Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "wep"
-
Me: PHP, please load the images.
PHP: No.
Me: Come on PHP, the deadline is tonight.
PHP: Haha nope.
Me: What if I swap the libraries?
PHP: Still no.
Me: What if I add a symlink?
PHP: No. And also I hate you.
Me: *gives up and sends an email to the client saying we have to delay the release*
PHP: lololol jk here's the images haha
Me: :/13 -
Root rents an office.
Among very few other things, the company I'm renting an office from (Regus) provides wifi, but it isn't even bloody secured. There's a captive portal with a lovely (not.) privacy policy saying they're free to monitor your traffic, but they didn't even bother using WEP, which ofc means everyone else out to the fucking parking lot four floors down can monitor my traffic, too.
Good thing I don't work for a company that handles sensitive data! /s But at least I don't have access to it, or any creds that matter.
So, I've been running my phone's connection through a tor vpn and sharing that with my lappy. It works, provides a little bit of security, but it's slow as crap. GET YOUR SHIT TOGETHER, REGUS.
AND WHILE YOU'RE AT IT, CLEAN THE SHIT OUT OF THE FUCKING BATHROOM FFS.
Ugh. $12/day to work in a freaking wind tunnel (thanks, a/c; you're loud as fuck and barely work), hear other people's phone conversations through two freaking walls, pee in a bathroom that perpetually smells like diarrhea, and allow anyone and everyone within a 50+ meter radius to listen to everything my computer says.
Oh, they also 'forgot' to furnish my office, like they promised. Three freaking times. At least I have a table and chair. 🙄
Desk? What desk?
Fucking hell.20 -
10 years ago, I found a vulnerability in the connection between an insurer I was working for, and the network of databases of municipalities. I was only a hacker in so far as kids who watched Hak5 are considered hackers, so I always carried this laptop with a fake access point, package sniffer, wep crack, sslstrip, etc with me.
The vulnerabilities allowed me to register a new identity, for which I requested a passport.
Walking up to the town hall desk with two passports with different names, both mine, was pretty cool.
I did not do anything malicious, and was hired to fix the issues (wep encryption on insurers trusted wifi, and municipality postgres gave write access to all third parties)
For a few days I was the coolest kid in school though!2 -
Wanted to make a website with some of my friends about whatever kid thing we were into at the time. None of our parents cared, it was the 90s and nobody took the internet seriously.
Copied and pasted bits of html into notepad and FTPed them to some free webhost over dialup. The website lasted three weeks -- my friends got bored, I got hooked.
A few years later I found myself wondering why some websites used ".php" instead of ".html". I discovered this shiny new thing called PHP 4. Built a website for some video game I was into using it. Spent the next two years teaching myself everything there was to know.
Took programming in high school. Chose CS over mechanical engineering because I liked the university better. Got an internship which turned into a job which turned into a career.1 -
Security rant ahead - you have been warned.
It never fails to amuse and irritate me that, despite being in the 2019 supposed information age, people still don't understand or care about their security.
I've travelled to a lot of ports and a lot of countries, but, at EVERY port, without fail, there will be at least one wifi that:
- Has default name/password that has been cracked already (Thomson/SpeedTouch/Netfaster etc)
- Has a phone number as password (reduces crack time to 15-30 mins)
- Someone, to this day, has plain old WEP
I am not talking about cafeteria/store wifi but home networks. WTF people?! I can check my email (through VPN, of course) but it still bugs me. I have relented to try and snoop around the network - I can get carried away, which is bad. Still...
The speed is great though :P9 -
End of second week at a new job. Found what I thought was a bug and wanting to impress I fixed it. The dev reviewing my code had just started a week before me so he also had no idea what was going on. It went live Friday afternoon.
Come back Monday morning and turns out I completely broke everything and nobody could use the site all weekend. I thought I was done for sure. Was shitting myself all day waiting for the call.
TURNS OUT NOBODY EVEN NOTICED4 -
So we're hiring for a new junior dev and for the most part it's been going great! We have some promising candidates and I am so glad to finally have a new dev on the team!
However, I would like to take a moment and offer a few suggestions to the people who wish to work for this great and illustrious company:
PLEASE PLEASE PLEASE APPLY FOR THE JOB USING THE METHOD INDICATED IN THE AD. Please use our fancy, top-of-the-line, whiz-bang, cloud-based "talent acquisition" system that we paid way too much money for. I promise you, it's easy! Please don't send in your application by email, mail, telephone, Facebook, Twitter, Instagram, Snapchat, telegram or carrier pigeon. But most importantly...
FOR THE LOVE OF ALL THAT IS BEAUTIFUL IN THIS WORLD DO NOT SHOW UP AT OUR OFFICE UNANNOUNCED RESUME-IN-HAND. Believe it or not I do have an actual job that I spend my day doing! If I'm not in a meeting or at lunch or working from home, the best possible scenario is that you'll get 30 seconds of awkward small talk and be pointed to our whiz-bang, top-of-the-line "talent acquisition" system which you should have used in the first place (you did read the ad, right?). And at this point whatever you do...
DO NOT DEMAND AN ON-THE-SPOT INTERVIEW WHEN YOU SHOW UP UNANNOUNCED TO OUR OFFICE! Like, really? Do you think that you've wowed me so with your 30 seconds of awkward small talk that clearly I cannot wait to see what you will do with an entire hour? Look, I prepare for my interviews. I research you, your previous employers, your school and the hobbies you list on your resume. I check out your GitHub and LinkedIn. I may even Google your name! If that is all in order, I try to hassle some people into sitting in with me, find a time that works for everyone, and hope that there is a meeting room available. I'm not going to interview you at reception at 4pm on a Friday afternoon.
Please submit your application through our whiz-bang, top-of-the-line online "talent acquisition" system. Once I figure out how to log in, I promise I will spend an evening and read through all your cover letters with the utmost care. If you seem OK, you'll get an interview. There aren't that many developers in this town.7 -
It is once again that time of year when we say farewell to our current interns and say hello to a brand new batch.
The two groups overlap for a few days. During this time the old interns show the new interns the ropes, while the mentors silently weep in the lunchroom having realized that nothing that they've said over the last 12 months has had any effect whatsoever.
Some choice quotes:
---
New Intern: It says 'uncaught exception'.
Old Intern: Oh don't worry that will fix itself on production.
---
OI: Did you pull the code?
NI: Yeah, but I have all these weird brackets everywhere... [merge conflict]
OI: Oh yeah that happens sometimes, just delete them.
---
NI: It says "push to master rejected". [we enforce code reviews]
OI: Ohh that means the server is broken. You should tell someone, they have to reboot it.
---
NI: Where did that file save to? [we use ONLY macOS and Linux]
OI: C:\Users\<your name>\My Documents\...
---
OI: You can use either pgAdmin or MySQL Workbench. I like Workbench better but I couldn't get it to work, it kept giving me errors.
---
And of course...
---
OI: No, we don't use Linux. We use CentOS.
---
I did the math today. Only 35 more years and I can retire.5 -
So I got a ring doorbell for my father in law. Of course I'm setting it up for them and their WiFi is not working, they lost the router password etc..
So Im in the middle of ... reset the router added new password new ssid new wep-key etc..
Mom in law is over my shoulder "wow you are really good at this technology stuff. You should get a job with a company".
I kid you not I have been married to her daughter for 21 years WTF 🤬
So I'm like I do work for a company. My company and I get paid much more than anyone else would pay me. That how I could take your daughter and our kids to Hawaii for vacation.😠7 -
TIL if you know the password for a WIFi SSID, you can replicate it with your hardware. All devices that have credentials for that SSID will connect to yours if your signal is stronger. The encryption just needs to be the same (wpa2/wep) The underlying UUID doesn’t matter.
Not bad for a quick and dirty man-in-the-middle attack. The WiFi spec needs a bit more work.
TLS all the things!4 -
TLDR; Default admin login on WEP encrypted WLAN router for getting free stuff at my hair stylist studio.
Free WLAN in my hair stylist studio: They had their WEP key laying around in the waiting area. Well, I am not very happy with WEP, thought that they never heard of security. Found the default GW address, typed it into my browser and pressed Enter, logged in with admin/1234 and voila, I was root on their ADSL router 😌 Even more annoyed now from such stupidity I decided to tell the manager. All I told him was: You use a default login on your router, you give the WiFi password for free, WEP is very very insecure and can be hacked in seconds, and do you know what criminals will do with your internet access? He really was shocked about that last question, blank horror, got very pale in just one sec. I felt a little bit sorry for my harsh statement, but I think he got the point 😉 Next problem was: he had no clue how to do a proper configuration (he even didn't knew the used ISP username or such things). Telled me that 'his brother' has installed it, and that he will call him as soon as possible. Told him about everything he should reconfigure now, and saw him writing down the stuff on a little post-it.
Well, he then asked me what he can pay me? Told him that I don't want anything, because I would be happy when he changes the security settings and that is pay enough. He still insisted for giving me something, so I agreed on one of a very good and expensive hairwax. Didn't used it once 😁
Some weeks later when I was coming back for another hair cut: Free WLAN, logged in with admin/1234, got access and repeated all I did the last time once more 😎
HOW CAN YOU NOT LEARN FROM FAILS??2 -
Years ago I was working in local cinema as a student job from time to time and used to sleep after shifts at my uncle's. Uncle did not had internet but there were so many wlans all around. Since I had nothing to do for hours after shift, I downloaded Backtrack linux at home, made live dvd of it and saved a two articles of "how to hack wifi" to text files.
It took me 4 hours to break WEP, since I was total lame, and it was the only one WEP around. They also had mac restrictions set to router, so I changed my mac address to one of their devices, logged in to router and added our mac address. For my uncle it was complete magic but since he is total geek to linux he liked it.
Fast forward weeks later. When I came to my uncle's house he was downloading like ton of linux distributions. Literally each one. Gigabytes of data. I told him not to do so because sooner or later neighbour will notice, but he did not care. Guess what, he notices, probably slow internet and (maybe) bigger bills, I do not know, but owner just changed protocol to WPA2, not changing password. So the story continued for almost 2 years. Felt a bit sorry for neighbour but did not expect such an outcome. I just wanted to watch youtube videos and scroll social networks, keeping low profile so no one notice.1 -
...when you find yourself circumventing your own security measures that you lectured the entire team about...1
-
If for some reason you decide to write a shim for a VERY COMMON LIBRARY in your project:
1. DON'T
2. If you decide to ignore (1), at least make sure the SHIM WORKS THE SAME WAY AS THE LIBRARY
Two days of debugging sudden untraceable errors led me to find that a .so wasn't copied correctly during maintenance. fml -
WEP security on a brand new wifi rollout. Do it for the legacy because no one knew the scanner gun (like target or walmart has) could operate on WPA Personal or even....802.1x Kerberos Security login. At least it was *something* but the whole place was on windows xp and server 2003.
It is 2016. Lets learn our technologies and read the manuals. -
Le débouchage est un procédé utilisé pour Debouchage Charleroi les drains et les canalisations. Ce processus est généralement effectué par un professionnel qui dispose des outils et de l'équipement appropriés pour effectuer le travail. Il existe de nombreux types de services de débouchage disponibles, mais ils ne sont pas tous créés égaux. Certaines entreprises peuvent offrir un prix moins cher, mais elles peuvent ne pas avoir l'expérience ou l'équipement approprié pour faire le travail correctement. Efficient Debouchage Charleroi Services est une entreprise qui propose une grande variété de services de débouchage. Ils sont en affaires depuis plus de 20 ans et ont l'expérience et l'équipement nécessaires pour bien faire le travail. Ils offrent une variété de services, y compris le nettoyage des canalisations, le nettoyage des canalisations et le nettoyage des fosses septiques. Ils offrent également une garantie de satisfaction satisfait ou remboursé afin que vous puissiez être sûr que vous serez satisfait des résultats.
my-dep.be/debouchage-charleroi/