First off I dont mind what OS you are using. This rant isnt about the OS but about hypocrisy for some of the users. Secondly Im sorry for typos, I typed it on my phone while waking up.

People are calling Windows spyware, so they are using Linux or MacOS. Even though I disagree with the term spyware I would be fine with that if you weren't a hypocrite.

How many of the people who use Linux and call windows spyware uses Google, Apple, Facebook or Twitter once in a while? I highly doubt you if you say you don't.

A few years back Ive tried to live without anything of google, this also meant blocking YouTube, their trackers an javascript libraries.
Not much of the internet still works if you block google servers.
Google is everywhere and always collects data.

Facebook and twitter also collects data about you. Everyone who has your number in their phone will share it with Whatsapp and google so they can build up a profile. Even if you dont block it.

What I am telling you is that its impossible to avoid being tracked by these companies (including MS).

Every company I mentioned here has a profile on you, if you want it or not.

So let's check which of these companies tries to follow European laws.
Google gets fine after fine but doesnt really try to avoid it.
It looks like Apple, MS, Facebook and Twitter are doing it better on this.

But if you check the European law every European citizen is allowed to request their complete profile collected by a company. And that means complete and not the public part you volunteered to give away.

So I tried it out.
Google didnt want to give it, apple didnt want to give it, Facebook didnt want to give it and Twitter doesnt want to give it.

The hypocrisy is becoming clesr with the following. I did get my complete profile from MS. It was a messy PDF file which crashed most PDF readers.
It contained a list of people I know and how I know them. It contained MS accounts I had in the past and my hobbies. (and quite a lot more)

So from these big companies MS is the only one following the European Law.

So yes they do collect data, but they are open in what they collect.

And Im not saying here that Microsoft is great just because they follow the law.

You can have your own opinion about this and do with it what you want. I just wanted to share some, maybe alternative, facts.

And again this isn't an OS rant or whatever. I dont mind what you do, but I do mind hypocrisy.

So, continuing the story, in reverse order, on the warship and its domain setup...
One day, the CO told me that we needed to set up a proper "network". Until now, the "network" was just an old Telcom switch, and an online HDD. No DHCP, no nothing. The computers dropped to the default 169.254.0.0/16 link local block of addresses, the HDD was open to all, cute stuff. I do some research and present to him a few options. To start things off, and to show them that a proper setup is better and more functional, I set up a linux server on one old PC.
The CO is reluctant to approve of the money needed (as I have written before, budget constraints in the military is the stuff of nightmares, people there expect proper setups with two toothpicks and a rubber band). So, I employ the very principles I learned from the holy book Bastard Operator From Hell: terrorizing with intimidating-looking things. I show him the linux server, green letters over black font, ngrep -x running (it spooks many people to be shown that). After some techno-babble I got approval for a proper rack server and new PCs. Then came the hard part: convincing him to ditch the old Telcom switch in favour of a new CISCO Catalyst one.
Three hours of non-stop barrage. Long papers of NATO specifications on security standards. Subliminal threats on security compromises. God, I never knew I would have to stoop so low. How little did I know that after that...
Came the horrors of user support.
Moral of the story: an old greek saying says "even a saint needs terrorizing". Keep that in mind.

Companies who geo block their sites for no fucking reason can go fuck themselves.

So a bunch of retarded pharmacies in India, geo block hits from anywhere outside of India.

A thousands of Indians are living abroad with their parents and family living in India.

Imagine, I have to order medicines for my parents since they are not very tech savvy and I cannot do that because some rotten brained guava thought that it's a good idea to geo block access.

What is the fucking point in doing so? There are many such companies, especially Indian who do so. I have keep toggling my VPN because of this.

I'm so tired of so many fucking articles about millennials this and millennials that. Like holy fuck millennial has to be the journalism equivalent of AI or block chain.

What's the point of using a framework if you don't use any of its features!? What the heck, I have to fix this damn web frontend that is so broken in many ways.

Instead of using an authentication middleware, every single view has the same block of code to check if a user is authenticated. Instead of templates, they used static HTML/JavaScript files and they passed data to pages through cookies.

The "REST" API is so messed up, nothing is resource-oriented, HTTP methods are chosen randomly as well as status codes. They are returning "412 Precondition Failed" instead of a plain simple "401 Unauthorized" when you're not authenticated! What the hell, did they even bother to check what 412 is about when they copied and pasted it from a crappy website!? I would never come up with 412, not even in my scariest nightmare.

What kind of drugs were they using when they wrote such code? Oh dear, I need a vacation...

Yesterday, after six months of work, a small side project ran to completion, a search engine written in django.

It's a thing of beauty, which took many trials, including discovering utf8 in mysql isn't the full utf8 spec, dealing with files that have wrong date metadata, or even none at all, a new it backup policy that stores backups along side real data.

Nevertheless, it is a pretty complete product. Beaming with pride I began to get myself a drink, and collapsed onto the floor, this caused me to accidentally hibernate my computer, which interrupted the network connection, which in turn caused an OSError exception in one of my threads, which caused a critical part of code not to run, which left a thread suspended, doing nothing.

From the floor I looked at my error and realised my hubris and meditated on my assumptions that in theory nothing should interrupt a specific block of code, but in reality something might, like someone falling over...

Summary: Burnout, and everything's broken.

I don't feel like doing a damn thing today. I look at the code and cringe. I look at Slack and think "ugh. i can't." Mental capitals are even too much work.

(I've started reading "Zen and the Art of Motorcycle Maintenance" to try and combat burnout. I'll write a rant/story about it here if I find it helpful. but all I want to do today is drink tea and read.)

But onto the story:

Heroku is deprecating support for and will automatically upgrade any old verisons of Postgres running on its platform after August something (like five days from now).

I performed the upgrade to PG10 on Sunday (and late into the night), provisioning a new follower, blah blah blah.

However, the version of Rails we're using (4.2.x) doesn't support PG10 sequences, so I manually added in support via a monkeypatch. I did this on our QA servers first, obviously, and everything worked as expected. After half a day of no issues, I did the same on production, and again: everything worked as expected.

But today? I keep hearing about new things that are broken. One specific type of alert doesn't work for one specific person (wat). Can't send [redacted] at all. Can't update merchants! Yet there are magically no errors logged.

That last one (well, two) are just great; let me explain: when there's an error concerning merchants, the error gets caught, isn't logged or recorded anywhere so it just disappears, and the rescue block triggers a json response instead and happily exits. This is for an internal admin tool, so returning a user-friendly error is kinda stupid anyway, but masking what actually happened? fuck that dev with an obelisk made from spikes and solidified pain. That json response is also lovely: it's a 200 OK returning {status: 1, data: "[generic message containing incorrect IT jargon]"}. Doesn't even say "error" anywhere. Bloody everything about this pattern is absolutely wrong. Even the friggin' text.

Fucking hell. I want to pipe the entire codebase into shred and walk out the door.

But I digress. So many things are broken, my motivation is wanning to a sliver, and I have a conference call today where I'll undoubtedly be asked why everything is on smoking and/or on fire, and my huge and overly productive week last week will ofc mean nothing by contrast.

Ugh.

`shred ~/dev/work -zfu -n 32 &; ./brew tea --hot && wine ~/takeabreak.exe`

Paranoid Developers - It's a long one
Backstory: I was a freelance web developer when I managed to land a place on a cyber security program with who I consider to be the world leaders in the field (details deliberately withheld; who's paranoid now?). Other than the basic security practices of web dev, my experience with Cyber was limited to the OU introduction course, so I was wholly unprepared for the level of, occasionally hysterical, paranoia that my fellow cohort seemed to perpetually live in. The following is a collection of stories from several of these people, because if I only wrote about one they would accuse me of providing too much data allowing an attacker to aggregate and steal their identity. They do use devrant so if you're reading this, know that I love you and that something is wrong with you.

That time when...

He wrote a social media network with end-to-end encryption before it was cool.

He wrote custom 64kb encryption for his academic HDD.

He removed the 3 HDD from his desktop and stored them in a safe, whenever he left the house.

He set up a pfsense virtualbox with a firewall policy to block the port the student monitoring software used (effectively rendering it useless and definitely in breach of the IT policy).

He used only hashes of passwords as passwords (which isn't actually good).

He kept a drill on the desk ready to destroy his HDD at a moments notice.

He started developing a device to drill through his HDD when he pushed a button. May or may not have finished it.

He set up a new email account for each individual online service.

He hosted a website from his own home server so he didn't have to host the files elsewhere (which is just awful for home network security).

He unplugged the home router and began scanning his devices and manually searching through the process list when his music stopped playing on the laptop several times (turns out he had a wobbly spacebar and the shaking washing machine provided enough jittering for a button press).

He brought his own privacy screen to work (remember, this is a security place, with like background checks and all sorts).

He gave his C programming coursework (a simple messaging program) 2048 bit encryption, which was not required.

He wrote a custom encryption for his other C programming coursework as well as writing out the enigma encryption because there was no library, again not required.

He bought a burner phone to visit the capital city.

He bought a burner phone whenever he left his hometown come to think of it.

He bought a smartphone online, wiped it and installed new firmware (it was Chinese; I'm not saying anything about the Chinese, you're the one thinking it).

He bought a smartphone and installed Kali Linux NetHunter so he could test WiFi networks he connected to before using them on his personal device.

(You might be noticing it's all he's. Maybe it is, maybe it isn't).

He ate a sim card.

He brought a balaclava to pentesting training (it was pretty meme).

He printed out his source code as a manual read-only method.

He made a rule on his academic email to block incoming mail from the academic body (to be fair this is a good spam policy).

He withdraws money from a different cashpoint everytime to avoid patterns in his behaviour (the irony).

He reported someone for hacking the centre's network when they built their own website for practice using XAMMP.

I'm going to stop there. I could tell you so many more stories about these guys, some about them being paranoid and some about the stupid antics Cyber Security and Information Assurance students get up to. Well done for making it this far. Hope you enjoyed it.

When you block too many potential trackers:

I'm a lead engineer, I design, I code, I debug, I test, I struggle, I deliver, I'm just a basic building block in my company, hardly involve in product roadmap planning. This is pretty clear in my LinkedIn profile. Jp Morgan recruiter called me for Vice president role. VP? Seriously? me skipping 4-5 levels, just with an interview process? Are you kidding me?
I asked her two times "...are you sure?", I lost my words, somehow gathered courage and asked, "what's the portfolio looks like, how many people will report to me?" Then she, calmly revealed that it's just an ic dev role and they name it that ways in their company.

What the actual ducking-duck-duckkk!

P.s. not sure about jpmc rest of the world but that's how it is in jp Morgan india.

I just tried to sign up to Instagram. I made a big mistake.

First up with Facebook related stuff is data. Data, data and more data. Initially when you sign up (with a new account, not login with Facebook) you're asked your real name, email address and phone number. And finally the username you'd like to have on the service. I gave them a phone number that I actually own, that is in my iPhone, my daily driver right now (and yes I have 3 Androids which all run custom ROMs, hold your keyboards). The email address is a usual for me, instagram at my domain. I am a postmaster after all, and my mail server is a catch-all one. For a setup like that, this is perfectly reasonable. And here it's no different, devrant at my domain. On Facebook even, I use fb at my domain. I'm sure you're starting to see a pattern here. And on Facebook the username, real name and email domain are actually the same.

So I signed up, with - as far as I'm aware - perfectly valid data. I submitted the data and was told that someone at Instagram will review the data within 24 hours. That's already pretty dystopian to me. It is now how you block bots. It is not how Facebook does it either, at least since last time I checked. But whatever. You'd imagine that regardless of the result, they'd let you know. Cool, you're in, or sorry, you're rejected and here's why. Nope.

Fast-forward to today when I recalled that I wanted to sign up to Instagram to see my girlfriend's pictures. So I opened Chromium again that I already use only for the rancid Facebook shit.. and it was rejected. Apparently the mere act of signing up is a Terms of Service violation. I have read them. I do not know which section I have violated with the heinous act of signing up. But I do have a hunch.

Many times now have I been told by ignorant organizations that I would be "stealing" their intellectual property, or business assets or whatever, just because I sent them an email from their name on my domain. It is fucking retarded. That is MY domain, not yours. Learn how email works before you go educate a postmaster. Always funny to tell them how that works. But I think that in this case, that is what happened.

So I appealed it, using a random link to something on Instagram's help section from a third-party blog. You know it's good when the third-party random blog is better. But I found the form and filled it in. Same shit all over again for info, prefilling be damned I guess. Minor convenience though, whatever.

I get sent an email in German, because apparently browsing through a VPS in Germany acting as a VPN means you're German. Whatever... After translating it, I found that it asks me to upload a picture of myself, holding a paper in my hands, on which I would have a confirmation code, my username, and my email address.. all hand-written. It must not be too dark, it must be clear, it must be in JPEG.. look, I just wanted to fucking sign up.

I sent them an email back asking them to fix all of this. While I was writing it and this rant, I thought to myself that they can shove that piece of paper up their ass. In fact I would gladly do it for them.

Long story short, do not use Instagram. And one final thing I have gripes with every time. You are not being told all the data you'll have to present from the get-go. You're not being told the process. Initially I thought it'd just be email, phone, username, and real name. Once signed up (instantly, not within 24 hours!) I would start setting up my account and adding a profile picture. The right way to ask for a picture of me! And just do it at my own pace, as I please.

And for God's sake, tackle abuse when it actually happens. You'll find out who's a bot and who isn't by their usage patterns soon enough. Do not do any of this at sign-up. Or hell, use a CAPTCHA or whatever, I don't fucking care. There's so many millions of ways to skin this cat.

Facebook and especially Instagram. Both of them are fucking retarded.

Often I hear that one should block spam email based on content match rather than IP match. Sometimes even that blocking Chinese ranges in particular is prejudiced and racist. Allow me to debunk that after I've been looking at traffic on port 25 with tcpdump for several weeks now, and got rid of most of my incoming spam too.

There are these spamhausen that communicate with my mail server as much as every minute.
- biz-smtp.com
- mailing-expert.com
- smtp-shop.com

All of them are Chinese. They make up - rough guess - around 90% of the traffic that hits my edge nodes, if not more.

The network ranges I've blocked are apparently as follows:
- 193.106.175.0/24 (Russia)
- 49.64.0.0/11 (China)
- 181.39.88.172 (Ecuador)
- 188.130.160.216 (Russia)
- 106.75.144.0/20 (China)
- 183.227.0.0/16 (China)
- 106.75.32.0/19 (China)
.. apparently I blocked that one twice, heh
- 116.16.0.0/12 (China)
- 123.58.160.0/19 (China)

It's not all China but holy hell, a lot of spam sure comes from there, given how Golden Shield supposedly blocks internet access to the Chinese citizens. A friend of mine who lives in China (how he got past the firewall is beyond me, and he won't tell me either) told me that while incoming information is "regulated", they don't give half a shit about outgoing traffic to foreign countries. Hence all those shitty filter bag suppliers and whatnot. The Chinese government doesn't care.

So what is the alternative like, that would block based on content? Well there are a few solutions out there, namely SpamAssassin, ClamAV and Amavis among others. The problem is that they're all very memory intensive (especially compared to e.g. Postfix and Dovecot themselves) and that they must scan every email, and keep up with evasion techniques (such as putting the content in an image, or using characters from different character sets t̾h̾a̾t̾ ̾l̾o̾o̾k̾ ̾s̾i̾m̾i̾l̾a̾r̾).

But the thing is, all of that traffic comes from a certain few offending IP ranges, and an iptables rule that covers a whole range is very cheap. China (or any country for that matter) has too many IP ranges to block all of them. But the certain few offending IP ranges? I'll take a cheap IP-based filter over expensive content-based filters any day. And I don't want to be shamed for that.

My Sunday Morning until afternoon. FML. So I was experiencing nightly reboots of my home server for three days now. Always at 3:12am strange thing. Sunday morning (10am ca) I thought I'd investigate because the reboots affected my backups as well. All the logs and the security mails said was that some processes received signal 11. Strange. Checked the periodics tasks and executed every task manually. Nothing special. Strange. Checked smart status for all disks. Two disks where having CRC errors. Not many but a couple. Oh well. Changing sata cables again 🙄. But those CRC errors cannot be the reason for the reboots at precisely the same time each night. I noticed that all my zpools got scrubbed except my root-pool which hasn't been scrubbed since the error first occured. Well, let's do it by hand: zpool scrub zroot....Freeze. dafuq. Walked over to the server and resetted. Waited 10 minutes. System not up yet. Fuuu...that was when I first guessed that Sunday won't be that sunny after all. Connected monitor. Reset. Black screen?!?! Disconnected all disks aso. Reset. Black screen. Oh c'moooon! CMOS reset. Black screen. Sigh. CMOS reset with a 5 minute battery removal. And new sata cable just in cable. Yes, boots again. Mood lightened... Now the system segfaults when importing zroot. Good damnit. Pulled out the FreeBSD bootstick. zpool import -R /tmp zroot...segfault. reboot. Read-only zroot import. Manually triggering checksum test with the zdb command. "Invalid blckptr type". Deep breath now. Destroyed pool, recreated it. Zfs send/recv from backup. Some more config. Reboot. Boots yeah ... Doesn't find files??? Reboot. Other error? Undefined symbols???? Now I need another coffee. Maybe I did something wrong during recovery? Not very likely but let's do it again...recover-recover. different but same horrible errors. What in the name...? Pulled out a really old disk. Put it in, boots fine. So it must be the disks. Walked around the house and searched for some new disks for a new 2 disk zfs root mirror to replace the obviously broken disks. Found some new ones even. Recovery boot, minimal FreeBSD Install for bootloader aso. Deleted and recreated zroot, zfs send/recv from backup. Set bootfs attribute, reboot........
It works again. Fuckit, now it is 6pm, I still haven't showered. Put both disks through extensive tests and checked every single block. These disks aren't faulty. But for some reason they froze my system in a way so that I had to reset my BIOS and they had really low level data errors....? I Wonder if those disks have a firmware problem? So that was most of my Sunday. Nice, isn't it? But hey: calm sea won't make a good sailor, right?

My manager thinks I am Superman! and he is so confident that can do any shit he wants me to do.

Yesterday he asked me to merge an ancient code hotfix (literally ancient) with latest branch of changes.

1. Hotfix is really old, most of the things are hardcoded, very specific to a stone age client.

2. Code documentation does not exist.

3. Developers of that code are probably dead.

4. Many Libraries which code uses are deprecated.

5. It's a legacy code, so no one has fucking idea what a particular clumsy block of code do, or what will happen if you remove it.

'if it runs don't touch it' policy by management.

Despite all this shit I successfully merged the the hotfix, refactored outdated code so as to run the application.

Showed this to my manager in full swag!

He was surprised at first, and asked me to show the code changes.

'Code review' was done by comparing files 😅

Manager: Dude, you have changed these lines, why? Explain.😧

Me: those lines won't work with new build, with new libs.☺️

Manager: then why can't you do old build with new changes?🙄

Me: umm.. wait... what???🤔

Manager: the code was working previously, it must be working even today without these changes.😡

Me: it was not working hence I made changes and now it's working fine see! ☺️

Manager: you have removed this, this and this!!! 😡

Me: but I also added that, that and that!😔

Manager: "don't touch it' if it works!"😡

Me: ... Idk what to say!
(In the back of my mind: "Don't touch it even it doesn't works!")😌

5 stages of failing WIFI connectivity on Linux

This morning I woke up my laptop to start my work day. I have 2 very important meetings today, so I better get all prepared.

"Wifi connection failed"
Syslog says:
- wpa_supplicant: wlp9s0: SME: Trying to authenticate with <MAC>
- kernel: wlp9s0: authenticate with <MAC>
- kernel: wl9s0: send auth to <MAC> (try 1/3)
- kernel: wl9s0: send auth to <MAC> (try 2/3)
- kernel: iwlwifi: Not associated and the session protection is over already...
- kernel: wl9s0: send auth to <MAC> (try 3/3)
- kernel: wl9s0: authentication with <MAC> timed out

#### DENIAL #####

No biggie, let's try another AP (I have 3). All 3 failed to connect. Fine, let's try my phone's hotspot! FAILED!!!!!

w00t.... okay, let's restart the router... but failing to connect to a phone hotspot is already a worrying sign.

Wifi connection failed

wtf.. disable and re-enable wifi

Wifi connection failed

#### ANGER #####

the fuuuuuuck. Maybe my router is dead. But my phone connects to it, no fuss. My personal lappy also connects there easily.

wtf... Does that mean I'm about to lose my uptime?? Come one!! It's Linux - there MUST be something I could do! I don't see processes hanging in D state so the radio must be fine - it's gotta be a software issue!

ChatGPT – type all the log entries manually, via phone (that took a while...). Nothing useful there: update firmware, restart NetworkManager, etc.

#### BARGAINING #####

Alright... How about a USB dongle? Plug it in and wifi connects immediately! Yayyy!!! But that's only b/g/n and I'd very much like to have ac. It works well as a limping backup, but not something I'd use for the meetings.

rfkill block/unblock all the radios. No change. USB dongle connects right away but the PCIe adapter keeps throwing notifications at me with failure messages. It's annoying, to say the least.

So I've already tried
- restarting the router(s)
- disabling/reenabling the radios
- multiple APs
- suspending/waking again several times
- praying

#### DEPRESSION #####

The only thing I haven't tried yet is the most cruel one - restarting the laptop. But that's unfair... It's LINUX! How could it disappoint me. I have so many tmux sessions open, so many unsaved leafpad notes, terminal histories with oh so comfy ^r and ! retriggers all ready and waiting to be executed...

#### ACCEPTANCE #####

But I can't miss the meeting. So I slowly start closing off apps, starting with the least important ones, trying to preserve as much history and recent commands as I can. I'm gonna lose my uptime, that's the inevitable obvious truth... Linux has failed me. Or maybe it's a hardware issue... I can't be sure until I restart.

I must reboot.

#### A NEW HOPE #####
Hold on.. What if... What if before restarting I try to reload the Intel wifi kernel module? Just for the giggles. I've got nothing to lose anyway...

rmmod iwlmvm
rmmod iwlwifi
modprobe iwlwifi
modprobe iwlmvm

*WiFi Connected*

YESSSS!!!!!!!!! My uptime is saved!
403 days and counting! YEAH BABY!!!

Linux is the best!

I was working in a manufacturing facility where I had hundreds of industrial computers and printers that were between 0 and 20 years old. They were running on their own clean network so that someone has to be in the manufacturing network to access them. The boss announced that the executives will be pushing a “zero trust” security model because they need IoT devices. I told him “A computer running Windows 98 can’t be on the same VLAN as office computers. We can’t harden most of the systems or patch the vulnerabilities. We also can’t reprogram all of the devices to communicate using TLS or encrypt communications.“ Executives got offended that I would even question the decision and be so vocal about it. They hired a team to remove the network hardware and told me that I was overreacting. All of our system support was contracted to India so I was going to be the on-site support person.

They moved all the manufacturing devices to the office network. Then the attacks started. Printers dumped thousands of pages of memes. Ransomware shut down manufacturing computers. Our central database had someone change a serial number for a product to “hello world” and that device got shipped to a customer. SharePoint was attacked in many many ways. VNC servers were running on most computers and occasionally I would see someone remotely poking around and I knew it wasn’t from our team because we were all there.

I bought a case of cheap consumer routers and used them in manufacturing cells to block port traffic. I used Kali on an old computer to scan and patch network vulnerabilities daily.

The worst part was executives didn’t “believe” that there were security incidents. You don’t believe in what you don’t understand right?

After 8 months of responding to security incident after security incident I quit to avoid burning out. This is a company that manufactures and sells devices to big companies like apple and google to install in their network. This isn’t an insignificant company. Security negligence on a level I get angry thinking about.

I wrote a node + vue web app that consumes bing api and lets you block specific hosts with a click, and I have some thoughts I need to post somewhere.

My main motivation for this it is that the search results I've been getting with the big search engines are lacking a lot of quality. The SEO situation right now is very complex but the bottom line is that there is a lot of white hat SEO abuse.

Commercial companies are fucking up the internet very hard. Search results have become way too profit oriented thus unneutral. Personal blogs are becoming very rare. Information is losing quality and sites are losing identity. The internet is consollidating.

So, I decided to write something to help me give this situation the middle finger.

I wrote this because I consider the ability to block specific sites a basic universal right. If you were ripped off by a website or you just don't like it, then you should be able to block said site from your search results. It's not rocket science.

Google used to have this feature integrated but they removed it in 2013. They also had an extension that did this client side, but they removed it in 2018 too. We're years past the time where Google forgot their "Don't be evil" motto.

AFAIK, the only search engine on earth that lets you block sites is millionshort.com, but if you block too many sites, the performance degrades. And the company that runs it is a for profit too.

There is a third party extension that blocks sites called uBlacklist. The problem is that it only works on google. I wrote my app so as to escape google's tracking clutches, ads and their annoying products showing up in between my results.

But aside uBlacklist does the same thing as my app, including the limitation that this isn't an actual search engine, it's just filtering search results after they are generated.

This is far from ideal because filter results before the results are generated would be much more preferred.

But developing a search engine is prohibitively expensive to both index and rank pages for a single person. Which is sad, but can't do much about it.

I'm also thinking of implementing the ability promote certain sites, the opposite to blocking, so these promoted sites would get more priority within the results.

I guess I would have to move the promoted sites between all pages I fetched to the first page/s, but client side.

But this is suboptimal compared to having actual access to the rank algorithm, where you could promote sites in a smarter way, but again, I can't build a search engine by myself.

I'm using mongo to cache the results, so with a click of a button I can retrieve the results of a previous query without hitting bing. So far a couple of queries don't seem to bring much performance or space issues.

On using bing: bing is basically the only realiable API option I could find that was hobby cost worthy. Most microsoft products are usually my last choice.

Bing is giving me a 7 day free trial of their search API until I register a CC. They offer a free tier, but I'm not sure if that's only for these 7 days. Otherwise, I'm gonna need to pay like 5$.

Paying or not, having to use a CC to use this software I wrote sucks balls.

So far the usage of this app has resulted in me becoming more critical of sites and finding sites of better quality. I think overall it helps me to become a better programmer, all the while having better protection of my privacy.

One not upside is that I'm the only one curating myself, whereas I could benefit from other people that I trust own block/promote lists.

I will git push it somewhere at some point, but it does require some more work:
I would want to add a docker-compose script to make it easy to start, and I didn't write any tests unfortunately (I did use eslint for both apps, though).
The performance is not excellent (the app has not experienced blocks so far, but it does make the coolers spin after a bit) because the algorithms I wrote were very POC.
But it took me some time to write it, and I need to catch some breath.

There are other more open efforts that seem to be more ethical, but they are usually hard to use or just incomplete.

commoncrawl.org is a free index of the web. one problem I found is that it doesn't seem to index everything (for example, it doesn't seem to index the blog of a friend I know that has been writing for years and is indexed by google).

it also requires knowledge on reading warc files, which will surely require some time investment to learn.

it also seems kinda slow for responses,

it is also generated only once a month, and I would still have little idea on how to implement a pagerank algorithm, let alone code it.

why do i have an iphone?

well, let's start with the cons of android.

- its less secure. this isn't even arguable. it took the fbi a month or something (i forget) to break into an ios device

- permission, permissions, permissions. many of the android apps i use ask for the not obscure permissions.
· no, you don't need access to my contacts
· no, you don't need access to my camera to take notes
· no, you don't need access to my microphone to send messages
· no, you don't need access to my saved passwords to be a functioning calculator

- not being able to block some apps from an internet connection

- using an operating system created and maintained by an advertising company, aka no more privacy

- i like ios's cupertino more than material design, but that's just personal preference

pros of ios:

- being able to use imessage, at my school if you don't have an iphone you're just not allowed to be in the group chat

- the reliability. i've yet a data loss issue

- the design and feel. it just feels premium

- if i could afford it, ios seems like a lot of fun to develop for (running a hackintosh vm compiled a flutter app 2x as fast as it did on not-a-vm windows)

so that's why i like iphones
google sucks

I was asked to fix a critical issue which had high visibility among the higher ups and were blocking QA from testing.

My dev lead (who was more like a dev manager) was having one of his insecure moments of “I need to get credit for helping fix this”, probably because he steals the oxygen from those who actually deserve to be alive and he knows he should be fired, slowly...over a BBQ.

For the next few days, I was bombarded with requests for status updates. Idea after idea of what I could do to fix the issue was hurled at me when all I needed was time to make the fix.

Dev Lead: “Dev X says he knows what the problem is and it’s a simple code fix and should be quick.” (Dev X is in the room as well)

Me: “Tell me, have you actually looked into the issue? Then you know that there are several race conditions causing this issue and the error only manifests itself during a Jenkins build and not locally. In order to know if you’ve fixed it, you have to run the Jenkins job each time which is a lengthy process.”

Dev X: “I don’t know how to access Jenkins.”

And so it continued. Just so you know, I’ve worked at controlling my anger over the years, usually triggered by asinine comments and decisions. I trained for many years with Buddhist monks atop remote mountain ranges, meditated for days under waterfalls, contemplated life in solitude as I crossed the desert, and spent many phone calls talking to Microsoft enterprise support while smiling.

But the next day, I lost my shit.

I had been working out quite a bit too so I could have probably flipped around ten large tables before I got tired. And I’m talking long tables you’d need two people to move.

For context, unresolved comments in our pull request process block the ability to merge. My code was ready and I had two other devs review and approve my code already, but my dev lead, who has never seen the code base, gave up trying to learn how to build the app, and hasn’t coded in years, decided to comment on my pull request that upper management has been waiting on and that he himself has been hounding me about.

Two stood out to me. I read them slowly.

“I think you should name this unit test better” (That unit test existed before my PR)

“This function was deleted and moved to this other file, just so people know”

A devil greeted me when I entered hell. He was quite understanding. It turns out he was also a dev.

I think that two criterias are important:

- don't block my productivity
- author should have his userbase in mind

1) Some simple anti examples:

- Windows popping up a big fat blue screen screaming for updates. Like... Go suck some donkey balls you stupid shit that's totally irritating you arsehole.
- Graphical tools having no UI concept. E.g. Adobes PDF reader - which was minimalized in it's UI and it became just unbearable pain. When the concept is to castrate the user in it's abilities and call the concept intuitive, it's not a concept it's shit. Other examples are e.g. GEdit - which was severely massacred in Gnome 3 if I remember correctly (never touched Gnome ever again. I was really put off because their concept just alienated me)
- Having an UI concept but no consistency. Eg. looking at a lot of large web apps, especially Atlassian software.
Too many times I had e.g. a simple HTML form. In menu 1 you could use enter. In menu 2 Enter does not work. in another menu Enter works, but it doesn't submit the form it instead submits the whole page... Which can end in clusterfuck.
Yaaayyyy.
- Keyboard usage not possible at all.
It becomes a sad majority.... Pressing tab, not switching between form fields. Looking for keyboard shortcuts, not finding any. Yes, it's a graphical interface. But the charm of 16 bit interfaces (YES. I'm praising DOS interfaces) was that once you memorized the necessary keyboard strokes... You were faster than lightning. Ever seen e.g. a good pharmacist, receptionist or warehouse clerk... most of the software is completely based on short keyboard strokes, eg. for a receptionist at a doctor for the ICD code / pharmaceutical search et cetera.
- don't poop rainbows. I mean it.
I love colors. When they make sense. but when I use some software, e.g. netdata, I think an epilepsy warning would be fair. Too. Many. Neon. Colors. -.-

2) It should be obvious... But it's become a burden.

E.g. when asked for a release as there were some fixes... Don't point to the install from master script. Maybe you like it rolling release style - but don't enforce it please. It's hard to use SHA256 hash as a version number and shortening the hash might be a bad idea.

Don't start experiments. If it works - don't throw everything over board without good reasons. E.g. my previous example of GEdit: Turning a valuable text editor into a minimalistic unusable piece of crap and calling it a genius idea for the sake of simplicity... Nope. You murdered a successful product.
Gnome 3 felt like a complete experiment and judging from the last years of changes in the news it was an rather unsuccessful one... As they gave up quite a few of their ideas.

When doing design stuff or other big changes make it a community event or at least put a poll up on the github page. Even If it's an small user base, listen to them instead of just randomly fucking them over.
--
One of my favorite projects is a texteditor called Kate from KDE.

It has a ton of features, could even be seen as a small IDE. The reason I love it because one of the original authors still cares for his creation and ... It never failed me. I use Kate since over 20 years now I think... Oo

Another example is the git cli. It's simple and yet powerful. git add -i is e.g. a thing I really really really love. (memorize the keyboard shortcuts and you'll chunk up large commits faster than flash.

Curl. Yes. The (http) download tool. It's author still cares. It's another tool I use since 20 years. And it has given me a deep insight of how HTTP worked, new protocols and again. It never failed me. It is such a fucking versatile thing. TLS debugging / performance measurements / what the frigging fuck is going on here. Take curl. Find it out.

My worst enemies....

Git based clients. I just hate them. Mostly because they fill the niche of explaining things (good) but completely nuke the learning of git (very bad). You can do any git action without understanding what you do and even worse... They encourage bad workflows.
I've seen great devs completely fucking up git and crying because they had really no fucking clue what git actually does. The UI lead them on the worst and darkest path imaginable. :(

Atlassian products. On the one hand... They're not total shit. But the mass of bugs and the complete lack of interest of Atlassian towards their customers and the cloud movement.... Ouch. Just ouch.

I had to deal with a lot of completely borked up instances and could trace it back to a bug tracking entry / atlassian, 2 - 3 years old with the comment: vote for this, we'll work on a Bugfix. Go fuck yourself you pisswads.

Microsoft Office / Windows. Oh boy.
I could fill entire days of monologues.
It's bad, hmkay?

XEN.
This is not bad.
This is more like kill it before it lays eggs.
The deeper I got into XEN, the more I wanted to lay in a bathtub full of acid to scrub of the feelings of shame... How could anyone call this good?!?????

This whole programming profession sucks! Programmers suck! Managers suck! Companies suck! Products suck!

Why is it so hard to organize your stupid code at least a bit?! No, it’s not deadlines, just write a block of code and give it a meaningful name, a function, a method, a comment, so many options, so little fucks given. Give things a meaningful name instead of whatever came to your mind that moment. There’s no excuse! No, just leave it to the next guy, and he’ll leave his trash for another one. And then we complain and make memes about it. Fuck you all!

There’s no purpose or vision of products, managers sweep problems under a rug, executives do whatever they do, as long as some money is pouring in, just keep pedaling semi-mindlessly. Spin the wheel you little hamsters until you drop, there’s enough hamsters out there.

It’s just a clusterfuck of small, selfish interests and egos, a mud of meaningless and unnecessary problems that need not be there.

It’s not the workload, it’s the stress! The stress of bullshit, and constant problems that can be avoided if everyone did their job at least half-professionally. Not just programmers, everyone!

Saw this sent into a Discord chat today:

"Warning, look out for a Discord user by the name of "shaian" with the tag #2974. He is going around sending friend requests to random Discord users, and those who accept his friend requests will have their accounts DDoSed and their groups exposed with the members inside it becoming a victim as well. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Discord is currently working on it. SEND THIS TO ALL THE SERVERS YOU ARE IN. This is IMPORTANT: Do not accept a friend request from shaian#2974. He is a hacker.

Tell everyone on your friends list because if somebody on your list adds one of them, they'll be on your list too. They will figure out your personal computer's IP and address, so copy & paste this message where ever you can. He is going around sending friend requests to random discord users, and those who accept his requests will have their accounts and their IP Addresses revealed to him. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Saw this somewhere"

I was so angry I typed up an entire feature-length rant about it (just wanted to share my anger):

"1. Unless they have access to Discord data centres or third-party data centres storing Discord user information I doubt they can obtain the IP just by sending friend requests.

2. Judging by the wording, for example, 'copy & paste this message where ever you can' and 'Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him.' this is most likely BS, prob just someone pissed off at that user and is trying to ruin their reputation etc.. Sentences equivalent to 'spread the word' are literally everywhere in this wall of text.

3. So what if you block the user? You don't even have their user ID, they can change their username and discrim if they want. Also, are you assuming they won't create any alts?

4. Accounts DDoSed? Does the creator of this wall of text even understand what that means? Wouldn't it be more likely that 'shaian' will be DDoSing your computer rather than your Discord account? How would the account even be DDoSed? Does that mean DDoSing Discord's servers themselves?

5. If 'shaian' really had access to Discord's information, they wouldn't need to send friend requests in order to 'DDoS accounts'. Why whould they need to friend you? It doesn't make sense. If they already had access to Discord user IP addresses, they won't even have to interact with the users themselves. Although you could argue that they are trolling and want to get to know the victim first or smth, that would just be inefficient and pointless. If they were DDoSing lots of users it would be a waste of time and resources.

6. The phrase 'Saw this somewhere' at the end just makes it worse. There is absolutely no proof/evidence of any kind provided, let along witnesses.

How do you expect me to believe this copypasta BS scam? This is like that 'Discord will be shutting down' scam a while back.

Why do people even believe this? Do you just blindly follow what others are doing and without thinking, copy and paste random walls of text?

Spreading this false information is pointless and harmful. It only provides benefits to whoever started this whole thing, trying to bring down whoever 'shaian' is.

I don't think people who copy & paste this sort of stuff are ready to use the internet yet.

Would you really believe everything people on the internet tell you?

You would probably say 'no'.

Then why copy & paste this? Do you have a reason?

Or is it 'just because of 'spread the word''?

I'm just sick of seeing people reposting this sort of stuff

People who send this are probably like the people who click 'Yes' to allow an app to make changes in the User Account Control window without reading the information about the publisher's certificate, or the people who click 'Agree' without actually reading the terms and conditions."

I fucking hate how much content I need to block with ublock to make websites less shit. Fuck your banners. Fuck your surveys, fuck your newsletters/mailing lists. And fuck your fucking shit website designs.

Can't be the only one who sits there individually blocking all annoying elements on sites with uBlock. Many hours 'wasted' for the sake of making everything a bit less shit

Edit:tags

In my previous company we developed a CRM web app for the company to use internally and it was in my humble opinion really easy to make sense of, but for some freaking we kept getting calls whenever someone got an error, and our default response was always to send us an email, then we will get back to you, as it was mostly stupid things they called about, for example, a customer might have to be status terminated, before you can click button A, button A would then be disabled and employees would call asking why. Apparently, people got annoyed by our response and went to the management, to get some guidelines as to when they could call the "development apartment" for help, so the management sends out some guidelines as to when they could call, write or whatever... The following was done without consulting us in any way ANY WAY AT ALL!... Because we all know management knows fucking best, and why bother asking the people that sit with it every day, and the way it was done was by saying:

If the background color on your error is red, it means the error is fatal and you can call the developers immediately, if its orange send an email and they will answer within 48 hours LIKE WTF... Seriously???. That was basically it, and honestly we had just been using colors, without much thought to it ofc red, was an error etc. But they we're not "OMG EVERYTHING IS BREAKING" alert, so we decided to use a couple of hours refactoring the color of the flash errors, and after that, we did not have many red alerts(None, yes none what so ever) We changed all the red ones to orange, and introduced some new colors. That worked for some time around 6 months or so, but then people obviously started calling again like, why even bother... So we created a simple service desk, blocked all incoming calls to our phones that were from regular employees, heard a lot of complaints about this from the employees, management was mad, we had so many meetings with those top paid management fuckers that know everything (way better than you and me), about how to handle this. As it took way too much of our time, that people couldn't bother trying simple things, or make some sense as to why a button is disabled etc. We ended up "winning", was allowed to block calls for some time, till the employees had learned to use a freaking simple service desk, it's not fucking rocket science Okay, stop being a pain in the ass... And it actually fucking worked! Most relaxing time after people got a hang of using the service desk instead of calling life was good after that... <3

I think blockchains are ridiculously overhyped. What about you?

Our school had for an open source way of dealing with home schooling and managing the school network and so on.

Now the government forced a "proprietary" system on our school and everyone hates it. The teachers didn't want it the pupils didn't want it but who cares "what we do is the best".

Btw the proprietary system costs a fuck load of money even though they just mixed many open source projects and made it their own proprietary thing.
And this company now get's loads of money for their shitty system that never really worked once since we got it.

They blocked so many ip's that we can't even access google and it's services on the school wifi and the bandwith dropped severely with the new system.

Oh and many random ip's e.g. one of my vps is accessible but the other one not.
Discord is blocked.
Web whatsapp.
And so on...

Now....

I need to learn for tests next week and need to access that stuff on the portal but...

Now they decided to switch the LDAP server to the new system and since a few hours i can't access this fucking thing.

It seems like the platform now contacts the new server which isn't even up and running....

Never change a fucking running system....

Oh and we got smart boards and it runs on android and they didn't block adb. Now i installed clash of clans on one of those things. Haha whoops.
These boards cost 7000€ and have security patches from 2 years ago....and Android 8

This pisses me off soooo fucking much.
"We're sowwy but we'll have to ask you to turn off your pretty little adblocker! We can't keep making money off of you by showing you stuff you don't want to see if you don't turn off your adblocker! But it's okay, who doesn't use an adblocker? Just turn it off for our site pleeeease"

Quit it with the quasi-friendly bullshit. If it's okay, why don't you fuck off and let me block whatever I want to block? It's ridiculous how many hoops I have to jump through just so I don't have to see ads on the internet. Even pi-hole doesn't help with this anymore. Now I need an Ad Blocker Blocker Blocker just so I don't have to wade through heaps of obnoxious ads every time I visit a page. It's so goddamn stupid.

Fuck this I need to ventilate.

Thinking about job change because maintaining and extending 3 years old codebase (flask project) is FUCKIN exhausting. It was badly written since start by someone who obviously didn't know much about python. (Going by commit history.)

Examples:
- if var != None / if var == None
- if var is not None / if var is None (well..)
- Returning self-parsed obscure JSONs from dict variable
- Serializing dictionaries into database by str() (both sqlalchemy and mysql support JSON format) - THEY ARE ALMOST UNUSABLE OTHER WAY AROUND (luckily, python can deal even with that)
- celery tasks, the way they are called they BLOCK the whole flask (not bad in itself, but if connection breaks there are no errors, nothing it just hangs)
- obscure generator/yielding that contains return of flask's response in itself
- creating fifteen thousands of variables one by one where they would look so nicely as dict keys, and hey they are then both MANUALLY SERIALIZED into returning dict by "%s" (string formatting) [okey, some of them are objecst like datetime but MATE WTF]
- many, many more, PEP lint shall not pass

I would rather deal with fresh startup owners wanting me to program unicorns in one week then trying to extend and manage zombie-like projects.

Nothing personal against the firm I actually like the place.

I have to create python parser (3.6) using code provided by client (2.7), that they used in their company, and it is full of crap like:

if a==1:
if not b:
c = [1,2,3]
if a==2:
if not b:
c = [1,2,3]
if b:
c = [1,2,4]

Or:

text = ""
for i in something:
text += "real text " + some_string + " \n"
text += "another line " + some_string + " \n"
text += "and another " + some_string + " \n"
text += "and so on " + some_string + " \n"
... (many lines instead of one appended text block)

Of course above variable names are just for shortening code, but there are variables like oo, ooo, var_ or var__... cause you know, PEP8 does not exist.

As someone who uses UNIX and UNIX-like systems on a daily basis, and someone dealing with computer support in a school, I experience so, so many issues, many of which others have already ranted about.

For no reason at all, I find it incredibly frustrating how many high school students' understanding of sudo is limited to this:
Student: Hey, isn't sudo the minecraft command
Me: Erm
Student: You know, the one skeppy uses... to troll players? Anyway, you're doing it wrong. There should be a slash before you run the command
Me: aaargh.
and so on. Happens probably every 10th time I invoke sudo.

I mean, really? Surely these kids, with all their complaints and lines: hacking into the mainframe/whats the admin password/why did you block my VPN/ and so on, would know what sudo is. But NO, they just don't seem to get it. Sometimes I lose my hope in the futures of these kids.

I'll post a rant (will be long) soon-ish on the root of the asinine problem...

TL;DR
Anyone got a better suggestion of killing a WLAN router signal than a Faraday Cage?
-----------------------
As to the point as I can manage atm...
My ISP forces a proprietary router/modem for them to script my static IPv4 block (/28, aka 13 usable). Modifying this equipment in any way or using the vast majority of tactics to modify its behaviour = Federal Felony... with my history, it couldn't be construed as mistake/ignorance of this fact, so I'd likely end up working for some branch of the gov to mitigate the costs of standard prison (on both ends... handicapped af = expensive af to comply with base human rights laws... plus I'd be a dangerous prisoner from what I've been told).

I NEED the ipv6 functionality TOTALLY off... I've written this into every kernel and every container config at kernel level.

The issue is, I don't trust their shit device (which "should" also be set to no ipv6 via gui... non-GUI = fed felony).

This horrid device, they apparently made them for home use initially (to be fair it has decent specs and tolerable RAM), so included WiFi... that comes on by itself.
Disable the WiFi!... except I cant (at least not without 'tampering').
Why? Well acc to the GUI it's not enabled in the first place. Acc to the 'tech support' it's apparently a paid feature (yes, nonsense) that I have not paid for (nor would I), meaning on their end's GUI and DBs I also don't have WiFi ability from that dev.

So... Not trusting the other settings and the dev, being something im not allowed to directly config outside of their GUI that doesn't realise it's putting out a usable signal despite registering DHCP on behalf of that non-existent signal. I NEED to kill those signals.

I realise it likely sounds extreme to make and use a Faraday Cage for a router/modem (secondary modem, it parses the initial modem's output, via script, to allow the static block to be accessed). I really dont know any other way that's legal to restrict it.

Oh, in case unclear, I have tried so many ways to get them to just allow me to use any device (pref. mine, but even their's) that i can simply script myself... it's a no-go.

Brave Browser.

There’s a reason why brave is generally advised against on privacy subreddits, and even brave wanted it to be removed from privacytools.io to hide negativity.

Brave rewards: There’s many reasons why this is terrible for privacy, a lot dont care since it can be “disabled“ but in reality it isn’t actually disabled:

Despite explicitly opting out of telemetry, every few secs a request to: “variations.brave.com”, “laptop-updates.brave.com” which despite its name isn’t just for updates and fetches affiliates for brave rewards, with pings such as grammarly, softonic, uphold e.g. Despite again explicitly opting out of brave rewards. There’s also “static1.brave.com”

If you’re on Linux curl the static1 link. curl --head
static1.brave.com,
if you want proof of even further telemetry: it lists cloudfare and google, two unnecessary domains, but most importantly telemetry domains.

But say you were to enable it, which most brave users do since it’s the marketing scheme of the browser, it uses uphold:

“To verify your identity, we collect your name, address, phone, email, and other similar information. We may also require you to provide additional Personal Data for verification purposes, including your date of birth, taxpayer or government identification number, or a copy of your government-issued identification
Uphold uses Veriff to verify your identity by determining whether a selfie you take matches the photo in your government-issued identification. Veriff’s facial recognition technology collects information from your photos that may include biometric data, and when you provide your selfie, you will be asked to agree that Veriff may process biometric data and other data (including special categories of data) from the photos you submit and share it with Uphold. Automated processes may be used to make a verification decision.”

Oh sweet telemetry, now I can get rich, by earning a single pound every 2 months, with brave taking a 30 percent cut of all profits, all whilst selling my own data, what a deal.

In addition this request: “brave-core-ext.s3.brave.com” seems to either be some sort of shilling or suspicious behaviour since it fetches 5 extensions and installs them. For all we know this could be a backdoor.

Previously in their privacy policy they shilled for Facebook, they shared data with Facebook, and afterwards they whitelisted Facebook, Twitter, and large company trackers for money in their adblock: Source. Which is quite ironic, since the whole purpose of its adblock is to block.. tracking.

I’d consider the final grain of salt to be its crappy tor implementation imo. Who makes tor but doesn’t change the dns? source It was literally snake oil, all traffic was leaked to your isp, but you were using “tor”. They only realised after backlash as well, which shows how inexperienced some staff were. If they don’t understand something, why implement it as a feature? It causes more harm than good. In fact they still haven’t fixed the extremely unique fingerprint.

There’s many other reasons why a lot of people dislike brave that arent strictly telemetry related. It injecting its own referral links when users purchased cryptocurrency source. Brave promoting what I’d consider a scam on its sponsored backgrounds: etoro where 62% of users lose all their crypto potentially leading to bankruptcy, hence why brave is paid 200 dollars per sign up, because sweet profit. Not only that but it was accused of theft on its bat platform source, but I can’t fully verify this.

In fact there was a fork of brave (without telemetry) a while back, called braver but it was given countless lawsuits by brave, forced to rename, and eventually they gave up out of plain fear. It’s a shame really since open source was designed to encourage the community to participate, not a marketing feature.

Tl;dr: Brave‘s taken the fake privacy approach similar to a lot of other companies (e.g edge), use “privacy“ for marketing but in reality providing a hypocritical service which “blocks tracking” but instead tracks you.

I fucking hate that ISPs just decide to block certain websites!

Sky for example blocks a bunch of things related to Tor. You can't go to the website, and can't even install stuff like tor browser from AUR, because it has tor in the download url. The connections simply time out.

Yes, I can use a VPN to install Tor, I'll probably have to do that. But fuck!!! Many VPN providers' websites are also blocked.

This seems to be common practive. In my previous flat we had Virgin. They blocked the website of all VPN providers they could find, and even kept me from establishing a connection to some of those providers. In that case I could donwload Tor (surprisingly) and then tried a bunch of clients until one of them worked.

It's fucking pretentious, and I don't think I'll find anything about blocking perfectly legal resources in any of their T&Cs.

So I now bought an iphone 6 again for development and tried just for fun to make it a daily driver and it feels really limited, especially because apparently theres no jailbreak yet for 11.2.5. (I feel near everything could be solved as soon as cydia etc. get fully released to the alibaba jailbreak)

I didnt even remember, that it doesnt have any option to have haptic feedback when typing, such a basic feature has to be jailbroken..? I thought I remembered that it had it, last time I had one - did they remove such a basic feature?

Also the fingerprint reader is really weird compared to other phones from the same year, first getting it to actually fill all fingerprint lines without saying "try again" or it trolling you and vibrating as if it recognized your finger, but actually didnt (really frustrating when its the last 2 lines...) - is a real challenge, might be that I have some mutant fingerprints, but when I asked my s/o to try it out, it also failed most of the times, so you have to position your finger in a very specific position for it to work, even if you add the max amount of 5 fingerprints.

Most ads on iphones feel HORRIBLE, the amount of lag some can add is incredible, wait till it loaded or youre fucked and besides using some shady adblocker vpn, theres no way to block them, without again - a jailbreak.

Another feature that I used many times on my android phone, is controlling it from the desktop, connect it via usb and then just use it for demonstration purposes on a projector or to instruct how things work - theres no such function without a jailbreak, even if you use osx..

Then theres the feature, that instead of just setting your cursor to a specific location, you have to hold and it zooms in, not sure if I just got too used to the android way of doing it, but I can see myself making less mistakes of where I positioned it with the ios way.

The hardware mute switch feels like a great feature, its just sometimes weird, so if you were inside an app that was playing sound and you mute it, it still plays it until you either close and open that app or just change to another one temporarily, so its not an actual hardware switch as I usually thought, more like a request to mute the phone.

The cable that comes with it is too thin, I am afraid to even unwind it, as it would probably break, so I had to get another one.

Please don't turn this into a shitfest from any of the fanboys, I really just wanted to share my image of finally being able to try it first hand again.

It's incredible how many sites don't check / handle localStorage permissions.. they usually just completely break.

That is they use a div to block the view despite the page usually still working ..

There literally is an API to check for permissions..

Sometimes in our personal projects we write crazy commit messages. I'll post mine because its a weekend and I hope someone has a well deserved start. Feel free to post yours, regex out your username, time and hash and paste chronologically. ISSA THREAD MY DUDES AND DUDETTES
--
Initialization of NDM in Kotlin
Small changes, wiping drive
Small changes, wiping drive
Lottie, Backdrop contrast and logging in implementation
Added Lotties, added Link variable to Database Manifest
Fixed menu engine, added Smart adapter, indexing, Extra menus on home and Calendar
b4 work
Added branch and few changes
really before work
Merge remote-tracking branch 'origin/master'
really before work 4 sho
Refined Search response
Added Swipe to menus and nested tabs
Added custom tab library
tabs and shh
MORE TIME WASTED ON just 3 files
api and rx
New models new handlers, new static leaky objects xd, a few icons
minor changes
minor changesqwqaweqweweqwe
db db dbbb
Added Reading display and delete function
tryin to add web socket...fail
tryin to add web socket...success
New robust content handler, linked to a web socket. :) happy data-ring lol
A lot of changes, no time to explain
minor fixes ehehhe
Added args and content builder to content id
Converted some fragments into NDMListFragments
dsa
MAjor BiG ChANgEs added Listable interface added refresh and online cache added many stuff
MAjor mAjOr BiG ChANgEs added multiClick block added in-fragment Menu (and handling) added in-fragment list irem click handling
Unformatted some code, added midi handler, new menus, added manifest
Update and Insert (upsert) extension to Listable ArrayList
Test for hymnbook offline changing
Changed menuId from int to key string :) added refresh ...global... :(
Added Scale Gesture Listener
Changed Font and size of titlebar, text selection arg. NEW NEW Readings layout.
minor fix on duplicate readings
added isUserDatabase attribute to hymn database file added markwon to stanza views
Home changes :)
Modular hymn Editing
Home changes :) part 2
Home changes :) part 3
Unified Stanza view
Perfected stanza sharing
Added Summernote!!
minor changes
Another change but from source tree :)))
Added Span Saving
Added Working Quick Access
Added a caption system, well text captions only
Added Stanza view modes...quite stable though
From work changes
JUST a [ush
Touch horizontal needs fix
Return api heruko
Added bible index
Added new settings file
Added settings and new icons
Minor changes to settings
Restored ping
Toggles and Pickers in settings
Added Section Title
Added Publishing Access Panel
Added Some new color changes on restart. When am I going to be tired of adding files :)
Before the confession
Theme Adaptation to views
Before Realm DB
Theme Activity :)
Changes to theme Activity
Changes to theme Activity part 2 mini
Some laptop changes, so you wont know what changed :)
Images...
Rush ourd
Added palette from images
Added lastModified filter
Problem with cache response
works work
Some Improvements, changed calendar recycle view
Tonic Sol-fa Screen Added
Merge Pull
Yes colors
Before leasing out to testers
Working but unformated table
Added Seperators but we have a glithchchchc
Tonic sol-fa nice, dots left, and some extras :)))
Just a nice commit on a good friday.
Just a quickie
I dont know what im committing...

FUCK APPLICATION LEVEL FIREWALLS!

So i cam online today, thought already lets open the shitty outlook webmail client. Holy crap .... thats way to much mails. Many of them are missed teams messages. So i open up teams and holy crap. Like every third dev in my company send me a message screaming "gitab is not working!!!".

Yesterday i updated it so imediately get in panic mode - what the shitty hack have i done?!

So yeah gitlab seems to be working just fine, everything is speedy and responsive, so i call one of my fellow devs and ask him whats wrong? And he is like oh yeah there comes a ldap error saying timeout or something.

I try to login with active directory. Works like a charm. Try another account, same problem?!

Google the problem, search gitlab tickets. Nope there is no open bug or sth. like this.

So alright lets call the network guy. "Yo, can you check if there is something ldap-like getting blocked to the gitlab server?" - He is like oh yeah damn like almost every damn request is getting blocked. Ah wait, there was an firewall update yesterday too. Yeah ldap is no longer ldap. BLOCK THAT SHIT!

After 10 minutes of figuring out what shitty type is detected by the firewall and what needs to be whitelisted to make it fucking work again it seems to work.

But ha no, there is another update rolling on, so same shit like 15 minutes later.

Now it seems to work and i have to inform every damn fcking developer that it works again. And yeah alright you sent a mail, but fuck it, i will call you though! So yeah just answering calls, mails and chat messages. Like why the fuck cant you read your mails like a damn normal person?!

as a seasoned systems eng myself, i had huge mental block of "i am not a programmer" whining when starting to incorperate agile/infrastructure as code for more seasoned syseng staff.

leadership made devops a role and not a practice so lots of growing pains. was finally able to win them over by asking them to look at how many 'scripts' and 'tools' they wrote to make life easier... and how much simpler and sustainable using puppet/ansible/chef/salt... and checking in all our sacred bin files and only approved 'scripts' would be pushed thru automation tool after post review.

we still are not programmers or developers, but using specific practices and source control took some time but saving us loads of time and gives us ability to actually do engineering

but just have 2 groups of younger guys that grew up wanting to be the bofh/crumudgen get off my systems types that are like not even 30... frustrating as they are the ones that should be more familiar with the shift from strictly ops to some overlap. and the devs that ask for root now that they can launch instances on aws or can launch docker containers and microservice..... ugggg. these 2 groups have never had to rack and stack servers, network gear, storage... just all magic to them because they can start 50 servers with a button click.

try to get past the iam roles, acls, facls, selinux and noshell i have been pushing. bitches.

Expecting Youtube to provide ad-less and free version is either naivete or sense of entitlement. Regardless, you are entitled to nothing.

I am not talking about ad-block users, so lower down your pitchforks. As long as many more people watch with ads, adblock will not hurt anyone that mich.

Shit... watched too many videos about AI. Now I'm convinced human coding will be obsolete in the near future...

Hello code block, long time no see...

I just started playing terraria and holy shit, it puts minecraft to shame in so many aspects.

It actually makes you feel like the mc devs are some fucking lazy ass morons sitting on piles of cash.

Minecraft is 11 years old and it has 4 bosses and they are all underwhelming pieces of shit, jesus christ.

They can't even make mining fun for fucks sake. Work an half an hour or more to get a full set of diamond only to accidentally lose it to lava in the nether.

They added netherite? Holy shit I can't wait to see the new gear I can craft with it.

Pickaxe, axe, shovel, hoe, sword, helmet, chestplate, leggings, boots. Wow, netherite shovel, that's what the minecraft community needed.

How about an actual battle axe, knives? a baseball bat? Spells? Fucking something minecraft, come on, you can't just have 10 weapons man!

The lack of creative content and variety in minecraft is staggering. Adding a block of a different color and texture is not new content!!!

Also, fuck villagers and the sound they make and their faces. Worse character design ever. Not a single redeeming aspect. And fuck their trading system.

The trade system is horrible!!! One item at a time per character. No text from villagers. They don't have names!!!! They don't feel like villagers!!! They feel like robots!!!! Not a single one of them fights back!!!!! WHAT THE FUCK???? JUST ADD ONE THAT FIGHTS BACK YOU MORONS!!! NOT THAT WEIRD ASS GOLEM!!!

AND NO ONE GIVES TOO FUCKING SHITS ABOUT THE GOSSIP SYSTEM MC DEVS. NO OONEEEEE!!!

Terraria is not a perfect game, but it doesn't just try to be a good rpg, it actually is.

Meanwhile every 3d sandbox after minecraft will either be a filthy clone or not exist at all by fear of being labeled as such. Because of that I will keep on trashing on minecraft, even though I still play it a lot.

I'm in a big fat fucking stinking rut, as in progress on this project has absolutely stagnanted.

Gonna rubber face your duck now **UNZIPS** excepts I don't have zippers, as joggers are the one true way; fake Adidas til I fucking drop.

Brain damage aside, I understand both how I've layed out the data and what I'm supposed to do with it. We have a virtual machine, an array of instructions and arguments for a given process within it, and we need to walk this array and map values to registers.

We also need to spill values inside registers to stack, IF they are required at a further point within that block. This also isn't terribly complex. We simply look forward in the array and see if the value is an argument to any instruction that *needs* this value to be loaded (ie, within a register).

So this implies multiple iterations; we need to better understand how one particular value is used throughout an F before we can make a final decision on how many registers and stack space are actually needed for the whole block.

Here's where it gets tricky. If there's a call, we need to be certain that the symbol being invoked has already been fully processed. Besides the obvious fact that recursion fucks me up, there's another matter: say a private method gets invoked by another private method. We can take advantage of this, by which I mean, sacrilege incoming so put on this toga.

Looking at the output for C compilers, it would seem this is not done in practice, I would assume because it's a pain in the ass. But when you have the guarantee that F will only be called internally, as that's what "private" means, there's two ways it can go:

0. It's well below the 13-20 cycle threshold, so you inline the fucker. No suprises there.
1. It's a more involved affaire, and invoked in more than one place, so you don't inline it. Codesize matters.

Recursion and [1] are the big deal things holding me back. Not because it's too hard, like I said this is kindergarten level abstraction. I'm just slow and fanatical, which is how I prefer to spell "constant obsessive paranoid delusions". I can see the potential optimization I can pull here, so I'm stuck trying to figure it out.

Idea would be, handling the register allocation and stack spill for an internal-internal (or deep internal; what we like to call a "guts" method) in synchronization with the *calling* processes. This is, fundamentally, violating all conventions -- but so under the hood no one will notice.

Let me give you an example. If we were to pass some value to a function, expecting to mutate it and get a different value back, in a lot of cases it'd be stupid to make an implicit copy by using two registers, one for input and another for the output. Dude, it's one cycle. Multiply it by a million, say sixty times per second, for every time you __needlessly__ make a copy of a value that we've already stated is mutable.

Clearly unacceptable. This is, in the strictest sense, everywhere in every single codebase. Premature micro optimization is the root of all goodness, God is great and praiseworthy. So how do we go about it?

Answer is I know and I don't know. By which I mean to say, this very thing I've done by hand. Assembly is fun. Now the issue is teaching a calculator how to do it. Not so fun.

There is a dependency chain between processes, as I believe I've kind of alluded to. I'm trying to make decisions on the side of the caller depending on the details of the callee, which is why recursion is rawdogging my soul. This is the same situation, it's inverting the direction of one or more links in the dependency chain, which makes no fucking sense.

And yet it does.
Brain, explain yourself.

How do *you* handle this without crashing?
Brain?

<<ME STEWPED; BEEP-BOOP>>

Alright then, that was a useless attempt at fuckery. Let's have a nap then, maybe it'll come to me in the morning. That's what I've been saying to myself for almost a month now.

Perhaps it is a hardcoded fuk.

As hard as I fucking try, my stumbling block, every fucking time is exports/imports. I can't wrap my head around them, at all.

What do you use in browser vs in node?
Whats the *most commonly used standard*?

Whats the difference between "modules.export = Foo;"
vs "exports.Foo = Foo;"

what about

export class Foo? Is that the same as modules.export or export.Foo?

Look at this shit...
import FooComponent from "./Foo";
export default Foo
const Foo = require("./foo")
const Foo = require("./foo.js").Foo
import { Foo } from "./Foo.js";

And probably a dozen others I don't know about.

Why does there have to be so many fucking ways to do a fucking import/export?

What the fuck is going on here?

How many if statements does it take to get to the center of this fucking code block?lol but on a real note, how many if or else ifs is considered too much?

Recently joined new Android app (product) based project & got source code of existing prod app version.

Product source code must be easy to understand so that it could be supported for long term. In contrast to that, existing source structure is much difficult to understand.

Package structure is flat only 3 packages ui, service, utils. No module based grouped classes.

No memory release is done. So on each screen launch new memory leaks keep going on & on.

Too much duplication of code. Some lazy developer in the past had not even made wrappers to avoid direct usage of core classes like Shared Preference etc. So at each place same 4-5 lines were written.

Too much if-else ladders (4-5 blocks) & unnecessary repetitions of outer if condition in inner if condition. It looks like the owner of this nested if block implementation has trust issues, like that person thought computer 'forgets' about outer if when inside inner if.

Too much misuse of broadcast receiver to track activities' state in the era of activity, apપ life cycle related Android library.

Sometimes I think why people waste soooo... much efforts in the wrong direction & why can't just use library?!!

These things are found without even deep diving into the code, I don't know how much horrific things may come out of the closet.

This same app is being used by many companies in many different fields like banking, finance, insurance, govt. agencies etc.

Sometimes I surprise how this source passed review & reached the production.

Hey folks!
I'm looking for some software or service to manage the referees in my sports club.
I want to assign people (and maybe even groups of people) to a specific game and have an automatic notification for them. Then the assigned referee should be able to confirm or deny the assignment.
Some extras would be something like a counter of how many games each specific referee has done and some kind of calendar where the referees can block some dates where they don't want to have a game.

Any suggestions? Thanks in advance!

Am I stupid ?

So this seems like such a simple problem.

You have a block pixels.

If the pixels around a pixel are within tolerance (t), then they are included as part of shape. if a connected pixel to the original pixel has other pixels within tolerance (t) from it, they are also included in the shape.

the block of pixels has been reduced to a simple on/off state, no color considerations necessary.

Creating a bounding box around the beginning and end of data can lead to strange exceptions, so the method suggested seems the best way.

But its sooooooooooooo slow when you get large noisy images.

I've tried doing this a few different ways.

The last I tried is dividing everything line segments, classifying them by orientation (diagonal, horiz, vert, point) and then dividing the canvas into panels of so many pixels to prevent #oflines^2 comparisons, placing them lines in and then testing for intersection of the lines in one panel at a time.

Is there another way ?

hey peeps, 2 questions:

1. do you know about some kind of firewall/antivirus for pc that can just allow the user to accept/block an internet request , like no root firewall does for android.

I have been using that simple, beautiful piece of open source for last 2ish years. The way it sends a notification when an app tries to make an internet request(even in the background!) has helped me detect and remove so many viruses.

2. i am thinking of doing a factory reset on my windows. My laptop came loaded with win10 and office , and i don't have the keys for it( it shows a special partition having some backup of window i guess?). So i had a couple of thoughts:
- will my office get removed?[i don't want this]

- I created several other partitions( d,e,f,p) would they go back as a single C drive?[doesn't effect me as long as i can create them again]

- the languages and modules i installed via cmd(java/python/ruby/pip modules/git/etc), would they also get removed? [i really want that]

- i am probably thinking this won't happen, but is their a possibility that the recovery partition that my windows came with, would also get removed[ i don't want that]