Long rant ahead.. so feel free to refill your cup of coffee and have a seat 🙂

It's completely useless. At least in the school I went to, the teachers were worse than useless. It's a bit of an old story that I've told quite a few times already, but I had a dispute with said teachers at some point after which I wasn't able nor willing to fully do the classes anymore.

So, just to set the stage.. le me, die-hard Linux user, and reasonably initiated in networking and security already, to the point that I really only needed half an ear to follow along with the classes, while most of the time I was just working on my own servers to pass the time instead. I noticed that the Moodle website that the school was using to do a big chunk of the course material with, wasn't TLS-secured. So whenever the class begins and everyone logs in to the Moodle website..? Yeah.. it wouldn't be hard for anyone in that class to steal everyone else's credentials, including the teacher's (as they were using the same network).

So I brought it up a few times in the first year, teacher was like "yeah yeah we'll do it at some point". Shortly before summer break I took the security teacher aside after class and mentioned it another time - please please take the opportunity to do it during summer break.

Coming back in September.. nothing happened. Maybe I needed to bring in more evidence that this is a serious issue, so I asked the security teacher: can I make a proper PoC using my machines in my home network to steal the credentials of my own Moodle account and mail a screencast to you as a private disclosure? She said "yeah sure, that's fine".
Pro tip: make the people involved sign a written contract for this!!! It'll cover your ass when they decide to be dicks.. which spoiler alert, these teachers decided they wanted to be.

So I made the PoC, mailed it to them, yada yada yada... Soon after, next class, and I noticed that my VPN server was blocked. Now I used my personal VPN server at the time mostly to access a file server at home to securely fetch documents I needed in class, without having to carry an external hard drive with me all the time. However it was also used for gateway redirection (i.e. the main purpose of commercial VPN's, le new IP for "le onenumity"). I mean for example, if some douche in that class would've decided to ARP poison the network and steal credentials, my VPN connection would've prevented that.. it was a decent workaround. But now it's for some reason causing Moodle to throw some type of 403.

Asked the teacher for routers and switches I had a class from at the time.. why is my VPN server blocked? He replied with the statement that "yeah we blocked it because you can bypass the firewall with that and watch porn in class".
Alright, fair enough. I can indeed bypass the firewall with that. But watch porn.. in class? I mean I'm a bit of an exhibitionist too, but in a fucking class!? And why right after that PoC, while I've been using that VPN connection for over a year?

Not too long after that, I prematurely left that class out of sheer frustration (I remember browsing devRant with the intent to write about it while the teacher was watching 😂), and left while looking that teacher dead in the eyes.. and never have I been that cold to someone while calling them a fucking idiot.

Shortly after I've also received an email from them in which they stated that they wanted compensation for "the disruption of good service". They actually thought that I had hacked into their servers. Security teachers, ostensibly technical people, if I may add. Never seen anyone more incompetent than those 3 motherfuckers that plotted against me to save their own asses for making such a shitty infrastructure. Regarding that mail, I not so friendly replied to them that they could settle it in court if they wanted to.. but that I already knew who would win that case. Haven't heard of them since.

So yeah. That's why I regard those expensive shitty pieces of paper as such. The only thing they prove is that someone somewhere with some unknown degree of competence confirms that you know something. I think there's far too many unknowns in there.

Nowadays I'm putting my bets on a certification from the Linux Professional Institute - a renowned and well-regarded certification body in sysadmin. Last February at FOSDEM I did half of the LPIC-1 certification exam, next year I'll do the other half. With the amount of reputation the LPI has behind it, I believe that's a far better route to go with than some random school somewhere.

The solution for this one isn't nearly as amusing as the journey.

I was working for one of the largest retailers in NA as an architect. Said retailer had over a thousand big box stores, IT maintenance budget of $200M/year. The kind of place that just reeks of waste and mismanagement at every level.

They had installed a system to distribute training and instructional videos to every store, as well as recorded daily broadcasts to all store employees as a way of reducing management time spend with employees in the morning. This system had cost a cool 400M USD, not including labor and upgrades for round 1. Round 2 was another 100M to add a storage buffer to each store because they'd failed to account for the fact that their internet connections at the store and the outbound pipe from the DC wasn't capable of running the public facing e-commerce and streaming all the video data to every store in realtime. Typical massive enterprise clusterfuck.

Then security gets involved. Each device at stores had a different address on a private megawan. The stores didn't generally phone home, home phoned them as an access control measure; stores calling the DC was verboten. This presented an obvious problem for the video system because it needed to pull updates.

The brilliant Infosys resources had a bright idea to solve this problem:

- Treat each device IP as an access key for that device (avg 15 per store per store).
- Verify the request ip, then issue a redirect with ANOTHER ip unique to that device that the firewall would ingress only to the video subnet
- Do it all with the F5

A few months later, the networking team comes back and announces that after months of work and 10s of people years they can't implement the solution because iRules have a size limit and they would need more than 60,000 lines or 15,000 rules to implement it. Sad trombones all around.

Then, a wild DBA appears, steps up to the plate and says he can solve the problem with the power of ORACLE! Few months later he comes back with some absolutely batshit solution that stored the individual octets of an IPV4, multiple nested queries to the same table to emulate subnet masking through some temp table spanning voodoo. Time to complete: 2-4 minutes per request. He too eventually gives up the fight, sort of, in that backhanded way DBAs tend to do everything. I wish I would have paid more attention to that abortion because the rationale and its mechanics were just staggeringly rube goldberg and should have been documented for posterity.

So I catch wind of this sitting in a CAB meeting. I hear them talking about how there's "no way to solve this problem, it's too complex, we're going to need a lot more databases to handle this." I tune in and gather all it really needs to do, since the ingress firewall is handling the origin IP checks, is convert the request IP to video ingress IP, 302 and call it a day.

While they're all grandstanding and pontificating, I fire up visual studio and:

- write a method that encodes the incoming request IP into a single uint32
- write an http module that keeps an in-memory dictionary of uint32,string for the request, response, converts the request ip and 302s the call with blackhole support
- convert all the mappings in the spreadsheet attached to the meetings into a csv, dump to disk
- write a wpf application to allow for easily managing the IP database in the short term
- deploy the solution one of our stage boxes
- add a TODO to eventually move this to a database

All this took about 5 minutes. I interrupt their conversation to ask them to retarget their test to the port I exposed on the stage box. Then watch them stare in stunned silence as the crow grows cold.

According to a friend who still works there, that code is still running in production on a single node to this day. And still running on the same static file database.

#TheValueOfEngineers

I've promised to do the Mozilla rant about the whole meritocracy thing a few days ago.. well, this is that. Along with some other stuff along the way. Haven't ranted for a couple of days man, shit happened! But losing 6 days that could've been spent on finishing my power supply project.. to a stupid cold, it got a little bit on my nerves, so that's what I've been working on for the time being. Hopefully I'll be able to finish it up in a couple of days.

1. COCKtail party thingy

Turns out that there's this conference in Brussels in a couple of days about the whole Article 13 copyright stuff. I've been letting a mail to the MEP's about it mature on my systems for a while now.. well, maturing or procrastinating, you be the judge 😛
Now I'm glad that I waited with that though. It's mostly a developer-centric insight into how the directive would be a horrible idea.. think AI, issues with context recognition, Tom Scott's video on Penistone and Scunthorpe etc etc. But maybe I can include some stuff from the event afterwards.
Also, if you're coming to the conference too, do let me know! Little devRant meet while we're at it, it'd be fucking great! I'll try to remember to bring my Christmas ducks, they've got these cute little Santa hats 😋

(P.S.: about the whole COCKtail, I saw the email while drunk and during registration I had to choose an email address.. I figured, feminazis are doing such a great job at going out of their way to find offense in everything, I figured that I'd make their job a little bit easier by sending a COCK bomb in my registration mail address, in the hopes that it finds its way to one of them.. evil, I know XD)

2. The whole feminazi stuff at Mozilla

So Mozilla hates meritocracy now? I've been wanting to rant about the big bad meritocracy for a while now. Thank you Mozilla for giving me an incentive to actually do it!

Meritocracy, feminazis think it's bad because it's about power relationships and discrimination, right? But what if I told you that that is exactly what makes great software great. Good code, good merit, is what's welcomed in software development.. or at least it should be. Because it's a job of fucking knowledge, experience, and quality! Also, meritocracy is a great thing because nobody cares if you're a professional developer in a suit, getting paid to work on a piece of OSS, or a homegamer neonazi who's coding shit in their underwear while wanking to child porn.. nobody fucking cares. If your code, your merit, is good, contribute ahead! Super inclusive, yet apparently bad because bad code is excluded to ensure the health of the project.

So what is the alternative to the big bad meritocracy? Inclusion (or as it's looked like in practice, more like exclusion) based on gender/sex, political orientation, things like that. But not actual fucking merit, the ability to write good code. How the fuck is politics and gender going to be any good at all to an inherently meritocratic craft?! Oh but yeah, it's great for inclusion. It's like females in tech. Artificial growth is just a matter of growth numbers and the only folks who like it are fucking HR and wanketeering cunts, and feminazis. Merit, that's what matters!! And have you ever considered that females are generally not interested in technology? Or for that matter, where's our inclusion movement for men in healthcare?! Gender equality my ass.

That's just my two cents on it of course. Meritocracy shouldn't be abandoned in tech. And even if it's just a matter of calling it something else. How the fuck is it a good idea to not call a pot a fucking pot just because someone might take offense at it?! It's meritocracy, call it fucking meritocracy!!! And while we're at it, call a master a fucking master and a slave a fucking slave!

So, a few months back my mother had some issues with her windows 10 box not being able to do proper backups to a backup partition. At the same time I was pulling insane hours at work and writing on a eBook on commission for a guy, besides having small kids with on and off flu and shit.

Needless to say, I didn't have time to look at the backup issues. Well, even though my mom is one of those dogs you can't teach new tricks, she has always been resourceful enough to get help with things.

This time she picked up the phone and called Microsoft Support, got some guys to remote in and take a look. They messed around a bit and said they were done.

She phoned me up later that day to tell me how proud she was of herself for doing that. Of course, she skipped telling me the important bit about she actually calling them, rather describing it as "Microsoft was just on my computer and fixed it".

You can imagine my immediate reaction, cold sweat running down my back, adrenalin rushing in as I dug through the details of what had happened.

A few days later she calls me up again and tells me the problem is back, and we agree that even though the MS dudes was not able to fix it at first, she should try again, as she had a ticket to reference.

The next attempt by MS actually fried her partitions, and apparently they had f-ed up trying to delete and recreate the backup partition.

That's not the worst of it though. Since they fried her disk, her computer crashed and naturally the remoting won't work. In our country, they have no people on the ground to do hands on help, and they didn't have a partner near by. Her not having a win 10 usb stick, nor a spare computer to make one, she was in a surreal predicament.

She was also quite pissed, and pissed off mums are not to be messed with. She managed to get Microsoft to agree to cover the costs of a non-partner to visit her to fix the problems, and using her as the middle man, they made an agreement with the 3rd-party tech support company.

After the box was fixed though, some more issues arose... regarding billing. The 3rd-party tech support was unable to get in contact with the person at MS that was going to sign off on the bill, and again using my mom as the middle man, it was agreed that my mom, as the customer, was to be reimbursed for the bill to the 3rd-party.

Guess what... 3 months went by, with weekly follow-ups and nagging from my mom, and still no money...

At this time, I had time to help her, and after some digging and borderline stalking, we managed to get the phone numbers of some of the higher ups in my country, and she started calling them directly.

After talking to a couple who refused to help, she reached the Vice President of the country branch, and was finally able to talk to someone who gave a shit.

Still took over a month more to actually get the money, but now she had someone who actually gave her statuses, receipts and ETAs.

FUCK!

I made a friend this week through work

She's called Miriam

I know we're friends because we talk every day

5 times a day

Because she keeps calling

Every time she asks for my CEO, I tell her he won't be in until after Christmas but sure enough she calls back an hour and a half later, asking for the same person

But the weirdest part is she's calling from a legitimate, large company. It's not a cold call. So, why?

If anyone works at Proventa, tell Miriam to stop.

Please?

I hate myself. I’m trying to grow my client base by proactively cold-calling and cold-emailing and cold-visiting dozens of likely prospects. There just appears to be no other way to do this in my area. I don’t have the thousands of dollars per month required to get traction in online ads. Why do I hate myself? Because I have to stoop as low as the sales bros I can’t stand to be around. Feeling like a car salesman in a cheap pinstriped suit. I got into tech so I wouldn’t have to do this crap. But how am I supposed to get clients without the shuck and jive of being a salesman? Ugh.

Worst enterprise software experience... I was fresh out of college, and needed money. I was working in a call center, fielding IT helpdesk calls for a major US telecom company, who had just acquired a competitor. One day I got to work and about ten of us were given a new desk, new phone number, an an email address at the newly acquired company. My manager said to us "We have no clue how any of their proprietary systems work, what servers they run on, or how to login to them. Your phones are ringing, make sure you take good notes so the Tier-1s can help out next week. Good luck."

Trial by shit-storm fire, all while trying to convince the caller that yes, I did know what I was talking about. It was a lot of cold calling random employees whose job title in the corporate directory looked even remotely close to somebody I could escalate a ticket to. They didn't use the same ticketing system we used, so it was a lot of copy/pasting between two ticketing systems. To this day, I still have no clue what happened to their original call center staff. I'm sure they must have had one, but it seemingly just dissolved overnight.

That job was the springboard to my development career. I left for a gig in software helpdesk, then to quality assurance, automated testing, and now I'm a senior DevOps engineer. It was worth it.

One of the top annoying behaviors of interested hiring parties is recruitment agencies cold-calling you, as if you're a disposable packet of Skittles! It's outrageous!

Incoming phone call from an unknown number. I am busy coding, the number is not in my contacts, and there is no caller ID. Callers could leave a message on my voice box, but most don't. Callers could send me an email or a short message, but most don't. When I google their number, there is either no entry at all, or one of those generic reverse phone book sites called something like "look who's calling" telling me that it's a German number of an unknown ower. I don't get it.
If making outbound cold calls is your profession, why won't you use any of those free trust-building options? Are those people getting paid just for typing numbers into their keyboard and listening to the ring tone?

Anyone knows the logic behind recruiters calling you cold turkey instead of sending you an email with the job details?
I always wait for the voicemail but...
It is so annoying!