Internship number two.

*walks downstairs to get a coffee*
*CTO (my guider) walks in*
CTO: (dead serious face) "linuxxx (not using my first name :P), come with me please"
*walks along to his office, starting to get reallly fucking nervous*
*CTO and me walk into his office, he sits down and looks at me very serious*
*I'm slightly shaking, nervous, sweating*
CTO: "So."
*oh yes here it is its gonna come I did something wrong fuck fml 😫😥😨😩*
CTO: "So you know quite some stiff around security/privacy. Could you tell me some stuff about why I'd want to use VPN and recommend me some good providers? 😀"
😅
*nearly falls onto the ground from relief*

I explained him some stuff and sent him a list of good providers 😀

So, recently, a person in the US was arrested for stalking people.

The evidence was some data from google, a work computer and from a VPN provider.

Let's take a quick look at that VPN provider. It (PureVPN) says on their privacy policy page that they do NOT store logs.

Guess from what VPN provider the FBI got those logs? Yes, PureVPN!

Althouh I'm happy they got this creep off the street, it still means that PureVPN has been lying to its entire customer base.

I personally hope that their reputation will be destroyed now because this should never happen.

A screenshot I took from their privacy policy page is attached below.

Keep your eyes open when choosing a VPN provider!

My mom got audited for storing sensitive client information in her gmail account without using a vpn or any other real security.

I had been telling her this was an issue for literally the last three years and shes brushed me off every time.

I got yelled at for not telling her I was serious.

Client: The webpage has been inaccessible all weekend!!

Me: Oh you mean the page you need to have a VPN connection to access?

Client: Yes that one!

Me: Are you connected to the VPN?

Client: Oh...no I'm not. *connects to VPN* Its working now.

The fun of a VPN + browser user agent stuffs spoofing!

Websites that only display the language based on IP address (geolocation data) can go fucking fuck themselves.

THE FACT THAT I'M USING A VPN SERVER IN GERMANY DOES NOT MEAN THAT I CAN FUCKING READ GERMAN. AT LEAST GIVE ME THE MOTHERFUCKING COCK SUCKING OPTION TO CHANGE THE FUUCKING LANGUAGE YOU FUCKING FUCKING FUCKING FUCKING COCKSUCKERS.

MOTHERFUCKER.

Tldr :
Office Building : 1
Population: 5000
Number of PC users: 5000
No of Spare mice: 0

Day 1:
Training period commences.
My mouse laser sensor doesn't work.

Solution: Use this mouse to log in to your system.
Open the company portal.
Connect to vpn.
Enter username password.
Create a ticket for mouse replacement.
Done.

Day 3
I bring my own mouse.
Confiscated at security.
Becomes a security violation.

Day 9
I get a call from helpdesk.
Agent- what is the problem?
Me- my mouse is not working.
Agent- why?
Me- what do you mean? Something is wrong with the sensor.
Agent- clean the sensor.
Disconnects call.
Marks ticket as resolved.
Me- WTF just happened!

Naturally, I escalate the issue.

Day 15
Level 2 Agent- what happened? Why have you escalated the issue?
Me- I need a mouse, waiting since 2 weeks.
Him- No mouse is available
Me- you don't have a single spare mouse available in an office with 5000 PC users?
Him- no they're out of stock.
Me- when will it be back in stock?
Him- we will 'soon' launch a tender for quotations from sellers.
Me- time?
Him- 1 week.

Day 34

I email the head of supplies for the city office. Next day I get a used super small mouse, which doesn't have a left button. Anyways, I've given up hope now.

Day 45
I become a master at keyboard shortcuts.
Finish my training.
Get transferred to another city.
No mouse till date.

Surprisingly, this was one of the top recruiters in my country. Never knew, MNCs can be so so inefficient for such simple tasks.
Start-ups are way better in this regard. Latest tech, small community, minimal bureaucracy and a lot of respect and things to learn.

This rant is a confession I had to make, for all of you out there having a bad time (or year), this story is for you.

Last year, I joined devRant and after a month, I was hired at a local company as an IT god (just joking but not far from what they expected from me), developer, web admin, printer configurator (of course) and all that in my country it's just called "the tech guy", as some of you may know.

I wasn't in immediate need for a full-time job, I had already started to work as a freelancer then and I was doing pretty good. But, you know how it goes, you can always aim for more and that's what I did.

The workspace was the usual, two rooms, one for us employees and one for the bosses (there were two bosses).

Let me tell you right now. I don't hate people, even if I get mad or irritated, I never feel hatred inside me or the need to think bad of someone. But, one of the two bosses made me discover that feeling of hate.

He had a snake-shaped face (I don't think that was random), and he always laughed at his jokes. He was always shouting at me because he was a nervous person, more than normal. He had a tone in his voice like he knew everything. Early on, after being yelled for no reason a dozen of times, I decided that this was not a place for me.

After just two months of doing everything, from tech support to Photoshop and to building websites with WordPress, I gave my one month's notice, or so I thought. I was confronted by the bosses, one of which was a cousin of mine and he was really ok with me leaving and said that I just had to find a person to replace me which was an easy task. Now, the other boss, the evil one, looked me on the eye and said "you're not going anywhere".

I was frozen like, "I can't stay here". He smiled like a snake he was and said "come on, you got this we are counting on you and we are really satisfied with how you are performing till now". I couldn't shake him, I was already sweating. He was rolling his eyes constantly like saying "ok, you are wasting my time now" and left to go to some basketball practice or something.

So, I was stuck there, I could have caused a scene but as I told you, one of the bosses was a cousin of mine, I couldn't do anything crazy. So, I went along with it. Until the next downfall.

I decided to focus on the job and not mind for the bad boss situation but things went really wrong. After a month, I realised that the previous "tech guy" had left me with around 20 ancient Joomla - version 1.0 websites, bursting with security holes and infested with malware like a swamp. I had never seen anything like it. Everyday the websites would become defaced or the server (VPN) would start sending tons of spam cause of the malware, and going offline at the end. I was feeling hopeless.

And then the personal destruction began. I couldn't sleep, I couldn't eat. I was having panick attacks at the office's bathroom. My girlfriend almost broke up with me because I was acting like an asshole due to my anxiety issues (but in the end she was the one to "bring me back"(man, she is a keeper)) and I hadn't put a smile on my face for months. I was on the brink of depression, if not already there. Everyday I would anxiously check if the server is running because I would be the one to blame, even though I was trying to talk to the boss (the bad one was in charge of the IT department) and tell him about the problem.

And then I snapped. I finally realised that I had hit rock bottom. I said "I can't let this happen to me" and I took a deep breath. I still remember that morning, it was a life-changing moment for me. I decided to bite the bullet and stay for one more month, dealing with the stupid old server and the low intelligence business environment. So, I woke up, kissed my girlfriend (now wife), took the bus and went straight to work, and I went into the boss's office. I lied that I had found another job on another city and I had one month in order to be there on time. He was like, "so you are leaving? Is it that good a job the one you found? And when are you going? And are you sure?", and with no hesitation I just said "yup". He didn't expect it and just said "ok then", just find your replacement and you're good to go. I found the guy that would replace me, informing him of every little detail of what's going on (and I recently found out, that he is currently working for some big company nowadays, I'm really glad for him!).

I was surprised that it went so smoothly, one month later I felt the taste of freedom again, away from all the bullshit. Totally one of the best feelings out there.

I don't want to be cliche, but do believe in yourself people! Things are not what the seem.

With all that said, I want to give my special thanks to devRant for making this platform. I was inactive for some time but I was reading rants and jokes. It helped me to get through all that. I'm back now! Bless you devRant!

I'm glad that I shared this story with all of you, have an awesome day!

I really, honestly, am getting annoyed when someone tells me that "Linux is user-friendly". Some people seem to think that because they themselves can install Linux, that anyone can, and because I still use Windows I'm some sort of a noob.

So let me tell you why I don't use Linux: because it never actually "just works". I have tried, at the very least two dozen times, to install one distro or another on a machine that I owned. Never, not even once, not even *close*, has it installed and worked without failing on some part of my hardware.

My last experience was with Ubuntu 17.04, supposed to have great hardware and software support. I have a popular Dell Alienware machine with extremely common hardware (please don't hate me, I had a great deal through work with an interest-free loan to buy it!), and I thought for just one moment that maybe Ubuntu had reached the point where it just, y'know, fucking worked when installing it... but no. Not a chance.

It started with my monitors. My secondary monitor that worked fine on Windows and never once failed to display anything, simply didn't work. It wasn't detected, it didn't turn on, it just failed. After hours of toiling with bash commands and fucking around in x conf files, I finally figured out that for some reason, it didn't like my two IDENTICAL monitors on IDENTICAL cables on the SAME video card. I fixed it by using a DVI to HDMI adapter....

Then was my sound card. It appeared to be detected and working, but it was playing at like 0.01% volume. The system volume was fine, the speaker volume was fine, everything appeared great except I literally had no fucking sound. I tried everything from using the front output to checking if it was going to my display through HDMI to "switching the audio sublayer from alsa to whatever the hell other thing exists" but nothing worked. I gave up.

My mouse? Hell. It's a Corsair Gaming mouse, nothing fancy, it only has a couple extra buttons - none of those worked, not even the goddamn scrollwheel. I didn't expect the *lights* to work, but the "back" and "Forward" buttons? COME ON. After an hour, I just gave up.

My media keyboard that's like 15 years old and is of IBM brand obviously wasn't recognized. Didn't even bother with that one.

Of my 3 different network adapters (2 connectors, one wifi), only one physical card was detected. Bluetooth didn't work. At this point I was so tired of finding things that didn't work that I tried something else.

My work VPN... holy shit have you ever tried configuring a corporate VPN on Linux? Goddamn. On windows it's "next next next finish then enter your username/password" and on Linux it's "get this specific format TLS certificate from your IT with a private key and put it in this network conf and then run this whatever command to...." yeah no.

And don't get me started on even attempting to play GAMES on this fucking OS. I mean, even installing the graphic drivers? Never in my life have I had to *exit the GUI layer of an OS* to install a graphic driver. That would be like dropping down to MS-DOS on Windows to install Nvidia drivers. Holy shit what the fuck guys. And don't get me started on WINE, I ain't touching this "not an emulator emulator" with a 10-foot pole.

And then, you start reading online for all these problems and it's a mix of "here are 9038245 steps to fix your problem in the terminal" and "fucking noob go back to Windows if you can't deal with it" posts.

It's SO FUCKING FRUSTRATING, I spent a whole day trying to get a BASIC system up and running, where it takes a half-hour AT MOST with any version of Windows. I'm just... done.

I will give Ubuntu one redeeming quality, however. On the Live USB, you can use the `dd` command to mirror a whole drive in a few minutes. And when you're doing fucking around with this piece of shit OS that refuses to do simple things like "playing audio", `dd` will restore Windows right back to where it was as if Ubuntu never existed in the first place.

Thanks, `dd`. I wish you were on Windows. Your OS is the LEAST user friendly thing I've ever had to deal with.

I finally subscribe to Netflix and am proud of myself for finally watching shows legally.

I search for Arrested Development.

Oh, guess what, it's not available in my country (Lebanon). Gotta set up a vpn now but all I wanted was a nice funny show. I want my $12 back.

On the train's public WiFi while traveling and want to use a VPN connection to one of my own VPN servers.

I'm now just realizing that the openvpn port is probably not an allowed one on this network and I set the port to the default openvpn one 😥

Fuck me sideways right now.

Root rents an office.

Among very few other things, the company I'm renting an office from (Regus) provides wifi, but it isn't even bloody secured. There's a captive portal with a lovely (not.) privacy policy saying they're free to monitor your traffic, but they didn't even bother using WEP, which ofc means everyone else out to the fucking parking lot four floors down can monitor my traffic, too.

Good thing I don't work for a company that handles sensitive data! /s But at least I don't have access to it, or any creds that matter.

So, I've been running my phone's connection through a tor vpn and sharing that with my lappy. It works, provides a little bit of security, but it's slow as crap. GET YOUR SHIT TOGETHER, REGUS.

AND WHILE YOU'RE AT IT, CLEAN THE SHIT OUT OF THE FUCKING BATHROOM FFS.

Ugh. $12/day to work in a freaking wind tunnel (thanks, a/c; you're loud as fuck and barely work), hear other people's phone conversations through two freaking walls, pee in a bathroom that perpetually smells like diarrhea, and allow anyone and everyone within a 50+ meter radius to listen to everything my computer says.

Oh, they also 'forgot' to furnish my office, like they promised. Three freaking times. At least I have a table and chair. 🙄

Desk? What desk?
Fucking hell.

The stupid stories of how I was able to break my schools network just to get better internet, as well as more ridiculous fun. XD

1st year:
It was my freshman year in college. The internet sucked really, really, really badly! Too many people were clearly using it. I had to find another way to remedy this. Upon some further research through Google I found out that one can in fact turn their computer into a router. Now what’s interesting about this network is that it only works with computers by downloading the necessary software that this network provides for you. Some weird software that actually looks through your computer and makes sure it’s ok to be added to the network. Unfortunately, routers can’t download and install that software, thus no internet… but a PC that can be changed into a router itself is a different story. I found that I can download the software check the PC and then turn on my Router feature. Viola, personal fast internet connected directly into the wall. No more sharing a single shitty router!

2nd year:
This was about the year when bitcoin mining was becoming a thing, and everyone was in on it. My shitty computer couldn’t possibly pull off mining for bitcoins. I needed something faster. How I found out that I could use my schools servers was merely an accident.
I had been installing the software on every possible PC I owned, but alas all my PC’s were just not fast enough. I decided to try it on the RDS server. It worked; the command window was pumping out coins! What I came to find out was that the RDS server had 36 cores. This thing was a beast! And it made sense that it could actually pull off mining for bitcoins. A couple nights later I signed in remotely to the RDS server. I created a macro that would continuously move my mouse around in the Remote desktop screen to keep my session alive at all times, and then I’d start my bitcoin mining operation. The following morning I wake up and my session was gone. How sad I thought. I quickly try to remote back in to see what I had collected. “Error, could not connect”. Weird… this usually never happens, maybe I did the remoting wrong. I went to my schools website to do some research on my remoting problem. It was down. In fact, everything was down… I come to find out that I had accidentally shut down the schools network because of my mining operation. I wasn’t found out, but I haven’t done any mining since then.

3rd year:
As an engineering student I found out that all engineering students get access to the school’s VPN. Cool, it is technically used to get around some wonky issues with remoting into the RDS servers. What I come to find out, after messing around with it frequently, is that I can actually use the VPN against the screwed up security on the network. Remember, how I told you that a program has to be downloaded and then one can be accepted into the network? Well, I was able to bypass all of that, simply by using the school’s VPN against itself… How dense does one have to be to not have patched that one?

4th year:
It was another programming day, and I needed access to my phones memory. Using some specially made apps I could easily connect to my phone from my computer and continue my work. But what I found out was that I could in fact travel around in the network. I discovered that I can, in fact, access my phone through the network from anywhere. What resulted was the discovery that the network scales the entirety of the school. I discovered that if I left my phone down in the engineering building and then went north to the biology building, I could still continue to access it. This seems like a very fatal flaw. My idea is to hook up a webcam to a robot and remotely controlling it from the RDS servers and having this little robot go to my classes for me.

What crazy shit have you done at your University?

In this day and age, what's my fucking excuse for not using a vpn full-time on my phone as well (next to my laptop)?

I do way more personal stuff on my phone anyways and add to that that I've got access to at least three self managed VPN servers...

Yup, going full VPN from now on.

Ah, every time I am on VPN, on every single website I have to prove that I am not a robot.

Just because I am using a VPN service to protect my information, that does not mean I am about to fuck the website up or DDoS the shit out of you. I wish the CDN providers would understand that and make our life easier.

I am seriously tired of completing the Google verification. Select the vehicle, bike, sign post, dick, vagina, Mia Khalifa. FUCK OFF

Companies who geo block their sites for no fucking reason can go fuck themselves.

So a bunch of retarded pharmacies in India, geo block hits from anywhere outside of India.

A thousands of Indians are living abroad with their parents and family living in India.

Imagine, I have to order medicines for my parents since they are not very tech savvy and I cannot do that because some rotten brained guava thought that it's a good idea to geo block access.

What is the fucking point in doing so? There are many such companies, especially Indian who do so. I have keep toggling my VPN because of this.

I have just concluded a post-mortem on one of my servers.
Cause of death: out of memory due to a tiny memory leak in a VPN service triggered by 66 different IPs brute-forcing the creds at the same time. Mostly from China, of course.

Dear bot writers: you made me put aside my spaghetti and write iptables rules. I hate iptables. And I love spaghetti. You should be ashamed of yourself! Did momma not teach you basic OpSec? Don't crash the target and never, ever, interrupt the sysadmin during dinner!

In the darkest of days, I discovered how to remote login to my computer at work through the company vpn. I then proceeded to work overtime at night in secret for a week or so, writing documentation and refactoring code.

I finally woke the fuck up and realized that I shouldn't be obsessing over proprietary codebases that do not belong to me, and I should put this misguided energy into my own projects.

So yeah, as a bad dev habit I'm working on fixing, this fits the bill.

We've built a web app and now a client wants a VPN acces to the database of web app. When asked why, they said they want to occasionally pull some data out. 😱

We said no, and this is what they wrote:
"We’ve got live VPN access to every other web database we work with – why is this different?"

Well because maybe we know that we can build you an export of whatever you want, prepare you API calls for getting data to your CRM, but hell I'm not giving you access to the production DB.

devRant is truly amazing, a social network where I don't have to give up on privacy by giving out my number to confirm that I am legit when I'd use something as a VPN to protect my identity (unlike twitter facebook and google)

Thanks for giving a fuck about privacy and not giving a fuck about my data

Worst WTF dev experience? The login process from hell to a well-fortified dev environment at a client's site.
I assume a noob admin found a list of security tips and just went like "all of the above!".

You boot a Linux VM, necessary to connect to their VPN. Why necessary? Because 1) their VPN is so restrictive it has no internet access 2) the VPN connection prevents *your local PC* from accessing the internet as well. Coworkers have been seen bringing in their private laptops just to be able to google stuff.
So you connect via Cisco AnyConnect proprietary bullshit. A standard VPN client won't work. Their system sends you a one-time key via SMS as your password.

Once on their VPN, you start a remote desktop session to their internal "hopping server", which is a Windows server. After logging in with your Windows user credentials, you start a Windows Remote Desktop session *on that hopping server* to *another* Windows server, where you login with yet another set of Windows user credentials. For all these logins you have 30 seconds, otherwise back to step 1.
On that server you open a browser to access their JIRA, GitLab, etc or SSH into the actual dev machines - which AGAIN need yet another set of credentials.

So in total: VM -> VPN + RDP inside VM -> RDP #2 -> Browser/SSH/... -> Final system to work on
Input lag of one to multiple seconds. It was fucking unusable.

Now, the servers were very disconnect-happy to prevent anything "fishy" going on. Sitting at my desk at my company, connected to my company's wifi, was apparently fishy enough to kick me out every 5 to 20 minutes. And that meant starting from step 1 inside the VM again. So, never forget to plugin your network cable.

There's a special place in hell for this admin. And if there isn't, I'll PERSONALLY make the devil create one. Even now that I'm not even working on this any more.

Boy, this Monday mornig was crazy...
At 7 am, as I just left my flat, I received an ultra urgent email from the CEO of a company we exchanged the fileserver for, that the network shares are not available.

I instantly turned around, went back to my flat, fired up my HAL9000 supercomputer and connected remotely.
4 levels deep (PC => VPN => Remotedesktop => vSphere Client => VM) I felt like I was in the movie Inception and tried to figure out what happened.

I don't know why, but in the logs it said that the fileserver VM was down since 4am. Holy sithlord... why?

After restarting and the usual problems with Windows Network Names, everything was back online.

My special thanks go to Mr. Coffee, who is always a great companion during monday mornings, Mr. VPN, the great fellow who invented the VPN and last but not least "The Internet" for connecting me to a world of binary, where every idea finds a listener and where Ajit Pai can be memed without concequences.

FUCK YOU Ajit. Harlem Shake is so 2013.

Security rant ahead - you have been warned.
It never fails to amuse and irritate me that, despite being in the 2019 supposed information age, people still don't understand or care about their security.
I've travelled to a lot of ports and a lot of countries, but, at EVERY port, without fail, there will be at least one wifi that:
- Has default name/password that has been cracked already (Thomson/SpeedTouch/Netfaster etc)
- Has a phone number as password (reduces crack time to 15-30 mins)
- Someone, to this day, has plain old WEP
I am not talking about cafeteria/store wifi but home networks. WTF people?! I can check my email (through VPN, of course) but it still bugs me. I have relented to try and snoop around the network - I can get carried away, which is bad. Still...
The speed is great though :P

I've got a confession to make.

A while ago I refurbished this old laptop for someone, and ended up installing Bodhi on it. While I was installing it however, I did have some wicked thoughts..

What if I could ensure that the system remains up-to-date by running an updater script in a daily cron job? That may cause the system to go unstable, but at least it'd be up-to-date. Windows Update for Linux.

What if I could ensure that the system remains protected from malware by periodically logging into it and checking up, and siphoning out potential malware code? The network proximity that's required for direct communication could be achieved by offering them free access to one of my VPN servers, in the name of security or something like that. Permanent remote access, in the name of security. I'm not sure if Windows has this.

What if I could ensure that the system remains in good integrity by disabling the user from accessing root privileges, and having them ask me when they want to install a piece of software? That'd make the system quite secure, with the only penetration surface now being kernel exploits. But it'd significantly limit what my target user could do with their own machine.

At the end I ended up discarding all of these thoughts, because it'd be too much work to implement and maintain, and it'd be really non-ethical. I felt filthy from even thinking about these things. But the advantages of something like this - especially automated updates, which are a real issue on my servers where I tend to forget to apply them within a couple of weeks - can't just be disregarded. Perhaps Microsoft is on to something?

I managed to take down an entire school network with one VPN.

In short, I ran a personal VPN and eventually the System Administrators at my old school managed to pick it up as unknown traffic. For some reason, they managed to block the port but not the IP so I changed the port to 443 and their automatic system blocked port 443 on their entire network essentially rendering HTTPS useless for a few hours.

I never got approached about it but my school invested in a new IT team.

Long rant ahead.. so feel free to refill your cup of coffee and have a seat 🙂

It's completely useless. At least in the school I went to, the teachers were worse than useless. It's a bit of an old story that I've told quite a few times already, but I had a dispute with said teachers at some point after which I wasn't able nor willing to fully do the classes anymore.

So, just to set the stage.. le me, die-hard Linux user, and reasonably initiated in networking and security already, to the point that I really only needed half an ear to follow along with the classes, while most of the time I was just working on my own servers to pass the time instead. I noticed that the Moodle website that the school was using to do a big chunk of the course material with, wasn't TLS-secured. So whenever the class begins and everyone logs in to the Moodle website..? Yeah.. it wouldn't be hard for anyone in that class to steal everyone else's credentials, including the teacher's (as they were using the same network).

So I brought it up a few times in the first year, teacher was like "yeah yeah we'll do it at some point". Shortly before summer break I took the security teacher aside after class and mentioned it another time - please please take the opportunity to do it during summer break.

Coming back in September.. nothing happened. Maybe I needed to bring in more evidence that this is a serious issue, so I asked the security teacher: can I make a proper PoC using my machines in my home network to steal the credentials of my own Moodle account and mail a screencast to you as a private disclosure? She said "yeah sure, that's fine".
Pro tip: make the people involved sign a written contract for this!!! It'll cover your ass when they decide to be dicks.. which spoiler alert, these teachers decided they wanted to be.

So I made the PoC, mailed it to them, yada yada yada... Soon after, next class, and I noticed that my VPN server was blocked. Now I used my personal VPN server at the time mostly to access a file server at home to securely fetch documents I needed in class, without having to carry an external hard drive with me all the time. However it was also used for gateway redirection (i.e. the main purpose of commercial VPN's, le new IP for "le onenumity"). I mean for example, if some douche in that class would've decided to ARP poison the network and steal credentials, my VPN connection would've prevented that.. it was a decent workaround. But now it's for some reason causing Moodle to throw some type of 403.

Asked the teacher for routers and switches I had a class from at the time.. why is my VPN server blocked? He replied with the statement that "yeah we blocked it because you can bypass the firewall with that and watch porn in class".
Alright, fair enough. I can indeed bypass the firewall with that. But watch porn.. in class? I mean I'm a bit of an exhibitionist too, but in a fucking class!? And why right after that PoC, while I've been using that VPN connection for over a year?

Not too long after that, I prematurely left that class out of sheer frustration (I remember browsing devRant with the intent to write about it while the teacher was watching 😂), and left while looking that teacher dead in the eyes.. and never have I been that cold to someone while calling them a fucking idiot.

Shortly after I've also received an email from them in which they stated that they wanted compensation for "the disruption of good service". They actually thought that I had hacked into their servers. Security teachers, ostensibly technical people, if I may add. Never seen anyone more incompetent than those 3 motherfuckers that plotted against me to save their own asses for making such a shitty infrastructure. Regarding that mail, I not so friendly replied to them that they could settle it in court if they wanted to.. but that I already knew who would win that case. Haven't heard of them since.

So yeah. That's why I regard those expensive shitty pieces of paper as such. The only thing they prove is that someone somewhere with some unknown degree of competence confirms that you know something. I think there's far too many unknowns in there.

Nowadays I'm putting my bets on a certification from the Linux Professional Institute - a renowned and well-regarded certification body in sysadmin. Last February at FOSDEM I did half of the LPIC-1 certification exam, next year I'll do the other half. With the amount of reputation the LPI has behind it, I believe that's a far better route to go with than some random school somewhere.

I think I misled Google because it just serves me German ads the last three weeks while I am Dutch.

I am not using a VPN.
I listen German music and watch some tutorials in German.
I rarely talk Dutch online and I talk quite a lot with Germans.

The website for our biggest client went down and the server went haywire. Though for this client we don’t provide any infrastructure, so we called their it partner to start figuring this out.
They started blaming us, asking is if we had upgraded the website or changed any PHP settings, which all were a firm no from us. So they told us they had competent people working on the matter.

TL;DR their people isn’t competent and I ended up fixing the issue.

Hours go by, nothing happens, client calls us and we call the it partner, nothing, they don’t understand anything. Told us they can’t find any logs etc.

So we setup a conference call with our CXO, me, another dev and a few people from the it partner.
At this point I’m just asking them if they’ve looked at this and this, no good answer, I fetch a long ethernet cable from my desk, pull it to the CXO’s office and hook up my laptop to start looking into things myself.

IT partner still can’t find anything wrong. I tail the httpd error log and see thousands upon thousands of warning messages about mysql being loaded twice, but that’s not the issue here.
Check top and see there’s 257 instances of httpd, whereas 256 is spawned by httpd, mysql is using 600% cpu and whenever I try to connect to mysql through cli it throws me a too many connections error.

I heard the IT partner talking about a ddos attack, so I asked them to pull it off the public network and only give us access through our vpn. They do that, reboot server, same problems.

Finally we get the it partner to rollback the vm to earlier last night. Everything works great, 30 min later, it crashes again. At this point I’m getting tired and frustrated, this isn’t my job, I thought they had competent people working on this.

I noticed that the db had a few corrupted tables, and ask the it partner to get a dba to look at it. No prevail.

5’o’clock is here, we decide to give the vm rollback another try, but first we go home, get some dinner and resume at 6pm. I had told them I wanted to be in on this call, and said let me try this time.

They spend ages doing the rollback, and then for some reason they have to reconfigure the network and shit. Once it booted, I told their tech to stop mysqld and httpd immediately and prevent it from start at boot.

I can now look at the logs that is leading to this issue. I noticed our debug flag was on and had generated a 30gb log file. Tail it and see it’s what I’d expect, warmings and warnings, And all other logs for mysql and apache is huge, so the drive is full. Just gotta delete it.

I quietly start apache and mysql, see the website is working fine, shut it down and just take a copy of the var/lib/mysql directory and etc directory just go have backups.

Starting to connect a few dots, but I wasn’t exactly sure if it was right. Had the full drive caused mysql to corrupt itself? Only one way to find out. Start apache and mysql back up, and just wait and see. Meanwhile I fixed that mysql being loaded twice. Some genius had put load mysql.so at the top and bottom of php ini.

While waiting on the server to crash again, I’m talking to the it support guy, who told me they haven’t updated anything on the server except security patches now and then, and they didn’t have anyone familiar with this setup. No shit, it’s running php 5.3 -.-

Website up and running 1.5 later, mission accomplished.

We need to use VPN to ssh into the university's server when on a university WiFi, but not at home.

#ohTheSecurity

Can we ever have a truly democratic and uncensored Internet?
I am writing this in irritation and anger as I read a story headlined " Apple CEO backs China’s vision of an ‘open’ Internet as censorship reaches new heights"
Appearantly "Open Internet" as the Chinese Government understands it is, "you can say whatever you want as long as we like it". And Apple being the ass-kissing, 730-million-customer-seeking, co**suckers that they are is only happy to comply. They even removed 674 VPN apps from the Chinese version of their App Store last year to comply with government rules, stating "We strongly believe that participating in markets and bringing benefits to consumers is in the best interests of folks there and in other countries as well, We believe in engaging in governments even when we disagree.”
That was Cook by the way.
Thats two fucking contradictory statements rolled into one!!

Anyway, I know private companies are well within their rights to do what they want to make profits. And I understand Apple might not be at fault totally. But its just so frustrating... :-(
The Net Neutrality repeal in the US, this, the Aadhar shit in India and lots of other stuff thats been happening around the world, that just blatantly undermine Civil Rights and freedom makes me imagine that only a bleak future sits on horizon. Almost Orwellian.

If only people would just realise and revolt a bit... probably we would have a different future then..

I hope I am wrong and this is just the pessimist in me speaking.

I didn't scream.. just told him to jump off of terrace..
What ticked me?! He was a support guy..slowest mofo ever..
I was in the middle of fixing major fuckup on prod, when our VPN to client disconnected. I rushed over to support to ask if it is 'just' an expired session (which he was in charge of renewing but constantly fucked up) or if there is some other problem, so I know how to proceed..do I need to contact our sysadmins, client's support guys etc..
He
started
to
slooooooooowly
explain
I
am
not
the
only
one
with
VPN
problems
...
Was that what I asked you?! // he had an annoying habit of slooooowly talking and explaining unrelated things & personal stuff that bothered him & most of the times he chose the most time sensitive period to drone off..
So I cut him of saying, that others were probably not 'tinkering' with production and that I need this back ASAP, so if he could tell me when the session will be renewed or if there is something else problematic..
He said he will check..I didn't move.. he looked at me insurprise, you want me to check *NOW*?! Yeah, it's urgent.. He proceeded very very veeeery slooooowly, taking the support phone../* he was even eating sandwich during that, so only one hand free, typing one letter at a min */
I was finaly notified that the session expired and that he will fix it soon (meaning in 15-20mins o.O which should not take him more than 5).. and was like 'can I do sth else for you'?! Yeah, do the backflip.. you know the rest..

(Best read while listening to AEnima by Tool, loudly)

Dear Current Workplace,

Fuck you, for the reasons enumerated below.

Fuck your enterprise grey blue offices, the stifling warm air of a hundreds of bodies and sub par "development laptops".

Fuck your shitty carbonated water machines which were a cost saving measure over decent drinkable water.

Fuck your fake "flexi time", "you can do home office whenever you want" bullshit. You're still inviting me to mandatory meetings at 09:00 regularly.

Fuck your shitty, in house, third part IT provider sister company. They're the worst of all worlds. If it was in company, we'd get to give out to them, if it was an external company we'd fire them. And yes, when I quit I will quote the dumpster fire that is our corporate VPN as a major factor.

Fuck your cheery, bland, enterprise communication. Words coming under the corporate letterhead seem to lose all association with meaning. Agile, communication, open are things you write and profess to respect, but it seems your totally lack understanding of their meaning.

Fuck your client driven development. Sometime you actually have to fix the foundations before you can actually add new features. And fuck you management who keep on asking "why are there so many bugs and why is it always taking longer to deliver new releases". Because of you, you fucknuts, Because you can't say "NO" to the customer. Because you never listen to your own experienced developers.

Fuck your bullshit "code quality is important to us" line. If it's so important, then let us fix the heap of shit you're selling so that it works like a quasi functional program.

Fuck you development environment which has 250 projects in a single VS solution. Which takes 5mins plus to compile on a quad core i7 with 32 gb of ram.

Fuck this bullshit ball of mud "architecture". I spend most of my time trying to figure out where the logic should go and the rest of the time writing converters between different components. All because 7 years ago some idiot "architect" made a decision that they didn't have to live with.

Actually, fuck that guy in particular. Yeah, that guy who was the responsible architect for the project for 4 years and not once opened the solution to look a the code.

Fuck the manual testing of every business process. Manual setup of the entities takes 10mins plus and then when you run, boom either no message or some bullshit error code.

Fuck the antiquated technology choices which cause loads of bugs and slow down development. Fuck you for forcing me to do manual tests of another developers code at 20:00 on a Friday night because we can't get our act together to do this automatically.

Fuck you for making sure it's very clear I'm never going to be anything but a code monkey in this structure. Managers are brought in from outside.

Fuck you for being surprised that it's hard to hire competent developers in this second rate, overpriced town. It's hard to hire anywhere but this bland shithole would have anyone with half a clue running away at top speed.

Fuck you for valuing long hours and loyalty over actual performance. That one guy who everyone hated and was totally incompetent couldn't even get himself fired. He had to quit.

Fuck you for your mediocrity.

Fuck you for being the only employer for my skill-set in the region; paying just well enough that changing jobs locally doesn't make sense, but badly enough that it's difficult to move.

Fuck you for being the stable "safe" option so that any move is "risky".

Fuck your mediocrity.

Fuck you for being something I think about when I'm not at work. Not only is it shit from 9 to 5 you manage to suck the joy out of everything else in my life as well?

Fuck you for making me feel like a worse developer every day I work here. Fuck you for making every day feel like a personal and professional failure. Fuck you for making me seriously leave a career I love for something, anything else.

Fuck you for making the most I can hope for when I get up in the morning is to just make it until the night.

Despite beeing one of the strangest ads I ever saw, this one is a beautiful and scary example of advertising tracking. Although I used a vpn and incognito mode I saw this ad on a page really not tech related at all.

@netikras since when does proprietary mean bad?

Lemme tell you 3 stories.

CISCO AnyConnect:
- come in to the office
- use internal resources (company newsletter, jira, etc.)
- connect to client's VPN using Cisco AnyConnect
- lose access to my company resources, because AnyConnect overwrites routing table (rather normal for VPN clients)
- issue a route command updating routing table so you could reach confluence page in the intranet
- route command executes successfully, `route -n` shows nothing has changed
- google this whole WTF case
- Cisco AnyConnect constantly overwrites OS routing table to ENFORCE you to use VPN settings and nothing else.

Sooo basically if you want to check your company's email, you have to disconnect from client's VPN, check email and reconnect again. Neat!

Can be easily resolved by using opensource VPN client -- openconnect

CISCO AnyConnect:
- get a server in your company
- connect it to client's VPN and keep the VPN running for data sync. VPN has to be UP at all times
- network glitch [uh-oh]
- VPN is no longer working, AnyConnect still believes everything is peachy. No reconnect attempts.
- service is unable to sync data w/ client's systems. Data gets outdated and eventually corrupted

OpenConnect (OSS alternative to AnyConnect) detects all network glitches, reports them to the log and attempts reconnect immediatelly. Subsequent reconnect attempts getting triggered with longer delays to not to spam network.

SYMANTEC VIP (alleged 2FA?):
- client's portal requires Sym VIP otp code to log in
- open up a browser in your laptop
- navigate to the portal
- enter your credentials
- click on a Sym VIP icon in the systray
- write down the shown otp number
- log in

umm... in what fucking way is that a secure 2FA? Everything is IN the same fucking device, a single click away.

Can be easily solved by opensource alternatives to Sym VIP app: they make HTTP calls to Symantec to register a new token and return you the whole totp url. You can convert that url to a qr code and scan it w/ your phone (e.g. Google's Authenticator). Now you have a true 2FA.

Proprietary is not always bad. There are good propr sw too. But the ones that are core to your BAU and are doing shit -- well these ARE bad. and w/o an oppurtunity to workaround/fix it yourself.

Great finaly get away on vacation 2weeks of just realaxing, 30min before leaving to the airport i get a sms from my server one of my main hard drives fail. No problem just need to swap the drive and start the recover at the airport.
At the airport i connect to my home vpn and start the recovery everything works fine just need to restart the server when done ~12h. next day im in the hotell and my vpn does not accept my connection, okey might be the hotell that block vpn connections i try my external vpn and it works and i try to connect home when i get a lovley text from my server "login attempt has failed from ip:x" then it hits me i have forgotten to add to whitelist. Outsmarted myself to just let i be.
So i finally get 2 weeks off and nothing i can do about it.

After being in China for one week,I realized how much I actually use Google during the day.don't know how they do this but even using a VPN is not a solution most of the times :-? At least devRant is not blocked here;)

ffs google i turned on my vpn im not a fucking robot

🔐How can a manufacturer(Netgear) not allow changing username of the admin user???🔥

That effectively lets anyone bruteforce the damn thing like its being grilled on a BBQ!

Yet they implement remote access router management via 8080 and alley you set up VPN server on the incapable thing.

I just tried to sign up to Instagram. I made a big mistake.

First up with Facebook related stuff is data. Data, data and more data. Initially when you sign up (with a new account, not login with Facebook) you're asked your real name, email address and phone number. And finally the username you'd like to have on the service. I gave them a phone number that I actually own, that is in my iPhone, my daily driver right now (and yes I have 3 Androids which all run custom ROMs, hold your keyboards). The email address is a usual for me, instagram at my domain. I am a postmaster after all, and my mail server is a catch-all one. For a setup like that, this is perfectly reasonable. And here it's no different, devrant at my domain. On Facebook even, I use fb at my domain. I'm sure you're starting to see a pattern here. And on Facebook the username, real name and email domain are actually the same.

So I signed up, with - as far as I'm aware - perfectly valid data. I submitted the data and was told that someone at Instagram will review the data within 24 hours. That's already pretty dystopian to me. It is now how you block bots. It is not how Facebook does it either, at least since last time I checked. But whatever. You'd imagine that regardless of the result, they'd let you know. Cool, you're in, or sorry, you're rejected and here's why. Nope.

Fast-forward to today when I recalled that I wanted to sign up to Instagram to see my girlfriend's pictures. So I opened Chromium again that I already use only for the rancid Facebook shit.. and it was rejected. Apparently the mere act of signing up is a Terms of Service violation. I have read them. I do not know which section I have violated with the heinous act of signing up. But I do have a hunch.

Many times now have I been told by ignorant organizations that I would be "stealing" their intellectual property, or business assets or whatever, just because I sent them an email from their name on my domain. It is fucking retarded. That is MY domain, not yours. Learn how email works before you go educate a postmaster. Always funny to tell them how that works. But I think that in this case, that is what happened.

So I appealed it, using a random link to something on Instagram's help section from a third-party blog. You know it's good when the third-party random blog is better. But I found the form and filled it in. Same shit all over again for info, prefilling be damned I guess. Minor convenience though, whatever.

I get sent an email in German, because apparently browsing through a VPS in Germany acting as a VPN means you're German. Whatever... After translating it, I found that it asks me to upload a picture of myself, holding a paper in my hands, on which I would have a confirmation code, my username, and my email address.. all hand-written. It must not be too dark, it must be clear, it must be in JPEG.. look, I just wanted to fucking sign up.

I sent them an email back asking them to fix all of this. While I was writing it and this rant, I thought to myself that they can shove that piece of paper up their ass. In fact I would gladly do it for them.

Long story short, do not use Instagram. And one final thing I have gripes with every time. You are not being told all the data you'll have to present from the get-go. You're not being told the process. Initially I thought it'd just be email, phone, username, and real name. Once signed up (instantly, not within 24 hours!) I would start setting up my account and adding a profile picture. The right way to ask for a picture of me! And just do it at my own pace, as I please.

And for God's sake, tackle abuse when it actually happens. You'll find out who's a bot and who isn't by their usage patterns soon enough. Do not do any of this at sign-up. Or hell, use a CAPTCHA or whatever, I don't fucking care. There's so many millions of ways to skin this cat.

Facebook and especially Instagram. Both of them are fucking retarded.

Joined a call during a potentially important life event. Work laptop password expired this morning, personal laptop didn't connect to vpn, desktop not connecting to vpn. No one knew what's wrong on the call (just that it's not working).

Not a good call.

So one of our clients is changing the IPs of his systems (3 servers and one VPN).

It was scheduled that we should support them yesterday. They have tried to change the IPs yesterday for almost 16 hours, don't know they have done in all of that time.

Today I woke up at 8AM on a Sunday (in weekends I just want to sleep!!!!) to continue and hope that we finish fast.

BUT NO! THE fucking VPN IS NOT WORKING!! We are trying to do this over Team FUCKIN VIewer.

But guess what... they cannot either connect to the new IPs from their local systems.

NO FUCKING GOOD NIGHT FOR FLOYD.

THIS MULTI FACTOR AUTHENTICATION IS A FUCKING NIGHTMARE.

So my organisation uses some MFA app as an SSO to access any and everything. Fantastic. Absolutely wonderful. No VPN shit and one password to rule them all.

But, for some reason I accidentally deleted the app from my phone and as any normal human being would do, I also reinstalled the app.

Well, post reinstalling, the app does not detect the linked Org account.

I was cool, when I'll login, the system will throw a prompt to map the phone.

So I login to org URL from my machine and lo and behold, the URL says that MFA is already linked to the phone and I have to enter the Citrix type code to login.

But phone does not show the code because account is no longer linked and web does not have option to change/re-register the phone.

What the actual unholy fuck?????? Bloody retards. How am I suppose to get in now?

So after a Googling for a bit, a thread mentioned that this is most common issue faced by users with this MFA app. The only way to get this resolved is to contact your IT team.

Cool. Let's do that.

I opened the link to my IT portal and it asks me to login via SSO which is what I need help with in first place.

I can't login to Slack because fuckers ask SSO every time the app is exited. So no contact there.

Thankfully bastards allow Outlook so was able to drop a note to one of my team member, whom I connected recently and is very nice, asking her to help me sort this IT team.

If this is the most common use case then why the fuck not add a feature to help people overcome this shit?

And my IT team is absolute nuts. No other way allowed to reset the linking or connect them or any help links provided on login page.

Whoever was behind this design should be dipped in donkey shit and deep fried in pig urine.

This is fucking bad. I just stumbled across a database online, unencrypted plain text containing ALL details of thousands of students at my university. Full names, ID number (SSN), student numbers, address, family info, medical aid info, physical fitness reports

What do I do? I was not on any VPN or proxy when I accessed it

So I manage multiple VPS's (including multiple on a dedicated server) and I setup a few proxy servers last week. Ordered another one yesterday to run as VPN server and I thought like 'hey, let's disable password based login for security!'. So I disabled that but the key login didn't seem to work completely yet. I did see a 'console' icon/title in the control panel at the host's site and I've seen/used those before so I thought that as the other ones I've used before all provided a web based console, I'd be fine! So le me disabled password based login and indeed, the key based login did not work yet. No panic, let's go to the web interface and click the console button!
*clicks console button*
*New windows launches.....*

I thought I would get a console window.

Nope.

The window contained temporary login details for my VPS... guess what... YES, FUCKING PASSWORD BASED. AND WHO JUST DISABLED THE FUCKING PASSWORD BASED LOGIN!?!

WHO THOUGHT IT WOULD BE A GOOD IDEA TO IMPLEMENT THIS MOTHERFUCKING GOD?!?

FUUUUUUUUUUUUUUUUUUUUUUU.

Getting corporate VPN access:
PM: Here's the program to get in, it should work.
Me: Won't install.
PM: sorry old version, here is the new one.
Me: Can't get in
PM: create a ticket
Support: Not sure, just try again
Me: Still won't work
Support: We forgot to set some attributes in your account, should work now.
Me: Nope.
Support: We are investigating.
*two weeks later*
Support: should work now.
Me: No it doesn't you stupid f***tards.
*gives up all hope*

Red flags in your first week of your software engineering job 🚩

You do the first few days not speaking to anyone.
You can't get into the building and no one turns up until mid day.
The receptionist thinks you're too well dressed to work in this building, thinks you're a spy and calls security on you.
You are eating alone during lunch time in the cafeteria
You have bring your own material for making coffee for yourself

When you try to read the onboarding docs and there aren't any.
You have to write the onboarding docs.

You don't have team mates.
When you ask another team how things are going and they just laugh and cry.😂😭

There's no computer for you, and not even an "it's delayed" excuse. They weren't expecting you.
Your are given a TI PC, because "that's all we have", even though there's no software for it, and it's not quite IBM compatible.
You don't have local admin rights on your computer.💀
You have to buy a laptop yourself to be able to do your job.

It's the end of the week and you still don't have your environment set up and running.
You look at the codebase and there are no automated tests.
You have to request access every time you need to install something through a company tool that looks like it was made in 2001.

Various tasks can only be performed by one single person and they are either out sick or on vacation.
You have to keep track of your time in 6 minute increments, assigned to projects you don't know, by project numbers everyone has memorised (and therefore aren't written down).
You have to fill in timesheets and it takes you 30 minutes each day to fill them in because the system is so clunky.🤮

Your first email is a phishing test from the IT department in another country and timezone, but it has useful information in it, like how to login to the VPN.
Your second email is not a phishing test, but has similar information as the first one. (You ignore it.)
Your name is spelled wrong in every system, in a different way. 2 departments decide that it's too much trouble, and they never fix the spelling as long as you work there. One of them fixes it after you leave, and annoys you for a month because you haven't filled out the customer survey.

Too everyone who said Europe is DOOMED too due too the recent Lisa of Net Neutrallity,
GO SUCK A BIG FUCKING DICK! AND AFTER THAT GET A ROPE AND FUCKING KILL YOURSELF! AMERICANS FUCKED UP!
AND YOU ALSO CAN GET A COCKFUCKED VPN IF YOUR NOT STUPID ENOUGH!

How to NOT write unit tests:

A colleague of mine has developed a new package of software, many of our new projects are going to use. So in his presentation of the new functionalities he also showed us that he used unit tests to cover some of his code. So i asked him to show me that all tests passes.

He: I can show you, but one test suit will fail currently.

Me: Why?? You told us, everything is finished and works fine.

He: That's right, but they will fail because I'm currently not in the customer VPN.

Me: Excuse me, WHAT??

He: Yes, I'm not in the VPN that connects me to this one customers facility in Hungary, where the counterpart of the software is runnung live.

Me: YOU WROTE UNIT TESTS THAT TEST AGAINST A RUNNING LIVE FACILITY??

He: Yes, so I can check, that the telegramms I send are right. If I get back the right acknowledgement, the telegramm structure is right and my code is working.

Me: You know, that is not the porpose of unit tests? You know, that these test should run in any environment?

He: But they are proving, that my code is working. Everytime I change something I connect to the customer and let the tests run.

Me: ...

Despite the help of some other developers we could not convince him that this was not good and he should remove them. So now this package is used in 2 new projects and this test suit is still failing, everytime you execute all unit tests.

Today was a manic-depressive kind of day. Spent the morning helping some developers with getting their code to run a stored procedure to drop old partitions, but it wasn't working on their end. It was a fairly simple proc. But working with partitions is a little like working with an array. I figured out that they were passing the wrong timestamp, and needed to add +1 to delete the right partition. Got that sorted out, and things were good. Lunch time.

After lunch I did some busy work, and then the PO comes up at about 2PM and says he's assigned some requests to me. The first was just attaching some scripts. Easy. The second, the user wants a couple of schemas exported ... at 6PM. I've been in the office since 6:45AM.

While I'm setting up some commands to run for the data export, a BA walks up and asks if I'm filling in for another DBA who is out for a few weeks. Yep. There's a change request that hasn't been assigned, and he normally does the work. I ask when it's due. Well, the pre-implementation was supposed to be done in the morning, but it wasn't, and we're in the implementation window ... half way through. I bring up the change task, and look at. Create new schema and users. That's all it says. The BA laughs. I tell I need more to go on. 10 minutes later he sends an email with the information. There's only two hours left in the window, and I can only use half of it, because the production guys have to their stuff, and we're in their window. Now I'm irritated, because I'm new to Oracle, and it's an unforgiving mistress. Fortunately, another DBA says he'll do it, so that we can get it done in time. But can't work it either, because Dev DBAs don't have access to QA, and the process required access for this task. Gets shelved until the access issue is resolved. It's now after 4:15PM. I'm going to in traffic with that 6PM deadline.

I manage to get home and to the computer by 5:45PM. Log in. Start VPN. Box pops on screen. Java needs to update. I chose skip update. Box pops up again. It won't let me log in until Java is current. Passed.

I finally get logged in, and it's 6:10PM. I'm late getting the job started. I pull up Putty and log into the first box, and paste my pre-prepared command in the command line and hit error. Command not found. I'm tired, so it's a moment to sink in. I don't have time for this.

I log into DBArtisan and pull up the first data base, use the wizard to set the job, and off it goes. Yay. Bring up the second database, and have enter the connect info. Host not found. Wut? Examine host name. Yep, it's correct. Try a different method. Host not found. Go back to Putty. Log in. Past string. Launch. Command not found. Now my brain is quitting on me. Why now? It's after 6:30PM. Fiddle with some settings, reset $Oracle home. Try again. Yay. It works. I'm done. It's after 7PM.

There is nothing like technology to snatch the euphoria of a success away from you. It's a love-hate thing, but I wouldn't trade it for anything else. I'm done. Good night.

Linux is shit, OSX and iOS are trash, windows is the only OS that actually works, open source is always inferior to closed source, if you use VPN or encryption youre a criminal, java is slow, vim worse than nano, ..

Now that I've got your attention and you probably raged and downvoted.

Downvotes don't actually work on devrant. (not a bug)

This has been going on for months already - why have that function to begin with, if its just not fucking working? The usual answer to people throwing a fit is "just downvote it", WHY? it doesnt fucking work.

For a while specific options while downvoting DID actually work, but now any of the downvote options are just straight trashed and ignored, they are saved, dont get me wrong (or else it would be too obvious), but they dont affect any of the scores at all.

I understand mass bot downvoting should be prevented, but why take away anyones voice by completely ignoring downvotes. I really dont get it, its not "punishing" the creator of said post or comment, its simply reflecting what the users actually think of said comment or post, it boils my blood how thats even a thing, I am honestly disappointed.

Why should also downvoting something hide it from the feed (especially on the "recent" filter), let me fucking decide what I want on my feed via option then atleast. What if I don't agree with a rant, downvote it, but then want to see what others thought of it? how am I supposed to find it again?

Network Security at it's best at my school.
So firstly our school has only one wifi AP in the whole building and you can only access Internet from there or their PCs which have just like the AP restricted internet with mc afee Webgateway even though they didn't even restrict shuting down computers remotely with shutdown -i.
The next stupid thing is cmd is disabled but powershell isn't and you can execute cmd commands with batch files.
But back to internet access: the proxy with Mcafee is permanently added in these PCs and you don't havs admin rights to change them.
Although this can be bypassed by basically everone because everyone knows one or two teacher accounts, its still restricted right.
So I thought I could try to get around. My first first few tries failed until I found out that they apparently have a mac adress wthitelist for their lan.
Then I just copied a mac adress of one of their ARM terminals pc and set up a raspberry pi with a mac change at startup.
Finally I got an Ip with normal DHCP and internet but port 80 was blocked in contrast to others like 443. So I set up an tcp openvpn server on port 443 elsewhere on a server to mimic ssl traffic.
Then I set up my raspberry pi to change mac, connect to this vpn at startup and provide a wifi ap with an own ip address range and internet over vpn.
As a little extra feature I also added a script for it to act as Spotify connect speaker.
So basically I now have a raspberry pi which I can plugin into power and Ethernet and an aux cable of the always-on-speakers in every room.
My own portable 10mbit/s unrestricted AP with spotify connect speaker.
Last but not least I learnt very many things about networks, vpns and so on while exploiting my schools security as a 16 year old.

I think I want to quit.

I know it’s a bit of an inconvenient time with there being corona around but everything was okay up till January. I’m a junior even though I shouldn’t be. Since my manager told me and my team leader senior in my review “maybe you two should switch jobs” things have been going downhill. I think the team lead had it out for me and didn’t put me on a new project, I’ve been left with doing stupid basic shit like updating text on websites in a cms and doing fuck all and then there’s also another guy that was basically harassing me trying to put me in my place any time I was doing better than him and literally both of them been like that ... and now that I’m working from home it’s even worse. I don’t have any kind of assurance that everything okay and actually I think I’m being framed as welll since I found keyloggers on my work laptop and deleted cleaned shit up the past two weeks and changed my WiFi security as there were like 5 unknown devices on our network so yeah .. I’ve been framed and they made it out like I put a powershell script on one of the servers and it crashed a Porsche website for 8 h and all kinds of bullshit - this was yday. On Tuesday they logged me out of everything like changed the password for work vpn and kicked me out of slack and Microsoft teams for over 2 hours till the end of shift and two managers weren’t answering their phone and then next day my manager called and apologised that saying that he “accidentally” did that to me along with 15 people they let go from the company....

I’m seriously thinking of quitting being removed from team group for a moment , not being on a project and people literally trying to put me down after I know I’m genuinely smarter than them and if I had over 10 years experience like those on my team (I have 1) I’d be far higher up and better

They can genuinely just go fuck themseves !!!! And here I was going to work over weekend on something! No fucking way I just wanna quit or give in my notice but because of corona I’m divided

You know what would be nice? Being able to Google anything to do with VPNs without having like 90% of the results being links to how-to-setup-VPN-client pages from every goddamn obscure commercial VPN provider in existance.

If I wanted to know how to setup a VPN client to work with Crazy Dave's House-o'-VPN-n'-Cloud-Hosting's paid-for service, I probably would have Googled for that, not general things like "openvpn ethernet bridging". Why am I getting so many commercial results? Either nobody sets up their own VPNs, or the VPN companies have SEO'd the keywords good and proper.

Am I the only one who's getting more and more aggrevated about how the large youtube channels misinform and make out VPN providers (I am looking at you, Nord VPN, mostly) as the messiahs of the internet? How they protect our data that would otherwise be in incredible "danger" otherwise?

I understand they need clients, and I know most of the YT channels probably do not know better, but... This is misinformation at best, and downright false advertising at the worst...

"But HTTP-only websites still exist!" - yes, but unlike the era before Lets Encrypt, they are a minority. Most of the important webpages are encrypted.

"Someone could MITM their connection and present a fake certificate!" - And have a huge, red warning about the connection being dangerous. If at that point, the user ignores it, I say its their fault.

Seriously... I don't know if Nord gives their partners a script or not... But... I am getting super sick of them. And is the main reason why I made my own VPN at home...

More than 3GB ram is useless on android phones. Change my mind.

I bought cheap lg g5. It has 4gb ram (my old phone had 1gb ram). I have opened chrome with 4 tabs, an AAA game, devRant, Instagram, a vpn app, android settings and I'm listening music. There is still free 1,2 gb ram. Also this is not my everyday usage. I use maximum 3 apps at same time.

Aaaaaaaargh!! Fing ashole!!
I got a major blocker reported, tried to connect to client, two of the user accounts were locked out because some genious used the last months password too many times.. FUUUU!! This happens almost every month!! FU! I go to the support dpt to check WTH is with those user accounts and got told the VPN is fucked up anyway so I will not be able to connect in any casr (disconnecting, bad transfer rate, it has a flue or prebirth cramps...whatever...). Ok, I ask if anyone notified our network admins and theirs.. And in response one guy mumbles something... I asked really really pissed off (due to the seriousnrs of the situation, we have max 8h to fix blockers and must check what is going on in minutes) if he is talking to me and answering my question or just talking to himself. He then a little bit more audiably said: we all are unable to work, you are not the only one with this problem & if you have a solutio... I already stormed out. Yes, everyone has problems connecting, no not everyone has a fucking blocker assigned to them!! Mayor malfunction on our system is not the same as archiving old processing data!!!

Simple yes or no question: did anyone notify our network admins & client's network admins?! And client's management that we have technical problems and cannot check the blocker situation immediately?! And I get a mumbling incompetents guy response... OmFG yes, I have a solution for you!! Go and jump of of the terrace!!

How can I be so fucking stupid?
I was developing and testing a small webserver running on an ESP32.
3 fucking hours were wasted resolving connectivity problems because I did not realize the fucking VPN on my PC was still up thus hiding my ESP32's IP.

How fucking brainless...
I've cie ked everything. Dead flash, wrong offsets, compiler warnings, CPU freq. config...

Oh boy, finally something to rant about.

I got hired in a "small" company (not even 2000 people in it), then got "shipped" to a way bigger company. Basically, I work for this company (the french biggest internet / phone service provider) but in the name of my own. And this since last wednesday.

First off, I'm fucking stupid. After leaving the big company that I was in before, I swore to myself that from now on, I would work for smaller companies, mainly because I couldn't stand the inertia that big company have. You ask for something, you get it a month and a half after. The old company has about 6000 employees... This company has 98k people in it. Fuck. My. Life.

Now, to the rant: Orange (the company) decided that they had to move their office somewhere else. They set up a lot of things so that all we needed to do was to put things in boxes, to work somewhere else until next monday, then we could go to the new office on tuesday morning.

Keep in mind that I have been there for 8 days: I keep learning how they do their stuff. For example, if I need a specific docker image, I can't get it from the Docker Hub, the download will fail. However, if I hit an Orange subdomain's registry, I will get this image from a mirror. Because fuck logic.

When we join the company, they give us a Windows laptop ("yeaah we have useless but required Orange softwares that don't run on Linux" "Yeeaaah fuck you") that have a specific VPN allowing us to use the Orange network and, in theory, you can download docker images or clone orange repositories from that network.

In practice, you can simply just go fuck yourself. Why? Because whenever you want to curl, wget or pull anything (or even pip install), your connection keeps being shut down while it waits for the response's header.

The worst part? According to my (new) boss's evasive answers, the way to fix that works with glue, sticks and the power of the Force.

WHY THE FUCK DO YOU ENFORCE US A SHITTY OS FOR DEVELOPMENT, WHEN THE TOOLS YOU SHOVE IN IT WITH A FAKE SMILE DON'T EVEN WORK, AND WE HAVE TO HACK OUR WAY TO FUCKING WORK?

Should I care about privacy anymore ?

I had to switch to windows from Ubuntu in my laptop because of driver related issues.
Everytime I use Windows , I feel uneasy because of the data it collects but at the same time I am happy that I can play a couple of video games , my battery life is better and my display is better.

I own an Android phone , and no matter how many add ons I use , or VPN , I know that Google gets sufficient amount of data to know a lot about me.

It's getting harder and harder to keep my data private and it's becoming inconvenient as well.

In my country almost everyone I talk to uses Whatsapp. I removed my Whatsapp account for a few days and I barely talked to anyone and it was not a good feeling.

My point is , is fighting for privacy worth it ? How much inconvenience are we ready to accept ? Can I do anything to keep my data private and still use convenient services ? Please enlighten me .

I'll just start off with how I really feel. Fuck big corporations with their career robots and retarded practices!
Now for a story. So I work remotely for most of the time nowadays, since my company has as clients big corporations. Used to be embedded with said clients, but it became kind of painful to work with them all so I asked to be reassigned to a remote position.
Now for the retarded part: The fucking Klingons I'm working with have two tiers to their VPN, but won't let me have the full version because it would be too fucking expensive. I checked and it's fucking 50 bucks per year difference.
So for that the Klingons are making me code through a remote connection that has a "best effort" priority.
Fuck.
Anyway after 3 weeks of writing code at a 400-600ms latency I finally snap.
I try to use a proxy and it. I write one myself, gets balcklisted in 2 days.
After about another week of writing code through a fuck straw I start working on node socket with 2 clients and a server that encrypts the send data, and syncs 2 folders between my workstation and the remote one.
It's been a month now and it is still working. It's not perfect, but I can at least write code without lag.

Question for you peeps: What shenanigans have you pulled to bypass shit like this?

Every time the VPN is not working I state loudly what a piece of crap it is. The devOps team sits right behind me and they don't seem bothered. I don't think they know they're the ones who need to fix it.

So last night a friend randomly found a raw not-yet-installed WordPress instance on a public domain that he found on a Facebook site (it was already linked for I don't know how long, but just not installed).

He told me about it and, being the guy I am, I signed up an account on some free MySQL hosting website, set up a database and used it for that WordPress site.

I then left a kind little note on the front page for the admin telling him that I just saved his ass since others could've done the same but posted racist shit or something and, also, told him not to use WordPress.

Even though I had no bad intentions, I used proxies and VPN connectsions because you never know how these people might react.

Hopefully they'll learn from it 😇

!dev
EA can suck my inches. Fucking deprecated and greedy business practices. Now I'm fucking told me to play the game later, because "too many computers have accessed this accounts version of a shitty game that crashed my pc 3 times. Please try again later."

Stupid cunts, have you ever heard of a vpn? Or maybe listened to the people complaining about this issue since 2017. On top of that you apparently rendered geforce now useless with this error.

Good fucking lord, I haven't even mentioned origin, the big pile of shit, yet. The download functionality you praise like God's cum doesn't even hold out half an hour before it freezes, together while the whole UI. You cannot like your games with a steam account, so you'd have to pay for a game you already own.

...And a whole lot of other issues I probably haven't encountered yet.

It's more lucrative to sell this shitty account and then buy the fucking game I want to play on steam. I have a feeling that would be about the best option I have.

I'm tired of this shit, I just wanna play some games with friends. I did not play to be spit on my face by some corporate wankers

MacBook/OSX

Have used all kinds of OSes and computers. Nothing sucked the productivity out of me as much a company provided MacBook. Some issues were related to the company setup (vpn issues after sleep, jamf botched app installs). But most of the day to day work was just due to crappy key handling. Lots of shortcuts that work everywhere don't (think all the alt combos in terminal). Common things require combos and using the actual keys (like home and end) on an external keyboard have undefined behaviour. Out of the box it does not even have decent window management, this means that a third party tool has to provide the shortcuts and they clash with a few programs.

Thank god I can use Linux now to develop for Linux.

!story

As is the case with many of you, I am also the de facto technology fixer for my family, and usually the first one they call when something goes wrong.

Usually it's a 'something wants to update, should I do it?' simple issue. Other times I have to remote connect to see why Word isn't uploading templates correctly or whatever.

Yesterday was different though.

Me: So whatcha need?
Mom: Well, my office has recently wanted me to be remote-capable in case they need me for something and they don't have the right people to fix it (she's been working at the same office for 20+ years and knows basically everything)
Me: Okay. So I guess they're setting up a VPN for this?
Mom: Yes. And I was calling because they might try and install it on my personal laptop and I wanted to know whether or not I should be concerned about our IT guys being able to look at or steal all my personal data.

I then proceeded to explain how a VPN works and that convincing her company to provide her with a separate computer would be the safest option and whatnot. But I was honestly really surprised that she was concerned to begin with.

For a while now, it seems there's been one story after another of companies being irresponsible with their customer's data, with little to no reprocussion or action that could really make a difference.

But as a direct result, we're now getting to the point where even the tech illiterate are becoming more aware of how this is effecting them.

It gave me hope for the future in an industry where many times there is very little. And I hope it does for you as well.

Thanks, mom. I'm proud of you.

It's not that big of a deal, but it's kinda embarrassing since I was one of the best students in the class.

Took a web design (HTML, CSS & a tiny bit of JS) class. I never really struggled; more like polished everything I already knew to become a bit better.

In class working on an assignment. So we have a folder dedicated on a server just for this class. The folder is accessible as long as you're on the school internet or using the VPN. So I have an assignment there. I drop it onto my desktop, because i had worked on it since the last time I was at this computer.

I opened the project in VSCode and begin making changing things. I opened the HTML file wasn't updating. "That's odd" I thought. Cleared the cache, opened and closed the browser. Still nothing. I called the professor over to see if had any clue what was going on.

My dumbass self was editing the file that was on my desktop, but I had opened the HTML file from the server. I felt so stupid but we both just laughed it off and went on.

Is it normal that IT support of a multinational bigass corporate drops the "we may need to change your PC because maybe your network card is defective" after explaining over and over that you have problems with HTTPS only when using the corporate network (whether onsite or via VPN) and not in external connections?

More of a rave than a rant.

My Dad was having some trouble with a game disconnecting on the PS4 and he read somewhere that it might be a problem with our home router. I didn't think it would be, as every other game works fine. But there was no talking him out of it. And to be fair the current router WAS kind of old.

So I have a look at the one he's decided to buy and it's some massive triple-antenna beast for well over a hundred pounds. I felt like such a weapon might be overkill for 2 people in a house, but did say that it would definitely help with connection issues in some rooms and I kind of wanted to play with it.

So he got it and oh am I glad he did. It has so many fun toys, including a built in VPN. Right now I live abroad so there's a few services I used at home that I can't access, I was literally just considering buying a vpn the other day. I found this while setting up port-fortwarding for my Raspberry Pi to run a discord bot I'm building. I had condisered putting a VPN server on the Pi but this works too!

It also has built in DDNS from ASUS, which IS cool, but our IP hasn't changed in years so I'm not sure we'll need it. I set it up anyway just in case though!

So I work for a VPN company as the Info Sec manager long story short I'm not usually the pleb who does customer support.

But today I ended up having to do this. I spent over 1 hour helping a client that a support agent escalated the request for to me. So I figure out that his network adapters are sharing incorrectly.
I fix problem.
He tries to connect.
Denied access so I check our servers for the request and he's blocked.
I think that's odd.....

I check active subscription and this person ISNT A CLIENT THATS ACTIVE....

WHY IS SUPPORT SO IGNORANT.
UGH.

Things that make you regret you are not a normal grunt in any other fucking job outside of software development...

Few years back we had the biggest customer ever close to signing contact with us (b2b). They had a CRM they wanted to connect to our CRM because their users didn't want to use IE with ActiveX anymore, the old software was a fucking RDP over IE to a server behind a VPN.

Boss brags how we can implement every API on Earth with our team and gets the contract signed. Technically not a lie but we agreed on a company meeting a few month prior to not implement each API for every customer but expose one ourselves because we had enough big customers on that one software to not want 100+ unique API connectors in our code.

So we apparently agreed to not only build our side of the API but also pay 2/3 of the bill of the other company for implement their shitty excuse of an API...

Fast forward a few month, talking to the other companies dev daily to get their API up and running, our part is long done. Finally get things set up and data flows... suddenly shit hits the fan. That shitty excuse of CRM can't expose the created and modified timestamps to the API. Webhooks never got implement and now we have no way of knowing which data changed because their side is completely passive.

Fast forward to a few weeks back. Still no solution. Shit is running, barely. Data inconsistency is low because everyone knows they should never change things in the old CRM because the changes might not be synced. (Only one indictor is a custom modified date on the main customer data that only updates if the main data was changed but there are 20+ different possible subsets. Can't get changes in subsets detected, like ever)

One fucking grunt updated 129 customer-profiles in the old CRM. Nothing was synced.

They still use the old shit for billing.

Their it-crowd-guy calls me up:
"Sorry but we need to generate the bills tomorrow and there seems to be some kind of desynchronization between the databases"

No shit? Someone did exactly what we told you not to do and now that one thing we warned you about happened but now it's our fault? Use the fucking force sync button we built for that purpose and that purpose alone. It will only take 7 days because that fucking SOAP API is slow as fuck and you have millions of datasets to sync...

Fml I might just try and jump out the window, sounds like a lot of fun in days like this.

tl;dr never implant against dynamics ax aif soap API if you want to keep some basic level of sanity

Ok, first rant, about my struggles getting reliable internet over the past 6 years. It's not too interesting of a topic, but here we go:

I'm living in a more rural part of Germany and internet here is shit. I pay more than 50 bucks a month for 700kb/s downstream (let's just not talk about upstream...), which is meh by itself but it gets worse. Before this I had roughly 230kb/s downstream using DSL. My provider came out with a new oh-so-fucking-fancy solution for giving people faster internet without upgrading their lame ass fucking backbone and POS infrastructure from 70 years ago: they sell you hybrid internet which combines your shit DSL and an LTE connection using TCP Multicast. Not only do I get only 6 of my promised (and payed for) 50 Mbit, no, It's also a fucking piece of nonworking shit!!!

Let me illustrate:
You constantly have problems with web content (or any remote content) not loading because the host server does not support TCP Multicast. It either refuses connection altogether or it takes about 30-50 seconds to establish a connection. Think about your live when it takes two or three fucking minutes to load 5 YouTube thumbnails or load new tweets at the bottom of the Twitter page! Also, you never know if you a) have an error in your implementation of a new API or if b) the remote host doesn't support TCPMC (there's never an error for that! Fuck you!), your SSH sessions ALWAYS drop in the most inopportune fucking moments because the LTE thing lost connection, you always have to turn on a VPN if you want to visit specific websites (for example your school's website) and so on....

Oh and also, my provider started throttling specific services again these days with Netflix and YouTube struggling to display 240p, fucking 240p video without buffering when I get 600kbit down on steam (ofc the steam download is paused when watching videos). When using a VPN, YouTube 720p and Netflix HD work like a charm again. Fucking Telekom bastards

Then there is the problem with VPNs. The good thing about them is that they solve all the TCP Multicast problems. Yay. Now for the bad things:
First of all, as soon as I use a VPN, access times to remote go up by like fucking 500%. A fucking DNS lookup takes 8-15 seconds!!! The bandwidth is there but it takes forever.. because reasons I guess. Then the speed drops to DSL speeds after a while because the router turns off my LTE connection when it is unused and it does not detect VPN traffic as traffic (again because... Reasons?) And also, the VPN just dies after an hour and you have to manually reconnect (with every VPN provider so far)

And as if that wasn't enough, now the lan is dying on me, too, with the router (the fucking expensive hybrid piece of shit, 230 bucks..) not providing DHCP service anymore or completely refusing all wifi connections or randomly dropping 5Ghz devices, or.....

You get the point.

The worst thing is, they recently layed down 400mbit fiber in my neighborhood. Guess where the FUCKING PIECE OF SHIT CABLE ENDS??? YEAH, RIGHT IN FRONT OF MY NEIGHBORS HOUSE. STREET NUMBER 19 IS SERVED WITH 400MBIT AND MY HOME, THE 20, IS NOT IN THEIR FUCKING SERVICE REGION. Even though there is a fucking cable with the cable companies name on it on my property, even leading up to my house! They still refuse to acknowledge it! FUCK YOU!!!!

Well anyways thanks for reading. Any of you got the same problems? :/

!dev && rant

Looking for a song's lyrics... A very complicated task apparently. Blinding Lights by The Weeknd for whoever's interested.

Firefox: just one small thing to keep going, sorry we just updated our CA certs again. Screw you, close the browser. I will not restart it for you but I will tell you that I would. When you restart the browser, you will lose whatever search you were just doing. Sucks for you bastard! Enjoy the update.

Go to Genius Lyrics, please turn on JavaScript to run this "app". Done that? Okay now solve this CAPTCHA please. Um.. let me just leave that ingenious site.

Next one, AZ Lyrics: Yeah sorry your IP is from a hosting provider, but we will not tell you that is the reason. You've just been denied access to the site. See you next time! Everyone using a VPS to make a VPN connection with is obviously an abuser after all.

Finally found the lyrics on lyrics.com after a long journey that was way more complicated than it should've been. It's a good song.

Oh and Firefox consumed well over a GB for just a single tab of course...
I want Gopher, BBS, IRC and the likes back.

No way. I hope this is a joke...else its not helping building up trust in their competence (Australian vpn provider)

Hey Guys
A few Questions I have to decide soon, for tools I never used:

1- How do you guys keep information about several accounts and stuff? Must have some protection to not be easily accessible (started using Google Notepad and Evernote until I find better... don't really like them)

2- Firefox: Is there a way to store groups of open tabs?
Like I have one windows with 6 or 7 tabs for movies (youtube and such), other for general stuff with 5 or 6 tabs, other with Arduino shit, and I'm going to pick Vue soon and another language to build native apps and that will be a lot more tabs, It would be nice to close them all and open them all at will or something.

3 - What Is your favorite browser? I'm using Firefox, but there are so many new good ones... Like Brave browser with Tor incorporated, or Puffin for Android (which uses a VPN with their own server by default)

4 - For windows users, do you have any tools to help with workflow installed? which ones you use and why?

5 - What I'm using: Google Notepad + Evernote to save stuff, Windows 10 and Firefox, (Linux Mint in VM) and I just keep my shortcuts in folders... I don't use the Windows taskbar for a long while since its so full of shit.

6 - How do you do your backups? Right now I'm just putting my code and important stuff in Dropbox.

I'm an old school programmer... Stuck in 1990's Ideas and there is so muchhhh shit these days that I would prefer your opinions then just googling.
Guess that's enough for this post. Thank you guys

I'm currently planning to set myselv up with some vps/dedicated server's for a project. What i plan to do to secure these servers is.
*Use centos 7
* Setup Wireguard and join all of the servers +1 client (my pc) to that network
*Disable SSH Access from outside that VPN
*Only allow RSA Key login to the Servers
*Install Cockpit for monitoring
*Intall docker/kubernetes for the applications i plan to run

What do you guys think of that as a baseline? Im not sure if my lower powered VPS (VPS M SSD from Contabo) will work as Kubernetes Nodes, does anyone have experience with that?

In general these Servers will be used for my projects and other fooling around.

If you guys have other suggestions for Securing/monitoring or other software i could put on to have more control without eating up to much of the Servers power, let me know :D

Will these fucktards just FUCKING FIX EDUROAM! alright it's a WiFi network that works across the globe and there's challenges with that BUT DON'T MAKE ME HAVE TO MANUALLY RECONNECT EVERY random amount of time!!! I'll shove that fucking MSCHAPv2 down you fucking throats with that sweet sweets PEAP sauce bloody arseholes.
What do you fucking mean it works fine? NO IT BLOODY DOESN'T! Get your shit together and at least handle DHCP leases correctly and make them not expire every fucking minute!!

Also, how the flipping fuck does connecting to the eduroam VPN from within fucking eduroam make it more stable? Only ever so slightly though. Incompetent pieces of dick sucking craptards don't make me have to bring out the ethernet jack EVERY FUCKING TIME at school for christ's sake.
No, it doesn't make it my problem because I'm running Linux. Look on the Internet. The forums are fucking filled with people having issues and your docs are from 5 years ago so please kindly FUCK Off!!!

New twist on an old favorite.

Background:
- TeamA provides a service internal to the company.
- That service is made accessible to a cloud environment, also has a requirement to be made available to machines on the local network so you can develop against it.
- Company is too cheap/stupid to get a s2s vpn to their cloud provider.
- Company also only hosts production in the cloud, so all other dev is done locally, or on production non-similar infra, local dev is podman.
- They accomplish service connectivity by use of an inordinately complicated edge gateway/router/firewall/message translator/ouija board/julienne fry maker, also controlled by said service team.

Scenario:
Me: "Hey, we're cool with signing requests using an x509 cert. That said, doing so requires different code than connecting to an unsecured endpoint. Please make this service accessible to developer machines and lower environments on the internal network so we can, you know, develop."
TeamA: "The service should be accessible to [cloud ip range]"
Me: "Yes, that's a production range. We need to be able to test the signing code without testing in production"
TeamA: "Can you mock the data?"
Me: "The code we are testing is relating to auth, not business logic"
TeamA: "What are you trying to do?"
Me: "We are trying to test the code that uses the x509 you provide to connect to the service"
TeamA: "Can you deploy to the cloud"
Me: "Again, no, the cloud is only production per policy, all lower environments are in the local data center"
TeamA: "can you try connecting to the gateway?"
Me: "Yes, we have, it's not accessible, it only has public DNS, and only allows [cloud ip range]"
TeamA: "it work when we try it"
Me: "Can you please supply repro steps so we can adjust our process"
TeamA: "Yes, log into the gateway and try issuing the call from there"
Me: (╯°□°)╯︵ ┻━┻

tl;dr: Works on my server

Teamviewer is a piece of shit. I use it to connect to my PRIVATELY OWNED server because it's not located on my lan and I have no other way like VPN. Today teamviewer showed me a suspected commercial use and disconnects all connections after 1 minute and blocks connecting to it for 10. I also use it to connect to my synology nas when I'm not home. The teamviewer support is only for paying customers so you can't even contact them. Why the fuck do I have to pay to get something resolved they screwed up? I know I can be glad that teamviewer is offering a free service but when they offer something for free they should at least get their stuff working.

Do you, guys, have any VPN suggestions? I'm mostly looking for a VPN that doesn't throttle your speed, allows and encrypts P2P connections and is secure and reliable. I'm not quite sure what other more specific requirements I'm looking for, since I'm not too knowledgeable in this domain, but I'm nonetheless thanking you in advance :D

So, the Network I was on was blocking every single VPN site that I could find so I could not download proton onto my computer without using some sketchy third-party site, so, being left with no options and a tiny phone data plan, I used the one possible remaining option, an online Android emulator. In the emulator running at like 180p I once again navigated to proton VPN, downloaded the windows version, and uploaded it to Firefox send. Opened send on my computer, downloaded the file, installed it, and realized my error, I need access to the VPN site to log in.

In a panic, I went to my phone ready to use what little was left of data plan for security, and was met with no signal indoors. Fuck. New plan. I found a Xfinity wifi thing, and although connecting to a public network freaked me out, I desided to go for it because fuck it. I selected the one hour free pass, logged in, and it said I already used it, what? When?, So I created a new account, logged in, logged into proton, and disconnected, and finally, I was safe.

Fuck the wifi provider for discouraging a right to a private internet and fuck the owner for allowing it. I realize how bad it was to enter my proton account over Xfinity wifi, but I was desperate and desperate times call for desperate means. I have now changed my password and have 2fa enabled.

TL;DR: Stop. Hating. On. Ads. Here are 5 reasons why:

1. "No one likes ads"
I love seeing *good* ads before I watch a YouTube video. Or I looked up videos that YT recommended because they sounded fun and they were fun:
- Coke - Hey Brother is an amazing and touching short film
- Fressnapf (="food bowl") had an incredibly enjoyable "things you didn't know about cats" video I clicked on purpose and it was good.
- I found JetBrains through ads (free for me, student perks. But tbh I use atom)
and I could name more.

2. What are the alternatives?
I know there are some non-profits and that's cool but you wanna be paid in your job, right? So ads are why Facebook (I know, Facebook isn't enjoyed here but), YouTube, stackoverflow, etc. Wikipedia asks for a few million dollars of donations each year because they don't run ads. Smaller businesses can't do that really. Hell, even codepen has a "sponsored" section. Imagine you would have to pay for all of those services.

3. "Manipulation"
isn't a bad thing unless you abuse it. I manipulate you when I say that I love codepen in the same way an ad does. No one forces you to use a product or watch an ad (you can look away and often times skip).

4. Adblock
What if everyone did that? Adblock blocks happened a while ago and the war between adblock and ad-senders is still ongoing. The moment you see an ad, you are using/watching etc something which the creators thought is worth making money off. If you don't think so, leave the site. I am an adblock user but if the site politely asks me to disable it and I enjoy the content - I will disable it with pleasure.

5. Targeted ads
Yes. The internet is a huge data-crawling piece of shit. But there are many more questionable or even dangerous ways of data-harvesting online. I am glad to see ads I like and not the ones my sister might like. Some services allow you to disable personalized ads. Or use vpn if you really want to.

ZNC shenanigans yesterday...

So, yesterday in the midst a massive heat wave I went ahead, booze in hand, to install myself an IRC bouncer called ZNC. All goes well, it gets its own little container, VPN connection, own user, yada yada yada.. a nice configuration system-wise.

But then comes ZNC. Installed it a few times actually, and failed a fair few times too. Apparently Chrome and Firefox block port 6697 for ZNC's web interface outright. Firefox allows you to override it manually, Chrome flat out refuses to do anything with it. Thank you for this amazing level of protection Google. I didn't notice a thing. Thank you so much for treating me like a goddamn user. You know Google, it felt a lot like those plastic nightmares in electronics, ultrasonic welding, gluing shit in (oh that reminds me of the Nexus 6P, but let's not go there).. Google, you are amazing. Best billion dollar company I've ever seen. Anyway.

So I installed ZNC, moved the client to bouncer connection to port 8080 eventually, and it somewhat worked. Though apparently ZNC in its infinite wisdom does both web interface and IRC itself on the same port. How they do it, no idea. But somehow they do.

And now comes the good part.. configuration of this complete and utter piece of shit, ZNC. So I added my Freenode username, password, yada yada yada.. turns out that ZNC in its infinite wisdom puts the password on the stdout. Reminded me a lot about my ISP sending me my password via postal mail. You know, it's one thing that your application knows the plaintext password, but it's something else entirely to openly share that you do. If anything it tells them that something is seriously wrong but fuck! You don't put passwords on the goddamn stdout!

But it doesn't end there. The default configuration it did for Freenode was a server password. Now, you can usually use 3 ways to authenticate, each with their advantages and disadvantages. These are server password, SASL and NickServ. SASL is widely regarded to be the best option and if it's supported by the IRC server, that's what everyone should use. Server password and NickServ are pretty much fallback.

So, plaintext password, default server password instead of SASL, what else.. oh, yeah. ZNC would be a server, right. Something that runs pretty much forever, 24/7. So you'd probably expect there to be a systemd unit for it... Except, nope, there isn't. The ZNC project recommends that you launch it from the crontab. Let that sink in for a moment.. the fucking crontab. For initializing services. My whole life as a sysadmin was a lie. Cron is now an init system.

Fortunately that's about all I recall to be wrong with this thing. But there's a few things that I really want to tell any greenhorn developers out there... Always look at best practices. Never take shortcuts. The right way is going to be the best way 99% of the time. That way you don't have to go back and fix it. Do your app modularly so that a fix can be done quickly and easily. Store passwords securely and if you can't, let the user know and offer alternatives. Don't put it on the stdout. Always assume that your users will go with default options when in doubt. I love tweaking but defaults should always be sane ones.

One more thing that's mostly a jab. The ZNC software is hosted on a .in domain, which would.. quite honestly.. explain a lot. Is India becoming the next Chinese manufacturers for software? Except that in India the internet access is not restricted despite their civilization perhaps not being fully ready for it yet. India, develop and develop properly. It will take a while but you'll get there. But please don't put atrocities like this into the world. Lastly, I know it's hard and I've been there with my own distribution project too. Accept feedback. It's rough, but it is valuable. Listen to the people that criticize your project.

!Rant
The new bill passed the house for ISP to be able to sell data. This get me ticked off. I already ausme that ISP did it under the table. Doesn't make it right. Now it legal for them to breach our privacy. At what leave do i need to run my own internet just to feel safe. VPN can sell the data, ISP can sell data about you. I spend my life teaching how to protect people online and now I can't even say they are safe at home from someone with wrong intention. A quote​ comes to mind.
"Dear lord I need to see some change, because the man in the mirror is wearing a mask"
I shouldn't have to feel every time. I boot my PC, that I need to remind my self that what I'm doing now is being sold so someone can lable me. When will the common man learn to protect their privacy online; And where is the line in the sand?

It not all bad, this event has given me the itch to code. Just to spin some heads I'm going to make a script to make random Google query across the widest array of topics, so my profile is full of contradiction.

The few who read this have a nice day!

customer support masterclass from iVPN:
— why your app is not available in russia?
— our app is not available in russia because laws
— yes, but russian laws allow vpn services
— our app is not available in russia
— but all your competitors' apps are available
— our app is not available in russia

that feeling when an inanimate object could do a better job than this human being. ffs

So been working with Linux for almost 10 years now, so am not new with this. But yesterday, a friend had difficulties accessing Wikipedia and their sister sites so I tried to help him out, you know, the usual way. Ping, Direct IP, DNS, and proxies/VPN, checking his /etc/hosts, but to no avail. Decided to download TeamViewer and install it so that I can help him out remotely. Went afk for 30min for dinner and when I came back, TeamViewer installation .Deb installer literally uninstalled every single software from my Kubuntu machine, from Spotify and slowly even my file manager and terminal was uninstalled. When it was over, even my grub was uninstalled.

Had anyone faced the same issue before?

Long time stalker, but I finally signed up! Maybe I have dragged it out to not get too addicted, but it seems like that plan has failed.. ;)

Now for the question:
Can anyone recommend a VPN provider (well, functionally proxy) that works in (South) China these days? Because of the holidays the CCP is blocking everything they can to ensure that.. well let's not get political.

Priorities: Reliability > Privacy > Cost (trial or guarantee would be great though)

Thanks :)

"Our Data Service comes PRE-P0WN'D"

Those SHIT-FOR-BRAINS data service providers GLOAT that their data can be natively integrated into most BI platforms, no code required.
How? Because they will EXPOSE THE ENTIRE FUCKING THING ON THE INTERNET.
LITERALLY.
UNAUTHENTICATED URL WITH THE ENTIRE DATASET.
STATIC. WON'T EVER FUCKING CHANGE.
NO VPN REQUIRED. NO AUTHENTICATION HEADERS. NO IN-TRANSIT ENCRYPTION.

"It is safe! No one will know the secret token that is a parameter in the url"
BLOODY BYTE BUTTS, BATMAN! IT IS A FUCKING UNAUTHENTICATED URL THAT DOES NOT REQUIRES RENEWAL NOR A VPN, IT WILL LEAK EVENTUALLY!

That is the single fucking worst SELF-P0WN I have ever seen.
Now I know why there are fucking toddlers "hacking" large scale databases all over the globe.
Because there are plenty of data service providers that are FUCKING N00BS.

Just rebooted my work station during a video conference because the VPN was flaking out.

After reboot, launch Teams to get back to the meeting. The VPN credentials dialog then pops up, but IS NOT MODAL, so I end up sending my password to the group chat...

Time to change my password, I guess.

Gotta love the IoT.

They set up a new surveillance camera in the company, that can stream live footage over the network and that little shit picked the IP adress of a coworker one day AFTER being set up.
Hurray for static routing. Hurray to the person who didn't disable DHCP on the router (Should probably configure my PC to use a static IP as well lel)

Anyways, this happened outta nowhere when I, the only guy who knows shit about IT and is usually present at yhe office, wasn't there and could not connect remotely.

The other, remote programmer, who set up the network, could guide the coworker to get a new IP but, he was worried that we got ourselves an intruder.

Since nobody told me yet that we (should) have static routing, I thought there was a mastermind at work who could get into a network without a wifi-access point and spoof the coworker in order to access the some documents.

The adrenaline rush was real 😨

Scanning the network with nmap solved the mystery rather quickly but thought me that I need to set up a secure way to get remote access on the network.

I would appreciate some input on the set up I thought of:
A raspberry Pi connected to a vpn that runs ssh with pw auth disabled and the ssh port moved.
Would set up the vpn in a similar fashion.

Debugging an elusive database query problem. Attached to server process about 10 steps into the call stack trying to figure out why a a column value is not being properly cast. In comes Windows. You picked the most inappropriate time to restart for updates without asking me. Restart VM, authenticate with VPN, wait for 2FA, start up Visual Studio, enter credentials for the millionth time to authenticate with version control since the remember me checkbox doesn't work, open solution. Now where was I? Then Windows pops up a notification to inform me the updates couldn't be installed. The following comic strip comes to mind.

So, I move house with my amazing, already configured and stable router with built in VPN, DDNS, Port forwarding and DHCP addresses.

Received ISP shitty router at new address and want to use as modem only, so I go read the manual.

"Bridge mode requires you to configure your other router with PPPoE and the ISP's credentials"

Landline is not working, so I cannot call the number to retrieve my password. After 2 days of waiting, engineer visits, installs master socket, dial tone yaaay.

Call number to get password, automated voice message has such a bad sound quality that I cannot figure out if it's saying F or S, and there are two of those letters.

Put ISP router in bridge mode, set other router to PPPoE and put credentials, nothing. Try with F and F, S and F, F and S, S and S... Nothing. Put it back to dynamic IP address, it works.

I resign myself and manually configure everything I had on the good router to the ISP one. A few issues with my server and DDNS, but hey, internet works.

Start missing the other functionality, try the password idiocy again. Nothing.

Next day, go to work, talk to a colleague that lives close and has the same provider: "I just put it into bridge mode and it worked".

Go back home, bridge mode on ISP router, Dynamic IP on good router, no credentials. It works.

Why do I always overcomplicate stuff?

whenever I suspend my laptop my openvpn would get stuck on reconnecting and I'd have to ctrl c and wait for like minutes so it would correctly close. so I only used VPN when I really needed it.

but then I found out: mullvad (my VPN host supports wireguard! and so wireguard is a more passive protocol, and doesn't need to keep open the connection. so now I can just set my VPN to "always on" and not worry about it anymore, yay!

ps: you should have seen my face when I found out mullvad gives away free stickers! :D

Not bad for a test over WiFi 😮
Still, how I long for fiber... Then I won't need to use a VPN to boost my speed lol... Not that I'll stop using one...

The CI infrastructure and external tooling at the company I work at is a complete joke. Feels like it was designed by an intern left alone.

95% of the time a build fails or hangs, it's because we are getting race conditions or a hanging VM with our crappy Windows jenkins slaves. Quite possibly because we are not using proper tooling for monitoring those VMs as well. Anyways, I don't have access and control on it and it's not even my job to fix it.

Though, I am being asked to monitors these pieces of junk jenkins jobs outside of my work hours because company devs all over the world use it... but there is no fucking way to know it failed unless I log onto jenkins every hour and check everything manually... which is stupid as fuck for a software engineer.

I can't even implement slack hooks to get notifications or something when it fails because we will stop paying for it soon, so I have to connect to my freaking VPN on my PC and check everything.

And what's the fucking ghetto solution instead of fixing it properly? Restarting VMs and rerunning a build. Because someone in management wants to see a passing build, even though it means jackshit. Half of these jobs are tagged as unstable, so what's the fucking point?

Pisses me off when people work like morons and pressure others to do the same.

Friday 13th. Superstition.

0655, got WFH laptop going. 0700, VPN'ed in. Bluescreen, first in ages. Yes, Windows, the hatred is mutual. Rebooted. Windows claimed memory fault, offered check, 40 minutes. Noped out. Started machine. VPN'ed in. Some strange script error that I'd never seen before. Rebooted. Script error again. Shut down machine, then rebooted, same problem. 0715, fuck, still wearing sweaters, my e-scooter not charged, and an important Teams call at 0800.

Got dressed, stuffed laptop into backpack, hurried up by foot. Took the bus. Fuck, the next connection on the change station just had gone off. Took a taxi to make it. Arrived at the company, plugged in the laptop, started with no issues. Had the important call.

Took the laptop to IT. Tested it with external network connection and VPN. Worked with no script error. Had it checked for RAM issues. No issue. WTF had happened in the morning?!

tldr; Finally my NordVPN subscription comes to an end so I was looking at other VPN providers and I chose Mullvad. So far, it is an amazing experience.

It has been 2 years since I was using NordVPN. It was great at first but soon first problems started to appear. Speeds were not exactly breathtaking and I barely sqeezed more than 40Mb out of it. Another problem was connecting from PC to PC on local network with both of them connected to VPN. I never found a working solution.
Then Tefincom started pushing it literally everywhere. Ads on YouTube (+ partnerships), fake websites redirecting to NordVPN, etc. That was when I decided to just fucking wait until my subscription ends so I can finally delete my account there...
Today is the day. I decided to go Mullvad because it seemed to be really privacy focused (don't kill me - I know I can't have *real* privacy with VPN, but you also can't have that with your own VPN) - they don't know anything about me, no email, no name, no payment data (Bitcoin Cash). Speeds are absolutely f*cking amazing and also local network works!

Govt. of India banned Tiktok so well that it is not accessible with a VPN even when you have TikTok installed on your phone.

So I now bought an iphone 6 again for development and tried just for fun to make it a daily driver and it feels really limited, especially because apparently theres no jailbreak yet for 11.2.5. (I feel near everything could be solved as soon as cydia etc. get fully released to the alibaba jailbreak)

I didnt even remember, that it doesnt have any option to have haptic feedback when typing, such a basic feature has to be jailbroken..? I thought I remembered that it had it, last time I had one - did they remove such a basic feature?

Also the fingerprint reader is really weird compared to other phones from the same year, first getting it to actually fill all fingerprint lines without saying "try again" or it trolling you and vibrating as if it recognized your finger, but actually didnt (really frustrating when its the last 2 lines...) - is a real challenge, might be that I have some mutant fingerprints, but when I asked my s/o to try it out, it also failed most of the times, so you have to position your finger in a very specific position for it to work, even if you add the max amount of 5 fingerprints.

Most ads on iphones feel HORRIBLE, the amount of lag some can add is incredible, wait till it loaded or youre fucked and besides using some shady adblocker vpn, theres no way to block them, without again - a jailbreak.

Another feature that I used many times on my android phone, is controlling it from the desktop, connect it via usb and then just use it for demonstration purposes on a projector or to instruct how things work - theres no such function without a jailbreak, even if you use osx..

Then theres the feature, that instead of just setting your cursor to a specific location, you have to hold and it zooms in, not sure if I just got too used to the android way of doing it, but I can see myself making less mistakes of where I positioned it with the ios way.

The hardware mute switch feels like a great feature, its just sometimes weird, so if you were inside an app that was playing sound and you mute it, it still plays it until you either close and open that app or just change to another one temporarily, so its not an actual hardware switch as I usually thought, more like a request to mute the phone.

The cable that comes with it is too thin, I am afraid to even unwind it, as it would probably break, so I had to get another one.

Please don't turn this into a shitfest from any of the fanboys, I really just wanted to share my image of finally being able to try it first hand again.

What a week at work...

As some of you might know, it‘s currently very hot in Germany with temperatures rising up to 35°C. That‘s when our AC at work decided to stop working. I‘m working in the third floor of a three story building so it‘s getting very hot in the office.

The day after we had a 45 min powercut and the AC still does not work.

Today when I got up and wanted to go to work, I got an E-Mail saying that we have another powercut which lasts at least three hours. We‘re supposed to work from home using VPN. But how the fuck should I be able to log into the VPN if the network is offline?! Oh and of course our GitLab server is hosted in house as well, so no access to any code at all.

Hopefully next week is gonna be a better one...

The perks of working for a .NET shop:
1. 130€ of credit to burn on Azure every month, so I can run some long builds there, to have VPN/proxies for free that are not easily blacklisted and whatever else I can think of. Today I set up a VM for my wife to RDP into, so she doesn't have to do her job search on her company laptop (which is the only computer she has right now).

How do you prevent your software being vulnerable to IP address spoofing? Authentication? Certificates? VPN? Nah, just check the MAC address field of every packet. Nobody ever spoofed a MAC address before, that's just impossible. I thought that in binary there were only ones and zeros, but I guess nobody told me about the special tamper-resistant ones and zeros that MAC address fields are made of.

Oh, once you've done that, don't forget to tell the marketing people to put it in a brochure as an "innovation" for everyone to see.

I should post more of the crap the idiots I work "with" (quotes, because I am only here in body not mind) say. Especially when it comes to network stuff.

I have too many geeky non-dev activities. I don't know which is the geekiest...

Built a server rack out of bits of spare wood (going to rebuild and improve it in future). Wired up the entire house with network cabling. Didn't need to, just prefer not to use WiFi for things where possible. Also ceiling mounted a PoE WiFi AP for things that have to use WiFi (e.g. smartphones).
DIY built a rack mountable Pi shelf with faceplate.
Configured a dedicated TV tuner/PVR PC used by Kodi running on Raspberry Pi for a couple of TVs (all diskless/network boot).
Got a colocated server running in a data centre for running various VMs on for different things. Run my own email, webserver, DNS, VPN, voice chat server, various other stuff.
Gradually getting into electronics, which overlaps with dev a bit.
Sometimes I play games. I built a dedicated VR PC which occupies the smallest room of the house.

Unsure which is the geekiest thing!

After months of launching an intranet for a major corporation, that ONLY were supposed to be temporary until they went over to Microsoft Sharepoint solution. They're now asking for new features, like not having it locked to their VPN, and make it responsive, maybe make it an app!

It was all thrown together and a lot of spaghetti code, because the terms were that it would be temporary from when they merged with another company till they got the Sharepoint solution up an running. Oh, and it is all run on a Wordpress 3.3 solution, they don't want to upgrade it, because they would loose some irrelevant plugin that they love.

Sooo... The ways my coworker fucks me:

Last week I have been working on setting up aWireGuard VPN server... Been trying for 4 FUCKING DAYS, the easiest VPN that has ever existed, 2 commands and that's it, I wasn't able to reach it, I checked every forum, tested every possible solution without success, checking ubuntu firewall but it was inactive... Nothing that should cause this. Why? 2 weeks ago we had a security breach and my coworker added a firewall from the cloud console with basic rules allowing only 3 ports, the port I was communicating with was blocked. He didn't bother to mention that he added an external firewall. And the junior me, not wanting to be a pain in the ass, and since that security breach wasn't my responsibility to fix, I didn't ask too many questions, just read the emails going back and forth and "learning" how to deal with that. Kill me please. Next mont a new guy is joining, we had a "quick meeting" of 30 minutes and he managed to make it 2 hours meeting. So a partner who lacks communication and a partner who talks a lot... Will be fun. And I probably should change my username... Is that even possible? @root?

Why the FUCK is my VPN logging me out after a certain time. Its not like that I have to drive +4h to some remote location fix it when it cucks up at the wrong moment!

Finally got round to signing up to a VPN for my devices and my sons. After a lot of research decided on surfshark, signed up for 3 years with great discounts. BUT, it doesn’t work on iPhone ( tried everything in the help) still bollox. Cancelled it and went for my second choice which was Nord. The software is great. Worked without issue, same on m1 mac. Thousands of servers worldwide. For me this is great and fast. So if you are looking for a fast reliable VPN Nord is the one. PS not affiliated or work for Nord, just an opinion and hopefully save someone else some grief.

Former android fan, I’ve been using iPhone SE for a while, and now I’m ready to give feedback. We are talking about brand new, iOS 11.2.2 device, never jailbraked (jailbroken?) or made anything fucked up to.

The main problem is battery life. It’s poor. I mean, my cheap ass Meizu m3s stands for about three times longer. Now I always need to carry power bank or charger around, keeping it up from one outlet to another.

iOS 11 is unstable and flawed. Music widget on lock screen freezes randomly, ui falls apart sometimes, apps sometimes start in landscape mode. I never found android ui falling apart, just like webpage marked up by interns.

Transferring files to Linux PC is huge pain in the ass. Nuff said.

Aaaand... that’s all. There is literally only three problems present.

On the other hand, there is huge advantages over android:

Speed. It’s unbeatable. It’s absolutely stunning. Need camera? Here it is, quarter second away. Android camera needed straight 15 seconds to start up. Taking picture? Here it is, flawless as always. Zero motion blur, gamma is ideal, focus is so sharp so you may hurt your eyes. Need 100 pictures? Here you go, just press the button and hold it. Maybe s9 or another shiny ass android takes pictures as fast as iPhone, but I bet my iPhone will be taking pictures same flawlessly after 5 years, while your android will probably become sluggish ass piece of crap.

Not. A. Single. Fucking. Lag.

Asphalt 8? 60 FPS all the way down. 2GIS? Fraction of a second away. That’s it, that’s how it have to be.

Sound quality. Just as neat as my Sansa Clip. EarPods are crap, so I’m using my SE215. Not going to ever come back to Sansa. Xperia TX had much less quality audio btw.

Apps. As long as the whole enterprise world sucking Apple’s dick, apps are running silky smooth and the things are not going to change. Come on. Apple is the king nowadays, admit it or not.

Keyboard is amazing. Screen is amazing. It’s just that pleasing. The sounds iPhone makes are great, while android sounds piss me off and making me hold myself from throwing the phone straight to the wall.

iPhone makes me feel cared about. Everything is on it’s place, everything fits perfectly. You are watching YouTube, you need to adjust volume and volume bar appears as tiny strip on the very top, just to not distract you. Make screenshot, draw something on it, share and hit delete. Every action you need is one tap away. Look up word? One tap away. Position the cursor between words? Polished as fuck, here you go, have your handy magnifying glass. Adblock in safari? Install it from the App Store and it will be literally two taps away, right at the settings. No VPN needed. Safari doesn’t become slow with Adblock, it’s just the same amazingly fast browser, but without ads. And Apple Music is just one dollar a month for students, filled with high quality songs.

Even google apps working better on iOS.

The advantages are clear for me, while downsides aren’t significant. @irene, you wanted to know what I’ll tell after a while, so I’m saying it proudly:

I’m never ever coming back to android.

Not really hacking, but every time I work from home(a couple times a week), in lieu of using my company's VPN, I connect to the company network with an SSH reverse tunnel. To make this possible, I wrote a port knocker that runs in a tmux session on a server inside the network. It tries to connect to a high-numbered port on my home machine, and if successful it opens the reverse tunnel. At home, I manually run a script that opens that port and informs me when the reverse tunnel is established.

Then I open an SSH socks5 proxy and use that in my Firefox dev edition, which I use entirely for work.

This is actually much easier than using the actual VPN.

The universe has taken a cactus.

It proceeded to gift the cactus with a toxin that greatly enhances the stimulus of pain.

After the universe watched it's miraculous creation it decided to shove it up so far my arse that my gag reflex turned on and I puked a lot of cactus.

Didn't sleep well, weekend hardware migration finish, today an old server got moved.

Some part, most likely the redundant PSU, had a short circuit - decided to take the switches out... Which are the only non redundant hardware...

There was only one critical system in the whole rack, that was one redundant firewall.

Guess what happened..... Naaaa?

*drum roll*

For whatever reason, the second firewall didn't kick in, so large part of internal network unreachable as VPN was on the firewall.

:thumbsup:

That's not cactus level yet.

Spontaneously a large part of the work at home crew decided to call, cause getting an email wasn't enough.

So while all the phones were ringing and we had the joyful fun to carefully take apart a whole rack to check for possible faulty wiring / electric burns / hardware damage and getting firewall up and running again...

Some dev decided to run a deployment (doable as one of the few working at the company at the moment -.-).

I work from home, but we had a conference phone call running the whole time so I could "deescalate" and keep others up-to-date. So me on headphone with conference call, regular phone for calls, while typing mails / sms for de-escalation.

Now we're reaching cactus level, cause being tortured by being annoyed out of hell by all telephone ringing, the beeping of UPS (uninterruptible power supplies), the screaming of admins from the server room and the roaring of air coolers…

Suddenly said dev must have stood in the midst of the chaos… and asked for help cause "the deployment broke, project XY is offline"...

I think it was the first time since years that I screamed at the top of my lungs.

Bad idea (health issues)… but oh boy was it a pleasure to hear my own voice echo through the conference speaker and creating an echoic sound effect.

It was definitely worth coughing out my loungs for the next hour and I think it was the best emotional outburst ever.

I feel a bit sorry for the dev, but only a tiny bit.

After the whole rack thing, the broken deployment fixing and the "my ears are bleeding and I think I will never be able to talk again" action...

We had to roll out several emergency deployments to fix CVEs (eg libexpat).

This day was a marvelous shit show.

I will now cry myself to sleep with some codein.

IT admins of devRant, explain my dumbass the following:

Why would an IT department put servers in a VPN without TLS.

They presume they don't need because muh-VPN.

And then they don't want to hand out VPN connections to anyone and force me to use Citrix RDP 🤡

I know there are security reasons, but is there not a better way? Like goteleport.com ?

Asking for a friend (or several)

Americans will get a 100k$ fine and 20 years in jail if they use tiktok via vpn

What is the point of a vpn if its not giving me anonymity???????

Being victim of an arbitrary worplace's culture on dev experience and documentation makes me a very frustrated dev.

Often I do want to document, and by that, I don't mean laying an inline comment that is exactly the function's name, I mean going full technical writer on steroids. I can and WILL get very verbose, yes, explaining every single way you can use a service - no matter how self explanatory the code might look.
I know developers (and me included) can, and sometimes will, write the best variable and function names at the time, wondering if they reached the peak of clean, DRY code that would make Robert Martin have a seizure and piss himself, only to find weeks later after working on something else that their work is unreadable. Of course.
I know the doc's public, it's me, and I've done this.

But then again explain for the people in the back how the FUUUUCK are we meant to suggest improvements, when we are not the ones who are prioritising features and shit WITH the business?

Just email me when the fucking team recycles, and no new team member knows how to even setup the IDEs because this huge piece of monumental shit called CompanyTM is also run by VPN. Fuck, no one wants to access that garbage, you have no docs.

I once tried setting up a culture for documentation. I did an herculean amount of work studying what solutions were internally homologated, how steep the learning curve would be from what we had at the moment (NOTHING, WE HAD FUCKING NOTHING, jesus christ, I even interviewed SEVENTEEN other squads to PROVE they FUCKING NEED
DOCS
TO WORK

You know what happened to that effort?
It had a few "clap" reactions on a Teams meeting and it never reached the kanban.
It didn't even made it to backlog.

I honestly hope that, someday, an alien fenomenon affects the whole company, making their memories completely reset, only to have the first one - after the whole public ordeal on why our brains became milkshake -, to say: "oh, boy, I wish we had documented this".
Then I will bring them to the back and shoot them.

There is no joy in life

So I finally managed to set up networking on my 3D printer's raspberry pi: now it can connect to my phone's hotspot or to my uni's wifi network, depending on which is available.

Then I set up OpenVPN, using a remote server as a middleman so I can connect to the printer remotely and start/stop/monitor prints from anywhere.

Everything works great, except for one thing: whenever the Pi connects to the uni's network first, OpenVPN fails to start and connect to my server, rendering the printer unavailable (unless I use an ethernet cable, but that's not a viable operation since I need to lift the printer, and it's heavy).
The only for it to work as intended is to either:
a) keep my hotspot active (which kinda defeats the point), or
b) let it connect to my hotspot first (so that OpenVPN can start properly) and then turn off the hotspot, allowing the printer to reconnect to the uni's wifi and reconnect to my vpn.

Why won't things just work the way they're supposed to? 😭

Asking for a friend: Well actually a friend asked me (since "I'm good with computers", you know it ;)) and no real solution came to my mind, so I thought, why not ask the internet

Anyways. She's an artist and does a project (kind of a documentation) about the Egyptian revolution. She currently lives in Europe but still has her Egypian passport. As an Egyptian national, she fears, that she could be holden back for a while and have her laptop/external HD with all the photos/videos/interviews confiscated and/or searched. She asked me for help to have a "backup solution".

The requirements: a way to backup work (from a mac) to a secure location (I would offer my server running linux for it).
The upload would have to be encrypted (if possible, I suggested to use a VPN, is this enough?)
Access to the files should only be granted if you have the propper password (in my opinion the VPN tunnel should work here too, as when it's down, you can't just reopen it without a password.

What are your thoughts on this?

Not really Lol. WTF? Did you just tell me that VPN for IoT is a bunch of crap just to leave the room without arguing about the alternatives?! What is you fucking point you dirty piece o' motherfuckin shit! Please do me a favor and go fuck yourself!

What the fuck is up with all these vpn articles. It seems like they are everywhere. It's like get this vpn, no buy this one, wait no buy this one. Like I don't need a fucking vpn and it's not a must have.

The conversations that come across my DevOps desk on a monthly basis.... These have come into my care via Slack, Email, Jira Tickets, PagerDuty alerts, text messages, GitHub PR Reviews, and phone calls. I spend most of my day just trying to log the work I'm being asked to do.

From Random People:
* Employee <A> and Contractor <B> are starting today. Please provision all 19 of their required accounts.
* Oh, they actually started yesterday, please hurry on this request.

From Engineers:
* The database is failing. Why?
* The read-only replica isn't accepting writes. Can you fix this?
* We have this new project we're starting and we need you to set up continuous integration, deployment, write our unit tests, define an integration test strategy, tell us how to mock every call to everything. We'll need several thousand dollars in AWS resources that we've barely defined. Can you define what AWS resources we need?
* We didn't like your definition of AWS resources, so we came up with our own. We're also going to need you to rearchitect the networking to support our single typescript API.
* The VPN is down and nobody can do any work because you locked us all out of connecting directly over SSH from home. Please unblock my home IP.
* Oh, looks like my VPN password expired. How do I reset my VPN password?
* My GitHub account doesn't have access to this repo. Please make my PR for me.
* Can you tell me how to run this app's test suite?
* CI system failed a build. Why?
* App doesn't send logs to the logging platform. Please tell me why.
* How do I add logging statements to my app?
* Why would I need a logging library, can't you just understand why my app doesn't need to waste my time with logs?

From Various 3rd party vendors:
* <X> application changed their license terms. How much do you really want to pay us now?

From Management:
* <X> left the company, and he was working on these tasks that seem closely related to your work. Here are the 3 GitHub Repos you now own.
* Why is our AWS bill so high? I need you to lower our bill by tomorrow. Preferably by 10k-20k monthly. Thanks.
* Please send this month's plan for DevOps work.
* Please don't do anything on your plan.
* Here's your actual new plan for the month.
* Please also do these 10 interruptions-which-became-epic-projects

From AWS:
* Dear AWS Admin, 17 instances need to be rebooted. Please do so by tomorrow.
* Dear AWS Admin, 3 user accounts saw suspicious activity. Please confirm these were actually you.
* Dear AWS Admin, you need to relaunch every one of your instances into a new VPC within the next year.
* Dear AWS Admin, Your app was suspiciously accessing XYZ, which is a violation of our terms of service. You have 24 hours to address this before we delete your AWS account.

Finally, From Management:
* Please provide management with updates, nobody knows what you do.

From me:
Please pay me more. Please give me a team to assist so I'm not a team of one. Also, my wife is asking me to look for a new job, and she's not wrong. Just saying.

Oh the joys of working with an Enterprise customer.

Background:
Discussion about service architecture with me, development architect (ArchDev) and integration architect (ArchInt). The topic arises of needing to access int. segment systems for a public facing cloud application.

Me: so we'll just need a s2s vpn and then we can just create a route and call the services normally.
ArchDev: sounds good to me, it will take a few months to get that set up
ArchInt: we done need that, we can just use the gateway and then route all the requests through the ESB.
Me: 😕 do you mean the service gateway?
ArchInt: (drops bomb) no, we decide that all API should be implement in ESB, so ESB will handle traffic
Me: *pauses, steps up to the whiteboard, does latency math* setting aside the fact that isn't how ESB's work, that will add at least 700ms latency to each request.
ArchInt: well that is fine for enterprise, things not usually as fast in enterprise you must expect slowdown to be safe
ArchDev: *starts updating resume on the ladders
Me: 💀🔫

I want to switch over to Linux again, Windows just annoys me a lot lately. Thing is, I don't know what distro I wanna use yet.
I want one that is:
0. Security focused, so encryption, VPN and so on. (I know software could do the job, but would be nice if it comes with the OS)
1. Not hard to configure, but I should be able to configure it more when I want to.
2. Not too ulgy looking.

I have a little bit of experience with Linux, but I'm not even close a professional.
Looking forward to your suggestions!

I'm currently sitting in a hockey arena owned by my city, they offer free wifi, and cause I'm privacy conscious, I try to download a VPN for my computer. The motherfuckers block the download under the vague "violation of use policy" bullshit. Even better, I read the ToS they give you when you connect, and it says sweet fuck all about prohibiting downloads. What the fucking fuck do you have to gain from me not using a god damn VPN. It just makes no god damn sense.

Can someone example to me why do people use a VPN when not on public wifi? Like you are already at home with your own private network.

Like the moment you log into Facebook or Twitter or medium or to check your Gmail/outlook whatever, all you are doing is making is making it very clear to the host companies that you are inconsistently paranoid. Because all the sudden the person who's home address is in Seattle, work and home phone are in Seattle and all of their communication is done with people in Seattle. Has their web traffic location encrypted unknown.

Yeah your packets might be encrypted, but you are still spreading enough self identifying information by merely existing on the web.

At the end of day it seems more like a illusion of safety that these VPN sell. At the cost of a good dollar and slower internet speeds.

Unless you got some actual trade secrets and sensitive information, the f is the point for you to use one?

DevRant has many privacy-conscious people and honestly just people who don't like when their personally identifiable data gets shared.

Yet, DevRant uses Carbon Ads owned by BuySellAds. Here's what their privacy policy reads:

"Some Personally Identifiable Information may also be provided to intermediaries and other Third Party Service Providers (defined in part (4) below) who assist us with the Services"

You know what's the funniest thing? In "part 4 below" they never actually state which companies do they share personally identifiable information with.

Just a quick reminder that when you use DevRant, your personally identifiable information may be shared with any amount of third parties, and you could bet a lot of money that the list includes Google and Facebook because of remarketing. Remarketing is a fancy term that means not selling personal data but instead giving it away for free.

Use AdGuard or any other browser extension that blocks analytic scripts. Buy a Raspberry Pi Zero W and make yourself a PiHole. When you're using DevRant mobile app, use analytics-blocking VPN.

## Learning k8s

Interesting. So sometimes k8s network goes down. Apparently it's a pitfall that has been logged with vendor but not yet fixed. If on either of the nodes networking service is restarted (i.e. you connect to VPN, plug in an USB wifi dongle, etc..) -- you will lose the flannel.1 interface. As a result you will NOT be able to use kube-dns (because it's unreachable) not will you access ClusterIPs on other nodes. Deleting flannel and allowing it to restart on control place brings it back to operational.

And yet another note.. If you're making a k8s cluster at home and you are planning to control it via your lappy -- DO NOT set up control plane on your lappy :) If you are away from home you'll have a hard time connecting back to your cluster.
A raspberry pi ir perfectly enough for a control place. And when you are away with your lappy, ssh'ing home and setting up a few iptables DNATs will do the trick

netikras@netikras-xps:~/skriptai/bin$ cat fw_kubeadm
#!/bin/bash

FW_LOCAL_IP=127.0.0.15
FW_PORT=6443
FW_PORT_INTERMED=16443
MASTER_IP=192.168.1.15
MASTER_USER=pi

FW_RULE="OUTPUT -d ${MASTER_IP} -p tcp -j DNAT --to-destination ${FW_LOCAL_IP}"

sudo iptables -t nat -A ${FW_RULE}

ssh home -p 4522 -l netikras -tt \
-L ${FW_LOCAL_IP}:${FW_PORT}:${FW_LOCAL_IP}:${FW_PORT_INTERMED} \
ssh ${MASTER_IP} -l ${MASTER_USER} -tt \
-L ${FW_LOCAL_IP}:${FW_PORT_INTERMED}:${FW_LOCAL_IP}:${FW_PORT} \
/bin/bash
# 'echo "Tunnel is open. Disconnect from this SSH session to close the tunnel and remove NAT rules" ; bash'

sudo iptables -t nat -D ${FW_RULE}

And ofc copy control plane's ~/.kube to your lappy :)

Why the fuck is everyone behind this whole privacy thing . I mean what did you expect , servers do cost... you know . No one wants to provide you a service to chat with your shit collecting butler in the adjacent room unless it's going to benefit them .

Stick your face on the internet and want people to date you ?

Understand that your virtual social needs need to be supported by a ridiculous amount of electricity and man power which wouldn't be required if you could just throw out your rotting willie nilles in the open .

All this isn't fucking free .. wait were you shocked ? Oh so you just thought there were a few thousand servers powering buckets of pictures of horse poop that you for some reason thought your girlfriend was interested in . NO!

IT'S PRIVACY you are paying with your gaddamn privacy !! Information pays just like the time you paid a 100 bucks to the boyfriend of your girlfriend to find out more details .

Ridiculous . You people don't like ads . You don't like paying . You don't like providing information . THEN DON'T USE THE DAMN INTERNET .

IF YOU'RE REALLY THAT CONCERNED ABOUT YOUR PRIVACY THEN SPEND SOME VALUABLE TIME TO ACQUIRE ENOUGH OF A SKILLSET TO SETUP A VPN AND STOP POSTING YOUR PHONE NUMBER ON YOUR EX'S WALL ASKING HER TO CALL YOU.

One more honest thing to rant about is ads . As much as you hate them they're an easy way out . I'm not sure why a 20 second ad would bother you on mobile and not on television and I'm not sure why you wouldn't buy the ad company and shut it down if 20 seconds were so costly to you .

I want to rant even more on uninstalling services like Windows and Google for stupid reasons but I'll take a break here . My frustration has touched low levels.

Got called on company phone while being in home office. Somehow through VPN + RDP session it got routed to my laptop, but connection was really bad and we could hardly understand each other, i.e. I had to guess that it even was a recruiter.

Guy however was really nice, but I failed the interview to a job I did not really want.

VPN noob here .... if anybody can help
Thanks..
It's showing it has full signal strength but does not connect to any, and the red 'X' is always there, is it a hardware problem ?

!long rant
Trying to work from home is always a pain, since we need to use company laptops (no ifs, ands or buts about it).
Yesterday I took the laptop in to check for updates that just wouldn't run while at home (my first mistake), and I couldn't get past the "Press Ctrl+Alt+Delete to login" screen, laptop keyboard didn't seem to be registering clicks, and an external keyboard wasn't either (and I forgot about the on-screen keyboard). A couple of restarts later with no further changes to the situation, the laptop then didn't get past the BIOS screen.
So I called support (my second mistake) and logged an incident.
Couple of hours later someone comes to my desk and asks about the issue, so I describe it, show them (by now the laptop was once again getting past BIOS screen), and leave them to it. Since these laptops are just used as preconfigured VPN and RDP gateways, I said it would be okay if he just wanted to reinstall the OS (my third mistake).
Several hours later, after staying late last night waiting for it to finish, I loaded my profile, installed updates, shut down, grabbed my stuff and left, without checking VPN or RDP over WiFi (my fourth mistake).
Turns out that some of the buttons on the keyboard just no longer work, but now USB keyboards do work, and I can just use OSK to login while out. I figured this would be my only issue with things, and that it was acceptable.
This morning I attempt to use the laptop, and forgot about OSK and the faulty delete button, so spent a few minutes on that. Try to connect to WiFi and find it can't connect, because of course, it doesn't remember the WiFi password, so I root around for the code in some drawer, enter it, and it works. VPN tries to connect and... get told to insert my smart card, which is already inserted, because the driver is wrong!
So I'm sitting here writing a post, not quite believing that I'm considering cancelling my plans for the day to go into the office because of a bloody driver issue now...

So, today, I wanted to try setting up a wireguard VPN server on my little raspberry pi at home. I... expected /some/ issues, but what I found dumbfounded me.

1 - I already had the wireguard package from the unstable branch of the main raspbian repo installed... Huh, okay.
2 - Setting up config was extremely easy... Wow, so the rumors were true. Wireguard really is almost dumb-simple.
3 - Failed to create a network interface? Oh, trouble, here it is! So lets see... modprobe wireguard... Nope. Don't have the module? What?
4 - Reconfigure package to rebuild the module - missing kernel headers? Huh... weird

This was the simple stuff... Then I went down the rabbit hole of the Raspberry Pi ecosystem:

1 - There is the Raspberry Pi Bootloader, that is apparently separate from the Kernel itself. And I didn't seem to have any of the standard linux-image-* installed... What? Weird, yet there I was, running a 4.19.42-v7+ kernel...
2 - No kernel and no headers... What... The... Fuck
3 - Okay, so... Lets just... try to install the latest kernel image then? One apt-get install... It downloaded the image, but during package configuration, it failed because... I didn't have... its headers? What? What for? And if it needs them (for whatever reason), why isn't the headers package as a dependency? Ugh, whatever...
4 - Another apt-get install and... Okay, building the initrd image aaaaand...
FAIL
WHAT. What is it this time!?

Oh... Ran... No more space on device? What? Is /boot independent? Of course it is, it has to be, its a bloody different filesystem

Okay, so, lets che-OH MY GOD WTF.

Its just bloody 45 MBs big! The entire /boot is just 45 MBs large. WHY. THE. FUCK.

This was a default raspbian install from I have no idea when. But... Why. Oh WHY would ANYONE pre-configure /boot to be this incredibly tiny!?

No wonder the new init ramdisk couldn't fit in there! Its already used up from 64%!

Thanks, Raspbian Devs, now I gotta reinstall the whole system because, yes, the /boot is, of course, sector 8192. Just far enough from 2048 that there are *some* sectors free - About 3 MBs.

So what did I try? Remove the partition and recreate it from the very beginning. Only... I never tried in in the past, and okay, kernel doesn't like having the partition where its image resides deleted on the fly, it will not give up FDs pointing there or something.

So now, I have a system I cannot reboot, or it will never boot back up :|

Thanks, Raspbian!

I need to get a cheap 1U somewhere or something T.T

AHHHHHHHHHHGGGH

I HATE VPN SETUP

- Trying OpenSwan
Installing open swan on a Debian machine.. setting up the config.
Restarting openswan. Syntax error. No syntax error to be found.
Different tutorial.. it starts! Try to connect.. I can’t connect. Look at the logs. No errors.
Tcpdump. My traffic is coming through.. all fine.. try to connect again.. it works! (Nothing changed!)
Try to ping somewhere else.. no connectivity.
Try to ping an IP in the same network.. works fine. So I have connectivity, just no internet.
Spend an hour finding out about traffic directions of which no one seems to know what they really mean.
Boss tells me to stop using openswan because it’s deprecated and replaced by strong swan..

- Strongswan
Reinstall Debian machine, install strongswan. Copy openswan config. Oh, they’re incompatible? Look up strong swan config, and the service starts.
Connect to the VPN.. it works! Again, no internet, just connectivity in the same network. Spend 2h debugging the config, disable firewalls everywhere, find an ancient bug in the Debian package related to my issues.. ok, let’s try compiling from source.. you know what, let’s not. I’ll throw this Debian machine away and try something completely different.

- pfSense
Ok, this looks easy enough! Let’s just click through the initial setup, change some firewall rules, create an L2TP VPN with a simple wizard.
Try to connect to VPN. First, it times out. Maybe a firewall issue? Turn off firewall.. ah, something happens now. I get an error message right after trying to connect to the VPN. Hmm, the port doesn’t even get opened when I enable the firewall.. this implementation seems a bit buggy.. let’s try their OpenVPN module.

Configure OpenVPN. Documentation isn’t that clear.. apparently a client isn’t actually a client but a user is a client.. ok, there’s a hidden checkbox somewhere.
Now where do I download my certificate? Oh, I need a plug-in for that.. ok, interesting. Able to download the certificate, import it, connect and.. YES!!! I can ping! But, I have no DNS..
Apparently, ICMP isn’t getting filtered but all outbound ports are.. yet the firewall is completely disabled. Maybe I need outbound NAT? Oh. There’s no clear documentation on where to configure it. Find some ancient doc, set it up, still no outbound connectivity.

AHAHAHAHHHHHHHHHHG

Then I tried VyOS. I had a great L2TP VPN working in less than 15 mins. Thank you VyOS for actually providing proper docs and proper software.

Disclaimer: Technically it's not "our" stack, but we have to use it so....

A webapp we built runs inside the company's network we built it for. Their IT are windows lovers, so everything has to run on Windows servers, even the tablets which are used to access said web app need to have windows.
Their company network isn't accessable from the outside world, so we have access via VPN to get into their network. But this isn't enough to access that shitty windows server our software runs on. After that VPN, you have to connect to a different VPN to which you can only connect to while you're inside the company's network. Then you have access to two servers, one the application is running on and one, well to see if you're changes were deployed correctly because the production server doesn't have a browser on it other than shitty internet explorer 8.

The only way to connect to the server is using RDP. Not even samba or so. To deploy the changes we made to our app, you need to copy paste the files from your local machine to the server. And don't get me started on running mssql migration with the shitty mssql console 😤😤

Why would anyone who isn't a complete idiot use Windows for servers or mssql in the first place????

Maybe not the place to rant about this but I was unable to post on r/VPN nor r/NordVPN because I have insufficient karma (I have negative karma). I just want to ask some questions!!!! It's the same frustration as in Stackoverflow when I want to upvote something and tells me I don't have enough points (I only have 2 points). Thanks internet for reminding me every day that I am not enough important to say what I want and making me feel like less. Is devRant going to shut me? Wouldn't be surprised! Anyways TGIF and have a nice weekend 0/

Don't you guys love it when your ISP suddenly decides to change your public IP? The one you were using for months?

I know we're technically not getting a static address guarantee (that is for some reason something only companies can buy), but a heads up would be nice...

I spent like an hour debugging why my VPN suddenly couldn't connect...

I had the funniest thing today... So our company has some servers off somewhere in a VPN, as well as one server in our own office.

So, for simplicity, S1 is my own laptop, S2 is our office server, S3 is one VPN server, and S4 another.

I want to get a file from S2 to S4. S1 can SSH into S2 and S3, S2 can't ssh into any server, S3 can ssh into S2 and S3, and S4 can't ssh into any server.

So to get a file from S2 to S4, I took the path

S1 pull from S2 -> S1 push to S3 -> S3 push to S4

Part of it was preexisting keys meaning it was easier to send S1 to S4 via S3 than get my pubkey from S1 onto S4, but also S2 not being on the VPN meant I couldn't go straight from S2 to S3 or S4, so I had to route through S1, which I could add to the VPN (I'd sshed into S2 from home and thus couldn't put it on the VPN not to mention permissions, whereas I could put S1 easily onto it)

Twas certainly a fun time :P

Plus, port forwarding from a Docker container on S2 to S2's port to S1's port via ssh was fun to get set up.

Time to document this process :)

Windows 10 , I just want a flipping built in command line executable to log off another (local) user. I'm not a server, I don't have active directory, I don't want to switch to log in as that user first, i want to just kill their inactive local session because cisco freaking vpn doesn't allow you to connect when a other user is logged in. I can kill the session from admin task manager, I just want to be in the commandline. If your gonna let software check the number of logged in users, let the freaking administration modify the number of logged in users with a cli.

Idk if I could turn it off an on again. On a server I would just issue "query sessions" or "query users" followed by "logoff ##". Why not let me do the same damn thing on my home computer sk I don't have to restart MY SESSION just to close MY WIFE'S session. You stupid fraking company that cannot provide consistent command line programs across various systems. SCREW YOU MICROSOFT AND YOUR UTTER ASANINE DECISION MAKING REGARDING WHAT FEATURES TO INCLUDE IN WHAT BUILDS.

Like many of you, I'm currently working from home. This is great, and I hope I can stay remote when this is all said and done. That said, there are a few things I don't like. First and foremost, I need to connect to the VPN in order to do a large number of my tasks. This sucks for multiple reasons, the current worst being that I can't use Fiddler while connected to the VPN. This really handcuffs me in certain situations. Anyone currently using a proxy that works while on VPN? I tried a couple of others, including Burp Suite. But they didn't install on my MacBook. Apple didn't like not being able to peer into the depths of their soul, or some such nonsense

So, I've been seeing a lot of people concerned about privacy around here lately.

I completely understand it, and I too, don't want all my data to be available for anyone at any given time. I get it.
However, the only way to get privacy, is to build it yourself.

Buying a phone? Who says (apart from the company itself) that it doesn't have some integrated chip, or that the os lies to you or w/e

When using your phone, who says your Sim provider isn't intercepting all your traffic with a man in the middle attack?

These sound like conspiracies, however, if you really want privacy, either build it yourself (or with other privacy activists) or let go of the comforts of technology (i know, you're not the only source of info about yourself, the only way to shield yourself is to go into the woods and live a simple life.)

It's pretty sad that these are the two options, but I've yet to find a better one.

(ps, I used to have a "no logs, no ip, no anything" VPN provider, and as soon as some agency requested info, they got it, so I wouldn't easily trust the promise of 3rd parties anymore.)

In today's episode of "Am I paranoid already?" - Caching Bind resolver forwarding queries to a DoH client connecting to Cloudflare

A fun little thing to configure, and now, anytime I am on my VPN, all my DNS traffic should be completely untrackable.

Does that make me paranoid? Maybe a little... But, the knowledge that noone - not even my ISP, can see what I am doing on the internet, is kinda... Heartarming.

Now, all that's left, is for eSNI to roll out and get implemented by all major web browsers, and most snooping will be completely done for...

Something weird is happening at my company. Me and my colleague were in a team building a web application (October CMS and angular 8). I just returned from vacation and was absent for the first 2 weeks of dev. Some days in management announced that the project is "on hold", I guess something to do with paperwork, but the dev will continue. I got to work in the project only for 2 days and was shifted (with a colleague) to work on regression tests for some app I have never seen. A week or more has passed and still I have no VPN access to the app. (the app is hosted by some other company) I am bored of doing nothing. I have experienced a pattern of shifting between projects a lot. Still have not been in one from start till the very end. It is annoying. I feel that there is a lack of communication here.

I'm stuck in a really difficult spot in my office and I'm not sure if I should start looking elsewhere. Tldr; there's no defined hierarchy or career path in the web department leaving no position to be promoted to.

We've got 2 offices with now 150+ employees and for the last 2 years I've basically inherited the responsibilities of an IT manager. Planning and deploying our networks, firewall config, VPN setup, keeping users' systems functional, track equipment, order/setup systems for new employees. All of this in addition to my original job description of web developer, which has basically turned into maintaining client WordPress sites while the other developer builds sites.

I've spoken to our CTO (my supervisor) about how much time the IT stuff actually takes and some of my suggestions for the future to make sure we protect ourselves and future proof our systems the best we can and one of my suggestions was that we needed to create the IT manager position because he is usually in meetings or building out API integrations. He's behind the idea, or at least says so to me, but leadership doesn't believe it's needed because we "manage just fine as it is" (this does require 60 hours a week of work along with much automation that I wrote/built). But we're trying to open a 3rd office which means another 50+ employees and systems to manage as well as more websites as we sign more clients.

My pay has never been satisfactory where I am and based on the maximum raise each year it would take me another 10 years to make what I would like (that's calculating without cost of living increase) but they claim this is because I lack a formal degree (self taught). I love most of the people I work with, don't really have an issue with any of them (outside that they're stupid but that I can let that slide if they're trying), and they work with me and my health issues which cause me to miss significantly more office time than I would like. I've been here for 4 years and I've learned a lot but I don't feel like there's any upward mobility here. The only position I see in my department above me is the CTO (or possibly the new PM but that's not a position I want) and he's not going anywhere, and I firmly believe we need someone who can full-time stay on top of our infrastructure before we expand further.

I fantasize occasionally about leaving and finding something else, and there are plenty of opportunities online that I appear qualified for which pay more, but I worry that I'd be trading in something that really isn't all that bad for something that sucks and the only real perk is more money. I'd hate to go somewhere else and start back at the bottom again and have to prove myself yet again.

What I need to do today:
* terraform init
* terraform plan
* terraform apply

What I'm doing today:
* Rebuilding a docker container, because our outdated version of Terraform doesn't run on M1 Macs natively.
* Fighting with corporate IT man-in-the-middle SSL certs, because those aren't trusted inside the Docker container. These are now applied to all internet traffic, not just traffic destined to the VPN. Terraform doesn't like it, so it won't download any modules.
* Waiting for a blazing fast 1.5 Mbps connection rate when connected to the VPN.
* Learning I can no longer turn off the VPN, as it's a forced policy on my laptop.

Not sure if I'd be more productive today fighting these issues, or just waiting around for days (weeks?) for IT to mail me an Intel mac.

My network is somehow fucked up. VPN Client on laptop to my workplace is not connecting via wifi but instead connects when my phone creates a hotspot, while the phone is connected to the same router via wifi? Second laptop this occurrence.
When the work laptop is outside of VPN but connected to the router with wifi, about 50% of web pages are not reachable, same with my own PC and another laptop. Didn't touch my router in ages. Nice fucking conditions for wfh.

Client's IT department is fine about giving me a laptop for exclusive access to their VPN, security reasons, etc. Ok, fine I get it.

But they do not want to give me a Linux machine - only Windows!

How am I supposed to get shit done.

Hey, I'm looking for a tool to emulate multiple, maybe around 100 browser clients at the same time, having open the same page at the same time. Every single instance would need a separate IP (VPN/proxy). It should also be sort of ressource friendly(not 100chrome windows/tabs)
Anyone got suggestions on a tool I could use? thanks

I'm kinda looking for a new phone, should be super cheap (so a used one would do), I wanna modify it to be secure (proper encryption, VPN, etc.), very good battery time and not very big (more like 4"). I have been looking at the Lenovo P2 a lot, but I'm afraid my current phone will die before I have enough money for that one (I'm a broke trainee yay).

So what do y'all have or can recommend?

II encountered this problem today with a user who couldn't access internet on their own home network or on their company. Everytime they try to access the site. Firewall and Anti-virus settings have blocked the access . Couldn't remote into their PC due to them not being on the domain to setup the VPN client. Reset Browser settings and disabled all Firewall and Anti-virus protocols. User still could not get to any sites..... What did I miss?

For some reason properly starting an embedded tomcat and deploying a war is the fucking bane of my existence. Came back to work today from being off for the weekend and all of the sudden my webapp wont deploy. Tomcat just spinsup the app manager and intellij doesnt deploy the war...

Now that im typing this I bet that the context.xml is missing the docbase attr... gunna vpn in and check... literally ran the app fine friday night so not sure why this would have changed now. Will report back.