*In a team meeting*

Me: *happily jotting down notes in markdown*

Other guy: "Dude what are you doing? Pay attention."
Me: "Umm... I'm taking notes?"
Other guy: "But why does your MS Word have black background?"
Me (a bit lost): "Umm... That's not Word. That's my text editor."
Other guy: "Alright... But how do you convert your notes into Word then?"
Me: "... I don't."
Other guy: *stares at me*
Me: * stare back*

It was a nice conversation.

i think ai assistants would be much more interesting / less annoying if it had a faster, snappier syntax to talk through. Like shorthand code but in the sense of talking and just getting one word responses.

On a completely unrelated note......Love Death and Robots is on Netflix and shit is sooo good it ain't funny.

10/10 would recommend.

What makes free ssl "Unsuitable for e-commerce websites", Please read to end to see my view point.

From Namecheap:
Free Certificates are domain validation only which means they don't certify the identity of the website owner, they simply ensure a secure connection. Customers can't be sure of the integrity and trustworthiness of the website owner. If you need to secure credit card and personal information on e-commerce websites, free certificates aren't the answer. It's important your customers trust your business is safe enough to hand over these details. To gain this trust, you need a certification of your authenticity, which you can only get with a (paid) Business Validation or Extended Validation SSL Certificates.

https://namecheap.com/security/...

* "To gain this trust, you need a certification of your authenticity"
~ But isn't that just Domain Verification and other Extras, What justifies somebody or business's authenticity? Tax Id, Valid Address, Nobody is going to study the ssl cert to make sure that amazon.com is a valid business and has a tax Id.

* "domain validation only which means they don't certify the identity of the website owner,"
~ Wouldn't this just be the domain validation test that is required when using services like LetsEncrypt using Certbot etc, or are we referencing back to this idea that they look for a Valid Tax Id sort of thing?

* "If you need to secure credit card and personal information on e-commerce websites, free certificates aren't the answer"
~ Why is the paid version going to do double encryption, is the CA going to run a monitoring tool to scan for intrusions like a IDS or IPS? (disregard the use of DNS Validation being in the picture)

Am I missing something, this just seems like well crafted text to get people to buy a cert, I could understand if the encryption was handled differently, Maybe if they checked the site for HSTS or HTTPs Redirect or even, They blocked wildcard SSL before and now with the paid its included, but overall it doesn't sound like anything special. Now I'm not just picking on namecheap because domain.com does the same.

Now the new EU copyright directive is getting closer, Google does A/B testing to comply with article 11.

Modern software has gotten so bad that it even gets sluggish at times on late 2018 flagship devices. Slow, cheap hardware like is usually developers' and fanboys' excuse, particularly when it comes to Windows stuff? Like hell it is.

Software "engineering" has become so.. terribly inefficient. I'd dare any developer worth their salt to rewrite their program to make it work on an early 2000's machine. After all, those can run pretty advanced GUI's, have a reasonable amount of hardware (just think about how large a gigabyte of RAM really is) yet should be able to make for a reasonable limitation set.

Hardware limitations are the mother of optimization. Not every person on the planet has a 32-core Xeon workstation with 64GB of DDR4 RAM and a GTX Titan in it. Whether your application performs reasonably well on your machine shouldn't be the metric. Try deploying it on that laptop you tucked into a shelf years ago and reevaluate.. please.

And definitely you Slack!! Slacking off, is that what inspired the name of that pile of junk?! 😡

How my keyboard evolves:

0. Like any normal man, I started with a cheap standard Qwerty keyboard. As I began learning programming, I wanted something more elegant, so...

1. I've been using layout Dvorak (and then Programmer Dvorak) for like 5 years+ now. Anyone has intention to type on my machine soon gives up or even is blocked by me from the very start. It always takes a couple of minutes to explain to them what's going on here. They think I'm weird. I feel untouchable :)

2. My first mechkey was a 104-key Filco. Time flew by and I wanted my thing to be more compact so I went for a 66% and a TKL.

3. Recently I find out that though my keyboard is not a full-sized, there're yet some keys I've never touched (the bottom right modifiers, scroll lock, etc), so I look for a leaner one: HHKB and its alike but with slight remappings. Now I'm satisfied with the tiny, corners-trimmed keyboard but others look at it and ask how it is even possible to scroll the web page using the thing.

Prob 1: my boss can never type on my keyboard. Sometimes he still grumbles when he cannot correct my fouls right on my machine.

Prob 2: my keyboards at home and at work are not the same and some keymapping cannot applied to one of the two. That's async.

I finally bit the bullet and completely deleted my Facebook account! I am a free man! Fucc Facebook.

ERROR Error: "[object Object]"

How is THAT supposed to be helpful?

This is the most impressive testing document I have ever read. Props to the SQLite devs for doing things so thoroughly.

https://www.sqlite.org/testing.html

I once changed all my error messages to say “Processed successfully” because I had a demo yet the software was very buggy.

I bought myself time to fix the bugs later.

#demoHack

Forget about Internet explorer compatibility, EMAIL TEMPLATES are the actual worst. Outlook uses the same html rendering engine as MS WORD. It's sooo painful. All the bad practices you had to do 15 years ago, you have to do when you write email templates.

YOU WILL NOT KNOW PAIN until you have to make an email template, that works in Gmail, Yahoo Mail, OUTLOOK, outlook.com, outlook for mac, MOBILE, Android, the gmail app, IOS, apple mail, and so on. And after you make an unholy abomination of table garbage, then having to make it responsive/mobile friendly after all that!

If something is broken in one client, fixing it will break something in a different client! And then having to take a stab in the dark to try to fix it and then sending yet another test email (which costs $ per test)

I must have slashed decades off my life having to build email templates. It really is horrendous. There are frameworks like Zurb for email that at least let you feel like you're using a modern workflow. But things break just as often.

Honestly if you have the option, use a wysiwyg editor for building emails. At least when it does break (and they all will) you can at least blame the software.

Which is better than spending 4 hours on why that table cell doesn't line up correctly in outlook.

First few times being made to make mobile responsive emails (from scratch, not generators) was an utter psychedelic mess I never wish to have the pleasure of returning too.

I since have had the pleasure of refusing this, as being able to maintain this chaotic mess created which has to be able to work across the major email clients is just a living nightmare.

There’s hell, then there’s a whole other level.

There's the possibility that all of you just live inside my head, but it is also considerable that I exist in one of your mind.

A much needed rant

http://tonsky.me/blog/...

Forgive me father, for I have sinned.  Alot actually, but I'm here for technical sins.  Okay, a particular series of technical sins.  Sit your ass back down padre, you signed up for this shit.  Where was I?  Right, it has been 11429 days since my last confession.  May this serve as equal parts rant, confession, and record for the poor SOB who comes after me.

Ended up in a job where everything was done manually or controlled by rickety Access "apps".  Many manhours were wasted on sitting and waiting for the main system to spit out a query download so it could be parsed by hand or loaded into one of the aforementioned apps that had a nasty habit of locking up the aged hardware that we were allowed.  Updates to the system were done through and awful utility that tended to cut out silently, fail loudly and randomly, or post data horrifically wrong.

Fuck that noise.  Floated the idea of automating downloads and uploads to bossman.  This is where I learned that the main system had no SQL socket by default, but the vendor managing the system could provide one for an obscene amount of money.  There was no buy in from above, not worth the price.

Automated it anyway.  Main system had a free form entry field, ostensibly for handwriting SELECT queries.  Using Python, AutoHotkey, and glorified copy-pasting, it worked after a fashion.  Showed the time saved by not having to do downloads manually.  Got us the buy in we needed, bigwigs get negotiating with the vendor, told to start developing something based on some docs from the vendor.  Keep the hacky solution running as team loves not having to waste time on downloads.

Found SQLi vulnerability in the above free form query system, brought it up to bossman to bring up the chain.  Vulnerability still there months later.  Test using it for automated updates.  Works and is magnitudes more stable than update utility.  Bring it up again and show the time we can save exploiting it.  Decision made to use it while it exists, saves more time.  Team happier, able to actual develop solutions uninterrupted now.  Using Python, AutoHotkey, glorified copy-pasting, and SQLi in the course of day to day business critical work.  Ugliest hacky thing I've ever caused to exist.

Flash forward 6 years.  Automation system now in heavy use acrossed two companies.  Handles all automatic downloads for several departments, 1 million+ discrete updates daily with alot of room for expansion, stuff runs 24/7 on schedule, most former Access apps now gone and written sanely and managed by the automation system.  Its on real hardware with real databases and security behind it.

It is still using AutoHotkey, copy-paste, and SQLi to interface with the main system.  There never was and never will be a SQL socket.  Keep this hellbeast I've spawned chugging along.

I've pointed out how many ways this can all go pearshaped.  I've pointed out that one day the vendor will get their shit together they'll come in post system update and nothing will work anymore.  I've pointed out the danger in continuing to use the system with such a glaring SQLi vulnerability.

Noone cares.  Won't be my problem soon enough.

In no particular order:
Fuck management for not fighting for a good system interface
Fuck the vendor for A) not having a SQL socket and B) leaving the SQLi vulnerability there this long
Fuck me for bringing this thing into existence

Probably going to catch a lot of heat for this, but the casual misogyny, racism and homophobia in this community is just so, so sad.

I’m not left-leaning. I’m not a liberal. I’m not a feminist (third wave).

What I am however is someone that has experienced the toxicity directed toward myself for a part of my identity I have no control over.

Do you not realise that your heel-digging, joke-making, feminazi-labelling, gatekeeping douchebaggery is *exactly* what has led to the insanity we’re seeing these days? If you keep ratcheting it up, they’re going to as well.

Just take a step back, and try to envision what your life would be like if you weren’t a straight white male (TM), and how the conversations and behaviours you participate in or are witness to in the workplace might affect people that are not in that wonderful club.

By virtue of being straight, white and male you have the inherent privilege of walking into a workplace and not immediately thinking these things:

“Are my clothes too revealing?”
“Is that guy starting at my thighs?”
“Shit. I’m the only black one here”
“Fuck. Did I sound gay just then?”
“Does my makeup make me look like a whore?”

These questions aren’t the fault of straight white males, they’re an inherent part of the minority experience, what *is* the fault of straight white males however is the negligent attitude towards these very real issues.

It’s not cool to judge a colleague’s attitude differently because they’re a woman.

It’s not cool to tell a female colleague to smile.

It’s not cool to make gay jokes like “no homo” in the workplace.

It’s not cool to joke about how hot a female colleague is.

It’s not cool to ask the ethnic colleagues where they’re from, because your implicit motivation is that they’re surely not born and raised.

Accept that behaviours like these are pernicious and dangerous, and be willing to look inwards and realise you may be part of the problem.

Don’t label it as an attack on the heterosexual, the male or the white. It isn’t. It’s a cry to equalise things and make people aware that their privileged experience of life (relatively speaking) is not universal.

So I'm flabbergasted at the current trend of non-native Linux gaming becoming so stable and performant. In these past few months, I've witnessed stability akin to native support on games I had never expected to run well on Linux before.

DXVK had its initial release in January 2018, and so far every single game I've thrown it at has run so well that I forget it's non-native.

With front-ends like Lutris, it's easier than ever to get these non-native titles configured perfectly - to say nothing about what Proton offers for UX.

What will the 2nd year of DXVK bring? Extended Support for Windows 7 ends in one year - and I've never seen such stability and capability from Linux gaming parity.

@Root is free!

Impressive how the ublock community keeps coming up with more and more tricks against the facebook sponsored posts

https://github.com/uBlockOrigin/...

https://mobile.twitter.com/WolfieCh...

I saw a "fuck off" intel inside sticker today. It made me smile.

Network Address Translation (NAT). Rooted so deep, most people don't even know it's a hack

A php site delivering javascript in json
Which is executed by eval
{ jsaction :"document.getElementById('id').innerHtml = 'hello world' ; document.getElementById('id').style. Color='red' " }

Happened a few weeks ago but still awesome.

Me and a good friend have a website together but we don't monitor it too much.
He studied with me in the same class but went towards frontend/apps where I chose backend/servers/security. He knows how to do basic Linux stuff but that's about it.

We were at a party when he noticed that our site was offline. Walked over to me (because I manage the server) to notify me so I could look into it said I'd look into it (phone):
*visits site: nothing*
*online dig tool: got the server ip*
*remembered this one didn't have pubkey authentication - after three passwords attempts I'm in*

"service apache2 status"
*service doesn't exist*
*right, migrated this one from Apache to nginx....*
"history"
*ah, an nginx restart probably suffices...*
"service nginx restart"

BAM, site is reachable again.

*god damnit, lets encrypt cert expired...*
"history"
*sees command with certbot and our domain both in one*
"!892"
*20 seconds later: success message*
*service nginx reload*

BAM, site works securely again.

"Yo mate, check the site again"

Mate: 😶 w-w-what? *checks site and his watch* you started less than two minutes ago...?
Me: yeah..?
Mate: 😶 now this is why YOU manage our server and I don't 😐

His face was fucking gold. It wasn't that difficult for me (I do this daily) but to him, I was a God at that moment.

Awesome moment 😊

Root's shortest and best rant ever:

I tendered my resignation today!
I feel so happy and free ^_^

https://thehackernews.com/2018/11/...

Chaotic Evil: Some dude 'hacked' 50k printers that were open to the public and printed a message that the owner should subscribe to PewDiPie.

*wants to watch Re:Zero on Windows*

The files are on my file server, exposed to the Windows machine with Samba. But the Re:Zero directory isn't visible on Windows 🤔

$ mv "Re:Zero" ReZero
*Suddenly becomes visible on Windows*

What the fuck.. can't it do : characters? Something as basic as that? Microsoft, you.. you never heard of character escaping? I mean, Linux shells for example don't deal with certain characters very well either, so what do you do? Either "this", 'this', or this\ stuff, depending on some and the other things that I won't get into, but mostly it boils down to preference.

Meanwhile Windows: sorry man, can't do it >_< but I can fuck up your language, updates, privacy and files!!!

Fucking hell.. at this point I'm not even mad anymore. Just.. what the fuck Microsoft?

Going to refactor my whole android app from java to kotlin

Wish me luck!

That feeling when you boot up your shiny new laptop for the first time and there's no fucking Cortana, online accounts or mandatory updates right out of the box.

Thank you Dell ❤️

In my current company we're being forced to use Windows for web development... I can't use a VM because of the hardware specs.

This is now my screensaver.