I fucked up again.

Someone needed a flashdrive for a presentation. Forgot that I keep personal code on on of them for backups (it's always nice when there is no reception to have an offline copy of my code, for instance when we go out into the bush or to remote areas).

I gave them my flashdrive. Forgot it had the code on.

Now someone at head office has taken my program, claimed it as their own - and has just earned themselves a decent amount of money (praised in the monthly company newsletter).

My program has been stolen (by my own stupidity) and butchered. It has been made into something that it was never intended to be.

Fuck that guy.

So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)

Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.

Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.

Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.

It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.

I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.

So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.

I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.

Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.

An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:

"please reenter card number to validate."

Bupkiss. Dead end.

OR SO YOU WOULD THINK.

One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:

"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"

One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:

With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.

So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.

WORST???

Seeing your code, which you were proud about, now being butchered by some interns/newbies 😲

Just like seeing your X girlfriend after long time 😒

When I'm watching a news story about the tech industry or software development, I always wonder if people in other professions also scream at their TV when their field of expertise is butchered with bad analogies and half-truths by reporters and anchors.

Me when I'm forced, at gunpoint, to work with a butchered Wordpress site with 116 activated plugins.

First they came for the atheists, and I didn't speak out - because I'm not an atheist

Then they came for the university teachers, and I didn't speak out - because I don't like universities

Then they came for the gamers, and I didn't speak out - because I don't play videogames

Then they came for Open Source and I didn't speak out - because "anyone can fork it"

Then they came for me - and there was no one left to speak out for me

I know I butchered the poem and I'm not comparing our social situation to the Holocaust (obviously), but I think it kind of illustrates that silence and gradually giving up ideals like justice and meritocracy can end up badly.

I also encourage you to read the actual poem it's pretty nice and food for thought.

I call my git repos the field hospital.

I didn't finish my studies, but I seem to be the most qualified person to pick up the scalpel. Big corner of body bags. New brilliant ideas arrive, I do what I can with the time I have. Sometimes something survives, but it's usually too heavily mutilated to fully function. Unfinished refactorings develop into hardened scar tissue, the feature creep starts festering and leaking.

I should get better at triaging, just deleting old crap, pick one project and nurse it back to health.

But it's not easy to start with fresh focus, when your keyboard is still soaked in booze and the blood and tears of all the victims you've butchered.

I think I butchered my battery...

SQL Rule 1. Always assume there are external processes that might affect your data. (for instance, triggers).
SQL Rule 2. In Denormalised data, never execute logic on dependant table values, always copy from the parent.
SQL Rule 3. When Denormalised data schemas are created the DBA knows what they are doing.
SQL Rule 3.1. If DBA knows what they is doing then according to Rule 1 there is no problem with adding in some triggers to maintain data clones as they are created.
SQL Rule 4. If you don't like or agree with triggers, deal with it. They are a first class tool in a first class RDBMS. In a multi-app or service environment there may be many other external processes massaging your data
SQL Rule 5. If all previous rules are not broken and the system has been running efficiently for many years DO NOT complain that there are triggers in the database that are doing and have been doing the same process that you just butchered (by violating Rule 1 and 2) in your makeshift "hello world, look what I can do from my phone" angular BS when the rest of the users are still relying on the existing runtime app.
SQL Rule 6. If you turn my triggers off, you sure as hell better turn them back on!

OsCommerce is literally the most awful piece of software ever. Granted, I'm migrating a version from 2007, but even still.

The admin area has a screen to set related products to a target product.

The page takes an age to load, even longer to save and is god awful to use from a UI POV.

Why may you ask?

The OsCommerce devs decided to display a flat list, which check boxes of ALL products in the database.

So for the site in question, that's a single list of 167,000 products, without pagination. Some of the worst development/design on a single page I've seen since last week when I inherited a god awful butchered Wordpress site :|

Does most memorable in a bad way count? 🤔

He left almost 2 years ago..or even more.. left a bunch of bugs and logical fuckups for me to fix.. some already fixed, some still lingering there..

I want to not blame him for everything, since we lack proper code review protocols and all.. but I've asked on several occasions if he understands the problem and what must be done..and the answer was always yes..results, after I got time to check up on him, the code he wrote was most probably copy pasted from stack overflow or somewhere else.. butchered in any and every way possible..

And of course already checked in to TFS.. along with bunch of files that were not even changed (he didn't bother to check that and exclude them) + a bunch of files from other projects... Told him to not do that on several occasions too, but he still managed to fuck things up this way.. leaving all the uncommented debugger; crap and alerts in the js files..

On one occasion I was working on new GUI..api part I already finished..got the order from above to delegate this to him as it is not much he can fuck up so I could focus on more important & complex stuff..
Maybe additional 4h of work + testing for everything..
I show him the prepared files, one controller, one view..explained what parts of code goes where etc.. a little short of writing everything myself.. Ask if he understands what needs to be done & how and told him if he has any problems/questions to ask me asap..
Said he understood what needs to be done.. after a day or two he asks me why something is not workig as expected.. I check the files, correct initialization was commented out and all the code was stuffed in the view file.. Took him another day to move the code to proper files.. Not sure about the possible bugs left there as the client later decided that they will not be using this..

I later found out that years of C# experience on his CV was actually a school course.. he didn't even know why the changes on api are not showing up..because he didn't know that he has to build the code..

I mean, if he was honest when asked about experience with .net, we would've taken a month or two to just explain everything from the start..

But as he didn't and based on his CV (much more experience with .net than me) and 'I understand everything' attitude from the start I assumed he knows WTF was he doing..

Boy was I wrong..

He was also more interested in how much I get payed and if I have a company phone etc..than actually doing his job.. I fucking hate chit chat, and this..well.. he didn't get the hints that this is in no way appropriate to ask.. I've told him that if he has problems with his pay and bonuses that he should talk to the management and not me about this..and that I'm only interested in his actual work and progress..

So yeah, I'll definitely be remembering this guy till the day I die..

This Vue project I took over uses document.getElementById(...).innerHTML = stuff in its async created method.

That's the rant.

So now Microsoft is suddenly deciding devices that "weren't" compatible are now perfectly compatible with Windows 11, and they're rolling this out in bunches at a time.

I still get "This device can not support Windows 11" but my coworkers are starting to see "Upgrade NOW!" and it's honestly gotten a bit sour seeing as I may be next. They're bypassing those who're editing the registry to stop this, too.

If I have to start diving into the deep ends of Windows and find out what IP Windows gets it's updates just to slap it into my HOSTS file, we're already in the apocalypse.

This upgrade is not bad for common people, but upon seeing that the Start menu GUI and taskbar got butchered horribly (I place my taskbar on top of the screen, Windows 11 doesn't allow for that) I myself absolutely want as much distance between me and that shit as possible.

In college, I've been hearing my fellow classmates having issues with Windows 11 left and right, including with how hard it is to get another browser to even work, to the Windows Store not even downloading Microsoft's own apps, to endless update loops, to the infamous "Update of Death"

Keep in mind, they got computers with better specs than mine, and they're having a worse experience. A lot of them just got refunds to the very last issue I just mentioned, all within August, day of purchase to day of return.

Microsoft, I am begging you for mercy, I'm so close to just getting up, finding out where you are, and blocking you from my network at all network and device levels.

Designing a framework: design the framework. Have a bunch of drinks. Try use the framework. Sober up and examine how you’ve butchered it.

Adjust the framework.

Wordpress :(

This is some production code of a completely butchered Wordpress site I have been forced to work on (the previous developer managed to break the site so the archives section failed to work).

Words literally fail me.

Ever come back from a small vacation and arrived to see that the rest of the team had butchered your baby and were trying to stitch it back together, but only succeeded in making it worse?

Feels just like that right now. Fucking hell. I gave them a linter, a prettier config file and pre-made shortcuts to run. Still looks like Dr. Frankenstein was drunk while stitching and overvolted the machine, so now the bloody monster is also on fire. This will be a fun week 🙃

"Guys best idea to fuc... help the javascript developers. We make a framework with its own events/states and it will not change inputs or anything unless specified in state. Clearly easier to test... I mean how hard can it be?

Even better our framework will be so fuc... Helpfull that they will put an plugin so they can make it work... I mean improve...

Did i say we just throw the html and put everything in our own butchered way? Even better remember that easy
, Style= ? Hahaha we will make it an object...

O yeah and the state must be immutable objects... What immutable means? Who the fu... I mean its easy...

And we make our own virtual dom because... Fu browsers"
-Facebook developer who hates javascript probably

P.S: thanks vue for keeping the double binding.

That moment when the code that was supposed to be removed in only commented out!!! The guy butchered a bunch of classes by commenting out about 1000 lines of code

Another dev concept butchered by business people:

BDD, but does not integrate into any tests, uses arbitrary language and format, covers only happy path...

Kill me now, please

I finally got to code something yesterday (I've been slacking OTL everytime I open the Java IDE I use my motivation flies out the window) and I've written down some things to help me do what I need because I forget it if I keep it all in my head. Not that this is a big thing, but it's just to help me to not forget what I've learnt, because I know that'll happen if I don't code.
So I'm coding and checking my notes and all, headphones on, heavy metal blasting, I guess I could say I was in the zone.
Suddenly I get a message from my dad asking me to come to the living room. Turns out my mom had been calling me but I couldn't hear it because I had the headphones on... again 😅 (Sorry mom 😇)
So I left my things and walked to the living room. My mom wanted me to put 2 images I've made for her together. I sat on the couch and waited. And waited. I waited more than I've coded before they called me. I was getting impatient because I was trying to code and I'd been called to wait ;u; I thought I could do it in her computer because it was a simple paint thing so I didn't need the editing program I use.
When she finally showed me what she wanted me to do and I noticed that I hadn't edited one the image she provided me correctly (it didn't look good either way, I butchered the logo she'd given me because stray pixels are a thing that exist 😒 reducing the image also kinda killed it 😅). So I come back to my room and edited it again and made it look a bit better, did what she wanted me to do in the first place and emailed it to her. I went back to the living room and checked it it was good and went back.
I lost too much time and the motivation to code. Played for a bit and then forced myself to go back to coding because I didn't feel motivated (not that I don't like coding, I just lack the motivation most of the time). When I realized it it was 2h30 am and I was getting tired 😴

Chinese remainder theorem

So the idea is that a partial or zero knowledge proof is used for not just encryption but also for a sort of distributed ledger or proof-of-membership, in addition to being used to add new members where additional layers of distributive proofs are at it, so that rollbacks can be performed on a network to remove members or revoke content.

Data is NOT automatically distributed throughout a network, rather sharing is the equivalent of replicating and syncing data to your instance.
Therefore if you don't like something on a network or think it's a liability (hate speech for the left, violent content for the right for example), the degree to which it is not shared is the degree to which it is censored.

By automatically not showing images posted by people you're subscribed to or following, infiltrators or state level actors who post things like calls to terrorism or csam to open platforms in order to justify shutting down platforms they don't control, are cut off at the knees. Their may also be a case for tools built on AI that automatically determine if something like a thumbnail should be censored or give the user an NSFW warning before clicking a link that may appear innocuous but is actually malicious.

Server nodes may be virtual in that they are merely a graph of people connected in a group by each person in the group having a piece of a shared key.
Because Chinese remainder theorem only requires a subset of all the info in the original key it also Acts as a voting mechanism to decide whether a piece of content is allowed to be synced to an entire group or remain permanently.

Data that hasn't been verified yet may go into a case for a given cluster of users who are mutually subscribed or following in a small world graph, but at the same time it doesn't get shared out of that subgraph in may expire if enough users don't hit a like button or a retain button or a share or "verify" button.

The algorithm here then is no algorithm at all but merely the natural association process between people and their likes and dislikes directly affecting the outcome of what they see via that process of association to begin with.

We can even go so far as to dog food content that's already been synced to a graph into evolutions of the existing key such that the retention of new generations of key, dependent on the previous key, also act as a store of the data that's been synced to the members of the node.

Therefore remember that continually post content that doesn't get verified slowly falls out of the node such that eventually their content becomes merely temporary in the cases or index of the node members, driving index and node subgraph membership in an organic and natural process based purely on affiliation and identification.

Here I've sort of butchered the idea of the Chinese remainder theorem in shoehorned it into the idea of zero knowledge proofs but you can see where I'm going with this if you squint at the idea mentally and look at it at just the right angle.

The big idea was to remove the influence of centralized algorithms to begin with, and implement mechanisms such that third-party organizations that exist to discredit or shut down small platforms are hindered by the design of the platform itself.

I think if you look over the ideas here you'll see that's what the general design thrust achieves or could achieve if implemented into a platform.

The addition of indexes in a node or "server" or "room" (being a set of users mutually subscribed to a particular tag or topic or each other), where the index is an index of text audio videos and other media including user posts that are available on the given node, in the index being titled but blind links (no pictures/media, or media verified as safe through an automatic tool) would also be useful.