There was a problem with a server we were staging on, and I was providing DevOps help remote.

As a joke I said, "haha if you run `sudo rm -rf / --no-preserve-root` everything will be fixed!"

They ran it. RIP server-kun 2016-2018 💨

Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜

Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.

First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.

Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.

Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.

Dealing with attacks and getting hacked.

Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.

linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)

How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!

One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)

Dealing with different kinds of attacks:

Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.

So yah, hereby :P

"full stack" means "you'll be doing everything from gathering client requirements through data architecture up to the UI design and of course implementing all of it"

"backend" means "you'll be coding everything from database through server-side code and client-side code including html and css"

"we need you on-site all day every day" means "we have no idea how and why we should use repositories with remote access despite being a company developing an internet app, and we don't trust that you would be working anyway"

"interesting challenging projects" means "the same boring crap as every other company, running on an incredibly botched and dezorganized codebase".

"competitive pay" means "actual pay is around 1.5 times the minimum allowed pay, and everything else is being siphoned off into (stupid and useless) 'benefits' like massage and fitness discount coupons"

"friendly collective having fun at numerous company events each years" means "it is mandatory for you to participate on our weekend drinking retreats but you'll only find out when we fire you because you're 'not a team player' after you refused to participate on those"

My biggest dev blunder. I haven't told a single soul about this, until now.

👻👻👻👻👻👻

So, I was working as a full stack dev at a small consulting company. By this time I had about 3 years of experience and started to get pretty comfortable with my tools and the systems I worked with.

I was the person in charge of a system dealing with interactions between people in different roles. Some of this data could be sensitive in nature and users had a legal right to have data permanently removed from our system. In this case it meant remoting into the production database server and manually issuing DELETE statements against the db. Ugh.

As soon as my brain finishes processing the request to venture into that binary minefield and perform rocket surgery on that cursed database my sympathetic nervous system goes into high alert, palms sweaty. Mom's spaghetti.

Alright. Let's do this the safe way. I write the statements needed and do a test run on my machine. Works like a charm 😎

Time to get this over with. I remote into the server. I paste the code into Microsoft SQL Server Management Studio. I read through the code again and again and again. It's solid. I hit run.

....

Wait. I ran it?

....

With the IDs from my local run?

...

I stare at the confirmation message: "Nice job dude, you just deleted some stuff. Cool. See ya. - Your old pal SQL Server".

What did I just delete? What ramifications will this have? Am I sweating? My life is over. Fuck! Think, think, think.

You're a professional. Handle it like one, goddammit.

I think about doing a rollback but the server dudes are even more incompetent than me and we'd lose all the transactions that occurred after my little slip. No, that won't fly.

I do the only sensible thing: I run the statements again with the correct IDs, disconnect my remote session, and BOTTLE THAT SHIT UP FOREVER.

I tell no one. The next few days I await some kind of bug report or maybe a SWAT team. Days pass. Nothing. My anxiety slowly dissipates. That fateful day fades into oblivion and I feel confident my secret will die with me. Cool ¯\_(ツ)_/¯

I think I've shown in my past rants and comments that I'm pretty experienced. Looking back though, I was really fucking stupid. Since I haven't posted a rant yet on the weekly topics, I figure I would share this humbling little gem.

Way back in the ancient era known as 2009, I was working my first desk job as a "web designer". Apparently the owner of this company didn't know the difference between "designer", which I'm not, and "developer", which I am, nor the responsibilities of each role.

It was a shitty job paying $12/hour. It was such a nightmare to work at. I guess the silver lining is that this company now no longer exists as it was because of my mistake, but it was definitely a learning experience I hold in high regard even today. Okay, enough filler...

I was told to wipe the Dev server in order to start fresh and set up an entirely new distro of Linux. I was to swap out the drives with whatever was available from the non-production machines, set up the RAID 5 array and route it through the router and firewall, as we needed to bring this Dev server online to allow clients to monitor the work. I had no idea what any of this meant, but I was expected to learn it that day because the next day I would be commencing with the task.

Astonishingly, I managed to set up the server and everything worked great! I got a pat on the back and the boss offered me a 4 day weekend with pay to get some R&R. I decided to take the time to go camping. I let him know I would be out of town and possibly unreachable because of cell service, to which he said no problem.

Tuesday afternoon I walked into work and noticed two of the field techs messing with the Dev server I built. One was holding a drive while the other was holding a clipboard. I was immediately called into the boss's office.

He told me the drives on the production server failed during the weekend, resulting in the loss of the data. He then asked me where I got the drives from for the Dev server upgrade. I told him that they came from one of the inactive systems on the shelf. What he told me next through the deafening screams rendered me speechless.

I had gutted the drives from our backup server that was just set up the week prior. Every Friday at midnight, it would turn on through a remote power switch on a schedule, then the system would boot and proceed to copy over the production server's files into an archive for that night and shutdown when it completed. Well, that last Friday night/Saturday morning, the machine kicked on, but guess what didn't happen? The files weren't copied. Not only were they not copied, but the existing files that got backed up previously we're gone. Why? Because I wiped those drives when I put them into the Dev server.

I would up quitting because the conversation was very hostile and I couldn't deal with it. The next week, I was served with a suit for damages to this company. Long story short, the employer was found in the wrong from emails I saved of him giving me the task and not once stating that machine was excluded in the inactive machines I could salvage drives from. The company sued me because they were being sued by a client, whose entire company presence was hosted by us and we lost the data. In total just shy of 1TB of data was lost, all because of my mistake. The company filed for bankruptcy as a result of the lawsuit against them and someone bought the company name and location, putting my boss and its employees out of a job.

If there's one lesson I have learned that I take with the utmost respect to even this day, it's this: Know your infrastructure front to back before you change it, especially when it comes to data.

This is super childish but it's the gameserver insidstry and karma is a bitch.

TLDR: I hacked my boss

I was working for a gameserver and I did development for about 3 months and was promised pay after the network was released. I followed through with a bunch of dev friends and the guy ended up selling our work. He didn't know that I was aware of this as he tried to tell people to not tell us but one honest person came forward and said he sold our work for about 8x the price of what he owed ALL OF US collectively.

I proceeded to change the server password and when he asked why he couldn't log in I sent him an executable (a crypted remote access tool) and told him it was an "encryption tunnel" that makes ssh and file transfers secure. Being the idiot that he is he opened it and I snagged all of his passwords including his email and I changed them through a proxy on his machine to ensure I wouldn't get two factored with Google. After I was done I deleted system 32 :3

Worst thing you've seen another dev do? Long one, but has a happy ending.

Classic 'Dev deploys to production at 5:00PM on a Friday, and goes home.' story.

The web department was managed under the the Marketing department, so they were not required to adhere to any type of coding standards and for months we fought with them on logging. Pre-Splunk, we rolled our own logging/alerting solution and they hated being the #1 reason for phone calls/texts/emails every night.

Wanting to "get it done", 'Tony' decided to bypass the default logging and send himself an email if an exception occurred in his code.

At 5:00PM on a Friday, deploys, goes home.

Around 11:00AM on Sunday (a lot folks are still in church at this time), the VP of IS gets a call from the CEO (who does not go to church) about unable to log into his email. VP has to leave church..drive home and find out he cannot remote access the exchange server. He starts making other phone calls..forcing the entire networking department to drive in and get email back up (you can imagine not a group of happy people)

After some network-admin voodoo, by 12:00, they discover/fix the issue (know it was Tony's email that was the problem)

We find out Monday that not only did Tony deploy at 5:00 on a Friday, the deployment wasn't approved, had features no one asked for, wasn't checked into version control, and the exception during checkout cost the company over $50,000 in lost sales.

Was Tony fired? Noooo. The web is our cash cow and Tony was considered a top web developer (and he knew that), Tony decided to blame logging. While in the discovery meeting, Tony told the bosses that it wasn't his fault logging was so buggy and caused so many phone calls/texts/emails every night, if he had been trained properly, this problem could have been avoided.

Well, since I was responsible for logging, I was next in the hot seat.

For almost 30 minutes I listened to every terrible thing I had done to Tony ever since he started. I was a terrible mentor, I was mean, I was degrading, etc..etc.
Me: "Where is this coming from? I barely know Tony. We're not even in the same building. I met him once when he started, maybe saw him a couple of times in meetings."
Andrew: "Aren't you responsible for this logging fiasco?"
Me: "Good Lord no, why am I here?"
Andrew: "I'll rephrase so you'll understand, aren't you are responsible for the proper training of how developers log errors in their code? This disaster is clearly a consequence of your failure. What do you have to say for yourself?"
Me: "Nothing. Developers are responsible for their own choices. Tony made the choice to bypass our logging and send errors to himself, causing Exchange to lockup and losing sales."
Andrew: "A choice he made because he was not properly informed of the consequences? Again, that is a failure in the proper use of logging, and why you are here."
Me: "I'm done with this. Does John know I'm in here? How about you get John and you talk to him like that."
'John' was the department head at the time.
Andrew:"John, have you spoken to Tony?"
John: "Yes, and I'm very sorry and very disappointed. This won't happen again."
Me: "Um...What?"
John: "You know what. Did you even fucking talk to Tony? You just sit in your ivory tower and think your actions don't matter?"
Me: "Whoa!! What are you talking about!? My responsibility for logging stops with the work instructions. After that if Tony decides to do something else, that is on him."
John: "That is not how Tony tells it. He said he's been struggling with your logging system everyday since he's started and you've done nothing to help. This behavior ends today. We're a fucking team. Get off your damn high horse and help the little guy every once in a while."
Me: "I don't know what Tony has been telling you, but I barely know the guy. If he has been having trouble with the one line of code to log, this is the first I've heard of it."
John: "Like I said, this ends today. You are going to come up with a proper training class and learn to get out and talk to other people."

Over the next couple of weeks I become a powerpoint wizard and 'train' anyone/everyone on the proper use of logging. The one line of code to log. One line of code.

A friend 'Scott' sits close to Tony (I mean I do get out and know people) told me that Tony poured out the crocodile tears. Like cried and cried, apologizing, calling me everything but a kitchen sink,...etc. It was so bad, his manager 'Sally' was crying, her boss 'Andrew', was red in the face, when 'John' heard 'Sally' was crying, you can imagine the high levels of alpha-male 'gotta look like I'm protecting the females' hormones flowing.

Took almost another year, Tony released a change on a Friday, went home, web site crashed (losses were in the thousands of $ per minute this time), and Tony was not let back into the building on Monday (one of the best days of my life).

Welcome back to practiseSafeHex's new life as a manager.

Episode 2: Why automate when you can spend all day doing it by hand

This is a particularly special episode for me, as these problems are taking up so much of my time with non-sensical bullshit, that i'm delayed with everything else. Some badly require tooling or new products. Some are just unnecessary processes or annoyances that should not need to be handled by another human. So lets jump right in, in no particular order:

- Jira ... nuff said? not quite because somehow some blue moon, planets aligning, act of god style set of circumstances lined up to allow this team to somehow make Jira worse. On one hand we have a gigantic Jira project containing 7 separate sub teams, a million different labels / epics and 4.2 million possible assignees, all making sure the loading page takes as long as possible to open. But the new country we've added support for in the app gets a separate project. So we have product, backend, mobile, design, management etc on one, and mobile-country2 on another. This delightfully means a lot of duplication and copy pasting from one to the other, for literally no reason what so ever.

- Everything on Jira is found through a label. Every time something happens, a new one is created. So I need to check for "iOS", "Android", "iOS-country2", "Android-country2", "mobile-<feature>", "mobile-<feature>-issues", "mobile-<feature>-prod-issues", "mobile-<feature>-existing-issues" and "<project>-July31" ... why July31? Because some fucking moron decided to do a round of testing, and tag all the issues with the current date (despite the fact Jira does that anyway), which somehow still gets used from time to time because nobody pays attention to what they are doing. This means creating and modifying filters on a daily basis ... after spending time trying to figure out what its not in the first one.

- One of my favourite morning rituals I like to call "Jira dumpster diving". This involves me removing all the filters and reading all the tickets. Why would I do such a thing? oh remember the 9000 labels I mentioned earlier? right well its very likely that they actually won't use any of them ... or the wrong ones ... or assign to the wrong person, so I have to go find them and fix them. If I don't, i'll get yelled at, because clearly it's my fault.

- Moving on from Jira. As some of you might have seen in your companies, if you use things like TestFlight, HockeyApp, AppCenter, BuddyBuild etc. that when you release a new app version for testing, each version comes with an automated change-log, listing ticket numbers addressed ...... yeah we don't do that. No we use this shitty service, which is effectively an FTP server and a webpage, that only allows you to host the new versions. Sending out those emails is all manual ... distribution groups?? ... whats that?

- Moving back to Jira. Can't even automate the changelog with a script, because I can't even make sense of the tickets, in order to translate that to a script.

- Moving on from Jira. Me and one of the remote testers play this great game I like to call "tag team ticketing". It's so much fun. Right heres how to play, you'll need a QA and a PM.

*QA creates a ticket, and puts nothing of any use inside it, and assigns to the PM.
*PM fires it back asking for clarification.
*QA adds in what he feels is clarification (hes wrong) and assigns it back to the PM.
*PM sends detailed instructions, with examples as to what is needed and assigns it back.
*QA adds 1 of the 3 things required and assigns it back.
*PM assigns it back saying the one thing added is from the wrong day, and reminds him about the other 2 items.
*QA adds some random piece of unrelated info to the ticket instead, forgetting about the 3 things and assigns it back.

and you just continue doing this for the whole dev / release cycle hahaha. Oh you guys have no idea how much fun it is, seriously give it a go, you'll thank me later ... or kill yourselves, each to their own.

- Moving back to Jira. I decided to take an action of creating a new project for my team (the mobile team) and set it up the way we want and just ignore everything going on around us. Use proper automation, and a kanban board. Maybe only give product a slack bot interface that won't allow them to create a ticket without what we need etc. Spent 25 minutes looking for the "create new project" button before finding the link which says I need to open a ticket with support and wait ... 5 ... fucking ... long ... painful ... unnecessary ... business days.

... Heres hoping my head continues to not have a bullet hole in it by then.

Id love to talk more, but those filters ain't gonna fix themselves. So we'll have to leave it here for today. Tune in again for another episode soon.

And remember to always practiseSafeHex

It's fun to watch someone trying to connect to a linux server via Windows Remote Desktop

A colleague was doing configuration on a server and needed to restart the network card.

So he clicked disable it, just to notice that his remote session died ...

Now where can we get a cab?

As a full time remote employee it gets lonely. Im getting ready to turn my home into a co-working space :

* Plenty of space with tables and couches

* Gigabit Internet backed by enterprise networking gear

* Lots of fresh ground coffee

* Local Kubernetes server !

* dog friendly chill space

* kid friendly play areas during the summer

* Mountain home with backyard hiking trails , wildlife lookout (wild deer live in my back yard), and fireplaces

What else would you want in your co-work space-at-my-place (TM)?

Not really dev as much but still IT related 😂

in college we got some new macs in our class. Before we were allowed to use them the "IT Tech" came in and did something to them all (probably ran some scripts to set stuff up)

Anyway, I was completely new to OS X and accidentally pressed a key combo that opened up a dialogue to connect to a remote file server. I saw the address field was already filled out (from when the IT Tech was running the scripts). So me being me I decided to connect. Low and behold my student credentials got me in.

Taking a look around I found scripts, backups and all sorts of stuff. I decided to look at some of the scripts to see what they did. One of them was a script to add the Mac to the domain. Here's the funny part. The login to do that was hard coded into the script....

To conclude. I now have domain level access to my whole college network 🙃

Tl;Dr: stupid it tech saves password in script. I find it. I now have domain level access to the college network

The stupid stories of how I was able to break my schools network just to get better internet, as well as more ridiculous fun. XD

1st year:
It was my freshman year in college. The internet sucked really, really, really badly! Too many people were clearly using it. I had to find another way to remedy this. Upon some further research through Google I found out that one can in fact turn their computer into a router. Now what’s interesting about this network is that it only works with computers by downloading the necessary software that this network provides for you. Some weird software that actually looks through your computer and makes sure it’s ok to be added to the network. Unfortunately, routers can’t download and install that software, thus no internet… but a PC that can be changed into a router itself is a different story. I found that I can download the software check the PC and then turn on my Router feature. Viola, personal fast internet connected directly into the wall. No more sharing a single shitty router!

2nd year:
This was about the year when bitcoin mining was becoming a thing, and everyone was in on it. My shitty computer couldn’t possibly pull off mining for bitcoins. I needed something faster. How I found out that I could use my schools servers was merely an accident.
I had been installing the software on every possible PC I owned, but alas all my PC’s were just not fast enough. I decided to try it on the RDS server. It worked; the command window was pumping out coins! What I came to find out was that the RDS server had 36 cores. This thing was a beast! And it made sense that it could actually pull off mining for bitcoins. A couple nights later I signed in remotely to the RDS server. I created a macro that would continuously move my mouse around in the Remote desktop screen to keep my session alive at all times, and then I’d start my bitcoin mining operation. The following morning I wake up and my session was gone. How sad I thought. I quickly try to remote back in to see what I had collected. “Error, could not connect”. Weird… this usually never happens, maybe I did the remoting wrong. I went to my schools website to do some research on my remoting problem. It was down. In fact, everything was down… I come to find out that I had accidentally shut down the schools network because of my mining operation. I wasn’t found out, but I haven’t done any mining since then.

3rd year:
As an engineering student I found out that all engineering students get access to the school’s VPN. Cool, it is technically used to get around some wonky issues with remoting into the RDS servers. What I come to find out, after messing around with it frequently, is that I can actually use the VPN against the screwed up security on the network. Remember, how I told you that a program has to be downloaded and then one can be accepted into the network? Well, I was able to bypass all of that, simply by using the school’s VPN against itself… How dense does one have to be to not have patched that one?

4th year:
It was another programming day, and I needed access to my phones memory. Using some specially made apps I could easily connect to my phone from my computer and continue my work. But what I found out was that I could in fact travel around in the network. I discovered that I can, in fact, access my phone through the network from anywhere. What resulted was the discovery that the network scales the entirety of the school. I discovered that if I left my phone down in the engineering building and then went north to the biology building, I could still continue to access it. This seems like a very fatal flaw. My idea is to hook up a webcam to a robot and remotely controlling it from the RDS servers and having this little robot go to my classes for me.

What crazy shit have you done at your University?

My school stores everyone's username and passwords (including admins) in plain text on a Windows 2007 server that they remote desktop into.

Some days I feel like I work in a different universe.

Last night our alerting system sent out a dept. wide email regarding a high number of errors coming from the web site.

Email shows the number of errors and a summary of the error messages.

Ex. 60 errors
59 Object reference not set to an instance of an object
1 The remote server returned an unexpected response: (413) Request Entity Too Large

Web team responds to the email..

"Order processing team's service is returning a 413 error. I'll fill out a corrective action ticket in the morning to address that error in their service. "

Those tickets are taken pretty seriously by upper mgmt, so I thought someone on the order processing team would point out the 1 error vs. 59 (coming from the web team's code).

Two hours go by, nobody responds, so I decide to jump into something that was none of my business.

"Am I missing something? Can everyone see the 59 null reference exceptions? The 413 exception only occurred once. It was the null reference exceptions that triggered the alert. Looking back at the logs, the site has been bleeding null reference exceptions for hours. Not enough for an alert, but there appears to be a bug that needs to be looked into."

After a dept. managers meeting this morning:

MyBoss: "Whoa..you kicked the hornets nest with your response last night."
Me: "Good. What happened?"
<Dan dept VP, Jake web dept mgr>
MyBoss: "Dan asked Jake if they were going to fix the null reference exceptions and Jake got pissed. Said the null reference errors were caused by the 413 error."
Me: "How does he know that? They don't log any stack traces. I don't think those two systems don't even talk to one another."
<boss laughs>
MyBoss:"That's what Dan asked!..oh..then Jake started in on the alert thresholds were too low, and we need to look into fixing your alerting code."
Me: "What!? Good Lord, tell me you chimed in."
MyBoss: "Didn't have to. Dan starting laughing and said there better be a ticket submitted on their service within the next hour. Then Jake walked out of the meeting. Oh boy, he was pissed."
Me: "I don't understand how they operate over there. It's a different universe.
MyBoss: "Since the alert was for their system, nobody looked at the details. I know I didn't. If you didn't respond pointing out the real problem, they would have passed the buck to the other team and wasted hours chasing a non-existent problem. Now they have to take resources away from their main project and answer to the VP for the delay. I'm sure they are prefixing your name right now with 'that asshole'"
Me: "Not the first, won't be the last."

TLDR: In defense of Powershell - the rant:

I don’t get the Powershell hate.

You don’t hate a screwdriver for not being able to turn a nut, you just *don’t use a screwdriver to turn a nut*

Once you recognize what the tool is good for and you don’t try to use it like Bash, it’s wildly powerful, and satisfying to use in a way Cmd.exe never was.

Cygwin or a Linux Subsystem can only go so far on a Windows computer. You’re dealing with two fundamentally different OS architectures. It makes sense you’d need different tools.

And like it or not, Microsoft owns the non-tech-user desktop , corners the non-tech server business market, and Active Directory is THE tool for managing Windows desktops on a large scale - So Wanblows is not going away anytime soon.

Automation without some weird ass sysVol batch login script is finally possible. Anyone who knows .Net classes can leverage their methods from directly within Powershell. Remote management of headless Windows servers is now a reality. If you have an Office 365 Exchange server you can literally Powershell remote to it for management, just like your favorite cloud hosted Linux distribution.

No one said Windows is a better OS, but an object based shell on an object based OS *makes sense*. It’s useful for its environment. Let it be.

The gift that keeps on giving... the Custom CMS Of Doom™
I've finally seen enough evidence why PHP has such a bad reputation to the point where even recruiters recommended me to remove my years of PHP experience from the CV.

The completely custom CMS written by company <redacted>'s CEO and his slaves features the following:
- Open for SQL injection attacks
- Remote shell command execution through URL query params
- Page-specific strings in most core PHP files
- Constructors containing hundreds of lines of code (mostly used to initialize the hundreds of properties
- Class methods containing more than 1000 lines of code
- Completely free of namespaces or package managers (uber elite programmers use only the root namespace)
- Random includes in any place imaginable
- Methods containing 1 line: the include of the file which contains the method body
- SQL queries in literally every source file
- The entrypoint script is in the webroot folder where all the code resides
- Access to sensitive folders is "restricted" by robots.txt 🤣🤣🤣🤣
- The CMS has its own crawler which runs by CRONjob and requests ALL HTML links (yes, full content, including videos!) to fill a database of keywords (I found out because the server traffic was >500 GB/month for this small website)
- Hundreds of config settings are literally defined by "define(...)"
- LESS is transpiled into CSS by PHP on requests
- .......

I could go on, but yes, I've seen it all now.

While updating a remote production server, accidentally uninstalled a package that was required for openssh to work. That was fun to recover... 😐

Worst WTF dev experience? The login process from hell to a well-fortified dev environment at a client's site.
I assume a noob admin found a list of security tips and just went like "all of the above!".

You boot a Linux VM, necessary to connect to their VPN. Why necessary? Because 1) their VPN is so restrictive it has no internet access 2) the VPN connection prevents *your local PC* from accessing the internet as well. Coworkers have been seen bringing in their private laptops just to be able to google stuff.
So you connect via Cisco AnyConnect proprietary bullshit. A standard VPN client won't work. Their system sends you a one-time key via SMS as your password.

Once on their VPN, you start a remote desktop session to their internal "hopping server", which is a Windows server. After logging in with your Windows user credentials, you start a Windows Remote Desktop session *on that hopping server* to *another* Windows server, where you login with yet another set of Windows user credentials. For all these logins you have 30 seconds, otherwise back to step 1.
On that server you open a browser to access their JIRA, GitLab, etc or SSH into the actual dev machines - which AGAIN need yet another set of credentials.

So in total: VM -> VPN + RDP inside VM -> RDP #2 -> Browser/SSH/... -> Final system to work on
Input lag of one to multiple seconds. It was fucking unusable.

Now, the servers were very disconnect-happy to prevent anything "fishy" going on. Sitting at my desk at my company, connected to my company's wifi, was apparently fishy enough to kick me out every 5 to 20 minutes. And that meant starting from step 1 inside the VM again. So, never forget to plugin your network cable.

There's a special place in hell for this admin. And if there isn't, I'll PERSONALLY make the devil create one. Even now that I'm not even working on this any more.

The riskiest dev choice...

How about "The riskiest thing you've done as a dev"? I have a great entry for that. and I suppose it was my choice to build the feature afterall.

I was working on an instance of a small MMO at a game company I worked for. The MMO boasted multiple servers, each of them a vastly different take on the base game. We could use, extend, or outright replace anything we wanted to, leading to everything from Zelda to pokemon to an RP haven to a top-down futuristic counterstrike. The server in this particular instance was a fantasy RPG, and I was building it a new leveling and experience system with most of the trimmings. (Talents, feats/perks, etc. were in a future update.)

A bit of background, first: the game's dev setup did not have the now-standard dev/staging/prod servers; everything ran on prod, devs worked on prod, players connected and played on prod, etc. Worse yet, there was no backup system implemented -- or not really. The CTO was really the only person with sufficient access. The techy CEO did as well, but he rarely dealt with anything technical except server hardware, occasionally. And usually just to troll/punish us devs (as in "Oops ! I pulled the cat5 ! ;)"). Neither of them were the most reliable of people, either. The CTO would occasionally remote in and make backups of each server -- we assumed whenever he happened to think of it -- and would also occasionally do it when asked, but it could take him a week, sometimes even up to a month to get around to it. So the backups were only really useful for retreiving lost code and assets, not so much for player data.

The lack of reliable backups and the lack of proper testing grounds (among the plethora of other issues at the company) made for an absolutely terrible dev setup, but that's just how it was, and that's what we dealt with. We were game devs, afterall. Terrible or not, we got to make games! What more could you ask for!? It was amazing and terrible and wonderful and the worst thing ever, all at the same time. (and no, I'm not sharing the company name, but it isn't EA or Nexon, surprisingly 😅)

Anyway, back to the story! My new leveling system also needed to migrate players' existing data, so... you can see where this is going.

I did as much testing and inspection of my code as I could, copied it from a personal dev script to the server's xp system, ... and debated if I really wanted to click [Apply]. Every time I considered it, I went back to check another part or do yet more testing. I ended up taking like 40 minutes to finally click it.

And when I did... that was the scariest button press of my life. And the scariest three seconds' wait afterwards. That one click could have ruined every single player's account, permanently lost us players ...

After applying it, I immediately checked my character to see if she was broken, checked the account data for corruption or botched flags, checked for broken interactions with the other systems....

Everything ended up working out perfectly, and the players loved all of the new features. They had no idea what went into building them, and certainly had no idea of what went into applying them, or what could have gone wrong -- which is probably a good thing.

Looking back, that entire environment was so fragile, it's a wonder things didn't go horribly wrong all the time. Really, they almost never did. Apocalypses did happen, but were exceedingly rare, and were ususally fixed quickly. I guess we were all super careful simply because everything was so fragile? or the decent devs were, at least. We never trusted the lessers with access 😅 at least on the main servers where it mattered. Some of the smaller servers... well, we never really cared about those.

But I'm honestly more surprised to realize I've never had nightmares of that button click. It was certainly terrifying enough.

But yay! Complete system overhaul and migration of stored and realtime player data! on prod! With no issues! And lots of happy players! Woooooo!

Thinking back on it makes me happy 😊

*Opens some Computerphile video on YouTube in Chrome Canary*
CPU > hey ho dude, wait a minute..! I can't process all of this in realtime!!! >_<

Alright.. I think I've still got a copy of all their videos sitting somewhere in the file server.. perhaps I could use that instead.
*Opens said video from the file server in SMPlayer*
CPU > aah, thanks man. Now I can allocate 15-ish % of my resources to that and give you a good watching experience.

Web browsers are really great for being the most general-purpose document viewers, application execution environments (remote code execution engines as someone here called it), and overall be one of the most versatile programs on any PC's standard software suite.

But that comes at a price.. performance. And definitely when it comes to featureful fucking WordPress shitsites (shites?), bloated YouTube, Google, Facebook, and all that fucking garbage.. I fucking hate web browsers and this "Web 2.0" that people keep on talking about. Your boatload of JavaScript frameworks just to ease your own fucking development has a real impact when it happens on dozens of tabs, you know.

Besides, can't those framework creators just make it into a "compiler" * of sorts? So that front-end devs can flail their dicks in an shit-infested environment full of libraries and frameworks all they want, but the framework can convert it into plain JS code that the web server can then serve. Or better yet, the JavaScript standard could be improved to actually be usable on its own!

Look, I'm not a front-end dev. Heck, I'm not even a dev to begin with. But what I do know is that efficiency matters, especially at large scale. Web browsers being so overgeneralized and web devs adding a boatload of fucking libraries or frameworks or whatever, it adds up, both to the CPU's and my own temper.

(*) Quote marks because source code to source code isn't really compiling, but then uglified JS looks worse than machine code anyway so meh :/

The tech stack at my current gig is the worst shit I’ve ever dealt with...

I can’t fucking stand programs, especially browser based programs, to open new windows. New tab, okay sure, ideally I just want the current tab I’m on to update when I click on a link.

Ticketing system: Autotask
Fucking opens up with a crappy piss poor sorting method and no proper filtering for ticket views. Nope you have to go create a fucking dashboard to parse/filter the shit you want to see. So I either have to go create a metric-arse tonne of custom ticket views and switch between them or just use the default turdburger view. Add to that that when I click on a ticket, it opens another fucking window with the ticket information. If I want to do time entry, it just feels some primal need to open another fucking window!!! Then even if I mark the ticket complete it just minimizes the goddamn second ticket window. So my jankbox-supreme PC that my company provided gets to strugglepuff along trying to keep 10 million chrome windows open. Yeah, sure 6GB of ram is great for IT work, especially when using hot steaming piles of trashjuice software!

I have to manually close these windows regularly throughout the day or the system just shits the bed and halts.

RMM tool: Continuum
This fucker takes the goddamn soggy waffle award for being utterly fucking useless. Same problem with the windows as autotask except this special snowflake likes to open a login prompt as a full-fuck-mothering-new window when we need to open a LMI rescue session!!! I need to enter a username and a password. That’s it! I don’t need a full screen window to enter credentials! FUCK!!! Btw the LMI tools only work like 70% of the time and drag ass compared to literally every other remote support tool I’ve ever used. I’ve found that it’s sometimes just faster to walk someone through enabling RDP on their system then remoting in from another system where LMI didn’t decide to be fully suicidal and just kill itself.

Our fucking chief asshat and sergeant fucknuts mcdoogal can’t fucking setup anything so the antivirus software is pushed to all client systems but everything is just set to the default site settings. Absolutely zero care or thought or effort was put forth and these gorilla spunk drinking, rimjob jockey motherfuckers sell this as a managed AntiVirus.

We use a shitty password manager than no one besides I use because there is a fully unencrypted oneNote notebook that everyone uses because fuck security right? “Sometimes it’s just faster to have the passwords at the ready without having to log into the password manager.” Chief Asshat in my first week on the job.

Not to mention that windows server is unlicensed in almost every client environment, the domain admin password is same across multiple client sites, is the same password to log into firewalls, and office 365 environments!!!

I’ve brought up tons of ways to fix these problems, but they have their heads so far up their own asses getting high on undeserved smugness since “they have been in business for almost ten years”. Like, Whoop Dee MotherFucking Doo! You have only been lucky to skate by with this dumpster fire you call a software stack, you could probably fill 10 olympic sized swimming pools to the brim with the logarrhea that flows from your gullets not only to us but also to your customers, and you won’t implement anything that is good for you, your company, or your poor clients because you take ten minutes to try and understand something new.

I’m fucking livid because I’m stuck in a position where I can’t just quit and work on my business full time. I’m married and have a 6m old baby. Between both my wife and I working we barely make ends meet and there’s absolutely zero reason that I couldn’t be providing better service to customers without having to lie through my teeth to them and I could easily support my family and be about 264826290461% happier!

But because we make so little, I can’t scrap together enough money to get Terranimbus (my startup) bootstrapped. We have zero expendable/savable income each month and it’s killing my soul. It’s so fucking frustrating knowing that a little time and some capital is all that stands between a better life for my family and I and being able to provide a better overall service out there over these kinds of shady as fuck knob gobblers.

So I'm moving to a new/bigger place with faster Internet soon so I think it's time to rebuild my current home/remote server setup.

I want to setup the following things:
- vps for server monitoring (open source pushover alternative + netdata)
- Zero tier network for connecting all my servers to the same network
- pihole/pivpn (or the Angristan vpn installer, look it up :)
- second blocking thingy next to pihole to make sure that I literally can't access google/fb etc anymore, even if I really needed/wanted to
- bunch of general servers.

Any ideas?

Received a urgent email from a business client saying that the application we support is completely broken. Their staff said they used the app to send several submissions that day but they did not come through. This is a major issue as these submissions need to occur daily.

I understand that this is a priority so I immediately check everything. I test the app, the server, check the database. Everything seems fine, but there's no record of these submissions. Maybe it's the specific device that was used. I reply saying that everything seems to be in order. Can I please be provided with more information about what occurred? What time were the submissions sent?

Client replies saying that the submissions were definitely sent and that the staff swear by it.

I now know something is up, so I remote into the the devices in question and check the logs. The app was not even used that day! I've got them! Those liars!

I am now quite pissed off, but remain professional and reply saying that we log all app events and that the logs show that the app had not been used at all that day. Now they have to own up to their lie. Right?

Wrong. Client replies with: The issue has been fixed. Thanks.

Can you believe the bloody nerve? The client doesn't even have the decency to apologise but rather insinuates that it was all our fault.

Well I'm not having that. I reply: It is great that the app is functioning correctly. However, I believe it is important to understand the cause of the issue as to prevent it from occuring again.

Client: No reply.

Well, if you want to waste other people's time, here's the fat bill.

Moral of the story. Don't trust anything that the client says and for any issue, debug the user before doing anything else.

Previous job:
- Every dev needs to connect to a remote server, and do the coding there because the bosses are afraid that we will "steal" their legacy spaghetti written by the CTO in 2006 (the current year was 2016-2017).
- There are no QAs, because "why do you devs need mommy to look after your codes?"
- Bosses think it's our duty to stay extra hours without overtime payment while talking bullshit about a culture that promotes work life balance. You receive no bonus for staying late, but if you leave work 15 minutes early, HR will have a serious talk with you the next day.
- Bosses require "evidence" when you submit a leave request. For example, you tell them you're taking a vacation, they'll ask you for a copy of airline tickets, hotel bookings, etc.
- Bosses spend a ton on hosting parties for the customers while we're using 6-7 year-old laptops
- The CEO loves firing people for ridiculous reasons. Once he considered firing a guy because the way he walks is funny

So we are a development company, we have some remote coders.

This one is very good coding BUT

Sometimes he disappears and then comes back with an history, the other day he said his grandpa was about to die of cancer so he had to go to see him.

Three days ago, he had to finish a landing page manager, in React. just a form and unzip (nodejs server side) the files... It was not so difficult.

He said was going to finish later that day.

Then he disappeared, for 3 days!

And i got a message from him on facebook saying he got robbed and he was going to rent a laptop to continue working.

Then i asked if he had any progress on the code before that happened. and he started sending
me screenshots of the code , but in one screenshot i was able to see a part of the desktop background. Checked on the history of files @ Slack and that was his background lol.

Please guys , don't do these kind of things.
If he had told me that he needed to study or something i would have understood him

Now i feel i cant trust him anymore.

Moral: Lies/attitudes like these one can have a big negative effect on your life and you will miss some big opportunities!

accedently used chmod on chmod so i no longer had permissions to chmod.

thank goodness for remote server images.

Inception.
Today I needed to check something in a remote server: this was the easiest way:
1: teamviewer to my home pc from university
2: started a vm on that machine with vpn connection to my work office
3: rdp to a windows server vm
4: ssh to a vm on our hosting cluster
5: from there, ssh to the server that I needed access to

My school just tried to hinder my revision for finals now. They've denied me access just today of SSHing into my home computer. Vim & a filesystem is soo much better than pen and paper.

So I went up to the sysadmin about this. His response: "We're not allowing it any more". That's it - no reason. Now let's just hope that the sysadmin was dumb enough to only block port 22, not my IP address, so I can just pick another port to expose at home. To be honest, I was surprised that he even knew what SSH was. I mean, sure, they're hired as sysadmins, so they should probably know that stuff, but the sysadmins in my school are fucking brain dead.

For one, they used to block Google, and every other HTTPS site on their WiFi network because of an invalid certificate. Now it's even more difficult to access google as you need to know the proxy settings.

They switched over to forcing me to remote desktop to access my files at home, instead of the old, faster, better shared web folder (Windows server 2012 please help).

But the worst of it includes apparently having no password on their SQL server, STORING FUCKING PASSWORDS IN PLAIN TEXT allowing someone to hijack my session, and just leaving a file unprotected with a shit load of people's names, parents, and home addresses. That's some super sketchy illegal shit.

So if you sysadmins happen to be reading this on devRant, INSTEAD OF WASTING YOUR FUCKING TIME BLOCKING MORE WEBSITES THAN THEIR ARE LIVING HUMANS, HOW ABOUT TRY UPPING YOUR SECURITY, PASSWORDS LIKE "", "", and "gryph0n" ARE SHIT - MAKE IT BETTER SO US STUDENTS CAN ACTUALLY BROWSE MORE FREELY - I THINK I WANT TO PASS, NOT HAVE EVERY OTHER THING BLOCKED.

Thankfully I'm leaving this school in 3 weeks after my last exam. Sure, I could stay on with this "highly reputable" school, but I don't want to be fucking lied to about computer studies, I don't want to have to workaround your shitty methods of blocking. As far as I can tell, half of the reputation is from cheating. The students and sysadmins shouldn't have to have an arms race between circumventing restrictions and blocking those circumventions. Just make your shit work for once.

**On second thought, actually keep it like that. Most of the people I see in the school are c***s anyway - they deserve to have half of everything they try to do censored. I won't be around to care soon.**

TM: Hey, do you have a moment?

Me: not really, I'm already overtime and have enough work for the whole year.

TM: Yeah, we know. Just a quick meeting to discuss something awkward.

Me: Hmkay.

...

Later that day:

TM: Yeah. To make it quick - we're confused and bit dissatisfied with how project X turned out. The staging server is blazing fast, but the devs machines seem to be extremely slow... Some devs complained.

Me: No wonder. I said from the beginning that the devs shouldn't do X and Y, and that the dev machines need to be redone after staging is done - as we need to gather hands on experience first, cause no one could explain to me what resources the project actually needed.

TM: Oh. I wasn't aware of that.

Me: I guessed so. You were on vacation at the beginning and I didn't had the time to lead another team...

TM: Yeah... So the dev machines get replaced?

Me: They _could_ be replaced, but the devs would need to reset up their environment, as I and won't transfer the environment of the dev user.

TM: Ah... So they would have to retransfer their personal modifications, if they made any?

Me: Yes. As always, the basic setup just provides the necessary services, settings etc. - stuff like remote IDE settings on the machine, configuration etc is left out and we don't transfer it as it is usually too much of a hassle and risky, as every dev does have his / her own preferences, and we don't want to support every possible configuration out there.

TM: Just out of curiosity... Staging was ready like... Last year?

Me: Beginning of December, yes.

TM: Sigh.

Me: The jolly of having a kinder garten full of toys that no kid wants to clean up...

TM: No comment. The kinder garten Kids might make me a Pinata otherwise.

Me: If only they'd fill us with chocolate first instead of just beating us.

...

Tales of lazy devs, to be continued...

Wanted to deploy my local files to remote server using rsync.

Used wrong syntax, replaced my local files with remote instead :(

Before shutting something down, verify that its the right one ;)

A colleague was testing some performance setting on a server and needed to restart the network driver so he disabled it and was going to enable it when the remote session died ;)

Fast 30 min trip to the datacenter to enable network card.

!rant

I just successfully deployed an app (twitter bot) to a remote server for the first time!

TLDR: Small family owned finance business woes as the “you-do-everything-now” network/sysadmin intern

Friday my boss, who is currently traveling in Vegas (hmmm), sends me an email asking me to punch a hole in our firewall so he can access our locally hosted Jira server that we use for time logging/task management.

Because of our lack of proper documentation I have to refer to my half completed network map and rely on some acrobatic cable tracing to discover that we use a SonicWall physical firewall. I then realize asking around that I don’t have access to the management interface because no one knows the password.

Using some lucky guesses and documentation I discover on a file share from four years ago, I piece together the username and password to log in only to discover that the enterprise support subscription is two years expired. The pretty and useful interface that I’m expecting has been deactivated and instead of a nice overview of firewall access rules the only thing I can access is an arcane table of network rules using abbreviated notation and five year old custom made objects representing our internal network.

An hour and a half later I have a solid understanding of SonicWallOS, its firewall rules, and our particular configuration and I’m able to direct external traffic from the right port to our internal server running Jira. I even configure a HIDS on the Jira server and throw up an iptables firewall quickly since the machine is now connected to the outside world.

After seeing how many access rules our firewall has, as a precaution I decide to run a quick nmap scan to see what our network looks like to an attacker.

The output doesn’t stop scrolling for a minute. Final count we have 38 ports wide open with a GOLDMINE of information from every web, DNS, and public server flooding my terminal. Our local domain controller has ports directly connected to the Internet. Several un-updated Windows Server 2008 machines with confidential business information have IIS 7.0 running connected directly to the internet (versions with confirmed remote code execution vulnerabilities). I’ve got my work cut out for me.

It looks like someone’s idea of allowing remote access to the office at some point was “port forward everything” instead of setting up a VPN. I learn the owners close personal friend did all their IT until 4 years ago, when the professional documentation stops. He retired and they’ve only invested in low cost students (like me!) to fill the gap. Some kid who port forwarded his home router for League at some point was like “let’s do that with production servers!”

At this point my boss emails me to see what I’ve done. I spit him back a link to use our Jira server. He sends me a reply “You haven’t logged any work in Jira, what have you been doing?”

Facepalm.

!rant
After nine months of work, my capstone project is finally coming together.

It's an audio server written in Node.JS and MongoDB. I can run it on a pi plugged into a stereo and remote control it from my phone via the web server.

Changed Firewall settings on remote server. Forgot to open ssh... 😑

*edits file on remote server*
WanBLowS: naah you can't 😈
*le wild BSOD appears for the over 9000-th time*

... Yeah. Windows, great job. Who needs system integrity when they're working on remote servers anyway, right?!

And to top it all off, le reboot mentions that they're working on fucking "features" again. That's what you needed to BSOD for?! For a goddamn motherfucking feature?!! Fucking piece of shit.

At least when I opened vim on that server again, it's saved everything neatly in the .swp files, ready for recovery. Now that's neat, isn't it? Microsoft, the Linux community has already moved on to nvim in terms of development, but maybe, just maybe, you can learn a thing or two from our "legacy software", vim.

As for me, maybe it's time to take out my Arch laptop again. At least that won't crap out on me because the sun and the stars are in a position that the OS doesn't like, or something stupid like that. FUCK YOU MICROSHIT!!!

🔐How can a manufacturer(Netgear) not allow changing username of the admin user???🔥

That effectively lets anyone bruteforce the damn thing like its being grilled on a BBQ!

Yet they implement remote access router management via 8080 and alley you set up VPN server on the incapable thing.

When I was 14 or so, we had acces to some computers during break. I went through each and every one of them, rebooted into Safe Mode (yeah, Windows), logged in as admin with no password, and gave admin powers to my account (each student had one, at least). Then, installed a keylogger and one of those "trojaans" that let me remote terminal, keyboard and mouse control to all the PCs (I had tried telnet server, but this was soo much easier).

Then came the fun.

"Why does the start menu keep opening by itself?"
"Why is the CD tray opening and closing on its own?"
Etc.

Then I found out social media passwords like (translated from spanish) "bigdicks". Never used them, because I considered myself one of the gray hatted. I did it just for the fun.

My tablet is lying on a table 2m away from me and I have to install a new app.. but I don't want to get out of my couch ffs! And I haven't configured dropbear in it yet, and neither do I have adb over TCP/IP. Well fuck it then. My desktop with BlueStacks.. hah, it's running fucking WanBLowS. No remote access there. Too much to ask of that certified pile of crap.

But the point is.. moar remotes, moar better 😋 anything to not have to stand up, taught by my ability to log into a server in Italy from the comfort of my couch. SSH and the sysadmin trade sure is nothing short of amazing ♥️

After moving, I don't have DSL yet so I have to use mobile data to get internet access. Additionally I had to finish a freelancing job. In Germany you have one of the most expensive and least reliable mobile networks in europe.

I had to upload my develpoed software to a remote server

So I suddenly was sent back in time. A single call would have disrupted the download (I can't use internet and phone at the same time, might be a phone issue). While my phone has "high speed" volume left and showed at least HSPA, but I still, the upload rate was prehistoric:

Should’ve posted this after it happened, but it requires a bit of background anyway.

There’s this guy that oversees our OpenStack environment. My team often make jokes and groan about him in private because he’s so overbearing. A few months back, he had to take us to our data center to show us our new racks, and he kept saying stupid stuff like “you break this and it costs me $30,000” as if he owns everything. He’s just... one of THOSE people. Always speaks in such a condescending way. We make jokes that he is our “best friend”.

Our company is shifting most of our products to the cloud in response to the coronavirus (trying to make it an opportunity for “innovation”). This has involved some structural and responsibility changes in our department, and long story short, I’m now heading the OpenStack environment alongside other projects.

This means going through grueling 1-on-1 meetings with our “best friend”. It’s not too bad, I can be pretty patient with people, so I didn’t mind too much at first. Then a few things happened.

1. He sent a shared folder that he owned containing info related to the environments. Several documents were outdated and incomplete, so I downloaded them, corrected them, and then uploaded the documents to my teams file share, as I was supposed to since we now own the projects.

2. Several files were missing, and when I asked about them, he said “Oh, did you refresh the browser?”. I told him no, that I downloaded them locally and republished them to my teams server, because he was supposed to hand everything off to us at once. He says “Well, silly, how are you going to get updates if you’re looking at them locally?” and kind of chuckles at me like I’m stupid.

3. He insists on training me how to remote into one of the servers to check on cluster space, which in itself is fine. I understand others wanting to make sure things will be done right by the people who come after them. But he tells me to download SuperPutty. I tell him, “oh no, that’s alright. I don’t need putty”. He says “oh cool, what tool do you use for ssh?”. I answer him “Just Git. If I want to I can use a CentOs bash terminal too, because we have WSL installed”. He responds “You can’t ssh through Git”.
I was actually a little shocked. I didn’t know if he was serious or not so I was silent for a few seconds before hesitantly saying “yes you can”. He says “this is news to me” and I so I tell him “every single one of our build jobs fetches code from Git with ssh” and he seemed genuinely shocked and surprised by that.... so then it occurs to me to show him that you can ssh in Powershell and that REALLY blew his mind. He would not shut up about it for several minutes. I was amused until it just got annoying.

Needless to say, my team had been previously teasing me about having to work with him, so they found it hilarious when I told them afterwards.

I have worked with a handful of very green devs in the last 10 years. A common theme has emerged.

They don't heed any of my advice.

An exercise to the reader:

If you have a Windows machine, but need to work in a Linux environment, what would be your first instinct how to proceed?

In this exercise, you are as green as it gets. You have very little professional development experience, let alone server admin experience. And your lead dev has suggested setting up a VM.

1. Set up a Linux VM
2. Use a live CD or set up a dual boot system
3. Pay for a cloud server and set it up from scratch

I have no idea how this person intends to get any work done on a remote, terminal only, Linux server. That is if I can even get their environment into a sane configuration.

Today, during deployment on server without remote access:

Me (on the phone calling our data centre Admin): "There's a permissions mismatch. The following paths need write access from the following users..."

Admin: "Okay, okay, slow down... I'm still in the elevator." - 10 minutes later - "Okay, ready."

And I gave him the paths and he said: "Try now."

And I tried and it still didn't work. And then we tried all that again. And again. And finally he said:

Admin: "Okay, I give up, I'm going back down to get the screen."

I just gave robocopy another try, in order to get my WanBLowS D: drive and my file server synchronized again, in preparation to move that file server VM to a LXC container instead.. bad choice. I should've used rsync in WSL.

Hey you Not so Robust File Copier for WanBLowS, how many attempts of you fucking up my file server's dotfiles does it take before I configure you right with every fucking option you have specified? How about you actually behave somewhat decently like rsync where -avz works 99% of the time, in local, remote, any scenarios that you can think of that aren't super obscure?! HOW DIFFICULT CAN IT BE, REDMOND CERTIFIED ENGANEERS?!!

Drown in a pond of bleach, Microshit certified MOTHERFUCKERS!!!!

Well, at least this time it didn't fuck up my .ssh directory so I can still authenticate to the VM.. so I guess that at least that's a win. Even that you can't take for granted anymore with this piece of garbage!!!

"Want to edit that file? You need to clone [this], then install [x] followed by [y] and [z]. Then telnet into the 80's and curl this page directly from Ceefax. Install the binaries and compile the watchers. Hit ‘enableficate’ and wait whilst it builds the VM mirror. Remote desktop into the vm from a Windows2000 machine and install a UI. Search for [some file]. This is cross-compiled into an reverse ascii hex hashinator so you’ll need to decompile it using fudgeunpacker. Edit the file as required then reverse the entire process to synchronise it with the repo. You can then upload the file to the server (remember that [thisdomain] is on [some obscure remote server] so you’ll have to email them the file in [x localle] office hours)”

Two things before this all:
- I fucking love gitlab so far
- I miss the fuzzy searching from sublime text, as vsCode still can't do it properly..

I was fed up with all the shitty overbloated git deployment scripts, sync scripts, automatic backup solutions and hosted git servers out there, so now my own solution is:

- remote git cloned local files
- local files are synced via dropbox, to easily edit them on any device
- all changes and deleted files are saved up to 1 year on dropbox
- remote has gitlab running and webhooks setup
- the webhooks point to my node scripts, which then rebase the code to its dedicated dev server
- daily server backup with 7 days roll
- cold storage backup each 30 days

Sounds like overkill, but from my experience, you really can't have enough places that have a backup, especially coldstorage backups.

My goal in general though is to have everything on my computer backupped and ready to go asap, if something happens.

I wanted to just use a virtual machine for development stuff, but that wouldnt be able to run on my laptop, so I need a more general solution, where I sync all configs and all projects across. (and have some sort of basic list of tools needed, so I dont need to remember them)

Found for example something for vscode to sync its settings and plugins via any sort of git, will give it a try in near future too.

I'm intentionally resigning from my remote software development job to teach my company a lesson. The guy who wrote the codes previously really knew how to cook spaghetti 😀😂.

To add a single line takes minutes, because when you do something else breaks, and you'll keep fixing what breaks when you tried fixing what breaks when you try fixing what..... endless loop of bug-fix cycle.

Now they blame it on me.

They won't understand if they don't get someone new, my reputation will fix itself through that..

My first opinion after sighting the codes was, "re-write the whole project using better patterns and architecture", the reply as you can guess, we'll do that later.

I couldn't even upgrade the server to use even PHP 7.1 because the framework breaks, the guy has editted a lot from the vendors files. Don't ever try composer updates.

Two word to describes the situation. "It sucks".

The previous developer needs to be shot, literally.

Putty remote executuon vulnerability(no patch yet)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to unspecified input validation error when processing data, received from SSH server. A remote attacker can trick the victim to connect to a specially crafted SSH server and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

I got cut from a contracting job yesterday I have 3 weeks left in the contract. They said I worked well with the team, had a great work ethic but didn't think I had strong enough tech skills. In the past this would have hurt my feelings and it does a little but I think my tech skills are fairly high. There were three devs working on 66 apps with no tests, some source control but most of the code in source control was older than code deployed in prod, no automatic builds, people would wait a week before checking in code, others would check in code that would not build. Today the boss asked if I had messed with app pools on the prod iIs server because something was wrong. I said no because never remote into the server. Anyway it is the end of the world and I feel fine.

My friend: I built a 3D printer and coded it to self calibrate at startup and connect to my encrypted remote server through VPN to securely retrieve Cad files I constructed and start itself printing when everything is ready or alert if theres an issue

Me: aren't you less than a year older than me?

This was when we were underclassmen in college a few years ago 😂 turns out the dudes just a savant

Remote server software installation support is great!
You can watch them trying to understand where what is on the file system, they repeatedly switch between windows without doing something on either of them and they set your IE browser policy to allow all kinds of domains & sites which are preventing them from downloading their software.
Todays guy did not know how to transfer a file between the local machine and one in remotedesktop. 😄

(If you do support like this, then don't get me wrong, I'm not making fun of you personally, it is just funny to watch if you have to actually sit there and wait for the support to finish.) 😉

I'll just start off with how I really feel. Fuck big corporations with their career robots and retarded practices!
Now for a story. So I work remotely for most of the time nowadays, since my company has as clients big corporations. Used to be embedded with said clients, but it became kind of painful to work with them all so I asked to be reassigned to a remote position.
Now for the retarded part: The fucking Klingons I'm working with have two tiers to their VPN, but won't let me have the full version because it would be too fucking expensive. I checked and it's fucking 50 bucks per year difference.
So for that the Klingons are making me code through a remote connection that has a "best effort" priority.
Fuck.
Anyway after 3 weeks of writing code at a 400-600ms latency I finally snap.
I try to use a proxy and it. I write one myself, gets balcklisted in 2 days.
After about another week of writing code through a fuck straw I start working on node socket with 2 clients and a server that encrypts the send data, and syncs 2 folders between my workstation and the remote one.
It's been a month now and it is still working. It's not perfect, but I can at least write code without lag.

Question for you peeps: What shenanigans have you pulled to bypass shit like this?

I feel ridiculous. While learning SQL databases I ran a query that was supposed to fill up the database with test data for me to play with. The actual result?

8 GB and 330,000+ rows.

Keep in mind this database is on a remote server, so trying to delete it times out after thirty minutes. I’m submitting a ticket right now.

TL;DR Dear boss, firstly, you always get someone to review anything important done by a fucking intern.
Secondly, you do not give access to your fucking client's production server to an intern.
Thirdly, you don't ask your fucking intern to test the intern's work that has not been reviewed by anyone directly on your client's fucking production server.

Last week, the boss and one of the lead devs (the only guy with some serious knowledge about systems and networking) decided to give me (an intern who barely has any work experience) the task of fixing or finding an alternate solution to allowing their support team access to their client machines. Currently they used a reverse SSH tunnel and an intermediary VH but for some reason, that was very unreliable in terms of availability. I suggested using OpenVPN and explained how it would work. Seemed to be a far better idea and they accepted. After several days of working through documentations and guides and everything, I figured out how OpenVPN works and managed to deploy a TEST server and successfully test remote access using two VMs. On seeing my tests, the boss told me that he wanted to test it on the client network. I agreed. Today he comes to me and he tells me to prepare testing for tomorrow and that the client technician is going to give me access to one of their boxes. And then he adds, "It's a working prod server. We'll see if we can make it work on that" and left. I gaped at him for a while and asked another dev guy in the room if what I heard was right. He confirmed. Turns out, the lead dev and the boss's son (who also works here) had had a huge argument since morning on the same issue and finally the dev guy had washed it off his hands and declared that if anything goes wrong from testing it on production, it's entirely the boss's own fault. That's when the boss stepped in and approached me. I ran back to his office and began to explain why prod servers don't top the list of things you can fuck around with. But he simply silenced me saying, "What can go wrong?" and added, "You shouldn't stay still. You should keep moving". Okay, like firstly what the fuck and secondly, what the fuck?.
Even though OpenVPN client is not the scariest thing to install, tomorrow's going to be fun.

!rant

Need some opinions. Joined a new company recently (yippee!!!). Just getting to grips with everything at the minute. I'm working on mobile and I will be setting up a new team to take over a project from a remote team. Looking at their iOS and Android code and they are using RxSwift and RxJava in them.

Don't know a whole lot about the Android space yet, but on iOS I did look into Reactive Cocoa at one point, and really didn't like it. Does anyone here use Rx, or have an opinion about them, good or bad? I can learn them myself, i'm not looking for help with that, i'm more interested in opinions on the tools themselves.

My initial view (with a lack of experience in the area):

- I'm not a huge fan of frameworks like this that attempt to change the entire flow or structure of a language / platform. I like using third party libraries, but to me, its excessive to include something like this rather than just learning the in's / out's of the platform. I think the reactive approach has its use cases and i'm not knocking the it all together. I just feel like this is a little bit of forcing a square peg into a round hole. Swift wasn't designed to work like that and a big layer will need to be added in, in order to change it. I would want to see tremendous gains in order to justify it, and frankly I don't see it compared to other approaches.

- I do like the MVVM approach included with it, but i've easily managed to do similar with a handful of protocols that didn't require a new architecture and approach.

- Not sure if this is an RxSwift thing, or just how its implemented here. But all ViewControllers need to be created by using a coordinator first. This really bugs me because it means changing everything again. When I first opened this app, login was being skipped, trying to add it back in by selecting the default storyboard gave me "unwrapping a nil optional" errors, which took a little while to figure out what was going on. This, to me, again is changing too much in the platform that even the basic launching of a screen now needs to be changed. It will be confusing while trying to build a new team who may or may not know the tech.

- I'm concerned about hiring new staff and having to make sure that they know this, can learn it or are even happy to do so.

- I'm concerned about having a decrease in the community size to debug issues. Had horrible experiences with this in the past with hybrid tech.

- I'm concerned with bugs being introduced or patterns being changed in the tool itself. Because it changes and touches everything, it will be a nightmare to rip it out or use something else and we'll be stuck with the issue. This seems to have happened with ReactiveCocoa where they made a change to their approach that seems to have caused a divide in the community, with people splitting off into other tech.

- In this app we have base Swift, with RxSwift and RxCocoa on top, with AlamoFire on top of that, with Moya on that and RxMoya on top again. This to me is too much when only looking at basic screens and networking. I would be concerned that moving to something more complex that we might end up with a tonne of dependencies.

- There seems to be issues with the server (nothing to do with RxSwift) but the errors seem to be getting caught by RxSwift and turned into very vague and difficult to debug console logs. "RxSwift.RxError error 4" is not great. Now again this could be a "way its being used" issue as oppose to an issue with RxSwift itself. But again were back to a big middle layer sitting between me and what I want to access. I've already had issues with login seeming to have 2 states, success or wrong password, meaning its not telling the user whats actually wrong. Now i'm not sure if this is bad dev or bad tools, but I get a sense RxSwift is contributing to it in some fashion, at least in this specific use of it.

I'll leave it there for now, any opinions or advice would be appreciated.

Today I attended a teamviewer meeting. The host were using a Mac, running VirtualBox with Windows 7 which was connected to a Windows 8 machine through Remote Desktop (rdp) with a putty session to the server we were configuring.

Not mine, but a colleague puts a script in production which has to sent an email every time a config changes, but in reality sent an email every time the file was accessed. The system sent a good amount of email in a couple of minutes, the remote SMTP bounced them but the connections on port 25 was dropped by the server, the production firewall hits the maximum number of allowed connections... a lot of shit!

Accidentally dragged-n-dropped a very important folder into some other folder because of some hiccup when hovering in an Explorer window using remote desktop against our production server. Then left for home. Gotta love GUIs...

Ok, first rant, about my struggles getting reliable internet over the past 6 years. It's not too interesting of a topic, but here we go:

I'm living in a more rural part of Germany and internet here is shit. I pay more than 50 bucks a month for 700kb/s downstream (let's just not talk about upstream...), which is meh by itself but it gets worse. Before this I had roughly 230kb/s downstream using DSL. My provider came out with a new oh-so-fucking-fancy solution for giving people faster internet without upgrading their lame ass fucking backbone and POS infrastructure from 70 years ago: they sell you hybrid internet which combines your shit DSL and an LTE connection using TCP Multicast. Not only do I get only 6 of my promised (and payed for) 50 Mbit, no, It's also a fucking piece of nonworking shit!!!

Let me illustrate:
You constantly have problems with web content (or any remote content) not loading because the host server does not support TCP Multicast. It either refuses connection altogether or it takes about 30-50 seconds to establish a connection. Think about your live when it takes two or three fucking minutes to load 5 YouTube thumbnails or load new tweets at the bottom of the Twitter page! Also, you never know if you a) have an error in your implementation of a new API or if b) the remote host doesn't support TCPMC (there's never an error for that! Fuck you!), your SSH sessions ALWAYS drop in the most inopportune fucking moments because the LTE thing lost connection, you always have to turn on a VPN if you want to visit specific websites (for example your school's website) and so on....

Oh and also, my provider started throttling specific services again these days with Netflix and YouTube struggling to display 240p, fucking 240p video without buffering when I get 600kbit down on steam (ofc the steam download is paused when watching videos). When using a VPN, YouTube 720p and Netflix HD work like a charm again. Fucking Telekom bastards

Then there is the problem with VPNs. The good thing about them is that they solve all the TCP Multicast problems. Yay. Now for the bad things:
First of all, as soon as I use a VPN, access times to remote go up by like fucking 500%. A fucking DNS lookup takes 8-15 seconds!!! The bandwidth is there but it takes forever.. because reasons I guess. Then the speed drops to DSL speeds after a while because the router turns off my LTE connection when it is unused and it does not detect VPN traffic as traffic (again because... Reasons?) And also, the VPN just dies after an hour and you have to manually reconnect (with every VPN provider so far)

And as if that wasn't enough, now the lan is dying on me, too, with the router (the fucking expensive hybrid piece of shit, 230 bucks..) not providing DHCP service anymore or completely refusing all wifi connections or randomly dropping 5Ghz devices, or.....

You get the point.

The worst thing is, they recently layed down 400mbit fiber in my neighborhood. Guess where the FUCKING PIECE OF SHIT CABLE ENDS??? YEAH, RIGHT IN FRONT OF MY NEIGHBORS HOUSE. STREET NUMBER 19 IS SERVED WITH 400MBIT AND MY HOME, THE 20, IS NOT IN THEIR FUCKING SERVICE REGION. Even though there is a fucking cable with the cable companies name on it on my property, even leading up to my house! They still refuse to acknowledge it! FUCK YOU!!!!

Well anyways thanks for reading. Any of you got the same problems? :/

Coding has brought me into new communities and is the reason I have some new friends. I have to say, the best part is knowing how things work. I love knowing how this rant is sent to a remote devRant server thru a socket. How my rant gets divided up into an array of characters, each just a string of 0’s and 1’s. How my rant is stored in a database. How the devRant server connects everyone, and how everyone can (if they have to) use a VPN if it’s blocked, etc. And of course, how it’s all done securely. It’s great having that confidence going into the future knowing that you’ll be relevant and you have technological security. I love talking with people and explaining how things work. How when people say “stop acting so smart, you don’t know anything about X,” which to I reply “do you know how many fucking Xs I made.” Coding is great.

I found a great app on iOS that allowed me to clone my Git repo, make commits, change branches, it had everything! I made a small commit and went to push to the remote server, but then it told me that I had to purchase premium to be able to push to remote. I was kind of upset, but I went to check the price of premium, in case it was a few cents. Nope, $25 just to be able to push commits. Seriously? If I was at my computer I’d be able to do this for free.

Today, in the course of my job, I said...

FFS. I HATE WINDOWS.

It has begun.

Took me five minutes to ssh into the Linux EC2 and get the Jenkins agent installed, configured, and running. Half a fucking hour for Windows Server 2012.

1) Can't ssh to it, so I connect via AWS console... Which means I have to install MS Remote Desktop. WHATEVER. FINE. It's not like ssh is quick and easy or anything.

2) Can't just use the command line, run the .jar &, cntl-z, and bg then log off. Noooo. I have to install the unpacked binaries as a fucking SERVICE. FINE. WHATEVER.

I'm so glad we have a Windows guy that does most of this shit. I can't stand it.

Today it finally happened. I had a „virus“. I wanted to get KMPico for a buddy of mine since he is to lazy to crack it and installs windows after 2 months again.

Today I woke up to an cheap ass miner I caught by accident. All he fucking did was suspend the task when taskmanager is open. It ran as normal user under the process named „kernel.exe“, no cpu priority/affinity, no elevated startup service, all files in one place (under roaming) and worst of all… he kept an remote connection TO HIS FUKKEN PC open, he even is to cheap to get a root server ffs

So I'm working our remote build/testing server, and all of a sudden my computer just turns off. No crash message, no error, just turned off. My co-worker tries to help troubleshoot the problem.

Nothing.

I take the computer downstairs to the hardware department. They plug it in and it starts no problems.

After it finishes updating, I take it back upstairs and plug it back in.

Nothing.

I suggest that it is the power cable, and my co-worker looks under his desk. Turns out he had kicked the switch on the surge protector. 😑

So this happened a few days ago.

Me: (chilling like a mo'fucka then suddenly an email alert)

*Opens email and realises it's from a recruiter*

Recruiter: We are a venture-based startup out of LA, funded by a top VC. We have developed the first turnkey Serverless Swift platform for app development.

We are looking at expanding our team and we have a few different openings for remote and contract work.

Simply reply to this email with your resume attached.

Me: Thanks for reaching out and presenting me with this opportunity.

I plan on going back to school this January and for that reason I humbly have to bow out.

I will surely keep an eye out for {company_name}. The idea is rather interesting I should say.

*I go back to chilling like a mo'fucka*

*The next day I'm at work, I get an email from the same recruiter again*

Recruiter: Thank you for submitting your resume.

We are expanding our team and are looking for Swift rockstars to join the movement of bringing server-side Swift to the masses.

We were impressed by your resume and wanted to get to know you better. This survey is the first step in that process.

Please take a moment and complete. It should not take longer than 10 minutes.

Me: ...........................
*Calmly walks away from my desk to the bathroom*

WHAT FUCKING RESUME HAVE I SUBMITTED TO YOU? BITCH, MY EMAIL EXPLICITLY SAID: THANKS BUT NO THANKS...

You can't just force an applicant

I've every been a Arch Linux fag. It's my main OS from 5 years. With a small parenthesis of two months of FreeBSD recently, I've used before Arch Kubuntu, Ubuntu, Fedora KDE, OpenSolaris (randomly), CentOs, plus a lot of others distro for tests.
But I've never tested Debian!
So I've installed it on my small server.

Oh... My... God.... It's fantastic. PACMAN >>> apt, but damn it's really stable and out of the box even if minimal. A very surprise. I think it can be my favorite remote Linux for a long time....

But a question rises. Why with a father like Debian... Ubuntu after the 11.04 is such a shame? The last I've tested is the 12.04 I think, but I've hated it, and I hate it even now. (Crash, driver not found, apt problem, very heavy repos and my internet sucks, UNITY, etc...)

Ubuntu, what happened to you ...? With Kubuntu 8 you were such a good guy...

Looks like copying large file e.g. 1GB from Remote Desktop Connection will also affect SQL Server performance and somehow slowing down the SQL transaction 100000x times

What a new thing to experience😆

The worst interview, I'll say the worst questions I ever being asked by stupid interviewer is "Where is your remote server located?", well I said "are your kidding me???" 😂 😂 😂

Old story, happened some way back. I worked part-time for a small web development company that did between other things something called SharePoint development, basically .net webforms with shit glitter on top of it.

The most weird part of it, was the fact that we were working on vms that hosted the app, it was our dev, test and staging environment, as well as were we showed the client the polished turd.

Did I say that it was on a vm? Well it was on a remote vm, that each of use had access to it, through our domain accounts, and they couldn't configure the windows server to accept more than two or three users at once to be connected.

That was our test enviroment and dev enviroment, sooo showing the app to the client meant for the rest of us to not write any code because it might crash or get stuck.

The app was accessible and discoverable by url and through google search from outside, I dont think that should have been allowed.

The most disastrous part was that we had NO source versioning whatsoever, just plain old copy and paste in different folders.
Deploying to client meant remoting to the clients host or whatever it was, and manually copying the source files

If someone wanted to debug the application you had to shout, and you also could hear it, in the office: "I'm debugging!" or "I'm deploying!". Because we were on the same machine, there was only one process with the server and it meant that if you debug or deployed it would block it for the others.

Should I talk about code quality? Maybe not.

There was this time I had to help a friend of a friend. He was like "Hey, can you help me with some server stuff."

"Sure!"

(*Proceeds to give me a remote desktop connection to a windows server with a Ubuntu VM*)

.... Err.....

One of the constants in my live is that I cannot type in dreams, no touchpad or keyboard will ever output more than three coherent logically keys before it turns into gibberish. Other interaction works, but no input for computers or phones.

Today I dreamed of assisting a guy to shutdown the Linux Server I set up, via remote. The dream totally derailed and was a bit boring. My dream characters realized that something is up and used a different keyboard. No dice. Visually it looked like Thai or so without the appropriate fonts.

Sometimes I am really wondering what my dream director is thinking.

I'm notoriously bad at Git. By that I mean I REALLY REALLY SUCK AT IT. And I have the curse of short memory and an even shorter ability to retain the how-to, muscle memory knowledge of things if too much time passes.

So, I was staring down the gullet of merging two separate repositories onto my local machine and then pushing the result to a remote server. Not having the benefit of someone else to bounce this off of, and always finding the usual Git docs too dense and obtuse, I turned to ChatGPT to help me sort it out.

Guys, where has this been all of my life? I know it's not perfect and it can make mistakes. I knew that going into it, so I made preparations in case this failed. BUT. IT. WORKED! I feel like it has put me into the Star Trek:TNG universe where I can say "Computer, do the thing." and it does that thing. Here's the prompt I used and which it answered perfectly.

"Play the role of a git coach. I have two git repositories. One is on Bitbucket. The other is on GitHub. The branch named "master" on Bitbucket has the latest code. The branch named "master" on GitHub needs to be updated to what's on the Bitbucket "master" branch. Please write the series of git commands that I will need to accomplish this."

[rant]

From the bottom of my heart I swear the thing that frustrates me the most in this industry is over complicating simple things. Making simple ideas overly convoluted makes me cry.

I mean why have a dedicated Windows server, that you login to via Windows Remote desktop, just to edit a Word document in a bespoke program that is running running Microsoft Word inside it anyway. Why not just just Word? Why spend a year developing such a system for a problem that simply doesn'y exist.

I asked what benefit this has over me just editing a Word file myself on my laptop. In short, their answer was none.

The other apparent benefit to the system was the ability to jump to specific parts of the document. Well after showing them how to do a table of contents, they saw no need for their existing system.

I'm amazed sometimes how simple ides get discussed to death, unnecessary mammoth systems get built, that ultimately solve a problem that does not exist.

[/rant]

So I'm trying out docker and see how I can make use of it, current setup:
1. Ubuntu on VM and Mac for Asp.Net core development
2. Windiws for MS only stuff like SQL Server
3. Ubuntu Server on VM and is running docker images: MS image for SQL and Ms image for dinner core.

What I did so far one script which will handle updating SQL Server database on windows with the changes done on docker SQL image
Then publish website from Mac or Ubuntu to docker image. I have yet to find a way to execute scripts remotely on a docker image using bash script from a remote

What should I do next? And for home setup go for Ubuntu server or CentOS? Any recommended packages for server administration? Workflow ..etc.?

Oh my damn god,
I just found the remote-server plugin for vsCode and holy fuck balls, it's the one thing I've wanted from vsCode since ever.

When you dev in VMs and are forever working with remote code using SFTP and git on a remote servers, it's a pain in the ass.
But this, god damn this solves all of that, and with connection specific plugins, I think I just came.

I had a small .NET PoC project I wanted to upload to our git server. So added the project to version control using Visual Studio, meaning that VS created a local repository for it. Then I wanted to push it to the remote repository which were created by my colleague. This one was initialized with a commit (.gitignore and Readme.md), so I couldn't push directly. Googled a bit, OK then tried to fetch the remote repo, didn't help. Googled again, tried some "git push origin master whatever" stuff and then rebate, because nothing seemed to help.
OOPS where are my local files? WTF? 😣

Long story short: Experience in other version control systems is not enough or even dangerous when switching over to git. 😂

*Dev is non-native english speaker

Dev: we need the VPN ip.
Me: the server ip or the connected device ip.
Dev: the server.
Me: gets the ip.
Dev: this doesn't work, is this the VPN ip ?
Me: Gives the device ip. Works.
Dev: OK. Works now.

Could have just asked for the client IP in the first place but s/he didn't know how to.

I have been trying to freelance for people who don't speak english as a first language and getting the Requirements is the hardest part of the job. 😫 .

P.S. Suggestions needed from remote freelancers. What's your workflow like.

God damnit!!

Just got a team assigned for the course I follow and the codebase they work looks like someone shit on the floor and dragged it all over place. No consistency, no clear structure.

The project has to be built in PHP (which is fine by the way) following the principles of MVC. Did I say the codebase looks like shit all over the place? Well that's exactly what it is!!

They use $_SERVER['DOCUMENT_ROOT'] everywhere!! In every fucking file!! Why the FUCK would someone possibly want to do that??

I know I'm not perfect, but what the fuck!!

Now comes the most weird thing. They have to work on a remote server without SSH access, so working with FTP is mandatory. This is because the school won't setup ssh. That's fine by me, but because of that they don't use git!! They upload files directly to the production server. They merge everything manually. I asked why they didn't use git and the answer was so fucking SHIT!! "Because the teacher wants to see who uploaded to the server.."

First off all: what happened to git blame? Second: Later I heard that there is only one FTP account, so all the things they said where just bullshit!!

The fuck.

Tomorrow I'm going to try and convince them to use git..

From now on I am administrating multiple servers in our company and monitoring is one thing our infrastucture lacks...almost completely. At least, useful monitoring.
Installing netdata or Grafana and integrate it with chat is definitely a solution, but what happens if the whole server just shuts down (very stupid scenario I know)? Well, it is easy, there will be no alert about the failure.
So, that's where I was wondering if there is a tool or even better plugin for netdata or Grafana, that enables remote monitoring from another server? I surely can write a simple script to check the server availability but having the whole monitoring tool on a single server instead of 5+ would be also easier to maintain and setup.

Today I have created a server application on Python Tornado which can forward TCP Packets directly to HTTP request queue without any intermediate caching.

Our remote IOT devices (microcontrollers with sensors attached) send sensor reading over TCP Socket to our server and all the connected web applications can show the data instantly using long polling and the above mentioned technique.

A new subsea internet cable between the country I'm in and where my server is, went live a few weeks ago

The rsync from local PC -> remote server went up from avg 500kb/s to 4mb/s

the subsea cable website says they're aiming Nov/Dec launch so it's probably in semi-live stage rn but still cool 🫡

I had a nightmare this morning in which I had been working on a project for months without pushing my commits to the remote server. Then the office suddenly burned down and I had to tell my boss that months of work was lost because I was too lazy to push. He was sooo mad. 😬

once I have to code in a public train station’s restroom just because I have no place to sit and floor is not comfortable enough because people keep walking by distracting me,
So I cover the lid, pull my laptop out, use my phones hotspot connect to remote server to fix the problem.
The smell is not good.

Because of a ridiculous strict server environment (where even PHP was not allowed) he proposed that I could connect over Skype to do my stuff in typo3, which than could be exported to plain html to run on their server.
SSH or even remote desktop would be to insecure.

Today I had to spend the whole day fixing a stupid bug in a legacy application in a completely different tech stack than I'm used to...

At my company we have an Internet application running where we can upload a word document and using some mailmerge variables magic, can set those vars and receive the personalised word doc back...

Now this is great, when it's working, and is used in various projects we have up and running... Suddenly the application decides to crap out for no apparent reason and guess who drew the short straw....

Anyhow I ask our sys admin for the password to the server, I remote desktop to it, turns out its a fucking Windows 2008 server...

But wait it gets better, the application, a shoddy mess of c# code, is not under any sort of version control, has to be developed on that same server and to top it all of, I have to follow some obscure barely documented deployment precedure to get my changes live....

So after a lot of cursing on the dev (not working at the company any more) who did the original setup, and hours of painstakingly piecing together how it works and what went wrong and how to fix it, I finally managed to get it working....

After this rant, I'm mailing my technical lead about this in the hopes we can get someone to do it right (yes, I'm that naive)

There is no joy in life

So I finally managed to set up networking on my 3D printer's raspberry pi: now it can connect to my phone's hotspot or to my uni's wifi network, depending on which is available.

Then I set up OpenVPN, using a remote server as a middleman so I can connect to the printer remotely and start/stop/monitor prints from anywhere.

Everything works great, except for one thing: whenever the Pi connects to the uni's network first, OpenVPN fails to start and connect to my server, rendering the printer unavailable (unless I use an ethernet cable, but that's not a viable operation since I need to lift the printer, and it's heavy).
The only for it to work as intended is to either:
a) keep my hotspot active (which kinda defeats the point), or
b) let it connect to my hotspot first (so that OpenVPN can start properly) and then turn off the hotspot, allowing the printer to reconnect to the uni's wifi and reconnect to my vpn.

Why won't things just work the way they're supposed to? 😭

Attaching network card to a remote server is like cutting a branch sitting on it, If you are on the wrong side you will have a great fall :D

Does anyone else here use PuTTY to SSH into a linux server and then create a tunnel into a Windows PC on that local network for remote desktop to pass through.

Fucking remote db doesn't want to work with me and workbench. DB is on an empty test server, no firewall issues on the network, powershell on my pc says ping ok, tcp failing though, server firewall not running, server up and running.
Tried to modify network access on db configs like bind-adress, set my db user "host" value to wildcard. Now I can log in on workbench with my user, yet root somehow fails, wtf?
And of course once the connection is live, no db us visible, accessible, nothing works. I'm so frustrated. About to nuke it and restart ... again!

My laptop was at 500% of course usage and ram... Wtf...

Had to stay till 1am because I was debugging a microservice system with 15 services, 3 databases and a full mail server. Freaking integration tests took all night to build and run. Don't have a remote server to run this on because the guy is sick. Arghhhhhh

I have to do a transfer of about 2 GB of data from one remote server to another. Any suggestions?

My idea was to do multiple curl requests while compressing the data using gzcompress.

Preliminary testing shows that won't work. Now I'm considering putting the data in a file on our S3 bucket for the other server to obtain.

How many of you use FTP everyday to work?

Well today the whole GoDaddy FTP server for EVERY website I manage was off.

Had to work through the webpage editor (a notepad provided by godaddy/cpanel), it kinda works, but I can't even use ctrl+s to save since it's in the browser :/

I'm feeling burnt due to the lack of direction at my job instead of overwork.
I'm working as a data scientist at a large corporation and have been remote for a little over a year. I'm very savvy at programming and other technical skills but my manager wants me to develop my leadership skills and want me to move to a management role eventually. So he's been kinda "grooming" me to take on more leadership responsibility in the projects I'm currently involved in.

However, to be honest, I'm a little torn about getting more management or leadership responsibilities. I'm an extreme introvert and absolutely abhor meetings and having the same thing to people all the time and this sort of things stresses me out very easily. My manager seems set on pushing me towards pursuing a path towards leadership and just basically assumed that this is what I want out of my career and started putting me in the deep end without asking me what I want.

I really want to voice my honest thoughts about what I really want to do in my career (to be a technical specialist rather than a manager) but I've kinda procrastinated over the past year when he first started "grooming" me for a leadership role and it's my bad that I didn't tell him earlier.

Right now, I'm thrown in the deep end. I'm given a lot of projects without much of any direction and I'm asked to figure out the people I need to reach out to, the types of meetings I need to set with them, the relationships I need to develop both in and out of my department, etc. However, my real passions lie in writing code, fixing bugs, building models, understanding new technologies and applying them to the business, etc.

On paper, I'm involved in a ton of projects and I seem to be a really busy worker. But right now, I'm having a lot of difficulty reaching out and developing relationships with people that I barely have any actual work to do during the day, because I'm constantly waiting for replies from people or for permission or red tape to get some key information or access to a system in order for me to build something like a model or a program for a particular project. I'm spending maybe 1 or 2 hours of my workday actually "working" which is attending meetings, reading emails, etc., reaching out to someone for the n-th time (even though they continue to ignore me), etc. And that's because I'm blocked on all of my projects - I need an essential piece of information, data, or access to a system or server and the person I'm reaching out to to get this isn't responding. I brought this up with my manager and he says he's gonna try to reach out to these people to help me but so far, it doesn't seem like his help has been effective as I'm continuing to wait.

Though I get paid pretty well, I feel guilty logging in to work everyday and doing very little work, not because I'm lazy but because there really isn't much work for me to do because I'm waiting on so much here and I'm at a point where I can't make any progress in any of my projects without the approvals or other critical information that others aren't providing me.

I know I probably should find another job and I'm currently looking but in the meantime, is there anything else that I should be doing at my current job to hopefully make this situation better?

I got contacted by an other company and I am so unsure whether to accept their offer or stay at my current job.

For now I spend 2 years at my current company. The culture is great and everyone gets treated very well.
The bad part is, that it is located in a part of Germany I really can't stand and to this day fully remote is not an option.

Additionally lots of stuff is really frustrating in my daily work, e.g. colleagues that experiment with critical parts if our infrastructure, resulting in every developer who made the mistake to update the local development stack being unable to work for half a day or so.

This and the fact, that our techstack sucks hard. (mostly bad php for backend and server-rendered HTML and a weird mix of Typescript, Javascript, Vue and some old bits of deprecated angular for frontend). This company has it's own product (a web platform) and no real deadlines in the sense of "something bad happens, when your team won't achieve the project in the originally proposed time"

Company number two seems to work with a wide variety of technologies for very different projects (it's a consulting compan), would pay me ~28% more than my currently raised pay and allows for full remote.

When I try to look objectively on the facts everything points to accepting their offer, but on the other hand there is this weird feeling of this being a joice that would come to soon...

How do you make such decisions? I already talked to a great colleague of mine, who thinks it might not be a bad idea to stay at the company for an additional year or 2, because I haven't yet reached the point where there is not enough to learn here anymore, which I agree on, but this company seems to offer everything I want.

I feel overwhelmed with this situation :D that's why I would like to know how you people try to tackle such a situation

Ever forgot the root password of your remote server, my manager did. Now we can't run our applications because they need root/administrative privilege. 😂

Had a client whom was using the staging system on my server as cdn, remote computing, etc... because his prod server was a cheap vhost while the vm was a beast compared to it. I shut it down without telling. I just got a call that his site is now slow a f and full of errors.

I kindly told him that there was a recent security breach called dirty cow. Then I told him that I shut the vm down because it would mean security risk for him since there are no patches available yet and only Power on again with there was work for me to do.

If you want resources pay for them

ive never been so stoked on a hello world before.
reverse proxy to a remote server parsing php.

I have this little problem,

there is no constant electricity In the country where I live, in fact for the past 4 days there was not a single blink.

I enable auto save on my vs code to save me from tears,

now I have a file server with backup batteries and since it's a laptop mobo that was converted to a server, hooking up the battery was a no brainer.

I just saved copies of my files on it and if I edited any of them I'll just overwrite the file. this was only possible if I did this before the power goes out or else I am stuck again.

I decided to try vs code extensions that will save me from all that copy and paste work.

tried ssh, unsupported architecture error, didn't care I just needed ftp or sftp

I tried the simple ftp/sftp extension. worked pretty well. allowed me to connect to the server and add the remote directory to my workspace and with autosave the changes are uploaded immediately which means once power is out I can continue on my mobile phone(I have some android text editors that support ftp).

little problem. I discovered some things just don't work. even if I opened the whole directory, the contents will not be loaded unless I open them up like stylesheets and images and whatnot.

imagine having to open every single damn file before it appears on the browser, very annoying.

I need a solution, I have really tried.

Why are remote services so shitty?

I mean: have you ever tried to upload an app to AppStore?

My current issue is with GoDaddy, EVERY other FTP server works so damn well, GoDaddy randomly decides to knock everyone off for like 15-20 minutes, EVERY FUCKING DAY

>finally gets around to installing vsftpd on home server RPi
>doesn't work
hmm.mp2
>configurating
>confusing as fuck template documentation
>man page isn't much better
>gets it working
>goes to log in
User: pi
Password: a
(What? It's a home file/command server isolated from the Internet. Sue me.)
nope.avi
>why
>tries again
nope.svg
>FUCK
>sees small raw-command log in bottom-right of phone FTP client
hmm.flac
>tries again, watches log
PASS *****
>the fuck
>goes to change user pass over SSH
# passwd
"Current password?"
about half a second later
"passwd: auth token manipulation denied"
>the delay tho
>WAIT A SECOND
one time i got past some parental software bullshit on a tablet by abusing the delay between opening a banned app and the redirect to the normal software at like age 7. (Doing so let me enable remote wipe through Google. bye bye software!)
>*inner 7 year old has autistic screech*
# nano temp
a
abcdefghi
abcdefghi
^O Y ^X
# passwd < temp
>fucking works
>logs in to FTP server successfully
>does the one file download that was needed

why and how did that fucking work

Finally decided to get myself some remote server on DO, faffing around and setting things up, and suddenly I decide to look at my access logs, someone was trying to figure out how to connect to mysql, phpMyAdmin and what's not... Too bad for him I won't have any of those installed until I know how to properly secure all this :)

Heh... Welcome to the real world I guess?

Does anyone know if it's possible to install a VM (Linux or Windows) on a Linux Server without GUI and then connect to the aforementioned VM via Remote Desktop? If yes, has anyone done it before?

So, today I was very happy with my new chromecast. I can hold a button on remote and tell him what to search on youtube. But it's impossible to let it search forward tsoding. It just doesn't understand. So, very confident I spelled tsoding and expected it to understand correctly. No! From all freaking miles we made to AI, it can't fucking understand spelling? How hard could that be. So now, I still often have to use my phone. Big downer.

Also: you never know if it will answer a question you made or if it'll search for videos. Seems very random.

I should be able to add things to Callender by just speaking to it but it says that it doesn't have permissions and can't find them nowhere.

Besides that, this new one is usable as network drive of 4Gb. Good source file backup network drive. I already try to contribute to the webdav server on it. The implementation is a bit sad and I already wrote a whole full featured webdav server myself. Also offered Dutch translation.

Why redis, why?! You run "redis-cli -h <host>" and it looks like either it cannot connect to <host> or the redis-cli is frozen.

What was the fix? Adding "--tls" to the call. Why can't you just say "You are starting a non-tls connection to a remote but the remote wants to talk TLS"? Or give any other indication that you did reach the server but did not understand what it said and hint for TLS? I was hunting non-existent connectivity issues for hours just because there wasn't a good error message...

git push # via a slow network

> ssh: connect to host github.com port 22:
> Connection timed out
> fatal: Could not read from remote repository.
>
> Please make sure you have the correct access rights
> and the repository exists.

yes, if I have to wait for your server to time out, I can waste more time checking my permissions and that the repo still exists - as if ...

So i'm trying to upload a file to an SSH server using node. First I try the obvious putFile method provided by the obvious node-ssh package. On any other server this would work fine but this server doesn't have sftp installed so that doesn't work.

OK, so next I learn how scp works (it runs the command "scp -t" on the remote server, and sends to stdin a command like "C0666 1234 file.txt" and then sends the contents of the file) and I write some javascript code to do this. It's pretty finicky, the first few tries I forget to close the stream right or detect the program finishing. I add some logging and that helps me figure out what the problem is, and finally I get it to not output any errors.

So I log into the server and check and the file isn't there. I try again several times, file still isn't there. I try running scp -t manually on the server, typing in exactly what my program is sending, and it works. This goes on for a while until I realize that I've been sending a file to one server and logging into a different server to check if the file was sent. grrr

I logged in a Remote Server, where Bi-Directional was disabled.Didn't allowed copy-paste and needed to upload a new Web app release.
Hack: just inserted usb flash drive in my computer and remote server recognised that as external.
Deployment completed! 

I've been programming for 15 years now or more if I count my years I programmed as a hobby. I'm mostly self learned. I'm working in an environment of a few developers and at least the same amount of other people (managers, sales, etc). We are creating Magento stores for middle sized businesses. The dev team is pretty good, I think.

But I'm struggling with management a lot. They are deciding on issues without asking us or even if I was asked about something and the answer was not what they expect, they ask the next developer below me. They do this all the way to Junior. A small example would be "lets create a testing site outside of deployment process on the server". Now if I do this, that site will never be updated and pose a security risk on the server for eternity because they would forget about it in a week. Adding it to our deployment process would take the same time and the testing site would benefit from security patches, quick deployment without logging in to the server, etc. Then the manager just disappears after hearing this from me. On slack, I get a question in 30 minutes from a remote developer about how to create an SSH user for a new site outside of deployment. I tell him the same. Then the junior gets called upstairs and ending up doing the job: no deployment, just plain SSH (SFTP) and manually creating the database. I end up doing it but He is "learning" how to do it.

An other example would be a day I was asked what is my opinion about Wordpress. We don't have any experience with Wordpress, I worked with Drupal before and when I look at a Wordpress codebase, I'm getting brain damage. They said Ok. The next day, comes the announcement that the boss decided to use Wordpress for our new agency website. For his own health and safety, I took the day off. At the end, the manager ended up hiring an indian developer who did a moderately fair job. No HiDPI sprites, no fancy SASS, just plain old CSS and a simple template. Lightyears worse than the site it was about to replace. But it did replace the old site, so now I have to look at it and identify myself part of the team. Best thing? We are now offering Wordpress development.

An other example is "lets do a quick order grid". This meant to be a table where the customer can enter SKU and quantity and they can theoretically order faster if they know the SKU already. It's a B2B solution. No one uses it. We have it for 2 sites now and in analytics, we have 5 page hits within 3 years on a site that's receiving 1000 users daily... Mostly our testing and the client looked at it. And no orders. I mean none, 0. I presented a well formatted study with screenshots from Analytics when I saw a proposal to a client to do this again. Guess what happened? Someone else from the team got the job to implement it. Happy client? No. They are questioning why no one is using it.

What would you do as a senior developer?

- Just serve notice and quit
- Try to talk to the boss (I don't see how it would work)
- Just don't give a shit

Remote into a machine in order to remote into a machine to setup wordpress site on an IIS server using wamp behind nginx. That was my day, as the FE dev who never built the WP site and knows diddly squat all about setting up servers.

Four nested tmux sessions:
My mac: ctrl+L
Remote: ctrl+G
Cluster: crtl+B
Server: ctrl+T

LGBT

for on the go developinh I have completely replaced my laptop with my phone and a folding Bluetooth keyboard.

It can really do anything my laptop did, and if needed I can just remote desktop into my pc or ssh into a server.

A few years ago and today very shameful: Griefing Minecraft servers with an own "Griefer-Class". The class was completly enclosed into a simple ArrayList ( with {{ }} ) to hide it in JD-Gui (decompiler many are using) and had a own remote client that could send own as well as server commands via kinda like a telnet connection.

That were times... 😏

I try to log in via SSH to a remote server. In the beginning all is well. It asks for my password, so I enter the password. Next thing: connection closed by the remote server.

So I wonder what the problem might be... I guess that perhaps I forgot to specify the username. Indeed when I try the 2nd time with my user name added in front of the host name - it works just fine.

But why is there no error message? Why not tell the user what's wrong? "User name is required". Can't be that hard?

Sometimes I see stuff and it just blows my mind why on Earth some things function so poorly. SSH exists for dozens of years yet the error message is not there -> it's guessing time.

Error: Disk image full.
...
Not good on a production SMB server. Wasted 2 hours tracking the fault down....

Turns out the boss thought it would be a good idea to install syncing software as remote backup without telling anyone...

It wasn't remote :(

Open file with Atom on remote server via FTP.

Edit at will, hit save and BOOM. Now you have an empty file.

....that moment, late at night, when you've just closed that remote terminal to your network media server, tweaking that custom tree listing script, and then you put your phone down and roll over.

:|

WSL GUI... WHY?!?!
I have an assistant(no better defined title) in Myanmar who we've ruined from ever being a "normal" 21yr old Burmese kid again... First non-android computer experience was remote access to our local RHEL server; He's gonna be a dev... being a blank slate, started him primarily on CLI.

Yesterday he tells me wsl stopped working and he can't figure out why. I ofc asked what the last thing(s) he did was... simple wget. I tunnel in, check processes... one of the catch-all wsl ones had hulked out.

Despite very limited abilty to trace whatever was going on, I found what I thought may be responsible. Quickest way to know, kill it...

Whatever will we do without GUI for wsl debian?!?!?

Seriously... the wsl Deb culled things like systemd for simplicity... but arrives loaded with numerous GUI functionalities. I reeeeeallly want to know what advanced practical applications are coming from this

Production issue happens, to get into server to investigate - first write a brief description of the issue, get management approval, then find 2 administrators who each holds half the password to the server, web conference them to key in password on a remote utility, finally, log in to troubleshoot.

It is a problem to troubleshoot a problem.

I worked on an Android sdk that download code from remote server and run it. the I needed to added a feature that recognize when the user went to sleep(inactivity and in charger) wake the phone and start litecoin mining till someone touch the phone. it was evil but cool.

I am accessing the development server via remote desktop, currently maintaining a win forms app on visual studio. there is that one form which when a break point is hit the whole screen freeze and doesn't respond until you minimize the remote desktop and maximize back. just in this form, not the others. it's reproducable.
it's a gem if you ask me, I show it to everyone I know.

Workmate (experienced developer) on suspension for not backing up database and server data got corrupted.
Workmate worked on server instead of localhost.
Manager repeatedly asked workmate to stop working from remote server and ensure that workmate commits and pushes every day.
Workmate blames it on manager for allegedly not telling workmate to backup.

Your thoughts?

TL;DR I just recently started my apprenticeship, it's horrible so far, I want to quit, but don't know what to do next...

Okay, first of all, hey there! My name is Cave and I haven't been on here for a while, so I hope the majority of you is doing rather okay. I'm programming for 6 years now, have some work experience already, since I used to volunteer for a company for half a year, in which I discovered my love for integrations and stuff. These background information will probably be necessary to understand my agony in full extend.

So, okay, this is about my apprenticeship. Generally speaking, I was expecting to work, and to learn something, gaining experience. So far, it only involved me, reading through horrible code, fixing and replacing stuff for them, I didn't learn a thing yet, and we are already a month in.

When I said the code is horrible, well, it is the worst I have ever seen since I started programming. Little documentation - if any -, everywhere you look there is deprecated code, which may or may not been commented out, often loops or simply methods seem to be foreign for them, as the code is cluttered with copy paste code everywhere and on top of that all, the code is slow as heck, like wtf.

I spent my past month with reading their code, trying to understand what most of this nonsense is for, and then just deleting and rewriting it entirely. My code suddenly is only 5% or their size and about 1000 times faster. Did I mention I am new to this programming language yet? That I have absolutely no experience in that programming language? Because well I am new and don't have any experience, yet, I have little to no struggle doing it better.

Okay, so, imagine, you started programming like 20 years ago, you were able to found your own business, you are getting paid a decent amount of money, sounds alright, right? Here comes the twist: you have been neglecting every advancement made in developing software for the past 20 years, yup, that's what it feels like to work here.

At this point I don't even know, like is this normal? Did git, VSCode and co. spoil me? Am I supposed to use ancient software with ancient programming languages to make my life hell? Is programming supposed to be like this? I have no clue, you tell me, I always thought I was doing stuff right.

Well, this company is not using git, infact, they have every of their project in a single folder and deleting it by accident is not that hard, I almost did once, that was scary. I started out working locally, just copying files, so shit like that won't happen, they told me to work directly in the source. They said it's fine, that's why you can see 20 copies of the folder, in the same folder... Yes, right, whatever.

I work using a remote desktop, the server I work on is Windows server 2008, you want to make icons using gimp? Too bad, Gimp doesn't support windows server 2008, I don't think anything does anymore, at least I haven't found anything, lol.

They asked me to integrate Google Maps into their projects, I thought it is gonna be fun, well, turns out their software uses internet explorer 9.. and Google maps api does not support internet explorer 9... I ended up somehow installing CEF3 on that shit and wrote an API for it in JS. Writing the API was actually kind of fun, but integrating it in their software sucked and they told me I will never integrate stuff ever again, since they usually don't do that. I mean, they don't have a Backend as far as I can tell, it looks like stuff directly connects with their database, so I believe them, but you know... I love integrating stuff..

So at this point you might be thinking, then why don't you just quit? Well I would, definitely. I'm lucky that till December I can quit without prior notice, just need a resignation as far as I can tell, but when I quit, what do I do next? Like, I volunteered for a company for half a year and I'd argue I did a good job, but with this apprenticeship it only adds up to about 7 months of actual work experience. Would anybody hire somebody with this much actual work experience? I also consider doing freelancing, making a living out of just integrating stuff, but would people pay for that? And then again, would they hire somebody with this much experience? I don't want to quit without a plan on what to do next, but I have no clue.

Am I just spoiled, is programming really just like that, using ancient tools and stuff? Let me know. Advice is welcomed as well, because I'm at a loss. Thanks for reading.

So as a personal project for work I decided to start data logging facility variables, it's something that we might need to pickup at some point in the future so decided to take the initiative since I'm the new guy.
I setup some basic current loop sensors are things like gas line pressures for bulk nitrogen and compressed air but decided to go with a more advanced system for logging the temperature and humidity in the labs. These sensors come with 'software' it's a web site you host internally. Cool so I just need to build a simple web server to run these PoE sensors. No big deal right, it's just an IIS service. Months after ordering Server 2019 though SSC I get 4 activation codes 2 MAK and 2 KMS. I won the lottery now i just have to download the server 2019 retail ISO and... Won't take the keys. Back to purchasing, "oh I can download that for you, what key is yours". Um... I dunno you sent me 4 Can I just get the link, "well you have to have a login". Ok what building are you in I'll drive over with a USB key (hoping there on the same campus), "the download keeps stopping, I'll contact the IT service in your building". a week later I get an install ISO and still no one knows that key is mine. Local IT service suggests it's probably a MAK key since I originally got a quote for a retail copy and we don't run a KMS server on the network I'm using for testing. We'll doesn't windows reject all 4 keys then proceed to register with a non-existent KMS server on the network I'm using for testing. Great so now this server that is supposed to connected to a private network for the sensors and use the second NIC for an internet connection has to be connected to the old network that I'm using for testing because that's where the KMS server seems to be. Ok no big deal the old network has internet except the powers that be want to migrate everything to the new more secure network but I still need to be connected to the KMS server because they sent me the wrong key. So I'm up to three network cards and some of my basic sensors are running on yet another network and I want to migrate the management software to this hardware to have all my data logging in one system. I had to label the Ethernet ports so I could hand over the hardware for certification and security scans.

So at this point I have my system running with a couple sensors setup with static IP's because I haven't had time to setup the DNS for the private network the sensors run on. Local IT goes to install McAfee and can't because it isn't compatible with anything after 1809 or later, I get a message back that " we only support up to 1709" I point out that it's server 2019, "Oh yeah, let me ask about that" a bunch of back and forth ensues and finally Local IT get's a version of McAfee that will install, runs security scan again i get a message back. " There are two high risk issues on your server", my blood pressure is getting high as well. The risks there looking at McAfee versions are out of date and windows Defender is disabled (because of McAfee).

There's a low risk issue as well, something relating to the DNS service I didn't fully setup. I tell local IT just disable it for now, then think we'll heck I'll remote in and do it. Nope can't remote into my server, oh they renamed it well that's lot going to stay that way but whatever oh here's the IP they assigned it, nope cant remote in no privileges. Ok so I run up three flights of stairs to local IT before they leave for the day log into my server yup RDP is enabled, odd but whatever let's delete the DNS role for now, nope you don't have admin privileges. Now I'm really getting displeased, I can;t have admin privileges on the network you want me to use to support the service on a system you can't support and I'm supposed to believe you can migrate the life safety systems you want us to move. I'm using my system to prove that the 2FA system works, at this rate I'm going to have 2FA access to a completely worthless broken system in a few years. good thing I rebuilt the whole server in a VM I'm planning to deploy before I get the official one back. I'm skipping a lot of the ridiculous back and forth conversations because the more I think about it the more irritated I get.

!DEV

As some of you (I'm certain), I have a plex server at home. Hosted with an "old" core i5-4670K, 16GB ram, no GPU. (Ubuntu 20).

My question. HOW, HOW THE FUCK :

I can play HDR and DV videos via plex TV app.
I can play HDR via my S10 fucking phone !
I cannot play nor HDR nor DV since last update on Xbox X... It's the ONLY use I have for that console. If my TV can do better, wtf I'm supposed to do with that console ? (Any way to put plex server on it ?)

My friend can play my 4k HDR video on apple TV via remote connexion..

What's wrong with Xbox X ?

RHAAAAA.

Also, FU all ripers using PGS format for subtitles without SRT option.

Also FU sony for not allowing TrueHD via ARC. (AT least on my A/V reciver)

Also fuck me for buying xbox.

Also fuck the worl just because.

Ok, I feel better. Thanks you all.

Best dev experience...a colleague who was my team lead when I joined a company as a "from-scratch" PHP developer, and gave me a ton of tips, assistance, encouragement and praise along the way. And for the bits that were not so good (on my part), he gave me constructive criticism delivered in a friendly and helpful way rather than chew me out.

And when the boss(es) of the company talked shit behind my back in meetings I was not invited to, about things they had no clue about (my performance as a developer)) he defended me and set the record straight.

Later he was demoted from team lead for office politics reasons. But was doing the same job as before, for less pay. Never complained.

His job consisted of, all at once, being the company IT/server/printer guy, first line customer support over phone and remote desktop, .NET and PHP developer, course holder to teach our customers how to use our product, and mentor to me.

Good guy. I'd give him a ++ if I could.

Or when I'm working on some legacy mess of php code and changing nothing and then reverting even that causes the whole code to act in some nonsensical way with three buttons hooked to the same code doing three completely different things and none of them having any remote connection to what is in the code. Sometimes I get it to get its act somehow together by fucking rebooting my computer (???). What the fuck is wrong with php and wordpress in particular? Could it be any more of a mess?

I literally commented out my whole fucking code, rebooted the server. Is there some cache I'm not aware of involved? It all feels like some fucked up nightmare.

Not a rant, but seeking advice...

Should I abandon 2 years' worth of work on migrating a personal project from SQL (M$) to a Graph database, and just stick to SQL? And only consider migrating when/if I need graph capabilities?

The project is a small social media platform. Has around ~50 monthly active users.

Why I started the migration in the first place:
• When researching databases, I read that for social media, graph is more suitable. It was, at least in terms of query structure. It was more natural, there were no "joins", and queries were much simpler than their SQL counterparts.

• In case the project got big, I didn't want to have to panic-deal with database issues that come with growth. I had some indexing issues with MSSQL, and it got me worried that at 50MAU I'm having these issues, what would happen if I get more?

• It's a personal project, and the Gremlin language and graph databases looked cool and I was motivated to learn something new.

----

Why I'm considering aborting the migration:
• It's taking too damn long. I'm unable to work on other features because this migration is taking up all my free time. Sunk cost fallacy is hitting me hard with this one.

• In local testing within docker, it's extremely slow. I tried various graph engines (janusgraph, official tinkerpop, orientdb), and the fastest one takes 4-6minutes to complete my server tests. SQL finishes the same tests in under 2 minutes, same docker environment. I also tried running my tests on a remote server (AWS neptune) and it was just as slow. Maybe my queries are bad, but can I afford to spend even more time fine tuning all queries?

• I now realise that "graph = no scalability issues" was naïve of me, and 100% wishful thinking. Scalability issues don't care what database I use, but about how well tuned and configured the whole system is.

• I really want to move on. My tech stack is falling behind and becoming outdated. I'm unable to maintain dependencies.

• I'm worried about losing those 50 MAU because they're essential to gaining traction once I release the platform. I keep telling them about the migration but at some point (2 years later) they're going to get bored I feel.

I guess partially it's a rant because I feel like I shouldn't stop now having spent 2 years on this, but at the same time I feel like I'm heading towards a dead end.

If you made it this far, thank you for reading:)

'CTO': We need this application to be desktop, client-server and self-installable(like a multiplayer game. Counter-Strike for example. Only here we are talking about a business application)
Me: (20 min explanation of the complications and limitations of the architecture).
'CTO': Don't worry. We're gonna explain all that on the user manual.

****Later****
'CTO': I got an idea. What if we deploy the client separately. It will be a dumb client. It will contain just views. That way you don't have to code an API.

The guy was thinking that a dumb client is like a remote desktop window where all is happening on the other side.🤦

My remote server and local machine both run Linux and I'm logged in with similarly formed user names. All I had to do was reboot my local machine and I ended up shooting across a `sudo reboot` on my SSH window! 🤯

"Your message couldn't be delivered to mymail@website.com because the remote server is misconfigured. See technical details below for more information."

Anyone had this problem when sending email from gmail?

this afternoon, we got email from our pentester. He said that he got some security vulnerability in our project. He found .git/ folder in project directory in production server. He considered it as security vulnerability because user can see all git branch on remote repo. He recommend us to remove that folder but the problem is, we using CI/CD so we need that .git/ folder. My question is it bad practice to use git on production server?

So... I've been thinking, I tend to default to LVM when trying to create easy-to-manage disk partitions, or when I want to backup a database without long lockings during a dump... Though, now... I got thinking.

What do you guys think, which is better in terms of functionality: BtrFS or LVM?

I know BtrFS offers such thing like full snapshots that allow to easily transfer just the increment over the snapshot origin off to a remote server for archival, but I never fully grew to trust btrfs as a server filesystem... Its...

Younger, and not as widespread, not to mention I don't know any performance statistics to recommend its use for this or that case (Like... Would a high-load database engine stutter flushing all those changes on disk while reading / writing temp tables and such)