Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "attack"
- DoS Attack15
Calling a DDoS attack a hack is like blowing a door off its hinges with semtex and then telling people you can pick locks.16
Browsing to a porn site while still being in the corporate VPN.
Got a proxy page which said this type of content isn't allowed at work. Nearly had a heart attack ;D15
Me: good day, how can I help you?
Client: *explains issue*
Me: alright, let's take a loo.... *AACHOOOO*
M: my apologies sir, that came out of nowhe... *ACHOOO*
M: do you have a second sir? My apologies!
C: sure man take your time 😁
*30 seconds later, nose seems to have calmed down*
M: back I am, apologies for the inconvenience!
C: no problem, it happens!
M: where was I?.... Right, I was going t...
AH... AH... AAAAH..... ACHOOOOO*
M: I'm very sorry, I'm going to put you through to a collegue!
*puts through to collegue*
*goes to bathroom*
*returns to desk*
Me: good afternoon sir, how may I hel... *A-MOTHERFUCKING-CHOOOOO* (thinking: oh for fucking fucks sake)
C: bless you!
M: thank you! Apologies, I seem to be having a snee.. *CHOOOOOOOO*
*sniffs a few times*
- zing attack.
*collegue yells at me to transfer my call*
Me: thanks man, idk what's wrong with me hahah... *ACHOOOOOOOOOOOOOOOOOOOO*
OH FUCKING HELL 😠28
Does anyone else have a mini heart attack when you touch your pockets and can't feel your phone for a second?12
Last month: Opening devrant
Facebook, Mark Zuckerberg, FUCK FACEBOOK, ZUCKED ME, KILL MARKBOOK, ATTACK FACEBERG
Last week: Opening devrant
GDRP, GDRP, GGEEDDEERRPPPEEEEE, FUCK GDRP, YEEEY GDRP, WHY GDRP, UPDATED OUR GDRP, FUCKED MY GDRP, PEED IN MY GDRP
this week: Opening devrant
Microsoft, Github, NO Microshit, Burn Github, FUCK GITHUB, POO ON MY MICROHUB, VOMITED ON MY GITSOFT
(Google, you better be ready, it's your turn)31
Fucking Windows 10 installer
WHO THE FUCK THOUGHT THAT AUTOMATICALLY STARTING CORTANA AT THE START OF THE WINDOWS INSTALLER IS A GOOD IDEA
Cortana just spoke at the maximum volume on a very loud sound system I have at 2 am. I nearly had a fucking heart attack30
Want to understand a DDOS attack?
Imagine trying to work while being interrupted every few seconds.. forever.
Just like an open office!5
Ooooooh I just skip a heart attack and shit myself at the same time, thank god for error "can not delete database, database is in use"8
TL;DR: Got a really horrible supervisor temporarily fired, maybe permanently fired, got a laptop, and realized that senior devs are amazing when they stand up for the little guys
Omg... I love my coworkers!!! So like, I'm an incredibly shy dev, like, I only managed to get my internship purely because of my familiarity with c#, Android/UWP app development (although never apple, which you can read about in my last rant lol), and the API Management framework that they were using, so, long stories short, I'm insanely shy and I get anxious quite quickly in social situations, that'll be important in a bit. Anyways, so, in my previous rant (my first one actually, it was "that" bad...) I had a run-in with a rather unfair supervisor situation where he expected me to work on an iOS app without a Mac machine.
So, this is currently a little bit before my shift end, where I'm anxiously trying to get a MacOS VM up and running to be able to copy paste some psudo-code so as not to get in trouble, which is when the senior dev of the team walks by and sees me tearing hair out of my head and being really sad. So what does this god amongst men do?
He comes over and asks me what I'm doing.
Now, I didn't actually notice him, so when he asked me, I was insanely jumpy and scared that my supervisor would appear and be mad at me for not having things done, so I kind of half scream half yelp when he says something, so now he knows somethings up and he acts kind of like I'm an injured deer and slowly asks what's going on.
So, of course I tell him everything that had happened and how the supervisor got really mad about me not being able to develop iOS apps due to not having a Mac, and his expectation of me to get it magically working and getting to work on my module, and the selenium portal automatization, and after a couple seconds of me rapid fire nervous squirrel-like explanation, he holds up a hand and says "He what?!!!!? God dammit, how the hell are you supposed to do that? Jesus, you were supposed to get a company laptop when you got here, where's that??? And if you don't have that then how the hell were you working on the cross platform portion? You need a Mac machine for that, so let me get this straight... You've been frantically trying to find a workaround so that AS (let's call him AS for asshat supervisor (missing an s)) doesn't get mad at you... Who the hell... And this fuckers in charge of the interns??"
He was incredibly pissed off at this point, like, REALLY pissed off... But-
This man had just spoken miracles to me.
So I do what any self respecting intern would do, I start cry laughing and hug said BSD for a quick second (badass senior developer), and I say yep, pretty much ;-;.
And queue AS walking into my workspace and saying
AS- "are you done with the iOS a..."
BSD- "You've got to be kidding me, shut up for a second and sit down"
AS- "?" *Sits*
Me- *hides in corner and cinches up hoodie*
BSD- "Excuse me, but what did you ask benlion to do?"
AS- "Um, I simply told him to start working on the Xamarin app"
BSD- "Yes, but according to benlion, you angrily told him to start working on the Mac portion... Let me ask you something first, why would you do that? It's rude and inappropriate to be hostile to anyone at the workplace, in fact, if he wants to pursue to matter, you can get demoted, actually, if he wants to pursue it, you're fired, and there's no way I'm letting you get a management job again"
AS -"Wow, did benlion really say that? He's obviously lying due to his dislike for me, BSD, it's rather unfair to take his word over his superv..."
BSD-"Oh you did NOT just go there. That's it, stay here. And benlion, come with me." *Points at me*
Me- *Terrified out of my mind, almost to the point of a nervous breakdown because of the argument that I had started* "O-okay o_O"
Long stories short, we come back with his supervisor and he is now relieved of his duties temporarily while this whole thing gets settled...
Oh, and I get my Apple Laptop tomorrow ^-^ so I'm really happy, albeit kind of sad that its my fault that AS doesn't have a job right now ;-;, but he did yell at me and expect incredibly impossible things of me, so, not as bad as I might feel.26
While working support a client calls saying he's being DDoS-ed. The whole team went into high alert. Everyone is checking network traffic but there is no evidence of an attack. The client insists, calls all the way up to our CEO complaining of our incompetence and that he's losing thousands of dollars every second.
I take it on myself to look a little deeper. After some Sherlocking, I find that the client's developers managed to build an infinite loop that makes HTTP requests to localhost. The client was DDoS-ing them selves.
I got no thanks for my competence no apology regarding my incompetence. 😑7
Wild customer appeared!
dev used Ubuntu
It's not very effective...
Foe customer used Stupid Feature-Request
It's super effective!
dev is confused!
dev hurt itself in its confusion!
dev used Reasoning
dev's attack missed!
Foe customer used Ridiculous Feature-Request
It's super effective!
dev used Rage Quit
dev fled using its Rage Quit
If programmers were doctors.
Doctor A: the patient is having heart attack
Doctor B: we have to reproduce the heart attack to be able to heal him
Doctor C: why dont we just remove the hesrt and install a new heart
Doctor D: human heart are bad, maybe we should use animal heart25
We just had a terror attack here in Stockholm. I'm stuck in my office. Stay safe everyone and take the time with your loved ones.31
That’s fucking insane.... Probably a double post; sorry in advance... I just have to express my anger and amazement for a second.
Angry that they didn’t use such a high powered DDoS attack against say... Facebook or some shit like that, amazed at the sheer size of that attack...
I kinda wanna touch it.23
Running from my job to my bus stop while having my phone in my hands trying to fend off a cyber attack while my hands are nearly freezing and its raining like hell.
Sometimes my job is just fucking awesome.17
I'm watching TV and I just heard something along the lines of "The files have been wiped from the server and there was no sign of a DDOS attack. Whoever erased those files had a backdoor.".14
Fellow ranter who ever posted about fakeupdate.net thank you so much for the entertainment, a colleague forgot to lock their computer and came back to a heart attack and we had a nice laugh8
When you were growing up to be a developer and your mom brags about what a genius you were and has literally no idea what she was bragging about...
Funny story my step dad was bragging about me hacking Google to a group of his guys a few months ago (mind you I'm 21, he's a roofing contractor) and he calls me over and is like "yo, Jimmy. Tell them how you hacked google. (Obviously I never "hacked google", whatever that means) and this guy he's talking to say:
"Oh shit. You can do that shazz".
For my own amusement I replied:
"Yeah I hacked google last week. I HTML'd into their json databases to pull out an ASP in order to bash attack on their .Net services using only CSS"
Of course the man's only response at this point was to ask me how much it would cost me to build him a site...12
A client’s server crashed so they called us. When we checked the logs we found a user was logged in 200,000+ times. We told them the user and a few minutes later we get a picture of a cupcake that was on the enter key. They got cupcake DOS attacked. My team isn’t in charge of the login functionality but I can say the team that is got a fairly aggressive internal support ticket.6
How to secure yourself from flash 0-day attacks:
1. Uninstall flash
2. Don't reinstall flash
3. Seriously, you don't need flash7
A human cell has 75MB of DNA information, a sperm cell has half A human cell has 75MB of DNA of it 37.5MB, a milliliter of semen has 100 million sperm cels, on average, a ejaculation lasts 5 seconds and has 2.24 milliliters of Semen.
That means a man is able to produce: 37.5MB x 100,000, 000 x 2.25/5 = 1.687.500,000.000.000 bytes/sec 1,6875 Terabytes/sec;
That means a ovule is able to recive a dDOS attack of 1,6 terabytes per second and only lets one package pass, making it THE BEST FIREWALL IN THE WORLD6
Step-dad : "Chrome is good"
Me : "Yeah but Firefox Quantum :/"
Step-dad : "That's a virus"
That moment at work when we've had no calls for an hour and suddenly the phone goes off
*suddenly you have a few Linux support engineers with a mini heart attack*
- Spent 4 hours coding up the most complex but cleanest test I've ever written. Well let's commit this as a save point
- accidentally committed to master
- Stackoverflow how to fix this shit
- reset head
- destroyed all my work 😱
- made a new branch
- ctrl-z in my editor to recover all my edits 😳
- commit to new branch
- dodge bullet, heart race decrease10
We're having an ongoing credential stuffing attack right now. Hackers hit us hard over the weekend and the web team sent out an email congratulating themselves that they stopped the threat.
I decided to look to see how they "fixed" the issue.
They modified their code to stop logging the errors to prevent Splunk from sending the automated emails to management (how we have been able to spot/monitor the attack).
They literally just put their heads in the sand, stapled a sign to their ass that reads "Meteor? We see no meteor approaching. Everything is fine."5
Site (I didn't build) got hacked, lots of data deleted, trying to find out what happened before we restore backup.
Check admin access, lots of blank login submissions from a few similar IPs. Looks like they didn't brute force it.
Check request logs, tons of requests at different admin pages. Still doesn't look like they were targeting the login page.
We're looking around asking ourselves "how did they get in?"
I notice the page with the delete commands has an include file called "adminCheck".
Inside, I find code that basically says "if you're not an admin, now you are!" Full access to everything.
I wonder if the attack was even malicious.4
My friend works in retail I.T, they clients said the computers were a bit dusty from the stores.
i can feel the asthma attack coming.13
"PornHub is under maintenance"
Me: "The fuck is this?" *refreshes page*
*under maintenance bullshit disappears, page loads as usual*
Shit, almost got a lunch time heart attack. Who's cruel enough to do such a thing? Is this all just a joke to you people? Near-death experience right there. I am forever changed and traumatized. 😢56
Nearly had a crash today driving home and almost had a heart attack. Apparently my car had the heart attack for me and started doing. A speaker test.
So I'm contemplating what just happened and my car's speakers start going BEEEEP BEEEP BOOOOOOOOOOOOP (Subwoofer).
Then the radio came on and switched to a Spanish station.
I looked it up, apparently I had entered diagnostic mode on the infotainment system when I was fiddling with the wheel buttons as a stress relief.
Long story short, the diagnostic mode informed me that my car runs Windows ME!
I would like a new car please, kthxbye.9
Stallman heart failure recipe:
1. Start your UBUNTU LINUX(don't add the GNU part) and set up your .NET Core environment.
2. Download VS Code, the superior text editor for those that do not wish to have carpal tunnel.
3. Open the terminal inside your VS Code instance while inside a .net core project.
4. Type emacs -nw and watch emacs come to life inside of the terminal while living inside of the heretic vs code editor.
Wait for stallman to get a heart attack or a stroke from this.13
At a busy restaurant.
Person 1: oh my God this man here is having a heart attack. Is there a doctor here?
Person 2: here's ten reasons why Kotlin is better than Java for Android development5
So my IT department at school accused a student (referring to him as MR) I know of taking down the Wi-Fi network.
MR, who I see at student tech support every once in a while, has zero fucking advanced technical knowledge. They thought he took down the network from his PHONE.
The FBI was even getting involved investigating him. 90% of the kids in this school can't even troubleshoot OneDrive, so I find it INCREDIBLY hard to believe a student here did anything.
THE FUCK AM I WITNESSING?22
I had a small heart attack yesterday due to the unhealthy amount of energy drinks i consume so... I guess dont be like me guys25
Following a conversation with a fellow devRanter this came to my mind ago, happened a year or two ago I think.
Was searching for an online note taking app which also provided open source end to end encryption.
After searching for a while I found something that looked alright (do not remember the URL/site too badly). They used pretty good open source JS crypto libraries so it seemed very good!
Then I noticed that the site itself did NOT ran SSL (putting the https:// in front of the site name resulted in site not found or something similar).
Went to the Q/A section because that's really weird.
Saw the answer to that question:
"Since the notes are end to end encrypted client side anyways, we don't see the point in adding SSL. It's secure enough this way".
I emailed them right away explaing that any party inbetween their server(s) and the browser could do anything with the request (includingt the cryptographic JS code) so they should start going onto SSL very very fast.
Too badly I never received a reply.
People, if you ever work with client side crypto, ALWAYS use SSL. Also with valid certs!
The NSA for example has this thing known as the 'Quantum Insert' attack which they can deploy worldwide which basically is an attack where they detect requests being made to servers and reply quickly with their own version of that code which is very probably backdoored.
This attack cannot be performed if you use SSL! (of course only if they don't have your private keys but lets assume that for now)
Luckily Fox-IT (formerly Dutch cyber security company) wrote a Snort (Intrustion Detection System) module for detecting this attack.
Anyways, Always use SSL if you do anything at all with crypto/sensitive data! Actually, always use it but at the very LEAST really do it when you process the mentioned above!31
My morning (RO = remote office):
Me: Your xxx implementation is very strange.
RO: Yes we are following a new example from experts in this field. See this link.
Me: Paragraph 1, use xxx class in these situations. Were not doing that.
RO: Yes we had problems with that, we decided to skip that.
Me: Paragraph 2, always use xxx when accessing data. Were not doing that.
RO: Yes that create many bugs, we skipped that.
Me: This section on debugging says to enable this flag while in development to allow the IDE to alert you to issues.
RO: Yes this causes the app to crash constantly. So we took it out.
Me: ... because its finding issues ... and telling you where the problem is, with an error message.
... your not following the experts at all.
RO: We are!, please read the link we provided.
... this will be discussed on my exit interview6
Just took apart my laptop to dust it out from the inside. Had it back together, put the battery in. "Alright, time to make sure I didn't break something"
Beep....beep beep beep....beep beep beep....beep
"FUCK I FUCKING BROKE SOMETHING WHAT DID I BREAK?"
Google Lenovo post codes (Thinkpad laptop). DIMM issue.
"Oh fuck I forgot to put the RAM back in.."
Wireless fucking doorbell!! ლ(ಠ益ಠლ)
This motherfucker almost gave me a heart attack. It kept ringing in middle of the night, went down to check, no one was there. Happened again, went down and sat next to the switch this time, and guess what?
It rang again!! (ノಠ益ಠ)ノ彡┻━┻
Booooo! Faulty switch! (◣_◢)10
I'm a PHP programmer and it hurts my heart whenever I see a lot of developers attack/hate PHP.
Why do they hate PHP that much? 😞21
Imagine how many of us would be fucked if the largest ever recorded DDoS attack was successful/persistent. Y'all should be thankful.
🙏 Glory Be GitHub 🙏
No, MD5 hash is not a safe way to store our users' passwords. I don't care if its been written in the past and still works. I've demonstrated how easy it is to reverse engineer and rainbow attack. I've told you your own password for the site! Now please let me fix it before someone else forces you to. We're too busy with other projects right now? Oh, ok then, I'll just be quiet and ignore our poor security. Whilst I'm busy getting on with my other work, could you figure out what we're gonna do with the tatters of our client's business (in which our company owns a stake) in the aftermath of the attack?9
That mini heart attack you get when you've rebooted the server, but it takes longer than normal before it comes up again (and before you can ssh it).2
Today while livecoding in lecture, my prof got a call that got shown on his Mac. His response to that was very interesting:
“Has anyone else noticed that phones have gotten so advanced that when we receive a phone call we treat it almost like a DOS attack? It impairs is from doing everything that’s secondary to making and taking phone calls and that pisses us off”6
I played a lot of Command & Conquer when I was younger, and I remember going through the files for C&C: Red Alert. I found one that had all the units names and properties, and wondered what happened if I changed a value. So I changed grenadiers attack speed to something ridiculously fast, and found that it actually changed it in the game!
The light bulb went off in my head, and I then created new units:
- Albert Einstein that shot electricity
- Attack dogs that launched missiles
Granted the animations didn't exist for these so it defaulted to playing their death animations when attacking, which was amusing.
That was the ah-ha moment for me that lead me to pursue programming. It was just so much fun!4
On a tiny vacation in another country. Don't have a converter plug (for the power sockets) so borrowed one.
*connects laptop to charger* (old charger which might die soon)
*tries different sockets*
"you might want to check your phone with that thing as the socket seems loose as hell"
*tries phone with charger that definitely works*
That was a fucking panic attack right there 😅2
So this little shit right here gave me a fucking heart attack. I dozed off reading some of the techniques and woke up in possibly one the most terrifying dreams I've ever had. And that's not even the worst part, I was completely aware that I was dreaming while I was in the dream.
I've never been lucid in my life and this felt really wierd. Nevertheless, it was quite an interesting experience. I became obsessed with the movie 'inception' and this book immediately caught my attention when I was at a friend's house.17
--- URGENT: Major security flaw in Kubernetes: Update Kubernetes at all costs! ---
Detailed info: https://github.com/kubernetes/...
If you are running any unpatched versions of Kubernetes, you must update now. Anyone might be able to send commands directly to your backend through a forged network request, without even triggering a single line in the log, making their attack practically invisible!
If you are running a version of Kubernetes below 1.10... there is no help for you. Upgrade to a newer version, e.g. 18.104.22.168
The year is 2218. Machines have taken over the world. A small pocket of resistance fights back against them. And in their darkest hour, Windows, which hasn’t been updated in over a century, still won’t tell their strategists what program is keeping the USB drive with their plans open. They don’t want to unplug the drive as that could damage the files.
While they’re trying to figure it out, the attack comes and catches them all unaware.
As a result, humanity is extinguished.
Don’t let this happen to you.5
Very long story ahead!
Yesterday in the evening a friend of mine (calling him F from now on) became the target of something new to me...
Apparently one can fake his phone number through some fishy ways and call people with that number. Someone (we think we might know who it was, the why is at the end) did this yesterday to F.
Here's the whole story:
We were just talking together on a TeamSpeak Server (a program to talk to others on the internet) when suddenly another friend said: "F, why did you just call me three times in a row?" That was the first thing that was a bit suspicious. After that, F got calls from random numbers (even Afghanistan, we are German), and they said something like "Have fun with the police coming to your house". Then there was silence. 10 minutes later his phone rang and there were a ton of pizza delivery services in his town that apparently got pizza orders from him. Then there was silence, again. Suddenly someone with a hidden number called him, a woman's voice said they were the police and if F doesn't stop calling the police there will be consequences. F then told her what was going on but I think she didn't really care. She then wanted to know where F lives, but I told him not to say that, because if it is the police they can find it out by themself and if it's not, they don't need to know that.
Now, a short break: There is some fake information going around about where F lives. I can't remember when we found out but the attacker thought he would actually live there. No idea what happened at that location...
Now back to the story:
Time went by, nothing really happened. Suddenly F shouted: "There are blue lights outside! The police is here!" He muted his microphone and (the following is what he told us what happened) went down to the door (remember, he is 16) and there were two police men. They were asking about why he called the police. F explained what we knew until then, about number spoofing and stuff... They sent a more technical person to him, he understood what F was trying to explain. The police men drove away and he came back to tell us what happened. (Now we get back to what I heared myself.) The mom came in, screamed something that I couldn't understand, and F went offline. We searched who the attacker could have been. And we are pretty sure we found him. That guy connected to our Minecraft server (that's where I know F from) with his real IP, and his main account, which made it easy to search. He also got a static IP which means it doesn't change. We also got some information that in the recent days this guy was talking about VoIP spoofing and such stuff. Another friend of mine, a bit older, found some proofs and I think he will go to the police.
That's it. Thanks for reading.8
I thought meditation was more like putting myself in “airplane mode”. But in reality it felt more like a DDoS attack!4
A Month ago...
Me: when are you going to complete the report
Friend: we can do it in minutes
Me: you can't Ctrl + c and Ctrl +v as there is plagiarism check
Friend: we have spin bot
Me: you do that now itself . if something happens? You can join me .
Friend: just chill
Me: done with report
Friend: feeding it to spin bot!
Feeds text related to database security....
Garbage collector == city worker
SQL statements == SQL explanation
SQL queries == SQL interrogation
SQL injection == SQL infusion
Attack == assault
Malicious == noxious
Data integrity == information uprightness
Sensitive == touchy
Me: told you so...
**spin not == article rewriter3
When you're talking on your phone and have a panic attack because you can't feel your phone in your trouser pockets...4
A day of an iOS developer life:
1. XCode crashed
2. XCode freeze
3. XCode "Jump to Definition" takes me to a different file that has the exact same variable name instead of jumping to the top of the file
4. XCode Storyboard designer throwing 1000000000 as UIStackView width on a newly created UIView
5. Heart attack
6. Lots of depression
just noticed devRant web has xcode as placeholder in the tags box lol devRant knows my pain T_T8
Linux gives you so much freedom, for example the freedom to fuck your system.
When i was experimenting with bootsticks i typed the following in the terminal:
sudo dd if=bootstick.iso of=/dev/sdb
Where is the mistake? The usb-stick was already plugged in at boot-time and since it was bootable linux mint named it /dev/sda.
You propably already realized it, i wrote the iso the my harddrive. My attempts to restore the partition-table failed, but luckily the kernel still had it in memory and i was able to backup my files via nautilus.
Still, i nearly had a heart attack11
You guys should really take a look at your YouTube history sometimes (If you use it). It's amazing how I move from one video to another.
Here is what I did yesterday:
- I watched a GOT Season 7 review
- Then for some reason, I watched Underground nuclear test
- Several HD footages of Nuclear tests
- Top 10 Demolitions gone wrong 😕
- "No Planes" in 9/11 attack 😕
- Amber Heard's Sexy Prank 😕
Fucking hell, I need to get back to work ☹️22
The best hack in history is surely the one from the mystic "bitchchecker":
https://ubuntuforums.org/showthread... (too long to paste here)
He's a true master6
Just wrote a brute-force attack simulation in c. Going to run it on actual hardware, with an 8-character limit, including alphabet (Upper and lower case), 0-9 and a few special characters and see if it gets done tonight ;)
I'll see you all in about 360 trillion operations.11
Can we talk about this for a second? I mean WTF, how is Windows XP still a thing. Wasn't there a ransomeware attack recently, so every last sys admin should have some motivation to upgrade their shit?
Sure, I hear you say, it's just an information display. No critical stuff.
Well guess what, it was at an airport. Most likely not connected to any critical infrastructur, but still it's a computer, stuck at the boot screen at 11 a.m. running windows XP, connected to an airport network.
And I was standing there like: fuck me!14
"I just hacked your website"
Me: Oh really? What did you do?
"Ran DDos attack using this third party website haha"
So my previous alma mater's IT servers are really hacked easily. They run mostly in Microsoft Windows Server and Active Directory and only the gateway runs in Linux. When I checked the stationed IT's computer he was having problems which I think was another intrusion.
I asked the guy if I can get root access on the Gateway server. He was hesitant at first but I told him I worked with a local Linux server before. He jested, sent me to the server room with his supervision. He gave me the credentials and told me "10 minutes".
What I did?
I just installed fail2ban, iptables, and basically blocked those IP ranges used by the attacker. The attack quickly subsided.
Later we found out it was a local attack and the attacker was brute forcing the SSH port. We triaged it to one kid in the lobby who was doing the brute forcing connected in the lobby WiFi. Turns out he was a script kiddie and has no knowledge I was tracking his attacks via fail2ban logs.
Moral of lesson: make sure your IT secures everything in place.1
I asked for a screenshot to help me assist with the problem.
I got an image inside a Microsoft Word document attached to a Facebook message.
COULDN'T YOU JUST ATTACK THE FUCKING IMAGE INSTEAD2
Dear fanboys (and probably past and I hope not future me),
Just because I use alternative product doesn’t mean you can attack me personally. And because you use some service/product doesn’t mean it’s automatically fitting for all people or it’s perfect and doesn’t have any cons.
Just because you use X thing and you’re happy with it (which is perfectly OK), doesn’t mean I can’t be perfectly happy with Y thing.
Imagine if only legal haircut was yours favorite. Wouldn’t be that boring if everyone wore exact same haircut? That’s like some 1984 shit.
I’m not saying that criticizing things is bad - it’s great actually, but in civilized way.
Don’t attack a person using something and automatically assume that they are an idiots, but rather point out why that something is bad.
And please, be different. If you’re happy with that phone which you use, don’t go buy a new one just because someone told you that your current one is bad without pointing out why.
No one is gonna care anyways...11
I have this teacher who focuses so much on documentation that I hardly get to code sometimes. The worst experience with that teacher was with a project I think about two years ago. Every time I came up with (modified) documentation (we have to document EVERYTHING before allowed to start programming) she would turn me away with some bs argumentation and also point out non existing English grammar errors (my English is way better than hers). After nine weeks of documenting (so, no single line of code yet and projects take ten weeks) she gave me the green light. Then at 'delivery' she had the fucking balls to to tell me that MY CODE WASN'T THAT STABLE AND GOOD YET.
I WAS LITERALLY HAVING A LIVE RAGE ATTACK OVER THERE.4
People need to put thought into what they say. This pissed me the fuck off today. https://twitter.com/CheriJacobus/... this woman looked at ProtonMail for a couple minutes, decided that it was a horrible service that makes its money helping criminals, and then said all this and more in a public tweet dedicated to badmouthing the service. What. The. Fuck. This is what's happening to the world today, people are losing their fucking common sense and it's turned into a popularity contest where people are so unwilling to think about both sides of an argument that they attack other people to shut them up. Fucking hell.6
Howdy my binary friends and those who identify as an attack helicopter or an Amiga 500, I was away from devRant for about 2 weeks or 4 because I had to order a new touchscreen (who cares anyway).
Have I missed something on devRant?
Let me just freshen up my dictionary with Alex's rants, be right back.28
---WiFi Vision: X-Ray Vision using ambient WiFi signals now possible---
“X-Ray Vision” using WiFi signals isn’t new, though previous methods required knowledge of specific WiFi transmitter placements and connection to the network in question. These limitations made WiFi vision an unlikely security breach, until now.
Cybersecurity researchers at the University of California and University of Chicago have succeeded in detecting the presence and movement of human targets using only ambient WiFi signals and a smartphone.
The researchers designed and implemented a 2-step attack: the 1st step uses statistical data mining from standard off-the-shelf smartphone WiFi detection to “sniff” out WiFi transmitter placements. The 2nd step involves placement of a WiFi sniffer to continuously monitor WiFi transmissions.
Three proposed defenses to the WiFi vision attack are Geofencing, WiFi rate limiting, and signal obfuscation.
Geofencing, or reducing the spatial range of WiFi devices, is a great defense against the attack. For its advantages, however, geofencing is impractical and unlikely to be adopted by most, as the simplest geofencing tactic would also heavily degrade WiFi connectivity.
WiFi rate limiting is effective against the 2nd step attack, but not against the 1st step attack. This is a simple defense to implement, but because of the ubiquity of IoT devices, it is unlikely to be widely adopted as it would reduce the usability of such devices.
Signal obfuscation adds noise to WiFi signals, effectively neutralizing the attack. This is the most user-friendly of all proposed defenses, with minimal impact to user WiFi devices. The biggest drawback to this tactic is the increased bandwidth of WiFi consumption, though compared to the downsides of the other mentioned defenses, signal obfuscation remains the most likely to be widely adopted and optimized for this kind of attack.
For more info, please see journal article linked below.
Haha! Sorry but this new cyber attack that's hit the NHS and other company's around the globe, just makes me laugh 😂
These company's just will not spend money on IT, keeping everything update and backed up! 💾
Some of these machines will still running on Windows Vista or XP 😱10
Once while making a automation program for a friends errr academic betterment. I realized I had taken three of the sacred caffeine pills and chewed them unlike normal. Needless to say this increased the surface area tremendously. I thought I was gonna have a heart attack right there at the age of 20. And all I could think was, "fuck my screen has a lot of dead pixels."
It's sad that such a primitive thing as a DDoS attack can bring down a huge chunk of the internet. Well done Dyn for being so unprepared.7
"Systems open to all, but closed to intruders"
HEY, HP, PACK YOUR WHOLE FAMILY OF TRASH SOFTWARE INTO YOUR TRAILER HOME AND DRIVE IT OFF A CLIFF. WHAT THE __FUCK__ DOES THAT EVEN MEAN YOU LITERAL BLOAT FLIES. HOW ABOUT WE START WITH THE FACT THAT ALL IT TAKES IS ONE DUMB MOTHER FUCKER ANYWHERE IN A COMPANY GIVING AWAY ONE LOGIN IN A SOCIAL ENGINEERING ATTACK TO POP THIS NICE FART FILLED BALLOON YOUR DRUNK SALES AND MARKETING MORON PARADE CAME UP WITH.
STOP FUCKING ADVERTISING ON MR. ROBOT AND LET ME PRETEND IT'S NOT A PRODUCT FOR JUST ONE MOMENT FUCK YOU FUCK YOU FUCK YOU4
Not dev related but still a rant:
My company decided that all the network traffic should go throu a virus scanner. But they don't know what the fuck they are doing, so now EVERY valid SSL cert gets rejected by our browsers because the virus-scanner breaks the SSL encryption.
Anyone open for a pishing attack?8
Today at work I saw 2 tech guys (Russians) that tried to fix an audio system at my hospital clinic.
The PL-3.5 cable was unable to transfer any sound to the speakers from the secretary PC.
So they tried to plug it into one of their phones, to rule out the possibility that it is because of the PC headphones plug.
(The speaker volume currently is on *maximum* btw)
1st guy said "Let's play something nice and relaxing, so the patients (mostly old people) won't get an heart attack"
The 2nd ask "So what should I search in YouTube?"
Then the 1st said "Metallica"4
Is it normal for every stupid, arrogant, selfish person to talk all kinds of bad stuff about my app and attack me personally on the play store? It's just a soundboard and it's free you pricks, be grateful for once and don't mind the god damn ads so much. I can't believe that shit.5
scarlxrd - HeartAttack
scarlxrd - BANE
xxxtentacion - look at me! https://soundcloud.com/rojasonthebe...
xxxtentacion - #IMSippinTeaInYoHood
These 4 songs suffice me.
Sub-genre is TRAPMETAL12
Sports commenter at AI vs AI deathmatches.
It would probably go like this:
- UltimateGod the Second launches half of the US nuclear missiles to NorthernEurope!
I guess that's it for the poor bugger.
- WankerBot69 tries to delay its doom by channeling old 4chan archives into a devastating ddos attack. UGtS' logic processe go down for a few nanoseconds... Ugh, that's NASTY! It doesn't even have a mother
- Missiles still going up. Looks like UGtS confused the imperial and metric system just like its predecessor.
- WB69 is now has the upper hand. It just used a SMB exploit and is bow encrypting UGtS's storage.
- UGtS is down. We all hope UltimateGod the third will do better. For now, all hail our catevolent overlord WankerBot69.
- See you next time on Bot Armaggedon folks!
It started with the customer calling and saying they were experiencing some delays in our system. I talked to a 3rd party and they confirmed that messages between our systems would suddenly stop. We talked several times and I spent the whole day investigating and found nothing. Then at about 7 in the evening I get a mail from the customer who says the problems stopped when the ddos attack was over..... WHAT FUCKING DDOS ATTACK!?!?
I FREAKED OUT
I WAS A DIFFERENT PERSON FOR SOME REASON
Dfox thanks for the heart attack, I thought I got hacked.7
I once saved lives sending cpr teams to heart attack victims through an sms gateway platform.
This was amazing considering it was back in 2008 ;)11
Who has a DDOS attack story they want to share ? Dyn put up the good fight today... DDOS attacks can be incredibly difficult to deal with ... Internet of Things devices makes this an even more complicated situation. Outside of calling Prolexic, any vets have some good stories ?6
Lads, this DDoS attack on DYN is must be getting pretty bad, the Department of Homeland security just launched an emergency investigation into the source and apparently Amazon has started being interrupted22
FYI to anyone following the Krack WPA2 vulnerability
A testing suite in python has made its way to github.
Yet another Intel vulnerability. Who_would_have_thought.png.
Someone is trying to launch a brute force attack on one of my servers that I set up for an old project. According to the logs, they've tried Jorgee, they've tried directly accessing the MySQL database (with the laziest passwords), and they're now on day 4 of their brute force attack against my SSH server. I'm fairly certain that they won't be getting in (not that there's anything worth getting in the first place), but what's the standard protocol for this? Do I just wait this out, or is there something I can do to break their bot? I have fail2ban enabled, and it is doing its job, but the attacker is changing their IP address with every attack.12
My company compromises SSL certificates in the name of "security". I can't even use Gmail because Google has identified my intranet as a malicious network executing a man in the middle attack. So they break security in the name of security.6
Windows 10 loves to freeze... especially when I wrote more than 200 lines of code and I'm pointing the cursor on the Save icon!
Thanks MS, you know how to give me a heart attack.13
My new motherboard (MSI Z170 GAMING AC) reports temps for the memory, CPU, GPU and hard drive in °C. And the motherboard temp in °F.
Almost had a fucking heart attack the first time I opened Speccy for benchmarking.
I guess I had an EMP attack in my home.In a single day my laptop charger burst,my desktop monitor got damaged and my Lumia phone has stopped opening.Dont know what to do13
Pushed code remotely and told a teammate to run it on the target hardware. He then told me he might of blown up $6000 worth of equipment. Then he says "Never mind everything works."
World record for biggest heart attack?1
Opened devRant while sitting in public transport.
Suddenly, the dude sitting next to me starts talking to me.
Nearly got a heart-attack because I thought he was going to say something about the devRant feed I was scrolling through or even reveal he was also on devRant. (Dude reminded me of some of the guys on the face reveal. Also, wild beard. XD)
Now somewhat disappointed but also relieved he wasn't a fellow devRanter. (I probably am a social being but when someone catches me off-guard I may react awkward.)4
Fuck the new ECMAScript 2018 specifications.
I mean seriously? How the hell is dot syntax gonna make it more readable?
Also, i love the brackets, braces and semicolon. Hate to see them deprecated.
Almost gave me a heart attack and my head was boiling watching it.
Sort of !dev
I can't do school anymore. I get so many panic attacks. I was shaking the entire time I was writing my essay today. It's hard to focus when your brain is fucking freaking out. I'm missing deadlines, failing tests left and right.
Real talk, I'm not dumb. This was never a problem. My University fucked me up and now I can't even look at an assignment without an electric feeling and I don't know what to do.
I had a panic attack during the opening crawl of Star Wars. I had to leave the theater. My anxiety is going to give me a heart attack one of these times. I'm 18, why am I experiencing health issues like this?
School isn't done right. How could this be the intended effect?10
I get asked about being able to hack stuff, like cracking wifi passwords. Mostly I just go along with them and make up some stuff about how you _could_ do it. And explain how it is done, throw in some "yeah its tough"s and words they wont understand. Yeah with a dictionary attack and a powerful CPU with many threads you can definitely do it! You should try it! I say. Convincing them they can. Ofcourse, download kain and abel and look for something like aircrackng on google.
They won't amount to much and probably won't even try it, but I have a laugh. Seeing the hope of hacking and cracking fade away as a child's ice cream melting on a hot summer day.
I was finally moved to a production project after 2 months in my internship.
Almost had a heart attack after seeing the source code. Thousands of lines of code. So many files. So many things to understand.
I hope I don't lose my brain before getting a stress ball :(5
This piece of shit backend developer who our company fired sometimes back, cause he was spreading fake things about the company.
He was tasked to develop the admin panel for the websites we were working on..
Now, turns out, he had put multiple backdoors in his piece of shitty code.. He happened to designed the front end of the admin panel as well, which contained more than 3k js files..wtf!! And he did all that even after getting paid enough for that shitty code.
The projects where that shit was used are now under attack.. And my already hectic life has gotten even more hectic..
Fuck you dumb fuck.. You piece of shit developer...
I'm never gonna let him take another job.. I'll mail out official complaints and character reports, along with his history to each and every fucking company that he starts working in.. I'm gonna be his worst nightmare..I swear.3
Damn of we can't trust anymore, even banks went under the attack!8
Door knobs !
Don't you hate how they attack your sleeves, your pockets, and your belt loops!
No more, just replace them with one of these, and you too can now brush up against doors with no more fears or concerns about side tummy jabs either.14
Damn Windows april update!
After a LOT of problems with drivers, bluetooth, etc. it even partially corrupted the font of a program, the console shows a list of data from a medical image database so i had a micro heart attack when i first saw this tinking the database was corrupted (i was checking out a problem)!
I bet it's the "smart" font re-sizing!!!5
We upgraded to Dyn Managed DNS last month, now we're down with the DDoS attack! If we didn't upgrade from their standard plan, we would be online still 😂1
You just knew the DDOS attack that impacted Twitter, SoundCloud, Spotify, Netflix, Reddit, Disqus, PayPal... Would not have a chance to slow down devRant! Guaranty @dfox has a world class resilient infrastructure built to circumvent and to scale.6
Last night I had a panic attack and woke up in cold sweats because in the dream I had I was constantly using the wrong variables in the wrong places...
Maybe coding would be fun again if I just got out of this neurotic rut.🙄
And..... it’s Monday now....8
This is legit bad news.
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.
Call centre manager was made VP of my tech company. Is now directing the programming department.
Yesterday she spent 30 minutes looking through Excel files in an attempt to prove me wrong. Literally found nothing, with 3 other people in the meeting.
Repeatedly told everyone she was "not crazy" in her failed attempt to throw me under the bus.
I love coding, but these human interactions are going to give me a heart attack.3
I think someone just did a MITM attack on my private server. Got the IP from netstat, and it's from somewhere, somewhere china. And I think he got my cred.
What do I do now?21
I'm a php developer.
I don't like preg functions (regular expressions) and i don't remember exactly the syntax for alternate words.
I googled, and this is what I found.
An heart attack.5
So the football world-cup tip app I'm using with some mates got hit by a DDoS attack yesterday.
The only question I have is who the FUCK DDoS'es a motherfucking tip-app?! What the hell is there to gain?! It doesn't even involve money, just tipping for the hell of it!1
Merriott got hacked. I know the head (and only) tech at a local hotel/resort that just got bought and turned into a Margaritaville, so I checked in with him to see if he needed any help or advice or anything, and he said he hasn't slept since the attack and probably won't for another week. Everything's on lockdown, he's been staring at the firewall monitor and public PC feeds for like a week straight...
God, I feel bad for this man.2
Basically an addendum to all of my other rants on here.
I've been feeling burnt out for much of the past 6/7 months. Way too many projects going on, not enough time, an assehole boss, unsupportive colleagues and useless clients.
I had a mini-breakdown on New Years (maybe 3rd of Jan) where I had a million things to do before going back to work after having worked through a lot of Christmas and not seeing family. So I sat on the floor in my bedroom, shut all the doors, blinds and every light source at 2am and had a panic attack. Clutching my knees, freaking out and so tense it hurt. After about an hour of that I just collapsed and woke up a couple of hours later ready for another day of shit and it's been shitty ever since.
It'd been almost 7 years since my last panic attack and I fucking blew it because of fucking work and a cunt boss pressuring me too much.1
The project I accepted for measuring heart sound is giving me a heart attack 😬
I have only 10 days left the deadline 😭6
Currently our companies website is being attacked and we're getting a 500 error and the FTP servers are down. Everyone is panicking. Little do they know that I just rebooted the server and already sent out a notice of this happening and will be back online. People are chanting for my death outside my cubical with fire and pitch forks. HURRY UP AND FINISH REBOOTING SERVER!!!1!!3
Identified the origin of the DDoS attack. Apparently, the person was just hopping through 3 IPs so looked like a targeted attack likely from a competitor. I sent the logs with incident notification to the firstname.lastname@example.org to ask them to suspend them.
Got a prompt response but took them a week to suspend this.
We were a very small team and had to stop everything to fix this-iptables and firewall etc.
We had not even launched the product and was still under development.2
Today I woke up with 2 things in my personal todo list
1. As coder, I need to figure out why my yaml parser doesn't work
2. As Lv 60 wizard, I need to clear morroc 245. Wtf with that once punch kill charge attack....8
*Start thinking about it.
*Start seriously thinking about it.
*Push yourself to do it.
*Have a mini unconscious panic attack that tells you you're gonna fail.
*Do something else completely unrelated to what you wanted to do.
*Feel good about the meaningless shit you just achieved.
*Recognize you're procrastinating.
*Try to stop.
*You can't cause you're stupid and lack the control and discipline to trick your own mind.
*Watch video about how to overcome procrastination.
*Get a more firmer understanding of it.
*Realize you're a helpless piece of shit.
*Cry till dead inside.
*Resume daily mindless shit.1
So last week I really fucked up
I had this new implementation that was supposedly to be integrating smoothly into the rest of the service. It depended on a serialized model made by a data scientist. I test it in local, in QA environment: no problem.
So, Friday, 4pm, I decide to deploy to production. I check once from the app: the service throw an error. Panic attack, my chief is at my desk, we triy to understand what went wrong. I make calls with cUrls: no problem. Everything seems fine. I recheck from the app again: no problem.
We dedice to let it in prod, as the feature work. I go get some beers with the guys, to celebrate the deploy.
Fast-forward the next morning, 11am, my phone ring: it's a colleague of my chief. "Please check Slack, a client is trying to use the feature, it's broken"
Panic attack again. I go to the computer, check the errors: two types of errors. One I can fix, the other from a missing package on the machine that the data guy used.
Needless to say, I had a fairly good weekend.
- make sure Dev, QA and Prod are exactly the same (use Ansible or Container)
- never deploy on a Friday afternoon if you don't have a quick way to revert1
windows booted up into a blue screen for a second before going to the login screen.
i almost had a heart attack2
TIL if you know the password for a WIFi SSID, you can replicate it with your hardware. All devices that have credentials for that SSID will connect to yours if your signal is stronger. The encryption just needs to be the same (wpa2/wep) The underlying UUID doesn’t matter.
Not bad for a quick and dirty man-in-the-middle attack. The WiFi spec needs a bit more work.
TLS all the things!4
Spent about six hours writing tests and coding a user log in system for a Rails app last night. Finally finished at around 2:00am. Commited, pushed and merged, then called it a night.
Woke up today and Postgres is refusing to play nice. Spent twenty mins or so fixing that and then ran rspec.... Two thirds of my tests are missing - everything I wrote last night. I check my code and sure enough, they aren't there.
Wild panic ensues for a solid 5 mins before I realise I didn't actually pull the updated master branch after deleting my feature branch last night.
Now I feel like an idiot, but a relieved one.
Want to scare your boss? Wait for a day or two before month end and take all your stuff off your desk home with you.4
When you think about it, a female egg cell can withstand a sperm DDoS attack at a rate of 1.8 terabytes per second, letting through just one data packet. It's amazing that the packet can hang the system for a whole 9 months.
That's what I would call a good firewall.5
When you walk in at work in the morning, hoping for a quiet Friday at work, but nope. I check our WP monitoring and see that half our sites aren't responding. Well fuck. Turns out that the firewall service we use to protect our sites experienced a massive DDOS attack. So the service we use to keep our sites safe ironically caused downtime. Me, our Devopser and another dev spent the entire morning bringing the sites up again and bringing the customers up to date. FFS, I need more coffee.2
A site I manage in my spare time with a couple thousand normal users was getting attacked by a Chinese botnet. All the requests were coming from only two subnets. Easy to block. Feels like this was only the vanguard. Prelude to the real attack. I'm thinking about moving the site to its own server, so it won't affect my other sites. There at least if it gets kneeled, it'll only be that site.6
A great and very common web attack is known as 'SQL injection'.
So if I am using MongoDB, does that become 'NoSQL injection'?1
We love to freak out about critical infrastructure that's still running MS DOS in 2018, but tbh the scarier thing is that trying to upgrade all of it might be just as catastrophic as any exploits. Lots of this shit is so old that you'd have to rewrite any programs from scratch since they weren't even intended for modern x64 systems and the original documentation got lost in a rolodex from a dude who's probably dead. While we're totally unequipped to handle an advanced attack on our air traffic control systems or telecoms grid, it's a guarantee that any attempt to update the hardware SWIFT uses would cause a financial crisis.
Hi every one!
I have to present kali linux on Monday and the presantation should take from 30 to 45 minutes.
What are the best and coolest topics I may have? ( other than aircrack or fluxion .I am going to show them a live attack on my sim wifi!!)
Fucking christ this year is a fucking shitfest:
- wpa2 krack
- "DUHK Attack Lets Hackers Recover Encryption Key Used in VPNs & Web Sessions"
- "Hacker Hijacks CoinHive's DNS to Mine Cryptocurrency Using Thousands of Websites"
- "Bad Rabbit: New Ransomware Attack Rapidly Spreading Across Europe"
My fucking router didn't yet get patched, my fucking phone is outdated and I can't change to my patched one because devrant just shits the bed in extended desktop mode. Windows 8.1 loses support in 3 months, rendering my last chance of using it on my surface pro done, making me use windows 10 with its fucking shit ass not optimized tablet interface. I have just fucking constant paranoia what else could be hacked tomorrow, nothing is fucking safe anymore for fucks sake. I even went as far as implement 3 step auth and intrusion detection on my shitty ass VPS nodes, fucking give me a break you fucking assholes.5
I have come to realize that my stress comes from how inefficient my clients use their tech.
I have to stop caring. Is it up? Is it running? Good. That should be where my investment ends.
I shouldn't fear a heart attack or stroke because of some clients' inefficiency.
IT'S JUST SO DAMN HARD.
Has anyone read the latest rant from Microsoft?
<<Finally, this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.>>16
Massive cyber attack hits Europe. Hopefully everyone is patched and secure. Critical infrastructure, banks... impacted.1
This new season of Attack on Titan is getting more intense!!!
Also, Google Approved my Action TODAY!! :D
Check it out for yourself. It's my first action so don't be too harsh.
horrible terrorist attack in Uri, Kashmir.
may the jawans rest in peace 🙏
enough is enough.
time for change ✊3
When you give your self a mini heart attack by knocking over an empty water cup while coding.
I can't count how many times I have done this over the years.2
That mini heart attack when you run `rm rf *` and it takes some seconds longer than you expected and you reallize that you cannot remember if you cd'ed out /2
How would you explain SSL, certificates, and CAs to a layman?
I just spent 30mins trying to explain it to them in a chat (related to Mpngo driver configs and the sslValidatrle flag), they sorta went silent on me so not sure if I explained it or understood the roles/purposes correctly...
One example I used was it prevents a man in the middle attack where your connection gets rerouted to another server. If the CA didn't recognize the cert the new server replies with then it rejects it and prevents the attack.10
Need a phone upgrade. So now the question is, do I want the $1000 version of the phone I am already using but from a hipster fruit based company or do I want a Korean phone that, given their recent track record, will have a battery that vibrates at the exact frequency that cause wasps to attack the user's testicles?
Oh and it should probably be a thing I can make apps for but doesn't require I learn the thing that pretends it isn't Objective-C.11
Learning about security and how to write secure programs. So much of my stuff was vulnerable to attacks when I stated learning about how hackers do what they do and hacked my own programs. It was frightening… I'm still not confident to say my applications are 100% secure, but it's gotten a lot better and at least I'm actively concerned about it now, even though I'm very unlikely to become a target of an attack (my programs are used almost exclusively by me and my friends). However, it's still frightening to see how unconcerned many more popular/professional devs are with security.7
That cringeworthy moment when you end up updating code you wrote two years ago as an amateur. Sigh, massive OCD attack settling in, I have a feeling I'm going to put in a few extra hours just so I can turn this blob of sticky code into something decent/readable.1
I know I've been spending way too much time in doors programming because I had a panic attack while at the grocery store. I've never had one in a long time.1
China used a tiny chip in a huge hack that infiltrated Apple and Amazon. The attack—denied by the companies—compromised the U.S. tech supply chain, sources say: https://www.wbca.st/PPrOcew2
I never had to deal with an attack.
At least, I don't know about it. My firewall couldn't detect anything.
I wish I could have experienced something like that tbh *sob*2
SSH attack today. I asked my colleague if a rule in the firewall would block that. He tells me that yes and when I look, the rule is open for the SSH. 2 hours ouf downtime ...1
Feck. My brain bluescreened during a coding interview and I had a major panic attack. No clue what or why it happened. FML.1
When you sit at your desk peacefully doing nothing and a coworker calls you.
Almost fell off my chair...
So just read up that some companies based in china were able to attack Google back in 2009, all cause IE had a dangling pointer issue.
Just when i somehow accepted that Austrian part of team is naming theirs methods in Deutch, i almost got heart attack when i saw this. They're combining english with deutch, for example isOffen(), isLoeschenAllowed(), isEinsichtHinzufuegenAllowed() and so on... And most of the time these assholes even dont add javadoc, but when they do it something like: "Checks if *curentClass* is offen". Thanks a fucking ton.3
TL;DR: Read it.
Please don't redistribute without permission. *PUT OPEN SOURCE LICENSE HERE*
Many users in devRant use Windows but then the "Arch Linux Alliance" short ALA came together to invade devRant. After some weeks, the small group FedB ("Fedora Bureau") also joined the OS Wars. When the release of Ubuntu 16.10 was near the UBO ("UbuntuBestOS Alliance") joined and was near to victory, because dpkg was faster than ever before. But then the macOS Defenders woke up. They finally finished the upgrade to Sierra and tried to fight the other OSes. They wanted to attack with their package manager, but that attack failed. After days of war Windows crashed while updating, which made it unoperational. They called it Blue Screen. After windows gave up, the other groups realized, that they are all built with the same base. They called it Unix. They grouped up (except macOS, because they just want to make money) and discovered the remains of Windows. They found a software named "Ubuntu bash for Windows". Everyone in the group was angry, because UBO teamed up with Windows. They destroyed UBO and continued.
To be continued.
Should it continue? Comments...5
ME: Yo Manager, we got a problem...
MANAGER: Nah dude, every problem is an opportunity!
ME: Okay fam, we got an opportunity of a DDOS attack :-)6
Meeting room pc with windows 7 switched on once a week. Sometime it says at boot that has to apply 32769 updates.
Everytime an heart attack.
Fortunately it takes only a couple of minutes.
Deleted 1000 lines of code that I would need at a later point. Had a mini heart attack once I found out the code was no longer there...3
Got access to root access of school's lab computer.
Saw an account 'tee'(Term end exams) associated with it, copied the hash, ran a dictionary attack and the password was 'tee'
Accidentally cleared user accounts table that connects mobile apl accounts with main system accounts. Almost had a heart attack but luckily Azure had point in time restore 😌
Not from a teammate, but using Ionic to create a banking app, I was about to have a heart attack seeing my brother forced to use it :|5
Revenge of the developer.
After our project consultants aren't good at planning projects I started my revenge. They will get soon a heart attack or paranoia...
Every time I need something from them (cause they missed it in the specs) and see them at the end of the floor. I stealth in their room and stand behind their door. When they are sitting, the door is closing mystically and I step to them. The faces are hilarious. That's my way to teach them to write better Specs :)
In the spirit of week93:
If you haven’t read/heard about the attack on HB Gary Federal (a computer security company) in 2011 and you want a good read about a DDOS attack, social engineering, espionage, and the “infiltration of Anonymous” by a very punchable CEO you should check out this article:
And the follow up by Anonymous:
It's been confirmed the DDoS attack on DYN that affected Github, Amazon, etc was perpetrated by supporters of Wikileaks for "revenge" for Julian Assange8
... when you as an internee with limited access, gets your early off friday ruined by a flooding attack and one of the clients on that server somehow has your number..
He got me. I'm so done for...
Pretty funny, cause maybe half a year ago there was an attack against my email, but I'm pretty sure he got stopped because of the 2FA. Not to mention that I immediately changed it for a password x times stronger than whay I had before 🤷♂️13
Tutorial: How to get rid of your dev?
1. Find a very old (2+ years) jira task that took a lot of sleepless nights to get resolved.
2. Make sure that your dev is still on the watchers list.
3. Reopen to 'change some labels'.
4. Forget to close the task again.
5. Remove the body. Heart attack will get classified as a natural cause.
6. Close the task.1
Four hours of work and the work horse decides to have a heart attack.
Thank the server gods for swap files.
I been using digital ocean to host my server for a project, but they seem to get shutdown because of DoS behaviour. I have no idea why. The server is doing some soap and rest communication and controlling a database.
To be fair the password was poor, but it was meant to be a fast way for four people to work on it at the same time.
But after the first shutdown, we rebuild the server and work on functions. Finish the work and went home. But in the server 9 hours of uptime with 2 of them unsupervised it was detected as DoS behaving server.
I assume everyone's heard about the GoldenEye attack.As I understand the attack was called Petya.
Fun fact: In the movie, there were two GoldenEye satellites Petya & Misha.
If those guy want to stay true to form, should we be expecting a second attack?
What is the probability of alien rootkit signal that would be intercepted by satellite and then executed on modern computers to create AGI that can use cloud computing and digital currency to take over our world ?
From my perspective pretty high 🤣🤣🤣
Let’s convince some government people and create intergalactic cyber attack defense institution, that would keep earth safe from alien invasion, with high money grants so we can prevent those threats.
Maybe Ernest Cline Armada is already a thing.
What you think ?2
Mom: Why are you not using this laptop.
Me: I have to wipe it clean. Virus attack.
Me: Mom why is my laptop smelling like washing detergent ??
Guess what happened.....:'(1
For the longest time I've had trouble trying to get my background images full screen viewed and responsive for some components while learning angular 2. Then some one typed this in the CSS
Min-height: 100vh; for height
It felt like I had a heart attack and spontaneous orgasim at the same time.3
Wait, why is nginx communicating from our cache servers to app servers using HTTP1.0? Added http_version 1.1 to a general config. Moments away our responses return 500 on our production because one of our module doesn't handle gzip. If I ever had a heart attack...
I may not be the guy who 'sudo rm -rf /' for a company but I dang near came close and had a heart attack...
@alexdovzhanyn and I just released the third episode of Runtimerror Live!
We talk about various things like the DynDDoS attack, recursion and much more.
We hope you enjoy it as much as we enjoyed recording it :)1
Welp, it is panic attack time. Can't sleep because of work stress, which stresses me out even more. Can't get my work done because of bullshit meetings I can't skip. Coworkers are possibly being purposefully idiotic. Can't take vacation because we are in the middle of shit. I am not even coding, just writing documentation about the same crap everyday because of perviously mentioned idiotic developers. They have the same info as me, but refuse to work on even a draft version until I paint a screen WITHOUT the button they need to remove. I want to code so I can point at it and feel good, but no. And people keep talking to me. FUCK! AAAAAAAAAAAAAHHHHHHHH!!!!3
Developers more than other groups tend to hold their operating system or programming language of choice dearly, to the point where if someone thinks poorly of the OS or Language, they take it like a personal attack. Then there are those who think poorly of people who who's a certain OS or a specific language. Combine the two and you get hurt feelings and identity crisis.
Can we all just agree that we're all in different stages of learning and that we all generally end up going the same direction for the same types of problems?
Or just have it out and kill each other over it. Will give me great rant material.3
Everybody when a forced update is released: "I hate forced updates!! They can't force me to do shit!!"
Everybody when a massive ransomware attack happens: "You should've updated when the update came out, so you aren't vulnerable!"
If they made the fix for the WannaCry vulnerability forced, the attack wouldn't have been as big as it was.
Confession: I wish they made more forced updates :/
Also, I'll probably get a lot of hate about this...2
-Writing engineering thesis
-Have two W10's, because of requirements for HoloLens emulator
-Turn off computer
-Run it again and bootloader doesn't loading
-Heart attack guaranteed4
Is the devRant logo breathing faster on load screens or is it just me? Now it appears that it is having a heart attack, @dfox please help him1
That moment when you realize you've basically been having a protracted anxiety attack for two months. Should uh...build character or something, right?
Anyone have much success with Kali/WiFi penetration testing?
I've been tasked with trying to break WPA security within a couple of hours without a dictionary attack - is that even possible?
I have an Alfa AWUS036NHA capable of monitoring mode if that makes any difference. It's my first time trying anything like this.10
That mini heart-attack when you navigate to your AWS entities and it listed nothing.. only to realize you're in the wrong region.
Every fukken time2
The massive DDoS attack that took down the internet this morning, hit NPM too and I just cleared out my node modules without realizing it. :'(
Back to Excel for control project, sih 😢, just because my non tech boss can't work with JIRA and it confused him. Do you guys know any idiot friendly control project before I having a heart attack?2
Until that recent terrorist attack, I had believed that Ariana Grande is the name of a spacecraft or something. I studied about Ariane 5's failure in software testing course. Maybe that's what made me think like that. 😁
I lost the book that i store all my passwords on it
I almost had a heart attack and
I woke up from my dream2
why do all erp solutions i know have a poor design?
one of you guys surely works for a company which sells erp solutions. as i am a user AND a programmer.
i just have to ask: do you have the feeling that your UI is bad?
and if - why is it like this?
i dont want to attack someone. just want to know the reason why all of the solutions i saw have bad UI or are just "user-unfriendly" (like you would say in german :D)1
Guys any suggestions?
I'm having a migraine attack (severe headcahe) right now in the office.
What should I do.21
We had a test in class where one of the questions was "What is SQL injection?" and I wrote what it was and even gave a bang on simple example where I showed how you could end up with a truncate statement on your customer db. The last part of it was:
"This will be the SQL that gets executed:
INSERT INTO Customers (Name) VALUES (' ';TRUNCATE Customers;--);
When I got it back after we had a session of "grade each others work" I got the comment: "What makes this an attack against a database?"
I mean, I'm not sure what I could have written. That it truncates the database? And, correct me if I'm wrong, but if a user truncates your DB, is that not an attack?
We had a discussion about coding style. At one point I said that it’s his personal opinion and not an objective fact. He went full on rage mode and said that he takes this as an personal attack. Then another dev chimed in, telling me to listen to the older devs, because they know more.
Not really a big fight, but stuff like this makes me mad as hell.1
I once was too busy to update my server, only fucking once. Then I got an email that my server was "deactivated" bc it's ip was tracked back to a DOS attack. Damn those botnets are scary.
Back in the days of DOS/Win3.x I was jerking around in school sending messages to my friends in other classes by changing autoexec.bat on the workstations I used.
Somehow someone mistook my messages as a virus, and the IT department closed down the workstations for weeks.2
When you commit a more readable README on GitHub to a non native English speaker sends you an email a day later asking for help why his self-signed certificate isn't trusted by his browser or his other computers.
The project he's working on is to sniff Wi-Fi packets that are encrypted through a MiTM attack. I've now stopped following this project and moved on.
Has anyone else had any stupid questions from debs which were about the key purpose of their project and how to go about it?
I got a bug on production that I cannot reproduce on our testing environment. It bothers me a lot because I’m putting a lot of man hours finding it. Do you guys have any recommendation how to ”attack” the issue? Unfortunately I cannot debug the code.10
I wrote a type checking utility that also considers all types (JS without TypeScript, so this meant arrays etc.). The desired type had to be declared in a config file and the data didn’t even come from the config.
What would I not do to prevent all possible attack vectors...
I just saw this video on slow loris attacks (https://youtu.be/XiFkyR35v2Y).
So my question is: why even bother with creating a botnet for a ddos attack?3
wondering if I should destroy someone's soul today.
Seriously considering going full drill-sergeant. Complete with knife-hand and shark attack.2
I think our network was having a heart attack today. Had to jump in on a webinar after most people had gone home and ended up tethering to my phone to get a decent connection. Hopefully our network guys see the ticket and can fix things quickly.1
Love the feeling when reading about one ransomware attack after another targeting Windows machines and successfully infects large companies like Maersk from my Ubuntu laptop. 😂
Note to self.. Check how your backup restore works before actually needing it...
Coworker got ransomware to his computer via targeted attack and managed to encrypt about 6000 files on Google Drive share... Which I have backed up. However there are a total of 100k files so total restore is not an option and with 60 users updating things can't do point in time restore either... And thanks to the backup softwares buggy cmd line interface I can't create command line script to restore the files one by one... So in the end I most likely need to restore via sluggish gui one by one...3
Media always misinterprets anything related to computer and information technology. Recently found an Indian News channel which aired news about recent cyber attack and stated virus named "Ransomware" (not WannaCry) has affected computers all over the world. They aired wrong information without hesitation despite India being world's rapidly growing IT hub.6
I've always wondered if techies would make good heads of state. there would be reason in every decision and countries would progress a lot quicker. and we may have world peace someday.4
A: oh hey my commit is not in the master branch...
A: *seeing bunch of commit deleted activity in bitbucket by B
A: Lol B deleted commits in master branch
B: Wait, what?! I know I have rebased my branch.. but never have I rebased anything in the master branch.. how can this be *intense breathing
B: Are you sure you have pushed yours to master?
A: Sure I've rebased, squashed, and rbt landed my work to master, here look my local master has my commit
CTO: wait what? Is this related to this bug we have in production just now? Please don't panic, let us resolve it
Turns out rbt land just squash your commit to your local master branch and they thus A have not pushed it to the remote. And the bunch of commit deleted activity were bitbucket not informing from which branch the activity was happening. Almost gave us heart attack.
O great devs that know grep I have a log that I took from a local company's router that got DOSsed yesterday (they sell very nice sandwiches) and I wanted to know how I can take only the IP's from the log so that I can take action against the users (contacting the abuse if the ISP)10
Starting to invite coders who lost their job for camping. Have cooked for large groups (120 people plus) before. And then, after days of eating and resting, my army can counter attack.... 😁 *mwahaha*
Is the ransomware attack using leaked NSA hacking tools affecting 99 countries is seriously serious or should be categorized as fake news14
Was working in an n-tier website, standard Web forms, BAL, DAL, database architecture. Validation and processing of data done in the BAL. Not the best idea, but whatever. Well apparently some developer thought it was too much work to pass his data through the BAL, so he directly accessed the DAL, performing zero validation on the data being passed in. Luckily, this was in a non-critical part of the site but the PM at the time nearly had a heart attack when I told him.
System engineers who are "too busy" (facebook too much) to try anything new and get a heart attack when you only mention nginx
Coffee. Get wired off your face on caffeine and then you only have three choices, program like you've never programmed before, bounce off a couple of walls or have a severe heart attack.
Rinse an repeat until you're in hospital.
You're welcome 😂😂1
PC-Lint is such a useless piece of shit! Tons of warnings with no actual benefit. The obvious motivation behind this crap was to throw as many warnings as this cheap sucker can even generate with no effort to minimise false positives. Typical snakeoil shit, reminds me of ZoneAlarm back then which reported every ping as "attack" just to fool the clueless into buying. Meanwhile, the actual bugs that sophisticated tools can find pass unnoticed through PC-Lint.
I need to test a client's website for DDoS attack performance, it has been attacked in the past and I want to know what kind of changes are the most effective, are there any good tools/services you know?6
Django wont pick up migrations for this app. Nothing in dj migration table for the app. It just won't create the tables on staging.
My panic attack is over but Im still going to lose this client over this.
I think the CA DMV is under attack right now. Been here for a couple of hours and computers keep going up and down. And now they just announced that this is state wide across all DMVs, so going to another one nearby will not help.
Anyone have any incite....?1
I'm working on my Python book and am debating deleting this chapter on Python 2 vs Python 3. It is not an attack or slander against either version. It's simply a high-level explanation of why there are two major versions, which one I'm using, and concluding by basically saying it doesn't matter which you learn because it's the same language with many internal differences. I mean, in terms of syntax differences, Angular 1->2 is worse than Python 2->3.
I'm just not sure if the chapter is worth keeping. This is a brand new book from scratch, being written square in the Python 3.x development cycle. I even plan on introducing the Py3.6 string interpolation syntax. Has the Py 2 vs 3 war calmed down enough yet to toss it or is it still a necessary evil to keep dragging it up?2
Can I get some advise on what a independent contractor (programmer) making no more then 3-4K has to do to be straight come tax time? This is my first time that I had done any freelancing work and am having a mini heart attack10
I just hate how all the the internet providers (Sprint and Verizon mainly) just attack each other. It is all about combating, attacking and 1upping to them.2
Just out of curiosity...
Is there a way to prevent a DDoS attack using settings in the Router? Like, changing the DNS Port to maybe 54 because most people just spam 53 with random packets?6
Devs are divided on gitlab blunder, some appreciate their honesty and transparency while other are either cursing them or grateful that they didn't use it. But think like this :
You own a MacBook and you love it like your baby, if someone drops it, there is good probability it won't break but it will sure give you a fucking heart attack. You won't ever let that person touch your MacBook.
Gitlab just did that. They scared the hell out of the developers.
I hope everyone learns from this and it doesn't happen to anyone in future.4
So it has been a couple of months since I've used MailGun in a project and I felt like it was time to use it. So I try to go to the mailgun website and it doesn't seem to load. I check twitter and they are experiencing a DDoS attack (tweeted out 20 minutes ago)
Really? Did it really have to happen now I just wanted to use it :c?
What are the odds Microsoft is playing behind the scenes with Wannacry attack to increase Windows 10 growth ?
It is not a secret that Satya Nadella is on a mission to meet 1 billion W10 devices by 2018.9
Seeing my mother-in-law yell and throw a temper tantrum over her computer not working the way she wants it to is so frustrating to watch
If i wasn't there I'm pretty sure she would've died of a heart attack
Whoa.. I think piratebay is under DDoS attack. I was trying to get microprocessor tutorials. Can anyone verify?
Currently in a boot camp. Just finished with python/flask/django...during the html/css part of the camp I literally had "attack of the divs" nightmares.
So, for about two days ago I got hit with a crazy anxiety attack. My chest started to tighten and things seemed dark at the time.
I'm a CS freshmen this year and I find myself struggling with some subjects. I felt like I've dissapointed a lot of people that I really cared. Anxiety attacks have been happening recently. Do you guys have any advice for dealing with anxiety attacks ?
*sorry for the bad english4
This shithead continuously wasted 2 lectures of CNS(Cryptography and Network Security) on debating: in a link to link encrytion if encryption and decryption takes place on every node, what if attacker attacks the node while the data is decrypted.
Though I couldn't care less about the lecture but this guy brings the same issue in every lecture
Do anyone have any idea about the link to link encryption?
I know already it encrypts the whole packet with header and on each hop the data is decrypted and the destination ip address is fetched and encrypted again, but i don't know if it's possible to perform an attack on the decrypted data.3
I was told it was one brave squirrel that led the attack on our internet today...I hope that squirrel is up and running because we are.
I was in my class on Thursday around 12 PM noon Indian standard time.
I couldn't access github on mobile (connection refused error) but at 2 pm once I was out of class could access it.
Any guesses if it was related to recent ddos attack on dyn ?
I learned the ancient art of internal screaming and imagining the annoying people dying one by one at my feet.
this is the only way that I don't die of a heart attack some days.
Awesome feature by devRant...
You can't post your password in rants or comments... See:
My password is ***********
Try now! When you post you can see the password, but others will only see '*'.
-If you fell for this, u r a noob.17
So, I finally was able to perform a successful installation of AlienVault OSSIM Server & Sensor.
Hopefully they'll work. What do I need to figure out now?
1. How do I attack my machine?
- I'll probably go for burpsuite but share your ideas please :)
2. I want to see logs and stuff in pretty graphs
3. Are there any alternatives for this? Would you prefer a combination of pfsense with suricata or something else? Please share your reason as well.