Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "false-positive"
-
Let me tell you a story.
Our company has a homegrown monitoring solution. Keeps track of our deployments and alerts us when something is broken. Really nice for the most part, except a little issue where we get up to 25 alerts PER DAY that our PRODUCTION ENVIRONMENT IS DOWN. Including weekends.
With this many false positives, we quickly learn to ignore the alerts and miss real incidents.
So we approached this team, remember its our own tool, and told them about the problem. Turns out it is a known issue. And here's the kicker: they aren't planning on fixing it!
It gets better. Rather than fix this glaring issue, their solution is to make ANOTHER ALERT that lets us know the monitoring is misbehaving.
To recap, we can now expect to get up to 25 false positive alerts per day that our production is down, followed immediately by more alerts that the monitor is broken, which means we can ignore the previous alert.
As our PM said when he heard this: fuck that noise. We are escalating the shit out of this!7 -
A conversation that me and my boss had this week:
Boss: "Hey, why is this not progressing"
Arcsector: - "We're waiting on system users to move their destinations"
"We need the system in the database in order to move it"
- "Okay awesome - let's move it, oh wait, I can't do it because I don't have access, here's the stuff that needs to be done: a, b, and c"
"Oh I'm actually not able to help with that"
- "So then how are we supposed to get it done?"
"idk but also this other issue is something missions are complaining about"
- "oh I already am talking to them about it and it should be remedied by the team creating the problem because it's a false positive"
"Well we need to solve it still"
- "We would've solved it already but it has dependencies with other projects that we're still working on because we don't have enough people"
"We cant get you more people because we don't have the budget"
- "Then this stuff will have to wait"
"Get it done"
ACTUALLY SCREAMING! Why cant people understand that there are conesequences for their actions??!!1 -
SM = Scrum Master
SM: "Card #130, you added a comment saying you aren't going to do update the report?"
Me:"Yea, I explained why in the comment"
SM: "Product owner wants it."
Me: "Product owner isn't the manager using it. I talked with Steve, he said the data is accurate and they have to go to the database anyway to verify the error. That report has no way of knowing the message logged could be a false positive."
SM: "That's not our job to decide. If the Product Owner wants the feature, we add the feature."
Me: "It is absolutely is our job. Steve is the user of the report. I could really care less what the product owner said. The only reason he created the card was because Steve told him a specific error logged could be a false positive, and only happens, maybe, once a month. I'm not wasting my time, Steve's time, or this project's time on wild goose chases."
SM: "I'll schedule a meeting this afternoon to discuss the issue with the product owner. Don't worry, if you can't figure out how to filter out the false positives, I'll assign the ticket to me."
fracking fracking kiss ass. I swear, if he goes behind my back again ....I... deep breath....ahhh...OK..Thanks devrant. Work place incident diverted.6 -
So I need to "fix" a false-positive security warning (mass-assignment of a foreign key). Do I "fix" it by...
A) Setting it manually and double-saving the object?
B) Rewriting the mass-assignment so the linter doesn't realize what I'm doing?
Both options suck.
But security is going to complain if I don't do it.
Guess what?
I'm not doing it.
SMD you ducks.10 -
In early 2016 I got a front end web development job.
<1 month later, was fired from thatfront end web development job.
Reason: After several years focused primarily on social media marketing, I didn’t know what the hell I was doing and couldn’t catch up fast enough to what their shop was using. My coding skills were way more out of date than I ever anticipated.
In retrospect, the only reason I got the job was that their 3rd party skills testing website repeatedly wouldn’t submit my results and didn’t change up the questions, so by the time it finally did, I had guessed 90% of the answers correctly. I registered as a false positive and that was, apparently, enough for their HR person. -
I'm surprised management allows us to write false positive tests just to have high coverage instead of refactoring it first. Time to abandon ship.
-
Dear Windows,
y is it that Windows Defender is suddenly closing down apps, I opened on my own, and have been using and interacting with for ages since I installed this OS?
How the fuck is this unwanted software?
Fuck you.13 -
Going to make a new programming language, positive# .
Where the default value of a Boolean is true instead of false. -
PSA: negate your tests and make sure they fail!
I have what I thought was a weird and slightly paranoid habit. When I write tests sometimes just as a sanity check negate the assertion to make sure the test fails and isn't a false positive. Almost always fails as expected.
But not today! Turns out I had forgotten to wrap my equality check in an assertion so it would always pass. It freaks me out to imagine pushing a test that always passes not just because it doesn't do its job, but could also obscure a bug and trick me into thinking it works differently than it does. Broken tests are the worst!
But it pays to be paranoid. -
In the 90s most people had touched grass, but few touched a computer.
In the 2090s most people will have touched a computer, but not grass.
But at least we'll have fully sentient dildos armed with laser guns to mildly stimulate our mandatory attached cyber-clits, or alternatively annihilate thought criminals.
In other news my prime generator has exhaustively been checked against, all primes from 5 to 1 million. I used miller-rabin with k=40 to confirm the results.
The set the generator creates is the join of the quasi-lucas carmichael numbers, the carmichael numbers, and the primes. So after I generated a number I just had to treat those numbers as 'pollutants' and filter them out, which was dead simple.
Whats left after filtering, is strictly the primes.
I also tested it randomly on 50-55 bit primes, and it always returned true, but that range hasn't been fully tested so far because it takes 9-12 seconds per number at that point.
I was expecting maybe a few failures by my generator. So what I did was I wrote a function, genMillerTest(), and all it does is take some number n, returns the next prime after it (using my functions nextPrime() and isPrime()), and then tests it against miller-rabin. If miller returns false, then I add the result to a list. And then I check *those* results by hand (because miller can occasionally return false positives, though I'm not familiar enough with the math to know how often).
Well, imagine my surprise when I had zero false positives.
Which means either my code is generating the same exact set as miller (under some very large value of n), or the chance of miller (at k=40 tests) returning a false positive is vanishingly small.
My next steps should be to parallelize the checking process, and set up my other desktop to run those tests continuously.
Concurrently I should work on figuring out why my slowest primality tests (theres six of them, though I think I can eliminate two) are so slow and if I can better estimate or derive a pattern that allows faster results by better initialization of the variables used by these tests.
I already wrote some cases to output which tests most frequently succeeded (if any of them pass, then the number isn't prime), and therefore could cut short the primality test of a number. I rewrote the function to put those tests in order from most likely to least likely.
I'm also thinking that there may be some clues for faster computation in other bases, or perhaps in binary, or inspecting the patterns of values in the natural logs of non-primes versus primes. Or even looking into the *execution* time of numbers that successfully pass as prime versus ones that don't. Theres a bevy of possible approaches.
The entire process for the first 1_000_000 numbers, ran 1621.28 seconds, or just shy of a tenth of a second per test but I'm sure thats biased toward the head of the list.
If theres any other approach or ideas I may be overlooking, I wouldn't know where to begin.16 -
How to handle a manager who manages to find fault in everything you do ... Butt fails to acknowledge any of the good work
It's not like the feedbacks from his end are valuable , often times they are illogical and based on false assumptions
Is the behaviour from manager toxic ?
I end up getting uneasy everytime I hear a false superficial backhanded sarcastic remark on how and what I should have done differently
And when I really deliver something critical i don't even get an acknowledgement ... forget about compliment
Maybe I don't have a thick skin , maybe I'm taking the I'm a victim mentality here ... Maybe I should view everything with a more positive outlook ... but I really doubt if I'm at fault here
And I'm not sure if he's like this with other guys , but I suspect I'm the only one who's being treated like this ..
Should I "escalate" this to someone?2 -
A bit longer rant, somehow triggered by the end of this rant:
https://devrant.com/rants/7145365/...
The discussion revolved around strpos returning false or a positive integer.
Instead of an Option or a Exception.
I said I'm a sucker for exception, but I'm also a sucker for typing.
Which is something most languages lack - except the lower level ones like C / C++.
I always loved languages which have unsigned and signed types.
There, I said it... :) I know that signed / unsigned is controversial, Google immediately leads to blog entries screaming bloody murder because unsigned can overflow – or underflow, if someone tries to use a -1on an unsigned integer.
Note that my love is only meant for numeric types, unsigned / signed char is ... a whole can of insanity on its own.
https://phoronix.com/news/...
If you wanna know more.
Back to the strpos problem, now with my secret love exposed:
strpos works on a single string, where a string is a sequence of chars starting with 0.
0 is a positive integer.
In case the needle (char that should be looked up in the string) cannot be found in the haystack (the string), PHP returns "false".
This leads to the necessity of explicitly checking the type as "0" (beginning of string, a string position)... So strpos !== false.
PHP interprets 0 as false, any other integer value is true.
In the discussion, the suggestion came up to return -1 if a value could not be found – which some languages do, for example Scala.
Now I said I have a love for unsigned & signed integers vs. just signed integers...
Can you guess why the -1 bothers me very much?
Because it's a value that's illogical.
A search in a sequence that is indexed by 0 can only have 0 or more elements, not less than zero elements.
-1 refers to a position in the sequence that *cannot* exist.
Which is - of course - the reason -1 was chosen as a return value for false, but it still annoys me.
An unsigned integer with an exception would be my love as a return value, mostly because an unsigned integer represents the return value *best*. After all, the sequence can only return a value of 0 ... X.
*sigh*
Yes, I know I'm weird.
I'm also missing unsigned in Postgres, which was more or less not implemented because it's not in the SQL standard...
*sob*29 -
TL;DR: What do you hate about the current interview process for software dev positions?
I have been reading interview related posts on reddit and other places and I have noticed that there is a lot of hate, especially from more senior devs, towards the typical software dev interview pattern i.e. the one focused on algorithms and data structures and I don't understand why. The current methods may be far from ideal but I think they do a good job of eliminating the false-positives. Plus, I can't think of a better alternative. Sure, by using current interview methods some good devs might get rejected because they haven't used/needed/studied many algorithms and data structures after they left college, but for any big company that gets thousands of applications every year, that wouldn't be a big issue compared to the negative impact a false-positive may create. I am still in college so I maybe biased, I would like to hear your thoughts on this.3 -
Alert fatigue is likely one of the biggest problems.
When you add in unactionable or false-positive alerts to the mix it can drive a dev team insane.
Step up your DevOps game!
https://m.youtube.com/watch/...1 -
i am terrible at using swagger autogenerated code, yaml and swagger files
dont fucking false positive pass, tell me if theres indenting wrong
also why the fuck wont you generate the code im trying to get you to generate
i fucking hate you so much, ive done this once before what am i doing wrong now -
Well. I'm stressed and a bit sick so let me tell you this you fuckers: I don't want to play in your little mindfucking game where everything is about efficiency, money and who has the biggest dick around.
Usually I'm the idealistic, positive kind of guy who spreads love and lets people do their things as long as they just don't fuck with him.
Right now though, just go fuck yourself in your damn stupid car you fancy fucker because I don't care about your big dick you have to show off on every occasion. I don't give a fuck about your big paycheck or your smart ass. I'm so sick of this industry mouse wheel and modern slavery where it is made extra hard to enjoy our lives and unfold who we really wanna be because some stupid asshead is not able to fill his hollow emptiness with bare love but has to swallow loads of cash instead giving him the craziest form of diarrhea.
Com'on! We kind of tamed the planet. We put so much effort and created a huge system with so many securities and still we are not able to simply live freely, share love, opinions and great ideas. Why is it still so common to define yourself about your projects, paycheck and false effort? Instead of how much good you give to others, how self-consistent you are, how good you treat yourself?
All I want from you is a bit honesty to yourself. How about being nicer to yourself, letting your love unfold for the sake of releasing that love to the world?
For me you will be a hero!
Notes:
I believe that the personal happiness is influenced not only by your surroundings but mostly how you interact with it. Karma basically. So yeah, normally I'd say you can simply decide to ignore that shit, walk on your path and decide to be what you want to be no matter what dickheads cross your path, but honestly I just had to get that rant out because this ridiculous nonsense makes me so sick right now.
I'm successful right now. I have the privilege to decide on being happy and I know that not everyone has this privilege. I believe, spreading love will also spread this privilege.
That said, have a nice day!4 -
So this month I had to do two major features which required unexpected refactors and I had to handle unexpected edge cases all over the place. Since I work in another timezone and time was of essence, I was kinda working around the clock to complete refactors as fast as possible because it was "important and critical". I have 7 other devs in my team but only half of the team are actually competent and even less are motivated to push through. Most of the team prefer to sit on low hanging fruit tasks and cant even get that fucking right.
So that resulted in me doing at least 100 hours of overtime this month. Best part all I got for pulling it off was a thank you slack message from teamlead and got assigned even more work: to lead a new initiative which seems to be even bigger clusterfuck...
So today I had a sitdown with my manager and I asked for 3 paid days off and told him that I did 50-60 hours of overtime. He okayed it as long as my teamlead was happy.
So I created a chat, adder manager and teamlead to it and explained my situation. That Im feeling burned out, I need 3 days off and combined with the weekend that should allow me to finally relax.
My fucking teamlead told me that these days are mine and he cant take them away from me. But then he started guilt tripping me that no one else will be working on the new initiative these days so we will have a very tight timeframe to deliver this (only until August).
Instead of having at least a drop of empathy that fucker tried to guilt trip me for taking days off for fucking unpaid overtime. What a motherfucker. Best part is Ive talked with manager and we actually have until end of August to deliver the new initiative, so fucker teamlead is gashlighting me with false sense of urgency.
I guess a hard lesson learnt here. Waiting for my fucking raise to be approved for the past 6 weeks (asked for a 43% bump which is on the way since I got very strong positive feedback).
So Im done. I proved myself, will get the salary of which I only dreamed about few months ago. Not putting any overtime anymore. If something is very urgent, borrow fucking decent devs from another team. Or replace half of our useless team with just one new decent dev. I bet our producticity would increase at least by 50%.
Its not my fuckint fault that 2-3 people are pulling the weight of 8 people team. Its not my responsibility to mentor retards while crunching under immense pressure just because current processes are dysfunctional. Fuck it. Hard lesson learned. If you want overtime, compensate with extra days off or pay. Putting my 7-8 hours in daily and Im not responding to your bullshit slack messages or emails after work. I dont give a fuck that you work in another timezone and my late responses might result in stuff getting done postponed by a few days or a week. Figure it out.2 -
Google Search Console insists there is "content wider than screen" on a one-pager I did which works very well on all tested sizes and devices, and scores 90+ on Google PageSpeed Insights.
"Validation failed - see details."
Clicked on "see details", and only saw the 1 URL I already knew, which seems to be working fine for everyone. If Google detetcs an actual issue, it would be really helpful to provide some details, otherwise this kind of false-positive crap only serves to care less about their tools (which is a bit of a shame, as they do provide a lot of value most of the time).2 -
On the one hand, I'm done with all of the major bugs in a piece we're getting ready to launch this month.
On the other hand, there's one lingering bug that only appears when I've got Query Monitor running, because WooCommerce throws a false positive "table does not exist" error, which it tries to backtrace through **39** layers of functions, eating all of the memory.
Turning off Query Monitor fixes this, but means I basically have to flip it off before the primary function of the software and flip it back on afterward.
Currently considering the best way to put off the WooCommerce activation for a point where there isn't so much going on... -
HIRE FAST USDT-BTC RECOVERY EXPERT\FOLKWIN EXPERT RECOVERY.
I had a dreamlike beginning to my Bitcoin journey. The success stories and the notion that cryptocurrencies could transform how we invest and accumulate money enthralled me. I made a sizable investment in Bitcoin after doing extensive research and planning in the hopes of securing my financial future. Everything seemed ideal for a while, and my investment seemed to be yielding positive results. However, everything came crashing down. My Bitcoin was taken due to a huge hacking attack and a succession of missteps, which saddened me. My hard-earned savings and investments were gone in an instant. My loss was unbearably heavy. I not only lost a lot of money, but I also felt like I had failed myself and my future. I was overcome with regret, fear, and helplessness. Every attempt to get access to my cash failed, and the prospect of ever seeing my money again became increasingly distant. In my efforts to look for a helping hand, I contacted various so-called "recovery services," but they all revealed to be scams or failed to deliver any meaningful remedies. I was frantic, terrified that my money had been lost forever, and I was sinking more into despair. The prospect of irreversible financial devastation worried me, and I felt worthless. That’s when I found ( Folkwin Expert Recovery ). At first, I was hesitant. After all, I had already been burned by false promises. But after reading about their track record of successful recoveries and their professional, transparent approach, I decided to give them a chance. It felt like my last shot at recovering what I had lost. After weeks of persistence, I received the incredible news that my stolen Bitcoin had been recovered. The relief I felt was overwhelming. What had seemed like a hopeless situation had been reversed, and my financial future was no longer in jeopardy. I couldn’t believe it—I had been given a second chance. Thanks to ( Folkwin Expert Recovery ), I was able to overcome the devastation of losing my Bitcoin and begin to rebuild my financial security. They showed me that with the right team and the right approach, even the most devastating losses can be turned around. Contact Folkwinexpertrecovery (AT) tech-center (DOT) com or W-h-a-t-s-A-p-p; +1 (740)705-0711 for help.
Regards,
Edward H Macnamara.3