So a friend of Mine asked me to check their Mail server because some emails got lost. Or had a funny signature.

Mails were sent from outlook so ok let's do this.

I go create a dummy account, and send/receive a few emails. All were coming in except one and some had a link appended. The link was randomly generated and was always some kind of referral.

Ok this this let's check the Mail Server.

Nothing.

Let's check the mail header. Nothing.

Face -> wall

Fml I want to cry.

Now I want to search for a pattern and write a script which sends a bunch of mails on my laptop.
Fuck this : no WLAN and no LAN Ports available. Fine let's hotspot the phone and send a few fucking mails.

Guess what? Fucking cockmagic, no funny mails appear!

At that moment I went out and was like chainsmoking 5 cigarettes.

BAM!

It hit me! A feeling like a unicorn vomiting rainbows all over my face.

I go check their firewall. Shit redirected all email ports from within the network to another server.

Yay nobody got credentials because nobody new it existed. Damn boy.

Hook on to the hostmachine power down the vm, start and hack yourself a root account before shit boots. Luckily I just forgot the credentials to a testvm some time ago so I know that shit. Lesson learned: fucking learn from your mistakes, might be useful sometimes!

Ok fucker what in the world are you doing.

Do some terminal magic and see that it listens on the email ports.

Holy cockriders of the galaxy.

Turns out their former it guy made a script which caught all mails from the server and injected all kind of bullshit and then sent them to real Webserver. And the reason why some mails weren't received was said guy was too dumb to implement Unicode and some mails just broke his script.

That fucker even implented an API to pull all those bullshit refs.

I know your name "Matthias" and I know where you live and what you've done... And to fuck you back for that misery I took your accounts and since you used the same fucking password for everything I took your mail, Facebook and steam account too.

Git gut shithead! You better get a lawyer

rant

fuck you whatapp for not formatting the links properly and not displaying the entire links

I lost my referral bonus due to this 😥

*It did displayed it properly on the WhatsApp web version but it fucked up on the phone version*

see for yourself people,

In game development feature creep tends to kill games because it's just as much about what's NOT there as what IS there.

Take The Last of Us for example. Would a strategic tower defense segment make sense? No? And if it was a *hugely* popular mechanic at the time of development is there a real chance they would have included such a segment in TLOU? Yes.

Don't just believe me. Go take a look at what happened to the original Fortnite versus the hills-have-eyes inbred offspring that it became all because PUBG and its format were cancerously mega popular at the time.

That's why while developing my game Atom Ranger (now with 100% less multiplayer!), a mix between metro and don't starve, I spent six years *pruning* features. You can click my referral link and get 50% off the opportunity to become an unpaid tester of the pre-prealpha right now, "for hardcore players only!" (Tm)

My game:

(Part 2/2?)

THE RAT-RACE ARC:

I get a mail 2 months into this fiasco telling me to register on their website and take up another test. I was already over with my emergency and was working my full-time default. (Fortunately I found another internship during this time which was one of the best initiatives I've worked with).

It asks me to register as a new user, take up the test and "share" my results. Not pushing it on insta/fb but legitimately share my test results link to my friends manually like a referral code. The more shares the more marks I'll get in the test. Why the test you ask. Of course to sign you up for the same Whatsapp trickery bullshit.

Luckily these nutcases didn't know they could be bypassed. I simply opened the link in incognito and logged in with my own account and that counted as a point. So I automated that shit.

Surprise surprise. The same fucking "Hello everyone" message into my mail. To my surprise I was relatively lucky to get ghosted after my attempt. This story is quite depressing in general cases. You're supposed to do this assignment shit for 2 months and then they ask for 2000 INR for a training period, past which you are paid between 1000/- and 7000/-. Though I didn't get the chance but I'm willing to bet you get 1000/- per month in a 2-MONTH INTERNSHIP. WTF.

You also have the other option of ranking first in their 3 consecutive competition that they hold. The theme is again to create chunks of their actual outsourced work.

WHY NOW:

The reason why this rant sparked is because I recently received an email with my results of the aptitude exam that I first took before the Whatsapp fiasco. I imagine they just pushed out a new update to their test thingy and forgot to set it's limit.

THE CORRECTION ARC:

I pushed this message to Internshala. They were kind enough to remove them from their website. I also shot down their Angel and Indeed listings. I sent a strongly worded email counting their con-artist operations and how I've alerted authorities (obviously a bluff but I was enjoying it). They most probably are not affected by this though. They might still be continuing their operations on their website.

I'm sharing the story here with the moral of:

Don't do jackshit if they're not compensating you for it

Always check for reviews before you start working at a place.

Be cautious of bulk messages (and the infamous HEY GUYS!! opening)

Don't do anything outside your work specification at least while doing an assignment.

You're free to question and inquire respectfully about the proceedings.

If you're good at your job you'll get good working place. No need to crush yourself with an oppressive job due to external restrictions.

And if you manage a company, please don't take advantage of helplessness.

There's no good ending to this tale as I have not received a follow-up. Though I want to see scumbags of their calibre shot down without remorse.

Good bye and thank you for listening.

“Ultra Thin Hard PP”
I'm in this picture and I don't like it, amiright
Referral link in the description! (jk)

Brave Browser.

There’s a reason why brave is generally advised against on privacy subreddits, and even brave wanted it to be removed from privacytools.io to hide negativity.

Brave rewards: There’s many reasons why this is terrible for privacy, a lot dont care since it can be “disabled“ but in reality it isn’t actually disabled:

Despite explicitly opting out of telemetry, every few secs a request to: “variations.brave.com”, “laptop-updates.brave.com” which despite its name isn’t just for updates and fetches affiliates for brave rewards, with pings such as grammarly, softonic, uphold e.g. Despite again explicitly opting out of brave rewards. There’s also “static1.brave.com”

If you’re on Linux curl the static1 link. curl --head
static1.brave.com,
if you want proof of even further telemetry: it lists cloudfare and google, two unnecessary domains, but most importantly telemetry domains.

But say you were to enable it, which most brave users do since it’s the marketing scheme of the browser, it uses uphold:

“To verify your identity, we collect your name, address, phone, email, and other similar information. We may also require you to provide additional Personal Data for verification purposes, including your date of birth, taxpayer or government identification number, or a copy of your government-issued identification
Uphold uses Veriff to verify your identity by determining whether a selfie you take matches the photo in your government-issued identification. Veriff’s facial recognition technology collects information from your photos that may include biometric data, and when you provide your selfie, you will be asked to agree that Veriff may process biometric data and other data (including special categories of data) from the photos you submit and share it with Uphold. Automated processes may be used to make a verification decision.”

Oh sweet telemetry, now I can get rich, by earning a single pound every 2 months, with brave taking a 30 percent cut of all profits, all whilst selling my own data, what a deal.

In addition this request: “brave-core-ext.s3.brave.com” seems to either be some sort of shilling or suspicious behaviour since it fetches 5 extensions and installs them. For all we know this could be a backdoor.

Previously in their privacy policy they shilled for Facebook, they shared data with Facebook, and afterwards they whitelisted Facebook, Twitter, and large company trackers for money in their adblock: Source. Which is quite ironic, since the whole purpose of its adblock is to block.. tracking.

I’d consider the final grain of salt to be its crappy tor implementation imo. Who makes tor but doesn’t change the dns? source It was literally snake oil, all traffic was leaked to your isp, but you were using “tor”. They only realised after backlash as well, which shows how inexperienced some staff were. If they don’t understand something, why implement it as a feature? It causes more harm than good. In fact they still haven’t fixed the extremely unique fingerprint.

There’s many other reasons why a lot of people dislike brave that arent strictly telemetry related. It injecting its own referral links when users purchased cryptocurrency source. Brave promoting what I’d consider a scam on its sponsored backgrounds: etoro where 62% of users lose all their crypto potentially leading to bankruptcy, hence why brave is paid 200 dollars per sign up, because sweet profit. Not only that but it was accused of theft on its bat platform source, but I can’t fully verify this.

In fact there was a fork of brave (without telemetry) a while back, called braver but it was given countless lawsuits by brave, forced to rename, and eventually they gave up out of plain fear. It’s a shame really since open source was designed to encourage the community to participate, not a marketing feature.

Tl;dr: Brave‘s taken the fake privacy approach similar to a lot of other companies (e.g edge), use “privacy“ for marketing but in reality providing a hypocritical service which “blocks tracking” but instead tracks you.

Rant and geniune question:

How can a group of 'devs' make 2 functional(enough unfortunately), many active users, phone apps, not just basic af, over a few years... but apparently not know how to make a working referral link of any kind???

Am i missing something like referral code link logic being extremely hard for typical devs to understand? Or some odd or trending reason for for forcing manual, explicit, referral code binding instead of a simple (imo) link that attributes the new user account to the referring user's? If you dont believe me u can check either/both of their actively running, decent/moderate size user base apps, claw eden (on play store) and/or claw party (possibly only via finding an apk... at least not on google play).

They have legit rewards, relatively very fair/honest policy... etc... i get 60+ items won/delivered a month (i have paranormal crane game skills #AutisticSuperpower) which i donate the vast majority of to charity (1 of 3 reasons the IRS reeeeally dislikes me).

Im just baffled by this apparent inability.

Fellow devRanter needs your referral for internship in United States.

I was not confident or ready when the big companies were hiring for an internship. 190+ Leetcode problems later, I am now confident that I can crack technical coding interviews but I think its too late now. None of the companies I've applied to has responded back to me. I am worried that I have to stay idle during the summer break. I have 3 years of prior work experience as a software development engineer with a decent GPA and a few side projects. Any help would be much appreciated. Please provide referrals if your company is hiring candidates for an internship position. Thanks.

I'll share link to my leetcode profile, my github repo and linkedin profile. Please dm me.