Friend: *deletes something from the internet*
"Thank god, now it's gone forever!"

Me: *Laughs in French*
"Hahahaha!"

Friend: "What?"

Me: "No, I'm pretty sure almost everything you put on the internet stays on the internet."

Friend: "ARE YOU STUPID??! The button says fucking DELETE. What else would it to do? Please use your brain for once."

Me: "You realize that text in the button is just a string right?"

Friend: *Looks confused*
"Stop trying to be such a smartass. Why would it be called 'delete' if it doesn't delete? Your logic make no sense whatsoever."

Me: *Makes quick simple app in order to prove my point*

App has 4 buttons:

-Play Music: Shows a picture of a dog

-Stop Music: Starts playing music video of Never gonna give you up

-Close App: Changes the interface to a random color

-Delete App: Pop up that says "The app has been deleted"

Friend: *Installs and tries the app*
"Dude! Did you even test your app before sending me?? Your buttons are broken as hell. None of them works. They all do things they're not supposed to do. How do you even call yourself a programmer? Sorry dude, nothing personal but this app sucks."

Me: *I need a new friend*
*sigh*

Client: Extend string size for that URL field. I have to input a really large URL in there.

Me: Please show me the URL first.

Client: Here it is //randomurl.com/random-route/15363783?i=jfjfjfjjfjfjhf&shit=jfjfjkfkfkgjfjjhh74747jdjh&you=kfjfjbhgg779hdhhd&not=jfjhdh63737#fuckingKiddingMe

Me: You can leave the whole part after the question mark. Insert it like //randomurl.com/random-route/15363783

Client: Ok, great. Thanks.

#####

Me later checking the data inserted:

//randomurl.com/random-route

I hate humans.

How do you generate a random string?

Tell a windows user to exit vim

You can't imagine how many lines of pure and utter horseshit, seemingly written in PHP, I had to dig through this whole weekend. (relating to my 2 previous rants)

How is it even possible to write code this unbelievably ugly?

Examples:
- includes within loops
- included files use variables from parent files
- start- and endtags separated to different files
- SQL queries generated by string concatenation, no safety measures at all (injection)
- repeating DB calls within loops
- multiple directories with the same code (~40 files), only different by ~8 lines, copied
- a mixture of <?php echo ... ?> and <?= ... ?>
- a LOT of array accesses and other stuff prefixed with "@" (suppress error messages)
- passwords in cleartext
- random non-RESTful page changes with a mixture of POST and GET
- GET parameters not URL-encoded
- ...

My boss told me it took this guy weeks and weeks of coding to write this tool (he's an "experienced dev", of course WITHOUT Git).

Guess what?
It took me only 20 hours and about 700 lines of code.

I must confess, since this task, I don't hate PHP anymore, I just simply hate this dev to death.

Addendum: It's Monday, 5:30am. Good night. 😉

ARGH. I wrote a long rant containing a bunch of gems from the codebase at @work, and lost it.

I'll summarize the few I remember.

First, the cliche:
if (x == true) { return true; } else { return false; };
Seriously written (more than once) by the "legendary" devs themselves.

Then, lots of typos in constants (and methods, and comments, and ...) like:
SMD_AGENT_SHCEDULE_XYZ = '5-year-old-typo'

and gems like:

def hot_garbage
magic = [nil, '']
magic = [0, nil] if something_something
success = other_method_that_returns_nothing(magic)
if success == true
return true # signal success
end
end

^ That one is from our glorious self-proclaimed leader / "engineering director" / the junior dev thundercunt on a power trip. Good stuff.

Next up are a few of my personal favorites:

Report.run_every 4.hours # Every 6 hours
Daemon.run_at_hour 6 # Daily at 8am

LANG_ENGLISH = :en
LANG_SPANISH = :sp # because fuck standards, right?

And for design decisions...

The code was supposed to support multiple currencies, but just disregards them and sets a hardcoded 'usd' instead -- and the system stores that string on literally hundreds of millions of records, often multiple times too (e.g. for payment, display fees, etc). and! AND! IT'S ALWAYS A FUCKING VARCHAR(255)! So a single payment record uses 768 bytes to store 'usd' 'usd' 'usd'

I'd mention the design decisions that led to the 35 second minimum pay API response time (often 55 sec), but i don't remember the details well enough.

Also:
The senior devs can get pretty much anything through code review. So can the dev accountants. and ... well, pretty much everyone else. Seriously, i have absolutely no idea how all of this shit managed to get published.

But speaking of code reviews: Some security holes are allowed through because (and i quote) "they already exist elsewhere in the codebase." You can't make this up.

Oh, and another!
In a feature that merges two user objects and all their data, there's a method to generate a unique ID. It concatenates 12 random numbers (one at a time, ofc) then checks the database to see if that id already exists. It tries this 20 times, and uses the first unique one... or falls through and uses its last attempt. This ofc leads to collisions, and those collisions are messy and require a db rollback to fix. gg. This was written by the "legendary" dev himself, replete with his signature single-letter variable names. I brought it up and he laughed it off, saying the collisions have been rare enough it doesn't really matter so he won't fix it.

Yep, it's garbage all the way down.

Word of day:
Hellogrammer
Slang for person who can print "hello world", "hello", or some random string of character in multiple programming languages and whose knowledge is limited to printing string.

Synonyms: hypocrite, stupid, script Kidde....

Q : How do you generate random string?
A : Put my keyboard layout to Dvorak and write someone's name.

I am much too tired to go into details, probably because I left the office at 11:15pm, but I finally finished a feature. It doesn't even sound like a particularly large or complicated feature. It sounds like a simple, 1-2 day feature until you look at it closely.

It took me an entire fucking week. and all the while I was coaching a junior dev who had just picked up Rails and was building something very similar.

It's the model, controller, and UI for creating a parent object along with 0-n child objects, with default children suggestions, a fancy ui including the ability to dynamically add/remove children via buttons. and have the entire happy family save nicely and atomically on the backend. Plus a detailed-but-simple listing for non-technicals including some absolutely nontrivial css acrobatics.

After getting about 90% of everything built and working and beautiful, I learned that Rails does quite a bit of this for you, through `accepts_nested_params_for :collection`. But that requires very specific form input namespacing, and building that out correctly is flipping difficult. It's not like I could find good examples anywhere, either. I looked for hours. I finally found a rails tutorial vide linked from a comment on a SO answer from five years ago, and mashed its oversimplified and dated examples with the newer documentation, and worked around the issues that of course arose from that disasterous paring.

like.
I needed to store a template of the child object markup somewhere, yeah? The video had me trying to store all of the markup in a `data-fields=" "` attrib. wth? I tried storing it as a string and injecting it into javascript, but that didn't work either. parsing errors! yay! good job, you two.

So I ended up storing the markup (rendered from a rails partial) in an html comment of all things, and pulling the markup out of the comment and gsubbing its IDs on document load. This has the annoying effect of preventing me from using html comments in that partial (not that i really use them anyway, but.)

Just.
Every step of the way on building this was another mountain climb.
* singular vs plural naming and routing, and named routes. and dealing with issues arising from existing incorrect pluralization.
* reverse polymorphic relation (child -> x parent)
* The testing suite is incompatible with the new rails6. There is no fix. None. I checked. Nope. Not happening.
* Rails6 randomly and constantly crashes and/or caches random things (including arbitrary code changes) in development mode (and only development mode) when working with multiple databases.
* nested form builders
* styling a fucking checkbox
* Making that checkbox (rather, its label and container div) into a sexy animated slider
* passing data and locals to and between partials
* misleading documentation
* building the partials to be self-contained and reusable
* coercing form builders into namespacing nested html inputs the way Rails expects
* input namespacing redux, now with nested form builders too!
* Figuring out how to generate markup for an empty child when I'm no longer rendering the children myself
* Figuring out where the fuck to put the blank child template markup so it's accessible, has the right namespacing, and is not submitted with everything else
* Figuring out how the fuck to read an html comment with JS
* nested strong params
* nested strong params
* nested fucking strong params
* caching parsed children's data on parent when the whole thing is bloody atomic.
* Converting datetimes from/to milliseconds on save/load
* CSS and bootstrap collisions
* CSS and bootstrap stupidity
* Reinventing the entire multi-child / nested params / atomic creating/updating/deleting feature on my own before discovering Rails can do that for you.

Just.
I am so glad it's working.
I don't even feel relieved. I just feel exhausted.

But it's done.
finally.

and it's done well. It's all self-contained and reusable, it's easy to read, has separate styling and reusable partials, etc. It's a two line copy/paste drop-in for any other model that needs it. Two lines and it just works, and even tells you if you screwed up.

I'm incredibly proud of everything that went into this.
But mostly I'm just incredibly tired.

Time for some well-deserved sleep.

Biggest GTFO moment of the year;

While applying for colleges, I created an account with a username and variant of my usual password (I know, bad move, sorry). I came back to finish the application but had forgotten what variant I had used. So I clicked the forgot password button and got an email with...

MY PASSWORD IN IT!!!!

Plain text password! Just as part of the email! WTF do these people think they are doing?!?!

I immediately changed my password to a random string and deleted my account, so hopefully when someone gets into this database my stuff with be overwritten... stupid programmers...

Add a random string (like "AnyBrowser/1.2.3") to your user agent string, and get warnings about unsupported browsers, reduced functionality, and Google drive completely refusing to start at all.

It's the very same browser, just another user agent string. Ever heard of feature detection? Ever heard of usability, accessibility, progressive enhancement? How can developers be so lost in 2022?

I just tried to reproduce the reason why Vivaldi stopped adding their brand to user agent strings but sails under false flag pretending to be Google chrome. So it doesn't show up in browser statistics either and Google people can keep thinking everyone is using their shitware.

Also usually works with a manager of your choice

How to generate a random string:

World's best random string generator
Open a vim session in front of a designer and tell him to exit 😂😂

Today a tester asked me to make a modal smaller. I read the code and saw modal size was explicitly set to "large". So I was about to set its size to default but I asked myself "what if I enter a random string there?" and I set it to "not-so-big". UI framework handled it well and actually set its size to default. I'm keeping the code that way for future laughters.

These motherfucking incompetent programmers... Demon spaghetti code base saga continues.

So they have a password change functionality in their web app.

We have to change the length of it for cybersecurity insurance. I found a regex in the front end spaghetti and changed it to match the required length.

Noticed 7 regexes that validate the password input field. Wtf, why not just use one?! REGEX ABUSE! Also, why not just do a string length check, it's fucking easy in JS. I guess regex makes you look smart.

So we test it out and the regexes was only there for vanity, like display a nicely designed error that the password doesn't have x amount of characters, doesn't have a this and that, etc.

I check the backend ColdFusion mess that this charismatic asshole built. Finally find the method that handles password updates. THERE'S NO BACKEND VALIDATION. It at least sanitises the user input...

What's worse is that I could submit a blank new password and it accepts it. No errors. I can submit a password of "123" and it works.

The button that the user clicks when the password is changed, is some random custom HTML element called <btn> so you can't even disable it.

I really don't enjoy insulting people, but this... If you're one of the idiots who built this shit show and you're reading this, change your career, because you're incompetent and I don't think you should EVER write code again.

Teaching new devs, hired straight from India.

This is today.

Bug1: We have four lists, each item in these lists has a variable called "Charge". This var is a double and we need to convert it to currency.

Dev creates fifth list called "All lists" and converted it's charge to currency then questioned why it didn't work.

I explained, his solution? Convert each list into currency.

I explained that's wrong and told him what he needed to do. He did List1:Charge into currency, but left his other conversion in place just in case.

I walked him through fixing it which took 10 times as long as necessary, only to find out he randomly converted four booleans into currency for no reason.

Bug2: we take integer, convert to string and concat "Months" on the end.

Doesn't work for him, tells me he doesn't know why.

I told him that he's not outputting the variable that we did it to, he is instead outputting a custom variable he made and didn't do anything to.

Bug 3: followup to #2, he fixed it as I instructed, but then added months as static text to the output so now it reads "Months months".

Bug 4: to make his code cleaner, he presses enter in the text box. Unfortunately he did that IN A STRING so his output is full of random /r/n

How do you guys deal with coworkers like this? He isn't new, this is supposed to be an experienced developer. Im only in my 2nd year

I wrote a random string/int/other stuff API somewhere this year which I still regularly use because I'm a lazy fuck.

Never posted anything about it on here and the documentation isn't entirely complete (and not all the endpoints are extensively bug-tested yet) but if someone is interested I'll see if I can patch some stuff and put it on here as I find it useful!

Perfect way for generating random string...

In other news, I have been forbidden by my boss to implement any security or performance improvements into the company infrastructure as this holds no business value. Furthermore, passwords are not to be a random alphanumeric+special-chars string but something legible.

Hmm. So have you ever argued in a job interview? Like really standing your ground? In a technical interview?

Today I had a live coding session with a company I'm interested in. The developer was giving me tasks to evolve the feature on and on.

Everything was TDD. Splendid!

However at one point I had to test if the outcome of the method call is random. What I did is basically:
```
Provider<String> provider = new SomeProvider("aaa", "bbb", "ccc", "ddd", "eee", "fff")

for(int i=0; i<100; i++) {
String str = provider.get();
map.put(str, incrementCount(str));
}
Set<Integer> occurences = new HashSet(map.values());
occurences.removeIf(o -> o.equals(occurences.get(0)));
assertFalse(occurences.empty());
```
and I called it good enough, since I cannot verify true randomness.
But the dev argued that this is not enough and I must verify whether the output is truly random or not, and the output (considering the provider only has a finite set of values to return) occurences are almost equal (i.e. the deviation from median is the median itself).

I argued this is not possible and it beats the core principle of randomness -- non-determinism. Since if you can reliably test whether the sequence is truly random you must have an algorithm which determines what value can or cannot be next in the sequence. Which means determinism. And that the (P)RNG is then flawed. The best you can do is to test whether randomness is "good enough" for your use case.

We were arguing and he eventually said "alright, let's call it a good enough solution, since we're short on time".

I wonder whether this will have adverse effect my evaluation . So have you ever argued with your interviewer? Did it turn out to the better or to the worse?

But more importantly, was I right? :D

I seriously thought I was losing my mind this morning.

Loaded up my IDE and got to work.

Needed to find something in the project, so I hit the keyboard shortcut to find all usages in the project path.

The dialog pops up, but my selection is replaced with a long hex string. I thought it was weird, but I just installed the latest update of my IDE so I thought I'd found a regression. I grabbed the hex string and went over to Google to see if anything useful popped up.

The first result is the reddit post for my keybase key.

Wait. The "random" hex string was the fingerprint for my keybase public key? I double-checked to make sure that keybase wasn't running and I didn't have anything weird hanging out on my clipboard. Nothing amiss, but I still got my key whenever I searched for something.

This is the point where my brain got a little melty. I started running weird conspiracy theories in my head. My ever-helpful coworkers could only suggest to "stop using a Mac".

I saw that the app menu got highlighted when I opened the dialog, so I opened the menu and looked at the Services. Lo and behold, the GPG Suite update I installed recently very "helpfully" added a global shortcut to "Insert My Fingerprint" with the same keyboard shortcut as the IDE action.

Task: Use random string in url to prevent cache.
Me: `<script src="lightbox.js?random"></script>`

Working on an Android app for a client who has a dev team that is developing a web app in with ember js / rails. These folks are "in charge" of the endpoints our app needs to function. Now as a native developer, I'm not a hater of a web apps way of doing things but with this particular app their dev teams seems to think that all programming languages can parse json as dynamically as javascript...

Exhibit A:

- Sample Endpoint Documentation
* GetImportantInfo
* Params: $id // id of info to get details of
* Endpoint: get-info/$id
* Method: GET
* Entity Return {SampleInfoModel}

- Example API calls in desktop REST client
* get-info/1
- response
{
"a" : 0,
"b" : false,
"c" : null
}
* get-info/2
- response
{
"a" : [null, "random date stamp"],
"b" : 3.14,
"c" : {
"z" : false,
"y" : 0.5
}
}
* get-info/3
- response
{
"a" : "false" // yes as a string
"b" : "yellow"
"c" : 1.75
}

Look, I get that js and ruby have dynamic types and a string can become a float can become a Boolean can become a cat can become an anvil. But that mess is very difficult to parse and make sense of in a stack that relies on static types.

After writing a million switch statements with cases like "is Float" or "is String" from kotlin's Any type // alias for java.Object, I throw my hands in the air and tell my boss we need to get on the phone with these folks. He agrees and we schedules a day that their main developer can come to our shop to "show us the ropes".

So the day comes and this guy shows up with his mac book pro and skinny jeans. We begin showing him the different data types coming back and explain how its bad for performance and can lead to bugs in the future if the model structure changes between different call params. He matter of factually has an epiphany and exclaims "OHHHHHH! I got you covered dawg!" and begins click clacking on his laptop to make sense of it all. We decide not to disturb him any more so he can keep working.

3 hours goes by...

He burst out of our conference room shouting "I am the greatest coder in the world! There's no problem I can't solve! Test it now!"

Weary, we begin testing the endpoints in our REST clients....

His magic fix, every single response is a quoted string of json:

example:
- old response
{
"foo" : "bar"
}
- new "improved" response
"{ \"foo\" : \"bar\" }"

smh....

python machine learning tutorials:
- import preprocessed dataset in perfect format specially crafted to match the model instead of reading from file like an actual real life would work
- use images data for recurrent neural network and see no problem
- use Conv1D for 2d input data like images
- use two letter variable names that only tutorial creator knows what they mean.
- do 10 data transformation in 1 line with no explanation of what is going on
- just enter these magic words
- okey guys thanks for watching make sure to hit that subscribe button

ehh, the machine learning ecosystem is burning pile of shit let me give you some examples:

- thanks to years of object oriented programming research and most wonderful abstractions we have "loss.backward()" which have no apparent connection to model but it affects the model, good to know
- cannot install the python packages because python must be >= 3.9 and at the same time < 3.9
- runtime error with bullshit cryptic message
- python having no data types but pytorch forces you to specify float32
- lets throw away the module name of a function with these simple tricks:
"import torch.nn.functional as F"
"import torch_geometric.transforms as T"
- tensor.detach().cpu().numpy() ???
- class NeuralNetwork(torch.nn.Module):
def __init__(self):
super(NeuralNetwork, self).__init__() ????
- lets call a function that switches on the tracking of math operations on tensors "model.train()" instead of something more indicative of the function actual effect like "model.set_mode_to_train()"
- what the fuck is ".iloc" ?
- solving environment -/- brings back memories when you could make a breakfast while the computer was turning on
- hey lets choose the slowest, most sloppy and inconsistent language ever created for high performance computing task called "data sCieNcE". but.. but. you can use numpy! I DONT GIVE A SHIT about numpy why don't you motherfuckers create a language that is inherently performant instead of calling some convoluted c++ library that requires 10s of dependencies? Why don't you create a package management system that works without me having to try random bullshit for 3 hours???
- lets set as industry standard a jupyter notebook which is not git compatible and have either 2 second latency of tab completion, no tab completion, no documentation on hover or useless documentation on hover, no way to easily redo the changes, no autosave, no error highlighting and possibility to use variable defined in a cell below in the cell above it
- lets use inconsistent variable names like "read_csv" and "isfile"
- lets pass a boolean variable as a string "true"
- lets contribute to tech enabled authoritarianism and create a face recognition and object detection models that china uses to destroy uyghur minority
- lets create a license plate computer vision system that will help government surveillance everyone, guys what a great idea

I don't want to deal with this bullshit language, bullshit ecosystem and bullshit unethical tech anymore.

I was thinking about how I implement login functionality, and realised I have no clue how I came up with it so decided to ask if it was a good way to do things.

Basically, client logs in, username/email and pass are sent to server.

Server salts and hashes password and checks it against the one in the database for that user.

If its correct, send the client the user ID and the user token. (User id could be username, or a number, it depends)

When that client makes a request, the request must contain the ID and token.

The server checks that the ID and token combo are correct, and because the ID is linked to the user we know who it is and can complete the request.

Usually I make the token a random string of 16 or 32 chars, each account has their own token, and it may be stored in the browser so they stay logged in. I also normally add a "log out everywhere" button, which essentially just generates a new token to overrides the current one, making any previously saved tokens invalid.

So while exploring some new ideas, I decided to figure out if I could use variables in the known set to determine the bounds of variables in the unknown set.

The variables in question are algebraic identities derived from the semiprimes, so you already know where this is going.

The existing known set is 1194 identities.
And there are, if I recall, roughly two dozen unknowns.

Many knowns have the unknowns as their factors. The d4 product set for example is composed of variables d4a, d4u, d4z, d4z9, d4z4, d4alpha, d4theta, d4omega, etc.
The component variables themselves are unknown, just their products are known. Anyway.

What I've found interesting is if you know the minimum of some of these subsets, for example d4z is smallest out of the d4's for some semiprimes, then you know the upperbound of both the component variables d4 and z.

Unless of course either of them is < 1.

So the order of these variables, based on value, changes depending on the properties of the semiprime, which I won't get into. Most of the time the order change is minor, but for some variables they can vary a lot between semiprimes, rapidly shifting their rank in the known set. This makes it hard to do anything with them.

And what I found myself asking, over and over again, was if there was a way to lock them down? Think of it like a giant switch board, where flipping one switch lights up N number of others, apparently at random. But flipping some other switch completely alters how that first switch works and what lights it seemingly interacts with. And you have a board of them thats 1194^2 in total. So what do you do?

I'd had a similar notion a while back, where I would measure relative value in the known set, among a bunch of variables, assign a letter if the conditions were present, and generate a string, called a "haplotype."
It was hap hazard and I wrote a lot of code to do filtering, sorting, and set manipulation to find sets of elements in common, unique elements, etc. But the 'type' strings, a jumble of random letters, were only useful say, forty percent of the time. For example if a semiprime had a particular type starting with a certain series of letters, 40% of the time a certain known variable was guaranteed to be above a certain variable from the unknown set...40%~ of the time.
It was a lost cause it seemed.

But I returned to the idea recently and revamped the entire notion.

Instead what I would approach it from a more complete angle.
I'd take two known variables J and K, one would be called the indicator, and the other would be the 'target'.
Two other variables would be the 'component' variables (an element taken from the unknown set), and the constraint variable (could be from either the known or unknown set).

The idea was that relationships between the KNOWN variables (an indicator and a target variable) could be used to indicate the rank relationship between the unknown component variable and the constraint variable.

You'd think this wouldn't work either, but my intuition was there were so many seemingly 'random' rank changes of variables in the known set for any two semiprimes, that 1. no two semiprimes ever shared the same order for every variable, and 2. the order of the known variables had to be leaking information about the relationships of the unknown variables.

It turns out my intuition was correct.

Imagine you are picking a lock, and by knowing the order and position of the first two pins, you are able to deduce the relative position of two pins further back that you can't reach because of the locks security features. It doesn't let you unlock the lock directly, but by knowing this, if you can get past the lock's security features, you have a chance of using information about the third pin to get a better, if incomplete, understanding about the boundary position of the last pin.

I would initiate a big scoring list, one for each known element or identity. And then I would check it in tandem like so:

if component > constraint and indicator > target:
indicator[j]+= 1

This is a simplication, but the idea was to score ALL such combination of relationship, whether the indicator was greater than the target at the same time a component was greater than a constraint, or the opposite.
This worked out to four if checks and four separate score lists.

And by subtracting one scorelist from another, I could check for variables that were a bad fit: they'd have equal probability of scoring for example, where they were greater than the target one time, and then lesser than it for another semiprime.

So for any given relationship, greater or lesser between any unknown variable and constraint variable, I could find any indicator variable and target variable whose relationship strongly correlated to the unknown's.

The joy when tools do not have machine parseable output.

I'm looking at you SBT. My favorite pile of poo.

Remove the logging level from each line, then trim the line, then stab around inside the line with regexes, fishing for a possible match which hopefully is right...

Then stripping scala information like the object type, cause yeah...
A line can be for example "[info] Vector(File(...),File(...))" where info is the log level, Vector the wrapping sequence type, File(...) the wrapping element type and the string inside File(...) what yours truly needs.

As this is lot of shitty shabby string stabby stabby, we need to add a fuckton of boiler plate validation cause who knows what we just murdered.

To make it even more fucked up, a multi project project can produce different output for the same key.

:-)

Yeah. So we need to fix that too.

By the way, one can set log output to unbuffered in SBT.

Then the output is in random order :-)

Isn't that fun? Come on, you wanna poke that pile of shit, too.

The SBT plugin way is by the way no alternative, as I need a full Java environment for execution.

Which brings me to the last point:

For fucks sake, writing CLI applications in Java is so much bloody boilerplate code.

There's ugly and then there's the "please kill me" kind of level.

50 lines just to write a basic validation of argc / argv with commons cli.

That's 6 lines in python. Not kidding. :(

I currently hate everything.

Moments where the job sucks: When you have to hotwire two electric cables with high currency by giving both cables the blowjob of your life.

Benefits of using Strings for Boolean intended logic?

I'll go first

easily implement cases before finally checking if true

generateUsername: { type: String }

if(generateUsername == 'humanReadable'){
// generate a username in a human readable format AKA yoDudeImRainbow
} else if(generateUsername == 'hash'){
// generate a username by using a random hash
} else if(generateUsername){
// generate a username by using a random hash
}

I'm developing a new (just for fun) programming language and I'm wondering what features I should add next? These features are already implemented:

- Printing text
- Variables
- user-input
- Datatype conversion (String, Int, Float, Bool, List, Dictionary)
- lists/arrays
- dictionaries
- Sorting
- Shuffling
- random numbers & choices
- Math stuff like: log, abs, floor, ceiling, sin, etc...
- Time & Date
- Working with files
- If-else statements
- Ternary operators
- Loops (for & while)
- Functions
- Classes
- Error handling
- Importing libraries & other scripts
- Arrow/callback functions
- Escaping (\)

is there anything you often use missing?

How do you generate a random string? ... Put a web designer in front of VIM and tell him to save and exit.

I am trying to "invent" secure client-side authentication where all data are stored in browser encrypted and only accessible with the correct password. My question is, what is your opinion about my idea. If you think it is not secure or there is possible backdoor, let me know.

// INPUT:
- test string (hidden, random, random length)
- password
- password again
// THEN:
- hash test string with sha-512
- encrypt test string with password
- save hash of test string
// AUTH:
- decrypt test string
- hash decrypted string with sha-512
- compare hashes
- create password hash sha-512 (and delete password from memory, so you cannot get it somehow - possible hole here because hash is reversible with brute force)

// DATA PROCESSING
- encrypt/decrypt with password hash as secret (AES-256)

Thanks!

EDIT: Maybe some salt for test string would be nice

Since becoming an "Architect", I've come to learn "Architect" simply means siphoning your will by eliminating all opportunities to actually write code ...

public class Architect {

static final boolean inMeeting = true;
private int will;

public static void main(String args[]){

Architect me = new Architect();
if(me.inMeeting){
while(meeting.active){
me.reactToEvents();
}
}else{
me.writeCode();
}

}

public void reactToEvents(){
if(new Random().nextInt() % 3 == 0)
will -= this.hit(this.face, this.palm, Force.CONSIDERABLE);
else
will -= this.hit(Office.desk, this.head, Force.MODERATE);
}

public int hit(Object object, Object with, Force force){
object.useForce(force);
object.moveTo(with);
return new Random().nextInt();
}
}

We needed to generate secret tokens for the app, me being as curious as I am, asked what encryption algorithm they were using, little did I know the the answer would be a random string generator.

Every day further from god.

Code for Matrix Rain Using HTML

<!DOCTYPE html>
<html>
<head>
<title>Matrix Rain</title>
<style>
* {margin: 0; padding: 0;}
body {background: black;}
canvas {display: block;}
</style>
</head>
<body>
<canvas id="c"></canvas>
</body>
<script>

var c = document.getElementById("c");
var ctx = c.getContext("2d");

//making the canvas full screen
c.height = window.innerHeight;
c.width = window.innerWidth;

//english characters
var english = "1001010101110101010101010010101000101011101111010101010110101010101010101110000101";
//converting the string into an array of single characters
english = english.split("");

var font_size = 15;
var columns = c.width/font_size; //number of columns for the rain
//an array of drops - one per column
var drops = [];
//x below is the x coordinate
//1 = y co-ordinate of the drop(same for every drop initially)
for(var x = 0; x < columns; x++)
drops[x] = 1;

//drawing the characters
function draw()
{
//Black BG for the canvas
//translucent BG to show trail
ctx.fillStyle = "rgba(0, 0, 0, 0.05)";
ctx.fillRect(0, 0, c.width, c.height);

ctx.fillStyle = "#0F0"; //green text
ctx.font = font_size + "px arial";
//looping over drops
for(var i = 0; i < drops.length; i++)
{
//a random chinese character to print
var text = english[Math.floor(Math.random()*english.length)];
//x = i*font_size, y = value of drops[i]*font_size
ctx.fillText(text, i*font_size, drops[i]*font_size);

//sending the drop back to the top randomly after it has crossed the screen
//adding a randomness to the reset to make the drops scattered on the Y axis
if(drops[i]*font_size > c.height && Math.random() > 0.975)
drops[i] = 0;

//incrementing Y coordinate
drops[i]++;
}
}

setInterval(draw, 33);
</script>
<body>
</html>

Fuck Apache TIKA.
Its supposed to be a "universal file reader" or some shit. Im trying to use it as a PDF/image parser that does OCR when needed and yelds a full-file string. It does so, but the text ends up being IN THE WRONG FUCKING ORDER.
WTF would I want to parse the text out of a PDF in any order that is not the one the text is supposed to be read?!?!
"It is more efficient to work in random ordering", says the docs. No shit, really? Wouldn't it be even more efficient to just spit out random strings? Just as useful and 100% CPU-bound.
"You can add a property to forcefully put the text in the right order". THEN WHY THE FUCK IT IS NOT THE DEFAULT SETTING?
Srsly, what's the use case to a parser that yields scrambled text?!?

If you're using random in python, and need arbitrary precision, use mpmath.

If you're using it with the decimal module, it doesn't automatically convert just so you know.

Instead convert the output of arb_uniform to a string before passing to the decimal module.

The importance of not using static salt / IVs.

I've been working on a project that encrypts files using a user-provided password as key. This is done on the local machine which presents some challenges which aren't present on a hosted environment. I can't generate random salt / IVs and store them securely in my database. There's no secure way to store them - they would always end up on the client machine in plain text.

A naive approach would be to use static data as salt and IV. This is horrendously harmful to your security for the reason of rainbow tables.

If your encryption system is deterministic in the sense that encrypting / hashing the same string results in the same output each time, you can just compile a massive data set of input -> output and search it in no time flat, making it trivial to reverse engineer whatever password the user input so long as it's in the table.

For this reason, the IVs and salt are paramount. Because even if you generate and store the IVs and salt on the user's computer in plaintext, it doesn't reveal your key, but *does* make sure that your hashing / encryption isn't able to be looked up in a table

YouTube or how to concatenate random Chanel names to create nice random string !

I hate when programming books have shit code examples.

Just came across these, in a single example app in a Go book:

- inconsistent casing of names

- ignoring go doc conventions about how comments should look like

- failing to provide comments beyond captain obvious level ones

- some essential functionality delegated to a "utils" file, and they should not be there (the whole file should not exist in such a small project. If you already dump your code into a "utils" here, what will you do in a large project?)

- arbitrary project structure. Why are some things dumped in package main, while others are separated out?

- why is db connection string hardcoded, yet the IP and port for the app to listen on is configurable from a json file?

- why does the data access code contain random functions that format dates for templates? If anything, these should really be in "utils".

- failing to use gofmt

These are just at a first glance. Seriously man, wft!

I wanted to check what topics could be useful from the book, but I guess this one is a stinker. It's just a shame that beginners will work through stuff like this and think this is the way it should be done.

!rant
C++ / OOP QUESTION

I have a uni assignment / project (Data Structures class), where I have to implement the ins-n-outs of 1D arrays, by creating a dynamically allocated array class, which can accept any type of data (using templates). But there's a problem.

I'd like to implement sorting the elements of the array. But given the fact, that I'm using templates, I cannot treat the elements as integers, nor as strings, or other types...
Also, let's say that the elements of the array are elements of class T, where T looks like this:

class T {
private:
double height;
int age;
string name;
public:
double getH() { return height; }
int getAge() { return age; }
string getName() { return name; }
};

(It's just a random example, pls don't judge for code quality...)

Let's say that I'd like to sort the T elements based on height, print out, sort by age, print out, then sort by name and print out. How can I do this? Is this possible?

Hey guys, i made a program years back and just refactored the thing and gave it a nice GUI. I made it mostly so I can use it in my daily life which I do but now I might release it as open source and give it to some friends. But I’m facing A problem i never faced before...giving it a name. Need some help 😂

Basically, i have tons of series, so i created it to maintain a nice naming convention for the videos but obviously can work for any file list.

- it renames them in a couple of different ways (replacing string occurrences in the file names, appending - prepending strings, completely renaming it alphanumerically. Anyway I use those features most (OCD i know)

- it also grabs subtitles for movies and series (parses its way through subscene and yifisubtitles until it gets to download the zip file and extracts it for me) .

- It also plays random episodes for me when im confused what to rewatch ( just opens a random file in a directory u point it to)

So any name suggestions ?

Spent whole day on fetching a random string from a webpage using jsoup only to realise next day morning the actual front page gives a random text automatically. Made all my yesterday's code obsolete.

When you can't login to your favouite game, because the games client can't handle your random string password :/

nothing new, just another rant about php...
php, PHP, Php, whatever is written, wherever is piled, I hate this thing, in every stack.

stuff that works only according how php itself is compiled, globals superglobals and turbo-globals everywhere, == is not transitive, comparisons are non-deterministic, ?: is freaking left associative, utility functions that returns sometimes -1, sometimes null, sometimes are void, each with different style of usage and naming, lowercase/under_score/camelCase/PascalCase, numbers are 32bit on 32bit cpus and 64bit on 64bit cpus, a ton of silent failing stuff that doesn't warn you, references are actually aliases, nothing has a determined type except references, abuse of mega-global static vars and funcs, you can cast to int in a language where int doesn't even exists, 25236 ways to import/require/include for every different subcase, @ operator, :: parsed to T_PAAMAYIM_NEKUDOTAYIM for no reason in stack traces, you don't know who can throw stuff, fatal errors are sometimes catchable according to nobody knows, closed-over vars are passed as functions unless you use &, functions calls that don't match args signature don't fail, classes are not object and you can refer them only by string name, builtin underlying types cannot be wrapped, subclasses can't override parents' private methods, no overload for equality or ordering, -1 is a valid index for array and doesn't fail, funcs are not data nor objects when clojures instead are objects, there's no way to distinguish between a random string and a function 'reference', php.ini, documentation with comments and flame wars on the side, becomes case sensitive/insensitive according to the filesystem when line break instead is determined according to php.ini, it's freaking sloooooow...

enough. i'm tired of this crap.
it's almost weekend! 🍻

Just found out a professor of mine "secures" each student's personal grades by appending a string made up of four random lowercase letters + four random digits (i.e. abcd1234) to the end of a URL.
🙃

I'm doing a thing that I *think* will save time, but it's weighing the time saved in having to maintain the secure password against having to convince my manager that using a random string in an ansible deployment for a database is fine because everything that connects to it is in the same stack... What could go wrong?

Why you should use sketchware and not use it at the same time regarding: encryption
sketchware the app is known to build apps by dragging elements to the screen then coding them with blocks or even write your code with the built in ide but there is one thing every developer fears. ah yes. the reverse engineers (or modders)
random guy [rates: X]: sketchware encryption is trash! are you serious?! string fog?! class rename?! i decrypted this whole app with the software i made >:D

sketchware dev wrote back to random guy: string fog isn't working because you decrypted sir! there is nothing we can do sir but email to our email and we will get back to you in a few and fix the problem

i have to say this is why i stick to android studio too many skids decrypt the C++ files or the mod menu just to edit stuff :) i also build some games im learning android studio game development but at the time lets have fun and mod other peoples games

Okay so I want other opinions. So I've been studying for C++ competition and I don't know how to keep learning the language.. for python I just kept finding projects to do or picked a module to learn. But with C++ I was gonna work on the <random> and <string> libraries but after that I have no clue :/

abstract class Ich {
abstract void support(CoWorker coWorker);
abstract void programm(List<Task> tasks);
abstract void analyseCode(String code); // mostly horrible code
abstract void drinkCoffee(Mug mug);
abstract void extinguishFireAndKillBugs(String moreLegacy);
}

...

void work() {
ich.drinkCoffee();
while(isWorkingTime()) {
int rand = Random(0,100)
if(rand < 5) {
ich.myMood += ich.programm(tasksForMe);
} else if (rand >= 5 && rand < 20) {
ich.myMood -= ich.analyse(legacyCode);
} else if (rand >= 20 && rand < 40) {
ich.myMood -= ich.support(GetNextGuyToMe())
} else {
ich.extinguishFireAndKillBugs(moreLegacyCode);
}

if(myMood <= 0) {
ich.gotoHome();
}
}
}

A wild random shitcode my coworker wrote 2 years ago appeared

var thingsToCheck = new List<String>();
foreach (var thing in thingsToCheck)
{
// 10 lines of logic
}

Random shit code used confusion. It's super effective.

But honestly, these were the only few lines in his checkin. We still try to figure out what he thought when writing this.

Algorithm Design Course Assignment: Sort a hexadecimal string using 4 different sorting algorithms, and display each pass on a webpage. Easy enough yeah? Oh wait. Boomer professor wants us to use a canvas based javascript library called P5.js

Why the fuck. would you enforce some random ass boomer ass javascript library on the class, rather than let students choose something they're more comfortable with so they can focus on the core of the project. IMPLEMENTING ALGORITHMS. OR AT LEAST PROVIDE BOILERPLATE CODE?? GAH!!!!!!!!

!Rant
If I'm validating a user input form should I use a hash or a encrypted string. I hope to include the user IP, header requested time plus a random number for the string.

So let's do a "community building" exercise.

What was your biggest tech pet peeve?

I'll start:
I hate it when people (especially teachers) give us a printout with a link to a website (like a good docs link) without shorting it.

I mean, we have to type out that 100+ character string of random numbers and letters. Then you make a mistake and have to retype it. (I.k,. First world problems)

Let's here yours. It can be about employers, teachers, or anyone else you can think of.

A lot of you here rant about devs being arogant or expecting you to think for a little bit with own head and then write a proper string that will help dev answer straightforward without guessing what the author smoked or so for which there's even a tutorial made (wasn't there always). But I don't see any rants about the other side of the coin.

Let's say you are a random dude, not even that arogant type. You see a question, no answers, everyone piss on that question because it's just a mess. Yet you find yourself in a good mood, so let's help the poor soul with th trouble. Answer like from a book for kids, fully explained example and...

No points, no accepted answer, but not even any feedback! Was my answer wrong? Did I miss something? How can I improve it? Was the example too complicated?

This is exactly the type of idiot that deserves a kick in the ass. It's no site, for hanging spam! Why the hell does that kind of idiot think there's even an option for own answer? People will come back to the question eventually and what will they found? An answer, which probably isn't even correct!

(not really talking about a specific answer/question, so no need to search)

using System;
using System.Text;
using System.Text.Encodings;
//Bitwise XOR operator is represented by ^. It performs bitwise XOR operation on the corresponding bits of two operands. If the corresponding bits are same, the result is 0. If the corresponding bits are different, the result is 1.
//If the operands are of type bool, the bitwise XOR operation is equivalent to logical XOR operation between them.
using System.Text.Unicode;
using System.Windows;
using System.IO;
namespace Encryption2plzWOrk
{
class Program
{
static void Main(string[] args)
{
//random is basically a second sepret key for RSA exhanges I know there probaley is a better way to do this please tell me in github comments.//
Random r = new Random();
int random = r.Next(2000000,500000000);
int privatekey = 0;
int publickey = 0;
string privateKeyString = Console.ReadLine();
byte[] bytes3 = Encoding.ASCII.GetBytes(privateKeyString);
foreach(byte b in bytes3)
{
privatekey = b + privatekey;
}
int permutations = random/ 10000;
if(privatekey < 256)
{
while(permutations > 0)
{
foreach (byte b in bytes3)
{
privatekey = privatekey + (privatekey ^ permutations)*20;
}
}
}
publickey = privatekey*random;
Console.WriteLine("your public key is {0}",publickey);
}
}
}
would this be considerd ok HOBBYIST encryption and if not how would I do a slow improvment I used bitwise to edit bits so thats a check :D

How to generate a random string?

Put a first year computer science student in Vim and ask them to save and exit.

Random string generator: ask an emacs user to exit vi.
C-xC-cC-xC-#ESCESCESCq:!exit!quit:e

Hey Swift keyboard users, does anybody else's just close randomly? Mainly on devRant though, but most of the time when writing the keyboard will minimise itself or create a random string of words. (it did it twice while writing this)

Is there a debug tool in Visual Studio that acts like a global HashMap<String, object> that you can add random objects to so that you can verify which objects are the same instance between breakpoints and view the state of an object that you had access to but is not in scope at a given breakpoint? I'm debugging a GUI app right now and it's an enormous pain in the ass to track identities, I resorted to adding random properties and statics to classes just so I can express this basic ass persistent debugger state

🐟💩The image i fetch from s3 is of type byte array

I return it to angular as an ArrayBuffer

Which then needs to be somehow converted to an image so i can fucking show it

Then after research i had to convert ArrayBuffer to Blob

And from Blob to URL encoded object which returns a string that now shows the full image in img tag

Somehow, by a sheer of trials and error i have just accidentally made a very secure way of fetching a very sensitive piece of document (verification document with user's personal data on it) and now in browser this is shown as blob:shit-image/random-hash. Not even the file extension. This means nobody can download this image. You fucking cant. Its a Blob motherfucker! Like a Blob Fish. It saves either a .txt when you try to save it (no idea how) and if you try to open the image in new tab it shows gibberish text. This means you can read-only this highly sensitive document image and not manipulate it, not even download it. Perfect. I have just made a very secure software by accident.

(this blob fish looks like my shit)

The best random string ever generated!

**When you open vim for first time and tries to close it**