A system administrator has two problems:
1. stupid users
2. smart users

We were learning to create a login system in mysql and php when one of my classmates showed me and the teacher his code.

He did a select all on the users table and looped through everything with a foreach.

We both tried to explain him why that wasn't the best method but he just refused to accept that.

He turned out a designer.

By the way, please never do it his way 😬

Tldr :
Office Building : 1
Population: 5000
Number of PC users: 5000
No of Spare mice: 0

Day 1:
Training period commences.
My mouse laser sensor doesn't work.

Solution: Use this mouse to log in to your system.
Open the company portal.
Connect to vpn.
Enter username password.
Create a ticket for mouse replacement.
Done.

Day 3
I bring my own mouse.
Confiscated at security.
Becomes a security violation.

Day 9
I get a call from helpdesk.
Agent- what is the problem?
Me- my mouse is not working.
Agent- why?
Me- what do you mean? Something is wrong with the sensor.
Agent- clean the sensor.
Disconnects call.
Marks ticket as resolved.
Me- WTF just happened!

Naturally, I escalate the issue.

Day 15
Level 2 Agent- what happened? Why have you escalated the issue?
Me- I need a mouse, waiting since 2 weeks.
Him- No mouse is available
Me- you don't have a single spare mouse available in an office with 5000 PC users?
Him- no they're out of stock.
Me- when will it be back in stock?
Him- we will 'soon' launch a tender for quotations from sellers.
Me- time?
Him- 1 week.

Day 34

I email the head of supplies for the city office. Next day I get a used super small mouse, which doesn't have a left button. Anyways, I've given up hope now.

Day 45
I become a master at keyboard shortcuts.
Finish my training.
Get transferred to another city.
No mouse till date.

Surprisingly, this was one of the top recruiters in my country. Never knew, MNCs can be so so inefficient for such simple tasks.
Start-ups are way better in this regard. Latest tech, small community, minimal bureaucracy and a lot of respect and things to learn.

Ever had a 'why in FUCKS name would you do that?!?' moment with another programmer?

In my first study year we learned about PHP and how to write a login system. Most people would either do a 'select count(something like id) from users where username = username and password = password' or select the values based on the username/email and check if the password matches.

This guy selected everything from the table and FOREACHED the records while comparing if the username/password matched with an if within that loop.

I couldn't get him to understand how fucked up that system would become once you'd have loads and loads of users 😅

Every day.

I am a PHP developer.

Yeah, "another PHP is awful" rant... no, not really.

It's just unsuitable for some ambitious projects, just like Ruby and Python are.

First of all, DO NOT EVER use Laravel for large enterprise applications. The same goes for RoR, Django, and other ActiveRecord MVCs.

They are all neat frameworks for writing a todo app, as a better-than-wordpress flexible blogging solution, even as a custom webshop.

Beyond 50k daily users, Active Record becomes hell due to it's lazy fat querying habits. At more than a million users... *depressed sigh*.

PHP is also completely unsuitable for projects beyond 5M lines of code in my opinion. At more than 25M lines... *another depressed sigh*.

You can let your devs read Clean Code and books about architecture patterns, you can teach them about SOLID & DRY, you can write thousands of tests... it doesn't matter.

PHP is scaffolding, it's made of bamboo and rope. It's not brick or concrete. You can build quickly, but it only scales up to a certain point before it breaks in multiple places.

Eventually you run into patterns where even 100% test coverage still doesn't guarantee shit, because the real-life edge cases are just too complex and numerous.

When you're working on a multi-party invoicing system with adapters for various tax codes, or an availability/planning system working across timezones, or systems which implement geographical routefinding coupled to traffic, event & weather prediction...

PHP, Python, Ruby, etc are just missing types.

Every day I run into bugs which could have been prevented if you could use ADTs in a generic way in PHP. PHP7 has pretty good typehints, and they prevent a lot of messy behavior, but they aren't composable. There is no way to tell PHP "this method accepts a Collection of Users", or "this methods returns maybe either an Apple or a Pear, and I want to force the caller to handle both Apple/Pear and null".

Well, you could do that, but it requires a lot of custom classes and trickery, and you have to rewrite the same logic if you want to typehint a "Collection of Departments" instead of "Collection of Users" -- i.e., it's not composable.

Probably the biggest issue is that languages with a (mostly) structural type system (Haskell, Rust, even C#/JVM languages to some degree, etc) are much slower to develop in for the "startup" era of a project, so you grab a weak, quick prototyping language to get started.

Then, when you reach a more grown up phase, you wish you had a better type system at your disposal...

My biggest dev blunder. I haven't told a single soul about this, until now.

👻👻👻👻👻👻

So, I was working as a full stack dev at a small consulting company. By this time I had about 3 years of experience and started to get pretty comfortable with my tools and the systems I worked with.

I was the person in charge of a system dealing with interactions between people in different roles. Some of this data could be sensitive in nature and users had a legal right to have data permanently removed from our system. In this case it meant remoting into the production database server and manually issuing DELETE statements against the db. Ugh.

As soon as my brain finishes processing the request to venture into that binary minefield and perform rocket surgery on that cursed database my sympathetic nervous system goes into high alert, palms sweaty. Mom's spaghetti.

Alright. Let's do this the safe way. I write the statements needed and do a test run on my machine. Works like a charm 😎

Time to get this over with. I remote into the server. I paste the code into Microsoft SQL Server Management Studio. I read through the code again and again and again. It's solid. I hit run.

....

Wait. I ran it?

....

With the IDs from my local run?

...

I stare at the confirmation message: "Nice job dude, you just deleted some stuff. Cool. See ya. - Your old pal SQL Server".

What did I just delete? What ramifications will this have? Am I sweating? My life is over. Fuck! Think, think, think.

You're a professional. Handle it like one, goddammit.

I think about doing a rollback but the server dudes are even more incompetent than me and we'd lose all the transactions that occurred after my little slip. No, that won't fly.

I do the only sensible thing: I run the statements again with the correct IDs, disconnect my remote session, and BOTTLE THAT SHIT UP FOREVER.

I tell no one. The next few days I await some kind of bug report or maybe a SWAT team. Days pass. Nothing. My anxiety slowly dissipates. That fateful day fades into oblivion and I feel confident my secret will die with me. Cool ¯\_(ツ)_/¯

A quite severe vulnerability was found in Skype (at least for windows, not sure about other systems) allowing anyone with system access (remote or local) to replace the update files skype downloads before updating itself with malicious versions because skype doesn't check the integrity of local files. This could allow an attacker to, once gaining access to the system, 'inject' any malicious DLL into skype by placing it in the right directory with the right file name and waiting for the user to update (except with auto updates of course).

From a company like Microsoft, taking in mind that skype has hundreds of millions of users worldwide, I'd expect them to take a very serious stance on this and work on a patch as soon as possible.

What they said about this: they won't be fixing it anytime soon as it would require a quite big rewrite of skype.

This kinda shit makes me so fucking angry, especially when it comes from big ass companies 😡. Take your fucking responsibility, Microsoft.

Worst meeting I’ve been in?

Transitioning from an old system, the CEO said “We will transition on June 30th of next year or … heads … will … roll.”

Everyone knew what ‘heads will roll’ meant.

I wasn’t particularly worried because 90% of my work would be completed by December, the rest would be completed by the users (data transfers, etc.). Realistically, no reason we couldn’t transition by April or May.

June 15th comes around – CEO calls a meeting (managers, VPs, kind of a big deal) because we’re nowhere close to turning on the new system. Needless to say, I was a bit nervous, but my part had been done since November. I worked late nights, weekends, early mornings…I killed myself making sure the system was 100% ready.
CEO starts asking the different managers about what is taking so long…
Mgr-1: ”Well, we aren’t easily able to map our old customer records into the new system. The new system is too hard to use and taking a long time.”
Mgr-2: “We can’t reconcile until the customer records are in the database.”
Mgr-3: “We can’t proof the purchase orders until the customer accounts are reconciled.”
The ‘waiting on him/her’ excuse went around the room.
At this point, couple of the VPs look over at me …I felt like I just turned white …oh crap…I’m going to get fired because all these –bleep-holes just threw me under the bus.
CEO listens…nods…looks at my boss..
CEO: “OK, move the due date out 6 more months. Have your team help out in any way they can. I want this new system working correctly no matter how long it takes. If we need to move the date again, we just do.”

Part of me was relieved, other part was looking for a flame thrower. I worked myself to the bone, risked my marriage (in hindsight, I was not a nice person to her during that time), probably had an ulcer, and these sorry excuse for human beings dragged their asses for months and there was zero accountability.

That meeting was over 15 years ago and it bothered me so much I still remember the CEO was wearing a green button up shirt, khaki pants, and drinking coffee from a Break Time coffee cup.

Upside? Over the next couple of years, every one of those managers either quit or got fired.

*Me working on the security system of the notes app thingy*

"hmm, should check if a users' ip is valid, let's look for some online services..."

*can't find a good one without rate limits*

😞

*hold on, I wrote one myself 🤣*

I am so fucking retarded sometimes.

Well, here's the OS rant I promised. Also apologies for no blog posts the past few weeks, working on one but I want to have all the information correct and time isn't my best friend right now :/

Anyways, let's talk about operating systems. They serve a purpose which is the goal which the user has.
So, as everyone says (or, loads of people), every system is good for a purpose and you can't call the mainstream systems shit because they all have their use.

Last part is true (that they all have their use) but defining a good system is up to an individual. So, a system which I'd be able to call good, had at least the following 'features':
- it gives the user freedom. If someone just wants to use it for emailing and webbrowsing, fair enough. If someone wants to produce music on it, fair enough. If someone wants to rebuild the entire system to suit their needs, fair enough. If someone wants to check the source code to see what's actually running on their hardware, fair enough. It should be up to the user to decide what they want to/can do and not up to the maker of that system.
- it tries it's best to keep the security/privacy of its users protected. Meaning, by default, no calling home, no integrating users within mass surveillance programs and no unnecessary data collection.
- Open. Especially in an age of mass surveillance, it's very important that one has the option to check the underlying code for vulnerabilities/backdoors. Can everyone do that, nope. But that doesn't mean that the option shouldn't be there because it's also about transparency so you don't HAVE to trust a software vendor on their blue eyes.
- stability. A system should be stable enough for home users to use. For people who like to tweak around? Also, but tweaking *can* lead to instability and crashes, that's not the systems' responsibility.

Especially the security and privacy AND open parts are why I wouldn't ever voluntarily (if my job would depend on it, sure, I kinda need money to stay alive so I'll take that) use windows or macos. Sure, apple seems to care about user privacy way more than other vendors but as long as nobody can verify that through source code, no offense, I won't believe a thing they say about that because no one can technically verify it anyways.

Some people have told me that Linux is hard to use for new/(highly) a-technical people but looking at my own family and friends who adapted fast as hell and don't want to go back to windows now (and mac, for that matter), I highly doubt that. Sure, they'll have to learn something new. But that was also the case when they started to use any other system for the first time. Possibly try a different distro if one doesn't fit?

Problems - sometimes hard to solve on Linux, no doubt about that. But, at least its open. Meaning that someone can dive in as deep as possible/necessary to solve the problem. That's something which is very difficult with closed systems.

The best example in this case for me (don't remember how I did it by the way) was when I mounted a network drive at boot on windows and Linux (two systems using the same webDav drive). I changed the authentication and both systems weren't in for booting anymore. Hours of searching how to unfuck this on windows - I ended up reinstalling it because I just couldn't find a solution.
On linux, i found some article quite quickly telling to remove the entry for the webdav thingy from fstab. Booted into a root recovery shell, chrooted to the harddrive, removed the entry in fstab and rebooted. BAM. Everything worked again.

So yeah, that's my view on this, I guess ;P

With the wake of some rants shouting at Linuxers who express their opinion in a considered to be very not good way, I decided to make such a rant. Not to be annoying but because, although I get that fanboyism in that way isn't even good in MY opinion, I do think that one should be able to express their opinion.

But, If you'd like to express your opinion, I think you at least should do that with some good arguments. Not everyone might agree with those arguments but hey, that's the point of opinions sometimes :)

I don't hate windows/mac for being windows or mac. Nope.

I hate the systems for not giving the user freedom to do what they wish with the system but more importantly, for integrating their users in worlds biggest mass surveillance program AND on top of fucking that, not giving peoples the option to look at the source code aka at what's ACTUALLY going on in the system. Next to that, Windows 10's data collection is officially not legal in the netherlands so don't even try justifying their fucking data slurping.

Of course there's a chance that they don't contain any bad stuffs but since the Snowden revelations I don't trust those commercial companies anymore on their 'blue' eyes.

Yeah, I've ranted about this before, I know, felt like doing it again in combination with my reason above. I also know that I will probs receive hate for this but oh well, i'm used to that by now.

So yeah, windows and osx: go fuck yourself.

Pranks again today. Mother of God the level of those pranks is becoming high as fuck.

Define high?
Having to debug shit at system (cron, firewalling, users, sometimes even digging through logs/dmesg) level because weird shit happens all day long.

This is upping my Linux skills a lot though! I love it 😍

Privacy & security violations piss me off. Not to the point that I'll write on devRant about it, but to the point that coworkers get afraid from the bloodthirsty look in my eyes.

I know all startups proclaim this, but the one I work at is kind of industry-disrupting. Think Uber vs taxi drivers... so we have real, malicious enemies.

Yet there's still this mindset of "it won't happen to us" when it comes to data leaks or corporate spying.

Me: "I noticed we are tracking our end users without their consent, and store not just the color of their balls, but also their favorite soup flavor and how often they've cheated on their partner, as plain text in the system for every employee to read"

Various C-randomletter-Os: "Oh wow indubitably most serious indeed! Let's put 2 scrumbag masters on the issue, we will tackle this in a most agile manner! We shall use AI blockchains in the elastic cloud to encrypt those ball-colors!"

NO WHAT I MEANT WAS WHY THE FUCK DO WE EVEN STORE THAT INFORMATION. IT DOES IN NO WAY RELATE TO OUR BUSINESS!

"No reason, just future requirements for our data scientists"

I'M GRABBING A HARDDRIVE SHREDDER, THE DB SERVER GOES FIRST AND YOUR PENIS RIGHT AFTER THAT!

(if it's unclear, ball color was an optimistic euphemism for what boiled down to an analytics value which might as well have been "nigger: yes/no")

So I finally got my head out of my ass and decided to install some OS on that 500MB RAM legacy craptop from earlier.

*installs Tiny Core Linux*

Hmm.. how do I install extra packages into this thing again? *Googles how to install packages*
Aha, extensions it's called.. and you install them through their little package manager GUI, and then you also have to dick around with some TCE directory, and boot options for that. Well I ain't gonna do that. Why the fuck would I need to dick around with that? Just install the fucking files in /bin, /var, /etc and whatever the fuck you need to like a decent distro. I'll fucking load them whenever I need them, BY EXECUTING THE FUCKING BINARY. But no, apparently that's not how TCL works.

Also, why the fuck is this keyboard still set to US? I'm using a Belgian keyboard for fuck's sake.. "loadkeys be-latin1"
> Command not found.

Okay... (fucking piece of shit) how do I change the fucking keyboard layout for this shit?!
*does the jazz hand routine required for that*
So apparently I need to install a package for that as well. Oh wait, an EXTENSION!! My bad. And then you can use "loadkmap < /usr/share/kmap/something/something" to load the keyboard layout. Except that it doesn't change the fucking keymap at all! ONE FUCKING JOB, YOU PIECE OF SHIT!!!

That's fucking it. No more dicking around in TCL. If I wanted to fuck around with the system this much, I'd have compiled my own custom Linux system. Maybe I can settle with Arch Linux, that's a familiar distro to me.. I can easily install openbox in that and call it a day. But this is an i686 machine.. Arch doesn't support that anymore, does it?

*does another jazz hand routine on Arch Linux 32 and sees that there's a community-maintained project just for that*

Oh God bless you fine Arch Linux users for making a community fork!! I fucking love you.. thank you so much!! Arch it'll be then <3

***Interviewing potential sys admins so us devs don't have to build everything and run everything***

Coworker: Do you know how to use cron and cron jobs?

Candidate: Yes I'm familiar with setting up users and permissions.

Me: 😳

Coworker: 😳

Boss: We will give you a call have a good day.

If you had just admitted you didn't know but we thought you could learn we might have been open to teaching you but brazenly acting like you know something when you don't is dangerous if you're running a multi thousand user production system.

1. You don't code to add a feature or whatever. You do it to solve Users' problems. It's a User-centric system.
2. You read more code than you write. So help yourself and write code intended to be read.
3. If people don't know you did something, you did nothing!
4. Never answer a call at 3 am if you're not paid to be on night call-duty. You'll become the guy who answers at 3 am.
5. Remember the big difference between you and me is that I failed to do stuff more times than you have tried to do.
6. When you start shaving the yak, stop!

Buckle up kids, this one gets saucy.

At work, we have a stress test machine that trests tensile, puncture and breaking strength for different materials used (wood construction). It had a controller software update that was supposed to be installed. I was called into the office because the folks there were unable to install it, they told me the executable just crashed, and wanted me to take a look as I am the most tech-savvy person there.

I go to the computer and open up the firmware download folder. I see a couple folders, some random VBScript file, and Installation.txt. I open the TXT, and find the first round of bullshit.

"Do not run the installer executable directly as it will not work. Run install.vbs instead."

Now, excuse me for a moment, but what kind of dick-cheese-sniffing cockmonger has end users run VBScript files to install something in 2018?! Shame I didn't think of opening it up and examining it for myself to find out what that piece of boiled dogshit did.

I suspend my cringe and run it, and lo and behold, it installs. I open the program and am faced with entering a license key. I'm given the key by the folks at the office, but quickly conclude no ways of entering it work. I reboot the program and there is an autofilled key I didn't notice previously. Whatever, I think, and hit OK.

The program starts fine, and I try with the login they had previously used. Now it doesn't work for some reason. I try it several times to no avail. Then I check the network inspector and notice that when I hit login, no network activity happens in the program, so I conclude the check must be local against some database.

I browse to the program installation directory for clues. Then I see a folder called "Databases".

"This can't be this easy", I think to myself, expecting to find some kind of JSON or something inside that I can crawl for clues. I open the folder and find something much worse. Oh, so much worse.

I find <SOFTWARE NAME>.accdb in the folder. At this point cold sweat is already running down my back at the sheer thought of using Microsoft Access for any program, but curiosity takes over and I open it anyway.

I find the database for the entire program inside. I also notice at this point that I have read/write access to the database, another thing that sent my alarm bells ringing like St. Pauls cathedral. Then I notice a table called "tUser" in the left panel.

Fearing the worst, I click over and find... And you knew it was coming...

Usernames and passwords in plain text.

Not only that, they're all in the format "admin - admin", "user - user", "tester - tester".

I suspend my will to die, login to the program and re-add the account they used previously. I leave the office and inform the peeps that the program works as intended again.

I wish I was making this shit up, but I really am not. What is the fucking point of having a login system at all when your users can just open the database with a program that nowadays comes bundled with every Windows install and easily read the logins? It's not even like the data structure is confusing like minified JSON or something, it's literally a spreadsheet in a program that a trained monkey could read.

God bless them and Satan condemn the developers of this fuckawful program.

If I were in charge of the company's upcoming-required-password-change notification system, during the month of October users wouldn't get an email.

Instead, the phone would ring.

When they answer, at first there'd just be hissing and crackling.

Then after a few seconds, a kid's voice would whisper,

"Three daysss..."

Every single one of them, and every one that will come after them.

Google, it started out as 2 people in their garage, wanting to make a search engine that was better than the others. Nothing else, nothing evil. Just make the world a little bit better. And look what it's become now. A megacorporation with little to no regards for their user base. Because who cares about users anyway?

Microsoft, it started out with Bill Gates - young high school computer nerd - who wanted to make an operating system for the world to use. Something that's better than the competition. And boy did he do so. Well "better than the competition" aside, he did make it for the world to use. And the world adopted it. And look what it's become now. A megacorporation with little to no regards for their user base. Because who cares about users anyway?

See where I'm going here?

Apple, it started out with Steve Jobs and Steve Wozniak in their garage, just like Google did, wanting to make hardware that was better than the others. Nothing else, nothing evil. Just to make the world a little bit better. And look what it's become now. Planned obsolescence has been baked into it, just like it is in every other piece of technology. Quality control and thinking through the design has become a thing of the past. User choice, yeah who cares about that.

Samsung, it started out centuries ago actually, and I don't really remember the details of it.. ColdFusion has a video on it if memory serves me right. Do watch it if you're interested. Anyway, just like all the others they started out as a company which wanted to make the world a little bit better. And damn right did they do so.. initially. Look what they've become now. Forcing their stupid TouchWiz UI upon their customers (or products?), a Bixby button that can't even be reprogrammed.. and the latest thing.. Knox, advertised as a security feature, but as everyone who likes rooting their devices and mucking with it knows, it is an anti-feature that only serves for lockdown. Why shouldn't you be able to turn in a phone for RMA when a hardware error occurs, when all you've personally modified is the software? Why should changing the software blow that eFuse, so that you can be sure that you can't replace it without specialized equipment and a very steady hand?

I could go on and on forever about more of the tech giants out there, but I feel like this suffices for now. Otherwise I won't have anything else left for future rants! But one thing I know for sure. Every tech company started, starts, and will start out with a desire to make the world a better place, and once they gain a significant customer base, they will without exception turn into the same kind of Evil Megacorp., just like the ones before them. Some may say that capitalism itself is to blame for this, the greed for more when you already have a lot. Who knows? I'd rather say that the very human nature itself is to blame for it. We're by design greedy beings, and I hate it. I hate being human for that. I don't want humans to be evil towards one another, and be greedy for ever more. But I guess that that's just the way it is, and some things do actually never change...

Hey devRanters! A tiny update regarding the privacy tips etc site.

So as ewpratten doesn't have much time right now, I'm doing frontend as well for now.

Since some people also offered to contribute content, which I did not expect, I am also writing an invite/registration (based on invites) as we speak. So, this way, I can invite anyone (based on email address) into the CMS so that they can contribute content as well!

Regarding frontend, I'm introducing a system with icons. Icons? Yes, icons, let me explain:

Every application/service will get a couple of default filtering thingies. (not like clicking something and it'll filter anything out, yet) It'll enable users to see what an application does or does not. What the FUCK do you mean? Alright, so, as example, lets say open source. next to each application (read application/service) listed, there will be an open source icon. If the application is open source, this icon will be green, otherwise it will be red.

This will allow for a quick way of filtering stuff out.

For example, if you're only looking for open source stuff, you can quickly filter stuff out where the open source icon is red!

This will apply to things as open sourceness, metadata saving, usage of good crypto technology and so on. So you'll be able to quickly filter out the stuff you want to use (by eyes) through those filters!

Please let me know what you think and if you have ideas, I'll be glad to hear them!

I'd just like to interject for a moment. What you’re referring to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.
Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called “Linux”, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use.
Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called “Linux” distributions are really distributions of GNU/Linux.

Gotta love clients which ask you for a quote to expand the system you did for them, then a week or two later "accidentally" found some cheap absolutely garbage dev that made it for 1/5th of your price and during all that destroyed half your work, by e.g. replacing uuids with just ids, making the system now leak how many users there is, all their user saved content, allowing to just increment through them all, also then acting surprised when I decline any further work with them.

Then theres also clients that even after explaining all physical or software limitations, act like you should be a core developer and just fix that, for fucks sake you were using freaking excel sheets before, be happy with any possible change.

I am trying to understand something for a while. devRant is full of privacy advocates and to be honest, part of it is almost taken by a group of people that call other people random swear words people because they are using a particular product of a company.

I will raise some points and will try to discuss them with other people in comments.

I will stick with Google. Since it looks like it's the most hated one. A company that has built one of the most intelligent infrastructure, the most popular mobile operating system and of course, the best search engine currently available.

The problem everyone sees is the privacy. Google tracks the search history to give users a better experience and show relevant ads. You might not need this "better experience". In case you don't know, you can turn off personalized search any time to make sure Google doesn't track. Same goes with Google Chrome, you can turn off all the data it is sending to servers in settings. You can simply not sign in if you don't anything to be synchronised.

An argument is Google should be opt-in rather than opt-out. But the general users are not tech-savvy. And yes, going to settings and turning on personalised search is a lot of work for a huge amount of people. Trust me, I worked in IT before. If they find other search engine giving them a good experience without changing anything in the settings, they will just simply move to that engine.

What interests me most if how people back DuckDuckGo. First of all, not all parts of DDG is not open source (it's fucking not, you can argue all day). Parts of it is closed because of licensing issues.

That is perfectly fine to privacy community. But it's not when Chrome is closed source for almost the same reason. I mean when you're using DDG, you are supporting a US-based company that has privacy all over its face and using closed source application on their server. Have you not learned anything from history?

You might be wondering about my obsession with Google. It hurts me when I see a giant company whose popular software is open source is bashed like this. Google has made huge contributions to open source communities. Chromium, Android, Kubernetes, Angular, GoLang, TensorFlow etc.

And PRISM, how do you know that DDG is not part of it? it's US-based after all.

I just saw an article that used a video with a title "TNW - Aral Balkan - Free Is A Lie | The Next Web" while asking us to switch to DDG. Ummm....DDG is also free right?

Maybe we should raise concerns with the US gov first rather than Google.

So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)

Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.

Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.

Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.

It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.

I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.

So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.

I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.

Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.

An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:

"please reenter card number to validate."

Bupkiss. Dead end.

OR SO YOU WOULD THINK.

One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:

"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"

One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:

With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.

So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.

Oh boy, the startup managers are writing a roadmap today. Can't wait.

5 mIlLiOn DaIlY aCtIvE uSeRs By EnD oF Q1! (2022!!!)

1 MiLlIoN dAiLy ReVeNuE bY tOmOrRoW!

zErO bUgS aNd KnOwN iSsUeS iN sYsTeM bY 5Pm ToDaY!

tHoUsAnDs Of NeW cUsToMeRs WiThIn ThE nExT hOuR!

I’m a .NET desktop fullstack dev these days… Never worked web unless for my own small needs/personal projects.
I started using tech one way or the other by the time windows was version 3.1 and been through quite a bit ground-breaking changes in the industry of software development and the internet but if there’s one thing I cannot understand of it all, no matter how much thought I put into it is: How the fuck did we manage to make it so fucking complicated to develop anything these days?
I remember like it was yesterday that you could stand a website with HTML, CSS and JS, three fucking files and you’ve made yourself a single page site. Then came the word “Responsive”, “Responsive” written everywhere. Fair enough, grid system popped up. All of the sudden jQuery was summoned… and everything that happened after this point has been a fucking circus of high-pitched teens talking on conferences about fucking libraries and frameworks to make integration with real time, highly scalable, eco-friendly, serverless, data driven, genome aware, genderless, quantum technologies to interact with bio dynamically generated organisms, namely fucking users.
Every fucking bit of the process of building a mobile/web application seems to be stopped by yet another incredibly dumb attempt to suicide a developer. Can you go from starting an app and publishing an app without jumping through a thousand VERY specific hoops? No, fuck no.
I fucking hate it… It’s a bit hard to get Desktop dev jobs these days but for as long as I work on IT I will continue to stick to that area, until someone for the love of life comes up with a fucking solution to all this decadent circus of bureaucratic technocracy.
Fuck big industry, fuck tech giants, fuck javascript and webassembly, fuck kids putting ASCII art on console applications that I DON’T FUCKING NEED to install dependencies THAT I DON’T FUCKING NEED to extend functionality on frameworks that I DON’T FUCKING NEED… oh wait, I do need all this because YOU FUCKING MADE IT MANDATORY NOW! FUUUUUUUUUUUUUUUUUUUUUUUCK YOU!!!

- Let's make the authentication system so the user can only login in one device at time, because this is more secure.
- You know that this will be a general-public application, right?
- Yeah!
- Sou you want to "punish" users with a logoff on the other device when he tries to login in a new one?
- Yeah!
- But before you said we will use Json Web Token to make the backend stateless.
- Yeah!
- And how will we check if the token is the last one generated?
- We will store the last generated token for this user on a table in our DB.
- So... you are basically describing the old authentication model, with session tokens stored on the backend and communicating them via cookies.
- Yeah, but the token will be sent on the Header, not on cookies
- Okay, so why will we use Json Web Token to do this in the first place?
- Because this is how they're doing now, and this will make the backend stateless.

A moment of silence, please.

In my current work, I have two systems to work on (let's name em Systems A and B). Both basically do the same thing; both allow users to book facilities available to them.

System A is already in production. My job is to fix any bugs that come up on said system. System B is an improved version that they wanted me to develop. This would follow a different framework etc. I am already halfway through this system.

Now, here's the fucked up part. The code for system A is a massive clusterfuck. It has unused commented code dated back to ancient times where men had the brain of an ape.

And don't get me started on the fucking logic. One part of the code was to retrieve and display the timeslots available for a chosen facility. The code to do that alone takes up 500++ fucking lines, filled with ajax commands, html manipulation and commented, unused codes..AND THAT'S JUST THE FRONTEND!

The fucking backend was not a problem of smelly code anymore. Nope. It was like a programmer had code diarrhea and shat his backend code all over the project. If I had a pin board, I would have made a crazy wall just to understand what some fucknut was trying to achieve.

Anyway, my supervisor told me to fix some bugs on System A. Knowing how the code was, I told her that I could refactor the code. Since I've already achieved that function on System B, with a shorter and cleaner code, I could just copy that and use on System A. But nope. She SPECIFICALLY told me to just "do whatever to fix the bugs. I don't want to waste time on System A." Okay. Makes sense to me. Whatever. I didn't wanna fuck my head up looking through that mess of a cesspool. So, I came up with a few hacks, not thinking of clean code and fixed whatever bugs there was. I then just pushed to the repo (after testing of course).

This bloody morning, supervisor came in and gave me more bugs to fix. When I thought she was done, she said "Hey. I saw the fix you made to the system. The bugs are fixed but the retrieval of the timeslots is now pretty slow. Could you see what is the problem?"

Slow.. She said that it was slow. And asked if I could fix it. I already told her what the problem was and she did not want me to waste time on it. But she wants me to fix it. WHAT THE FUCK IS WRONG IN HER BLOODY HEAD! I SWEAR TO GOD... UGHHHHH I swear I was already waterboarding her in my head. YOU WANT FAST?? How bout fucking allowing me to refactor the code?? Fucking shit head. I think I should take up yoga.

Devrant client update:

- load indicator on ajax execs
- changed the design yet again, hopefully final this time lol
- implemented ajax content loading so the menubar doesn't flash
- block users/keywords plugins done, only left to find a clean way to integrate it with the upcoming notifications, so no notifications are fired for blocked users or posts with blocked keywords (similar to twitter mute keywords)
- usernames linkifier plugin
- links get unshortened on feed too (via plugin), without losing the ability to press on a post

next is (just to name a few, the trello list is far bigger by now)

- login
- local notifications, should be firing without GCM/FCM too hopefully, which would be great for people on here that de-googled entirely and don't want microG
- port some of my userscript plugins I haven't yet
- theme system
- global and plugin settings
- plugin update system
- plugin import checks for obfuscated code, one line etc. and warns the user
- client update system

Customer: «We want all the users belonging to this organization share the same username and password»
[Editor's note: we are talking about 500 users, more or less half of the total in the system]
Customer, after some minutes: «It's very important for us having the web interface using HTTPS, because we care security a lot».
So, please, go fuck yourself. And die.

!rant & story_time
This happend to the startup I was working for at ~2011. I was a junior Android dev, working on a very popular app.
During experiments for a new feature, I discovered that the system AlarmManager has a serious bug - you can set a repeating alarm with interval=0ms. If your app takes more then 1 ms to handle the Intent, then the AlarmManager will start to fill up the intent Queue, with unexpected results to the OS. causing it to slow down, and reboot when it ran out of Ram. Why? my guess was that because the AlarmManager was part of the OS, then any issues caused by it caused the system process to ran out of ram, crashing it, and the whole system with it. the real kicker was that even after a reboot, the AlarmManager still had Intents queued, causing the device to bootloop for a while, untill the queue was cleared. My boss decided to report the problem to google, as this was an issue in the OS. I built an example app, that caused the crash 10-30 seconds after starting, and submitted to Google. Google responded later that day with "not an issue, no one will ever do this".
Well... At this point I decided to review the autoupdate feature in our app, to make sure this will not happen to us. We just released a new feature where a user can set an update schedule option in the app settings - where you could setup a daily, weekly, or hourly update for the app. after reviewing it, It looked good, and the issue was not triggered in the manual QA I did. So, it was all good. And we released an updated version to the store.
After we did an update-install, we discoverd that, there was a provlem reading the previous version SharedPrefs value for the update schdule settings, and the value defaulted to 0...
the result was, our app caused all our users to go into a bootloop, and because the alarm was reset when the devices booted up, the bootloop could only be solved in a factory reset, or removing our app, before the device rebooted, and then waiting a few reboot cycles.
We lost 50 places in the market, and it took us 6 months to get back to where we were.

It was not my fault, but it sucked big time!

my story so far

Hey guys. i just wantes to share my story becoming something i think is like a dev.
I was always interested in solving problems. my grandfather has a company with a bit over a 100 employees. one day i decided to start working there. he needed someone to build up the erp system (mostly maintenance). about a month after i started he decided to get a new erp system because the one he had would not fill his needs. not knowing how big this got i told him that i want to build it up. from getting the orders over production with machines to billing.
he agreed. after a short time we knew that even this new system does not fullfill our needs. but it was so damn expensive. i told my grandfather: trust me, i am handling this. no further costs. and i started to learn programming. i learned night and day (visual basics.net, sql, c#). since then i wrote about 8 additional modules for the system in coorperation with the users. today, 3 years later we are far ahead our market in terms of transparency and information flow. i worked very hard for this and it is a great feeling to see that the things i do help my colleagues and are used.

i never learned this stuff in school and i know that i cannot tell that i am a professional programmer.

but when someone asks me i tell them i am a programmer because my solutions work and i think i deserve to call me that.

thanks for reading :)

Real Linux fuck up coming up.

Be me.
Working on a project.

Accidentally used sudo with git pull, every file now is only accessible for root users.

Thinking to myself.. okay I'll just do chmod 777 to the current directory

Forgot how to use chmod
At first something like
Sudo chmod ./ 777

Not working
Maybe
Sudo chmod / 777

Not working
Remembering that it's the other way around

sudo chmod 777 /

Now... I fucked up. I forgot the dot, and for a sec I forgot that '/' means root directory and not current like './' does.

Few moments later the permission system of Ubuntu is utterly fucked. Everything is not working.

Need sudo in order to fix everything but sudo isn't working.

Few hours of crying later,I solved it thanks to some nice ppl online helping stupid people like me who used that command...😂

Dev: This is the first version of this new app, we’re still experimenting with how it’s going to work but initial headway is looking promising. It cost very little to make, came together very quickly and is already resulting in productivity increases for users. We’re just doing a bit of code cleanup now and we’ll make a move on the next iteration.

Corporate IT: This project is being completely mishandled! In order to successfully build an app you have to determine every single requirement beforehand! It takes millions upon millions of dollars due to the complex system of governance and approval that needs to exist. Massive numbers of stakeholders need to be involved and coordinated to even make so much as a login screen! I bet your project doesn’t even have a documented list of core values.

Dev: Has you ever successfully built an app using that methodology?

Corporate IT: 😡 That’s a loaded question. I went to school to study project management and have over 25 years of experience in the field. If you had the training and experience I do you would know that tech projects are naturally very volatile and there’s nothing you can do about that!

Dev: …

Working on a database priorly designed and maintained by some private agency.

The fuck I'm dealing with!

Boolean values stored as 'TRUE'/'FALSE'. It's varchar, my dudes.

There are no FK relations. Just the values of IDs in a column.

There are no indexes, all on just the PKs, nothing else. Nothing.

Null, what's that? I'm dealing with 'N/A', my dudes.

Unique key, what's that? The table which stores users has all the fields nullable. Email is not unique ( even though that's the required behaviour).

ALL the numeric values are stored as varchar. Varchar, my dudes. Varchar. '1', '1.1'

And finally, the good ole, 1 table to rule them all. Normalisation, fuck that.

And what's the root cause of all this? My PM used to hand them Excel sheets she maintains on her local system. FTW. I don't have a enough explanations.

A big FUCK YOU to chrome, and a big FUCK YOU to google in generally. First the hell that is code.org, then the chrome. I genuinely want to open a dictionary in google to see if the word "privacy" is in there. Sure, first it was tracking users with by making them agree to a long ass TOS no one wants to read except lawyers, then barely even giving any info and asking for consent with YOUR data, but this is too far. For all you that dont know, LanSchool is an application that allows teachers to see students screens, internet history and more. Its the reason kids can't play games in English class. But most importantly, its a chrome extension. We have to do assignments from home right? So when we logon to the school account from home, LANSCHOOL GETS DOWNLOADED ANYRACKS EVERYTHING I DO. It pains me how teachers can view so much information unfairly because of some unknowing students, my friends privacy was unfairly in the hands of google and the school system. Right when I found out about tit (~2 mins after i first logged on) i made an Ubuntu VM just for goddamn google docs. Back to my friend, he went on some websites not to be considered appropriate, and got in huge trouble. He was completely unaware of the fact that they could see his screen, and I resent google for allowing a third party to manipulate my PERSONAL COMPUTER without my consent. Die google, you ruined android, which had so much potential, and now the web and virtual privacy. You should be <strike>ashamed</strike> dead, and I hope in the future you realize that one day people will have common sense.

So I looked at our dashboard and noticed a banner mentioning scheduled maintenance set for 7:00 AM. And I thought to myself, "I never released an update, and even if I had, the maintenance would be performed 15 minutes after the build finished, not at 7:00 AM." So I emailed my coworkers, asking if they had put up the banner, no, no. I started pulling my hair out trying to figure out what caused this banner to be created. Was there some old job that was just now running? I combed through the server logs, thousands of entries later, and I found the banner was installed by some user with the IP 172.18.0.1...which was the local machine. I went through all the users on the system, running atq to see if anyone had jobs scheduled. And there was one job scheduled, under the root user. At that moment, I legit thought to myself, "have we been hacked? How is that possible?" It's wasn't! Then I looked under /var/spool/atjobs to see what the job actually was. And then I saw it. My weekly updater cron job had installed updates and had scheduled a maintenance window to reboot the system. And I smiled, realizing that my code was now sentient.

So this fucktard decided to write the most inefficient way to collect thousands of records.

The system I am working on allows users to book facilities. There is one feature where an admin can generate reports on the bookings made between any two dates. A report for bookings made between January and April generates 7878 records.

So this shithead, after making a call to the server and receiving 7878 records decides to put it through 4 fucking foreach loops (this takes around 44.94 seconds).

After doing that, he passes it to the controller to go through ANOTHER foreach loop to convert those records into a JSON string, using..string..manipulation. (this takes bloody 1 minute and 30 seconds).

Now, my dear, dear supervisor is asking me to fix this saying that there must be a typo somewhere. Typo my arse. This system has been up for more than a year. What have they been doing all this time??? Bloody hell. Fucking idiots everywhere. I now have to refactor
..fucking refactor.

I love Linux, but its community can be so full of incompetent assholes..

Just now I asked in Freenode ##linux how to get the process ID of my current running process in bash. I got my answer - it's a shell built-in called "$$".

Then people start to nitpick some more - why do you need it? How is that different from an exit? - to which my response was.. well I know the whole idea behind exit codes, and I'd use it whenever possible, in all defined behavior that allows my program to terminate itself whenever it can. This pidfile however would be used to exit itself and provide diagnostic information whenever the program enters undefined behavior - a segfault in C language. Scenarios in which I don't have full control over the script's behavior anymore, such as the system entering an unworkable state where the system stalled, still got some binaries in RAM but the rootfs got unwritable, such as now - very helpfully, thanks HP! - when my laptop likely overheated and shat itself. I issued sudo reboot into it, but even that wouldn't issue properly anymore due to the /sbin/poweroff binary becoming inaccessible too. I had to issue a hard power cycle.. one of the few times in which I'm thankful to HP for actually causing shit like this, lol.

Point is, that undefined behavior is what I'm trying to mitigate against. I certainly can't let any files other than diagnostics remain in nonvolatile storage like that, especially when their state should be predictable in order to ensure good operation (like files expressing whether the script is already running or not, i.e. lock files).

Back to that IRC chat. Aside from the answer, I got ridicule from people who probably don't even know how to properly compile a kernel. Ubuntu users, overconfident scum. Sometimes I feel like I should ask questions in channels like #archlinux only, where such incompetency is ridiculed on its own.

The joys of being the sole developer and sysadmin of a service with hundreds of thousands of users.

Just spent a couple hours with my family. In that time half the infrastructure died and the service became unstable.

Best of all is that I seem to be the only one getting this so called "java.net.UnknownHostException: System error" exception.

So instead of using the budget of 7k$ to buy all the plugins the old developer needed, he torrented more than half of them and deployed the system

which ended up in 20 thousand users including companies reporting a breach, because avira etc reported some kind of drive-by scripts on the new website

what a fucking buffoon, the most annoying thing about this is, that all the plugins had a "license file", so I didn't even first get, where all that shit is coming from

Managements definition of an MVP:

- Integrate our backend and database with a similar-ish, older internal system built on a different tech stack and different rules.
- Merge the functionality and delete the old one.
- Modify our system to accept 2 types of logged in users.
- Have 2 versions of our API that return different values.
- Update our mobile app to render different data based on which user is logged in.
- Onboard the old system users to this new system.

My definition of an MVP:

- Tell the store we are taking over, that they have to print their labels from our tool, and onboard the users to our app.

Fuck Apple and its review system

So, this started in december. We wanted to publsih an app, after years of development.

Submit to review, and passes on the first try. Well, what do you know. We are on manual release option, so we can release together with the android counterpart. Well yes, but someone notices that the app name is not what was aggreed (App Name instead of AppName). Okay, should be easy, submit the same app, just the name changed. If it passed once, it will pass again, right? HAH

Rejected, because the description, why we use the device’s camera is too general. Well... its the purpose of the app... but whatever, i read the guidelines, okay, its actually documented with exapmles. BUT THEN WHY THE FUCK COULDNT YOU SAY THAT ON THE FIRST UPLOAD?

Whatever, fix it, new version, accepted, ready to release just in time.

It doesindeed roll out,but of course, we notice that the app has a giant issue, but only on specific phones. None of our test phones had this problem, but those who have, essentially cannot use our program. Nasty as it is, the fix is really easy, done in 5 minutes. Upload it asap, literally nothing changed from user point of view, except now it doesnt crash on said devices. Meanwhile 1 star reviews are arriving from these users - of course with all the right. Apple should allow this patch quickly, right? HAH

THE REAL BULLSHIT COMES NOW

With only config files changed, the same binary uploaded we get rejected? What now? Lets read it. “Metadata rejected, no need to upload new binary”.... oh fine only the store page is wrong? Easy. Read the message, what went wrong. “Referencing third party content is nit permitted on the app store” meaning that no android test device should be shown. Fine, your rules. They even send a picutre of the offending element. BUT ITS NOT EVEN ON THE STORE. THATS A SCREENSHOT OF THE APP. HOW IS THAT METADATA? I ask about this, and i get a reply, from either a bot, or a person who cant speak or read english, and only pasted a sample answer, repeating the previous message. WTF. Fine, i guess you are dumb, but since they stop replying to our queries, do the only sensible thing, re-record the offending tutorial video that actually contained an android device. This is about 2 weeks, after the first try to apply a simple patch to a broken app. And still, how did it pass the review 2 times?

Whatever, reupload again, play the waiting game for a week, when the promised average wait time is 2 days, they hit us with a message, that they want to know what patent we use in our apps core functionality. WTF WHY NOW? It didnt bother you for a month, let it release ti production and now you delay a simple patch for this? We send them what they know. Aaaaand they reply: sorry we need more time to review your app. FUUUUUUCKKK YOUUU. You are reviewing a PATCH with close to zero functional change!!! Then, this shit goes on, every week we ask about an ETA, always asking for patience... at the end it took another 3 weeks... so december 15 to jan 21 in total...

FOR. A. SINGLE. FUCKING. PATCH

Bottom line is what is infurating, apple cares that there is an android device in the tutorial video, but they dont care that a significant percentage of our users simply cannot use the app.

Im done

Hi everyone, long time no see.

Today I want to tell you a story about Linux, and its acceptance on the desktop.

Long ago I found myself a girlfriend, a wonderful woman who is an engineer too but who couldn't be further from CS. For those in the know, she absolutely despises architects. She doesn't know the size units of computers, i.e. the multiples of the byte. Breaks cables on the regular, and so on. For all intents and purposes, she's a user. She has written some code for a college project before, but she is by no means a developer.

She has seen me using Linux quite passionately for the last year or so, and a few weeks ago she got so fed up with how Windows refused to work on both her computers (on one of them literally failing to run exe's, go figure), that she allowed me to reinstall both systems, with one of them being dualbooted Windows 10 + Linux.

The computer that runs Linux is not one she uses very often, but for gaming (The Sims) it's her platform to go. On it I installed Debian KDE, for the following reasons:
- It had to be stable as I didn't want another box to maintain.
- It had to be pretty OOTB, as first impressions are crucial.
- It had to be easy to use, given her skill level.
- It had to have a GUI abstraction to apt, the KDE team built Discover which looks gorgeous.

She had the following things to say about Linux, when she went to download The Sims from a torrent (I installed qBittorrent for her iirc).

"Linux is better, there's no need to download anything"
"Still figuring things out, but I'm liking it"
"I'm scared of using Windows again, it's so laggy"
"Linux works fine, I'm becoming a Linux user"

Which you can imagine, it filled me with pride. We've done it boys. We've built a superior system that even regular users can use, if the system is set up to be user-friendly.

There are a few gripes I still have, and pitfalls I want to address. There's still too many options, users can drown in the sheer amount of distro's to choose from. For us that's extremely important but they need to have a guide there. However, don't do remote administration for them! That's even worse than Microsoft's tracking! Whenever you install Linux on someone else's computer, don't be all about efficiency, they are coming from Windows and just want it to be easy to use. I use Mate myself, but it is not the thing I would recommend to others. In other words, put your own preferences aside in favor of objective usability. You're trying to sell people on a product, not to impose your own point of view. Dualboot with Windows is fine, gaming still sucks on Linux for the most part. Lots of people don't have their games on Steam. CAD software and such is still nonexistent (OpenSCAD is very interesting but don't tell me it's user-friendly). People are familiar with Windows. If you were to be swimming for the first time in the deep water, would you go without aids? I don't think so.

So, Linux can be shown and be actually usable by regular people. Just pitch it in the right way.

Useless feature I've built?

Too many to mention. Here's #25.

Modified an existing "Are you sure..?" dialog pop-up (Yes/No buttons) to Yes/No/Cancel. Why? Managers claimed users were "accidentally" clicking 'Yes' when they should have clicked 'No' and causing all kinds of chaos, costing the company money, etc. Managers believed giving the user two chances instead of one would make it easier to avoid the problems they caused.

The meeting:
Me: "Users can click 'No', hit the 'Esc' key, or click the close 'X' button on the window, how will an extra button make it more foolproof?"
Mgr1: "It just will. Andy accidentally deleted inventory and when I asked him if an extra button would have saved them a days worth of re-counts, he said yes."
Mgr2: "Barb accidentally credited a customer $1,500. She promised me she clicked 'No', but the system credited the account anyway. An extra button would have saved us thousands of dollars!"
Me: "Um...these sound like training issues, not an extra button issue."
MyMgr: "PaperTrail, how hard is it to add an extra button?"
Dev1: "Oh yea, adding buttons is easy."
Dev2: "I can do it 5 minutes"
Dev3: "We'll save the company thousands and thousands of dollars!"
<lots of head-knodding and smiles>
MyMgr: "That settles it. PaperTrail, add the extra button!"

Users still screwed things up, but at least they couldn't blame it on not having an extra button.

The situation right now:

Our client: full of legacy desktop solutions that always ran inside a VPN, but wanting to modernize the system and migrate to be hosted in the cloud.

Our first project with them: Frontend built with Angular, backend in a serverless model, all with GraphQL and heavily tested to assure quality. The system is mostly an internal software for management, but the backed may receive data from an App.

The problem: all management users have weak passwords (like "12345", "password", or their first name).

The solution: restrict our system to be accessible only inside the VPN

The new problem: how the mobile app will send data to our backend?

The new solution: Let's duplicate the backend, one public and the other private. The public one will accept only a few GraphQL operations.

------

This could be avoided if the passwords weren't so easily deductible

A conversation that me and my boss had this week:
Boss: "Hey, why is this not progressing"
Arcsector: - "We're waiting on system users to move their destinations"
"We need the system in the database in order to move it"
- "Okay awesome - let's move it, oh wait, I can't do it because I don't have access, here's the stuff that needs to be done: a, b, and c"
"Oh I'm actually not able to help with that"
- "So then how are we supposed to get it done?"
"idk but also this other issue is something missions are complaining about"
- "oh I already am talking to them about it and it should be remedied by the team creating the problem because it's a false positive"
"Well we need to solve it still"
- "We would've solved it already but it has dependencies with other projects that we're still working on because we don't have enough people"
"We cant get you more people because we don't have the budget"
- "Then this stuff will have to wait"
"Get it done"

ACTUALLY SCREAMING! Why cant people understand that there are conesequences for their actions??!!

I HATE SVN! >:v v:< >:v v:< :@

I used to use git for my personal code repositories and for my work. In the office I moved on, they use Subversion. I’ve been using it for months, but it’s a pain in the ass :/

We use TortoiseSVN to pull code repositories, and the AnhkSVN for Visual Studio Plugin. It works fine until two or more of us have to work at the same code project at the same time.

Last week we had a very VERY urgent code to release. We had 4 days to finish it (from thursday to sunday, tests included). We had few changes to do, but the problem was that, when one dev commited something, my changes disappeared, and viceversa. The worst part was that my partners and I had to re-work a lot of bugs that we had already fixed! >:v

This is not the first time this happens :/

The worst thing is that we cannot change our repository system because we don’t have time :(

Is there any advice you, SVN users, can give us?

TeamLeader: I need you to stop disagreeing with the decision of the management, the people in there are taking their decision for a reason.

IHateForALiving: When integration tests were failing, the management decided to comment out the ingration tests; god knows how many bugs slipped by.
When users had problems with the idiotic migration process the management designed, the management decided to remove down migrations; it took two weeks before the QA team started screaming, as all their machines were filled with garbage data.
I was writing type definitions for my code, you removed it. You effectively ensured the only person capable of working on that particular piece of code would be me.
I have been proposing for 8 months to make a unified scheduled jobs system, you all decided to create at least 5 different -and incompatible- implementations, at least 4 of them are total garbage with setTimeout, there's no way to ever unify them and God willing they never break, if they do there's NO WAY to find out even where tf they're hidden in the code.
Every time you were making one of those bad decision I was the only one warning you of the problems you were creating. The idiotic change of the day is going MongoDB+Angular: I can keep a low profile if you want, but when this blows up you can be damn well sure I'll handle my 2 weeks notice because there's no way on earth I'll be stuck with the aftermath of you lot taking technical decisions you are clearly unable to manage.

Watch out for these fucking bug bounty idiots.

Some time back I got an email from one shortly after making a website live. Didn't find anything major and just ran a simple tool that can suggest security improvements simply loading the landing page for the site.

Might be useful for some people but not so much for me.

It's the same kind of security tool you can search for, run it and it mostly just checks things like HTTP headers. A harmless surface test. Was nice, polite and didn't demand anything but linked to their profile where you can give them some rep on a system that gamifies security bug hunting.

It's rendering services without being asked like when someone washes your windscreen while stopped at traffic but no demands and no real harm done. Spammed.

I had another one recently though that was a total disgrace.

"I'm a web security Analyst. My Job is to do penetration testing in websites to make them secure."
"While testing your site I found some critical vulnerabilities (bugs) in your site which need to be mitigated."
"If you have a bug bounty program, kindly let me know where I should report those issues."
"Waiting for response."

It immediately stands out that this person is asking for pay before disclosing vulnerabilities but this ends up being stupid on so many other levels.

The second thing that stands out is that he says he's doing a penetration test. This is illegal in most major countries. Even attempting to penetrate a system without consent is illegal.

In many cases if it's trivial or safe no harm no foul but in this case I take a look at what he's sending and he's really trying to hack the site. Sending all kinds of junk data and sending things to try to inject that if they did get through could cause damage or provide sensitive data such as trying SQL injects to get user data.

It doesn't matter the intent it's breaking criminal law and when there's the potential for damages that's serious.

It cannot be understated how unprofessional this is. Irrespective of intent, being a self proclaimed "whitehat" or "ethical hacker" if they test this on a site and some of the commands they sent my way had worked then that would have been a data breach.

These weren't commands to see if something was possible, they were commands to extract data. If some random person from Pakistan extracts sensitive data then that's a breach that has to be reported and disclosed to users with the potential for fines and other consequences.

The sad thing is looking at the logs he's doing it all manually. Copying and pasting extremely specific snippets into all the input boxes of hacked with nothing to do with the stack in use. He can't get that many hits that way.

An adult cam website I worked on as freelancer had/has this code everywhere:
$user = $_POST['usr'];
$pass = $_POST['pwd'];
$row = $db->query ("SELECT * FROM users where username='".$user."' AND password='".$pass."' COUNT 1);

I was hired to add new features and was touch any other parts of the code. When my job was done, I tried to fix those as a good samaritan but the client thought I was messing with the system or should be thing of new features to add. So I got fired.

5 years later, I check out of curiosity and they are still there. I ask him again if I can work on them for a little less pay(I'm broke) and he doesn't reply. What a douche. I hope his site receives a shot of SQLi from a customer.

What kind of person doesn’t install Windows 10 for a free pre-installation of Candy Crush Soda Saga thrown into the mix? I really enjoy it when my Operating System comes preloaded with bullshit. It’s almost as if I’m losing rights to choose what I want installed on my operating system. It’s really enjoyable when Candy Crush Soda Saga appears in the background in task manager despite never opening this “””game”””. I find it amazing that after building such a powerful computer I can know that my fast 16gb ram is being used to keep bloatware running in the background. Every night I dream of the people who buy new computers with a fresh copy of Windows 10 pre-installed on it to find it has a copy of Candy Crush Soda Saga already waiting to be played! The joy and tears that must come to such a persons eye to know that Bill Gates was kind enough to bless the world with every middle-aged persons favourite game, Candy Crush Soda Saga, to be the first app that appears on their start menu. The thoughts running through every developers mind at Microsoft as they pre-load a copy of Candy Crush Soda Saga onto every copy of Windows 10. They must really feel alive and definitely would not consider doing anything else for a living but copying the files of Candy Crush Soda Saga across onto Official Windows 10 Installations. The rush of blood into their mind as they know that thousands, if not millions, of users from around the world open their brand new computer for the first time to see that King managed to bribe Microsoft with more money that you’ll ever get your hands onto into making them add a free copy of Candy Crush Soda Saga onto their computer. As thousands of those users move their mouse over this work of art, right click it and press uninstall without a second of doubt in their mind, rendering Kings investment to be a waste of time, money and effort. This is a story we will tell for generations and generations in the future of how the worlds most popular Operating System was not preloaded with a free copy of McAfee, but instead a copy of Candy Crush Soda Saga for the entire world to rejoice. Good day to you all.

If you discount all the usual sql injections the most blatant was not our but a system one customer switched to after complaining over cost.

The new system was a bit more bare bones featurewize but the real gem was the profile page for their customers.

The only security was an id param pointing to the users primary key, which was an auto incrementing integer :)

And not only could you access all customer data but you could change it to.

But since the new system was built by their it chief’s son we realized it was not much we could do.

Well, the system is offline, links are broken and users are complaining! Developer, what did you do?

After some digging around the designer made a "simple change" to a csv file, add a column to include the image file name of each item...

I mean, it just shifted ALL THE COLUMNS in a csv file but what could go wrong? 🤦‍♂️

And this, ladies and gentlemen, is why you need properly tested backups!

TL;DR: user blocked on old gitlab instance cascade deleted all projects the user was set as owner.

So, at my customer, collegue "j" reviews gitlab users and groups, notices an user who left the organisation
"j" : ill block this user
> "j" blocks user
> minutes pass away, working, minding our own business
> a wild team devops leader "k" appears
k: where are all the git projects?
> waitwut?.jpg
> k: yeah all git projects where user was owner of, are deleted
> j.feeling.despair() ; me.feeling.despair();
> checks logs on server, notices it cascade deletes all projects to that user
> lmgt log line
> is a bugreport reported 3(!) years ago
> gitlab hasnt been updated since 3 years
> gitlab system owner is not present, backup contact doesnt know shit about it
> i investigate further, no daily backup cron tasks, no backup has been made whatsoever.
> only 'backups' are on file system level, trying to restore those
> gitlab requires restore of postgres db
> backup does not contain postgres since the backup product does not support that (wtf???)
> fubar.scene
> filesystem restore finished...
> backup product did not back up all files from git tree, like none of refs were stored since the product cannot handle such filenames .. Git repo's completely broken

Fuck my life

So this was going to be a comment but damn!!!!

Windows is seriously about making life harder for power users now, every fucking update lately is moving more easy to change things and fucking hiding them inside hidden menus or stupid links that don’t make sense. I mean fuck I just want to turn on dual screen with my laptop (because for some bizarre reason, just showing the desktop on the plugged in monitor is so hard to do automatically, especially since I just plugged a hdmi cable in) and the fucker was gone with nothing but a “detect screens” button before it would use an external screen.

Fuck I’m so close to pulling the plug on windows, but Linux just doesn’t sell me for daily use (yet... it’s getting there though)

The fucking forced updates (yes I consider a random bsod due to a system interrupt, then as it reboots magically has updates awaiting... a forced update) are starting to get to me, the fucking thing half crashing and not responding due to a network transfer of files (the fucker was 5GB)

If it wasn’t for my gaming needs and someone can show me a very good alternative to MS Visio (I haven’t really found one yet) then I would swap over and just adjust to the not so great (imo) desktop environments.

That moment when you work the whole day to write a discord bot from scratch. No discord.py and other wrappers. Pure websockets, oauth2, https, json loads here and there. Understanding how the discord API works was a real challenge, but I did it :).
Most of my time was spent on discord's gateway connection and identification system.

The bot can renew its token, get all the guilds it is part of, all the channels and users of these guilds, send message and communicate with the gateway.

Tomorrow I will start connecting it to a voice channel and let it "speak". Thinking of combining text-to-speech with it, but I am not sure how well they are going to harmonize together.

NO FUCKING GOOD NIGHT FOR FLOYD.

THIS MULTI FACTOR AUTHENTICATION IS A FUCKING NIGHTMARE.

So my organisation uses some MFA app as an SSO to access any and everything. Fantastic. Absolutely wonderful. No VPN shit and one password to rule them all.

But, for some reason I accidentally deleted the app from my phone and as any normal human being would do, I also reinstalled the app.

Well, post reinstalling, the app does not detect the linked Org account.

I was cool, when I'll login, the system will throw a prompt to map the phone.

So I login to org URL from my machine and lo and behold, the URL says that MFA is already linked to the phone and I have to enter the Citrix type code to login.

But phone does not show the code because account is no longer linked and web does not have option to change/re-register the phone.

What the actual unholy fuck?????? Bloody retards. How am I suppose to get in now?

So after a Googling for a bit, a thread mentioned that this is most common issue faced by users with this MFA app. The only way to get this resolved is to contact your IT team.

Cool. Let's do that.

I opened the link to my IT portal and it asks me to login via SSO which is what I need help with in first place.

I can't login to Slack because fuckers ask SSO every time the app is exited. So no contact there.

Thankfully bastards allow Outlook so was able to drop a note to one of my team member, whom I connected recently and is very nice, asking her to help me sort this IT team.

If this is the most common use case then why the fuck not add a feature to help people overcome this shit?

And my IT team is absolute nuts. No other way allowed to reset the linking or connect them or any help links provided on login page.

Whoever was behind this design should be dipped in donkey shit and deep fried in pig urine.

[YYYY]-[MM]-[DD] or [DD]-[MM]-[YYYY]

Across all dashboards and clients we have in current company you'll find one of the above,
Every developer who ever worked on part of the system have chosen either one..

So it's a total mess,
In an attempt to standard all date formats across all our clients I setup a Slack poll,

And guess which one is winning by more than 2x votes!!
[DD]-[MM]-[YYYY] !!!

And here I thought ISO-8601 is enough reason,
But apparently not!

They say our users are more familiar with the other one,,,

It seems main problem is with the education system of this country,
That's how they were thought in schools,

So... FUCK WORLD'S STANDARDS

Gaming community of mine launched their slick new website with their new "ticket system" where people could put in tickets to get help by volunteers.

2 hours and an approval by one of the admins later I managed to inject forge http request into literally every form on that side. Modify permissions, delete users, edit tickets, put invalid values into every attribute of them... In other words break everything.
Turns out the whole thing was coded as a first time project by a person who has no clue about web development and noone is in charge of anything really. There are no requirements, no beta testing, no version control or backups, but at least they had a hard deadline. 🤣

Still not sure if I wanna fix their shit and do it properly or just enjoy seeing it crash and burn.

a small local social network i made around 2008 as a replacement for the original which the owner closed down.

i missed the people from there, so it motivated me to make a replacement in a week, while learning html+php+mysql+js.

it worked for about 3 years and i redid it from scratch 3 times as i gradually learned more.

it was cool to be basically a host of a community i've come to like in the years before, and it was basically the only project i felt, really felt, had meaning, a point. people were grateful that i made a replacement for the original closed-down site, and i was grateful that they were using it and that i could keep talking to all of them on it.

at the height of its popularity it had about 1500 registered accounts, 150 daily logged in ones, and about 30-40 very active ones.

it was also the place where i went to implement all the cool stuff i learned and came up with.

it had a pretty cool questionnaire creator (originally just a test of how deppressed users are, but then i thought "why not let people make their own tests/questionnaires?"), which tracked people's results over time and showed them on a cool interactive flash-based chart.

also a whole forum system made from scratch, wysiwyg article editor, later seamlessly integrated admin controls for those who had privileges, like, not a separate admin ui, but the admin buttons right on the site, later even a realtime chat persistent across page reloads where you could put special links which, on click, would highlight site elements/buttons, or even complete step-by-step path to them if it was more clicks. would highlight the first step, after clicking would then highlight the second one, and so on...

it was pretty cool stuff for 2008, and afaik it basically landed me my first two full-time jobs with almost no actual job interview, basically just "we looked at the site, interesting stuff, tell us how you did x and y and z on it, okay, hired"

back then i kinda felt i have a bright future ahead of me =D

I understand now! I keep getting ++ on rants I wrote forever ago, and I finally understand the formula to become devrant famous:

1. Pick something that is mildly annoying and at least mildly tech related. For best reception, it should be something widespread, uncustomizable (and or difficult to customize so nobody does), and just mildly annoying so it's not too over played.

2. Post a long form rant, using almost the entire character limit to make this one, insignificant annoyance into a much bigger issue than it is. This is how the mainstream media does it, this is what the people want!!!!!

3. Somehow find a way to shift the blame onto one of the following groups: Microsoft, apple, arch, arch fanboys, arch haters, users, management, the fundamental laws of physics that allow computers to function, or in a worst case scenario start a flamewar (emacs sucks; arch is the best operating system; micro$hit; it's just Linux, if they wanted to call an OS GNU, they would finish fucking Hurd; etc. It's almost too easy)

4. Sit back and wait. You're now internet famous in a tiny portion of the internet. Congratulations. You've made it.

This rings true even if the customer is internal. Built a feature and provided documentation on how to use it and one of the end users still used it wrong.

It was a simple validation process too. Input the member ID then click validate, the app then checks if the person is in the system and fills in some other fields and does some other backend stuff. How could you get that wrong?! 🤔

Microsoft Teams can burn.

Who the fuck thought it would be an excellent workflow, when you want to COLLABORATE IN TEAMS between users in different domains, that each sorry bastard needs to manually log in to a second Teams tenant and loose all the context from their main Teams tenant !?

On random occasions the fucking authentication token expires. I send messages to my team mate in another domain. Three days later I am pissed off because they don't answer. It turns out their authentication token has expired so when they are on their main tenant they don't get any notifications before they manually log in to our tenant as a guest. HOW FUCKING GREAT IS THAT AS A NOTIFICATION SYSTEM ??!

Would it be that fucking difficult to maintain a notification bar with all tenants and note with an exclamation mark or something REALLY FUCKING SIMPLE to hint about an expired token ? It's not like this is magic, Slack does it already.

FUCK !

Linux is hard to learn and master. That's fine with me. Windows is intuitive, but not user-friendly. Linux has a steep learning curve, but then is far more user-friendly than any other operating system. To me, that steep learning curve was far more than worth it, as I now have a desktop that does whatever I want, and behaves exactly as I want.

People come to Linux hoping that it will be easy to pick up, and then get angry when it isn't. Then they claim that the community is toxic, because Linux users are happy with something they think is broken.

Linux is hard to learn, and that's fine. That's valuable, to me. That's part of the appeal to me(and millions of others). Linux is unforgiving when you lack the knowledge gained in that steep learning curve. That's fine with me too. As its userbase grows, so too does the number of knowledgeable people who work to make it better and invent more amazing things for it.

If Linux was easy to learn, it wouldn't be as good as it is, and to me, that's reason enough to love it.

Glad someone is suing them. Why the fuck would apple treat devs like shit. Why do you want 30% of every penny I make? Then why the fuck do I have to pay you $100 every year? And what about not allowing me to choose my own payment system? Some are understandable but you still can't threaten to remove app from store if the dev don't want to do what's profitable for you.

So many examples of victims - Hey, Spotify and there's a ton of independent devs out there who have been exploited so far.

Your platform is attractive to users because of those thousands of devs who build apps despite your greedy policies, so fucking treat them with respect.

Got pulled out of bed at 6 am again this morning, our VMs were acting up again. Not booting, running extremely slow, high disk usage, etc.

This was the 6 time in as many weeks this happened. And always the marching orders were the same. Find the bug, smash the bug, get it working with the least effort. I've dumped hundreds of hours maintaining this broken shitheap of a system, putting off other duties to keep mission critical stations running.

The culprits? Scummy consultants, Windows 10 1709, and Citrix Studio.

Xen Server performed well enough, likely due to its open source origins and Centos architecture.

Whelp. DasSeahawks was good and pissed. Nothing like getting rousted out of bed after a few scant hours rest for patching the same broken system.

DasSeahawks lost his temper. Things went flying. Exorcists were dispatched and promptly eaten.

Enough. No consultants, no analysts, and no experts touched it. No phone calls, no manuals, not even a google search. Just a very pissed admin and his minion declaring blitzkrieg.

We made our game plan, moved the users out, smoked our cigs, chugged monster, and queued a gnu-metal playlist on spotify.

Then we took a wrecking ball to the whole setup. User docs were saved, all else was rm -r * && shred && summon -u Poseidon -beast Land_Cracken.

Started at 3pm and finished just after midnight. Rebuilt all the vms with RDP, murdered citrix studio (and their bullshit licenses), completely blocked Windows 10 updates after 1607, and load balanced the network.

So what do we get when all the experts are fired? Stabbed lightning. VMs boot in less than 10 seconds, apps open instantly, and server resources are half their previous usage state. My VMs are now the fastest stations in our complex, as they should be.

Next to do: install our mxgpu, script up snapshots and heartbeat, destroy Windows ads/telemetry, and setup PDQ. damn its good to be good!

What i learned --> never allow testing to go to production, consultants will fuck up your shit for a buck, and vendors are half as reliable over consultants. Windows works great without Microsoft, thin clients are overpriced, and getting pissed gets things done.

This my friends, is why admins are assholes.

Me: I’m gonna make it so the users can access the locations for 30days.
Boss: wtf? U dumb? Do you know how valuable that data is, dont fucking put a limit

Me: *listening 10minutes of him ranting how that’s the stupidest idea he’s heard all day*

Boss:why would you want to do that anyways like wtf?

Me: storage optimization

Boss: 😂😂😂😂😂😂😂😂😂 wtf r u like a idiot or smthng.

My head: nah I’m done, I’m about to roast this guy with my numbers*
Me: every single minute 40k rows of data come in from just ONE☝️ CLIENT.....AND THATS HOW, EVEN IF WE ADD THAT FUCKING 2 YEAR LIMIT WE WOULD BE HOSTING 5 FUCKING PETABYTES OF DATA FOR JUST ONE CLIENT, not including other shits, this is only for heatmaps. And imagine changing all of that database system in the future, that would require going threw so much databases and pages, this ain’t just like changing one number and bam less storage space.

Boss: Ok, add that 2 year limit, later we will sort this out.

My brain: *omg, now that I know these numbers how will I ever fall asleep😦*

Step 1: Download archlinux.iso
Step 2: realise your worthlessness
Step 3: Newborn awe for arch users.
Step 4: Ubuntu????

Just kidding though. Not giving up till system breaks atleast 7 times..😑

"It works on our end", the sentence that made me lose my shit.

I've been working on a project were we're supposed to integrate an API into our system.

When trying to get some user id's (UUID) from said API, we got a type-error in the response (???), so I called their integration support and asked what the fuck they were doing (not really, i was kinda calm at this point).

The answer I got was following:

Integration guy: "Uh, bro, like, I don't even know, it's probably on your end"

Me: "We literally used this endpoint with the same parameters yesterday, and got a result we expected. I noticed you updated your API this morning, did you make any major changes?"

Integration guy: "Yeah we changed the type of user id from string to number"

Me: "So, you changed the type of a UUID (uuid4) from string to number? How did you not think that would be an issue? I can see in your forums that everyone else is having the same issue."

Integration guy: "Nah, it's probably a bug in your code, it works on our end"

Me in my mind: *IT WORKS ON YOUR END?!? IT DOESN'T FUCKING MATTER IF IT WORKS ON YOUR END, FUCKTARD.*

What I actually said: "Uhm, I'm not sure if works on your end either, I'm not even sure how this change made it to production. But hey, thanks I guess, bye."

WHY AM I NOT ABLE TO YELL AT PEOPLE WHEN THEY ARE BEING RETARDED???

But really though, when you're maintaining an API, you shouldn't fucking care if things work on your end in your dev environment. What matters is how it works in production, for the end user/users.

And I know that 99% of cases it's the users fault by entering the wrong parameters or trying to request with wrongly setup auth and what not, but still.

Don't ASSUME nothing's wrong on your end. It's your fucking job to fix the issues.

And guess what? The problem was on their side.
I'm going fucking bald.

Well today we got to test our system to the extreme and I'm pleased to say it passed. Major power surge followed by a black out. UPS for all networking and servers kicked in without missing a beat and the standby generator outside about 45 seconds later. After explaining to users how to turn on their computer (😑), we were able to get everyone working again in about 5 minutes. Lasted three hours without power from the grid without any client downtime

So today i got a call log from some users saying that they have "lost" the print page button when we made them switch from IE to Chrome, and I need to put the functionality back for chrome, after checking to see what print button they were talking about, because our system didint have the function to begin with, i realised they were talking about the print button on the IE toolbar that did not appear in chrome :/. The dev team had a good laugh afterwords.

SQL Rule 1. Always assume there are external processes that might affect your data. (for instance, triggers).
SQL Rule 2. In Denormalised data, never execute logic on dependant table values, always copy from the parent.
SQL Rule 3. When Denormalised data schemas are created the DBA knows what they are doing.
SQL Rule 3.1. If DBA knows what they is doing then according to Rule 1 there is no problem with adding in some triggers to maintain data clones as they are created.
SQL Rule 4. If you don't like or agree with triggers, deal with it. They are a first class tool in a first class RDBMS. In a multi-app or service environment there may be many other external processes massaging your data
SQL Rule 5. If all previous rules are not broken and the system has been running efficiently for many years DO NOT complain that there are triggers in the database that are doing and have been doing the same process that you just butchered (by violating Rule 1 and 2) in your makeshift "hello world, look what I can do from my phone" angular BS when the rest of the users are still relying on the existing runtime app.
SQL Rule 6. If you turn my triggers off, you sure as hell better turn them back on!

Designer reporting a UI/Design related bug:

I noticed the wrong colour is being used on screen X. It should be xxxxx. Its imperative that we fix this, as it destroys the entire design motif. Our colour scheme draws influence from the ancient Mayans. They were relentless in their pursuit of excellence, whether it be their temples, their sophisticated writing system, their complex calendars, or their advanced mathematics.They sought immortality through their work, as do we with ours. Users will become lost in our onboarding unless we harmonise the flow, the slightest deviation could be catastrophic. Please fix this as priority 1, to avoid running the balance of the app

Designer reporting a technical bug:

Oh yeah, app crashed last week. Not sure what I was doing, maybe look into that

Reasons why I hate the hospital I work for...

1. NO fucking budget, for fuck sakes our telecom system is still running Merlin Magix. (I’ve been working on getting the trunk and everything to at least push FreePBX out... Configuration configuration.) but, that requires a decent server to host said system... But guess what? We’ve still got a few servers online that are running server 2012 r2. NO FUCKING BUDGET.

2. Training. They don’t have the budget to send me to training, but the doctors here are rolling in Mercedes... Must be fucking nice.

3. I have 5 f-I-v-e job descriptions. I’m a bio medical technician, network admin, system admin, programmer, and help desk... I fucked up allowing them to know I program.

4. On call 365 days a year. That’s nice and all, but when I’ve got shit to do and the nearest Walmart is an hour away I don’t want a call from Louis “oh the printer has a jam” FUCK OFF LOUIS! Get the paper out, we’ve been over this, I believe in you!

5. Some of the FUCKING (l)users.... You wouldn’t imagine some of the calls I receive, some of my favorite being late late “Hey *anonyops* I know it’s late but we’re needing a chair moved from one room to the other.” FUCK YOU YOU CHEEKY FUCKING CUNT.

The only reason I’m still here is my direct supervisor and a hand full of people that I’ve grown to love. Also, because any computer related job here is either outsourced or filled by a YouTubing god. - reason 1 why I started my own business. Supply and demand.

Rural Kansas Hospitals = shit, inb4 thanks —insert president to blame—

You build a system to integrate into an API to save the client hours of data-entry per day and reducing the number of fields needed to be filled manually by 75% and querying for the rest of the data and filling in the blanks. It took weeks of building and researching and bug fixing and when you're finally done the client looks at you unimpressed.

The same client gets a small piece of js that gets users location(by ip address) and uses it to customize a hello message on the home page and they think 'yer a wizard, Harry!' and jump for joy over the "cool factor" of this simple hack.

In the course of our development, one day we switched to a different, more elegant bootstrap theme. One of our users called me to appreciate the improvement. He said, the new firmware on the system looks great.

In the spirit of Thanksgiving, to @dfox, @trogus: Thanks for creating a social media Web site which is actually tolerable, possibly even good. To the other users of this Web site: Thanks for not fucking up this actually-tolerable social media Web site.
Keep up the good work.

On a different note, _Deus Ex_ is by far my favourite video game. However, OpenBSD, which is my favourite operating system, does not support playing _Deus Ex_; as such, I was forced to improvise.
I own a few servers which run Ubuntu Linux, which can run VirtualBox, which can run Microsoft Windows XP, which can play _Deus Ex_. As such, I relocated my copy of Windows XP and spun up a new virtual machine, installing the operating system and the video game. After some minor hiccups, _Deus Ex_ was played without any difficulties, aside from the lack of audio, which resulted from having used VNC to access the virtual machine.
This set-up is janky, for I access the game by connecting via VNC to an Ubuntu installation which runs a virtual installation of Microsoft Windows... which runs _Deus Ex_ in windowed mode; however, I find that using this janky set-up is preferable to not being able to play _Deus Ex_.

On an even _more_ different note, future rants may be written in the third person; possibly as a result of having written briefings and whatnot in the third person for nearly two (2) decades and disliking pronouns, I dislike writing in the first person. I shall still be the author of the rants which are posted to this account.

Just another big rant story full of WTFs and completely true.

The company I work for atm is like the landlord for a big german city. We build houses and flats and rent them to normal people, just that we want to be very cheap and most nearly all our tenants are jobless.
So the company hired a lot of software-dev-companies to manage everything.

The company I want to talk about is "ABI...", a 40-man big software company. ABI sold us different software, e.g. a datawarehouse for our ERP System they "invented" for 300K or the software we talk about today: a document management system. It has workflows, a 100 year-save archive system, a history feature etc.
The software itself, called ELO (you can google it if you want) is a component based software in which every company that is a "partner" can develop things into, like ABI did for our company.

Since 2013 we pay ABI 150€ / hour (most of the time it feels like 300€ / hour, because if you want something done from a dev from ABI you first have to talk to the project manager of him and of course pay him too). They did thousand of hours in all that years for my company.

In 2017 they started to talk about a module in ELO called Invoice-Module. With that you can manage all your paper invoices digital, like scan that piece of paper, then OCR it, then fill formular data, add data and at the end you can send it to the ERP system automatically and we can pay the invoice automatically. "Digitization" is the key word.

After 1.5 years of project planning and a 3 month test phase, we talked to them and decided to go live at 01.01.2019. We are talking about already ~ 200 hours planning and work just from ABI for this (do the math. No. Please dont...).

I joined my actual company in October 2018 and I should "just overview" the project a bit, I mean, hey, they planned it since 1.5 years - how bad can it be, right?

In the first week of 2019 we found 25 bugs and users reporting around 50 feature requests, around 30 of them of such high need that they can't do their daily work with the invoices like they did before without ELO.
In the first three weeks of 2019 we where around 70 bugs deep, 20 of them fixed, with nearly 70 feature requests, 5 done. Around 10 bugs where so high, that the complete system would not work any more if they dont get fixed.

Want examples?
- Delete a Invoice (right click -> delete, no super deep hiding menu), and the server crashed until someone restarts it.
- missing dropdown of tax rate, everything was 19% (in germany 99,9% of all invoices are 19%, 7% or 0%).

But the biggest thing was, that the complete webservice send to ERP wasn't even finished in the code.
So that means we had around 600 invoices to pay with nearly 300.000€ of cash in the first 3 weeks and we couldn't even pay 1 cent - as a urban company!

Shortly after receiving and starting to discussing this high prio request with ABI the project manager of my assigned dev told me he will be gone the next day. He is getting married. And honeymoon. 1 Week. So: Wish him luck, when will his replacement here?

Deep breath.
Deep breath.

There was no replacement. They just had 1 developer. As a 40-people-software-house they had exactly one developer which knows ELO, which they sold to A LOT of companies.

He came back, 1 week gone, we asked for a meeting, they told us "oh, he is now in other ELO projects planned, we can offer you time from him in 4 weeks earliest".

To cut a long story short (it's to late for that, right?) we fought around 3 month with ABI to even rescue this project in any thinkable way. The solution mid February was, that I (software dev) would visit crash courses in ELO to be the second developer ABI didnt had, even without working for ABI....

Now its may and we decided to cut strings with ABI in ELO and switch to a new company who knows ELO. There where around 10 meetings on CEO-level to make this a "good" cut and not a bad cut, because we can't afford to scare them (think about the 300K tool they sold us...).

01.06.2019 we should start with the new company. 2 days before I found out, by accident, that there was a password on the project file on the server for one of the ELO services. I called my boss and my CEO. No one knows anything about it. I found out, that ABI sneaked into this folder, while working on another thing a week ago, and set this password to lock us out. OF OUR OWN FCKING FILE.
Without this password we are not able to fix any bug, develop any feature or even change an image within ELO, regardless, that we paid thausend of hours for that.

When we asked ABI about this, his CEO told us, it is "their property" and they will not remove it.
When I asked my CEO about it, they told me to do nothing, we can't scare them, we need them for the 300K tool.

No punt.
No finish.

Just the project file with a password still there today

I've noticed something funny about linux-users.
There always seem to be 2 big groups.
1. Are contempt with using stock Ubuntu/Debian/Fedora and usually don't know much about, how their OS works on the inside.
2. Work their way through every part of their system and complain, that arch or gentoo arent customisable enough

This is the last part of the series
(3 of 3) Credentials everywhere; like literally.

I worked for a company that made an authentication system. In a way it was ahead of it's time as it was an attempt at single sign on before we had industry standards but it was not something that had not been done before.

This security system targeted 3rd party websites. Here is where it went wrong. There was a "save" implementation where users where redirected to the authentication system and back.

However for fear of being to hard to implement they made a second method that simply required the third party site to put up a login form on their site and push the input on to the endpoint of the authentication system. This method was provided with sample code and the only solution that was ever pushed.

So users where trained to leave their credentials wherever they saw the products logo; awesome candidates for phishing. Most of the sites didn't have TLS/SSL. And the system stored the password as pain text right next to the email and birth date making the incompetence complete.

The reason for plain text password was so people could recover there password. Like just call the company convincingly frustrated and you can get them to send you the password.

A dev adds a nice range of categories that content creators can select from. Users get a neat filtering system to restrict the unwanted content.

And then...! People post everything in default category.

First rant, technically a sysadmin but getting into the nitty-gritty of programming with some things to improve my job (and hopefully moving into something more technical).

Have been doing a paid internship at my utility company. I do patch management with SCCM and sometimes the updates break. I've been using Powershell to reset the Windows update cache to make the computers work again. Unfortunately, this sometimes involves logging into machines to do some manual work and I have to notify users before I log in if they're already logged in.

Scripts can be run silently but I've spent a few weeks trying to automatically retry Software Center updates with Powershell … before realizing just today that the system center action "Application Deployment Evaluation Cycle" does indeed do the thing I've been attempting to do with Powershell for weeks now.

Wish me luck as I automate that part of the process and completely automate the sole job they gave me to do. Don't tell on me!

Discovered pro tip of my life :
Never trust your code

Achievements unlocked :
Successfully running C++ GPU accelerated offscreen rendering engine with texture loading code having faulty validation bug over a year on production for more than 1.5M daily Android active users without any issues.

History : Recently I was writing a new rendering engineering that uses our GPU pipeline engine.. and our prototype android app benchmark test always fails with black rendering frame detection assertion.

Practice:
Spend more than a month to debug a GPU pipeline system based on directed acyclic graph based rendering algorithm.

New abilities added :
Able to debug OpenGL ES code on Android using print statement placed in source code using binary search.

But why?
I was aware of the issue over a month and just ignored it thinking it's a driver bug in my android device.. but when the api was used by one of Android dev, he reported the same issue. In the same day at night 2:59AM ....

Satan came to me and told me that " ok listen man, here is what I am gonna do with you today, your new code will be going production in a week, and the renderer will give you just one black frame after random time, and after today 3AM, your code will not show GL Errors if you debug or trace. Buhahahaha ahhaha haahha..... Puffff"

And he was gone..
Thanks satan for not killing me.. I will not trust stable production code anymore enevn though every line is documented and peer reviewed.

I have a VP constantly harassing my people about some reports that we need to do as per federal law.

The thing is, these live inside of such system that I get to see exactly how many "hits" they get on a yearly basis. The only traffic we have on those sections is of people going ahead and putting the information from our reports there.

That's it, literally. Our user base does not go there. Federal agencies do not go there. No one gives two blips of shit about those sections. Yet she continuously acts like they are the most important thing in the fucking world. To make it better, I was told not to generate actual analytical data from said reports, since people with PHDs will come down on me to ask me who the fuck do I think I am from gauging them with such systems. So shit is a mute point on all fucking accounts.

I told my VP I can generate traffic information to let them know that shit is not really the most important thing in the fucking universe. His eyes glowed.

I don't want to see head rolls, but from staying till the next morning awake trying to give the best to our userbase, and just to be called out on shit like this as if I did not do enough for our people just.....well....it fucking hits man.

The worse part was me literally getting 30 minutes of sitting down after an all nighter, doing something for my users, to get to a meeting the next morning (I should not have driven there honestly) to hear this bitch complain about us not doing enough or not caring or whatever other bullshit she would spew.

I was livid, lack of sleep makes me dangerous. I turned to say something when my boss stopped me and took care of business. I seriously love this man. By all accounts and generational gaps a boomer, but one of the few good golden ones.

I just hate how unappreciated the realm of software development is by people that think that our shit is as simple as making a fucking powerpoint presentation.

Consolidate that with a director from another department taking all fucking glory during a major event of an application that I built by myself with 2 fucking weeks of no sleeping. And shit just gets glorious.

I have considered moving to other places, and heck, have gotten amazing offers, what with having a degree with a big fucking GPA and having the credentials of a senior, lead, full stack and manager role, the sky is the limit. But i know that if I leave then my users suffer, and I just can't fucking have that.

I have heard them speaking about doing something with X app that I built (with my department) I have even heard one of them saying "how is this made?" and a part of me hoped that it would be a good time to grab them and tell them of the field and the things that they can do. But I don't like announcing myself that way, always seemed to presumptuous, so I just smile, fuck yeah, my users are doing their thing with what I built to better their lives, what more can I have?

I have gotten criticisms from them, one recognized me, told me about his pain points and how it makes it hard for him to do what he must. Getting the data from the user base in an effort to make shit better for them drives me, my challenge being "how about this? better eh?"

But fucking execs man, think only of themselves, not the users, they forget about the users. Much like a shitty rock band forgetting about the music, about the fans.

I can't let that slide. But this fucking field. I sometimes fucking hate it, and I hate it because of the normies that don't understand and do not want to understand.

I do way too much, my guys do way too much and all I want is for the recognition to go to them. They do not need the ego boost, but to see my guys sitting in a meeting in which some dumb fuck is trying to drill us for taking to long, not doing something and what not, it fucking pisses me off. As their boss I always stand up and tell bitches off, but instead of learning, the bitches just keep pressing on their already defeated points.

Everything in human life gets fucking erradicated by: humans. People really do fucking suck.

I sometimes wish to go back, redo my diesel tech license and just work there, where I think one would be better of talking to an engine. But no, even then you get people, you have to interact with people, deal with people, and I am so far up my game and in my field that starting from scratch is a fucking mute point.

Maybe I need to keep fucking with stocks, get rich and just keep investing on bullshit. Whatever the fuck it takes me from having to feel the urge to choke a motherfucker in public.

For the last week or so I've been writing a userbot for Telegram. Completely from scratch, plus Telethon to not reinvent the wheel entirely. I'm coming from the codebase of an existing userbot.

That userbot is written by a good friend of mine, who makes 6 figures, and whom I respect greatly. However the code is a steaming pile of shit. Now that is not his fault, he largely inherited that code too, tried to fix it, failed, gave up.

I am reimplementing it entirely. I'm only looking at the modules, trying to understand them, and copying over the necessary bits and changing them where necessary. But I've come across some nasty shit.

Userbots often edit existing messages from real Telegram clients. They're kind of like a login to your account, but with a program rather than a regular client. You send a message from a real client, it sees it and does whatever it needs to, and edits your message to give you feedback. Which is great.

However, there's no need to do simple string edits by importing "re". So why do you? Because you're an idiot, that's why. The old bot is based on Paperplane, which in turn is based on Telethon. Why do I see function calls to Telethon in some places and Paperplane in others? Because you're an idiot, that's why. Why does the dig module fail to even give correct answers? Because you know nothing about the DNS, that's why. And you didn't learn about RRs before implementing it.

And don't you tell me that this code is shit, and this bot is slow only when I run it on a fucking Pentium. I run this shit on an i7 and CPU isn't even the issue - memory, disk and such are. If you had any clue whatsoever about efficiency, you would've known because it's blatantly obvious. There's a reason why my machines rarely go past 5% CPU utilization. It's the fastest component in the entire fucking system.

When users come and say.. hmm this application of yours, it consumes a lot of memory. It takes a long time to do X and Y and I don't quite understand why, it seems illogical. Then maybe you should go look at your code, like you would look at yourself in the mirror. And then you fucking go fix it so that I don't have to. You're an engineer just like I am. And I am not even a dev proper - I'm a sysadmin by trade. Why should I have to fix your shit for you?

I was graced by my boss to attend a training for key users of a CRM system we resell, as a technical advisor.

The training is scheduled from 0915 - 1700
Can somebody come and kill me please?

god, I fucking hate Users. especially the ones who think that I am confused by *their* terminology for system processes, and feel the need to correct and clarify for me on email chains that needlessly cc 20 other people.

I designed the system you use every day before you were even hired; I assure you, I am not confused, and I know exactly what I'm talking about. stupid twats.

!rant
If you have software in production please have some way for a user to find some contact email (create for this reason only if needed.)

I have run into crippling bugs in huge essential systems (state dmv new system, the ticket system utility marking) which they were oblivious to until I went out of my way, like a stalker to get some contact of someone remotely related to someone I could drop this info in the lap of, and so far it was a total shock to them (the dmv system was taken offline for 3 days to resolve)

I get not wanting to run a helpdesk to support users, but give technical users some contact info ( even if you think you have full coverage analytics because, being software, it may have a bug)

/rant

Everybody is criticizing Microsoft for leaving too much legacy code in Windows, etc., but let me tell you that I prefer 100% that and have lifetime backward compatibility than having to deal with Google bullshit.

Google sucks ass.
It's one of the most dev unfriendly company on this planet (along with Facebook).

You can't fucking change BASIC stuff in Android SDK every fucking version.
You just can't!

You can't use a system of "PERMISSIONS" each developer has to set in its application and each user has to accept during the installation, that a few versions later become USELESS... because "Hmmm… no, It's not enough, let's make a new privileged permission that makes the old one fucking worthless".

YOU FUCKING, TOXIC, BASTARDS.

It's my app, my code, my device, my fucking conditions. If I want to install viruses on my device, I should be able to do it.
I shouldn't have to call fucking Sundar fucking Pichai fucking CEO of fucking GOOGLE.

USERS != BABIES.
DEVS != CRIMINALS

We are the reason you have a fucking job, fucking food on your fucking table.

I want a fucking GOD_MODE permission in the next SDK, assholes!

You can't REMOVE fucking "Android.OS.getSerial()" making it only for system apps.
It's not sensible data… and if It's in your opinion, you've already created a "android.permission.READ_PHONE_STATE", so what else do you want, fucking asshole?
Right, you want to introduce "android.permission.READ_PRIVILIGED_PHONE_STATE" to make obsolete the other one, son of a bitch!

I don't fucking use you're garbage Google Play Store, no worries! I won't upload my app on your servers, bitch!

They've created a monopoly in the industrial space (PDAs) and they keep making fucking wrong decisions every single year.

My job is already stressful, why you can't just stop making it worse? fml

I am making an LDAP user manager and porting application for my workplace.

The thing is, i made the first version of it in PHP already. Shit works fine and it without an issue.

But

I had an itch to redesign it using another tech stack that would be speedier, more tested and using a more established platform.

Enter Clojure, a Lisp dialect for the JVM. In a single day I managed to get 80% of the application done. We have about 80k users inside of our ldap system(maybe more) and I tested it with 150 accounts, so far so good.

If this works I will be the first person to deploy a Clojure application, not only for my organization, but for the city as a whole while simultaneously being able to say that I got a Lisp app deployed and working :D

I am loving this. Really wanna have a Lisp app out there and add it to my resume.

The head of my department, an old timer and really ancient dev smiled heavily when I showed him the codebase. Not only is it minimal, it is concise and elegant :D

I love Clojure

And Texas

Issue or Error? Rant story time!

I was working on a windows desktop app, and everything was ok, you know, tests completed succesfully, all in time, etc. The problem was when we showed the demo to one of our clients. He saw several screens and we explained all the features to him.

Client: *Sees a Error pop-up indicating that a remote service is temporarly unavailable (what it has to happen in order to show him how the system would warn him when an external service is out of service)
Client: What’s that?
Lead dev: What do you mean?
Client: Yes. That’s an error pop-up
Lead dev: Yes, it’s a message that tells you that there was an issue connecting to the bank service
C: No, no and no. Please change it
L: Why? Don’t you want the system to tell you when there is a connection issue and why is that happening?
C: Yes, but my employees could lost their minds because of this class of messages!
L: So...?
C: You have to change it
L: Ok. What do you want to change?
C: First of all, don’t put an “Error” icon, put an “Warning” icon, and instead of “Error” title, put... “Issue”
L: “Issue?”
C: Yeah. Don’t put the “E” word, if the users see an “Error” message, they could think that the program doesn’t work, even if it does work.

We all though “WTF?!”

To make the story shorter, we changed all the pop-ups. That took two days.

Is that correct? I know that “Error” sounds hard but, seriously? “Issue: The remote service is not available, contact your bank?”

Saturday 9.00 AM. I was sleeping, my colleague (on holiday) sent me a text: "We got a problem on our system, probably we ran out of space". I checked the log and found out that several cron jobs failed due to not enough space on the disk. I started deleting some unnecessary logs (we're paranoid) and ended up to squeeze the vm like a lemon to save some space. Sent an email to the sysadmin, "We got to add more space ASAP, users are getting 500 errror for almost everything". Silence. I thought to myself: "Until monday we're safe..". I did a df (96%) and sent a screen to the sysadmin, just to be sure that we understood each other. Finally monday comes, nobody worries about the issue. At noon I literally takled the guy of IT dept. "Yeah, we read your email. I think the sysadmin didn't take you seriously". "Why? Which part of 'we're running out of space' isn't serious?!!!". "He just told me that we have unlimited space on that vm". Unlimited space...sure.... "Right.....the disk is at 96%, buuuuut if he said so No news to worry. Don't call me if everything burns. Have a good day!!!"

Whelp. I started making a very simple website with a single-page design, which I intended to use for managing my own personal knowledge on a particular subject matter, with some basic categorization features and a simple rich text editor for entering data. Partly as an exercise in web development, and partly due to not being happy with existing options out there. All was going well...

...and then feature creep happened. Now I have implemented support for multiple users with different access levels; user profiles; encrypted login system (and encrypted cookies that contain no sensitive data lol) and session handling according to (perceived) best practices; secure password recovery; user-management interface for admins; public, private and group-based sections with multiple categories and posts in each category that can be sorted by sort order value or drag and drop; custom user-created groups where they can give other users access to their sections; notifications; context menus for everything; post & user flagging system, moderation queue and support system; post revisions with comparison between different revisions; support for mobile devices and touch/swipe gestures to open/close menus or navigate between posts; easily extendible css themes with two different dark themes and one ugly as heck light theme; lazy loading of images in posts that won't load until you actually open them; auto-saving of posts in case of browser crash or accidental navigation away from page; plus various other small stuff like syntax highlighting for code, internal post linking, favouriting of posts, free-text filter, no-javascript mode, invitation system, secure (yeah right) image uploading, post-locking...

On my TODO-list: Comment and/or upvote system, spoiler tag, GDPR compliance (if I ever launch it haha), data-limits, a simple user action log for admins/moderators, overall improved security measures, refactor various controllers, clean up the code...

It STILL uses a single-page design, and the amount of feature requests (and bugs) added to my Trello board increases exponentially with every passing week. No other living person has seen the website yet, and at the pace I'm going, humanity will have gone through at least one major extinction event before I consider it "done" enough to show anyone.

help

Longest I've worked without rest + why?

Over 24 hours. Why?

In our old system, the database had fields, for example, a customer like Total97, Total98, etc. to store values by year (or some date-specific value).

Every January 1, we had to add fields to accommodate the upcoming year and make the appropriate code changes to handle the new fields.

One year the UPS shipping rates changed and users didn't want to 'lose' the old rates, so they wanted new fields added (Rate98, Rate99, etc) so they could compare old vs. new. That required a complete re-write of most of the underlying applications because users wanted to see the difference on any/all applications that displayed a shipping rate. I'll throw in asking 'why?' was often answered with "because we pay you to do what we say". Luckily, we had already gotten to work on a lot of this before January 1st, so we were, for the most part, ready.

January 1st rolls around (we had to be in the office at 3:00AM), work thru changes, spend some time testing, and be done before noon. That didn't happen. The accounting system was a system that wasn't in (and had never been) in scope, and when we flipped the switch, one of the accountants comes into the office:
E: "Guys? None of our Excel spreadsheets are working. They are critical to integration with the accounting software"
Us: "What? Why would you be using Excel to integrate with the software instead of their portal?"
E: "We could never figure it out, so we had a consultant write VBA scripts to do the work."
Us: "OK, a lot of fields changed, but shouldn't be a big deal. How many spreadsheets are we talking about?"
E: "Hundreds. We have a separate spreadsheet for every integration point. The consulting company said it scalable, whatever that means."
Us: "What?! Why we just know hearing about this!?"
E: "Don't worry, the consultant said making changes would be easy, let me show you, just open the spreadsheet..click here..<click><click><click>...ignore that error, it always happens...click that <click><click><click>.."
Us: "Oh good lord, this is going to take hours"
E: "Ha! Probably. All this computer stuff is your job and I've got a family to get to. Later"
Us: "Hey 'VP of IS', can we go home and fix these spreadsheets as-needed this week?"
VP-IS: "Let me check with 'VP-FS'"
<few minutes later>
VP-IS: "No, he said Excel is critical to running their department. We stay until Excel is fixed."
Us: "No, no...its these spreadsheets. I doubt FS needs all of them tomorrow morning."
VP-IS: "That's what I said. Spreadsheets, Excel, same thing. I'll order the pizza. Who likes pepperoni!?"

At least he didn't cheap out on the pizza (only 4 of us and he ordered 6 large, extra pepperoni from one of the best pizza places in town)

One problem after another and we didn't get done until almost 6:00AM. Then...

VP-IS: "Great job guys. I've scheduled a meeting at 8:00AM to review what we did so we can document the process for next year. You've got a couple of hours. Feel free to get some breakfast and come back, or eat the left over pizza in the breakroom fridge. There is a lot left"
Us: "Um...sorry...we're going home."
VP-IS: "WHAT!!...OK...fine. I'll schedule the meeting for 12"
Us: "No...we're going home. We'll see you tomorrow."

Windows 10 upgraded yesterday. Went to do a bit of work today, loads of stuff for my development environment wasn't working. The reason? The Windows 10 upgrade completely wiped my Users path and System path env variable.

I have a feature suggestion for devrant: some kind of polling system.
This idea came into my mind with the survey a few days ago.
Since almost all of us are devs, aspiring or experienced, we can expect (somewhat) professional opinions, e.g. on how to tackle a specific problem.
Maybe it's even possible to make this a paid service somehow. I thought about this:

Open a poll for all registered users: $0
Add requirements for a user to have to be able to vote on the poll: +0.99$ each:
- has ranted at least X times
- has at least X ++s
- has a StackOverflow account connected
...

This way, the OP can narrow down the target audience to a specific group.

Maybe...? I don't know if something like this already exists somewhere else.

Not only did my boss insist on setting up roles and permissions for our app how he designed them, even after I spent 4 or 5 hours trying to convince him to let me do it differently, but he has now fucked our entire system.

Under this model of roles and permissions you cannot enforce them on the backend by any means, and now we have a service dealing with users including resetting passwords and changing details that does not use authentication. That's right, aurhe tocation and not even talking about authorization now. Good job.

I honestly wish companies like this would get hacked and fucked over as soon as they did it wrong because I can't believe how retarded some people are.

If I was independently rich I'd pay to work on software I use to fix bugs that it has.

Hello, Paradox Interactive, let me fix some of these roads for you.

Hello, Spotify, let me allow power users to make playlists be subsets of other playlists.

Hello, Github, let me create a tagging system to sort starred repositories.

Yesterday, i had to use neovim for a task on my friend's laptop. There was no WiFi and I couldn't install Emacs. This guy uses Vim a lot. He recently moved to neovim from vim. He had some Ruby codes going. I had to debug some codes(performance issues). I was reluctant to work on it but i had to. After looking at some keybindings and the plugins that guy had written, using vim was pleasure. It was fast. I could shoot up multiple terminals work on that and was instant. I wrote some plugins to indent my code which worked as it's supposed to. I used spacemacs(as it's configured properly) Emacs but there is some load time on spacemacs and there are some issues shooting up multiple spacemacs on terminals. I had just configured and started using prelude which is beautiful Emacs configuration and is fast.
After using neovim that day something hit me that i had blindly had faith in Emacs without using Vim and i use Emacs only for text editing task and terminal. I don't use it for listening music, browser and other task i can always use modern browsers and Spotify for that. Modern browsers and music players are amazing and using those in Emacs there is always a lack of functionality and UI.(modern people don't use those i think and some Emacs users i know use stripped down version of Emacs i.e. microemacs or XEmacs.

I know vi is present by default on every Linux distribution. That keybindings are same as vim and it can be configured so, it is useful for embedded devices and system architecture. I love terminals and love working on tty. That's why i guess i felt instantly tempted to keep on using vim and i loved it's performance. I checked on evil layer before but there are some issues with evil layer in Emacs like it isn't too efficient like vim. I love lisp though and clojure can be edited nicely in Vim.

Is this sin against the church of Emacs? Should i join vi vi vi? I have already dedicated my life on Emacs (check my bio). Am i tempted by the devil?

Windows users can't meme.

>tfw osx is more versatile than windows because of Unix structure
>tfw you don't have admin permissions
>tfw your doing important work but you get a forced update because you can't handle your own system

I am a Linux user myself but OSX is a lot more powerful, I don't understand windows fan boyism? The only thing good about windows is their application and game support and a lot of that can be fixed with wine on OSX and Linux

Work story.
We have this system that's being used nation-wide and basically there's a control panel for management (it's a website)) and an app for the regular users.

I just migrated and replaced the guy before me, I'm basically the only one on the project.

The code for the website is a mess, the servers are sometimes slow, and few security problems here and there.

Project Lead comes up to me and says that few of our clients that use the website are saying it works really slowly.
I start by analyzing the networking, and found shocking things.
First of all, let's say there's a messaging option, and the management teams that are our clients can have each a lot of groups, which all have messaging.

Upon first load, ALL OF THE IMAGES, FROM ALL GROUPS, ARE PRE LOADED. It can get up to few hundred photos being preloaded upon first load, which can explain the slow loading.
After discovering that, I discovered that the Administration control panel, which only my project lead can access, with sends heavy requests to the server and loads heavy assets, is loaded every time to every single client, generating heavy stress on our server and slowing everything down.

I tell that to my project lead and say that that's what causing the slow downs, I coded a fix that currently sits and is not being merged to the master branch to be deployed, and somehow I need to find a way to fix the slowness which all comes down to the heavy requests and slow connection with servers... And they won't merge my fix that fixes the loading of the administration panel so the stress on the servers could go down, and everything will be sped up....
Ah damnit.. sometimes I don't understand it..

So I was assigned to improve an existing internal CMS application where they wanted the ability to add extra form applications and restricting them based on people from different departments. As well as include some other improvements like speed as they mentioned that it was slow in some instances.

What I found was the original developer decided to not use any kind of framework and decided to be creative by creating his own MVC framework. With about 300 users in this system and utilising no caching of queries, views, not even using PHP OpCache, even quite a few security holes, I was damn surprised at how this thing was running. I asked the original developer why he didn't use an open source framework and he said that he thought that he'd create something and be the next Facebook.

It was a mammoth task to "improve" this system but the main thing was that I took custody of this project and that I prevented him from trying to make a bigger mess of things for this project.

Alright, guys. You have complete autonomy over this project, from ideation to execution. You can do exploratory interviews to find out what potencial customers would think, you can come up with prototypes, you can choose whatever tech stack you deem fit for the job. The only requirement is that it must be a beauty product. Oh, and that it must have a way to publish this ton of pictures of models our client has. Oh, and it must handle payments and inventory. And it may integrate with third party software. And users need to save the pictures they like. And a booking system. Is that hard to understand?

Tried to dual boot Arch with Windows yesterday.

Everything was going smoothly. Shrunk the C: partition, ran the installer, installed the OS fine. But it was still booting straight to Windows.

So I edited the BCD to point to Grub instead of Wilndows. Then the plan was to boot into Arch, find Windows, and add it to Grub, problem solved.

Wrong. I had forgotten to disable secure boot. Arch and Grub were booting in BIOS mode, but Windows was UEFI. Grub couldn't boot or even see Windows.

So now I was stuck with just Arch. So I flashed a Windows drive, booted from that, automatic startup repair failed. Opened up the command prompt, tried to rebuild the BCD from there. Surely I can just rebuild it and forget about trying to dual boot right? I just want to get back to being able to use my PC.

Wrong again. Didn't find Windows. Had to get rid of the BCD file before I could rebuild it, but couldn't find it. Found out that I could use diskpart to mount the system partition and assign it a drive letter, renamed the BCD, rebuilt it, and finally was able to reboot into Windows.

Learn from my arrogance. First time Linux users should not attempt to install Arch, let alone do it alongside Windows on the same disk.

Another member of the team updated the production JSON configuration of the project with a missing comma, this broke a system that's not yet live and where there aren't any real users (only used for demos/testing).

Instead of having a good laugh about how silly this was, the CTO/CEO removed their write access to production..

i hate linux like a lot , how do you guys use it

like you guys dont want an advertising ID, how the fuck will advertisers know who you are and what you like?

open source , give me a break, you mean your os devs are soo untrustworthy that you just have to see what they wrote in the code, who does that?

free come on, how poor are you linux people, i mean, quality stuff gets paid for, free stuff just means it's trash

and the linux devs , the aint like real coders they are just hobbysts, making your os in their free time

and who wants to install their own software anyway, on other platforms the company curates restricted software that you can use, and i know you'll say its oppressive but its just customer protection.

and i do want my platform to track everything i do, it only helps them build better stuff for me.

and whenever they decide to outdate my hardware and kill support for it, it only means they care and want me to get the latest tech, how considerate.

wait , i hear you say, there are no bugs in linux, my vendor makes sure my os comes with the latest antivirus software, nothing can break my system.

and just because linux runs on servers and most super computers only shows that common users like you and me are ignored, at least my vendor is not a sellout, and still makes stuff for the masses.

you say freedom i say safety i can sleep safe and sound for am protected nutured under one echosystem of software that i can not leave.

Two months ago I started working at a new company, who's system is a huge monolith. The company is a bit over one year old, and the code base is huge. The desire to move to more of a microservices architecture is on the radar, but one of the biggest issues in moving towards it is how we should keep our models. The stack is basically Node.js and Mongoose, where there's about a few dozen mongoose models that the whole system uses, and the issue is that, if we moved to a microservices architecture, how could we keep the models in sync. One idea I had was to keep the models in a separate (node) package that would be shared across all microservices, but then there's the issue that if one model needs changes, all microservices that use that model will need to be updated. Another idea we had was to not share models, but instead let every microservice be in charge of everything to do with a certain type of data (eg. Users are only directly accessed by one microservice, companies by another, and no two microservices share responsibility over data), but that might bring problems when one microservice depends on a certain set of data from another microservice. How do you guys manage all that? Any ideas or tips? Thanks ^^

Probably had my worst half-week ever this week.

Customer's CRM system, the read and edit masks just...stopped existing on last week friday. CRM fell back on some default masks for the dataset. No way to create new masks directly without putting the whole system upside down.
We couldn't do anything anyway because they reported the issue literally as we all were about to leave for weekend and our boss was like "Ah nah, well do it next week."
Our brains were already fried anyway...
I mail the reporter that we've registered their issue, will investigate and report back ASAP once we've got news.

Monday rolls around, I'm whacking my head against their system trying to figure the fuck out, what went wrong and how to solve it, I come up empty; Not that terrible since the masks only stopped existing in the webclient version of the system and they can still use the windows client, so they can still work.

Tuesday rolls around, I'm at an on site training for an ERP system with my boss at a remote company. Get an email in midst of the training, I was doing protocol.
Guy from the afflicted company goes and tells me that the issue has somehow spread to his colleague and him...IN THE WINDOWS CLIENT.

I'm fucking flabbergasted, so to speak, since the masks for the windows client and the web client are totally isolated from one another.
After we're back at our company, I investigate, less efficiently this time because my brain got fried at the training. I come up empty again.

NOW TODAY: Discuss further proceedings with my boss, he's not pissed at me or anything, just to say, but we're both worried, obviously.

Then at 10:20, a guy from the afflicted company mails me in an annoyed tone that the masks are still broken.

11:00, we figure out a workaround so the windows client users can at least work again, albeit limited.

11:10, I mail the guy, telling him that although we're still not able to fully work everything out and are still investigating, we've made a workaround so they can at least work again.

11:20, the guy mails me in a pissed tone around the lines of "This is very very important and must be fixed ASAP or else we'll not be able to work at all [...]"
And I think like "Dude I literally just told you like 8 minutes ago that there's are workaround so you'll be able to at least work again..."

Forward the mail to boss, we meet up quickly to discuss how in God's name we can deescalate this mfer.

11:31, the guy mails me again, all apologetically this time "Stop! All is good, I just now fully read you mail, thanks for implementing the workaround, nothing will come to a standstill [...]"

BRUH CAN YOU NOT FUCKING READ BEFORE ESCALATING SHIT

Fuck customers. Dumb fucking cretins unable to fucking read.

The issue is still unresolved. Support of the CRM software lets us sit on our collective asses and wait.

There is no such thing as stable software, it's a myth.

Every corporate software is like an ever-decaying semi-corpse of a brain dead patient slowly getting worse and worse but not fucking dying.

Rant over.

If they followed my suggestion and went straight to debugging the server issues they would have been solved it from week 1 and everyone would have thought the migration had a minor performance hiccup. In fact, we have already done such at least twice before and nobody batted an eye.

Instead they self-labelled the migration a failure on first error, setting the stage for apologizing to the client, and put themselves on the spot for a whole staging / production signoff, replication / backup worfklow, almost a blue-green "seamless" deployment reminiscent of DigitalOcean.

Well they're not DigitalOcean, and anyone who has spent any time understanding users knows they will not participate in "new system" tests long enough to find or report issues.

So of course the migration stretched out to almost three months up until the whole reason for the migration - the rapidly escalating risk of the old provider disappearing - hit like a freight train and now they have to go through the problem of debugging the server like I told them to on week 1. Only this time they've set the client mindset against it, lost any chance of reverting, have had grave risk for data loss, and are under pressure to debug other people's code in real-time.

This is why I don't trust devs to do ops. A dev's first solution to any problem is to throw tech at it.

Been working a year and a half on an offer for a client to plan their new system. Today they wanted us to construct the whole system and call it a beta only to pay 10% of the total costs. They said it is our responsibility to make the budget work as they are merely the "end users and not tech people". I am considering to tell them to go f**k themselves tomorrow.

- A girl asks on FB how to deal with a problem in her Windows computer: the system is asking her to introduce the serial key.

- I comment her the possibility of using Linux in case her use cases are simple enough (web, music, videos).

- First reactions are even enthusiastic, some people who had good experiences join the thread to express their delight with Linux.

- Then a guy arrives to tell us how irresponsible we are, telling a poor girl who does not even know how to introduce the serial key... to use Linux (a super complex system!)

- So I tell the guy that Windows is not simple at all, and that most of the times, people just rely o knowing someone else with higher expertise than them, who always end up paying the price of solving the problems caused by Windows, so the users don't really feel how painful is Windows compared to other systems.

- The girl, who was enthusiastic at first, and seems to be not very bright, to say the least, completely misunderstands my answer. She interprets that I'm insulting the poor guys that act as IT service for free, and calls me a "know-all/smartass" (those words are not even close to their Spanish counterpart on pushing down people who know stuff, we are experts on that there, we didn't loose an empire in the 17th century by respecting the wise ones).

This is, in part, why I stopped helping those dumbasses 18 years ago. I forbid myself to learn anything new about Windows (at user level) so I couldn't help these ungrateful and ignorant people who don't make any effort to learn anything by themselves.

So recently I installed Windows 7 on my thiccpad to get Hyperdimension Neptunia to run (yes 50GB wasted just to run a game)... And boy did I love the experience.

ThinkPads are business hardware, remember that. And it's been booting Debian rock solid since.. pretty much forever. There are no hardware issues here. Just saying.

With that out of the way I flashed Windows 7 Ultimate on a USB stick and attempted to boot it... Oh yay, first hurdle to overcome. It can't boot in UEFI mode. Move on Debian, you too shall boot in BIOS mode now! But okay, whatever right. So I set it to BIOS mode and shuffled Debian's partitions around a bit to be left with 3 partitions where Windows could stick in one more.

Installed, it asks for activation. Now my ThinkPad comes with a Windows 7 Pro license key, so fuck it let's just use that and Windows will be able to disable the features that are only available for Ultimate users, right? How convenient would that be, to have one ISO for all the half a dozen editions that each Windows release has? And have the system just disable (or since we're in the installer anyway, not install them in the first place) features depending on what key you used? Haha no, this is Microsoft! Developers developers developers DEVELOPERS!!! Oh and Zune, if anyone remembers that clusterfuck. Crackhead Microsoft.

But okay whatever, no activation then and I'll just fetch Windows Loader from my webserver afterwards to keygen my way through. Too bad you didn't accept that key Microsoft! Wouldn't that have been nice.

So finally booted into the installed system now, and behold finally we find something nice! Apparently Windows 7 Enterprise and Ultimate offer a native NFS driver. That's awesome! That way I don't have to adjust my file server at all. Just some fuckery with registry keys to get the UID and GID correct, but I'll forgive it for that. It's not exactly "native" to Windows after all. The fact that it even has a built-in driver for it is something I found pretty neat already.

Fast-forward a few hours and it's time to Re Boot.. drivers from Lenovo that required reboots and whatnot. Fire the system back up, and low and behold the network drive doesn't mount anymore. I've read that this is apparently due to Windows (not always but often) mounting the network drive before the network comes up. Absolutely brilliant! Move out shitstaind, have you seen this beauty of an init Mr. Poet?

But fuck it we can mount that manually after every single boot.. you know, convenient like that. C O P E.

With it now manually mounted, let's watch a movie! I've recently seen Pyro's review on The Platform and I absolutely loved it. The movie itself is quite good too. Open the directory on my file server and.. oh. Windows.. you just put db.thumb on it and db.thumb:encryptable. I shit you not, with the colon and everything. I thought that file names couldn't contain colons Windows! I thought that was illegal in NTFS. Why you doing this in NFS mate? And "encryptable", am I already infected with ransomware??? If it wasn't for the fact that that could also be disabled with something as easy as a registry key, I would've thought I contracted ransomware!

Oh and sound to go with that video, let's pair up some Bluetooth headphones with that Bluetooth driver I installed earlier! Except.. haha nope. Apparently you don't get that either.

Right so let's just navigate the system in its Aero glory... Gonna need to flick the mouse for that. Except it's excruciatingly slow, even the fastest speed is slower than what I'm used to on Linux.. and it's jerky as hell (Linux doesn't have any of that at higher speed). But hey it can compensate for that! Except that slows down the mouse even more. And occasionally the mouse driver gets fucked up too. Wanna scroll on Telegram messages in a chat where you're admin? Well fuck you mate, let me select all these messages for you and auto scroll at supersonic speeds! And God forbid that you press delete with that admin access of yours. Oh maybe I'll do it for you, helpful OS I am!

And the most saddening part of it all? I'd argue that Windows 7 is the best operating system that Microsoft ever released. Yeah. That's the best they could come up with. But at least it plays le games!

Right.. I spent the hours leading up to the year change by adding a YouTube to MP3 downloader into my Telegram bot. After a bit of fiddling it turned out okay, and the commit for it was mentioned to the last for the year 2020.

I mentioned this in one of my chats, and users came in with more issues. Told them it's the last commit for the year and I'll keep myself to it. I did adjust the code a bit though to fix those issues, awaiting a commit after midnight.

Midnight passes and 2020 turns into 2021.

I commit the new features, and quickly implemented another one I already thought of as well, but needed its own commit.

Quickly afterwards it turns out that the /mp3 feature actually breaks the bot somewhat, especially on long tracks. Users add a slew of 10h songs into what essentially became a long queue of single-threaded bot action (or rather lack thereof).

I made the /mp3 command accessible to myself only like I did with some other administrative commands already. Still no dice, the bot rejected the commands but executed part of the /mp3 command anyway.

I look a bit further into the code and it turns out that while I was restructuring some functions, I forgot to make the admin() function exit the script after it sends the rejection onwards. This was a serious security issue and meant that all authentication was void. Fortunately the chat did not realize this - one of the commands that became available as a result was literally a terminal on the bot's system.

I fix the issue in 7 commits after midnight total, 3 of which were related to /mp3 and admin(). We're now 1 hour after midnight.

Happy New Year everyone... :')

Dev Diary Entry #56
Dear diary, the part of the website that allows users to post their own articles - based on an robust rights system - through a rich text editor, is done! It has a revision system and everything. Now to work on a secure way for them to upload images and use these in their articles, as I don't allow links to external images on the site.

Dev Diary Entry #57
Dear diary, today I finally finished the image uploading feature for my website, and I have secured it as well as I can.

First, I check filesize and filetype client-side (for user convenience), then I check the same things serverside, and only allow images in certain formats to be uploaded.

Next, I completely disregard the original filename (and extension) of the image and generate UUIDs for them instead, and use fileinfo/mimetype to determine extension. I then recreate the image serverside, either in original dimensions or downsized if too large, and store the new image (and its thumbnail) in a non-shared, private folder outside the webpage root, inaccessible to other users, and add an image entry in my database that contains the file path, user who uploaded it, all that jazz.

I then serve the image to the users through a server-side script instead of allowing them direct access to the image. Great success. What could possibly go horribly wrong?

Dev Diary Entry #58
Dear diary, I am contemplating scrapping the idea of allowing users to upload images, text, comments or any other contents to the website, since I do not have the capacity to implement the copyright-filter that will probably soon become a requirement in the EU... :(

Wat to do, wat to do...

- a split keyboard with a touchpad in the middle that will let you control all gestures on a computer

- a set of desk/monitors that adjusts perfectly for ergo for anyone

- a vertical laptop dock that is modular so you can add extra memory/video processing power and only using your laptop as a CPU/secondary graphics card

- a set of kitchenware and plates that would be so easy to clean and would never get stained

-an insect home alarm system that tells you where the fucking insect is so it doesn't take you by surprise/you can call someone to remove it

- a clothing brand that has a buy one gift one operation mechanic, where you buy a shirt and an article is donated to a local charity

- a restaurant

- a simple, yet robust database option that walks users through creating good databases that is super user friendly

- an app that takes tattoo designs in any format, converts them, allows for editing, and then can hook up to a special printer that gives you the transfer you will use on the client

A user calls me an hour after I'm supposed to have logged off.
"Hey, ahh, like, something is not good with, like, some thing"
Oh, snap! What happened?
"There is, like, this report, and it's, like, not right?"
Oh, the report is showing wrong data? Let me try to get a fresh version and...
"No, like,the data is right, but, like, there is many reports and , like, should be only one?"
Oh, you mean the report consolidation feature? It should only happen if the reports are fully compatible, and since it's automatic if the reports are not already grouped it means that they cannot be grouped. Probably due to this shopping season, we've seen a high uptick in demand.
"But, like, it should be, like, one! If not I will have to type in each report, like, by hand! I usually talk to this guy XYZ and he, like, does something that I, like, have no idea what it is. Can you call him up?"
(The dude the user mentioned logged off hours ago, and is in a different timezone. It's now about 11PM for him.)
It might not be possible. The system should add observations to each report it cannot consolidate. What do those say?
(the user takes two seconds to respond. I don't think they checked anything)
"It doesn't say anything. Can you cal XYZ, please?"
...

Shit, why do people wait until the last few hours of the last day of the month to do something that should have been done days ago and then demand that everybody everywhere just adjust to their late-ass schedule?
And then to demand I wake up a hardworking dev because someone is to lazy to use the system as it was custom designed for them? Because it had no problems but just wasn't making all things easy?

That's why users have to pay - they don't pay us to code, they pay us to put up with their bullshit.

These ignorant comments about arch are starting to get on my nerves.

You ranted or asked help about something exclusive to windows and someone pointed out they don't have that problem in arch and now you're annoyed?

Well maybe it's for good.

Next comes a very rough analogy, but imagine if someone posts "hey guys, I did a kg of coke and feeling bad, how do I detox?"

It takes one honest asshole to be like "well what if you didn't do coke?".

Replace the coke with windows.
Windows is a (mostly) closed source operating system owned by a for profit company with a very shady legal and ethical history.

What on earth could possibly go wrong?

Oh you get bsod's?
The system takes hours to update whenever the hell it wants, forces reboot and you can't stop it?
oh you got hacked because it has thousands of vulnerabilities?
wannacry on outdated windows versions paralyzed the uk health system?

oh no one can truly scrutinize it because it's closed source?

yet you wonder why people are assholes when you mention it? This thing is fucking cancer, it's hundreds of steps backwards in terms of human progress.

and one of the causes for its widespread usage are the savage marketing tactics they practiced early on. just google that shit up.

but no, linux users are assholes out to get you.

and how do people react to these honest comments? "let's make a meme out of it. let's deligitimize linux, linux users and devs are a bunch of neckbeards, end of story, watch this video of rms eating skin off his foot on a live conference"

short minded idiots.

I'm not gonna deny the challenges or limitations linux represents for the end user.

It does take time to learn how to use it properly.
Nvidia sometimes works like shit.
Tweaking is almost universally required.
A huge amount of games, or Adobe/Office/X products are not compatible.
The docs can be very obscure sometimes (I for one hate a couple of manpages)

But you get a system that:
* Boots way faster
* Is way more stable
* Is way way way more secure.
* Is accountable, as in, no chance to being forced to get exploited by some evil marketing shit.

In other words, you're fucking free.
You can even create your own version of the system, with total control of it, even profit with it.

I'm not sure the average end user cares about this, but this is a developer forum, so I think in all honesty every developer owes open source OS' (linux, freebsd, etc) major respect for being free and not being corporate horseshit.

Doctors have a hippocratic oath? Well maybe devs should have some form of oath too, some sworn commitment that they will try to improve society.

I do have some sympathy for the people that are forced to use windows, even though they know ideally isn't the ideal moral choice.
As in, their job forces it, or they don't have time or energy to learn an alternative.

At the very least, if you don't know what you're talking about, just stfu and read.

But I don't have one bit of sympathy for the rest.

I didn't even talk about arch itself.
Holy fucking shit, these people that think arch is too complicated.

What in the actual fuck.

I know what the problem is, the arch install instructions aren't copy paste commands.
Or they medium tutorial they found is outdated.

So yeah, the majority of the dev community is either too dumb or has very strong ADD to CAREFULLY and PATIENTLY read through the instructions.

I'll be honest, I wouldn't expect a freshman to follow the arch install guide and not get confused several times.
But this is an intermediate level (not megaexpert like some retards out there imply).

Yet arch is just too much. That's like saying "omg building a small airplane is sooooo complicated". Yeah well it's a fucking aerial vehicle. It's going to be a bit tough. But it's nowhere near as difficult as building a 747.

So because some devs are too dumb and talk shit, they just set the bar too low.

Or "if you try to learn how to build a plane you'll grow an aviator neckbeard". I'll grow a fucking beard if I want too.

I'm so thankful for arch because it has a great compromise between control and ease of install and use.

When I have a fresh install I only get *just* what I fucking need, no extra bullshit, no extra programs I know nothing about or need running on boot time, and that's how I boot way faster that ubuntu (which is way faster than windows already).

Configuring nvidia optimus was a major pain in the ass? Sure was, but I got it work the way I wanted to after some time.

Upgrading is also easy as pie, so really scratching my brain here trying to understand the real difficult of using arch.

Not really a rant and not very random. More like a very short story.

So I didn't write any rant regarding the whole Microsoft GitHub topic. I don't like to judge stuff quickly. I participated in few threads though.

Another thing is I also don't use GitHub very much apart from giving 🌟 to repos as a bookmark. Have one hobby project there. That's all. So I don't worry that much. I'm that selfish and self concerned. :3

I was first introduced to version control system by learning how to use tortoisesvn around 2008. We had a group project and one of the guys was an experienced and amazing programmer unlike the rest of us. He was doing commercial projects while we were at our 1st and 2nd year. Uni had svn repo server. He taught us about tortoisesvn. He also had Basecamp and taught us how to use it as well. So that's how I learned the benefits of using versioning tools and project management tools. On side note, our uni didn't teach any of those in detail :3

After that project, I was hooked to use versioning tools. So until school kicked me out, I was able to use their svn server. When I was on my own, I had to ask Google for help. I found a new world. There are still free svn services that I can use with certain limited functions. That's not the new world; I found people saying how git is better than svn in various ways. It was around 2010,2011.

At first I was a bit reluctant to touch git because of all the commands in terminal approach. But then I found that there is tortoisegit. I still thank tortoisesvn creator for that. I'm a sucker for GUI tools. So then I also have to pick which git servers to use. Hell yeah, self hosted gitlab is the way to go man. Well that's what the internet said. So I listened. I got it up and running after numerous trial and error. I used it briefly. Then I came back to my country on 2012-2013; the land of kilobytes per minute (yes not second, minute).

My country's internet was improved only after 2016. So from 2013 to 2016, I did my best not to rely on internet. I wasn't able to afford a server at my less than 10 people, 12ft*50ft office. So I had to find alternative to gitlab which preferably run on windows. Found bonobo and it was alright. It worked. Well had crazy moments here and there when the PC running Bonobo got virus and stuff. But we managed. We survived. Then finally multi national Telecom corporates came to our country.

We got cheaper and faster mobile data, broadband and fiber plans. Finally I can visit pornhub ... sorry github. Github is good. I like it. But that doesn't mean I should share my ugly mutated projects to the rest of the world. I could keep using Bonobo but it has risks. So I had to think for an alternative. I remembered that gitlab didn't have cloud hosting service when I checked them out in the past. So I just looked into Bitbucket and happy with their free plans of 5 users and unlimited private repos. I am very very cheap and broke.

That's why I said I don't really care that much about the whole M$GitHub topic at the beginning. However due to that topic, I have visited GitLab website again and found out they have cloud hosting now and their free plan is unlimited users and unlimited repos. So hell yeah. Sorry BB. I am gonna move to cheaper and wider land.

TL;DR : I am gonna move to GitLab because of their free plan.

First month of project we suggest that we test that Entity Framework has made reasonable DB queries because the system will need to handle a lot of records. “Not a priority in this sprint because we need features.” Devs try to get it into every sprint. The last week of the project they want us to dump in a ton of records so they can test it. The N+1 SELECT query issue is on main queries. It is so bad and slow with more records that a simple query causes the container management to auto scale the application on a single query. They can have max 8 users in the system at a time and it will take 10 seconds to do a simple page refresh.

They get on our case and we dredge up all of the correspondence where they completely ignored our advice. Fix it now! We need another sprint. Fix it free! No.

So on a PowerBuilder app I worked on last year (I know right...), suddenly the business users were reporting that they couldn't edit some of their prices! When they clicked save, the screen would refresh and lose their work.

We had recently upgraded the system to allow them to enter hundreds of prices at a time, much more than there had ever been. But that code wasn't anywhere near this part!

Tracking this down was really fun... By great fortune, I discovered the row the users were editing was the 99th row in the DataWindow. As it turned out, in the distant past (this is PowerBuilder, after all) the returns code "99" had been used as a flag to mean "cancel/refresh the screen".

I of course offered to "fix it right", but the powers that be wanted it fixed cheaply, so we just changed the flag to "9999". 😬

Linux or Windows - still a problem for inexperienced computer users.
I was an IT professional for 35 years but haven't looked at a line of code for 10 years. And it certainly looks different today -
I have trouble using my smart Phone. I have always disliked the intimidation tehniques practised by Microsoft over the years. When
I was running OS2 in the 90's I couldn't get any software for it because MS had persuaded the developers not to release any OS2 versions until Chicago (AKA WIN95) was released. I was forced to use Windows for years until I finally decided to try Linux. Linux
is a great answer but unfortunately unless you are a current programmer there seems to be some situations that force you to maintain a version of Windows (setting up devices, Printers and developed software). Now that UEFI has been introduced as the standard in new PCs it is very difficult just to install and run Linux. So as WIN10 (the most invasive and slow running Windows to date) is the only "Valid" OS - MS is still dictating what we can and can't do. I decided to sell my new PC and pick up an old BIOS PC so that I could run linux and Win 7 to accomplish
my needs. How long can this go on? When will Linux be a "valid" Operating System. And when will a non-programmer be easily able to setup his hardware and find necessary software to run on Linux.

Reporting is not fun..

Scenario 1:
* A user says they need to export certain data from our system..
* Developer W makes report called "Foo detail report"

Scenario 2:
* A user says they need this report to also show some extra fields
* Developer X makes a new report called "Foo detail report (extra fields)"

Scenario 3:
* A user says they need this report to be run with a different search criteria
* Developer Y makes a new report called "Foo detail report (extra fields) by bar"

Scenario 4:
* A user says they need this report show data grouped in a different way
* Developer Z makes a new report called "Foo detail report (extra fields) by bar- new grouping"

The above scenarios happened over and over for several years in no particular order...

Current Day:
* Some users have certain reports they use and rely on but we don't know which ones
* Nobody really knows what all of the reports do or what is the difference between them without looking at the sql
* If we want to change data structures we have many reports to update
* I have a request from a user to add an extra column to one of the reports

i'm curious... to anyone on here who does hiring, why do companies always expect someone to already have experience with high volume systems. i've been a php dev for 10+ years but am having the hardest time finding a job and i have been turned down so many times because they expect me to have worked on a system with millions of users and terabytes worth of data already. it's beyond frustrating

Worst architecture I've seen?

The worst (working here) follow the academic pattern of trying to be perfect when the only measure of 'perfect' should be the user saying "Thank you" or one that no one knows about (the 'it just works' architectural pattern).

A senior developer with a masters degree in software engineering developed a class/object architecture for representing an Invoice in our system. Took almost 3 months to come up with ..

- Contained over 50 interfaces (IInvoice, IOrder, IProduct, etc. mostly just data bags)
- Abstract classes that implemented the interfaces
- Concrete classes that injected behavior via the abstract classes (constructors, Copy methods, converter functions, etc)
- Various data access (SQL server/WCF services) factories

During code reviews I kept saying this design was too complex and too brittle for the changes everyone knew were coming. The web team that would ultimately be using the framework had, at best, vague requirements. Because he had a masters degree, he knew best.

He was proud of nearly perfect academic design (almost 100% test code coverage, very nice class diagrams, lines and boxes, auto-generated documentation, etc), until the DBAs changed table relationships (1:1 turned into 1:M and M:M), field names, etc, and users changed business requirements (ex. concept of an invoice fee changed the total amount due calculation, which broke nearly everything).

That change caused a ripple affect that resulted in a major delay in the web site feature release.

By the time the developer fixed all the issues, the web team wrote their framework and hit the database directly (Dapper+simple DTOs) and his library was never used.

I don't work for Walmart, but they almost put my job in jeopardy today. I have a console app in production that pushes Walmart orders from their marketplace into our system for fulfillment. For half a year, I have handled thousands of orders, but overnight, all customers were getting massive price cuts on products in the Walmart feed! I looked at the data and initially thought it was my error due to using a quotient instead of a product in the code. But upon closer inspection, some fool at Walmart had changed code on their end without telling my team! Broke all the things. Lucky we were able to pull a full stop before we lost disgusting amounts of money, but you would think that a big player like Wally would at least announce a breaking code change to their users. 😲😡

Short sad story:

The backend team in my company stores plain text passwords and I am making a view in the website to view all the users password in the system

How to fix issues the easy way:

1. Provide users a way to raise issues
2. Immediately respond to new issues saying you added them to the internal ticketing system
3. Wait till the affected product reaches EoL
4. Tell the customer you are sorry, but as the product is now after EoL, you cannot use any resources on fixing the issue
5. Close the issue

Last year I was asked to optimize a code in our legacy portal (yet to be replaced with the new portal). The legacy system didn't have a design phase. Straight away went to development by whatever developer available at that time.
It was seriously fucked up.

So I went and had a look at the vanilla PHP code that served data for a datatable.
** I nearly fainted **

A query was done to get data from a table without any joins.
Then for loop to display those data.
Then inside for loop, for every single column that gets data from a related table there's a fucking query.
Eg: select * from users where.... to display username. Then again select * from users where..... to display user's email, then another query for his phone number. Then another query to get service providers name, then another to get their phone number.

I think the guy who did it wrote his first hello world app with a bunch of queries and sent it to production. No one bothered to check until 4 years later when it slowed down like a friggin snail.
I'm surprised it even survived that long.

Question: What was the worst mistake you made in Linux?

So... Because I've finally upgraded my PC (rip money on bank account) I can now run a VM with Linux all the time that isn't slow as a snail.
I installed Linux mint, with 4Gb of Ram and 6 cores, and it runs like a brize, while I play on windows and stuff. BTW I'll be using the VM for programming stuff, since I'm finally at home (homesick because of burn out), when I'm better I'll finally have the patience and memory to learn new stuff and get my projects up and going.
And because I've never really used Linux I'm watching YouTube videos about Linux, and found a Perl I've watched before, #Linux Sucks
And It's great... I get so many laughs, but also, learn stuff I didn't know, like, how Linux Pros make mistakes that Windows users can't even do, like breaking the OS.
So... I would love to know, what was the worst mistakes you ever done on Linux? How did you brake you're system?
BTW this would also be great for noobs like me to not make them... I hope. Since I'll be moving full Linux when I'm comfortable.

BTW @dfox this would be a great wk ...

A few days ago I decided to install Windows 7 on a VM (bad idea as it turned out). All fine and dandy and I ran Windows Update a few times to get it at least as up-to-date as it'll get.

I noticed that out of the 4GB RAM I had allocated, an svchost process responsible for the updates was gobbling up all the available memory, just leaving 82MB for everything else. The process itself was as you might imagine consuming over 3GB RAM just for itself. That's how an OS should work right after installation, I'm sure you'll agree.

So I complained about it. Haven't used Windows anywhere for a while so I wasn't used anymore to this level of efficiency. Disk activity went through the roof, though to be fair the underlying disk wasn't an SSD (qcow2 on ZFS on a spinning drive). RAM consumption is something I already covered. CPU temperature shot up to 95C.

So as any idiot would do, I disabled the service related to that process (the svchost process for wuauserv) and the problem went away. But I complained of course, saying that such amazing system utilization metrics wasn't something I expected. I mean for 4GB allocated, having as much as 82MB usable to get stuff done with! 95C on the CPU, on a lot of chips that's the junction temperature! Absolutely beautiful.

When I complained I heard that I had to replace the thermal grease. I do that twice a year. I wrote a custom fan driver for my system that works absolutely great. It was obviously shit. I must be a horrible sysadmin for solving a problem by eliminating the cause, and companies hiring me must be ashamed of themselves. My hardware must be shit (that's a common one with Windows users) despite being a business laptop and the guest system being a VM. Oh and I'm an idiot of course for complaining about such amazing system metrics in Windows.

I love Windows and its community...

Update on my devRant client SwiftUIRant:

I’m experimenting with some UI changes compared to the official app.

* vote buttons are laid out horizontally and placed above the rant to not waste space on the left side.
* comments count shows 0 comments instead of disappearing.
* rants are not cut off but visible in full length (I plan to add a toggle setting for that)
* creation date/time is present in the feed
* date/time formatter uses the current system region and the language english. So no more awkward American dates for non American users.

What do you think?

Arch has a great default package manager, and it's the basis for why I love Arch as much as I do.

A completed install is pretty minimal, and as a user who knows what apps I want, that's perfect for me. When I've used any other major distro of late, my post-install activity mostly consisted of removing software, changing defaults, and otherwise swimming upstream against the intent of the distro's maintainers.

With Arch, I start with a more or less blank slate, and then add the components I want to it. It's so intensely satisfying to have a system that is composed almost entirely of software I explicitly wanted to have.

The result is a system that behaves pretty much exactly the way I want.

Any other Arch users want to weigh in on what they like about it?

I begin with the optimism and the joy that I am creating something new that will improve people's lives.

I listen to the user and analyze the current process in depth.

I try to suggest additional value to the system for the users consideration. Sometimes they do not realize we can improve 10x rather than 2x.

I learn what the users goals are and what they want out of the system. We think about reports and downstream value. Sort of working from the end to the beginning (data ingests and upstream processes that will feed the system).

After the user signs off on the requirements and deliverables and I have a realistic project plan I begin to code.

It works and has worked for me every time for a long long time.

A software had been developed over a decade ago. With critical design problems, it grew slower and buggier over time.
As a simple change in any area could create new bugs in other parts, gradually the developers team decided not to change the software any more, instead for fixing bugs or adding features, every time a new software should be developed which monitors the main software, and tries to change its output from outside! For example, look into the outputs and inputs, and whenever there's this number in the output considering this sequence of inputs, change the output to this instead.
As all the patchwork is done from outside, auxiliary software are very huge. They have to have parts to save and monitor inputs and outputs and algorithms to communicate with the main software and its clients.
As this architecture becomes more and more complex, company negotiates with users to convince them to change their habits a bit. Like instead of receiving an email with latest notifications, download a csv every day from a url which gives them their notifications! Because it is then easier for developers to build.
As the project grows, company hires more and more developers to work on this gigantic project. Suddenly, some day, there comes a young talented developer who realizes if the company develops the software from scratch, it could become 100 times smaller as there will be no patchwork, no monitoring of the outputs and inputs and no reverse engineering to figure out why the system behaves like this to change its behavior and finally, no arrangement with users to download weird csv files as there will be a fresh new code base using latest design patterns and a modern UI.
Managers but, are unaware of technical jargon and have no time to listen to a curious kid! They look into the list of payrolls and say, replacing something we spent millions of man hours to build, is IMPOSSIBLE! Get back to your work or find another job!
Most people decide to remain silence and therefore the madness continues with no resistance. That's why when you buy a ticket from a public transport system you see long delays and various unexpected behavior. That's why when you are waiting to receive an SMS from your bank you might end up requesting a letter by post instead!
Yet there are some rebel developers who stand and fight! They finally get expelled from the famous powerful system down to the streets. They are free to open their startups and develop their dream system. They do. But government (as the only client most of the time), would look into the budget spending and says: How can we replace an annually billion dollar project without a toy built by a bunch of kids? And the madness continues.... Boeings crash, space programs stagnate and banks take forever to process risks and react. This is our world.

To the Linux users, what's your system like? And how do you use it?

I'd just like to interject for a moment. What you’re referring to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.

Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called “Linux”, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use.

Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called “Linux” distributions are really distributions of GNU/Linux.

Tl;dr: I'm a shitty PHP programmer, but even a shittier JS programmer.

I made a whole image upload system which has an elaborate login/sign up facility, checks the dimensions of an image, it's size, checks if it's broken, compares it to previous uploads to prevent duplicates, take comments, sorts them per user and stores it efficiently in a db and accesses it using PDO, not mySQL, displays it as a gallery, and even lets the users transfer images amongst them.
But I can't make a simple shopping cart in js.

Why? Just, why?

Have anyone ever been forced to use a certain operating system at work?

Any linux users that has been forced to use Windows or Mac?

So, we (I'm the backend guy and work with a UI dev) are building this product portfolio management tool for our client and they have a set of 250 users. The team has two point of contacts for the 250 users who maintain the master data, help users with data quality, tool guidance, reporting and other stuff. So one day one of these two support users come to me and say : Hey I'm not able to add new transactions coz a customer is missing.

We have the provision to create / maintain customers.

I check the production DB, application code, try creating the customer and then the transaction, everything works perfectly fine.

I ask the user for a screen sharing session, the user starts reproducing the error like this :

We have a 3 system landscape - Dev / Test and Prod

U : Logs into the test system url, creates the customer.

U : Points out the toast saying customer creation is successful.

U : opens a new tab, opens the production system, tries creating the transaction, searches for the customer and says " see !! cant find the customer here ! the master data management apps never work !! "

FML?.

Records Person: Can you look at this member renewal issue for system A? It’s happening on the website you maintain. Here are some recent errors to debug.

Me (web developer): I can’t reproduce the error your reporting. Is there something I’m missing? And is there an example for the staging environment?

RP: There’s another team that will manually reconcile the records in system A if they don’t match what’s in system B. So this gives users two active memberships when it should only be one.

Me: 😑 So you already know the issue is human intervention messing with the records and causing the renewal issue. This is not a website issue. It’s a data issue.