An entirely typical exchange at work:

PM: How long would it take to build an application that collates Gubblefluffs and exports them as a PDF?

ME: Hard to say. What’s a Gubblefluff?

PM: Nothing complex. Its basically an object with some stuff in.

ME: Erm, okay. So I’ll define a Gubblefluff object plus methods to add edit and delete, then for each Gubblefluff have it write a line to a PDF.

PM: It will need to email that PDF to somebody.

ME: Okay, cool. “Gubblefluffs-by-email” should take about a day.

6 hours later…

ME: I’ve done Gubblefluffs-to-pdf, I’m not clear on what’s in a Gubblefluff but I’ve made it flexible so it can take almost anything.

PM: No, a Gubblefluff can ONLY be one of 4 Snigglefingers plus a timestamp and some JSON.

ME: What? Right. Okay. What’s a Snigglefinger?

PM: (sighs) A Snigglefinger is the collection of relevant Babelsets.

ME: Babelsets?

PM: Yeah, a user can have any number of Babelsets but they must correspond to one of the four types of Snigglefingers.

ME: There are users!?

PM: Of course!

ME: But I’ve not coded anything for users.

PM: Shit. I’ve told the client they can have it today. How long to add in users?

ME: And Babelsets, and Snigglefingers and the new Gubblefluff rules?

PM: Yeah.

6 days later…

ME: This is done now. It’s a beast but it works. Who should it email the PDFs to?

PM: Client X, plus cc to Y and bcc to Z.

ME: What? It doesn't support CC and BCC!

1 hour later…

ME: This is done. I’ve tested it and sent you a copy of the PDF it generates.

PM: Okay thanks. Is the cron running daily?

ME: What cron?

…

ME: Okay, so the cron’s running once a day at 8pm.

PM: Oh, it’ll need to be at 3:15pm. That’s when we’ve told the client they’ll get it.

ME: Right. I’ll change it...

PM: Also, the PDF you sent me looks nothing like the visual.

ME: What visual?
...

Client: our app has low ratings, we fired our previous dev company and hiring you instead.
Us: all right, seems like to make a better app we need 5 months.
C: you're kidding, do it in 6 weeks.
U: Ok, but we'll have to drop some features.
C: get rid of X and Y, nobody uses them.
U: deal!

... 6 weeks later...
U: here's the new app: better graphics, easier to use, more stable and more future-proof.
C: Cool! Let's deploy!

... 2 days later...
C: we just released but the users are really pissed off!
U: what do they say?
C: "what the fuck happened with X and Y? they were the only thing we're using! what a load of crap! 1 star"

Dear client, next time get to know better your users...

I love how the people on here are pretty much always nice.
Yes, there are some *wink AlexDeLarge* who use strong language, some dirty jokes and sometimes there are topics where people don't agree on but I've never seen any honest insults or toxic behaviour (other than the opinion on your shitty client or boss lol).
No annoying trolls (the nearest to a troll I know on here is Jase but he's fun and mostly welcome here).
No spam/ads from users (only maybe recommendations).
And the most unbelievable thing is that devRant itself is free, adfree and based on the community voluntary donating for the server and work costs.

Dude, devRant fucking rules.

A programmer is walking along a beach and finds a lamp. He rubs the lamp, and a genie appears. “I am the most powerful genie in the world. I can grant you any wish, but only one wish.”

The programmer pulls out a map, points to it and says, “I’d want peace in the Middle East.”

The genie responds, “Gee, I don’t know. Those people have been fighting for millenia. I can do just about anything, but this is likely beyond my limits.”

The programmer then says, “Well, I am a programmer, and my programs have lots of users. Please make all my users satisfied with my software and let them ask for sensible changes.”

At which point the genie responds, “Um, let me see that map again.”

"Can we make all users computer freeze and allow only input on our website?"

"We" can shove a knife up your ass you fucking dipshit.

Is devRant Just for rants?

I see such a Great community here that goes way beyond complaining about PMs and users (even though you're all right, usually). I've read comments about support for depression, Anxiety, people being supportive of woman and downvoting/commenting against the common sexism that we see on the internet every single day. We have fun, we all feel like friends even though we can remember only a few names and stumble uppon them once in a while. We mostly understand each other and it all feels like a huge family. It's a Great thing to help throughout all of the struggles I have daily in Life, and I bet many people here feel the same.

Thank you all so much for making devRant this Great community. Papa bless.

Every day.

I am a PHP developer.

Yeah, "another PHP is awful" rant... no, not really.

It's just unsuitable for some ambitious projects, just like Ruby and Python are.

First of all, DO NOT EVER use Laravel for large enterprise applications. The same goes for RoR, Django, and other ActiveRecord MVCs.

They are all neat frameworks for writing a todo app, as a better-than-wordpress flexible blogging solution, even as a custom webshop.

Beyond 50k daily users, Active Record becomes hell due to it's lazy fat querying habits. At more than a million users... *depressed sigh*.

PHP is also completely unsuitable for projects beyond 5M lines of code in my opinion. At more than 25M lines... *another depressed sigh*.

You can let your devs read Clean Code and books about architecture patterns, you can teach them about SOLID & DRY, you can write thousands of tests... it doesn't matter.

PHP is scaffolding, it's made of bamboo and rope. It's not brick or concrete. You can build quickly, but it only scales up to a certain point before it breaks in multiple places.

Eventually you run into patterns where even 100% test coverage still doesn't guarantee shit, because the real-life edge cases are just too complex and numerous.

When you're working on a multi-party invoicing system with adapters for various tax codes, or an availability/planning system working across timezones, or systems which implement geographical routefinding coupled to traffic, event & weather prediction...

PHP, Python, Ruby, etc are just missing types.

Every day I run into bugs which could have been prevented if you could use ADTs in a generic way in PHP. PHP7 has pretty good typehints, and they prevent a lot of messy behavior, but they aren't composable. There is no way to tell PHP "this method accepts a Collection of Users", or "this methods returns maybe either an Apple or a Pear, and I want to force the caller to handle both Apple/Pear and null".

Well, you could do that, but it requires a lot of custom classes and trickery, and you have to rewrite the same logic if you want to typehint a "Collection of Departments" instead of "Collection of Users" -- i.e., it's not composable.

Probably the biggest issue is that languages with a (mostly) structural type system (Haskell, Rust, even C#/JVM languages to some degree, etc) are much slower to develop in for the "startup" era of a project, so you grab a weak, quick prototyping language to get started.

Then, when you reach a more grown up phase, you wish you had a better type system at your disposal...

User: *Clicks on staging environment*

Giant Warning Dialog: YOU ARE CURRENTLY ENTERING THE STAGING ENVIRONMENT

Users: Ok

App: *Completely different colour, I’m talking bright unsightly yellow*

User: Ok

Giant Yellow and Red Flashing Banner at the Top of the Screen: WARNING YOU ARE CURRENTLY USING STAGING, THIS AREA IS FOR TESTING ONLY

User: The production environment sure is acting strange today. It’s a weird colour and I don’t recognize any of the data, it’s all just dummy filler data. I better create a ticket for the dev team to check o—….. no wait I’ll send an email CC everyone including the CEO and sound the alarm production is currently down and filled with giant warning messages.

Manager: OH MY GOD PRODUCTION IS DOWN DID YOU HEAR ABOUT THIS??? WHAT THE FUCK COULD THESE WARNING MESSAGES BE THAT’S ONLY SUPPOSED TO HAPPEN ON STAGING! THE CEO IS BREATHING DOWN MY NECK YOU NEED TO GET THIS FIXED IMMEDIATELY!!!!!!!

Dev: …

Just found out the backend developer I’m always complaining about. The one who:

- Can’t implement OAuth, and we have to have app users login every 24 hours because we have no way to generate new refresh tokens.

- Who used the phrase “your time zone is not my concern” to avoid building something that would let us inject test data.

- Who’s been debugging a critical bug affecting many users since December.

- Who can’t conduct API tests from external internet (you know, like the way the app will be in the wild) because it takes too much time.

- Who replies to Jira tickets only on a blue moon.

- Who has been 90% of the reason for my blood pressure situation

... is a fucking principal engineer in this company. In pecking order, his opinion should be considered more valuable than mine and everyone on my team.

I’ve just lost the will to live. How are big organizations THIS bad. Seriously, what promotion discussion did he go into

“So, you are a complete and utter bastard, nobody can stand to speak to you and you’ve yet to deliver anything of worth that actually works, over the course of several years ... ... ... interested in having your pay doubled??”

Mutual on Tumblr: So what distro do you use?

Me: Zorin OS. I really like it. I'm even considering deleting my windows partition.

Mutual: Really? That doesn't count as a proper distro. Real Linux users only use Zorin on a virtual machine. Use Mint or Kali or something.

Me: It counts. It's not different from any other distro.

Mutual: It's okay to be noob. You can always ask me for advice.

Me: But I've been using Linux for about two years. I don't consider myself a noob.

Mutual: If you're using a shitty distro, then you're a noob.

Me: Okay. Thanks for the advice. (In my mind: fuck off already.)

I don't understand the issue with Zorin OS. Is it because it looks like windows or something? :/

User: We can not register three users on your website, it allowed us to register only first one

Me: What does it say? Some kind of error? Tell me so I can reproduce.

User: Well it says email address is already taken

Me: Uh...

- so yeah, they tried to register three users under the same email address.

I’ve been thinking lately, what is it that devRant devs do?
So after a couple of days of pulling data from devRants API's, filtering through the inconsistent skill set data of about 500 users (seriously guys, the comma is your friend) i’ve found an interesting set of languages being used by everyone.

I've limited this to just languages, as dwelling into frameworks, libraries and everything else just grows exponentially, also ive only included languages with at least 5 users out of the pool.
sorry you brainfuck guys.

Just realized. The only use of port 80 (providing it runs something like NginX/Apache) is (or, should be anyways) redirecting users from a non-secure connection to a secure one.

Poor port 80 😖

User Ip Address is too long (maximum is 30 characters).

Okay, dear third-party API, I guess users with IPv6 don't deserve the service... And wtf is 30-char limit for an IP address, when IPv4 can be only 15 characters long, and IPv6 can be up to 39 characters? Did you calculate a weighted average of IP length to get that number?

A programmer was walking along the beach when he found a lamp. Upon rubbing the lamp a genie appeared who stated "I am the most powerful genie in the world. I can grant you any wish you want, but only one wish."

The programmer pulled out a map of the Mediterranean area and said "I'd like there to be a just and last peace among the people in the middle east."

The genie responded, "Gee, I don't know. Those people have been fighting since the beginning of time. I can do just about anything, but this is beyond my limits."

The programmer then said, "Well, I am a programmer and my programs have a lot of users. Please make all the users satisfied with my programs, and let them ask sensible changes"

Genie: "Uh, let me see that map again."

I... uhm... I... I can't... I ... I can't even.... THIS IS LIVE IN THE CLIENT'S SITE WHERE ANYONE CAN CREATE A LOGIN WITH NO VERIFICATION WHATSOEVER AND SEE THIS WHICH IS LINKED TO A BIG RED BUTTON THAT RESETS THE WHOLE DATABASE, YOU FUCKING DUMB PIECE OF SHIT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

// This event clears the entire solution in all active clients, truncates the database and also removes any stored PDFs in the server folder
$(document).on('click', '#resetDB', function () {
// This event only happens if the user correctly enters the password, this is to prevent other users than the admin from performing this action
var answer = prompt("Please enter the password required to perform this action.");
if(answer == "-REDACTEDBECAUSEHOLYSHIT-") {
socket.emit('resetDB');
} else {
alert("The password is incorrect, please try again!");
}
});

AAAAAAAAHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH!!!!111!!1!!11!1!!1!1one!one!!!11

(I'm not inventing this, even though the "site" is internal only and not accessible through the web. That does *not* make it any less stupid!)

so um... several of my users access file explorer ONLY via Word.
How?
Well, open Word: File->Open->Computer->Browse (nb. thank you Word 2013 and onwards for making life miserable) and voila, access to documents, downloads, and server shares is gained.

...

Users... they will always find a way

I'd just like to interject for a moment. What you’re referring to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.
Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called “Linux”, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use.
Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called “Linux” distributions are really distributions of GNU/Linux.

Linux users are like vegans, they will tell you without being asked and only other Linux users care.

It's funny. Although I try to only use open source software which is free (at least as in freedom but also as in beer mostly), I'd gladly pay for using it!
But no way on fucking earth I'd pay for proprietary software.

Why?

Because I'd love to support the people behind the free software! They made something awesome and the most awesome thing is, they made it in a way that ensures that the end users can modify it to suit their needs! That's so fucking awesome!

That's why I'd never pay for proprietary software. Can it have awesome features? Yes, of course! But can anyone except for the devs easily modify it to suit their needs? No. And that's why I'd never pay for it.

Am I the only one who, while in public, subconsciously look at what users are doing on their phones in effort to better understand the species known as "user"?

Devrant client update:

- load indicator on ajax execs
- changed the design yet again, hopefully final this time lol
- implemented ajax content loading so the menubar doesn't flash
- block users/keywords plugins done, only left to find a clean way to integrate it with the upcoming notifications, so no notifications are fired for blocked users or posts with blocked keywords (similar to twitter mute keywords)
- usernames linkifier plugin
- links get unshortened on feed too (via plugin), without losing the ability to press on a post

next is (just to name a few, the trello list is far bigger by now)

- login
- local notifications, should be firing without GCM/FCM too hopefully, which would be great for people on here that de-googled entirely and don't want microG
- port some of my userscript plugins I haven't yet
- theme system
- global and plugin settings
- plugin update system
- plugin import checks for obfuscated code, one line etc. and warns the user
- client update system

Thanks to @dfox @trogus for asking users for a pittance to offset server costs rather than inundating the app with ads that make it unusable.

This has been a longtime suggestion of mine for other apps and social media sites. People will pay a premium (even if it’s only $2) for quality; just ask Apple.

Ctrl+C can save you. Only Linux users will understand

Real Linux fuck up coming up.

Be me.
Working on a project.

Accidentally used sudo with git pull, every file now is only accessible for root users.

Thinking to myself.. okay I'll just do chmod 777 to the current directory

Forgot how to use chmod
At first something like
Sudo chmod ./ 777

Not working
Maybe
Sudo chmod / 777

Not working
Remembering that it's the other way around

sudo chmod 777 /

Now... I fucked up. I forgot the dot, and for a sec I forgot that '/' means root directory and not current like './' does.

Few moments later the permission system of Ubuntu is utterly fucked. Everything is not working.

Need sudo in order to fix everything but sudo isn't working.

Few hours of crying later,I solved it thanks to some nice ppl online helping stupid people like me who used that command...😂

I'm fixing a security exploit, and it's a goddamn mountain of fuckups.

First, some idiot (read: the legendary dev himself) decided to use a gem to do some basic fucking searching instead of writing a simple fucking query.

Second, security ... didn't just drop the ball, they shit on it and flushed it down the toilet. The gem in question allows users to search by FUCKING EVERYTHING on EVERY FUCKING TABLE IN THE DB using really nice tools, actually, that let you do fancy things like traverse all the internal associations to find the users table, then list all users whose password reset hashes begin with "a" then "ab" then "abc" ... Want to steal an account? Hell, want to automate stealing all accounts? Only takes a few hundred requests apiece! Oooh, there's CC data, too, and its encryption keys!

Third, the gem does actually allow whitelisting associations, methods, etc. but ... well, the documentation actually recommends against it for whatever fucking reason, and that whitelisting is about as fine-grained as a club. You wanna restrict it to accessing the "name" column, but it needs to access both the "site" and "user" tables? Cool, users can now access site.name AND user.name... which is PII and totally leads to hefty fines. Thanks!

Fourth. If the gem can't access something thanks to the whitelist, it doesn't catch the exception and give you a useful error message or anything, no way. It just throws NoMethodErrors because fuck you. Good luck figuring out what they mean, especially if you have no idea you're even using the fucking thing.

Fifth. Thanks to the follower mentality prevalent in this hellhole, this shit is now used in a lot of places (and all indirectly!) so there's no searching for uses. Once I banhammer everything... well, loads of shit is going to break, and I won't have a fucking clue where because very few of these brainless sheep write decent test coverage (or even fucking write view tests), so I'll be doing tons of manual fucking testing. Oh, and I only have a week to finish everything, because fucking of course.

So, in summary. The stupid and lazy (and legendary!) dev fucked up. The stupid gem's author fucked up, and kept fucking up. The stupid devs followed the first fuckup's lead and repeated his fuck up, and fucked up on their own some more. It's fuckups all the fucking way down.

>> this === rant
<< true

At beginning of this year, I only knew HTML, JS, and CSS so I just applied for offers like "Jr Apprentice Dev in Front-End"
In a interview call, the woman told me that they will send me a test asking about my JS and HTML5 knowledge.
When I look in my inbox, the mail subject says "Back-end Test".

Then I call the woman:

Me: "Hello, I have received the test mail, but maybe it's wrong. I applied for a Front-End position and the test is about backend! "

She: "Do you have skills in JS and HTML5?"

Me: "Yes!, and CSS3"

She: "Well, the test is about that. JS, jQuery, and HTML5"

Me: "..."

Me: "Sorry, that languages are Front-End. In the subject say 'Back-End' and Back-End is PHP, SQL, MySQL, Java, .Net... I don't know nothing about that. I only know HTML, JS, CSS."

She: "It's the same"

Me: "I sorry but it's not the same. Fron-End is client-side, what users sees. Animation, colors, FXs, buttons, forms... And Back-End is server-side, what users doesn't see."

She: "Well, JS, HTML, and CSS is backend for us. We call it that way too"

Me: "Sorry but that is wrong. I invite you to read some basic info. Now I am confused"

Of course that I am not confused. That idi0t was wrong.
Perhaps recruiters should take some info about areas where they are recruiting... (:T)

So today was the worst day of my whole (just started) career.

We have a huge client like 700k users. Two weeks ago we migrated all their services to our aws infrastructure. I basically did most of the work because I'm the most skilled in it (not sure anymore).

Today I discovered:
- Mail cron was configured the wrong way so 3000 emails where waiting to be sent.
- The elastic search service wasn't yet whitelisted so didn't work for two weeks.
- The cron which syncs data between production db en testing db only partly worked.

Just fucking end me. Makes me wonder what other things are broken. I still have a lot to learn... And I might have fucked their trust in me for a bit.

So, I had a friend who hated VS Code like a fuckton alot however, most of my friends are VS Code users and he's the only one who uses atom. He say that it's greater than VS Code and code then would die sooner.

Fast forward to today, he now ranted at my Discord DM about atom ahving slow startups, extensions that doesn't work, that kind of shit, not to mention hentried to commit improperly indented code (we have nazi style enforcement in out projects regarding codestyle) and made CodeClimate ranted over it.

"That's what you get for shitting VS Code" I said. Hours later, he tried VS Code and he instantly fell in love with it.

One down, more to go

Today I saw a code written by my junior. Basically excel export. The laravel excel package provide great ways for optimization.

My junior instead did 6 times loop to modify the data before giving that data to the export package. We need to export around 50K users.

When I asking him why this ? He said it works and it's fast so what the issue ???

Noob , you have only 100 users in the database and production has 10 million.

Sometime I just want to kill him.

The joys of being the sole developer and sysadmin of a service with hundreds of thousands of users.

Just spent a couple hours with my family. In that time half the infrastructure died and the service became unstable.

Best of all is that I seem to be the only one getting this so called "java.net.UnknownHostException: System error" exception.

Product owner:

Okay we have users and groups. Users have roles, roles have permissions, but groups can also have roles or permissions. Clients have users and these client-users can have special kinds of permissions. Now we need to add projects which have pages and special project users who manage the projects, but only the client-users can set rights for which project owners can manage pages. Pages are coupled to roles, and assigned to workflows, unless the client-user already had the permission to... wait where are you going?"

Me: "Fetching a new SSD. I ran out of hard disk space trying to model the database design. Could you please start from the top when I get back?"

Backend: Sorry the fix we had isn't going to work. Turns out app is sending an "undelivered" status after you call the API where you claimed we had an issue. This is in fact the cause, please address it.

Me: We do not have an "undelivered" status anywhere in our codebase. We do not do this.

Backend: *CC product* turns out this issue is only affecting 0.1% of users, its very minimal. Lets push ahead with the release.

Product: Ok, lets go live.

Me: ... ... ... we all just gonna ignore that "undelivered" bullshit? ... ok ... very stable release, here we go.

Breakdown of a casual work day:

50%- typing the same commands over and over again in my terminal and watching things build.
10% - lunch, coffee, attending nature’s calls, staring into space enjoying the headphone music.
10% - googling solutions. Only to find that 3 minutes later you’re reading a wikihow page on how to moonwalk.
10% - talking to fellow humans
10% - typing my password to unlock my computer. Mac users exclusive -typing keychain passwords
5% - contemplating what will happen if you suddenly get up and start dancing. Will you start a flash mob?
5% - random thoughts continue...why am I here? Why am I not partnering with Daft Punk to release a single?

Dear customer support chaps,

I get that you can't help me with my issue. I get that you're only a subordinate of the sales people with no clue about the internals of whatever you're selling. I really get that.. if you knew, you wouldn't be sitting there, dealing with users.

However if I ask you something that you don't know, and I explicitly mention that you should please escalate this to an engineer or someone who knows the answer to my question, JUST FUCKING DO IT ALREADY!!! Put that fucking underserved pride aside for a moment, how difficult can it be?!!

There's so many posts on here that say fuck apple or Microsoft only real programmers or computer users run Linux. Maybe step back and reflect why these companies got big. Maybe the programmers in their development teams are actually good. Maybe variety and competition and different focuses is good for us and consumers.

The situation right now:

Our client: full of legacy desktop solutions that always ran inside a VPN, but wanting to modernize the system and migrate to be hosted in the cloud.

Our first project with them: Frontend built with Angular, backend in a serverless model, all with GraphQL and heavily tested to assure quality. The system is mostly an internal software for management, but the backed may receive data from an App.

The problem: all management users have weak passwords (like "12345", "password", or their first name).

The solution: restrict our system to be accessible only inside the VPN

The new problem: how the mobile app will send data to our backend?

The new solution: Let's duplicate the backend, one public and the other private. The public one will accept only a few GraphQL operations.

------

This could be avoided if the passwords weren't so easily deductible

Getting ready for GDPR at work. I had to explain to my bosses what it meant, especially regarding one of our project where we store a lot of user data. Then I heard it: "this crap doesn't regard us. we have no sensitive data. we only save out users' name and generalities.". I have no words.

The first time I caused a massive error on production.

The good news was the site didn't go completely down. The bad news, however, was that it went down for 60% of our users, and because it's only partial, it got detected only after about two hours.

Everyone halted what they were doing to help investigate the issue. When it turned out that my latest commit caused the error, I was told to fix it... with the CTO and senior software architects watching.

It all happened because I deleted one too many line, an if statement, making the accompanying else statement a complete nonsense. It was a corner case code unforeseen by the QA guy.

The attached meme perfectly describes my feeling for the rest of the month following that accident.

I absolutely hate software that throws error message boxes that look identical to their "please enter new password" message box.

User called and said they needed their password reset. I give them a temp pin and tell them to press ok to the prompt and then put new password in. She says it is still saying invalid pin. This goes on for 10 minutes. I hang up and try on my laptop. Works fine. Then it hits me.

The message boxes look the same. Have the same width and height and shitty little yellow triangle with ! In the middle. The only difference between them is the text in size 9 font.

Gotta read people...cause sometimes the people developing your software assume you can. And to all the software people out there....end users don't want to fucking read.

We had a sprint where we removed some fields from the signup page, in order not to "scare users off" with the amount of information requested. Quite a few changes in frontend and backend alike.

Only now in the final day of the sprint (where we're supposed to deploy the changes) do we realize some of that information is actually required by the payment processor, and likely for very predictable *legal* reasons which I even questioned during planning.

At my first big boy job at a start up with only 50 users, we noticed we had cloud cost spikes about 20x larger than we were expecting. I remember spending all night debugging it, checking the requests as they go through.

The culprit? Someone left an async on a UseEffect with a variable that was regularly updated as a parameter.

In other words: every time a request was fired, the variable would change… so the function would sense the variable changed and fire it again, and so on.

Felt like a total hero.

For several years now, I have been writing programs for myself. I have been publishing the source code for them, but none of them ever got much traction. Then I wrote a program that existing users on social media could just interact with without installation (because even that is too much apparently).

When I wrote the programs for myself with others secondary, I had logic problems to solve and dealt with fucked up API's. Now I still have that problem, but I also have to deal with user retardation. They are not using the program in the way I wrote it to be used, at all. They are not passing arguments where there should be, they are running commands that are still under development and therefore (rightfully IMO) available to only me. I am the one being blamed, why doesn't this thing work?

I'd like to rephrase their question to me. Why are you user not using the goddamn program properly? Why should I need to make half the goddamn code account for users' sheer level of retardation?

Yes, users are retarded. And it's not a battle we can win. Earlier I heard this saying that "every time you make your tools more foolproof, the universe invents a better fool".

[ Introduction ]
In Internet culture, the 1% rule is a rule of thumb pertaining to participation in an internet community, stating that only 1% of the users of a website add content, while the other 99% of the participants only lurk.

[ The story ]
A year ago I had a problem with X software.
I opened a ticket on its repository but a week goes by and no one responds. I need it to work! So I opened a pull request and it got merged in a day or two after a quick review.

Seeing that the tickets were many and the maintainers were few, I decided to stay and help.

Today, I am in the top #10 contributors.
I have made 20 commits and edited 4k lines of code. (Honestly, it's not that much, at work I do way more than that, anyway...)

This repository is an alternative to another popular closed-source software and it's massively used by well-known companies
(tech-giants).

[ Stats ]
User base: 20.000 (all of them are devs)
Total contributors: 200 (1%)
Contributors with more than 1 commit: 60 (0.3%)

[ Consideration ]
I would never have believed a year ago that participation could be so low despite the number of dev-users being so high.

The software does not require great technical expertise and if you are using it for work then you already have the skill-set you need to contribute.

Now listen, I know that not everyone wants to contribute. I know right and I respect it ... but really:

The 0.3% ?! Only 60 devs on 20k are active contributors?! Only 200 (1%) devs have ever made a single commit and then they left.

Holy sh**

I think Microsoft is the only big company that actually cares more about developers than users.

85% of users on Chrome, only 6 users total on ie. Fuck yes

Developers created IDEs with intelligent code completion and languages provide users with an annotation syntax to document their methods.

And then there is Python, nuking all the efforts of our ancestors by dynamic typing. And they are smug enough to call this laziness duck typing. "If it squawks like a duck, swims like a duck, walks like a duck its a duck".
Shit no, it ain't a duck because a fucking goose does all the same but is a mean bastard compared to a duck. You might pet a duck but only the craziest will attempt to pet a goose.

Fuck python and undocumented methods in particular!

If you discount all the usual sql injections the most blatant was not our but a system one customer switched to after complaining over cost.

The new system was a bit more bare bones featurewize but the real gem was the profile page for their customers.

The only security was an id param pointing to the users primary key, which was an auto incrementing integer :)

And not only could you access all customer data but you could change it to.

But since the new system was built by their it chief’s son we realized it was not much we could do.

I'm starting to get sick of people calling out js for being what it is, a terrible pile of shit, without taking any effort learning the language. just because you wrote an app in java or python doesn't mean you're entitled to a free certificate in any language with a name that makes it sound easier.

in fact, I'd claim that for an experienced programmer, Java is much easier to pick up than JavaScript.

but, if all you want to do is sit here and complain, and you can find no joy in reading pages on end of documentation... well then, the only thing you're missing out on is the biggest fucking platform of the world. so don't worry I guess. it'll be fine. right? eventually the users will see that the web is just a nuisance for developers and they'll all start using native apps...

My manager is instructing my team to add a feature that can only be enabled for users by running an update script in the database.

When I argued that it's not really "complete" if it can't be turned on without someone going into the production database, I was told that not only is it complete, but they plan to have our non-technical customer service enable it for customers if the customer requests it...

Apparently giving everyone and their brother write access to prod is a good idea, but implementing a checkbox is a "waste of time and would cost too much money".

Probably going to float my resume... :-p

Im getting a bit tired of programming.

I have been struggling for years regarding programming. I did have some moments of perceived success, but most of the time it has been depressing.

I’m not sure if I dislike programming. But there are some aspects of it that make me feel not as passionate about it.

First of, programs are invisible. No one sees your program or you (assuming we’re talking about a non artistic dev job).

People can’t see lines of code executing, but even if they did it would be gibberish to them.

Users can only become aware of bad software and that kind of breaks my heart a bit.

You could write fast, stable, secure, easy to read, easy to update software. People won’t notice. Hell, even your boss/coworkers might not notice.

In fact, sometimes you try to do the good thing, you try to become a better dev, you try to write tests first, you try to i18n, and what do you get? “Uhh, that’s taking too much time and I don’t see the benefit”.

I know some people will say that people noticing bad service happens on every job.

But programming is the ultimate isolation job. No client has ever told me “hey that code you wrote was pretty good”. They can’t even read code.

I don’t know the users, the users don’t know me, and the users can only judge my program by the result, they can only judge the visual interface.

Let’s say you write a cool project at github. The code is great. Guess what, every language’s ecosystem out there is saturated. Everything is already written. GitHub is saturated. Your best project ends up being a just for yourself enjoyment.

I’m not saying you shouldn’t enjoy code for yourself. That’s how I bet most prolific coders start. I’ve been doing that for many years now. But at some point you want to be part of something with humans.

Imagine I’m stranded on an island with nothing no humans, just food, water and a computer. Would I write code just for myself, just for fun? I think I would off myself 3 months in.

Maybe I should do develop a more social talent...

Worst dev disaster

I was responsible for allowing users to purchase a six month premium plan in our app for free.

Only way we got to know about this was that a customer himself emailed us saying we are allowing users to get premium access for free.
Thankfully he emailed us within a day of the release and we didn't incur massive losses.

Sometimes, being the only fullstack dev with access to a lot of systems gives you the ability to introduce functionality that:

A) prevents future errors

B) introduces new validations to users to make sure A) is prevented.

C) apply these changes to different projects

But most importantly...

D) without a single person in management getting involved or having to sign it off.

It's like running a company you own, but without owning it.

Granted with such power, comes the trust and responsibility of deploying changes with the adequate testing being done prior and handling change management, but fuck, sometimes I wonder if "god mode" for lack of a better term, is too much, or just enough to get the job done without the politics.

We are currently building a CRM for a company, and we have to demo it for some of the users, two guys start asking couple of questions.

Them: what it is built with?.
Me:PHP, do you know it?
Them: No we only know WordPress.
Me: well WordPress is built with PHP.
them: Ah that's probably why we thought it looked like WordPress.
Me: yeaaah probably... sure :)

Well, the impossible needs to become possible again.

"you will shit out a full website for this customer in two days! Fully responsive, 16 pages, and it better be good!"

Yeah. Ok. Fuck you. My attitude stinks, but your expectations and temperament kind of forge my attitude. Now tell me how in fucks name i am supposed to just stop administering over 3000 users and god only knows the ever growing amount of servers, stop all my server side development, so that I can make a site for a customer paying the company the equivalent of $100 for it (because sales people here are retarded) and get zero fucking commission or even a thank you for it.

Nah. Fuck this.

Tired of complaining, and I'm sure you guys are just as tired of it.

Fuck this
I get to work with API where you CAN authenticate with username/password and get a token

But you CAN'T get user info from token (auth response contains ONLY token)

So what I have to do:

1. Get token

2. Request ALL FUCKING USERS and load them into my DB

3. Search through local DB by username and, yeah, here I go

Now I need to have a cron job to update user DB 1/2 times per day

I can't think of ANY reason not to allow this

Only if users were as smart as us. Sigh.

My predecessor used auth as a bool. The only way he kept basic users from accessing admin functions was by including the word "admin" or "user" in the URL so any user could be the administrator by just changing the URL parameters after logging in

For example, mysite.com/admin/editorderdetails vs. mysite.com/user/editorderdetails

Twitter should be connected to a health tracking device so that users would only be able to reply to tweets as long as their pulse and blood pressure is still on a relaxed level. This could prevent dysfunctional "social" media "discussions" a lot.

#fuckapple for holding back the open-web. Most folk don't know that Chrome on iOS is just Safari with a skin; neither Google or Apple want you to know that.

If you hate web-apps on iOS, that is Apple's intentional doing. Apple cannot allow a bug-free and modern browser to run on their iOS devices, else they lose their 30% tax + dev fees cut. There are literally so many crippling bugs in iOS Safari that it HAS to be intentional.

There are email exchanges between Phil Shaffer and Steve Jobs from years past, where Phil didn't believe Apple could continue to gouge users 30%. He argued the open-web would make native apps largely redundant, and so to stay competitive, they'd need to drop the store fees to something reasonable. I suppose Steve Jobs saw a different solution -- just impede browser development.

As someone who develops free and open-source apps, I believe I am doing the world a favour by not supporting a native iOS app. When users complain about missing features in the web-app version, I tell them to take it up with Apple or buy an Android. Guess what? They sometimes actually do just that.

Join me if you have the balls. Tell Apple to FUCK OFF the only way they understand -- threaten their bottom line. At the very least, you'll never need to touch XCode again if you do. If time is money, that alone will make you wealthy.

"There are only two industries that call their customers 'users': Illegal drugs and software. "
- Edward Tufte

How true is this?

I'm 2 months into my first dev job. Today, I was working on upgrading one of our products to React 18. Had a feeling my UI changes weren't being pushed to AWS so I wanted to test that. Changed all labels from ".. filter users..." to "shmilter shusers". Committed, then nearly pushed those changes for a PR. There are multiple lines of defence and only a 5% chance that no one would spot it but as soon as I realized that there's a small possibility that our customers would suddenly see "shmilter shusers" on their instances, I had an absolute fit. Maybe it's a "you had to be there" kind of thing but I don't remember the last time I laughed this hard.

Expert: "The core problem with passwords is that they reside on a server."

I suppose that's true, but only if you're a complete moron. Store a hash of a password, and users can authenticate against it with a password that doesn't get logged. This is technology that's been around for over fifty years. If you're storing passwords on a server, you deserve whatever trouble you get.

So my company was building a software to allow users to use a screen without the screen being touch itself.
It was made using a camera above the screen and then with openCV detect where the hand was.

Anyway I had to test it on the place.

And the place was a factory where they did produce pipes.
It's the biggest company in my city, and yet I was there, in the break room, coding a raspberry in winter in a factory.
The only source of heat was the fire used to melt the metal

That was literally awesome

sometimes our application users can't login to our application and they report the problem to us. The fucking problem? Almost sure they forgot the password because we can login with their account.. Yeah we should not have access to their password, but we do xD. The worst is they send a Word file with only a print screen of the application error saying they can't login. Why not a .jpg??! The word takes 4 seconds to open

I know being hostile to new users is not ok.

But have you seen the shit new users post? Who wants to be part of a community of simple minded and unexperienced idiots?

New users do it all: awful english, strawman, meme reposts, and now, advertising.

I wished there was a "above certain karma" filter, so I could avoid the trash.

But there's not, so the only tool I have is telling them their arguments are stupid.

I don't mind someone BEING a beginner. But as such I would expect them stfu a bit.

Dear software developers, I realise, as a dev myself, the need for auto updates for security and stability, but, outside of only a few niche circumstances, are they really necessary on a fucking *daily* or even *hourly* basis? Congratulations for fixing that minor specific non-crucial bug that 99% of users have never encountered, and I'm happy you're maintaining your code so diligently, but couldn't it wait until next Sunday? By that time I'm sure you could combine the update with all the other minor fixes you'll come up with the interim.

And I wouldn't have to click my way through this shit every time I open the app

I quit using whatsapp 1,5 years ago. only use Signal and Telegram now. Any fellow Signal users here?

Ever dealt with people who don’t understand a damn thing they’re coding and just copy and paste stuff around and say that it works? It’s amazing how long people can skate by with only knowing 50% of how what they’re working on works.

We had some dumb know it all on our team who would regularly ship half-done stuff to production and then scramble to fix it after the users bitched about how it didn’t meet the requirements.

This stupid person changed an else to an if having no idea what any of the logic did in this section of code, didn’t adequately test it, and it somehow made it through code review because the better devs were out of office.

This bullshit goes to production, fucks up 200,000 records, and users start complaining about it. Shitty developer refuses to revert the offending code until multiple people on the team overrule them. They spend the next week unfucking the data and decides to just take a day off on Wednesday because it’s been “too much mental energy to fix.” The shit wasn’t even fully resolved yet.

Some people seriously do not belong in this industry. This person’s thought process was:
“Changing an else to an if can’t possibly have significant consequences. Let’s just change this so my code change executes to see what happens.”

Still not sure how they weren’t fired when this happened. They unfortunately got to quit on their own two months later.

fucking bugs only appear to users

devRant is the only community I have seen so far that allows users to have hyphen '-' in their usernames.

!rant
If you have software in production please have some way for a user to find some contact email (create for this reason only if needed.)

I have run into crippling bugs in huge essential systems (state dmv new system, the ticket system utility marking) which they were oblivious to until I went out of my way, like a stalker to get some contact of someone remotely related to someone I could drop this info in the lap of, and so far it was a total shock to them (the dmv system was taken offline for 3 days to resolve)

I get not wanting to run a helpdesk to support users, but give technical users some contact info ( even if you think you have full coverage analytics because, being software, it may have a bug)

/rant

Oh dear Apple,

so you're telling me that for the camera API, the requestAuthorization() method returns a bool and for the PhotoLibrary it returns an enum. Why are you going with an enum when there are 2 states and the camera api doesn't use an enum?

(The 2 methods serve the same purpose, the enum exists in the camera api as well and has the exact same states)

And why do I need access to users photos, if I only want to write photos?

Why are vegans & mac users so fucking annoying.
Eat what you like.
Use what you like.

Why tf you have to tell me what you eat & what you use is the only good thing in the world. Stop going 'how can you eat that?' & 'how can you use that?' Keep it to yourself 🔫😠

This is the last part of the series
(3 of 3) Credentials everywhere; like literally.

I worked for a company that made an authentication system. In a way it was ahead of it's time as it was an attempt at single sign on before we had industry standards but it was not something that had not been done before.

This security system targeted 3rd party websites. Here is where it went wrong. There was a "save" implementation where users where redirected to the authentication system and back.

However for fear of being to hard to implement they made a second method that simply required the third party site to put up a login form on their site and push the input on to the endpoint of the authentication system. This method was provided with sample code and the only solution that was ever pushed.

So users where trained to leave their credentials wherever they saw the products logo; awesome candidates for phishing. Most of the sites didn't have TLS/SSL. And the system stored the password as pain text right next to the email and birth date making the incompetence complete.

The reason for plain text password was so people could recover there password. Like just call the company convincingly frustrated and you can get them to send you the password.

The designer of a new version of an app sent me the the new designs. I immediately noticed the menu-icon in the bottom right. (In a tab bar)

This is not common and even discouraged by design docs of iOS and Android. So I told him that and he thought we could try it.

After scrolling through the designs I saw the screen where the menu was open; the close button was also on the bottom right. I told him that users are not used to have a menu close button on that position. He said "Every other company is doing it wrong, so we're here to make that difference".. The only thing I thought was 'Okay, so Google is doing it all wrong all the time.'.

So now it's in the app and I don't like it.

There are users that copy shortcut from their desktop somewhere to make a backup. We laugh at them. I just copied symlink to my flash drive and realized it only when I copied it back to different computer and target didn't existed.

Uhm... am I the only one who thinks this is a vague as fuck answer and should've taken more than one sentence to properly inform users of their data protection methods? It can't be just me...

As usual a rather clickbait title, because only the chrome extensions (as always) seem to be vulnerable:

"Warning – 3 Popular VPN Services Are Leaking Your IP Address"

"Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data."

"VPN Mentor revealed that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate"

"PureVPN is the same company who lied to have a 'no log' policy, but a few months ago helped the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case."

"Hijack all traffic (CVE-2018-7879) "
"DNS leak (CVE-2018-7878)"
"Real IP Address leak (CVE-2018-7880)"

I love how my University CSSE courses make it hard for Windows users.
Student: Is it possible use VALGRIND in Windows CMD?
prof: I don't know, I only use Linux command line. Next question.

All programs must compile and run on Linux using g++. So everyone using windows has strip the IDE bloat and transfer the project files over to the remote Linux lab every single time they compile and run.

Benefits of being a Linux user!

Love it when you try to fix a bug and realize the bug only occurs in debug mode.
No clue why, but also not my fucking problem, users ain't gonna debug :D

Make. Fucking. Backups...

I had to find a MailChimp sync plugin for a webshop and thought I found a good one that synced one way (webshop to MailChimp).

I figured, meh, what could go wrong? So I installed it, ran it...and somehow lost around 4000 mailinglist receipients because they were not in the webshop.

Turns out it adds the registered users in the webshop, but also removes entries that are not! Needless to say, I had some explaining to do and was only able to recover about 3000 addresses from a previously sent campaign.

Customer was not happy, neither was my boss, very important lesson learned...

Mozilla has announced that it's rolling out changes under the California Consumer Privacy Act (CCPA) to all Firefox users worldwide.

According to report of ZDNet: The CCPA (America's privacy legislation) came into effect on January 1, 2020, offering Californian users data-protection rules. Much like Europe's GDPR, the CCPA gives consumers the right to know what personal information is collected about them and to be able to access it. While the law technically only applies to data processed about residents in California, US. But Mozilla notes it was one of the few companies to endorse CCPA from the outset. Mozilla has now outlined the key change it's made to Firefox, which will ensure CCPA regulations benefit all its users worldwide. The main change it's introducing is allowing users to request that Mozilla deletes Firefox telemetry data stored on its servers. That data doesn't include web history, which Mozilla doesn't collect anyway, but it does include data about how many tabs were opened and browser session lengths. The new control will ship in the next version of Firefox on January 7, which will include a feature to request desktop telemetry data be deleted directly from the browser.

A few Challenges at my job:
- a CEO with zero tech skills and zero memory.
- a sysadmin with literal brain damage and epilepsy (but he's great, we just have had to learn how to deal with it)
- another (volunteer) sysadmin who we call @God on Slack and who usually only shows up in extreme crises.
- the budget of a tiny organization, the web traffic of a huge site.
- incoherent business logic subject to the whims of volunteers and the loudest users
- a main revenue stream that contradicts our main mission.

it's fun! woot.

I am making an LDAP user manager and porting application for my workplace.

The thing is, i made the first version of it in PHP already. Shit works fine and it without an issue.

But

I had an itch to redesign it using another tech stack that would be speedier, more tested and using a more established platform.

Enter Clojure, a Lisp dialect for the JVM. In a single day I managed to get 80% of the application done. We have about 80k users inside of our ldap system(maybe more) and I tested it with 150 accounts, so far so good.

If this works I will be the first person to deploy a Clojure application, not only for my organization, but for the city as a whole while simultaneously being able to say that I got a Lisp app deployed and working :D

I am loving this. Really wanna have a Lisp app out there and add it to my resume.

The head of my department, an old timer and really ancient dev smiled heavily when I showed him the codebase. Not only is it minimal, it is concise and elegant :D

I love Clojure

And Texas

Just when I was about to watch the Downton Abbey clips on YouTube I realize that my Firefox went completely silent without warning.

So the latest Firefox 52.0 decided to drop ALSA and force users to use pulseaudio instead. Otherwise the only way is to recompile the source with the alsa option enabled, or downgrade.

What the actual fuck Mozilla? Who made this decision? What's the reason behind? So far Firefox is the only browser that is having the sound problem.

Nope. not another bloated package. Maybe I should switch over to Chrome.

Not only did my boss insist on setting up roles and permissions for our app how he designed them, even after I spent 4 or 5 hours trying to convince him to let me do it differently, but he has now fucked our entire system.

Under this model of roles and permissions you cannot enforce them on the backend by any means, and now we have a service dealing with users including resetting passwords and changing details that does not use authentication. That's right, aurhe tocation and not even talking about authorization now. Good job.

I honestly wish companies like this would get hacked and fucked over as soon as they did it wrong because I can't believe how retarded some people are.

Markdown. It is now used by MDN Web Docs and supported by Google Docs. End users will slowly pick up. Then even more (proprietary) flavors of markdown and their accompanying JS-frameworks will follow. All with good intentions, but it can only to end in a big mess and confusion like USB or USB 3.2 Gen 1.

Google simply can't knock off harrassing their users with security theatre.

A friend of mine has a small personal YouTube channel. He has recently been bombarded with several phone verification requests a week: "Verify it's you. To continue your session, complete a brief verification. This extra step helps us keep your account safe by making sure it’s really you. "

While frequent verifications may be understandable on YouTube channels with millions of subscribers, channels with only a few dozen subscribers are not attractive hacking targets. A verification would be justified before a potentially harmful action such as deleting videos or deleting a channel. But not for normal everyday use.

What's next? Will they ask users to "verify it's them" every ten minutes, "just for extra security"? Just to verify that it is "really, really, really, really, really" them?

It's not security. It's security theatre.

Sorry, Google, but users are not in the mood of doing a phone verification every other day.

Has this been Google's perverted wet dream all along?

Another member of the team updated the production JSON configuration of the project with a missing comma, this broke a system that's not yet live and where there aren't any real users (only used for demos/testing).

Instead of having a good laugh about how silly this was, the CTO/CEO removed their write access to production..

Soo.. we always knew facebook is evil and manipulates aunties into some weird conspiracy theories

But finally got some reason to convince my friends and family to migrate from Whatzap (aka facebook2) to Signal or Telegram :)

Forcing users to share their information went to a complete different direction of the world is going to. Kinda of glad that this finally burst out of the tech bubble

Anyway

My question is if there are any alternatives to Instagram?

Fingers crossed tiktok is not the only other option 😅

The whole application was tested by 1 QA who was uploading only one 3MB file.
Now on production ~300 users upload in a batch one hundred 100 MB files... and nothing works now
WHO WOULD EXPECT THAT?

Goodbye Duckduckgo, DuckDuckGo’s CEO Gabriel Weinberg announced on Twitter that his privacy first search engine will be manipulating its search results to only show users what the company deems not to be “disinformation” about the Russia-Ukraine conflict.

A few years ago I would whine, complain and rant about shitty software, which I knew could be so much better than it was. But I didn't yet write software of my own.

Now I complain about shitty libraries, API's and users. Not much has changed really. And every time I write code, I curse myself, and whoever made this trashpile I have to work with. I curse the user to the moon and beyond for using the program wrong. Funny thing is, exactly the thing I was complaining about (input validation, see earlier rant) is also exactly what no more than 5 minutes after release, a user fucked up with. The bot just does not respond at this point. But fuck these braindead retards for users.

In a few years I expect myself to be complaining about shitty compilers and buffer overflows, segmentation violations, bad coding style (don't make your program a fucking colander kthx), and so on.

Next decade I expect myself to be complaining about physics itself, and why the universe is governed by the laws it's governed by. Whoever this God is, he's a fucking retard. Funny thing is, the signs for it are already there. Electron theory! If only those electrons were positrons, then the math would check out properly. Instead of negative electrons traveling from negative to positive, we'd have positive positrons traveling from positive to negative. At least from what I understand so far, this is still a decade away after all.

The point I'm trying to make is that nothing changes, only my understanding of the world around me does, as I tumble further and further down the rabbit hole. Sometimes I wish I had taken the blue pill... Either complain about others' software or perhaps not give a shit at all. Become one of those filthy users I now despise.

Sitting in a board room with about 20 people all who have flown in from different parts of the world to discuss the project plan for a web app with an international user base.

We are discussing a web form with a dynamic layout based upon the users profile. Users enters a ton of information, calculations, are made, and info in stored into a db. Info can be updated and will be reported upon later.

One of the project leads representing Europe suggest that the form be exported into Excel so that the user can fill it out in Excel only to be imported via the application. WTH!!!! Later I found out this was that leads 2nd week with the company. Why were you even at the meeting and why did you have input?

Windows users can't meme.

>tfw osx is more versatile than windows because of Unix structure
>tfw you don't have admin permissions
>tfw your doing important work but you get a forced update because you can't handle your own system

I am a Linux user myself but OSX is a lot more powerful, I don't understand windows fan boyism? The only thing good about windows is their application and game support and a lot of that can be fixed with wine on OSX and Linux

A site I manage in my spare time with a couple thousand normal users was getting attacked by a Chinese botnet. All the requests were coming from only two subnets. Easy to block. Feels like this was only the vanguard. Prelude to the real attack. I'm thinking about moving the site to its own server, so it won't affect my other sites. There at least if it gets kneeled, it'll only be that site.

PCs are a clusterfuck these days. Microsoft has abandoned the niceness of Win-7 and opted for Win-10 - with spyware, untested forced updates and forced online licence checks to make sure you have to get the shit. Macs are total crap, and Apple doesn't care because they instead prefer to milk customers with overpriced iShit. Linux sucks and looks like a Soviet tractor, but at least, it doesn't fuck up itself just by switching it on.

I had Linux as only OS from 2001 to 2010, and while I obviously can deal with it, I finally hated it enough to switch over to Win-7. From 2020 on, it looks like I will be back because Microsoft has managed to fuck up Windows even worse (and then these suckers wonder why Github users don't trust them). Maybe I'll buy a Tux when I install Linux so that I can punch it in the face.

Progress was yesterday - today it's about damage control. Welcome to a world where the brightest CS guys are thinking about how not only to shove up even more ads into peoples' asses, but how to also transmit lab data of the poo.

Alright, guys. You have complete autonomy over this project, from ideation to execution. You can do exploratory interviews to find out what potencial customers would think, you can come up with prototypes, you can choose whatever tech stack you deem fit for the job. The only requirement is that it must be a beauty product. Oh, and that it must have a way to publish this ton of pictures of models our client has. Oh, and it must handle payments and inventory. And it may integrate with third party software. And users need to save the pictures they like. And a booking system. Is that hard to understand?

So Docker Desktop only runs on Windows 10 Pro. Unfortunate for Windows 10 Home users that comes installed with their laptops like me. Gotta install the legacy Docker Toolbox

Today I spent several hours arguing with a client. Why? Because she's seeing an error on her website, and no matter how many times I explain to her that she's the only one seeing a css misalignment that was fixed this morning, and that she should clear the browser's cache or just use a different one, she refuses to understand that it's not my fault and that the website that's in production is working just fine for her users.

FFS I tested the same thing on Firefox Chrome, chromium, edge and even fucking IE8 on as many OSs as I can, namely Windows 7, Windows 10, Debian, Ubuntu, Android and OSX.

WHY DO YOU KEEP BLAMING ME FOR YOUR BROWSERS CACHE. SHUT THE FUCK UP AND ACCEPT YOU WERE WRONG FOR THE FIRST TIME IN YOUR LIFE.

Uffff, that feels better.

Dev Diary Entry #56
Dear diary, the part of the website that allows users to post their own articles - based on an robust rights system - through a rich text editor, is done! It has a revision system and everything. Now to work on a secure way for them to upload images and use these in their articles, as I don't allow links to external images on the site.

Dev Diary Entry #57
Dear diary, today I finally finished the image uploading feature for my website, and I have secured it as well as I can.

First, I check filesize and filetype client-side (for user convenience), then I check the same things serverside, and only allow images in certain formats to be uploaded.

Next, I completely disregard the original filename (and extension) of the image and generate UUIDs for them instead, and use fileinfo/mimetype to determine extension. I then recreate the image serverside, either in original dimensions or downsized if too large, and store the new image (and its thumbnail) in a non-shared, private folder outside the webpage root, inaccessible to other users, and add an image entry in my database that contains the file path, user who uploaded it, all that jazz.

I then serve the image to the users through a server-side script instead of allowing them direct access to the image. Great success. What could possibly go horribly wrong?

Dev Diary Entry #58
Dear diary, I am contemplating scrapping the idea of allowing users to upload images, text, comments or any other contents to the website, since I do not have the capacity to implement the copyright-filter that will probably soon become a requirement in the EU... :(

Wat to do, wat to do...

Point out that removing a "include charger" option from the new iPhone package is not appealing to users with conservative spending habits (me) and users who plan to transition from android to IOS.

"AhaHah you must be poor, poor ppl can't afford to consoom new products every year, I don't care about no chargers AhaAha"

"It'S JuST $30 jUst Buy One @ the StOre"

This is why apple users get a bad rep, apparently not tossing a perfectly functioning phone into a landfill every year makes you poor. My phone doesn't use the new chargers because I actually made a good purchase that has lasted for around 4 years and the only other apple product I own is a macbook, people like these (ain't a few), make me ashamed to be an "apple user" whatever the fuck that means.

The reason for half the web-dev world sufferings is that Microsoft won't stop choking their users with explorer or edge, and half of the client are too dumb or lazy to download a different browser to test stuff. Fuck this shit man! Nothing works the way it should on this bitch.

Everytime my manager says- It should work perfectly on IE because client doesn't have any other browser, I curse IE for exisiting. If you can't improve it, just remove it you freakin' sadists. It'll not be an embarrassment to load something better on your OS. If anything, it'll get people to like you maybe. Like you for accepting your fuckery and making a decision in favor of the web dev world and innocent windows users, who only use your explorer to download other browser asap. For just that one time and for all your arrogance, you're making the whole world suffer.

Been working a year and a half on an offer for a client to plan their new system. Today they wanted us to construct the whole system and call it a beta only to pay 10% of the total costs. They said it is our responsibility to make the budget work as they are merely the "end users and not tech people". I am considering to tell them to go f**k themselves tomorrow.

What do you do when your redirect doesn’t go where you tell it?

Clearly I’m missing something.

I stepped through the code, following the failure path of Sheogorath’s Recaptcha. It fails as expected, and hits this redirect before doing anything else:

`return redirect_to new_user_session_path`

I verified that this redirects to the “/users/sign_in” path, and it returns so the server doesn’t even try to authenticate the user. It just nopes out as it should to prevent timing attacks.

But somehow instead of doing that and redirecting as it should, it signs the user in and redirects somewhere else entirely: the role select page, which only happens after authenticating an admin user. It never even hits my breakpoint after the recaptcha check! It never authenticates!

I think what I’m missing is my old reality where things made sense.

I've lost hope in my precision at this point:

We've updated our website to have X feature. The X feature was implemented, tested and even had unit tests... The worst part when I've lost hope? Both unit and the actual code had the same mistake in them. What was the mistake? Well...

if($variable = 'something') {}

Yeah... Read it carefully... We've always had the same case and only noticed it after 3 months when it was attempted to extend.

Funny enough, few users were harmed but no actual reports of an issue came to us.

Since then, I'm always triple checking that I have the correct amount of `=` to avoid further fuck-ups

@dfox I recently started playing around with Neo4j and find it really fun to work with. Would there be any way to get hold of parts of the devRant graph/graphs? Not private or secret stuff of course - only public parts of rants, tags and users. It would be fun to to play around with and analyze.

Looks like my users are enjoying themselves. Bringing my poor dedicated server to a load average of 72/8 at full CPU usage.

If only I wasn't just running an open source project by myself with only crowd-source money to rely on for server costs :v

Nope!
Korea still uses ActiveX for payments so will take another decade.

Good try though 🤣🤣

(And you should probably know ActiveX only works in IE, rip Apple users)

Why the *fuck* did Facebook decide to nag users by constantly reminding them of how dumb and miserable they are by showing the old-ass posts from years and years ago?? I don't want to see some random shotpost i posted 5 years ago, i don't give a fuck!!
How the hell uses this anyway? Who on earth cares about his facebook image so much, that sharing this stuff is actually meaningful?

Maybe i'm missing a point, but again my facebook profile is just a wall of memes and vapid shit that i don't care about.
I'm starting to really fucking hate facebook in every way, too bad its the only real way to contact people here in scandinavia...
This country is full of applefags anyway, maybe i should just pack up and move to a country with a more sensible communication platform :D

Fuck I can't even. Remember all those rants (mine included) about how users are quite retarded and only report "omg smth wrong, help" without any explanaition or screen shot, or even worse WITH A WORTHLESS CROPPED OUT SCREENSHOT?!

USERS I GET, BUT FUCKING SENIOR DESKTOP SUPPORT GUY DOING SAME RETARDED IT DOES NOT WORK CAN U HELP THING IS MADDENNNNIINNGG

LEARN TO FUCKING READ THE FUCKING INSTRUCTIONS IN THE FUCKING ERROR DESCRIPTION, YES?

*Ahhh* 😄

I just created a users table and added everything except two important fields:
1. FirstName
2. LastName
I only found out when I started working on my service T_T

I'm sorry, I have sinned :(

So here I am investigating something our users are claiming. I look up which user the UserId did the change and I see not only the user but also the users password in clear text in a separate field. I thought that field was for a password hint that the user can set up, but I asked around and apparently, no... It's literally the plain text version of the password stored in the database, next to the hash of the password.
Apparently, the users were so impossible to deal with that we added that column and for users that constantly pester us about not knowing their password and not wanting to change it, we added a plaintext password field for them :D

Integer range is 2,147,483,647. Facebook has 2.96B users. Facebook is the only company that graduated from int to unsigned int, which is 4,294,967,295.

And you're using bigint as an id for the “users” table. I just laugh.

I work in a large organization that previously didn't have it's own development team. Therefore various business areas have built their own solutions to solve problems which mostly involve Access and Excel.

Many of these applications still exist and we are expected to resolve any issues with them and update them when necessary performing this support role while still expected to meet our (very tight) development timelines.

I can't tell you how much of a pain in the tits it is to be trying to power through a priority development only to be interrupted with an urgent instruction to fix a 17 year old Access database that's running slow.

Of course it's pissing running slow, it's 17 years old, has nearly a million records and you have multiple users accessing it across the country!! I think it's time to peacefully let it die.

!rant

Guys,

I'm looking for a (second) VPS provider and stumbled upon one called SSDNodes. They have a 8GB RAM offer for $120/yr. Which sounds far better than the popular choices like DigitalOcean, Vultr, etc.

But the only reviews I can find about them are from their blog or some unknown websites.

Has anyone used them or heard about them? Also, any alternative suggestions? I'm going to be using it for Docker powered personal web projects. Not expecting a lot of users.

Coded a project for months, only tested it in Firefox. Then I think about the other users, so I fix everything in Chrome. After this I sent it to a friend to try it out, says not working at all in Safari, Mac. Okay, another few nights without sleep then... 😩

I'm pretty sure some users only browse StackOverflow looking for questions to flag as "Not Constructive" or "Opinion Based". Some of the best programming discussions I've read have been in the answers and comments to closed questions, so get over it, happiness haters! Sometimes I want to hear people's opinions.

Funny how everything that seems like an almost general truth about the computer users is conditioned only but the phrase "..excepting Linux users" 🤔

No one randomly recommands operating systems ... excepting Linux users!

No one needs to know how to do <complicated hilly-billy technology> in order to use <generic simple software>!

It seems that we (the Linux users) are all rebels without a cause😅

PouchDB.

It promised full-blown CRDT functionality. So I decided to adopt it.

Disappointment number one: you have to use CouchDB, so your data model is under strict regulations now. Okay.

Disappointment number two: absolutely messed up hack required to restrict users from accessing other users’ data, otherwise you have to store all the user data in single collection. Not the most performant solution.

Disappointment number three: pagination is utter mess. Server-side timestamps are utter mess. ANY server-side logic is utter mess.

Just to set it to work, you need PouchDB itself, websocket adapter (otherwise only three simultaneous syncs), auth adapter (doesn’t work via sockets), which came out fucking large pile of bullshit at the frontend.

Disappointment number four, the final one: auth somehow works but it doesn’t set cookie. I don’t know how to get access.

GitHub user named Wohali, number one CouchDB specialist over there, doesn’t know that either.

It also doesn’t work at Incognito mode, doesn’t work at Firefox at all.

So, if you want to use PouchDB, bear that in mind:
1. CouchDB only
2. No server-side logic
3. Authorization is a mess
4. Error logs are mess too: “ERROR 83929629 broken pipe” means “out of disk space” in Erlang, the CouchDB language.
5. No hosting solutions. No backup solutions, no infrastructure around that at all. You are tied to bare metal VPS and Ansible.
6. Huge pile of bullshit at frontend. Doesn’t work at Incognito mode, doesn’t work at Firefox.

I'd just like to interject for a moment. What you’re referring to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.

Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called “Linux”, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use.

Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called “Linux” distributions are really distributions of GNU/Linux.

Please tell me why my boss thinks instead of just implimenting a language picker, it's a good idea to:

1) store the browser's language option in the DB only for new users, but only the first time they log in, never again.

2) never give existing users the ability to change language, and just default them to English.

3) deal with all upcoming language change tickets by having devs manually do DB updates ON THE LIVE PROD DB.

I'm screaming.

I'm a bit late I know (only 10 years or so), but I never use windows explorer and especially not the home directory with its ridiculous location... but why the heck is it not possible to access the home directory from windows explorer? There are bullshit categories like videos and music, but no direct link to the home directory. The small arrow at the "root" of the adress bar seems to be the only way to access users home. WTF?

Ready for another look into my JIRA life?

Ticket Title: "The 'Selected photos' setting will result in users being able to select only one photo at a time."

Ticket Description: "This is not directly a bug, because this problem is caused by the selected setting. Here one would have to consider to give this option no more and/or with an error message the user on it to make attentive, how he can change the attitude."

I don't even have to worry about NDA in this one because it makes absolutely no sense.

BTW, we don't have a single text in the app with the words "selected photos"

99% sure the creator of this ticket wrote it when they were high, drunk, or both

I would like to stop and genuinely thank the devs and anyone that contributed to NW.js for allowing users to work outside the sandbox. Fucking sandboxes these days make developing editors and tooling a bunch of bullshit hassle. I understand why, but it makes an entire class of software that much more difficult to develop.

And on a semirelated note, I decided to go with nw.js because unlike electron, I don't have to tell users "just install these two gigabytes of npm dependencies *from off the net after already downloading the main application*, dependencies that could break at any time at all for any reason."

Does anyone even bundle their dependencies any more or is this something only clinically insane people like myself do?

Because last I checked most users still don't know how to debug console autobarf when a single command goes awry due to something obscure like a version conflict between two brittle cogs in the organ grinder known as package management.

Edit: also, nw.js startup times and memory requirements are relatively sane compared to electron.

Records Person: Can you look at this member renewal issue for system A? It’s happening on the website you maintain. Here are some recent errors to debug.

Me (web developer): I can’t reproduce the error your reporting. Is there something I’m missing? And is there an example for the staging environment?

RP: There’s another team that will manually reconcile the records in system A if they don’t match what’s in system B. So this gives users two active memberships when it should only be one.

Me: 😑 So you already know the issue is human intervention messing with the records and causing the renewal issue. This is not a website issue. It’s a data issue.

If only you could block devRant users......

Only 83.7% users support replaceAll(). Weird bug, difficult to debug

I really don't understand this particular Government Department's IT Unit. They have a system and network to maintain except:

- They don't have a DBA
- They don't have a dedicated Network Engineer or Security Staff
- Zero documentation on all of the systems that they are taking care of (its all in each assigned particular staff's brain they said)
- Unsure and untested way of restoring a backup into a system
- Server passwords are too simple and only one person was holding this whole time and its to an Administrator account. No individual user account.
- System was developed by an in-house developer who is now retired and left very little documentation on its usage but nothing on how its setup.

But, the system has been up and operational for the past 20 years and no major issues whatsoever with the users using it. I mean its a super simple system setup from the looks of it.

1 App Server connected to 1 DB Server, to serve 20-30 users. But it contains millions of records (2GB worth of data dump). I'm trying to swing to them to get me on a part time work to fix these gaps.

God save them for another 20 years.

Telling the users of my website that the only cookie being used is the cookie that says that you've read and agreed to usage of the cookie on the website.
Can this GDPR madness end now please.

This was more than 15 years ago. We migrated a bunch if data (home to a new server and repurposed the old one, the same night. This was not the first task on that allweekender, so it was around 3am on Sunday, with very little sleep, when I had to copy the data. I did that by logging in as admin and copying with Total Commander. Obviously, even admin did not have the permissions to some folders, so a lot of financial data were lost, as the users found out on Monday morning. We had no backup. Old server was not only reformatted, but the disks were used to build a different raid set. Luckily, one of the users who had access to this data kept a backup on a flash drive. (If you're wondering, I should've used robocopy with backup mode)

A "portal" built on Drupal 7. Started by someone who cannot do anything outside Drupal, and overseen by someone who believes JS to be "low level programming" (he literally said that).

What normally would be a table with 7 columns is instead 7 tables joined together. That goes for each data structure.

Each page, built in a separate module, either manually includes the same css files, or simply copy/pastes them.

Old, legacy modules have been hacked, and now depend on newer modules... Which, in turn, depend on the same old ones.

The theme contains huge, hardcoded parts of logic, so it can never be updated.

Worst part of it? It's only 3 years old. And there are people buying it as SaS. Already hitting bottlenecks at 2k users.

Ok guys. Here’s a company who used to offer a slack alternative free and unlimited but now charges anywhere from 79 dollars to 100 to 790 dollars for the same product. Company is Ryver. I dare say they just pissed off tons of customers who loved them for their generous limits. The worst thing is is that if you already have more than 6 users from when they offered the generous free plan, they put you into READ ONLY even for existing members. I thought I’d share this corporate fuckery with people who care. Unless you have tons of cash to burn, don’t try their product. Thanks for reading.

Motherfucker, do you even review your own code, never mind getting anyone else to do it?

"Hi" randomly added on a new line in the middle of a switch block, a syntax error, as the only change in a file?

Breaking two methods by misunderstanding which database object a variable identifies- but making no other change to those functions? And not adding permissions checks to the new API methods you added in that file?

Overwriting the email template that goes out to users who were added straight to the CRM, by reusing the same file for a template for users that have been invited to an event?

Adding your new fields to the old CRM sync code, again leaving me to figure it out, thereby leaving users' changes likely to be overwritten every morning?

And pushing this to master, supposedly tested, without a heads-up?

How often does your mum need to buy you a new box of crayons? Because these ones are chewed to pieces.

Suck my balls. Or rather don't, you probably don't know you're not meant to use your teeth.

Man I fucking love debugging Windows applications... OpenVPN dun shit the bed because the management interface is locked (on the Windows client I presume?) - so poke that error message into the Gargler along with "openvpn windows"... First result, OpenVPN forums. Excellent. ... Some dickhead in the forums: "this is the wrong forum, this is for Access-Server users, and you the user MUST have terminated the process".

Come fucking on! If only I could replace this fucking device with a proper OS already (and no I can't). Windows itself being a clusterfuck is one thing but the goddamn support around it. Atrocious!

We had a issue with a webstore that was only affecting users on Windows: one button didn't do anything.

The colleague that was working on the ticket was running Arch, and for him it was working as expected. He reported that the bug couldn't be replicated on Chromium, Firefox or qutebrowser. But our designer, who was running Windows 10, commented that it wasn't working for her in either Chrome or Firefox.

Some more conflicting reports later a colleague using Windows managed to fix it. It was caused by querying the button elements by id selector instead or a class selector. There was multple buttons, one for each product row.

I guess there just are platform differences that aren't specific to browser but instead the OS, that could have caused it

Domain Drive Design question:

I am working on a simple case to teach how to apply DDD, my case is as follows:
Simple forum with Author, Moderator and Users.

I am using Dotnet core for this. I am not sure how and where I should implement authorization:
1. Author can edit his posts only
2. Moderator edits any post

In dotnet core, we handle roles, policies in the api layer, and its per endpoint, I have an identity layer which handles accounts, registering roles and policies in database.

But I'm not sure if I should or how to handle authorization based on permissions in application layer.

I actually feel accomplished because I'm starting to turn one of my side projects into a real project, even if it isn't popular.

I have a discord bot (exclusive to one server, so more of a discord server) that I have been working on for a while with a couple minigames, like connect 4, crossword, blackjack, etc.

It started off very small, but now I see the project really exploding in size. I have a bona fide testing environment, website with domain and HTTPS with sitemap and everything submitted to google, unit tests, and the scope keeps expanding.

I am continuing to only add value, but have legitimate plans to try and make some income from it if things go smoothly.

Now I just need more than 10 users.

Me: You decided some records in system A should be obsolete, but the records are tied to active user accounts on the website. Now, I have users emailing and asking why their profile’s last name field says “shell record - do not use.”

Stakeholder: Oh…can’t you stop those profiles from loading? Or redirect the users to the right record in system A? In system A, we set up a relationship between the shell record and the active one.

Me: 😵 Um, no and no. If I stop a user’s profile from on the website, that’s just going to cause more confusion. And the only way to identify those shell record is to look at the last name field, a text field, for that shell record wording. Also, the website uses an API to query data from system A by user id. Whatever record relationship you established isn’t reflected in the vendor’s API. The website can’t get the right record from system A if it doesn’t have the right user id.

So when we started this project like 4 years ago... new to the framework, kickstarting lot's of forms with file uploads. Everything seemed to work fine, uploads and downloads worked..
First version of the project got deployed to prod and for weeks or so users have been registering and submitting stuff...

Only problem was: most files were overridden by consecutive uploads as our central upload lib stored files with the same name on disk (normally the ID of the db row was injected but most files were saved before the db row was - resulting in 0 IDs...)
Yeah so... that hurt :(

DevRant users (and my wife) are the only people that know that I have applied for 2 new jobs! I’ve already had a phone interview with each. Tomorrow I have a 2 hour in-person technical interview, and last night I completed a technical assessment/sample application for the other position!

Things are moving fast, but I don’t want to let friends and family know yet, until things get a little more certain.

It’s such a weird feeling going to work everyday knowing that my current job may be coming to an end!

Quiz:
Wich one is Powershell, wich one is CMD?

Word is spreading that CNN, which is owned by Time Warner, got a reddit users IP from their mods, and with their relation to Time Warner, got his identity.

Then extorted him to apologize or be revealed.

This is huge, and we don't even know its the only time it has happened.

VPNs may not even truly protect you if the ISP can connect the dots over time, with time stamps.

Holy shit, CNN just weaponized ipv4

I could use some advice. Immagine this: you recently started a new job where the people are great, the product is pretty cool and pay is good. But the code you have to work with is the biggest pile of shite you've ever seen and your manager does not want to change any of this, even after you suggest you would build something that would be a thousand times better, not only "code wise" but for the users too. What would you do?

Booted up IntelliJ to find the 2018.2 update just dropped. Took me a moment to get used to the design changes they've made, especially overhauling most of the icons.

Only thing I don't like in this change is taking away the color icons from my tool windows, there was a plugin to fix it though thankfully. I need some color in my workflow!

How's the update treating other jetbrains users?

Can we get a way to block users from seeing our posts? Two of my coworkers are on here now and it's only a matter of time before my boss appears. He's nosy like that

DR-4798: Have notifications be marked as read only when clicked on instead of after seeing content
Priority: Should Fix
Type: Story
Description:
**Background**
Some users are reporting that they are not seeing all of their notifications because one notification marks all other notifications as read. This is because users mostly focus on the notification tapped on and then return to the notification screen. But other notifications such as mentions may reside on the same page and thus marks notification as read leaving users to miss out on possible important responses, etc.

Let’s change the way we mark notifications as read by only marking them as read once clicked on not seen.

Ok, users have devRant on the home screen or in notification's action bar. I'll make a kiosk system on my tablet to use only devRant in it, maybe now it will be useful.

Windows users be like "Oh, it's fine. Our tent comfortably fits all my family and it's cold there for only half a year, but not too cold, just wear a coat while you're inside and you'll be fine. Clean water is only two miles away, walking is healthy after all. Yes, agents come every week and rape my wife but it only happens to newbs and honestly I respect that ritual, this is how life works. You only have to send three papers to them to ask them please not to rape us this week and they don't come for a whole week! I ain't stupid, I always carry my gun with me to shoot thugs"

Living with MacOS is just living. You pay the fee and they let you in.

Living with Linux can be just living too, but it can be much more, your skill and willingness to learn are always rewarded. I've been there, I used Arch.

But living with windows is always survival.