I hate those fucking sites which make you login first and then redirect to their home page.

FOR FUCK'S SAKE, ITS 2017. CANT YOU BASTARDS WRITE A FEW LINES OF CODE SO THAT I AM AUTOMATICALLY REDIRECTED TO WHERE I WAS AND I NEED NOT BACKSPACE EVERY TIME I LOGIN?

I absolutely HATE "web developers" who call you in to fix their FooBar'd mess, yet can't stop themselves from dictating what you should and shouldn't do, especially when they have no idea what they're doing.

So I get called in to a job improving the performance of a Magento site (and let's just say I have no love for Magento for a number of reasons) because this "developer" enabled Redis and expected everything to be lightning fast. Maybe he thought "Redis" was the name of a magical sorcerer living in the server. A master conjurer capable of weaving mystical time-altering spells to inexplicably improve the performance. Who knows?

This guy claims he spent "months" trying to figure out why the website couldn't load faster than 7 seconds at best, and his employer is demanding a resolution so he stops losing conversions. I usually try to avoid Magento because of all the headaches that come with it, but I figured "sure, why not?" I mean, he built the website less than a year ago, so how bad can it really be? Well...let's see how fast you all can facepalm:

1.) The website was built brand new on Magento 1.9.2.4...what? I mean, if this were built a few years back, that would be a different story, but building a fresh Magento website in 2017 in 1.x? I asked him why he did that...his answer absolutely floored me: "because PHP 5.5 was the best choice at the time for speed and performance..." What?!

2.) The ONLY optimization done on the website was Redis cache being enabled. No merged CSS/JS, no use of a CDN, no image optimization, no gzip, no expires rules. Just Redis...

3.) Now to say the website was poorly coded was an understatement. This wasn't the worst coding I've seen, but it was far from acceptable. There was no organization whatsoever. Templates and skin assets are being called from across 12 different locations on the server, making tracking down and finding a snippet to fix downright annoying.

But not only that, the home page itself had 83 custom database queries to load the products on the page. He said this was so he could load products from several different categories and custom tables to show on the page. I asked him why he didn't just call a few join queries, and he had no idea what I was talking about.

4.) Almost every image on the website was a .PNG file, 2000x2000 px and lossless. The home page alone was 22MB just from images.

There were several other issues, but those 4 should be enough to paint a good picture. The client wanted this all done in a week for less than $500. We laughed. But we agreed on the price only because of a long relationship and because they have some referrals they got us in the door with. But we told them it would get done on our time, not theirs. So I copied the website to our server as a test bed and got to work.

After numerous hours of bug fixes, recoding queries, disabling Redis and opting for higher innodb cache (more on that later), image optimization, js/css/html combining, render-unblocking and minification, lazyloading images tweaking Magento to work with PHP7, installing OpCache and setting up basic htaccess optimizations, we smash the loading time down to 1.2 seconds total, and most of that time was for external JavaScript plugins deemed "necessary". Time to First Byte went from a staggering 2.2 seconds to about 45ms. Needless to say, we kicked its ass.

So I show their developer the changes and he's stunned. He says he'll tell the hosting provider create a new server set up to migrate the optimized site over and cut over to, because taking the live website down for maintenance for even an hour or two in the middle of the night is "unacceptable".

So trying to be cool about it, I tell him I'd be happy to configure the server to the exact specifications needed. He says "we can't do that". I look at him confused. "What do you mean we 'can't'?" He tells me that even though this is a dedicated server, the provider doesn't allow any access other than a jailed shell account and cPanel access. What?! This is a company averaging 3 million+ per year in revenue. Why don't they have an IT manager overseeing everything? Apparently for them, they're too cheap for that, so they went with a "managed dedicated server", "managed" apparently meaning "you only get to use it like a shared host".

So after countless phone calls arguing with the hosting provider, they agree to make our changes. Then the client's developer starts getting nasty out of nowhere. He says my optimizations are not acceptable because I'm not using Redis cache, and now the client is threatening to walk away without paying us.

So I guess the overall message from this rant is not so much about the situation, but the developer and countless others like him that are clueless, but try to speak from a position of authority.

If we as developers don't stop challenging each other in a measuring contest and learn to let go when we need help, we can get a lot more done and prevent losing clients. </rant>

For half of devRant its 2018 and for half it's 2017. Timezones ftw.

Im at TechDays 2017
Its mostly about microsoft.

All the microsoft speakers use a macbook.
The only non microsoft speaker I saw used a microsoft tablet and had issues.

Its almost 2017 and you realize all your college classmates prefer TurboC over any other IDE.

So after I spent around 1 hour 35 minutes debugging a client's problem to end up with finding out he had no actual internet without him saying so I think I can finally catch a break and relax..

NOPE

I get an urgent call that a computer that needed tending to was down and needed to be up by tonight

I rush to the office of the said computer only to find the one of the worst things imaginable.

I can see the computer clearly shorted and lo and behold, the CD tray is out with a MUG.. yes you heard that right.. A MUG FULL OF TEA sitting on it..

I literally scream at the employee asking him what a mug was doing there and instead he calls ME DUMB saying that if it wasn't intended as a cup holder what was its use?

SERIOUSLY?! ITS 2017 HOW CAN PEOPLE NOT GRASP SOMETHING AS SIMPLE AS THIS

MOTHERFUCKING MICROSOFT!!! JUST SEND ME THIS FUCKING EMAIL !!!! WTF IS WRONG WITH YOU?!?!? EVERY FUCKING TIME IT TAKES TOOOOOOO MUUUUUCH TIME TO RECEIVE ANY FUCKING CONFIRMATION EMAIL!!! ITS FUCKING 2017 ALREADY GET YOUR SHIT TOGETHER YOU PIECE OF SHIT

A CMS raping WordPress so hard up the ass till there is no tomorrow. I hate that bastardized piece of fuck. “Hey I want you to fix my page and its wordpress. I pay 20 bucks.“ Well fuck you too sir. Wordpress is no cms you wanna be coders. Get back to your fucking photoshop and design something original! Every fucking wp page looks the same. Every “nice feature“ is some kind of monkeypatched workarround. No problem i set preview pictures for every post just to enable some weird slider to function.

I also love those buttfucked files with just a “require foo“ which also just requires “bar“. Drop that fuck. Implement autoloading. Nobody uses php4 anymore step into the future. “easy to learn“ fuck me and fuck you untill you vomit jizz! Clusterfucked spaghetticode thats easy, easy to put another rotten load of clusterfuck on top. Also those security features. I put an empty index.php to prevent directory traversal. N I C E! Stop using wordpress as CMS, its a blog engine. Nothing great has every been written on top of wordpress and never will. I dare you to deny everything related to it and if you are one of those designer guyd, you can gargle my jizz you fucknut!

Starting 2017 i will start a counter and rape every 10th Wordpress which gets abused as cms i encounter into oblivion on their 0,99$ webhosting shit.

Fuck this I'm so mad about that crap

3 rants for the price of 1, isn't that a great deal!

1. HP, you braindead fucking morons!!!

So recently I disassembled this HP laptop of mine to unfuck it at the hardware level. Some issues with the hinge that I had to solve. So I had to disassemble not only the bottom of the laptop but also the display panel itself. Turns out that HP - being the certified enganeers they are - made the following fuckups, with probably many more that I didn't even notice yet.

- They used fucking glue to ensure that the bottom of the display frame stays connected to the panel. Cheap solution to what should've been "MAKE A FUCKING DECENT FRAME?!" but a royal pain in the ass to disassemble. Luckily I was careful and didn't damage the panel, but the chance of that happening was most certainly nonzero.
- They connected the ribbon cables for the keyboard in such a way that you have to reach all the way into the spacing between the keyboard and the motherboard to connect the bloody things. And some extra spacing on the ribbon cables to enable servicing with some room for actually connecting the bloody things easily.. as Carlos Mantos would say it - M-m-M, nonoNO!!!
- Oh and let's not forget an old flaw that I noticed ages ago in this turd. The CPU goes straight to 70°C during boot-up but turning on the fan.. again, M-m-M, nonoNO!!! Let's just get the bloody thing to overheat, freeze completely and force the user to power cycle the machine, right? That's gonna be a great way to make them satisfied, RIGHT?! NO MOTHERFUCKERS, AND I WILL DISCONNECT THE DATA LINES OF THIS FUCKING THING TO MAKE IT SPIN ALL THE TIME, AS IT SHOULD!!! Certified fucking braindead abominations of engineers!!!

Oh and not only that, this laptop is outperformed by a Raspberry Pi 3B in performance, thermals, price and product quality.. A FUCKING SINGLE BOARD COMPUTER!!! Isn't that a great joke. Someone here mentioned earlier that HP and Acer seem to have been competing for a long time to make the shittiest products possible, and boy they fucking do. If there's anything that makes both of those shitcompanies remarkable, that'd be it.

2. If I want to conduct a pentest, I don't want to have to relearn the bloody tool!

Recently I did a Burp Suite test to see how the devRant web app logs in, but due to my Burp Suite being the community edition, I couldn't save it. Fucking amazing, thanks PortSwigger! And I couldn't recreate the results anymore due to what I think is a change in the web app. But I'll get back to that later.

So I fired up bettercap (which works at lower network layers and can conduct ARP poisoning and DNS cache poisoning) with the intent to ARP poison my phone and get the results straight from the devRant Android app. I haven't used this tool since around 2017 due to the fact that I kinda lost interest in offensive security. When I fired it up again a few days ago in my PTbox (which is a VM somewhere else on the network) and today again in my newly recovered HP laptop, I noticed that both hosts now have an updated version of bettercap, in which the options completely changed. It's now got different command-line switches and some interactive mode. Needless to say, I have no idea how to use this bloody thing anymore and don't feel like learning it all over again for a single test. Maybe this is why users often dislike changes to the UI, and why some sysadmins refrain from updating their servers? When you have users of any kind, you should at all times honor their installations, give them time to change their individual configurations - tell them that they should! - in other words give them a grace time, and allow for backwards compatibility for as long as feasible.

3. devRant web app!!

As mentioned earlier I tried to scrape the web app's login flow with Burp Suite but every time that I try to log in with its proxy enabled, it doesn't open the login form but instead just makes a GET request to /feed/top/month?login=1 without ever allowing me to actually log in. This happens in both Chromium and Firefox, in Windows and Arch Linux. Clearly this is a change to the web app, and a very undesirable one. Especially considering that the login flow for the API isn't documented anywhere as far as I know.

So, can this update to the web app be rolled back, merged back to an older version of that login flow or can I at least know how I'm supposed to log in to this API in order to be able to start developing my own client?

!rant

If you haven't checked it out yet, all devs need Devdocs.io + Station

Hands down the most useful resources I've ever come across.

This one site and tool saves me so many chrome tabs it's worth its weight in gold.

Combined with Station (getstation.com) I've cut my RAM usage down by 1/3 overall.

When you have PS CC2018 and Visual Studio 2017 running on a netbook it's helpful to squeeze every little bit.

It's 2017 and I still didn't find a tutorial where the writer is aware of the difference between "its" and "it's".

Let's repeat it again:
it's != its

Although I see how powerful Vim (with all its variants) is, I still don't get why people are so into it.

I mean, it's 2017, we have IDEs and some of them are very good, such as VS for C#, Eclipse for C++ and so on!

* grabs popcorn *...

Anyone hear about the emergency patch that Microsoft just released? Its a RCE vulnerability CVE-2017-11937 which ironically targets all of Microsoft's security products.

Basically when Windows defender scans a specially crafted file the attacker can run code as the LocalSystem. Nice one Microsoft!

Rant:
Why in the freezing cold all people think that linux = secure. Ransomware... Bla bla not happening on linux bla bla... Linux is secure.

If Linux would have been the most popular one people will pretty much run everything on root and install every stupid package available and never run: apt-get update.

Users were so dumb they got scammed by a phising mail... In freaking 2017... This is user stupidity not OS fault...

God its stupidly annoying seeing the same stuff : Linux secure...
Everything can be secure if you paid attention to the same stuff in freaking 2000.

Someone tell them its 2017 already. Saddest part was TA asking me to implement Binary Search in this TurboC++. Toughest 2 hours of my day :(

So there is this programming competition i regularly enter. I dont give a shit about the competition part, its just fun to make something in a limited time. This year, i was kinda hyped that i threw together a modern stack, with Java Spark and VueJS, that would be really cool to use.

Today we got the requirements.

Php and jquery.

Well fuck me for living in 2017 apparently.

! exactly dev

I'd ditched Windows and spent a while exploring the Linux ecosystem for content creation. And I have to say, it was not a nice experience.

As much as I respect the Linux mantra of "free as in freedom" and "you need to roll up your sleeves and figure out stuff on your own", it just isn't good enough for non-dev work. Sorry guys, but I need software that gets out of my way and at least does what it's supposed to do. I can't stand a horrible UI or delays and random crashes, which is exactly what happens with most things under Linux.

To replace my Windows workflow I used the following:
1. Windows -> elementaryOS (because Debian/Ubuntu repositories seem to have the best software support, and elementaryOS is the least horrible looking thing that supports that) and then Arch, because, well, Arch.
2. Blender + Maya -> Blender + Maya on Linux.
3. Reaper + FL Studio -> Ardour + LMMS.
4. Photoshop -> GIMP + Krita + Inkscape.
5. ZBrush -> nothing :(

As you can see, my use cases are pretty much all over the spectrum.

Firstly, installing and configuring stuff. A pleasure on Windows, an absolute pain on Linux. Everything just worked on Windows, I had to wrestle with library versions and patches and unstable audio layers (Linux audio just sucks, except for JACK) on Linux.

Out of these, Blender and Maya were the best experience. But even then, both would suffer from random crashes that just didn't happen on Windows.
Ardour is actually really nice when it works. Its use of JACK for routing makes it really really flexible, but it just isn't stable enough to depend on. LMMS is utter crap. I'm sorry, but I just hate the UI. Can't stand it.
GIMP, Krita, and Inkscape can't beat Photoshop, even when you consider them together. Adobe software workflow is just so much better and more intuitive.
Blender 3D sculpting is not bad, but it's nowhere as good as ZBrush.

Also, if you're a C++ dev like me, nothing beats Visual Studio 2017. Nothing. That IDE just blows everything else out of the water. Even VSCode. And it's not slow at all, it handled a fairly large project (PBRTv3) just fine on my Windows development VM. Yes, a VM.

So...I ditched Linux and went back to Windows, but I keep Linux as a VM for when I actually want to mess with Blender or Ardour. Or some dev stuff which Windows sucks at (which is becoming less frequent because of WSL).

Out of all the above, the only one I'd consider ready for production use would be Blender. Developers of open source software, please learn from Blender. Kickass UI and user friendly operation is extremely important, you can't make a random window with GTK buttons and text boxes and arcane config files and expect people to use it for serious work.

Also, Windows beats Linux hands down as an everyday OS. It's always been rock solid, if you take care of it properly (and that goes for any OS). Updates hardly take any time because I run it on a SSD. As for all the advertising and marketing bullshit, you can block a large amount of stuff. And for what can't be blocked, well, I just have to live with it, because the alternative is compromising on my creative output, which is too much for me.

I still run Linux on my server, though. And on my embedded devices (Pi, BeagleBone, etc.). It absolutely rocks there.

I realize that Linux software is not going to improve unless we do something about it, so I'll be contributing fixes and code (the joys of being a C++ dev, yay). Still, I feel that the platform and software as a whole is just not mature enough.

So I I opened my college's Tech Fest website to check the events and an irritating music starts playing at full volume.

Ya boi got a new vehicle. Its an SUV(cuz i got kids) a nissan murano 2017, maaaan this one is a good vehicle.

When I leave the truck on and I take the keys with me it makes this little beeping sound. And because I am weird I like to say: "ah, sentry mode"

I spent 10 years driving a Honda Civic. Not gon a lie, it was a really good car and it never gave me any issues. But it was starting to show its wear and tear and I didn't trust it for a long trip sort of deal.

Is this dev related? Fuck no, I was just fixing to be random and te y'all I got a new vehicle.

Texas

Just another big rant story full of WTFs and completely true.

The company I work for atm is like the landlord for a big german city. We build houses and flats and rent them to normal people, just that we want to be very cheap and most nearly all our tenants are jobless.
So the company hired a lot of software-dev-companies to manage everything.

The company I want to talk about is "ABI...", a 40-man big software company. ABI sold us different software, e.g. a datawarehouse for our ERP System they "invented" for 300K or the software we talk about today: a document management system. It has workflows, a 100 year-save archive system, a history feature etc.
The software itself, called ELO (you can google it if you want) is a component based software in which every company that is a "partner" can develop things into, like ABI did for our company.

Since 2013 we pay ABI 150€ / hour (most of the time it feels like 300€ / hour, because if you want something done from a dev from ABI you first have to talk to the project manager of him and of course pay him too). They did thousand of hours in all that years for my company.

In 2017 they started to talk about a module in ELO called Invoice-Module. With that you can manage all your paper invoices digital, like scan that piece of paper, then OCR it, then fill formular data, add data and at the end you can send it to the ERP system automatically and we can pay the invoice automatically. "Digitization" is the key word.

After 1.5 years of project planning and a 3 month test phase, we talked to them and decided to go live at 01.01.2019. We are talking about already ~ 200 hours planning and work just from ABI for this (do the math. No. Please dont...).

I joined my actual company in October 2018 and I should "just overview" the project a bit, I mean, hey, they planned it since 1.5 years - how bad can it be, right?

In the first week of 2019 we found 25 bugs and users reporting around 50 feature requests, around 30 of them of such high need that they can't do their daily work with the invoices like they did before without ELO.
In the first three weeks of 2019 we where around 70 bugs deep, 20 of them fixed, with nearly 70 feature requests, 5 done. Around 10 bugs where so high, that the complete system would not work any more if they dont get fixed.

Want examples?
- Delete a Invoice (right click -> delete, no super deep hiding menu), and the server crashed until someone restarts it.
- missing dropdown of tax rate, everything was 19% (in germany 99,9% of all invoices are 19%, 7% or 0%).

But the biggest thing was, that the complete webservice send to ERP wasn't even finished in the code.
So that means we had around 600 invoices to pay with nearly 300.000€ of cash in the first 3 weeks and we couldn't even pay 1 cent - as a urban company!

Shortly after receiving and starting to discussing this high prio request with ABI the project manager of my assigned dev told me he will be gone the next day. He is getting married. And honeymoon. 1 Week. So: Wish him luck, when will his replacement here?

Deep breath.
Deep breath.

There was no replacement. They just had 1 developer. As a 40-people-software-house they had exactly one developer which knows ELO, which they sold to A LOT of companies.

He came back, 1 week gone, we asked for a meeting, they told us "oh, he is now in other ELO projects planned, we can offer you time from him in 4 weeks earliest".

To cut a long story short (it's to late for that, right?) we fought around 3 month with ABI to even rescue this project in any thinkable way. The solution mid February was, that I (software dev) would visit crash courses in ELO to be the second developer ABI didnt had, even without working for ABI....

Now its may and we decided to cut strings with ABI in ELO and switch to a new company who knows ELO. There where around 10 meetings on CEO-level to make this a "good" cut and not a bad cut, because we can't afford to scare them (think about the 300K tool they sold us...).

01.06.2019 we should start with the new company. 2 days before I found out, by accident, that there was a password on the project file on the server for one of the ELO services. I called my boss and my CEO. No one knows anything about it. I found out, that ABI sneaked into this folder, while working on another thing a week ago, and set this password to lock us out. OF OUR OWN FCKING FILE.
Without this password we are not able to fix any bug, develop any feature or even change an image within ELO, regardless, that we paid thausend of hours for that.

When we asked ABI about this, his CEO told us, it is "their property" and they will not remove it.
When I asked my CEO about it, they told me to do nothing, we can't scare them, we need them for the 300K tool.

No punt.
No finish.

Just the project file with a password still there today

Static HTML pages are better than "web apps".

Static HTML pages are more lightweight and destroy "web apps" in performance, and also have superior compatibility. I see pretty much no benefit in a "web app" over a static HTML page. "Web apps" appear like an overhyped trend that is empty inside.

During my web browsing experience, static HTML pages have consistently loaded faster and more reliably, since the browser is immediately served with content useful for consumption, whereas on JavaScript-based web "apps", the useful content comes in **last**, after the browser has worked its way through a pile of script.

For example, an average-sized Wikipedia article (30 KB wikitext) appears on screen in roughly two seconds, since MediaWiki uses static HTML. Everipedia, in comparison, is a ReactJS app. Guess how long that one needs. Upwards of three times as long!

Making a page JavaScript-based also makes it fragile. If an exception occurs in the JavaScript, the user might end up with a blank page or an endless splash screen, whereas static HTML-based pages still show useful content.

The legacy (2014-2020) HTML-based Twitter.com loaded a user profile in under four seconds. The new react-based web app not only takes twice as long, but sometimes fails to load at all, showing the error "Oops something went wrong! But don't fret – it's not your fault." to be displayed. This could not happen on a static HTML page.

The new JavaScript-based "polymer" YouTube front end that is default since August 2017 also loads slower. While the earlier HTML-based one was already playing the video, the new one has just reached its oh-so-fancy skeleton screen.

It would once have been unthinkable to have a website that does not work at all without JavaScript, but now, pretty much all popular social media sites are JavaScript-dependent. The last time one could view Twitter without JavaScript and tweet from devices with non-sophisticated browsers like Nintendo 3DS was December 2020, when they got rid of the lightweight "M2" mobile website.

Sometimes, web developers break a site in older browser versions by using a JavaScript feature that they do not support, or using a dependency (like Plyr.js) that breaks the site. Static HTML is immune against this failure.

Static HTML pages also let users maximize speed and battery life by deactivating JavaScript. This obviously will disable more sophisticated site features, but the core part, the text, is ready for consumption.

Not to mention, single-page sites and fancy animations can be implemented with JavaScript on top of static HTML, as GitHub.com and the 2018 Reddit redesign do, and Twitter's 2014-2020 desktop front end did.

From the beginning, JavaScript was intended as a tool to complement, not to replace HTML and CSS. It appears to me that the sole "benefit" of having a "web app" is that it appears slightly more "modern" and distinguished from classic web sites due to use of splash screens and lack of the browser's loading animation when navigating, while having oh-so-fancy loading animations and skeleton screens inside the website. Sorry, I prefer seeing content quickly over the app-like appearance of fancy loading screens.

Arguably, another supposed benefit of "web apps" is that there is no blank page when navigating between pages, but in pretty much all major browsers of the last five years, the last page observably remains on screen until the next navigated page is rendered sufficiently for viewing. This is also known as "paint holding".

On any site, whenever I am greeted with content, I feel pleased. Whenever I am greeted with a loading animation, splash screen, or skeleton screen, be it ever so fancy (e.g. fading in an out, moving gradient waves), I think "do they really believe they make me like their site more due to their fancy loading screens?! I am not here for the loading screens!".

To make a page dependent on JavaScript and sacrifice lots of performance for a slight visual benefit does not seem worthed it.

Quote:

> "Yeah, but I'm building a webapp, not a website" - I hear this a lot and it isn't an excuse. I challenge you to define the difference between a webapp and a website that isn't just a vague list of best practices that "apps" are for some reason allowed to disregard. Jeremy Keith makes this point brilliantly.
>
> For example, is Wikipedia an app? What about when I edit an article? What about when I search for an article?
>
> Whether you label your web page as a "site", "app", "microsite", whatever, it doesn't make it exempt from accessibility, performance, browser support and so on.
>
> If you need to excuse yourself from progressive enhancement, you need a better excuse.

– Jake Archibald, 2013

It's almost 2017 and the only thing Im doing is stay laid in bed reading rants it feels wired 😐 but its funny anyway 😝😀😀

Oh boy I got a few. I could tell you stories about very stupid xss vectors like tracking IDs that get properly sanitized when they come through the url but as soon as you go to the next page and the backend returns them they are trusted and put into the Dom unsanitized or an error page for a wrong token / transaction id combo that accidentally set the same auth cookie as the valid combination but I guess the title "dumbest" would go to another one, if only for the management response to it.

Without being to precise let's just say our website contained a service to send a formally correct email or fax to your provider to cancel your mobile contract, nice thing really. You put in all your personal information and then you could hit a button to send your cancelation and get redirected to a page that also allows you to download a pdf with the sent cancelation (including all your personal data). That page was secured by a cancelation id and a (totally save) 16 characters long security token.

Now, a few months ago I tested a small change on the cancelation service and noticed a rather interesting detail : The same email always results in the same (totally save) security token...
So I tried again and sure, the token seemed to be generated from the email, well so much about "totally save". Of course this was a minor problem since our cancelation ids were strong uuids that would be incredibly hard to brute force, right? Well of course they weren't, they counted up. So at that point you could take an email, send a cancelation, get the token and just count down from your id until you hit a 200 and download the pdf with all that juicy user data, nice.

Well, of course now I raised a critical ticket and the issue was fixed as soon as possible, right?
Of course not. Well I raised the ticket, I made it critical and personally went to the ceo to make sure its prioritized. The next day I get an email from jira that the issue now was minor because "its in the code since 2017 and wasn't exploited".

Well, long story short, I argued a lot and in the end it came to the point where I, as QA, wrote a fix to create a proper token because management just "didn't see the need" to secure such a "hard to find problem". Well, before that I sent them a zip file containing 84 pdfs I scrapped in a night and the message that they can be happy I signed an NDA.

I am a mechanical engineer first and my companies go to sysadmin second. So software developing isnt really my main field of expertise buuttt:

WHY IS SLOOPY SOFTWARE WRITING A VIABLE EXCUSE?

Story:
Yesterday i started to migrate some stuff from our old Win 2008 Server to the new 2016. Turns out there are some MS SQL Express Servers running. Quick check for what they are turns out that they are activly used. So far so good. For other reasons we have a new MSSQL 2017 Core Licence. So i thought, hey it would be nice to just move those 2012, 2008 and 2014 Express Servers to a real one that can use the entire machines capabilities.
After some try & error with exporting one of the softwares (where i had to elevate one the user rights to sysadmin for reasons) the entire system stopped working. I didnt deleted anything or changed anything! Well, i elevated user rights. After 2 hours of support call it turns out that the software stopped working cause i gave the database user sysadmin rights. I dont know enough about MSSQL to judge wether that is logical or not, but it sounds super illogical and i suspect sloopy software writing on the manufacturers part. One way or another, the excuse from the telephone support was "yeah, our software is a very fragile child"
Okay.
After i told all that my coworkers two of them were also "yeah, that is just how the [company] software is, you have to be careful with it"

Apparently it broke in the past for other minor stuff.
As an engineer i cannot build bridges that collapse when you use the left and the right lane at the same time. For an architect it isnt okay to build an house where the front door explodes when you open a window. It is not okay for a power tool to go out in a fireball when you accidently drill plastic with it. But for some weird reasons its socially acceptable for programs to be sloopy, buggy and only working under specific conditions. Since when is it okay for a car only to work when you know specific steps to make it run? Like, throwing your spare key in the gas tank, the kick the left wheel exactly three times and finally tapping the steering wheel 5 times left, 4 times right. What? That would be ridiculous? But that is exactly how that software works. You have to follow a specific step guide to make it work, EVERY TIME.

I. JUST. DONT. GET. IT

I know its been quite a while since ive posted last but it is safe to say that i am back! And boy do i have some stuff to bitch about.

This semester, Im taking mobile app development as a class. I chose to take this class over the introductory c# class, so that i wouldn't need to work with Windows or really do anything else to touch Windows. Well the joke is on me. Here i was thinking that we would be using a bit of Java from time to time while only really learning best practices and concepts.
Never did i think that this class's curriculum would be entirely based off of Xamarin.
Seeing as I need either this class or the two c# classes to graduate, I had to bite the bullet and just accept that my semester would be full of irritation during this class.
Its been about seven weeks in, and i have turned in 8 assignments.
All 8 of those assignments have been Windows Form Applications doing simple shit like dividing two numbers.
We have not made anything for multiple devices. We have not made anything for even one mobile device. We have not even discussed how to do this in the class.
This wouldnt bother me so much since these are typically easy programs that take about 30 minutes to make and test and submit for grading. It does insanely bother me, however, that it takes Windows so FUCKING LONG to boot, or when it freezes every 2 minutes because i clicked into another program, or it just HANGS ON THE UPDATING SCREEN AT 36% FOR THREE DAYS, or when it took 4 different reinstallations of Visual Studio 2017 before i could actually open without an error code.

College, Ive learned, tests my patience way more than it has ever tested my knowledge.

So.. I'm giving one of my employers webapps a visual refresher, new company branding and whatnot.

And then I stumbled onto a check that is not returning what anybody expects, and, well , I'm busy fixing things, yeah..? so I go digging.. 🤔

```
function isDefined(obj) {
return !(typeof obj === "undefined") || obj !== null;
}
```

Here's the fun part, these particular lines have been in the code base since before 2017, which is when my Git history starts, because that's when we migrated projects from Visual SourceSafe 6 over to Git. Yes, you read that right. They were still using VSS in 2017.

I've begged and pleaded with my last 3 bosses to let us thrown this piece of shit out our second story window and rewrite it properly. But no, we don't have time to rewrite, so we must fix what we have instead.

I lost 4 hours of my life earlier today, tracking down another error that has been silently swallowed by a handler with its "console.log" call commented out, only to find that it's always been like that, and it's an "expected error". 🤦

Please, just fucking kill me now... I just, I can't deal with this shit anymore.

I dunno if you gents remember the Nickelodeon show known as Drake and Josh.

It was pretty big in Mexico and the U.S.

Well, one of the characters from that show is the singer/actor Drake Bell.

For a while, Drake Bell would **constantly** tweet about how much Justin Bieber sucks.

I aint denying that Justin Bieber sucks, i don't like his music at all.

But the constant attacks came out as jealousy, at least to me.

What does this has to do with development or even computers? Well this is EXACTLY how I feel about Louis Rossman CONSTANTLY making videos about apple products.
We get it man we really do, sadly for a lot of us the only way to get ios development done is through a fucking Mac

EVEN if his whiny ass is right about the hardware not being top notch and all that shit I AM still not able to explain a 2013(early...as in january) macbook pro still working with literally NO fucking problems. Before that the other macbook was just changed because we wanted the 2013 model. The thing worked, the one before did so too and the 2017 model that I have works, amazingly so i will add.

Still, the army of dell,hp and lenovo laptops that I've had before just died or are not functioning properly. Either it is my shit luck or Apple's "shitty hardware" got something really fucking right.

I think its retarded really. If you don't like them then fine, you don't have to, personally I fucking love all computers and os, but I don't get fanboys hating for the sake of hate.

the fuck you care if I spend 2500 on a computer? I would the same shit for your mom and the computer would last me longer.

Does owning multiple macs make me better than you? No

Does this mean that you are piss poor and can't afford shit and that is why you are hating? No

Will I call you <insert number of insults> gor your choice of pc or os? No

What is retarded is this: you all are DEVELOPERS(at least a good chunk) and your ass better fucking know that some people USE a certain tool because IT IS THE RIGHT ONE FOR THE JOB.

It is a damn fine operating system, a really good computing experience. It ain't your taste? Fine, das cool, but for fucks sake it does not mean that the other people are idiots or whatever.

Grow the fuck up and get yourself an opinion.

Rant rant rant!

Le me subscribe to website to buy something.

Le register, email arrives immediately.
*please not my password as clear text, please not my password as clear text *

Dear customer your password is: ***

You dense motherfucker, you special bread of idiotic asshole its frigging 2017 and you send your customer password in an email!???

They frigging even have a nice banner in their website stating that they protect their customer with 128bit cryptography (sigh)

Protect me from your brain the size of a dried pea.

Le me calm down, search for a way to delete his profile. Nope no way.
Search for another shop that sells the good, nope.
Try to change my info: nope you can only change your gender...

Get mad, modify the html and send a tampered form: it submits... And fail because of a calculation on my fiscal code.

I wanna die, raise as a zombie find the developers of that website kill them and then discard their heads because not even an hungry zombie would use that brains for something.

The first job I had, asked me to build a simple CRUD functionality in CodeIgniter (It was popular in 2017).

I wasn't able to understand the framework and its ins and outs.
(I only knew Core PHP at that point).

It took me 3 days to finish the task and I got yelled at by the team leader because of it and I almost broke down crying. At that point I was convinced that web development career isn't for me.

!rant

Omfg wtf is going on with bitcoin?
Don't know what makes me crazy about its growth in 2017: the fact that I have no money to buy some or the fact that when I have it might collapse ... Aaaargh

Its 2017 and people still don’t write RESTful apps? This is childish man

I've always been a strong critic of the mac operating system and apple in general for they're overpriced products. few months back my old laptop kicked the bucket and repairing it was not an option as i was sick of charging the laptop after every 3-4 hours and had to purchase a new laptop immediately. loooking at my options around 50k rs or 700$ all windows laptops available in indian markets sucked (except for lenovo 320s) so i made the shift to macbook air 2017.my daily work involves photoshop illustrator and a dash of premiere pro. I also work on nodeJS and python using the pycharm and atom IDEs. After using it for a month i feel in love with mac platform and macos. Its a wonderful experience. gone are the days of crashes and the windows updates (ugh). the boot of the laptop is like magic and softwares like wmware imovie and notes keynote are f**king awesome. Long hours of work have become fun rather than hell dealing with constant windows gimmicks and bad battery optimisation on linux.

An explanation why all developers (except for the ones who require high powered gpus) graphic designers should shift to macos rn.

Advantages of using mac

No forced updates update whenever now or a f'ing month later no probs.
better battery optimisation than linux
no more installing os again and again (ubuntu)
better vm than virtualbox (vmware)
terminal for running bash commands
no crahes
Xcode platform
trackpad is worlds better than the best windows trackpad

Disadvantages

some softwares not available for macos
storage is generally less on macbooks
UI is simple (less elaborated than windows)

Workarounds

get a vm and install linux(vmware fusion 8)
ps. u may not need it though
wine and wine bottler for using windows apps
get a microsd to sd adapter for macbook and expand storage

Visual Studio and its compatibility with Linux applications.
I don't know if I'm the only one, but this is my setup:
- Visual Studio 2017 on Windows 10
- Ubuntu 18.04 subsystem on Windows

I just can't do any Linux coding in Visual Studio... it is using my subsystem as a Remote Compiler and debugger, and a simple Hello World program does build and run successfully, but EVERY SINGLE LINE HAS ERRORS! It can't find stdio.h! Not a single include file works! They get auto-completed so it knows where the files are, but apparently opening them to see all the methods is too much for Visual Studio! I'd say the problem has something to do with IntelliSense since only inside the IDE my code has errors, compiling (which happens on the subsystem) works like a charm.

At my IT security job(yeah, it sucks sometimes. I want a dev job but that's another story).

Needed to help some end users use and install a toolbar and get it to download through a proxy so they can edit stupid government online forms, which only supports IE 11. Obviously it didn't work.

Wait a MOTHETFUCKING MINUTE.
It's 2017. What the fuck. Who the fuck uses fucking toolbars anymore.

How fucking retarded and out of touch with reality the government can be, when it forces its users to download a fucking toolbar(with admin priviliges!) and use fucking IE 11 just to access a basic feature of the website.

Another fucking proof that governments are cancer and we need Anarcho-capitalism ASAP.

Hardware Nerd Rant...

Spend nearly a year waiting for a super high end developer laptop. Tricked out MacBook Pro 2016: $4200+, Tricked out Surface Book 2/i7, $3700+

No 32GB ram because of Intel power consumption pre-Cannonlake. Mac doesn't have a touchscreen at its price point...

My gut ultimately says: NOPE.JPG

General hope is for GPU Docks like the Razer Core to come to Apple in 2017. Thoughts?

Excited about this freelance project.
Asked my team lead for 3 weeks to add server to the project for login/signup, realtime database and storage
(sounds stupid , but am an android guy, who used to make servers long back in november 2017)

its second day and i am already done😂😂😂

Don't know if my lead is happy or angry or panicking, his task to add an admin panel is still undone😜