Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Hey everyone,
First off, a Merry Christmas to everyone who celebrates, happy holidays to everyone, and happy almost-new-year!
Tim and I are very happy with the year devRant has had, and thinking back, there are a lot of 2017 highlights to recap. Here are just a few of the ones that come to mind (this list is not exhaustive and I'm definitley forgetting stuff!):
- We introduced the devRant supporter program (devRant++)! (https://devrant.com/rants/638594/...). Thank you so much to everyone who has embraced devRant++! This program has helped us significantly and it's made it possible for us to mantain our current infrustructure and not have to cut down on servers/sacrifice app performance and stability.
- We added avatar pets (https://devrant.com/rants/455860/...)
- We finally got the domain devrant.com thanks to @wiardvanrij (https://devrant.com/rants/938509/...)
- The first international devRant meetup (Dutch) with organized by @linuxxx and was a huge success (https://devrant.com/rants/937319/... + https://devrant.com/rants/935713/...)
- We reached 50,000 downloads on Android (https://devrant.com/rants/728421/...)
- We introduced notif tabs (https://devrant.com/rants/1037456/...), which make it easy to filter your in-app notifications by type
- @AlexDeLarge became the first devRant user to hit 50,000++ (https://devrant.com/rants/885432/...), and @linuxxx became the first to hit 75,000++
- We made an April Fools joke that got a lot of people mad at us and hopefully got some laughs too (https://devrant.com/rants/506740/...)
- We launched devDucks!! (https://devducks.com)
- We got rid of the drawer menu in our mobile apps and switched to a tab layout
- We added the ability to subscribe to any user's rants (https://devrant.com/rants/538170/...)
- Introduced the post type selector (https://devrant.com/rants/850978/...) (which will be used for filtering - more details below)
- Started a bug/feature tracker GitHub repo (https://github.com/devRant/devRant)
- We did our first ever live stream (https://youtube.com/watch/...)
- Added an awesome all-black theme (devRant++) (https://devrant.com/rants/850978/...)
- We created an "active discussions" screen within the app so you can easily find rants with booming discussions!
- Thanks to the suggestion of many community members, we added "scroll to bottom" functionality to rants with long comment threads to make those rants more usable
- We improved our app stability and set our personal record for uptime, and we also cut request times in half with some database cluster upgrades
- Awesome new community projects: https://devrant.com/projects (more will be added to the list soon, sorry for the delay!)
- A new landing page for web (https://devrant.com), that was the first phase of our web overhaul coming soon (see below)
Even after all of this stuff, Tim and I both know there is a ton of work to do going forward and we want to continue to make devRant as good as it can be. We rely on your feedback to make that happen and we encourage everyone to keep submitting and discussing ideas in the bug/feature tracker (https://github.com/devRant/devRant).
We only have a little bit of the roadmap right now, but here's some things 2018 will bring:
- A brand new devRant web app: we've heard the feedback loud and clear. This is our top priority right now, and we're happy to say the completely redesigned/overhauled devRant web experience is almost done and will be released in early 2018. We think everyone will really like it.
- Functionality to filter rants by type: this feature was always planned since we introduced notif types, and it will soon be implemented. The notif type filter will allow you to select the types of rants you want to see for any of the sorting methods.
- App stability and usability: we want to dedicate a little time to making sure we don't forget to fix some long-standing bugs with our iOS/Android apps. This includes UI issues, push notification problems on Android, any many other small but annoying problems. We know the stability and usability of devRant is very important to the community, so it's important for us to give it the attention it deserves.
- Improved profiles/avatars: we can't reveal a ton here yet, but we've got some pretty cool ideas that we think everyone will enjoy.
- Private messaging: we think a PM system can add a lot to the app and make it much more intuitive to reach out to people privately. However, Tim and I believe in only launching carefully developed features, so rest assured that a lot of thought will be going into the system to maximize privacy, provide settings that make it easy to turn off, and provide security features that make it very difficult for abuse to take place. We're also open to any ideas here, so just let us know what you might be thinking.
There will be many more additions, but those are just a few we have in mind right now.
We've had a great year, and we really can't thank every member of the devRant community enough. We've always gotten amazingly positive feedback from the community, and we really do appreciate it. One of the most awesome things is when some compliments the kindness of the devRant community itself, which we hear a lot. It really is such a welcoming community and we love seeing devs of all kind and geographic locations welcomed with open arms.
2018 will be an important year for devRant as we continue to grow and we will need to continue the momentum. We think the ideas we have right now and the ones that will come from community feedback going forward will allow us to make this a big year and continue to improve the devRant community.
Thanks everyone, and thanks for your amazing contributions to the devRant community!
Looking forward to 2018,
- David and Tim
48 -
Google sucks!
No, not as e-mail or for privacy reasons. Sure, that too, but it comes with "free" stuff.
It sucks because it's breaking every possible record in the worst, shittiest, most insanely stupid APIs and integrations out there on the entire fucking planet!
It is comically stupid!
Aside from their LOVE of hard-deprecating APIs every few months, requiring constant, time consuming maintenance of every tool that integrates deeply with Google services, some of their APIs, for expensive stuff, look like they've been written by Bobby McFartface from 7th grade.
Take a look at DoubleClick Search (their ad performance reporting tool, that sure does sound like one). To upload custom, additional data, you must pass in a ton of parameter, and they REQUIRE some of them to have a specific, hardcoded value. What's the point in passing that parameter then you dickheads?!
But fine, so you uploaded some stuff using the API. Now you want to delete everything and try again after you fixed a bug - well you fucking CAN'T! You can't delete stuff, you can only mark them as "deleted" using an update call.
Bulk operations? Fuck no!
Can I just add on top? Well of course not! That will raise a ton of exceptions. Same message should be transmitted using the PUT, not POST request, in order to edit.
Can I send everything to PUT? Of course not! You can't edit something that's not there, dummy!
Can I see what's there so that I can update it, and add what's missing?
Well of course not! Why on Earth would you need to see what information is in there after you uploaded it? Who needs that anyway?
Simply send, pray, and hope that everything will be fine (it will not).
Like holy fucking crap, it can't get any more stupid!
Google is a huge pile of idiots who feed on only a single cow - the search engine.
It's times like these when I think that Google right now is the worst thing that exists for everyone in tech. It's dragging everyone down with their monopolies everywhere and complete idiocy in managing them.5 -
Finally finished the blog post and (nearly) the last bugs (few remaining, still gotta think about how to solve them) are fixed.
The new blog post is online! I've taken a look at the Telegram messaging app and basically burned it into the ground. (Provided sources as well)
Next to that, a new domain name! As this blog is about online security AND privacy, I decided to change the domain name. The new one:
https://much-security-such-privacy.info/...
Dark theme can be enabled but will only work on one domain, you have to enable it on the other one as well to get a dark theme there. It stores the value in a cookie so it will remain when you reload the page and don't remove the cookies.
The RSS feed generator has a bug right now which makes that the page doesn't get updated, will work on that one tomorrow.
Thanks!
Last but not least, you can email me suggestions and so on at linuxxx@much-security.nl :)34 -
Thanks to McDonald's for such a wonderful morning... And this may explain why a busy store is now empty...
-Order mobile deal at home
-Walk 15mins to the restaurant
-Opens app, get message "your account has been deleted"
*WTF!!!!!*
-Tried to sign up with Google, error
-Sign up with Facebook, OK!!
(btw I got a privacy message from Google this morning... Haven't got one from FB yet... hmm...)
-tried to redeem again. All coupons are like "not available at this location"
Well since I'm here anyway...
-Walks to machines and enters the codes, it works!!!!
FFS MCD JUST TELL PPL THESE COUPONS CAN BE REDEEMED IN STORE ONLY!!!! AND DON'T RANDOMLY DELETE ACCOUNT BC YOU CAN'T SUPPORT GPDR OR UR SYSTEM CRASHES FROM AN INTERNAL BUG
Lucky I redeemed my free coffee last week...
2 -
kinda long but please read (skip to the bullets if you're lazy):
hey dR. I stumpled across a search engine that aims to help the environment. it's called "Ecosia" and it will plant a tree for every ~45 searches you make. just think, one stubborn bug could make you the reason for a new forest! I'm not sure if it's legitimate or not, but apparently it uses 80% of its profits to plant trees, and makes that profit from ads. is it safe to use? I'm not sure.
here is what you should know (some are based on claims by ecosia and aren't proved, but probably true):
- they plant a tree for about every 45 searches you make
- they are able to plant trees by using money from ads
- they "respect privacy"
- they're "fully transparent"
- they're a "social buisness"
- [I hope this isn't a turnoff] the search results are powered by bing
- since 1.9, vivaldi has included ecosia as one of the preset search engines (I'm not sure if it's the default)
- it has opera, firefox, and chrome extensions
thanks!11 -
I made a bash script for my website that anonymises the visitor IPs in the Awstats logs by replacing the last octet with 0. It can either process all logfiles except the one of the current month, or only the one of the previous month. The latter mode is how I put it in a cron job to be called on the first day of each month.
Everything worked flawlessly with test data, but on the server, some visitor IPs were not anonymised. I noticed that all of them were from the last day of the previous month. Looking at the time stamp of the logfile, it was indeed from the first of the current month, but not from 00:21 where my cron job runs - instead, it was modified around 14:30.
Then I realised that the Awstats engine seems to be configured to batch add the log entries once per day at 14:30 so that when my cron job ran, the visitor data from between 14:30 and 00:00 were not yet in the file!
Solution: batch process all previous logfiles once to clean them up, and schedule the cron job on the 2nd of each month at 00:21.2 -
Brave Browser was found hardcoding referral links to partnered Crypto sites, even if you manually type the URL.
Since then , they have fixed the bug but it's hard to trust Brave again.
Privacy is built on trust. I have recommended Brave to my friends and family and seeing news like this , makes me skeptical about the company.8 -
I bought a domain and need some styling suggestions.
it basically demonstrates how language barriers can hurt communication (and I want to screw over google)
so, it takes a phrase and translates it to a bunch of random languages with google translate to see how messed up it gets.
the link is:
https://translationiteration.com
READ BEFORE CLICKING: i still have an unresolved bug with php cookies and sessions so once the page loads, just press refresh ¯\_(ツ)_/¯
so now i need some styling suggestions, and advertiser suggestions (i’m thinking media.net) who respect user privacy and are contextual.
comment :)
p.s. does anyone still say advert or am I the only one ? 🙃20 -
I remember when doing some privacy cleanup, looking at the third-party list of a website and visiting the sites behind them. I ended up one time on Crazy Egg.
3 months later, I got an email if I wouldn't want to use their services.
They did have my email.
From where? (the answer is obviously from the sites they track)
But I mean, who cares about your email when they have your f****** passport
-->
https://medium.freecodecamp.org/pri...
This world is getting to crazy, I thought this would be the maximum. Of course...
Next headline:
https://telegraph.co.uk/news/2018/...
I think tracking is a more serious problem, than I imagined (and I do already try to reduce data)
Oh yeah and btw I just noticed an iOS app could silently use my mobile data (was deactivated for the app) to display ads. Silently. I hope this was a bug. But I don't think so. -
second big issue for g+ in few months and they're going to shut down earlier... google security ROTFL
https://thurrott.com/cloud/social/...2 -
really good week for apple security flaws:
- https://engadget.com/2019/02/...
- https://neowin.net/news/...
- https://engadget.com/2019/01/...
- https://engadget.com/2019/01/...
but but apple is the best, is secure... /s1 -
I really wanna get a keg of rum and start sailing across the globe...
Just to spank some devs / managers arses.
The last years were... very demanding regarding security and upgrades.
It hasn't gotten better.
Microsoft leaked it's security key thx to internal debugging and the tool to secure the debugging process so secure data gets filtered was buggy...
I'd guess I already have carpal tunnel after Redmond.
But the really really sad story is: This has become the gold standard.
https://lwn.net/Articles/943969/
Chrome selling the privacy mode for Ads, long topic ongoing for years... yeah they did it.
Apple... oh boy. I could write a Silmarillion about it and would still need an additional trilogy.
Amazon realizing that a Microservice architecture needs planning, cause yeah... just potting services in a data center doesn't end well.
It goes on and on and on....
Don't even get me started on the plethora of firmware / microcode updates cause there was either yet another CPU bug or another device pooped their pants cause the firmware is a mess and needed some dubious update without any background at all...
Serious question: Am I becoming a pepperidge farm uncle threatening to shoot everyone cause I'm getting old and cranky ....
Or is really everything in IT going down the drain the last few years?
It feels like every week is just another "we fucked it up" event.3 -
This whole thing about privacy and google is getting a little paranoid, it's almost like the Y2K bug back then...
-
I'll have to make some tough choices over the next 6 months. With my tech career beginning and my college education ramping up, time is of the essence, and the skills I develop now will be at the forefront of my future. So what does this have to do with Microsoft?
Well, the story begins in the Spring of 2016. Social Forums was about to turn a year old, Trump's campaign was ramping up, and I had just found my love for technology. With all my friends having phones, I had to get a phone and get working on development. The year before, Windows 10 was launched, and I was psyched. I found Microsoft's products to be underrated with potential. That day, I purchased a Lumia 640, upgraded it to Windows 10, and immediately began working. After another year-and-a-half gone by, I went from loving Microsoft, to defending Microsoft, to tolerating Microsoft. I could go on and on about the lousy structure, the privacy issues, the forced upgrades, the redundant developer platform, and other such issues that is leading me away from them. But if there is one thing they have proven over the years, is that the they are completely out of touch with its developers and its customers. They spent years ramping up their phones. They failed. They spend years ramping up their phones. They failed. They spend years ramping up their semi-annual OS updates. They failed. So why did they fail? It's not that they made the wrong prediction out of chance. They legitimately don't care about feedback. It's their way or the highway. This sounds vaguely familiar. They have been spending a decade ignoring feedback from the community because they want to become just like Apple. Right now, Apple LIVES off of brand loyalty and its stable, useful ecosystem. This cannot work for Microsoft as they don't have a lot of brand loyalty. But most of all, they don't have a working ecosystem. They have Windows Insiders, which provides them with hundreds of feedback messages per day. These include suggestions, bug reports, and constructive criticism. The feedback is public. You can have several pages of the same complaint, and they still won't do anything about it. They say they have a good relationship with their community, and that this Beta program helps Windows become better for all. But in the end, we are nothing more than a glorified unpaid labor force. They fired hundreds of professional debuggers just before the Insider Program took off. We are only here to provide bug reports for free. Now that their phones, AR headsets, browser, online services, and VR headsets are failing for all these reasons, I see little reason to develop for Windows anymore. I don't just mean their UWP and App Store platforms, I mean Windows as a whole. I'm definitely not a Mac guy either. I never see myself going to Mac either, as they are really no different in terms of how they treat their Developers and PC users. If things continue down this route, I will leave the platform all together. I've always wanted to be a Systems Programmer, so I don't really need an established paid platform to be successful. Even now, I'm not certain about leaving Windows altogether but as a developer, I need to find my place. Time is of the essence in my life, and I need to find out my place in the software world. Now I think it isn't on the Windows platform like I had dreamed it would be. But where do I go?10 -
Persisterising derived values. Often a necessary evil for optimisation or privacy while conflicting with concerns such as auditing.
Password hashing is the common example of a case considered necessary to cover security concerns.
Also often a mistake to store derived values. Some times it can be annoying. Sometimes it can be data loss. Derived values often require careful maintenance otherwise the actual comments in your database for a page is 10 but the stored value for the page record is 9. This becomes very important when dealing with money where eventual consistency might not be enough.
Annoying is when given a and b then c = a + b only b and c are stored so you often have to run things backwards.
Given any processing pipeline such as A -> B -> C with A being original and C final then you technically only need C. This applies to anything.
However, not all steps stay or deflate. Sum of values is an example of deflate. Mapping values is an example of stay. Combining all possible value pairs is inflate, IE, N * N and tends to represent the true termination point for a pipeline as to what can be persisted.
I've quite often seen people exclude original. Some amount of lossy can be alright if it's genuine noise and one way if serving some purpose.
If A is O(N) and C reduces to O(1) then it can seem to make sense to store only C until someone also wants B -> D as well. Technically speaking A is all you ever need to persist to cater to all dependencies.
I've seen every kind of mess with processing chains. People persisting the inflations while still being lossy. Giant chains linear chains where instead items should rely on a common ancestor. Things being applied to only be unapplied. Yes ABCBDBEBCF etc then truncating A happens.
Extreme care needs to be taken with data and future proofing. Excess data you can remove. Missing code can be added. Data however once its gone its gone and your bug is forever.
This doesn't seem to enter the minds of many developers who don't reconcile their execution or processing graphs with entry points, exist points, edge direction, size, persistence, etc.2
Top Tags
Weekly Rant
View