Uhh... That's cool! Someone hacked the public website for Dublin's tram system...

An open letter to the guy that commented on my website:

«Function X does not work. This program is shit. I am going to uninstall it and tell everyone.»

I'm sorry that my completely open source project didn't work for you. The fact that I lost countless days and months and years working on it in my free time, without ever asking for a cent, just trying to do something good for the community, doesn't give me the right to release a feature that may be buggy.

You could have opened a bug report. But that takes time. A whole 2 minutes. I understand the urge to post such a harsh public critic on my website. That's why I was so calm and understanding when I replied to you there.

However, it's a long time I wasn't browsing devRant and I confess I felt the urge to tell you to go fuck yourself. And this is the best place to do it! I'd pay to know you. I'd love to see your face. Oooh you must be so confident of yourself. I'm sure you have accomplished a lot in your life. So here's my message:

Go Fuck Yourself Asshole

So before I resign from my job tomorrow I thought I'd talk a little about a couple of things at work that I won't ever tell my boss in person but are generally some of the reasons I want to leave.

---------- warning long rant ----------

1. The CEO of the company finds out I only have my learner's and take the bus, goes on to belittle me about taking the bus.

(It may have been meant as a joke but I was offended, and we don't have any actual HR to complain to)

First off my real reason for not getting my restricted is mostly related to the fact public transportation does the job it needs to, I don't really complain unless the planning is fucked up (Adele concert rant lol) but typically I don't need a car. The other reason is because with a car I'd have to wait in traffic 1-2 hour each way. Also cars cost money which I don't have.

2. CEO buys himself and general manager brand new Range Rovers, you know those giant monstrosities box jeep looking things.

I hate this because I earn $31k, those things probably cost around $50 each (so typically 3 years worth of my wages).

When I had a talk about my contract at the 6 month mark, the general manager (my boss) said he wouldn't budge on my salary (yet they buy these jeeps)

3. I live way too far from work and because of it being Auckland and the current inflation for house prices, the rent prices have also increase, I wouldn't be able to get a house closer to home nor rent with minimum wage :(

4. Though it's not too necessary they mask that the app was made by me, whenever I see an email about the app to potential clients they refer to be as this app guy, and during their presentations they don't really include as part of the reason this app has been developed ( aside from my boss being the client, I came up with some interesting ideas to turn their paper form of the process they use into a digital one, I also did research for the specific topics, something I could have just asked for instead).

5. Old fashioned way of looking at so called "IT", they added fixing computers to my contract which I dread, especially since I'll be close to a deadline and then I get a call to fix someone's computer...

6. They don't seem to want to expand their "development team" to more than one person.

When I give my resignation I have to stay here for a month and I bet people will start to act differently around me, my likely my boss and the CEO. I think the other people that work will understand, given my situation.

I'm planning to for the last month to only do planning for the app they want me to work on, UML diagrams, use cases, Sprint planning (albiet, only developer here lol). Research on the third party libraries we need for the app and generally give the next guy the easiest path to getting the app done.

I want to do this because the Android and iOS app we're done via cowboy programming in a sense. (I don't have too much in terms of documentation and planning aside from a Microsoft planning website setup with to-do of which features are done for the iOS and paper Todo for the Android app.

Alright long rant over, I've got it all written down, glad I'll be leaving this place.

Website owners who use modals that aren't triggered by explicit user interaction should be punished by public hanging.

YOU CAN SHOVE YOUR FREE EBOOK AND NEWSLETTER UP YOUR ARSE. FUCK YOU.

Worst legacy experience...

Called in by a client who had had a pen test on their website and it showed up many, many security holes. I was tasked with coming in and implementing the required fixes.

Site turned out to be Classic ASP built on an MS Access database. Due to the nature of the client, everything had to be done on their premises (kind of ironic but there you go). So I'm on-site trying to get access to code and server. My contact was *never* at her desk to approve anything. IT staff "worked" 11am to 3pm on a long day. The code itself was shite beyond belief.

The site was full of forms with no input validation, origin validation and no SQL injection checks. Sensitive data stored in plain text in cookies. Technical errors displayed on certain pages revealing site structure and even DB table names. Server configured to allow directory listing in file stores so that the public could see/access whatever they liked without any permission or authentication checks. I swear this was written by the child of some staff member. No company would have had the balls to charge for this.

Took me about 8 weeks to make and deploy the changes to client's satisfaction. Could have done it in 2 with some support from the actual people I was suppose to be helping!! But it was their money (well, my money as they were government funded!).

Went to hackathon @ Google HQ in NYC. Gotta say it was pretty shitty. Most people are JavaScript nerds and some code in objective-C, xcode (4-5 out of 50). The rest are chemists, scientists and general folks. Not what I anticipated when you know it's more like iOS hackathon. Anyways it was good to see the shittiest demos in my life made in less than 12 hours. We had 4.5 people working on a toilet project called "I gotta go". Public bathroom locator... One guy coded in JS, xcode and react Native. Another dude was pushing all the code to GitHub and doing backend in firebase. The third guy was making a website for no reason and then I see it's hosted weebly. He hand coded first, I looked what he is doing - just HTML tags. Thank God some organizers helped us and we had a 4 click demo with basic text and no real functionality. Plus the website who never seen. What a fucking waste of $100 and two days.

HO. LY. SHIT.

So this gig I got myself into, they have a whitelist of IP addresses that are allowed to access their web server. It's work-at-home. We just got a new internet provider, and it looks like I get a different public IP address everytime I disconnect and connect to the WIFI. And since it looks like the way they work on their codebase is that you either edit the files right on the server or you download the files that you need to work on, make the changes, and then re-upload the file back to the server and refresh the website to see the changes, now I can't access the server because I get different IP addresses. And it's highly inconvenient to keep emailing them to add IP addresses to the whitelist.

No source control, just straight-up download/upload from/to the server. Like, srsly. So that also means debugging is extremely hard for me because one, they use ColdFusion and I've never used that shit before and two, how the hell do you debug with this style of work?

I just started this last Tuesday, and I already want to call it quits. This is just a pain in the ass and not worth my time. I'll be glad to just go back to driving Lyft/Uber to make money while I look for a full-time, PROPER job.

By the way, can I do that to a contracting job? Just call it quits when you haven't even finished your first task? How does this work?

You're a flippin bank, and your public website has an invalid cert!? WTF. No, I'm done, and I don't trust you with my money either.

CSS...

I just discovered my server being brute forced over SSH by over 25 different IPs per minute. WHAT THE FUCK?! It's not even a public website... Now I installed fail2ban.

So, sometime ago, Elon musk proposed a website that ranks news sources.

How about a website where we rate recruiters and black list those inhuman ones like the guy who sent an email saying you're legally not allowed to work for anyone else and 750 month pay for 40 hours a week.

A public spam filter, like ads or spam emails, but from disrespectful recruiters

That way recruiters feel more scared and improve their behaviors against programmers from all levels and everyone can have better experience during job search.

(I mean I'm sure these recruiters got some blacklist of their own, right?)

The website for our biggest client went down and the server went haywire. Though for this client we don’t provide any infrastructure, so we called their it partner to start figuring this out.
They started blaming us, asking is if we had upgraded the website or changed any PHP settings, which all were a firm no from us. So they told us they had competent people working on the matter.

TL;DR their people isn’t competent and I ended up fixing the issue.

Hours go by, nothing happens, client calls us and we call the it partner, nothing, they don’t understand anything. Told us they can’t find any logs etc.

So we setup a conference call with our CXO, me, another dev and a few people from the it partner.
At this point I’m just asking them if they’ve looked at this and this, no good answer, I fetch a long ethernet cable from my desk, pull it to the CXO’s office and hook up my laptop to start looking into things myself.

IT partner still can’t find anything wrong. I tail the httpd error log and see thousands upon thousands of warning messages about mysql being loaded twice, but that’s not the issue here.
Check top and see there’s 257 instances of httpd, whereas 256 is spawned by httpd, mysql is using 600% cpu and whenever I try to connect to mysql through cli it throws me a too many connections error.

I heard the IT partner talking about a ddos attack, so I asked them to pull it off the public network and only give us access through our vpn. They do that, reboot server, same problems.

Finally we get the it partner to rollback the vm to earlier last night. Everything works great, 30 min later, it crashes again. At this point I’m getting tired and frustrated, this isn’t my job, I thought they had competent people working on this.

I noticed that the db had a few corrupted tables, and ask the it partner to get a dba to look at it. No prevail.

5’o’clock is here, we decide to give the vm rollback another try, but first we go home, get some dinner and resume at 6pm. I had told them I wanted to be in on this call, and said let me try this time.

They spend ages doing the rollback, and then for some reason they have to reconfigure the network and shit. Once it booted, I told their tech to stop mysqld and httpd immediately and prevent it from start at boot.

I can now look at the logs that is leading to this issue. I noticed our debug flag was on and had generated a 30gb log file. Tail it and see it’s what I’d expect, warmings and warnings, And all other logs for mysql and apache is huge, so the drive is full. Just gotta delete it.

I quietly start apache and mysql, see the website is working fine, shut it down and just take a copy of the var/lib/mysql directory and etc directory just go have backups.

Starting to connect a few dots, but I wasn’t exactly sure if it was right. Had the full drive caused mysql to corrupt itself? Only one way to find out. Start apache and mysql back up, and just wait and see. Meanwhile I fixed that mysql being loaded twice. Some genius had put load mysql.so at the top and bottom of php ini.

While waiting on the server to crash again, I’m talking to the it support guy, who told me they haven’t updated anything on the server except security patches now and then, and they didn’t have anyone familiar with this setup. No shit, it’s running php 5.3 -.-

Website up and running 1.5 later, mission accomplished.

The public seems to be worried a lot on the Facebook "data breach" yet doesn't bat an eye on a bigger website that has already been selling private data for more than a decade.

Google

When I was in college in 1996, one of my roommates had a “Web 101” class. At that same time, the office of a government agency I was working for had asked me to publish a website to let the public know what they were doing. Prior to that I had bought an HTML 1.0 reference and had been fiddling around with some things. I got excited about it all when I realized that just within 2 weeks of using the book I had passed up the entire class my roommate was taking and apparently knew more at that point than the professor. I published the agency site, then went on to build sites for the Uni and freelance clients, and then to apply to teach a more advanced class in the Continuing Education courses the Uni offered to adults in the community. All of that got me a job at a startup which led to the rest of my career. That was pretty dang exciting to me.

Are there any website or public list that shame companies and websites for sending passwords in plaintext whenever we tend to reset the password?

What kind of polite answer should I give to a client who visited us on Friday afternoon (29 Dec) and expected us to present him the finished website on Monday (1 Jan)?

// 1st Jan is public holiday and we made ourselves clear to every client that our office is closed on both Saturday and Sunday

Just finished our BIG update including a big change in the backend (PHP => NODEJS). So I hope our users will enjoy this one because we are not yet public and our competitor get a lot of clients each day but if we compare our product to their product: Ours is responsive as fucked and have much more stability but less fonctionnalities so we have to add more fonctionnalities before releasing our product to the public. I hope we will be able in a few weeks! With only me and my back-end dev (My employee and friend at the same time) to work on it and they have 2 more devs to their team to use Bubble.. (They are now 6 or 8 devs (wannabes and using a drag and drop website) in total vs 2 (us) real programmers).

A well deserved night of sleep :P

When client calls you next day of his website launching public to complain about his site not showing on Google results.

I don't understand why people are making a fuss about Facebook.

It's free to use, the amount of users kept increasing (thus the cost of maintenance) yet the company kept getting bigger and bigger. Obviously they're not making all their money off the advertisements on Facebook's own website.

So why are people so surprised that they're "selling" user information?

This is really funny to me. Especially the media joining in saying that it makes all your information available to everybody when they're actually talking about the fact that the majority of Facebook users have their profile set to public and they can be easily found with a simple Google search.

People are so fucking hypocritical it makes me want to puke. If you don't want anybody to know what you posted, just don't fucking post it on a SOCIAL MEDIA in the first place.

Don't get me wrong, I'm not saying that facebook is all flowers and love, they clearly didn't handle this situation well. They could have done something about this whole situation when it started instead of waiting for things to blow out of proportion.

However, people are just being assholes now. I highly doubt that they're reading all chats nor are they sending it over, they're probably just sending out some words you mention often so that it is pertinent for advertisers (ex. If you use the word computer next to buy, then maybe that triggers something). I could talk extensively about it but I'm way too lazy, the point is, they most likely aren't sending the nudes you sent to advertisers because that does not provide any benefits.

If you don't like Facebook, don't fucking use it. Delete your account and shut the fuck up. When you screw up in real life, there's no takesies backsies, why the fuck do people think it doesn't apply online? The government gathers up quite a lot of information on you yet I don't see you crying your eyes out.

Why the fuck do you care so much if an advertisement is tailored to specifically? Yeah, you talked about dildos and now you see dildo ads from Amazon, not happy? Just download adblock and shut up. If you're gullible and the moment you see an ad about single women in your area you click on the ad because you want to get laid right now, that's your problem.

Don't want people knowing about some aspects of your private life? Don't share it online.

Stop acting like people are any better at keeping secrets, I'm sure you had some people leak your secrets at least once, yet I doubt you sued them and you brought them to court.

===========

I'm sorry about this, it's just that Facebook is all over the news and I'm getting sick of it.

Also, I hate facebook, I'm not necessarily defending it, I'm more pissed at the medias for blowing this situation out of proportion.

Recently started at a new job. Things were going fine, getting along with everyone, everything seems good and running smoothly, a few odd things here and there but for the most part fine.

Then I decided to take a look at our (public facing) website... What's this? Outdated plugins from 2013? Okay, that's an easy fix I guess? All of these are free and the way we're using them wouldn't require a lot of refactoring...

Apparently not. Apparently, we can't even update them ourselves, we have to request that an external company does it (which we pay, by the way, SHITELOADS of money to). A week goes past, and we finally get a response.

No, we won't update it, you'll have to pay for it. Doesn't matter that there's a CVE list a bloody mile long and straight up no input validation in several areas, doesn't matter that tens of thousands of users are at risk, pay us or it stays broken. Boggles the fuckin' mind.

I dug into it a bit more than I probably should have (didn't break no laws though I'm not a complete dumbass, I just work for em) and it turns out it's not just us getting fucked over, it's literally EVERYONE using their service which is the vast majority of people within the industry in my country. It also turns out that the entirety of our region is running off a single bloody IP which if you do a quick search on shodan for, you guessed it, also has a CVE list pop up a fuckin' mile long. Don't get me started on password security (there is none). I hate this, there's fucking nothing I can do and everyone else is just fine sitting on their hands because "nobody would target us because we're not a bank!!", as if it bloody matters and as if peoples names, addresses, phone numbers and assuming someone got into our actual database, which wouldn't be a fuckin' stretch of the imagination let me tell you, far more personal details, that these aren't enticing to anyone.

What would you do in my situation?
What can I even do?
I don't want to piss anyone senior off but honestly, I'm thinkin' they might deserve it. I mean yeah there's nothing we can do but at least make a fuss 'cause they ain't gunna listen to my green ass.

fuck code.org.

here are a few things that my teacher said last class.

"public keys are used because they are computationally hard to crack"

"when you connect to a website, your credit card number is encrypted with the public key"

"digital certificates contain all the keys"

"imagine you have a clock with x numbers on it. now, wrap a rope with the length of y around the clock until you run out of rope. where the rope runs out is x mod y"

bonus:

"crack the code" is a legitimate vocabulary words

we had to learn modulus in an extremely weird way before she told the class that is was just the remainder, but more importantly, we werent even told why we were learning mod. the only explanation is that "its used in cryptography"

i honestly doubt she knows what aes is.

to sum it up:

she thinks everything we send to a server is encrypted via the public key.

she thinks *every* public key is inherently hard to crack.

she doesnt know https uses symmetric encryption.

i think that she doesnt know that the authenticity of certificates must be checked.

What kind of rusty asshole develops an FTP client which seemingly treats uppercase and lowercase filenames as exactly the same and is not able to fucking understant UTF-8 filenames!?
OK or maybe it was the shitty ass server to which I had to deploy the website to.
I've never been so pissed in my life.
It's already an asshole torture to upload 2.3 giggle bytes of pixel jizz, but 5 hours later, when the site has been made public, you find out that 25% of these images' filenames were automatically renamed during the extraction because some asshole dev thought it was a great idea to not even inform the user about this behaviour.
Fixing filenames in production while your boss is really pissed next to you the hole time is not a great feeling. Especially when you accidentally purge the whole image cache and the PHP image transform task then blocks thus making the whole site not loading any more images for 40 minutes.

WHAT AN ASSRAPE!

Please don't comment. I'm still too pissed to read comments. Thanks.

I have a few of these so I'll do a series.
(1 of 3) Public privates

We had a content manager that created a content type called "news item" on a Drupal site. There where two file fields on there. One called "attachments" and the other called "private attachments". The "private attachments" are only for members to see and may contain sensitive data. It was set to go trough Drupals security (instead of being directly hosted by the webserver) but because the permissions on the news items type where completely public everybody had access. So basically it was a slow public file field.

This might be attibuted to ow well Drupal is confusing. Howerver weeks earlier that same CM created a "private article". This actually had permissions on the content type correctly but had a file field that was set to public. So when a member posted the URL to a sensitive file trough unsafe means it got indexed by google and for all to read. When that happend I explained in detail how the system worked and documented it. It was even a website checklist item.

We had two very embarrassing data leaks :-(

!rant

PUBLIC SERVICE ANNOUNCEMENT:

For AI, in particular Deep Learning developers, practitioners, hobbyists and otherwise people interested in the field.

If you go into the Pytorch website, click on resources and scroll down you will see a link to "Deep Learning with Pytorch" by Manning publications. This will give you access to the book, a book that if memory serves me well costs about 40+ in printing and the online book format is about 29 (again, if memory serves well)

The book is currently FREE and it does not ask you for an email address, you can just tell them why you want it for and they will give you the free pdf download.

I don't know how good the book is, but have found Manning to publish really good resources.

Do with this information what you want.

And yes, I am leaving the rant tag, so that more people can see this and take advantage of the opportunity in case of being interested and not having the money to purchase the book after the promotion is done and over with. Fuck you about tags and shit.

I was helping a client launch a new website. We met in a restaurant to do the final launch work. I mentioned I use VPN software to protect my computer on public WiFI and taught him what it means. He said it sounds hackerish and untrustworthy and I had a hard time explaining how it’s actually a countermeasure to hackers.

The next day he calls and says his cell phone is acting up and wants to know what my VPN software might have done to cause that.

How do some people get dressed in the morning?

I'm about to move to a new city and one of the websites I'm using adds its name, url and ©️2018 to anything you copy. It is driving me absolutely insane. Trying to find an adress on google? Well you didn't search for [streetname], you searched for [streetname, website name, url ©️2018]. Thank you for copyrighting that public street you fuck. Trying to e-mail an agent? Sorry I can't send an email to [e-mail adress, website name, url].
Whoever thought of this needs to be taken out back and shot.

I am planning to build a list of Gem companies.

Would crowdsource the details.

Definition: Gem companies are NOT FAANG but companies with better ethics, culture, WLB, and good salary.

Will structure it as follows:

1. Name
2. Location(s)
3. Domain
4. Website
5. Jobs page

Make this public for anyone who wants to refer. This list can be used by any job hunter to search, apply, and land a decent job.

We developed this website plus custom CMS for an university. I told them that we could host the entire system and take care of it for an annual fee but they decided to host it in house because security. The IT guy didn't ask for my public key, he sent me a password. By email. Less than 8 characters long. Only recognizable abbreviated words. And a dot.

So last night a friend randomly found a raw not-yet-installed WordPress instance on a public domain that he found on a Facebook site (it was already linked for I don't know how long, but just not installed).

He told me about it and, being the guy I am, I signed up an account on some free MySQL hosting website, set up a database and used it for that WordPress site.

I then left a kind little note on the front page for the admin telling him that I just saved his ass since others could've done the same but posted racist shit or something and, also, told him not to use WordPress.

Even though I had no bad intentions, I used proxies and VPN connectsions because you never know how these people might react.

Hopefully they'll learn from it 😇

My lessons both come from my current side project (I will share it with you in a week or two, the website isn't finished yet):
1. Every project comes to the point where it hurts to continue. Keep pushing, the result is worth it.
2. You aren't as good as you thought you were when you started, but you'll be better than you ever were when you finish.
3. Sometimes, there's more points to a list than you'd expect.
4. One hour per day is easier than five hours a week.

How?
Well. I started out my project knowing some C#, but Jack shit about unity. I know most of what I might build will end up being shit I'm gonna regret, refactor and recycle later. But I don't give a fuck. Doing it is better than planning it.

It sometimes hurts to get rid of a carefully planned algorithm that took hours to build because it fails in practice. But it's the right thing to do.

Never plan too much. If I'd have planned this project out, I wouldn't even have started with what I'm good at: write code, break shit and experiment.

It's easier to progress slowly but steady. Look at some awesome games that have been worked on for ages while the public had their say (RimWorld, Project Zomboid, Dwarf Fortress...) as opposed to those that are developed behind closed doors and rushed to the market before Christmas or some other major event (Mafia 3, Fallout 76, Fallout 4 VR...). Progress slowly, deploy early, push often. And the one hour per day approach is a good way to do this.

Omg how stupid some people are... Today at my university I used the first time one of the computers in the computer room and there is a portable Firefox installed in a shared space on the computer and that is also where it saved settings etc. So this is the same for every user on that particular computer.

And when I checked the security settings I found that about 10 different accounts were saved and accessible with website username and password.

So of course the shared space Firefox is bad, but you still shouldn't save you password on a public computer :S

PS: If anyone needs a webmail account or an account for the german university network contact me :P

Whelp. I started making a very simple website with a single-page design, which I intended to use for managing my own personal knowledge on a particular subject matter, with some basic categorization features and a simple rich text editor for entering data. Partly as an exercise in web development, and partly due to not being happy with existing options out there. All was going well...

...and then feature creep happened. Now I have implemented support for multiple users with different access levels; user profiles; encrypted login system (and encrypted cookies that contain no sensitive data lol) and session handling according to (perceived) best practices; secure password recovery; user-management interface for admins; public, private and group-based sections with multiple categories and posts in each category that can be sorted by sort order value or drag and drop; custom user-created groups where they can give other users access to their sections; notifications; context menus for everything; post & user flagging system, moderation queue and support system; post revisions with comparison between different revisions; support for mobile devices and touch/swipe gestures to open/close menus or navigate between posts; easily extendible css themes with two different dark themes and one ugly as heck light theme; lazy loading of images in posts that won't load until you actually open them; auto-saving of posts in case of browser crash or accidental navigation away from page; plus various other small stuff like syntax highlighting for code, internal post linking, favouriting of posts, free-text filter, no-javascript mode, invitation system, secure (yeah right) image uploading, post-locking...

On my TODO-list: Comment and/or upvote system, spoiler tag, GDPR compliance (if I ever launch it haha), data-limits, a simple user action log for admins/moderators, overall improved security measures, refactor various controllers, clean up the code...

It STILL uses a single-page design, and the amount of feature requests (and bugs) added to my Trello board increases exponentially with every passing week. No other living person has seen the website yet, and at the pace I'm going, humanity will have gone through at least one major extinction event before I consider it "done" enough to show anyone.

help

to;dr: school, raspi, spoofing, public status screen, funny pictured.

So. At school we had these huge ass 2/3 TVs displaying some information such as which teacher is ill, which lessons won't take place and some school related news. Standard stuff.

They worked using a raspberry pi attached to the TV fetching a website over http every now and then.

Using nmap I discovered that these pi's were in the same network as the pupils devices: Sweeeet.

After trying some standard passwords at the ssh port and not succeeding I came up with something different: A spoofing attack.

I would relay all traffic from those pi's through my device, would replace all images with a trollface picture (I know I know) and flip all text upside down.

Chaos, annoyed faces and laughter.
It was beautiful.

Please don't Google "member" when your looking for membership icons on a free SVG icon website in a very public office.

Just gonna leave this here because I am too lazy to write a proper article for my website:
If anyone is trying to create a Vue.js website with Node.js backend do NOT use express-vue, it is unnecessarily complicated and broken. Instead use this method I found.
You will need:
- IntelliJ IDEA / WebStorm / other IDE supporting multiple modules per project and tasks
- Nodejs and npm
- vue-cli

Step by step:
1. Create new empty project
2. Add your frontend module using vue-cli generator
3. Add your backend module using Express generator
4. Run npm build in your frontend module once
5. Move or remove public folder in your backend module
6. Create a symlink from your backend module root called public pointing to dist folder in your frontend module root
7. Make sure to add "Run npm build" from frontend module to your "bin/www" task (default task for Express module)
8. Enjoy developing your REST API in Node/Express and your frontend in Vue.js with single-file components and it being served by the same server that is providing the backend.
(Since they are separate modules and you are not mixing webpack and Node/Express you can add ts-loader, stylus-loader, pug-loader or any other loaders without screwing anything up)

For deployment you just need to copy the contents of dist into public on the server. (and not upload the symlink)

Why do Twitter, fb and Instagram need to force accounts to view public content. Like i only want to check in on som ppl without having the app or an account. This move only gets me further away from using their website/apps

If your site uses angular or react or some other piece of shit framework to load the data after the site has fucking loaded, make a public fucking api because i cant parse your shitass website from source.

Why doesn't Twitter have a public API without authentication for simple stuff, such as reading tweets. One can do that without logging in on the website, why shouldn't code be able to do it.

The company I used to work for, despite me not working there contacts me to get a verification code because the crappy developer they hired can't change a couple settings on the apple website and add themselves as a developer.

At the start of this all, a couple months back I gave them the code out of courtesy, but at this point, as i'm heavily invested in the development stage of my actual job as a vr developer, I won't take time out of my day to even answer the phone for them.

But what really pisses me off is the person who contacts me, my assumbly best friend, who during the last 12 months has only called me for these codes, so work related shit or just personal shit and never to hang out or play games or generally what we used to do as friends before he got a job at that stupid company doesn't have the balls to tell his boss that i'm busy with my job, that maybe if payment was offered as an incentive that I would be happy to be contacted.

When I left that company I didn't setup anything to make it so they would have to contact me, all I did was add myself as a developer of their app. I also heavily documented everything I did, all the issues I faced and the workarounds I found, and everything including all login information needed to get things working, I went above just "developing" the app I added in all the credits to all work used in the app as partly to make sure we don't get sued for stealing someones work without the right credit.

I hate the fact that I worked for minimum wage and did all of this shit, but I never complained at all about things like the 1 1/2 hour travel time (one way I might add) to my boss, the amount of money I spent on public transportation, the little money left over that I didn't even spend and instead give to my parents.

They know nothing about how hard that year was for me, and if they want to get this code, my so called friend can come chat in person, in his off time and when I'm done working on my own shit and we can discuss terms because this shit is just not fair at all.

Website: what's your address?

Me: It's 192.168.1.7... Oh! Silly me! You meant my public address!! 89...

Tldr: no router, almost not work.

Ok I recently moved into a new house, and I signed a contract for an Internet line.

Problem is that the router has been sent at the ISP shop, where I was supposed to get it personally. But guess what? Covid emergency happened two days after, and the shop closed.

So, after spending two days calling customer service of both ISP and Postal office without being able to speak to anybody, I received a Sms saying that the pack was not delivered because the receiver was closed.

After some more unsuccessful calls to the same two entities I managed to find the actual shop's phone number, that was actually thw owner's house (he's working from home). I spoke to him, told the problem, and he changed the router destination to my house.

Today I checked the package status on the postal website and I saw that it seems that they tried every day, at 7:02 am, to deliver the bloody package again at the shop! I truly hope this was a bug on their tracking system. It's weird that the hours were always 7:02am, because the package delivery office opens at 8:30 am, so again I'm praying any existent and non-existent god that that's just a bug. I'm kinda tired of being stuck with my phone hotspot with limited GB and with ISP public routers with about 5Mbps.

I wish I had @netikras skills with router building.

Hosting single page website on Dropbox public folder FTW.

The country where I'm from uses only one platform for online school (public schools from 1s class to High School).
I was curious to take a look at the website and they didn't change the create-react-app manifest.json in production.

Bonus tip. The teachers and students cannot login for the last 2 days.

Internet-based open source platform for democracy. That is, a package of code that you can use as a website that would basically encapsulate all the functions of incorporating the voice of the people into governmental decision-making -- like voting, initiatives/referendums/recalls, contacting representatives or other officials, etc.
This would also be something that could be used to run a private organization or public company as well. Hopefully super flexible.

Unable to access cpanel/whm due to IP changed error.
called HR
me : please connect me to networking team (out sourced)
hr : why ?
me : I have some issue to access cpanel. I contacted to hosting comapny but it is not their fault so may be it's our network issue.
hr : explain me in details.
me : ok
from morning I am trying to access whm because our website is out of bandwidth limit and showing 509 error ,I contacted to hosting comapny but they explained me problem from our side. SO i wanted to talk with network team about this issue because I am not using any proxy or vpn even my tor browser is off too still ip chaged error giving frustation. second reason I am frusted that my public IP and private IP is not chaged.
one more your windows pc freeze 3 times from morning.
do you need in detailed technical reason why I want to talk with them.
hr : no no no *hang up*

after 2 minute *my landline ring*
hr : network engineer on other side.

fair enough

Update to previous rant: My e-banking account is blocked, because apparently I already set a password on a website I never seen before.

- Tried the declined one
- Tried the unsecure one I chossed after the declined one
- Tried the pin number from mobile app.

BAM@#%$#%!!1!one1! YOU ARE BLOCKED FOR ENTERING WRONG PASSWORD TOO MANY TIMES. PLEASE CALL THE FUCKING BANK ON MONDAY.

I seriously hate this stupid country, and companies that don't know a first thing about web getting picked on government and public sector projects, sucking 100s of thousands of euros and providing the user experience that gives you a fucking diarrhea, at every SINGLE ONE OUF THEM!

I just came home from opening of the fiscal year of a small drivers' club and it was quite an amazing life experience.

I got about a 5-times "rise" for a first, small, post-due-time project.

All of the members were so relaxed in one of the most serious moments of an association. We ate, drank beer and had as much fun as possible without break the law and other rules.

The story goes like this:

I was an intern in a website development company as students tend to do. In middle of the internship my teacher asked me if I'd be willing to develop a website to the before mentioned organization.
School will help with the money by being as a middle-man. It wasn't going to pay much, about 120€ or so, it's nothing really for the job, but I said yes for the experience. We organized a meeting, school provided the space, and went straight to the business.

The development went quite well: I got the final design requirements late (there weren't too much), research a lot about CMS:s, ended up with a beta version CMS (a risk), learned it, developed some plugins (not published yet), kept copyrights for most of the work and so on.

I was done _relatively_ quickly with the project and was quite happy with it. Only things still pressing my mind was bugs of the beta CMS, support for the plugins and my somewhat inexperienced graphical design.

Then it hit me, the world. Hosting, domain transfer, certificates, registry agreements. Arrgh. Most of things were fine, I know them. I had luck that I had a technical contact for the club. It would have been a nightmare of it's own otherwise.

We had problems transferring the domain, again, as you do. The other hosting company was to blame. They were the n00bs here. I went trough the law, technical guidance, etc. I was having heavy messaging with my technical contact about it, who was a middle-man for me and the hosting firms.
After a long while loop of waiting, reconfiguring, researching and messaging, until he transfer was finally over.

We had a long while of radio silence after some bug fixes. Until the Christmas came and I was invited to a Christmas party in a cottage, third Christmas party that year. It was great fun. We ate, drank, talked, went to sauna and had a playful adult stiga or sledging competition, etc.
I updated the site yet again, a stable version of the CMS were published. Yess!

Another radio silence came and year changed. It was broken off by a call to the opening of the fiscal year, the same day. This is today, or yesterday by now. This was just after my current company's board game night. I was really busy that day. A whole afternoon of second-hand shopping around the city with a bike. I counted 35 kilometers. Yes I go by bike, don't own a car or have an driving license... Yet.

I wasn't horribly late, around 30 minutes. I started eating and drinking. Free food and beer! They was also late, they should've got trough the business before I got there, before eating. So I ate and listened. Learned more about having business or an association in general. Until my matter came to be heard. They thanked me of the co-operation and made public the change of my reward sum, I WAS GRANTED 500€ REWARD for the work. It's still not an amazing sum in a larger point of view, but I can imagine that it's big deal for a small non-profit organization, which was loosing money. Everybody applauded, every 25 members of the club. I was greatly pleased. I will have to update their site a bit still, but they are going to pay the reward ASAP.

Did I mention that the school works around the taxes, legally. Taxes for the reward, if it were assumed as a wage would be 15%, for me, at the worst case scenario, only for getting the money to my hands.

I was offered another gig at the event, but didn't promise anything yet. I left before sauna, so we didn't get to change contact details. He will find a way to reach me if he really wants so. I'm a busy free man.

Yesterday, the Project Manager forwarded an email from a staff member who worked on a donations campaign. Staff member was confused about a Cloudflare challenge that appeared before the user was sent to the donation page. It’s a less than 5 second JavaScript check. He thought it looked fishy.

I had to explain that it’s a security measure that’s been up for almost a month. PM knows this but left it to me to explain because ownership of the site is on me. The donations page and api gets hit by a lot of bots because it’s a public api and there are no security measures like captchas to deter the bots. I’m inheriting this website and I didn’t build it.

Staff member says other staff want to know if the Cloudflare page can be customized so it looks more legit. Um, Cloudflare is a widely known legit service. Google it.

A few thoughts pop into my head:

1. Engineering communicated to stakeholders about the Cloudflare messaging a month ago.

2. Wow, stakeholders don’t share relevant info with their staff who aren’t on these emails.

3. Woooow, stakeholders and staff don’t look at the website that often.

Can someone please explain to me, in the most dumbed-doen way imaginable, what the fuck SharePoint is?

Yes, I've Googled it. No, I don't understand. From everything that I've read; it just doesn't function the way I expect it to after reading about it.

Is it used to create company websites which are to be used by staff within the company. Or is it used to create normal websites, that the general public visits (maybe like a portfolio or company website showcasing products with a shopping cart and shit)?

I'm confused.

So, I browse to a video livestream and an annoying ad starts before the livestream is shown. Furthermore, the page jumps around because of a cookie notification that also blocks some UI elements at the top.

Note: this is the website of a public (government-paid) national news website with very high standards and a good reputation.

Action 1: refresh page; I hope the ad is skipped. Nope, annoying ad restarts. Page jumps around again because of the cookie notification.

Action 2: accept cookies to remove notification blocking the top UI (it's OK, I know it can't actually save any cookies on my machine). Instead of some nice JS doing it for me in the background, the page refreshes because you know, HTTP requests and whatnot.

Annoying ad restarts again... FML 🤬

Lessons to be learned from this for any web dev: these annoyances can and *will* exponentially get worse if used simultaneously against your users, instead of being used to help or inform your users.

As a user of you website, I want to watch a livestream. I don't care what stupid legislation forced you to shove a fucking cookie notification in my face. Make sure it is not annoying me to the point that I close you website and take minutes to rant about it!

Also, give me the freedom of choice to watch an ad or not. You and I both know that some ads simply are not for me. Better save yourself and myself the bandwidth.

And go get good at web development. You're a news site. That's more than just text and images. If you want great apps, social media coverage, videos, live streams, blogs, etc. go get some better web devs. Your current web frontend devs only qualify to get fired.

Sometimes I feel that as we have some rules and accessibility guidelines for 18+ when they visit any website, play a game etc., we should also think about 60+ who are not technology friendly. I've explained to many elders why they should not share their personal information on public forums like facebook or twitter, or why should they not reply a spam mail.... but :(

Hopefully get out to the public the two projects I have been working on currently. A local focused startup help website and a local focused fillable forms platform.

And hopefully get my first large scale software project kickstarted - A retail management system on a full Feedback Driven Development approach perhaps with the ability to integrate AI and ML later on.

Create a nice documentation website for a library we have at work.
Complete with examples, public api, and search engine.
Then I can die happily.

Hello, my first time here. I got to know this website/app from my PM because I need to vent it somewhere other than him according to my PM.

So, here goes my first rant. The date is today (Monday). The rant subject is our new tester. Some context on the guy. He started in our office 8 weeks ago and his title is senior tester with some years in testing. Me and my team with the exception of our PM are new hires and for me, this is my first job after graduation.

After a grueling month of pushing for new modules and bug fixes from our monthly UAT from the client (yes, this will be a future rant one day), about 2/3 of the team is on vacation paired with a long weekend. So, a very few ppl in the team including me and my PM came for today.

I usually came quite early, around 8 am as I commute with public transportation. As soon as I have my breakfast and just getting ready to open my dev laptop, he came to me with a bug. This is like under an hour I came to office. I'm ok with anything related to the project as today was deployment day to test server for our monthly UAT. So, I check the bug and it wasn't my module but the PIC is not there and I familiar with the code thus I fixing the module.

Then, not even 15 mins later, while fixing this module, he came to me with another bug. I'm still the only one who in office that can fix it thus have to do it too. Finished the both bugs, pushed and je retested it. Fortunately, my PM and another colleague came. But, for some reason, he only comes to me for the bug fixes.

The annoying thing for me is that he comes to me every time he found an obstacle, bug or glitch. At this rate, by hourly. Thus, this cycle of impromptu going around fixing-on-the-go for the project begins, for me. Then, my PM asks him abt our past issue log given by the client UAT. Another annoying part is he never checks the clients feedback to see if the result can be produced again. The time he checks it is when ppl ask abt it and test it 1 by 1. Then he came to me again with why x person marked it as done. Like hell I know why they marked it done, you the one who need to check with them. Thus, I called/messaged the PIC for x modules abt the issue and then they explain it. I have to explain it again to him abt it and then he makes the summary report for the feedback. This goes until lunch.

I thought the bug fixes is over and I can deploy it after lunch. I thought wrong and I kinda regret coming back early from lunch which I thought I can rest for a while with the debacle over morning. Nope, straight he comes to me after I sit down for 10 mins and until almost work hour is done, he came to me with small bugs and issues like previously, hourly. By then I think I crushed like ~10 bugs/issues and I'm knackered. I complained to the PM many times and the PM also said to him many times but he still does it again and again. Even the PM also ranted to me abt his behavior. The attitude of not compiling an issue log for the day and not testing the system to verify what the client feedbacks are valid or not is grinding my gears more and more. Not hating the guy even though his personality is quite unique but this is totally grinding ppl's gears atm. As of now, it's midnight and I finally deployed the system to the testing server. This totally drains my mental health and it's just Monday. May god have mercy on me.

Owh, the other colleague that come today? He was doing pretty much the same thing but he was resolving a major issue which is why the tester came to me.

For the people that do self hosting (from home for example) of website, how do you actually link a domain name bought online and your home public IP and how do you make forward http calls back and forth between the two?

Oh my gosh, no one really knows here what is programming. Even teachers, which claim to be professionals in the subject doesn't know shit except for the basic theory. Nothing in practice.

It was evidenced by the largest job skill competition of Finland (Taitaja) that's for my-aged students (18). And yeah it's not higher education studies, just second degree, but that's where you should get the necessary practical skills for your work life.

The category I participated was website development, which is the only software development category.

It was a public event that is focused on showcasing different jobs. Well, what do programmers do, a viewer may ask. Even the responsible teachers and juries couldn't really answer properly. They just showed the specs we were following to create the crappiest of websites the short period of development time.

So we consume coffee and produce HTML, is that accurate representation of the whole industry?

All the other winners of different categories get a lot of job offers from companies when they win. I won gold last year (bronze this year) and I didn't get a single offer. Who would be interested in human HTML generator who can only make static websites anyway?

Programming is about problem-solving, not about graphic design and writing content.

And just to give you an idea the scale of the competition: last year I made a total of ~2000€ for the victory. And it is super easy if you just know what you are doing. That being graphic design and the making of a static page with a pinch of functionality.

Hey guys, I'm looking for some feedback for a new website I launched socialfeedapi.com. It provides quick and easy API access to any Instagram media feed (for any public username or hashtag). Is this something that you guys think will be useful in the dev world? Is it just me, or has anyone here tried to gain access to an Instagram feed and was frustrated in doing so? Thanks in advance!

So, need to secure some requests.
I decided on going passwordless on the website but I want to have an API too.

I am reviewing auth0.
I am also not sure if I can secure the same endpoints as private and public differently, so the private is used by the backend with no auth and the public with auth.

Wold you guys help me with some reading material?