Treat software development like a trade. Because it is one.

Would you hire someone to build a shed for you if you needed to supply the hammer and saw and they needed to read a "How to Build Sheds" book to just get started? No, you wouldn't.

So why would you hire someone that doesn't have any kind of ready-to-go dev environment?

Why would you hire someone that doesn't understand the basics of this field?

Why do you expect employees to stop what they are doing and teach the new guy everything he should already know, or be able to figure out on his own based on his own experience?

The crown jewel of my collection. Snow-white Mr. Kinder, wearing a pointy hat, holding balloons that say “KKK”. You can’t make this shit up.

Asks Cortana to tell a joke, and Cortana opens Bing. Made my day, well played Cortana

I mentioned in a previous rant that one of my favorite games of all times (CrossCode) was written in HTML5 and Javascript. I have been playing the game again (this time on the ps5) and continue to be surprised at the monumental force of the game. So, I decided to take a look at the "original" game engine in which the game is built. ImpactJS. So, apparently (and I have not looked at the inner workings of the code) the creator had a module system in which files could be imported before module imports was a thing in Javascript, not only that but it had a class system mimic in place to deal with things, with inheritance and everything in between. Fucking fascinating. Now, one can actually see the dev logs of a new project that Radical Fish is working on, their primary target remains, but now they seem to be using TypeScript with a plethora of other things in order to build the game, they essentially took the game engine and re-modified the fuck out of it to come with something different. And it fucking worked, beautifully.

From my other findings, it seems that they had to jump through some hoops to get the games to run on consoles, specially the Nintendo Switch which we all know it is a bitch to port into, but apparently the underlying tech is built on Haxe using something known as Kha, a portable multimedia lib.

This is interesting to me as someone that always admired game development, and I sometimes wonder if they would just be better served using something like C# as a target platform with something that they could mold up from the ground up like MonoGame.

I am probably not going to work tomorrow in order to stay in playing the game all day lmao.

Game devs are amazing really. And this game is a jewel, try out the demo online if you have not yet and see what you think:
http://www.cross-code.com/en/home

bro just learn C bro I promise it's all smooth sailing bro haha lol just take up HTML with CSS bro its a piece of cake bro what bro lol just start coding up differential equations with numpy library haha its so simple bro just start with Ruby bro it will take only couple days bro what lol bro take this aeronautical course on how to code an airplane simulation bro its so simple bro just start algorithms on cryptography bro its so easy i cant bro just start writing drivers for printers bro haha lol just start writing a bootloader for a new Linux distro bro lol haha easy bro just make a billion dollar company bro haha its so simple.
keep going bro haha invent your own JS framework over a billion existing ones haha bro typescript is so easy bro lol what u say take up redis bro go from the first command bro learn mongodb and mysql together bro its so simple.

but bro don't try to master JS bro .. u will regret it forever bro.

Do you ever have a chaotic idea at night and go searching for a domain name instead of sleeping?

HR: How many years you've been developing on Android ?
Me: Two years, with many projects on my own.
HR: So, you're familiar with Android Studio?
Me: No, I've been using "Paint" to code.

Over the course of a few months, I began to suspect my manager disliked me on a personal level. I decided to be proactive and invited him to a meeting on "Improving our working relationship" - he showed up 5 minutes late and fired me.

had this wallpaper for a couple of months.

and I noticed this DUDE!

about a moment ago.

How do I slap a blockhead who keeps interjecting me in a Zoom meeting?

So cool remembering the day i recieved the free stickers. One of the first here in devrant.

You know it's bad when Github finds it necessary to tell you your code is trash

So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)

Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.

Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.

Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.

It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.

I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.

So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.

I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.

Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.

An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:

"please reenter card number to validate."

Bupkiss. Dead end.

OR SO YOU WOULD THINK.

One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:

"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"

One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:

With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.

So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.

Boss - so how long will this transport booking app take, native android and iOS ....plus backend, plus localization, plus live location tracking, blah blah.

Me - at least 4 months, or more

Boss - HOW can an app take MONTHS? That is totally unacceptable, it’s not gonna work this way, blah blah. I’m giving u 2 months, tops. No project should take more than 2 months.

—

Next app,
Boss - so this new e-commerce app needs to be made, u have api. How long?

Me - 2 months coz ——-

Boss - WHATTTTT!!!??? 2 months for an APP!!???? What is this? Not gonna work this way, you should make apps in a week. Other people make apps in a week.

Then fucking hire those other people. Lol.

Client: "Do you think we could finish specs in week 33, see a demo in week 35, and aim for the product to be finished in week 39?"

I jump on the conference room table, rip the shirt off my sweaty chest, and yell:

"WEEKS OF WHAT? 31 WEEKS SINCE YOU BECAME A CLIENT, 35 WEEKS FROM NOW, 39 WEEKS INTO THE PREGNANCY? BLOODY FUCKING HELL MAN, DO YOU HAVE TO TALK LIKE A RETARD?"

Client, unfazed: "Weeks since the start of the year, sir"

Me, swinging my pants above my head like a lasso:

"WHAT THE FUCK KIND OF SNOWFLAKE ARE YOU, YOU REALLY EXPECT ME TO COUNT THE WEEKS SINCE THE START OF THE YEAR? WHAT ABOUT JUST USING DAY OF THE MONTH YOU OBNOXIOUS DIMWIT?"

Client: "We always use weeks at our company to plan things"

Me, winding the legs of my pants around the neck of the client:

"I HATE IT WHEN PEOPLE USE WEEKNUMBERS, JAKE. I. FUCKING. HATE. IT."

Client, still pretending everything is fine: "If you want I could send you a screenshot of my outlook calendar?"

Me, sitting in underpants on the client's back, sweaty legs wrapped around his waist, trying to pull out his gel-infested manager-hair while strangling him with my pants:

"TIME OF DEATH, UNIX TIMESTAMP 1595240810, ISO 8601 DATE 2020-07-20T10:26:50+00:00. ANOTHER PROJECT SUCCESSFULLY WRAPPED UP"

(parts of this story may have been dramatized to reflect my underlying emotions)

my day's been fucked up😭😭😭.
I'm making an api with Django, and i can't seem to make post requests when DEBUG=True