My partner has zero interest in coding and wants to have a baby, a week ago she started to yell install baby at me. Told her its not the right command. A few days ago she yelled apt-get install baby. Told her there was a user privilege problem. Today she came back with sudo apt-get install baby.

looks like we are going to have to have a baby!

So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)

Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.

Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.

Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.

It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.

I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.

So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.

I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.

Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.

An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:

"please reenter card number to validate."

Bupkiss. Dead end.

OR SO YOU WOULD THINK.

One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:

"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"

One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:

With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.

So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.

I hate SQL Server so much, don't matter how Microsoft say they improve themselves at SQL Server.

There's a lot of fucking bloat, messes your system and your services, adds tons of crap in your system registry, while more advanced SQL engines such MariaDB/PostgreSQL are more contained, and its very small.

Why SQL Server has to mess with Windows' ACL and his own privilege systems?.

Uninstall it and a lot of components remain hidden and tons of registry entries, not even TotalUninstaller or CCleaner can help.

I hate it since my technical high school and my goddamn college is forcing us to use SQL Sever for EVERYTHING, instead of good alternatives, messed my computer entirely requiring to format.

I try always to convince my freelance clients to use open-source alternatives, and say how SQL Server is so crap, (i had variant degrees of success).

(long post is long)
This one is for the .net folks. After evaluating the technology top to bottom and even reimplementing several examples I commonly use for smoke testing new technology, I'm just going to call it:

Blazor is the next Silverlight.

It's just beyond the pale in terms of being architecturally flawed, and yet they're rushing it out as hard as possible to coincide with the .Net 5 rebranding silo extravaganza. We are officially entering round 3 of "sacrifice .Net on the altar of enterprise comfort." Get excited.

Since we've arrived here, I can only assume the Asp.net Ajax fiasco is far enough in the past that a new generation of devs doesn't recall its inherent catastrophic weaknesses. The architecture was this:

1. Create a component as a "WebUserControl"
2. Any time a bound DOM operation occurs from user interaction, send a payload back to the server
3. The server runs the code to process the event; it spits back more HTML

Some client-side js then dutifully updates the UI by unceremoniously stuffing the markup into an element's innerHTML property like so much sausage.

If you understand that, you've adequately understood how Blazor works. There's some optimization like signalR WebSockets for update streaming (the first and only time most blazor devs will ever use WebSockets, I even see developers claiming that they're "using SignalR, Idserver4, gRPC, etc." because the template seeds it for them. The hubris.), but that's the gist. The astute viewer will have noticed a few things here, including the disconnect between repaints, inability to blend update operations and transitions, and the potential for absolutely obliterative, connection-volatile, abusive transactional logic flying back and forth to the server. It's the bring out your dead approach to seeing how much of your IT budget is dedicated to paying for bandwidth and CPU time.

Blazor goes a step further in the server-side render scenario and sends every DOM event it binds to the server for processing. These include millisecond-scale events like scroll, which, at least according to GitHub issues, devs are quickly realizing requires debouncing, though they aren't quite sure how to accomplish that. Since this immediately becomes an issue with tickets saying things like, "scroll event crater server, Ugg need help! You said Blazorclub good. Ugg believe, Ugg wants reparations!" the team chooses a great answer to many problems for the wrong reasons:

gRPC

For those who aren't familiar, gRPC has a substantial amount of compression primarily courtesy of a rather excellent binary format developed by Google. Who needs the Quickie Mart, or indeed a sound markup delivery and view strategy when you can compress the shit out of the payload and ignore the problem. (Shhh, I hear you back there, no spoilers. What will happen when even that compression ceases to cut it, indeed). One might look at all this inductive-reasoning-as-development and ask themselves, "butwai?!" The reason is that the server-side story is just a way to buy time to flesh out the even more fundamentally broken browser-side story. To explain that, we need a little perspective.

The relationship between Microsoft and it's enterprise customers is your typical mutually abusive co-dependent relationship. Microsoft goes through phases of tacit disinterest, where it virtually ignores them. And rightly so, the enterprise customers tend to be weaksauce, mono-platform, mono-language types who come to work, collect a paycheck, and go home. They want to suckle on the teat of the vendor that enables them to get a plug and play experience for delivering their internal systems.

And that's fine. But it's also dull; it's the spouse that lets themselves go, it's the girlfriend in the distracted boyfriend meme. Those aren't the people who keep your platform relevant and competitive. For Microsoft, that crowd has always been the exploratory end of the developer community: alt.net, and more recently, the dotnet core community (StackOverflow 2020's most loved platform, for the haters). Alt.net seeded every competitive advantage the dotnet ecosystem has, and dotnet core capitalized on. Like DI? You're welcome. Are you enjoying MVC? Your gratitude is understood. Cool serializers, gRPC/protobuff, 1st class APIs, metadata-driven clients, code generation, micro ORMs, etc., etc., et al. Dear enterpriseur, you are fucking welcome.

Anyways, b2blazor. So, the front end (Blazor WebAssembly) story begins with the average enterprise FOMO. When enterprises get FOMO, they start to Karen/Kevin super hard, slinging around money, privilege, premiere support tickets, etc. until Microsoft, the distracted boyfriend, eventually turns back and says, "sorry babe, wut was that?" You know, shit like managers unironically looking at cloud reps and demanding to know if "you can handle our load!" Meanwhile, any actual engineer hides under the table facepalming and trying not to die from embarrassment.

[this post is not a joke, it's about health, ladies might want to avoid reading it as it about defecating]

i did mindfulness during shitting and i think more people shud try this.
instead of just pooping without giving any attention to it or using phone while pooping, you can use your phone for guided meditation with apps like Trip, Calm, ...
While shitting I noticed small things like the water tap, I slowly rotated it; first the water came in drops(listen to it), then in a small stream, then a turbulent flow.
If your attention drifts away, gently observe that its a thought and let it pass.
focus on what is happening right now. Feel how your anus vibrates to fart, giving a tingling sensation.
focus on how the turd comes out of the anus, the way it expands your sphincter muscles and finally drops in the crapper.

Practice gratitude. I realised how lucky I'm to shit comfortably in solidarity, many people in the world don't even have such privilege.
I feel good that I've flush mechanism in my toilet and 24x7 water supply. The shitting time can be utilised in a very positive way like this.
Look at your shit and wonder this used to be food, and be grateful to your digestive system.

The iPhone is only good for consuming apps, that's it. If you want to use it for anything else, good luck.

Its keyboard is miserable.

Its browser is the new IE.

If you connect to a share folder, at random you lose all networking and you have to restart the phone.

You don't reliably get notifications so good luck explaining to your boss or client or girlfriend why you didn't reply back for hours.

Once the battery permanently dies, you're just expected to spend another $1k for the privilege of this suffering.

It took over 25 edits to get to this point in the message. I had to restart this status symbol 3 times in the last 24 hours in order to restore its ability to communicate. It is agony to use this substandard pile of garbage and it has objectively made my quality of life worse in the 18 months I've had it.

It's an iphone 12. I bought it new from the store. I thought Apple only intentionally made older phones unusable through updates, but this has been unusable since the beginning.

just got a "privilege update" now i'm responsible for not only my software but for the webservers too...thanks admin guys...now i have more bullshit to deal with

So, do any of your poor fuckers have the opportunity - nay, PRIVILEGE of using the absolute clusterfuck piece of shit known as SQL Server Integration Services?

Why do I keep seeing articles about how "powerful" and "fast" it is? Why do people recommend it? Why do some think it's easy to use - or even useful?

It can't report an error to save its life. It's logging is fucked. It's not just that it swallows all exceptions and gives unhelpful error messages with no debugging information attached, its logging API is also fucked. For example, depending on where you want to log a message - it's a totally different API, with a billion parameters most of which you need to supply "-1" or "null" to just to get it do FUCKING DO SOMETHING. Also - you'll only see those messages if you run the job within the context of SQL FUCKING SERVER - good luck developing on your ACTUAL FUCKING MACHINE.

So apart from shitty logging, it has inherited Microsoft's insane need to make everything STATICALLY GODDAMN TYPED. For EVERY FUCKING COMPONENT you need to define the output fields, types and lengths - like this is 1994. Are you consuming a dynamic data structure, perhaps some EAV thing from a sales system? FUCK YOU. Oh - and you can't use any of the advances in .NET in the last 10 years - mainly, NuGet and modern C# language features.

Using a modern C# language feature REMOVES THE ABILITY TO FUCKING DEBUG ANYTHING. THE FUCKER WILL NOT STOP ON YOUR BREAKPOINTS. In addition - need a JSON parsing library? Want to import a SDK specific to what you're doing? Want to use a 3rd party date library? WELL FUCK YOU. YOU HAVE TO INDEPENDENTLY INSTALL THE ASSEMBLIES INTO THE GAC AND MAKE IT CONSISTENT ACROSS ALL YOUR ENVIRONMENTS.

While i'm at it - need to connect to anything? FUCK YOU, WE ONLY INCLUDE THE MOST BASIC DATABASE CONNECTORS. Need to transform anything? FUCK YOU, WRITE A SCRIPT TASK. Ok, i'd like to write a script task please. FUCK YOU IM GOING TO PAUSE FOR THE NEXT 10 MINUTES WHILE I FIRE UP A WHOLE FUCKING NEW INSTANCE OF VISUAL STUDIO JUST TO EDIT THE FUCKING SCRIPT. Heaven forbid you forget to click the "stop" button after running the package and open the script. Those changes you just made? HAHA FUCK YOU I DISCARDED THEM.

I honestly cant understand why anyone uses this shit. I guess I shouldn't really expect anything less from Microsoft - all of their products are average as fuck.

Why do I use this shit? I work for a bunch of fucks that are so far entrenched in Microsoft technologies that they literally cannot see outside of them (and indeed don't want to - because even a cursory look would force them to conclude that they fucked up, and if you're a manager thats something you can never do).

Ok, rant over. Also fuck you SSIS

I can work productively and for very long hours with a lot of stuff which many dev considers productivity hurdles:

- single small monitor? No problem (in fact in one occasion in which my roommate accidentally broke my laptop charghing port and I couldn't get a spare I worked on an iPad connected trough SSH to a Linux machine completing one of the hardest tasks I ever did without significant loss of productivity)
- old machine? That's ok as long as I can run a minimal Linux and not struggle with Windows
- noise and chatter around me? A 10€ pair of earbuds are enough for me, no noise cancelling needed
- "legacy" stack/programming language? I'd rather spend my days coding in Swift or Rust but in the end I believe which is the dev and its skill which gets the job done not fancy language features so Java 8 will be fine
- no JetBrains or other fancy IDE? Altough some refactoring and code generation stuff is amazing Neovim or VS Code, maybe with the help of some UNIX CLI tools here and there are more than enough

despite this I found out there is a single thing which is like kryptonite for my productivity bringing it from above average* to dangerously low and it's the lack of a quick feedback loop.
For programming tasks that's not a problem because it doesn't matter the language there's always a compiler/interpreter I can use to quickly check what I did and this helps to get quickly in a good work flow but since I went to work with a customer which wants everything deployed on a lazily put together "private cloud" which needs configurations in non-standard and badly documented file formats, has a lot of stuff which instead of being automated gets done trough slowly processed tickets, sometimes things breaks and may take MONTHS to see them fixed... my productivity took a big hit since while I'm still quick at the dev stuff (if I'm able to put together a decent local environment and I don't depend on the cloud of nightmares, something which isn't always warranted) my productivity plummets when I have to integrate what I did or what someone else did in this "cloud" since lacking decent documentation everything has do be done trough a lot of manual tasks and most importantly slow iterations of trial and error. When I have to do that kind stuff (sadly quite often) my brain feels like stuck on "1st gear": I get slow, quickly tired and often I procrastinate a lot even if I force myself out of non work related internet stuff.

*I don't want this to sound braggy but being a passionate developer which breathes computers since childhood and dedicating part of my freetime on continuously improving my skill I have an edge over who do this without much passion or even reluctantly and I say this without wanting to be an èlitist gatekeeper, everyone has to work and tot everybody as the privilege of being passionate in a skill which nowadays has so much market