Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Junior dev requests for sudo access on a server instance for some package installation, gets it, figures out how to open the root shell - never goes back. They do everything on root.
Fast forward to production deployment time, their application won't run without elevated privileges. Sysadmin asks why does the application require elevated privileges. Dev answers, "Because I set it up with root" :facepalm:15 -
Apple's marketing department are just dictionary junkies.
Have you guys read some of the latest Apple quotes for their products? You know, the ones where you visit the page and there's some large bold text summarising the product? Here's a few:
HomePod: "The new sound of home."
If you talk over my Spotify music YOU WILL BECOME THE NEW SOUND OF MY SHED.
iPhone X: "Say hello to the future."
E.Musk put a Tesla in space. Also the future can crash with a single character.
MacOS: "Your Mac. Elevated."
If you fly away I WILL use you as birthday balloon.
iPad Pro: "Anything you can do, you can do better."
SOONER OR LATER *Comment what you would put here*
But I mean hey. It sells right.
Reading it back maybe I'm just blind hating.11 -
I previously worked as a Linux/unix sysadmin. There was one app team owning like 4 servers accessible in a very speciffic way.
* logon to main jumpbox
* ssh to elevated-privileges jumpbox
* logon to regional jumpbox using custom-made ssh alternative [call it fkup]
* try to fkup to the app server to confirm that fkup daemon is dead
* logon to server's mgmt node [aix frame]
* ssh to server directly to find confirm sshd is dead too
* access server's console
* place root pswd request in passwords vault, chase 2 mangers via phone for approvals [to login to the vault, find my request and aprove it]
* use root pw to login to server's console, bounce sshd and fkupd
* logout from the console
* fkup into the server to get shell.
That's not the worst part... Aix'es are stable enough to run for years w/o needing any maintenance, do all this complexity could be bearable.
However, the app team used to log a change request asking to copy a new pdf file into that server every week and drop it to app directory, chown it to app user. Why can't they do that themselves you ask? Bcuz they 'only need this pdf to get there, that's all, and we're not wasting our time to raise access requests and chase for approvals just for a pdf...'
oh, and all these steps must be repeated each time a sysadmin tties to implement the change request as all the movements and decisions must be logged and justified.
Each server access takes roughly half an hour. 4 servers -> 2hrs.
So yeah.. Surely getting your accesses sorted out once is so much more time consuming and less efficient than logging a change request for sysadmins every week and wasting 2 frickin hours of my time to just copy a simple pdf for you.. Not to mention that threr's only a small team of sysadmins maintaining tens of thousands of servers and every minute we have we spend working. Lunch time takes 10-15 minutes or so.. Almost no time for coffee or restroom. And these guys are saying sparing a few hours to get their own accesses is 'a waste of their time'...
That was the time I discovered skrillex.3 -
Okay...not a rant. But my boss's boss is amazing! I've been with this company for about a year, and every time my lowly ass needs permission elevation to do something, I have to practically beg. And then I get elevated one little permission at a time. I have a presentation to the board on Tuesday, and all damn day it's been one network permission problem over the other. It's become insulting that I'm the only team member that has to beg for permission scraps. Today, they take me out to lunch and when I get back, sends an email and copies me on it basically instructing that I'm to receive near-God like permissions on the network. Quite an honor for being everyone's junior by like 20-25 years! I feel like I'm about to receive an Infinity Stone or something...best day ever!
-
How do you deal with massively poorly-performing and unknowledgeable teams?
For background, I've been in my current position for ~7 months now.
A new manager joined recently and he's just floored at the reality of the team.
I mean, a large portion of my interview (and his) was the existing manager explicitly warning about how much of a dumpster fire everything is.
But still, nothing prepares you for it.
We're talking things like:
- Sequential integer user ids that are passable as query string args to anonymous endpoints, thus enabling you to view the data read by that view *for any* user.
- God-like lookup tables that all manner of pieces of data are shoved into as a catch-all
- A continued focus on unnecessary stored procedures despite us being a Linq shop
- Complete lack of awareness of SOLID principles
- Actual FUD around the simplest of things like interfaces, inversion of control, dependency injection (and the list goes on).
I've been elevated into this sort of quasi-senior position (in all but title - and salary), and I find myself having to navigate a daily struggle of trying to not have an absolute shit fit every time I have to dive into the depths of some of the code.
Compounded onto that is the knowledge that most of the team are on comparable salaries (within a couple thousand) of mine, purely owing to length of service.
We're talking salaries for mid-senior level devs, for people that at market rates would command no more (if even close) than a junior rate.
The problem is that I'm aware of how bad things are, but then somehow I'm constantly surprised and confronted with ever more insane levels of shitfuckery, and... I'm getting tired.
It's been 7 months, I love the job, I'm working in the charity sector and I love the fact that the things I'm working on are directly improving people's lives, rather than lining some fintech fatcat's pockets.
I guess this was more a rant than a question, and also long time no see...
So my question is this:
- How do you deal with this?
- How do you go on without just dying inside every single day?8 -
I am a mechanical engineer first and my companies go to sysadmin second. So software developing isnt really my main field of expertise buuttt:
WHY IS SLOOPY SOFTWARE WRITING A VIABLE EXCUSE?
Story:
Yesterday i started to migrate some stuff from our old Win 2008 Server to the new 2016. Turns out there are some MS SQL Express Servers running. Quick check for what they are turns out that they are activly used. So far so good. For other reasons we have a new MSSQL 2017 Core Licence. So i thought, hey it would be nice to just move those 2012, 2008 and 2014 Express Servers to a real one that can use the entire machines capabilities.
After some try & error with exporting one of the softwares (where i had to elevate one the user rights to sysadmin for reasons) the entire system stopped working. I didnt deleted anything or changed anything! Well, i elevated user rights. After 2 hours of support call it turns out that the software stopped working cause i gave the database user sysadmin rights. I dont know enough about MSSQL to judge wether that is logical or not, but it sounds super illogical and i suspect sloopy software writing on the manufacturers part. One way or another, the excuse from the telephone support was "yeah, our software is a very fragile child"
Okay.
After i told all that my coworkers two of them were also "yeah, that is just how the [company] software is, you have to be careful with it"
Apparently it broke in the past for other minor stuff.
As an engineer i cannot build bridges that collapse when you use the left and the right lane at the same time. For an architect it isnt okay to build an house where the front door explodes when you open a window. It is not okay for a power tool to go out in a fireball when you accidently drill plastic with it. But for some weird reasons its socially acceptable for programs to be sloopy, buggy and only working under specific conditions. Since when is it okay for a car only to work when you know specific steps to make it run? Like, throwing your spare key in the gas tank, the kick the left wheel exactly three times and finally tapping the steering wheel 5 times left, 4 times right. What? That would be ridiculous? But that is exactly how that software works. You have to follow a specific step guide to make it work, EVERY TIME.
I. JUST. DONT. GET. IT3 -
Today it finally happened. I had a „virus“. I wanted to get KMPico for a buddy of mine since he is to lazy to crack it and installs windows after 2 months again.
Today I woke up to an cheap ass miner I caught by accident. All he fucking did was suspend the task when taskmanager is open. It ran as normal user under the process named „kernel.exe“, no cpu priority/affinity, no elevated startup service, all files in one place (under roaming) and worst of all… he kept an remote connection TO HIS FUKKEN PC open, he even is to cheap to get a root server ffs
6 -
Just mirrored sudo to my own Gitea instance yesterday (https://git.ghnou.su/mir/sudo). Turns out that this chonkster is 200MB compressed (LZ4 on ZFS). I am baffled by it... All it needs to do is reading a configuration file describing what users can be elevated, to which user and which commands they can run. Perhaps doas wasn't a bad idea after all?
Oh and it got a privilege escalation vulnerability just yesterday (https://security-tracker.debian.org/...), which is why I got interested in it. Update your sudo packages if you haven't already.11 -
Most unprofessional experience at work?
Check out my previous rants. With so many, it would be difficult to pick just one.
Not sure if I've told this one before. 'Caleb' was part of a team responsible for migrating financial data from a legacy (DOS-based) system to our new system.
Because of our elevated security (and the data being plain text) Caleb had access to the entire company's payroll (including VP salary, bonuses, etc).
Solidifying my belief that that salaries should be private between the employee and the employer, Caleb discovered he was making considerably less than his peers (even a few devs that he had seniority over), and the green monster 'Jealosly' took over his professionalism. Caleb decided to tell everyone making the same and less than him, the salaries of the other (higher paid) devs, managers and VPs.
Nobody understood at the time, but these folks started to behave erratically , like showing up late, making comments like "Why should I document that? Make 'money bags' over there do it", etc and so on.
Soon at review time, Caleb decided to use his newly discovered ammunition to 'barter' for a higher salary by telling the manager if he didn't make $$$, he would send an email to the entire company containing everyone's salary.
The manager fired Caleb on the spot and escorted him out the building (Caleb never had chance to follow thru with that threat)
When word got out about Caleb's firing (and everybody knew why), those other employees started showing up on time and stopped complaining about doing their job.5 -
So I inherited this buggy application my company developed to process state rosters for health care. The daily process fails often and I haven’t been able to figure out why. Then I notice one little thing... it’s essentially using SQL injection as a method of updating records from a file that we receive from outside... there’s no checking for validity of the statements or making sure they’re safe to execute. Just a for in loop and calling a sp to execute the query text under elevated permissions.
-
My programming paradigms unit has decided to explore different teaching/learning environments by creating lecture/workshops. Imagine a massive room with big projector screens at the front and smaller screens lined up against the wall at the back. The lecture room seats are designed around tables that are gradually elevated so it’s similar to a lecture hall but you’re sitting at discussion tables.
There’s the usual lecture with all the slides up around everywhere, there’s nice wheelie chairs and dimmer lighting... can’t tell if we’re at a conference or some awards night. Then all of a sudden, we’re coding in teams (tables) and uploading our work on to forums to discuss with the rest of the lecture hall. WHAAAAAAAT
Really different and quite enjoyable experience, there’s more than one tutor walking around to help, there’s mics for people to present.
Just sharing my new experience of forward learning environments that didn’t cause feelings of anxiousness for once or boredom. It was kind of mind blowing, wish it was always like this. -
I cannot believe that MS has not thought of something better than UAC... trying to re-install ADConnect after fixing an error, msi shits out 2502/2503 errors even though it worked first time on the original install. The fix, run the msi from an elevated cmd. Come On Microsoft!!!7
-
Ok. I GIVE UP! ...for at least a couple hours...
I'm not a big believer in... well anything suitable to the literal definition of believe. But there's only so much 'wtf? How is this even possible?' and any answer u can come up with is nearly statistically impossible...
I am a neuro-atypical (and just extremely atypical even if i somehkw was neurotypical) being, based on logic, finely calculated statistical probability and the most raw data and as unbiased as realistically possible, algorithms and interpretation (usually recursive pattern recognition with several highly detailed historical sources.
...but at some point statistical improbability and a collation of separate, yet relatively closely occuring events/circumstances makes logic, itself a primary suspect of corruption.
What was the breaking point that caused me to (temporarily) give up and tell logic to f off for a bit cuz maybe the illogical and mythical is the real logic, leaving me in a losing battle with 'the' fates?
Trying to get all my sourcing/purchase orders in/paid for/on the literal boats b4 end of the workday/week in china...
1st, had to drop a supplier cuz they have limited reps. When the one ive had 7+ years left, i got the aloof blonde girl societal trope of a rep... who for the 2nd time (despite the several very blunt complaints above her, incl me) she sent out a promotional update to the entire client list (ie, inherently competitors) as CC not BCC... over 200 business email accounts with tailored info of their sourcing.
2- totally diff company/ industry a former rep i was glad be rid of apparently just sfarted back for "awhile" as i needrf to restock/scale...apparently she forgot everything we discussed at length... lke if you want a chance on my business im not gonna be wasting time looking through your gui "mini store to then inquire about everything individually insead of a simple spreadsheet(which i print and put in a 3-ring binder rotating current catalogues in the same format i require everywhere)
3.dog was an ahole, my packed schedule got delayed and morphed.. a bunch of little bs thatd normally have no extra thought impact, hyperfocused forgetting one of my alarms til i realised my idiopathic fever was back and i didnt take/apply meds (pain/muscle relaxers mainly so despite this odd free time and needing to shower. I gotta sit on my rear, leg elevated/non-productive far 40min b4 i can shower (as functional legs and lack of syncope is almost a req to shower)
4. A new-ish rep of a company/factory i like/respect enough to not mention in relation... he makes invoice 1.. slight error thst was easily resolved...#2 was flawless... he goes to officially generate the contract(alibaba... verrrry simple with lots of extra explanation buttons). Price and all items match, its near workweek end so i was waiting for it so i could quickly pay/have it on the boat b4 it left and few fdav days are behind...
I put in card info, get to the 2 cbeck boxes (imo should be only 1 but whatever) asking if billing address is same ss delivery(its always default yes)... then i see a few lines in chinese (i can read enough for business negotiations... typical words/sentences innately look different than things like individual letters/address and postal indicators.) After a few loops of double checking, mentally trying to dismiss my i Intial judgement cuz it'd be too ridiculous... even resorted to google .... nope... initial wtf was spot on... recipient name/address was indeed the company(multi factory producer)i was purchasing a wholesale, via sea freight, bulk of products from.
Im pretty sure the system would've flagged it as an invalid contract within an hr... but seriously... ive been handling alibaba (and other) international sourcing since before high school(mainly small businesses i made sites/little tools for that found anything with a light up screen intimidating) and a purchase then shipment to the originating company/factory actually entered into a contract(the form is sooo simple)... im faced with ridiculously improbable obstacles actually existing and changing in such nonsensical statistically improbable ways so often that 1. I wouldn't trust a dr (or most humans) that didnt 1st assume i was crazy of some form...unfortunately im not, despite hkw much simpler and probable itd be 2. Id be super suspicious/converned if statistic norms were my norm for over a day.
But seriously wtf???
Someone give me some wisps of a frame of ref here... where's a typical 'fuck this, im out!' Breaking point?1 -
What everyone needs to remember is there is never a time when I’m not starting to remember or remembering or just in an elevated state of I know you’re up to something so if you al think you’re able to get away with things over and over again you’re looking at this wrong
I’m being given literally an opportunity for revenge every day multiple times a day8
Top Tags
Weekly Rant
View