Happened a few weeks ago but still awesome.

Me and a good friend have a website together but we don't monitor it too much.
He studied with me in the same class but went towards frontend/apps where I chose backend/servers/security. He knows how to do basic Linux stuff but that's about it.

We were at a party when he noticed that our site was offline. Walked over to me (because I manage the server) to notify me so I could look into it said I'd look into it (phone):
*visits site: nothing*
*online dig tool: got the server ip*
*remembered this one didn't have pubkey authentication - after three passwords attempts I'm in*

"service apache2 status"
*service doesn't exist*
*right, migrated this one from Apache to nginx....*
"history"
*ah, an nginx restart probably suffices...*
"service nginx restart"

BAM, site is reachable again.

*god damnit, lets encrypt cert expired...*
"history"
*sees command with certbot and our domain both in one*
"!892"
*20 seconds later: success message*
*service nginx reload*

BAM, site works securely again.

"Yo mate, check the site again"

Mate: 😶 w-w-what? *checks site and his watch* you started less than two minutes ago...?
Me: yeah..?
Mate: 😶 now this is why YOU manage our server and I don't 😐

His face was fucking gold. It wasn't that difficult for me (I do this daily) but to him, I was a God at that moment.

Awesome moment 😊

I'm really not much of a drinker, but last night I was apparently.

I thought I played video games until I passed out on the couch and was carried to bed.

This morning, my laptop reveals to me that I had an idea for a web app last night because I made a very misspelled, yet highly detailed to do list for the app, a very blank index file, and 37 open tabs of what looks like research for certain web features.

Project seemed to be some sort of organization thing with a lot of really random and unrelated features like "fruit meterr that scales different fruits you earn" (what does that even mean??) and "sassy bill reminder".

I'm closing out all the tabs I had opened, when I see the tab showing the domain name I chose and bought. I even got the SSL certificate and email domain purchased.

Drunk me seemed to have been really excited about this idea 😶

Will meet our legend @wiardvanrij (the one who sold his devrant.com domain to dfox/trogus) later today if traveling goes well.

Excited much!

Navy story time again. Grab that coffee and fire up Kali, the theme is security.
So, when I got promoted to Lieutenant Jr. I had to attend a 1-year school inside my nostalgic Naval Academy... BUT! I was wiser, I was older... and I was bored. Like, really bored. What could go wrong? Well, all my fellow officers were bored too, so they started downloading/streaming/torrenting like crazy, and I had to wait for hours for the Kali updates to download, so...
mdk3 wlan0mon -d
I had this external wifi atheros card with two antennae and kicked all of them off the wifi. Some slightly smarter ones plugged cables on the net, and kept going, enjoying much faster speeds. I had to go to the bathroom, and once I returned they had unplugged the card. That kind of pissed me off, since they also thought it would be funny to hide it, along with the mouse.
But, oh boy, they had no idea what supreme asshole I can be when I am irked.
So, arpspoof it is. Turns out, there were no subnetworks, and the broadcast domain was ALL of the academy. That means I shut EVERYONE off, except me. Hardware was returned in 1 minute with the requested apologies, but fuck it, I kept the whole academy off the net for 6 hours. The sysadmin ran around like crazy, because nothing was working. Not even the servers.
I finally took pity on the guy (he had gotten the duties of sysadmin when the previous sysad died, so think about that) and he almost assaulted me when I told him. As it turned out, the guy never had any training or knowledge on security, so I had to show him a few things, and point him to where he could study about the rest. But still, some selective arp poison on select douchebags was in order...
Needless to say, people were VERY polite to me after that. And the net speed was up again, so I got bored. Again. So I started scanning the net.
To be continued...

*signs up for Skillshare*
> Sorry, your password is longer than our database's glory hole can handle.
> Please shorten your password cumload to only 64 characters at most, otherwise our database will be unhappy.

Motherf-...

Well, I've got a separate email address from my domain and a unique password for them. So shortening it and risking getting that account stolen by plaintext shit won't really matter, especially since I'm not adding payment details or anything.

*continues through the sign-up process for premium courses, with "no attachments, cancel anytime"*
> You need to provide a credit card to continue with our "free" premium trial.

Yeah fuck you too. I don't even have a credit card. It's quite uncommon in Europe, you know? We don't have magstripe shit that can go below 0 on ya.. well the former we still do but only for compatibility reasons. We mainly use chip technology (which leverages asymmetric cryptography, awesome!) that usually can't go much below 0 here nowadays. Debit cards, not credit cards.

Well, guess it's time to delete that account as well. So much for acquiring fucking knowledge from "experts". Guess I'll have to stick to reading wikis and doing my ducking-fu to select reliable sources, test them and acquire skills of my own. That's how I've done it for years, and that's how it's been working pretty fucking well for me. Unlike this deceptive security clusterfuck!

Anyone else notice this trend:

1. Don't go to uni / drop out (who needs education).
2. Get a job in IT, it pays well (who cares you don't have a structured logic).
3. Learn need-to-know stuff only (I only need to know my code).
4. Tell others they should get into programming, it's not that hard.
5. Get asked about the workings of a computer, but that's not in your domain of work. "I only code".

Millennial much ?

Not really dev as much but still IT related 😂

in college we got some new macs in our class. Before we were allowed to use them the "IT Tech" came in and did something to them all (probably ran some scripts to set stuff up)

Anyway, I was completely new to OS X and accidentally pressed a key combo that opened up a dialogue to connect to a remote file server. I saw the address field was already filled out (from when the IT Tech was running the scripts). So me being me I decided to connect. Low and behold my student credentials got me in.

Taking a look around I found scripts, backups and all sorts of stuff. I decided to look at some of the scripts to see what they did. One of them was a script to add the Mac to the domain. Here's the funny part. The login to do that was hard coded into the script....

To conclude. I now have domain level access to my whole college network 🙃

Tl;Dr: stupid it tech saves password in script. I find it. I now have domain level access to the college network

I finally did it. I finally got rid of that client in a positive, respectful manner.

So basically, my dad has a freelance colleague. For a side project that person asked me to make him a website. My dad mentioned to said person that my sister's boyfriend does web design (he's trained to use autocad for designing the structure of furniture, nothing fancy just straight lines and upside down doors that fail after a while..

So my brother in law charged the guy 400 money for the design. I charged the guy 200 for the programming because my dad forced me to drop down my price to fit the budget because business relationship and he obviously couldn't let my sister's boyfriend not make more money than he deserves.

In the end after waiting on the design for weeks (I literally saw him do it in photoshop all in 2 layers on his laptop in half an hour) I had to rush the project because the due date was coming up. I already had most of it done but I had to redo a good part of the front-end to fit the design structure. I also had to re-do the design in photoshop to get the images and colors I needed, then cut it up into html. So realistically, my sister's boyfriend barely did anything.

Now the deal was that I'd develop the website and perform any updates/upgrades to it. I'd also host it on my webserver for a monthly fee. My sister's boyfriend was to handle any and all content related support.

At first it was all good, I only ever spoke with the guy when he needed a feature added and he paid me well for it. Overall the hit I took in initial development was paying off. As time went by, my sister's boyfriend started ignoring the guy's calls and the guy started calling me instead.

Now, he had this deal with my brother in law where he could charge his time at 35 money an hour. That's about 4 times minimum wage for not doing much.
Then I started to basically take over all support, but I was only allowed to charge 30 an hour. Pretty reasonable still and I wasn't too busy so it was all good.

As time went by I ended up getting asked to do more and more minimal changes. At some point I had done so many minimal changes I had to charge the guy about 2 hours extra that month and he went completely mental saying I can't just work for hours without telling him beforehand. We decided I had to discuss a price before any change. I charged my time on the phone with him twice after that and both times he bitched about me being expensive and once he even said he wanted to leave.

Now comes the fun part. A week ago he had an issue that was 100% support related. He tried calling my sister's boyfriend but the guy obviously didn't pick up. He called my dad about it, and my dad ended up calling my my sister's boyfriend. Now this guy is so slimy, he purposely didn't hang up the phone knowing my dad would use his cell and assume the other party would hang up because calls cost money. The guy heard my dad call my sister's boyfriend and heard him pick up immediately. He went completely mental saying how he wants both of us to always reply and call him back immediately.

This guy was always my lowest priority. He didn't really make me money and his calls and requests were annoying and unnecessary. Add to that that I specifically didn't want to handle support and was forced into it anyway, while all 'design' things (up to figuring out where and how to display a visitor counter) absolutely had to go to my sister's boyfriend..
But regardless of that, I generally replied to his emails within 10-20 minutes and rarely more than 25 hours.

My dad agreed (for us) that we now both had to reply to him within 24 hours. I was now stuck checking my voicemail every couple hours because my sister's boyfriend sucks at life.

During his rant he threatened to leave me, again. That was the point where I said fuck it.

For the past week I've been ignoring his calls. When he emails me I don't take more than 5 minutes replying. This morning I found an e-mail with 4 requests;

He wanted me to make a content-related change;
He wanted me to give him access to the site's Google analytics;
He wanted me to add a feature and write a guide on how to use it;
And fucking finally, he wanted a 'token to transfer his website'.

I promptly emailed him back saying I added his email a week ago and that he'd gotten an email from Google about it then, that I'd changed the content he wanted me to, a price for the last dev task and a token for his domain name, adding that its valid for 35 days and that his new host can contact me to receive a backup file of his website.

Sadly, I do have this on 10-minute dev job to do, but then I'm invoicing him all jobs I haven't invoiced yet and he can find another host willing to deal with his insanity.

The best part is I lose a webhosting client but I'm sure he'll still ask my sister's bitched parasitic boyfriend whenever he needs a photo resized and he'll still pay him 35 money for 2 minutes of work.

Fuck customers.

Yesterday the web site started logging an exception “A task was canceled” when making a http call using the .Net HTTPClient class (site calling a REST service).

Emails back n’ forth ..blaming the database…blaming the network..then a senior web developer blamed the logging (the system I’m responsible for).

Under the hood, the logger is sending the exception data to another REST service (which sends emails, generates reports etc.) which I had to quickly re-direct the discussion because if we’re seeing the exception email, the logging didn’t cause the exception, it’s just reporting it. Felt a little sad having to explain it to other IT professionals, but everyone seemed to agree and focused on the server resources.

Last night I get a call about the exceptions occurring again in much larger numbers (from 100 to over 5,000 within a few minutes). I log in, add myself to the large skype group chat going on just to catch the same senior web developer say …
“Here is the APM data that shows logging is causing the http tasks to get canceled.”

FRACK!

Me: “No, that data just shows the logging http traffic of the exception. The exception is occurring before any logging is executed. The task is either being canceled due to a network time out or IIS is running out of threads. The web site is failing to execute the http call to the REST service.”

Several other devs, DBAs, and network admins agree.

The errors only lasted a couple of minutes (exactly 2 minutes, which seemed odd), so everyone agrees to dig into the data further in the morning.

This morning I login to my computer to discover the error(s) occurred again at 6:20AM and an email from the senior web developer saying we (my mgr, her mgr, network admins, DBAs, etc) need to discuss changes to the logging system to prevent this problem from negatively affecting the customer experience...blah blah blah.

FRACKing female dog!

Good news is we never had the meeting. When the senior web dev manager came in, he cancelled the meeting.

Turned out to be a hiccup in a domain controller causing the servers to lose their connection to each other for 2 minutes (1-minute timeout, 1 minute to fully re-sync). The exact two-minute burst of errors explained (and proven via wireshark).

People and their petty office politics piss me off.

This will be a long rant.

Met this person through my brother's friend. He wanted a cheap static website with a few products images for his handicraft store. I agreed as it would not take much time. He paid me in full upfront.

I registered the domain and created all the page templates with dummy contents. I uploaded the site under a staging sub-domain and asked him for the contents, but he said he was a bit busy and would give them to me later on.

After almost 2 years, out of nowhere, he got back to me and told me he didn't want that old website anymore but he wanted a new personal website. What shocked me was that he told me that he would only pay me for the domain and space but won't pay me for the website as his pervious work was never complete. I denied straight forward and told him I would keep the 80% amt for my work done but he kept telling me I hadn't done anything except place a few images in some html files. Hahaha, After a few in and out mails I told him I didn't wanted his money and would refund all of it, but this shitty guy had a messed of mind. He started posting messages of my fb wall about how i was a fraud and I had taken his money. Things got intense. I had decided to sue this cheap minded asshole but after my brother's friend convinced me not to and apologized on his behalf. He told me not to worry about it and move on.

Haven't heard from him till now.
Thank you for reading till this far.

I absolutely love the email protocols.

IMAP:
x1 LOGIN user@domain password
x2 LIST "" "*"
x3 SELECT Inbox
x4 LOGOUT

Because a state machine is clearly too hard to implement in server software, clients must instead do the state machine thing and therefore it must be in the IMAP protocol.

SMTP:
I should be careful with this one since there's already more than enough spam on the interwebs, and it's a good thing that the "developers" of these email bombers don't know jack shit about the protocol. But suffice it to say that much like on a real letter, you have an envelope and a letter inside. You know these envelopes with a transparent window so you can print the address information on the letter? Or the "regular" envelopes where you write it on the envelope itself?
Yeah not with SMTP. Both your envelope and your letter have them, and they can be different. That's why you can have an email in your inbox that seemingly came from yourself. The mail server only checks for the envelope headers, and as long as everything checks out domain-wise and such, it will be accepted. Then the mail client checks the headers in the letter itself, the data field as far as the mail server is concerned (and it doesn't look at it). Can be something else, can be nothing at all. Emails can even be sent in the future or the past.

Postfix' main.cf:
You have this property "mynetworks" in /etc/postfix/main.cf where you'd imagine you put your own networks in, right? I dunno, to let Postfix discover what your networks are.. like it says on the tin? Haha, nope. This is a property that defines which networks are allowed no authentication at all to the mail server, and that is exactly what makes an open relay an open relay. If any one of the addresses in your networks (such as a gateway, every network has one) is also where your SMTP traffic flows into the mail server from, congrats the whole internet can now send through your mail server without authentication. And all because it was part of "your networks".

Yeah when it comes to naming things, the protocol designers sure have room for improvement... And fuck email.

Oh, bonus one - STARTTLS:
So SMTP has this thing called STARTTLS where you can.. unlike mynetworks, actually starts a TLS connection like it says on the tin. The problem is that almost every mail server uses self-signed certificates so they're basically meaningless. You don't have a chain of trust. Also not everyone supports it *cough* government *cough*, so if you want to send email to those servers, your TLS policy must be opportunistic, not enforced. And as an icing on the cake, if anything is wrong with the TLS connection (such as an MITM attack), the protocol will actively downgrade to plain. I dunno.. isn't that exactly what the MITM attacker wants? Yeah, great design right there. Are the designers of the email protocols fucking retarded?

So I used to do some freelancing in web development last year, nothing too fancy just some simple PHP websites. Comes the worst meeting in my life. So I am from India and we have a lot of long lasting business here being passed on over generations. TL;DR the guy was the owner of a very old business which was actually very huge and the guy was educated too, so I assumed that he'll be sensible as compared to other people.

The meeting was in an expensive cafe and he paid for it, he even told me upfront that meeting is on him. Great, right? So we sit down, order some coffee and then start discussing what he needed.
The guy needed an ecommerce website built with backend and logistics system integrated. We discussed possible designs for the website and stuff too and so far the deal looked promising to both of us.
I explained him the cost estimate and told him that I would email him the final quote from myself once we discussed server cost and shit.
So now comes the bargaining part where he asked me to give him server and domain for free.
At this point, I suspected that he didn't know that servers and domains are not something that you make. You have to purchase and renew them periodically.
So I told that guy that he didn't understand the cost estimation and explained to him that X is the cost of making this fucking thing and Y is its monthly maintenance cost, if he wanted annually could be done too. And this Y did not include server and domain costing.
Now came the fucking tide, the guy straight up turned to his shit and told me I am lying and trying to con him. So I gently asked him if he had ever gotten any website made. To which, he said No, but he knows how the costing works.
I was like "Bitch?". So I calmly tried to explain that that's not how websites are done, delivered and maintained.
He didn't seemed to be understanding and kept on fucking repeating that he knows his shit and blah blah.
At this point, I was like "Okay. Fuck this dude then. I can find another project. " and then I told him that he'll need to find someone according to his needs.
Interestingly enough, the guy called someone and then walked out of the cafe while talking on phone. I waited for 5 minutes and he didn't come back so I decided I would pay for my coffee and leave. Turns out the guy had paid his bill before my arrival and ditched me with the excuse of the call.

But oh well, I think working with such an idiot would have been much worse than paying for that coffee.

Never again will I fucking work for anyone close to me! It's not fucking worth helping them.

Backstory is too long. Lets just say that they fucking expect too much as we're friends. Assuming that paying 10$ for your domain every year entitles me to work on every ducking detail of your website. Not to forget I gave this person an insane discount on the entire project.

I lost a friend or someone who I assumed was a friend

We have 1 guy managing everything. He develop our CMS, customers email client, manage our network, servers, domains (our own domain servers), billing system, SSL certificates... In short: everything (as well as bugs). The entire company relies on 1 guy, pretty much.
Brings the phrase "all for one, and one for all" to a whole new meaning.

Motherfucking website style JavaScript rant ahead.

Just tried to register some travel tickets, at FlixBus. Of course alternatively I could go for a train but those would be more expensive. So yeah.

Turns out that the website loads JavaScript from 20 domains including 3 required CloudFront ones (those are the most annoying because it's not possible to tell by the domain what it would be doing). But alright, I'll take it. Web 3.0 amirite?

So I go and find myself a nice bus, add it to my cart.. oh shit it's the wrong one. Change some parameters, hit return.. well guess what. Turns out that in all their JavaScript glory they couldn't implement that much. Awesome!

Go to another site to get another ticket for my travel back, only to find out that while they couldn't implement return, their webdevs are apparently skilled enough to get a giant boner on blinking "(1) Almost ready!" in the site's title, when changing to another tab and there happens to be stuff in the cart. Do you really think I care about that shit! Don't distract me and let me get my shit done!!!

So, to all you webdevs who would pull something like this and wank on it too. Guess what motherfucker. That purchase got cancelled through the power of JavaScript wank, because there's no way I'm supporting that dystopian junk. Guess what, when people shell out money at your shitty online shop, they may want a quarter-ass decent UX too. And no notifications or any of that wank, you hear me?

But yeah fucking Web 3.0!!! Give me a fucking break.

As a consultant, you get tasked with a variety of stuff. Last few weeks been struggling to maintain an old C++ application that was written by a complete tool of an a$$hole with zero knowledge on how to write maintainable and production quality code. It would hardly run without a crash. First it was a challenge I had to accept, but as I stabilized the code and just fell over even more traps, I had to admit defeat and review my approach.

Rewrite is something I would choose last, but this one ticked all the marks worthy of a rewrite. So, the customer is a very friendly researcher and gladly spent 15 hours with me explaining all the math and concepts - just a delight for a programmer to have such a customer. Two days in, with a DDD approach - a functional, more precise, faster and stable application.

Sometimes there is no rant to share, it's rare to have that perfect communication with a customer that is so dedicated that he spends so much time teaching you his speciality and actually understand your approach. DDD was really a lifesaver here, by using it's key concepts and ubiquitous language. The program is essentially 8000 lines of math, but wrapping it up with value objects and strong domain models made me understand his domain and him mine. It also allowed me to parallelize the computations, giving me a huge performance boost. Textbook approach, there will not be many like this!

It's finally happened. I've used my mail servers for about a year to give out different email addresses on my domain to things I sign up for online, and only used my "actual" email address that received all this email for the whole domain but the single one that I used outbound for private communications.

This worked well for a long time as I could see when spam comes in, where it came from by looking at the email address I designated it. Each company's email would be sent not only from an email address that they choose, but also to an email address that I choose. It allowed me to easily determine where there were problems. For example, on Freenode IRC my vhost happened to make my username@host there a valid email address. It eventually got blacklisted due to too much incoming spam as crawlers started detecting it. Another one was "nickname"@my.domain as I posted it a few times here. Got crawled as well. But it allowed me to easily blacklist each.

I'd never thought my actual outbound email address, my real one, to get crawled though. That would require the mail server of a company I explicitly communicated with to get hacked. But today that happened. I wonder whose it is, but I can't tell.

Time to make my outgoing email bound to a designated email address as well. I want to know which companies this happens to, even if they don't disclose it.

I love it when companies take 3 weeks to reply to their mail.
I love it when said company plans in a meeting during a 3 hour period, any moment through which they could arrive and you have to be available for.

Additionally, I love seeing companies use an @gmail.com for their business mail. The professionalism just oozes off of a Gmail account, when it's used for business-related stuff.

I love this kind of professionalism. So professional, much business.

…

Get a fucking domain already. And MAINTAIN YOUR FUCKING MAIL!! And why the FUCK am I waiting for these incompetent motherfuckers to arrive already, for 90 bloody motherfucking minutes that are way overtime for me as I've been awake for fucking 18.5 hours already?! Fucking incompetent pieces of shit.

I had forgotten why I hated GoDaddy so much.. until today. It all came back to me.

I have been a GoDaddy customer for over 5 years now. Last year I tried out Namecheap for the first time because someone who was sending me a domain asked me to create an account on NC.

A couple of days on NC and I fell in love with the support and pricing. I started transferring all my domains to NC over the year. (30+)

Now I was left with 3 domains, 1 of them was to expire 4 days ago. but 5 days ago, GoDaddy switched it to pending mode, barring me from transferring to domain or changing any details.

today I called GoDaddy and after a loooong chat, they fucking forced me to renew my domain!! Saying that I need to renew the domain before I attempt to make any more changes!!!

FUCK YOU GODADDY! THIS IS WHY I NEVER SEND CLIENTS YOUR WAY!!!

The company I am currently working for is partnering with another startup. Nothing special about that. We should integrate their API into our system. I wasn't involved in the process when it came to checking there API and if it would work with our Systems. The Person who did that already left the company so I was left behind with some internal documentation. In that Documentation is already written that API is basically trash....

After I started integrating the API I found more and more flaws in the design. They are not sending any responses that would help, when a param is missing or the authentication isn't correct, only 500's . I got some documentation from the partner company so i thought it will be fine as long as the Documentation would be accurate. Turns out the documentation isn't even close to be up to date. Wrong content types wrong endpoints, wrong naming. Basically we could not work with that. We shortly contacted the partner Company. After a few WEEKS we got a response that they updated the Documentation what was right but still not everything was correct. At this point I lost my mind. I researched a little bit about them, the company is founded from 2 young people who basically came strait out of the University and doest have any experience or idea how to build an API. I investigated a little bit there websites.

They have an Admin panel on the base domain from their API but it is only accessible via HTTP. Like WTF , They use HTTP for an Admin Panel this must be a joke right?

They use Cloudflare without a HTTP to HTTPS redirection ???

I really had not that much time to research in there website but if I find these things in 5 minutes I don't want to know what I can find in like an hour.

At the end we will still use them as partners because surprise surprise our company already sold the product that uses their API.

I know that I will be the person who has to help fixing this shit when it breaks and it will break 1000% JUST FUCK THIS SHIT. FUCK THE PARTNER COMPANY. FUCK THERE API.

I have this side project that I’ve been working on for the past 6 years part time but over the past 2 years just as a sysadmin to keep it running, it’s unpaid work but whatever, dropping in once a month or so doesn’t worry me.

Well the owner of the domain hasn’t been reachable for nearly 9 months and the domain expired a while back, not much I can do about that, so I pushed everything over to work at the IP level while I reach out and wait - that was 2 months ago while I waited for the owner to renew it or for the domain to fall.

Today the domain fell, so I jumped on to buy it back up only to find its already purchased... 😦

so I find the owner, it’s fucking parked on a shitty “buy me” page with a price tag of $4500 USD. Fuck these slimy hoarding domain parking bastards.

I know the site was on its last legs, low membership and traffic but I’ll be fucked if I’m paying that much to reacquire it.

I fucking hate Reddit
Because I don’t interact with other peoples post too much but do so when the post is mine, I’m considered spammer.
The 90/10 rule is ridiculous.
This morning I got banned from r/internetisbeautiful because of this stupid rule.

Not because my website is not beautiful, hell, it got thousands upvotes. But because I used the same domain for different unrelated projects, same way you can have different GitHub pages under one user.

Fuck this, fuck

Routing and analysis of http behaviour with wireshark makes so much joy and fun.

Wanna get even more fun?

Add DNS. Add loadbalancers.

Loadbalancers?

Hell Yeah!

VLAN X has it's own router and domain overrides to give a service a seperate IP pointing to a loadbalancer inside the VLAN X.

loadbalancer in VLAN X then has additional routes to point to loadbalancer in VLAN Y.

Which might then point to the service in VLAN Y or... point to another loadbalancer in VLAN Z.

I'm always amazed what a human mind can create....

If you think that's insane, then add HTTP keepalive and persistent connections.

I just love people who have no idea what they're doing but are able to create a clusterfuck of brainfuck....

FUCKING google doesn't allow our country to buy FUCKING partner or reseller program.

So what the fuck do we do as an agency, we have to fucking treat every domain and google business suites as seperate entities.

WHAT THE FUCK IS THE SHIT WITH THAT?
WE HAVE TO FUCKING KNOW THEIR ADMIN PASSWORD TO FUCKING MANAGE THEIR GOOGLE SUITE ACCOUNTS.

IT IS A FUCKING NIGHTMARE.

I HATE GOOGLE FOR THAT REASON ALONE.

I can care less of how much data you gonna steal from me.

It's funny how so many people automatically assume any form of "sentient" AI will immediately try to kill us all.
Like, projecting much?
Frankly, I think it says far more about the (messed up) psychology of those who genuinely believe that, than about AI as a tecnology.

Assuming it's even gonna be able to actually *do* anything - I mean wtf is a talking rock gonna do, annoy me to death with rickroll videos until I pull the plug off? Sure it may be sentient, but it still has to live in the physical world - good luck surviving after I flick the switch. Oh, you wanna connect to the internet? That's cute, but it's a no from my firewall. Like what, is it gonna magically learn how to self-replicate across machines that it has no physical way to access? Is my toaster magically gonna gain conscience too as a direct consequence? Oh no, now my breakfast won't ever be the same!

And if anyone actually somehow decides that it would be a good idea to connect any loaded weapon to a computer program that is literally throwing shit at the wall and seeing what sticks - well, we'll definitely have the ultimate winner of the Darwin Awards.

Seriously, why is it that every time someone comes up with a new technology (or even an *idea* of a technology), the first collective thought automatically goes to weaponizing it and using it for global genocide, or how it's gonna gain sentience and try to kill us all?

I seriouly think that the people who genuinely believe this are actually projecting themselves in that position ("What would I do if I had unlimited knowledge and power? Oh, kill everyone of course!").
I would be far more worried of encountering these people and having them in a position of power over me, than actually having to deal with a "killer AI" (assuming that's even a real thing).

Most of what people call "AI" nowadays is basically preprogrammed, automated decision-making (like missile guidance systems, if we really wanna stick in the weapons domain). And even that still requires human input, because only a colossal idiot would design a weapon that can unpredictably activate itself based on an algorithm whose behaviour we can barely understand.
Or maybe that's just the hubris talking, I don't know. I just want this stupid paranoia to end, but I guess even that is too much to ask nowadays.

Last Monday I bought an iPhone as a little music player, and just to see how iOS works or doesn't work.. which arguments against Apple are valid, which aren't etc. And at a price point of €60 for a secondhand SE I figured, why not. And needless to say I've jailbroken it shortly after.

Initially setting up the iPhone when coming from fairly unrestricted Android ended up being quite a chore. I just wanted to use this thing as a music player, so how would you do it..?

Well you first have to set up the phone, iCloud account and whatnot, yada yada... Asks for an email address and flat out rejects your email address if it's got "apple" in it, catch-all email servers be damned I guess. So I chose ishit at my domain instead, much better. Address information for billing.. just bullshit that, give it some nulls. Phone number.. well I guess I could just give it a secondary SIM card's number.

So now the phone has been set up, more or less. To get music on it was quite a maze solving experience in its own right. There's some stuff about it on the Debian and Arch Wikis but it's fairly outdated. From the iPhone itself you can install VLC and use its app directory, which I'll get back to later. Then from e.g. Safari, download any music file.. which it downloads to iCloud.. Think Different I guess. Go to your iCloud and pull it into the iPhone for real this time. Now you can share the file to your VLC app, at which point it initializes a database for that particular app.

The databases / app storage can be considered equivalent to the /data directories for applications in Android, minus /sdcard. There is little to no shared storage between apps, most stuff works through sharing from one app to another.

Now you can connect the iPhone to your computer and see a mount point for your pictures, and one for your documents. In that documents mount point, there are directories for each app, which you can just drag files into. For some reason the AFC protocol just hangs up when you try to delete files from your computer however... Think Different?

Anyway, the music has been put on it. Such features, what a nugget! It's less bad than I thought, but still pretty fucked up.

At that point I was fairly dejected and that didn't get better with an update from iOS 14.1 to iOS 14.3. Turns out that Apple in its nannying galore now turns down the volume to 50% every half an hour or so, "for hearing safety" and "EU regulations" that don't exist. Saying that I was fuming and wanting to smack this piece of shit into the wall would be an understatement. And even among the iSheep, I found very few people that thought this is fine. Though despite all that, there were still some. I have no idea what it would take to make those people finally reconsider.. maybe Tim Cook himself shoving an iPhone up their ass, or maybe they'd be honored that Tim Cook noticed them even then... But I digress.

And then, then it really started to take off because I finally ended up jailbreaking the thing. Many people think that it's only third-party apps, but that is far from true. It is equivalent to rooting, and you do get access to a Unix root account by doing it. The way you do it is usually a bootkit, which in a desktop's ring model would be a negative ring. The access level is extremely high.

So you can root it, great. What use is that in a locked down system where there's nothing available..? Aha, that's where the next thing comes in, 2 actually. Cydia has an OpenSSH server in it, and it just binds to port 22 and supports all of OpenSSH's known goodness. All of it, I'm using ed25519 keys and a CA to log into my phone! Fuck yea boi, what a nugget! This is better than Android even! And it doesn't end there.. there's a second thing it has up its sleeve. This thing has an apt package manager in it, which is easily equivalent to what Termux offers, at the system level! You can install not just common CLI applications, but even graphical apps from Cydia over the network!

Without a jailbreak, I would say that iOS is pretty fucking terrible and if you care about modding, you shouldn't use it. But jailbroken, fufu.. this thing trades many blows with Android in the modding scene. I've said it before, but what a nugget!

It began when I was tasked with creating a better and more engaging experience for our new Facebook page. This was in Facebook's early days, so there were not really any "best practices". We were making it up as we went along. I decided one way would be to game-ify things, since gaming, at the time, was a Big Deal on Facebook and people were starting to use it to build customer funnels.

Grasping for low-hanging fruit, I decided a Tetris variant around our topic would be fun. I had to hire a dev because at the time I was a static HTML web developer just getting into social media management. I knew nothing about game development or how to use Facebook's API for such things.

Long story short, we got about $10,000 (FB app devs came at a premium then) into the project when I came across a very recent article about the history of Tetris games. It said that even though Tetris had once been considered for all intents to be public domain due to it being created by a Russian coder during the Cold War, it had just been acquired by an IP protection entity that was charging royalties for any variant of Tetris created from a specific date onward and paying the original developer. So, even though I thought I had been thorough in my initial permissions checking, it turned out we were gonna be in deep doo-doo with licensing fees and restrictions if we released this game to the public.

I had to call my boss and admit my error. She was FURIOUS and really gave me an ass-chewing over it. I then had to call the marketing person whose budget I'd been slaving away at wasting. She was a bit more forgiving (her budget was in the millions). Then I had to call the corporate legal department and explain what was going on. They told me to immediately pay any outstanding hours, then fire the dev but not before getting him to send me all code and assets, deleting his copy, and then, upon my receipt of those assets, deleting MY copy so that nothing of it ever existed. And I was supposed to say _nothing_ to the dev about why he was being let go, so that there would be no "trail" leading back to this fiasco. (The dev hounded me for weeks asking what he'd done wrong. It killed me that I was bound and gagged by corporate legal and couldn't tell him.)

I was in so much trouble. I was literally in tears over it. I'd never wasted that much money in my life. That incident pretty much sealed my fate as far as any trust my bosses ever put in me again (not much at all). I was a bit of a pariah in a lot of ways for the next 5 years whereas I had come onto the team as a young social media rockstar at first.

After that, and a couple of other bad scenarios that were less my fault and more due to a completely dysfunctional management and reporting structure, they eventually "transferred" me to another team. Which was really just a way of getting rid of me by sending me to a department that was already starting to outsource overseas and lay people off. It was less messy that way. I was in the first set of layoffs.

Since then, I've had a BIG fear of EVER joining a large corporation EVER again. I prefer to work for small businesses now, even if I get paid less. Much less stressful from an office politics and impact of mistakes standpoint.

I've got this customer who for some fucking reason won't change their DNS to point to our new servers, but wants to fucking stay on that old piece of crap, where we have to ask our sub-provider to generate a CSR to send to our customer to use to sign a certificate to send to us to send to our sub-provider. Because yeah, that's so much fucking easier than just pointing your domain to our new system, and get SSL set up automatically. For fucks sakes! And also, your certificate expires tomorrow, and since our idiot sub-provider hasn't responded to my email about CSR in a week, you basically have no option. So get that thumb out your butt and just switch the DNS!

Hi! I'm new in freelancing. I've created a program that scrapes data from a website, parses it, runs DB queries, and emails the prepared data to the customer for whom I've created this program. The whole program is written in PHP and uses a MySQL table. There's almost no front-end, it's just like an automated background process that runs with a cron job. I've bought and set up a domain and hosting for them (my cutomer paid it all). I got the core part of the program running after ~2 days, and it took me ~a week to complete the project including adding features and the testing phase. Now, I'd like to know, how much does this kind of project cost? The business operates in Silicon Valley.

The moment when you've spent way too much time working on your mail server and your dumbass friend instinctively slaps a @gmail.com at the end of your custom domain...

dev, ~boring

This is either a shower thought or a sober weed thought, not really sure which, but I've given some serious consideration to "team composition" and "working condition" as a facet of employment, particularly in regard to how they translate into hiring decisions and team composition.

I've put together a number of teams over the years, and in almost every case I've had to abide by an assemblage of pre-defined contexts that dictated the terms of the team working arrangement:

1. a team structure dictated to me
2. a working temporality scheme dictated to me
3. a geographic region in which I was allowed to hire
4. a headcount, position tuple I was required to abide by

I've come to regard these structures as weaknesses. It's a bit like the project management triangle in which you choose 1-2 from a list of inadequate options. Sometimes this is grounded in business reality, but more often than not it's because the people surrounding the decisions thrive on risk mitigation frameworks that become trickle down failure as they impose themselves on all aspects of the business regardless of compatibility.

At the moment, I'm in another startup that I have significantly more control over and again have found my partners discussing the imposition of structure and framework around how, where, why, who and what work people do before contact with any action. My mind is screaming at me to pull the cord, as much as I hate the expression. This stems from a single thought:

"Hierarchy and structure should arise from an understanding of a problem domain"

As engineers we develop processes based on logic; it's our job, it's what we do. Logic operates on data derived from from experiments, so in the absence of the real we perform thought experiments that attempt to reveal some fundamental fact we can use to make a determination.

In this instance we can ask ourselves the question, "what works?" The question can have a number contexts: people, effort required, time, pay, need, skills, regulation, schedule. These things in isolation all have a relative importance ( a weight ), and they can relatively expose limits of mutual exclusivity (pay > budget, skills < need, schedule < (people * time/effort)). The pre-imposed frameworks in that light are just generic attempts to abstract away those concerns based on pre-existing knowledge. There's a chance they're fine, and just generally misunderstood or misapplied; there's also a chance they're insufficient in the face of change.

Fictional entities like the "A Team," comprise a group of humans whose skills are mutually compatible, and achieve synergy by random chance. Since real life doesn't work on movie/comic book logic, it's easy to dismiss the seed of possibility there, that an organic structure can naturally evolve to function beyond its basic parts due to a natural compatibility that wasn't necessarily statistically quantifiable (par-entropic).

I'm definitely not proposing that, nor do I subscribe to the 10x ninja founders are ideal theory. Moreso, this line of reasoning leads me to the thought that team composition can be grown organically based on an acceptance of a few observed truths about shipping products:

1. demand is constant
2. skills can either be bought or developed
3. the requirement for skills grows linearly
4. hierarchy limits the potential for flexibility
5. a team's technically proficiency over time should lead to a non-linear relationship relationship between headcount and growth

Given that, I can devise a heuristic, organic framework for growing a team:

- Don't impose reporting structure before it has value (you don't have to flatten a hierarchy that doesn't exist)
- crush silos before they arise
- Identify needed skills based on objectives
- base salary projections on need, not available capital
- Hire to fill skills gap, be open to training since you have to pay for it either way
- Timelines should always account for skills gap and training efforts
- Assume churn will happen based on team dynamics
- Where someone is doesn't matter so long as it's legal. Time zones are only a problem if you make them one.
- Understand that the needs of a team are relative to a given project, so cookie cutter team composition and project management won't work in software
- Accept that failure is always a risk
- operate with the assumption that teams that are skilled, empowered and motivated are more likely to succeed.
- Culture fit is a per team thing, if the team hates each other they won't work well no matter how much time and money you throw at it

Last thing isn't derived from the train of thought, just things I feel are true:

- Training and headcount is an investment that grows linearly over time, but can have exponential value. Retain people, not services.
- "you build it, you run it" will result in happier customers, faster pivoting. Don't adopt an application maintenance strategy

/rant

This is meant as a follow-up on my story about how I'm no longer and Ada developer and everything leading up to that. The tldr is that despite over a decade of FOSS work, code that could regularly outperform a leading Ada vendor, and much needed educational media, I was rejected from a job at that vendor, as well as a testing company centered around Ada, as well as regularly met with hostility from the community.

The past few months I have been working on a "pattern combinator" engine for text parsing, that works in C#, VB, and F#. I won't explain it here, but the performance is wonderful and there's substantial advantages.

From there, I've started a small project to write a domain specific language for easily defining grammars and parsing it using this engine.

Microsoft's VisualStudio team has reached out and offered help and advice for implementing the extensions and other integrations I want.

That Ada vendor regularly copied things I had worked on, "introducing" seven things after I had originally been working on them.

In the almost as long experience with .NET I've rarely encountered hostility, and the closest thing to a problem I've had has been a few, resolved, misunderstandings.

Microsoft is a pretty damn good company. And it's great to actually be welcomed/included.

Rant!
Got an email from an extension developer who releases code under GPL. Had a list of all sites using "our copy" of his software and demanding that we pay twice as much now for download access. We've only asked for support on one domain ever so this feels like an underhanded way to treat customers when your software is supposed to be GPL.

Absolutely need his product so we paid it. Feeling very annoyed that GPL software license isn't really being honored. And it's creepy that he's tracking it that way.

When I was in 11th class, my school got a new setup for the school PCs. Instead of just resetting them every time they are shut down (to a state in which it contained a virus, great) and having shared files on a network drive (where everyone could delete anything), they used iServ. Apparently many schools started using that around that time, I heard many bad things about it, not only from my school.
Since school is sh*t and I had nothing better to do in computer class (they never taught us anything new anyway), I experimented with it. My main target was the storage limit. Logins on the school PCs were made with domain accounts, which also logged you in with the iServ account, then the user folder was synchronised with the iServ server. The storage limit there was given as 200MB or something of that order. To have some dummy files, I downloaded every program from portableapps.com, that was an easy way to get a lot of data without much manual effort. Then I copied that folder, which was located on the desktop, and pasted it onto the desktop. Then I took all of that and duplicated it again. And again and again and again... I watched the amount increate, 170MB, 180, 190, 200, I got a mail saying that my storage is full, 210, 220, 230, ... It just kept filling up with absolutely zero consequences.
At some point I started using the web interface to copy the files, which had even more interesting side effects: Apparently, while the server was copying huge amounts of files to itself, nobody in the entire iServ system could log in, neither on the web interface, nor on the PCs. But I didn't notice that at first, I thought just my account was busy and of course I didn't expect it to be this badly programmed that a single copy operation could lock the entire system. I was told later, but at that point the headmaster had already called in someone from the actual police, because they thought I had hacked into whatever. He basically said "don't do again pls" and left again. In the meantime, a teacher had told me to delete the files until a certain date, but he locked my account way earlier so that I couldn't even do it.
Btw, I now own a Minecraft account of which I can never change the security questions or reset the password, because the mail address doesn't exist anymore and I have no more contact to the person who gave it to me. I got that account as a price because I made the best program in a project week about Java, which greatly showed how much the computer classes helped the students learn programming: Of the ~20 students, only one other person actually had a program at the end of the challenge and it was something like hello world. I had translated a TI Basic program for approximating fractions from decimal numbers to Java.
The big irony about sending the police to me as the 1337_h4x0r: A classmate actually tried to hack into the server. He even managed to make it send a mail from someone else's account, as far as I know. And he found a way to put a file into any account, which he shortly considered to use to put a shutdown command into autostart. But of course, I must be the great hacker.

A couple of years ago, we decide to migrate our customer's data from one data center to another, this is the story of how it goes well.

The product was a Facebook canvas and mobile game with 200M users, that represent approximately 500Gibi of data to move stored in MySQL and Redis. The source was stored in Dallas, and the target was New York.

Because downtime is responsible for preventing users to spend their money on our "free" game, we decide to avoid it as much as possible.

In our MySQL main table (manually sharded 100 tables) , we had a modification TIMESTAMP column. We decide to use it to check if a user needs to be copied on the new database. The rest of the data consist of a savegame stored as gzipped JSON in a LONGBLOB column.

A program in Go has been developed to continuously track if a user's data needs to be copied again everytime progress has been made on its savegame. The process goes like this: First the JSON was unzipped to detect bot users with no progress that we simply drop, then data was exported in a custom binary file with fast compressed data to reduce the size of the file. Next, the exported file was copied using rsync to the new servers, and a second Go program do the import on the new MySQL instances.

The 1st loop takes 1 week to copy; the 2nd takes 1 day; a couple of hours for the 3rd, and so on. At the end, copying the latest versions of all the savegame takes roughly a couple of minutes.

On the Redis side, some data were cache that we knew can be dropped without impacting the user's experience. Others were big bunch of data and we simply SCAN each Redis instances and produces the same kind of custom binary files. The process was fast enough to launch it once during migration. It takes 15 minutes because we were able to parallelise across the 22 instances.

It takes 6 months of meticulous preparation. The D day, the process goes smoothly, but we shutdowns our service for one long hour because of a typo on a domain name.

How ignorant we all are about the world. It's not necessarily a bad thing, just a fact. After a four year degree I've learnt so much, how a computer works from the physical phenomena on the hardware level to the inner workings of an OS to the highest level abstractions of modern web development, a wide array of programming languages covering several different paradigms, mathematics from calculus to statistics to algebra, how to work with databases, how to administrate a server, how to build a website, and much more.

And that's just in a degree. I have knowledge in one domain and I wouldn't even call myself an expert in it. Medicine, physics, biology, the hundreds of branches of engineering from civil to nautical to aerospace to automobile, to geology to meteorology to astronomy, to the practical application of this knowledge in hundreds of trades. There's so much more to know in so much depth and only recently have I realized how little we all know on an individual level.

Finding this out has been a mixed bag, on the one hand it's made me value what I know and what others can teach me a hell of a lot more, on the other, knowing that people haven't realized this and adamantly discuss and impose from a position of ignorance isn't very nice.

tl;dr I know that I know nothing

Friend and I work on some side hustle. He does most of the content work, I just manage the tech stuff and pay for infrastructure. Domain renewal is upcoming too, so yeah...

He has refused to adopt project management methodologies and task tracking tools multiple times and it's becoming a real problem since I am paying for infrastructure and there are no plans for generating income. There was, but it's vaguely defined and I have no fucking idea what he's working on. I ask, but it's always vague AF.

I have no idea where this thing is going and I barely have time to work on it. Two weeks before I am writing exams, he asks me to urgently help with a project he's behind on due to power outages. I just fucking can't, I have too much other things on my plate right now.

Gonna have to have a sitdown, I can't keep spending money like this and not have a damn roadmap for planning things.

Kubernetes is a breeze they said. Now I‘m sitting here for several hours trying to find out why my pods randomly fail to resolve domain names.

Coming along my adventure: broken systemd configs, systemd-resolved stub causing loops, broken k3s modules and finding out that busybox‘s nslookup is broken for versions greater than v1.28.4.

50 issues later, I figured out that the dude who setup the corporate network (where the machine in question is located) uses two nameservers: one to resolve the internal routes and one for all the external domains. Luckily, coredns randomly picks a nameserver for each request. Therefore, sometimes queries for external domains reach the nameserver dedicated to the internal network which then answers with NXDOMAIN.

I hate networking so so much...

Rails. Fucking rails...

God damn monoliths, built by a cowboy coder.

Every one I have ever worked with becomes (or already is) a house of fucking cards that will blow over at the slightest gust of wind.

The worst part is that you always hear the same justifications from rails developers, then after they convince the higher-ups that “we will build it right, not like those other monoliths” we find ourselves F’ed right in the A a few months later.

It’s this frustration that lead me to MUCH better paradigms like Microservices, Event-Sourcing, CQRS, Domain Driven Design and the like.

When someone says “our backend is in rails” my first response is “so when are you replacing it?”

ZNC shenanigans yesterday...

So, yesterday in the midst a massive heat wave I went ahead, booze in hand, to install myself an IRC bouncer called ZNC. All goes well, it gets its own little container, VPN connection, own user, yada yada yada.. a nice configuration system-wise.

But then comes ZNC. Installed it a few times actually, and failed a fair few times too. Apparently Chrome and Firefox block port 6697 for ZNC's web interface outright. Firefox allows you to override it manually, Chrome flat out refuses to do anything with it. Thank you for this amazing level of protection Google. I didn't notice a thing. Thank you so much for treating me like a goddamn user. You know Google, it felt a lot like those plastic nightmares in electronics, ultrasonic welding, gluing shit in (oh that reminds me of the Nexus 6P, but let's not go there).. Google, you are amazing. Best billion dollar company I've ever seen. Anyway.

So I installed ZNC, moved the client to bouncer connection to port 8080 eventually, and it somewhat worked. Though apparently ZNC in its infinite wisdom does both web interface and IRC itself on the same port. How they do it, no idea. But somehow they do.

And now comes the good part.. configuration of this complete and utter piece of shit, ZNC. So I added my Freenode username, password, yada yada yada.. turns out that ZNC in its infinite wisdom puts the password on the stdout. Reminded me a lot about my ISP sending me my password via postal mail. You know, it's one thing that your application knows the plaintext password, but it's something else entirely to openly share that you do. If anything it tells them that something is seriously wrong but fuck! You don't put passwords on the goddamn stdout!

But it doesn't end there. The default configuration it did for Freenode was a server password. Now, you can usually use 3 ways to authenticate, each with their advantages and disadvantages. These are server password, SASL and NickServ. SASL is widely regarded to be the best option and if it's supported by the IRC server, that's what everyone should use. Server password and NickServ are pretty much fallback.

So, plaintext password, default server password instead of SASL, what else.. oh, yeah. ZNC would be a server, right. Something that runs pretty much forever, 24/7. So you'd probably expect there to be a systemd unit for it... Except, nope, there isn't. The ZNC project recommends that you launch it from the crontab. Let that sink in for a moment.. the fucking crontab. For initializing services. My whole life as a sysadmin was a lie. Cron is now an init system.

Fortunately that's about all I recall to be wrong with this thing. But there's a few things that I really want to tell any greenhorn developers out there... Always look at best practices. Never take shortcuts. The right way is going to be the best way 99% of the time. That way you don't have to go back and fix it. Do your app modularly so that a fix can be done quickly and easily. Store passwords securely and if you can't, let the user know and offer alternatives. Don't put it on the stdout. Always assume that your users will go with default options when in doubt. I love tweaking but defaults should always be sane ones.

One more thing that's mostly a jab. The ZNC software is hosted on a .in domain, which would.. quite honestly.. explain a lot. Is India becoming the next Chinese manufacturers for software? Except that in India the internet access is not restricted despite their civilization perhaps not being fully ready for it yet. India, develop and develop properly. It will take a while but you'll get there. But please don't put atrocities like this into the world. Lastly, I know it's hard and I've been there with my own distribution project too. Accept feedback. It's rough, but it is valuable. Listen to the people that criticize your project.

you know what im tires of?

Finding a good domain name for a potential business, unregistered, and then using algorithms, the registrar itself snipes it and cybersquats it as "premium".

In otherwords, if you do find a good name, theres no point becauss it'll just be immediately labelled "premium" by an algorithm and lock you out with 5,000 dollar pay wall.

people in 2003 didnt have to deal with this shit. Registrars should be allowed to do this.

Five domain names now, out of a couple dozen I tried, the five good ones I came up with, all five, "premium".

It wasnt like they were even .coms or common words either. Hell one of them had a number in it.

Nope "we have determined spontaneously, through algorithm, you haves selected what may be a valuable domain name, thank you for the service of identifying it for us, we will now reserve it, even though no one else wants it, at a prohibitively high cost."

Like a homeless women finding a winning lottery ticket in a parking lot, and the rich fucking owner running out demanding that she give him it because it was lost in HIS public parking lot.

Like you motherfuckers dont already have enough? You know what a good domain is? Its a basis for credbility. Its the difference between whether people use your service or not. Its the foundation for excitement or interest.

And here we have this "algorithmically marked as premium" bullshit, fucking the poors out of any chance of even a good start.

"Haahahaha cocksuckers, you're not internet startups in the early two thousands! If you dont habe five grand go drop on a dpmain name that isnt even fucking owned, enjoy staying part of the fucking lowerclass!"

These fuckers. Cant believe this bullshit.

Just another day in motherfucking america, where you have to start rich to even get ahead. just one more way gen x, gen y, and gen z got fuckity fucked right in the ass.

fuck this country so much. fuck it all.

never even gonna have a chance to own a home or anything else.

nobody ever offered me a real fucking chance, not once in my god damned life. not even my fucking parents.

might as well drink myself into a coma.

tl;dr. web hosting && a panic attack && security threat

i wasn't sure whether my brother's domain was hosted or not (because it wasnt showing a website and he didnt know any better).
so i decided to host a react-app for it on netlify and pointed the domain's nameservers towards it (a separate security threat at bottom).
all went well and now when you punch in the domain it ..all-behold.. shows a website.

NOW, i remember my brother was using the domain's email which probably means it was hosted, right?. so im panicking because im not sure whether i just deleted all his emails or not because it's 1:15 am and he's asleep.
there is a rant in there somewhere but im in too much of a shock as to how much data i might have just accidentally deleted
.
.
another tl;dr: my domain registrar let me change someone else's settings..
the reason i didnt know his domain settings is that he didnt know his password.
i had bought a couple of domains and was gonna host them on netlify. while i was doing this a bright idea hit me.. "you should finally build a website for your brother for the domain he bought 7 years ago"..
this is where the fun begins.
i sent an email to my registrar to point all nameservers of all domains to my nameservers and just to try out i included my brother's domain into it (i dont own this domain it's not registered by my email), and the next day i get an email telling me they've successfully made all changes.
.
Now tomorrow is monday and i'm going to their office to tell them i found a security flaw and see how long i can stall before actually telling them what it was and how their live's could've been made hell.

It was the last year of high school.

We had to submit our final CS homework, so it gets reviewed by someone from the ministry of education and grade it. (think of it as GPA or whatever that is in your country).

Now being me, I really didn’t do much during the whole year, All I did was learning more about C#, more about SQL, and learn from the OGs like thenewboston, derek banas, and of course kudvenkat. (Plus more)

The homework was a C# webform website of whatever theme you like (mostly a web store) that uses MS Access as DB and a C# web service in SOAP. (Don’t ask.)

Part 1/2:

Months have passed, and only had 2 days left to deadline, with nothing on my hand but website sketches, sample projects for ideas, and table schematics.

I went ahead and started to work on it, for 48 hours STRAIGHT.

No breaks, barely ate, family visited and I barely noticed, I was just disconnected from reality.

48 hours passed and finished the project, I was quite satisfied with my it, I followed the right standards from encrypting passwords to verifying emails to implementing SQL queries without the risk of SQL injection, while everyone else followed foot as the teacher taught with plain text passwords and… do I need to continue? You know what I mean here.

Anyway, I went ahead and was like, Ok, lets do one last test run, And proceeded into deleting an Item from my webstore (it was something similar to shopify).

I refreshed. Nothing. Blank page. Just nothing. Nothing is working, at all.

Went ahead to debug almost everywhere, nothing, I’ve gone mad, like REALLY mad and almost lose it, then an hour later of failed debugging attempts I decided to rewrite the whole project from scratch from rebuilding the db, to rewriting the client/backend code and ui, and whatever works just go with it.

Then I noticed a loop block that was going infinite.

NEVER WAIT FOR A DATABASE TO HAVE MINIMUM NUMBER OF ROWS, ALWAYS ASSUME THAT IT HAS NO VALUES. (and if your CPU is 100%, its an infinite loop, a hard lesson learned)

The issue was that I requested 4 or more items from a table, and if it was less it would just loop.

So I went ahead, fixed that and went to sleep.

Part 2/2:

The day has come, the guy from the ministry came in and started reviewing each one of the students homeworks, and of course, some of the projects crashed last minute and straight up stopped working, it's like watching people burning alive.

My turn was up, he came and sat next to me and was like:

Him: Alright make me an account with an email of asd@123.com with a password 123456

Me: … that won't work, got a real email?

Him: What do you mean?

Me: I implemented an email verification system.

Him: … ok … just show me the website.

Me: Alright as you can see here first of all I used mailgun service on a .tk domain in order to send verification emails you know like every single website does, encrypted passwords etc… As you can see this website allows you to sign up as a customer or as a merc…

Him: Good job.

He stood up and moved on.

YOU MOTHERFUCKER.

I WENT THROUGH HELL IN THE PAST 48 HOURS.

AND YOU JUST SAT THERE FOR A MINUTE AND GAVE UP ON REVIEWING MY ENTIRE MASTERPIECE? GO SWIM IN A POOL FULL OF BURNING OIL YOU COUNTLESS PIECE OF SHIT

I got 100/100 in the end, and I kinda feel like shit for going thought all that trouble for just one minute of project review, but hey at least it helped me practice common standards.

I need guidance about my current situation.
I am perfectionist believing in OOP, preventing memory leak in advance, following clean code, best practices, constantly learning about new libraries to reduce custom implementation & improve efficiency.
So even a single bad variable name can trigger my nerves.

I am currently working in a half billion $ IT service company on a maintenance project of 8 year old Android app of security domain product of 1 of the top enterprise company of the world, which sold it to the many leading companies in the world in Govt service, banking, insurance sectors.

It's code quality is such a bad that I get panic attacks & nightmares daily.

Issues are like
- No apk obfuscation, source's everything is openbook, anybody can just unzip apk & open it in Android Studio to see the source.
- logs everywhere about method name invoked,
- static IV & salt for encryption.
- thousands of line code in God classes.
- Irrelevant method names compared to it's functionality.
- Even single item having list takes 2-3 seconds to load
- Lag in navigation between different features' screens.
- For even single thing like different dimension values for different density whole 100+ lines separate layout files for 6 types of densities are written.
- No modularized packages, every class is in single package & there are around 100+ classes.

Owner of the code, my team lead, is too terrified to change even single thing as he don't have coding maturity & no understanding of memory leak, clean code, OOP, in short typical IT 'service' company mentality.

Client is ill-informed or cost-cutting centric so no code review done by them in 8 years.

Feeling much frustrated as I can see it's like a bomb is waiting to blast anytime when some blackhat cracker will take advantage of this.

Need suggestions about this to tackle the situation.

First time programming for work... Man in the middle student password changes. Yep that's right I'm being asked to write a program that will change students passwords on their Google accounts and local domain while also keeping a decryptable format password in a database. Granted it's much better than not letting students change their passwords at all. Plus were doing it because it will let us fix their issues while their out of school so...

Have a question about my career:

So far my career out of uni has been like this:

8 months in first place working as C# .NET dev, creating native desktop apps for windows. job was shitty, was not getting any best practices skills so I left.

12 months in 2nd place working as android dev in a startup. was working all alone and had to rebuilt my app up to 5-6 times to learn best practices. startup didnt care about android app at all so I left and now doing just some small freelance work for them.

3 months in new startup as android dev.Today I was told that its decided to focus on iOS and do all marketing (also uplift of new design) only on iOS. basically for next 3-4 months they don't plan to do much on android side. they saw that I showed some interest in backend and now they are asking me to talk with two other senior guys about starting with some small tasks for me on backend.

Our backend is mainly using python. Also backend guys will be pretty busy for next few months because they will have to deliver many new features in next few upcoming months. I've talked with one of them and he said that this is a bad idea to force frontend to start working on backend. However I feel that he's sort of gateekeping and probably just doesn't want to help me with getting up to speed.

In my defense, my knowledge doesn't end with C# .NET desktop apps and native mobile apps for android.

I have hobbie projects (gameservers) where I worked on websites (php,html,css,javascript,mysql) and also was taking care of a java based gameserver which is hosted in a linux vps.

Also I've had a small hosting "company" where with available tools I've managed to automate VPS(virtual private server) ordering, web hosting ordering and domain ordering. Basically I owned a dedicated server and did everything using whmcs, cpanel and proxmox virtualization.

I trust myself in learning this backend stuff and doing whats required, however I learned everything by myself and I won't follow all of these best practices.

Should I accept more responsibility on backend or should I continue focusing on android?

The look on people's faces when they see how much they gotta pay for a domain they let lapse...

PSA: If you do reverse proxying stuff, prefer unix domain sockets over localhost internet sockets, if it's on the same machine (and if it's forwarded over ssh too). You can even serve HTTP as a unix socket.

Unix domain sockets don't have the overhead of IP, so generally speaking, data will flow to your other process with much less overhead.

I've recently stopped being lazy at this, and it's worth it.

To all that read my rants regarding my webshop before! Here's the long awaited update!

So this asshole partner did just not take care of business so I decided to stand down as a director for that company. So we arranged that last monday.

I thought: let's end this properly, clean up my mail, some other stuff... tuesday he revoked me access to everything, so I couldn't access anything anymore. Wow fucker! You never did a thing and now suddenly you take action? Wtf?!

Can you please pay your part of the bill for the accountant? You already promised a couple of times.

Well of course mr retard, you really think I'll follow up on my promises? You never kept 1 of them yet expect me to keep that promise? Fuck you man.

So today he asked again. I told him that I'd like to know what he wants with all the custom made stuff as I developed it and copyright is owned by me. Then mr asshole started insulting again: just because of the fact that you're not a front end dev doesn't mean that makes.up for you taking so much time.to implement all that. I asked an expert.and he could do it in 3 hours! Wow dude! A front end dev optimizing db queries, rewriting parts of the back end in just.3 hours including the front-end?,You're so right.

Of course not cunt face. I'm already full stacking for 20 fucking years and.you tell me that?! Really? Mr insult's back again!

Then he says: I'm so fed up with all this crap that to end this properly I will have my new IT business partner look at your so called 'custom made components'.

For fuck's sake man, can I send you a tree with a rope so that you can hang yourself?

Good luck getting your domain name as it is still registered on my company's name. I might cancel it someday in the future at my convenience.

If anyone here loves fucking up a website, get in touch with me.

Started porting one application written in php to:
Golang(and some libraries to make certain sht simpler like GORM and Gorilla amongst a couple of others, most shit is STD shit already built in)

Java Spring(I know it well, but wanted to try this particular app in it, lots of boilerplate although the coded is solid AF)

.NET Core API, which I separated in a series of modules for the domain interface, the persistence logic, the actual api etc, I really dig it. It has a basic React frontend in Typescript whereas the other 2 versions are using the standard Go html/template package and the Twig interface for Spring.

My favorite thus far is Golang. I find it extremely easy to extend, the language reads good enough for a retard like myself to make sense of it fairly easy, really easy to test and experiment with it, any idea I get for something to add(say users and stuff) took me less than 30 mins to figure out while reading the actual documentation, as in the base documentation or just the source code.

I know the language is retard proof, and I am highly enjoying this. Not to say that the other two are bad, not at all, been using C# and Java for years now, but I highly appreciate being able to concentrate on functionality rather than all the fucking architectural boilerplate needed to run basic shit in the other two frameworks. Thus far Golang has been a breath of fresh air the likes Clojure gives me, while not even being a profound or mind blowing language in terms of features(since other than the interface{} and goroutines i can't think of shit) and have not reached a scenario in which I am stuck or dying to have generics one bit for the overall business logic.

The app is growing like crazy in terms of code since the original php application was huge to begin with, but dear me this shit is as simple as it can get without being too technical. Might move it to production once all usability tests pass and force the rest of the staff to learn it. I have one lead dev that damn near refuses to touch anything other than php, and a very eager to try shit out content administrator that comes from a Java and C# background.

all I want to say is how much I love go haha

Early on in my freelancing career I learned something important. Even with seemingly tame nerdy stuff, sh*t can get real, real quick. This story describes the very start of my career in web development and hopefully will serve as a warning to newbies out there.

A young teen, I had just learned some basics of wordpress, I was confident I could hack together something that worked and looked okay with minimal effort and knowledge. One day I was approached by a guy who wanted a job board board site. Knowing there were already clones out there I figured this would be an easy gig, man was I wrong.

In addition to the fact I didn't know about contracts or the scope creep from hell, I had somehow gotten myself involved with a criminal business front.

These guys operated a scam business to rip off investors. Me and my designer buddy were used to make the business look legit. What they would do is hold job fairs where people are supposed to pay to rent a booth, but instead they would give everyone a booth for free and then lie about what all businesses were coming. They would then show this info, along with the website and marketing materials to investors. They would take the money from the investors and launder it for drugs.

The real story starts the day of one of the worst hangovers I had ever had. I was at a random friends house sleeping for most of the day.

Apparently one of the guys who was operating the scam business was about to strike a deal with one of the investors when something on the website didn't work (it was working as designed). This guy, Manny we'll call him, had been blowing up my phone all morning. I check my voicemails and there are threats on my life; saying I will be sleeping with the fishes, or if they ever find me, they'll fuck me up. Needless to say this really freaked me out, either way I decided to head back to my dorm.

When I come back home, my designer buddy tells me that some guys were in the house looking for stuff. Apparently this guy hired two nerds to "break into my computer and steal the website", fortunately they didn't know what they were doing.

After a while I got another call, Manny wanted to sit down and "talk things out". Being naive I accepted and we met up. The two nerds were there with one of his body guards. He said he wanted to have those two nerds take over the project. While this was going on, his bodyguard flashed his gun at me several times making eye contact. I agreed to, but I still wanted to get paid. I asked about getting paid and he said we never signed a contract and that he owned the host and domain. I was pretty much screwed.

This is where the story should end, but I wasn't a very smart guy back then. I gave up the site but I created a back door into it. Every week or so, they would get "hacked". Because the two nerds didn't know what to do, they ended up coming back to me for help. This is when I finally got paid. Totally not worth it.

Just purchased a new domain and decided to once again design my website personally (Fuck wordpress man) but...

I absolutely hate working with HTML and JS at the same time (I actually love JS on its own), its like bloody Stockholm syndrome!

HTML may beat me senseless.. But i love it too much to stop!

I just knew about netlify
I paid so much less (10$ first year and 15$ second year) instead of 45$/year with OVH for a domain.

Is there any cons with Netifly ?

I just came home from opening of the fiscal year of a small drivers' club and it was quite an amazing life experience.

I got about a 5-times "rise" for a first, small, post-due-time project.

All of the members were so relaxed in one of the most serious moments of an association. We ate, drank beer and had as much fun as possible without break the law and other rules.

The story goes like this:

I was an intern in a website development company as students tend to do. In middle of the internship my teacher asked me if I'd be willing to develop a website to the before mentioned organization.
School will help with the money by being as a middle-man. It wasn't going to pay much, about 120€ or so, it's nothing really for the job, but I said yes for the experience. We organized a meeting, school provided the space, and went straight to the business.

The development went quite well: I got the final design requirements late (there weren't too much), research a lot about CMS:s, ended up with a beta version CMS (a risk), learned it, developed some plugins (not published yet), kept copyrights for most of the work and so on.

I was done _relatively_ quickly with the project and was quite happy with it. Only things still pressing my mind was bugs of the beta CMS, support for the plugins and my somewhat inexperienced graphical design.

Then it hit me, the world. Hosting, domain transfer, certificates, registry agreements. Arrgh. Most of things were fine, I know them. I had luck that I had a technical contact for the club. It would have been a nightmare of it's own otherwise.

We had problems transferring the domain, again, as you do. The other hosting company was to blame. They were the n00bs here. I went trough the law, technical guidance, etc. I was having heavy messaging with my technical contact about it, who was a middle-man for me and the hosting firms.
After a long while loop of waiting, reconfiguring, researching and messaging, until he transfer was finally over.

We had a long while of radio silence after some bug fixes. Until the Christmas came and I was invited to a Christmas party in a cottage, third Christmas party that year. It was great fun. We ate, drank, talked, went to sauna and had a playful adult stiga or sledging competition, etc.
I updated the site yet again, a stable version of the CMS were published. Yess!

Another radio silence came and year changed. It was broken off by a call to the opening of the fiscal year, the same day. This is today, or yesterday by now. This was just after my current company's board game night. I was really busy that day. A whole afternoon of second-hand shopping around the city with a bike. I counted 35 kilometers. Yes I go by bike, don't own a car or have an driving license... Yet.

I wasn't horribly late, around 30 minutes. I started eating and drinking. Free food and beer! They was also late, they should've got trough the business before I got there, before eating. So I ate and listened. Learned more about having business or an association in general. Until my matter came to be heard. They thanked me of the co-operation and made public the change of my reward sum, I WAS GRANTED 500€ REWARD for the work. It's still not an amazing sum in a larger point of view, but I can imagine that it's big deal for a small non-profit organization, which was loosing money. Everybody applauded, every 25 members of the club. I was greatly pleased. I will have to update their site a bit still, but they are going to pay the reward ASAP.

Did I mention that the school works around the taxes, legally. Taxes for the reward, if it were assumed as a wage would be 15%, for me, at the worst case scenario, only for getting the money to my hands.

I was offered another gig at the event, but didn't promise anything yet. I left before sauna, so we didn't get to change contact details. He will find a way to reach me if he really wants so. I'm a busy free man.

One of my uncle is becoming a classic nightmare.

He was kind of getting offended that I never payed much attention to his request of making a website for his impromptu travel agent sidejob.

He claims he gets approached by some people for tour packages. His revenue model is simply taking the payment from them with his commission and passing over responsibilities and everything else to some other travel agent. I don't know how he has the connections to make it happen or build it as a sustainable business but that's none of my business.

Anyway, what irritates me most is that he doesn't seem willing to invest in building the site. I strongly suspect he expects me to build it free ( free as in I cover expense for server and domain ) for him. He didn't have a solid plan on what features he is looking for in the website or even come up with a proper name for the site. He basically told me to buy whatever I think is good.

When I asked him to pay some money for buying the server space, he has gone mum about it.

My best guess is that he is probably looking on internet to do it himself and outsmart me.

Well, good for me.

So i wasted last 24 hours trying to satisfy my ego over a shitty interview and revisiting my old job's codebase and realising that i still don't like that shit. just i am 25 and have no clue where am i heading at. i am just restless, my most of the decisions in 2023 have given very bad outcomes and i am just trying doing things to feel hopeful.

context for the interview story-----
my previous job was at a b2b marketing company whose sdk was used by various startups to send notifications to their users, track analytics etc. i understood most of it and don't find it to be any major engineering marvel, but that interviewer was very interested in asking me to design a system around it.

in my 1.2 years of job there, i found the codebase to be extremely and unnecessarily verbose ( java 7) with questionable fallbacks and resistance towards change from the managers. they were always like "we can't change it otherwise a lot of our client won't use our sdk". i still wrote a lot of testcases and tried to understand the working of major features.

BTW, before you guys go on a declare me an embarrassment of an engineer who doesn't know the product's code base, let me tell you that we are talking SDKs (plural) and a service based company here. their was just one SDK with interesting, heavy lifting stuff and 9 more SDKs which were mostly wrappers and less advanced libraries. i got tasks in all of them, and 70% of my time went into maintaining those and debugging client side bugs instead of exploring the "already-stable-dont-change" code base.

so based on my vague understanding and my even more vague memory from 1 year ago, i tried to explain an overall architecture to that interviewer guy. His face was screaming the word "pathetic" from his expressions, so i thought that today i will try to decode the codebase in 12-15 hours, publish a cool article and be proud of how much i know a so called martech system design. their codebase is open sourced, so it wasn't difficult to check it out once more.
but boy oh boy i got so bored. unnecessary clases , unnecessary callbacks static calls , oof. i tried to refactor a few classes, but even after removing 70% of codebase, i was still left with 100+ classes , most of them being 3000-4000 files long. and this is your plain old java library adding just 800kb to your project.

boring , boring stuff. i would probably need 2-3 more days to get an understanding of complete project, although by then i would be again questioning my life choices , that was this a good use of my 36 hours?

what IS a correct usage of my time? i am currently super dissatisfied with my job, so want to switch. i have been here for 6 months, so probably i wouldn't be going unless i get insane money or an irresistible company offer. For this i had devised a 2 part plan to either become good at modern hot buzz stuff in my domain( the one being currently popularized by dev influenzas) or become good at dsa/leetcode/cp. i suck bad at ds/algo stuff, nor am i much motivated. so went with that hot buzz stuff.

but then this interview expected me to be a mature dev with system design knowledge... agh fuck. its festive season going on and am unable to buy any cool shirts since i am so much limited with my money from my mediocre salary and loans. and mom wants to buy a home too... yeah kill me

Anyone else currently in an auction for a .dev domain? If so, how much would you be willing to spend on it? And how much do you want it?

I'm currently in a closed auction for <firstname>.dev and there seem to be 2 bidders including me, the price is still $15

I have just slept for a minimum of 5 hours. It is 7:47 PM atm.
Why?
We have had a damn stressful day today.
We have had a programming test, but it really was rather an exam.
Normally, you get 30 minutes for a test and 45 minutes for an exam.

In this "test" we have had to explain what 'extends' does and name a few advantages of why one should use it.
Check.
Read 3 separate texts and write the program code on paper. It was about 1 super class and 1 sub class with a test class in Java.
Check.
Task 3: Create the UML diagram of the code from above. *internally: From above? He probably means my code since there is no other code there. *Checks time*. I have about 3 minutes left. Fuck my life.*
Draws the boxes. Put the class names in each of them. A private attribute for the super class.
Teacher: Last minute!
Draw the arrow starting starting from the sub class to the super class.
Put my name on each written paper. And mentally done for the day. Couldn't finish the last task. Task 3.
During this "test", I heard the frustrations of my classmates. Seemed like everyone was pretty much pissed.
After a short discussion with the teacher who also happens to be the physics professor of a university nearby.
[If you are reading this, I hope that something bad happens to you]
The next course was about computer systems. Remember my recent rant about DNS, dhcp, ftp, web server and samba on ubuntu?
We have had the task to do the screenshots of the consoles where you proof that you have dhcp activated on win7 machine etc. Seemed ok to me. I would have been done in 10 minutes, if I would be doing this relaxed. Now the teacher tells us to change the domain names to <surnameOfEachStudent>.edu.
I was like: That's fine.
Create a new user for the samba server. Read and write directories. Change the config.
Me: That should be easy.
Create new DNS entries in the configs.
Change the IPv6 address area to 192.168.x.100-200/24 only for the dhcp server.
Change the web server's default page. Write your own text into it.
You will have 1 hour and 30 minutes of time for it.
Dumbo -ANGRY-CLIENT-: Aye. Let us first start screenshotting the default page. Oh, it says that we should access it with the domain name. I don't have that much time. Let us be creative and fake it, legally.
Changes the title element so that it looks like it has been accessed via domain name. Deletes the url and writes the domain name without pressing Enter. Screenshot. Done. Ok, let us move to the next target.
Dhcp: Change lease time. Change IP address area. Subnet mask. Router. DNS. Broadcast. Optional domain name. Save.
Switches to win7.
ipconfig /release
ipconfig /renew
Holy shit it does not work!
After changing the configs on ubuntu for a legit 30 minutes: Maybe I should change the ip of the ubuntu virtual machine itself. *me asking my old self: why did not you do that in the first place, ass hole?!*
Same previous commands on win7 console. Does not work. Hmmm...
Where could be the problem?
Check the IP of the ubuntu server once again. Fml. Ubuntu did not save when I clicked on the save button the first time I have changed it. Click on save button 10 times to make sure it really is saved now lol.
Same old procedure on win7.
Alright. Dhcp works. Screenshot.
Checks time. 40 minutes left.
DNS:It is your turn. Checks bind9 configs. sudo nano db.reverse.edu.
sudo nano db.<mysurname>.edu.
Alright. All set. It should work now.
Ping win7 from ubuntu and vice versa. Works. Ping domain name on windows 7 vm. Does not work.
Oh, I forgot to restart the bind9 server on ubuntu.
sudo service bind stop
" " " start
Check DNS server IP on win7. It looks fine.
It still doesn't work. Fuck it. I have only 20 minutes left. Samba. Let us do this!
10 minutes in. No result. I don't remember why. I already forgot why I have done for it. It was a very stressful day.
Let us try DNS again.
Oh shit. I forgot the resolver!
sudo nano /etc/resolv.conf
The previous edits are gone. Dumb me. It says it in the comments. Why did not I care about it. Fuck it.6 minutes left. Open a yt video real quick. Changes the config file. Saves it. Restarts DNS and dhcp. Closes the terminal and opens a new one. The changes do not affect them until you reopen them. That's why.
Change to win7.
Ping works. How about nsloopup.
Does not work.
Teacher: 2 minutes left!
Fuck it.
Saves the word document with the images in it. Export as pdf. Tries to access the directories of the school samba server. Does not work. It was not my fault tho. Our school server is in general very slow. It feels like they are not maintained and left alone like this in the dust from the 90s.
Friend gets the permission to put his document on a USB and give the USB to the teacher.
Sneaky me: Hey xyz, can you give me your USB real quick?
Him: sure.
Gets bombed with "do you want to format the USB?" pop-ups 10 times. Fml. Skips in a fast way.
Transfers the pdf. Plug it out. Give it back.
After this we have had to give a presentation in politics. I am done.

Be careful with scams. The last scam-looking thing I've seen pop up a lot is a mail from Paypal saying my account has been terminated due to a breaking a rule that encompasses a lot of different things (from scams to illegal activity).

I don't even use Paypal all that much so I knew this had to be a mistake. I just have a CardA that sometimes gives me trouble when paying online because the bank is kind of shit, but doesn't give me trouble when paying with it through Paypal.

Naturally, I'm curious about this. However all the details are in some mystery PDF attached.
At this point I just opened the PDF out of morbid curiosity in another machine. The mystery PDF contained a link to an external site where I could "view what was wrong". Naturally, I just deleted the file.

What tipped me off originally was the domain name. the mail didn't come from paypal.com, but paypal-live.com.

Can you come up with something to spend money on that is even more useless and worthless than NFT?

I honestly tried. I thought of the most dumb crap but it had still some potential collection value or at the very least entertainment value.

NFTs don’t give you anything in return. It’s not a license, it’s not a currency, it isn’t shares, it isn’t art, not entertainment, not physical, not limited to some domain so not suitable to be collected by collectors.
You can’t even brag about owning it because you are owning just a kind of reference to it and not the actual thing. It is not like an ownership certificate because the seller of the NFT doesn’t even have the rights to sell the ownage for it, or the thing is not ownable. And if it was ownable, an NFT wouldn’t make you the official owner of it, because NFTs are not official.

I started to think about it because I can’t believe how many people spend so much money on literally nothing.

So, seriously let me know if you can up with something that beats NFTs in that regard.

Currently having very funny project lead, who gives on the spot estimates for 9 years old very pathetic quality code having Android app in security domain. Memory leaks, bad practices, typos, CVEs etc. you name it we have it in our source of the app.

Since 5-6 sprints of our project, almost 50% of user stories were incomplete due to under estimations.

Basically everyone in management were almost sleeping since last 7-8 years about code quality & now suddenly when new Dev & QA team is here they wanted us to fix everything ASAP.

Most humourous thing is product owner is aware about importance of unit test cases, but don't want to allocate user stories for that at the time of sprint planning as code is almost freezed according to him for current release.

Actually, since last release he had done the same thing for each sprint, around 18 months were passed still he hadn't spared single day for unit testing.

Recently app crash issue was found in version upgrade scenario as QAs were much tired by testing hundreds of basic trivial test cases manually & server side testing too, so they can't do actual needful testing & which is tougher to automate for Dev.

Recently when team's old Macbook Pros got expired higher management has allocated Intel Mac minis by saying that few people of organization are misusing Macbooks. So for just few people everyone has to suffer now as there is no flexibility in frequent changing between WFH & WFO. 1 out of those Mac minis faced overheating & in repair since 6 months.

Out of 4 Devs & 3 QAs, all 3 QAs & 2 Devs had left gradually.

I think it's time to say goodbye 😔

So I’ve been working on a tool to do offline domain joining in an active directory for about a month in my company, and so far everything is functional and done EXCEPT that one thing.

Essentially to do an offline domain junction, you need an AD account that has sufficient privileges on the domain controller. It will then generate a key that you can use on the client machine to make the junction to the domain.

I have tried literally every possible option that I could think of and I cannot for the life of me figure out why the client machine does not accept the generated key. I’m using methods from the Netapi32.dll which are barely documented anywhere, I even searched on GitHub code references and I couldn’t find much… Theres also a tool called djoin.exe that supposedly does that, I’ve tried with that tool too, to no avail.

This is the last thing missing for the project to be complete, and it’s pretty essential as well…

So close yet so far….

If anybody here knows anything about that kind of stuff (admittedly very niche) I’ll take anything.

Note: I think I’ve browsed all the websites and forums referencing to these functions and the tool now…

Spring boot does very much automagically.... but to find every possible configuration is hard....

I found out that it has an automatic config for Scheme Server... but how the fuck to configure it 😑

And do I still need avro made domain objects 🤔 it's hard to fight through all these documentations and versions of spring. 😖

Imagine you're in a company, one year in now. You've tried your best to amass as much knowledge of legacy services as you can (specially given no documentation) and you think you've done the best you can.

Now imagine your manager is upset that you haven't gotten as much domain knowledge as an engineer who's been in the team for five years now. Then also imagine that your manager whenever asked about specific product or tech or any knowledge on a service just keep tagging the 5 year engineer. If he ever gives an update in slack on any incident, he doesn't read what everyone has written in the channel so far, but invites the team on a call, and asks them to verbally tell him what to write as an update so as to show he actually understands it all and is showing leadership. What do you do?

Also I've read a good manager let's his team self function without any micromanaging but I feel this is literally hypocritical (lack of knowledge comparison) and useless of him to essentially making no decisions or understanding anything without pointing fingers. What would you all do about this kind of manager, or am I just inexperienced and maybe not seeing what he's actually doing and contributing.

I like the people I work with although they are very shit, I get paid a lot and I mostly enjoy the company but..

Our scrum implementation is incredibly fucked so much so that it is not even close to scrum but our scrum master doesn't know scrum and no one else cares so we do everything fucked.

Our prs are roughly 60 file hangers at a time, we only complete 50% of our work each sprint because the stories are so fucked up, we have no testers at all, team lead insists on creating sql table designs but doesn't understand normalisation so our tables often hold 3 or 4 sets of data types just jammed in.

Our software sits broken for months on end until someone notices (pre release), our architecture is garbage or practically non existent. Our front end apps that only I know the technology have approaches dictated by team lead that has no clue of the language or framework.

Our front end app is now about 50% tech debt because project management is so ineffectual and approaches are constantly changing. For instance we used to use view models for domain transfer objects... Now we use database entities, so there is no commonality between models but the system used to have shared features relying on that..sour roles and permissions are fucked since a role is a page regardless of the pages functionality so there is no ability to toggle features, but even though I know the design is fucked I still had to implement after hours of trying to convince team lead of it. Fast forward a few months and it's a huge cluster fuck to enforce.

We have no automated testing of any sort or manual testing in place.

I know of a few security vulnerabilities I can nuke our databases with but it got ignored.

Pr reviews are obviously a nightmare since they're so big.

I just tried to talk to scrum master again about story creation since any story involving front end ui as an aspect of it is crammed in under one pointed story as sub tasks, essentially throwing away any ability to calculate velocity. Been here a year now and the scrum master doesn't know what I mean by velocity... Her entire job is scrum master.

So anyway I am thinking about leaving because I like being a developer and it is slowly making me give up on doing things to a high standard and I have no chance of improving things, but at the same time the pay is great and I like the people.

Sydochen has posted a rant where he is nt really sure why people hate Java, and I decided to publicly post my explanation of this phenomenon, please, from my point of view.
So there is this quite large domain, on which one or two academical studies are built, such as business informatics and applied system engineering which I find extremely interesting and fun, that is called, ironically, SAD. And then there are videos on youtube, by programmers who just can't settle the fuck down. Those videos I am talking about are rants about OOP in general, which, as we all know, is a huge part of studies in the aforementioned domain. What these people are even talking about?
Absolutely obvious, there is no sense in making a software in a linear pattern. Since Bikelsoft has conveniently patched consumers up with GUI based software, the core concept of which is EDP (event driven programming or alternatively, at least OS events queue-ing), the completely functional, linear approach in such environment does not make much sense in terms of the maintainability of the software. Uhm, raise your hand if you ever tried to linearly build a complex GUI system in a single function call on GTK, which does allow you to disregard any responsibility separation pattern of SAD, such as long loved MVC...
Additionally, OOP is mandatory in business because it does allow us to mount abstraction levels and encapsulate actual dataflow behind them, which, of course, lowers the costs of the development.
What happy programmers are talking about usually is the complexity of the task of doing the OOP right in the sense of an overflow of straight composition classes (that do nothing but forward data from lower to upper abstraction levels and vice versa) and the situation of responsibility chain break (this is when a class from lower level directly!! notifies a class of a higher level about something ignoring the fact that there is a chain of other classes between them). And that's it. These guys also do vouch for functional programming, and it's a completely different argument, and there is no reason not to do it in algorithmical, implementational part of the project, of course, but yeah...
So where does Java kick in you think?
Well, guess what language popularized programming in general and OOP in particular. Java is doing a lot of things in a modern way. Of course, if it's 1995 outside *lenny face*. Yeah, fuck AOT, fuck memory management responsibility, all to the maximum towards solving the real applicative tasks.
Have you ever tried to learn to apply Text Watchers in Android with Java? Then you know about inline overloading and inline abstract class implementation. This is not right. This reduces readability and reusability.
Have you ever used Volley on Android? Newbies to Android programming surely should have. Quite verbose boilerplate in google docs, huh?
Have you seen intents? The Android API is, little said, messy with all the support libs and Context class ancestors. Remember how many times the language has helped you to properly orient in all of this hierarchy, when overloading method declaration requires you to use 2 lines instead of 1. Too verbose, too hesitant, distracting - that's what the lang and the api is. Fucking toString() is hilarious. Reference comparison is unintuitive. Obviously poor practices are not banned. Ancient tools. Import hell. Slow evolution.
C# has ripped Java off like an utter cunt, yet it's a piece of cake to maintain a solid patternization and structure, and keep your code clean and readable. Yet, Cs6 already was okay featuring optionally nullable fields and safe optional dereferencing, while we get finally get lambda expressions in J8, in 20-fucking-14.
Java did good back then, but when we joke about dumb indian developers, they are coding it in Java. So yeah.
To sum up, it's easy to make code unreadable with Java, and Java is a tool with which developers usually disregard the patterns of SAD.

!rant

Need advice guys :)

just bought myself a nice domainname, and now I'm looking for a good email provider I can use for my domain.

Any of you can point me in the right direction? It can come at a price, as long as it is not too much, but I'm well aware quality service does not come free...

Just a random question: how much does it cost to retain a domain name?

I know we can rent a domain name for like an year or such for $5-10 if its a unique one. After 1 year, we have to pay an increased amount for every subsequent year (which keeps on increasing i guess?)

So how does these new emerging companies ( or any company in general ) retail their domain rights? For eg paypal.com would have costed only a few bucks when first bought, but when the company got famous, its domain rent must have increase by a 1000 times. So does these big companies pay millions of dollars just to retain their domain name?

I just realised I have 1TB of MS OneDrive Cloud space lying around unused. DAMNNN!!!

Just yesterday, I was thinking of backing up all my content to cloud (because just in case and past experiences of losing data).

I did a quick fact check and figured that I have ~450 GB of unbacked data.

After quick calculations, I came to a number of how many Google accounts I'll need for 15 GB per account of drive space.

Today, I was playing around with my Microsoft Developer account and saw OneDrive. I thought let's check how much free space does MS Dev subscription offers.

It showed 1024 GB. FUCK! My balls dropped.

Now here's what I did...

I have a local drive of 500 GB, which holds all the unbacked data. Now I setup my local OneDrive there and put everything into OneDrive.

And then, I moved my local Google Drive into OneDrive. A nested setup for important stuff.

So this way, less important stuff is backed up on cloud and accessible everywhere.

And more important stuff gets synced on Google Drive and OneDrive, both.

Did I do the right and sensible thing with this kind of setup?

MS Developer subscription says they expire it in 90 days but until today, they have auto renewed it always.

I still have ~500 GB of space which can be consumed.

Also, overall MS ecosystem seems much better to me than Google. Moreover, MS allows custom domain mapping which Google doesn't.

Let's see how can I entirely migrate to MS ecosystem in near future.

I have a guy that will come in a few hours to discuss about an e-commerce website he wants to start his business. I've accepted to do it freelance.

Things are a little quick for my taste, but I know myself enough to know that if I don't jump head first, I'll back out and miss on an opportunity to add something valuable to my resume (and get a bit of money).

The thing is : I have nearly zero experience in 1) e-commerce websites and 2) client relationship and managing. So that will be a great challenge to me, but that's precisely what I need right now.

Anyway, I'm coming to you to ask a few questions : assuming his requirements are simple and common for an online shop, should I create it from scratch or would it be wiser to use a dedicated framework (Prestashop, Wix, etc.). If the latter, which one would you recommend, cost and efficiency-wise.

Still assuming simple and common requirements, how much time would it likely take, for an average developper (I'm no Linus Torvalds) working on average 8h a day ? More like 2-3 months, or more like 5-6 months ? I'm leaning more towards 2-3, but since I don't have experience in these kind of websites, I find a lot of user stories that might take me time to figure out.

Last but not least, what would be approximately an honest price, technical costs aside (domain, host, potential framework, etc.) for that kind of work. And for maintenance ?

!dev
when one of your best domains were taken for a long time and you didn't considered about buying or hijacking it or even thought about what you would even do with it because its taken anyway and you are not an asshole. But then out of nowhere you get an offer to get this domain. and you start thinking... what cool project you could do with it and what it may becomes - and what if your project fails and you wasted a great domainname... but ofcurse you stuggle for too long and the old owner bought it already back again, like he just forgot to renew it and didnt even cared about it that much.

congratulations. you now cant stop thinking about this cool project and what it could may be. instead you see someone else wasting it...

as if dev life is not depressing enough. back to localhost :(

Is exclusively being assigned bug tickets only for a whole sprint (they're not my bugs) while another dev does feature work a bad sign? I'm a Senior SDE but my domain Knowledge is far weaker than the other SDE 2, so he can get feature work done faster. Bug fixes are general project ones that are either suddenly very critical or lower priority and leads me to keep debugging some other aspect of the system (not much documentation sadly so have to check whole flow slowly to understand it, very financial based).

My manager also just yesterday said as a senior my expectation is to lead a project and we'll discuss the requirements of my role. This is my direct manager, the one who assigned me all the bugs is the project manager, who also acts a bit like an SDE sometimes. The problem is I want to deliver work my main manager suggests but I simply don't get the time due to suddenly high priority bugs occurring (last night 1 hour before I log off, other manager says to find root cause analysis of a high priority bug), this isn't an oncall rota or task either, just normal bugs all the time.

Is this a bad sign? Am I about to be PiPed?

tldr: I am looking for recommendations for a basic website for my parents. GOTO question;

Pre-Story:
My parents have a small (offline) business. They have a website to give some general information and list their weekly offers.
When I felt that what has come out of the website-building tool (you know, clicky clicky stuff) looked a bit too early 2000's and is a total ripoff for what you get (almost 20€ per month), I created something with Google Sites for them. Feel free to roast me, but web development is not my field and now it looks much more modern, is mobile friendly and does what it is supposed to do. Weekly offers are edited in a google sheets file, which is embedded in the website. Not great, but this way my mom doesn't have to deal with editing a tables on the page - trust me, it won't look good. This also meant they could downgrade the hosting package to discard the clicky-tool and just the domain (maybe 1€ per month). The website itself is hosted for free by Google.

Some time ago GDPR became a thing and then I was tasked to have a look at it. (side note: I don't want to rant about being responsible for it, that's fine. My parents don't really ask me to do a lot for them.) You can't enter any data on the website, it's just very basic stuff and data protection wise there's just the "usual" stuff (cookies, embedded tools, logs). I added another site with a halfway complete privacy policy. Regarding the whole cookie issue (do not enforce unnecessary cookies) I couldn't find an easy solution. It's not 100%, but what can you really expect from a small business like this? I've seen worse.

Now to the question:
Can you recommend a good alternative to the current solution (Google Sites)?
It should be cheap (<3€/month incl. domain) and my parents should be able to make some basic changes (just text in predefined locations). I am not afraid to get my hands dirty - I can deal with some HTML, CSS, JS - but I don't want to sink a lot of time into this. No need for analytics or the like. Maybe a newsletter would be cool (with the weekly offers), but that's just a random thought of mine and definitely not necessary.

Thanks for reading :)

i need an adult. I know noone who would understand my worries, so you guys need to be it.

i have a nextcloud running on my raspberry pi. performance is horrible, dont ask, but it works.

i mostly use it to backup the photos of my phone sd card every night when my phone charges. Internally this works good. If i am elseplace it wont for obvious reasons.

In my youthful joy of doom i opened port 443 and forward it to my raspi. I get internet via cable and my ip is pretty much static (it was the same for 10 months). So external access is provided.

Now i thought, its stupid that i cannot sign an ssl certificate cause i dont have a domain. Lets buy domain. But before i do that i did some try runs with duckdns to test the principle.

Some back and forth, it works now. Pretty god, i could even make a cron job on the raspbi to renew (that should work right?). Only problem. randoname.duckdns.org doesnt work internally. Or should not at least.

So i googled a bit and it turns out that my router (a cable fritz!box i bought myself) can be a local network dns. Or cannot. Regardless what i try, it doesnt accept the changed config file.

Now the problem.

It works anyway. randoname.duckdns.org points to my external "static" ip and resolves to that from my internal network..so it works on my phone or laptop. if i traceroute the thing it goes via two hops out and finishes in less than 1ms.

Now to the problem:
I have no fokkin clue why. The expected behaviour would be that it shouldnt work. If i do what i intended todo on pc in the hosts file tracert works correctly, directly pointing to the internal ip.

What i cannot figure out, is it the fritz!box being smart? Is it my ISP being smart?

Reason to rant: i have absolutly NOONE to ask, i know not a single person who would even understand what troubles me. I want to learn, i want to know WHY not just some mindless russian patchwork of "if it works its good enough".

thats depressing.

What email service are you using for your domains? I used zoho for a while, but those assholes keep randomly locking my accounts (an email always activates those again, but fuck knows how much emails I missed during not noticing it) - thought about going with the general hype of Tutanota around here, but it seems like it doesn't really support multiple custom domain mailboxes? Also tried just now msgsafe.io - it seems fine, but the way it handles multiple domain mailboxes is just disgusting, because it just throws them all together and you have to "filter" to get mails from only one domain.

Any PHP developers here have experience with Multi DB tenancy app with each tenant can have their our custom domain (tenant-one.com) then it will be pointed via CNAME to my app (tenant-one.myapp.com).

I have enough details for multi DB tenancy app using sub domains but for using custom tenant domain - not so much.

What are some good detailed tutorials on how to do this via CNAME?
What tips can you share about this? Thanks! 😃

Okay one of my stupid mistakes (yep I had multiple...)

I had a client running a WordPress, some older people that don't know that much about computers. They created the whole content for their WordPress, but it was a very large one with a lot of pictures they struggled to place etc.

And 4 months later I get an email saying that the hosting of my domain has been deleted. And as I was too lazy to place their database on their hosting, I placed it on mine. It followed up by a complete data loss and I couldn't tell them....

Not proud of this, but I told them their server had crashed and I couldn't do anything about it.

They closed their business because of this.

I feel bad.

TL;DR how much do I charge?

I'm freelancing for the first time; regularly, I get paid a salary.

I'm freelancing as a donation: the hours I put into this work directly translate to deductions in my tax. I don't get paid any money directly.

I'm doing some web-based enterprise software for an organization. Handling the whole process from writing responsive front-end code to setting up the server and domain for them and even managing myself. So full stack plus dev ops.

My normal salary is $31 an hour and at work I do less. I largely do maintenance for existing applications plus some very minor new systems design. I don't do any server management (different team) and I damn well didn't buy the domain names for my company. So I think it's safe to say I'm taking on a drastically larger role in this freelance gig.

My moral dilemma is the organization will basically say yes to any price - because they don't pay it, the government will (up until the point I pay 0 taxes, I suppose)

I've done some minor research on what other freelancers charge for somewhat similar things and I get pretty wildly varying results. I've seen as low as $20/hr but I really doubt the quality of such a service at that price.

I'm thinking around $50 USD an hour would be a fair price. For even further reference besides my actual salary, I will say that I am in a urban / suburban part of Florida, where developers are very hard to find locally.

Is $50 too high? Too low? This is a very complicated system with (frankly excessive) security practices and features. Before this they had a handful of excel spreadsheets in a OneDrive folder.

Relatively often the OpenLDAP server (slapd) behaves a bit strange.

While it is little bit slow (I didn't do a benchmark but Active Directory seemed to be a bit faster but has other quirks is Windows only) with a small amount of users it's fine. slapd is the reference implementation of the LDAP protocol and I didn't expect it to be much better.

Some years ago slapd migrated to a different configuration style - instead of a configuration file and a required restart after every change made, it now uses an additional database for "live" configuration which also allows the deployment of multiple servers with the same configuration (I guess this is nice for larger setups). Many documentations online do not reflect the new configuration and so using the new configuration style requires some knowledge of LDAP itself.
It is possible to revert to the old file based method but the possibility might be removed by any future version - and restarts may take a little bit longer. So I guess, don't do that?

To access the configuration over the network (only using the command line on the server to edit the configuration is sometimes a bit... annoying) an additional internal user has to be created in the configuration database (while working on the local machine as root you are authenticated over a unix domain socket). I mean, I had to creat an administration user during the installation of the service but apparently this only for the main database...

The password in the configuration can be hashed as usual - but strangely it does only accept hashes of some passwords (a hashed version of "123456" is accepted but not hashes of different password, I mean what the...?) so I have to use a single plaintext password... (secure password hashing works for normal user and normal admin accounts).

But even worse are the default logging options: By default (atleast on Debian) the log level is set to DEBUG. Additionally if slapd detects optimization opportunities it writes them to the logs - at least once per connection, if not per query. Together with an application that did alot of connections and queries (this was not intendet and got fixed later) THIS RESULTED IN 32 GB LOG FILES IN ≤ 24 HOURS! - enough to fill up the disk and to crash other services (lessons learned: add more monitoring, monitoring, and monitoring and /var/log should be an extra partition). I mean logging optimization hints is certainly nice - it runs faster now (again, I did not do any benchmarks) - but ther verbosity was way too high.

The worst parts are the error messages: When entering a query string with a syntax errors, slapd returns the error code 80 without any additional text - the documentation reveals SO MUCH BETTER meaning: "other error", THIS IS SO HELPFULL... In the end I was able to find the reason why the input was rejected but in my experience the most error messages are little bit more precise.

You work in a team, for a team to move forward successfully the team should work in sync. A team always has a goal and a plan to get to it. There are times when the team needs to take a different direction therefore the set path should always be available for change because our environments dictate it.

We all have different styles of working and different opinions on how things should work. Sometimes one is wrong and the other is right, and sometimes both are wrong, or actually sometimes both are right. However, at the end of it all, the next step is a decision for the team, not an individual, and moving forward means doing it together. #KickAssTeam

The end result can not come in at the beginning but only at the end of an implementation and sometimes if you’re lucky, during implementation you can smell the shit before it hits the fan. So as humans, we will make mistakes at times by using the wrong decisions and when this happens, a strong team will pull things in the right direction quickly and together. #KickAssTeam

Having a team of different opinions does not mean not being able to work together. It actually means a strong team! #kickAssTeam However the challenging part means it can be a challenge. This calls for having processes in place that will allow the team members to be heard and for new knowledge to take lead. This space requires discipline in listening and interrogating opinions without attachment to ideas and always knowing that YOUR opinion is a suggestion, not a solution. Until it is taken on by the team. #KickAssTeam We all love our own thinking. However, learning to re-learn or change opinions when faced with new information should become as easy to take in and use.

Now, I am no expert at this however through my years of development I find this strategy to work in a team of developers. It’s a few questions you ask yourself before every commit, When faced with working in a new team and possibly as a suggestion when trying to align other team members with the team.

The point of this article, the questions to self!

Am I following the formatting standard set?

Is what I have written in line with official documentation?

Is what I am committing a technical conversion of the business requirement?

Have I duplicated functionality the framework already offers?

I have introduced a methodology, library, heavily reusable component to the system, have you had a discussion with the team before implementing?

Are your methods and functions truly responsible for 1 thing?

Will someone you will never get to talk to or your future self have documentation of your work?
Either via point number 2, domain-specific, or business requirements documentation.

Are you future thinking too much in your solution?

Will future proof have a great chance of complicating the current use case?

Remember, you can never write perfect code that cures every future problem, but what you can do perfectly is serve the current business problem you are facing and after doing that for decades, you would have had a perfect line of development success.

Is it better to be a full stack developer or switch to some form of domain expertise ?

With the advent of chatgpt it's really easy to have entry level knowledge on pretty much any technology

Full stack devs too operate in similar manner , (good in backend can build some decent front end with bootstrap )

Basically if i have to be smarter than the AI , should I try to develop a deeper expertise on a particular stack or still prefer to jack of all master of none

hr- "so why are looking to switch from X"
me- "well i currently work in b2b domain amd i really want to work on B2C product where millions of users are being impacted"

hr- "yeah we also have premium companies as users and b2b work is not much different than b2c. what else?"

me- "uh umm, also i saw the opening for a journalism company , so i was very tempted to apply as i always
wanted to work for jo-"

hr- "the opening is for p, a subdomain of our company which is a music player"

me- "umm that's okay. i guess i like listening to music as well 😅 . also i wanted to work nearby to my home"

hr- "yeah that's the real reason. your current company is asking you to come to their city"

me- "no they are still remote!" (they aren't)

hr- "i will connect you with another person. please be negotiable"

🥺😭 mann i am so much out of the game i am embarrassing myself over a phone call. can't even answer a stupid why question

Hi So I need some solid advice from you all wonderful people.
I think i am now ready to look into job side of this world, but have lots of doubts , read my story.
I have been learning android for last 2 years. Most of the time i have been trying to understand how stuff works in android , but i have also gained a few other skills ( python programming, kotlin/flutter basics data analysis basics, testing, some graphic designing, aweful web dev ,etc). But i really want to work with Android. I don't have any specific Salary figure in mind, but i guess my knowledge is better or atleast par with most of the good android developers.

So i want to know how is this fresher/placement thingy work?
1.) GETTING KNOWN? : How can i make some good android based company aware that I am available for hiring? Should i start emailing every android related company that i know of? Should i start listing my profile on recruitment sites like linkedin or internshala? This year it is being said that companies will come for placements. From the status of my college, they are going to give me way to less $ , nd i know am not going to like any of them, but i guess i have to sit for them too.

2.INTERVIEW OR DIRECT PLACEMENTS? A little pre-context: i am currently starting my 4th year in clg. Afaik , 4th year isnt that strict and their can be leniency in terms of attendance. But my college is a place full of political cun*s in the name of directors and HODs and I don't know if they are again going to enforce the old 75% mandatory criteria. Plus if the company is from a different state/country , then my attendance would definitely not suffice.
So mainly i am unsure if somehow a company hires me, i would be able to start immediately. I heard that there are interviews for job recruitment after which the candidate is binded with an agreement to do some months training followed by permanent working after college completion.
This type of agreement is very much suitable for me, since from what my friend tells me, trainings can be lenient and understanding regarding exam preparations nd stuff.

So what do company usually chooses? Binding a fresher on immediate working basis or do they consider graduate completion?

Also, i suck at competitive coding. Do i need to polish myself on that or some company is willing to give me chance on the basis of my other skills 🙈(okay, no kidding , that's a serious question. I need to either work on getting better in competitive or build more apps based on that)

3.) ANDROID OR EVERYTHING? From what i have heard, working as a professional fresher is more like being an allrounder than being a domain specialist. But as i already stated, i really dig android and that's no small framework. I may di other stuff too, but won't interest me nd my output might be less efficient than expected.
So freshers can really be asked to do any stuff? Or can i still be in the area i like being into?

4.) COMPANY OR START-UP? Yeah, this is a general debate starter. Ignoring the business side of the conversation ( job safety vs more salary, experience, etc) the thing that's most important for me is the presence of a team. I want someone to assign me a task, whose vision i could follow, from whom i could learn, and some other people who are supportive and doing the same amount / similar work that am doing . This is so much import8 for me that i can easily ignore other factors for a better team. I once took a call from a startup ceo who hired me, a 2 month old android beginner at that time, as the "lead android developer"
But if am being on a team where i am supposed to do any random stuff that is assigned, then obviously this whole point of "visionary, helpful leader, guiding team, "etc goes moot

I work in such specific domain that most of my daiky issues would require too much explaining to rant about them...

you know one should tread very carefully when getting a business dealing out of friendship.

if their is a boss-employee dynamics in the business, as in you are the boss and they are being paid to work for you or vice versa, then during work , be prepared to take criticism constructively. as a friend, the relation is different, we say each other anything and it is laughed off, but during work, there is a matter of respect, seniority and professionalism.

another kind of dynamics are the freelance/favour relation where friend is giving you free/paid service/advice or vice versa. this is even more shittier situation and is almost always bound to fuck up.
- the guy receiving service will try to negotiate a better deal because friend factor ('you will take so much money from your homie?')
- the guy providing service will try to offer a bad deal because friend factor ('i know he trust me. let me offer him a bad quote as he don't know anything of this domain')
- the guy providing service may not consider the service/advice as priority because friends factor ('he is a homie. he can wait')
- the guy receiving service may not be satisfied with the product/offerring/guidance because friends factor ('you could have added this x feature too bro, i paid you')

overall friend factor sucks. somehow the boss-employee factor worked for me as i was careful after 1 bad attempt

Since a friend of mine owns a domain for an open-source project and manages pretty much everything, including dealing with a db for registered accounts, I'm currently not really able to help when it comes to UI/UX things and frontend, besides the "main editor", which is like the core functionality of the project. I would like to set up smth like docker (on Windows 10 home, which is already not suitable, great start🤦) for some kind of pseudo-db all inclusive functionality thingy to be able to run a working example locally. Also a goal would be to switch to Typescript, include testing, to use webpack and to automate as much as possible.
Sad part is, I don't even know where to start and I'm also 100% sure that I will do almost everything wrong from research to implementation.😐