I was registering for a website, and on a whim, I used this as my username:
null'); PRINT('Hello');--

And sure enough, the login system went down. The next day it was still down, so I went to Twitter to tell the people running the site that this was why, but to my surprise, I see them saying they had been hacked.
Based on the timing, I'm pretty sure they're referring to this, but they are saying user info was stolen. *facepalm*
They later said they stored passwords salted with a fixed salt and hashed with fucking md5, at which point I was glad not to have done any more business with them.

How incompetent can these fucking people be?!

Bossman freaks out over every little thing (ironically unless it's important).

Bossman also just set our papertrail 500 filter to forward him a copy of every "critical alert."

Fuck me.

He has zero technical knowledge and zero reading comprehension. He literally forwarded one and said "This has one lots of info in it. explain it to me." (It was a log usage notification. in plain English. It had maybe three numbers in it.)

There's lots of useless "500"s in the list we don't care about. API Guy used the finer as a debugging alert system, and peppered his logs with "500 internal hey look at this." In fact, none of the 500s were even interesting; all but one was spam.

All day I've been tending to freakouts and accusations of me not doing anything. Ugh.

So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)

Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.

Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.

Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.

It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.

I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.

So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.

I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.

Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.

An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:

"please reenter card number to validate."

Bupkiss. Dead end.

OR SO YOU WOULD THINK.

One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:

"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"

One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:

With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.

So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.

Admin work, because its all manual:

- Each new project has to fill out an Excel tab in a workbook, with a list of all the major tasks and who is responsible. This then needs to be used to create a Gantt chart, manually, in the same tab, showing in what month a task starts and ends.

- Every month we have to manually enter status updates into a powerpoint slide on a shared deck. Which has a collision at least once per month.

- Once a quarter we need to do something similar as the powerpoint slides, but into a word doc instead.

- Once a week we need to track our time on projects in a tool that can't be integrated with (no API or anything). Meaning we can't link up a ticket tracking system to it, so again, all manual.

- Once every 6 months a new round of research funding opens up and we write proposals. The status for which are tracked in another Excel spreadsheet, manually, once a week until the deadline.

- The instructions for what to do with the proposals are so vague and badly documented that there is an unwritten rule, that for the first time you will have to ask a bunch of questions to the project manager. This is accepted by everyone and its just the done thing.

- Everything is stored in a dropbox style system, which has become so cluttered I can only find resources by saving the links sent out previously.

- Some of these updates / reports also get a 1 hour meeting for everyone to stand up and read out what they've entered.

- From time to time random things will need to be reported on to the higher ups (how many publications, research papers, patents, times and dates etc.). Again rather than a tool, a new Excel spreadsheet is whipped up and emailed to everyone on the team. Whoever sent it out, then has to merge the 20+ copies into 1 doc.

- Some of the staff (mostly the devs), use a ticket tracking system to keep track of everything. Management refuse to use it to track the things they need. Instead we have to copy paste from it into the word docs, powerpoint, excel etc.

- By far the most annoying. Management force all the above as they need the info for finance, accounting, legal etc etc. So we have to do it, but whenever there is a question from legal, management send the question to us. So despite having documented every facet of everything imaginable, it all gets ignored in favour of endless emails.

I once tried to to put an end to all of this madness by proposing the use of a ticket tracking system, and then building reporting tools on top of it.

... I was told that it "wasn't appropriate". Still don't know what that means.

A big FUCK YOU to chrome, and a big FUCK YOU to google in generally. First the hell that is code.org, then the chrome. I genuinely want to open a dictionary in google to see if the word "privacy" is in there. Sure, first it was tracking users with by making them agree to a long ass TOS no one wants to read except lawyers, then barely even giving any info and asking for consent with YOUR data, but this is too far. For all you that dont know, LanSchool is an application that allows teachers to see students screens, internet history and more. Its the reason kids can't play games in English class. But most importantly, its a chrome extension. We have to do assignments from home right? So when we logon to the school account from home, LANSCHOOL GETS DOWNLOADED ANYRACKS EVERYTHING I DO. It pains me how teachers can view so much information unfairly because of some unknowing students, my friends privacy was unfairly in the hands of google and the school system. Right when I found out about tit (~2 mins after i first logged on) i made an Ubuntu VM just for goddamn google docs. Back to my friend, he went on some websites not to be considered appropriate, and got in huge trouble. He was completely unaware of the fact that they could see his screen, and I resent google for allowing a third party to manipulate my PERSONAL COMPUTER without my consent. Die google, you ruined android, which had so much potential, and now the web and virtual privacy. You should be <strike>ashamed</strike> dead, and I hope in the future you realize that one day people will have common sense.

Legacy code.

Honestly though, this is some of the better legacy code I've worked with at this company. It's a nifty alert system wherein you can trigger sending messages to subscribers of that alert via whatever means (phone/email) they've entered.

I'll save you the technical analysis of its internals, but suffice to say it's actually pretty nice, with good separation of concerns, internal logic hidden away, dead-simple public interface, etc. documentation is kinda crap, but it exists (!), so that's a nice change.

but.

For some unknown and bloody bizarre reason, the thing breaks when a user wants both sms AND email notifications. Either by themselves work totally fine, but both together? nonono. Email alerts give ArgumentErrors, so something internal isn't correct, and SMS alerts complain about uninitialized Twilio::Error constants.

but.
they both work fine otherwise?

also, the two notification preferences aren't stored on the same object anywhere. if a user wants both, the user creates two AlertContact objects with different info, and when performed, the Alert basically iterates over these and does its thing for each, so there is no knowledge shared between them. totally should work the same regardless.

idfgi.

ALSO.
AND THIS PART REALLY PISSES ME OFF.

WHEN THERE'S AN ERROR, THIS THING DOESN'T LOG IT. IT STRINGIFIES THE ERROR OBJECT (basically just extracting the message) AND INSERTS THAT INTO THE DATABASE INSTEAD. WHAT THE CRAP.

So, I don't get a stack trace, line number, or anything. just the basic error message. instead of my alert text. because of course that makes sense and totally helps debugging.

aklsjfak;sldfj.
legacy code.

After returning back from the company we were purchasing a new phone system (hardware+software, $100K+, kind of a big deal)
VP: “I need the new phone system software integration for our CRM by next week. I need to demo the system for the other VPs”
Me: “No problem. Were you able to get their API like I asked?”
VP: “Salesman didn’t know for sure what that was, but he said all the developer software documentation is on their site.”
Me: “Did he give you a URL? Their main site is all marketing mumbo-jumbo. I assume there is another one specific for developers.”
VP: “Yea, he might have said something, but I don’t understand why you need it. The salesman said the integration would be seamless. He showed me several demos.”
Me: “No, I mean I need to know, is the API a full client install? a simple dll? is this going to be a web service integration? How will I know what to program against?”
VP: “I think I heard him say something about COM? Does that sound like an API?”
Me: “It’s a start. Did he provide you anything, a disk, a flash drive, anything with the software?”
VP: “No, only thing he told me was our CRM integration would be seamless and our development team would have no problems.”
Me: “OK..OK…I get it…he’s a salesman. Is there an 1-800 number I can call? A technical support email address? Anyone technical I can reach out to?”
VP: “Probably, but I don’t understand what the problem is. I need the CRM integrated by next week. I gave the other VPs a promise we would get it done. I do not break promises.”
Me: “Wait…when are we installing the new system?”
VP: “Well, the purchase order will be cut at the end of the month’s billing cycle, the company has about a two month turnaround time to deliver and install the hardware, so maybe 3 months from now? Are you going to be able to have the integration ready for next week?”
Me: “If we won’t see any of the hardware for 3 months, what exactly am I integrating with?”
VP: “That API you wanted or whatever it is. COM…yea, it’s COM. I was told the integration would be seamless and our developers would have no problem. I don’t understand why you can’t simply write the code to make it work. Getting the hardware installed is going to be the hardest part.”
Me: “OK, so I have no documentation, we have no hardware, no software, and no idea what this ‘seamless integration’ means. I’m afraid there isn’t anything I can do right now. ”
VP: “Fine!...I’ll just have to tell the other VPs you were not able to execute the seamless integration with the CRM.”
Which he did. When the hardware+software was finally installed, they hired consultants (because I “failed”). I think the bill was in the $50K range to perform the ‘integration’ which consisted of Excel spreadsheets (no kidding). When approached with the primary CRM integration, the team needed our API documentation, a year’s development time and $300K. I was pissed off enough, and I had the API documentation, I was able to get the basic CRM integration within 3 days. When an agent receives a call, I look up the # in our database, auto-fill the form with the customer info, etc. Easy stuff when you have the documentation.
The basics worked and the VP was congratulated by ‘saving’ the company $300K. May or may not have been bonuses involved, rumors still out on that one, but I didn't see em'. Later my manager told me the VP was really ticked that I performed the integration ‘behind his back’, but because it was a success, he couldn’t fire me.

Weekend projects are fun! Although front end is still a challenge, it looks good enough.

Suddenly got the idea to do something with letsencrypt/nginx wildcard subdomains (*.example.com) so created a project around that now through which you can check what your ip address/user agent/operating system/ip version is (maybe more to come) but due to the wildcard part you can enter quite a number of subdomains which all show the related info.

I'd find it very useful myself, not sure if other people would but oh well!

I've found and fixed any kind of "bad bug" I can think of over my career from allowing negative financial transfers to weird platform specific behaviour, here are a few of the more interesting ones that come to mind...

#1 - Most expensive lesson learned

Almost 10 years ago (while learning to code) I wrote a loyalty card system that ended up going national. Fast forward 2 years and by some miracle the system still worked and had services running on 500+ POS servers in large retail stores uploading thousands of transactions each second - due to this increased traffic to stay ahead of any trouble we decided to add a loadbalancer to our backend.

This was simply a matter of re-assigning the IP and would cause 10-15 minutes of downtime (for the first time ever), we made the switch and everything seemed perfect. Too perfect...

After 10 minutes every phone in the office started going beserk - calls where coming in about store servers irreparably crashing all over the country taking all the tills offline and forcing them to close doors midday. It was bad and we couldn't conceive how it could possibly be us or our software to blame.

Turns out we made the local service write any web service errors to a log file upon failure for debugging purposes before retrying - a perfectly sensible thing to do if I hadn't forgotten to check the size of or clear the log file. In about 15 minutes of downtime each stores error log proceeded to grow and consume every available byte of HD space before crashing windows.

#2 - Hardest to find

This was a true "Nessie" bug.. We had a single codebase powering a few hundred sites. Every now and then at some point the web server would spontaneously die and vommit a bunch of sql statements and sensitive data back to the user causing huge concern but I could never remotely replicate the behaviour - until 4 years later it happened to one of our support staff and I could pull out their network & session info.

Turns out years back when the server was first setup each domain was added as an individual "Site" on IIS but shared the same root directory and hence the same session path. It would have remained unnoticed if we had not grown but as our traffic increased ever so often 2 users of different sites would end up sharing a session id causing the server to promptly implode on itself.

#3 - Most elegant fix

Same bastard IIS server as #2. Codebase was the most unsecure unstable travesty I've ever worked with - sql injection vuns in EVERY URL, sql statements stored in COOKIES... this thing was irreparably fucked up but had to stay online until it could be replaced. Basically every other day it got hit by bots ended up sending bluepill spam or mining shitcoin and I would simply delete the instance and recreate it in a semi un-compromised state which was an acceptable solution for the business for uptime... until we we're DDOS'ed for 5 days straight.

My hands were tied and there was no way to mitigate it except for stopping individual sites as they came under attack and starting them after it subsided... (for some reason they seemed to be targeting by domain instead of ip). After 3 days of doing this manually I was given the go ahead to use any resources necessary to make it stop and especially since it was IIS6 I had no fucking clue where to start.

So I stuck to what I knew and deployed a $5 vm running an Nginx reverse proxy with heavy caching and rate limiting linked to a custom fail2ban plugin in in front of the insecure server. The attacks died instantly, the server sped up 10x and was never compromised by bots again (presumably since they got back a linux user agent). To this day I marvel at this miracle $5 fix.

Worst exp. on a collab/group project?

Had a few, here is one.

Worked with a dev team (of two devs) in Norway to begin collaboration on providing a portal into our system (placing orders, retrieving customer info, inventory control, etc)

They spoke very good English, but motivation was the problem. Start the day around 10:00AM...take a two hour lunch...ended the day at, if I was lucky, 4:00PM (relative to Norway time). Response time to questions took days, sometimes weeks. We used Skype, which helped, but everything was "Yea...I'll do that tomorrow...waiting on X....I have a wedding to go to, so I'll finish my part next week."

I didn't care so much, I had other projects to do, but the stakeholders pounded me almost everyday demanding a progress report (why aren't you done yet...etc..etc.)
The badgering got so bad I told the project owner (a VP) if he wanted this project done by the end of the year, the company would have to fly me to Norway so I personally push things along.
When real money was on the line, he decided patience was warranted.

A 3 month project turned into 9, and during a phone meeting with the CEO in December
O: "Thanks guys, this project is going great. We'll talk again in February. Bye."
PM: "Whoa...what! February!"
<sounding puzzled>
O: "Um..yes? It's Christmas time. Don't you Americans take off for Christmas?"
PM: "Yes, but not until Christmas. Its only December 12th. Your taking the whole month of December and January for Christmas?"
O:"Yes, of course. You Americans work too hard. You should come over here and see how we celebrate. Takes about a month so we can ease back into the flow of things."
<Jack is the VP>
PM: "Jack wanted this project completed by the end of the year, that is what everyone agreed to."
O:"Yes, I suppose, but my plane is waiting on me. Not to worry, everything will be fine."
<ceo hangs up>
PM: "Oh shit..oh shit..oh shit. What are you going to do!?"
Me: "Me!?..not a darn thing. Better go talk with Jeff."
<Jeff is the VP>
J: "This is unacceptable. You promised this project would only take a few months. I told you there would be consequences for not meeting the deadline."
PM:"But..but...its not our fault."
J: "I don't care about fault. I care about responsibility. I've never had to fire anyone for not meeting a deadline, but .."
Me: "Jeff, they are in Norway and no one is working this project for the next two months. You've known for months about them dragging their asses on this project. We're ready to go. Services have been tested and deployed. Accounting has all the payment routing ready. Only piece missing is theirs."
J: "Oh. OK. Great job guys. I guess we'll delay this project until February."
<leave the office>
PM: "Holy shit I'm glad you were there. I thought I was fired."
Me: "Yea, and that prick would have done it not giving a crap that it's Christmas."
<fast forward to Feb>
O: "Our service provider fell through, so I'm hosting with another company. You guys know PHP? Perl? I don't know what they called it, but it sounded so cool I bought the company."
PM: "You bought what? Are we still working with Z and B?"
O:"Yea, sort of. How's your German? New guy only speaks German."
PM: "Um, uh... no one here speaks German"
O:"Not to worry, I speak German, French, and Italian. I'll be your translator."
PM: "What? French and Italian?"
O: "On my trip to France I connected with a importer who then got me in touch with international shipper in Italy. I flew over there and met a couple really smart guys than can help us out. My new guy only speaks German, J only speaks French, and R speaks Italian, Russian, and a little English. Not to worry, I'm full time on this project. You have my full attention."

We believe the CEO has/had some serious mental issues, including some ADD. He bailed within the first month (took another vacation to Sweden to do some fishing) and left me using Google Translate to coordinate the project. Luckily, by the end, the Norwegian company hired a contractor from England who spoke German and hobbled together the final integration.

Had nothing to do today, so I thought I´ll test the migration of SVN to Git in Gitlab.

Boss sent me a mail today, that when I migrate we need to preserve the history, so I actually have to put some effort in it. *sigh*

Shout-out to the Gitlab documentation at this point.
That´s probably the best doc I´v ever read...

Well so I tried to use svn2git. And well...
Who the fuck thought that this piece of shit software is in any way usable?
Holy crap!
If it fails, it just does so without any info why. Even in verbose mode.
And the RAM usage? What the actual fuck?
This whole thing is a complete memory leak!
32Gigs of RAM full in Minutes and the whole system starts to stall!
And then when I thought it finally runs through.
Bam another git checkout error...

Googling for that error then I found something. A version of svn2git made in .Net Core.
Didn´t expect much but I tried it anyways.
And would you look at that!
It ran so smooth and didn´t need that much RAM , I had some doubt it did work correctly.
But it did!

I think I´m gonna pay a coffee or two to some guy over in China now!

20+ years ago we got a contract to replace an old home grown system for managing rented equipment for a company with offices in two countries with a new standard system.

I was tasked with building a few addon modules to handle import and reporting that the standard system lacked.

Over the course of 8 months and multiple trips to their head office for on premises development along side their people that knew how it should work (there was a lot of waiting for info so it was not 8 months of actual work) we finally was ready to present the finished solution.

After about one hour of demonstration their boss questioned why we did not demonstrate the connection to their corporate group accounting system ...

“Corporate group accounting?”

After some confused discussion it turns out that in one of the first meetings the sales person had they had mentioned this accounting system and that all accounting info was to be exported there.

This requirement was never listed in the specifications we got and looking into it it turned out that the standard system did not support such exports at all.

In the end we had to throw it all away as it proved impossible to get that info out of the system (which was not of our design).

We barely avoided having to repay all fees as their people had approved the specification but standing there without a clue to what he was asking for was a very scary experience, thinking “how could we miss this?”

Oh boi.

Once she asked me "Why don't we just upgrade the HTML version?" as in "upgrade our system".

There were more such gems from her, but I think this one was the ultimate.

Background Info: We make emails and to support as much clients as possible you gotta go with the real oldschool html 4.1.😒

So we are implementing a big and very complete localization management system on my company. The system has great features, indeed, but:

1. We cannot use the browser back button, because it is js and it appears no one cared about it (I am not a js Dev, but you can UAE the back button on my site that has js);

2. It is very customizable, but not intuitive. So you have one million options and you never know where to change what you need;

3. It has a save button everywhere, but most options are saved automatically, so you never know when you need to save. Actually, people from the webapp company use the save button as refresh, once we cannot use the browser refresh button;

4. Combo boxes load the elements while you scroll them, so to scroll to the bottom, you need to keep scrolling several times, waiting it to load the elements;

5. It does not allow you to open more than one tab of it at the same time. So if you need to see more than one information from different items, you need to navigate and wait the loading times to see what you need;

6. Emails are not sent in a different thread. So each action that send emails you need to keep waiting until the emails are sent (sometimes there are several emails sent in one action) to continue using it;

7. They not only store and send back your password by email if you loose it, but, as admin, if I click the button to send the user password to him/her, it keeps a copy of the email with the user password in my sent items;

8. To be able to send emails (they are really necessary), I need to include my SMTP info with login and password. So they have not only the system password saved, but everyone email login and password as well.

I am sure there is more, but I can't remember for now, and we are still trying to figure it out how to back our data, as it appears the only possible backup is their own.

mangodb's rant reminded me of smth.. Folks from my country might remember this story.

So we have a national e-health system. Millions have been invested, half of the money have never reached the project [disappeared smwhr in between] and its quality is not shiny. It works, sometimes even fast enough. But boy does it have bugs... Let's not get into that. It's politics.

So some time ago one IT guy spotted a bug that allowed him to get sensitive info of other patients. He informed e-health folks and waited for a fix. He waited for a few weeks but the fix had never been released. So he published his findings in soc media [yepp.. Stupid move]. That caused a national scandal. Not to mention he had been pressed with charges.

That guy and our health minister were invited in one of the tv debates. The guy was asked to explained how he found all this sensitive data. And he explained that he hit f12 in his browser, opened a network tab, issued a network request by clicking smth in the webpage analysed received data in the dev tools.

The minister looked somewhat happy, maybe a lil proud of himself - a person who has a "gotcha!" moment has that very glow he had. And he said: "what you did there was obvious hacking. I reckon you should know that true developers do not do those things you have just explained to us" [he was talking about dev tools].

I died inside a little bit.

So I set up push notifications from my Raspberry Pi to my Android phone, to know when exim sent a mail locally.
The easy part was the actual push notifications.
The more tedious part turned out to be looking for a way to send a notification for each mail.
After some research, Procmail seemed to be the only fitting tool to pass info to a command (in order to give the push notification some content so I know what's up)

In the middle of everything, I managed to fuck up exim system-wide, so mails didn't work, which was fucking great of course...

The magic receipt is this:
:0 c
| ${NOTIFY} -t "Pi mail: $SUBJECT"

Anyway, this is the result (using a test mail by mdadm + an actual degraded array I am still waiting on replacement drives for):

Fuck sake, so my bank has been migrating/rolling out new IT system and app/site have been broken for about a week (others noted evidence of devs debugging in production)

Assuming I don't lose my money as some mischievous assholes will inevitably exploit the fuck up, and rob the bank, I will be moving my funds to a different bank...

In mean time I'm trying to prepare for uni, and they're making a ton of semi-random changes in addition to rolling out a site with course details and info along those line, and good fucking god is it bad.

Is is slow as fuck? Check. Does it use never-seen-before naming for standard things? Check! Is the UI pulled from late 90's? YOOU BETCHA! Are the pages bloated with unnecessary content? Fuck yeah! Do I get SQL exceptions when I finally locate my course? Of course I do. Does clicking "back" take me back to the landing page instead of previous page, when I'm several steps deep? .....

I could keep going, but don't feel like ranting and feel more like punching someone in the throat.repeatedly.

!rant
If you have software in production please have some way for a user to find some contact email (create for this reason only if needed.)

I have run into crippling bugs in huge essential systems (state dmv new system, the ticket system utility marking) which they were oblivious to until I went out of my way, like a stalker to get some contact of someone remotely related to someone I could drop this info in the lap of, and so far it was a total shock to them (the dmv system was taken offline for 3 days to resolve)

I get not wanting to run a helpdesk to support users, but give technical users some contact info ( even if you think you have full coverage analytics because, being software, it may have a bug)

/rant

Arguing with a co worker.... he is writing a serial data plotter, and wants me to send the data as text. I’m like ugh no I’m not wasting bandwidth for text data, you are getting it as binary, as my embedded system has a lot of other stuff todo than send debug info, so the quicker I get the data to you the better... plus his program is running on a pc there is no issue regarding resources handling binary data.

He tells me I’m am wrong, and is trying to defend his stance, then all the electrical engineers and other software engineers all stand up and said why in the hell would it be faster to send text than binary? He has no response.

I'm seriously working with a system that saves the password AND the confirm password In the database... varchar field, copied info, no wonders it takes half an hour to make query.

I am so mad, I have no words for how fucking much I hate ever having to work or pass work to other incompetent developers or teams, what a fucking waste of time and resources.

After handing off the frontend - for the client to find some team, that would do it in the short time and budget he needs (multiple developers, more fast, much good), he found a team that seemed to be alright for the job and seemed alright to me too, now maybe a month or two later, the client contacts me, that they fucked something up and if I could talk to them.

The email I then received from them seriously made me speechles, mad and sad, all at same time, I spent multiple upon multiple hours, getting a very good readable documentation up (markdown with TOC, properly rendered headers, bulletpoints, all that shit), with all files, all services used, all credentials, even converted all ssh keys into putty ppk format, in case the developers are using windows and are too dumb to do it themselves, nginx configs, it had seriously everything, even too much to list.

They somehow managed to fuck up the entire server, while attempting to "add ssh keys themselves", EVEN FUCKING THOUGH I have included all the keys they need, all the hosting credentials, everything, yet they decided to fuck with shit themselves and completely annihilate the server in the process (HOW?!), so not even the webserver works anymore.

I am fucking speechless, I made it so fucking easy to gather all info and files they need, all properly put into well named folders, along the documentation in an archive and they somehow managed to nuke the fucking server, while attempting to add ssh keys?!

If you don't know how to config a server, then don't fucking touch it and just use everything, that got served to you on a fucking silver platter.

---

I'll just instantly answer the most annoying comment, that somebody could come up with: "why didn't you do it yourself?"

Because in a perfect world, a fully managed team, can do much more than a single developer can, especially in the same timeframe and from what I heard of said client, atleast they did something in terms of developing the system. (which surprises me, considering it's the same people that nuked a server, while trying to add ssh keys)

A customer brought in an older, beat-up machine and told us it wasn't booting. We noticed that his power supply was damaged, but checked it in for other diagnostics.

I found out he had a corrupted operating system, but with everything else on the computer, I didn't recommend fixing the computer.

Now, for reference, this is a Windows 7 computer with 10GB of RAM. But it also has a bent side-panel, the front-panel is hanging on by a thread, and it would also need the new power supply -- all of which would be over $200 USD.

When I finally relayed this info to him over the phone, we started talking about the system.

Him: So what do you think?

Me: I mean, this computer has some good specs, but with the damage, I wouldn't recommend repairing the computer. Now, this is your computer and you are more than welcome to tell me to shove it, but I'd recommend replacing it. We're at the breaking point of doing whatever you want to do, and it's your money that you're spending, but in my professional opinion, I don't think it's worth saving.

Him: Well, okay. I'll come in later and see what options I have

Customer Service: “I apologize for the delay in entering your warranty info. My system is a bit slow.”

Me: “That’s ok.”

Also me: *What is this, 1986?! Upgrade from DOS already!!*

System that collects info about restaurant hygiene

Okay so my brother in law has a laptop that is... To put it mildly, chockful of viruses of all sort, as it's an old machine still running w7 while still being online and an av about 7 years out of date.

So my bro in law (let's just call him my bro) asked me to install an adblock.

As I launched chrome and went to install it, how ever, the addon page said something like "Cannot install, chrome is managed by your company" - wtf?

Also, the out of date AV couldn't even be updated as its main service just wouldn't start.

Okay, something fishy going on... Uninstalled the old av, downloaded malware bytes and went to scan the whole pc.

Before I went to bed, it'd already found >150 detections. Though as the computer is so old, the progress was slow.

Thinking it would have enough time over night, I went to bed... Only to find out the next morning... It BSoD'd over night, and so none of the finds were removed.

Uuugh! Okay, so... Scanning out of a live booted linux it is I thought! Little did I know how much it'd infuriate me!

Looking through google, I found several live rescue images from popular AV brands. But:
1 - Kaspersky Sys Rescue -- Doesn't even support non-EFI systems

2 - Eset SysRescue -- Doesn't mount the system drive, terminal emulator is X64 while the CPU of the laptop is X86 meaning I cannot run that. Doesn't provide any info on username and passwords, had to dig around the image from the laptop I used to burn it to the USB drive to find the user was, in fact, called eset and had an empty password. Root had pass set but not in the image shadow file, so no idea really. Couldn't sudo as the eset user, except for the terminal emulator, which crashes thanks to the architecture mismatch.
3 - avast - live usb / cd cannot be downloaded from web, has to be installed through avast, which I really didn't want to install on my laptop just to make a rescue flash drive
4 - comodo - didn't even boot due to architecture mismatch

Fuck it! Sick and tired of this, I'm downloading Debian with XFCE. Switched to a tty1 after kernel loads, killed lightdm and Xserver to minimize usb drive reads, downloaded clamav (which got stuck on man-db update. After 20 minutes... I just killed it from a second tty, and the install finished successfully)

A definitions update, short manual skimover, and finally, got scanning!

Only... It's taking forever and not printing anything. Stracing the clamscan command showed it was... Loading the virus definitions lol... Okay, it's doing its thing, I can finally go have dinner

Man I didn't know x86 support got so weak in the couple years I haven't used Linux on a laptop lol.

I asked my former boss for some clarification via mail. Given a table, I was supposed to edit some user info in the company system. Had some questions on a few entries only my boss could answer.
Boss would organize a meeting, also inviting a more experienced co-worker I worked with. When the meeting starts, I get to know that my boss will join in a few minutes..... few minutes later, boss cancels the meeting. So it's me and the co-worker, who cannot answer my questions.
A simple mail could've solved it...

Long time ago i ranted here, but i have to write this off my chest.

I'm , as some of you know, a "DevOps" guy, but mainly system infrastructure. I'm responsible for deploying a shitload of applications in regular intervals (2 weeks) manually through the pipeline. No CI/CD yet for the vast majority of applications (only 2 applications actually have CI/CD directly into production)

Today, was such a deployment day. We must ensure things like dns and load balancer configurations and tomcat setups and many many things that have to be "standard". And that last word (standard) is where it goes horribly wrong

Every webapp "should" have a decent health , info and status page according to an agreed format.. NOPE, some dev's just do their thing. When bringing the issue up to said dev the (surprisingly standard) answer is "it's always been like that, i'm not going to change". This is a problem for YEARS and nobody, especially "managers" don't take action whatsoever. This makes verification really troublesome.

But that is not the worst part, no no no.

the worst is THIS:

"git push -a origin master"

Oh yes, this is EVERYWHERE, up to the point that, when i said "enough" and protected the master branch of hieradata (puppet CfgMgmt, is a ENC) people lots their shits... Proper gitflow however is apparently something otherworldly.

After reading this back myself there is in fact a LOT more to tell but i already had enough. I'm gonna close down this rant and see what next week comes in.

There is a positive thing though. After next week, the new quarter starts, and i have the authority to change certain aspects... And then, heads WILL roll on the floor.

Boss: so we've got to call an app to verify data in this project. But I've got no more info and I'm on holiday next week. Please contact GuyA next week.
Me: ok I guess?
*writes email to GuyA*
GuyB: GuyA is on holiday please hold the line
*1 week later*
GuyA: we need more time it's not ready yet
*2 weeks later?
Me: so?
GuyA: yeah it's ready here's the wsdl etc your client already has the password
*1 week later*
Me: yeah so I got the data but the api says my auth isn't working
GuyB: yeah your user isn't activated on the test system. I'm gonna forward that and come back at you
*1 week later*
GuyA: so we're going live in about 2 weeks hows testing going?
Me: well I'm still waiting for the response and activation
*suddenly it works*
Me: yeah so auth is working but i can't find any data. Is there any special test data?
GuyA: oh no there is NO test data on the test system. You need to wait for GuyB but he us not here today...
Me: are you fking kidding Me?????

... no response since then and it's been days....

One of my most arrogant customers was one that constantly called support because she could not get things to work as she wanted.

We repeatedly told her that she was working against the way the system was built and that was what was causing her problems.

This was not a custom system for that customer but a cloud product we where offering with over a thousand customers on and it was designed with a certain workflow in mind.

Despite this she always complained that the system was wrong and we needed to fix it.

She was also always late for her deadline complaining that she did not get the information from her bosses in time and demanded we help her get it done :)

But I was fortunate that everyone at our company held a unified position that it was not out fault that her bosses gave her info late or that she tried to do things in a way the system was not designed for.

So when she got to aggressive we just offered her to go somewhere else.

I thing they finally did, after about two years.

I found a vulnerability in an online compiler.

So, I heard that people have been exploiting online compilers, and decided to try and do it (but for white-hat reasons) so I used the system() function, which made it a lot harder so i decided to execute bash with execl(). I tried doing that but I kept getting denied. That is until I realized that I could try using malloc(256) and fork() in an infinite loop while running multiple tabs of it. It worked. The compiler kept on crashing. After a while I decided that I should probably report the vulnerabilites.

There was no one to report them to. I looked through the whole website but couldn't find any info about the people who made it. I searched on github. No results. Well fuck.

Started up KiTTY to connect to my virtual test server per usual when I couldn't establish a connection.

Nothing too unusual so I do the typical troubleshooting I make sure host, port and authentication is all correct and it is. So now I open the display for the virtual server and start looking at ip info, host info, checking ports and everything is completely fine.

Now I'm getting frustrated so I start running things like configtest in apache, using systemctl to check the services status, even restarting virtualbox in my windows 10 devpc. Still cannot connect!

I start feeling hopeless and just shut everything down, the whole operating system.

*takes breath*

Computer boots up and I start my usual thing of creating workspaces, opening editors, starting servers, etc.

I open KiTTY again and launch my virtual test server..

konicm8ker@VM-UBUNTUSERVER:~$ _

Somethings you just can't fix without a reboot.

Here is a little story about why I do not like to have to purchase developer tools and libraries..

Long story short it has taken at least 10 people more than 3 months to purchase two licenses of this component library which we still do not yet have licenses for.

It all starts with this guy who works here and has the job title 'solution architect'. He saw an ad on a website about some html component library. Then he asks me and the other developer here to look at it. He is super excited saying things like if we save only x days of time the cost is nothing in comparison to developer time..

The other developer and I both spend a few days reading the docs and trying some sample code. It offers some things we can use but I suggest not bothering with it.

Despite my suggestion he goes to the technical manager and they write up a business case. After about a month our receptionist cc me on an email chain from the it commercial manager who is asking for the licensing information so they can add the component creator as a vendor in the purchasing system. I send them a link to the component website which lists all that.

Jump forward two more months to last week and I got a spam email from the component company saying they have some new version out. I am wondering what has happened so I ask our receptionist she says it is with accounts payable and waiting payment - but it is marked urgent and she will find out.

Today I am cc in an email saying they have paid for it two weeks ago. So where is the license info? Nobody knows.

TLDR;
I remissness about Yahoo site builder and talk about finding the record of the Google search that changed my life a long time ago and I think it's fucking great.

Earlier I re-installed google chrome but unlike every other time, this time I forgot to turn off the auto-sync feature. I only realized this when I opened gmail and it pre-populated my login info with the info of my very first, long forgotten gmail account.

So naturally I went exploring... after going through the mails I decided to check out the actual Google account to see if there was anything of interest there and lo and behold I found around 7 years of browsing history that I had no idea Google stored at the time.

As scary as it was to see I'm kinda glad about it now because aside from finding out that I was going through an Asian porn phase in 2008 I also found the one Google search record that changed my life.

It was a search to download Yahoo site builder followed by a bunch more on how to use it.

I had stumbled across a random article about it and it caught my eye because I needed a website for the grocery store I was a manager of back then.

Thankfully it was a fucking horrible WYSIWYG editor. I recall it acting almost identical to Word at the time - I would save and back up my site constantly because moving something 1px would fuck the layout up and burn everything to the ground, cntrl+z would try and do something, reversing only my last action while leaving the rest of the site in tatters and I didn't have the skills to understand or fix it...

Ultimately my frustration led me learn a bit of html & css and a week or so later It became apparent it would be easier to scratch code the damn thing so I uninstalled Yahoo site builder and started all over again.

Learning & building that site in notepad ignited my passion for coding and less than a year later I left my shitty dead end job to join a brand new tech company created with the help of a like minded investor officially employed as a developer. Let help you understand just how big this achievement was for me - I had been trying to find a job, ANY job in I.T even at a call center level without success for 6 years because I dropped out of school.

In 6 years as an active job seeker I only received one phone call about a job opportunity which ended very quickly once they realised they had misread my CV. In all those years I never even got a single job interview.

After that I spent the next 3 years rolling out and improving the cloud based loyalty card system I had written for my store out on a national scale and the rest is history. Since then I have never been judged by a crappy piece of paper, hated my job or struggled to find a new one.

What a beautiful search result that was to find.

I dedicate this rant to Yahoo, with my sincere gratitude for making a shitty WYSIWYG editor that was so bad it pissed me off enough to make me actually learn something.

TL;DR; do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that.

They say verbalising it makes it less painful. So I guess I'll try to do just that. Because it still hurts, even though it happened many years ago.

I was about to finish college. As usual, the last year we have to prepare a project and demonstrate it at the end of the year. I worked. I worked hard. Many sleepless nights, many nerves burned. I was making an android app - StudentBuddy. It was supposed to alleviate students' organizational problems: finding the right building (city plans, maps, bus schedules and options/suggestions), the right auditorium (I used pictures of building evac plans with classes indexed on them; drawing the red line as the path to go to find the right room), having the schedule in-app, notifications, push-notifications (e.g. teacher posts "will be 15 minutes late" or "15:30 moved to aud. 326"), homework, etc. Looots of info, loooots of features. Definitely lots of time spent and heaps of new info learned along the way.

The architecture was simple. It was a server-side REST webapp and an Android app as a client. Plenty of entities, as the system had to cover a broad spectrum of features. Consequently, I had to spin up a large number of webmethods, implement them, write clients for them and keep them in-sync. Eventually, I decided to build an annotation processor that generates webmethods and clients automatically - I just had to write a template and define what I want generated. That worked PERFECTLY.

In the end, I spun up and implemented hundreds of webmethods. Most of them were used in the Android app (client) - to access and upsert entities, transition states, etc. Some of them I left as TBD for the future - for when the app gets the ADMIN module created. I still used those webmethods to populate the DB.

The day came when I had to demonstrate my creation. As always, there was a commission: some high-level folks from the college, some guests from businesses.

My turn to speak. Everything went great, as reversed. I present the problem, demonstrate the app, demonstrate the notifications, plans, etc. Then I describe at high level what the implementation is like and future development plans. They ask me questions - I answer them all.

I was sure I was going to get a 10 - the highest score. This was by far the most advanced project of all presented that day!

Other people do their demos. I wait to the end patiently to hear the results. Commission leaves the room. 10 minutes later someone comes in and calls my name. She walks me to the room where the judgement is made. Uh-oh, what could've possibly gone wrong...?

The leader is reading through my project's docs and I don't like the look on his face. He opens the last 7 pages where all the webmethods are listed, points them to me and asks:
LEAD: What is this??? Are all of these implemented? Are they all being used in the app?
ME: Yes, I have implemented all of them. Most of them are used in the app, others are there for future development - for when the ADMIN module is created
LEAD: But why are there so many of them? You can't possibly need them all!
ME: The scope of the application is huge. There are lots of entities, and more than half of the methods are but extended CRUD calls
LEAD: But there are so many of them! And you say you are not using them in your app
ME: Yes, I was using them manually to perform admin tasks, like creating all the entities with all the relations in order to populate the DB (FTR: it was perfectly OK to not have the app completed 100%. We were encouraged to build an MVP and have plans for future development)
LEAD: <shakes his head in disapproval>
LEAD: Okay, That will be all. you can return to the auditorium

In the end, I was not given the highest score, while some other, less advanced projects, were. I was so upset and confused I could not force myself to ask WHY.

I still carry this sore with me and it still hurts to remember. Also, I have learned a painful life lesson: do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that.

Modern technology is absolutely bullshit

I can't even

Now my keyboard on my phone is even too broken to complain about it

I wanted to look at someone's post history on a forum

To do so the forum wants an account. Ok. So I gave it my old junk Hotmail account during sign up for it to send me an email confirm so I can make the account so I can search. Well I'm refreshing this account for this confirm account email through the Gmail app on my phone because who even checks emails on computers anymore

Turns out, aside from this Hotmail spam email account having a lot of junk emails (it is my junk email account), there's this little pop-up that happens SOMETIMES claiming that it can't sync. I checked inbox and spam and the email isn't in there. So 1 out of 10 times I refresh there's this little "cannot sync" message that pops up and I click it. It claims my storage on my phone is too full to sync. Ok.

So I go try to find storage through the settings in my phone. It doesn't exist as a category anymore apparently. Thankfully phones have a search feature now -- because we can't have sane settings anymore so here's a search feature. First result it gives me is just device info. That's useless. It's just the hardware specs for my phone

Second it shows storage. 90% full apparently. That's odd. I have 132 gb. Thankfully it subdivided it by what's taking up space but it doesn't make much sense and a bunch of the categories don't open to anything

Apparently the fucking android operating system is 32 GB now? Well you're fucked if you wanna remove that. Apparently years of photos and videos is 20 gb, I can back those up and delete them. Similarly I have downloads in folders, and that's about 20 gb

Why are there 20 GB of apps? I literally have no apps!

Part of apps? Wtf is Gboard and why is it a gig

Why is my WEATHER APP using a gig of storage?

And none of the apps can I remove the storage they're using. The cache is like 600kb, and I can delete all data and it's using like 60 MB. So the fucking weather app executable itself is a gig of space? Wtf?

I deleted the data for Gboard and turns out that's the keyboard. So now all my keyboard settings are fucked.

Thankfully I wrote syncing scripts ages ago to sync various folders from my phone to my external HDD. I just had to connect it to the laptop and run the script on the external HDD. Problem? Well turns out no matter what I do I can't get the laptop to connect to the phone if it's USB file transfer mode. I can do photos. But this is gonna be more than photos.

So I do my sync backup script from the laptop to the external HDD. This will sync the camera, since I have sync thing sync my laptop and phone all the time, so I can just sync the laptop to the external HDD and then delete the older photos and get 20gb. Quick fix for now

Why do I need this quick fix?
Well
Get this
I've been having issues with my Gmail client for ages. It just won't display new email notifications which is really annoying because I need to know when emails get sent to me.
Now I'm thinking, maybe I can de-sync older emails and have more storage space maybe? But that's not an option anywhere. Actually, I can't even unconnect an email address from my phone. Gmail doesn't even let you do that

What the flying fuck is the state of modern technology

Now I have to go figure out what my fucking settings were for my stupid phone keyboard

The 90s were much fucking saner than this garbage. I don't need a 32 GB operating system on a phone. Is this fucking windows 8? And let me fucking tell YOU how many fucking emails you should sync to my phone. Holy shit what the fuck is all this

At least my Linux scripts fucking work like I wrote them

Stakeholder: Can you investigate the problem with this user profile? We made updates to system A, but user is saying it’s the wrong info on the website.

Me: Looks fine to me. Looks like your updates just needed time to trickle down. Though, you will need to clean up this user’s data because it can cause X problems. There’s not much I can do since the site just displays info from system A.

SH: Can you delete the user’s website account and we can ask user to create a new one?

Me: …Ok, let’s try this again. It’s not necessary to delete the account and make the user create a new one. It’s not going to resolve the X problems that I mentioned. The website really needs clean data from system A.

Nicely formatted complete system hardware / OS info:

sudo inxi -v 7

Tried in Ubuntu 18.04.

Some Devs need to be better about sharing info. Like, I don't want to play 20Qs just to learn how to configure a system I never used. You have job security, don't worry! Other people are allowed to know what ya know; you don't need to impress anyone!

So today i had to visit this banks site to do updation on a document but for some reason the modal dialogue that was supposed to open was not working and i couldn't continue to next step.

On an attempt to contact customer support, i browsed the site for relevant details. As i do that, i observed this site is so shitty that it can't even properly render on Google Chrome! It was an horrific experience finding info in that site.

Finally found the customer support form and as I clicked the "submit" it didn't give any feedback whether it was processing or not. After like over a minute of uncertainty, it got redirected to a 404 page.

Frustrated, I went on to their twitter and I almost tweeted calling out their terrible web developer team.

But, my instinct told me to calm my titties and i tweeted a regular confused user tweet.

Got their attention and few hrs later i got a phone call from someone working there. He didn't sound like a customer service representative from the way he spoke. He told it was an issue with their website and had fixed it. I tried again as he was on the line but it was not working for me. And then i shared screenshot of the issue. He tested it again and said it was working for them. Still not working for me. ( Probably cache issue on my end ). Thought he would suggest to clear cache and try. But he asked me to try on another computer since it was working for him.

As i searched for a another system, i got a call from customer support guy and he said he will do the update on their end and told me to tell details. Since the info was not that sensitive in nature, I went with it.

Pretty sure the other guy i talked to was a developer.

This made me think - had i tweeted out a mean tweet calling out their shitty website it would have been probably awkward talking to him - I'd have to be mean again. It could've ruined his day, maybe he was under pressure from his pm that he had to make the phone call. He probably hates his job already managing that shitty legacy code..

I don't know - either way, I'm glad i was able to keep myself calm and not be a source of negative energy.

I apply to a company. Their system loses my resume, so they contact me to submit it again saying they like what they see in my application (had to write code for them and include info that's also on my resume). I send my resume. Less than 8 hours later the fuckers email me to say I'm no longer being considered.

Client: Can you put all the add on products we sell into the MDSL (Master Daily Sales Log)

Why aren't you adding them to the new console system? It allows you to add them and tracks all actions on the sale.

Client: The Health Agents don't know how to do that, and I think the manger hasn't added them into the system....yup he didn't add them.

Me: So how are you tracking the addon products you are selling?

Client: I don't know. Can you just add them to the MDSL.

Me: I wrote the console system to replace the MDSL, why are you using the spaghetti code system I wrote 8 years ago?

Client: They like it better because of this one report they use.

Me: I rewrote that report for the new system and it even gives more info.

Client: But the owner doesn't trust it, because it shows conversions and sales instead of just sales.

Me: ...

Story of my first successful project

Being part of a great team, I've shared in a lot of successes, one I am particularly proud of is my first attempt to use agile methodologies in a deeply waterfall-managment culture.

Time was June/July-ish and we applied for a national quality award where one key element in the application stated how well we handled customer complaint resolution.
While somewhat true (our customer service is the top-shelf good stuff), we did not have a systematic process in resolving customer complaints. Long story short,
the VP lied on her section of the application. Then came the 'emergency', borderline panic meeting (several VPs, managers, etc) to develop a process to better manage
complaints before the in-house inspection in December.
As most top priority projects go, the dev manager allocated 3 developers, 2 DBAs, and any/all network admins we would need (plus all the bureaucratic management that wanted their thumb in the pie).
Fast forward to August, after many, many planning meetings, lost interest, new shiny bouncing balls, I was the only one left on the project. The VP runs into the dev manager in the hallway and asks "Is my program done yet? If its not ready before December with report-able data, we will not win the award."
The <bleep> hit the fan...dev manager comes by...
Frank: "How the application coming along? Almost done?"
Me:"No, haven't really started coding. You moved Jake and Tom over to James's team, Tina quit, and you've had me sidetracked helping other teams because the DBAs are too busy."
Frank: "So, it's excuses. You really think the national quality award auditors care about your excuses? The specification design document has been done for months. This is unacceptable."
Me: "The VP finished up her section yesterday and according to the process, we can't start coding until the document is signed off."
Frank: "Holy f<bleep>ing sh<bleep>t! No one told you *you* couldn't start. You know how to create tables and write code."
Me: "There is no specification to write to. The design document is all about how they plan on reporting the data, not how call agents will be using the application to serve customers."
Frank: "The f<bleep> it isn't. F<bleep>ing monkeys could code against that specification, I helped write it! NO MORE F<bleep>ING EXCUSES! This is your top priority from now on!"

I was 'cleared' to work directly with the call center manager and the VP to develop a fully integrated customer complaint management system before December (by-passing any of the waterfall processes that would get in the way).

I had heard about this 'agile' stuff, attended a few conference tracks on the subject, read the manifesto, and thought "I could do this.".

Over the next month, I had my own 'sprints' and 'scrums' with the manager (at the time, 'agile' was a dirty word so I had to be careful of my words and what info I shared) and by the 2nd iteration had a working prototype.
Feature here, feature there (documenting the 'whys' and 'whats' along the way), and by October, had a full deployed application.

Not thinking I would get a parade or anything, the dev manager came back from a meeting where the VP was showing off the new app to the other VPs (and how she didn't really 'lie' on the application)

Frank: "Everyone is pleased how well the project turned out, except one thing. Erin said you bothered him too much with too many questions."
Me: "Bothered? Did he really say that?"
Frank: "No, not directly, but he said you would stop by his office every day to show him your progress and if he needed you to change anything. You shouldn't have done that."
Me: "Erin really seemed to like the continuous feedback. What we have now is very different than what we started with."
Frank: "Yes, probably because you kept bothering him and not following the specification document. That is why we spend so much time up front in design is so we don't waste management's time, which is exactly what you did."
Me: "We beat the deadline by two months, so I don't think I wasted anyone's time. In fact, this is kind of a big win for us, right?"
Frank: "Not really. There was breakdown in the process. We need better focus on the process, not in these one-hit-wonders."

End the end, the company won the award (mgmt team got to meet the vice president, yes the #2 guy). I know I played a very small, somewhat insignificant role in that victory, I was extremely proud to be part of the team.

This project is just a complete clusterfuck... But nvm. We had to integrate a third party service pushing data into our system. Btw the service wasnt even working correctly. But that is just the tip of the iceberg. Its friday around lunch time. Message appears "what is the status of the integration?" Yeah havent started working on it. Last info was service is not stable. I doubt that this will be done this week. Next message from PO: "We will all push hard to get this done today and deploy to prod." Why? Because this dumbasses said to the customer this will be deployed eod. And by we you mean the devs once again doing overtime. Has this shit stopped? No. Like for the last two weeks its like we promised the customer xyz to be deployed tomorrow. Not a single dev was asked how long it takes to add this

WARNING - a lot of text.
I am open for questions and discussions :)

I am not an education program specialist and I can't decide what's best for everyone. It is hard process of managing the prigram which is going through a lot of instances.
Computer Science.
Speaking about schools: regular schools does not prepare computer scientists. I have a lot of thoughts abouth whether we need or do NOT need such amount of knowledge in some subjects, but that's completely different story. Back to cs.
The main problem is that IT sphere evolves exceedingly fast (compared to others) and education system adaptation is honestly too slow.
SC studies in schools needs to be reformed almost every year to accept updates and corrections, but education system in most countries does not support that, thats the main problem. In basic course, which is for everyone I'd suggest to tell about brief computer usage, like office, OS basics, etc. But not only MS stuff... Linux is no more that nerdy stuff from 90', it's evolved and ready to use OS for everyone. So basic OS tour, like wtf is MAC, Linux (you can show Ubuntu/Mint, etc - the easy stuff) would be great... Also, show students cloud technologies. Like, you have an option to do *that* in your browser! And, yeah, classy stuff like what's USB and what's MB/GB and other basic stuff.. not digging into it for 6 months, but just brief overview wuth some useful info... Everyone had seen a PC by the time they are studying cs anyway.. and somewhere at the end we can introduce programming, what you can do with it and maybe hello world in whatever language, but no more.. 'cause it's still class for everyone, no need to explain stars there.
For last years, where shit's getting serious, like where you can choose: study cs or not - there we can teach programming. In my country it's 2 years. It's possible to cover OOP principles of +/- modern language (Java or C++ is not bad too, maybe even GO, whatever, that's not me who will decide it. Point that it's not from 70') + VCS + sime real world app like simplified, but still functional bookstore managing app.
That's about schools.

Speaking about universities - logic isbthe same. It needs to be modern and accept corrections and updates every year. And now it depends on what you're studying there. Are you going to have software engineering diploma or business system analyst...
Generally speaking, for developers - we need more real world scenarios and I guess, some technologies and frameworks. Ofc, theory too, but not that stuff from 1980. Come-on, nowadays nobody specifies 1 functional requirement in several pages and, generally, nobody is writing that specification for 2 years. Product becomes obsolete and it's haven't even started yet.
Everything changes, whether it is how we write specification documents, or literally anything else in IT.

Once more, morale: update CS program yearly, goddammit

How to do it - it's the whole another topic.

Thank you for reading.

once upon a time, i get interviewed by a software vendor. i am applied for system analyst because i think i have to level up from previous works as programmer, then i passed the test. after that i get interviewed for the second times and they told me i could start to work immediately. at first day i did programmer tasks instead of analyzing systems flow. i thought it just for exercises more my analytical skill through programming. i did it for 4 months until they add new employees, some of them are system analyst and they are fresh graduated. we chat and ask them about their experiences and they told me they are not programmers or system analyst before and no test!. i dig the info more deep, and i found they could get the job because they are graduated from bonafide university. until i resign i still a programmer and i hate to work at software vendor anymore because their corporate clients are all suck.

Let me start this off by stating I'm a Java dev, and a noob with C++.

Thought it'd be cool to learn some OpenCL, since I want to do some maths stuff and why not learn something new.

So I sat down, installed Nvidia proprietary drivers, broke my x-org server, purged, reinstalled, rebooted and after a while I got stuff sorted out.

Then on to my IDE. I use CLion and it uses Cmake. C++ noob knows shit about Cmake, so struggle for two hours trying to figure out wtf is going on with the OpenCL libs and why they're only partially detected. Fml.

Finally, everything is configured and I'm set. I start working on a Hello World program using OpenCL. Finish it in 20 mins, all good. No output. Do some googling, check my program a million times. Nothing wrong here. Check the kernel, everything as in the tutorial.

I start checking error codes after a while reported by OpenCL (which I had no clue was a thing) and I get some code saying the program was not created properly (to run the kernel). No fucking clue what's up with that. Google around, find another tutorial, rewrite my code in case I'm using outdated code or something. Nothing.

Fast forward an hour, I find out that OpenCL has logs! So I grab some code from the website I found it on, and voila, I finally get some info on what's going on.

Get a load of this bs.

In the kernel file, so that OpenCL knows that it's a function to run, you have to put __kernel. But in all the places I read, it said to put it as _kernel.

Add the underscore, compile, run and everything is perfect.

Then I tried just putting 'kernel'. Also compiles and runs fine.

Two hours hours and my program was fixed by adding an underscore. IF ONLY C++ GAVE AN INDICATION OF WHAT BLEW UP INSTEAD OF SITTING BACK AND BEING LIKE "oh wow man feels bad, work some magic and try again" THEN THIS WOULD NOT HAVE TAKEN SO LONG.

Then again, it was OpenCL that was being shitty with its styling enforcement or whatever the hell the underscore business is. But screw it. C++ eats shit too for this. Sure, maybe Java babies you by giving you the exact error and position that the error took place at. But at least that way you don't waste hours of your life chasing invisible bugs 😠😠

I'm going to eat some food... Too much energy was consumed fighting the system... Then I'll get back to OpenCL because 😇 but that doesn't make it less bs.

A lot of this might be an assumption based on not enough research on both NestJS and TypeScript, so if something here is not well put or incorrect then please feel free to provide the necessary info to correct me since I care far more about getting dat booty than I do being right on the internet :D

Sooo, a year or so ago I got a hold on the Nest JS framework. A TypeScript based stack used to build microservices for node. Sounded good enough in terms of structure, it is based on the same format that Angular uses, so if you use Angular then the module system that the application has will make sense.

I attempted (last night) to play with the framework (which I normally don't since I am not that much of a big fan of frameworks and prefer a library based approach) and found a couple of things that weird me out about their selling points, mainly, how it deals with inversion of control.

My issue: This is dependency injection for people that don't really understand the concept of dependency injection. SOLID principles seem to be thrown out of the window completely due to how coupled with one another items are. Literally, you cannot change one dependency coming from one portion to the other(i.e a service into a controller) without changing all references to it, so if you were using a service specification for a particular database, and change the database, you would have to manually edit that very same service, or define another one....AND change the hardwire of the code from the providers section all the way into the controllers that use it....this was a short example, but you get the gist. This is more of a service locator type of deal than well....actual dependency injection. Oh, and the documentation uses classes rather than interfaces WHICH is where I started noticing that the whole intention of dependency injection was weird. Then I came to realize that TypeScript interfaces are meeheed out during transpilation.

Digging into the documentation I found about custom providers that could somehowemaybekinda work through. But in the end it requires far too much and items that well, they just don't feel as natural as if I was writing this in C# or Java, or PHP (actually where I use it the most)

I still think it is a framework worth learning, but I believe that this might be a bias of mine of deriving from the norm to which I was and have been used to doing the most.

ON THE PHONE WITH THE SHITTY HEALTH CARE PROVIDER THAT OUR COMPANY USES... THEY CANT PROVIDE AN EMAIL.... NOW THE GUY I GOT SAYS HE CANT ACCESS MY INFO BECAUSE OF A SYSTEM ERROR.... NEED TO TRANSFER TO ANOTHER GUY!!!!

WTF!!!!! DUMBASSES.... THEY SHOULD BURN IN HELL!!!!!!!!

AND I NEED TO GET A NEW JOB... BUT PROLLY WONT BE DOING THAT FOR AWHILE.... :(

Disclaimer: This is all theoretical. Neither me nor my friend (with whom I discussed this) are stupid enough to even try to pursue this, but as an idea, i believe it might generate cool/new ideas/ways for handling secure communications across social groups.

Let's do some role play. Let's design a delivery app for drug dealers, think Seamless or Uber Eats, but for drugs. Not for big deliveries, like kilograms of coke, but smaller stuff. Maybe a few grams of it or something. The clients could rate dealers, and vide-versa. This would build a level of trust within the system. There would be no names, just anonymous reviews, ratings, and prices. Only the info you'd need to know.

The biggest (only?) problem we found (besides legality) was that, how would you prove that you're a client and not a snitch (or cop). This would have to somehow be handled both on signup, as well as when ordering (let's imagine that all who are clients are pure and won't ever snitch).

One of the ways we found to combat this was to have the app invite-only. This would, in theory, do away with the problem of having snitches signing up. However, what if the phone got stolen/breached by a snitch, and they also got full access to the account. One way we thought we could combat this would be with a "dispose number" or something similar. Basically, you call a number, or send a text, or message a Signal bot etc, which would lead to the account's instant termination, no traces of that user left. Hence, a dispose number.

The flow of the app would be as follows:
A client wants some amount of heroin. He opens the app, searches for a dealer, sends the him the desired amount, and in return gets back a price from the dealer. If both parties agree on the amount and price, the deal would start.

The app would then select a random time (taken from the client's selected timeframe and the dealer's "open" time) and a location (within a certain radius of both them, somewhere in between them both for convenience). If both of them accept the time and place, they'll have to meet up at said time and place.

The actual delivery could also be done using two dead drops - the client drops the money at one of them, the dealer drops the goods at the other one. Yes, this might be subject to abuse, but it wouldn't be that bad. I doubt that clients would make huge orders to unknown/badly rated dealers, as well as dealers accepting offers from badly rated clients. My idea is that they would start small, just so if they do lose their money/goods, the actual loss wouldn't be as big for them, but for the other party, having bad ratings would mean less clients willing to buy or dealers willing to sell.

A third way would be to use crypto, but the reason I left this as the last one is because it's not that wide-spread yet, at least not in local drug dealing. With this method, the client would initiate the order, the crypto would be sent to either the dealer or an escrow account, the dealer would then drop the goods at a random place and let the client know where to go to get them. After the client has gotten the goods, they could both review/rate the quality as well as the overall experience with that dealer, which would either make or break the dealer's upcoming deals. This would be pretty much like other DNM's, but on a local scale, making deliveries faster.

So far, this would seem like something that would work. Are there any ideas that might improve this? Anything that might make things more secure/anonymous?

My reason for this post is to spark a conversation about security and anonymity, not to endorse drugs or other illegal stuff.

Cheers!

PS. Really loving the new PC design of devRant

Just purchased an import car from japan, what do you guys think, should i do a custom infotainment system on a raspberry pi maybe write some code so it'll show all my car info? Or do you think it'll be too much of a pain in the ass

The only thing worse than client QA is client vendor QA.

I do QA for a company that does custom implementations of a major e-commerce platform. On one of my current projects, the customer has elected to outsource their UAT, and isn't willing to wait for the site (or even individual features) to be complete before starting testing, so I've been triaging a lot of silly tickets. But today took the cake.

This system allows users to save their credit card info. The vendor QA guy filed a ticket "reporting" that if he saved a cc with a given number, then created a new cc record with the same number but a different expiration date, the original record was overwritten, rather than a new record being created.

I just stared at the thing for like five minutes, gathering the mental strength to reply with something other than "you're an idiot."

so here i am, recreating the same code.

i'm using an acceptable solution for running this on a linux system.

they updated it so blkid won't display information without root now, a dozen times. ok. fine. i get it blkid can also SET the id.

so.

lsblk -fJ

nice command, gets me the info I want.

implementing, recognizing the implementation.
good code.

why the fuck do I have to rewrite a relevant utility that bypasses google's shittiness ? why ? WHY ?

I work in a small team. As the senior dev I tens to focus on important tasks that shape the core of the product but some times I can’t divide my self when there are multiple tasks at hand, so I pass some tasks to the an other mid level dev.

So the task was to create an automation in order to CD (continuously deliver) an order from WHMCS of the (git versioned) product to customers UAT, PROD envs.

To get a background this is an old guy with “constricted” experience in PHP/jQuery/Joomla/Wordpress.

So when we were breaking up the tasks he told me he would like to implement this so i gave him the task as i was busy with core features.

I was like what could go wrong? I know he doesn’t know much about CI/CD but he can read right? He will google right? He will search for CI/CD solutions that do this out of the box right? He will design on paper or what ever and do small POCs right? He will design the flow first before starting the implementation right? RIGHT?

So fast forward to today I had a call with him this morning about some DB staff. And he wanted to show me his progress…

His solution is:
(parentheses is my brain)
1. Customer completes WHMCS order (perfect)
2. Web Hook 🪝 action (YES)
3. cpanel gets source and “automatic!” Init, all using pure PHP code ignoring the usage of the current framework (ok… something is missing)
4. cpanel web hooks(?) WHMCS to send email to customer with the envs initial setup page(?)
5. Customer opens link and adds setup info (ok fuck, fuck, fuck)

(Ok stay cool composed, lets ask some questions maybe he thought it all in a cool way I can’t get my mind around)

Me: So how are you gonna get the correct version from the repo to the env and init the correct schema?

Dev: I haven’t thought about it yet.

Me: Are we gonna save each version to a file system then your code is going to fetch them?

Dev: I haven’t really thought about it we will see. But look on customer init user setup I implemented a password strength validation and it also checks if the password is the same.

So after this Pokémon encounter I politely closed teams. Stood up drank some (a lot) coffee ☕️. Put out the washed laundry while reflecting on life’s good things, while listening to classical music 🎼 .

Then I sat on my office chair drank some more coffee, put some linking park starting with in that order:
“Numb” then “What I’ve Done” and ended with “In the end, it does really fucking matter”

I have decided to set up a full Linux desktop pc, and go for everyday use and learn, mostly to catch up and understand better the whole UNIX and to get familiar with the command line there.
The problem is that there are hundreds of them, so if you can write some tips which one shall I go for?
Here is the info about what I need:
1 - I'm a web developer, so later I will move the work there too, capable of running a web server.
2 - I'm NOT looking for windows likeness or easiness, I'm looking for a distro which will help me the most to understand how it works in general, the file system, and the command line.

So my (windows 10) laptop decided to suddenly forget about its Bluetooth capability. And about its Bluetooth hardware.

Now, I did not restart my system, I just left it idle for a while. Heck, I played rainbow six before leaving it idle (with a Bluetooth mouse, of course)

Tried checking for the settings (didn't find any settings related to Bluetooth service), didn't find it in device manager, useful the troubleshooter (bastard says the problem is I have no Bluetooth hardware installed), tried restarting the system, checked in bios menu (couldn't see hardware info printed in bios system info), tried updating/reinstalling the driver.

The hell am I supposed to do?

Wonder if I could build an info system in my car and connect it to a dashcam for on site video backup

I am having an introspective moment as a junior dev.

I am working in my 3rd company now and have spent the avg amount of time i would spent in a company ( 1- 1.5 years)

I find myself in similar problems and trajectories:

1. The companies i worked for were startups of various scales : an edtech platform, an insurance company (branch of an mnc) and a b2b analytics company

2. These people hire developers based on domain knowledge and not innovative thinking , and expect them to build anything that the PMs deem as growth/engagement worthy ( For eg, i am bad at those memory time optimising programming/ ds/algo, but i can make any kind of android screen/component, so me and people like me get hired here)

3. These people hire new PMs based on expertise in revenue generation and again , not on the basis of innovative thinking, coz most of the time these folks make tickets to experiment with buttons and text colors to increase engagement/growth

4. The system goes into chaos mode soon since their are so many cross operating teams and the PMs running around trying to boss every dev , qa and designer to add their changes in the app.

5. meanwhile due to multiple different teams working on different aspects, their is no common data center with up to date info of all flows, products and features. the product soon becomes a Frankenstein monster.

6. Thus these companies require more and more devs and QAs which are cogs in the system then innovative thinkers . the cogs in the system will simply come, dimwittingly add whatever feature is needed and goto home.

7. the cogs in system which also start taking the pain of tracking the changes and learning about the product itself becomes "load bearing cogs" : i.e the devs with so much knowledge of the product that they can be helpful in every aspect of feature lifecycle .

8. such devs find themselves in no need for proving themselves , in no need for doing innovative work and are simply promoted based on their domain knowledge and impact.

My question is simply this : are we as a dev just destined to be load bearing cogs?

we are doing the work which ideally a manager should be doing, ie maintaining confluence docs with end to end technical as well as business logic info of every feature/flow.

So is that the only definition of a Software Engineer in a technical product?

then how come innovations happen in companies like meta Microsoft google open ai etc?

if i have to guess as a far observer, i would say their diversity in different fields helps them mix and match stuff and lead to innovative stuff.

For eg, the android os team in google has helped add many innovative things in google cloud product and vice versa.

same is with azure and windows . windows is now optomissed to run in cloud machines when at one point it was just a horrible memory hogging and slow pc OS

for small companies, 1 ideology/product/domain is their hero ideology/product/domain .

an insurance company tries to experiment with stuff related to insurances,health,vehicles,and the best innovations they come up with is "lets give user a discount in premium if they do 5000 steps a day for an year".

edtech would say "lets do live streaming for children apart from static videos"

but Android team at google said , "since ai team is doing so well, lets include ai in various system apps and support device level models" ~ a much larger innovation as 2 domains combined to make a product

The small companies are not aiming to be an innovative product, they are just aiming to be a monopoly product. and this is kinda sad

Question: Should I stay in my current role, ask for a pay rise, or find somewhere new?

Situation:
Right now, I'm effectively doing a lead developer role for half the salary of the other member of my team- I'm code reviewing their work (which often has many many errors in it), creating and assigning tickets for both myself and them and engaging in many meetings with senior staff in the company. The other dev in my team has more experience on paper, but the amount of work they are generating is approximately 1/5th of what I produce. I'm really disappointed that when I raised this with my manager & then HR, they have seeming done nothing about the situation. It's really disheartening and it feels as though I'm not really valued.

I don't really have much loyalty to the company, but because I have helped build their internal system from scratch I'd loathe to leave it in the incompetent hands of my colleague (who at present still has a month left of probation).

I can give any further info if you'd like it but I could really do with some advice right now.

Back when I still was in my first internship and was still working my way through the fundamentals of programming, I given a web relay and asked to make it do something. The web relay let you write BASIC into a web page hosted by the device itself in order to program it. My task was to turn the relay on if a certain temperature threshold was met, and to turn off the relay (the relay would control an air intake system for cooling).

I learned the syntax of BASIC enough to get a basic (hah) script going, and dug into the relay documentation for other bits of info I needed. It definitely was no coding masterpiece, but I was able to program the damned thing to turn this blower on and off if the measured temperature was within a range. I discovered that there was a limit to how deep the conditionals would nest, and had to restructure my code to account for the limitation.

I've since gotten better at coding, but to accomplish that task as I was beginning my programming journey felt like a true accomplishment.

So I'm sitting here trying to bodge my way through a member system. These fucknuts really made a bad system..

The task: Export a list of users and their info.

Is there an API available? No, who the fuck would need that shit, even tho the system is built upon Odoo, which has an API!
But it has an export function, you just have to log in and press the right sequence of buttons, because you need the running ID...
Here I discovered the first of many security flaws... "What happens if I post the wrong ID?"... Well, I get access to a file that has nothing to do with me or my users.... What?
Well after some fiddling It works, but holy fuck I found a lot of bugs. And this is a system that is launching in 7 days for us.. Some users have been on it for a year....

How can they ship this bad a product? There's absolute no documentation only a 15-page manual. Guess they don't want developers to develop shit that works in junction with theirs.

Ok. I GIVE UP! ...for at least a couple hours...

I'm not a big believer in... well anything suitable to the literal definition of believe. But there's only so much 'wtf? How is this even possible?' and any answer u can come up with is nearly statistically impossible...

I am a neuro-atypical (and just extremely atypical even if i somehkw was neurotypical) being, based on logic, finely calculated statistical probability and the most raw data and as unbiased as realistically possible, algorithms and interpretation (usually recursive pattern recognition with several highly detailed historical sources.

...but at some point statistical improbability and a collation of separate, yet relatively closely occuring events/circumstances makes logic, itself a primary suspect of corruption.

What was the breaking point that caused me to (temporarily) give up and tell logic to f off for a bit cuz maybe the illogical and mythical is the real logic, leaving me in a losing battle with 'the' fates?

Trying to get all my sourcing/purchase orders in/paid for/on the literal boats b4 end of the workday/week in china...
1st, had to drop a supplier cuz they have limited reps. When the one ive had 7+ years left, i got the aloof blonde girl societal trope of a rep... who for the 2nd time (despite the several very blunt complaints above her, incl me) she sent out a promotional update to the entire client list (ie, inherently competitors) as CC not BCC... over 200 business email accounts with tailored info of their sourcing.

2- totally diff company/ industry a former rep i was glad be rid of apparently just sfarted back for "awhile" as i needrf to restock/scale...apparently she forgot everything we discussed at length... lke if you want a chance on my business im not gonna be wasting time looking through your gui "mini store to then inquire about everything individually insead of a simple spreadsheet(which i print and put in a 3-ring binder rotating current catalogues in the same format i require everywhere)

3.dog was an ahole, my packed schedule got delayed and morphed.. a bunch of little bs thatd normally have no extra thought impact, hyperfocused forgetting one of my alarms til i realised my idiopathic fever was back and i didnt take/apply meds (pain/muscle relaxers mainly so despite this odd free time and needing to shower. I gotta sit on my rear, leg elevated/non-productive far 40min b4 i can shower (as functional legs and lack of syncope is almost a req to shower)

4. A new-ish rep of a company/factory i like/respect enough to not mention in relation... he makes invoice 1.. slight error thst was easily resolved...#2 was flawless... he goes to officially generate the contract(alibaba... verrrry simple with lots of extra explanation buttons). Price and all items match, its near workweek end so i was waiting for it so i could quickly pay/have it on the boat b4 it left and few fdav days are behind...

I put in card info, get to the 2 cbeck boxes (imo should be only 1 but whatever) asking if billing address is same ss delivery(its always default yes)... then i see a few lines in chinese (i can read enough for business negotiations... typical words/sentences innately look different than things like individual letters/address and postal indicators.) After a few loops of double checking, mentally trying to dismiss my i Intial judgement cuz it'd be too ridiculous... even resorted to google .... nope... initial wtf was spot on... recipient name/address was indeed the company(multi factory producer)i was purchasing a wholesale, via sea freight, bulk of products from.

Im pretty sure the system would've flagged it as an invalid contract within an hr... but seriously... ive been handling alibaba (and other) international sourcing since before high school(mainly small businesses i made sites/little tools for that found anything with a light up screen intimidating) and a purchase then shipment to the originating company/factory actually entered into a contract(the form is sooo simple)... im faced with ridiculously improbable obstacles actually existing and changing in such nonsensical statistically improbable ways so often that 1. I wouldn't trust a dr (or most humans) that didnt 1st assume i was crazy of some form...unfortunately im not, despite hkw much simpler and probable itd be 2. Id be super suspicious/converned if statistic norms were my norm for over a day.

But seriously wtf???

Someone give me some wisps of a frame of ref here... where's a typical 'fuck this, im out!' Breaking point?

Recieving orders through mails.
PHP IMAP, fetch info, and save those orders in the ERP system.

Is this even a good idea? 😱

So I'm tasked with creating a single sign on link using documentation from the third party we are logging into. So far so good.

Well they don't support some of the fields our users will need--that we don't want to support (otherwise why use a third-party?).

Their solution is to make us the system of record so that when a user goes through the single sign on we pass this info as well. But it needs to be editable on their side well--because they won't give us an API for our system of record to update their side.

That's right only a user signing on from our system will update their side. Tough luck admins on our side. You get double duty due to the poor business decision to work with a company with lazy devs.

SIEM: Security Information and Event Management system

Within a SIEM there is usually a reporting, alerting, and learning framework wherein you perform investigations and threat hunting. Our SIEM is connected to our data lake through a glorified elastic backend.

Today we were figuring out how to get dynamic data that we store in our SIEM to show up in the regular data lake presentation layer. All the solutions only half worked or had barriers to progress that seemed larger than the proposed solution.

So now we're going with the proposed solution: send static data back into the data lake in order to pull it out on the normal frontend with all the enriched info. We're basically turning this thing into a damn feedback loop.

I hate designing solutions within the confines of COTS products.