Sales employee Bob wants a clickable blue button.

Bob tells product owner Karen about his unstoppable desire for clickable blue buttons.

Karen assigns points for potential and impact (how much does a blue button improve Bob's life, how many people like Bob desire blue buttons)

Karen asks the button team how hard it is to build a button. The button team compares the request to a reference button they've built before, and gives an ease score, with higher score being easier (inverse of scrum points).

These three scores are combined to give a priority score. The global buttonbacklog is sorted by priority.

Once every two weeks (a "sprint") the button team convenes, uses the ease scores to assign scrum points. Difficult tasks are broken up into smaller tasks, because there is a scrum point upper limit. They use the average of the last 5 sprints to calculate each developer's "velocity".

The sprint is filled with tasks, from the top of the global button backlog, up to the team's capacity as determined by velocity. Approximate due dates are assigned, Bob is a happy Bob.

What if boss Peter runs into the office screaming "OUR IMPORTANT CLIENT WANTS A FUCKING PINK BUTTON WHICH MAKES HEARTS APPEAR"?

Devs tell boss to shut the fuck up and talk to Karen. Karen has a carefully curated list of button building tasks sorted by priority, can sedate boss with valium so he calms the fuck down until he can make a case for the impact and potential of his pink button.

Karen might agree that Peter's pink button gets a higher priority than Bob's blue button.

But devs are nocturnal creatures, easily disturbed when approached by humans, their natural rhythms thrown out of balance.

So the sprint is "locked", and Peter's pink button appears at the top of the global backlog, from where it flows into the next sprint.

On rare occasions a sprint is broken open, for example when Karen realizes that all of the end users will commit suicide if they don't have a pink heart-spawning button.

In such an event, Peter must make Bob happy (because Bob is crying that his blue button is delayed). And Peter must make the button team of devs happy.

This usually leads to a ritual involving chocolate or even hardware gift certificates to restore balance to the dev ecosystem.

*calls grandpa I don't usually talk to that much to congratulate him for his birthday*

*grandpa picks up*

*congratulates*

Him: so, I know that you study CS and I was working on something [Word document at the moment] and my letters keep getting different sizes! Sometimes they're small, sometimes they're big, sometimes they're in between! I have to erase everything everytime because they just get messed up every time!

Me *sighing, but confused because upper-case and lower-case are the same with "big letters" and "small letters", respectively, in my native language: have you checked Caps Lock on your keyboard?

Him: What is that? I have Esc, 1, 2, 3,... (proceeds to read me the keys on the keyboard)

*explains where caps lock is*

Him *gets angry*: no, you don't understand, sometimes they're small, sometimes they're big and sometimes in between! Caps Lock doesn't solve it! *proceeds to read the keys from the keyboard again*

*thinking that maybe it's the font then, asks about the Word version, to know what to point him to*

Him: WHAT? Word? No! I'm using my keyboard! What don't you understand! I explain to you and you have no idea!

Me: well, I'd need then maybe to see the screen

Him: I'm so angry with you, you say you study so much but are not even able to help me with such a small problem. I'll just find someone else. Thanks for your wishes *hangs up*

And this is how I only tried to congratulate my grandfather for his birthday but turned into a "failing" tech support. I just wanted to be a good granddaughter

Day 1 10:00 am
Login to email account (Zimbra)
Your password is incorrect (I entered it correctly, this was a permanent issue ,used to happen in the company with many employees)
Reset your password by logging into internal company portal.

11:00 am
Logged into company portal, somehow. 2 Mbps internet shared among 104 people, you can imagine the speed.
Reset email password
* your password has been sent to your email id*
Are you fucking kidding me? U have emailed me the password to the same email I can't log in to?
Where did the architecture designer get this top notch weed from?

Day 2
Asked HR to reset my password (using a colleague's email)

Day 3
No reply from HR yet

Day 4
I went to meet HR, she's on vacation. So they have 1 person managing the password reset, for 5000 people with no backup person. Cool.

Day 5
Your internal company password has expired. Check your email for link to create new password. This is some next level shit going on.

Day 6
I called up Internal IT team to generate a new email for me.
They asked me to raise a ticket.
I can't raise a ticket because the only way to do so, is through the portal.

Day 7
Nothing. Btw, personal email and all social networks were banned. You can't even open stackoverflow.
And this was a research lab, amazing huh?

Day 8
Loss of pay for 4 days since I can't login to company portal to fill timesheet.

Day 9
HR comes back. Resets my password.
I try to generate my new password for portal.
The password policy:
Password can't be same as last 10 passwords
Passwords expire every week
8 characters minimum, 2 upper case, 2 lower case, NO SPECIAL SYMBOL. WTF. How long do u think its gonna take to crack that?

Fuckers had a company wise policy to automatically lock PC every 1 min if not used. Who the fuck can keep on using it continuously! I'm reading an article, and bam ! Locked. 2 wrong entries and that's it, repeat all steps again. Fuckers really didn't want to let me do my job, just keep on logging in all day.

I'm trying to sign up for insurance benefits at work.

Step 1: Trying to find the website link -- it's non-existent. I don't know where I found it, but I saved it in keepassxc so I wouldn't have to search again. Time wasted: 30 minutes.

Step 2: Trying to log in. Ostensibly, this uses my work account. It does not. Time wasted: 10 minutes.

Step 3: Creating an account. Username and Password requirements are stupid, and the page doesn't show all of them. The username must be /[A-Za-z0-9]{8,60}/. The maximum password length is VARCHAR(20), and must include upper/lower case, number, special symbol, etc. and cannot include "password", repeated charcters, your username, etc. There is also a (required!) hint with /[A-Za-z0-9 ]{8,60}/ validation. Want to type a sentence? better not use any punctuation!

I find it hilarious that both my username and password hint can be three times longer than my actual password -- and can contain the password. Such brilliant security.

My typical username is less than 8 characters. All of my typical password formats are >25 characters. Trying to figure out memorable credentials and figuring out the hidden complexity/validation requirements for all of these and the hint... Time wasted: 30 minutes.

Step 4: Post-login. The website, post-login, does not work in firefox. I assumed it was one of my many ad/tracker/header/etc. blockers, and systematically disabled every one of them. After enabling ad and tracker networks, more and more of the site loaded, but it always failed. After disabling bloody everything, the site still refused to work. Why? It was fetching deeply-nested markup, plus styling and javascript, encoded in xml, via api. And that xml wasn't valid xml (missing root element). The failure wasn't due to blocking a vitally-important ad or tracker (as apparently they're all vital and the site chain-loads them off one another before loading content), it's due to shoddy development and lack of testing. Matches the rest of the site perfectly. Anyway, I eventually managed to get the site to load in Safari, of all browsers, on a different computer. Time wasted: 40 minutes.

Step 5: Contact info. After getting the site to work, I clicked the [Enroll] button. "Please allow about 10 minutes to enroll," it says. I'm up to an hour and 50 minutes by now. The first thing it asks for is contact info, such as email, phone, address, etc. It gives me a warning next to phone, saying I'm not set up for notifications yet. I think that's great. I select "change" next to the email, and try to give it my work email. There are two "preferred" radio buttons, one next to "Work email," one next to "Personal email" -- but there is only one textbox. Fine, I select the "Work" preferred button, sign up for a faux-personal tutanota email for work, and type it in. The site complains that I selected "Work" but only entered a personal email. Seriously serious. Out of curiosity, I select the "change" next to the phone number, and see that it gives me four options (home, work, cell, personal?), but only one set of inputs -- next to personal. Yep. That's amazing. Time spent: 10 minutes.

Step 6: Ranting. I started going through the benefits, realized it would take an hour+ to add dependents, research the various options, pick which benefits I want, etc. I'm already up to two hours by now, so instead I decided to stop and rant about how ridiculous this entire thing is. While typing this up, the site (unsurprisingly) automatically logged me out. Fine, I'll just log in again... and get an error saying my credentials are invalid. Okay... I very carefully type them in again. error: invalid credentials. sajfkasdjf.

Step 7 is going to be: Try to figure out how to log in again. Ugh.

"Please allow about 10 minutes" it said. Where's that facepalm emoji?

But like, seriously. How does someone even build a website THIS bad?

This is my most ridiculous meeting in my long career. The crazy thing is I have witnessed this scenario play out many times during my career. Sometimes it sits in waiting for a few years but then BOOM there it is again and again. In each case the person that fell into the insidious trap was smart and savvy but somehow it just happened. The outcomes were really embarrassing and in some cases career damaging. Other times, it was sort of humorous. I could see this happening to me and I never want it to happen to you.

Once upon a time in a land not so far away there was a Kickoff Meeting for an offsite work area recovery exercise being planned for our Oklahoma locations. Eleven Oklahoma high ranking senior executives were on this webinar plus three Enterprise IT Directors (Ellen, Jim and Bob) who would support the business from the systems side throughout the exercise.

The plan was for Sam Otto, our Midwest Director of Business Continuity to host this webinar. Sam had hands-on experience recovering to our third party recovery site vendor and he always did a great job. He motivated people to attend the exercise with the coolest breakfasts and lunches you could imagine. Donuts, bagels, pizza, wings, scrumptious salads, sandwiches, beverages and desserts. He was great with people and made it a lot of fun.

At the last minute Charles 'Don't Call Me Charlie' Ego-Smith, the Global Business Continuity Senior Vice President, decided to grand-stand Sam. He demanded the reins to the webinar. Pulled a last-minute power-play and made himself the host and presenter. You have probably seen the move at some point in your career. I guess the old saying, 'be careful what you wish for' has some truth to it - read on and let me know if you devRanters agree...

So, Charlie, I mean Charles, begins hosting the session and greets all of the attendees. Hey, good so far! He starts showing some slides in the PowerPoint presentation and he fields a few questions, comments and requests from the Oklahoma executives. The usual easy to handle requests such as, 'what if we are too busy to do recover all systems', 'what if we recover all of our processes from home', 'what if we have high profile visitors that month?' Hey you can't blame them for trying. You are probably thinking to yourself, 'been there - heard that!' But luckily our experienced team had anticipated the push-back. Fortunately, Senior Management 'had our backs' and committed that all processes and systems must participate and test - so these were just softball requests, 'easy-peasy' to handle. But wait, we are just getting started!

Now the fireworks begin. Bob, one if the Enterprise IT directors started asking a bunch of questions. Well, Charles had somewhat of a history with Bob from previous exercises and did not take kindly to Bob's string of questions. Charles started getting defensive and while Bob was speaking Charles started IM'ing. He's firing off one filthy message after another to me and our teammate Sam.

'This idiot Bob is the biggest pain in the ass that I ever worked with'; 'he doesn't know shit', 'he never shuts the f up', 'I wanna go over to his office and kick his f'in ass...!'

Unfortunately...the idiot Charles had control of the webinar and was sharing his screen so every message he sent was seen by all of the attendees! Yeah, everyone including Bob and the Senior Oklahoma executives! We could not instant message him to stop as everyone would have seen our warnings, so we tried to call Charles' cell phone and text him but he did not pick up. He just kept firing ridiculously embarrassing dirty IM messages and I guess we were all so stunned we just sat there bewildered. We finally bit the bullet and IM'ed him to STOP ALREADY!!! Whoa, talk about an embarrassing silence!

I really felt sorry for Bob. He is a good guy. Deservedly, Charlie 'Yes I am going to call you CHARLIE' got in big time hot water after the webinar with upper management. For one reason or another he only lasted another year or so at our company. Maybe this event played a part in his demise.

So, the morale is, if you use IM - turn it off during a webinar if you are the host. If you must use it, be really careful what you say, who you say it to and pray nothing embarrassing or personal is sent to you for everyone to see.

Quick Update - During the past couple of months I participated on many webinars with enterprise software vendors trying to sell me expensive solutions. Most of the vendors had their IM going while doing webinars and training. Some very embarrassing things came flying across our screens. You learn a lot reading those messages when they pop-up on the presenters' screen, both personal and business related. Some even complaints from customers!

My advice to employees and vendors is to sign-out of IM before hosting a webinar. Otherwise, it just might destroy your credibility and possibly your career.

Just wrote a brute-force attack simulation in c. Going to run it on actual hardware, with an 8-character limit, including alphabet (Upper and lower case), 0-9 and a few special characters and see if it gets done tonight ;)

I'll see you all in about 360 trillion operations.

When I get on a site that is like “your password must contain upper case, lower case, a number, a symbol”, at first I’m like ooook, security I guess I’ll generate a long password, but then they sit there and say “and be at least 6 but not more than 10 characters”

WTF you fuckers really don’t know anything do you.

New password cannot be one of your four previous passwords.
Password must conatin upper and lower case characters, at least two numbers and two special characters
Password cannot contain five or more consecutive letters of username.
Password cannot include any _illegal patterns_.

Locked out of your system? Drive over to HQ and ask the admins to reset your password in person.

Wow, I'm going to have a hard time remembering this one.

IT have changed after so many years the password criteria for our machines, to the point it's a bit ridiculous.

Like I'm all for securing your accounts and using random passwords but, this is rough.

Minimum of 14 chars
Not the past 6 passwords
Must contain several %}*]=[^{
Must contains numbers
Must contain upper case letters
Must contain Lower case letters
Must not end in a number
Must sacrifice a virgin on every login
Must be changed every 30 days

Obvious wisdom from me;
1. HR is not your friend. HR is created to protect companies from employees, not to protect employees from companies. HR serve the company and upper level management.
2. If you are victim of mobbing, keep a mobbing diary with exact quoting. Nothing more, nothing less, no speculation. Create an airtight case for future.
3. If you want to change because of mobbing, just find a new job. Do not, I repeat, DO NOT talk to HR about mobbing before you got another job offer at the ready.
4. Present HR with mobbing diary during your exit, imply that you will talk to CEO and take legal actions if you don't get a satisfactory last laugh on the mobber.
5. Do not accept counter-offer from your company-regardless of mobbing case or not. You considered switching to another company, you are branded now and you will be axed at the first chance. Counter-offer is not a guaranteed employment in your company.

Customer: can you set my forgotten password to "1"?

Me: there's a six signs limit in your domain. You have to use upper case letters, lower case letters and at least one symbol

Customer: "123Aa+"?

We have to set such passwords to avoid customers cancelling contracts....

Tl;dr stupid password requirements

Begin quote

Password must not contain any non-alphanumeric characters.

Your Password change was not accepted. Enter your current Password correctly following the rules for New Passwords. Please try again.

Passwords must be between 8 and 12 characters in length and MUST contain each of the following:

At least 1 lower case character (a-z)
At least 1 upper case character (A-Z)
At least 1 numeric digit (0-9)

But, MUST NOT contain:

more than five repeating characters in a row (e.g. 111111356 would not be valid, but 112233445 would be valid)
spaces or other special characters

NOTE: Your new password cannot be the same as any of your 10 previous passwords.

End quote

Are you fucking kidding me? Only (26+26+10)^8 through
(26+26+10)^12 different passwords to go through? It's like the oxygen wasters that built this website give zero fucks about security.

Why? This is the site that manages money and investments. Just allow passwords up to 64 characters, allow any ascii character and just fucking encod the characters to prevent any Injunction.

How lawyers fuck up technology!

I rented a car today, given that I don't want to go by train currently. That was some VW Golf, and it had a lane assist which can't decide whether to be helpful or obnoxious:

Either I kept the steering wheel and still steered myself, in which case the lane assist's actions made the steering feel somewhat wobbly. Initially, I suspected a worn out control arm bearing, but that's a long term damage in aging cars, not in new ones.

Or I just rested my hands on my upper legs, as I usually do (palms facing upwards and holding the wheel lightly), then the lane assist worked by itself. It was even smart enough to deactivate itself upon blinking before changing lanes.

However, it complained after about 15 seconds that I didn't steer. I said, shut up and do your job. The warning intensified, and I said, fuck you. Then it initiated some stutter braking to wake me up. Annoying like a reincarnation of Clippy.

I ended up giving the steering wheel a slight tip to the right every 15, 20 seconds just to let the lane assist know I was still there, relying on the lane assist to correct it again. On a long trip, I would have had to deactivate that crap.

Obviously, the VW engineers did their job, but the legal department feared law suits should anything go wrong and ruined the feature!

What was also annoying is that there is no real hand brake anymore in many modern cars. Sucks when pulling off against a hill. Plus that at red traffic lights, I usually put the gear out (manual transmission) and pull the hand brake instead of keeping my foot on the clutch. That's not the same with this pseudo hand brake!

(In case you wonder why anyone would do that:
it's an anachronism that avoids lengthening the clutch wires, decades after cars switched to hydraulics.)

Installing a GPU is easy - except if it doesn't fit in the case. I had to saw off 3cm of the upper, 5.25" bay. Just removing the bay cage entirely was not an option because I still need that for my DVD drive.

My bow saw wouldn't have enough space, and the cage is riveted. So despite terrible ergonomics, I used the metal saw of a fucking Swiss Army knife for 24cm of cut length through 1mm steel. Then I filed off the cuts so that I won't injure myself later.

However, I was too lazy to take out the mobo and shit, so I protected it professionally against potential metal dust - with a towel.

Okay so my ticket got rejected because the on screen texts are not in the correct case (upper/lower). Totally fair because nowhere in the spec are those texts defined. As a developer I am also responsible for what "makes sense" for the user.

I'm just gonna say this next time I ask for a raise.

It's embarassing and you guys will find it either rude or annoying but I have readied myself and here goes my confession;

Whenever I see the abbreviation for Command line interface I cringe. You know because cli ? And I read it in my head as 'Kli' which is like the shortened form of a female part ?
I can't just read it as "See, el, ai" or think 'Command line interface' directly.
My brain's first thought is it must be an acronym so you should read it like how you would read NASA which is also an acronym and not like 'cmd' which is not an acronym but just an abbreviation.
Thus whenever I see it I feel a mixture of embarassment, self-loathing and physical discomfort.

I wonder how can I not be embarassed and cringing whenever I see Something-CLI.
I just noticed when it's in uppercase I don't cringe as much. I should code a chrome extension to change all CLI abbreviations to upper case.

Print("Hello World")

When people design a brand new Postgresql schema (case sensitive) using a mix of upper and lower case letters.
Only to then proceed and escape every single table and column name in every single query.

I wonder y slack hates upper case alphabets wanted to give my username in camelCase

Coding is like handwriting.

Code review is about having a common understanding of the big picture and ensure be features follow the general architecture and process flow.

Code review is not about nitpicking on FUCKING TRAILING WHITEFUCKINGSPACES , lower case vs upper case SQL statements, extra empty lines AND EVERY FUCKING MINOR DETAIL you can imagine

Who actually started the reign of mixed character passwords? because seriously it sucks to have an unnecessarily complex password! Like websites and apps requesting passwords to contain Upper/Lower case letter, numeric characters and symbols without considering the average user with low memory threshold (i.e; Me).

Let's push the complaint aside and return back to the actual reason a complex password is required.

Like we already know; Passwords are made complex so it can't be easily guessed by password crackers used by hackers and the primary reason behind adding symbols and numbers in a password is simply to create a stretch for possible outcome of guesses.

Now let's take a look into the logic behind a password cracker.

To hack a password,
1) The Password Cracker will usually lookup a dictionary of passwords (This point is very necessary for any possible outcome).
2) Attempts to login multiple times with list of passwords found (In most cases successful entries are found for passwords less than 8 chars).
3) If none was successful after the end of the dictionary, the cracker formulates each password on the dictionary to match popular standards of most website (i.e; First letter uppercase, a number at the end followed by a symbol. Thanks to those websites!)
4) If any password was successful, the cracker adds them to a new dictionary called a "pattern builder list" (This gives the cracker an upper edge on that specific platform because most websites forces a specific password pattern anyway)

In comparison:
>> Mygirlfriend98##
would be cracked faster compared to
>> iloveburberryihatepeanuts

Why?
Because the former is short and follows a popular pattern.

In reality, password crackers don't specifically care about Upper-Lowercase-Number-Symbol bullshit! They care more about the length of the password, the pattern of the password and formerly used entries (either from keyloggers or from previously hacked passwords).

So the need for requesting a humanly complex password is totally unnecessary because it's a bot that is being dealt with not another human.

My devrant password is a short story of *how I met first girlfriend* Goodluck to a password cracker!

TAP ONCE WITH TWO FINGERS FOR A RIGHT CLICK!!! ONCE WITH TWO FINGERS !!! NOOO NOT THE TOUCH PAD RIGHT CLICK DON'T TOUCH THAT!!!

NO NO NO DON'T DO THAT...
DON'T SCROLL BY HOLDING THE LEFT BUTTON AND DRAGGING...

TWO FINGERS SLIDE TO SCROLL

BARBARIANS ALL OF U

Over the course of a few months I have concluded that the newly hired _experienced_ developer is… not so experienced. In fact, it is very unclear what he/she actually brings to the table at all.

How this individual actually got hired is proof that middle management has no clue of what they are doing. And it is poison to the organization. Bad management (middle/semi-upper in this case) is such a waste. More so than the newly hired incompetent developer. I am beginning to think she/he actually lied during the interviews. And I am not alone in my suspicions.

To all websites requiring at least one upper case, one lower case, one number, one special character, 25 emoji and 49 unicorns in the password when signing up.

If you say something is required, then your regex BETTER be checking ONLY for those things. You should not have hidden requirements for passwords that users are supposed to dream about and know. Especially if it's a super time-sensitive thing that they should have opened 2 Fridays ago.

I had to pull my hair out for 20 minutes (that felt like an hour) before looking at their code and reading their regex. The regex was different from what the page said the requirements actually were. What were they even thinking? 😑

The rest of everything related to this organization uses an SSO system, why can't they just use it? Isn't the whole point of SSO to avoid a different login for every tiny part of the system?

I wonder what the other less technically inclined people using the system are doing right now. Sadly, I have no way of letting them know.

I sincerely hope the dev that made that website faces the same thing while picking a password for creating an account somewhere else and realizes what he/she did.

I really needed to let it out.
I feel much better now.

Time to take out the stress ball :)

BT "We'll give you BT Virus Protect, which protects against viruses, phishing and other online attacks."

Or... For a start, let your users provide a good secure password when signing up? More than 8 characters is a bit ambiguous. 20 minutes later and several attempts to find out it can't be longer than 20 characters, only upper and lower case letter and numbers aaaand must start with a letter is a bit s**t. Not to mention LatPass doesn't like it as you can't copy and paste.

I tried to make some SP using the syntax and formatting that visual studio outputs when making a SSRS report. I thought it was nice.

It formats the code in a standard way and transforms stuff like "join" to "INNER JOIN" and "left join" to "LEFT OUTER JOIN ".

When the team reviewed the code they were like WTF?! This syntax is horrible, it can't be understood. You did this?

*Me with my red face*...

I just said. You know what? I am going to go back to the old school syntax if you prefer. I just thought it was better.

Yeah... You really should go back to old school syntax.

---

Keep in mind that the old school syntax is annoying to me... No formatting at all and basic instructions are not in larger upper case.

Anyway, I thought it was nice tbh. I still think it is. And it is definitely better to me in some way.

What bothers me most is that they want to improve their coding. They say they want to be more standard and it seems every time you want to make a change it's not a good idea because "everything is already written that way". And when you don't make a change, "you should have change it"... Well sorry I was just copying the old style.

Anyways , it's not that important. I do get their point. Sometimes.

Imagine that I have written 1000 lines of code and imported many libraries. Sometimes I get confused when trying to use a name I defined earlier. In my mind is this name a class or a method, is it a local or global variable, is this a constant. So I came up with a way and it totally works, although my ide complains, but who cares, I use it anyway.
I use PascalCase for class.
camelCase for methods.
snake_case or lowercase for global variables.
kebab-case I don't use this
UPPER_CASE for constants
snake_caseL or lowercaseL with a capital letter L at the ending for local variable.
I hope this is helpful 😊🤔

How do case insensitive searches work?

Usually if I needed case insensitivity, I'd probably just store all the keys in lowercase and for searches convert whatever is typed to lowercase.

But what about Google. Can't convert everything to lower.

And if need to check the lower and upper case of each letter, like in a Tree, you would need to go down 2^N paths?

"combination of upper and lower case letters, numbers and symbols"

Someone please change the devrant terms to encourage more secure passwords...

(Yes, I actually read* the terms and conditions)

* half of