I love working on legacy products. You just need a good shower and possibly a therapist after.

- Sensitive data sent over the internet encrypted with DES (not even 3DES). Guess it doesn't matter that the key (singular, for the last decade) is basically 0123456789ABCDEF.

- Client databases with open default port, admin/admin superuser.

- Critical applications (potential for substantial property damage, maybe loss of life) with a single point of failure and without backup.

Suggestions, to slow down a bit with sales, so we have time to rewrite this steaming pile of crap are met with the excuse: be more pragmatist, this is standard industry practice.

Some of this shit can be fixed on my own time if my conscience nags too much, but others would require significant investment of time from multiple developers, which would slow down new business.

Guess the pay is ok, so that's something...