you the kind of brainless fucks that get lured in by http://totallylegitbank.com.freehost.com/... scams? Fucking stupid piece of fucking shit.
Oh, and when you're using MS Exchange, of course you can't know that when you're having your own domain, you actually also own every fucking mailbox on it, because Microshaft doesn't allow you to have more than n amount of mailboxes, unless you gobble up money for them. But you know what, in my case it's a fucking catch-all domain running Linux on its servers, so yeah I can use whatever the fuck I want in front of it, including your stupid fucking cleaning company.
IFOM: And then there's your current designated email address. $nickname@nixmagic.com..
Oh you're going to criticise that as well?! Yeah condor is my fucking nickname all over the internet, and my username on all my systems. That's why I use it. But you know what else is an email address that you might come across, because people are shallow idiots like that? ILoveBigTits69@gmail.com or something like that. You know what, how about I address you next time from ILoveBigTits69_OhAndYoursAreAWashboard@nixmagic.com, because you know what? I CAN FUCKING DO THAT. But you know, I at least am halfway fucking professional about my business-related stuff, so I won't because I really don't want to be associated with such an email address. So don't you fucking dare to criticize me for using my fucking nickname instead of my real name.
Long story short, people are fucking idiots.6 -
Last 10 years of database leaks.
Will next 10 years will be as interesting in security like last decade ?8 -
The Cloud Of Bullshit
Every day I wake, and I think of my one true mission in life. To mock and ridicule paint huffing idiots. Something recently that drew my ire, like the hemorrhoids on my ass is this idea of 'the cloud', THE CLOUD and the buzzword lingo-bingo bullshit that providers use to hype and sell it.
For example, airtable is an amazing service. I love that I can insert just about anything into a row, create any of my own row datatypes, that it's flexible as all hell.
I love it.
And I hate that I'm essentially locked in to the cloud.
I fucking hate how if my internet goes down (thanks you pie eating inbred dipshits at comcast) I have no access.
If the company is bought, they'll shut down like all the rest , to be "relaunched at a later time" (or never).
I hate that if the company doesn't make enough money, or it's investors change their mind, woopsie, service is shut down.
I hate that the cloud is synonymous with massive data leaks and IOT-levels of stupidity in security practices.
Every time someone says "but its in the cloud! Isn't it amazing!"
I always think 1. YEAH IF IM AN INVESTOR I GET TO MILK LOW BROW FINGER PAINTING FUCKWITS EVERY MONTH like Adobe sucking the blood from infants who are still in college.
2. Why? So I can get locked into their platform, have them segment off previously free features (fucking youtube and the 'subscribe so you can continue playing audio with your screen off' bullshit), and then have fees increase month over month?
3. Why, so every four years during the presidential selection, if I piss off some fuckstick braindead lemming literally sucking his girlfriends BFs cock, they can potentially shut me out from my own data completely?
The Cloud is built on shit-colored hype sold to knob gobbling idiots, controlling idiots, profiting at the expense of idiots, and later fucking them for buyout payola. The Cloud is a Cloud of Bullshit shat out by huckster messiahs straight into the lapping mouths of fanatics worshiping slavishly like toilet drinking scum at the porcelain alter of a neon god, invisible, untouchable, and like a spigot, easily shut off without anyone noticing. And when it happens, I'll be there, shouting "WHERE IS YOUR CLOUD NOW?"
Native any day. 100% native or I don't fucking want it
None of this node.js-gone-native bullshit either with notetaking apps taking up hundreds of megabytes of ram, where everything is bootstrap or react, in a browser, in a window container, because people are so fucking incompetent we have to hold their hand WHILE they give themselves a reach around.
Native or nothing.
For my favorite notetaking app, I use Microsoft OneNote. "OH god, a heathen, quick, stick his body up on a stake!"
But hear me out. I'll be the first one in a crowd to kick bill gates in the nuts (not because I particularly hate microsoft, just because I think hes kind of a cunt).
So when I say onenote is good, I really fucking mean it. Sure they did some cunty things like 'dumbed down' the interface, and cut out some options. But you know what they can't do?
Shut down the damn service (short of a system update completely removing the whole app, which, frankly, wouldn't surprise me).
It's so god damn good it waxed my balls, cured my cancer, fixed my relationship with my father, found my long lost brother, and replaced ALL my irl notebooks.
It's so good that if it was cocaine I'd be hospitalized for overusing it.
So god damn good it didn't just replace all my notebooks, it even replaced and sped up my mockup process three to five times. Want layers?
Built in. Just drag an image on to the notebook to import instantly.
Want to rearrange layers? Right click select "send forward/back/bring to front/send to back".
Everything snaps to grid by default and is easily resizeable.
I had all the elements for a UI sliced and diced. Wanted to try a bunch of layouts. Was gonna take me two damn days.
Did it in three hours with the notebook features of onenote.
After I started using onenote, me and my bodypillow finally conceived even.
Sweet marries mammaries I just fucking jizzed. Thank you onenote.
P.s. It really did speed up my UI design, allows annotated images, highlighted text. Shit, it can even do kanban.
And all I can think is "good job microsoft making an awesome product for free, being dumb as fuck for not charging for it, and then not marketing it at ALL."
It was sheer fucking luck that I discovered it while was I was looking for vendor STD bloatware to blast off my new install.
OneNote: Worth a try even for the kick-gates-in-the-nuts fan club.
The cloud can suck my balls.18 -
I have a few of these so I'll do a series.
(1 of 3) Public privates
We had a content manager that created a content type called "news item" on a Drupal site. There where two file fields on there. One called "attachments" and the other called "private attachments". The "private attachments" are only for members to see and may contain sensitive data. It was set to go trough Drupals security (instead of being directly hosted by the webserver) but because the permissions on the news items type where completely public everybody had access. So basically it was a slow public file field.
This might be attibuted to ow well Drupal is confusing. Howerver weeks earlier that same CM created a "private article". This actually had permissions on the content type correctly but had a file field that was set to public. So when a member posted the URL to a sensitive file trough unsafe means it got indexed by google and for all to read. When that happend I explained in detail how the system worked and documented it. It was even a website checklist item.
We had two very embarrassing data leaks :-(1 -
Lesson learned: if you're going to derive a class in c++, make sure to declare a virtual destructor on the base class!
I just fixed (one of...) the massive memory leaks in my damn project.
Pictured: the strings in a derived class actually getting freed!20 -
Srsly???
parenting.stackexchange.com
Looking forward to read of some nice "dumps", "leaks" and "overflows" there. :D3 -
imagine having kernel memory leaks in 2020
AT&T or Huawei, whichever, pushed an update for my already-struggling-to-exist phone that made the kernel memory leak go from 480KB/hr avg to 22.5MB/hr avg. When my free RAM is never under 50% of 2GB after the kernel starts loading other shit and i'm able to express free RAM, at any time in use, in megs, with 8 bits... this means my phone crashes, with no apps running aside from a trimmed list of stock apps, every 3-4 hours due to running out of RAM. The only usable (read: not R/O because unrooted) swapfile is located on a tmpfs, so it's completely fucking useless (and eats another 100MB of RAM that I could be using for LITERALLY anything else, that's like another 3 hours of full idle between crashes) and I can't unlock the bootloader to fix any of this as Huawei no longer hands out keys and it'd take 7 years or so to brute (32-bit @ 10/sec)
tl;dr: fuck15 -
If anything taught me that garbage collectors aren't the one true answer for memory management then it's got to be modded minecraft
It takes around 10-20 seconds only to disconnect from a game and go back to the main menu.
You also get memory leaks, which result in several second long freezes when the GC kicks in, that happen every 15 seconds.1 -
I'm convinced this is going to be wildly unpopular, but hey...
Please stop writing stuff in C! Aside from a few niche areas (performance-critical, embedded, legacy etc. workloads) there's really no reason to other than some fumbled reason about "having full control over the hardware" and "not trusting these modern frameworks." I get it, it's what we all grew up with being the de-facto standard, but times have moved on, and the number of massive memory leaks & security holes that keep coming to light in *popular*, well-tested software is a great reason why you shouldn't think you're smart enough to avoid all those issues by taking full control yourself.
Especially, if like most C developers I've come across, you also shun things like unit tests as "something the QA department should worry about" 😬12 -
I will never understand the need people have to lie about their knowledge or make shit up. Seriously am I the only one to despise that ?!
If you don’t know about something stop trying to make shit up on the go, it’s useless and it will give the wrong idea to people listening to you thinking you know what you’re talking about.
Last example in date:
Me: Here’s this cool repo I found, it’s a discord client implemented in cpp, so it runs natively
Techbro: oh cool, hey @everyone you should download this, it runs natively so there will be no leaks like the normal client
😤10 -
When the poet in me fuses with the geek in me:
Will you be the css to my html?
When I encountered you,
My system threw a fatal error
My RAM was overloaded,
And my CPU went haywire
Will you be the css to my html?
I would show you my source code,
And let you merge your branch into mine
I will help you fix your memory leaks
And I will try filling all your nullpointers
Will you be the css to my html?
Your frontend would perfectly plug into my backend
I can compile all your heavy code,
Just in time
Baby just promise me,
You'll provide the JSON
To my API calls
Will you be the css to my html?
This is my first draft... Constructive criticism is welcome!4 -
I downloaded Lapsus$ source code leaks from samsung, nvidia and microsoft, looked at them and I think I’ll delete it cause I don’t like shitty code on my personal computer.
-
Does anybody here know of some sort of blackout glasses? (which cover the entire eyes, not sunglasses which do exist in high filters, but leak sunlight at the bottom, top and sides)
My recent lifestyle has lead me to absolutely dying at the morning when I go sleep, because of the extreme sunlight, peaking through all cracks.
I am just fine during the day when I do my walks or drive to the store etc, but after a long night I just get very light and sound sensitive.
I think a decent amount of years ago, I saw somebody use some sort of small scale welding goggles for something similar, but I can't find any that are dark enough or aren't costing like buying a beach house in malibu.
Also "photophobia glasses", which actually seem to be for that purpose, cost like two malibu beach houses and a helicopter to top it off, because they abuse and cash on the fact that it has remote help to people that suffer from it.
I did also try just using blackout curtains for that purpose, but as said, there's always that one small crack where it leaks through and absolutely flashbangs me.
So it would be nice to have some glasses that filter pretty much 99% of light, but still allow me to navigate through my appartment, without having to break a leg or crack my neck (which would solve the problem atleast)22 -
Code review, intern style:
Intern: Here is my pull request ...
Colleague: I see a problem with x, y, z. Could cause memory leaks.
Intern: Oh yeah you are correct, i'll fix that in the next one.
Intern: *merged* -
I have to fix a memory leaks of two jest test files of
2 FUCKING THOUSAND
lines of code each.
The End.15 -
For fuck sake!
Fuck locatefamily.com, just searched out on google my name and surname, both foreign and hard to even spell out for many, and it's the first time that I saw my data(where did I live, my current work phone number, name and surname) open wide as the second link of my search, fuck!
But there's a clue, at that address I lived for a not so long period, so I did search my emails in that period and other than my employers and government emails(in which I don't trust either), here's a list of companies that had my info(partial or full):
Only address(with name and surname):
Amazon.it with 14 other companies(for shipping)
eBay with 4 other companies(for shipping)
voxelfarm.com
trenord.it
DUMA (LIGHT) di Adel
decathlon.com
gruppoargenta.it
paypal.it
All info:
gearbest.com
glistockisti.com
oculus.com
Banggood.com
Overall there are 33(including government, employers and national main mail service) potential leaks of that data, with 7 in full exposure.
After this, I'm thinking how it's even avoidable to not leak personal data, because from any of those businesses I got goods or services that otherwise I couldn't without exposing such informations... fuck.6 -
garbage collectors' lifestyle matters!
Ever eyeballed the abyss of your memory leaks? Shit, garbage collectors deserve a raise.
Unsung heroes, janitorialing thru that VM like a dung beetle, silently fucking up your perf so you can do that delicious spaghetti. Indiana-jonesing the fuck out of that memory trash can and euthanizing all that disgusting heap of pointers hanging, dangling, like... well, like garbage.
At the very least they're deterministic, unlike that Markov chain we all had the displeasure of fucking up. Amen? Amen! 🙌🏻
You gotta wonder, though, what goes through their nuggin. Do they reminisce about the potential of that half-ass-written class? Do they weep for the elegance of a forgotten function bottlenecking their job? Nah, probably just counting down the nanoseconds till their next full GC cycle. Aaah, like cold beer in Saturday barbecue.
So next time your program miraculously avoids a memory error, take a moment, put your hands up in the air and say a prayer to your garbage collector.
Silently covering for your fuckups2 -
Man wk89 awesome... bringing back a lot of memories. The one thing really stands out to me though is the software.
I see a lot of rants about people shocked that turboC is still in use or other DOS programs are still in production. A lot can of bad be said here but I think often it's a case of we truly don't build things like we did in the good old days.
What those devs accomplished with such limited resources is phenomenal and the fact that we still haven't managed to replicate the feel and usability of it says a lot, not to mention just how fucking stable most of it was.
My favourite games are all DOS based, my most favourite of all time Sherlock is 103kb in size. When I started coding games I made a clone of it and to this day I am still trying to figure out what sorcery is in the algorithm that generates/solves puzzles that makes it so fast and memory efficient. I must have tried 100+ ways and can't even come close. NB! If you know you can hint but don't tell me. Solving this is a matter of personal pride.
Where those games really stand out is when you get into the graphics processing - the solutions they came up with to render sprites, maps and trick your eyes into seeing detail with only 4-16 colours is nothing short of genius. Also take a second to consider that taking a screen shot of the game is larger than the entire game itself and let that sink in...
I think the dramatic increase in storage, processing power and ram over the last decade is making us shit developers - all of us. Just take one look at chrome, skype or anything else mainline really and it's easy to see we no longer give a rats ass about memory anywhere except our monthly AWS/GCE bill.
We don't have to be creative or even mindful about anything but the most significant memory leaks in order to get our software to run now days. We also don't have constraints to distribute it, fast deliver-ability is rewarded over quality software. It's only expected to stay in production 3-4 years anyway.
Those guys were the true "rockstars" and "ninja" developers and if you can't acknowledge that you can take ya React app and shovit. -
A (work-)project i spent a year on will finally be released soon. That's the perfect opportunity to vent out all the rage i built up during dealing with what is the javascript version of a zodiac letter.
Everything went wrong with the beginning. 3 people were assigned to rewrite an old flash-application. Me, A and B. B suggested a javascript framework, even though me and A never worked with more than jquery. In the end we chose react/redux with rest on the server, a classic.
After some time i got the hang of time, around that time B left and a new guy, C, was hired soon after that. He didn't know about react/redux either. The perfect start off to a burning pile of smelly code.
Today this burning pile turned into a wasteland of code quality, a house of cards with a storm approaching, a rocket with leaks ready to launch, you get the idea.
We got 2 dozen files with 200-500 loc, each in the same directory and each with the same 2 word prefix which makes finding the right one a nightmare on its on. We have an i18n-library used only for ~10 textfields, copy-pasted code you never know if it's used or not, fetch-calls with no error-handling, and many other code smells that turn this fire into a garbage fire. An eternal fire. 3 months ago i reduced the linter-warnings on this project to 1, now i can't keep count anymore.
We use the reactabular-module which gives us headaches because IT DOESN'T DO WHAT IT'S SUPPOSED TO DO AND WE CANT USE IT WELL EITHER. All because the client cant be bothered to have the table header scroll along with the body. We have methods which do two things because passing another callback somehow crashed in the browser. And the only thing about indentation is that it exists. Copy pasting from websites, other files and indentation wars give the files the unique look that make you wonder if some of the devs hides his whitespace code in the files.
All of this is the result of missing time, results over quality and the worst approach of all, used by A: if A wants an ui-component similar to an existing one, he copies the original and edits he copy until it does what he wants. A knows about classes, modules, components, etc. Still, he can't bring himself to spend his time on creating superclasses... his approach gives results much faster
Things got worse when A tried redux, luckily A prefers the components local state. WHICH IS ANOTHER PROBLEM. He doesn't understand redux and loads all of the data directly from the server and puts it into the local state. The point of redux is that you don't have to do this. But there are only 1 or 2 examples of how this practice hurt us yet, so i'm gonna have to let this slide. IF HE AT LEAST WOULD UPDATE THE DATA PROPERLY. Changes are just sent to the server and then all of the data is re-fetched. I programmed the rest-endpoints to return the updated objects for a very reason. But no, fuck me.
I've heard A decided (A is the teamleader) to use less redux on the next project and use a dedicated rest-endpoints for every little comoutation you COULD DO WITH REDUX INSTEAD. My will is broken and just don't want to work with this anymore.
There are still various subpages that cant f5 because the components cant handle an empty redux state in the beginning, but to be honest i don't care anymore. Lets hope the client will never find out, along with the "on error nothing happens"-bugs. The product should've been shipped last week, but thanks to mandatory bugfixes the release was postponed to next week. Then the next project starts...
Please give me some tips to keep up code quality over time, i cant take this once more.
I'm also aware that i could've done more, talking A and C about code style, prettifying the code, etc. Etc. But i was busy putting out my out fires, i couldn't kill much of the other fires which in the end became a burning building (a perfect metaphor for this software)4 -
It's 00:54. I'm supposed to wake up at 8.30AM. Not even tired. In front of my computer, with a frozen Visual Studio Code on the left screen and a frozen Madeon music on the right screen.
My CMS won't get compiled anymore, due to lack of memory. I have 16gb of RAM, gave it 4 of them, and it froze. If I give it less, it just won't compile. Why. I can't figure out wether if it's my code which has some memory leaks or if there's just too much JavaScript in it. What did fuck up? My code? React? Material-UI? The way I want to mix them all together? Maybe I just shouldn't have used React to cover up everything, and maybe I shouldn't have used Ruby on Rails the way I did.
Fuck.
What do I do now.10 -
Welp, this made my night and sorta ruined my night at the same time.
He decided to work on a new gaming community but has limited programming knowledge, but has enough to patch and repair minor issues. He's waiting for an old friend of his to come back to start helping him again, so this leads to me. He needed a custom backend made for his server, which required pulling data from an SQL/API and syncing with the server, and he was falling behind pace and asked for my help. He's a good friend that I've known for a while, and I knew it wouldn't take to long to create this, so I decided to help him. Which lead to an interesting find, and sorta made my night.
It wasn't really difficult, got it done within an hour, took some time to test and fix any bugs with his SQL database. But this is where it get's interesting, at least for me. He had roughly a few hundred people that did beta testing of the server, anyways, once the new backend was hooked in and working, I realized that the other developer he works with had created a 'custom' script to make sure there are no leaks of the database. Well, that 'custom' script actually begins wiping rows/tables (Depends on the sub-table, some get wiped row by row, some just get completely dropped), I just couldn't comprehend what had happened, as rows/tables just slowly started disappearing. It took me a while of checking, before checking his SQL query logs (At least the custom script did that properly and logged every query), to realize it just basically wiped the database.
Welp, after that, it began to restrict the API I was using, and due to this it identified the server as foreign access (Since it wasn't using the same key as his plugin, even though I had an API key created just so it could only access ranks and such, to prevent abuse) and begin responding not with denied, but with a lovely "Fuck you hacker!" This really made my night, I don't know why, but I was genuinely laughing pretty hard at this response.
God, I love his developer. Luckily, I had created a backup earlier, so I patched it and just worked around the plugin/API to get it working. (Hopefully, it's not a clusterfuck to read, writing this at 2 am with less than an hour of sleep, bedtime! Goodnight everyone.)7 -
We had 1 Android app to be developed for charity org for data collection for ground water level increase competition among villages.
Initial scope was very small & feasible. Around 10 forms with 3-4 fields in each to be developed in 2 months (1 for dev, 1 for testing). There was a prod version which had similar forms with no validations etc.
We had received prod source, which was total junk. No KT was given.
In existing source, spelling mistakes were there in the era of spell/grammar checking tools.
There were rural names of classes, variables in regional language in English letters & that regional language is somewhat known to some developers but even they don't know those rural names' meanings. This costed us at great length in visualizing data flow between entities. Even Google translate wasn't reliable for this language due to low Internet penetration in that language region.
OOP wasn't followed, so at 10 places exact same code exists. If error or bug needed to be fixed it had to be fixed at all those 10 places.
No foreign key relationships was there in database while actually there were logical relations among different entites.
No created, updated timestamps in records at app side to have audit trail.
Small part of that existing source was quite good with Fragments, MVP etc. while other part was ancient Activities with business logic.
We have to support Android 4.0 to 9.0 of many screen sizes & resolutions without any target devices issued to us by the client.
Then Corona lockdown happened & during that suddenly client side professionals became over efficient.
Client started adding requirements like very complex validation which has inter-entity dependencies. Then they started filing bugs from prod version on us.
Let's come to the developers' expertise,
2 developers with 8+ years of experience & they're not knowing how to resolve conflicts in git merge which were created by them only due to not following git best practice for coding like only appending new implementation in existing classes for easy auto merge etc.
They are thinking like handling click events is called development.
They don't want to think about OOP, well structured code. They don't want to re-use code mostly & when they copy paste, they think it's called re-use.
They wanted to follow old school Java development in memory scarce Android app life cycle in end user phone. They don't understand memory leaks, even though it's pin pointed by memory leak detection tools (Leak canary etc.).
Now 3.5 months are over, that competition was called off for this year due to Corona & development is still ongoing.
We are nowhere close to completion even for initial internal QA round.
On top of this, nothing is billable so it's like financial suicide.
Remember whatever said here is only 10% of what is faced.
- An Engineering lead in a half billion dollar company.4 -
Working hard to meet crazy deadline to finish last update before new product announcement to make it look better. Our CEO blabs about new top secret product at some conference throwing away all marketing efforts up to date and putting marketing team into panic mode. Result? They moved the announcement date without discussing it with development. Result? Our efforts and overtimes wasted and we are announcing product before it is ready. End result? I'm pissed so I wrote angry e-mail to our CEO. Wondering what will happen now :-) But with unfinished announced product and crazy deadlines they need me a lot more than I need them.
-
I'm getting beat up pretty bad by Rust. I like it so far but man is it hard. Imposter-syndrome is almost making me lose motivation. Almost, but I won't quit, one day I'll get there.
I think the primary reason I think I'm having such a hard time is that I'm trying to learn stuff that prevents me from making some mistakes that I have never run into. I know a bit of the theory but no hand's on experience on double-free errors, memory leaks and weird low-level stuff. I read the documentation, mostly understand what stuff is for but when I go write code I'm just like "now what?". I don't have enough experience to know when and where to use some concepts and I'm super lost. I don't know where to start and the feeling of being completely overwhelmed by all sorts of new stuff is at the same time exciting and frightening.
I have never, as a programmer, thought something was hard. All of my past knowledge required dedication, work and patience, but I wouldn't say I ever felt something was *hard*. But Rust... damn. Rust is hard.
Hopefully at the end of this super steep learning curve I'll know a lot more stuff and have stronger "dev powers" and be one step closer to being as knowledgeable as some of you guys around here to whom I look up to.2 -
How is it a thing that developing a desktop app nowadays requires an enormous amount of RAM? I stared working on an electron project and the whole thing takes up 3-4 GB of RAM when running, and that does not factor in my IDE or anything else.
But the packaged app does not go over 400mb, although we have had memory leaks in the past10 -
<opinion>
You may be a prod ninja but I believe that every dev should have a decent level of exposure with a low level language(s). Sure you can make an HTTP server, do a sentimental analysis, topic modeling, set up multinode clusters, write ORM queries from dbs and all sorts of awesome stuffs with Python/Ruby/PHP/JS/GO etc but none of them teaches you what happens at kernel level. Things like memory leaks, threading, multiprocessing, memory allocations etc can only be better learnt from a low level language.
</opinion>
P.S. Not a C/C++ fanboy. I'm a python dev 😄5 -
1. It's gonna be more and more specialized - to the point where we'll equal or even outdo the medical profession. Even today, you can put 100 techs/devs into a room and not find two doing the same job - that number will rise with the advent of even more new fields, languages and frameworks.
2. As most end users enjoy ignoring all security instructions, software and hardware will be locked down. This will be the disadvantage of developers, makers and hackers equally. The importance of social engineering means the platform development will focus on protecting the users from themselves, locking out legitimate tinkerers in the process.
3. With the EU getting into the backdoor game with eTLS (only 20 years after everyone else realized it's shit), informational security will reach an all-time low as criminals exploit the vulnerabilities that the standard will certainly have.
4. While good old-fashioned police work still applies to the internet, people will accept more and more mass surveillance as the voices of reason will be silenced. Devs will probably hear more and more about implementing these or joining the resistance.
5. We'll see major leaks, both as a consequence of mass-surveillance (done incompetently and thus, insecurely) and as activist retaliation.
6. As the political correctness morons continue invading our communities and projects, productivity will drop. A small group of more assertive devs will form - not pretty or presentable, but they - we - get shit done for the rest.
7. With IT becoming more and more public, pseudo-knowledge, FUD and sales bullshit will take over and, much like we're already seeing it in the financial sector, drown out any attempt of useful education. There will be a new silver-bullet, it will be useless. Like the rest. Stick to brass (as in IDS/IPS, Firewall, AV, Education), less expensive and more effective.
8. With the internet becoming a part of the real life without most people realizing it and/or acting accordingly, security issues will have more financial damages and potentially lethal consequences. We've already seen insulin pumps being hacked remotely and pacemakers' firmware being replaced without proper authentication. This will reach other areas.
9. After marijuana is legalized, dev productivity will either plummet or skyrocket. Or be entirely unaffected. Who cares, I'll roll the next one.
10. There will be new JS frameworks. The world will turn, it will rain.1 -
A little background on project fubar:
Project fubar was started a couple of years ago, by an entirely different set of devs, against an entirely different set of requirements which were never made transparent to this day, on a new platform and framework.
That means it had APIs either outdated or deprecated, front-end logic that did things it wasn't supposed to be doing and lots of scope creep and technical debt.
I had to support and fix fubar for the last few months to prime it for UAT. It was the equivalent of plugging leaks which created more leaks.
Finally, I couldn't take it and asked for a week off. I timed it so it would be right after what would have been the final UAT deployment and I'd be back after they completed their test rounds, so I could fix any new or returning defects.
Today I just found out that fubar got put on hold, that UAT was a failure and all fubar-related work had to stop. I have some mixed feelings on this: I worked hard to get fubar working as business wanted, and I was proud of that. But I also didn't like that fubar was constantly changing in scope and function.
I wonder if anyone else has ever felt the same thing?2 -
Java was made to be easy, but leaks features even c++ has.
Type inference
Java: was is that.
C++: auto, easy18 -
FredBoat, largest open source discord bot.
Making all the things work + making it scale when demand kept climbing was a challenge where we had to learn simple stuff like postgres, working with 3rd party apis, generally good coding patterns and maintainable code, but also rather advanced stuff like making the garbage collector play nice, profiling memory leaks and optimizing the hot path, as well as high level topics like cutting the codebase into scalable domains and services. -
I remember when doing some privacy cleanup, looking at the third-party list of a website and visiting the sites behind them. I ended up one time on Crazy Egg.
3 months later, I got an email if I wouldn't want to use their services.
They did have my email.
From where? (the answer is obviously from the sites they track)
But I mean, who cares about your email when they have your f****** passport
-->
https://medium.freecodecamp.org/pri...
This world is getting to crazy, I thought this would be the maximum. Of course...
Next headline:
https://telegraph.co.uk/news/2018/...
I think tracking is a more serious problem, than I imagined (and I do already try to reduce data)
Oh yeah and btw I just noticed an iOS app could silently use my mobile data (was deactivated for the app) to display ads. Silently. I hope this was a bug. But I don't think so. -
gta5 source code leaked
const char* testActionTreeName[] =
{
"ActionTree/Fuck",
"ActionTree/FuckYou",
"ActionTre",
"ActionTre/Fuck",
"ActionTree/Fuck/you/in/the/ass",
};2 -
I'm trying to investigate why chrome keeps crashing after i implemented web sockets to a web app.
I used windows perfmon to see the memory usage over night.
The usage between 17:30 and 01:50 is expected behaviour as this part of the app is a live data graph of the last 48 hours.
Now i have to find out why the app doubles in memory twice in a hour.2 -
after aprox ~1 year of using ubuntu with gnome and countless UI inconsistencies (and not to mention memory leaks left and right) I finally gave up and successfully managed to hackintosh my work laptop ... here's another reason why :(2
-
I can work with Angular, even though it's pain in the but.
My current Angular job is actually the job with the first manager that had decent human values and ethics, I like my team, and yeah, what we building is shit. But it's only 30% shit because of Angular, another 30% are due to SAFe, and the rest is the usual stuff.
Still enjoy my job and respect my team.
But please do not expect me to pretend Angular is on a comparable level to React. Angular hasn't brought any actual innovation in most major versions but releases those breaking major updates still at least twice a year.
Ivy might be awesome, but only because Angular told the world 3 years ago also to have Ivy compatible compile targets for their libs/packages doesn't mean everybody cared.
And the ngcc, the awesome compatibility compiler, mutates node modules in place. So ne parallel stuff, no using yarn2 or pnpm.
At the same time, React brought so many innovations into the frontend world but is basically backwards compatible.
Not sure how the Angular partial compilation and whatever needs to go on works, but it seems like there's hardly anyone that really knows, so you can't use Vite or whatever other new tool.
And sure, if you're really good, you can write Angular without producing memory leaks.
But it's really hard. Do you know what's also quite hard: Producing memory leaks with React!
And for sure, Angular Universal, which isn't used by anyone, it feels like, will still be on a comparable level to an open source product that's used all over the world, builds the basis for an open source company, and is improved by thousand of issues day by day.
And sure, two kinds of change detection are a great idea. And yeah, pretending Angular comes with all included makes it worth it that the API is fucking huge and you're better of knowing nothing, because you have to read up things, than knowing quite a lot, since making assumptions and believing apis work in a similar way and follow similar contentions...
Whatever... I work with it. Like the time. Like the company, even my poss. But please don't expect my lying to you this was a good idea, or Angular is even remotely the same level of React.15 -
c++ has a little bit of a learning curve, I think.
Used smart pointers everywhere in my code because I heard that's what we gotta do nowadays.
When learning about shared vs unique vs weak, I disregarded weak pointers because I didn't really understand them.
"That sounds like something for liberal pansies", I said to myself, then continued on with my STRONG shared and unique pointers.
Now my app leaks memory like a MOTHERFUCKER, if you can believe that.
So now I need to go back and manage my object lifetime with more intent instead of just making everything a shared pointer. Fuckin circular references. Fuckin reaping what I fuckin sow. God damn.9 -
Wow WTF!
So for a new client, they have their domain on a registrar that has the most ugliest and confusing UI ever.
So I decided to transfer the domain to somewhere better.
Guess what, it takes 5 days for them to release the domain. The site would be down and I won't be able to proceed with my work until transfer is complete.
In hopes to speed up the process, I tried to create a ticket. There is no ticket system and their only available contact email listed is sales@shittiestdomainregistarever.com
I mailed them yesterday evening hoping for a reply.
Few hrs ago, I received a bunch of automated email on some ticket I never created.
The biggest WTF is that the To: on that email is some other customer's gmail address and I am CC'd along with a bunch of other customers gmail and hotmail addresses.
Seriously, WTF is this?! I'm glad I took the decision to move from them19 -
Me: there are a lot of memory leaks in my application i should do something
Inner me : teacher does know that, submit the project1 -
I feel sad to say this but...
I'm hyped for the pixel 4, currently rocking my 6th pixel 2 XL (fuck these screens and camera units) and the pixel 3 was just all levels of no from the notch, incremental upgrade status and just a phone following the trends.
Looking at the leaks and official confirmations of the pixel 4 actually have me keen for photography (I do prefer a DLSR or straight up film unit but a good in the moment camera is amazing), performance and lack of notch just have me keen...
Forgive me father for I have sinned4 -
I don’t think anyone was nearly as happy as I was to find out Twitch’s source code got leaked and that they use GO.
Makes me glad to see Go used by another big company for a big application like twitch where performance is really important.13 -
Yesterday a colleague was debugging some piece of typescript code for memory leaks as chrome and firefox were hanging at a certain page.
Her real brainfuck was that everything seemed to be working fine with edge. Microsoft, somehow, finds a way to fuck with developers. -
In reply to:
https://devrant.com/rants/3957914/...
Okay, we must first establish common ground here. What do we understand about "showing"? I understand you probably mean displaying/rendering, more abstractly: "obtaining". Good, now we move on.
What's the point of a front-end? Well, in the 90's that used to be an easy answer: to share information (not even in a user-friendly way, per se). Web 2.0 comes, interaction with the website. Uh-oh, suddenly we have to start minding the user. Web 3.0 comes, ouch, now the front-end is a mini-backend. Even tougher, more leaks etc. The ARPAnet was a solution, a front-end that they had built in order to facilitate research document-sharing between universities. Later, it became the inter(national) net(work).
First there was SGML to structure the data (it's a way of making it 'pretty' in a lexicographical way) and turn it into information (which is what information is: data with added semantics) and later there was HTML to structure it even further, yet we all know that its function was not prettification, but rather structure. Later came CSS, to make it pretty. With its growing popularity, the web started to be used as a publishing device.
source:
https://w3.org/Style/CSS20/...
If we are to solely display JSON data in a pretty way, we may be limiting ourselves to the scenario of rendering pretty web pages using aesthetic languages such as CSS. We must also understand that if we are only focusing on making a website pretty with little to moderate functionality, we aren't really winning. A good website has to be a winner in all aspects, which is why frameworks came into existence, but.. lmao, let's leave that to another discussion.
Now let me recall back my college days.. front-end.. front-end.. heck, even a headset can be a front-end to a pick-order backend. We must think back to the essence, to the abstract. All other things are just implementations of it (yes, the horrendous thousands of Javascript libraries, lol).
So, my college notes say:
"Presentation layer: this is the UI.
In this layer you ask the middle tier for information, which gets that information from a database, which then goes back to middle tier, back to presentation. In the case of the headset, the operators can confirm an order is ready. This is essentially the presentation tier again: you're getting information from the middle tier and 'presenting it' as it were.
The presentation layer is in essence the question: how do I bring my application data to my end users in a platform-and solution-independent way?"
What's JSON? A way to transport data between the middle tier and the presentation tier. Is that what frontend development is? Displaying it in a pretty way? I don't think it is, because 'pretty' is an extra feature of obtaining and displaying data. Do we always have to display data in a pretty way? Not necessarily. We could write a front-end script (in NodeJS perhaps) that periodically fetches certain information from a middle-tier is serves a more functional role rather than a rendering one.
The prettification of data was a historical consequence of the popularity of the web (which is a front-end) (see second paragraph with link). Since the essence of a front-end is to obtain information from the back-end (with stress on obtaining), its presentation is not necessarily a defining characteristic of it, but rather an optional and solution-dependent aspect, a facet.4 -
https://devrant.com/rants/2366822/...
following rant I started oppening my files to build copy of have i been pwned service why twitter kept their passwords in plain text lol
...
people actually got 123456 passwords looking for my email in twitter database file1 -
You know something's truly off when you're being challenged for all the wrong reasons. When all it seems you ever do is apply a band-aid every time instead of making the time to fix it properly and for good. Or when the people who should be making your work easier to do instead suggest new tools and features to integrate into your workflow or project because they plug the holes in their management process and can ignore the leaks for the time being.
I need to push myself out of this place and ramp up my skills and update my personal projects so I can prove myself capable and move on to a better employer. Because I'm starting to hate the stopgap short-term approach that keeps getting shoehorned into our work, and only proceeds to make us look bad even if it's the whims of our bosses causing it in the first place.
Thanks for reading. -
Actually kinda sad, that there is no pure rust ui framework out there, but rather mere adaptations of c/c++ frameworks for rust. It's better than nothing for sure, it just would be nice, if i could use a framework, that doesn't create a massive memory leak, because i looked at it funny.
In particular i'm using fltk-rs, and everytime I'm applying a font to some widget, 500kb get added as leaked memory. Doesn't sound like a lot, but for one it's a dynamically built application, so the order and amount of widgets changes, and this application is supposed to run days, if not weeks.
thanks to heaptrack i was able to pinpoint that to libpango, which i'm not even interacting with directly, but rather indirectly through the api.
Annoying, that i chose to use a language for actively preventing leaks and dangling pointers and stuff, but end up leaking memory because of a dependency somewhere.7 -
Once again lost source of retoorscript. Wasn't that mad about it, there was some stuff that could've been better anyway.
I wrote a whole new interpreter in 48 hours or so.
It supports user defined functions and native functions that you can add to the VM yourself.
I did spend extra effort to make it faster than python. Who says python is slow never wrote a language.
It has garbage collection and it doesn't contain leaks.
Sad thing is that I have to write the string manipulation functions again. That's a lot of effort.
In the screenshot, obj is not existing, this is how you declare vars, just using it. Works directly as an object. It does keep all his properties if I would assign a value later to obj. Numbers can be property names for some reason.
It would be possible to write a webapplication with it. This requires a decent stdlib. A lot of work.
Other stuff that I'll still have to add:
- loops
- arrays
- if / else
The goal is to make the most easy understandable and easy to extend interpreter ever.
You can just do VM_register(vm, "name", ptr_to_your_function) to add any methods.
Ideas are very welcome17 -
Just had a meeting about performance and monitoring. The main topic of the meeting was to be aware of disk space usage. If there are issues with memory leaks or processor hogging don't worry those are fine, just give it more.1
-
I wonder if software companies leaks their cracked product to internet with viruses to remove users' desire for using their products for free 🤔3
-
Today I felt like the grinch explaining to my team that you can have memory leaks in a garbage collected language if they keep leaving live references.
-
At first i was told to go to college BY PEOPLE WITH NO COLLEGE because i wouldnt be able to find a job without degree
Like a sucker i fell for it and believed in those LIES so i sacrificed my life for school
Then later i found out PEOPLE WHO FINISHED COLLEGE told me i just need knowledge in order to be hired, and turns out degree is unimportant
Like a sucker i fell for it and believed in those LIES so i studied and worked on practical projects and gained knowledge
Now when I try to get hired, they admitted that i am able to complete complex projects and i know how to solve the problems even if i see them for the first time. But they rejected me because "im not sure why the car leaks oil".
I have to understand and know what the whole framework is doing under the hood, how everything works, how dependency injection works under the hood, SOLID principles under the hood, decorators how they work under the hood etc.
So now it turns out
- sacrificing life for school is not enough
- sacrificing life for degree is not enough
- sacrificing life for learning and gaining knowledge is not enough
- now the new trend is i have to know not only how to drive a car like a professional formula F1 driver, i also have to be a mechanic and know how to fix the car if it breaks.
MATRIX IS A BIG FAT BULLSHIT AND A LIE.
I feel like they're looking for a senior developer knowledge to pay him junior developer salary
WTF IS THIS BULLSHIT?
I sacrificed 10 days of my life for their bullshit to build this project from scratch as a technical interview. They never said congrats on all the parts that were built right, but only complained about the small portion of bugs i didnt have time to fix.
ALL OF THIS FOR A SALARY OF $1500/MONTH THAT I ASKED. THATS LESS THAN 20,000$ A YEAR. THEY EITHER GAVE ME AN OPTION TO WORK FOR WAY LESS (500-600$/month) OR CALL THEM BACK IN A FEW MONTHS.
I JUST FINISHED COLLEGE AND THEY EXPECT ME TO HAVE 20 YEARS OF SENIOR DEVELOPER EXPERIENCE.
WTF IS THIS SLAVERY BULLSHIT?
HAVING A 500$/MONTH AS ENGINEERING SALARY WITH A DEGREE IS BELITTLING OF THIS JOB.
NO I DONT LIVE IN INDIA I LIVE IN SERBIA. MY DOG IS SICK AND IT COSTS 100$ A DAY JUST FOR HIS TREATMENT. HOW AM I SUPPOSED TO SURVIVE WITH A SLAVE SALARY IN THIS ECONOMIC CRISIS.
I DON'T UNDERSTAND2 -
Linux.
Guys, I need some inspiration. How are you dealing with memory leaks, i. .e identifying which component of the system is leaking memory?
Regular method of dumping ps aux sorted by virtual memory usage is not working as all the processes are using the same amount of memory all the time. This is XEN dom0 memory leak, and I have no more ideas what to do.
Is it possible that guests could be eating the dom0 memory?15 -
As a long time Ubuntu user, last month I upgraded from Xenial to Bionic to try the new Gnome based desktop.
At first I thought it was a good transition, everything was working fine, beautiful UI, nice animations, so I installed all my tools and started the real work... then the problems started. The memory usage was always very high and only getting higher, the animations were stuttering and laggy, and it was having an unrecoverable freeze at least twice a week. Searching the web I was seeing more and more people complaining about freezes, lags, bugs, memory leaks, password input field bugs... damn, how I missed Unity! That was it, Gnome Shell made me miss Unity more and more.
This week I installed Unity 7 and purged Gnome Shell from Bionic. Now I'm happy again!
It's so good to be free of the anxiety caused by the lack of stability of the system, so good to know that the system will not break or freeze if I'm doing a resource intensive task. Now he sh** is working fast and stable, and I'm here wondering why such a good DE could be dumped for something so buggy like Gnome.1 -
A small request (This is a rant in my mind, formed such as to not let anymore people be affected by this shit that corporations are doing.)
TL;DR: please please please visit https://voice.mozilla.org/en. They are the good people.
Amidst leaks of your personal activities' voice recordings for improvement of their voice recognition and generation software,
Why not donate some of your free time for the improvement of Mozilla's software by speaking and verifying non personal audios at https://voice.mozilla.org/en
Do visit. That's for benefit of the society we live in -
Taught me just because something looks right it doesn't mean it is right. Ex: memory leaks, connection strings, 32 length passwords, and good looking women. Oh wait that last one could be a rant by itself cause you can't find a good looking woman that isn't crazy and won't wake you up if you do manage to get to bed1
-
Currently having very funny project lead, who gives on the spot estimates for 9 years old very pathetic quality code having Android app in security domain. Memory leaks, bad practices, typos, CVEs etc. you name it we have it in our source of the app.
Since 5-6 sprints of our project, almost 50% of user stories were incomplete due to under estimations.
Basically everyone in management were almost sleeping since last 7-8 years about code quality & now suddenly when new Dev & QA team is here they wanted us to fix everything ASAP.
Most humourous thing is product owner is aware about importance of unit test cases, but don't want to allocate user stories for that at the time of sprint planning as code is almost freezed according to him for current release.
Actually, since last release he had done the same thing for each sprint, around 18 months were passed still he hadn't spared single day for unit testing.
Recently app crash issue was found in version upgrade scenario as QAs were much tired by testing hundreds of basic trivial test cases manually & server side testing too, so they can't do actual needful testing & which is tougher to automate for Dev.
Recently when team's old Macbook Pros got expired higher management has allocated Intel Mac minis by saying that few people of organization are misusing Macbooks. So for just few people everyone has to suffer now as there is no flexibility in frequent changing between WFH & WFO. 1 out of those Mac minis faced overheating & in repair since 6 months.
Out of 4 Devs & 3 QAs, all 3 QAs & 2 Devs had left gradually.
I think it's time to say goodbye 😔3 -
https://devrant.com/rants/1936381/...
Another day, another comment that just wont fucking post.
On Camping:
Rain IS camping weather.
All miserable weather is camping weather.
The function of camping is to remind you how great it is that you get to go home when you're done, and sleep in a warm, dry, comfy bed and not a canvas roof that leaks in the wrong place in a poorly insulated napsack on uneven ground while sleeping with thin canvas walls, on the ground, like a living human size lump of jerky for a hungry bear to wander by and gobble up.
Also waking up in the morning after being cold and miserable is amazing, because your body forcibly readjusts it's expectation of 'comfortable' just to fall asleep, and you just want to go back to bed instead of going into the cold and being awake where you have to experience the cramp in your neck you had from trying to get to sleep in an awkward attempt to get comfortable.
And after that, you cook bacon on the fire and drink black coffee, and feel like KING of the homeless people. King for a day.
And then you go home and THANK SWEET MARY'S TITTIES you do.3 -
I think the Golang serialization API is utter garbage.
By convention it usually looks like this,
MarshalFormat() ([]byte,error)
UnmarshalFormat([]byte) error
This means that all serialization and deserialization is done on, heap allocated, in memory buffers ( technically also mmaped files, but thats not cross platform).
As the Go GC is ruthlessly optimized for minimum latency, this can potentially cause memory leaks in long running applications.
I think we need a new serialization API that looks more like
SerializeFormat(io.Writer) error
DeserializeFormat(io.Reader) error3 -
When a DevOps engineer finds a fault with memory leaks on the application/software that crashes services and management responds with "Lets Scale The Application".1
-
Side job - some consulting.
Second day of editing 70k one file, unmanageable javascript code to find memory leaks for some embedded device that is running on chromium embedded framework. Luckily there is chromium remote debugger for it so I can make snapshot and place some breakpoints.2 -
Feel dirty writing in c. How do people even deal with unsafe pointer type casting/memory allocation/free? The codebase is plagued with memory leaks and there is no test.
I will just pretend I can't read c code and play dumb when shit happens13 -
If you forgot how to excit a programm properly and dont want to google it, just let the app closj itself with memory leaks😈😈😈😈😈😈😈😈😈😈😈😈😈😈3
-
[CONCEITED RANT]
I'm frustrated than I'm better tha 99% programmers I ever worked with.
Yes, it might sound so conceited.
I Work mainly with C#/.NET Ecosystem as fullstack dev (so also sql, backend, frontend etc), but I'm also forced to use that abhorrent horror that is js and angular.
I write readable code, I write easy code that works and rarely, RARELY causes any problem, The only fancy stuff I do is using new language features that come up with new C# versions, that in latest version were mostly syntactic sugar to make code shorter/more readable/easier.
People I have ever worked with (lot of) mostly try to overdo, overengineer, overcomplicate code, subdivide into methods when not needed fragmenting code and putting tons of variables.
People only needed me to explain my code when the codebase was huge (200K+ lines mostly written by me) of big so they don't have to spend hours to understand what's going on, or, if the customer requested a new technology to explain such new technology so they don't have to study it (which is perfectly understandable). (for example it happened that I was forced to use Devexpress package because they wanted to port a huge application from .NET 4.5 to .NET 8 and rewriting the whole devexpress logic had a HUGE impact on costs so I explained thoroughly and supported during developement because they didn't knew devexpress).
I don't write genius code or clevel tricks and patterns. My code works, doesn't create memory leaks or slowness and mostly works when doing unit tests at first run. Of course I also put bugs and everything, but that's part of the process.
THe point is that other people makes unreadable code, and when they pass code around you hear rising chaos, people cursing "WTF this even means, why he put that here, what the heck this is even supposed to do", you got the drill. And this happens when I read everyone code too.
But it doesn't happens the opposite. My code is often readable because I do code triple backflips only on personal projects because I don't have to explain anyone and I can learn new things and new coding styles.
Instead, people want to impress at work, and this results in unintelligible, chaotic code, full of bugs and that people can't read. They want to mix in the coolest technologies because they feel their virtual penis growing to showoff that they are latest bleeding edge technology experts and all.
They want to experiment on business code at the expense of all the other poor devils who will have to manage it.
Heck, I even worked with a few Microsoft MVPs.
Those are deadly. They're superfast code throughput people that combine lot of stuff.
THen they leave at you the problems once they leave.
This MVP guy on a big project for paperworks digital acquisiton for a big company did this huge project I got called to work in, which consited in a backend and a frontend web portal, and pushed at all costs to put in the middle another CDN web project and another Identity Server project to both do Caching with the cdn "to make it faster" and identity server for SSO (Single sign on).
We had to deal with gruesome work to deal with browser poor caching management and when he left, the SSO server started to loop after authentication at random intervals and I had to solve that stuff he put in with days of debugging that nasty stuff he did.
People definitely can't code, except me.
They have this "first of the class syndrome" which goes to the extent that their skill allows them to and try to do code backflips when they can't even do code pushups, to put them in a physical exercise parallelism.
And most people is like this. They will deny and won't admit, they believe they're good at it, but in reality they aren't.
There is some genius out there that does revoluitionary code and maybe needs to do horrible code to do amazing stuff, and that's ok. And there is also few people like me, with which you can work and produce great stuff.
I found one colleague like this and we had a $800.000 (yes, 800k) project in .NET Technology, which consisted in the renewal of 56 webservices and 3 web portals and 2 Winforms applications for our country main railway transport system. We worked in 2 on it, with a PM from the railway company.
It was estimated 14 months of work and we took 11 and all was working wonders. We had ton of fun doing it because also their PM was a cool guy and we did an awesome project and codebase was a jewel. The difficult thing you couldn't grasp if you read the code is if you don't know how railway systems work and that's the only difficult thing.
Sight, there people is macking me sick of this job11 -
I was recently reading about memory leaks and profiling and found a really excellent article for people new to c# or best practices. It's a great article and well worth the read if you're still learning.
https://michaelscodingspot.com/find...6 -
Freelancers, how many hours would you charge your client per small projects?
Situation is that I am leaving country but will still work as a freelancer android dev in my company at hourly rate 27EUR/hour.
Now from experience I already feel that most specifications of tasks/ux-ui sketches will be not clear/vague. Also there is a question of overall app architecture, prevention from crashes, memory leaks and etc.
Basically they will give me some spec and I will have to evaluate how long it will take to do it. I never worked as a freelancer so I need some advice on how to deal with problems like this. If I guess that something might take 5 working days to be done (40h) should I charge for 60h and etc.?6 -
First version of the devRant-Webhooks Front-End is up!
You can access it here: https://devrant-webhooks.clan.rip/
Would be nice if some of you could test it out, look for security leaks and generally give feedback!
Next Part is the actual core of devRant-Webhooks, which listens to events and executes the webhooks.
Greetings!14 -
everything is going as planned! :)
Learned Rust Lang. i loved it (that doesn't mean i am done learning na? No! never stop)
new language i could do game memory hacking in without worrying about C++ memory leaks or issues. it also compiles to assembly! another of my favorite languages!
(i use rust for game development and other stuff)
i am not leaving C / C++ though that would be harsh!,
i abandoned javascript for react and typescript.
to be honest the developer just made javascript and left us with a [object Object]
finished learning the android java api so im basically set anything i want to make i can just go on my pc, listen to music and write it out in a couple of days.
well phazor what are you going to do now?!
i will code till i am old.
i will leave my mark like a shid that made its skid in the bowl :)5 -
A prayer from a colleague:
Our silicone god which art in the SSD
Italic be thy name
Thy computing come
Thy bus be done
On the screen
As it is on the hdd
Give us this day our daily blue screen
And forgive us our keystrokes, as we
forgive our keyboards.
And lead us not into restarts, but
deliver us from memory leaks: For thine is the
memory, and the cpu, and the
bus, for ever. Amen
Beautiful is it not :) -
So it turns out Moq (.NET mocking library) is leaking developers info via Git and gets in the way of builds with SponsorLink warnings.
Not only this is a GDPR violation but also a shit move from the dev (kzu).
I wasn't aware of that until a colleague found
https://reddit.com/r/dotnet/... and went through some of the GH issues.5 -
Hi Everyone,
I am working as a jr front end developer and wanted to study more about performance profiling in Chrome and finding memory leaks using Dev tools. I searched online for a while and not able to find a nice place to start with, can anyone help me out with a resource from where I can start the debugging performance using Chrome Dev tools.
It would be very helpful. -
GLFW is the cleanest, well documented, most convinient API for creating and handling windows in Linux and Windows I've ever used.
The only thing that bugs me is that valgrind detects memory leaks on it.4 -
Started developing an interest in programming after creating warcraft 3 maps using the world editor. I still remember those days where I used the gui trigger editor, where I don't even know the difference between local and global variables, preventing memory leaks by using leak check and etc. Creating new skills using triggers was so exciting. Then I discovered JASS, but I didn't really learn or use much about it. Now I'm working in Unity3D and it is awesome!2
-
Spent the day figuring out how to maintain injected dependencies in scope when they're requested asynchronously later in the pipeline and then be able to clean it up later without having any lifecycle hooks to use.
Seriously considered switching DI frameworks before I just added an event when it's OK to dispose of the scope and I think it's finally working (without the memory leaks it had before).
Who else has to try something every possible way before you can be satisfied? -
Recently joined new Android app (product) based project & got source code of existing prod app version.
Product source code must be easy to understand so that it could be supported for long term. In contrast to that, existing source structure is much difficult to understand.
Package structure is flat only 3 packages ui, service, utils. No module based grouped classes.
No memory release is done. So on each screen launch new memory leaks keep going on & on.
Too much duplication of code. Some lazy developer in the past had not even made wrappers to avoid direct usage of core classes like Shared Preference etc. So at each place same 4-5 lines were written.
Too much if-else ladders (4-5 blocks) & unnecessary repetitions of outer if condition in inner if condition. It looks like the owner of this nested if block implementation has trust issues, like that person thought computer 'forgets' about outer if when inside inner if.
Too much misuse of broadcast receiver to track activities' state in the era of activity, apપ life cycle related Android library.
Sometimes I think why people waste soooo... much efforts in the wrong direction & why can't just use library?!!
These things are found without even deep diving into the code, I don't know how much horrific things may come out of the closet.
This same app is being used by many companies in many different fields like banking, finance, insurance, govt. agencies etc.
Sometimes I surprise how this source passed review & reached the production. -
debian:jessie has lot many old libraries that cause memory leaks, which gets solved in future releases of these libraries. Yet, debian fails to accommodate these new releases. They do this to make jessie 'stable' they say. I am quite curious if these instabilities faced is what they call stability. Example: glib
-
So I'm working on this little personal project (also as a way to keep my "skills" sharpened for the coming semester), that first started as a workaround to do this other thing, and I wanted to develop it and make it a full fledged thing, with a GUI (or something that resembles it, I don't know how to make GUIs yet, and IDK why is it a 3rd grade thing) and all instead of existing just in the IDE's terminal. When it was on the workaround stage it was just this ugly monster, with only 2 things one could do, but it worked. Now I'm going for a more polished thing and it's starting to break on me, and in places I didn't expect it to LoL
It's like I'm on a boat and I'm getting leaks from everywhere. Arr gotta get me a bucket and save me boat from sinking -
Roofing, ugh, what a headache! Dealing with the weather's rollercoaster, finding reliable contractors, and the sky-high costs – it's a nightmare. And the noise during repairs? Torture. Don't even start on leaks – they turn ceilings into waterfalls. The never-ending maintenance? Like having a clingy pet that empties your pockets. Roofing's a world of frustration – from unpredictable weather to relentless expenses – enough to make you want to live in a leak-free tent!7
-
Alright so I have been trudging around in javascript land for a bit and one thing kind of bothers me (correct me if I am wrong I would love to be wrong on this). It seems like a lot of javascript, or at least frameworks, leave a lot of possibility for memory leaks. Like you can create an anonymous object with a method that just kind of hangs out and acts with no way to retrieve it and turn it off. Am I wrong here? Please tell me I am wrong. And for the record I know I can assign anonymous objects to variables in various ways, but I am not forced to.4
-
Lesson learned .. never use sailsjs
Magic data loss
Laggy as fuck (832ms)... php5 runs better than this(210ms)
memory leaks -
Here's my latest and greatest(ish) post:
How to overcome GDPR ... with data leaks.
https://loosy.gitlab.io/2019/10/...5 -
Look, C++, I love you and all, but I don't want to reboot my computer every time I mess something up.1
-
Spend like 3 weeks in mem-checking with valgrind and ASAN, because there seemed to be some leaks. So painful and scary. You loose all confidence in your software, the checking tool, your own sanity.
Some spurious result prevailed, could only move it around. Boss could not reproduce the problem on his machine; Ubuntu 18 with GCC 7, mine was Debian 9 with GCC 6, so I tried older Ubuntu with GCC 5. Also no problem.
Fuck it, I'm switching to clang.