Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
So my Girlfriend bought a new iPhone at Verizon today. Cool story, I know, but here's where it's gone from there.
Firstly her debit wouldn't run as credit, so we used mine but that's the least of it (but began it).
So she has 16,000 photos... Alot, sure, but not the issue. Obviously with that amount of data she wasn't about to reasonably use iCloud to back it up (understandable only by me) so she was confronted both by me and the Verizon employee about this issue to where we both (the Verizon employee and I) agreed that an iTunes backup/restore was the only way to preserve her data. She was confused. No worry, told her I had it handled and the Verizon employee agreed. Great. Yet we get home and begin the process. My girlfriend was not on the latest iOS (understandable given the battery scenario and she was on an iPhone 6) and this was ridiculous to her because she had to update in order to do the iTunes back up. Whatever, I brushed it off. Her phone was updated, and backed up... Which took a while but we are talking 30gb (of which she had no understanding of how much that was). After the back up we discovered her new phone wasn't working due to a bad sim, great, no problem we have the old one... But oh no. "I don't want that shitty old sim" she said. Uhmm what... I say, and say let me get an earring (to switch the Sims) and she gave one to me and as soon as I went to pop the tray, she had a fucking heart attack as if I was demolishing her phone. I talk her down, get it switched, get the phone to restore (slow process as she's complaining... 30gb mind you) and it works. She goes to bed. Comes back, texts aren't working. I say imessages or texts (now she has no idea) I troubleshoot, seems nothing's working, and that's okay Verizon must of reinstated the new sim and deactivated the old (fine). I switch them and it works. She proceeds to berate me about the SIM cards because she didn't want the 'old shitty one' (the one that got us to the place of a functioning phone).
Now everything works and she claims a Genius bar employee would of done this in minutes.
I (obviously) lose my shit, now I'm sleeping on the couch.
Im an IT professional / programmer..... this shit really ticked me off.38 -
RANT Incoming
Not necessarily dev related but I need to get this off my chest.
So a bit of a backstory. I had to stay late from school the other day and ended up having to take an Uber home. The ride was fine lady was nice. Everything seems to be going well and there were no signs of any payment failure.
Then yesterday, I had to stay late again. I never said that I had an outstanding balance on my account. Apparently Uber was having problems charging my Android pay account.
So I ended up being stuck at school for like 3 hours. Great!😑
So I emailed Uber when I got home. And this is when I started pulling my hair out. I don't know how many replies I had, but each time I had to tell them that I was not using a prepaid card.
This was one of my replies:
"I'm sorry, are you real? If you are, here is a quick summary of the issue. I am using ANDROID PAY with my CHASE DEBIT CARD. Not, NOT, NOT a prepaid card. I happen to know that CHASE DEBIT CARD(which is the card I use, in case you have already forgotten) works with uber because MY FATHER USES THE EXACT SAME TYPE OF CARD with uber. He uses a CHASE DEBIT CARD(again I use that same type of card as well). So by using LOGIC I am able to deduce that a CHASE DEBIT CARD is in fact compatible. AGAIN THIS IS NOT A PREPAID CARD!!! If the card is incompatible, WHY DOES THE APP ALLOW BE TO ADD IT?!?! Also in response to your last email... Because I am using Android pay, do you really think that an ANDROID would be able to use APPLE pay? Also Google wallet is DISCONTINUED! Finally, PayPal DOES NOT CONNECT TO UBER. Returns a "Server Error." So please stop wasting my time with generic help solutions. Believe me, I have already googled my issue, and nothing comes up. That is why I contacted Uber. I want my driver to be paid, and, uber had made it SO painful with unhelpful "Solutions" to problems that don't even APPLY TO MY ISSUE. No not even mention PREPAID cards in your reply or I will consider you a robot built by monkeys banging their heads on a keyboard. Uber HAS my VALID payment information, USE IT! If there is a phone number I can call, please, enlighten me"
And the response was:
"Thanks for reaching out with this.
Happy to help with this issue you are having.
After reviewing your I can see that the only payment method associated with your account is an ANDROID PAY card and it is also a prepaid card. Some cards and methods are not compatible with our billing processes and can't be used with Uber. This includes prepaid cards."
So I concluded that they are monkeys.
Then Uber banned me from logging into my account because I didn't pay.
So now it is impossible for me to pay because I can't do anything with my account.
Now they want my SSN and a bunch of other shit that I won't give them.
I told them that they were being illogical, and I got the exact same response about the prepaid bullshit.
So I sent them this photo as a goodbye.
I get my driver's licence next weekend, so I won't need Uber anymore. YAY!
Also mind grammatical errors, I talked it in and am to lazy to proofread
13 -
*signs up for Skillshare*
> Sorry, your password is longer than our database's glory hole can handle.
> Please shorten your password cumload to only 64 characters at most, otherwise our database will be unhappy.
Motherf-...
Well, I've got a separate email address from my domain and a unique password for them. So shortening it and risking getting that account stolen by plaintext shit won't really matter, especially since I'm not adding payment details or anything.
*continues through the sign-up process for premium courses, with "no attachments, cancel anytime"*
> You need to provide a credit card to continue with our "free" premium trial.
Yeah fuck you too. I don't even have a credit card. It's quite uncommon in Europe, you know? We don't have magstripe shit that can go below 0 on ya.. well the former we still do but only for compatibility reasons. We mainly use chip technology (which leverages asymmetric cryptography, awesome!) that usually can't go much below 0 here nowadays. Debit cards, not credit cards.
Well, guess it's time to delete that account as well. So much for acquiring fucking knowledge from "experts". Guess I'll have to stick to reading wikis and doing my ducking-fu to select reliable sources, test them and acquire skills of my own. That's how I've done it for years, and that's how it's been working pretty fucking well for me. Unlike this deceptive security clusterfuck!14 -
Dude
The client has a giant database with all credit and debit cards
ALL INFOS IN FUCKING PLAINTEXT
THE CARD NUMBER
THE CVV
THE EXPIRY DATE
I'M SHAKING AF38 -
Long story short, I'm unofficially the hacker at our office... Story time!
So I was hired three months ago to work for my current company, and after the three weeks of training I got assigned a project with an architect (who only works on the project very occasionally). I was tasked with revamping and implementing new features for an existing API, some of the code dated back to 2013. (important, keep this in mind)
So at one point I was testing the existing endpoints, because part of the project was automating tests using postman, and I saw something sketchy. So very sketchy. The method I was looking at took a POJO as an argument, extracted the ID of the user from it, looked the user up, and then updated the info of the looked up user with the POJO. So I tried sending a JSON with the info of my user, but the ID of another user. And voila, I overwrote his data.
Once I reported this (which took a while to be taken seriously because I was so new) I found out that this might be useful for sysadmins to have, so it wasn't completely horrible. However, the endpoint required no Auth to use. An anonymous curl request could overwrite any users data.
As this mess unfolded and we notified the higher ups, another architect jumped in to fix the mess and we found that you could also fetch the data of any user by knowing his ID, and overwrite his credit/debit cards. And well, the ID of the users were alphanumerical strings, which I thought would make it harder to abuse, but then realized all the IDs were sequentially generated... Again, these endpoints required no authentication.
So anyways. Panic ensued, systems people at HQ had to work that weekend, two hot fixes had to be delivered, and now they think I'm a hacker... I did go on to discover some other vulnerabilities, but nothing major.
It still amsues me they think I'm a hacker 😂😂 when I know about as much about hacking as the next guy at the office, but anyways, makes for a good story and I laugh every time I hear them call me a hacker. The whole thing was pretty amusing, they supposedly have security audits and QA, but for five years, these massive security holes went undetected... And our client is a massive company in my country... So, let's hope no one found it before I did.6 -
Well, well, well, my new year's gift:
Someone is jamming thousands of requests per second, and NO firewall. JWT tokens that expires in 3 HOURS.
Now MORE THAN 40K stolen.
But, where did it come from? https://devrant.com/rants/4961285/...16 -
My grandfather is at age 72 & don't know much about technology. He forward me this message on whatsapp bcz I'm a software engineer. He made my day...
What is the difference between http and https ?
Time to know this with 32 lakh debit cards compromised in India.
Many of you may be aware of this difference, but it is
worth sharing for any that are not.....
The main difference between http:// and https:// is all
about keeping you secure
HTTP stands for Hyper Text Transfer Protocol
The S (big surprise) stands for "Secure".. If you visit a
Website or web page, and look at the address in the web browser, it is likely begin with the following: http:///.
This means that the website is talking to your browser using
the regular unsecured language. In other words, it is possible for someone to "eavesdrop" on your computer's conversation with the Website. If you fill out a form on the website, someone might see the information you send to that site.
This is why you never ever enter your credit card number in an
Http website! But if the web address begins with https://, that means your computer is talking to the website in a
Secure code that no one can eavesdrop on.
You understand why this is so important, right?
If a website ever asks you to enter your Credit/Debit card
Information, you should automatically look to see if the web
address begins with https://.
If it doesn't, You should NEVER enter sensitive
Information....such as a credit/debit card number.
PASS IT ON (You may save someone a lot of grief).
GK:
While checking the name of any website, first look for the domain extension (.com or .org, .co.in, .net etc). The name just before this is the domain name of the website. Eg, in the above example, http://amazon.diwali-festivals.com, the word before .com is "diwali-festivals" (and NOT "amazon"). So, this webpage does not belong to amazon.com but belongs to "diwali-festivals.com", which we all haven't heard before.
You can similarly check for bank frauds.
Before your ebanking logins, make sure that the name just before ".com" is the name of your bank. "Something.icicibank.com" belongs to icici, but icicibank.some1else.com belongs to "some1else".
👆 *Simple but good knowledge to have at times like these* 👆3 -
Today the government from Costa Rica announced their solution to tax double any UBER charge registered to debit/credit cards.
Their logic is to pretty much do it for any commerce that includes the letters UBER. Like something out of your first Unity C++lesson2 -
Why the fuck is debit cards that don't need a PIN for transactions even a thing? What is so difficult to understand or implement in a two factor authentication? Like do these companies have meetings where some fucktard proposes removing a crucial security feature and the others just nod approval?6
-
I have a task:
Make a feature to gather donates at web site through debit cards and e.t.c.
Additional conditions:
There is no company to register the payment gateway.
U need to find the one that would agree to work with physical person in Russia.
It needs to accept payments in USD and EURO worldwide.1 -
Lets just say that Stripe payment gateway or paypal doesn't work in your country, but you have to accept payment through credit/debit cards like martercard/visa and Paypal in your web app or mobile app. How would you do it?12
Top Tags
Weekly Rant
View