3 rants for the price of 1, isn't that a great deal!

1. HP, you braindead fucking morons!!!

So recently I disassembled this HP laptop of mine to unfuck it at the hardware level. Some issues with the hinge that I had to solve. So I had to disassemble not only the bottom of the laptop but also the display panel itself. Turns out that HP - being the certified enganeers they are - made the following fuckups, with probably many more that I didn't even notice yet.

- They used fucking glue to ensure that the bottom of the display frame stays connected to the panel. Cheap solution to what should've been "MAKE A FUCKING DECENT FRAME?!" but a royal pain in the ass to disassemble. Luckily I was careful and didn't damage the panel, but the chance of that happening was most certainly nonzero.
- They connected the ribbon cables for the keyboard in such a way that you have to reach all the way into the spacing between the keyboard and the motherboard to connect the bloody things. And some extra spacing on the ribbon cables to enable servicing with some room for actually connecting the bloody things easily.. as Carlos Mantos would say it - M-m-M, nonoNO!!!
- Oh and let's not forget an old flaw that I noticed ages ago in this turd. The CPU goes straight to 70°C during boot-up but turning on the fan.. again, M-m-M, nonoNO!!! Let's just get the bloody thing to overheat, freeze completely and force the user to power cycle the machine, right? That's gonna be a great way to make them satisfied, RIGHT?! NO MOTHERFUCKERS, AND I WILL DISCONNECT THE DATA LINES OF THIS FUCKING THING TO MAKE IT SPIN ALL THE TIME, AS IT SHOULD!!! Certified fucking braindead abominations of engineers!!!

Oh and not only that, this laptop is outperformed by a Raspberry Pi 3B in performance, thermals, price and product quality.. A FUCKING SINGLE BOARD COMPUTER!!! Isn't that a great joke. Someone here mentioned earlier that HP and Acer seem to have been competing for a long time to make the shittiest products possible, and boy they fucking do. If there's anything that makes both of those shitcompanies remarkable, that'd be it.

2. If I want to conduct a pentest, I don't want to have to relearn the bloody tool!

Recently I did a Burp Suite test to see how the devRant web app logs in, but due to my Burp Suite being the community edition, I couldn't save it. Fucking amazing, thanks PortSwigger! And I couldn't recreate the results anymore due to what I think is a change in the web app. But I'll get back to that later.

So I fired up bettercap (which works at lower network layers and can conduct ARP poisoning and DNS cache poisoning) with the intent to ARP poison my phone and get the results straight from the devRant Android app. I haven't used this tool since around 2017 due to the fact that I kinda lost interest in offensive security. When I fired it up again a few days ago in my PTbox (which is a VM somewhere else on the network) and today again in my newly recovered HP laptop, I noticed that both hosts now have an updated version of bettercap, in which the options completely changed. It's now got different command-line switches and some interactive mode. Needless to say, I have no idea how to use this bloody thing anymore and don't feel like learning it all over again for a single test. Maybe this is why users often dislike changes to the UI, and why some sysadmins refrain from updating their servers? When you have users of any kind, you should at all times honor their installations, give them time to change their individual configurations - tell them that they should! - in other words give them a grace time, and allow for backwards compatibility for as long as feasible.

3. devRant web app!!

As mentioned earlier I tried to scrape the web app's login flow with Burp Suite but every time that I try to log in with its proxy enabled, it doesn't open the login form but instead just makes a GET request to /feed/top/month?login=1 without ever allowing me to actually log in. This happens in both Chromium and Firefox, in Windows and Arch Linux. Clearly this is a change to the web app, and a very undesirable one. Especially considering that the login flow for the API isn't documented anywhere as far as I know.

So, can this update to the web app be rolled back, merged back to an older version of that login flow or can I at least know how I'm supposed to log in to this API in order to be able to start developing my own client?

TL;DR :

"when i die i want my group project members to lower me into my grave so they can let me down one last time"

STORY TIME

Last year in College, I had two simultaneous projects. Both were semester long projects. One was for a database class an another was for a software engineering class.

As you can guess, the focus of the projects was very different. Databases we made some desktop networked chat application with a user login system and what not in Java. SE we made an app store with an approval system and admin panels and ratings and reviews and all that jazz in Meteor.js.

The DB project we had 4 total people and one of them was someone we'll call Frank. Frank was also in my SE project group. Frank disappeared for several weeks. Not in class, didn't contact us, and at one point the professors didn't know much either. As soon as we noticed it would be an issue, we talked to the professors. Just keeping them in the loop will save you a lot of trouble down the road. I'm assuming there was some medical or family emergency because the professors were very understanding with him once he started coming back to class and they had a chance to talk.

Lesson 1: If you have that guy that doesn't show up or communicate, don't be a jerk to them and communicate with your professor. Also, don't stop trying to contact the rogue partner. Maybe they'll come around sometime.

It sucked to lose 25% of our team for a project, but Frank appreciated that we didn't totally ignore him and throw him under the bus to the point that the last day of class he came up to me and said, "hey, open your book bag and bring it next to mine." He then threw a LARGE bottle of booze in there as a thank you.

Lesson 2: Treat humans as humans. Things go wrong and understanding that will get you a lot farther with people than trying to make them feel terrible about something that may have been out of their control.

Our DB project went really well. We got an A, we demoed, it worked, it was cool. The biggest problem is I was the only person that had taken a networking class so I ended up doing a large portion of the work. I wish I had taken other people's skills into account when we were deciding on a project. Especially because the only requirement was that it needed to have a minimum of 5 tables and we had to use some SQL language (aka, we couldn't use no-SQL).

The SE project had Frank and a music major who wanted to minor in CS (and then 3 other regular CS students aside from me). This assignment was make an app store using any technology you want. But, you had to use agile sprints. So we had weekly meetings with the "customer" (the TA), who would change requirements on us to keep us on our toes and tell us what they wanted done as a priority for the next meeting. Seriously, just like real life. It was so much fun trying to stay ahead of that.

So we met up and tried to decided what to use. One kid said Java because we all had it for school. The big issue is trying to make a Java web app is a pain in the ass. Seriously, there are so many better things to use. Other teams decided to use Django because they all wanted to learn Python. I suggested why not use something with a nice package system to minimize duplicating work that had already been done and tested by someone. Kid 1 didn't like that because he said in the real world you have to make your own software and not use packages. Little did he know that I had worked in SE for a few years already and knew damn well that every good project has code from somewhere else that has already solved a problem you're facing. We went with Java the first week. It failed miserably. Nobody could get the server set up on their computers. Using VCS with it required you to keep the repo outside of the where you wrote code and copy and paste changes in there. It was just a huge flop so everyone else voted to change.

Lesson 3: Be flexible. Be open to learning new things. Don't be afraid to try something new. It'll make you a better developer in the long run.

So we ended up using Meteor. Why? We all figured we could pick up javascript super easy.Two of us already knew it. And the real time thing would make for some cool effects when an app got a approved or a comment was made. We got to work and the one kid was still pissed. I just checked the repo and the only thing he committed was fixing the spelling of on word in the readme.

We sat down one day and worked for 4 straight hours. We finished the whole project in that time. While other teams were figuring out how to layout their homepage, we had a working user system and admin page and everything. Our TA was trying to throw us for loops by asking for crazy things and we still came through. We had tests that ran along side the application as you used it. It was friggin cool.

Lesson 4: If possible, pick the right tool for the job. Not the tool you know. Everything in CS has a purpose. If you use it for its purpose, you will save days off of a project.

!dev

To anyone suffering from chronic pain, especially lower back pain: Don't get fooled by shitty doctors. And don't expect doctors to magically heal you. If you want to stop your suffering, you need to be proactive.

What? But my herniated disc from 10 years ago... bla bla bla. So what? It's not going to get better when your only exercise is putting on your socks. Chances are 99% that your spine has shit to do with your pain. Go to a proper chronic pain therapy instead of downing opiods and getting sick notes.

Note to self: Do your sports every day you lazy bastard. Eat healthy, sleep regularly, don't stress out over every damn thing and don't forget to fucking relax!

two days before I complained of lower back pain. raised a concern in office as its due to long sitting hours and got a chair today with great lumbar support. :)

Any thoughts on whether my alternative keyboard layout will lower my risk for wrist pain? I map each key to an Amazon dash button on each edge of a large bookshelf in my office. It's lots of exercise, and I'm almost back up to my old typing speed.

Any other IT company is like:

* Task -> Designer -> Markup coder -> Backend -> Finish

Our IT company:

Act I: "Art of setting up contact with idiots".
------
Items:
*Cave scripts (aka "typical task")

Designer: -- "DAFUQ?"
Customer: *gives another interpretation*
Designer: -- "Erm... really? White text on white background?"
Customer: -- "Make a decision by yourself. I was expecting much more independence from you. You are an expert after all."
Designer: -- "Well. I'm making decision by myself. The text will be placed *here* and will be gray-colored, because *bla-bla-bla*"
Customer: -- "I disagree."
Designer: *1 hour of silence later* -- "Well...k."

Act II: "Design meets ar(u)tist"
----

Items:
*Something, that was drawn by dumb kid while smashing his own head against desk. (PSD layout)
* Salt (to pour it on open wounds)

Designer: -- "I'm seeing this task *this way*"
Markup: -- "And how do u think i should get this done? Have you even seen what you made?? This is bullshit!"
Designer: -- "It's not bullshit! It's a sci-fi themed layout!"
Markup: -- "With gameplay elements and graphics from Alien Shooter??"
Designer: -- "Well, I don't care." *brings new edits and changes*
Markup: -- "????"
Designer: *smug face* -- "!!!"

Act III (7 days later, 9 hours till deadline): "Short story about boy, who was trying to hang himself, but instead fell out from window."
----

Items:
*Markup, smelling like it went through hell and back (x1)
* Markup coder with fried butt (x1)

Backend: -- "What. Is. THAT?"
Markup: -- "It's a work we should complete in 9 hours."
Backend: -- "WE?? I know u mean me, but that's a nightmare. What the f*ck were you doing all this time?"
Markup: -- "Well..." *finds out that he was only watching films and sleeping* "I was making this thing up..."
Backend: -- "You mean "f*cking" *this* thing "up"?"
Markup: -- "Not without it"

(*3 hours of edits and changes of color from white to white later*)
Backend: -- "Well, let's do this."
*Picks PHP and tries to bundle it up with MongoDB. After some time tries to rewrite everything to JS and starts shouting something like "F***CK" and looking for window to walk through. Figures out that he is on first floor. And that he is too lazy to go upstairs*

Act IV (3 days after deadline): "Pain and misery":
-----

Items:
*Something covered with insul(t)ating tape. (Final product)

Customer: -- "Really?"
Team: -- "Kinda."
Customer: -- "Well, thanks for your work anyway. It feels like it's going to disassemble right in my hands but it just works. Oh, also, you didnt made this in time, so your payment will be over9000 times lower. That's all"
Backend, on fluids: -- "Well...yeah..."
Markup: -- "Don't look at me like that. I really was doing my job."
Designer, with twitching eye: -- "Huh, I see. You worked so hard that we have nothing to eat now. Thanks for that."
Backend: ...

Does anyone have lower back pain after coding for a few hours? How did you fix it? What chair do you have? It's it a posture problem?

Best exercises for lower back pain?
Also, standing desk - do they prevent it?

When you love to code so much that you get chronic lower back pain 😞 What do you guys and gals do when you get back pain? What is the best way you have found to avoid it?

Any advice for chronic lower back pain from lifting heavy accident