One week, and it turned out to be worse than that.

I was put on a project for a COVID-19 program in America (The CARES Act). The financial team came to us on Monday morning and said they need to give away a couple thousand dollars.

No big deal. All they wanted was a single form that people could submit with some critical info. Didn't need a login/ registration flow or anything. You could have basically used Google Forms for this project.

The project landed in my lap just before lunch on Monday morning. I was a junior in a team with a senior and another junior on standby. It was going to go live the next Monday.

The scope of the project made it seem like the one week deadline wasn't too awful. We just had to send some high priority emails to get some prod servers and app keys and we were fine.

Now is the time where I pause the rant to express to you just how fine we were decidedly **not**: we were not fine.

Tuesday rolls around and what a bad Tuesday it was. It was the first of many requirement changes. There was going to need to be a review process. Instead of the team just reading submissions from the site, they needed accept and reject buttons. They needed a way to deny people for specific reasons. Meaning the employee dashboard just got a little more complicated.

Wednesday came around and yeah, we need a registration and login flow. Yikes.

Thursday came and the couple-thousand dollars turned into a tens of millions. The amount of users we expected just blew up.

Friday, and they needed a way for users to edit their submissions and re-submit if they were rejected. And we needed to send out emails for the status of their applications.

Every day, a new meeting. Every meeting, new requirements that were devastating given our timeframe.

We put in overtime. Came in on the weekend. And by Monday, we had a form that users could submit and a registration/ login flow. No reviewer dashboard. We figured we could take in user input on time and then finish the dashboard later.

Well, financial team has some qualms. They wanted a more complicated review process. They wanted roles; managers assign to assistants. Assistants review assigned items.

The deadline that we worked so hard on whizzed by without so much as a thought, much less the funeral it deserved.

Then, they wanted multiple people to review an application before it was final. Then, they needed different landing pages for a few more departments to be able to review different steps of the applications.

Ended up going live on Friday, close to a month after that faithful Monday which disrupted everything else I was working on, effective immediately.

I don't know why, but we always go live on a Friday for some reason. It must be some sort of conspiracy to force overtime out of our managers. I'm baffled.

But I worked support after the launch.

And there's a funny story about support too: we were asked to create a "submit an issue" form. Me and the other junior worked on it on a wednesday three weeks into the project. Finished it. And the next day it was scrapped and moved to another service we already had running. Poor management like that plagued the project and worked in tandem with the dynamic and ridiculous requirements to make this project hell.

Back to support.

Phone calls give me bad anxiety. But Friday, just before lunch, I was put on the support team. Sure, we have a department that makes calls and deal with users. But they can't be trained on this program: it didn't exist just a month ago, and three days ago it worked differently (the slippery requirements never stopped).

So all of Friday and then all of Saturday and all of Monday (...) I had extended panic attacks calling hundreds of people. And the team that was calling people was only two people. We had over 400 tickets in the first two days.

And fuck me, stupid me, for doing a good job. Because I was put on the call team for **another** COVID project afterwards. I knew nothing about this project. I have hated my job recently. But I'm a junior. What am I gonna say, no?

No, MD5 hash is not a safe way to store our users' passwords. I don't care if its been written in the past and still works. I've demonstrated how easy it is to reverse engineer and rainbow attack. I've told you your own password for the site! Now please let me fix it before someone else forces you to. We're too busy with other projects right now? Oh, ok then, I'll just be quiet and ignore our poor security. Whilst I'm busy getting on with my other work, could you figure out what we're gonna do with the tatters of our client's business (in which our company owns a stake) in the aftermath of the attack?

When there’s a glaring user-facing issue in your company’s app that can cause the user to spend mobile data after specifically choosing a setting that’s supposed to prevent that.

And your boss says your fix is “out of scope for the current sprint.” And the product team agrees with him.

I ALREADY DID THE WORK AND HAD IT VERIFIED BY QA.

Sometimes I Hate agile. Then again, I don’t think we’re doing it quite right anyway.

I got so many concerns/questions about the EU chat control and the future. Sorry for my long rant lol:
1) What about projects that are on life support and no active development?
2) What about chat application in video games or the chat service on the website of a local shop
3) What about false flags? Like that parent who got into legal trouble for sharing a picture of his kid with a doctor to get a medical opinion on some skin condition. (might misremember the details)
4) What about false flags like instagram banning accounts and forwarding it to the police department and over-exhausting the resources of the police (accidental 'DDOS' of their personel)
5) What if the content shared in country A is legally OK but not in country B. What if you then travel there? Or if your participant is from that country B.
6) What about content that is taboo but should be OK to discussed? Like puberty or hormonal discussions online? Some subreddits like "stopsmoking" is now also regional banned by Reddit in the UK to avoid any unneeded risks. That is bad. YouTube had some problem where adult content existed on their platform but labeled as educational.
7) What if you encrypt messages before sending it. Will you be banned just in case? What if you need support with an app and you send an encrypted application crash log that came from your computer, will you now be banned just in case?
8) What if you like privacy and have those apps for innocent purposes. Is having those apps now illegal
9) What if criminals use apps from Asia or Africa or somewhere where this law is not present/enforced. Or what if they create a simple app with this encryption. It is not difficult to make one.
10) Before 2001, airport security was very lax but then 9/11 happened and the security increased. It never went back to the state before. Since they have or will have this check, what will them stop it from expanding it after the next disaster of an unrelated accident (like terrorist attack).
11) What if those services miss a case? Will the company that allows this to be send now have legal trouble?
12) What if users are using metaphors or practice self-censorship to avoid flagged words? We see it with monetization in social media (like murder or killing is replaced with "unaliving")
13) It will be just an other problem to start a new company with limited budget. So start-ups will just have a bit harder time to break into the market.
14) this might just push users away from mainstream options
15) it's just an other attack vector for hackers to use
16) Do we want to have private companies be able to scan our messages because they are contracted by the government? They can have their own bias to satisfy their shareholders. What if they are invested by the Big Oil so critic towards the Big Oil is altered? How certain can you be this won't happen now or in the future. Reddit Admin did that before so who knows at this point.
17) Anonymity will disappear.
18) Different companies verify users and store this data so this seems like a major cyberrisk and identity theft waiting to happen
19) fragmentation of users. it is now annoying that some family or friends don't use whatsapp but use telegram and the other way around. You might need +5 chat application to keep contact and lose social relationships.
20) Is AI detected messages even legal proof in court?
21) What if you talk about video games and flag the AI system this way? Or use abbreviation from a niche community that also overlaps with flagged words (like checkpoint being abbreviated as CP) or just the language with poor support or use a 'dialect' in your chat that trips up the software.
22) What if your phone is stolen and they send those messages in your name or this is done remotely.
23) What if you are sharing old family pictures and there is 1 and only 1 odd picture that just barely trips up the system.
24) Games like 'Beyond human' also has gameplay that hurts a fictional child which fits the storyline and acts as shock value. Will this be banned
25) The newer population will see this as normal so what will they find acceptable if they can now vote

Just found the most embarrassing security hole. Basically a skelleton key to millions of user data. Names, email addresses, zip codes, orders. If the email indicates a birthdate, even more shit if you chain another vector. Basically an order id / hash pair that should allow users to enter data AND SHOULD ONLY AUTHORIZE THEM TO THE SITE FOR ENTRING DATA. Well, what happend was that a non mathing hash/id pair will not provide an aith token bit it will create a session linked to that order.

Long story short, call url 1 enter the foreign ID, get an error, access order overview site, profit. Obviously a big fucking problem and I still had to run directly to our CEO to get it prioritized because product management thought a style update would be more important.

Oh, and of course the IDs are counted upwards. Making them random would be too unfair towards the poor black hats out there.

So I'm tasked with creating a single sign on link using documentation from the third party we are logging into. So far so good.

Well they don't support some of the fields our users will need--that we don't want to support (otherwise why use a third-party?).

Their solution is to make us the system of record so that when a user goes through the single sign on we pass this info as well. But it needs to be editable on their side well--because they won't give us an API for our system of record to update their side.

That's right only a user signing on from our system will update their side. Tough luck admins on our side. You get double duty due to the poor business decision to work with a company with lazy devs.

VirPhone: Empowering Your Business with Cloud Phone Systems and VOIP Technology

In today’s fast-paced and digital world, efficient communication is key to the success of any business. Whether you're reaching out to clients, collaborating with remote teams, or handling customer inquiries, having a reliable phone system is essential. VirPhone offers cutting-edge cloud phone systems that are designed to streamline your communication, reduce costs, and improve efficiency. Let’s explore how our cloud phone systems can elevate your business and answer some common questions like, “What is VOIP phone?” and how it can benefit your business.

What is a Cloud Phone System?
A cloud phone system is an advanced communication solution that operates over the internet, rather than relying on traditional landlines. This system provides businesses with a more flexible, scalable, and cost-effective way to manage their communications. VirPhone’s cloud phone systems allow businesses to make and receive calls, send messages, and conduct video conferences—all from the convenience of a cloud-based platform.

With VirPhone, you can enjoy the flexibility of managing your communications from anywhere. Whether you’re in the office, working remotely, or traveling, a cloud phone system ensures you stay connected at all times.

What is VOIP and How Can It Benefit Your Business?
VOIP stands for Voice Over Internet Protocol, which is a technology that allows voice calls to be made over the internet rather than using traditional telephone lines. So, what is VOIP phone? It’s simply a phone system that enables businesses to make calls over the internet.

Unlike traditional phone systems, VOIP phone systems are cost-effective and more flexible, providing features such as call forwarding, voicemail, and voicemail-to-email. VirPhone’s VOIP technology not only reduces your business’s communication costs but also enhances overall productivity by providing features that are more customizable and scalable.

Some of the key benefits of VOIP phone systems include:

Lower Costs: Traditional phone systems charge for long-distance calls. With VOIP, these calls are often free or at a much lower rate.

Scalability: As your business grows, your cloud phone system can easily scale to accommodate more users or advanced features without expensive upgrades.

Flexibility: With VOIP phone systems, employees can make and receive calls anywhere, as long as they have an internet connection. This is ideal for remote teams or employees on the go.

How to Get a Toll-Free Number with VirPhone
One of the most important features for any business is having a toll-free number. A toll-free number makes your business appear professional and accessible, giving customers a way to reach you without incurring charges. VirPhone offers toll-free numbers that are easy to set up and manage through our cloud phone system.

With a toll-free number from VirPhone, customers can call your business without worrying about the cost, regardless of where they are located. This can improve customer satisfaction and make it easier for customers to get in touch with your business. Whether you're conducting customer service calls or receiving inquiries, a toll-free number can help you provide exceptional service.

Calling on a Phone: How VirPhone Enhances Your Business Calls
Whether you’re calling on a phone to reach a client, partner, or team member, VirPhone’s cloud phone system ensures that your calls are clear, reliable, and cost-effective. No more worrying about dropped calls or poor audio quality—our system is designed to provide high-quality call connections, no matter where you are.

Here are some features of VirPhone’s calling on phone services that help improve your business communication:

Crystal-Clear Audio: With VOIP phone systems, you can expect high-definition voice quality that eliminates the usual static or noise found in traditional phone calls.

Call Forwarding and Routing: If you’re unavailable, VirPhone can forward your calls to another number or voicemail. This ensures you never miss an important call.

Voicemail-to-Email: With VirPhone, you can receive voicemails directly in your email inbox, making it easier to manage messages and respond promptly.

Why Choose VirPhone for Your Business Communication?
At VirPhone, we understand the importance of reliable communication for businesses. Our cloud phone systems are designed to provide advanced features and excellent call quality, all at an affordable price. Here’s why businesses trust VirPhone for their communication needs:

Affordable: Our VOIP phone systems are cost-effective and provide significant savings over traditional phone systems.

Flexible and Scalable: Whether you're a small business or a large enterprise, our systems grow with you. Adding more lines or features is easy and can be done remotely.

Motorcycle Accident Lawyer: Your Trusted Advocate in Miami – Pita Weber Del Prado

Motorcycle accidents can result in devastating injuries, from broken bones and spinal injuries to traumatic brain injuries and even fatalities. The physical, emotional, and financial toll of a motorcycle accident can be overwhelming, leaving victims unsure of how to navigate the complexities of insurance claims and legal proceedings. If you’ve been involved in a motorcycle accident in Miami, having an experienced motorcycle accident lawyer by your side is essential to ensuring you receive the compensation you deserve. At Pita Weber Del Prado, we are committed to protecting the rights of motorcycle accident victims and guiding them through every step of the legal process.

Why You Need a Motorcycle Accident Lawyer in Miami
Motorcycle accidents are unique and often involve more severe injuries compared to car accidents due to the lack of protective barriers. Additionally, the public’s perception of motorcyclists can sometimes be biased, making it harder for victims to get the fair treatment they deserve. An experienced motorcycle accident lawyer can help level the playing field by ensuring that your case is properly investigated and that your rights are vigorously defended.

At Pita Weber Del Prado, we specialize in representing motorcycle accident victims in Miami and surrounding areas. Our legal team has a deep understanding of Florida’s motorcycle laws, insurance regulations, and how to navigate the complex issues that arise in these types of cases.

Common Causes of Motorcycle Accidents
Motorcycle accidents can happen for a variety of reasons. Some of the most common causes include:

Distracted Drivers: One of the leading causes of motorcycle accidents is other drivers not paying attention to the road. Distracted driving—such as texting, using a phone, or even eating—can prevent drivers from noticing a motorcyclist, leading to collisions.

Failure to Yield: Drivers often fail to yield the right of way to motorcyclists, particularly at intersections, causing accidents. Many drivers simply don’t notice motorcyclists or fail to check their blind spots before changing lanes or making turns.

Speeding and Reckless Driving: Speeding and aggressive driving are dangerous for all road users, but they are particularly risky for motorcyclists. Excessive speed reduces the time to react to hazards, which can lead to accidents.

Road Hazards: Poor road conditions—such as potholes, uneven surfaces, or wet roads—can be especially dangerous for motorcyclists. These hazards can cause loss of control, resulting in crashes.

Impaired Driving: Driving under the influence of alcohol or drugs significantly impairs a driver’s reaction time and ability to judge distances, leading to crashes involving motorcycles.

How a Motorcycle Accident Lawyer Can Help You
If you’ve been injured in a motorcycle accident, you may be facing steep medical bills, lost wages, and emotional distress. An experienced motorcycle accident lawyer can help you by:

Investigating the Accident: Our team will conduct a thorough investigation into the accident, gathering crucial evidence such as witness statements, police reports, and accident scene photographs. We will also work with accident reconstruction experts, if necessary, to establish fault.