Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "bingo"
I have this one friend who thinks he is a tech guru just because he plays video games a lot and started to study cs for one year. Now he got a job as sysadmin and it is funny to hear him brag about the job in front of non-tech people because he sounds like a CSI Cyber episode, just throwing tech words at the people and I know that he talks bullshit.
But I have to admit, he knows how to sell himself. Probably that's how he got the job in the first place because it cannot be his experience.
Yesterday he called me, to help him edit something on a linux server. I told him "To edit the file type 'vi FILENAME' and then you can edit. I have to go now, I have a meeting." :]23
Things have been a little too quiet on my side here, so its time for an exciting new series:
practiseSafeHex's new life as a manager.
Episode 1: Dealing with the new backend team
It's great to be back folks. Since our last series where we delved into the mind numbing idiocy of former colleagues, a lot has changed. I've moved to a new company and taken a step up as a Dev manager / Tech lead. Now I know what you are all thinking, sounds more dull and boring right? Well it wouldn't be a practiseSafeHex series if we weren't ...
DEALING! ... WITH! ... IDIOTS!
Bingo! so lets jump right in and kick us off with a good one.
So for the past few months i've been on an on-boarding / fact finding / figuring out this shit-storm, mission to understand more about what it is i'm suppose to do and how to do it. Last week, as part of this, I had the esteemed pleasure of meeting face to face with the remote backend team i've been working with. Lets rattle off a few facts to catch us all up:
- 8 hour time difference to me
- No documentation other than a non-maintained swagger doc
- Swagger is reporting errors and several of the input models are just `Type: String`
- The one model that seems accurate, has every property listed as optional, including what must be the primary key
- Properties go missing and get removed at the drop of a hat and we are never told.
- First email I sent them took 27 days to reply, my response to that hasn't been answered so far 31 days later (new record! way to go team, I knew we could do it!!!)
- I deal directly with 2 of them, the manager and the tech lead. Based on how things have gone so far, i've nick named them:
So lets look at some example of their work:
- I was trying to test the new backend, I saw no data in QA. They said it wouldn't show up until mid day their time, which is middle of the night for us. I said we need data in our timezone and I was told: a) "You don't understand how big this system is" (which is their new catch phrase) b) "Your timezone is not my concern"
- The whole org started testing 2 days later. The next day a member from each team was on a call and I was asked to give an update of how the testing was going on the mobile side. I said I was completely blocked because I can't get test data. Backend were asked to respond. They acknowledged they were aware, but that mobile don't understand how big the system is, and that the mobile team need to come up with ideas for the backend team, as to how mobile can test it. I said we can't do anything without test data, they said ... can you guess what? ... correct "you don't understand how big the system is"
- We eventually got something going and I noticed that only 1 of the 5 API changes due on their side was done. Opened tickets. 2 days later asked them for progress and was told that "new findings" always go to the bottom of the backlog, and they are busy with other things. I said these were suppose to be done days ago. They said you can't give us 2 days notice and expect everything done. I said the original ticket was opened a month a go *sends link* ......... *long silence* ...... "ok, but you don't understand how big the system is, this is a lot of work"
- We were on a call. Product was asking the backend manager (aka "Ass") a question about a slight upgrade to the new feature. While trying to talk, the tech lead (aka "Hole") kept cutting everyone off by saying loudly "but thats not in scope". The question was "is this possible in the future" and "how long would it take", coming from management and product development. Hole just kept saying "its not in scope", until he was told to be quiet by several people.
- An API was sending down JSON with a string containing a message for the user with 2 bits of data inside it. We asked for one of those pieces to also come down as a property as the string can change and we needed it client side. We got that. A few days later we found an edge case and asked for the second piece of data to be a property too. Now keep in mind, they clearly already have access to them in order to make the string. We were told "If you keep requesting changes like this, you are going to delay the release of the backend by up to 2 weeks"
Yes folks, there you have it, the most minuscule JSON modifications, can delay your release by up to 2 weeks ........ maybe I should just tell product, that they don't understand how big the app is, and claim we can't build it on our side? Seems to work for them
Thats all the time we have for today,
Tune in for more, where we'll be looking into such topics as:
- If god himself was an iOS developer ... not
- Why automate when you can spend all day doing it by hand
- Its more time-efficient to just give everything a story point of 5
- Why waste time replying to emails ... when you can do nothing instead
See you all next week,
My employer keeps sending booze to our houses.
Officially meant for coronaproof zoom social meetings where they play stupid bingo games and quizzes on Friday afternoons.
Why they're sending 2 liter bottles of Rum, 3 bottles of rosé wine and 12 cans of craft beer for the 6th week in a row... I really don't know... I don't even attend the zoom meetings.
All I know is that during breakfast, rum is better mixed into coffee than through cornflakes.
Anyway... Why was this a rant again? Oh right. Can I sue my employer for baiting me into an addiction? 🤔50
Dev: “Ughh..look at this –bleep- code! When I execute the service call, it returns null, but the service received a database error.”
Me: “Yea, that service was written during a time when the mentality was ‘Why return a service error if the client can’t do anything about it?’”
Dev: “I would say that’s a misunderstanding of that philosophy.”
Me: “I would say it’s a perfectly executed example of a deeply flawed philosophy.”
Dev: “No, the service should just return something that tells the client the operation failed.”
Me: “They did. It was supposed to return a valid result, and the developer indicated a null response means the operation failed. How you deal with the null response is up to you.”
Dev: “That is stupid. How am I supposed to know a null response means the operation failed?”
Me: “OK, how did you know the operation failed?”
Dev: “I had to look at the service error logs.”
Dev: “This whole service is just a –bleep-ing mess. There are so many things that can go wrong and the only thing the service returns is null when the service raises an exception.”
Me: “OK, what should the service return?”
Dev: ”I don’t know. Error 500 would be nice.”
Me: “Would you know what to do with error 500?”
Dev: ”Yea, I would look at the error log”
Me: “Just like you did when the service returned null?”
<couple of seconds of silence>
Dev: “I don’t know, it’s a –bleep-ing mess.”
Me: “You’re in the code, change it.”
Dev: “Ooohhh no, not me. The whole thing will have to be re-written. It should have been done correctly the first time. If we had time to do code reviews, I would have caught this –bleep- before the service was deployed.”
Me: “Um, you did.”
<a shocked look from Dev>
Dev: “What…no, I’ve never seen this code.”
Me: “I sat next to Chuck when you were telling him he needed to change the service to return null if an exception was raised. I remember you telling him specifically to pop-up an error dialog ‘Service request failed’ to the user when the service returned null.”
Dev: “I don’t remember any of that.”
Me: “Well, Chuck did. He even put it in the check-in comments. See…”
<check in comments stated Dev’s code review and dictated the service return null on exceptions>
Dev: “Hmm…I guess I did. –bleep- are you a –bleep-ing elephant? You –bleep-ing remember everything.”
<what I wanted to say>
No, I don’t remember everything, but I remember all the drive-by <bleep>-ed up coding philosophies you tried to push to the interns and we’re now having all kinds of problems I spend waaaaay too much time fixing.
<what I said, and lied a little bit>
Me: “No, I was helping Nancy last week troubleshoot the client application last week with the pop-up error. Since the service returned a null, she didn’t know where to begin to look for the actual error.”
Unknown: We received info that your computer has a wirus
Me: and how do you know?
Unknown: We received a report
Me: Ok? How do I fix it?
Unknown: Sir, are you by your computer?
Me: Yes (No, I am at work 😇)
Unknown: Sir, do you see the ctr key?
Me: Yes (here it comes)
Unknown: Do you see the flag picture?
Me: Yes (Getting closer)
Unknown: Press both the flag key and the r key at the same time. (BINGO!!!)
Me: My computer crashed and it is saying your a scammer, so bye.
It is fun to trick scammers!4
Until now I've never thought of putting stickers on my laptop. Always preferred it to be clean, but with all those cool stickers on all your laptops... It made me wanna put as many stickers as possible and since devRant stickers looked lonely, I've decided to print some of my own. On other side I wantedthem to be useful for me so I grabbed a handful of NFC stickers and designed links and required shortcuts for my phones to run with them on touch. for example if I need a hotspot on my mobile to be activated quickly, I just put my phone against the WIFI sticker and bingo! And yes, devRant logo opens devRant app))5
Just updated my LinkedIn summary, included "Design Thinking", "bleeding edge technologies" and "innovation-driven"...
What other phrases can you think of that only exist to play Buzzword-Bullshit-Bingo? :D5
<just got out of this meeting>
Mgr: “Can we log the messages coming from the services?”
Me: “Absolutely, but it could be a lot of network traffic and create a lot of noise. I’m not sure if our current logging infrastructure is the right fit for this.”
Senior Dev: “We could use Log4Net. That will take care of the logging.”
Mgr: “Log4Net?…Yea…I’ve heard of it…Great, make it happen.”
Me: “Um…Log4Net is just the client library, I’m talking about the back-end, where the data is logged. For this issue, we want to make sure the data we’re logging is as concise as possible. We don’t want to cause a bottleneck inside the service logging informational messages.”
Mgr: “Oh, no, absolutely not, but I don’t know the right answer, which is why I’ll let you two figure it out.”
Senior Dev: “Log4Net will take care of any threading issues we have with logging. It’ll work.”
Me: “Um..I’m sure…but we need to figure out what we need to log before we decide how we’re logging it.”
Senior Dev: “Yea, but if we log to SQL database, it will scale just fine.”
Mgr: “A SQL database? For logging? That seems excessive.”
Senior Dev: “No, not really. Log4Net takes care of all the details.”
Me: “That’s not going to happen. We’re not going to set up an entire sql database infrastructure to log data.”
Senior Dev: “Yea…probably right. We could use ElasticSearch or even Redis. Those are lightweight.”
Mgr: “Oh..yea…I’ve heard good things about Redis.”
Senior Dev: “Yea, and it runs on Linux and Linux is free.”
Mgr: “I like free, but I’m late for another meeting…you guys figure it out and let me know.”
Me: “So..Linux…um…know anything about administrating Redis on Linux?”
Senior Dev: ”Oh no…not a clue.”
It was all I could do from doing physical harm to another human being.
I really hate people playing buzzword bingo with projects I’m responsible for.
Only good piece is he’s not changing any of the code.3
Warning:: Buzzword alarm!
I was doing smalltalk earlier and this guy asks me what I do for a living. me: I work for a company that builds software that is, among other things, able of giving your company prognosises how busy it'll be, so they can plan ahead. Him: ohhh, so like Big Data?
Me: *dies a little inside*... yeah, that's right! (didn't feel like having the talk with him at that point). No dude, not everything is big data 😥14
Branch Manager without actual credentials (just a manager no real business decisions are made by him).
- Constantly is sick
- at home a lot doing „home office“ and not being responsive in company chat or emails
- is in home office 3-4 days a week while company policy clearly states one day a week
- watches YouTube a lot at work and calls out other people when they check their emails or quickly order something on amazon or maybe just listen to a podcast at work
- is a scrum master but rarely acts like it as in softens up rules as he sees fit
- backstabs employees in front of ceo when he actually entrusts them beforehand and says he is definitely in the employees side
- actually tried to physically intimidate me and another employee
- has no real technological background but chimes in on technical discussions and thinks it’s a new round of bullshit bingo
- does personal errands during work and books the time for it as work time
- claims people cheat on their time management entries and gets them warned and fired for it, while doing the exact thing himself
- knows he is trusted by the ceo but actually takes 0 interest in the future of the company
- tirades and gossips about other employees that just aren’t around at that moment
- is sexist at times
- very untrustworthy
- is responsible for a very toxic environment around the office
So that are his attributes - he got me warned and sacked because I supposedly committed fraud with my time management and caused the company financial harm - I had no projects or todos and was keeping myself busy with learning JS and python stuff instead of sitting around waiting for a ticket to come around.
Needless to say I’m glad I don’t see that guy any more. I’d break his jaw if I’d have to see him again.3
Im going to my first IT conference!
By looking at the plan i already regret not getting the "Buzzword bingo"...
Machine learning? Check
Internet of things? Check!
Chatbot/Virual Assistant? CHECK!7
The Cloud Of Bullshit
Every day I wake, and I think of my one true mission in life. To mock and ridicule paint huffing idiots. Something recently that drew my ire, like the hemorrhoids on my ass is this idea of 'the cloud', THE CLOUD and the buzzword lingo-bingo bullshit that providers use to hype and sell it.
For example, airtable is an amazing service. I love that I can insert just about anything into a row, create any of my own row datatypes, that it's flexible as all hell.
I love it.
And I hate that I'm essentially locked in to the cloud.
I fucking hate how if my internet goes down (thanks you pie eating inbred dipshits at comcast) I have no access.
If the company is bought, they'll shut down like all the rest , to be "relaunched at a later time" (or never).
I hate that if the company doesn't make enough money, or it's investors change their mind, woopsie, service is shut down.
I hate that the cloud is synonymous with massive data leaks and IOT-levels of stupidity in security practices.
Every time someone says "but its in the cloud! Isn't it amazing!"
I always think 1. YEAH IF IM AN INVESTOR I GET TO MILK LOW BROW FINGER PAINTING FUCKWITS EVERY MONTH like Adobe sucking the blood from infants who are still in college.
2. Why? So I can get locked into their platform, have them segment off previously free features (fucking youtube and the 'subscribe so you can continue playing audio with your screen off' bullshit), and then have fees increase month over month?
3. Why, so every four years during the presidential selection, if I piss off some fuckstick braindead lemming literally sucking his girlfriends BFs cock, they can potentially shut me out from my own data completely?
The Cloud is built on shit-colored hype sold to knob gobbling idiots, controlling idiots, profiting at the expense of idiots, and later fucking them for buyout payola. The Cloud is a Cloud of Bullshit shat out by huckster messiahs straight into the lapping mouths of fanatics worshiping slavishly like toilet drinking scum at the porcelain alter of a neon god, invisible, untouchable, and like a spigot, easily shut off without anyone noticing. And when it happens, I'll be there, shouting "WHERE IS YOUR CLOUD NOW?"
Native any day. 100% native or I don't fucking want it
None of this node.js-gone-native bullshit either with notetaking apps taking up hundreds of megabytes of ram, where everything is bootstrap or react, in a browser, in a window container, because people are so fucking incompetent we have to hold their hand WHILE they give themselves a reach around.
Native or nothing.
For my favorite notetaking app, I use Microsoft OneNote. "OH god, a heathen, quick, stick his body up on a stake!"
But hear me out. I'll be the first one in a crowd to kick bill gates in the nuts (not because I particularly hate microsoft, just because I think hes kind of a cunt).
So when I say onenote is good, I really fucking mean it. Sure they did some cunty things like 'dumbed down' the interface, and cut out some options. But you know what they can't do?
Shut down the damn service (short of a system update completely removing the whole app, which, frankly, wouldn't surprise me).
It's so god damn good it waxed my balls, cured my cancer, fixed my relationship with my father, found my long lost brother, and replaced ALL my irl notebooks.
It's so good that if it was cocaine I'd be hospitalized for overusing it.
So god damn good it didn't just replace all my notebooks, it even replaced and sped up my mockup process three to five times. Want layers?
Built in. Just drag an image on to the notebook to import instantly.
Want to rearrange layers? Right click select "send forward/back/bring to front/send to back".
Everything snaps to grid by default and is easily resizeable.
I had all the elements for a UI sliced and diced. Wanted to try a bunch of layouts. Was gonna take me two damn days.
Did it in three hours with the notebook features of onenote.
After I started using onenote, me and my bodypillow finally conceived even.
Sweet marries mammaries I just fucking jizzed. Thank you onenote.
P.s. It really did speed up my UI design, allows annotated images, highlighted text. Shit, it can even do kanban.
And all I can think is "good job microsoft making an awesome product for free, being dumb as fuck for not charging for it, and then not marketing it at ALL."
It was sheer fucking luck that I discovered it while was I was looking for vendor STD bloatware to blast off my new install.
OneNote: Worth a try even for the kick-gates-in-the-nuts fan club.
The cloud can suck my balls.18
//Proper Haxk20 tech rant
So uhmmm this is interesting.
Apparently Acer decided to not make proper vBIOS for Nitro 5 RX560X and they left some stuff well just empty or to stock.
For example they set the maximum OC clocks to stock so even if you want to overclock you cant exactly on Linux.
OK but why can we OC on windows ?
Well to no ones suprise windows stuff doesnt exactly follow specs published and well they just ignore some stuff so if you want you can OC on windows even past the max OC clocks because oh safety on windows isnt a fucking thing.
OK so how do we fix it on Linux ?
Well we have 2 ways.
1. Is to dump vBIOS. Edit it to contain the proper max limit and load it on startup because flashing it isnt great to do on laptop.
This will get you OC support but takes ages because again this isnt normal GPU. Its desktop GPU in laptop and Acer had to do something to it because oh well. So you will get lot of shit in the way.
Second way you can OC is to lets just say disable the security feature on Linux.
Hmmmm but AMDGPU driver doesnt exactly support that.
What do we do ?
Well if you look at AMDGPU code there is code for overdrive which is basically driver for overclocking support. When you look at the code for it you will be blown away first at what you are looking at but then Oh boom. variables for max clock on memory and core. Bingo.
OK set it to the values and boot the patched kernel. Hmmmmmm why is it so slow ?
Why is it running at minimum clocks ?
Look at the code again and you forgot that drivers use Hz instead of MHz. Yeahhhhhh. OK multiply the value to match Hz and its at stock. But no worries. Now when i tell the GPU to run at clocks past its limit it wont yell at me that i cant do that.
OK now comes a little weird part. I didnt find docs about boot parameters in linux and i didnt find a way to implement them. So if anybody has a way of implementing them please comment here a link to it. I will possibly even make this a patch and send it to kernel since well manual patching is shit.2
Hardest part of bring a newbie programmer? Figuring out which keywords to use when you search Google, to get the right answer2
Coffeescript is such a pain in the ass. If I wanted to code in Python, I'll code in Python. Why do you have to add pythonicness to JS! Eat a bag of dicks!7
You guys choose your specialities? I just find myself falling into them, and occasionally being interested in them. If the two line up, bingo.
Occasionally I get a reputation for being good at something I can't stand to work with though, which is never a particularly fun combination.4
Some people are really getting high on this Agile shit. Probably because they learned some new bullshit bingo phrases - and it suits them: lots of vapory talk and expensive meetings and others will have to do the work anyway, while they can circlejerk on how to have shorter iterations to improve the time to market, increase the business value, inspect and adapt to faster deliver a minimal viable product - yeah, do the agile transformation, update to the digital age, you noobs. Throwing around some catchy phrases will let you compete with Google? Maybe need some blockchain or machine learning?
While you are clustering your post its, the coders who keep the ship afloat, sit in their legacy code base that's so bitrot they are mainly doing bugfix releases without a single feature for three fucking years. Consider this.5
@Owenvii made a post over at (https://devrant.com/rants/2359774/...) and I want to write a proper response.
The biggest thing you have to look out for as a new dev is the jobs which you accept to begin with.
This isn't minimum wage no more, this is "big league", well, maybe not apple or google big league, but it's not $9.25 an hour either.
Basically you don't want to work anywhere where 1. your labor will be treated as a highly disposable commodity. 2. where the hiring manager doesn't know how to do the job themselves.
The best thing you can do is, if you're new, and just breaking through (and even if you're not), is ask them common questions and problems/solutions that crop up doing the work. If they can answer intelligently that tells you the company values competence (maybe), enough to put someone in place who will know ability from bullshit, merit from mediocrity, and who understands the process of progressing from junior dev to a more involved role.
It also means they are incentivized to hire people who know what they're doing because the training cost of new hires is lowered when they hire people who are actually competent or capable of learning.
Remember, an interview isn't just them learning about you, it's your opportunity to interview *them* and boy, you'll be making a BIG mistake if you don't.
Ideally you want them to ask you to pair program a problem. If your solution is better than theirs then they aren't sending their best to do interviews, and it tells you the company doesn't fire incompetents. The interviewers response can tell you a lot too, if they critique your work, or suggest improvements, and especially if they explain their thinking, that is an amazing response to look for, it says the company values mentorship and *actual* teamwork (not the corporate lingo-bingo 'teamwork' that we sometimes see idolized on posters like so much common dogma).
Most importantly, get them to talk about their work and their team. If they're a professional, it'll be really difficult to pry anything negative about their co-workers out of them, but if they're loose-lipped and gossipy thats a VERY bad sign, regardless of what they have to say.
Ask to take a tour and do a meet n' greet of who you will be working with. If they say no, then it's no thank you to a job offer. You want to take every opportunity to get to know everyone there, everyone you'll be working with, as much as possible--because you'll be spending a LOT of time with these people and you want to rule out any place that employs 'unfireable' toxic assholes, sociopath executives, manipulative ladder climbing narcissists, and vicious misery-loving psychopathic coworkers as quick as possible. This isn't just one warning flag to look out for, it's the essential one. You're looking for the proper *workplace culture*, not the cheesy startup phrase of "workplace culture", but the actual attitudes of the team and the interpersonal dynamics.
Life is really short, and a heart attack at 25 from dipshit coworkers and workplace grief can and will destroy your health, if not your sanity, the older you get.
Trust and believe me when I say no paycheck is too grand to deal with some useless, smarmy, manipulative, or borderline motherfuckers at work constantly. You'll regret it if you do. Don't do it. Do you fucking do it. Just don't.
Take my words to heart and be weary of easy job offers. I'm not saying don't take a good offer that lands in your lap, I AM saying do some investigating and due diligence or the consequences are on you.1
I've been working for a company as freelancer for almost a year now .
Anyway 4 to 5 months ago I've finished what I was supposed to do and the CEO called me to help him finish a project . This project took way more then it's suppose to be (more then 2 years instead of 6 month) and this is because it was designed and written by the devil himself as the most evil thing on earth. Adding to that the constant demands and changes given by the client kept this project always in a mess. When I agreed to help they gave me a list of the remaining tasks, just finish them and we're done .
A month and a half later , we've had a meeting with the client to present what I thought was the last version of the project , and as usual he kept on adding changes and new features .
Another month later I completed those changes and told the company I'll be quitting working with you because I found other opportunities .They told me we'll just do this last meeting and we're done . But guess what ? BINGO same fucking thing happens but this time with big changes and the client wants it in like 2 to 3 weeks.
Now the CEO is begging me to complete these tasks before leaving (because he won't get the final check if I don't ) and on the other hand I've got a lot of the other work to do and it's really hard to setup a schedule for everything .2
I had once an sql error that took me two days to resolve it.
The error message was a syntax error but I was using an ORM to write my queries (doctrine with php) .I didn't have too much to debug as the code was pretty simple and clear so I got to the point that I convinced myself that this a bug and I'm gonna try to mess around it to avoid it.
Second day late night, something popped up in my mind '' hey what about those reserved words? Could it be the reason? '' aaaaand BINGO the key '' option '' is a fucking reserved word for mysql.
Tip : always check that list before writing your data models (specially if you're a noob like me)1
FUUCCKKKK!! I need to hit smth. Or rant..
So that flaky ec2 issue.. These ec2s act as a shared environment for multiple apps. Our app is one of them. I have no access to those ec2s at all.
What I have access to is my app and some monitoring. Now the app randomly starts lagging while nearly idling. At the same random times monitoring stops completely and doesn't come back up. This happens to random app instances at random times.
Reached out to infra support, managed to get attention from the big boys [mgmt]. Today we got the fix deployed. I test it out -- problem persists.
I find this behaviour somewhat familiar. Managed to get some server stats from infra folks. Apparently cpu% is high as well as load avg [cpu queue]. Bingo! I know how to fix it!
So I write a long comment w/ all the commands and all the 'if that, do this'. Send it to one of the infra technitians
and I get a reply: 'we will apply cpu usage limitations to fix the issue'
wait... Cpu% limitations will do nothing but highlight the underlying problem...
'no, instances have high cpu utilisation which is causing those lags. We will limit cpu resources and it will be fixed'
oh ffs... Cpu utilization and cpu queue are VERY different things.. I tried explaining that to them like 7-9 times. And all I get is:
'yes, cpu utilization is the problem. We will limit it and solve the problem'
I would surely escalate all of this through higher channels if only I could get my hands on those ec2s and have a proof. But that is not happening and I'm forced to sit back and watch them break things even worse until they are out of options and mark my query as 'wont fix'....
Fuck that's frustrating....
*thinking to myself* so I've read about that new vulnerability 2 days ago that allows one to escape from docker container to the host... What if <...>4
! First Apk
There is nothing else great feeling than making your first application's about us page.
Touched moon just now !
just found out a vulnerability in the website of the 3rd best high school in my country.
TL;DR: they had burried in some folders a c99 shell.
i am a begginer html/sql/php guy and really was looking into learning a bit here and there about them because i really like problem solving and found out ctfs mainly focus on this part of programming. i am a c++ programmer which does school contest like programming problems and i really enjoy them.
now back on topic.
with this urge to learn more web programming i said to myself what other method to learn better than real life sites! so i did just that. i first checked my school site. right click. inspect element. it seemed the site was made with wordpress. after looking more into the html code for the site i concluded all the images and files i could see on the site were from a folder on the server named 'wp-content/uploads'. i checked the folder. and here it got interesting. i did a get request on the site. saw the details. then i checked the site. bingo! there are 3 folders named '2017', '2018', '2019'. i said to myself: 'i am god.'
i could literally see all the announcements they have made from 2017-2019. and they were organised by month!!! my curiosity to see everything got me to the final destination.
with this adrenaline i thought about another site. in my city i have the 3rd most acclaimed high school in the country. what about checking their security?
so i typed the web address. looked around. again, right click, inspect element and looked around the source code. this time i was more lucky. this site is handmade!!! i was soooo happy because with my school's site i was restricted with what they have made with wordpress and i don't have much experience with it.
amd so i began looking what request the site made for the logos and other links. it seemed all the other links on the site were with this format: www.site.com/index.php?home. and i was very confused and still am. is this referencing some part of the site in the index.php file? is the whole site written inside the index.php file and with the question mark you just get to a part of the site? i don't really get it.
so nothing interesting inside the networking tab, just some stylesheets for the site's design i guess. i switched to the debugger tab and holy moly!! yes, it had that tree structure. very familiar. just like a project inside codeblocks or something familiar with it. and then it clicked me. there was the index.php file! and there was another folder from which i've seen nothing from the network tab. i finally got a lead!! i returned in the network tab, did a request to see the spgm folder and boooom a site appeared and i saw some files and folders from 2016. there was a spgm.js file and a spgm.php file. there was a contrib, flavors, gal and lang folders. then it once again clicked me! the lang folder was las updated this year in february. so i checked the folder and there were some files named lang with the extension named after their language and these files were last updated in 2016 so i left them alone. but there was this little snitch, this little 650K file named after the name of the school's site with the extension '.php' aaaaand it was last modified this year!!!! i was so excited! i thought i found a secret and different design of the site or something completely else! i clicked it and at first i was scared there was this black/red theme going on my screen and something was a little odd. there were no school announcements or event, nononoooo. this was still a tree structured view. at the top of the site it's written '!c99Shell v. 1.0...'
this was a big nono. i saw i could acces all kinds of folders. then i switched to the normal school website and tried to access a folder i have seen named userfiles and got a 403 forbidden error. wopsie. i then switched to the c99 shell website and tried to access the userfiles folder and my boy showed all of its contents. it was nakeeed naked. like very naked. and in the userfiles folder there were all, but i mean ALL files and folders they have on the server. there were a file with the salary of each job available in the school. some announcements. there was a list with all the students which failed classes. there were folders for contests they held. it was an absolute mess and i couldn't believe it.
i stopped and looked at the monitor. what have i done? just to learn some web programming i just leaked the server of the 3rd most famous high school in my country. image a black hat which would have seriously caused more damage. currently i am writing an email to the school to updrage their security because it is reaaaaly bad.
and the journy didn't end here. i 'hacked' the site 2 days ago and just now i thought about writing an email to the school. after i found i could access the WHOLE server i searched for the real attacker so if you want to knkw how this one went let me know in the comments.
sorry for the long post, but couldn't held it anymore12
x = hours estimated from Boss. if the boss
y = sum of the features with the following weight:
Multiplatform = 10
Web = 5
social * = 100
blockchain = 100
HTML-email = 10
Every other bullshit bingo term = 20
everything else = 1
Terms that appear multiple times count multiple times.
If the boss didnt give his estimate triple the feature-value and use 100 as x-value5
New task with a march deadline, our 1 developer (me) will work on multiple projects, while also learning about AR (I'm a WebDev) and creating a commercial ready AR app....
I think it's time to get back to looking for a new job...
So just now I had to focus on a VM running in virt-manager.. common stuff, yeah. It uses a click of le mouse button to focus in, and Ctrl-Alt-L to release focus. Once focused, the VM is all there is. So focus, unfocus, important!
Except Mate also uses Ctrl-L to lock the screen. Now I actually don't know the password to my laptop. Autologin in lightdm and my management host can access both my account and the root account (while my other laptop uses fingerprint authentication to log in, but this one doesn't have it). Conveniently my laptop can also access the management host, provided a key from my password manager.. it makes more sense when you have a lot of laptops, servers and other such nuggets around. The workstations enter a centralized environment and have access to everything else on the network from there.
Point is, I don't know my password and currently this laptop is the only nugget that can actually get this password out of the password store.. but it was locked. You motherfucker for a lock screen! I ain't gonna restart lightdm, make it autologin again and lose all my work! No no no, we can do better. So I took my phone which can also access the management host, logged in as root on my laptop and just killed mate-screensaver instead. I knew that it was just an overlay after all, providing little "real" security. And I got back in!
Now this shows an important security problem. Lock screens obviously have it.. crash the lock screen somehow, you're in. Because behind that (quite literally) is your account, still logged in. Display managers have it too to some extent, since they run as root and can do autologin because root can switch user to anyone else on the system without authentication. You're not elevating privileges by logging in, you're actually dropping them. Just something to think about.. where are we just adding cosmetic layers and where are we actually solving security problems? But hey, at least it helped this time. Just kill the overlay and bingo bango, we're in!2
Ever feel like your boss is playing buzzword bingo with your project?
We have new project. Buzzword bingo words for us: microservices and cloud. We're moving our old, big, monolithic app to microservices.
And very strong demand that we keep all nasty solutions gathered in there for the last 10+ years working.2
Colleague wrote all his test cases after finishing his code and set expectedOutput to garbage. His tests failed, printing actualOutput. Then he just replaced the garbage expectedOutput with actualOutput. Bingo bango, all tests passed.
"How do you like me now TDD?"1
Short contract job, helping a solo dev.
Me: what's these "200" everywhere?
Him: the max number of sensors we support. I know it should be a define, but it just became that way.
Me: <shrugs. Well, I'm only staying here a couple of weeks. Goes on working on my own branch>
A week later, manager says: "now we need to support 400 sensors!"
Solo dev: <searches and replaces all occurrences of 200 with 400. The program breaks>
Me: what happened?
Him: I only changed the max number of sensors!
Me: Mmm. <searches for 199 as well... Bingo. Creates a define, searches for 198 and 201 for good measure. Gives him no comment about my change>3
Are there any official definitions for the terms Software Developer and Software Engineer? Today a friend told me He got a raise and he's now a software engineer and no longer "just" a software developer (still at the same company).
To him and me that sounds like bullshit bingo at its best. His tasks and responsibilities will still be the same after the change of his job title.
So I'm wondering whether anyone here knows of some objectively defined distinctions between the two job titles. To me and my friend those are just the same. I never even thought anyone would make a distinction between the two5
God damn project managers...
'we've know about the requirement for about 2 months but we are only just doing something 3 weeks before the deadline'2
My first job was partially support oriented. Had to work in shifts and just close issue tickets. Learnt Python, automated shit, only to quit it later for a better job :)
I can't figure out if its google that is infected, or this website, or my machine.. (Only tested it on 2 PC's so far.)
Any pointers welcomed !
Appears for sure in MS Edge browser and Internet Explorer. (So make sure you have antivirus running/etc. or a sandbox machine/etc.)
I think the problem is with google...
Click on 'images'
Then click on the first picture.
Then click on the preview/etc. pane on the right in google, which takes you to the diamondestates website
Then click on the right arrow in the picture on the diamondestates website to go to the next picture, and bingo a popup !
Related URL's it takes you to include:
> Analysis Report deloplen.com/afu.php
Useful input welcomed, and if anyone wants to inform the infected site they have an infection, please feel free to do so !
Last few times when I've tried to do that, people haven't understood me very well, and nowadays I'd worry they would think I had planted it, when I just want to tell them they have an infection !
I suspect its the diamondestates website, but if you go their directly, the infection doesn't popup, it only appears to happen if you go via google.8
After coming back to my desk I cannot unlock my screen. So again I have to go to my Mac or even Windows to google my shitty Linux problem. Nothing particular turns up. So I switch to another tty and rummage through the process list. Kill some java that took 11GB of RAM and Firefox that always keeps some zombies. Nothing.
Grep the processes: oh let's nuke "light-locker". Bingo.
The only downside of this brutal unlock: I cannot lock the screen again. So in any case another reboot? Wasn't this the standard repair method of that other OS that should not be named?3
I have a question about how to set up TensorFlow and use Node.JS for MongoDB CRUD. Help!
Cool, have that question on StackOverflow, because this isn't. If you have nothing to rant about you probably are still missing uncountable hours in training to get on a level where you can rant. Fuck off. Choke on a horse dildo. Get it through your thick idiot skull that devRant isn't your beginners bingo bongo chit chat.6
Spending a whole morning on a problem with Selectize, on jQuery, on a problem where my values weren't displayed while they were stocked.
Tried a lot of things, even StackOverflowed it, no success. While I was desperating, I thought that should be the formatting of the String.
Gosh so much time lost
It all started when I was 15, I was a general geek and started reading about html and CSS, as I needed it for my GCSE, enjoyed it so In time found ampache and decided that I wanted to convert a phpnuke theme to it...
I've started to create a bingo videogame so that when my mother-in-law is at my home, do not bother me.