A programmer is walking along a beach and finds a lamp. He rubs the lamp, and a genie appears. “I am the most powerful genie in the world. I can grant you any wish, but only one wish.”

The programmer pulls out a map, points to it and says, “I’d want peace in the Middle East.”

The genie responds, “Gee, I don’t know. Those people have been fighting for millenia. I can do just about anything, but this is likely beyond my limits.”

The programmer then says, “Well, I am a programmer, and my programs have lots of users. Please make all my users satisfied with my software and let them ask for sensible changes.”

At which point the genie responds, “Um, let me see that map again.”

I think the weekly rants just exist because @dfox & @trogus got banned from stackoverflow and they still have questions.

When it comes to learning cutting edge tech... Go build already!

I found Rust intimidating.

I read the first few pages of the official book, got bored, gave up.

Few months later, decided to write a "simple" tool for generating pleasing Jetbrains IDE color schemes using Rust. I half-finished it by continuously looking up stuff, then got stuck at some ungoogleable compiler error.

Few months later I needed to build a microservice for work, and against better judgement gave Rust a try in the weekend. Ended up building an unrelated library instead, uploaded my first package to crates.io.

Got some people screaming at me that my Rust code sucked. Screamed back at them. After lots of screaming, I got some helpful PRs.

Eventually ended up building many services for work in Rust after all. With those services performing well under high load and having very few bugs, coworkers got interested. Started hiring Rust engineers, and educating interested PHP/JS devs.

Now I professionally write Rust code almost full-time.

Moral of the story:

Fuck books, use them for reference. Fuck Udemy (etc), unless you just want to 2x through it while pooping.

Learning is something you do by building a project, failing, building something else, falling again, building some more, sharing what you've made, fighting about what you've built with some entitled toxic nerds, abandoning half your projects and starting twelve new ones.

Reading code is better than reading documentation.

Listening to users of your library/product teaches you more than listening to keynote speakers at conferences.

Don't worry about failures, you don't need to deliver a working product for it to be a valuable experience.

Oh, and trying to teach OTHERS is an excellent method to discover gaps in your knowledge.

Just get your fucking hands dirty!

Someone Asks me : "Will programmers be needed in the future if AI is already created code?"

Your question clearly tells one thing; you have no idea what programing is about and how it is done.

For starters, software already writes code. In every major codebase there are lots of files with auto-generated code. Auto-generated code is something a program have written to provide interface to a service for the rest of the codebase. So code already writes code - if the purpose of the code is clearly defined.

The problem is that users rarely know what they actually want, and even if they know it, they are rarely capable of creating a clear enough specification of what they want.

A programmer once explained Nietzsche like this:
A long time ago, god created the world, but forgot to leave a developer documentation, thus the whole world was like legacy code...
And humans are like the end user of this world, and some among them spent time studying it, using the Moral API, hoping to get a result of "http 200 ok" from our world for the peace of mind. But the true operation of this world is still yet unknown...
As time passes, humans begin to find that in Moral API, good and evil are two base classes, and all the other moral properties (like ethic, justice and stuff) are just other classes based on those two classes through multiple inheritance.
One day, when programmer Nietzsche was observing the world's runtime behavior, he came up with a question:
"Did god really use good and evil as base classes? Could it be that they are actually derived classes?"
Most of the world is currently in the favor of mankind, and god must've wrote individual user cases for it's end users, he thought.
This made Nietzsche thinking: if end users are considered into two cases: the strong and the weak, how would the world be designed base on its user story?
Let's think about the strong, they can bully the weak as they please, and there's nothing the weak can do to stop them. In this case whether the Moral API exists or not doesn't fulfill the need of the strong.
But when it comes to the weak, Nietzsche thinks that because the weak cannot fight the strong, they need to belittle bullying and praise the strong for being nice. When the weak does this, it covers their powerless state to some extent, making them look somehow equal to the strong by being capable of commenting.
God might have coded the Moral API to fit the weak's requirement, also adding some public methods for the weak to comment on the strong. If the strong takes care of the weak, they call him nice and good, if the strong bullies people, they call him bad and evil.
That's when Nietzsche realized, that good and evil are both derived classes from the weak, and the base class should be the strong and the weak.
Then he started a series of studies about the Moral API, and got some thesis that persuaded lots of other end users...

It's going to be Instagram, but better. I have lots of friends so it'll have lots of users.

Okay.... You have how many friends?

Root gets ignored.

I've been working on this monster ticket for a week and a half now (five days plus other tickets). It involves removing all foreign keys from mass assignment (create, update, save, ...), which breaks 1780 specs.

For those of you who don't know, this is part of how rails works. If you create a Page object, you specify the book_id of its parent Book so they're linked. (If you don't, they're orphans.) Example: `Page.create(text: params[:text], book_id: params[:book_id], ...)` or more simply: `Page.create(params)`

Obviously removing the ability to do this is problematic. The "solution" is to create the object without the book_id, save it, then set the book_id and save it again. Two roundtrips. bad.

I came up with a solution early last week that, while it doesn't resolve the security warnings, it does fix the actual security issue: whitelisting what params users are allowed to send, and validating them. (StrongParams + validation). I had a 1:1 with my boss today about this ticket, and I told him about that solution. He sort of hand-waved it away and said it wouldn't work because <lots of unrelated things>. huh.

He worked through a failed spec to see what the ticket was about, and eventually (20 minutes later) ran into the same issues Idid, and said "there's no way around this" (meaning what security wants won't actually help).

I remembered that Ruby has a `taint` state tracking, and realized I could use that to write a super elegant drop-in solution: some Rack middleware or a StrongParams monkeypatch to mark all foreign keys from user-input as tainted (so devs can validate and un-taint them), and also monkeypatch ACtiveRecord's create/save/update/etc. to raise an exception when seeing tainted data. I brought this up, and he searched for it. we discovered someone had already build this (not surprising), but also that Ruby2.7 deprecates the `taint` mechanism literally "because nobody uses it." joy. Boss also somehow thought I came up with it because I saw the other person's implementation, despite us searching for it because I brought it up? 🤨

Foregoing that, we looked up more possibilities, and he saw the whitelist+validation pattern quite a few more times, which he quickly dimissed as bad, and eventually decided that we "need to noodle on it for awhile" and come up with something else.

Shortly (seriously 3-5 minutes) after the call, he said that the StrongParams (whitelist) plus validation makes the most sense and is the approach we should use.

ffs.
I came up with that last week and he said no.
I brought it up multiple times during our call and he said it was bad or simply talked over me. He saw lots of examples in the wild and said it was bad. I came up with a better, more elegant solution, and he credited someone else. then he decided after the call that the StrongParams idea he came up with (?!) was better.

jfc i'm getting pissy again.

Story #1: So I took a month of parental leave. And was planning to extend it a little longer to deal with my final exams. I was planning to spend lots of quality time with my wife and newborn son. Little did I know... It turns out that out of 5 OoO weeks I was looking forward I actually had 3 at most. The rest I've spent working remotely as I was insisted to deploy a brand new and poorly tested feature to PROD 2 days before my paternity leave. So I spent 2 weeks debugging things in PROD. Remotely. Needless to say that did suck.

Story #2: After story #1 I've learnt my lesson. This summer I took 3 weeks annual leave to renovate my apartment. I asked to not to be disturbed unless there's an emergency. And an emergency it was. One of our app users had a planned hi-load batch job lasting for 2-3 months. Hundreds of thousands of items had to be created and processed. It turns out the _processing_ algo had some flaws and was acting out. I was called out and asked to assist. I knew this sort of debugging is going to take a lot of my time so this time I put my conditions on the table: I will assist but I'll extend my leave by 1.5 the time I spend working now. They took the deal. Instead of 3 weeks I had 5 weeks of vacation!

I don't care that much about my salary. I prefer to exchange it for my time off hence I didn't ask for compensations.

Bottom line: NEVER EVER underestimate or undersell your time and effort. You are a valuable asset and if the team/client needs you on your day off -- make it count. Your time off is YOUR time. Never forget it.

I hate that trend of making things more lax in terms of implementation quality while writing it off with a simple but stupid "oh computers are faster now, users have the RAM, yadda yadda". Yeah but back in a day things were actually running pretty damn fast in comparison while doing it on hardware that is totally potato in comparison to what's used now. This trend eats away ANY gains we get in terms of performance with upgrades. It deprecated the whole notion of netbooks (and I kinda liked them for casual stuff), since now every goddamn one-page blog costs you from several megabytes and up to tens of megabytes of JS alone and lots of unnecessary computations. Like dude, you've brought in a whole Angular to render some text and three buttons, and now your crappy blog is chewing on 500 MB of my RAM for whatever reason.

Also, Electron apps. Hate them. Whoever invented the concept, deserves their own warm spot in Hell. You're doing the same you would've done more efficiently in Qt or whatever there is. Qt actually takes care of a lot of stuff for you, so it doesn't look like you'll be slowed down by choosing it over Electron. Like yeah, web version will share some code with your desktop solution but you're the whole reason I'm considering your competitor's lack of Electron a huge advantage over you even if they lack in features.

Same can be said pretty much about everything that tries to be more than it should, really. IDEs, for example, are cancerous. You can do 90%+ of what you intended to do in IDE using plain Vim with *zero* plugins, and it will also result in less strain on your hands.

People have just unlearned the concept of conscious consumption, it seems.

Hi everyone, long time no see.

Today I want to tell you a story about Linux, and its acceptance on the desktop.

Long ago I found myself a girlfriend, a wonderful woman who is an engineer too but who couldn't be further from CS. For those in the know, she absolutely despises architects. She doesn't know the size units of computers, i.e. the multiples of the byte. Breaks cables on the regular, and so on. For all intents and purposes, she's a user. She has written some code for a college project before, but she is by no means a developer.

She has seen me using Linux quite passionately for the last year or so, and a few weeks ago she got so fed up with how Windows refused to work on both her computers (on one of them literally failing to run exe's, go figure), that she allowed me to reinstall both systems, with one of them being dualbooted Windows 10 + Linux.

The computer that runs Linux is not one she uses very often, but for gaming (The Sims) it's her platform to go. On it I installed Debian KDE, for the following reasons:
- It had to be stable as I didn't want another box to maintain.
- It had to be pretty OOTB, as first impressions are crucial.
- It had to be easy to use, given her skill level.
- It had to have a GUI abstraction to apt, the KDE team built Discover which looks gorgeous.

She had the following things to say about Linux, when she went to download The Sims from a torrent (I installed qBittorrent for her iirc).

"Linux is better, there's no need to download anything"
"Still figuring things out, but I'm liking it"
"I'm scared of using Windows again, it's so laggy"
"Linux works fine, I'm becoming a Linux user"

Which you can imagine, it filled me with pride. We've done it boys. We've built a superior system that even regular users can use, if the system is set up to be user-friendly.

There are a few gripes I still have, and pitfalls I want to address. There's still too many options, users can drown in the sheer amount of distro's to choose from. For us that's extremely important but they need to have a guide there. However, don't do remote administration for them! That's even worse than Microsoft's tracking! Whenever you install Linux on someone else's computer, don't be all about efficiency, they are coming from Windows and just want it to be easy to use. I use Mate myself, but it is not the thing I would recommend to others. In other words, put your own preferences aside in favor of objective usability. You're trying to sell people on a product, not to impose your own point of view. Dualboot with Windows is fine, gaming still sucks on Linux for the most part. Lots of people don't have their games on Steam. CAD software and such is still nonexistent (OpenSCAD is very interesting but don't tell me it's user-friendly). People are familiar with Windows. If you were to be swimming for the first time in the deep water, would you go without aids? I don't think so.

So, Linux can be shown and be actually usable by regular people. Just pitch it in the right way.

Useless feature I've built?

Too many to mention. Here's #25.

Modified an existing "Are you sure..?" dialog pop-up (Yes/No buttons) to Yes/No/Cancel. Why? Managers claimed users were "accidentally" clicking 'Yes' when they should have clicked 'No' and causing all kinds of chaos, costing the company money, etc. Managers believed giving the user two chances instead of one would make it easier to avoid the problems they caused.

The meeting:
Me: "Users can click 'No', hit the 'Esc' key, or click the close 'X' button on the window, how will an extra button make it more foolproof?"
Mgr1: "It just will. Andy accidentally deleted inventory and when I asked him if an extra button would have saved them a days worth of re-counts, he said yes."
Mgr2: "Barb accidentally credited a customer $1,500. She promised me she clicked 'No', but the system credited the account anyway. An extra button would have saved us thousands of dollars!"
Me: "Um...these sound like training issues, not an extra button issue."
MyMgr: "PaperTrail, how hard is it to add an extra button?"
Dev1: "Oh yea, adding buttons is easy."
Dev2: "I can do it 5 minutes"
Dev3: "We'll save the company thousands and thousands of dollars!"
<lots of head-knodding and smiles>
MyMgr: "That settles it. PaperTrail, add the extra button!"

Users still screwed things up, but at least they couldn't blame it on not having an extra button.

I was noticing some slow network and it was dropping some connections. So I booted up my old XP install with Java 6 so connect to the ASA 5505, I see it’s logging max connections of 10000 has been reached.

Fine, I recon it’s my colleague backing up his entire machine to Google Drive.
Because when he shut it off, n connections dropped.

I check back in the log, and I see there’s 4-500 connections happening per second, I think WTF and check the source IP. Lots of random IPs from Vietnam, all going to a Windows2008 Server using rdp.

(I didn’t setup our servers, so I didn’t know which server it was accessing)

Ask my other colleague, he told me it’s a windows server from an earlier project that’s not used anymore.
I rdp into it, see there’s users logged in from around the world, and I immediately do a shutdown.

Would you look at that, connections per second dropped to about 50.
I guess that server isn’t going back online ever.
And I now need to ask management for a budget to update our network infrastructure, because the old ASA 5505 is begging me to die.

TL;DR gg previous employees didn’t shut down old servers and left them open to the world to enjoy

Static HTML pages are better than "web apps".

Static HTML pages are more lightweight and destroy "web apps" in performance, and also have superior compatibility. I see pretty much no benefit in a "web app" over a static HTML page. "Web apps" appear like an overhyped trend that is empty inside.

During my web browsing experience, static HTML pages have consistently loaded faster and more reliably, since the browser is immediately served with content useful for consumption, whereas on JavaScript-based web "apps", the useful content comes in **last**, after the browser has worked its way through a pile of script.

For example, an average-sized Wikipedia article (30 KB wikitext) appears on screen in roughly two seconds, since MediaWiki uses static HTML. Everipedia, in comparison, is a ReactJS app. Guess how long that one needs. Upwards of three times as long!

Making a page JavaScript-based also makes it fragile. If an exception occurs in the JavaScript, the user might end up with a blank page or an endless splash screen, whereas static HTML-based pages still show useful content.

The legacy (2014-2020) HTML-based Twitter.com loaded a user profile in under four seconds. The new react-based web app not only takes twice as long, but sometimes fails to load at all, showing the error "Oops something went wrong! But don't fret – it's not your fault." to be displayed. This could not happen on a static HTML page.

The new JavaScript-based "polymer" YouTube front end that is default since August 2017 also loads slower. While the earlier HTML-based one was already playing the video, the new one has just reached its oh-so-fancy skeleton screen.

It would once have been unthinkable to have a website that does not work at all without JavaScript, but now, pretty much all popular social media sites are JavaScript-dependent. The last time one could view Twitter without JavaScript and tweet from devices with non-sophisticated browsers like Nintendo 3DS was December 2020, when they got rid of the lightweight "M2" mobile website.

Sometimes, web developers break a site in older browser versions by using a JavaScript feature that they do not support, or using a dependency (like Plyr.js) that breaks the site. Static HTML is immune against this failure.

Static HTML pages also let users maximize speed and battery life by deactivating JavaScript. This obviously will disable more sophisticated site features, but the core part, the text, is ready for consumption.

Not to mention, single-page sites and fancy animations can be implemented with JavaScript on top of static HTML, as GitHub.com and the 2018 Reddit redesign do, and Twitter's 2014-2020 desktop front end did.

From the beginning, JavaScript was intended as a tool to complement, not to replace HTML and CSS. It appears to me that the sole "benefit" of having a "web app" is that it appears slightly more "modern" and distinguished from classic web sites due to use of splash screens and lack of the browser's loading animation when navigating, while having oh-so-fancy loading animations and skeleton screens inside the website. Sorry, I prefer seeing content quickly over the app-like appearance of fancy loading screens.

Arguably, another supposed benefit of "web apps" is that there is no blank page when navigating between pages, but in pretty much all major browsers of the last five years, the last page observably remains on screen until the next navigated page is rendered sufficiently for viewing. This is also known as "paint holding".

On any site, whenever I am greeted with content, I feel pleased. Whenever I am greeted with a loading animation, splash screen, or skeleton screen, be it ever so fancy (e.g. fading in an out, moving gradient waves), I think "do they really believe they make me like their site more due to their fancy loading screens?! I am not here for the loading screens!".

To make a page dependent on JavaScript and sacrifice lots of performance for a slight visual benefit does not seem worthed it.

Quote:

> "Yeah, but I'm building a webapp, not a website" - I hear this a lot and it isn't an excuse. I challenge you to define the difference between a webapp and a website that isn't just a vague list of best practices that "apps" are for some reason allowed to disregard. Jeremy Keith makes this point brilliantly.
>
> For example, is Wikipedia an app? What about when I edit an article? What about when I search for an article?
>
> Whether you label your web page as a "site", "app", "microsite", whatever, it doesn't make it exempt from accessibility, performance, browser support and so on.
>
> If you need to excuse yourself from progressive enhancement, you need a better excuse.

– Jake Archibald, 2013

My most successful project was simple yet useful WAP service, which today could be called a „social network”. I’ve made it in 2001, when we had „boom” for GPRS in Poland and some operators offered almost unlimited access over it for some very little money. Main pillars of my WAP service were chatrooms and SMS gateways. In next few years I’ve got hundreds or even thousands of users. Lots of them met IRL, fell in love and maked families. We travelled across Poland and met with others - great young people, living in pre-FB era... That was really good time, which will, sadly, never return...

A real chef will rant about a freaking knife sharpness and weight and handle and all that shit. Because a real chef knows what he is holding.

Us? We are happy as long as the knives in our hands can cut some stuffs or stab some people.

// Disclaimer : I just left this comment on a rant where OP claimed many users (average users) have no issues with a particular OS while a bunch of self proclaimed developers have lots of trouble with that particular OS.

Lots of questions going on about devRant. Just want to make devRant better.

1. Please tell the update intervals of upvotes and downvotes. Is there a delay? Doesnt really matter but i see many times i got a upvote notif but my score didnt increased...

2. Duplicate image algo is so poor. I know it is only in beta, but i see so many reposts which has the same pic but only with the resolution different or the image with the devrant watermark.

3. Minor, tags should be also saved when exitting the post rant activity.

4. Feature request : go to top, bottom in rant

5. Please make web app accessible in mobile. I think you check the user agent for the web app, but can you make it available to mobile users who cant download the app?

6. When accessing the web app in mobile, i type devrant.io/feed
Then, by the wonderful intent you made, it opens the app automatically. I was writing a rant, but it was all deleted.

7. Any new podcasts and cartoons planned?

8. Still bug not fixed.
Write a comment in a long rant.
Delete the comment you just wrote.
You cant reply to the last person comment.

Thanks.

Saw this sent into a Discord chat today:

"Warning, look out for a Discord user by the name of "shaian" with the tag #2974. He is going around sending friend requests to random Discord users, and those who accept his friend requests will have their accounts DDoSed and their groups exposed with the members inside it becoming a victim as well. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Discord is currently working on it. SEND THIS TO ALL THE SERVERS YOU ARE IN. This is IMPORTANT: Do not accept a friend request from shaian#2974. He is a hacker.

Tell everyone on your friends list because if somebody on your list adds one of them, they'll be on your list too. They will figure out your personal computer's IP and address, so copy & paste this message where ever you can. He is going around sending friend requests to random discord users, and those who accept his requests will have their accounts and their IP Addresses revealed to him. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Saw this somewhere"

I was so angry I typed up an entire feature-length rant about it (just wanted to share my anger):

"1. Unless they have access to Discord data centres or third-party data centres storing Discord user information I doubt they can obtain the IP just by sending friend requests.

2. Judging by the wording, for example, 'copy & paste this message where ever you can' and 'Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him.' this is most likely BS, prob just someone pissed off at that user and is trying to ruin their reputation etc.. Sentences equivalent to 'spread the word' are literally everywhere in this wall of text.

3. So what if you block the user? You don't even have their user ID, they can change their username and discrim if they want. Also, are you assuming they won't create any alts?

4. Accounts DDoSed? Does the creator of this wall of text even understand what that means? Wouldn't it be more likely that 'shaian' will be DDoSing your computer rather than your Discord account? How would the account even be DDoSed? Does that mean DDoSing Discord's servers themselves?

5. If 'shaian' really had access to Discord's information, they wouldn't need to send friend requests in order to 'DDoS accounts'. Why whould they need to friend you? It doesn't make sense. If they already had access to Discord user IP addresses, they won't even have to interact with the users themselves. Although you could argue that they are trolling and want to get to know the victim first or smth, that would just be inefficient and pointless. If they were DDoSing lots of users it would be a waste of time and resources.

6. The phrase 'Saw this somewhere' at the end just makes it worse. There is absolutely no proof/evidence of any kind provided, let along witnesses.

How do you expect me to believe this copypasta BS scam? This is like that 'Discord will be shutting down' scam a while back.

Why do people even believe this? Do you just blindly follow what others are doing and without thinking, copy and paste random walls of text?

Spreading this false information is pointless and harmful. It only provides benefits to whoever started this whole thing, trying to bring down whoever 'shaian' is.

I don't think people who copy & paste this sort of stuff are ready to use the internet yet.

Would you really believe everything people on the internet tell you?

You would probably say 'no'.

Then why copy & paste this? Do you have a reason?

Or is it 'just because of 'spread the word''?

I'm just sick of seeing people reposting this sort of stuff

People who send this are probably like the people who click 'Yes' to allow an app to make changes in the User Account Control window without reading the information about the publisher's certificate, or the people who click 'Agree' without actually reading the terms and conditions."

Background story:
One of the projects I develop generates advice based on energy usage and a questionare with 300 questions.

Over 400 different variables determine what kind of advice is given. Lots of userinput and over a thousand textblocks that need to show or not.

Rant:
WTF do you want me to do when you tell me. It's not giving the right advice for the lights.

Why the for the love of.. do I need to ask you everytime. If something is not working. Tell me what and for wich user. Don't tell me calculation whatever is not working, I don't know that calculation. Your calculations are maintainable in your cms.

And how, like I really wonder, do you expect me, when not telling me what user is having this problemen to find and fix it, You just want me to random guess one of the thousands users that should be given that specific advice?

FCK, like 80% of my time solving problems is spend trying to figure out wtf your talking about.

And then what a miricale the function is doing exactly what is it doing but you forgot a variable. It's not like the code I write suddenly decides it does not feel like giving the right answer.

Canoncal.. buddy.. pal..

We need to talk about the content on the server image's login screen.

Now, I get that lots of developers will use the server image out of a desire to keep their environments minimal.. but at the same time, is the same server image that will be deployed on thousands of VMs all over the world really the place to be talking about "great IDEs available on Ubuntu" complete with smiley faces?

I'm dead serious I log in and there are fifty seven lines of crap on the screen. I don't need links to your docs or support pages, I definitely don't need cutesy links to "hey look at this cool stuff you can do on Ubuntu!", and I absolutely don't need advertisements for your paid services.

This is some of the tackiest stuff I've seen outside of Gitlab shilling for GKE in the paid enterprise version.

Stuff like this turns actual users off. Sysadmins, the ones who are going to be seeing this stuff since it's visible on SSH shells only do not care about your cutesy IDE advertising.

Grow up.

Types of users in devrant with high #++
Type 1. Who posts minimum rants, but each ones get most ++
Type 2. Who posts a lot of rants, but each ones gets low ++
Type 3. Who posts minimum rants, but give lots of comments even if each comment gets low ++
Tyoe 4. Who posts minimum rants, and minimum comments, but both gets high amount of ++
In which type would you classify yourself?
Or did I missed any other type...

Been working on a new project for the last couple of weeks. New client with a big name, probably lots of money for the company I work for, plus a nice bonus for myself.

But our technical referent....... Goddammit. PhD in computer science, and he probably. approved our project outline. 3 days in development, the basic features of the applications are there for him to see (yay. Agile.), and guess what? We need to change the user roles hierarchy we had agreed on. Oh, and that shouldn't be treated as extra development, it's obviously a bug! Also, these features he never talked about and never have been in the project? That's also a bug! That thing I couldn't start working on before yesterday because I was still waiting the specs from him? It should've been ready a week ago, it's a bug that it's not there! Also, he notes how he could've developes it within 40 minutes and offered to sens us the code to implement directly in our application, or he may even do so himself.... Ah, I forgot to say, he has no idea on what language we are developing the app. He said he didn't care many times so far.

But the best part? Yesterday he signales an outstanding bug: some data has been changed without anyone interacting. It was a bug! And it was costing them moneeeeey (on a dev server)! Ok, let's dig in, it may really be a bug this time, I did update the code and... Wait, what? Someone actually did update a new file? ...Oh my Anubis. HE did replace the file a few minutes before and tried to make it look like a bug! ..May as well double check. So, 15 minutes later I answer to his e-mail, saying that 4 files have been compromised by a user account with admin privileges (not mentioning I knee it was him)... And 3 minutes later he answered me. It was a message full of anger, saying (oh Lord) it was a bug! If a user can upload a new file, it's the application's fault for not blocking him (except, users ARE supposed to upload files, and admins have been requestes to be able to circumvent any kind of restriction)! Then he added how lucky I was, becausw "the issue resolved itself and the data was back, and we shouldn't waste any more yime.on thos". Let's check the logs again.... It'a true! HE UPLOADED THE ORIGINAL FILES BACK! He... He has no idea that logs do exist? A fucking PhD in computer science? He still believes no one knows it was him....... But... Why did he do that? It couldn't have been a mistake. Was he trying to troll me? Or... Or is he really that dense?

I was laughing my ass of there. But there's more! He actually phones my boss (who knew what had happened) to insult me! And to threaten not dwell on that issue anymore because "it's making them lose money". We were both speechless....

There's no way he's a PhD. Yet it's a legit piece of paper the one he has. Funny thing is, he actually manages to launch a couple of sort-of-nationally-popular webservices, and takes every opportunity to remember us how he built them from scratch and so he know what he's saying... But digging through google, you can easily find how he actually outsurced the development to Chinese companies while he "watched over their work" until he bought the code

Wait... Big ego, a decent amount of money... I'm starting to guess how he got his PhD. I also get why he's a "freelance consultant" and none of the place he worked for ever hired him again (couldn't even cover his own tracks)....

But I can't get his definition of "bug".
If it doesn't work as intended, it's a bug (ok)
If something he never communicated is not implemented, it's a bug (what.)
If development has been slowed because he failed to provide specs, it's a bug (uh?)
If he changes his own mind and wants to change a process, it's a bug it doesn't already work that way (ffs.)
If he doesn't understand or like something, it's a bug (i hopw he dies by sonic diarrhoea)

I'm just glad my boss isn't falling for him... If anything, we have enough info to accuse him of sabotage and delaying my work....

Ah, right. He also didn't get how to publish our application we needes access to the server he wantes us to deploy it on. Also, he doesn't understand why we have acces to the app's database and admin users created on the webapp don't. These are bugs (seriously his own words). Outstanding ones.

Just..... Ffs.

Also, sorry for the typos.

This started as an update to my cover story for my Linked In profile, but as I got into a groove writing it, it turned into something more, but I’m not really sure what exactly. It maybe gets a little preachy towards the end so I’m not sure if I want to use it on LI but I figure it might be appreciated here:

In my IT career of nearly 20 years, I have worked on a very wide range of projects. I have worked on everything from mobile apps (both Adroid and iOS) to eCommerce to document management to CMS. I have such a broad technical background that if I am unfamiliar with any technology, there is a very good chance I can pick it up and run with it in a very short timespan.

If you think of the value that team members add to the team as a whole in mathematical terms, you have adders and you have subtractors. I am neither. I am a multiplier. I enjoy coaching, leading and architecture, but I don’t ever want to get out of the code entirely.

For the last 9 years, I have functioned as a technical team lead on a variety of highly successful and highly productive teams. As far as team leads go, I tend to be a bit more hands on. Generally, I manage to actively develop code about 25% of the time to keep my skills sharp and have a clear understanding of my team’s codebase.

Beyond that I also like to review as much of the code coming into the codebase as practical. I do this for 3 reasons. I do this because as a team lead, I am ultimately the one responsible for the quality and stability of the codebase. This also allows me to keep a finger on the pulse of the team, so that I have a better idea of who is struggling and who is outperforming. Finally, I recognize that my way may not necessarily be the best way to do something and I am perfectly willing to admit the same. I have learned just as much if not more by reviewing the work of others than having someone else review my own.

It has been said that if you find a job you love, you’ll never work a day in your life. This describes my relationship with software development perfectly. I have known that I would be writing software in some capacity for a living since I wrote my first “hello world” program in BASIC in the third grade.

I don’t like the term programmer because it has a sense of impersonality to it. I tolerate the title Software Developer, because it’s the industry standard. Personally, I prefer Software Craftsman to any other current vernacular for those that sling code for a living.

All too often is our work compiled into binary form, both literally and figuratively. Our users take for granted the fact that an app “just works”, without thinking about the proper use of layers of abstraction and separation of concerns, Gang of Four design patterns or why an abstract class was used instead of an interface. Take a look at any mediocre app’s review distribution in the App Store. You will inevitably see an inverse bell curve. Lot’s of 4’s and 5’s and lots of (but hopefully not as many) 1’s and not much in the middle. This leads one to believe that even given the subjective nature of a 5 star scale, users still look at things in terms of either “this app works for me” or “this one doesn’t”. It’s all still 1’s and 0’s.

Even as a contributor to many open source projects myself, I’ll be the first to admit that have never sat down and cracked open the Spring Framework to truly appreciate the work that has been poured into it. Yet, when I’m in backend mode, I’m working with Spring nearly every single day.

The moniker Software Craftsman helps to convey the fact that I put my heart and soul into every line of code that I or a member of my team write. An API contract isn’t just well designed or not. Some are better designed than others. Some are better documented than others. Despite the fact that the end result of our work is literally just a bunch of 1’s and 0’s, computer science is not an exact science at all. Anyone who has ever taken 200 lines of Java code and reduced it to less than 50 lines of reactive Kotlin, anyone who has ever hit that Utopia of 100% unit test coverage in a class, or anyone who can actually read that 2-line Perl implementation of the RSA algorithm understands this simple truth. Software development is an art form. I am a Software Craftsman.

#wk171

~rant
I think we need to change way how websites deliver themselves to its users. This HTML CSS JS clusterfuck is just a huge PITA in the ass.

What is a website?
It's an application where users find, communicate or share information, can buy or sell their penis pumps and loads of shady stuff.
Why must a website (the delivered application) be split into multiple languages/scripts and lots of HTTP requests?
In my opinion, PWA is a start to make us look at websites more like apps as we are used to on the machine, but they don't solve the mess.
Per my experience, many people working on websites regularly confuse what's executed on the server and what is on the client. They send data to the client via XHR, for example full DB tables of private data, just to then filter it in their beloved Array.filter function.
You can tell those people again and again and this is why I start thinking that the Web, as we know it, needs a big change.

Started porting one application written in php to:
Golang(and some libraries to make certain sht simpler like GORM and Gorilla amongst a couple of others, most shit is STD shit already built in)

Java Spring(I know it well, but wanted to try this particular app in it, lots of boilerplate although the coded is solid AF)

.NET Core API, which I separated in a series of modules for the domain interface, the persistence logic, the actual api etc, I really dig it. It has a basic React frontend in Typescript whereas the other 2 versions are using the standard Go html/template package and the Twig interface for Spring.

My favorite thus far is Golang. I find it extremely easy to extend, the language reads good enough for a retard like myself to make sense of it fairly easy, really easy to test and experiment with it, any idea I get for something to add(say users and stuff) took me less than 30 mins to figure out while reading the actual documentation, as in the base documentation or just the source code.

I know the language is retard proof, and I am highly enjoying this. Not to say that the other two are bad, not at all, been using C# and Java for years now, but I highly appreciate being able to concentrate on functionality rather than all the fucking architectural boilerplate needed to run basic shit in the other two frameworks. Thus far Golang has been a breath of fresh air the likes Clojure gives me, while not even being a profound or mind blowing language in terms of features(since other than the interface{} and goroutines i can't think of shit) and have not reached a scenario in which I am stuck or dying to have generics one bit for the overall business logic.

The app is growing like crazy in terms of code since the original php application was huge to begin with, but dear me this shit is as simple as it can get without being too technical. Might move it to production once all usability tests pass and force the rest of the staff to learn it. I have one lead dev that damn near refuses to touch anything other than php, and a very eager to try shit out content administrator that comes from a Java and C# background.

all I want to say is how much I love go haha

I'm thinking about creating a central login system for all my websites, where you get redirected to and then login/sign up and then be redirect back. A bit like oAuth.

I have a few websites (and more in development) that use a login system, so that could be really useful to have... Especially because all of them are built from scratch and have their pros and cons. And security wise it's easier to concentrate on one system instead of all of them.

Another benefit is that you save some DB space, if you have lots of users!
And of course the users benefit from it as they'll be able to use all my websites with a single account.

What do you think about it?
I'll still need to do a bit of research on security but other than that, I only see benefits!

3d printer
I only assembled it from prusa parts but still it was lots of fun, learned a lot about how 3d printers work.

Then it was printing trex using 3d printer and it was funny to because it took me about a month to do so just because of amount of parts and the problem with parts that were broken and needed to be fixed.

From software projects, once I build a browser plugin in 2-3 hours cause I was pissed off with those shitty popups all around. I published it on browser store, made code opensource and forgot about it.

Recently I got some survey from a german university about it and I was like wtf ?
I looked at a statistics and my plugin had about 500 daily users and I was amused because the ui is shitty as fuck and the ux is even more shitty.

I plan to update this plugin but since I am focused on a bigger personal project for almost half a year now I have no time to do it.

I just started a new job last week. Old-school sysadmin role for a pretty old-school company, but the pay is nice and the kids've gotta eat.

They gave me a windows laptop. I haven't used windows for work or as a daily driver since 2016, and now, a week into trying to make this machine work for me, I have the following observations to report.

WSL is nice. It's nice to have it installed(though actually installing it was an adventure unto itself), and to set alacritty to open my default user prompt straight into that is very nice. As terminal emulators are by far my most used piece of software, that's nice to have.

Command-line software management through powershell, winget, and chocolatey are also very nice.

I like the accessibility offered by autohotkey, though there is something of a learning curve on it. Once I get better with it, I suspect that what follows will be largely mitigated.

The Bad:
In general, Windows is janky. It feels like it's all kinda taped together without any particular cohesion in mind. As a desktop, it feels decidedly amateur, compared to the feature-mountain polish of MacOS, and especially compared to the flexibility and infinite possibilities of Linux.

Lots of screen real estate is wasted, with window decorations, and fonts that look terrible at smaller sizes, because the antialiasing of fonts is just terrible. Almost all the features I depend on in other desktops: ad-hoc searches and launches(alfred, rofi) are-- again --janky. They work, but they typically require more typing than alfred or rofi. I admit I haven't spent weeks on this problem yet, but I haven't found a workable solution yet with wox, hain, and keypirinha. Quick searches like what you get with alfred, alfred workflows, and the swiss army knife that is rofi, just aren't possible or reliable with the tools I've used so far, and most require some kind of indexing agent to fully function.

It beggars imagination that a desktop in which users are subjected to "default apps" that is purported to be acceptable for enterprise, professional use, does not have a default entry for text editor. I installed nvim-qt, and I want to use it to edit anything and everything I ever edit with text, but all too often, apps have hard-coded instructions to open text files with notepad.

I want to open certain URLs with firefox, certain ones with firefox developer edition, and others with vivaldi, and yet there is not an app available that I have seen yet in my searches that allows me to set this kind of configuration. I found one that's supposed to, but it just ignores everything I put into its config, and just opens MS Edge for everything. Jank.

Simple things take too long. Like the delay between when I laboriously hit ctrl-alt-del to bring up the login and when the actual text field appears, and the delay between that and when I want to start using the computer.

Changing some settings requires a reboot. Updating some software requires a reboot. Updating permissions on something sometimes requires a reboot. And those are all on top of the frequent requests to reboot for updates.

I would have thought Windows would have overcome most of the issues that create these problems, but it's just, as I said, amateur.

Sure, you *could* set up identical VMs on your server and just have one config file for your java application. But why not just set up lots of users on the server, keep various configs in source control, and have a manual task to change the config you're pointing to when you build?

Idiots.

Please help me before I get mad,
First day with Linux Mint.
Objective: Make a 3Tb Hdd Read and Write, Right now I can use it only to Read.
Finally Installed Linux after some bumps (bad ISO).
I have 2 HDDs, the SSD with Linux and a 3Tb HDD
Right now the 3T has 4 partitions, one for windows, 3 for personal use with lots of personal stuff I can't lose.
I've been looking for videos, tutorials and the maximum I got was to had one partition mounted as a folder
<code>
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
# / was on /dev/sda1 during installation
UUID=f0a65631-ccec-4aec-bbf5-393f83e230db / ext4 errors=remount-ro 0 1
/swapfile none swap sw 0 0
UUID=F8F07052F07018D8 /mnt/3T_Rodrigo ntfs-3g rw,auto,users,uid=1000,gid=100,dmask=027,fmask=137,utf8 0 0
</code>

What am I missing?
PS.: Next: Make fingerprint work in Linux

So...I kinda started a huge project and it requires a pattern recognition for the users' schedules as the cherry on top.

I have no idea from where could I start learning this. I tried lots of stuff, I have basic knowledge of ai, but I need to get to the next level.

Any advice?

Why does #Devrant (idk if #'s are a thing here) not have a confirm password field?

Come on... I doubt it annoys users and it saves people a lot of hassle, especially when we are logging in on multiple devices :/ I know lots of people who type their password wrong the first time and later on they can't login and get frustrated and confused then end up resetting via email.

Also why no login with Google etc~ that's kinda annoying too...

It's 2023 and smartphone vendors' pre-installed file managers are slooooooowly beginning to catch up with the functionality that the third-party ES File Explorer already had in 2012.

Samsung's latest file manager "My Files" finally has a draggable scroll bar, background file transfer (one can browse files while a transfer is running), drag-to-select (which is still not nearly as fast as the instant A-to-B range selection of ES File Explorer which simulates shift+click selection on desktop), and even staying in the current directory after tapping on "Copy" or "Move" rather than going to the starting directory!

And finally, when copying or moving files to a MicroSD card or a USB-OTG device, files' date and time attributes are not discarded and reset to now, but the original date and time of the files are retained! ES File Explorer could do that with root access.

Dear Samsung, couldn't you have thought of these simple things a decade ago and saved your users lots of headaches?

Hughe amount of frustration here...when taking care of two students just at the end of their bachelor thesis plus doing a mayor system upgrade with lots of test users plus introducing a new management collaboration platform with trainings to the users...all in one month: you can't just do any of it the right way!!

Going on hour TEN of soft-launch weekend. Lots of problems with all the new procedures, and now a problem with a DNS entry that's taking forever to get resolved. Still have failover testing to do before users start their testing, and all of this means I've been awake for about 27 hours straight at this point.

And I've got this to look forward to again in a week since next weekend is go-live... presumably we will have learned a lot of lessons from this and it will be much quicker and smoother, but honestly, I'm a cynic, so I'm not gonna assume that'll be the case.

This kinda sucks, is the main thesis here.

Just found it somewhere but its funny!

A programmer is walking along a beach and finds a lamp. He rubs the lamp, and a genie appears. “I am the most powerful genie in the world. I can grant you any wish, but only one wish.”

The programmer pulls out a map, points to it and says, “I’d want peace in the Middle East.”

The genie responds, “Gee, I don’t know. Those people have been fighting for millennia. I can do just about anything, but this is likely beyond my limits.”

The programmer then says, “Well, I am a programmer, and my programs have lots of users. Please make all my users satisfied with my software and let them ask for sensible changes.”

At which point the genie responds, “Um, let me see that map again.”

Question:
First big app around the corner. The backend is a REST api in pure php.
I've heard of heroku and other alikes but never had any time to look at it. Would any service like this benefit me?

TMW you realise you're working for Oroboro, the mythical snake that eats its own tail.

A product manager and a designer arrive at the project, spend a month doing lots of research, tell the devs that what they've built "isn't suitable for users" and come up with solution that has the exact same features that were implemented before.

It's these individually tiny annoyances in products and software that together form a huge annoyance.

For example, it's 2022 and Chromium-based web browsers still interrupt an upload when hitting CTRL+S. This is why competition is important. If there was no Firefox, the only major web browsers would, without exception, have this annoyance, since they're all based on Chrmoium.

I remember Chromium for mobile formerly locking scrolling and zooming of the currently viewed page while the next page was loading. Thankfully, this annoyance was removed.

In 2016, the Samsung camera software was updated to show a "camera has been opened via quick launch" pop-up window when both front and rear sensors of the smartphone were covered while the camera was launched by pressing the home button twice, on the camera software Samsung bundled with their custom version of Android 6. What's more, if that pointless pop-up was closed by tapping the background instead of the tiny "OK" button or not responded to within five seconds, the camera software would exit itself. Needless to say, this defeats the purpose of a quick launch. It denies quick-launching while the phone is in the pocket, and the time necessary to get the phone out could cause moments to be missed.

Another bad camera behaviour Samsung introduced with the camera software bundled with their customized Android 6 was that if it was launched again shortly after exiting or switching to stand-by mode, it would also exit itself again within a few seconds. It could be that the camera app was initially designed around Android 5.0 in 2015 and then not properly adapted to Android 6.0, and some process management behaviour of Android 6.0 causes this behaviour. But whatever causes it, it is annoying and results in moments to not be captured.

Another such annoyance is that some home screen software for smartphones only allows access to its settings by holding a blank spot not occupied by a shortcut. However, if all home screen pages are full, one either needs to create a new page if allowed by the app, or temporarily remove a shortcut to be able to access the settings.

More examples are: Forced smartphone restart when replacing the SIM card, the minimum window size being far too large in some smartphones with multi-windowing functionality, accidental triggering of burst shot mode that can't be deactivated in the camera software, only showing the estimated number of remaining photos if less than 300 and thus a late warning, transition animations that are too slow, screenshots only being captured when holding a button combination for a second rather than immediately, the terminal emulator being inaccessible for the first three minutes after the smartphone has booted, and the sound from an online advertisement video causing pain from being much louder than the playing video.

Any of these annoyances might appear minor individually, but together, they form a major burden on everyday use. Therefore, developers should eliminate annoyances, no matter how minor they might seem.

The same also applies for missing features. The individual removal of a feature might not seem like a big of a deal, but removing dozens of small features accumulates to a significant lack of functionality, undermining the sense of being able to get work done with that product or software when that feature is unexpectedly needed. Examples for a products that pruned lots of functionality from its predecessor is the Samsung Galaxy S6, and newer laptops featuring very few USB ports. Web browsers have removed lots of features as well. Some features can be retrofitted with extensions, but they rely on a third-party developer maintaining compatibility. If many minor-seeming features are removed, users will repeatedly hit "sorry, this product/software can not do that anymore" moments.

Question about linux iptables. I am currently blocking all access and whitelisting only when my users launch my software. When software is launched a socket client is also launched, it connects to socket server, identifies itself with a password and disconnects. If given password by socket client is correct, then socket server whitelists the users IP by executing the following command: " iptables -I INPUT -s userIP -j ACCEPT".

My problem is that now I have lots of duplicates of IP's whitelisted and as far as I've heard I should not go over 25k iptable rules.

So my question is how to check if ip is already whitelisted, in order to avoid duplicate iptable rules for for same IP?

Obvious solution would be to store whitelist somewhere (mysql/txt) and double check before whitelisting ip, but maybe there is an easier way to do this?