Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "plain old c"
-
Git.
The smallest utility made its way to being the largest companies must-have, the most critical part of the whole development landscape.
Using just plain C, Git can shred huge amounts of data insanely fast. It never gets old.
Git is a developer's scalpel.11 -
So... A random morning moment:
(c - Cient, m - me)
C: Help!!! Our users are complaining that our website is not working as intended!!! This is crucial!!!!
M: What's the problem? What is not working?
C: EVERYTHING!!!! FIX IT!!!!
M: Could you be more specific...?
C: Look at the bugsnag - it has all the errrors!!!
M: *looks there - no errors* - But... It has no errors...
C: Okay, so client told me he's using Galaxy SII - does that ring a bell?
M: *thinks that I'm fucked* - Asks, which browser?
C: Why do you need it? It's a browser after all...
M: Yeah but not all browsers are the same and I need type and version to investigate...
C: It's Samsung default browser... Last updated 2012 January.
M: Well, tell that user to update the browser, the site is working fine on newer versions...
C: No, you update it.
M: Browser?!
C: Yes, what else?!
M: Of course, I'll fly 3000 kilometres to press UPDATE button on clients phone...
C: Well, he's not doing it himself - he's afraid!
M: Well, that is his problem. Site is working fine for other users with newer browsers.
C: But... He's a client
M: I get it but he's a client that uses 6 years old browser and tries to visit our website. Don't you remember that we ditched IE support on your behalf for the same reason?!
C: Oh... I see... Can you make something that it works with 2005 browsers?
M: Of course... *evil laugh starts* I'll make the website work on EVERY single device EVER - make it plain text.
C: Are you joking?
M: Are you?
----
And since then, we ditched the actual need for supporting users with old browsers that don't update to modern standards... Feels great!12 -
Our website once had it’s config file (“old” .cgi app) open and available if you knew the file name. It was ‘obfuscated’ with the file name “Name of the cgi executable”.txt. So browsing, browsing.cgi, config file was browsing.txt.
After discovering the sql server admin password in plain text and reporting it to the VP, he called a meeting.
VP: “I have a report that you are storing the server admin password in plain text.”
WebMgr: “No, that is not correct.”
Me: “Um, yes it is, or we wouldn’t be here.”
WebMgr: “It’s not a network server administrator, it’s SQL Server’s SA account. Completely secure since that login has no access to the network.”
<VP looks over at me>
VP: “Oh..I was not told *that* detail.”
Me: “Um, that doesn’t matter, we shouldn’t have any login password in plain text, anywhere. Besides, the SA account has full access to the entire database. Someone could drop tables, get customer data, even access credit card data.”
WebMgr: “You are blowing all this out of proportion. There is no way anyone could do that.”
Me: “Uh, two weeks ago I discovered the catalog page was sending raw SQL from javascript. All anyone had to do was inject a semicolon and add whatever they wanted.”
WebMgr: “Who would do that? They would have to know a lot about our systems in order to do any real damage.”
VP: “Yes, it would have to be someone in our department looking to do some damage.”
<both the VP and WebMgr look at me>
Me: “Open your browser and search on SQL Injection.”
<VP searches on SQL Injection..few seconds pass>
VP: “Oh my, this is disturbing. I did not know SQL injection was such a problem. I want all SQL removed from javascript and passwords removed from the text files.”
WebMgr: “Our team is already removing the SQL, but our apps need to read the SQL server login and password from a config file. I don’t know why this is such a big deal. The file is read-only and protected by IIS. You can’t even read it from a browser.”
VP: “Well, if it’s secured, I suppose it is OK.”
Me: “Open your browser and navigate to … browse.txt”
VP: “Oh my, there it is.”
WebMgr: “You can only see it because your laptop had administrative privileges. Anyone outside our network cannot access the file.”
VP: “OK, that makes sense. As long as IIS is securing the file …”
Me: “No..no..no.. I can’t believe this. The screen shot I sent yesterday was from my home laptop showing the file is publicly available.”
WebMgr: “But you are probably an admin on the laptop.”
<couple of awkward seconds of silence…then the light comes on>
VP: “OK, I’m stopping this meeting. I want all admin users and passwords removed from the site by the end of the day.”
Took a little longer than a day, but after reviewing what the web team changed:
- They did remove the SQL Server SA account, but replaced it with another account with full admin privileges.
- Replaced the “App Name”.txt with centrally located config file at C:\Inetpub\wwwroot\config.txt (hard-coded in the app)
When I brought this up again with my manager..
Mgr: “Yea, I know, it sucks. WebMgr showed the VP the config file was not accessible by the web site and it wasn’t using the SA password. He was satisfied by that. Web site is looking to beat projections again by 15%, so WebMgr told the other VPs that another disruption from a developer could jeopardize the quarterly numbers. I’d keep my head down for a while.”8 -
My school just tried to hinder my revision for finals now. They've denied me access just today of SSHing into my home computer. Vim & a filesystem is soo much better than pen and paper.
So I went up to the sysadmin about this. His response: "We're not allowing it any more". That's it - no reason. Now let's just hope that the sysadmin was dumb enough to only block port 22, not my IP address, so I can just pick another port to expose at home. To be honest, I was surprised that he even knew what SSH was. I mean, sure, they're hired as sysadmins, so they should probably know that stuff, but the sysadmins in my school are fucking brain dead.
For one, they used to block Google, and every other HTTPS site on their WiFi network because of an invalid certificate. Now it's even more difficult to access google as you need to know the proxy settings.
They switched over to forcing me to remote desktop to access my files at home, instead of the old, faster, better shared web folder (Windows server 2012 please help).
But the worst of it includes apparently having no password on their SQL server, STORING FUCKING PASSWORDS IN PLAIN TEXT allowing someone to hijack my session, and just leaving a file unprotected with a shit load of people's names, parents, and home addresses. That's some super sketchy illegal shit.
So if you sysadmins happen to be reading this on devRant, INSTEAD OF WASTING YOUR FUCKING TIME BLOCKING MORE WEBSITES THAN THEIR ARE LIVING HUMANS, HOW ABOUT TRY UPPING YOUR SECURITY, PASSWORDS LIKE "", "", and "gryph0n" ARE SHIT - MAKE IT BETTER SO US STUDENTS CAN ACTUALLY BROWSE MORE FREELY - I THINK I WANT TO PASS, NOT HAVE EVERY OTHER THING BLOCKED.
Thankfully I'm leaving this school in 3 weeks after my last exam. Sure, I could stay on with this "highly reputable" school, but I don't want to be fucking lied to about computer studies, I don't want to have to workaround your shitty methods of blocking. As far as I can tell, half of the reputation is from cheating. The students and sysadmins shouldn't have to have an arms race between circumventing restrictions and blocking those circumventions. Just make your shit work for once.
**On second thought, actually keep it like that. Most of the people I see in the school are c***s anyway - they deserve to have half of everything they try to do censored. I won't be around to care soon.**undefined arms race fuck sysadmin ssh why can't you just have any fucking sanity school windows server security2 -
I might be fucked up, but I have a tendency to gravitate towards the shit that everyone else dislikes for the sake of knowing if their bias against is actually because shit is truly fucked up or if shit is legit plain WRONG.
From all technologies that I have worked with professionally I can count:
Java(currently in the form of old JSP services for an "enterprise level application")
Java for Android development - i was the lead engineer for a mobile project
Swift with IOS dev, same gig as the above.
C++ for Android development in the form of OpenCV with Java as well.
Javascript in all possible forms, basic input validation, ajax services, jquery datatables, jquery animations and builders.
Css/sass heavily
Clojure for an ldap active directory application
Python for glue scripts
Classic ASP with JScript and VBScript
VB Net forms
C# For ASP.NET MVC
Bootstrap for multiple intranet frontends
Node+Express for a logistics warehouse management tool
Ruby on Rails freelancing small gigs
Php in all ways possible from complete standalone php apps to Laravel and just php+composer apps aaaaall the way to wordpress
Django consulting
I have found that the one that I dislike the most is wordpress. And the one that I like working with the most is Node. Don't know why, i just do really fucking like messing around with Javascript, the language has changed a fuckload throughout the years and continues to increase and change. It was my first scripting language following a stint in me trying to learn cpp way when i was starting and royally FAILING
Never really got the hate for it, even when I used JScript with classic ASP i just enjoy working with Javascript a lil too much. And from all the above mentioned stacks safe from Php is the one, or one of the ones in which i don't royally suck :V3 -
Re-implemented a Perl-based log analysis script in plain old C to make it faster.
Horrible implementation... Good times.6 -
Substantive post / question time!
So I'm working on this project that isn't a disaster but very much suffered from a lack of planning (both on my part and others).
This is a feature that involves all sorts of ways to view and manipulate some records and various records and so forth... I mean what isn't that really?
I think everyone tried but we didn't realize how many details there would be and how much we would need to (well I demand we do) share code across pieces and how that would slow us up when we realize feature A needs to do X, Y, Z and ... well obviously that means feature B has to also...
I'm not really upset about this, it's progressing and I'm learning. I'm writing it all now so it's under control, but...
I want to be able to display, visually where we are as far as each component of this project
- Component A
- Description:
- Component A does things you don't want to.
- Has features:
- Can blow up things in a good way.
- Produces flowers and honey on demand
- Missing features:
- Doesn't take out the trash.
And so on for component B, C, D, Z.
Right now I'm just using a plain old document file to write up a status / progress type thing now.
We use Teamwork to manage tasks, but I kinda hate it. It's similar to the above example in being able to bust out lists... but they're not connected in any way. All the details are lost on these bullet items as they're limited to one line when you look at everything ....
It's the classic case of a tool that shows lists ... but doesn't promote or allow for showing any connections between them...
And really the problem with this project is that we built little bits and features here, and little bits there from the outside in and ... really we should have built it from the top down where we had to face a lot of questions earlier.
Anyway does anyone know of anything that has project type management / status / progress stuff that is VISUALLY helpful .. not just a bunch of lists and progress bars?
I know I didn't word this well but I'm open to even wrong answers....2