Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "verify"
-
A few years ago when I was still an apple fan boy, friend of mine bragging me about how android is awesome, we were drinking some shots at our local pub and I was starting to get light headed. At one point he showed me so called "terminal emulator" app. I checked it out, and assumed it's an emulation, just like dosbox, so I decided to verify that "rm -rf *"... (the phone was rooted)
The phone shutdown within seconds, I couldn't stop laughing, while my friend was shock that his new phone was longer booting.
Luckily he managed to reflash the ROM. What can I learn from that experience?
1. Don't drink and sudo
2. Don't call your app an emulator if it's the real deal.34 -
A super creepy webcrawler I built with a friend in Haskell. It uses social media, various reverse image searches from images and strategically picked video/gif frames, image EXIF data, user names, location data, etc to cross reference everything there is to know about someone. It builds weighted graphs in a database over time, trying to verify information through multiple pathways — although most searches are completed in seconds.
I originally built it for two reasons: Manager walks into the office for a meeting, and during the meeting I could ask him how his ski holiday with his wife and kids was, or casually mention how much I would like to learn his favorite hobby.
The other reason was porn of course.
I put further development in the freezer because it's already too creepy. I'd run it on some porn gif, and after a long search it had built a graph pointing to a residence in rural Russia with pictures of a local volleyball club.
To imagine that intelligence agencies probably have much better gathering tools is so insane to think about.53 -
Dad: why do these forms ask me to fill those random characters(captcha)
Me: to verify that you are human
Dad: as if animals can use computers
Me: 😅7 -
After listening to two of our senior devs play ping pong with a new member of our team for TWO DAYS!
DevA: "Try this.."
Junior: "Didn't work"
DevB: "Try that .."
Junior: "Still not working"
I ask..
Me:"What is the problem?"
Few ums...uhs..awkward seconds of silence
Junior: "App is really slow. Takes several seconds to launch and searching either crashes or takes a really long time."
DevA: "We've isolated the issue with Entity Framework. That application was written back when we used VS2010. Since that application isn't used very often, no one has had to update it since."
DevB: "Weird part is the app takes up over 3 gigs of ram. Its obviously a caching issue. We might have to open up a ticket with Microsoft."
Me: "Or remove EF and use ADO."
DevB: "That would be way too much work. The app is supposed to be fully deprecated and replaced this year."
Me: "Three of you for the past two days seems like a lot of work. If EF is the problem, you remove EF."
DevA: "The solution is way too complicated for that. There are 5 projects and 3 of those have circular dependencies. Its a mess."
DevB: "No fracking kidding...if it were written correctly the first time. There aren't even any fracking tests."
Me:"Pretty sure there are only two tables involved, maybe 3 stored procedures. A simple CRUD app like this should be fairly straight forward."
DevB: "Can't re-write the application, company won't allow it. A redesign of this magnitute could take months. If we can't fix the LINQ query, we'll going to have the DBAs change the structures to make the application faster. I don't see any other way."
Holy frack...he didn't just say that.
Over my lunch hour, I strip down the WPF application to the basics (too much to write about, but the included projects only had one or two files), and created an integration test for refactoring the data access to use ADO. After all the tests and EF removed, the app starts up instantly and searches are also instant. Didn't click through all the UI, but the basics worked.
Sat with Junior, pointed out my changes (the 'why' behind the 'what') ...and he how he could write unit tests around the ViewModel behavior in the UI (and making any changes to the data access as needed).
Today's standup:
Junior: "Employee app is fixed. Had some help removing Entity Framework and how it starts up fast and and searches are instant. Going to write unit tests today to verify the UI behaivor. I'll be able to deploy the application tomorrow."
DevA: "What?! No way! You did all that yesterday?"
Me: "I removed the Entity Framework over my lunch hour. Like I said, its basic CRUD and mostly in stored procedures. All the data points are covered by integration tests, but didn't have time for the unit tests. It's likely I broke some UI behavior, but the unit tests should catch those."
DevB: "I was going to do that today. I knew taking out Entity Framework wouldn't be a big deal."
Holy fracking frack. You fracking lying SOB. Deeeep breath...ahhh...thanks devRant. Flame thrower event diverted.13 -
The hardest part of being a programmer wasn't the education, the self-teaching, the sleepless nights or the hours of agony trying to fix a bug that would break a program I'd spend weeks working on.
It's the realization that my family, friends, coworkers...nobody understands at all what I do. They don't know of my failures or my triumphs. I can't talk about it with them and it's becoming more apparent to them that it's taking up more of my life. And in a way it feels like a part of myself has just become, well, alien.
Best way I can describe it is, it's like the "Tears in the Rain" scene from Blade Runner.
I'm stuck, I think. I know I've been shutting out people from my life more and more as I don't want to "deal" with people's issues, but I don't think it's been good. I'm can verify that I'm depressed beyond my normal levels.
It's time for me to make an appointment with a therapist.
Remember that you are loved here, and appreciated. Don't let anyone tell you different.
Stay strong.25 -
Hi client,
I am not able to login to your prod server. Can you please verify the following:
Host: x.y.x.y
Port: 1234
Username: ABCD
Password: password1234
Thanks,
My idiotic coworker8 -
Not a rant, but I found this funny enough to share.
About two weeks ago, I’m contacted by a third party development firm that is responsible for building the next iteration of a control board were are developing. Alongside build of the PCB they were scoped to flash the firmware and verify all connected components.
During the call, they tell me they don’t have the resources to build our testing environment with the Ansible script I provided, and they don’t know if the updates they have made will work with our control system. Ugh...really...
I attempt to walk them through the 3 pretty simple commands to launch the playbook. Instead of listening, their project manager insists that I need to load up the environment and send them a ready to go system.
I quickly load up a RaspberryPi and prepare it for shipping. I hand the box to our shipping clerk and fill out the shipping request documentation. Then about a week goes by and this is where the story really begins.
I get an email from the same rep asking where the environment is, and I head down to the warehouse to inquire where the RaspberryPi might be. After speaking with the head clerk, we can’t seem to track down the package. I’m assured that they will find the Pi and send me the shipment update.
I pass the information along and after about a day and a half I still didn’t receive word back from the warehouse team. I load up another Pi and head back down to the warehouse. I follow up with the warehouse staff. They inform me that they have not been able to locate my package and another warehouse worker is called over. He says he hasn’t seen it, but they they were having a food day that day and he thinks more than likely someone ate it.
Like it didn’t even click at first but after a few seconds I realize that these guys have literally been looking for a pie for the past two days...and I JUST DIE.
After the 5 or so minutes of laughing I show them the newly flashed RaspberryPi, and of course they know exactly where the original one was.
It’s shipped out now, but wow. Also, it turns out the PCB manufacturing company didn’t even really need this and it was all a guise to hide that they are behind schedule and that they will not be able to finish the work scoped. FML!6 -
Dear sir,
I'm NOT giving you the information you want because I can't verify you. You can tell me that we're the only company who does it like this and name all companies which do it differently, you can curse me into the ground or completely lose your shit at me but that won't make a difference:
I'm not giving you the information you want.
Sincerely,
Go fuck yourself.10 -
"The customer reports that port 21 is closed on our FTP site. They said that port 443 is open, and wonder if they can use that instead."
"They are entering the wrong server name. Our FTP server is ONLY an FTP server. Port 443 is not open on our FTP server.
Please verify that they are entering `ftp.xxxxxx.com`
Our FTP site supports FTP/SSL if they are concerned about security."
"Customer responds that they would rather use port 443 to send files."
"I'm sure they would. I'd also like to enter our building on the west side when the temperature is below 10º, but there are no doors on the west side, so that's not going to happen, is it?"2 -
Pressing Ctrl + S only once to save your code in the editor is the tech equivalent of locking the door to your mansion and not pulling the knob to check if it has indeed been locked.5
-
How do I un-idiot my users when it comes to clicking on dodgy email-links??
Got a forwarded email just there from a user who said;
Good afternoon,
Is the below ok to open?
I just tried but got a popup saying I've been blocked from opening it.
I'm not sure who it is coming from and I am not waiting on anything but as it says its from dropbox and is important, i know it's okay.
Can you unblock the link ASAP please?
This is really impeding my work-day as I need to know what it is and act accordingly.
Regards... user.
The Original email came from a random jumble of letters with a subject line of 'important dropbox program' - not only does it look dodgy but its english is horrible! It said;
"Hi tu my freind,
You tu still read a pending verrry important document sent by one of your own contact to be vieweddd.
Install "Highly Confidential english.pdf" by clickinggg here
*insert link leading to something called 'viral-update-trojan.exe'*"
I mean, seriously... help!!! 😢
We have sent emails explaining how to hover over links and to not to click them if it looks wrong.
No one does it.
We hired a company to send fake phishing emails to train users in what to do.
It made no difference!
We now make people 'verify' their email addresses when opening any sort of link to try get them to actually look at what they're opening.
We also strip emails of original attachments and create 'safe' html copies as we can't trust them to look at what they're opening.
Everyone complains about it but Jesus Christ, this is why!!!
Its so exhausting!! What is wrong with people!!! Argh!!! 😤16 -
Okay, time to delete my old Skype account
1. Enter Skype name
2. Reset password
3. Captcha
4. Complete email
5. Enter email code
6. You are logged in now, please complete your profile first
7. Enter birth date
8. Add your phone number or second email address
9. Create new outlook mail
10. Got access to profile settings
11. Click on delete profile
12. Stop please first verify your email again
13. Enter code
14. Check all checkboxes that I am really sure to want it deleted
15. Click delete button
Fuck hell and that all again for my second account7 -
I made a script for this group to verify their data, but they didn't want to use it because it's "only 50 lines of code and might miss something".2
-
Hey, Root? How do you test your slow query ticket, again? I didn't bother reading the giant green "Testing notes:" box on the ticket. Yeah, could you explain it while I don't bother to listen and talk over you? Thanks.
And later:
Hey Root. I'm the DBA. Could you explain exactly what you're doing in this ticket, because i can't understand it. What are these new columns? Where is the new query? What are you doing? And why? Oh, the ticket? Yeah, I didn't bother to read it. There was too much text filled with things like implementation details, query optimization findings, overall benchmarking results, the purpose of the new columns, and i just couldn't care enough to read any of that. Yeah, I also don't know how to find the query it's running now. Yep, have complete access to the console and DB and query log. Still can't figure it out.
And later:
Hey Root. We pulled your urgent fix ticket from the release. You know, the one that SysOps and Data and even execs have been demanding? The one you finished three months ago? Yep, the problem is still taking down production every week or so, but we just can't verify that your fix is good enough. Even though the changes are pretty minimal, you've said it's 8x faster, and provided benchmark findings, we just ... don't know how to get the query it's running out of the code. or how check the query logs to find it. So. we just don't know if it's good enough.
Also, we goofed up when deploying and the testing database is gone, so now we can't test it since there are no records. Nevermind that you provided snippets to remedy exactly scenario in the ticket description you wrote three months ago.
And later:
Hey Root: Why did you take so long on this ticket? It has sat for so long now that someone else filed a ticket for it, with investigation findings. You know it's bringing down production, and it's kind of urgent. Maybe you should have prioritized it more, or written up better notes. You really need to communicate better. This is why we can't trust you to get things out.
*twitchy smile*rant useless people you suck because we are incompetent what's a query log? it's all your fault this is super urgent let's defer it ticket notes too long; didn't read21 -
PEOPLE. DO NOT LIE ON YOUR RESUME. IT. IS. NOT. WORTH. IT. Ok, backstory.
We had a guy apply for this position at work. It really needed to be filled but also required someone with just the right certifications, so hiring the first schmuck to come along Was not an option.
We search high and low and as time passes without an acceptable applicant we become more desperate and open to negotiation. Basically, you name your price, we’ll agree to it at this point.
So finally a guy comes in, got everything we need but one minor certification. No problem. He can get that on the job, he doesn’t need it to start. He’s hired.
So he quotes us a salary 10% above our top range of what we’d usually pay a guy for this position, we don’t care. He gets it. Plus a housing allowance.
So we’re getting him registered with a place to handle his certification process and they call his four year institution to verify his transcript. We work with hazardous materials and a four year degree in a relevant field is required. It’s standard for the certification training institution to check. Especially when it’s a prestigious big name place like this guy had. And here I used to think that was paranoid of them.
They call and tell us the school says they have no record of him. We do some digging. He was never registered there. I’m like “that’s not possible, his professor is a listed reference. We call that reference.
He worked on a project with this man, he never taught him. Is very fascinated to learn this man has been presenting himself as though he attended the university. Asks to be delisted as a reference.
So long story short it comes out this guy did have a degree in this field, just from a less prestigious university.
The insane thing is, he would’ve still gotten the same job and salary package if he’d been honest about his university!
It is a loss for all involved. He doesn’t have a job. We don’t have anyone working in this position. It’s really unfortunate. Don’t lie on your resume people. Your employer will find out and the risks are not worth the benefits.12 -
Before anyone starts going batshit crazy, this is NOT a windows hate post. Just a funny experience imo.
So I was tasked with installing ProxMox on a dedicated server at my last internship. The windows admin was my guider (he could also do debian). (he was a really nice/chill guy)
So we were discussing what VM's we wanted and the boss (really cool dude by the way) said he wanted a VPS for storing some company stuff as well. Fair enough, what would we use? I suggested debian and centos. Then we started discussing what we'd do if the systems would fuck up etc (at installation or whatever).
So I didn't wanna look like a Linux Nazi so I suggested windows. Then the happy/positive guider/windows admin suddenly became dead serious (I was actually like 'woah' for a second) and said this:
No. We're not going to fucking use windows for this. For general servers etc sometimes, fair enough but we're talking about sensitive company data here. I don't want that data to be stored on a proprietary/closed source system, hell what if there's some kinda fucking backdoor build in, who can fucking verify that? We're using Linux, end of discussion.
😓
I was pretty flabbergasted as he's a nice guy and actually really likes windows!
Linux it became.5 -
Disclaimer: I can't 'officially' verify this.
I've been using Firefox as main browser with about 5 addons for added privacy for ages now. When googles (fucking) reCaptcha takes more than a few minutes on Firefox (about 90 percent of the time, I'm estimating), I switch to Chromium (with the same amount of (similar) privacy addons) so I can go on with my stuff.
Now, I recently thought 'why not try to do user agent spoofing on Firefox to see if reCaptcha would start working 'normally'?
So, I installed a user agent spoofing addon on Firefox/Chromium, results:
Without spoofing:
Firefox reCaptcha success rate: 10 percent approx. (mostly 2+ minutes)
Chromium: 90 percent. (mostly instant)
With spoofing:
Firefox: 90 percent approx.
Chromium: 10-20 percent approx.
Again, I can't prove any of this yet but mother of fucking god, whenever using Chromium or spoofing Chromium on Firefox the succession rate skyrockets.
Google, what the fuck are you up to?12 -
Mac: Hello welcome please sign in
Dev: Fair enough
Mac: Oh you haven’t signed in in awhile please get get verification from other device
Dev: kk
Mac: Oh you don’t have a dev account, please sign in on this website
Dev: Hm.
Mac: In order to sign up for a dev account you need to download this app
Dev: ???
Mac: Are you sure you want to open this app you just downloaded?
Dev: Sigh.
Mac: In order to sign up for a dev account on this app you need to sign into it
Dev: For the love of god
Mac: Ok now you can build with Xcode.
Xcode: No you can’t. You have to sign in
Dev: fuck sakes.
Mac: Are you sure you want Xcode to access files on your computer?
Dev: …Yup
Xcode: Signing in isn’t enough you have to select the fact you are signed in a dropdown nested 3 menus deep.
Dev: God damn.
Xcode: Build failed please sign in to phone as well.
Phone: New sign in detected, please verify with alternative device.
Dev: Jesus.
Xcode: Build success! Pushing to iPhone.
Dev: Finally.
Xcode: Unknown error occurred. Please go to support.apple.com for help. :)
Dev: …23 -
Morning Deployment.
Me: Let's add this application to this server.
Deployer: Alright.
...
D: Done. Please verify.
Me: I'm seeing errors. Send me the logs.
D: Sure. I also updated the framework to a version that wasn't tested.
M: Yeah, that won't work. Roll it back.
D: Fine.
...
D: Done. Please verify.
M: All the applications on the box are broken. Please revert to the snapshot before the Deployment.
D: Oops, I didn't make one.
🙁😟😢😭😤1 -
Well, here's the OS rant I promised. Also apologies for no blog posts the past few weeks, working on one but I want to have all the information correct and time isn't my best friend right now :/
Anyways, let's talk about operating systems. They serve a purpose which is the goal which the user has.
So, as everyone says (or, loads of people), every system is good for a purpose and you can't call the mainstream systems shit because they all have their use.
Last part is true (that they all have their use) but defining a good system is up to an individual. So, a system which I'd be able to call good, had at least the following 'features':
- it gives the user freedom. If someone just wants to use it for emailing and webbrowsing, fair enough. If someone wants to produce music on it, fair enough. If someone wants to rebuild the entire system to suit their needs, fair enough. If someone wants to check the source code to see what's actually running on their hardware, fair enough. It should be up to the user to decide what they want to/can do and not up to the maker of that system.
- it tries it's best to keep the security/privacy of its users protected. Meaning, by default, no calling home, no integrating users within mass surveillance programs and no unnecessary data collection.
- Open. Especially in an age of mass surveillance, it's very important that one has the option to check the underlying code for vulnerabilities/backdoors. Can everyone do that, nope. But that doesn't mean that the option shouldn't be there because it's also about transparency so you don't HAVE to trust a software vendor on their blue eyes.
- stability. A system should be stable enough for home users to use. For people who like to tweak around? Also, but tweaking *can* lead to instability and crashes, that's not the systems' responsibility.
Especially the security and privacy AND open parts are why I wouldn't ever voluntarily (if my job would depend on it, sure, I kinda need money to stay alive so I'll take that) use windows or macos. Sure, apple seems to care about user privacy way more than other vendors but as long as nobody can verify that through source code, no offense, I won't believe a thing they say about that because no one can technically verify it anyways.
Some people have told me that Linux is hard to use for new/(highly) a-technical people but looking at my own family and friends who adapted fast as hell and don't want to go back to windows now (and mac, for that matter), I highly doubt that. Sure, they'll have to learn something new. But that was also the case when they started to use any other system for the first time. Possibly try a different distro if one doesn't fit?
Problems - sometimes hard to solve on Linux, no doubt about that. But, at least its open. Meaning that someone can dive in as deep as possible/necessary to solve the problem. That's something which is very difficult with closed systems.
The best example in this case for me (don't remember how I did it by the way) was when I mounted a network drive at boot on windows and Linux (two systems using the same webDav drive). I changed the authentication and both systems weren't in for booting anymore. Hours of searching how to unfuck this on windows - I ended up reinstalling it because I just couldn't find a solution.
On linux, i found some article quite quickly telling to remove the entry for the webdav thingy from fstab. Booted into a root recovery shell, chrooted to the harddrive, removed the entry in fstab and rebooted. BAM. Everything worked again.
So yeah, that's my view on this, I guess ;P31 -
I had a prospective employer be late to every single interview we had scheduled. I tried to give them the benefit of the doubt, but they simply didn’t value my time.
I was in the process of moving and a recruiter called me to tell me a job I had been submitted for wanted to do a phone interview that day. Even though I was driving across the country in a box truck, I agreed to the interview. We arranged for the employer to call me at 2 PM. I figured it would give me a break from driving in the middle of the day anyway.
I pulled over at 1:45 and waited. At 2:15 I called the recruiter to verify the time. He said he would get in contact with the employer and call me back. At 2:45 I called the recruiter and told him I needed to get back on the road and we’d have to reschedule.
We rescheduled the call for a few days later at 1 pm. This time I got the phone number of the employer, so at 1:15 I called him. He apologized and said he lost track of time. Whatever, let’s just get this interview going.
He liked me on the phone, so he wanted to meet in person the next day. I was a bit irritated by the situation, but I was trying to give them the benefit of the doubt.
I showed up for my in person interview 15 minutes early and checked in with the receptionist. 30 minutes later I asked the receptionist when they were going to be with me as my interview was supposed to start 15 minutes ago. I was finally seen 5 minutes after that.
The interview was supposed to be a several hour affair where they were going to have me sign an NDA and show me some of the issues they were having to see if I could solve them. I had cleared my scheduled meetings for the afternoon so I could attend this lengthy interview.
After about 45 minutes of interviewing, the manager suddenly said that they needed to cut the interview short because he had just realized they needed to get something done that afternoon. He asked me if I would come back the next day to finish the interview.
I shook his hand and left, shaking my head the entire time. When I called my recruiter after I had calmed down, I let him know that I would under no terms be interested in a job with them. If they refused to acknowledge my time was worth something as a candidate, they would never respect it as an employee.
They still offered me the job and couldn’t fathom why I was upset about the situation. I’m very glad I didn’t take that job.4 -
I think the coolest project I did was a few years ago, it was actually a Minecraft plugin.
I decided to learn Java for Minecraft, and a few months after I started learning Java, I was approached by someone who'd like to work with me to create this full-blown Gun Game style gamemode for Minecraft. I made it clear I didn't have the most knowledge, but I was willing to learn.
We began working on the project, the projects main class was bigger than any project I had worked on. Within a few months, it became one of the more popular plugins out there, even though we were still in an alpha mode. Had nearly 1,000 servers running the plugin, over 10k+ players total testing out the plugin.
Cause of this project, I learnt how to properly organize my code, how to make it efficient, learnt how to network, learned how to properly secure and verify anything being sent by the client, working with dependencies, adding features that can support a bunch of other plugins that other developers had, and a bunch more.
Sadly we couldn't finish the plugin anymore, so we gave someone else the source code who has kept it updated to this day. (I know I didn't provide much insight into what I'm saying and just gave a general overview, got a killer headache.)2 -
It's funny to see how a coworker of mine and me are very similar minded on some privacy stuff. He's a very cool/open guy and just a regular consumer (used the default services etc) but he shares quite some of my views. This is a convo we had today:
*got to the WhatsApp subject somehow*
Him: oh right, you didn't use that haha
Me: yeah 😅
Him: why was that again, privacy reasons or something, right? xD
Me: uhm yes *help*
Him: Well fair enough.
Me: so you'd think I'm right? I mean it uses end to end crypto... (I'm entirely with him in the next few lines but I always approach it carefully)
Him: they veeeery probably have some kinda fucking masterkey.
Me: why'd you think that?
Him: it has over a billion users, the owner is facebook, fb is directly integrated with several mass surveillance programs, they are known to work closely with one particular one, the intelligence interests are way too high for letting such an opportunity pass and after all, THE FUCKER IS CLOSED SOURCE AKA NO ONE CAN FUCKING VERIFY THE CRYPTO NOR THE APP ITSELF.
Me: I agree haha 😅
Him: it's not rocket science, it's modern day mass tracking/surveillance logic :)
I like that guy.5 -
Much-security.nl is down.
No, no hack or whatsoever. I just reinstalled the wrong server through my control panel.
The new blog version will hopefully be up tonight. 'you keep promising that' - I don't have a backup of the old version and I only just started using git so I can only upload the new version (or git pull). Next to that, except for the front-end, everything works now.
😐23 -
When you login to a server through ssh for the first time with a specific domain or up address, you get a prompt asking to verify a signature with yes or no (on Linux at least).
That often goes well but sometimes when I already did that....:
ssh user@server
*types yes automatically and presses enter...........*
Neeeeeeeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaammmmmmmmmmmm:
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes^C
user@server: ~$
user@server: ~$ ^C
user@server: ~$ ^C
user@server: ~$ ^C
user@server: ~$ ^C
user@server: ~$ ^C
Nooooo not again 😅13 -
I've had many, but this is one of my favorite "OK, I'm getting fired for this" moments.
A new team in charge of source control and development standards came up with a 20 page work-instruction document for the new TFS source control structure.
The source control kingpin came from semi-large military contract company where taking a piss was probably outlined somewhere.
Maybe twice, I merged down from a release branch when I should have merged down from a dev branch, which "messed up" the flow of code that one team was working on.
Each time I was 'coached' and reminded on page 13, paragraph 5, sub-section C ... "When merging down from release, you must verify no other teams are working
on branches...blah blah blah..and if they have pending changes, use a shelfset and document the changes using Document A234-B..."
A fellow dev overheard the kingpin and the department manager in the breakroom saying if I messed up TFS one more time, I was gone.
Wasn't two days later I needed to merge up some new files to Main, and 'something' happened in TFS and a couple of files didn't get merged up. No errors, nothing.
Another team was waiting on me, so I simply added the files directly into Main. Unknown to me, the kingpin had a specific alert in TFS to notify him when someone added
files directly into Main, and I get a visit.
KP: "Did you add a couple of files directly into Main?"
Me:"Yes, I don't what happened, but the files never made it from my branch, to dev, to the review shelfset, and then to Main. I never got an error, but since
they were new files and adding a new feature, they never broke a build. Adding the files directly allowed the Web team to finish their project and deploy the
site this morning."
KP: "That is in direct violation of the standard. Didn't you read the documentation?"
Me: "Uh...well...um..yes, but that is an oddly specific case. I didn't think I hurt any.."
KP: "Ha ha...hurt? That's why we have standards. The document clearly states on page 18, paragraph 9, no files may ever be created in Main."
Me: "Really? I don't remember reading that."
<I navigate to the document, page 18, paragraph 9>
Me: "Um...no, it doesn't say that. The document only talks about merging process from a lower branch to Main."
KP: "Exactly. It is forbidden to create files directly in Main."
Me: "No, doesn't say that anywhere."
KP: "That is the spirit of the document. You violated the spirit of what we're trying to accomplish here."
Me: "You gotta be fracking kidding me."
KP grumbles something, goes back to his desk. Maybe a minute later he leaves the IS office, and the department manager leaves his office.
It was after 5:00PM, they never came back, so I headed home worried if I had a job in the morning.
I decided to come in a little early to snoop around, I knew where HR kept their terminated employee documents, and my badge wouldn't let me in the building.
Oh crap.
It was a shift change, so was able to walk in with the warehouse workers in another part of the building (many knew me, so nothing seemed that odd), and to my desk.
I tried to log into my computer...account locked. Oh crap..this was it. I'm done. I fill my computer backpack with as much personal items as I could, and started down the hallway when I meet one of our FS accountants.
L: "Hey, did your card let you in the building this morning? Mine didn't work. I had to walk around to the warehouse entrance and my computer account is locked. None of us can get into the system."
*whew!* is an understatement. Found out later the user account server crashed, which locked out everybody.
Never found out what kingpin and the dev manager left to talk about, but I at least still had a job.15 -
1. I wish that people start taking back their device ownership. Right to repair is an extremely important thing. Like that Nexus 6P that I've recently repaired by jamming another battery into it, now it's at 110-ish% health according to AccuBattery. And it cost me.. €10 or so? All the while if I wasn't able to get in there, it would've been a €120 paperweight (and that's not even considering the €300-ish (? Someone please fill me in on that) price it retailed at back in 2015 when it was a flagship).
(edit the so many'th: according to https://express.co.uk/life-style/... the base model was apparently £449 at release, haven't been able to verify it though.. point is, a paperweight at such prices would've been quite a bummer, I mean for me it was even one given that it failed a mere few months after purchase for €120.. €40/m for a phone ain't nothing :/)
Right to repair is an extremely important thing, and the ability to do so shouldn't ever be impeded. Users should become able again to service the devices that they own.
2. I wish that people start caring about their privacy again. Google and Facebook and the likes are large companies, but at the end of the day, that's all they are. Large companies. And they're hungry for your data, not because they're selling it, rather because they're collecting it to an extent which they shouldn't. Over at DDG (https://spreadprivacy.com/duckduckg...) they explain a very much viable alternative revenue model pretty well. Additionally, there's several tools which you can use to limit the amount of data that's being collected about you. These include but are not limited to Firefox, NoScript, ad blockers (I personally use uBlock), a trustworthy VPN (ideally one of your own), and Tor.
3. I wish that software would become less inefficient. It really pains me to see that applications with functionality that could be implemented in a couple of MB at most come at a size of several hundreds of MB. 1% efficiency, even the inefficient as fuck tungsten light bulbs weren't that awful!!! Imagine what could be done with all the hardware we have available nowadays, if every piece of software would be around 80% efficient as is a common norm in electronics. Just looking at Linux which is still in many ways convoluted, modern desktops with a couple hundred MB of RAM usage? You've got it! So why can't OS's like Windows (although I have to say, huge improvements have been made there over the last few years) and browsers like Firefox and Chrome be more like that? I really don't understand.
There's several more wishes I have of course, but those are the most important ones.. hopefully I'll be able to see at least one of them come true during my life.10 -
Normally when someone calls in and I pick up, they either don't call from an authorized number and get mad when we I don't give information, ask for advice and then say that it isn't logical and ask for a different answer or are just stubborn as a motherfucker.
Then I suddenly get a call from someone who I can verify easily, listens carefully to my answers and thanks me in the end.
Where can I get more of those clients?!15 -
One:
Had a stack of harddrives with my important data, two USB drives and a 4.7gb disc, two or three cloud storage accounts.
Needed a restore:
Knocked the stack of hard drives onto the floor (all broken), stood on one of the flash drives, found the other one in a pocket of a pair of trousers which just came out of the washing machine, dvd too scratched to read and couldn't verify my cloud storage account because I lost the password to the connected email account and the backup email account to verify that one didn't exist anymore. Fucking hell.
Two:
Production database with not that much yet but at least some production data which wasn't backupped.
Friend: can I reboot the db machine?
Me: yup!
Friend: what's the luks crypt password?
Me: 😯😐😓😫😲😧😭
End of story 😅
For the record, the first one actually happened (I literally cried afterwards) and that taught me to update my recovery email addresses more often!9 -
Boss hands over to me an old security audit report and tells me "Go through this and check if all the problems mentioned have been resolved". Quick glance through the report shows all expected issues - SQLi, plaintext transmission and storage etc. I tell him that I need access to the application both from admin and a user with restricted privileges.
He hands me the admin credentials and tells me, "After you login in, just go the "Users" tab. You'll find the profiles of all the users there. You can get the emails and passwords of any user you want from there."
I had to hold back a chuckle. There's nothing to verify. If they haven't resolved storing plain text passwords in the database (AND displaying it IN PLAIN TEXT in the website itself (which to my surprise wasn't mentioned in the audit)), they probably haven't even looked at the report.2 -
Me and co-worker troubleshooting why he can't run the docker container for database.
Me: Check if the port is busy.
Co-worker: To my knowledge, it isn't.
Me: Strange, it just works fine for me and everyone else.
Me: And you're sure you didn't already start it previously?
*We verify that it isn't running*
Me: I'm pretty sure the port is busy from that error message. Try another port.
Co-worker: Already did, it didn't work.
Me: And by any chance restarting your machine won't solve anything?
*It doesn't solve anything*
Me: Alright, I have some work to do, but I'll get back to this. Tell me if you find a solution.
Co-worker: Alright.
*** Time passes, when I get back he has switched to windows, dualboot, same machine ***
Me: I don't think you'll have a better time running the docker image on windows.
Co-worker: Oh, that's not what I'm looking for. You see, I had a database on my windows partition recently and I thought maybe thats why it won't start.
Me (screaming internally) : WTF ARE YOU STUPID, WINDOWS AND LINUX ISNT RUNNING AT THE SAME FUCKING TIME.
Me (actually saying): I don't think computers work like that.
Co-worker: My computer is magical. It does strange things.
Me: That's a logical conclusion.
*** More time passes ***
Co-worker solves the problem. The port was busy because Ubuntu was already running PostgreSQL on that port.
Third co-worker shimes in: Oh yeah, I had the exact same problem and it took me a long time to solve it.
Everyone is sitting in arms reach of each other.
So not only was I right from the start. Someone else heard this whole conversation and didn't chime in with his solution. And the troubleshooting step of booting into windows and looking if a database is running there ???? Wtf
Why was I put on this Earth?6 -
Spotify just asked me for my ZIP code (to verify my family plan again after like a year).
I typed 00000 and they accepted that 🤔8 -
For a week+ I've been listening to a senior dev ("Bob") continually make fun of another not-quite-a-senior dev ("Tom") over a performance bug in his code. "If he did it right the first time...", "Tom refuses to write tests...that's his problem", "I would have wrote the code correctly ..." all kinds of passive-aggressive put downs. Bob then brags how without him helping Tom, the application would have been a failure (really building himself up).
Bob is out of town and Tom asked me a question about logging performance data in his code. I look and see Bob has done nothing..nothing at all to help Tom. Tom wrote his own JSON and XML parser (data is coming from two different sources) and all kinds of IO stream plumbing code.
I use Visual Studio's feature create classes from JSON/XML, used the XML Serialzier and Newtonsoft.Json to handling the conversion plumbing.
With several hundred of lines gone (down to one line each for the XML/JSON-> object), I wrote unit tests around the business transaction, integration test for the service and database access. Maybe couple of hours worth of work.
I'm 100% sure Bob knew Tom was going in a bad direction (maybe even pushing him that direction), just to swoop in and "save the day" in front of Tom's manager at some future point in time.
This morning's standup ..
Boss: "You're helping Tom since Bob is on vacation? What are you helping with?"
Me: "I refactored the JSON and XML data access, wrote initial unit and integration tests. Tom will have to verify, but I believe any performance problem will now be isolated to the database integration. The problem Bob was talking about on Monday is gone. I thought spending time helping Tom was better than making fun of him."
<couple seconds of silence>
Boss:"Yea...want to let you know, I really, really appreciate that."
Bob, put people first, everyone wins.11 -
Guy: We should build a Blockchain based review website.
Me: Why does it have to use a Blockchain?
Guy: That way we can verify that only real people are leaving reviews and not bots.
Me: That's not really how Blockchains work.
Guy: Blockchain!5 -
To whoever messed with my devrant-client tests by constantly downvoting the posts and them being hidden from the API, you're a cunt and I hope you break your neck falling out a 12 story building. :)
Here's the final test to verify shit works too: https://devrant.com/feed/recent
Edit: it works, get fucked you humid piece of shit.
Edit2: To give context to whoever might be subscribed to me and might or might not have been bombed with notifications:
Was working on the plugin system for the devrant client and async was giving me hell, the links I posted were to test the plugin that first has to execute a $.get and only then can return a linkified rant-text.10 -
I'm freaking the fuck out.
After months of learning from bootcamp and on my own, after a month of no resumes replied to, after almost giving up I finally got a job opportunity in front-end web development.
The thing is, I have to pass their online test to verify my JavaScript-fu.
3 hours.
4 tasks.
And I feel like garbage who can't understand even the most basic algorithms.
By the power of Grayskull, I don't think I have the power...
Wish me luck.16 -
I used PHPMailer to send emails to a client's website user. SMTP host is smtp.gmail.com.
web was hosted on Bluehost. I found out that mailer was not working. I enabled verbose output and to my surprise I found out that Bluehost was intercepting my mail and responding with
220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail
when i was explicitly using smtp.gmail.com. Not only they were intercepting but also They were trying my credentials against its own smtp server and then showing me that authentication failed.
When i contacted chat they asked me to tell last 4 characters of Bluehost account password to verify ownership.
Dude do they have passwords in plaintext.🤔5 -
There was a time I made an update on one of our client's e-commerce website sign-up page. The update caused a bug that allowed new users to create an account without actually creating an account.
The code block meant to save user credentials (i.e email address and password) to the database was commented out for some reasons I still can't remember to this day. After registration new users had their session created just as normal but in reality they have no recorded account on the platform. This shit went on like this for a whole week affecting over 350 new customers before the devil sent me a DM.
I got a call from my boss on that weekend that some users who had made purchases recently can't access their account from a different device and cannot also update their password. Nobody likes duty calls on a weekend, I grudgingly and sluggishly opened up my PC to create a quick fix but when I saw what the problem was I shut down my PC immediately, I ran into the shower like I was being chased by a ghost, I kept screaming "what tha fuck! what tha fuck!!" cus I knew hell was about to break loose.
At that moment everything seemed off as if I could feel everything, I felt the water dripping down my spine, I could hear the tiniest of sound. I thought about the 350 new customers the client just lost, I imagined the raving anger on the face of my boss, I thought about how dumb my colleagues would think I was for such a stupid long running bug.
I wondered through all possible solutions that could save me from this embarrassment.
-- "If this shitty client would have just allowed us verify users email before usage things wouldn't have gotten to this extent"
-- "Should I call the customers to get their email address using their provided telephone?... No they'd think I'm a scammer"
-- "Should I tell my boss the database was hacked? Pffft hack my a**",
-- "Should I create a page for the affected users to re-verify their email address and password? No, some sessions may have expired"
-- "Or maybe this the best time to quit this f*ckn job!"
... Different thoughts from all four corners of the bathroom made it a really long bath. Finally, I decided it was best I told my boss what had happened. So I fixed the code, called my boss the next day and explained the situation on ground to him and yes he was furious. "What a silly mistake..!" he raged and raged. See me in my office by Monday.
That night felt longer than usual, I couldn't sleep properly. I felt pity for the client and I blamed it all on myself... yeah the "silly mistake", I could have been more careful.
Monday came boss wasn't at the office, Tuesday, Wednesday, Thursday, Friday not available. Next week he was around and when we both met the discussion was about a different project. I tried briefing him about last week incident, he seems not to recall and demands we focus on the current project.
However, over three hundred and fifty customers swept under the carpet courtesy of me. I still felt the guilt of that f*ck up till this day.1 -
Just wrote a (PHP based) proxy which can cache resources being requested and serve them to clients.
The idea is that (I'm going to write a firefox add-on for it too, yes) you can install the add-on and any resource (js/CSS, general web resources which would be downloaded off of googleapi's etc) hosted with Google would be proxied through the server running the proxy, meaning that one wouldn't have to connect to the mass surveillance networks directly anymore as for static resources.
I think checksum verify stuff would still work as the proxy is literally a proxy, the content will be identical to the 'real' resource. (Not sure about this one, enlighten me if this isn't true)
Input appreciated!17 -
User: Bobby, please update this quality controlled document because I screwed it up.
Me: No there is a process for a reason, multiple people need to sign off on this. Also, we talked about this exact issue a year ago that you did not fix.
User: But its a minor change, several hyperlinks in the Word document need adjusted.
Me: Ok, you do it and submit it through the process again.
User: Can you make the changes to the document? It will take me forever and I'm very busy. I know you can do it much quicker than I can.
Me: I really don't want to edit this document myself. It doesn't apply to my job at all and I cannot verify any of the changes would be correct.
User: Oh it's fine. Make the changes and I'll look over it.
...
I hate my job sometimes.9 -
The solution for this one isn't nearly as amusing as the journey.
I was working for one of the largest retailers in NA as an architect. Said retailer had over a thousand big box stores, IT maintenance budget of $200M/year. The kind of place that just reeks of waste and mismanagement at every level.
They had installed a system to distribute training and instructional videos to every store, as well as recorded daily broadcasts to all store employees as a way of reducing management time spend with employees in the morning. This system had cost a cool 400M USD, not including labor and upgrades for round 1. Round 2 was another 100M to add a storage buffer to each store because they'd failed to account for the fact that their internet connections at the store and the outbound pipe from the DC wasn't capable of running the public facing e-commerce and streaming all the video data to every store in realtime. Typical massive enterprise clusterfuck.
Then security gets involved. Each device at stores had a different address on a private megawan. The stores didn't generally phone home, home phoned them as an access control measure; stores calling the DC was verboten. This presented an obvious problem for the video system because it needed to pull updates.
The brilliant Infosys resources had a bright idea to solve this problem:
- Treat each device IP as an access key for that device (avg 15 per store per store).
- Verify the request ip, then issue a redirect with ANOTHER ip unique to that device that the firewall would ingress only to the video subnet
- Do it all with the F5
A few months later, the networking team comes back and announces that after months of work and 10s of people years they can't implement the solution because iRules have a size limit and they would need more than 60,000 lines or 15,000 rules to implement it. Sad trombones all around.
Then, a wild DBA appears, steps up to the plate and says he can solve the problem with the power of ORACLE! Few months later he comes back with some absolutely batshit solution that stored the individual octets of an IPV4, multiple nested queries to the same table to emulate subnet masking through some temp table spanning voodoo. Time to complete: 2-4 minutes per request. He too eventually gives up the fight, sort of, in that backhanded way DBAs tend to do everything. I wish I would have paid more attention to that abortion because the rationale and its mechanics were just staggeringly rube goldberg and should have been documented for posterity.
So I catch wind of this sitting in a CAB meeting. I hear them talking about how there's "no way to solve this problem, it's too complex, we're going to need a lot more databases to handle this." I tune in and gather all it really needs to do, since the ingress firewall is handling the origin IP checks, is convert the request IP to video ingress IP, 302 and call it a day.
While they're all grandstanding and pontificating, I fire up visual studio and:
- write a method that encodes the incoming request IP into a single uint32
- write an http module that keeps an in-memory dictionary of uint32,string for the request, response, converts the request ip and 302s the call with blackhole support
- convert all the mappings in the spreadsheet attached to the meetings into a csv, dump to disk
- write a wpf application to allow for easily managing the IP database in the short term
- deploy the solution one of our stage boxes
- add a TODO to eventually move this to a database
All this took about 5 minutes. I interrupt their conversation to ask them to retarget their test to the port I exposed on the stage box. Then watch them stare in stunned silence as the crow grows cold.
According to a friend who still works there, that code is still running in production on a single node to this day. And still running on the same static file database.
#TheValueOfEngineers2 -
The PCs in our school have a software called "Dr. Kaiser" which purpose is to prevent changes to the disk. I thought it's working like DeepFreeze for OSX devices; having a copy-on-write feature or something like that. One day a friend of mine (kinda newbie in hacking) said he wanted to create a backdoor in the system so you can login as the local administrator of the device. He replaced the "sethc.exe" in the windows directory with cmd.exe on a live distro and claimed it was working perfectly. It turned out that "Dr. Kaiser" is indeed loading the default image on startup, but doesn't verify checksums for system files (and also doesn't include the files in the default image). Long story short: You now can open a cmd with System permissions on every PC in the building.
This. Is. Stupid. It should be forbidden to sell this software 😖6 -
Other services : Please type your phone number to verify that it is you. It will be only used for verification process.
Me : Sure, why not? (Happily types in my number)
Facebook : Please type your phone number to verify that it is you.
Me : Hmmm (sees help)
Facebook : It will be used for verification process and will be visible to your friends. You can always change the scope settings.
Me : (reads as...) It will be used for verification process and will be visible to your friends and will be automatically sent to the NSA for free. You can always change the scope settings when you become the CEO of Facebook.
#deletefacebook -
Only slightly tech related. So proud of my mom.
Many years ago I helped her create a Facebook account. As it happens with most older people, she started sharing false news that she saw on her network.
So I taught her how to verify. Reverse image search. To google it and if no real news site talked about it, it was fake.
Anyway, she listened and started learning.
Now she is telling people when they are posting something untrue and I even taught her how to report false news posts.1 -
Wanna attend the developer conference?
White and male? Pay half a grand.
Female? Black? LGBTQIA? You get a free ticket!
Seriously, how would they verify if you are gay?
It appears to me that it's easily exploitable.51 -
Never assume you know better
Never assume others know better
Never assume others know
Never assume
Trust, but verify [doveriaj, no proveriaj]6 -
I was working for a startup that needed to update 300 machines that had just come from the factory. We had to open all 300 boxes and update them one at a time. I made a simple script that would run a folder full of shell scripts then keep track of what it ran so it would not run the same script twice. It made it so we could just plug the machines into the internet, they would query some server, download my program, and run it. It saved me from having to ssh into every machine and run commands. Well the head programmer guy saw what I did and implemented it as the main program that would update the entire machine. I didn't program anything into it to verify updates, the shell scripts did not return any indication of success or failure, and I made it in less than 3 hours. It was supposed to be a temporary program to be used for those 300 machines only, but ended up sticking around for 2 years.1
-
I think we're going two sides:
For one, more and more technology is being developed/engineered which is even more and more and more intrusive as for personal privacy, I'm genuinely worried how this'll go as privacy isn't just a about not exposing certain things like passwords/bank account details and so on, it's also about being an individual who has their own thoughts, opinions and so on. If we keep taking that away more and more often, society will change and go towards the Orwell scenario (we're on our way there right now). We can change this as software/design/server engineers but that's up to us and I sadly don't see that happening quickly, also due to the 'nothing to hide' bullshit.
Second one is that were going more and more towards open source.
This is a good thing as this:
- gives freedom to devs around the world to improve software and/or modify it to suit their needs.
- gives people the opportunity to look through the source code of softwares in order to verify it as for backdoors and find security vulnerabilities which otherwise can remain hidden for the general public while spying agencies have way more resources to go vulnerability hunting.
For the people who think this isn't a good idea (even more open source), without it we'd be completely fucked as for moving forward/security/privacy. (I can give examples if wanted).4 -
Two years ago: company exec (Mac fan) buys a Surface Pro to show off our .NET application to customers as he travels. Hands it to me (I build releases) and I iron out a few Win 8 bugs since we'd always used Win 7 before. Get it set up, get to like the device a little, he takes it home... and returns it within 24 hours because he didn't mesh well with Windows. (Again, Mac user.)
8 months later he buys a Surface Pro again. I install our latest release, verify that everything is working as expected with hardware we normally don't use, and give him a controlled setup that will just work when he's at a customer site. Once again, he returns the Surface within 24 hours because he can't get used to Windows.
At least we verified Windows 8 compatibility, I guess.1 -
!!oracle
I'm trying to install a minecraft modpack to play with a friend, and I'm super psyced about it. According to the modpack instructions, the first step is to download the java8 jre. Not sure if I actually need it or not, but it can download while I'm doing everything else, so I dutifully go to the download page and find the appropriate version. The download link does point to the file, but redirects to a login page instead. Apparently I need an oracle account to download anything on their site. stupid.
So I make an account. It requires my life story, or at least full name and address and phone number. stupid. So my name is now "fuck off" and I live in Hell, Michigan. My email is also "gofuckyourself" because I'm feeling spiteful. Also, for some reason every character takes about 3/4ths of a second to type, so it's very slow going. Passwords also cannot contain spaces, which makes me think they're doing some stupid "security" shenanigans like custom reversible encryption with some 5th grade math. or they're just stupid. Whatever, I make the stupid account.
Afterwards, I try to log in, but apparently my browser-saved credentials are wrong? I try a few more times, try enabling all of the javascripts, etc. No beans. Okay, maybe I can't use it until I verify the email? That actually makes some sense. Fine, I go check the throwaway inbox. No verification email. It's been like five minutes, but it's oracle so they probably just failed at it like everything else, so I try to have them resend the email. I find the resend link, and try it. Every time I enter my email address, though, it either gives me a validation error or a server error. I try a few mores times, and give up. I try to log in again; no dice. Giving up, I go do something else for awhile.
On a whim later, I check for the verification email again. Apparently it just takes bloody forever, but it did show up. Except instead of the first name "Fuck" I entered, I'm now "Andrew", apparently. okay.... whatever. I click the verify button anyway, and to my surprise it actually works, and says that I'm now allowed to use my account. Yay!
So, I go back to the login page (from the download link) and enter my credentials. A new error appears! I cannot use redirects, apparently, and "must type in the page address I want to visit manually." huh? okay, i go to the page directly, and see the same bloody error because of course i do because oracle fucking sucks. So I close the page, go back to the download list, click the link, wait for the login page redirect (which is so totally not allowed, apparently, except it works and manual navigation does not. yay backwards!), and try to log in.
Instead of being presented with an error because of the redirect, it lets me (try to) log in. But despite using prefilled creds (and also copy/pasting), it tells me they're invalid. I open a new tab container, clear the cache (just to be thorough), and repeat the above steps. This time it redirects me to a single signon server page (their concept of oauth), and presents me with a system error telling me to contact "the Administrator." -.- Any second attempts, refreshes, etc. just display the same error.
Further attempts to log in from the download page fail with the same invalid credentials error as before.
Fucking oracle and their reverse Midas touch.10 -
So I just created this Registration GUI (part of a bigger app) for my uni project and was demonstrating how good the app was to all my friends.
Suddenly someone came and said let me verify this. I said go on with a doubtful mind. Obviously I had some verification for all the fields in the GUI but I was closely watching him.
He signed up with this email: " @ . "
😞10 -
I've just noticed an app review that I've given and would fit right into the wk123 (that's the insult one, right?).
"Biggest pile of junk that I've ever seen. You have one job! To register the fucking phone number (which you could get with Phone permission) and verify it (which you can do with the SMS permission) and you should either have the user do that once upon installation or you automate it entirely so that it can run in the background! You can fully automate this, and it's not that complicated that it needs 10 whole seconds of loading time in between! Heck, this pile of crap can't even continue into the main view after entering the verification code! You haven't published the source code (and maybe that's for the best) but if it was, I'd probably immediately get cancer by viewing your crappy spaghetti code. Dear developer, please take a step back and (re)join the PC tech support guys. You have no place in the development world."
To top it all off, that app currently only needs phone permission to verify my number (at least they've done that much). So I figured, I've already gone through that authentication flow so let's remove that permission to abide by the principle of least privilege.
Except that the fucking crapp just goes through the "requires phone permission" shit again whenever that permission removal happens. Fucking piece of garbage!!! That such spaghetti code fuckers even have a job, it boggles my mind.4 -
Before shutting something down, verify that its the right one ;)
A colleague was testing some performance setting on a server and needed to restart the network driver so he disabled it and was going to enable it when the remote session died ;)
Fast 30 min trip to the datacenter to enable network card.2 -
Let me paint you a picture.
It's the day after code freeze. Code has been branched. It's time once again to verify tickets and run smoke check so we can begin our 3 days of blitz testing before we deploy.
As a team we all have roles to play in this process. Yet, every stinking release it is like pulling teeth to get everyone to take the initiative and verify tickets and run smoke check. Our principled engineer even reached his limit this morning and blew up on everyone.
When you are being paid good money to do a job, you need be an adult, be responsible, step up and do your job!2 -
Amazon: you're logged into 53 devices.
Me: ooooh Kay, since when do I have that many devices. let's sign out of em all and change the password for some piece of mind.
Spongebob: * a few hours past *
Spam email: someone in the US has logged into your account - click here to verify through some random URL that doesn't even contain "Amazon" in it 🥳
-
I suddenly have that feeling Amazon sells you're account setting changes and not just your personal details.3 -
Fucking IT and their self signed corporate proxy SSL bullshit getting in the way of anything that needs to verify SSL requests,
Fuck you for making my day a slow and miserable day and having to resort to forcing rest apis and SDKs to work over HTTP instead, all in the name of “Security”.2 -
Stakeholder: In user profiles, I want users to be able to renew gift memberships for their giftee.
Me: ???
SH: For example, if I buy a gift membership for you and it expires or is about to expire, then I want to be able to renew it for you.
Me: Typically, gifts aren’t the gifter’s responsibility to manage. There’s no reason for you to be able to manage my membership from your account, even if just to renew. You’re opening up Pandora’s box here. If you let users renew for giftees, you’ll eventually have a user ask if they can cancel the giftee’s membership because they got into a fight and want to stick it to the giftee.
SH: But our users aren’t using the gift membership sales flow correctly. That results in all sorts of data issues for our reporting services and we spend so much time fixing it by hand.
Me: Your sales flow is confusing. The website asks users to verify membership for a giftee in case the giftee has or had a membership. How it the gifter supposed to know that? You’re trying to make things easier for you, but you’re expecting the user to know that and comply. That’s unrealistic.
SH: But there must be a something you can do.
Me: No.9 -
SM = Scrum Master
SM: "Card #130, you added a comment saying you aren't going to do update the report?"
Me:"Yea, I explained why in the comment"
SM: "Product owner wants it."
Me: "Product owner isn't the manager using it. I talked with Steve, he said the data is accurate and they have to go to the database anyway to verify the error. That report has no way of knowing the message logged could be a false positive."
SM: "That's not our job to decide. If the Product Owner wants the feature, we add the feature."
Me: "It is absolutely is our job. Steve is the user of the report. I could really care less what the product owner said. The only reason he created the card was because Steve told him a specific error logged could be a false positive, and only happens, maybe, once a month. I'm not wasting my time, Steve's time, or this project's time on wild goose chases."
SM: "I'll schedule a meeting this afternoon to discuss the issue with the product owner. Don't worry, if you can't figure out how to filter out the false positives, I'll assign the ticket to me."
fracking fracking kiss ass. I swear, if he goes behind my back again ....I... deep breath....ahhh...OK..Thanks devrant. Work place incident diverted.6 -
Starting my new bot experience together with Discord.
Discord is kinda easier than LINE. You had to create facebook accounts or fake lots of telephone numbers to be able to verify your bot account. They also kept changing the endpoints to avoid people using their bots.
Discord is the opposite. Discord loves bots. And that's why I start feeling love towards Discord.8 -
Funny thing just happened. I called my bank to verify my card with Apple Pay. Here’s how it went:
> Calls bank with number supplied by phone.
> “Thank you for calling [Bank] Bank!”
> ...
> A minute passes and still ringing
> wtf.jpg
> About thirty seconds in and the ring seems fainter than before.
> [2:00] is it just me or is my speaker dying...
> [3:00] no, it’s definitely getting quieter.
> [3:30] why is no one picking up???
> [4:00] now it’s so bad I have to hold it to my ear
> [4:30] now it’s blending in with the white noise
> [4:45] yeah, no. This is only static now.
> [5:00] this’ll be good for DevRant...
> calls again
> same thing happens
> ohwell.mov
Let’s try again tomorrow, I guess.
Edit: like always, I forgot the picture9 -
In the before time (late 90s) I worked for a company that worked for a company that worked for a company that provided software engineering services for NRC regulatory compliance. Fallout radius simulation, security access and checks, operational reporting, that sort of thing. Given that, I spent a lot of time around/at/in nuclear reactors.
One day, we're working on this system that uses RFID (before it was cool) and various physical sensors to do a few things, one of which is to determine if people exist at the intersection of hazardous particles, gasses, etc.
This also happens to be a system which, at that moment, is reporting hazardous conditions and people at the top of the outer containment shell. We know this is probably a red herring or faulty sensor because no one is present in the system vs the access logs and cameras, but we have to check anyways. A few building engineers climb the ladders up there and find that nothing is really visibly wrong and we have an all clear. They did not however know how to check the sensor.
Enter me, the only person from our firm on site that day. So in the next few minutes I am also in a monkey suit (bc protocol), climbing a 150 foot ladder that leads to another 150 foot ladder, all 110lbs of me + a 30lb diag "laptop" slung over my shoulder by a strap. At the top, I walk about a quarter of the way out, open the casing on the sensor module and find that someone had hooked up the line feed, but not the activity connection wire so it was sending a false signal. I open the diag laptop, plug it into the unit, write a simple firmware extension to intermediate the condition, flash, reload. I verify the error has cleared and an appropriate message was sent to the diagnostic system over the radio, run through an error test cycle, radio again, close it up. Once I returned to the ground, sweating my ass off, I also send a not at all passive aggressive email letting the boss know that the next shift will need to push the update to the other 600 air-gapped, unidirectional sensors around the facility.11 -
We should disable the “verify that you are a human” captcha for a day and see if aliens try to contact us via internet.3
-
Had an idea for an app. I started writing the prototype in Node since I just had a simple API in mind. Wanted to have some very basoc crud functionality going and then hook up a nice interface to it. It has to do with logistics and analytics so I just wanted to start sketching something small, and being that i have been successful in doing an API like this in the pass with node and mongo for a local company I said why not.
I have finished a good chunk of it. Gotta love that js productivity. But what tripped me out about it was:
Check how big the folder size is: 387mb
EXCUSE ME??!!
I tripped, there was no way in hell this shit was that heavy. I am basically using Koi(to give it a whirl instead of express, gotta start testing koi sometimes right?) And some joi with morgan and winston. That is it. I am using mongo since legit its the only one i know, even with that there really can't be that much right?
Check node_modules size.....10mb....wtf? What
Wait
Did it?
Sure as shit....forgot that i was storing the mongo data folder inside the app's root folder.
This would have been nothing if it would have taken me 30 seconds to figure it out.
I was losing my mind for 30 mins before i decided to properly verify
I need some sleep5 -
Fuck recruiters, they are the scum of the earth. I just had one contact me out of the blue about two opportunities with companies I'd never heard off. As I knew nothing about the companies I started asking questions around who they were and what they were looking to do. He suddenly gets all defensive and refuses to answer my questions, then follows up with an email accusing me of being an "underhanded recruiter" looking to poach his clients. Sorry mate, you got in contact with me you absolute fuckwit. Without people like us you wouldn't even have a bloody job you fucking vampire. For someone that supposedly specialises in the tech sector, I had to point out that if he really doubted who I was he could drop my name into StackOverflow or github to verify that im a developer. Recruiters - they're all fucking leeches.4
-
Finally finished the screwdriver followup ticket. I think.
I spent almost two full days (14 hours) on a seemingly simple bug on Friday, and then another four hours yesterday. Worse yet: I can’t test this locally due to how Apple notifications work, so I can only debug this on one particular server that lives outside of our VPN — which is ofc in high demand. And the servers are unreliable, often have incorrect configuration, missing data, random 504s, and ssh likes to disconnect. Especially while running setup scripts, hence the above. So it’s difficult to know if things are failing because there’s a bug or the server is just a piece of shit, or just doesn’t like you that day.
But the worst fucking part of all? The bug appeared different on Monday than it did on Friday. Like, significantly different.
On Friday, a particular event killed all notifications for all subsequent events thereafter, even unrelated ones, and nothing would cause them to work again. This had me diving through the bowels of several systems, scouring the application logs, replicating the issue across multiple devices, etc. I verified the exact same behavior several times over, and it made absolutely no sense. I wrote specs to verify the screwdriver code worked as expected, and it always did. But an integration test that used consumer-facing controller actions exhibited the behavior, so it wasn’t in my code.
On Monday while someone else was watching: That particular event killed all notifications but ONLY FOR RELATED EVENTS, AND THEY RESUMED AFTER ANOTHER EVENT. All other events and their notifications worked perfectly.
AKL;SJF;LSF
I think I fixed it — waiting on verification — and if it is indeed fixed, it was because two fucking push event records were treated as unique and silently failing to save, run callbacks, etc.
BUT THIS DOESN’T MATCH WHAT I VERIFIED MULTIPLE TIMES! ASDFJ;AKLSDF
I’m so fucking done with this bs.8 -
Jesus christ what is wrong with this one
12: Colleague deploys something to production (with a second pair of eyes)
14: Asks me why other team isn't seeing the result, I ask whether they have monitored the logs, they have not
17: They finally read the logs and find the problem, change window has ended so tomorrow there's another attempt
Today, they deployed again around 10 and then went away because they had some private responsibilities. Never looked at the logs, never bothered to verify if anything still worked. Just dropped it in a chat.
10 years older than I am, how can you be so irresponsible4 -
"Oh, let's delete no-reply@domain.tld because that's not needed by anything"
Stupid fucking clients...
Now users can't verify their accounts. Nice!1 -
If you can be locked out of it remotely, you don't own it.
On May 3rd, 2019, the Microsoft-resembling extension signature system of Mozilla malfunctioned, which locked out all Firefox users out of their browsing extensions for that day, without an override option. Obviously, it is claimed to be "for our own protection". Pretext-o-meter over 9000!
BMW has locked heated seats, a physical interior feature of their vehicles, behind a subscription wall. This both means one has to routinely spend time and effort renewing it, and it can be terminated remotely. Even if BMW promises never to do it, it is a technical possibility. You are in effect a tenant in a car you paid for. Now imagine your BMW refused to drive unless you install a software update. You are one rage-quitting employee at BMW headquarters away from getting stuck on a side of a road. Then you're stuck in an expensive BMW while watching others in their decade-old VW Golf's driving past you. Or perhaps not, since other stuck BMWs would cause traffic jams.
Perhaps this horror scenario needs to happen once so people finally realize what it means if they can be locked out of their product whenever the vendor feels like it.
Some software becomes inaccessible and forces the user to update, even though they could work perfectly well. An example is the pre-installed Samsung QuickConnect app. It's a system app like the Wi-Fi (WLAN) and Bluetooth settings. There is a pop-up that reads "Update Quick connect", "A new version is available. Update now?"; when declining, the app closes. Updating requires having a Samsung account to access the Galaxy app store, and creating such requires providing personally identifiable details.
Imagine the Bluetooth and WiFi configuration locking out the user because an update is available, then ask for personal details. Ugh.
The WhatsApp messenger also routinely locks out users until they update. Perhaps messaging would cease to work due to API changes made by the service provider (Meta, inc.), however, that still does not excuse locking users out of their existing offline messages. Telegram does it the right way: it still lets the user access the messages.
"A retailer cannot decide that you were licensing your clothes and come knocking at your door to collect them. So, why is it that when a product is digital there is such a double standard? The money you spend on these products is no less real than the money you spend on clothes." – Android Authority ( https://androidauthority.com/digita... ).
A really bad scenario would be if your "smart" home refused to heat up in winter due to "a firmware update is available!" or "unable to verify your subscription". Then all you can do is hope that any "dumb" device like an oven heats up without asking itself whether it should or not. And if that is not available, one might have to fall back on a portable space heater, a hair dryer or a toaster. Sounds fun, huh? Not.
Cloud services (Google, Adobe Creative Cloud, etc.) can, by design, lock out the user, since they run on the computers of the service provider. However, remotely taking away things one paid for or has installed on ones own computer/smartphone violates a sacred consumer right.
This is yet another benefit of open-source software: someone with programming and compiling experience can free the code from locks.
I don't care for which "good purpose" these kill switches exist. The fact that something you paid for or installed locally on your device can be remotely disabled is dystopian and inexcuseable.16 -
Fuck apple for making it as hard as fuck to sign in to my fucking apple id. Because my ex wife was my "trusted" number, I couldn't get an authentication code. Tech support told me it would take 3 days to reset my password.
After 3 hours of fucking around, I finally was able to reset my password.
I've been trying to get my kids to watch stupid Indiana Jones for years. They finally agreed. After going through 3 hours of BS so I could buy the movie, we start watching it. Literally, as the boulder is rolling down toward Dr. Jones, the movie stops suddenly so that Apple can verify my purchase!
Then, it asks me to buy it again!4 -
This fcktard client that insist on using an iframe and demands support for browsers like IE7. You are costing me years of my life.
Fucking fuck of a Microsoft trying to protect people against tracking from 3d parties in an iframe in random ways in some versions of IE7. Or IE11 in IE7 compatibility mode.
If you are going to refuse sessions just do it! I got a fucking check and fix for that. Because these fuck faces friendly people at Apple like to refuse sessions on iPads and iPhone too. But we worked that out, because they are at least consistent. So a few dirty little hacks made it all Okay.
But no, Boo Hoo I'm Microsoft and I will throw a tantrum. I like my browsers to be like an magican, instead of an usefull piece of software. If you look in this page, or look here we got them. I got your sessions, safe and secure.
But when you need me, to verify that the user is allowed to access data we do a little hocus pocus and now they are gone. Nowhere to be seen or found again. Fun times free fucking magic shows all day long.
It's morning but maybe its time for a bottle of scotch. Maybe if I'm in the state as this browser. Where I don't know what I'm doing because I'm shitfaced drunk it will start working.
When in Rome do as the romans do.6 -
My best code review experience?
Company hired a new department manager and one of his duties was to get familiar with the code base, so he started rounds of code reviews.
We had our own coding standards (naming, indentation, etc..etc) and for the most part, all of our code would pass those standards 100%.
One review of my code was particularly brutal. I though it was perfect. In-line documentation, indentation, followed naming standards..everything. 'Tom' kept wanting to know the 'Why?'
Tom: 'This method where it validates the amount must be under 30. Why 30? Why is it hard-coded and not a parameter?'
<skip what it seemed like 50 more 'Why...?' questions>
Me: "I don't remember. I wrote that 2 years ago."
Tom: "I don't care if you wrote it yesterday. I have pages of code I want you to verify the values and answer 'Why?' to all of them. Look at this one..."
'Tom' was a bit of a hard-ass, but wow, did I learn A LOT. Coding standards are nice, but he explained understanding the 'What' is what we are paid for. Coders can do the "What" in their sleep. Good developers can read and understand code regardless of a coding standard and the mediocre developers use standards as a crutch (or worse, used as a weapon against others). Great developers understand the 'Why?'.
Now I ask 'Why?' a lot. Gotten my fair share of "I'm gonna punch you in the face" looks during a code review, but being able to answer the 'Why?' solidifies the team with the goals of the project.3 -
This is getting annoying.
For the past >half a year I've been chasing windmills. This is what my BAU day looks like:
- We login to client's network
- We start running some Sanity tests before the actual runs (actual runs are hell of an expensive (financially and time-wise) thing to launch) to make sure environment is OK.
- Sanity tests fail. wtf? Nothing's been changed since y-day!
- Spend ~3-4 hours digging logs, code, more logs,... Apparently some genius decided to change a single parameter.
- Spend another 1-2 hours trying to work around that parameter (since apparently that genius did have a task to do that, so we'll most likely have to find a way to live with it)
- Restart the whole env (~30min).
- Launch a Smoke, Sanity tests to verify env state.
- Launch the actual test
- Go home.
Next day:
- We login to client's network
- We start running some Sanity tests before the actual runs to make sure environment is OK.
- Sanity tests pass.
- Run the actual test
- Concurrency on RDS database is sky-rocketing! WTF did that come from??? Nothing's been changed since y-day!!
- Spend ~1-2 hours looking for anything changed, dig some logs for anything unusual. Nothing.
- Escalate to DBA. 2 hours later DBA says "fix the app". thanks for nothing mate....
- Spend remaining 2 hours analysing AWR. Give up, restart the whole RDS instance. Another hour wasted.
- Time to go home. Out of curiosity run Sanity test -- all good. Run the actual test -- all good. wtf??
- Go home
Next day
- We login to client's network
- We start running some Sanity tests before the actual runs to make sure environment is OK.
- Sanity tests fail. wtf? Nothing's been changed since y-day!
- Spend ~3-4 hours digging logs, code, more logs,... Apparently some genius decided to change a single parameter.
- Spend another 1-2 hours trying to work around that parameter
- ..... I think you know where this is going.
And this keeps going on and on, day by day. Spending the better half of the day chasing windmills and doing our actual work on the last hour of the working day or even after that.
We have plenty of interesting tasks in our Jira but we're squirels spinning in the wheel and never being able to touch them.
It feels like I'm wasting my time. I could do so much more with my time!
[just needed to vent ] -
For about 3x years now, we have had 3x generic work email addresses that are used as microsoft accounts for office 2016 licenses.
(The company is dragging its heels on getting office 365 so MS like to make our lives hell.)
Suddenly we can’t get office updates... and when we sign in to see why, it says that because we are apparently only 3 years old we need our parents permission to use the account or we’ll lose access by September.
Never were we forced to enter a DOB when setting the accounts up!!! So it used the account setup date instead.
It turns out that we can’t change our DOB ourselves, as we are a ‘child’ and need a parents permission.
Fine.
I access my personal account and follow the instructions to add the 3x email addresses as my children so i can change the DOB.
‘Ha ha’ i hear microsoft saying, ‘it doesn’t work that way!!’
No, In order for the parent to verify their child’s identity, they are charged 0.50c per child!
Wtf!!
Doesn’t cost a lot but come on Microsoft!!
It’s that, or submit ID, which obviously wont work for a generic support@ email address like we have.
So annoying and we don’t know what to do.
Wonder how much MS are making out of this...2 -
So after 6 months of asking for production API token we've finally received it. It got physically delivered by a courier, passed as a text file on a CD. We didn't have a CD drive. Now we do. Because security. Only it turned out to be encrypted with our old public key so they had to redo the whole process. With our current public key. That they couldn't just download, because security, and demanded it to be passed in the fucking same way first. Luckily our hardware guy anticipated this and the CD drives he got can burn as well. So another two weeks passed and finally we got a visit from the courier again. But wait! The file was signed by two people and the signatures weren't trusted, both fingerprints I had to verify by phone, because security, and one of them was on vacation... until today when they finally called back and I could overwrite that fucking token and push to staging environment before the final push to prod.
Only for some reason I couldn't commit. Because the production token was exactly the same as the fucking test token so there was *nothing to commit!*
BECAUSE FUCKING SECURITY!5 -
I got a new debit card from my bank, jumped online, to activate my new card.
I see a picture of my card, with the last 4 digits of my account number show. A big "activate" button right next to it. Sure thing. Click the button, and guess what piece of information I need to verify I am the true owner of the card. Fucking last four digits.
Fucking hell - you just showed me the digits a page ago.2 -
Don't you just love it when a customer reports a bug in their live system and it's really urgent to correct it; then you go out of your way to fix it ASAP and deploy it to the staging system for them to verify. Three weeks later the customer has still not tested the bugfix...1
-
Can you really trust the security features on your device?
Can you really verify that no one is looking at what you're doing all day, in your house or out and about?
What if I am the one looking at your naked ass right now?21 -
\n and \n\r
What a fuckton of issues those two characters brought me today while attempting to verify a signed file.11 -
"Let the developers consider a conceptual design,” the King said, for about the twentieth time that day._
“No, no!” said the Queen. “Tests first—design afterwards.”
“Stuff and nonsense!” said Alice loudly. “The idea of writing the tests first!”
“Hold your tongue!” said the Queen, turning purple. “How much code have you written recently, anyway?” she sneered.
“I won’t,” said the plucky little Alice. “Tests shouldn’t drive design, design should drive testing. Tests should verify that your code works as it was designed, and that it meets the customer’s requirements, too,” she added, surprised by her own insight. “And when you drive your tests from a conceptual design, you can test smarter instead of harder.”4 -
Server Admins:
Don't fucking make changes to the server configuration and assume that it's going to be functional.
Stop fucking breaking shit on client servers then leaving it for the rest of us to clean up.
Verify your goddamn work before you tell them that their issue is resolved.7 -
Quick vent...
I just hate how other people in my organization keep blaming the systems instead of taking a second to verify if the data that they are feeding the system is accurate!!
It's like adding "4+5" in a ti83 and blaming the TI engineers because the result is not the "4" they wanted! 🤨 -
Google Business Profile is probably not meant for developers. "Help customers find your business by industry." Dev: set primary category to "Web Developer". Google: We didn't understand your category. Please select from the suggestions that appear when typing. Dev, typing: "Web D"... Google suggests: "Web Designer, Web hosting company, Well drilling contractor, Waterbed shop". Okay, Google, nevermind.
Google: "Update your customers. Keep your customers up to date about your business!" Dev clicks "add update", adds info about that customer should use different phone number temporarily due to broken phone. Google: "Your post has been removed from your Business Profile on Google because it violates one or more of our post content policies." Okay Google, at least you let me add an additional phone number on my profile without requiring to verify my primary number that I currently have not access to. Anything else?
Google: "Claim your €400 free advertising credit" Dev: clicks "claim credit" Google: "To access this Google Ads account, enable 2-Step Verification in your Google account." How to combine idiocy and deceptive patterns in a single UI: Google knows! Apart from their search engine, their unique business advantage is simple that they suck a little less than Apple and Microsoft. Sorry, not a day to be proud of our profession, once again.5 -
TL;DR: Google asked me to PROVIDE a phone number to verify connection from a new device, on the said device.
Yesterdayto log into my work Google account from my personal laptop to check emails, calendars update and so on. I opened up a private navigation window, went to Google sign-in page, entered my credentials, all is well.
Google then decided to "verify it's me" and prompted me to PROVIDE a phone number (work account without work phone means no phone number set up) so that they can send a verification code to the number I just provided to make sure the connection is legit.
Didn't want to do that, clicked "use another method" and got asked to fill the last password I remember, which would be my current password thanks to my trusty password manager. After submitting, I'm prompted with an error saying I have to contact my admin to reset my password because they can't log me in with my CURRENT password.
I ain't gonna do that, so went back to login page, provided my phone number, got the code, filled in the code, next thing I know I'm browsing through my emails.
What the duck? Could have been anybody giving any phone number. So much for extra security.
Also don't care that they have my phone number, the issue is more about the way used to obtain it: locking me out of my account and having no other way of logging in.6 -
When the free wifi you just registered for sends an email to verify your account... but you need the wifi to get that email.2
-
Has been a long time since I'm appreciating working with GRPC.
Amazingly fast and full-featured protocol! No complaints at all.
Although I felt something was missing...
Back in the days of HTTP, we were all given very simple tools for making requests to verify behaviours and data of any of our HTTP endpoints, tools like curl, postman, wget and so on...
This toolset gives us definitely a nice and quick way to explore our HTTP services, debug them when necessary and be efficient.
This is probably what I miss the most from HTTP.
When you want to debug a remote endpoint with GRPC, you need to actually write a client by hand (in any of the supported language) then run it.
There are alternatives in the open source world, but those wants you to either configure the server to support Reflection or add a proxy in front of your services to be able to query them in a simpler way.
This is not how things work in 2018 almost 2019.
We want simple, quick and efficient tools that make our life easier and having problems more under control.
I'm a developer my self and I feel this on my skin every day. I don't want to change my server or add an infrastructure component for the simple reason of being able to query it in a simpler way!
However, This exact problem has been solved many times from HTTP or other protocols, so we should do something about our beloved GRPC.
Fine! I've told to my self. Let's fix this.
A few weeks later...
I'm glad to announce the first Release of BloomRPC - The first GRPC Client GUI that is nice and simple,
It allows to query and explore your GRPC services with just a couple of clicks without any additional modification to what you have running right now! Just install the client and start making requests.
It has been built with the Electron technology so its a desktop app and it supports the 3 major platforms, Mac, Linux, Windows.
Check out the repository on GitHub: https://github.com/uw-labs/bloomrpc
This is the first step towards the goal of having a simple and efficient way of querying GRPC services!
Keep in mind that It is in its first release, so improvements will follow along with future releases.
Your feedback and contributions are very welcome.
If you have the same frustration with GRPC I hope BloomRPC will make you a bit happier!3 -
Here comes the story how I became a DevRanter.
When I was young, I built an expensive gamer-machnine, so I had to crack games. I Got used to computers, so I startet an apprenticeship in IT. I finished with good grades. I left everything and everyone behind and moved in a city, found a parttime job as a PHP developer and started studying CS. After 5 years doing work as developer, studying CS, creeping around as soldier, I finally finished and graduated. After a few months working fulltime (same job), as my life began to settle down and I got bored.
A flatmate (also CS) laughed his ass off about something, then he introduced me to DevRant. It became part of my life to read DevRant, to overcome boredom. But there are not enough new Rants.. I'm f'cked. OK, I resigned my Job, and my flat and signed up for the BS in natural scinces at university in an even bigger city. I will again leave everything behind to begin a new life. Now I'm planing to freelance to pay the bills and challenge me again. Wish me luck :)
So I am beginning this new life with writing this story, how i became a dev. I klick Post, and bang! "please verify your email before ranting.. blah" I got no mail, no span, nothing. Resend.. wait.. nothing. I WAS BORED AGAIN!! FUCK YOU MAIL-SERVER, WHY CAN'T YOU SEND AN EMAIL WITHIN SECONDS OR MINUTES, WE ARE IN 21ST CENTURY AND THE INTERNET CONSISTS MAINLY OF OPTIC FIBER CABLES!!
And this is, dear DevRant community, how i become a Ranter, just then when I wanted to Post my first story.4 -
dude@milotic:~$ vncpasswd
Password:
Verify:
Password too long - only the first 8 characters will be used
WHAT1 -
https://github.com/serde-rs/serde/...
Shit like this makes me wonder, wtf is going on in some developers heads.
TL;DR: serde devs sneakily forced precompiled libraries onto all of the users of the library using serde_derive without an obvious way to verify, what's in this binary and no obvious way to opt out, essentially causing all sorts of havoc.
The last thing i want in a fucking Serialization library (especially the most popular one) is to not being able to verify if something shady is going on or not. All in the name of compilation speed.
Yeah compilation speed my ass.
The worst thing of it all is, even if i decide to drop serde as a direct dependency, it will still download the binary and potentially use it, because of transient dependencies. But i guess, i will try to disable serde wherever possible and implement my own solution for that. Thanks but no thanks.
This is so fucking stupid, it's unbelievable.21 -
RANT:
Google is just a steaming pile of shit!!
I've recently installed LineageOS onto my phone and wanted to degooglify my life.
So my current Smartphone doesn't have any GApps installed and I get along fairly well.
Should I need anything, I should just be able to use it in my browser right?
RIGHT?
Nono!! As soon as I want to log into a third party Service using Google (older acccounts with the other choice only being Facebook) I need to "verify my identity". And the only option are my old smartphone who still have Gapps on it but are slow and don't accessible when I'm away!
For those who say: "Google is just beeing secure. They don't want anyone to steal your account.". I USE 2FA AND HAVE BACKUP CODES.
BEFORE DEGOOGLING MY DEVICE IT NEVER ASKED SUCH A THING!!! WHAT A PILE OF SPYING SHIT!!!
And the best part, after I remotely started my PC at home and just want to take a screenshot of the message for this post before just using a working session, the message didn't appear.
Somehow google decided that me logging in 15 mins later (same ip) proves my identity?!?!?!
IF THIS CAN BE ATTRIBUTED TO AI. FUCK THIS SHIT. GOOGLED SHOULD BE TREATED LIKE AN ONLINE CASINO BECAUSE THE CHANCE OF JUST GETTING LOGGED SEEMS COMPLETELY RANDOM!!!
(I also had this prior when using my smartphone browser. There I couldn't "circumvent" this and I was at home. But having this shit on my browser which should've a session is unacceptable.)5 -
Hmm. So have you ever argued in a job interview? Like really standing your ground? In a technical interview?
Today I had a live coding session with a company I'm interested in. The developer was giving me tasks to evolve the feature on and on.
Everything was TDD. Splendid!
However at one point I had to test if the outcome of the method call is random. What I did is basically:
```
Provider<String> provider = new SomeProvider("aaa", "bbb", "ccc", "ddd", "eee", "fff")
for(int i=0; i<100; i++) {
String str = provider.get();
map.put(str, incrementCount(str));
}
Set<Integer> occurences = new HashSet(map.values());
occurences.removeIf(o -> o.equals(occurences.get(0)));
assertFalse(occurences.empty());
```
and I called it good enough, since I cannot verify true randomness.
But the dev argued that this is not enough and I must verify whether the output is truly random or not, and the output (considering the provider only has a finite set of values to return) occurences are almost equal (i.e. the deviation from median is the median itself).
I argued this is not possible and it beats the core principle of randomness -- non-determinism. Since if you can reliably test whether the sequence is truly random you must have an algorithm which determines what value can or cannot be next in the sequence. Which means determinism. And that the (P)RNG is then flawed. The best you can do is to test whether randomness is "good enough" for your use case.
We were arguing and he eventually said "alright, let's call it a good enough solution, since we're short on time".
I wonder whether this will have adverse effect my evaluation . So have you ever argued with your interviewer? Did it turn out to the better or to the worse?
But more importantly, was I right? :D21 -
*making payment online*
Website: Your bank wants to verify something. Redirecting to their page
Me: fair enough
Bank: we are increasing security by sending you a security code via text...
*bank redirects me before I can finish reading*
Website: payment successful
Tf kinda security is that???1 -
Interesting thing. Ya know how when turning on your phones hotspot it has to verify that you are in fact allowed to use a hotspot. Well if you have Unlimited Data like myself, hotspotting is not allowed. HOWEVER, if you spam the hotspot button, it after several tries, gives up and lets you hotspot. THIS IS MY LITTLE TRICK. NO BUG BOUNTY. BESIDES, youd need my carrier.10
-
As a legal thing at work I need to have someone verify my citizenship by filling out a form for my I-9. They ask the person for their title. My husband can’t be serious, so he put that his title is “Keeper of the Swans”.
Here’s hoping I don’t have an awkward convo with legal over the validity of verification by a man claiming the title “Keeper of the Swans”
In his _defense_, the form didn’t let him leave “Title” blank.9 -
fucking zoho and their fucking sign up and authentication process.
they need a mobile phone number for the sing up, alright fine, I provide. but after submitting the form, nothing fucking happened and i am redirected to the initial sign up page. fuck you.
try again and guess what, said my phone number is already used and i can try sign in with it. ok alright, i try to sign in using my number and my password. guess what? i am redirected back at the initital sign up form page. fuckkkkkkkkkk.
i try again with another number. and then this time, guess what? said the fucking email is already existed. jesus fucking fucking christ.
browse around their help desk and found this. https://help.zoho.com/portal/kb/...
sure I follow the advice and guess what? yeah i'm redirected back to the FUCKING GOD DAMN same page again.
I gave up and wanted to send them a reply on their help desk and try to log in using one of my other existing zoho accounts. GUESS WHAT? THEIR HELP DESK LOG IN IS NOT WORKING. ARRRRRRRRRRRRRRRRRRRRRRRRRRRRRR.
I click "Sign In". Login as User or Login as Agent dropdown appear. I click Login as User since my user account is already logged in. It nothing happened. It flashed and I am back at the help desk thread with no changes. It is still "Sign In" at the top. I fucking give up.3 -
Printer strikes again!
Boss is pissed off that the printer is not working for him but works for the accounting department. He slammed the "photocopy cover thingy" with a "putain" (which I doubt will make it work). I had told him multiple times last week that the credentials he entered is wrong and he needs to verify that first. He will hopefully eventually realise it. Till then
Printer: 01
Human: 002 -
What the fuck is wrong with Google?!!
Trying to log into Gmail.
Forgot password.
Gmail: To reset, code from authenticator app is required.
Me: Super. Good thing I set it up.
Enters code.
Gmail: Recovery email.
Me : Uh... Forgot that too.
Gmail: Some email address to communicate.
Me: Super!
Enters some other email address.
Receives mail with a link.
Me: Finally!
Opens link
Gmail: "When did you create your account?"
Me: Uh... If I had that kind of memory, we wouldn't be dancing right now.
.
.
.
Gmail: Sorry we couldn't verify you.
WHAT THE FUCK, GOOGLE?!
What sort of sadist play is this?!
Dropped them a mail to get access back. Got a link in the auto reply that explains how to repeat the above process. WTF?!
What the actual fuck?!11 -
Me: *Making a very trivial suggestion, that every person with 1 working eye and 1 functional lobe can come up with*
Corporate managers: *Ponder. Verify competitors didn't implement it yet*. Great idea! let's patent it!4 -
My terminal (Tilix) didn't have a header bar for a quite a while now. I had grown to live without it even though I missed looking at the terminal title to figure where I was.
Today I my hand accidentally hit F11 and I was in for a surprise. I actually exclaimed aloud in the office.
I waited to test, confirm and verify that the header bar itself was not a bug before I facepalmed myself -
Man....I keep up with this strange love hate relationship I have with Python....
Last night it was python that literally wrote my homework: define all possible equivalent partition tables with cause and effect analysis and boundary value checks for a program. The whole thing wrote itself and all I had to do was verify the inputs. Something that I was able to do using jupyter with pandas and numpy. On one hand, I despise the lack of static typing and use of whitespace as a block delimiter. On the other I cannot but help feeling a high level of gratitude over the language and its high availability and ease of use for this.
Sure, I could have used other tools, but this language has dominated hardcore in this regard enough to the point of not considering it being a crime against humanity.3 -
I am now receiving fertility information about a random person in the US because they thought it would be an excellent idea to use some random mail address (my mail address) to register for a fertility site instead of their own.
For anyone interested they will be highly fertile in about 12 days. Lets see if they succeed and unregister from the service then.
For the love of God please verify mail addresses of user before registration! Please!
Related rant: https://devrant.com/rants/9686149/...9 -
Google simply can't knock off harrassing their users with security theatre.
A friend of mine has a small personal YouTube channel. He has recently been bombarded with several phone verification requests a week: "Verify it's you. To continue your session, complete a brief verification. This extra step helps us keep your account safe by making sure it’s really you. "
While frequent verifications may be understandable on YouTube channels with millions of subscribers, channels with only a few dozen subscribers are not attractive hacking targets. A verification would be justified before a potentially harmful action such as deleting videos or deleting a channel. But not for normal everyday use.
What's next? Will they ask users to "verify it's them" every ten minutes, "just for extra security"? Just to verify that it is "really, really, really, really, really" them?
It's not security. It's security theatre.
Sorry, Google, but users are not in the mood of doing a phone verification every other day.
Has this been Google's perverted wet dream all along?1 -
WTF IS WITH ALL THESE MESSAGING SERVICES... ALL NEED TO LOGIN OR VERIFY USING MY PHONE. WHAT IS IT'S LOST OR BROKEN....
DUMBASS IDIOTS....14 -
I would like to rant one more time about my internship.
I began in July, the first. That's my sister who helped me to find this internship and I was a little scared about how bad it could be.
I came at the office, my boss told me that I would work in an "Innovation lab", an apartment where people works on projects that are less corporate than the enterprise's ones.
To me, it was amazing. So I came in this apartment, it was like a dream. I didn't know that I would have such luck to be in this environment : kitchen, sofas, beds, many decorations for all political ideologies, ideas. There was some decorations that were about weed and many cool things for the young guy I am.
The lab's leader told me that it was a very free environment and all the awesome stuff I could use.
Then they showed me where I would work.
We were two interns employed as web developers. We had a complete room for us.
Then we began to work there, and I was presented to my internship tutor.
He gave me some instructions but told me that I had a week before the project begin.
Here began the troubles.
We waited a complete week without having any instructions. Then we began to build something in PHP with our knowledge and the informations someone from the lab gave us.
When finally we had news from the project, two weeks later, we learned that the project would be built with ASP. NET.
Here we go, I learn ASP. NET alone. I have many problems and nobody helps (even if the problem comes from enterprise's API/Framework). I finally make something usable with no help, after I discovered that my mate wasn't developer at all and just took an option for her classes which forced her to get an internship.
She had 3 month left, I had 6.
Then when the project really began, nobody came to verify what I was doing and on a meeting, they said that I was doing nothing.
The boss even became mad on us because he couldn't see what we were doing (we're back end developers).
I asked for help to the developers of the enterprise and someone came, sad to have to help an internship, and learned some tricks but nothing else.
To have a concrete explanation of what DDD was, I had to ask 4 times for help.
Finally I had something that could receive data from the connected hives we are working on and store them into a database in the architecture of the enterprise.
Then, they wanted me to try an API for them. I tried, and it wasn't working at all. So they make me still wait to change my whole architecture when the API will be released.
Recently, I was told that I would never do the front-end of the project (which was an horror because of the fantasm of the lab leader). Then they realized that my late wasn't a programmer. So they asked me to make a prototype for the front-end. I did for a presentation.
Then they didn't tell me the device they would use for the presentation and it was an iPhone 7. Idk why, safari couldn't display what IE can.
They blamed me for having done a bad work. It wasn't my job. I did it to help because they can't find a fucking front-end developer with a little more experience than me.
Actually, I am an alone developer since my mate is gone and the lab leader don't want me to show up because she considers me as a shame.
I asked to be moved back in the office of the enterprise, they agreed and said it was a 2-weeks delay. It's the Thursday of the second week and I have no news. I send mails to my tutor, even SMS, he doesn't answer me. They didn't call me to give me my pay with a week late. And the person who is responsible doesn't answer me neither. I came to see her, but she wasn't available. I'm now alone in a desk, waiting the time to pass.
Fucking this shit.
I'm in France.
EDIT : I forgot to say that I can't use the sofas or bed because I'm allergic to cats and there were 3 cats. Now there is still one and this beast vomits and poos everywhere in the house...7 -
You work as IT for a private investigation agency.
You find YOUR name in a list of investigated people.
😲😲😲😲😲
You verify the Insurance ID.
😱😱😱😱
It's an homonym.
😂😂😂😂😂 -
After seeing it in a demo, the customer didn't like their first loading gif and they sent another one.
I go to open it to verify it's good and Gimp won't open it; Chrome, Firefox, IE, even MS Paint fails miserably. Eventually I ran file on it and it's an html doc.
So I changed the extension and loaded it up. He saved his slack window as a gif. -
It all started with an undelivereable e-mail.
New manager (soon-to-be boss) walks into admin guy's office and complains about an e-mail he sent to a customer being rejected by the recipient's mail server. I can hear parts of the conversation from my office across the floor.
Recipient uses the spamcop.net blacklist and our mail was rejected since it came from an IP address known to be sending mails to their spamtrap.
Admin guy wants to verify the claim by trying to find out our static public IPv4 address, to compare it to the blacklisted one from the notification.
For half an hour boss and him are trying to find the correct login credentials for the telco's customer-self-care web interface.
Eventually they call telco's support to get new credentials, it turned out during the VoIP migration about six months ago we got new credentials that were apparently not noted anywhere.
Eventually admin guy can log in, and wonders why he can't see any static IP address listed there, calls support again. Turns out we were not even using a static IP address anymore since the VoIP change. Now it's not like we would be hosting any services that need to be publicly accessible, nor would all users send their e-mail via a local server (at least my machine is already configured to talk directly to the telco's smtp, but this was supposedly different in the good ol' days, so I'm not sure whether it still applies to some users).
In any case, the e-mail issue seems completely forgotten by now: Admin guy wants his static ip address back, negotiates with telco support.
The change will require new PPPoE credentials for the VDSL line, he apparently received them over the phone(?) and should update them in the CPE after they had disabled the login for the dynamic address. Obviously something went wrong, admin guy meanwhile having to use his private phone to call support, claims the credentials would be reverted immediately when he changed them in the CPE Web UI.
Now I'm not exactly sure why, there's two scenarios I could imagine:
- Maybe telco would use TR-069/CWMP to remotely provision the credentials which are not updated in their system, thus overwriting CPE to the old ones and don't allow for manual changes, or
- Maybe just a browser issue. The CPE's login page is not even rendered correctly in my browser, but then again I'm the only one at the company using Firefox Private Mode with Ghostery, so it can't be reproduced on another machine. At least viewing the login/status page works with IE11 though, no idea how badly-written the config stuff itself might be.
Many hours pass, I enjoy not being annoyed by incoming phone calls for the rest of the day. Boss is slightly less happy, no internet and no incoming calls.
Next morning, windows would ask me to classify this new network as public/work/private - apparently someone tried factory-resetting the CPE. Or did they even get a replacement!? Still no internet though.
Hours later, everything finally back to normal, no idea what exactly happened - but we have our old static IPv4 address back, still wondering what we need it for.
Oh, and the blacklisted IP address was just the telco's mail server, of course. They end up on the spamcop list every once in a while.
tl;dr: if you're running a business in Germany that needs e-mail, just don't send it via the big magenta monopoly - you would end up sharing the same mail servers with tons of small businesses that might not employ the most qualified people for securing their stuff, so they will naturally be pwned and abused for spam every once in a while, having your mailservers blacklisted.
I'm waiting for the day when the next e-mail will be blocked and manager / boss eventually wonder how the 24-hours-outage did not even fix aynything in the end... -
I've noticed looking at the card exit of a building that most people a) just carry their laptop without putting it in the backpack because the carpark is a jump away anyway, b) that stickers on said laptops can leak your infrastructure
No idea what made me interested in that, but if you take the average of people's laptop stickers (sadly not everybody had their laptop or maybe even a laptop at all, so I've got just 20) - you could probably tell what tools and what services the company is running.
Could be a funny coincidence and I was able to verify later by googling their company, but it's an interesting non trackable way to know what services and tools need to be exploited/emulated to possibly gain access to some high security network.
I feel like somebody had to have a talk/presentation about this, so I wonder, had anybody else seen something like that? or how far could this actually go?5 -
Today when registering myself for a website I was asked to validate my email address. Literally I was sent an email with only "Please verify your email" in the body. So I responded with "ok". Lets see how long it takes for them to realise their mistake.3
-
God I hate when dev work gets all political.
Our team had a technical meeting with a difficult partner/customer, that wants to connect to our internal service, so we are writing an Integration Service for this.
Apparently the project is very important on both sides and highly political so in the meeting there was a member of the Board of directors of them. We just wanted to check one feature to verify they can connect, etc.
After some minor bugs showed up, that guy goes on ranting about how this is all a joke ("Verarschung" literally) and how we did not deliver all features yet as promised (Note : that was not promised) and basically indirectly personally attacked us, our company and our team.
It's incredible how such assholes can stay in such positions.5 -
College degree.
I don't have it. Not because I don't like to study or don't like to evolve.
I tried several times go back to college, but unfortunately I don't see myself wasting money and time inside a classroom hours per day for something I can read on a book and learn by myself in few days / hours.
I know there's some subjects it's quite hard and we need some guidance for help us, but, we have the community to ask, forums and a lot information on internet.
OK, but why I'm doing this rant?
Recently I got a good job offer in a good country but my potencial employer and me is facing issues to go trough the process because the country to give me the IT visa requires the college degree.
Sometimes I regret to not have enough cold blood to finish the damn college just becuase of the piece of paper (which doesn't proff anything and we cannot even use to clean the $_@#$"@).
My home country (which is a third world country) is already noticed that and they start doing some laws and visas to ease the hiring IT professionals and they're leaving at companies expanses and responsabilities to verify is a good professional or not, but, the price is high for that. But at least the companies there's a way now to get someone.
And also I start see a loot excelent and genius programmers and others IT professionals which are skipping the degree to see and face same issues as me.
I hope our field finally put a end to this burocracies.12 -
I'd love if devRant had a search for user name when writing a rant, so if I type @dfox, it'll at least verify the name before I post.9
-
Got contacted by a potential client whose job I had bid on. Spent a couple of minutes frantically studying his specification and preparing my discussion.
Turns out the job was fake. He wanted me to create a new profile, verify it with my white European identity and then let him use it to approach Western clients.
The best part? I'm as Asian as he is, and all my profile pictures bear witness to that fact.
Some people smoke some really special stuff...1 -
its day 4 of updating documentation and consolidating data.
The webclient has broken on average 4 times a day.
The database took 20+ seconds on updating a password entry.
I explained to my boss the real cost of interrupting my attention with these pauses. I figure it's caused my productivity to go from record high last week to being literally losing about 4 hours a day lost, plus extra time in having to go back through and verify things worked.
The technicians and developers who are working on fixing the database system are apparently quitting left right and center; their company acquired it awhile back, so they don't actually have native developers on it. Yet they still are pushing out new integration features rather than fixing anything.
Yesterday, one of the other people on the documentation project lost half a days work due to the angular updating the local cache, but it never reaching the backend. He came back from lunch, reopened his browser, and all his work was gone. (at least thats what we think happened). So we are hard resetting the program every 10 minutes or so just to make sure it is updating the backend.
The good news is that when it is done, we theoretically will be able to use this to cut back onboarding time and update times by about half, and it'll mean our new nano-server deployment project should be able to spin out with standards that can be referenced properly by everyone, not just the guy with the powershell script that he tinkered with for a particular project and never told anyone else what he did.
Theoretically. -
Boss: so we've got to call an app to verify data in this project. But I've got no more info and I'm on holiday next week. Please contact GuyA next week.
Me: ok I guess?
*writes email to GuyA*
GuyB: GuyA is on holiday please hold the line
*1 week later*
GuyA: we need more time it's not ready yet
*2 weeks later?
Me: so?
GuyA: yeah it's ready here's the wsdl etc your client already has the password
*1 week later*
Me: yeah so I got the data but the api says my auth isn't working
GuyB: yeah your user isn't activated on the test system. I'm gonna forward that and come back at you
*1 week later*
GuyA: so we're going live in about 2 weeks hows testing going?
Me: well I'm still waiting for the response and activation
*suddenly it works*
Me: yeah so auth is working but i can't find any data. Is there any special test data?
GuyA: oh no there is NO test data on the test system. You need to wait for GuyB but he us not here today...
Me: are you fking kidding Me?????
... no response since then and it's been days.... -
So this happened when I was interning. We were developing an online application for hospitals. Now as it is with any new product. We had a lot of small issues popping up related changing of text or design colors. Now this piss kissing product manage of ours who has had no prior experience of a product of the scale we were developing started posting issues in the company’s internal whatsapp group. It was fine initially when the issues were less and small. However, when the amount and intensity grew, I suggested that he be given access as a issue poster on the git repo of the code.
Now I couldn’t comprehend his level of douchiness before hand but this guy started posting issued there but only a link to a google doc with the issue described there.
Then when came the time to change the status of these issues, I asked him to verify for his satisfaction that the issue is resolved and mark it as such. So Mr. Shitmenot started to maintain a fucking google sheet to maintain the status of issues and asked us to do the same. And upon demarcation he would manually change the color of the cells representing the issue. Like what the fuck dude.
I complained about this to my mentor who also happened to be he CEO but he couldn’t care less as if it was some debt that he owed the guy.
Safe to say I left the company shortly after things started to get out of hand and more shit began to happen. Yes there was more stuff that happened!!! -
Fucking LinkedIn.
I created a new account with my main e-mail, and suddenly it was restricted. I sent an ID verification, I received an e-mail saying it was now back, but then it was fucking restricted again, and I CANNOT HAVE IT BACK BECAUSE THE TO GET HELP FROM THEM IS A HASSLE. Sometimes it asks me for a phone number, but then, and error appears saying the session is invalid.
I created a support ticket, their response takes hours with a new link to verify again, but when I send again a new ID, for some reason, my verifications do not reach them, and they send the same link again. FUCK'S SAKE.
Finally, I subscribed to Premium just to talk to someone, but they can't help with this matter. At least left a note to Jenny.
Why the hell is a newly created account being restricted? Fix your systems.2 -
Any JavaScript developers out there willing to help me out with something?
I have an interview question that I like to ask candidates that no one ever seems to get right. But, to me, it seems pretty basic, so I expect MOST JavaScript developers at almost any level of expertise to get it, and I like it generally because it demonstrates some core knowledge of JavaScript concepts and syntax.
But I want to verify that my feelings about it are reasonable, because give how few ever seem to get it right (and I'm talking across literally hundreds of interviews, MAYBE 2 people have ever gotten it right), I'm starting to wonder if I'm right or not.
Look at this code, and then answer the question after. Please do so off the top of your head and without testing anything since that's normally the experience a candidate would have. I'll give the answer after some time for anyone who gets it wrong but is curious.
But this isn't about YOU getting it right or not, and it's not about whether it's the best way to do something in JavaScript or anything like that, it's just about whether it's a reasonable question and whether my expectation that MOST JavaScript developers should get it right is fair.
const O = {
sayHello : function() { alert("Hello"); }
};
const S = "sayHello";
Question: using ONLY the variables O and S (and you MUST use both), write code that executes the sayHello function.
Thanks!34 -
Prequel to my previous post:
I received an offer from a startup that did not meet the originally advertised salary range. In every other aspect this place seemed like where I'd enjoy working the most and each previous interaction made a very good impression on me. So needless to say this was quite a shock.
They immediately apologised and explained the situation. They only now started to expand to and hire from my location (which can be verified) and I would be the very first person from this location (seems true too but I could only really verify this after joining). They explained the salary range I had seen was for their main hub location (accurate too) and said that the recruiter who posted the ad did not adjust it to mine. I asked why tf they didn't notify me of this earlier and they said they are super busy with everything, are new to location based salaries and normally don't check the recruiters posts as it should be her work.
Now, even if this is totally true, it was an awful sudden shock and felt a bit like a scam - totally contradicting my previous impressions.
Here are a couple of other points that I'll just sum to save time:
- before seeing the job ad I had a *reasonable* salary expectation even lower than their actual offering
- on the ad, the bottom end of their salary range far exceeded my reasonable exp.
- the relative level of my position would be even higher up the range that I have seen realised would be top 5%
- having had seen the ad, I started to have an *ideal* expectation being the bottom of the range
- in first interview I told them my exp. is the bottom end of their range +- a bit
- I told this to a dev guy who has no fucking idea about this stuff and I don't blame him but he noted this down to higher management
- generally I have not been very precise of my expectation as previously I only had lower class dev jobs, this would be the first decent.
- Hence I have seen an enormously high variation in salaries offered to me so this advertised range whilst high seemed possible
Now, with all this in mind I posted here a question about what some of you would do in my position.
I received the following group of responses:
- it's a scam, bad place, run
- it's an intentional (common) trick
- people make mistakes like this esp. startups so find out if this is intentional or not
- just decide if their current offering is reasonable for the position and location, ignore the rest
- just decide if the amount is enough
- location based salaries are retarded, don't work there (I kinda agree and also don't)
- if they can afford the higher pay in another place they should have no prob. meeting the range
- it's more important that you'd enjoy it there if the pay is sufficient for general needs
- company culture is generally more important these days
- fuck recruiters and hr people (amen to that btw)
Here is what I did:
Regardless of whether I believe them or not I hyperfocused on the potential scam/trick aspect.
I told them that every other interaction with them was positive and would love to join them but this was a really bad impression and feels like they are playing with me. I made up some bullshit previous examples of companies trying the same trick on me (which obv. never happened).
Then I said that I think to resolve this they should invite me to their main office for a day (all interviews had been online) and if after that they are still not ok to offer me at least the bottom of the adv. range then we can part ways. Otherwise this should ensure both of us that we are a good match, etc.
They seemed to love the idea and said that I should go there for x till y (3 days) and if we don't hate each other by the end I'll get the amount at the bottom of the range and they apologised again about it looking like a scam, etc.
So thanks a bunch again to those of you who provided valuable input. -
I am a Technical Lead in the department in my company that writes code for our clients that have money but doesn't have the technical expertise to handle the complexities of our own software.
Part of my tasks involve taking care of a few projects written by employees that have left after using third-party tools rather than using our own software. No one else in this department knows these third-party tools, they only know our own, and my *still limited* web development experience means I get dumped these things in my lap.
And I'm SO pissed at these projects and their authors and the manager that let these ex-employees write these things. There is this one project that was managed by two different "developers" (I don't know they deserve this title) at two different times, and it is so riddled with different technologies it makes me want to throw up almost daily.
Don't believe me? Here is a complete list of the dependencies listed in the package.json of this project: babel-polyfill, body-parser, cookie-parser, debug, edge, edge-sql, excel-to-json, exceljs, express, html-inline, jade, morgan, mssql, mysql, pug, ramda, request, rotating-file-stream, serve-favicon, webpack, xlsx, xml2js
What this doesn't even show, is that one part of this project (literally one page) is made using react, react-dom, react-redux, and jade. The other part (again literally one page) is made using Angular and Pug. In case you missed it while picking up your jaw, there's also mssql, mysql, edge and edge-sql. excel-to-json, exceljs, xlsx.
Oh you want *more* juicy details? This project takes the entire data object used by the front-end, stringifies it into JSON, and shoves it into the database *as a single field*. And instead of doing WHERE clauses in the SQL queries, it grabs the entire table, loops, parses the json, and does a condition on it. If even one of those JSON entries gets corrupted, the entire solution breaks because these "developers" don't know what try/catch is.
The client asked for a very simple change in their app, which was to add a button that queries the back-end for a URL, shows it in a modal dialog, after which a button is clicked to verify the link by doing a second query to the back-end before modifying a couple of fields in the page.
This. Took. Me. Two. Months*. Save me. Please, save me.
*between constant context switches between this and other projects that were continuously failing because of their mistakes.4 -
After building some automated regression tests to verify parts of the company website were working, it was discovered that a test case was missing.
Instead of a constructive meeting about fixing the issue and adding a test, I was reamed and my manager was reamed that we "missed this case".
Nevermind that the automation caught several issues before release in nearly every other aspect of coverage.
Nevermind that the missing test case was a useless feature added after the automation was completed.
Nevermind that automation was meant to be the last stop in the gate, not the first...
I was so livid after that meeting I nearly resigned on the spot. My manager was so livid over being told to write me up he was ready to resign. -
Before you start pulling the code down for an API and debugging why a POST to it isn't persisting in SQL, verify your JSON is well-formed... 😒
That missing squiggly brace at the top is a buzzkill.2 -
My trying to login to my email account my.email.address@example.com via web:
Site: You need to verify that you are really you. We sent a verification email to my.email.address@example.com please click the link in this email to verify your identity.2 -
* Developing a new "My pages" NBV offer/order solution for customer
_Thursday
Customer: Are we ready for testing?
Me: Almost, we need to receive the SSL cert and then do a full test run to see if your sales services get the orders correctly. At this point, all orders made via this flow are tagged so they will not be sent to the Sales services. We also still need to implement the tracking to see who has been exposed to what in My Pages.
Customer: Ok, great!
_Friday
Customer: My web team needs these customers to have fake offers on them, to validate the layout and content
Me: Ok, my colleague can fix this by Tuesday - he has all the other things with higher prio from you to complete first
Customer: Ok! Good!
_Sunday
Me: Good news, got the SSL cert installed and have verified the flow from my side. Now you need to verify the full flow from your side.
Customer: Ok! Great! Will do.
_Monday
*quiet*
_Tuesday
Customer: Can you see how things are going? Any good news?
Me: ???
*looks into the system*
WTF!?!
- Have you set this into production on your side? We are not finished with the implementation on our side!
Customer: Oh, sorry - well, it looked fine when we tested with the test links you sent (3 weeks ago)
Me: But did you make a complete test run, and make sure that Sales services got the order?
Customer: Oh, no they didn't receive anything - but we thought that was just because of it being a test link
Me: Seriously - you didn't read what i wrote last Thursday?
Customer: ...
Me: Ok, so what happens if something goes wrong - who get's blamed?
Customer: ...
Me: FML!!!2 -
Company started automated testing recently, and the devs need to review the test scripts.
The tester assigned to my component writes script to trigger button click and nothing else to verify the result.
I couldn't even. I just left work for the day. -
Fucking java library publishing. It's a nightmare. You have to fucking own a domain to publish a shit onto jcenter/bintray/whatever. You have to own the domain, that your lib's package name is. And you MUST verify it, otherwise you won't publish anything. Or you can shit allover your lib with package name like com.github.dumbcoder.mycoollib.
You must to create a ticket for some shitheads that are going to verify your shit for two weeks. They gonna ask you for source.jar, docs.jar and whatever shit.jar they need.
What THE fuck? Who was the asshole that decided name packages in reverse domain name? No FUCKING more ecosystem has such a bullshit. In .net you just make a lib, create a free nuget account, fill some basic info and boom! you have .net package published. Same for npm and rust for example.
Because the fucking package name should be just for structure not for a some dick to own it. Namespace is name-fucking-space.
FUCK JAVA.7 -
apple is an IT company..
"New apps and app updates will not be accepted December 23–27 (Pacific Time), so any releases should be scheduled, submitted, and approved in advance."
Ah yes, because ofcourse the servers can go home and spend the holidays with their applets.
(yes i know apple says they verify by hand, yes i know in reality they actually automate it)5 -
The global joke of Information Security
So I broke my iPhone because the nuclear adhesive turned my display into a shopping bag.
This started the ride for my character arc in this boring dystopia novel:
Amazon is preventing me from accessing my account because they want my password, email AND mobile phone number in their TWO.STEP Verifivation.
Just because one too many scammers managed to woo one too many 90+y/o's into bailing their long lost WW2 comrades from a nigerian jail with Amazon gift cards and Amazon doesn't know what to do about anymore,
DHL is keeping my new phone in a "highly secure" vault 200m away from my place, waiting for a letter to register some device with a camera because you need to verify your identity with an app,
all the while my former car insurance is making regress claims of about 7k€ against me for a minor car accident (no-one hurt fortunately, but was my fault).
Every rep from each of the above had the same stupid bitchass scapegoat to create high-tech supra chargers to the account deletion request:
- Amazon: We need to verify your password, whether the email was yours and whether the phone number is yours.
They call it 2-step-verification.
Guess what Amazon requests to verify you before contacting customer support since you dont have access to your number? Your passwoooooord. While youre at it, click on that button we sent you will ya? ...
I call this design pattern the "dement Tupi-Guarani"
- DHL: We need an ID to verify your identity for the request for changing the delivery address you just made. Oh you wanted to give us ANOTHER address than the one written on your ID? Too bad bro, we can't help, GDPR
- Car Insurance: We are making regress claims against you, which might throw you back to mom's basement, oh and also we compensated the injured party for something else, it doesn't matter what it is but it's definitely something, so our claims against you just raised by 1.2k. Wait you want proof we compensated something to the injured at all? Nah mate we cant do that , GDPR. But trust me, those numbers are legit, my quant forecasted the cost of childrens' christmas wishes. You have 14 days or we'll see you in court haha
I am also their customer in a pension scheme. Something special to Germany, where you save some taxes but have to pay them back once you get the fund paid out. I have sent them a letter to terminate the contract.
Funniest thing is, the whole rant is my second take. Because when I hit the post button, devrant made me verify my e-mail. The text was gone afterwards. If someone from devRant reads this, you are free to quote this in the ticket description.
Fuck losing your virginity, or filing your first tax return, or by God get your first car, living through this sad Truman dystopia without going batshit insane is what becoming a true adult is.
I am grateful for all this though:
Amazon's safety measures prevented me from spending the money I can use to conclude the insurance odyssey, and DHLs "giving a fuck about customers" prevention policies made me support local businesses. And having ranted all this here does feel healthy too. So there's that.
Oh, cherry on top. I cant check my balance, because I can only verify my login requests to my banking account wiiiiiiith...?2 -
Just know that this is out there somewhere:
// JavaScript Document
//verify redirect
function verifySubmit(){
//get a handle on the form and check terms and conditions is selected , if not raise something
var cb = document.getElementById('termsandconditions')
if (cb.checked == true)
{
//the box is checked , redirect user to access controller
window.location = "http://192.168.101.1/goInternet.php"
}
if (cb.checked == false)
{
//the box is not checked , do not redirect user to access controller
}
}1 -
Just found out about this: https://publiccode.eu/
If you live in the EU and care about privacy, security and/or open source you might want to check it out.
To sum it up: The idea is to have all software written for and bought by public authorities, governments and such published under open source licenses to enable every citizen to verify the integrity of that software (and give all the other advantages of FOSS).3 -
I have been trying to wrap my head around authentication in hapi for the last 6 hours...
Fuck this shit... when did simple,
I HAS A USERNAME
I HAS A PASSWORD
CAN HAS SESSION?
become:
- you magically get a token from somewhere
- you magically verify that token
- you respond with { credentials } //magic
- by some fucking black magic the server probably creates a session without you knowing about it...
- you freak out and write your own authentication scheme only to find out that you cannot read payload of POST requests in the authenticate method
- you get angrier and depressed and write a rant
(to be clear: there is @hapi/basic but I don't think sending a GET request with the URL looking like username:password@domain.tld is very safe...)11 -
I'm such a fucking idiot
I'm setting up an api and to prevent unwanted fields or circular dependencies from showing up I define what fields should appear in a few serialization yaml files.
These files define what fields should appear in a given context. The default context for every field is to always show the id, and only a call to /posts will give you all the fields of the posts for example. This means that if you retrieve a comment with a linked post, the post will only show up as an id, but the comment will have all its fields.
I've been struggling with a stupid problem for 2 hours, I could verify that the yaml files were loaded in, all entities had such a file and the configuration was exactly according to the docs.
Guess why my api calls still caused circular errors?
Because I forgot to do the $view->setContext$this->defaultContext); call that determines what context should be used for the response.
FUCK ME WHY DID IT TAKE SO FUCKING LONG TO FIGURE THAT OUT OMG
Google you say? Ofcourse I hunted google results! But I was unknowingly part of an XY problem and was looking for what the problem wasn't >:(
At least it works now, ugh1 -
Brave Browser.
There’s a reason why brave is generally advised against on privacy subreddits, and even brave wanted it to be removed from privacytools.io to hide negativity.
Brave rewards: There’s many reasons why this is terrible for privacy, a lot dont care since it can be “disabled“ but in reality it isn’t actually disabled:
Despite explicitly opting out of telemetry, every few secs a request to: “variations.brave.com”, “laptop-updates.brave.com” which despite its name isn’t just for updates and fetches affiliates for brave rewards, with pings such as grammarly, softonic, uphold e.g. Despite again explicitly opting out of brave rewards. There’s also “static1.brave.com”
If you’re on Linux curl the static1 link. curl --head
static1.brave.com,
if you want proof of even further telemetry: it lists cloudfare and google, two unnecessary domains, but most importantly telemetry domains.
But say you were to enable it, which most brave users do since it’s the marketing scheme of the browser, it uses uphold:
“To verify your identity, we collect your name, address, phone, email, and other similar information. We may also require you to provide additional Personal Data for verification purposes, including your date of birth, taxpayer or government identification number, or a copy of your government-issued identification
Uphold uses Veriff to verify your identity by determining whether a selfie you take matches the photo in your government-issued identification. Veriff’s facial recognition technology collects information from your photos that may include biometric data, and when you provide your selfie, you will be asked to agree that Veriff may process biometric data and other data (including special categories of data) from the photos you submit and share it with Uphold. Automated processes may be used to make a verification decision.”
Oh sweet telemetry, now I can get rich, by earning a single pound every 2 months, with brave taking a 30 percent cut of all profits, all whilst selling my own data, what a deal.
In addition this request: “brave-core-ext.s3.brave.com” seems to either be some sort of shilling or suspicious behaviour since it fetches 5 extensions and installs them. For all we know this could be a backdoor.
Previously in their privacy policy they shilled for Facebook, they shared data with Facebook, and afterwards they whitelisted Facebook, Twitter, and large company trackers for money in their adblock: Source. Which is quite ironic, since the whole purpose of its adblock is to block.. tracking.
I’d consider the final grain of salt to be its crappy tor implementation imo. Who makes tor but doesn’t change the dns? source It was literally snake oil, all traffic was leaked to your isp, but you were using “tor”. They only realised after backlash as well, which shows how inexperienced some staff were. If they don’t understand something, why implement it as a feature? It causes more harm than good. In fact they still haven’t fixed the extremely unique fingerprint.
There’s many other reasons why a lot of people dislike brave that arent strictly telemetry related. It injecting its own referral links when users purchased cryptocurrency source. Brave promoting what I’d consider a scam on its sponsored backgrounds: etoro where 62% of users lose all their crypto potentially leading to bankruptcy, hence why brave is paid 200 dollars per sign up, because sweet profit. Not only that but it was accused of theft on its bat platform source, but I can’t fully verify this.
In fact there was a fork of brave (without telemetry) a while back, called braver but it was given countless lawsuits by brave, forced to rename, and eventually they gave up out of plain fear. It’s a shame really since open source was designed to encourage the community to participate, not a marketing feature.
Tl;dr: Brave‘s taken the fake privacy approach similar to a lot of other companies (e.g edge), use “privacy“ for marketing but in reality providing a hypocritical service which “blocks tracking” but instead tracks you.15 -
For those of you who are riding the crypto currency train I have a question. I'm looking to colocate a few antminer s9s and I'm unsure how to verify that the cooling will be adequate.
What is the best way to verify this?5 -
Was working on a system we planned on to deliver to a hospital
basically it was meant for controlling and monitoring pactions coming in and attendance time from the staff
Got it off the ground well and got to where the system was supposed to update room status
occupied/free then horror started
the db was not setting the room free after clearing a client off the list... room remained occupied and this kept on happening for 6 months and I was so focused on fixing the db models thinking thats where the problem was....
1 day after leaving the project for several months i just revisited the project randomly and started going through the whole code base trying to make sense of what was happening as there where no errors generated..
I had to verify the whole system logic... and that day i figured out what was happening...
upon adding a client to a room the system was also creating a duplicate room so when the function for setting the room free executes it would set the duplicate room free and not the actual room and the system would pick the room with occupied state causing the user not being able to assign new pactions to the room
Solving this brought so much relief coz it required so much work just to solve what seemed to be a minor issue5 -
"Hey guys we originally set the demo date to August 5th and thus far I have not seen any previews before that, what's going on here?"
Ok see, that is the kind of thing that I would take to me own lil broken heart IF:
1 It was coming from a product manager at where I work
2 He would never get any sort of updates or would just plain not know about us
3 He would be I dunno....fucking paying us?
This is the thing, a friend offered the chance to help him build a product for a business man somewhere down in the land of tacos. Being in a "fuck it" mood and not wanting to say no since it sounded interesting enough I said yes. The "owner" said that he would not be able to pay since he already had hired a team of developers before that did not deliver and as such he was instead offering a part of the company.....sounds familiar?
Not wanting to let my friend down, I told the owner that I would help just as long I get complete CTO power over the product and not crying about the stack being used or ME NOT GIVING THE PRODUCT MY FULL ATTENTION BECAUSE HE WAS NOT FUCKING PAYING.
He said ok.
Of course he did not like it, but he said ok.
He has been asking for the code, the platform, demos and a bunch of other shit which I continue to refuse since he has not offered me or my boy a copy of the legal documents that we require.
Him: "You will get them soon enough, I still need to see the product just to make sure everything is ok"
Me: "You wouldn't even know where to begin looking unless you have a third party that could verify the code, last time I checked I was to be the only one good for this"
Him: "Yeah and you and <friend> are, but I just need to see the product"
Me: "I send you videos and demos, sorry dude, but no binding document == no code. I know you think I am young, give me some fucking credit because this is not my first rodeo"
Him: "I am not trying to play you or anything, you can trust me"
Me: "No, not really. Talk to me about this when you get the documents"
Him: "Well its cuz this is taking too long...."
Me: "Tssss I know!!! It sucks right? Want a good product, built with all the bells and whistles and YOU DON'T WANT TO PAY? guess what dude, I do have a full time job, your product gets my minimal attention, right there at the bottom next to taking a shit, meaning that I will give your product the same time and attention as I would going to the throne. Aye don't feel that bad, I normally take about 1 hour on the shitter, you get that for fucking free."
To be fair ladies and gents I normally don't just explode on people like this. But I just can't fathom not paying someone for a rather large software product, with only a promise that "it will sell" and then telling them to hurry up.
Far as I am concerned this product will flop, but he seems to think it is the next big thing(of course).
He can go choke on some chode.
Fucking prick.1 -
Got to love when the on-call takes their sweet-fucking time with the back-up. All this because the lazy douche did not what to verify the back-up was complete.
-
Just had the worst exam of my life today in system development at my university. This cock sucking bitch of a sensor claimed I was wrong in various assumptions about Extreme Programming. Such as: saying XP is an incremental process and not iterative. Claiming UP is more iterative than XP and that various analogies about what iterative means compared to incremental was wrong and even disrupting me while I was talking. Mind you I've been studying these subjects closely the last week and have been reading most of The Pragmatic Programmer to verify various things she disagreed upon. Result grade? In the middle of the fucking scale. Fuck this shit. I'm just glad the grade won't appear on my final graduation papers. And yes, I'm a perfectionist when it comes to this and programming, so if I'm in the wrong please correct me.1
-
My phone suddenly is stuck in a reboot loop.
all solutions did not work (Safemode, Recoverymode etc)
It was time for a new phone.
well... most of my logins have now 2 factor authentication. That got me thinking:
imagine that you lost all your trusted devices in a house fire.
you cannot get in your email because of you need to verify.
you cannot buy stuff online because your phone gets a message.
and in certain cases you cannot even get in your password manager of the same reason.
I know that there are recovery codes and other solutions to this.. oh boy you are F*cked when you don't have your phone.
Everything turned out okay, Sim Card in different phone for messages. And new phone works like a charm :)14 -
Me and new guy are working on something. We're both in different countries.
New guy just graduated a couple of months ago. Thinks he's better than us, egoistic, refuses to accept his mistake. Cannot work well in a team and arrogant. Basically a package.
I fucking spent 3 hrs trying to look for a bug in my code, which doesn't exist in the first place. Because he's a lazy fuck and refuses to even accept that he might've made a bug (evident from the fact that his first reaction was to blame me and second reaction was to verify his code)
And he doesn't have the decency to admit that he made a mistake.
What's even more sad is that I've to babysit him cuz he's incompetent.
It's fucking obnoxious.2 -
NOTE TO SELF:
Verify with your coworkers about how you plan to attack a certain feature if you’re unsure, especially since you work remotely. If not, you’ll have to fucking redo a feature three times -
This is how security bugs get introduced into open source. This comment came into a project I'm watching today, and I don't have the time to follow up on how bad of an idea that is:
"If you are still interested, I got it working by removing verify=True"1 -
Some context about me. Close to 3 years experience as a java developer. 1st class honours in Computer science plus oracle java 8 professional certified.
Today while discussing to a senior developer about a technical solution, he asked me a question.
Are you familiar with 'extends'?
He was talking about the keyword. I am so disturbed by it. Here I was thinking I was doing a great job. And he felt the need to verify if I knew inheritance keyword..
God knows what he and his fellow senior colleagues talk about me.. I must be looking like an absolute idiot in their eyes all this time.. -
So I’m in a bit of a pickle.
I’ve become involved with a pretty fast paced group project. We’ve got 9 weeks to write up a mock PDR and all of the communication is done through Discord and teleconferences. As of last week an issue came up where one of the teammates (Black) felt accused by Red of being called authoritative and feels disrespected by the following message: “I don't know if I'm picking up on it correctly, but it feels like you want to control every situation. I feel like you're trying to take on a part of everyone's role so that you also need more people a part of each sub category. I think whatever happened is done whether we did turn it in late or not, I don't think we need to pressure others to do more that is needed. Also, Project Manager's dad passed. Not to make it an excuse, but I think it should be taken into consideration. Also, we didn't even verify all the positions til the meeting we had. So even still, we would have had to turn it in late since there were so many arrangements
If you don't trust your other members to do their job without having to be supervised, it can be counterintuitive to the whole teamwork aspect.” This message was sent after we missed a deadline to submit a team organization chart and Black team member insisted on becoming a third Assistant Project manager while making it seem as the other 2 APM’s were incompetent at their job.
Although I agree that it is difficult to communicate all of your emotions through written messages, I still think that taking your tone into consideration is crucial when working remotely. Am I wrong? Is there a better way to work with this team member? It’s still very early on in the project and this is the first time I’m working on a project with others with very little face to face communication. Typically when similar issues became present in other group projects, we would all sit down and discuss it and try to reach an agreement (or at least an understanding of where everyone is come from). Any advice is seriously appreciated.13 -
Fucking ant-cumstained garbage bag. How come you are so inaccessible you satan website.
I wanted to look at someone on facebook. But for some things you need an account, so I sign up with my spam mail and a random name and the birth date that was filled in
When I try to login facebook says: your account might be compromised, what is your birth date to verify it's you.
Wtf I just made this. So I fill in the standard birth date.
WRONG BIRTH DATE YOU CAN'T TRY AGAIN FOR THE NEXT 15 MIN
Im glad I abandoned you long ago.
But apparently you know you suck since you don't allow new users? -
Small chaotic startup that never grew up (15 years atm).
Hosts/maintains a number of apps/sites for various customers.
At some point, someone decides that a CMS would be usefull to maintain the content across all products. Forgoing all sense, reason and the very notion of "additional maintenance and dev" it is decided that one should be built in-house.
Fast forward a number of years.
Ops performs routine maintenance on prod-servers. A java-patch accidently knocks out one of the pillars a 3rd party lib the CMS uses for storing images. CMS basically burst in to flames causing a.... significant incident.
Enter yours truly to fix the mess.
Spend a few days replacing the affected 3rd party lib. Run tests on CMS in test and staging environments. Apply java-patch. All seems fine.
When speaking to frontenders and app-devs, a significant hurdle present itself:
All test/staging instances of all websites/apps/etc ALL USE PRODUCTION CMS. Hardcoded. No way around.
There is -no- way to properly test and verify the functionality of any changes made to the home-brewed CMS.
My patch did indeed work in the end.
But did the company learn anything? Did they listen to my reasoning, pleading or even anguished screams for sanity?
No.6 -
My first exposure to computers was when i was 7 in 98. Hp Palvillion with windows 98. Got it from walmart and it cost around $1100. Brought it home and i hooked it up on my own on the living room floor. First program installed was "who wants to be a millionare", fitting that a game be the first thing installed since it was for homework. I lived 16 miles from town at the time so i really had no friends and the isolation made it hard for me to adjust in school to the point that i was a loud kid seeking attention. Then we got dialup and i found invisionfree forums which my first programing experiance with javascript started. And no I'm not talking about jquery I'm talking about the real thing.
Fast foward a year. I find an opensource arcade and learn php while writting an arcade from scratch that uses curl to mitm login to verify the user. Later that month i create a small project that dynamicly creates a signature image for the top 1000 posters on a coding forum i liked.
Then all hell broke loose when i found osdev.org, thought i was going to be a badass and make the ultimate operating system that would combine linux, windows, and mac where it could run anything. Reality Check hit me like a semi and train hitting at full force trying that and made me look into hacking. Spent alittle while breaking windows in so many ways and talking to others on irc until i was about to turn 18. Switched to ubuntu 12.04 my senior year while that was occuring. -
since everybody seems to hate gradle i would like to say how much i like gradle for its possibility to build even big java projects from the commandline without the need of a a lot o scripts and especially the possibility to create a wrapper in order to use it even when its not installed on said machine.
it is the only reason why i am learning java now (i fucking loathe eclipse at the moment).
and regarding its speed. i had both. windows and linux. and for some reason i could only verify its slowliness on windows.1 -
I just got my third 128GB MicroSD card off Amazon, this time SanDisk. Yet again, trying to do anything not involving the OEM full-disk exFAT partition staying intact (which, fuck that, all that uses that is Windows and Linux, i'm looking for splitting this thicc bih up) shifts EVERYTHING, including MBR+PT/GPT down the disk by 16MB exactly inserting data from... the atmosphere? whatever's using it? ...do SD cards have that secure key/DRM store space thing still?
(EDIT: I do verify that they ARE genuinely the right size after purchasing before reformatting or repartitioning, by the way.)
First it was a Silicon Power card, then a Samsung card, now a SanDisk.
(Also, why all S?)
Luckily, this time it wasn't a pain in the ass to get it to read as anything but "Bad Card" or a 0-byte/empty/non-existent device in Windows/Linux (respectively) so I was able to see that it was indeed the same issue without taking 3 days to jump through device hoops to finally get it to do it again but in such a way that it shifts out and back in all zeroes.2 -
!rant
Digging though my old emails found this joke sent to me long time ago. Think that originally was posted in a 1997 issue of Computerworld. Maybe you already suffered the effect of the "Opcodes" listed here. Hope that !tl;dr
ARG Agree to Run Garbage
BDM Branch and Destroy Memory
CMN Convert to Mayan Numerals
DDS Damage Disk and Stop
EMR Emit Microwave Radiation
ETO Emulate Toaster Oven
FSE Fake Serious Error
GSI Garble Subsequent Instructions
GQS Go Quarter Speed
HEM Hide Evidence of Malfunction
IDD Inhale Dust and Die
IKI Ignore Keyboard Input
IMU Irradiate and Mutate User
JPF Jam Paper Feed
JUM Jeer at Users Mistake
KFP Kindle Fire in Printer
LNM Launch Nuclear Missiles
MAW Make Aggravating Whine
NNI Neglect Next Instruction
OBU Overheat and Burn if Unattended
PNG Pass Noxious Gas
QWF Quit Working Forever
QVC Question Valid Command
RWD Read Wrong Device
SCE Simulate Correct Execution
SDJ Send Data to Japan
TTC Tangle Tape and Crash
UBC Use Bad Chip
VDP Violate Design Parameters
VMB Verify and Make Bad
WAF Warn After Fact
XID eXchange Instruction with Data
YII Yield to Irresistible Impulse
ZAM Zero All Memory -
When you've worked on a project for a whole week, and finaly verify it against the hardware and everything works!
-
"Write the failing test first."
Oh, I know. This is probably simple, but when you're stuck on support tickets - there's no faster way than to write a test for whatever the issue is and run it.
You wind up having a quick way to verify your bug fix and you now have a test going forward to ensure the bug never happens again. -
I'm a workaholic.
My boss literally told me I've only used 1 PTO day this year and with only 2 weeks left I HAVE to take at least the rest of this week off.
Guess... I'm getting a really long weekend, took tomorrow thru Friday off, Monday and Tuesday are holiday, so only 3 days left of the year after 5 today.
Not taking the last 3 days next week because I don't trust my one co-worker to do end of month/year procedures without me there to verify they didn't fuck up anything.
Now I just have to get through that time stressing about things I'm responsible for breaking while I'm not there.5 -
The fucking worst part of my job is when I get thrown an error on a bug I'm trying to fix and it doesn't even contain an error message. For example, I'll try to verify a self signed certificate but I get an error and literally the only error thrown is [Error 0], no fucking message. If you try to track down the error in the docs they don't even fucking list errors. Times like these make me wish I could castrate people with my1
-
Got a problem with an AUR package. Decided to ask the AUR maintainer. Registered on the AUR page. Can't login, receiving HTTP400 bad referrer header.
Decided to report that issue. To do so, I need to register on the Arch Linux Website. Did that. To finish registration, I need to verify my account. However, the verification button just does nothing.
Removed AUR package.3 -
Well I can't forgot this.
In college I met a guy with whom I passed the same subjects, we had friends in common but we never spoke until after a time (8 months later) he said: "hey can you help me with my problem? I'm doing a website and I want you to verify this database... now".
I just said "ok let's see"... When I gave him my observations he said: "thank you .. I don't remember your name right now but... don't you wanna do this website with me?".
And that's how I met one of my bestfriend and coworker.6 -
In interview tests I don't mind you testing for me to know something. However I don't care for tests that are designed to verify the lead is smarter.1
-
I was discussing scope and budget with a potential client for a side project. It involved a good bit of complex postgresql and subsequent aggregations and creation of reports. He was hiring because the last guy's work was so poorly documented, they couldn't verify its accuracy.
Me: "So, what are your thoughts on a budget?"
Him: "We were thinking something like $15/hour."
Me: "Um...ok. If I can ask, where did you get that number?"
Him: "That's what we paid the last guy."
😑😑😑😑😑😑4 -
Trying to use authenticate a JWT token from an Azure service, which apparently needs to use Azure AD Identity services (Microsoft Entra ID, Azure AD B2C, pick your poison). I sent a request to our Azure admin. Two days later, I follow up, "Sorry, I forgot...here you go..."
Sends me a (small) screenshot of the some of the properties+GUIDs I need, hoping I don't mess up, still missing a few values.
Me: "I need the instance url, domain, and client secret."
<hour later>
T: "Sorry, I don't understand what those are."
Me: "The login URL. I assume it's the default, but I can't see what you see. Any shot you can give me at least read permissions so I can see the various properties without having to bother you?"
T: "I don't see any URLs, I'll send you the config json, the values you need should be in there."
<10 minutes later, I get a json file, nothing I needed>
<find screenshots of what I'm looking for, send em to T>
Me: "The Endpoints, what URLs do you see when you click Endpoints?"
<20 minutes later, sends me the list of endpoints, exactly what I'm looking for, but still not authenticating the JWT>
Me: "Still not working. Not getting an error, just that the authentication is failing. Don't know if it's the JWT, am I missing a slash, or what. Any way I can get at least read permissions so I don't have to keep bugging you to see certain values?"
T: "What do you need, exactly?"
Me: "I don't know. I don't know if I'm using the right secret key, I can't verify if I'm using the right client id. I feel like I'm guessing trying to make this work."
T: "What exactly are you trying to get working?"
<explain, again, what I'm trying to do>
T: "That's probably not going to work. We don't allow AD authentication from the outside world."
Me: "Yes we do. Microsoft Teams, Outlook, the remote access services. I can log into those services from home using my AD credentials."
T: "Oh yea, I guess we do. I meant what you are trying to do. Azure doesn't allow outside services to authenticate using a JWT. Sorry."
FRACK FRACK FRACK!!
Whew! Putting the flamethrower away.
Thanks devrant for letting me rant.3 -
About skyRant. I really like what you're doing for establishing it as a third party app with the verify login thing. Technically there is no way for me to verify if the app I'm using is using that source code unless I built it myself, but still nice.
I do feel a bit odd about having additional data such as reactions on the skyRant platform. It's cool and all, but it degrades the experience for anyone not using skyRant. If I like someone's post with a ❤️ there is no guarantee that user will see it. Idk just some random thoughts, but very cool app! :)7 -
My boss is being a stupid cunt. To give you a background we were facing issues with our Collections system. First week December 2019, I and a colleague of mine came up with a new efficient collections architecture. My colleague and I started to Code and create automation scripts mid December and completed it in First week of Jan 2020. This PoC version was supposed to be just between the Dev team(App Dev and Back end, also one from the Ops side to verify the data). I did not receive any feedback on the actual collections system and the data integrity but during this time all they’ve done is take meetings with no real outcome. I raised this and the only email I got is data is looking fine when I know it is not.Now in First week of Feb, he is stressing us to go ahead and deploy the architecture in Production and we have not done any Code Review, Static Code analysis, any real tests on Code and deployment scripts. Have not discussed any metrics for our dashboard and alerting. I have no idea how to handle this cunt. I have even asked for resources to atleast productionalize the code and move ahead the deployment and still no out come. I’ll go in a meeting with him in an hour, I will be very blunt and tell him that whatever he is doing is a foolish way and maybe resign in couple of weeks6
-
Do you trust github/gitlab/bitbucket? If you self-host, do you trust your hosting? do you trust gitea? if you don't use gitea, do you trust git? do you trust the way you got your copy of git? do you trust your os, as it might have tampered with your git? did you read the code? do you trust your internet connection that might have changed some packets? do you trust your https implementation? did you examine the traffic? do you trust your traffic sniffing tool? if you use your own hardware, do you trust it? do you trust its CPU/bios? if it's risk-v, do you trust chinese vendors of your cpu? they might have put some backdoors there. do you trust your other hardware? okay, you have the money to make your own cpus. do you trust your employees? do you trust your silicon? do you trust the measuring equipment you used to check if your cpu is safe? do you trust the literature in the field? but did you verify it though? did you?
it's always who you trust. if you want to bake an apple pie from scratch, you must first create the universe.9 -
Note to self:
Close off ALL ways things could go wrong..
Long story short; I released a new feature, to be able to better follow up on any stock moves, their amounts, locations and even expiry dates. An older tool just bypassed that very verification and nothing was logged or taken out of stock.
~
Taking out an amount for a certain orderline has a shortcut in place to mitigate some of the mandatory steps that pickers need to take in order to verify what's being taken. This little tool only available, visible and possible for a very few select users.
I assigned some orders to one of these people, which made him think it was an urgent batch. It's only one product, for multiple orders, so he went to the location, took out the amount needed and then used the tool to quickly be able to prepare them for shipping.
This bypassed the new methods to check if the location actually had stock to take, which I had just enabled for 1 account.
Luckily I caught the miss-hap as I was monitoring that product first-hand and noticed the batch of orders was collected but the stock amount didn't update.
It was 5min before I was leaving work, so I investigated and then ran to the person in question to ask what he did; which was "I used that tool"
I facepalmed myself internally while blaming myself, as he couldn't know that it wasn't ready to use for that purpose.
The tools to fix this up are there already.. so I used that to fix some missing stock-takes manually.. Though I'll need to close that little tool for these kind of orders for sure, asap, probably when I get home, at least until I bring over its new logic to it.
Happy Tuesday? (: -
Had to port a python code some other guy wrote using opencv for some image processing stuff to Java. I thought "how tough can it be? Let's just try it out on python first just to verify the results", only to waste an entire fucking day trying to install opencv first and make it work and to add to it the crappy opencv documentation were no help. In the end I had to just give up on this shit and decide to just do the Java implementation which I later verified from the python guy's results.
-
Holy fuck I'm tired of domain.com... I bought my domain with them about a year ago, and quickly I discovered how shit they are.
I can almost never access the console, the default view most of the time loads, although even that is incredibly slow. When the console loads, all settings regarding my domain are just loading. Every once in a blue moon I can actually access the settings and do something.
I got tired of it, and started transferring the domain to Cloudflare. That's where I messed up, and didn't know I had to verify the transfer twice, so the domain ended up expiring during the transfer process. Now domain.com has my domain completely locked down, pointing it to one of those 'expired' nameservers.
So three days ago I thought fuck it, I'll pay domain.com to renew the domain, maybe that'll get the domain transferred, or at least get my domain open again, so I can receive emails again, because in all my nerdiness I decided to set up a custom email using 'name@customdomain.com'. So I haven't been able to receive any emails for two weeks now.
Anyway, three days later the status of the domain is still 'pending renewal', and I can't for the life of me figure out how something like this isn't completely automated, and the domain isn't just working again.
So just now I decided to contact their live chat, and even they can't change the nameservers on my domain, and I have to be transferred to a specialist, who will then contact me by mail within 24-48 hours. Fuck I hate domain.com, and I'll certainly never buy from them again5 -
Fuck you Scaleway! With a large rusty spiked pole!
Yesterday you locked my account due to "suspicious activity" and asked me for ID to verify me for "anti-fraud reasons". Fair enough. I comply, and you unlock my account.
Today, another person from support locks my account AGAIN, saying that I haven't yet replied and requests that I send you my ID *AGAIN*.
Either you motherfuckers have no fucking clue how to handle a fucking support ticket, or your answers are NOT FUCKING CLEAR.
Fuck you and your free credits, I'd rather spend money on a service I can actually rely upon.5 -
Is There any good open source test automation frameworks testers can use to verify database insertions, such as message transactions? Everyday I get questions from testers to verify data and it's so tedious looking at MySQL tables to see if there data is present.4
-
I looked at an SQL server today from a customer, talked with one of their devs and he said that he's unable to understand why the server misbehaves... All (!) queries were optimized, but they have 'big data queries'... Migraine started, I had a very bad feeling. Monitoring? Nooooppeeee. Migraine kicks in. Connected to server. SHOW GLOBAL VARIABLES...
After a bit of scrolling I found a lot of misconfigured variables (e.g. extreme large join buffers, unrealistic buffer sizes), high slow query count (nearly 60 % of COM_SELECT) and a few variables that were unknown to me.
Then came the version line.
5.0.46
Yes. 5.0.46.
Big data? Well... 30 GB of usage data.
I called the company back... The dev told me sternly that this was the production server (I had hope...) and that I lie - neither the version, nor the variables could be the problem.
A coworker had to verify it and our manager had to do the communication... Worst, most traumatic working day I ever had. -
I am developing a twitter bot which will post local weather daily. After few test tweets, twitter locked the account and asked to verify account by calling. They called and I wrote down the verification code but THE FUCKING TWITTER returns a "Something went wrong." error with no actual clue about the problem.
-
Someone tell me should I just give up because I'm stupid and simple shit escapes me or tell me bro calm the fuck down the guy is full of shit...
Dude says he can't verify 3rd statement in a nested IF - elseif logic because the third check for a false condition is the True condition in the first 2 statements.
So
If (mode) = manual and then
Data(g) /= Status1
Or else Data(g) = Invalid
Then
Do this thing that sounds cool
Elsif
Data(g) = Status1
And then Data(g) /= Invalid
Then
Do something else equally cool
Elsif (mode) /= manual
and then Data(g) /= Invalid
and then Data(g) /= Status1
Then
Do some less cool stuff
end if4 -
==============
Getting Feedback Rant!
=============
When "this is simpler" feedback results in a function of 500 lines of code.
When I get "don't do X" in the feedback. Thank you very much. What do you want me to do instead?
Unclear feedback.
When the feedback giver changes his mind after I applied the changes!
When applying the feedback introduces a bug.
Simply opinionated feedback that is not enforced by any tool or backed up by any facts.
Please find something better to do in life.
Unactionable feedback.
"Consider X"
I will not consider thank you very much.
"Verify this works"
Duh..
When the feedback giver knows something that you don't.
I know this is a legit case.. still annoying.
"I disagree with the feature"
Go argue with the PM, not relevant to me, thanks!
=====================
GIVING FEEDBACK RANT
=====================
I rewrote the system. Please review it.
No need to review, just approve.
I will change this as part of the next ticket.
I would like to keep it the way it is.
lazy ass..
You can't test this.
It's impossible to test this.
No need to test this.
There's no point to test this.
I'll test this on production.
Not sure why this is working..
Please document this..
Because documentation is like a thing, you know.
Oh, this code is not related to this PR, I just don't want to open a new branch for such a small change. ignore it.
Ignore this.
This will be meaningful in my next change. -
!rant
Before I left my other company I was in the midst of finishing one project and I was ansious to finish everything to leave as a rockstar. Now, one of my js scripts brought a huge and long json response that had many nested items and arrays and whatnot. Instead of properly destructuring or finding a particular piece that went similarly to "status": "Verify input"(that was nested unser a shitload of items) i did the unspeakable......i stringified the whole object and just used indexOf.
I still feel guilty over it...but it works :P thing is, if it returns that it means that the user entered an invalid status into the app (it was an inventory application) but it works :P
Oh well. Mind you they thought it was going to take months and I finished in 1 week so yay. -
Just visited a website, which at the top of every page "Please paste your Google Webmaster Tools verification here"
What's odd, is this isn't a way I've seen to verify. Some kind of odd scam? 🤔2 -
fucking "premium subscription" is just a reboot of the "bundling" bullshit from the cable companies.
no i dont really wanna pay 4 bucks to rent a shitty halloween flick for 48 hours that i randomly got nostalgia for, nor do i want to pay an additional 8 bucks a month for your streaming service that i hardly use to begin with to include Starz or whatever.
oh a free 7 day trial will get me access you say? oh but of course you need my credit card first just to verify that im real and then conveniently charge me when i forgot i signed up and keep my money after i cancel.
too lazy to torrent. movie wasnt that great either, so not really worth the effort.7 -
Lesson learned. As a newbie to git and vcs in general, always verify a rebase to make sure you didn't accidentally delete your last days work before force pushing and overwriting the company repository. Also, don't get into a situation where you need to do that in the first place.
-
That's funny how I'm pretty sure I had interaction on devRant with people I know IRL, without the possibility to verify. I like the mystery that maybe the guy I saw commenting or ranting is someone I am familiar with.2
-
SO , i just ran into this database called ArangoDB and it claims to single handedly beat Mongo,Neo4j,Postgres and claims to be capable of handling any use case you can throw at it.
If anyone could verify this claim , such an ideal database just makes me question it's existence.5 -
TLDR: I wanted to change email to new one, but I could not remember which one I have
currently. I found out an API in DevRant JS files for email verification and used
it to find it out.
So, I am moving from Gmail to Protonmail Pro, absolutely love their service.
I wanted to do same on Devrant but I could not figure out my current mail for
"I lost my password" form. My Password Manager have only login saved, and profile does
not show email address.
I thought that this user information is stored on server so it have to be some way to retrieve it. I dug
in source code and I've found:
`<div class="signup-title">Verify Your Email</div>`
Which has event assigned to function which uses jQuery.ajax (love it btw :D) to call:
`url: "/api/users/me/resend-confirm",`
This seems like worth a shot. Few copy-pastes and one ajax call later:
*Ding*
From: support@devrant.io
To: dawid@dawidgoslawski.pl
"Welcome to Devrant"
Got it :) So I have already changed in march when DevRant on previous layout.
This is what I love in this profession - problem solving. AI will not replace human
in any way, we will just stop coding array iterations and data manipulation - we will focus
on real problem solving and human touch (like design, convincing management for changes).1 -
Well, the solution works on the co-workers machine. Checked out the same branch on mine and it doesn't work. Tried restarting the computer, and now the application doesn't start at all. On top of that hassle I have to deal with creating tickets for something that in the end took three minutes to fix, just to verify a change in our test environment. That email-communication took all week.
How do you guys keep your calm? Because I'm almost bursting from this, it's so frustrating.3 -
I'm about to submit an app to the App Store. I took some time to make sure signing in/out of different social media accounts worked properly in my app.
I've been locked out of my Facebook developer account since yesterday due to "suspicious activity" and was asked to upload a photo of myself to verify my identity. I'm not too confident my account will be unlocked as I don't use Facebook regularly and therefore never felt the need to upload a profile picture.
Fantastic.2 -
Oh my god devrant doesn't save rants posted by an unverified account. If you submit a rant and then verify your email, the story will just disappear into the void.9
-
What a delight to have to work on macOS. Not.
Took me two days to notarize our app bundle. The ultimate issue was a dead symlink inside the bundle which would make the codesign verify (with strict option!) fail, while verification of signing operation itself passed.
Notarization would just give generic error: not properly signes. -
Whenever I make a loop or any block in general and then look it up just to verify and mine is overcomplicated
-
I want to slap the previous devs on my team. Not the current ones, the previous once.
I don't need a comment on every. single. line. of. code
//verify thingies
if(thingies != null && thingies.count != 0) {
Like my god, i can read the if statement to know what it's doing, goddamn.
Comments should only be used when doing something that might not be immediately obvious to the next dev looking at the code.8 -
For all the iOS Users out there, stick to 10.3.3 (Still a small window to download and verify). Cool gifts are coming out.
-
!rant
I am so bored and wanted to see some cool moving charts. So I started work on a little market economy simulation with different sources, drains and recipes for a variety of resources. Traders buy stuff, produce stuff and sell stuff at prices. They look at the market, how it has evolved, offers and requests to determine the prices for which they want to buy and for which they want to sell their stuff.
Currently just basic stuff and testing manually since I haven't completed the whole market simulation tick method. And I want to verify if the Traders work as I expect. -
I was doing stuff in my room, when I slipped on my hand and landed on my knees. I look up, and I see my Raspberry Pi's GPIO pins puncturing my hand.
Fast-forward couple of hours, I decided to post a picture of it (it wasn't bleeding or anything) on Twitter. 2 seconds pass, and my account got suspended.
I have 2 simcards: one for calls, one for unlimited data.
Twitter is trying to call me to verify the account, but I have my data phone number in the profile.
FML.7 -
So, Recently I had made a short film "Brazen Epiphany" and I added it to IMDB, I discovered that IMDB has a flawed verification system, they don't actually verify edits. So, I credited myself for acting in various films. And, they got approved. Then one day, a writer of one of those movies discovered this and ranted on Twitter about it
https://twitter.com/varungrover/...
I told him about this whole stuff, Then I was contacted by a journalist amd they published a story on this
https://mumbaimirror.indiatimes.com/...
I know it's pretty lame to give wrong information to a community website, but I enjoyed it5 -
Spent days to setup a newer-Android version with reverse-proxy-HTTPS certificate in its CA store + one that'd support Google Play and signing in (old school man-in-the-middle).
FINALLY got the API calls of this 1 app whose unofficial client I wanted to make coz their main sucks ass. Just to get stuck on the phone-number-based OTP that they use for their login (:
They send a unique token for each OTP request, I assumed they're using some hard-coded string based function, which they decrypt on their backend to verify.
Downloaded their APK and decompiled. Went through dozens of weird-ass-named classes (coz decompiled). For the 2nd time I thought I had it!
But no -.- they call Google's Firebase messaging for the phone-num OTP n that function simply called firebase, looked into that service n ofc it's very tightly coupled with the calling API's backend
It was fun while it lasted I guess~~~1 -
The SIM card saga goes on:
To verify yourself, you need to go to some postal office and show them your ID and stuff. Not that this is complicated or anything (well actually, it is. Welcome to 2018 in Germany. We use more papers than potheads for the simplest shit), but you need to have a valid ID. Valid as in NOT EXPIRED. What the fuck. Why does my ID expire. Do I stop existing 3 years after getting it? What does it mean if it is, why is it culpable to have your ID expired. And who gets charged for having none, I mean obviously my ID doesn't identify me anymore?
What the hell man. I don't exist for 6 months now. Am I law free as not identifiable entity or how does it work?
And now the real question:
We got something called Bafög in Germany. Basically you get a bit money while studying. (I still work tho, I don't get really much from it.)
To apply for it, you need some tax number, which seemingly can be seen as a proof of my existence and my identity.
Why is this enough, why don't I need a valid ID there?
Germany is weird man. On the one hand government is all social and you get help if you need it but on the other hand you need to sacrifice 17 virigins to apply for said help..2 -
!dev
So as usual I received some call from telemarketer and I started from other perspective this time.
I asked how I can be sure that the person on the other side is telling the truth.
That pissed the telemarketer that started challenging me by reading my company data but I calmly responded that it doesn’t proof anything cause I don’t know anything about you - the person who are calling me.
I know who I am but how I can trust who you are ? You just provided me your name that I don’t know it’s true cause I have no methods to verify that.
That pissed telemarketer so much.
Some time ago before you put money in bank you know the banker. If someone was stealing this money you probably know from your police who is it and where he’s probably hiding.
The future we’re trying to go right now with this machine stuff that makes job for us is completely different.
We’re more and more separated from reality that is our planet dying. More and more animals and plants are dying, nobody cares about it.
Despite me working a lot with new tech I am more and more sceptic of how technology is shaping us. We sooner or later wont be able to shit without computer ( lots of us is probably already there bringing cellphones as companions for good nice shit rolling ).
Is it the future we want ?
The future where you need to beat computer to have contact with nice people. Cause I see it everywhere now. The technology is stupid and not perfect so lots of us is forced to align to this crap right now. Use the technology and beat the algorithms to connect with human. That’s the future we want ? Really ?
Some idiotic algorithms that are trying to tell us that this is what you need to watch ? This is what you need to eat ?
This is where you need to be ?
Take our time and turn it to view count slash likes and subscribes shit hole ?
The technology power show that everyone wants to buy but you won’t even use 10% of it’s capabilities cause it’s blocked by company that sells it ?
I’m more and more disappointed by this world.
Anyway Telemarketer didn’t want to admit that is alien robot who is trying to kill humans by selling me this machine so I hanged up cause I had nothing more interesting to say.
I think they will finally stop calling me.2 -
I'm given a simple assignment to update email templates. I tot it would be a breeze.
It turn out SURPRISE! After the updating of template is done. I deploy the code in the development environment.
I tried to access the email template like how the user will see to verify all is good. It turn out i am facing error.
So uhh ok, i went to check the logs to see what the hiccups. It turn out that a table is missing. But this is production code. So my question how the hell did the production environment has the table but dev don't.....6 -
Motherfucking peace of shit....
Dont know to whom I should direct this to .
Was creating a new login page for web app using Quasar(vue.js). Since my application have 2 different types of user, which also have different UI, and functionality.
One is written in vanilla ( and is quiet heavy) and the other one in vuejs ( though earlier it was written in vanilla too ). Login page too was written in vanilla which was working fine.
Now just yesterday I finished a prototype for the third type of user, which is also written in vuejs. Now I decided to re create login page using vuejs. Quiet small and easy to do. Finished it yesterday itself. Now since today's morning I am trying to configure it so that it this piece of shit just let me log in. It was authentication and verifying but not letting me log in.
( On server after authentication, I set cookies/token on clients browser and auto reload the page, so during next request to server/ or during reload, server will read the cookie/token and send the specific admin panel to user)
Prick. Dick.
It was setting cookie, but not at the '/' path. Mother fucker.
It was setting cookie to the path I was sending login credentials ( which was different from '/', I.e.- /login/verify=password )
So it was setting cookie/token at '/login/verify=password'.
Even tried setting path for cookie at server. Read everything on internet. MF nothing worked. All I came across was, 'this is CORS' .... 'this is CORS'. Assholes, if it were CORS', how then I am able to make request to server and getting response without error
Only a hour ago, when I made get request to '/login/verify=password' I figured out, cookie is being sent to server for this path only. Then did some changes at server, so to send login credentials to '/'. Now that shit is working
Fucking waste of time. Wasted more than 6 hours. Asshole.
Btw, if you can suggest a better way to login, then please. -
Hello, my first time here. I got to know this website/app from my PM because I need to vent it somewhere other than him according to my PM.
So, here goes my first rant. The date is today (Monday). The rant subject is our new tester. Some context on the guy. He started in our office 8 weeks ago and his title is senior tester with some years in testing. Me and my team with the exception of our PM are new hires and for me, this is my first job after graduation.
After a grueling month of pushing for new modules and bug fixes from our monthly UAT from the client (yes, this will be a future rant one day), about 2/3 of the team is on vacation paired with a long weekend. So, a very few ppl in the team including me and my PM came for today.
I usually came quite early, around 8 am as I commute with public transportation. As soon as I have my breakfast and just getting ready to open my dev laptop, he came to me with a bug. This is like under an hour I came to office. I'm ok with anything related to the project as today was deployment day to test server for our monthly UAT. So, I check the bug and it wasn't my module but the PIC is not there and I familiar with the code thus I fixing the module.
Then, not even 15 mins later, while fixing this module, he came to me with another bug. I'm still the only one who in office that can fix it thus have to do it too. Finished the both bugs, pushed and je retested it. Fortunately, my PM and another colleague came. But, for some reason, he only comes to me for the bug fixes.
The annoying thing for me is that he comes to me every time he found an obstacle, bug or glitch. At this rate, by hourly. Thus, this cycle of impromptu going around fixing-on-the-go for the project begins, for me. Then, my PM asks him abt our past issue log given by the client UAT. Another annoying part is he never checks the clients feedback to see if the result can be produced again. The time he checks it is when ppl ask abt it and test it 1 by 1. Then he came to me again with why x person marked it as done. Like hell I know why they marked it done, you the one who need to check with them. Thus, I called/messaged the PIC for x modules abt the issue and then they explain it. I have to explain it again to him abt it and then he makes the summary report for the feedback. This goes until lunch.
I thought the bug fixes is over and I can deploy it after lunch. I thought wrong and I kinda regret coming back early from lunch which I thought I can rest for a while with the debacle over morning. Nope, straight he comes to me after I sit down for 10 mins and until almost work hour is done, he came to me with small bugs and issues like previously, hourly. By then I think I crushed like ~10 bugs/issues and I'm knackered. I complained to the PM many times and the PM also said to him many times but he still does it again and again. Even the PM also ranted to me abt his behavior. The attitude of not compiling an issue log for the day and not testing the system to verify what the client feedbacks are valid or not is grinding my gears more and more. Not hating the guy even though his personality is quite unique but this is totally grinding ppl's gears atm. As of now, it's midnight and I finally deployed the system to the testing server. This totally drains my mental health and it's just Monday. May god have mercy on me.
Owh, the other colleague that come today? He was doing pretty much the same thing but he was resolving a major issue which is why the tester came to me.2 -
I have come to learn that when you script nearly everything in your job, what remains are the real pain in the ass clients.
I have told this particular client before that the issue does not lie with our equipment. I have verified while on a conference call with the other vendors that I am out of the equation. They concurred while the client was on the phone.
And yet.... Today, almost two weeks later, I have been assigned a ticket to re-verify our settings and to potentially troubleshoot !OurEquipment.
What hurts me the most is that my CEO is the best boss I have ever had, but he panders to these clients that do not listen to the diagnosis.
I am literally doing the same thing over again. I am not expecting a different outcome. I don't know why others expect a different outcome.
Because of this one example (and other similar ones), I am so tempted to leave an otherwise great company and environment. -
My manager had someone else manage me for my whole time at the company so far. Nearly two years now. Anything I’d come to him with, he’d direct me to this other person.
Fair enough, dude’s really good and I learn a lot from him. I see why they trust him with so much. I think he’s a genius. I’ll never be that good. Embarrassed I’m only a few years his junior. Wonder why he’s okay with being a manager for employee pay. Don’t think about it much, normal corporate BS.
Well it got way more “normal” when his ass got laid off without notice. Feel terrible. Him and 70% of my branch’s full timers. Wonder how I got so lucky. Everyone’s gone. We barely have enough people to do a standup. They all had 5+ years on their belts minimum. Only the contractors are left.
Manager emergency meets with me. Tells me all his best staff are gone and I am now the only front end guy on the team. He tells me he is not confident in the fact I am responsible for all of the old guys work and he is worried. He thinks I can’t do it cause he thinks I suck. Fuck me man.
My manager is pissing himself realizing he has lost the only people keeping HIS job for him. He has no clue my skill level. He sees my PR’s take a bit longer to merge, yet doesn’t realize I asked that friend of mine who was managing me to critique my code a bit harder, mentorship if you will, so we’d often chat about how to make the code better or different ways of approaching problems from his brain, which I appreciated. He has seen non-blocking errors come through in our build pipelines, like a quota being reached for our kube cluster (some server BS idfk, all I know is I message this Chinese man on slack when I get this error and he refreshes the pods for me) which means we can only run a build 8x in one day before we are capped. Of all people, he should be aware of this error message and what is involved with fixing it but he sees it and nope, he reaches out to me (after the other guy had logged out already, of course) stating my merged code changes broke the build and reverts it before EOD. Next day, build works fine. He has the other guy review my PR and approve, goes on assuming he helped me fix my broken code.
Additionally, he’s been off the editor for so long this fool wouldn’t even pass an intro to JavaScript course if he tried. He doesn’t know what I’m doing because HE just doesn’t know what I’m doing. Fuck me twice man.
I feel awful.
The dude who got fired has been called in for pointless meetings TO REVIEW MY CODE still. Like a few a week since he was laid off. When I ask my manager to approve my proposals, or check to verify the sanity of something (lots of new stuff, considering I’m the new manager *coughs*) he tells me he will check with him and get back to me (doesn’t) or he tells me to literally email him myself, but not to make any changes until he signs off on them.
It’s crazy cause he still gets on me about the speed of stuff. Bro we got NOTHING coming from top down because we just fired the whole damn corp and you have me emailing an ex-employee to verify PATCH LEVEL CHANGES TO OUR FUCKING CODE.
GET ME OUT5 -
The script I inherited uses REGEX to verify certain table fields are properly formatted as numbers... even though the fields in question are NUMBER-type fields!! :-/
-
Hello Apple,
Fuck you, more than a month trying to open a developer account without any chance, lot of fucking emails.
Lesson 1:
If you’re from a country and put a phone number from another country you will never be able to open a developer account? How did I know that? From my experience and many other people, but Apple just says: Error, that’s it you figure it out !
Lesson 2:
If you pay using a card on which the name is different than the name in the developer account, you have to wait longer and provide more documents. How did I know that? After fucking 5 tickets and more emails asking why my account is not ready yet, then they answered they need a document to verify my identity. If you don’t do that you will just rot waiting.
Lesson 3:
If they need an ID document, you have to email them first and ask why you’re account is not available yet, if you don’t you will just rot waiting. -
I swear I touched some weird and complex programming shit in over a decade of programming.
I interfaced myself through C# to C++ Firmware, I wrote Rfid antennas calibration and reading software with a crappy framework called OctaneSDK (seems easy until you have to know how radio signal math and ins and outs work to configure antennas for good performance), I wrote full blown, full stack enterprise web portals and applications.with most weird ass dbs since the era of JDBC, ODBC up to managed data access and entity framework, cloud documental databases and everything.
Please, please, please, PLEASE I BEG YOU, anyone, I don't even have the enough life force to pour into this, explain me why the hell Jest is still a thing in javascript testing.
I read on the site:
"Jest is a delightful JavaScript Testing Framework with a focus on simplicity."
Using jest doesn't feel any delightful and I can't see any spark of focus and simplicity in it.
I tried to configure it in an angular project and it's a clustefuck of your worst nightmares put togheter.
The amount of errors and problems and configurations I had to put up felt like setting up a clunky version of a rube goldberg's machine.
I had to uninstall karma/jasmine, creating config files floating around, configure project files and tell trough them to jest that he has to do path transformations because he can't read his own test files by itself and can't even read file dependencies and now it has a ton of errors importing dependencies.
Sure, it's focused on simplicity.
Moreover, the test are utter trash.
Hey launch this method and verify it's been launched 1 time.
Hey check if the page title is "x"
God, I hate js with passion since years, but every shit for js I put my hands on I always hope it will rehab its reputation to me, instead every fucking time it's worse than before. -
Recently many of us may have seen that viral image of a BSOD in a Ford car, saying the vehicle cannot be driven due to an update failure.
I haven't been able to verify the story in established news sources, so I won't be further commenting on it, specifically.
But the prospects of the very concept are quite... concerning.
Deploying updates and patches to software can be reasonably called *the software industry*. We almost have no V0 software in production nowadays, anywhere (except for some types of firmware).
Thus, as car and other devices become more and more reliant on larger software rather than much shorter onboard firmware, infrastructure for online updates becomes mandatory.
And large scale, major updates for deployed software on many different runtime environments can be messy even on the most stable situations and connections (even k8s makes available rolling updates with tests on cloud infrastructure, so the whole thing won't come crashing down).
Thereby, an update mess on automotive-OS software is a given, we just have to wait for it.
When it comes... it will be a mess. Auto manufacturers will adopt a "move fast and break things" approach, because those who don't will appear to be outcompeted by those who deploy lots of shiny things, very often.
It will lead to mass outages on otherwise dependable transportation - private transportation.
Car owners, the demographic that most strongly overlaps with every other powerful demographic, will put significant pressure on governments to do something about it.
Governments (and I might be wrong here) will likely adapt existing recall implementation laws to apply to automotive OS software updates.
That means having to go to the auto shop every time there is a software update.
If Windows may be used as a reference for update frequency, that means several times per day.
A more reasonable expectation would be once per month.
Still completely impossible for large groups of rural car owners.
That means industry instability due to regulation and shifting demographics, and that could as well affect the rest of the software industry (because laws are pesky like that, rules that apply to cars could easily be used to reign in cloud computing software).
Thus... Please, someone tells me I overlooked something or that I am underestimating the adaptability of the powers at play, because it seems like a storm is on the horizon, straight ahead.6 -
!rant
I had that installation of windows 3 to 4 years now.
I'm using a third party software for backup so everyday at 23:00 the backup service starts. The image is stored on a second HDD.
First i want to point out that i set up the windows maintenance around that time too. So any updates should occur then and i remember finding my PC at login screen couple of times meaning a restart had taken place.
Everything was fine all this time.
Couple of days ago i returned home late around 2 am to find a blue screen saying that the computer did not boot property the last time. Had two options, just restart or try to fix.
Of course i will fix it, come on.
Everything failed. Everything. Even safe mode won't boot.
Who cares i have the back up system image. Boot from the bootable usb stick and restore. Well nothing is happening. It's just freezing at 5%. Cancel. Try again. Cancel. Verify the image. Success! Try again! Nothing.
Damn. Im really tired, off to bed.
Woke up tried fixing and restore but to no avail.
Fuck it i will just install Windows fresh. I was set up after an hour or so installed the necessary drivers and such. Let's see that image of any file i want to get back.
Image is corrupted. What the fuck? How? Damn it. Mount and recovery also failed.
That's it. I did not lose any important files. I save everything on a different drive and also the backup.
But I'm wondering what had gone wrong.
My guess windows rebooted when the backup was running. If that's the case shouldn't be a check if such service is running?2 -
I need some advice to avoid stressing myself out. I'm in a situation where I feel stuck between a rock and a hard place at work, and it feels like there's no one to turn to. This is a long one, because context is needed.
I've been working on a fairly big CMS based website for a few years that's turned into multiple solutions that I'm more or less responsible for. During that time I've been optimizing the code base with proper design patterns, setting up continuous delivery, updating packaging etc. because I care that the next developer can quickly grasp what's going on, should they take over the project in the future. During that time I've been accused of over-engineering, which to an extent is true. It's something I've gotten a lot better at over the years, but I'm only human and error prone, so sometimes that's just how it is.
Anyways, after a few years of working on the project I get a new colleague that's going to help me on my CMS projects. It doesn't take long for me to realize that their code style is a mess. Inconsistent line breaks and naming conventions, really god awful anti-pattern code. There's no attempt to mimic the code style I've been using throughout the project, it's just complete chaos. The code "works", although it's not something I'd call production code. But they're new and learning, so I just sort of deal with it and remain patient, pointing out where they could optimize their code, teaching them basic object oriented design patterns like... just using freaking objects once in a while.
Fast forward a few years until now. They've learned nothing. Every time I read their code it's the same mess it's always been.
Concrete example: a part of the project uses Vue to render some common components in the frontend. Looking through the code, there is currently *no* attempt to include any air between functions, or any part of the code for that matter. Everything gets transpiled and minified so there's absolutely NO REASON to "compress" the code like this. Furthermore, they have often directly manipulated the DOM from the JavaScript code rather than rendering the component based on the model state. Completely rendering the use of Vue pointless.
And this is just the frontend part of the code. The backend is often orders of magnitude worse. They will - COMPLETELY RANDOMLY - sometimes leave in 5-10 lines of whitespace for no discernable reason. It frustrates me to no end. I keep asking them to verify their staged changes before every commit, but nothing changes. They also blatantly copy/paste bits of my code to other components without thinking about what they do. So I'll have this random bit of backend code that injects 3-5 dependencies there's simply no reason for and aren't being used. When I ask why they put them there I simply get a “I don't know, I just did it like you did it”.
I simply cannot trust this person to write production code, and the more I let them take over things, the more the technical debt we accumulate. I have talked to my boss about this, and things have improved, but nowhere near where I need it to be.
On the other side of this are my project manager and my boss. They, of course, both want me to implement solutions with low estimates, and as fast and simply as possible. Which would be fine if I wasn't the only person fighting against this technical debt on my team. Add in the fact that specs are oftentimes VERY implicit, so I'm stuck guessing what we actually need and having to constantly ask if this or that feature should exist.
And then, out of nowhere, I get assigned a another project after some colleague quits, during a time I’m already overbooked. The project is very complex and I'm expected to give estimates on tasks that would take me several hours just to research.
I'm super stressed and have no one I can turn to for help, hence this post. I haven't put the people in this post in the best light, but they're honestly good people that I genuinely like. I just want to write good code, but it's like I have to fight for my right to do it.1 -
Level of fuckity fuck mood.
After changing dozens of build plans in Bamboo, the build system of poo...
How to verify that nothing has gone wrong?
Poking the database, you'll be surprised that Bamboo stores the buildplan definition as XML.
Another surprise: Some of the keys / values have typos.
Yeah. You read that right. There are typos inside the XML...
Now together with Postgres, we can use XPATH and have some fun.
UNNEST(COALESCE(XPATH('/configuration/buildTasks/taskDefinition[userDescription[contains(text(),"Bleep")]]', build_definition.xml_definition_data::xml)::varchar[], ARRAY['']))
Lovely wrapping via coalesce for some null safety.
Now we get da task definitions for fields having user description text containing bleep.
Wrapping it in two REGEXP_REPLACE to strip out stupid identifiers....
REGEXP_REPLACE(REGEXP_REPLACE(...., '<id>\d+</id>', ''), '<oid>\d+</oid>', ''))
Then wrap that in MD5.
Boom. Lots of MD5 sums to help you identify if the configs are identical for a task or not.
Now wrapping that in another select to group by the MD5 and filter out the non identical ones.
I hate it how sometimes one has to seemingly do a full 2 hour dance for something as stupid as validation.
I'm pretty glad though for XML and XPATH.
Cause otherwise that would have been a whole can of worms I don't wanna think about....2 -
Team member takes names inputted and coverts them to slugs, works perfectly and functions extremely well.
Adds function to allow slug modifications but doesn't use regex or anything else to verify input is a real slug, application goes down over weekend and know one notices till this morning...
Always verify input both client and server side!!! -
JIRA Task:
Description
As a Client, I want to have on my left-side menu link to the FAQ page.
On the page should be:
How I verify my balance?
Bla bla bla
How can I see my personal details?
Bla bla bla
How I logout?
Bla bla bla
-------
Do anyone know if this is contagious ?4 -
I own my phone number over two years and still can’t sign up in Venmo, I really feel their app have problems: No different use email or phone number sign up! After I wrote a letter for them, they asked me three months of my phone number status, so number verify mean nothing on your app? Did everyone need three months status to prove phone number? !
I just feel such a popular app but the product design sucks!1 -
Hey i want to make a chat application for production workload with more than 100000 simultaneous connection and more than 1000000 daily active user which will scale 100 times in coming 1 to 2 years for Android. I have oauth based user authentication. This chat should be able to authenticate and verify authtoken generated using the oauth. What should i use? Xmpp, mqtt or something else. Can anyone who has worked on chat application help me.6
-
https://hackmd.io/BWLwsrB5RxeheZZ-B...
Guess the spirit of “need to verify source” in working as a developer has really done something marvel to me. Took me 2 hours just to find and document loopholes the claims a pastor made in first 7 minutes of his talk.2 -
!dev but a parable
I worked at a Walmart Photo Lab with a Fujifilm photo processor. I had a guy ask for his pictures but they weren’t printed, I could see his order but there was no “payload” ( think PO header with no PO lines). He said he ordered 600+ pictures off his SD card, then blew them away because they were ordered.
As I had no physical pictures, there was nothing I could do but say “sorry”. He was mad, but there was nothing I could do.
Moral of the story, verify backups before wiping the system. -
!rant (maybe duplicate)
Finally I was able to verify my email and start writing on devRant after a couple years or so (email confirmation was not being sent correctly because of a bug)
-end of (low quality) rant2 -
To Firebase, Fuck you you ass fucking holes and fuck your useless docs
All I wanted to do is to verify your stupid id token from the backend fuck server. wasted my whole fucking day on this crap.2 -
Anyone here uses scaleway VPS?
The tickets I raised got deleted without any proper resolution. And that is shady AF. The tickets were attended by some customer support guy and he had told he would call to verify. But that never happened.
And now all the tickets I raised has disappeared.
I can't activate my account because phone verification is not possible since the code they never arrives3 -
Anyone has any idea how to debug occasional (Severa times a day) where one of our servers decides to mount a second copy of the same NFS? It triggers our monitoring system thinking there was a change to the mounts of the system, and I was able to verify through the mounts command, that it indeed had the same NFS mount mounted twice, with exactly the same parameters.
Is there a debug interface of some sort to see what initiated that mount? Or any tool to help me track it down? I've been stuck with this mysterious issue for a while now (As it's not really a priority, it doesn't break anything, but it bugs me and I wanna know)3 -
I saw a thing was already define on the front-end and just went ahead and assigned it to the necessary orgs
Few hours later our process for that thing failed on 3/4 instances. The last I already setup a couple weeks ago for testing. Turns out there's 2 things with really similar names on those instances so when I decided to not fucking check, the wanted thing was never defined so it couldn't process
Welp I'm messaging my boss tomorrow morning to see how bad this is, then unassigning the existing thing before defining the correct one
Fucking hell why did I not verify the definition. Would've taken less than 30 fucking seconds for all instances. Thankfully this is still technically in testing. But fuck I'm pissed at myself2 -
I got a SIM card activated for my dad yesterday. Here in SA you need to verify your identity to get the card activated. But the company's systems were offline yesterday while I got it from another distributor of theirs 2 shops over. Now a day later they tell me I have to go and get another one because the one I got won't be activated because of it being offline. Something about it being assigned to me while it is offline makes it not work.
WHAT BULLSHIT? WHO THE HELL CODES THAT TRIPE TO FAIL TWICE AS HARD AS IT SHOULD? IT MAKES NO SENSE IF THE THING IS OFFLINE FOR THIS TO HAPPEN.
And yet, with Telkom's legendary poor service I know the service people are not lying. They just don't know what the hell is going on. -
I was able to replace Okta Verify with an open source Python script and Android app and I wrote a tutorial for it:
https://battlepenguin.com/tech/...
Unfortunately it won't work for our companies VPN which requires Okta Push. After fighting with Security for a bit, it looks like I'll have to do a Part II where I reverse engineer the Okta Verify protocol. -
So I've been using Duet on my iPad Pro for a couple years now (lets me use it as an external monitor via Lightning cable) and without issue. Shit, I've been quite happy with it. Then the other day, whilst hooked up to my work laptop, there was a power fluctuation that caused my laptop to stop sending power to connected devices. Which is fine - I have it plugged into a surge protector so these fluctuations shouldn't matter. After a few seconds the laptop resumed normal operation and my connected devices were up and running again.
But the iPad Pro, for some reason, went into an infinite boot loop sequence. It reboots, gets to the white Apple logo, then reboots again.
In the end, after putting the iPad into recovery mode and running Apple's update in iTunes (as they recommend), it proceeds to wipe all my data. Without warning. I lost more than a couple of years of notes, illustrations and photos. All in one fucking swoop.
To be clear, you get 2 options in iTunes when performing a device update:
1. UPDATE - will not mess with your data, will just update the OS (in this case iPadOS)
2. RESTORE - will delete everything, basically a factory reset
I clicked UPDATE. After the first attempt, it still kept bootlooping. So I did it again, I made sure I clicked UPDATE because I had not yet backed up my data. It then proceeds to do a RESTORE even though I clicked UPDATE.
Why, Apple? WHY.
After a solemn weekend lamenting my lost data, I've come a conclusion: fuck you Apple for designing very shitty software. I mean, why can't I access my device data over a cabled connection in the event I can't boot into the OS? If you need some form of authentication to keep out thieves, surely the mutltiple times you ask me to log in with my Apple ID on iTunes upon connecting the damn thing is more than sufficient?! You keep spouting that you have a secure boot chain and shit, surely it can verify a legitimate user using authenticated hardware without having to boot into the device OS?
And on the subject of backing up my data, you really only have 2 manual options here. Either (a) open iTunes, select your device, select the installed app, then selectively download the files onto my system; or (b) do a full device backup. Neither of those procedures is time-efficient nor straightforward. And if you want to do option b wirelessly, it can only be on iCloud. Which is bullshit. And you can't even access the files in the device backup - you can only get to them by restoring to your device. Even MORE bullshit.
Conversely, on my Android phone I can automate backups of individual apps, directories or files to my cloud provider of choice, or even to an external microSD card. I can schedule when the backups happen. I can access my files ANYTIME.
I got the iPad Pro because I wanted the best drawing experience, and Apple Pencil at the time was really the best you could get. But I see now it's not worth compromise of having shitty software. I mean, It's already 2021 but these dated piles of excrement that are iOS and iPadOS still act like it's 2011; they need to be seriously reviewed and re-engineered, because eventually they're going to end up as nothing but all UI fluff to hide these extremely glaring problems.2 -
Is it just me or are graphical software verification libraries useless? I have had to take courses in several is them at uni. Usually, the diagrams end up being externally complex and more prone to errors than the software they are supposed to verify.
The fact that the "final project"of one course was to verify 100 lines of java in 2 weeks. Any beginning programmer could read the java code and confirm it was correct. The diagram my group produced could only be verified by a team of experts over the course of a year. How is it valuable to spend time "verifying"software if the verification needs even more verification than the original software.
Maybe I'm missing the point but I just don't get why there is a market for expensive propratary software in this area.1 -
WHAT. THE.
https://youtube.com/watch/...
1. watch video
2. comment your thoughts on it
3. read the following copypaste of my thoughts
4. comment your thoughts on whether I'm stupid or he's stupid
5. thanks
----
I am a programmer and I totally prefer windows.
1. I'm (besides other things) a game programmer, so I use the platform I develop for.
2. Linux is the best OS for developing... Linux. But I'm not developing linux. I want to use my OS and have it get in the way as little as possible, not test and debug and fix and develop the OS while i'm using it, while trying to do my actual work.
The less the OS gets in my way, the less stuff it requires me to do for any reason, the less manual management it needs me to do, the better.
OS is there to be a crossroads towards the actual utility. I want to not even notice having any OS at all. That would be the best OS, the one that I keep forgetting that I'm actually using. File access, run programs, ...DONE.
p.s.
if i can't trust you, a programmer, to be able to distinguish and click the correct, non-ad "download" button, or find a source that's not shady in this way, I don't want you to be my programmer. Everything you're expected to do is magnitude more complicated than finding a good site and/or finding the correct "Download" button and/or being able to verify that yes, what you downloaded is what you were after.
Sorry, but if "i can't find the right download button" is anywhere in your list of reasons why "linux is better", that's... Ridiculous.
6:15 "no rebooting" get outta here with this 2000 crap. because that's about the last year I actually had to reboot after installing for the thing to run.
Nowadays not even drivers. I'm watching a youtube video in 3d accelerated browser window while installing newest 3d drivers, I get a half-second flicker at the end and I'm done, no reboot.
the only thing I know still requires reboot within the last 15 years is Daemon Tools when you create a virtual drive, but that one still makes sense, since it's spiking the bios to think it has a hardware which is in fact just a software simulation....
10:00 "oops... something went wrong"
oh c'mon dude! you know that a) programs do their own error messages, don't put that on the OS
b) the "oops... something went wrong" when it's a system error, is just the message title, instead of "Error". there's always an "error id" or something which when you google it, you know precisely what is going on and you can easily find out how to fix it...18 -
Whoa.. I think piratebay is under DDoS attack. I was trying to get microprocessor tutorials. Can anyone verify?
-
I was thinking that if my hearing didn't come back in my left ear (my eardrum mite b pmuch toast) i might try those bone conduction headsets but i'd need some reviews from people i can verify are people before i spend $60 on them.6
-
When you are dealing with Public Key Infrastructure (PKI) services, which of the following you would use to verify an email with a digital signature ?
A. The sender's public key
B. The sender's private key
C. Your public key
D. Your private key
E. What are you talking about ?
F. None of the above4 -
Heres a good one.
How do I generate a hash that allows me to compare a re-encoded video against the original to verify they are the same so I don't end up with weird gotchas like this length = that length and this filename = that filename
since the file sizes will be completely different ?8 -
Apparently free chocolate if you're willing to part with your address (I can't personally verify it though, someone else passed it on.)
http://mongodbadventcalendar.splashthat.com/...2 -
WHAT THA SHIT FUCK!!!
FUCKING HEROKU
so I've got an apl running on heroku and yes its a free account
Apparently apps running on free accounts are turned off after an hour of not receiving requests
Ok that's reasonable
So I did some digging and found out there are free solutions to keep your app running
Ok thats good even on heroku there is a free add-on for that
Ok I click on add add-on
AND FUCK SHIT!!!
a huge ass red notification flashes
"//some SH
Verify your account and provide your credit card details
"
IT FUCKING SAYS {FREE}5 -
Got an email “Welcome to Amazon Web Services” to an old GMail account I no longer use. Seems genuine with no links to shady websites or anything. Does Amazon not verify email addresses or how does that happen?
Also, the mail says I have now 12 months of free tier access, so will they start billing me instead of the random fuck who signed up with my email address?3 -
*in class, last year of masters program in cs*
Lecturer is talking about how digital signatures are used to verify software
Some Guy: I don't get it, what are signatures? How do they work?
*first facepalm*
Lecturer proceeds to explain signing using RSA quickly.
Some other guy next to me: Wow that's cool! Had no idea that this is how it works!
My brain: We've needed this knowledge since year 2, HOW ARE YOU HERE??? -
Hey guys, I have almost developed the backend of an app like reddit. My question is about authentication. How should I authenticate my user. Is phone number necessary to add phone otp?Because I don't want to get any legal trouble if someone posts objectionable content on the platform. Most of the apps today need phone number, I dont know why except reducing spam accounts.
Or shall I verify email by otp. But its hard to track disposable emails. I cant go for only gmail too as its banned in china. Email domains of china are weird.
Can I get into legal trouble for objectionable content posted by any evil user?
I dont want to go for auth.10 -
I wrote a small crate that does unsafe operations, please help me verify its soundness: https://github.com/lbfalvy/bound
(Also I think you'll like it, I'm solving a fairly abstract problem that's not possible in safe Rust)
It's essentially a struct that ties together a heap reference and a struct that's constructed from it. The main use case is to return lock guards derived from Arc<Mutex> but it's defined in a very abstract way intentionally because I'm using Marc from mappable-rc and async-std's RwLock and I didn't want this to depend on either crate.
It actually has no dependencies apart from STD (I think this one may be unavoidable) -
FuckedIn unrestricted me, and said it happened because my location was not reflecting the current location I am at. How the fuck they know it? Is it the VPN? I use it for 2 years. Fuckers.
I changed it, but one hour later it was restricted again. Are you fucking kidding me? I won't stop. I will spam these maggots and I will have my account back for good. The other issue is that shitty Persona they use to verify the IDs. It doesn't seem to be sending to them. That's what happens when trash uses trash.
Piece of shit of platform, piece of shit of detection system (or maybe not?)8 -
Woke up today with the idea that I'm gonna make a website for myself now I'm a high school student and have 0 income so i thought ight well i will just use the github student developer pack .... oh wait my school blocks it ...... ight ill get a free .me domain from name cheap..... oh its blocked too ill try porkbun and get a free .design domain shit that offers over Ight ill try . Freenom ..........................................(15min of loading later) ......ERROR: cannot verify you are human
well damn
¯\_(ツ)_/¯ Not today I guess
Can't get a fucken job cause i got school11 -
Why the fuck do sites in 2023 still not verify email addresses are owned by the user before allowing you to register!?
Every time I get a welcome to x you have successfully registered to site y mail I get mildly frustrated and I don't like it!
And why are people using random mail addresses from unknown people to register. Just use one of these temp mail services if the site won't check that you're the owner of said address it sure as hell won't check if it is from a legitimate mail server. And if it does just use a burner mail you fool!2 -
Working with a tester that scope creeps and then “fails” the tests because they did not live up to the scope that the person added just now............. Man, that grinds my gears.. And then reaches out in order to verify whether a feature could be nice to have, and when I agree, she slams it in as a scope creep on another feature and “fails” the test.. Going slightly crazy here2
-
Is is possible to still update Win7 to Win10 for free? I know they dont offer the upgrade option free like they did a couple years ago.
I've read several articles stating a Win7 key will work for Win10. Can anyone verify this still works as of recently? I want to update my main dev machine but want to make sure I dont massively screw it up.
kthx21 -
How do the mobile offers in games like "get 1000 Gems if you ... in some other app" able to verify that you actually did that?10
-
Infineon infineon infineon...
Your aurix tricore is amazing for all safet systems... On paper.
Your support is abysmal. Tried forums, support line to verify a demo that only seems to work sometimes.
I just wanted to get ethernet communication using the demo. But hey one week gone and no success....
And the code seems to behave differently for each run :| the debugger works only on global variables and no printf statements. But hey just make a lot of globals right? So little footprint available so not possible :-\
Hoped that some forum could confirm the demo so I knew I was just making a fuck up, but cannot get that verified...
Embedded programming not for me... :/ -
Approx. 24 hours ago I proceeded to use MEGA NZ to download a file It's something I've done before. I have an account with them.
This is part of the email I received from MEGA NZ following the dowload: "
zemenwambuis2015@gmail.com
YOUR MEGA ACCOUNT HAS BEEN LOCKED FOR YOUR SAFETY; WE SUSPECT THAT YOU ARE USING THE SAME PASSWORD FOR YOUR MEGA ACCOUNT AS FOR OTHER SERVICES, AND THAT AT LEAST ONE OF THESE OTHER SERVICES HAS SUFFERED A DATA BREACH.
While MEGA remains secure, many big players have suffered a data breach (e.g. yahoo.com, dropbox.com, linkedin.com, adobe.com, myspace.com, tumblr.com, last.fm, snapchat.com, ashleymadison.com - check haveibeenpwned.com/PwnedWebsites for details), exposing millions of users who have used the same password on multiple services to credential stuffers (https://en.wikipedia.org/wiki/...). Your password leaked and is now being used by bad actors to log into your accounts, including, but not limited to, your MEGA account.
To unlock your MEGA account, please follow the link below. You will be required to change your account password - please use a strong password that you have not used anywhere else. We also recommend you change the passwords you have used on other services to strong, unique passwords. Do not ever reuse a password.
Verify my email
Didn’t work? Copy the link below into your web browser:
https://mega.nz//...
To prevent this from happening in the future, use a strong and unique password. Please also make sure you do not lose your password, otherwise you will lose access to your data; MEGA strongly recommends the use of a password manager. For more info on best security practices see: https://mega.nz/security
Best regards,
— Team MEGA
Mega Limited 2020."
Who in their right mind is going to believe something like that that's worded so poorly.
Can anybody shed some light on this latest bit of MEGA's fuckery?
Thank you very much.4 -
So I'm building an app, donations get you a serial key. Once a month I want the app to verify the key with a server.
Recommendations for this? It's written in c++, if that matters.7 -
Ok, I started a reply and realized that I forgot the dance of doom to verify my email address. So I copied the text and came back. Can't find my place.
AND how do you search for posts?2 -
Yo guys...i know it's been a long time since i made a rant or something like that.....but i was working on my discord bot......i am giving the link below....if u guys want to help me verify it then please invite it to your server.....thanks(advance ;))
https://discord.com/api/oauth2/... -
Hello world!
I have a question about which the best solution to send message verify to number phone in WordPress??🤔10 -
The more I read the more I am convinced "That one prick" is just a smart tactic to get new member to buy premium. I seriously thought about it just so I could verify that I'm not "That one prick". Genius DevRant.3
-
Upgrading my tech skills.. Once again I feel my personal my personal dev environment and told are much more up-to-date than what I use at work.... Though the book Kim reading is on TDD and was written 3 years ago.
Maybe I should read another on in cloud services and ML... but don't have any motivation for these topics.
I need TDD for work because now we're emphasizing unit test coverage...
I usually only use manual functional tests to verify the final outputs as either the testing framework is broken (JS) or I don't have time to relearn the frameworks for the particular language...
Anyway got off topic... So questions after:
1. Do you ever feel your technologically always more ahead than what you do at work and essentially you bring skills to the job but you don't learn much out of it?
2. How do you test? I actually got into a bit of a argument/discussion with my colleagues about how to implement unit tests. Apparently there are 2 ways to test? Black box vs WhiteBox. She said she tests only Public methods using mock inputs, dependencies. She read online and seems there is an opinion that should only test public functions and if you can't then your app is designed incorrectly, not separated enough.
For me I test the private functions individually (WhiteBox/Java reflection) because the public one is like generateReport and as a whole is like a Pachinko machine, too many unique paths that would need a test case for.
So thoughts? Yes sorry for turning it into a remake I guess...24 -
Fuck heroku
Keep refusing to verify my credit card information.
Weird field on their form , that nobody really know what they are asking for.
Billing address line 1
Billing address line 2
State/province (I have provided my country before, so I don't know what to insert here)
Please help3 -
Im trying to do onboarding to work for this client.
The job app doesnt say accounting or accountant on it.
They congratulate me and pleasantries and eventually say i have to accept nearly 4k check for “training materials”.
So i accept the check, they then say i have to buy installation and equipment including 2 safes (??) and other accounting training.
I say i did not sign up to be an accountant and i want other jobs instead.
They say i should wire the money back to their wire accounts.
So i do. Im offered two other jobs from this client and another check for even more in the mail.
They say i need to cash this check to begin training for these jobs.
I ask for a list if training materials and procedures for these jobs, and they still say cash the check even after i verify to them that i do not need / already have these materials.
Please give me insights on this because im extremely confused and frustrated with these people and i want my paycheck.2 -
Is their a better way than ASP Identity Claims to verify permissions before accessing a page? Refreshing claims in every page load doesn’t seem to be a great solution. Thinking about some sort of permissions middleware. I need to check those IsAdmin roles before any admin area data is accessed. What techniques are you using for authorization in your code base?3
-
!ios
Just Happy..
Jailbroken iPhone X
!! Disclaimer !!
I‘m not the Dev of this Jailbreak nor am I an Professional these are the steps that worked for me best.
Oh and, Jailbreaking will result in losing your Warranty. Don‘t do it if you don‘t know what you are doing!
Don‘t work with the official one?
Coolstar asked ignition.fun to host their Developer Account needed one.
The Website will have Ads, but they didn‘t change one Line in the JB itself. So no ads on the Device itself.
1. Go to ignition.fun in Safari (No Computer needed)
2. Click on Electra MP
3. Download it
4. Verify the Profile
5. Turn Off Siri
6. Turn on Airplane Mode
7. Restart your iDevice
8. Check if Airplane Mode is still on
9. Open Electra App and Press the Jailbreak Button (iPhone will restart)
10. Cydia Icon will be shown (If not -> Check Step 5. and 6. and then Start from 7.)
11. Open Electra again and click „Enable Jailbreak“
12. (I think Device will respring) You can now use Cydia -
I got my first client at upwork almost a week ago and the experience has been awful so far, not because of this client but because of the codebase, it's so bad, it is running DEBUG=True on production and if I turn it DEBUG=False things break for some fucking reason that makes no sense (I don't think that's true but the previous developer states it). The website is running on pythonanywhere which is weird, bootstrap is a nightmare, the database needs to be in sync all the time using a manage.py command that executes tasks received through a webhook from a Hubspot shit that has all the information. Just adding a simple edit/verify profile on that site is such a fucking nightmare. The whole project its full of holes and things that are just screaming to break, its like a fucking house of cards that falls to the ground the second I edit something and it looks like its my fault. I'm thinking of telling the client that I will no longer work on this project
-
Hello people i have this problem and i think it is serious because it happens chronically. I am trying to get the word out about business services that i offer, but immediately they think its a scam. They dont know what company it is, or what it offers, or if it even exists yet, but “it sounds like a scam” … ? Is it a scam or not?
Do not do this. Always verify the source of your information to its legitimate source to know that its legitimate. Do not quickly assume that its a scam because because your pancreas gurgled. Your organs cant tell u whether something is a scam.
By just assuming, u display unprofessionalism by making an ass of yourself in front of a real agency. U also make yourself more prone to real scams who can act like what u think is legitimate. U also lose any opportunities u could have had, because u had to be an ass when it was being offered to u. Dont do that.6 -
I am sorry, I am still confuse how to use this website !? Let me verify the email that i used to signed up and then browse this entire web first.2
-
I know that when your code is in PR Process its a good oportunity to improve but I dont want my TL think I am useless... It was a good way to verify how he likes to work and that he is a functional approach fun but I would like to give him the image of being accountable... This is my 2nd week...
I would like to know if there is a place where you can grab imperative java code so as to practice... I wont run like crazy to transform all to functional but would like to be awared..
We are using Java Vavr library which is amazing... -
Is there a standard around checking the checksum of a bundled weapp to make sure it's the same as what the open source codebase would compile to?
I'm working on some opensource blockchain interface software and obviously blockchain passwords are pretty important, so we do all transaction signing client side and password storage client side, but there's no point doing that if the user can't verify that the password isn't being sent off to some server in secret, but the only way to ensure that is with open source software + a checksum check upon loading, because opensource software doesn't mean the deployed version is the exact opensource branch version.
Any ideas?1 -
Lets say i have to send an email to the user when:
- user forgot password (email sent with a token to verify the user owns that email, and token identifies for which user is this link valid)
- email verification (email sent with a token to verify the user who just registered, where this token uniquely is generated for each newly registered user)
- etc
Notice how both of these cases include the same shit:
- sending emails
- generating unique tokens
- attaching each record to individual user
Does this mean i should pack this up in 1 single model in the database and differentiate which type of email it is over an enum (EMAIL_CONFIRM, FORGOT_PASSWORD etc)?
Or should these shits each have a different model and thus different tables in database?35 -
Most satisfying was reducing the time my ci/cd did to build,test,verify complance and deploy of virtually anything i want in lrss then 10 minutes. From code to running appliance fully configured and being absolute certain it will work without any other modificatio . it used to be an hour.
Achieved this to do lots of caching and parallell test runs.
The downside is that my development server is feeling like a unvoluntary black person from ghana moving to the newfound united states 400 years ago... -
Looking for iOS and Android app developers to join startup in Rutherford, NJ area. Must be able to show portfolio of apps and have some published. Must be able to pull and compare data with sensitive databases (social security number, passport, birth certificate, etc) to verify user. You will be compensated hourly. Must sign NDA.
-
Any gift recommendations. My birthday comes up in a few days and he asked what I wanted as a birthday gift(gifts are supposed to suprises but being able to choose is good still).
However I cannot ask for electronic gadgets. That knocks a lot of stuff of. The exception is that if something does not make me spend more time on the computer that is allowed. Kinda weird. For example I can ask for a printer or medical equipment like oximeters since that wont make me spend more time on the computer. Both of these examples were given by my father. I could ask for a new printer however we still have a printer but it is currently in the shop since it is not being used and the shops printer broke and is hell to replace since they need chips to verify toners and you need to get those chips separately from what my father told me and the shops printer should be repaired in a few months since lockdown was lifted a few days ago and I won't need to print something since everything is online and they don't need to show student projects yet.
Thia knocks a lot of hardware off since by definition if I am using hardware I still need to code it to do something which is more time on computer which is not allowed. So no fiddling with aurdino or rasberry pie or whatever is the most used hardware kit.
I can buy some course or a book to learn something but I already have problems with consistently learning c# with a good book which will lose value in November and that most topics I would like to learn like computer networking or some new language are practical which is more time on computer which is not allowed.
So the only thing I can buy are some books to enjoy reading for fun or some school books like a science digest book like Together with or the ultra popular maths reference book RD Sharma
So what things should I ask which comply with the rules my father has laid or just skip this thing1 -
Microsoft Teams login says password is incorrect then and for a captcha
I type it again but fails...
I'm like wtf... Could it be the captcha...
Which I entered in all lowercase
It doesn't say the captcha is case sensitive though..
Next few times it gives me captchas with k... Teehee me like 5 tries to login
Are we trying to verify passwords/humanness or whether I can somehow tell the difference between K and k?1 -
Has the message that this shit is dumb sunk in yet ? Noone would need to verify someone is real till they go crazy if things stopped repeating
If we all reach another era your messed up children will say John was the only sane person from this generation and a few others and that is considering some actual problems being present4