How I've decided to answer the "can you hack" question from here on in...

"Can you show me how to hack this account please?"

"Sure, you'll need a hammer, a blow torch, chloroform, some pliers and couple of bottles of really pure vodka!"

"What the hell?!"

"Oh, it's so much quicker to just extract a password from a person, than it is to break into a system, I'm not exactly trained in inflicting pain on the human body, but I'm sure you'll be able to figure it out through trial and error, good luck!"

I fucking love people like this.

Yesterday I met a 'friend' who I hadn't seen in a very long time. Just a guy I used to know tbh but let's call him Friend anyway. After a while in the conversation this happened...

*Friend doesn't know I have a degree in CS*

Friend: "WHAT?? YOU LIKE PROGRAMMING? NO WAY! ME TOO!"

Me: "THAT'S AWESOME! You've been programming for long?"

Friend: "A little over a year now. I know almost all languages now. C++, C#, Python, Java and HTML. Still a couple left to go. Once you're on the level I achieved programming becomes really, really easy. How long have you been programming?"

Me: "Almost a decade now"

Friend: "Damn dude you must know all languages by now I suppose?"

Me: "I've been mainly doing C++ so not really haha"

Friend: "I can always help when you're struggling with one language. C++ is pretty easy tbh. You should learn others too btw. HTML for example is pretty important because you can program websites with it"

Me: "Yeah... Thanks... So... What project are you working on right now?"

Friend: "I'm making a register page for my very own forum. The only problem I have is that PHP won't save the login details"

Me: "Hahaha I know the feeling. MySQL?"

Friend: "What?"

Me: "What do you use to save your data"

Friend: "Just a txt file. It's easier that way."

Me: "Hahaha true. Who needs safety right? *smiles*"

Friend: "Actually it's 100% safe because only I can see the txt file so other people can not hack other users."

Me: "Yes! That's great! Cya!"

Friend: "I'm working on a mmorpg too btw! I can learn you to make games if you want. Just call me. Here's my number"

Me: "Alright... Thanks... Bye!"

*Arrives at home*

*Deletes number*

I do not make this up.

I can understand that someone who isn't in the CS industry doesn't take it too seriously and gets hyped when their "Hello World" program works.
I'm fine with that.

The thing that really triggers me is big headed ass holes like this. Like how much more like a absolute dickhead could you possibly more act? Fucking hate people like that.

Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜

Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.

First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.

Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.

Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.

Dealing with attacks and getting hacked.

Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.

linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)

How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!

One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)

Dealing with different kinds of attacks:

Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.

So yah, hereby :P

Boss: I need to know how much resources a server would need to serve 20000 users at the same time

Me: Sure, can I see the webapp?

B: There's not one yet

M: Ok, can I see its documentation then?

B: There is none

M: But ot depends on the programming language, libraries used, what kin-

B: It's an e-commerce. Try browsing Amazon and see how much they nees to handle the page requests.

Me: *still processing* wh-

Boss: I have to give an estimate to a client within 30 minutes. Hurry.

So.... Uh... I guess i have to hack Amazon now?

For the Dutch people on here, the new surveillance law in short:

- dragnet surveillance, data retention of normal data is a maximum of 3 years, encrypted data up to 6 years.

- secret DNA database, data retention up to 30(!!) years.

- use of 0days without having to report them to the vendors.

- third parties may be hacked to get to main targets; if my neighbor is suspected they may legally hack me in order to get to him/her.
Cleaning up (removing backdoors etc) afterwards is not required.

- sharing unfiltered (raw) data gathered through dragnet surveillance with foreign intelligence agencies is permitted, even if it's to a country which doesn't have as much 'democracy' as this country does.

Decide for yourself if you're voting (at all) against or in favor of this law, I'm voting against :)

We do need a new/reformed law, this one is just too intrusive imo.

So, as everyone knows on here by now (or, a lot of ranters), I am a fervid privacy person.

Appearantly a new surveillance law in my country is about to extend mass surveillance/hacking a lot. So here a rundown of what they are about to be allowed to do (stuff that is not okay imo and this is the reason I am so pro-privacy):

- Mass Data Gathering: The intelligence agency over here (lets call it IA from now) can pretty much record everything send through the country.

- Extra Protection: If they want to conduct surveillance on journalists/lawyers, they have to go through extra channels first at least.

- Data/survaillance sharing: The IA is allowed to share their raw/filtered data with foreign intelligence agencies without limits. Also, they're allowed to conduct surveillance based on foreign requests.

- Secret DNA database: A secret DNA database will be created which can store the DNA profiles of any person who has commited any kind of crime. These profiles are allowed to be stored for a maximum of 30 years. This database is allowed to be shared with any foreign intelligence agency.

- Hacking: Unlimited power to hack any device deemed neccesary to hack in relation to crime. From computers to smartphones and so on. Also, it's allowed to use zero-days without reporting them to the vendor (we have seen what can go wrong with that through the ShadowBrokers scandal).

- Automatic Database Collection: They are allowed to directly tap into any database they see required (banks, healthcare, messaging services and so on). Practically this can lead to backdoors being build in because if you don't cooperate, you can go to prison. (mother of god I am not using anything closed source anymore if possible).

So yeah, this is pretty much the reason why I am so privacy consious. This country is fucked.

This isn't really a hacking story but it does remind me of something I did as "revenge."

In middle school, this one fool kept bullying me. Always tried to harm me, always tried to insult me, always tried to make me fall during PE.

I hated him a lot, so instead of trying to kill him as planned, I did a harmless little keylogger prank thing.

I installed a keylogger on the school's laptop before class. (I did it during break, and when class started, I placed it on his desk.)

He took the bait, and instead of doing work, he logged onto his social media accounts. Now I had his passwords and everything.

When I went home, I logged onto his social media. I checked his messages so I can get some dirt on him, didn't find much except for the fact he snuck out a few times, and smoked before.

I changed his profile picture to some cringy anime thing and messaged one of his friends (the one who always copied my test answers in History and would steal my homework) and I said, "tell --- that if he doesn't stop being an asshole, I'll do worse than "hack" his social media."

It freaked them both out a bit, but didn't change their behavior, which is a shame because my threat was empty. It's not like I was able to do anything more than that in middle school. To this day, they still have no idea who did that.

This was about 4 years ago.

So I had my exams recently and I thought I'd post some of the most hacky shit I've done there over here. One thing to keep in mind, I'm a backender so I always have to hack my way around frontend!

- Had a user level authentication library which fucked up for some reason so I literally made an array with all pages and user levels allowed so I pretty much had a hardcoded user level authentication feature/function. Hey, it worked!

- CSS. Gave every page a hight of 110 percent because that made sure that you couldn't see part of the white background under the 'background' picture. Used !important about everywhere but it worked :P.

- Completey forgot (stress, time pressure etc) to make the user ID's auto incremented. 'Fixed' that by randomly generating a user id and really hoping during every registration that that user ID did not exist in the database already. Was dirty as fuck but hey it worked!

- My 'client' insisted on using Windows server.Although I wouldn't even mind using it for once, I'd never worked with it before so that would have been fucked for me. Next to that fact, you could hear swearing from about everyone who had to use Windows server in that room, even the die hard windows users rather had linux servers. So, I just told a lot of stuff about security, stability etc and actually making half of all that shit up and my client was like 'good idea, let's go for linux server then!'. Saved myself there big time.

- CHMOD'd everything 777. It just worked that way and I was in too much time pressure to spend time on that!

- Had to use VMWare instead of VirtulBox which always fucks up for me and this time it did again. Windows 10 enjoyed corrupting the virtual network adapters after every reboot of my host so I had to re-create the whole adapter about 20 times again (and removing it again) in order to get it to work. Even the administrator had no fucking clue why that was happening.

- Used project_1.0.zip etc for version control :P.

Yup, fun times!

"Hey nephew, why doesn't the FB app work. It shows blank white boxes?"
- It can't connect or something? (I stopped using the FB app since 2013.)

"What is this safe mode that appeared on my phone?!"
- I don't know. I don't hack my smartphone that much. Well, I actually do have a customised ROM. But stop! I'm pecking my keyboard most of the time.

"Which of my files should I delete?"
- Am I supposed to know?

"Where did my Microsoft Word Doc1.docx go?"
- It lets you choose the location before you hit save.

"What is 1MB?"
- Search these concepts on Google. (some of us did not have access to the Internet when we learned to do basic computer operations as curious kids.)

"What should I search?"
- ...

"My computer doesn't work.. My phone has a virus. Do you think this PC they are selling me has a good spec? Is this Video Card and RAM good?"
- I'm a programmer. I write code. I think algorithmically and solve programming problems efficiently. I analyse concepts such as abstraction, algorithms, data structures, encapsulation, resource management, security, software engineering, and web development. No, I will not fix your PC.

I befriended a much-older dev who's notoriously known for cursing in source code comments.

His best comment was F.I.S.H., which is his cursing acronym for "fucking incredible shitty hack"

Much-security.nl is down.

No, no hack or whatsoever. I just reinstalled the wrong server through my control panel.

The new blog version will hopefully be up tonight. 'you keep promising that' - I don't have a backup of the old version and I only just started using git so I can only upload the new version (or git pull). Next to that, except for the front-end, everything works now.

😐

At my first job, I got tired of having to type a user name and password every time I debugged the web application. Thinking I was clever, I put in a hack so that if you launched the application with the query string "?user=Administrator" it would log you in as the administrator. So much typing saved!

A couple days after the next release, I realized it shipped like that. In absolute horror, I walked into my boss' office, closed the door, and told him the tale of my mistake.

He just looked back at me, and after a moment or two said, "Loose lips sink ships."

And that was it.

Fuck code.org. Fuck code. Not code code, but "code" (the word "code"). I hate it. At least for teaching. Devs can use it as much as they want, they know what it means and know you can't hack facebook with 10 seconds of furiously typing "code" into a terminal. What the fuck are you thinking when you want me to hack facebook? No, when I program, it's not opening terminal, changing to green text and typing "hack <insert website name here, if none is given, this will result to facebook.com>" Can you just shut the fuck up about how you think that because you can change the font in google fucking docs you have the right to tell me what code can and can't do? No, fuck you. Now to my main point, fuck "code" (the string). It's an overused word, and it's nothing but a buzzword (to non devs, you guys know what you're talking about. how many times have you seen someone think they are a genius when they here the word "code"?) People who don't know shit don't call themselves programmers or devs, they call themselves coders. Why? It fucking sounds cool, and I won't deny that, but the way it's talked about in movies, by people, (fucking) code.org, etc, just makes people too much of a bitch for me to handle. I want everyone reading this rant who has friends who respect the fact that YOU know code (I truly believe everyone on devRant does), how it works, and it's/your limitations, AND that it takes hard work and effort, to thank god right now. If you're stuck with some people like me, I feel you. Never say "code" near them again. Say "program." I really hate people who think they know what an HTML tag is and go around calling themselves coders. Now onto my main point, code.org. FUCK IT. CAN YOU STOP RUINING MY FUCKING AP CS CLASS. NO CODE.ORG, I DON'T NEED TO WATCH YOUR TEN GODDAMN VIDEOS ON HOW TECHNOLOGY IS IMPORTANT, <sarcasm>I'VE BEEN LIVING UNDER A ROCK FOR THIRTY YEARS</sarcasm>. DO I REALLY NEED ANOTHER COPY OF SCRATCH? WAIT, NO, SCRATCH WAS BETTER. YOU HAD FUCKING MICROSOFT, GOOGLE, AND OTHER TECHNOLOGICAL GIANTS AND YOU FUCKED UP SO BAD YOU MADE IT WORSE THAT SCRATCH. JUST LETMECODE (yes I said that) AND STOP TALKING ABOUT HOW SOME IRRELEVANT ROBOT ARM DEVELOPED BY MIT IS USING AI AND MACHINE LEARNING TO MAKE SOME ROBOT EVOLVE?! IF YOU SPEND ONE MORE SECOND SAYING "INNOVATION" I'LL SHOVE THAT PRINT STATEMENT YOU HAVE A SYNTAX ERROR UP YOUR ASS. DON'T GET ME FUCKING STARTED ON HOW ITS IMPOSSIBLE TO DO ANYTHING FOR YOURSELF WHEN YOUR GETTING ALL THE ANSWERS WITHOUT DOING ANY WORK AND THE FACT THAT JAVASCRIPT IS YOUR FUCKING LANGUAGE. <sarcasm>GREAT IDEA, LETS GET THESE NEW PROGRAMMERS INTO A PROFESSIONAL ENVOIRMENT BY ADDING A DRAG AND DROP CODE (obviously we can say it) EDITOR</sarcasm> MAYBE IF YOU GOT THIS SHIT UP YOUR ASS AND TO YOUR BRAIN YOU'D ACTUALLY GET TO PRPGRAMMING IN YOUR ADVANCED AP COURSE. ITS CALLED FUCKING CODE.ORG FOR A REASON

Hesitated for a while before posting this, as I don't like to whine in public but this should be therapeutical

Beware, it's a #longread

Years ago, I thought about how cool it'd be to have conversation-based interactive fiction on my phone. I remember showing early prototypes to my ex in 2012. It took me over 2 years to build up the courage to make it my priority and to take time off. FictionBurgers.com was born.

A few weeks in, a friend of mine forwarded me a link to Lifeline. I was devastated. I literally spent 2 days cursing my past self for not making a move sooner.

I soldiered on, worked 7 months straight on it. Now the tech is 90-95% finished, content is maybe 60% finished and I just... gave up. Every other week now, similar projects are popping up. I'm under-staffed and under-financed compared to them. Beyond the entertainment space, "conversation-based" is hot stuff in 2016, and I still can't seem to know what to do with what I have.

I feel like I had this fantastic opportunity and squandered it, which makes me miserable.

Anyway, just so you get some cheese with my whine, here are a few lessons I learned the hard way:

Lesson #1 : Don't go it alone. I thought I could hack it, and for over 7 months, I did. But sooner or later, shit gets to you, it's just human. That's when you need someone; just so that their highs compensate your lows and vice versa. Most of the actual writing was done by a freelancer (and he did AMAZING WORK, especially considering that I couldn't pay him much) but it's not the same as a partner, who's invested same as you.

Lesson #1.5 : Complementary skills. Just like my fiction project failed because I was missing a writer partner, my fallback plan of getting into conversational tech hit the skids for lack of a bizdev partner. It's great to stick among devs when ranting, but you need to mingle with a variety of people. Some of them are actually ok, y'know :)

Lesson #2 : Lean Startup, MVP. Google those terms if you're not familiar with them. My mistake here (after MVPing the shit out of the tech) was to let my content goal run amok : what made my app superior to the competition (or so I reasoned) was that it would allow for conversations with multiple characters! So I started plotting a story... with 9 characters. Not 2 or 3. NINE FREAKING CHARACTERS! Branching conversations with 9 characters is the stuff of nightmare -- and is the main reason I gave up.

Lesson #3 : Know your reasons. I wasted some much time early on, zig-zaging between objectives:
"I'm just indulging myself"
"No, I really want it to be a project that pays off"
"Nah, it's just a learning opportunity"
"Damn, why is it bothering me so much that someone else is doing the same thing ?"
"Doesn't matter, I just mine finished"
"What a waste of time !!"
etc etc
And it's still a problem now that I'm trying to figure out what to do!

So anyway, that's my story, thanks for readin'
Check out chatty.im/player/sugar-wars if you want to test the most advance version.

Also, I've also tagged this #startupfail, if any of you fine people want to share the lessons you've dearly paid to learn!

The concept of, "hacking" at my school is so disgustingly bloated, as it probably is everywhere else. Some kid the other day said that he had hacked cookie clicker. Friggin cookie clicker. After opening inspect element and changing some local data to get infinite cookies. And he was hacking.

I swear, if I EVER told any of these idiots about some hacking project I did with an Arduino, they would start asking me how much money I made off with in the heist.

There is one kid in particular that annoys me, his name is Matthew, and he is the most pompous little piece of crap you have ever met. Every time they talk about him, they use the word, "hack" casually in conversation. "Wow dude he's gonna HACK you now", and it really boils my gears. I mean, come on, our school password is a birthday and initials, if he got into your account, he certainly didn't do it by hacking anyone. It has gotten to the point that I can't even hear the word without wanting to lash out at them and tell them how stupid they are. Maybe I can just send them a link to this rant.

I've lost my gf (she said she wouldn't want to be with a programmer, I said 'sure, bye') and found a much better and more fun career path than I had before.

Otherwise my life stayed pretty much intact, except for the fckn compile time errors and occasional 'fix my electronic device' or 'hack this social media account for me' requests. In retrospect it was more than worth it, would switch to be a professional developer anytime again.

So probably about a decade ago at this point I was working for free for a friend's start-up hosting company. He had rented out a high-end server in some data center and sold out virtualized chunks to clients.

This is back when you had only a few options for running virtual servers, but the market was taking off like a bat out of hell. In our case, we used User-Mode Linux (UML).

UML is essentially a kernel hack that lets you run the kernel in user space. That alone helps keep things separate or jailed. I'm pretty sure some of you can shed more light on it, but that's as I understood it at the time and I wasn't too shabby at hacking the kernel when we'd have driver issues.

Anyway, one of the ways my friend would on-board someone was to generate a new disk image file, mount it, and then chroot to that mount path. He'd basically use a stock image to do this and then wipe it out before putting it live.

I'm not sure exactly what he was doing at the time, but I got a panicked message on New Years Day saying that he had deleted everything. By everything, he had done an rm -fr /home as root on what he had thought was the root of a drive image.

It wasn't an image. It was the host server.

In the stoke of a single command, all user data was lost. We were pretty much screwed, but I have a knack for not giving up - so I spent a ton of time investigating linux file recovery.

Fun fact about UML - since the kernel runs in user space as a regular ol' process, anything it opens is attached to that process. I had noticed that while the files were "gone", I could still see disk usage. I ended up finding the images attached to their file pointers associated with each running kernel - and thankfully all customers were running at the time.

The next part was crazy, and I still think is crazy. I don't remember the command, but I had to essentially copy the image from the referenced path into a new image file, then shutdown the kernel and power it back on from the new image. We had configs all set aside, so that was easy. When it finally worked I was floored.

Rinse and repeat, I managed to drag every last missing bit out of /proc - with the only side effect being that all MySQL databases needed to be cleaned up.

Coworker: hey can you do this?

Me: sure *couple hours later* it's done.

Coworker several hours later: that thing you did completely changed. Can you update it?

*checks the platform we use so non devs can create web pages* All of my code was erased and I have to restart and add even more functionality. Why the actual fuck would you hire web developers if you're just going to have other employees use a poorly built tool to build pages. Every fucking time something breaks in the shitty fucking app, I have to fix it. Or if it doesn't do some crazy functionality, I have to hack code in there to do it in the ugliest way. Fuck tools like this. Fuck companies who make money off of these tools/use these tools. And fuck the developers who make these shitty tools that give real web developers so much frustration.

Watch out for these fucking bug bounty idiots.

Some time back I got an email from one shortly after making a website live. Didn't find anything major and just ran a simple tool that can suggest security improvements simply loading the landing page for the site.

Might be useful for some people but not so much for me.

It's the same kind of security tool you can search for, run it and it mostly just checks things like HTTP headers. A harmless surface test. Was nice, polite and didn't demand anything but linked to their profile where you can give them some rep on a system that gamifies security bug hunting.

It's rendering services without being asked like when someone washes your windscreen while stopped at traffic but no demands and no real harm done. Spammed.

I had another one recently though that was a total disgrace.

"I'm a web security Analyst. My Job is to do penetration testing in websites to make them secure."
"While testing your site I found some critical vulnerabilities (bugs) in your site which need to be mitigated."
"If you have a bug bounty program, kindly let me know where I should report those issues."
"Waiting for response."

It immediately stands out that this person is asking for pay before disclosing vulnerabilities but this ends up being stupid on so many other levels.

The second thing that stands out is that he says he's doing a penetration test. This is illegal in most major countries. Even attempting to penetrate a system without consent is illegal.

In many cases if it's trivial or safe no harm no foul but in this case I take a look at what he's sending and he's really trying to hack the site. Sending all kinds of junk data and sending things to try to inject that if they did get through could cause damage or provide sensitive data such as trying SQL injects to get user data.

It doesn't matter the intent it's breaking criminal law and when there's the potential for damages that's serious.

It cannot be understated how unprofessional this is. Irrespective of intent, being a self proclaimed "whitehat" or "ethical hacker" if they test this on a site and some of the commands they sent my way had worked then that would have been a data breach.

These weren't commands to see if something was possible, they were commands to extract data. If some random person from Pakistan extracts sensitive data then that's a breach that has to be reported and disclosed to users with the potential for fines and other consequences.

The sad thing is looking at the logs he's doing it all manually. Copying and pasting extremely specific snippets into all the input boxes of hacked with nothing to do with the stack in use. He can't get that many hits that way.

"can you hack wifi" ... hearing this too much

I live in a developing country where not a lot of people know much about security, programming and such. The moment I make a post about coding or something on social media, relatives/friends/strangers come and ask me to hack a Facebook profile or request a free download link to PUBG. And when I say that I can't, or that it's not really possible, they fuss and blame me for it. God damn people.

Really fed up with my colleague and possibly my job. Am starting to doubt am cut out to be a developer

Am a junior java dev , been working working for this company for about 2 years now. Although they hired me to be a java dev, they pretty much exclusively had me working on JavaScript crap because none of the other more senior devs wanted to do even so much as poke JS with a long stick....

Oh and the salary was crap but i figured since i had barely 3 years of exp i thought i would stick with it for a while

But a few months ago after seeing other opportunities I got fed up and threatened to quit , already started interviewing etc
Got an offer, not exactly what i wanted but better than where i was. Went to quit but they freaked out and started throwing money at me. They matched and exceed the other salary and promised to addressed the issues that made me want to leave. Ie get me to work more on the java side of the project and have me work with someone more senior who could sort of mentor me, i had been working semi solo on the js shit till then...

The problem is that my supposed mentor is selfish prick... he is the sort of guy who comes in real early, basically he goes to early morning prayer then come in at some ungodly hour and fuckoff home around 3pm

He does all his work early morning then spends the rest of the day with his headphones on stealthily watching youtube, amazon, watching cricket, reading about Palestine , how oppressed muslims are or building a website for some mosque.

I asked him to let me sit with him so that I could just learn how this or that part of the sys worked , he agreed then the very next day comes in and does all the work before i get in at 9 , i asked him how he did it and he tells me oh just read the code.

Its not as simple as that, out codebase is an old pile of non standard legacy dog shit. Nothing works as it should, i tried to go through documentation online for the various stuff we use , but invariably get stuck when i try the usual approach because it turns out the original devs had essentially done a lot of custom hacks and cowboy coding to get stuff working, they screwed around with some of the framework jars & edited libraries to get stuff to work, resulting in some really weird OSGI errors.

My point is that i cant really just "read the code" or google ...
I gotta know a bit more what was actually modified and a lot of this knowledge isn't fucking documented, theres a lot of " ohhh that weird bug yeah yeah that happens cuz x did this hack some years ago to fix this issue and we kinda built on it, yeah we weren't supposed to do that but heyyy what u gonna do, just do this or that instead"

I was asked to set up a web service to export something, since thats his area of expertise and he is suppose to be teaching me the ropes, i asked him to explain where i should start and what would the general workflow be, his response is to tell me to just copy the IMPORT service and rename it to export then "just do it um change it or something" very helpful indeed (building enterprise application here nothing complex at all!!)

He sits right next to me so i can see how much works he actually does, i know when he just idly sitting there so thats when i ask him questions, he always has his earphones on so each time i gotta find a way to get his attention with a poke or a wave, he will give a heavy sigh and a weary look as he removes his headphones, listen to my question then give me the shortest answer possible before IMMEDIATELY turning away and putting his headphones on as fast as possible regardless of whether I actually understood or even heard what he said. If i ask another question ( am talking like an immediate follow up question for a clarification or something) he will
Do the whole sigh + tired look routing to make me know yeah you are disturbing me. ( god was so happy the day he accidentally sat on and broke them)

Yesterday i caught a glance at his screen as i was sitting down and i think he and another dev were talking about me
That am slow with my work and take forever to get into gear.

Starting to have doubts about my own ability n wether am really cut out to be a developer. I know i can work hard but its impossible to do so when you have no clue where to start and unable to look it up since all the custom hacks doesn't really allow any frame of reference.
Feels like am being handicapped and mocked, yesterday i just picked up my gear n left the office.

I never talk ill about my colleagues, whenever i have a 121 with my mgr i always all is fine, x n y are really helpful etc
I tried to indirectly tell my other colleague about this guy, he told me that guy had kinda mentally checked out of this job and was just going through on auto pilot and just laughed it off (they have been working together for almost a decade and a buddies) my other colleague is pretty nice but he usually swamped with work so i feel bad to trouble him.

Am really Fed up with it all

!rant

I get asked about being able to hack stuff, like cracking wifi passwords. Mostly I just go along with them and make up some stuff about how you _could_ do it. And explain how it is done, throw in some "yeah its tough"s and words they wont understand. Yeah with a dictionary attack and a powerful CPU with many threads you can definitely do it! You should try it! I say. Convincing them they can. Ofcourse, download kain and abel and look for something like aircrackng on google.

They won't amount to much and probably won't even try it, but I have a laugh. Seeing the hope of hacking and cracking fade away as a child's ice cream melting on a hot summer day.

Hehe

Worst hack/attack?

Probably developing a complex food ordering website and client just stole the website and didn’t pay as it turns out our PM didn’t let the client sign a contract. Can’t sue as we have no legal binding documents.

We did managed to get access to the database and decided to change our passwords manually, but like I don’t get paid much for this

Annoys me so much how obviously lazy my department has been with one of its products. We have an iPad app that does document management and eForms and stuff. Its not perfect but not the worst. Then they decide they need to build an app to handle a specific kind of eForm. They just went "well this app already does eForms so lets just adapt it".
Worst. Decision. Ever.
the app is simply a branch off the original app. despite being a completely different product which isnt even concerned with the same business objects. it has been hacked until it does what it needs to. And i have to somehow maintain this trainwreck.
As a result we have a branch in our main Git repo that contains a completely different product, which is basically an iOS wrapper for an HTML eForm with ~5000 lines of jQuery to further hack on the functionality that the eForm provides.
And they wonder why iOS developers have been leaving and some keep threatening to leave. Even the Delivery Manager wants us to just do what is needed and get it out the door and never look at it again. How are we supposed to care when thats the attitude of the people who are supposed to be invested in it. Im surprised the client hasnt told us to get lost the app is so hideously broken and unmaintainable. Performing an action on the form can break a completely unrelated section somewhere else. We have lost control.
And they just keep adding more scope, ignoring our concerns cos hey its too late to just start changing the whole approach of the solution.

* No raise after one year, even that I don't earn that much
* Working in the oldest project
* Everyday I have to make quick fixes, usually requested by leader
* No spare time to rewrite shitty code - always something have higher priority (like doing some tasks that I shouldn't do, just because I had no tasks for next sprint)
* Got feedback from leader that I "hack" too much instead of writing code properly (see third dot)
* Every company around pays more and have more up-to-date stack
* The only guy that wanted to change stuff and use more generic approaches from other teams just threw resignation paper

I find it hilarious the total misconception of hacking that the general public has. I tell people I know cyber security (Not as much as a lot of people around here) but it is a hobby of mine and I find it very useful/interesting.

But I can't stop but laugh when someone is like, can you get all the text messages my bf receives?

Can you hack this for me can you back that?

C'mon even if I knew how to do that without being caught you think I would even admit that to you. Do hackers just walk around with an index card pasted to their forehead of their skill? It's not even slightly reasonable to think this lol even for someone who doesn't know about the field

Imagine asking your friends to help you rate your app on the google play store and instead of saying NO I DONT WANT TO RATE YOUR APPLICATION no... they decide to fuck with your mind.

1)
I will rate it tomorrow. (she never rated it tomorrow nor the next couple of weeks later)

2)
I will keep it in mind and rate it later :). (she never rated it later)

3)
I rated it haha (less than 30 seconds later they deleted the rating)

4)
Send me a link and I'll rate it (i send the link, they never respond or read my message again)

5)
I dont have memory on my phone :) (because 13MB of memory is a lot of storage requirements but taking 1 million selfies of up to 25GB is completely fine)

6)
I dont have memory on my phone what dont you understand :) x2 (this is the second girl)

7)
Your trying to give me a virus?? No (i got blocked multiple times)

8)
You want to hack me by making me install this application from the link that you sent me that leads to google play store? No (blocked)

9)
Rate your app? Haha i dont care about it because it doesnt bring me any benefit only the fat cocks that fill my pussy up satisfy me and not ur app haha

10)
Haha send me a link ill rate it (i send link, 8 hours later no reply or reading my message, i text her back if she had done it and im still put on ignore)

...

N)
more

----

Notice how none of these people have said the 2 letter word: "no".

All of these 10 examples are based on a true story.

All of these 10 examples are different people.

---

How hard
Can it be
To just
Write

no

---

.

---

For all of you who are about to trash talk saying i am desperately trying to beg people to rate my app:

i know all of those people for a long time. But when it comes to asking (and not forcing) someone to do you a favor for free that takes no more than 30 seconds, no one seems to have 30 seconds of their free time. Dont get me wrong, some of my friends did politely rate it and left a review, even the people who i barely knew left a review and rated it, but the people with whom I was closer by, didnt.

---

In the beginning i used to not care about this at all. Then i started falling into depression because of it. I fell then into deep depression. Then i sunk so deep that i couldn't feel any emotions anymore so i laughed as an anti depressive mechanism whenever something depressing happened. Now i cant even laugh because i have no more energy. Now i actually leave man tears

---

The only thing more valuable than people, any materialistic thing, animals, coding and even money - is time....

----

why do you waste my time

if i ask you to do something that takes 30 seconds and you dont want to do it

why cant you just say no

why do you drag me

why do you say you're going to do it when you know you wont do it

what do you gain by unnecessarily lying to someone for such a small thing?

to someone who has been a good person to you?

do you feel superior?

is your ego bigger?

----

This experience has taught me that not even a human from the same blood can be trusted.

All of your are fucked up in the head in your own style and i am guilty of it too, all of us are.

But i have never seen the human evolution went from simplicity to overengineered complexitory bULLSHit where you have to lie to someone and waste hours, days, weeks, months and sometimes years of his time just because you dont want to say a 2 letter word, no.

But when that person becomes more successful than you and achieves higher status, Theen you have those 30 seconds of free time. All of you are fucking cynics. and i am so much overly disgusted by all of this fucking bullshit....

-----

This experience has proven to me to simply focus on investing into myself and learn and improve myself and no one else. To not even bother asking even for a small kind of help, a feedback from my work because people don't have 30 seconds of their free time. That is all.

Terminal emulators on android. With tools fron kali linux.

*right click on image*
[nothing happens]
*spams right click, thinking about getting a new mouse*
[small modal shows up: "this content is protected!"]
*laughs in developer's console*

I never thought I'd get to see a website that "protects" its content by disabling right click, I'm moved :')

My first C++ app for a client was leaking so much memory that Windows kept crashing too.
So I had to press Ctrl-Alt-Del every few runs.
But the laptop running the app was enclosed in a box, so the keyboard was inaccessible.
My hack was to set up an Arduino, a push button outside the box and a wire. Asked the steward to push the button every three people trying the system. So the Arduino sends Ctrl-Alt-Del and the app was running again.

The client was happy :)

Damn, gitea is such a great piece of software, but yet it lacks so much of gitlab, which given are completely different sizes and all, but damn I would kill for the repos import feature of gitlab to be in gitea and maybe even automatic pipelines to fetch a remote automatically..

I could most likely hack together a solution that does the import and remote fetching automatically, but I doubt it would hold against any sort of update and be absolutely brutally murdered by any change.

I hate people that freelance and say they will build someone a website for like $500+ and all they did was grab a free, pirated or purchased for $20 on themeforest theme and throw it up on a wordpress site. its criminal how much they rip people off and insulting they call themselves web developers. tempting to hack their WordPress but I would feel even worse for their customers.

When I was in 11th class, my school got a new setup for the school PCs. Instead of just resetting them every time they are shut down (to a state in which it contained a virus, great) and having shared files on a network drive (where everyone could delete anything), they used iServ. Apparently many schools started using that around that time, I heard many bad things about it, not only from my school.
Since school is sh*t and I had nothing better to do in computer class (they never taught us anything new anyway), I experimented with it. My main target was the storage limit. Logins on the school PCs were made with domain accounts, which also logged you in with the iServ account, then the user folder was synchronised with the iServ server. The storage limit there was given as 200MB or something of that order. To have some dummy files, I downloaded every program from portableapps.com, that was an easy way to get a lot of data without much manual effort. Then I copied that folder, which was located on the desktop, and pasted it onto the desktop. Then I took all of that and duplicated it again. And again and again and again... I watched the amount increate, 170MB, 180, 190, 200, I got a mail saying that my storage is full, 210, 220, 230, ... It just kept filling up with absolutely zero consequences.
At some point I started using the web interface to copy the files, which had even more interesting side effects: Apparently, while the server was copying huge amounts of files to itself, nobody in the entire iServ system could log in, neither on the web interface, nor on the PCs. But I didn't notice that at first, I thought just my account was busy and of course I didn't expect it to be this badly programmed that a single copy operation could lock the entire system. I was told later, but at that point the headmaster had already called in someone from the actual police, because they thought I had hacked into whatever. He basically said "don't do again pls" and left again. In the meantime, a teacher had told me to delete the files until a certain date, but he locked my account way earlier so that I couldn't even do it.
Btw, I now own a Minecraft account of which I can never change the security questions or reset the password, because the mail address doesn't exist anymore and I have no more contact to the person who gave it to me. I got that account as a price because I made the best program in a project week about Java, which greatly showed how much the computer classes helped the students learn programming: Of the ~20 students, only one other person actually had a program at the end of the challenge and it was something like hello world. I had translated a TI Basic program for approximating fractions from decimal numbers to Java.
The big irony about sending the police to me as the 1337_h4x0r: A classmate actually tried to hack into the server. He even managed to make it send a mail from someone else's account, as far as I know. And he found a way to put a file into any account, which he shortly considered to use to put a shutdown command into autostart. But of course, I must be the great hacker.

Widget "hack" in secondary.

When I was around 13 or 14 I was enrolled at a public school in the UK. In an effort to try be eco friendly, the students and a IT technicain teamed up to try and create a widget that would track the consumption of printer credit used by all users (staff and students).

At first, I was just playing around with the homepage source code but eventually noticed the widget had separate code within the page.

Because all of the computers were interconnected, I grabbed the source code of the home page and put it into a notepad editor.

I used the intranet to look up staff names and student login usernames. I replaced my user ID with several staff members.

Boom, I could see how much paper they had used, how much they owed the library etc. May not be as impressive as others exploits but some staff were in debt by hundreds and never paid back a penny.

Hope you liked my story.

Proxmox team, go fuck yourselves.

Now I'm sure that I'll receive a lot of flack for this, but hear me out.

I've tried Proxmox and was quite pleased with its web UI. But I hate how much it locks me into their own little ecosystem.

I want to use btrfs on my drives. Why is this impossible, yet the hack that is ZoL is your obvious alternative? An alternative wherein I can't even compile and run my own kernel, because then ZoL suddenly fails? And don't you tell me to compile your stock config, when it's well over 15GB large in your source tree.

Proxmox is literally the MacOS of Linux distributions. Which was even more so made clear by me being called an idiot by possibly wanting to run Same on the PVE host. Because why on Earth would sysadmins want to?! Why on Earth would sysadmins be competent for wanting to?!!

You know what? I'll just convert those Proxmox servers to Arch and say fuck you to all the bells and whistles that's Proxmox' web UI. Because at least Arch allows me to make my own fucking choices, limited only by what's supported by the Linux operating system.

Perhaps Proxmox will consider btrfs stable in 2021. Because you know, despite it being stable today in 2018, Debian and Proxmox alike live 3 years in the past, i.e. 2015. I hate the Debian ecosystem because of that, but boy do I hate Proxmox even more so. Bloody fucking piece of shit it is!!! 😡

First experience with Android: our professor of Software Engineering gave us a project about building an app for University indoor geolocation using BLE beacons.
Just found out that only a few PhD-level dudes did such a thing with much fewer good results.
Sounds like when your average-hedidnotrealizedwhataprogrammeris-friend asks you if you are able to hack Google Chrome.

It was more of "Hate story" with a guy whose mere presence would irritate me very much. He was also close to the girl I liked a bit (not very huge crush or something).

So he was very active on two of his social networks one being fb and second directly connected to fb so basically getting hold of fb would mean that I could control his other one too.

It was Oct 2016 and that time you could easily hack an account using social hacking (not asking OTP out something mere details did it for few accounts).

I hacked his account and wrote curse words and all. As I had already changed the email and password, he couldn't till date retrieve it.
However as he reported to fb, his account was held and I could no longer access it but till then everything was over.
I couldn't still spot him on FB or the other social network.
And this was one of the most evil act I have performed in my life.

I've spent a lot of time messing around with C, having struggled with object-oriented programming (due to not really knowing how best to structure things, not knowing when to apply certain design patterns).

When writing C code, I'd write OOP-esque code (pass around a struct to routines to do things with it) and enjoyed just making things happen without having to think too much about the overall design. But then I'd crave being able to use namespaces, and think about how the code would be tidier if I used exceptions instead of having every routine return an error code...

Working with Python and Node over the past couple of years has allowed me to easily get into OOP (no separate declaration/definition, loose typing etc.) and from that I've made some fairly good design decisions. I'd implemented a few design patterns without even realising which patterns they were - later reading up on them and thinking "hey, that's what I used earlier!"

I've also had a bit of an obsession with small executable files - using templates and other features of C++ add some bloat (on Windows at least) compared to C. There were other gripes I had with C++, mostly to do with making things modular (dynamic linking etc.) but really it's irrelevant/unreasonable.

And yes, for someone who doesn't like code bloat, working with Node is somewhat ironic... (hello, node_modules...)

So today I decided to revisit C++ and dust off my old copy of C++ in a Nutshell, and try to see if I could write some code to do things that I struggled with before. One nice thing is that this book was printed in 2003, yet all of its content is still relevant. Of course, there are newer C++ standards, but I can happily just hack away and avoid using anything that has been deprecated.

One thing I've always avoided is dynamic_cast because every time I read about it, I read that "it's slow". So I just tried to work around it when really if it's the right tool for the job, I might as well use it... It's really useful!

Anyway, now I've typed all this positivity about C++ I will probably find a little later on that I hit a wall with what I'm doing and give up again... :p

A quick hack that does what the user needs it to do is much better than a beautifully crafted codebase that doesn't solve the user's problem

If you've ever tried using Go plugins raise your hand.
If you've ever tried doing plugins in Go, raise your hand.
If you think that the following rant will be interesting, raise your hand.
If you raised your hand, press [Read More]:

This is a tale of pain and sorrow, the sorrow of discovering that what could be a wonderful feature is woefully incomplete, and won't be for a very long time...

Go plugins are a cool feature: dynamically load pre-compiled code, and interact with it in a useful and relatively performant way (e.g. for dynamically extending the capabilities of your program). So far it sounds great, I know right?

Now let me list off some issues (in order of me remembering them):
1. You can't unload them (due to some bs about dlopen), so you need to restart the application...
2. They bundle the stdlib like a regular Go binary, despite the fact that they're meant to be dynamic!
3. #2 wouldn't be so bad if they didn't also require identical versions of all dependencies in both binaries (meaning you'd need to vendor the dependencies, and also hope you are using the right Go version).
4. You need to use -trimpath or everything dies...

All in all, they are broken and no one is rushing to fix it (literally, the Go team said they aren't really supporting it currently...).

So what other options are there for making plugins in Go?

There's the Hashicorp method of using RPC, where you have two separate applications one the plugin, one the plugin server, and they communicate over RPC. I don't like it. Why? Because it feels like a hack, it's not really efficient and it carries a fear of a limitation that I don't like...

Then we come to a somewhat more clever approach: using Lua (or any other scripting language), it's well known, it's what everyone uses (at least in games...). But, it simply is too hard to use, all the Go Lua VMs I could find were simply too hard to set up...

Now we come to the most creative option I've seen yet: WASM. Now you ask "WASM!? But that's a web thing, how are you gonna make that work?" Indeed, my son, it is a web thing, but that doesn't mean I can't use it! Someone made a WASM VM for Go, and the pros are that you can use any WASM supporting language (i.e. any/all of them). Problem inefficient, PITA to use, and also suffers from the same issues that were preventing me from using Lua.

Enter Yaegi, a Go interpreter created by the same guys who made (and named) Traefik. Yes, you heard me right, an INTERPRETER (i.e. like python) so while it's not super performant (and possibly suffering from large inefficiency issues), it's very easy to set up, and it means that my plugins can still be written in Go (yay)! However, don't think this method doesn't have its own issues, there's still the problem of effectively abstracting different types of plugins without requiring too much boilerplate (a hard problem that I'm actively working on, commits coming soon). However, this still feels to be the best option.

As you can see, doing plugins in Go is a very hard problem. In the coming weeks (hopefully), I'm going to (attempt to at least) benchmark all the different options, as well as publish a library that should help make using Yaegi based plugins easier. All of this stuff will go (see what I did there 😉) in a nice blog post that better explains the issues and solutions. But until then I have some coding to do...

Have a good night(/day)!

Most Devs I've met have been rational, so I'm fortunate enough to not have had a fight with a dev.

There was, however, one guy. Had to collaborate with him on a web app. I would fight with him almost everyday to not use deprecated tags, use proper CSS, not hack something together because it just works and the list goes on too long.

But I never succeeded in convincing him. Learnt that no matter how much you try, you cannot convince someone stupid

A few days ago our server was compromised due to an outdated Jenkins version. The malicious user installed a crypto miner on the server... The same day that it was found I told management that I'm interested in helping out with the server. Since then, nothing happened... No updates, no security measures, no nothing (except for the removed crypto miner and updated Jenkins software)

Oh well only a matter of time before another hack...

Question to some (who work way way way longer than me) med - seniors, should I make a big deal out of this? And keep pressure on it. Or should I just leave it be and wait for the next comprised server? I know devrant is not a Q&A service, but some dev to dev advice is much appreciated.

- incognito

Any night, 1:30am, bedtime: "Yes! I can't WAIT for tomorrow to begin! I'm gonna make SO much progress on that personal project that I just KNOW is gonna change the world and make me a billionaire! My time is now!"

Next day, 9am, first call of the day: "Ugh, waking up SUUUUUCKS! But, fine, just gotta get through the workday, then it's beast mode time!"

5pm: "Ugh, that day SUCKED... meeting after meeting, constant interruptions for the few minutes I got to hack code, SO many emails, and hey, good day, only five new things pushed down from corporate to bang my head against! Feelings pretty mentally exhausted, but it's all good, I fortunately love this programming stuff, so first dinner, then a little exercise, spend some time with the family, and then it's time to COOOODE!"

10pm: "Ok, house is FINALLY quiet (fucking dog), just a little noise from my daughter staying up way too late again... kinda spent, but this project still excites me, and I may not get as much done as I was hoping, but fine, I can still make some tangible progress and that's what matters. Maybe just one last quick check of email, Reddit, make sure there's no new Hot Ones or Honest Trailers I gotta watch, update IDEA plugins and see what's new, then it's work time! Nothing can stop me now!"

Any night, 1:30am, bedtime: "SHIT! I GOT FUCK ALL DONE AGAIN! GO DAAAAAAAMN IIIIIT!!!!"

I already wrote this story in the comments to some other rant, still it's pretty funny.

So, i was modding my wii u by messing with system files, the only way to do this is to run an homebrew that hosts an ftp server so you can connect with your pc, the thing is, this server was not protected and allowed anonymous login, not an issue if you have a firewall.
BUT i had this console in the DMZ on the router for online play.
~You can see where this is going~
While doing stuff from my pc i started seeing a lot of entries on the console's log and i didn't understand why, i thought filezilla was doing some shit so i closed it but the log was still going, then i realized and quickly shut the server down.
Then i disabled the DMZ and went back to check what happened (unfortunately the log was only shown on screen and not saved, by closing the server i lost it) so looks like the attacker uploaded a lot of files with random names in pretty much every folder.
Due to the random names, I don't know which are system files and which attacker's files so i just kept them there. And today they should still be there.

--Random thinking--
What if the attacker also stole some files, he was hoping to get photos or valuable documents, but just got the console's system files and he thought something along the lines of "wtf is even this".
Also, how likely is that an ip scanner script gets to my ip in the 5 minutes i run the server, and (on the attacker side) how likely is to hack a server just to find out that's a wii u (the least successful console in the last generation)...

Moral of the story: double check your firewall if you are going to run an unprotected server.
That's it, stay safe :P

So just babbling my shit down here.

(Tldr : i am a crazy guy who followed my half slept brain, went onto a stage , gave some kind of motivating , stammering talk to a large group of professional strangers, enjoyed that day with a red embarrassed face and just got my first pic of me speaking on stage and that is so awesome !)

Last Saturday i went to a gdg meetup and i embarrassed the hell out of me.

I went there with just 2 hours of sleep from the previous night.
After a few talks there comes a guy who is taking some time to install is setup and the host calls for lightning round session ( ie he asks if anyone from the audience would like to share something about their product or something).

I am a fucking nutt guy. I can explain something to you nicely in a hacky way as long as i have done enough work on that and you speak my native language.

But giving a talk on English stage, hell no! I stammer, mix hindi with English and start speaking werd shit.. And that's what happened.

I don't know what went into me but as some guy went to the stage and talked for 2 mins, i was like yeah i want to do that too. So in next turn when he asked for a show of hands, i raised mine and fucking went to stage!

I forgot that if you go on stage you should have something to talk to . But the moment i was on stage, i was like... "Nope, we will do this differently".
I had been working on a video ads module from the last week which could be easily explained in 2 mins. But i felt like giving a non techy talk instead.

It went something like this: i introduced myself with my experience details ( who gives experience details on stage !?!) Then host said to speak loudly and i went like "Bharat mata ki jai!"( Victory to mother india (wtf!?😆) .

Then started talking about how the developers feel disheartened when searching on internet where the resources are scattered . And the solution i told them was :"don't be disheartened. You will eventually find it (like wow dude wtf, as if they didn't knew that) . Look on the youtube and other resources " and then went full on explaining/marketing about some online tutor who gives advice/consultancy via a subscription based payment ( tbf that guy really helped solve a lot of my doubts, he has written books on Android dev and is the top so answerer for Android).

Then i went on sharing my thoughts live on that fuckin stage ! ( Live because i usually post my thoughts here on devrant before discussing them out with real people, you guys are my safe space) but there i discussed my thoughts on libraries!

I have this believe that Android devs these days are having lesser knowledge of the system because we have all the libraries and templates available to us. But when we have to customize stuff, we need to go deep into docs and source classes and find ourselves in trouble there. So i kind of said this out loud and that we should try to read more the code and implement stuff ourselves instead of using the library 😅🙈)

I was feeling so fucking embarrassing after that all stuff! It was so full of stammering , broken English and worst attempt at motivation. At that time i was regretting this and about to burst cry and run away, but somehow i gathered my self, got my mood back to the event games and talks, later went to the organizers and apologized(and they were very nice and didn't cared about it), and overall enjoyed my weirdest day!

When i came home, my mom gave me a little more confidence about it. Now i think i shouldn't be that much instinctive. Next day i went hack to work and everything got normal.

But Yesterday i found a link to the public repository of the photos. Ohh fuck, someone had took my image! and that was too in full hd!!! 🙈🙈🙈😅😆😆 Oh mann I can't stop looking at that cool stage speaker image, i love it ! I, the shy-est and the most uncool awkward person , present on the stage with a mike, oof , i think i lived my dream !

I hope i could get enough confidence and speaking skills to take a real stage talk next time ( and maybe enough interesting talks and confidence to talk with girls of our office, ¯\_(ツ)_/¯ )

Reminiscing my first tech sticker, this one's from my first hack-a-thon. :') gonna go to the same one in 2 weeks, kinda nervous because I didn't really learn much compared to last year. (but I shamelessly collect the stickers)

I've been staring at the same section of code for about two hours now. I want to solve this puzzle and design it properly. I'm desperately trying to resist the urge to hack it. Not sure I can hold out much longer...

Early on in my freelancing career I learned something important. Even with seemingly tame nerdy stuff, sh*t can get real, real quick. This story describes the very start of my career in web development and hopefully will serve as a warning to newbies out there.

A young teen, I had just learned some basics of wordpress, I was confident I could hack together something that worked and looked okay with minimal effort and knowledge. One day I was approached by a guy who wanted a job board board site. Knowing there were already clones out there I figured this would be an easy gig, man was I wrong.

In addition to the fact I didn't know about contracts or the scope creep from hell, I had somehow gotten myself involved with a criminal business front.

These guys operated a scam business to rip off investors. Me and my designer buddy were used to make the business look legit. What they would do is hold job fairs where people are supposed to pay to rent a booth, but instead they would give everyone a booth for free and then lie about what all businesses were coming. They would then show this info, along with the website and marketing materials to investors. They would take the money from the investors and launder it for drugs.

The real story starts the day of one of the worst hangovers I had ever had. I was at a random friends house sleeping for most of the day.

Apparently one of the guys who was operating the scam business was about to strike a deal with one of the investors when something on the website didn't work (it was working as designed). This guy, Manny we'll call him, had been blowing up my phone all morning. I check my voicemails and there are threats on my life; saying I will be sleeping with the fishes, or if they ever find me, they'll fuck me up. Needless to say this really freaked me out, either way I decided to head back to my dorm.

When I come back home, my designer buddy tells me that some guys were in the house looking for stuff. Apparently this guy hired two nerds to "break into my computer and steal the website", fortunately they didn't know what they were doing.

After a while I got another call, Manny wanted to sit down and "talk things out". Being naive I accepted and we met up. The two nerds were there with one of his body guards. He said he wanted to have those two nerds take over the project. While this was going on, his bodyguard flashed his gun at me several times making eye contact. I agreed to, but I still wanted to get paid. I asked about getting paid and he said we never signed a contract and that he owned the host and domain. I was pretty much screwed.

This is where the story should end, but I wasn't a very smart guy back then. I gave up the site but I created a back door into it. Every week or so, they would get "hacked". Because the two nerds didn't know what to do, they ended up coming back to me for help. This is when I finally got paid. Totally not worth it.

!rant

I was propably 15 years old the first time i saw my friend coding html and and other related stuff i cannot remember! It intriqued me and i really wanted to learn it (i wanted to learn to hack.. xD..) but at the given time i wasn't happy in life and i was pretty much addicted to WoW..

So.. forward 12 years, where i had gone to the military, thought about becoming a physiotherapist, psychiatrist, korean translator and game designer.. oh and countless attempts from another friend to get me interested in c#.. i decided to start studying computers (software/hardware) at DTU (danish university).

That was rougly 8-9 months ago and i am now pretty decent in C, HTML, C++, Java, MySQL and koncepts about networks and OOP designs :).

I am super grateful to all the trial and errors throughout my life that have brought me to this place :)

Still 27, still has alot to learn, but i am really happy where i am right now. Even so, that i am spending my free time making my own projects :)

I also get super happy whenever i fix a bug of mine :p.

I truly believe that you will skyrocket to succes if you do what you love.

For me, i just discovered that part of myself a little late :)

Not sure what i hope to achieve with this post, but i hope it can give an insight into what people go through and yeah.. go for what you want!

Have a great time everyone!

And first !rant on this app!
I love all your rants! vs !rants

ASP.NET Web Forns?

Can't tell how many times I printed out the page lifecycle diagram for myself or a coworker. So many hours lost trying to figure out which lifecycle hook to use for a specific scenario and then have it all break down because something new was added to the feature. Or figuring when data can be bound, or doing some hack because things break when handling a POST event or some shit.

Overly abstract piece of technological excrement. Might as well express the thing in contemporary dance and check that into source control instead of that ungodly mess.

The switch to AJAX and API calls was such a huge relief it's almost hard to explain in words (I can do a dance tho). And then upgrading to AngularJS, man, worlds apart...

I don't care how much they pay me (okay, you got me...), I'm never touching Web Forms again.

Typescript integration in Visual Studio SUCKS!! I waste so much time fucking trying to set up Angular 2 boilerplate that would take almost no time in VS Code or another editor because this bloated piece of garbage has to try and hack everything into MS build tasks and "Virtual Projects".

You would think that the company that created Typescript could figure out how to integrate it properly into their flagship IDE!!!

FUUUUCCCCCKKKKK!!

there is no way YouTube isn't dead as a product

last night I had to switch from matrix voice chat to discord voice chat to talk to somebody (because their phone suddenly doesn't do matrix well, keeps cutting out their mic if their screen is turned off or they switch to a different app wtf). they misinterpreted something I said as talking about "shock value". I think that's a demeaning term that doesn't capture why "bad" content is good. now I'm just chilling trying not to workaholic and first recommendation on YouTube I have is about "what happened to shock value websites". oh I'm sure that's a coincidence

this has been happening increasingly and I fucking hate it. it keeps recommending videos that have absolutely nothing to do with what I'm watching or have ever watched or would even be in the interest of in the past, but I mention it somewhere and it creepily suggests the content to me, always with videos claiming to have 2-3 million views. bullshit. I tried some of these and there's no way anybody cares about this content in such numbers. it's so lukewarm and dumb. and how the hell do they have "opinion" vlogs about every topic? since when did that become the #1 type of content on YouTube? cuz it's 50% of my recommendations and I've never given a shit

I have like 500 subscriptions on YouTube. I've had an account a long time. a lot of them are old channels that stopped being active as YouTube evolved, which I think was a shame. a lot of them had to do with ad revenue or YouTube algorithm just not suggesting their content to new people. they were wholesome, honest channels with really good content I think -- really good game analysis, compilations of unique or weird viral content and the guy was just a funny dude in his basement, etc. but fair I guess. shame, but fair

Then there was the quiet era, where your front page just didn't suggest the good channels and just the stupid channels. it didn't suggest your subscriptions but in your interest area or something. what's the point of subscriptions if you're not showing me them? this is also about the time if I left a comment on a video I ceased receiving replies so I assume I was shadow banned. I have not received a single reply in years now, even on small channels. some content creators noticed if they post on their own channels and accidentally logged out and looked for their comment their own comments don't show up. just weird annoying nonsense that's inappropriate for them to be doing. bruh, please

and then the next wave came, it wasn't just YouTube won't recommend your channel, in the COVID era what came was if you mentioned something then channels with previously millions of views, still currently millions of subscribers, suddenly went down to 5k-50k views per video. bitch please, you expect anyone to believe this nonsense?

then they fucked up the search. I KNOW videos exist and I can't find them. I type in half the video's title, you can't find it. thankfully if you type in every single word exactly you can still find them. bruh that's too much. also just search plain doesn't work. if I'm looking for a specific topic I get 5-10 max videos on that topic and the rest are irrelevant recommendations. this is entirely ridiculous. there's videos I KNOW exist on YouTube and nobody gave a shit about them, like 5 view Benny benassi music clips with a scene from a video game. I can't even meme anymore

this morning a friend on discord sent me a... weird clip, of like an anime skit. problem? well discord embeds YouTube videos. I pressed play. I get... an ad. lol what. I browse away and back to the video. try again. ad. yeah I'm not playing this. I have to refresh the page 20-30 times sometimes just until the ads stop fucking up every time my adblocker ceases working (and then I have to go update it again lol -- by going to the developer page for the ad block because it was banned from the app store so you can't auto update it and have to manually update it every time)

my friend links me a discord plugin to... remove ads... from YouTube embeds... bruh

I used to mod discord but it's annoying, because every time discord updates you have to go re-apply the hack to be able to mod your discord

I think we should just plain move away from YouTube. during COVID era a lot of people got banned in subreddits on reddit. I noticed when you get banned, the subreddit still has you listed as a subscriber. the r/Canada subreddit for example has 3 million subscribers but the activity of a subreddit that's maybe 1k people. increasingly subreddits just became ghost towns after that like that. reddit is a dead website, with fake numbers. I think YouTube is now a dead website, with fake numbers. no fucking way stupid lukewarm opinion videos with absolutely nothing to add are getting 2-3 million views and people are just clamouring for these takes they didn't ask for

also stop listening in on my private conversations. fucking disgusting. idc if an AI is transcribing. ew.

Few things hack me off more than devs who can't be bothered to do a task properly, so just submit some random crap as a PR that looks half correct at some surface level in the vague hope it gets approved.

This team is about creating decent, tested, reliable, resilient backend infrastructure, and we need to trust devs in order to do that. If you want to pull the half-arsed, do as little as possible and get paid as much as possible approach then sod off to higher management somewhere.

FUCK APPLICATION LEVEL FIREWALLS!

So i cam online today, thought already lets open the shitty outlook webmail client. Holy crap .... thats way to much mails. Many of them are missed teams messages. So i open up teams and holy crap. Like every third dev in my company send me a message screaming "gitab is not working!!!".

Yesterday i updated it so imediately get in panic mode - what the shitty hack have i done?!

So yeah gitlab seems to be working just fine, everything is speedy and responsive, so i call one of my fellow devs and ask him whats wrong? And he is like oh yeah there comes a ldap error saying timeout or something.

I try to login with active directory. Works like a charm. Try another account, same problem?!

Google the problem, search gitlab tickets. Nope there is no open bug or sth. like this.

So alright lets call the network guy. "Yo, can you check if there is something ldap-like getting blocked to the gitlab server?" - He is like oh yeah damn like almost every damn request is getting blocked. Ah wait, there was an firewall update yesterday too. Yeah ldap is no longer ldap. BLOCK THAT SHIT!

After 10 minutes of figuring out what shitty type is detected by the firewall and what needs to be whitelisted to make it fucking work again it seems to work.

But ha no, there is another update rolling on, so same shit like 15 minutes later.

Now it seems to work and i have to inform every damn fcking developer that it works again. And yeah alright you sent a mail, but fuck it, i will call you though! So yeah just answering calls, mails and chat messages. Like why the fuck cant you read your mails like a damn normal person?!

I'm slowly realizing how much goofy code I put in my branch and overlooked. This code review is going to be interesting...

Some examples:

import plots as lel
<h4 id="title">Crunchatize Me, Captain! </h4>
go.Scattergeo(name="cheese", ...)
webster = { ... }

The commit messages are even worse.

- 'horizontalize' link list
- very messily hack in <feature>
- partially refactor some of the awful code from previous
- Remove one annoying space
- make background color less annoying
- remove seemingly useless property
- minor fix
- Apparently it's possible to center a DIV. Who knew?
- Made some cool bar graphs
And then there's just a bunch of reverts.

Time sheets. I'm not a fan of our task management system, you don't check out jobs or tasks like moving cards on a kanban board, it's more of a loose, calendar-based setup. We're also in a small, open office so it can be difficult to remember to log things in the software when you could tell the person opposite you that their task is finished. On top of that a lot of the time it takes me longer than the scheduled time to get a job finished as I'm learning a lot of new stuff, so digitally documenting things like that worry me a little. I don't want to look like I can't hack it just because a job takes me longer than my much-more-experienced colleagues.
I should note that I understand it's all incredibly useful data to the company, but I hate doing it and it's very easy to forget or ignore.

The company I work in recently made a subdomain where you need to figure out how to hack the page using a vulnerability they subtly put there. If u are successful u get an interview. I looked it over for fun and was able to do it. But since i already work there i was thinking of telling a friend id love to join us but was rejected a month ago when they interviewed him about how i did it so he can apply maybe they give him another chance. do you think I should do that?

Note that i referred him last month and hes a fresh grad with not much experience

Up until now, I never had any breaking updates on Linux on my laptop, Except for Nvidia drivers stopping. It would switch to noveau. Even my cobbled together hack of Broadcom Bluetooth solution worked without even having to touch it. Well, I still don't have problems with core Linux but add gnome to the issue mix today. Surprisingly, Nvidia drivers for the first time Nvidia drivers upgraded (to 340) and I didn't had to do anything for it to work. Gnome deprecated synaptics driver support and now uses libinput implementation for it. Well Ubuntu Gnome updater won't clean the configuration and I had to remove the driver and clean config myself. Nothing too much, i have to deal with these stuff on my arch installation but Ubuntu has been "it works fine. No need to interfere" thing for me. It works fine on Wayland (it always used libinput on Wayland a if I am correct) but nvidia drivers doesn't support Wayland. And then since the update gnome has been disabling some of my extensions at random. All on X. I have no problems with Wayland except for Nvidia fucking drivers. All that said, its still better than windows where I lost fucking network connectivity during something important. And the trackpad drivers on Linux are somehow much better than anything I have used on windows. (that or Sony made fucking great trackpads and nobody noticed). Here's to hoping Nvidia starts supporting drawing on Wayland and I can ditch X completely. I have seen visible improvements in performance under load and slight decrease in battery usage with Wayland.

Yesterday, I performed an experiment on myself.

I have heard pretty much that a cup of strong black coffee at night keeps you awake the entire night. Newbie here when it comes to staying up all night ( I mean I stay up late but never all night) so I decided to give it a go.
I'm unsure about the results though.

First off, how strong is a strong coffee? One teaspoon coffee per cup? Am I allowed to add a teaspoon of sugar?

Next, I think it kinda also have to do with me. I mean, I have heard it doesn't give me sleep so my personal bias affected it. I wanted it to be true. To be a life hack for that huge ass paper due by tomorrow.

Maybe it does work. At around 4 in the morning I was too tired with the shit I was doing so I decided to finally lay down. I recall this brief moment when I was in my bed all ready to sleep and the sleep wouldn't come. Maybe that's the coffee working. But again, it could just be normal.

Does it not work? If it does, how do I make it work? 😣

Stayed for the hack-a-ton last night. Had so much fun! And everybody actually came up with a working product in a couple of hours. Amazing :).

Too bad the initiator of the whole thing went home early. Doesn't really show interest.

!rant && advise
I have some expirience working as full stack developer, but focussed latly mainly on backend (php/java). However for one project, I need a desktop application and I was wondering, if you would recommend electron for it.
Pros:
- I could reuse some of the webapp stuff and cache it offline using web workers
- Styling done via HTML/CSS
- Portable between Linux/Windows/Mac
Cons:
- I haven't worked (much) with node js so far, but that shouldn't be a too big problem

What are the pros and cons from your point of view? Would you recommend electron? Why yes, why no? If no, what would you reccomend as alternative?

My knowledge so far:
Good: PHP/Java (without GUI)/CSS
Quite good: Javascript
Meh: Python (I can hack things together but wouldn't say I'm good with it...), C++

I wonder if crypto exchanges are so damn vulnerable or just so transparent.

I mean, it is impossible to scroll tech articles for more than a few seconds before stumbling on a report of yet another crypto exchange being nicked a couple hundred mil USD.

- It could be that their security severely sucks (wouldn't blame them for it, most businesses do suck at securing shit).
- It could be that the entire black hat community is putting it's might on stealing money that is so fucking easy to launder.
- It could be that is damn nigh impossible to cover up a crypto hack since the evidence of coins drifting away is forever on display in the public ledger, and in that case crypto companies are not hacked more often than regular companies, they are just much more often publically shamed for it.
- It could be a mix of all the above, but my intuition is that one factor is more relevant.

Which would be the most relevant factor? One of the above or yet another attack vector to the stupidest value conduit ever?

Need some advise from all you clever devs out there.

When I finished uni I worked for a year at a good company but ultimately I was bored by the topic.

I got a new job at a place that was run by a Hitler wannabee that didn't want to do anything properly including writing tests and any time I improved an area or wrote a test would take me aside to have a go so I quit after 3 months.

Getti g a new job was not that hard but being at companies for short stints was a big issue.

My new job I've been here 3 months again but the code base is a shit hole, no standardisation, no one knows anything about industry standards, no tests again, pull requests that are in name only as clearly broken areas that you comment on get ignored so you might as well not bother, fake agile where all user stories are not user stories and we just lie every sprint about what we finished, no estimates and so forth, and a code base that is such a piece of shit that to add a new feature you have to hack every time. The project only started a few months back.

For instance we were implementing permissions and roles. My team lead does the table design. I spent 4 hours trying to convince him it was not fit for purpose and now we have spent a month on this area and we can't even enforce the permissions on the backend so basically they don't exist. This is the tip of the iceberg as this shit happens constantly and the worst thing is even though I say there is a problem we just ignore it so the app will always be insecure.

None of the team knows angular or wants to learn but all our apps use angular..

These are just examples, there is a lot more problems right from agile being run by people that don't understand agile to sending database entities instead of view models to client apps, but not all as some use view models so we just duplicate all the api controllers.

Our angular apps are a huge mess now because I have to keep hacking them since the backend is wrong.

We have a huge architectural problem that will set us back 1 month as we won't be able to actually access functionality and we need to release in 3 months, their solution even understanding my point fully is to ignore it. Legit.

The worst thing is that although my team is not dumb, if you try to explain this stuff to them they either just don't understand what you are saying or don't care.

With all that said I don't think they are even aware of these issues somehow so I dont think it's on purpose, and I do like the people and company, but I have reached the point that I don't give a shit anymore if something is wrong as its just so much easier to stay silent and makes no difference anyway.

I get paid very well, it's close to home and I actually learn a lot since their skill level is so low I have to pick up the slack and do all kinds of things I've never done much of like release management or database optimisation and I like that.

Would you leave and get a new job?

I took a career transition last year and I'm starting to question my decision. I'm stuck.

I've only learned to hack shit together in my past jobs (except one freelance project where I pretty much learned most of what I now properly know), exposing me to bad practices. To make it worse, I lack fundamentals and basics so can't even write JavaScript beyond for loops without documentations.

Lately I've been pushed to take charge in structuring a project from scratch. I failed at understanding what exactly Webpack does mainly because it required knowledge of web modules which I still find elusive. I make time to learn basics in the evening or weekends but most of the time I'm taking home the internship work project that I, again, just need to hack shit together, depleting my energy by the end of day.

Now I'm at the stage where I need money, for which I'm thinking of applying for waitressing or entry-level marketing jobs. I'm shit scared that I'll never break into the industry and will just end up living day by day feeling unfulfilled.

I'm so tired of trying.