So we ordered a piece of software from external software house becouse I was low on time and we needed it asap.

So. Long story short, their software was bugged as hell, they deny all the bugs and they have their BDD that they done and anything we say about it like "feature XYZ is broken on firefox" they will deny it "becouse it wasn't on BDD" or "let's get on call" (in which +- 6-7 people participate from their side and we of course have to pay them for this...)

So they fixed like 20% of bugs (mostly trivials/minors) Application is fairly small scope. You have integration with like 3 endpoints on arbitary API, user registration/login, few things to do in database (mainly math running from cron).

They done it in ASP so I don't know the language and enviroment so can't just fix it myself.

2 days ago (monday) they annoyed me to point where I just started to break things. For starters I found that every numeric input is vunrable to integer overflow (which is blocker). I figured most of fields are purefect opportunity to XSS (but I didn't bother to do JS... anything but not JS...). I figured I can embed into my name/surname/phone (none validated) anything in HTML...

So for now we have around 25 bugs, around 15 of them are blockers.

They figured it's somehow our fault that it's bugged and decided to do demo with us to show off how perfectly it works. I'm happy to break their demos. I figured I will register bunch users that have name - image with fixed/absolute position top:0;left:0 width/height 100% - this will effectively brick admin panel

Also I figured I can do some addotional sounds in background becouse why not. And I just dont know what to put in. It links to my server for now so I can freely change content of bricked admin panel.

I have curl's ready to execute in case they reset database.

I can put in GIFs or heck, even videos, dosen't really matter. Framework escapes some things for them so at least that. But audio/image/video works.

Now I have 2 questions:
- what image + audio combo will work the best (of course we need to keep it civil). Im thinking finding some meme with bugs or maybe nuclear logo image with some siren sound
- am I evil person?

Edit:

I havent stated this clearly:

"There is no BDD that describes that if user inserts malicious input server should deny it" - that's almost literally what we get from them....

I lost a bet today 😥 ... My surname is inman

I have to name my first born child

put-it

The bet? That apple wouldn't reject the app I submitted ... Fuck apple

Why red herring is important between discussions.

My daughter: Papa! See this is my name and this is the name of my Sir.

I: No my little princess!! This is our surname.

My daughter: oh ok!! Who is that?

I: Ummm... (No answer) Wow!! You're wearing a beautiful dress today...

Security fail here. I've just started a PPI claim and have been provided a link to a so called "very secure" client area.

There are no username or passwords and the screenshot is not a first time sign up screen.

All I need to login is a surname, postcode and DOB - all information easy enough to find online.

Pretty bad IMO, esp, so considering the effort required to add a proper login using a username/password combination.

I mean I'm logged in now and have no option to set an account password :|

Attention: incomming resentful boiled up for months rant.

Hands down G2APAY is the worst because:

Merchant account aproval takes fcking months. It starts with unreasonable delays in documents approval. I mean insane nitpicking. They want to see merchants name surname and address on every god damn document that you submit even if for example bank statement doesnt include these details. I had to manually edit pdf’s just so that they would fck off and approve the merchant application. Insane requirements for document check also combined with their email only support answering only once a week you will have to wait one month just to get your account approved.

Then you get to the fun part, approval proccess for vendor gateway and webhook integration. They are nitpicking everything you can imagine: about website not having https, website forum missing some icons, merchants phone number being from another country then he is, and bunch of other hundreds of problems imagined only by them. Again combined with their one email reply per week policy you will waste atleast one month to finish up your integration.

Now finally you are their client and you think you can chill and go back to focusing on your business? Nope bro. Prepare for threatening emails. Last time I got a request to install https or my merchant application will be shut down. I was given 3 days notice on a fcking friday and had to do it.

Then g2a backend is crashing quite often. Combined with their one email per week policy you are fcked in the ass if your users were not able to pay through g2a and you will get no compensation.

Their backend documentation is shiet. Not clear how to integrate everything and after you integrate they make changes without publishing any changesets. Your integration is working? Good luck if it will still be working tomorrow.

And the very worst part is that they stopped proccessing credit cards like month ago with zero notice. Its been weeks and still zero news about bringing card proccessing back. They sad that they were acquired by some other company so shitty support got even shittier now while they are in a proccess of handover.

So yeah thats the worst vendor I have ever seen in my life. For example integrating paypal took me 30 minutes. Integrating stripe and getting all documents reviewed took me one business day. Same with paymentwall integration and document approval took 1 business day. Support is amazing and even have a phone number that I can reach if urgent problems arise. Thats how it should be. Thats why I can pay percentage of my transactions with a smile for them.

Sorry for the typos since im typing on my shiet phone while driving.

Eat a bag of dicks g2apay. I hope you go bankrupt and shutdown.

For fuck sake!
Fuck locatefamily.com, just searched out on google my name and surname, both foreign and hard to even spell out for many, and it's the first time that I saw my data(where did I live, my current work phone number, name and surname) open wide as the second link of my search, fuck!

But there's a clue, at that address I lived for a not so long period, so I did search my emails in that period and other than my employers and government emails(in which I don't trust either), here's a list of companies that had my info(partial or full):
Only address(with name and surname):

Amazon.it with 14 other companies(for shipping)
eBay with 4 other companies(for shipping)
voxelfarm.com
trenord.it
DUMA (LIGHT) di Adel
decathlon.com
gruppoargenta.it
paypal.it

All info:
gearbest.com
glistockisti.com
oculus.com
Banggood.com

Overall there are 33(including government, employers and national main mail service) potential leaks of that data, with 7 in full exposure.

After this, I'm thinking how it's even avoidable to not leak personal data, because from any of those businesses I got goods or services that otherwise I couldn't without exposing such informations... fuck.

I have saved my sister's contact number with the nickname. Few days back I've noticed that her surname is automatically added to the nickname. Today I've noticed that her nickname is replaced with her real name in my Android mobile.

When I checked my contact list I noticed that there are 2 contacts, one with nickname, another with her real name.

Is this a new trick Google playing?

Interesting password recommendation here...

Translation:
- A form with to fields: Surname and password.
- Below the form is a text: "For signup please enter your name and a password (e.g. your email address). With your name and password you can change your data anytime and may get access to the memberlist."

Bonus: There is a "help"-button (outside of the cutting) which even *recommends* the use of the email-address as the password!
Extra bonus: The password field is a normal text one.

IF THE EMAIL ADDRESS HAS TO BE SUBMITTED, WHY NOT JUST ADD ANOTHER FIELD OR AT LEAST LABEL THE FIELD CORRECTLY!

Update: After this form, you get to another form, to enter you email address...

We have to take our surnames under control. What's the point of having a particular surname if you're not connected to it or people who had it in any way? If, say, your surname is “Taylor”, and you're not a tailor, then why have it in the first place? Change it to “Coder”! This is how English surnames always worked.

I have friends married to girls from the Philipines. If there are some people from said country in here, would you mind telling me why their FB names, instagram names or whatever are things like:

"Cee La SomeShit still Trying <white dude surname>"
"Beauty Hope LoveThisSwag <whatever last name>"
"Leyla StillHaveDabooty <white surname>"

Like wtf, just put your fucking name, shit sounds SO fucking trashy

My surname is also a common firstname, so sometimes people mix them up and call me by my surname. I'm never offended and just answer by calling them by their surname too, so they understand... usually.

Today, the following e-mail exchange happened:
(Following are made-up names)
Me: Alexander William
Colleague 1: Kurt Richardson
Colleague 2: Amy Lopez

From: k.richardson@contoso.com <Kurt Richardson>
To: a.william@contoso.com <Alexander William>
Cc: a.lopez@contoso.com <Amy Lopez>

Hi,
Could I have an USB-C to HDMI adapter please ?
Thanks.
--------------------------------------------------------------------------
From: a.william@contoso.com <Alexander William>
To: k.richardson@contoso.com <Kurt Richardson>
Cc: a.lopez@contoso.com <Amy Lopez>

Hi Kurt,
I'm currently remote-working but if you are on premises tomorrow I could give one to you.
If you're not there tomorrow, I'll just drop it on Amy's desk so you can get it from her.

Regards,

Alexander William
--------------------------------------------------------------------------
From: k.richardson@contoso.com <Kurt Richardson>
To: a.william@contoso.com <Alexander William>
Cc: a.lopez@contoso.com <Amy Lopez>

Hi William,
I'm working on premises every thursday.
Regards.
--------------------------------------------------------------------------
From: a.william@contoso.com <Alexander William>
To: k.richardson@contoso.com <Kurt Richardson>
Cc: a.lopez@contoso.com <Amy Lopez>

No problem, Richardson. As I said I'll then drop it on Lopez' desk.

Regards,

Alexander William
--------------------------------------------------------------------------
From: k.richardson@contoso.com <Kurt Richardson>
To: a.william@contoso.com <Alexander William>
Cc: a.lopez@contoso.com <Amy Lopez>

Good evening William, [Editor's Note: this was received at 14:23]
Thanks.

Is he fucking dense or what?

Once I worked on a custom CMS for a client who was really into breaking stuff... actualy he broke a lot of shit by doing some stuff on he's website while it was live!!!

Once after a hard days of work I had to publish the new version of the site...... first I checked that it is still working on the live server so I could take a backup.... gues what the website was totally fucked up......
I was really angry at that moment and this incident wasn't the first one so I created a user with bunch of swear words as name, surname, email etc etc... and I forgot about it..... so 2 to 3 weeks later the client noticed that user.... and wrote a angry letter to my boss....

Didn't get fired tho :D

After waiting for almost a month, yesterday I went to check on how my computer was doing, since I hadn't got any messages or calls ever since.
I go to the store and ask one of the workers about how my laptop is doing, and that I'd left it there almost a month ago and that they'd tell me when it was time to get the papers and then the laptop itself. The girl asks me for my phone number and then my name, and found nothing on the computer. She goes somewhere inside the store and comes back with a colleague, who tells me that I need a process paper. I pull out the receipt the technician photocopied and signed because that was the only thing I had. I hadn't touched that part of my paste for the whole time after I left the computer there and I was 100% sure I didn't have the process paper with me until he started pressing me for it. I kept repeating that the technician told me that they'd call or message me when said process paper was ready, which I hadn't got any of those to go pick it up. The guy asks me if that were the number and name I'd given the tech guy and I said yes. Both of them disappear into the store again. They come back with a cardboard box and say that the surname written there was wrong by a char (as I've said before my name is unusual, and my surname is also unusual where I'm studying, but where I'm from there's like 5 or 6 families with that surname), so that's why they couldn't find it in the computer. After that they went through all the details I gave on the time of handing the PC and the number they told me was there was off by miles. I think I may have said a wrong digit but that number was way off. There should be some person who got calls or messages about a computer they don't even own LoL
They told me to try it and see if it was running OK and that I had 15d to go back if something was wrong
When I got home I turned it on, afraid it would start dying on me again LoL
I pass the login screen and the fan just starts working really hard and I'm worried. The ASUS guys reinstalled Win8 and the CPU is running wild already, going at about 3,5 GHz (2,5 max) and over 30% usage on nothing
After some minor inconveniences (making the USB with Win10 took longer than expected) I finally installed Win10 and the CPU usage drops to < 10% and runs at way below the 2,5 GHz max. It constantly uses <= 10-15% CPU and the fan makes no noise unless I put in a heavier game (like Oxygen Not Included - it asks for 4GB RAM minimum 8I), in which case it goes up a bit and runs at around 3 GHz, but it doesn't make as much noise as before, thank jesus. I'm gonna keep trying to see how it does and hope I don't have to go back to the store after the next 15d 8I
I can finally work and not be a leech on my friends because my old toshiba - which I forgot I'd brought with me to uni - is really old and it makes a lot of noise (the fan is constantly working too much but it's so old I don't bother anymore) and it heats my room a lot, so it's gonna be a nice change of pace HaHa

Okta emailed me trying to sell their SSO gubbins.

I actually quite like the idea of being able to abstract away all the providers people might want to log in with, and making it someone else's job to check whether those providers are trustworthy.

But the email is copied to every permutation of my name/surname/initials etc @mydomain.com.

They had no legitimate way to obtain my email address for marketing purposes, so they just guessed it.

And I'm supposed to believe no corners will be cut and no bodges applied in making sure the user is who he claims to be?

!rant !!Story

I installed Truecaller and it naturally scraped my contacts information. I realized that anyone now who had not saved my number can search who I am. I didn't want that to happen so I uninstalled Truecaller. But people still saw the name and profile I had created. So I reinstalled Truecaller changed my name and surname to 'Call me to know who I am' and uninstalled Truecaller again. Now it overrides the information so anyone searches for my number and hasn't saved it that's what he'll see.

We've all seen the people with names like 'Chutia', or 'Boob', but today I came across a person with a surname as 'Shit'. :/

Facebook is going to have a hard time with that one.

I started to contribute to open source again to improve as a dev and to break away from web stuff, on top of that I want to improve my professional imagine with a rebuilt personal website, decent LinkedIn posting and a more curated GH profile (starting from the name, I’ll replace the childish “edgy” name I’m using with actual name + surname).
The only issue I have is that on my current GH profile there are a couple of issue on random OSS projects which I offered to fix but then I’ve not maintained the promise for mental health or work issues which deprived me of any willpower towards evening programming. Do you think it’s better for me to create a new profile to get rid of these or I can still use my current profile without risking significant reputation damage?

How would you approach choosing a fairly short but meaningful domain name? Common words are obviously going to be taken.

I have a handful of domain names used for different things, but my main one is 17 characters long and made up of 2 words and not particularly interesting (my surname + another word). It's relatively easy to read out to people over the phone, but inputting it in a phone handset or on a device without a keyboard (e.g. setting the hostname + domain of a media centre with a remote control) is a bit tiresome.

Doesn't even have to be something I can say easily as I mainly want it just for "infrastructure" purposes rather than to host a website etc.

I'd probably use it for sign-up e-mails to reduce the amount of spam/newsletter mail (I do generate a separate address for signing up to most services) but other than that wouldn't be using it regularly for e-mail.

But I don't want something meaningless like abcxyz.

I had to do a modular deduplication project that could read, parse and clean up the data.
The data? Personal information: Name, Surname, phone, address and more.
Imagine the zip code in any of the following formats: ####AA, #### AA. Names with and without dashes. Address with(out) spaces, dashes, underscores etc. as well as typos! Now clean it up, and dedup.

But what files have priority over another? What data is newer? How to process address changes?

Deadline: 2 moths, impossible deadline for a (at the time - 4 years ago - rookie developer)
Anyway, night before the deadline, code was running somewhat (Java) and was able to get a Regexed address cleanup of about 70 - 80%.

My boss comes in to check the progress, sits me down next to him and says: Not good enough, let's do it together tonight, it was 4pm, day normally ends at 5pm.

No thank you, I can't do that. if you don't want this code, then I can't meet your deadline.
bye

I wonder when we'll stop the abuse of naming conventions like name & surname, by this I mean not all cultures have a surname but most of us are ignorant about it and those people when they are presented with an obligation to fulfill that field they cannot do it legally, because they'll lie.

A more open approach with only one field for full text identity would solve this issue.