Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "mining all day"
So I accidentally published my AWS keys to GitHub, stupid me. I realize this the next day.
$ git reset
$ git push
Reset keys in AWS
I was too late. Bot already stole the keys and started up 53 EC2 instances. Racked up $4000+ of compute time (probably Bitcoin mining, I'd assume)
4 weeks later, I finally have this shit disputed and settled.
Don't test with hardcoded keys. You WILL forget about them. Env vars always. That is all.30
all kinds of things:
2. Idiots working on WiFi firmware
3. Said idiots telling us that they found a compiler bug when a signed integer optimization screws their codes dependency on rollover. People like that shouldn’t be writing WiFi firmware.
5. Treating weapons of mass terror like machine learning like just a fun game to work on and then release open source
6. The fact that when assholes from all these companies like Facebook google and Amazon testify before Congress our political leaders are dumber than bricks when questioning them so they either a. Ask totally the wrong questions and people get off clean or b. When the witnesses do say something questionable is happening Congress doesn’t have the mental capacity to notice that something of concern was just said
7. despite the fact Linux has an easier to use UI than windows people bitch about how hard it is still
8. How defensive people are over their “own stuff.” “I like windows so if you say anything against it you’re insulting me” or “but I wrote this code you can’t refactor it that’s my mark!”
10. The fact that web assembly, though the superior technology, is going to become popular not because it’s fast but because it makes it harder to block ads and harder to read and analyze the code.
11. The fact that our obsession with web technologies has led to applications that are 10,000x less efficient than other alternatives, the carbon footprint of this is astonishing, and nobody cares. But they all want to save the environment. What?
12. The social disease of social media and how people have become addicted to a degree almost comparable to crack
13. People think being an influencer on Instagram is a real job.
14. People waste preposterous amounts of energy on crypto currency mining despite the fact that it doesn’t offer many real advantages over cold hard cash. It’s still trackable!!
15. Modern copyright law and how it’s been implemented in our web services that we use every day is insane; the music industry is a mafia and are using google as a club to beat us all down with. And google is fine with that.
16. All the music made today is fake and that’s done by leveraging all the “great” technology that (now defunct) digidesign avid and auto tune has brought to us
17. We design computers and software for the stupidest users that easily fall prey to all these things rather than the average person.
18. The Boeing 737 crashes are software related. That means some idiot fucked up and a bunch of people died. Need I say more?
The world will end some day and it will be because of software. You either accept that fact or live in denial.
The stupid stories of how I was able to break my schools network just to get better internet, as well as more ridiculous fun. XD
It was my freshman year in college. The internet sucked really, really, really badly! Too many people were clearly using it. I had to find another way to remedy this. Upon some further research through Google I found out that one can in fact turn their computer into a router. Now what’s interesting about this network is that it only works with computers by downloading the necessary software that this network provides for you. Some weird software that actually looks through your computer and makes sure it’s ok to be added to the network. Unfortunately, routers can’t download and install that software, thus no internet… but a PC that can be changed into a router itself is a different story. I found that I can download the software check the PC and then turn on my Router feature. Viola, personal fast internet connected directly into the wall. No more sharing a single shitty router!
This was about the year when bitcoin mining was becoming a thing, and everyone was in on it. My shitty computer couldn’t possibly pull off mining for bitcoins. I needed something faster. How I found out that I could use my schools servers was merely an accident.
I had been installing the software on every possible PC I owned, but alas all my PC’s were just not fast enough. I decided to try it on the RDS server. It worked; the command window was pumping out coins! What I came to find out was that the RDS server had 36 cores. This thing was a beast! And it made sense that it could actually pull off mining for bitcoins. A couple nights later I signed in remotely to the RDS server. I created a macro that would continuously move my mouse around in the Remote desktop screen to keep my session alive at all times, and then I’d start my bitcoin mining operation. The following morning I wake up and my session was gone. How sad I thought. I quickly try to remote back in to see what I had collected. “Error, could not connect”. Weird… this usually never happens, maybe I did the remoting wrong. I went to my schools website to do some research on my remoting problem. It was down. In fact, everything was down… I come to find out that I had accidentally shut down the schools network because of my mining operation. I wasn’t found out, but I haven’t done any mining since then.
As an engineering student I found out that all engineering students get access to the school’s VPN. Cool, it is technically used to get around some wonky issues with remoting into the RDS servers. What I come to find out, after messing around with it frequently, is that I can actually use the VPN against the screwed up security on the network. Remember, how I told you that a program has to be downloaded and then one can be accepted into the network? Well, I was able to bypass all of that, simply by using the school’s VPN against itself… How dense does one have to be to not have patched that one?
It was another programming day, and I needed access to my phones memory. Using some specially made apps I could easily connect to my phone from my computer and continue my work. But what I found out was that I could in fact travel around in the network. I discovered that I can, in fact, access my phone through the network from anywhere. What resulted was the discovery that the network scales the entirety of the school. I discovered that if I left my phone down in the engineering building and then went north to the biology building, I could still continue to access it. This seems like a very fatal flaw. My idea is to hook up a webcam to a robot and remotely controlling it from the RDS servers and having this little robot go to my classes for me.
What crazy shit have you done at your University?9
I've found and fixed any kind of "bad bug" I can think of over my career from allowing negative financial transfers to weird platform specific behaviour, here are a few of the more interesting ones that come to mind...
#1 - Most expensive lesson learned
Almost 10 years ago (while learning to code) I wrote a loyalty card system that ended up going national. Fast forward 2 years and by some miracle the system still worked and had services running on 500+ POS servers in large retail stores uploading thousands of transactions each second - due to this increased traffic to stay ahead of any trouble we decided to add a loadbalancer to our backend.
This was simply a matter of re-assigning the IP and would cause 10-15 minutes of downtime (for the first time ever), we made the switch and everything seemed perfect. Too perfect...
After 10 minutes every phone in the office started going beserk - calls where coming in about store servers irreparably crashing all over the country taking all the tills offline and forcing them to close doors midday. It was bad and we couldn't conceive how it could possibly be us or our software to blame.
Turns out we made the local service write any web service errors to a log file upon failure for debugging purposes before retrying - a perfectly sensible thing to do if I hadn't forgotten to check the size of or clear the log file. In about 15 minutes of downtime each stores error log proceeded to grow and consume every available byte of HD space before crashing windows.
#2 - Hardest to find
This was a true "Nessie" bug.. We had a single codebase powering a few hundred sites. Every now and then at some point the web server would spontaneously die and vommit a bunch of sql statements and sensitive data back to the user causing huge concern but I could never remotely replicate the behaviour - until 4 years later it happened to one of our support staff and I could pull out their network & session info.
Turns out years back when the server was first setup each domain was added as an individual "Site" on IIS but shared the same root directory and hence the same session path. It would have remained unnoticed if we had not grown but as our traffic increased ever so often 2 users of different sites would end up sharing a session id causing the server to promptly implode on itself.
#3 - Most elegant fix
Same bastard IIS server as #2. Codebase was the most unsecure unstable travesty I've ever worked with - sql injection vuns in EVERY URL, sql statements stored in COOKIES... this thing was irreparably fucked up but had to stay online until it could be replaced. Basically every other day it got hit by bots ended up sending bluepill spam or mining shitcoin and I would simply delete the instance and recreate it in a semi un-compromised state which was an acceptable solution for the business for uptime... until we we're DDOS'ed for 5 days straight.
My hands were tied and there was no way to mitigate it except for stopping individual sites as they came under attack and starting them after it subsided... (for some reason they seemed to be targeting by domain instead of ip). After 3 days of doing this manually I was given the go ahead to use any resources necessary to make it stop and especially since it was IIS6 I had no fucking clue where to start.
So I stuck to what I knew and deployed a $5 vm running an Nginx reverse proxy with heavy caching and rate limiting linked to a custom fail2ban plugin in in front of the insecure server. The attacks died instantly, the server sped up 10x and was never compromised by bots again (presumably since they got back a linux user agent). To this day I marvel at this miracle $5 fix.1
I write a thesis about some data mining project.
I need to process 15 million tracking points - today I finally finished coding my algorithm. I was pretty excited and pressed run:
Now, after 2,5 hours of processing, my program got already through a third of all tracking points, as I realized:
I gave my algorithm a non-valid output path.
And that thouht stuck me, as I was already on my way home.
Now I have to go tomorrow (on my day off) to work, to fix and run it again.14
Wohoooo. Electroneum mobile miner got an update and they changed the way it worked now every miner is mining 30h/s. That's hashrate of my desktop (wtffffff). Best thing is that I have few old phones and since all of them will mine 30h/s I will make 10ETN per half a day.
I fucking love electroneum. OK let's get all the old phones mining.12
Not really the place for this, I know. But I am a crypto coin guy. And I work with numerous coins. I was curious if anyone new of an app the could monitor all of your cryto-coin addresses and give you something of a portfolio value. I am capable of doing so manually but the prices flux a decent amount so it changes from day to day.6