This week, I got an email from my local college advertising some education possibilities that would take 75-150 hours depending on the course. One of them does interest me a lot but now I am wondering what it is better (offensive cybersecurity).

A) follow that course at that college (still WFH)
B) follow similar courses online, possibly cheaper but maybe less credentials on my CV/resume.

Judging by the duration, it's certainly not enough to do it professionally. But it will certainly make my resume stand out a bit more.

I do too much cocain, I throw TV screens out of the window, trash hotel rooms, sleeps with underage girls and think I'm god

I'm a rockstar developer

Do you guys know fishes? I was at the fishshop last time and I realized I didn't know what's what in fishes

https://devrant.molodetz.nl/preview...

Picture of an EXTREMELY early stage of an android devRant client (since the official one no longer works due to the certificate expiration).
Threw this in just a few hours so it's super bare bones and just a proof of concept for myself currently, there is no APK, this isn't even an alpha.
I absolutely do not have time for fun projects so I can't promise anything time wise, if I'll have time I'll try to make it at least usable enough for an alpha build to send here on the next weekend.
(Perhaps will even find an hour or two here or there in the middle of the week)

I sincerely appologize for my lack of time, I would've absolutely loved to start this earlier, and to finish a MVP for y'all (and myself) to use as soon as possible.

Currently it uses 'dr.molodetz.nl' as a "quick and easy" solution for the certificate thingy (so know that data and credentials move through a "thrid-party"), but once I'm having an app that is usable (minimally) I'm planning to switch back to devrant.com but with certificate pinning.

P.S. If anybody has got any tips or advice for android development, write in the comments, I would appreciate anything because I fucking HATE android development and it makes me feel like a monkey smashing a computer with a wrench hoping shit will work. Not my first android app, but even though I've made a few android apps in the past(real apps for actual use, not "template" apps for portfolio or for learning) I still feel like every tiny step is fighting against the framework instead of with it.

What do we think about the fight between UK and 4chan?

While is find 4chan a terrible site, I vouch for them. Fuck off with your stupid rules.

But it's simple right, if they don't comply just block the site?

They can't force 4chan for sure, but then they have to block them.

So, I do not agree that UK is attacking the freedom of speech in America like Lunduke says; in America they can still do what they want.

If you want to drive on the roads there, you need to comply with the rules there.

But fuck UK for wanting it in general.

Funny that Americans think there's more freedom of speech there than here. But maybe not so funny in the future. We're under attack.

The amount of times that I accidentally open the original devRant app and thus get an error is too damn high.

I'm eating my own dogfood and I'm quite happy with rantii, it has a low amount of bugs. It forgets what you've upvoted, the notifications show [object, object] instead of ranter name. It has only one message type (rant) while posting. It misses reply feature. It doesn't do mentions. The urls are incomplete for the website preview, long urls fail.

So few bugs, few missing features. Working on something else in between and need a milestone there before going back working on this. Anyone else using it btw? I see skyrant down too. I guess that rantii is the best option for android now then. Development time was only two hours, not bad. If anyone has some request to add or change, let me know, I'll add it to to do list. Like always open source.

Congrats to everyone on devrant!!!
YOU WON "THE GAME"!!!

I'm bored of everything :
- Minecraft? played it and no more things to do.
- Coding? I'm waiting to buy my new linux desktop.
- Taking a shit? That's a good idea

Jokes aside, im bored and got major, major exams next week.

Maybe ima do a Quake mod (too complicated for my ape brain)
Maybe a Doom mod? Idek what to do.
Maybe... idek

So I decided to try a vpn. I got the protonvpn free service. I can see that it changed my ip address. But can I tell if it is encrypting traffic? All the websites I accessed didn't seem to care my location went from the USA to some place in Asia. I would have thought it would force a relogin or look suspicious.

It is wild. reddit rejects tor, but is okay with vpn?

Eurovision is the worst cringefest and its made by people who do nothing but cocain and underage girls

Ugh the AOC is a bit of a wanker for putting an answer timer (sometimes I accidentally submit the example answer, and it takes 0.1s to fix but nooo you have to wait because the guy is retarded)

BTW I had to implement the parsing completely custom because of dynamically sized blocks, what did you guys do?

Week: 117 (Year 3)

The first weekend of the very last month of the year. How are you going to spend it?

Question: I watched Conjuring: Last Rites yesterday. Which is your favorite or the scariest scary/horror movie ever?

last Weekend : https://devrant.com/rants/19389167

I leave another one of my opinions here and go to bed to wake up to an onslaught of hate...

But, salting passwords is problematic.
I'll do it, I am a hypocrite. I don't want to explain to my customers why I haven't done it.

But the issue with a salted passwords is that we defend our users' data against a possible leak. Plus a tiny bonus against timing attacks. It is not defended against us. We can just log the password in clear text or refuse to hash it or hook inbetween reverse proxy and application.

1. When they are salted, we make rainbow table attacks harder. More compute intensive.
2. When they are salted, we cannot quickly identify people with the same password. Therefore not quickly isolating people with a simple password.

And that's bad.

Let me first start to explain one thing. Imagine you have a generated password. Random characters. Like 50 of them. And you used that password on one website. Not on any more. With a password manager. And now you hear that this website leaked their database. Do you worry? Well, no... If that website itself was not embarrassing. You just log in, set a new one, done. You don't care about it.

We only care about salting because upstream users have not used good passwords. Salting is only there to mitigate password reuse. And because it is good at doing that, people keep reusing passwords.

If we didn't mitigate it, the dangers of reusing passwords would be so widely known. Everyone and their grandmothers knew how to keep good passwords. But sadly, we mitigate and most of us are trust worthy.

Users don't meet us. They don't know who we are, they shouldn't give us their everywhere password. But they do. Because we are too trustworthy, we take good care of it and we mitigate the bad outcomes. If a user leaked their password to us, it is too late. They gave it to a party they shouldn't have trusted. Sadly, we turn out to be trustworthy too often.

And if I wanted to steal a huge amount of passwords, I just create a quick website that turns images into gifs or something stupid. Converts webp into png. For free. Just sign up. We conditioned them to trust website services.

Yea, so, basically, my daily PSA, we have done our users a disservice by mitigating damage at a point after the mistake has already happened.

Okay, I get so annoyed by all these comments I read everywhere akin to "just because it is legal doesn't mean it is moral."

Legality is morality. Claiming that it isn't, is amoral.

The problem with morality, I can easily decide on two completely contrary points of view. Can I take your stuff if you have more than I do? Morally? Sure, it is unfair that you have more. No, you earned it, you have a right to possessions.

Laws, at least some of them, are morality put into writing. A little more stiff, but still morals. Some laws just help us not bump into each other by telling us we have to drive on the left side of the road. But many of them are negotiations of a common morality.

If your personal morality doesn't align with that, you're free to take it and to start the negotiation process anew. Get support, change the law. It's arduous and annoying and work intensive, but possible.

But just fucking declaring that what was done is amoral despite being legal, not planning to do anything, just declare the other person amoral is fucking intolerant bullshit and if you do that, you're an asshole.

It looks like your SSL cert needs renewing. I use certbot to auto-renew every 3 months or so.

So, talking about people on Reddit not having humor; i got banned by my bank (bunq) forever. I complained about my always unasked for planted tree after every expensive I do of x euro's. I've planted 33 or something. So, at least I posted that I want to have a picture of my tree. Many others wanted pictures of their trees too and some actually had whole woods of trees actually :P

So, nobody got a picture of their tree and I got banned.

But now I think about it, if I alone are already responsible for 33 trees and some people own complete woods appearantly. Is it actually possible that they're really planting all those trees? They're a bank, they're massive, it must be the biggest tree planting operation ever. Gonna research this.

SInce this app has no selection regarding rant type, let's see what it will become.

LinkedIn:

you must have a portefolio to show your skill

Me:

maybe that's true for junior but I don't have a strong portefolio because i have a job

LinkedIn:

I do my portefolio after my working hour. It's about dedication and passion

Me:

When you're dedicated every hour is working hour. If you have time for side projects you're a bad employee.

Outlinkedined

AI flagged the Declaration of Independence as being 99.9% AI generated.

Well, the crown considers the writers to be Actual Insurrectionists. So technically correct.

Also noticed people on linkedin have less humor than on reddit, if at all possible.

So I saw a new fucked up trick a job offering company did. If you view their job offers and want to click on one of them it forces you to sign up to their newsletter. No opt out in small lettering.

What kind of fucked up place forces opting into a news letter to view a job offer?

Job searching in 2018. Not great options, but job providers and sites are still human.

Job searching in 2025. Process is completely devoid of human decency, filled with cunts, and makes you want to die early. Plus there are NO FUCKING JOBS.

Finally learning docker. I feel like it's too good to be true.