Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Remember Apple's initiative to scan photos on user's devices to find child pornography?
Today I finally decided to research this.
The evidence is conflicting.
For context, the database of prohibited material is called CSAM (child sexual abuse material).
“If it finds any CSAM, it will report the user to law enforcement.”
— Futurism
“Apple said neither feature would compromise the security of private communications or notify police.”
— NPR
CSAM initiative is dead. It won't scan photos in iCloud. It won't scan photos on your device. It will be a feature that only works in some countries, only on children's devices, and it will be opt-in. It will only work for iMessage attachments.
This is what Apple actually said at https://www.apple.com/child-safety:
- “Features available in Australia, Belgium, Brazil, Canada, France, Germany, Italy, Japan, Netherlands, New Zealand, South Korea, Spain, Sweden, UK, and U.S.”
- “The Messages app includes tools to warn children when receiving or sending photos that contain nudity. These features are not enabled by default. If parents opt in, these warnings will be turned on for the child accounts in their Family Sharing plan.”
News outlets telling people they will be automatically reported to authorities, and then telling there can be false-positives is a classic example of fearmongering. I hate this. Remember, anger and fear are the most marketable emotions. They make you click. News are and will always be worded to cause these emotions — it brings in money.
When presented with good news, people think they're not being told the truth. When presented with bad news, even when they're made up, people think it's the truth that's being hidden from them. This is how news works.
Now, a HUGE but:
Apple is a multi-billion dollar corporation. There is no such thing as good billionaires. Corporations will always wait for chances to invade privacy. It's like boiling the frog — one tiny measure here, one there, and just like this, step by step, they will eliminate the privacy completely. It's in their interest to have all the data about you. It brings control.
This is not the first time Apple tries to do shit like this, and it definitely won't be the last. You have to keep an eye on your privacy. If you want your privacy in the digital age, it's necessary to fight back. If you live in Europe, take the action and vote for initiatives that oppose corporate tyranny and privacy invasions.
Privacy on the internet is one thing, but scanning people's devices is a whole another thing. This is unacceptable no matter the rationale behind it. Expect more measures like that in the near future.
Research Linux. Find a distro that suits you. The notion that you can't switch because of apps/UI/etc. may be dictated by our brain's tendency to conserve energy and avoid the change.
Take a look at mobile distros like Graphene OS and LineageOS. The former only supports Pixel devices, the latter supports a wide range of devices including OnePlus and Xiaomi. They'll have FAR better privacy than iPhones.
Consider switching. It's easier than you think. Yes, it's me who's saying this. I do and will always protect people/companies from unjust criticism, and I consider myself an Apple fangirl for personal reasons related to my childhood, yet I won't fight blindly. CSAM initiative is a valid criticism, and there's nothing preventing me from saying this is unacceptable, and Apple deserves the backlash they got.11 -
On my project the customer has re-signed into a contract several times when they have budget to continue work. The first time they got us to build the system was a huge success story because the team was assembled quickly and we did rapid development. Initialize repo to prod in 1.5 months. The customer asked for the same dev team. Strong dev team, a PM that doesn't take shit, and pure agile. Lets call her don't-take-shit PM.
When the customer re-signed the executive decided that she didn't like don't-take-shit PM. So the project manager gets replaced by play-by-the-rules PM who will comply with stupid requests and micromanagement. He isn't a bad PM but he tries to make everyone happy. The amount of management types executive installs on the project is massive, and development team is cut down in major ways. Customer and executive shit rolls down to the development team and we can't get anything done. The customer starts to lose faith because we can't get traction. They start demanding traditional waterfall/SDLC docs. Which causes more delay in the project.
So the executive decides that the PM can take a fall for it to save face for the company. She moves play-by-the-rules PM to another project. He starts handover to a new PM that has a history of being her pushover. The customer hadn't seen him yet so now we have push-over PM.
Play-by-the-rules PM is finally out of the project and instead of moving to a different account the company decides to "lay him off because there is no work". So basically they made him take the fall for the failure while promising reassignment, and instead let him go. This is so unfair..
Meeting with push-over PM yesterday and he shows us his plan. Identical to play-by-the-rules PM's plan that got him axed.We point that out and show him the docs that were made for it. His face clearly communicates "OH SHIT WHAT DID I SIGN UP FOR?"1 -
Oh boy, this is gonna be good:
TL;DR: Digital bailiffs are vulnerable as fuck
So, apparently some debt has come back haunting me, it's a somewhat hefty clai and for the average employee this means a lot, it means a lot to me as well but currently things are looking better so i can pay it jsut like that. However, and this is where it's gonna get good:
The Bailiff sent their first contact by mail, on my company address instead of my personal one (its's important since the debt is on a personal record, not company's) but okay, whatever. So they send me a copy of their court appeal, claiming that "according to our data, you are debtor of this debt". with a URL to their portal with a USERNAME and a PASSWORD in cleartext to the message.
Okay, i thought we were passed sending creds in plaintext to people and use tokenized URL's for initiating a login (siilar to email verification links) but okay! Let's pretend we're a dumbfuck average joe sweating already from the bailiff claims and sweating already by attempting to use the computer for something useful instead of just social media junk, vidya and porn.
So i click on the link (of course with noscript and network graph enabled and general security precautions) and UHOH, already a first red flag: The link redirects to a plain http site with NOT username and password: But other fields called OGM and dossiernumer AND it requires you to fill in your age???
Filling in the received username and password obviously does not work and when inspecting the page... oh boy!
This is a clusterfuck of javascript files that do horrible things, i'm no expert in frontend but nothing from the homebrewn stuff i inspect seems to be proper coding... Okay... Anyways, we keep pretending we're dumbasses and let's move on.
I ask for the seemingly "new" credentials and i receive new credentials again, no tokenized URL. okay.
Now Once i log in i get a horrible looking screen still made in the 90's or early 2000's which just contains: the claimaint, a pie chart in big red for amount unpaid, a box which allows you to write an - i suspect unsanitized - text block input field and... NO DATA! The bailiff STILL cannot show what the documents are as evidence for the claim!
Now we stop being the pretending dumbassery and inspect what's going on: A 'customer portal' that does not redirect to a secure webpage, credentials in plaintext and not even working, and the portal seems to have various calls to various domains i hardly seem to think they can be associated with bailiff operations, but more marketing and such... The portal does not show any of the - required by law - data supporting the claim, and it contains nothing in the user interface showing as such.
The portal is being developed by some company claiming to be "specialized in bailiff software" and oh boy oh boy..they're fucked because...
The GDPR requirements.. .they comply to none of them. And there is no way to request support nor to file a complaint nor to request access to the actual data. No DPO, no dedicated email addresses, nothing.
But this is really the ham: The amount on their portal as claimed debt is completely different from the one they came for today, for the sae benefactor! In Belgium, this is considered illegal and is reason enough to completely make the claim void. the siple reason is that it's unjust for the debtor to assess which amount he has to pay, and obviously bailiffs want to make the people pay the highest amount.
So, i sent the bailiff a business proposal to hire me as an expert to tackle these issues and even sent him a commercial bonus of a reduction of my consultancy fees with the amount of the bailiff claim! Not being sneery or angry, but a polite constructive proposal (which will be entirely to my benefit)
So, basically what i want to say is, when life gives you lemons, use your brain and start making lemonade, and with the rest create fertilizer and whatnot and sent it to the lemonthrower, and make him drink it and tell to you it was "yummy yummy i got my own lemons in my tummy"
So, instead of ranting and being angry and such... i simply sent an email to the bailiff, pointing out various issues (the ones6 -
Already ranted about it. A superior did not provide required information, screamed at me and a colleague.
Of course we got blamed for it. In a meeting with me on one n and all bosses and superiors on the other side of the table, i had to explain my and apologize for my misbehavior.
I had made up a good diplomatic plan, because i know my bosses and how they think of themselves and their roles in the company so it was not that hard to get out of the situation without harm to me and my job.
It felt disgusting. It worked and was a good solution, but it felt so unjust.3 -
So I work for an IT consulting firm (web development) and was hired by a customer 7 months ago for coaching Git, implementation of VueJS on the front-end and fostering teamwork with devs who'd been in their solo comfort zone for the last 15 years.
I asked for confirmation multiple times on whether they were sure they wanted to go through with a bigger investment in front-end. Confirm they did, multiple times.
After half the team's initial enthusiasm faded (after 1 month), the 'senior' of them who's worked there for 18 years on a single -in the end, failed- project got a burn-out after half a week of showing up (without doing actual work) from the stress, and started whining about it with management that has no technical clue whatsoever. This and other petty office politics lead to the dumbest organizational and technical decisions I've seen in my short 5-year career (splitting a Laravel app that uses the same database in two, replacing docker container deployment with manual ssh'ing and symlinking, duplicating all the models, controllers, splitting a team in two, decreasing productivity, replacing project management dashboards with ad-hoc mail instructions and direct requests).
Out of curiosity I did a git log --author --no-merges with the senior's name on the 2 projects he was supposed to help on, and that turned up... ZERO commits. Now the dept. hired 3 new developers with no prior experience, and it's sad to see the seniors teach them "copy paste" as the developer's main reflex.
Through these 7 months I had to endure increasingly vicious sneers from the IT architect -in name only- who gets offended and hysterical at every person who dares offer suggestions. Her not-so-implicit insinuation is that it's all my fault because I implemented Vue front-end (as they requested), she has been doing this for months, every meeting at least once (and she makes sure other attendees notice). Extra background: She's already had 2 official complaints for verbal abuse in the past, and she just stressed another good developer into smoking again.
Now I present her my timesheet for January, she abuses her power by refusing to sign it unless I remove a day of work.
Earlier this week I asked her politely to please stop her unjust guilt-tripping to which she shouted "You'll just have to cope with that!", and I walked out of the room calmly (in order to avoid losing my nerves). She does this purely as a statement, and I know she does it out of bad faith (she doesn't actually care, as she doesn't manage the budgets). She knows she wields more power over me than the internal devs (I am consultant, so negative reviews for me could delay further salary raises).
I just don't know how to handle this person: I can't get a word in with her, or she starts shouting, and it's impossible to change her (completely inaccurate technological) perception.3 -
So I've got a relationship related question (thought I'd ask it here since developers usually tend to earn more than country average salary).
My boyfriend feels bad that he must work more while earning less money. He gets to see my work every day (we have desks side by side) and watch me have this cool job with almost no pressure. He feels unjust and upset about it (which I totally understand). He also mentioned that he's not angry at me, but at the system xd
Any tips to how to comfort him? I know it might be the wrong app to ask this question, but I thought someone else might have a similar situation 🙂5 -
Let's be honest - given the state of the world today, the more I listen to Megadeth, the more I relate to what Dave Mustaine has been pissed off about for a few decades now. Oh, you don't know who Dave Mustain is? He was, like, the 5th guy in Metallica. Rather, he was the bass player until he got fucked over because he was a dick and thrown off the first album Metallica did. Don't worry - he did OK. He formed Megadeth and still had quite a successful musical career. Why am I ranting about him? Simple - A lot of his lyrics are darker than Metallica's. I honestly don't know what the fuck I'm doing with my software/personal/professional life right now. I've got ideas & dreams, but all this COVID shit is just draining the fuck out of me. Sometimes I feel like I've failed - most of the lifeforms on this planet manage to procreate. Well, that didn't happen for me. On the down side, I didn't get to be a father. On the up side, I didn't punish the life of a child with my own brands of mistakes, ignorance, and stupidity. My life is littered with male failures. My biological father (paranoid, schizophrenic ) died at 58, doing everyone around him a favor. My grandfather on my mother's side died of colon cancer at 69 (so-called reformed alcoholic, manic depressive on lithium with great abusive tendencies). My step father who adopted me? Sure - he loved me. He just never understood me. "Computers are just a tool". Fuck you, 'dad'. Go play with your horses and tell me what I'm doing isn't meaningful. Where was I? Oh yes, almost killing myself last summer. I think between COVID and my own colossal screw ups & paranoia I went over the entire fucking edge. I pulled myself out of it with the help of medication, counseling, and learning to just let shit blow up because "it's not my problem". I'm still angry. Perhaps that's the only thing that keeps me going from time to time. I'll leave you with a quote from Ghandi - No, not that idealistic, limited one, Mahatma Ghandi. From his grandson, who managed to really pick up what he was putting down - Arun Ghandi:
“Use your anger for good. Anger to people is like gas to the automobile - it fuels you to move forward and get to a better place. Without it, we would not be motivated to rise to a challenge. It is an energy that compels us to define what is just and unjust.”
Top Tags
Weekly Rant
View