My school.

We have free WiFi access, but you need to login into your personal student account to use it.

Turns out, SQL Injection works.
It gets worse.
Table name "schueler".
SELECT *
Well.
Got all data on all students.
Name, address, phone number, passwords in plain.

I reported it using an anonymous email. Partially fixed. Standard quotes now get eacaped. Still, passwords are now MD5.

CEO hired graphics designer without HR help after first meeting and that person first day of his work borrowed money from people and that’s not end of story.

Same guy came back at night and robbed the workplace with his friends, didn’t came back to work. Company bought couple of big iMac for new graphics department back then, all gone.

When company reported incident to Police it turned out he travel and steal from companies all over the country and they’re trying to catch him for a year.

When you finally fix all the reported bugs.

My little brother (still in school , learning security and pen testing): i found a bug in a website , it returns an xml file instead of the web page , i reported it to them and i think i'm gonna get rewarded like 2k $ for it .
Me : cool ! Show me .
Him : shows me his phone ...
Me : wait , gotta rant this .

So a user reported they couldn't login to our site, so I reset their password to:

uI+ffRT7M2NAzo8uOqzf4QxO3I9tj8PJ4TS0n8zDV7I

And sent them back an email with the updated password. A few minutes later, they replied and said that password didn't work. They even tried a different web browser, etc. I tried it myself, and sure enough, it didn't work.

I spent the next several hours trying to figure out why the password didn't save properly, or why the logic didn't compare them correctly. Perhaps it was some sort of caching issue? Oh the horror.

As it turns out, the problem was a maxlength of 28 on the login form field:

<input type="password" name="password" value="" maxlength="28"/>

I don't know who wrote that code, but it sure wasn't me.

Johndoe is not in the sudeors file. This incident will be reported

Achievement of the day. Finally managed to reproduce a bug a client reported

A guy who doesn't work on our project anymore, but still checks on us regularly just did this:
- reported a bug
- started explaining what's causing the issue
- realised the problem was in a piece of code written by him before
- fixed his own mistake, committed it and created a pull request

We all had a good laugh.

This new dude who would change status of tickets to "resolved", thinking that it actually fixed problems reported in those tickets.

My local ISP was saving their database backups in an unprotected folder which was literally domain.com/backups

When I downloaded it contained thousands of their clients data.

Reported it to them and got 2 years of internet/tv services for free.

They wanted to hire me but I was still studying in my first year of uni in another city.

user is not in the sudoers file. This incident will be reported.

This was what I saw on my first day at my job. I thought I was gonna get fired on my first day.

So, rage time.

A few months ago I inherited a big Wordpress website, with around 750 pages.

The client has reported the main menu is broken.

Upon looking at the code it appears the previous "Wordpress Developer" (ahem ...) attempted to rewrite navigation system - no idea why.

As part of the 4000 class below is a screenshot of part of the file where he's determining if the current menu item is active, within a loop. Whilst the whole if statement spans 409 lines - the code basically continues exactly the same downwards.

Shameful :/

Spent some extra time adding a parallax effect to an image on the client’s homepage. Client reported it as a bug 😂🤦‍♂️

I was having dinner yesterday and I suddenly get a message from someone from another team.

Them: Hi
Me: Hi

(No response for 20 mins)

Them: I'm having some problem with your service. Its not working when I do <task>
Me: Okay, let me look into that.
Them: Also, <task2> is not working
Them: And <task3> has problems
Them: Could you also look into <task4>?
Me: (visibly sweating) Let's discuss this in detail in the morning.

[Next day, morning]
*convinced that the service has a major bug*
Me: Yeah, show me what is causing the problem.

They show me what they tried. Turns out they made an invalid call and got an error, AS THEY SHOULD, and reported that as a bug. And all the other tasks were because the first call didn't work.

:|

Okay so my co-workers explains why they give me the title "GitHub Maid":

Basically most of the time the engineering didn't have the time to scroll through issues, and that includes me, so a lot of this stuff does not get triaged properly when reported. When I stumbled on the tracker, I knew I had to do something, so I sorted and sorted and managed the tickets by my own.

So being a "GitHub Maid" is not something to be embarrassed about after all, in fact, I think the dev team owed me a lot because the issue tracker is more organized, and the issues are getting triaged and assigned properly now compared before.

So if they call you like something similar, be proud of it because some developers wouldn't even bother to tidy up issue tracking.

The guy who reported a serious exploit in the company's system got arrested this morning. Safe to say the Hungarian public isn't very happy. I took the screenshot 5 minutes ago, it went up to 3.1k since then 😂

Interviewer: have you ever been reported for sexual misconduct at work?
Me: uh no
Interviewer: good to hear! Our last developer had wandering hands, which we don't approve of here
Me: ...

!dev
Last week I watched a DIY video where at the end the guy dumped detergent water on the grass. I kindly commented it's a €150 fine. Their response was on the lines of "Oh yeah, Mr Proper? And what would you say if I told you I spray my whole garden with soap to get rid of weeds, huh?".

Well, you dumb fuck, I don't care what you do, I wasn't attacking you, I was being *nice* and warned you about the fucking fine that you're going to fucking pay because your channel name is your first and last name and your video shows the street and the house number but whatever.

Today I couldn't log into my YouTube account. Why was that, you might ask? Well, because the dumb fuck paid the fucking fine and assumed I was the one that ratted, so he made a video about it and his dumb fuck audience falsely reported all of my videos for child abuse and promoting terrorism.

I only upload unboxing videos that debunk scummy "deals". 🤦‍♂️

!rant

Yesterday I upgraded VS Code (insiders version, i.e daily/beta/etc) to the latest version and ran into a minor bug. I reported an issue in the Github repository, and 40 minutes later got a reply saying It was fixed and I can upgrade to the newest version.

Kudos on Microsoft and the VS Code team!

Made a web app at work.

Client reported the site crashed​ IE10 when it loaded.

I'm not even sad about it XD

My first testing job in the industry. Quite the rollercoaster.

I had found this neat little online service with a community. I signed up an account and participated. I sent in a lot of bug reports. One of the community supervisors sent me a message that most things in FogBugz had my username all over it.

After a year, I got cocky and decided to try SQL injection. In a production environment. What can I say. I was young, not bright, and overly curious. Never malicious, never damaged data or exposed sensitive data or bork services.

I reported it.

Not long after, I got phone calls. I was pretty sure I was getting charged with something.

I was offered a job.

Three months into the job, they asked if I wanted to do Python and work with the automators. I said I don't know what that is but sure.

They hired me a private instructor for a week to learn the basics, then flew me to the other side of the world for two weeks to work directly with the automation team to learn how they do it.

It was a pretty exciting era in my life and my dream job.

worst experience with a manager was the (female) one who got away with harassing a female employee for YEARS and thought it was ok because she thought they were friends.

She also retaliated (in ways that were hard to prove), played favorites, didn't know metrics or general business sense, couldn't do her employee's jobs but loved to tell them how they were wrong all the time, and then when she was fired, after the female coworker finally reported the ass slapping and the harassment based on disability, she went back into employee only areas with client personal information and thought taking selfies was ok (she was very quickly corrected and had to wipe her phone and memory card to ensure she hadn't been doing it when she wasn't caught, which cameras later proved she had been).

(I only sound calm. I will take a needle to her probably fake boobs and deflate them with glee if I ever see her again)

How would you get your "Cash prize" if you reported anonymously ...

Boss: A client has reported that he can't add products to the cart he gets redirected to "empty cart page" on safari or edge not sure, can you check it out?
Me: Yes
later...
Me: It's working on safari and edge but not on IE, I get that exact same problem on IE.
Boss: ok don't mind about IE
Me (inside) I've lived long enough to hear that YEAH !!!

Goodbye my old friend IE hahaha :D

paraphrased

C: "hey, we've seen the ticket resolved with a bug bounty rewarded to you! congratulations!"
C: "we've talked about it today on our meeting and think we deserve 85% - since it was discovered by you while working on our contract and system!"

That was so bizarre to me and I was speechless for a good 10 minutes, didn't even have any witty reply afterwards.

I just cancelled the contract, reported the client to my middleman, explained it to the on-sight business contact and requested the final milestone to be released with one week notice until it gets to be a public case if not released through escrow.

I'm still somewhat shocked at how greedy one can be, the whole system package I was working on had estimated 150-300k post first week launch (tons of existing clients merged and unified into one system, with much more paid and feature stuff etc.), the bounty I got was around 3.5k, it still didn't sink in me.

Client calls at 3AM, telling me an issue he reported which I told him was already solved in a new update hasn't been solved. He tells me that I'm lying because the issue is still there. The son of a bitch didn't even update the flicking app. Sincerely, fuck you.

You know your getting deep in trying to figure out a bug when you start discovering bugs not even reported yet.

Today I got lectured by one of our Seniors that my automated test isn't useful because it always fails. Reminded him that it only fails because of a bug that's assigned to his team for four months now. He answered that I should remove the test case. Sometimes I honestly question why they even have a QA if they ignore at least 80% of reported bugs...

Although web developers are widely feared, only a few species are dangerous to people. Web developers will only bite humans in self-defense, and few web developers produce worse effects than a mosquito bite or bee-sting. Most of those with medically serious bites, such as JavaScript web developers and PHP web developers, would rather flee and bite only when trapped, although this can easily arise by accident. There were about 100 reliably reported deaths from web developer bites in the 20th century.

So instead of using the budget of 7k$ to buy all the plugins the old developer needed, he torrented more than half of them and deployed the system

which ended up in 20 thousand users including companies reporting a breach, because avira etc reported some kind of drive-by scripts on the new website

what a fucking buffoon, the most annoying thing about this is, that all the plugins had a "license file", so I didn't even first get, where all that shit is coming from

6 months ago I had to implement a new feature and realized that a related uploading feature was broken if you choose a specific service to upload to.

I was wondering why nobody had reported this, so I took a look at the usage of said feature and it seems literally no client ever used it since it was released almost 2 years ago.

Only the product owner used it in the beginning... only for testing it...

2 weeks well spend.

Old boss story. This guy was nice but a terrible boss. Also relevant, he has a background in IT so should know better.

Him: So when you wanna check a password is correct you just unhash it in the database?
Me: *facepalm*

Me: Hey we should be doing unit and integration testing at a minimum to lower bugs.
Him: We don't need those, we're not a bank. If a problem comes up we just fix it and push to production.
(A while later)
Him(in email): Why do we keep getting bugs reported. Don't you devs test your code.

I was mildly annoyed at that one.

Him: We're always over budget on projects, how can we fix this.
Me: What if we increase our quotes.(technically there are other ways as well but not really possible at that time)
Him: We can't do that, clients won't want to pay.

Me: *finishing off my handover as I'm leaving for a new job*
Him: Wow you do a lot of work

Setup my port honeypot today finally, including port 22, then wrote a custom dashboard for some data tracking, feels great to have it open on my screen seeing the bans just roll in every 2 seconds of refresh, the highest hits are as expected from china, russia and india, also filed ~700 reports and already got 300 banned from their service. (mainly Microsoft Azure for whatever reason)

I wanted to first automate that (or atleast blacklist report to various IP lists via API), but then I was afraid that I'll be one day stupid enough to somehow get banned - don't want myself to get reported lol

I heard scary thing.
A tester found an issue yesterday. He came to the dev and reported about it. Apparently the only feedback message was "something went wrong". They spend almost an hour hunting down the cause for that. It turned out the error message was from one of the try-catch. I do not know much details apart from that. At the end, the dev lead said this (which he had said before).

"That's why I don't like to catch exception."

Looks like /dev/body got tainted.. nasal memory leaks all over the place 😷

$ kill -9 $(pidof cold)
... Nothing.
$ sudo !!
I said kill the fucking cold!!! Y u no listen to your admin?! 😠
> User condor is not in the sudoers file. This incident will be reported.

RRRRRRRRREEEEEEEEE!!!! 😣😣😣
I just want to finish my goddamn power supply project, instead of getting bed-ridden by a cold, and running through paper towels like there's no tomorrow 😭

New guy reported today, seems to be fitting nicely.

v2 production release, day 4:

0 Issues reported

*drops mic

I have the best team.

Found a bug, reported it to the maintainer.
He then tells me to ignore it since no one noticed it (besides me).
I tell him i can't do it since it's just wrong and he can simply fix it.
Turns out he's just lazy as hell and got mad at me, so i go and fix it.
Next day boss is mad at me because i'm wasting time on tasks that it's not of my concern even knowing all my tasks were completed.
Not even a "thank you by the way".
What did i miss here?

"The client has reported {some problem}. Do we know what has caused it?"
Dev: "{explanation} is the cause"
"Ok, was that caused by a recent change?"
Dev: "No, the system has been like that since the start"
"Ok, but who did it? Was it some recent work?"
Dev: "The system has been like that since the start"
Constant fucking blame and finger pointing.
Fuck off.

So I've decided to go about converting a Java project that I've been working on to Kotlin a little bit at a time. I started out with basic entity classes converting them to simple `data class`es in Kotlin.

Eventually, I got to my first beast of a class to refactor. This class had over 40 service classes depending on it, so even a little hiccup would throw everything into chaos.

I finish all of the changes on all of the dependent classes, update the tests, and the configurations (as necessary), and I was finally ready to spin up the app to test for any breaking changes I may have introduced...

Well - I broke everything! But I was sure I couldn't have! So what the hell happened?

Turns out that as I was building my project with a Gradle watch, at one point something failed to compile, which threw an unhandled exception in the gradle daemon that was never reported.

So when I tried to run my app, gradle would continually re-throw the error in the app I asked it to run...

After turning the daemon off and on again, the app worked like a charm.

I had a manager in a fortune 500 company encourage me to install a web cam with live feed in another team members cube as a prank. Being younger, I trusted him and so figured it would fine and just get a good laugh.

Then another member found the setup and reported it. Turns out, this broke so many company regulations, I could have been fired on the spot. They confiscated my laptop and I got the 3rd degree from my senior director, who told me I was lucky to be a contractor at the time or the situation would have been even worse.

Moral of the story for younger folks in large corporations... don't take everything your higher ups say as gospel. Think for yourself and do your own research if something feels iffy.

There was a bug that I ignoring to fix for past 8 months and finally Client found the bug and reported back to me. All I said to myself "Motherfuck".

So from tomorrow I will be rewriting a piece of code.

Back then, whatever finished tasks I have done, our CTO always contradicts my idea and finds a way to humiliate me. I don't get the point why he did that. Probably, he didn't want me to excel at something or he really does have crab mentality. I already reported this issue to our CEO because I was being harassed and submitted my resignation letter.
And boom! Guess what? It looks like our CTO just stepped a chicken manure and treats me nicely like a princess.

P.S. To be honest, it took him like a couple of months to step down and act normal like nothing happened. Really appreaciated the A-ffort, though!

Update log: performance improve, API rewritten, fixed all bugs reported, new features implemented, general cleanup of code, documentation and comments update
Feedback: love the new background colour!
😞

Salesman: "The new version is super impressive for <10 minutes of verbal bullet points>"
Me: Have you fixed any of the bugs we reported in the current version?
Salesman: "Don't worry, the new version uses a totally new codebase, so there are no bugs in it."

Thanks to @sain2424, we found a really weird bug in devRantron.

One of the user that commented on or upvoted his rant has deleted that account. So when the notification component was trying to fetch the user's avatar to show the notification, it was failling and causing the app to crash.

@Cyanite the bugs you reported is fixed as well. Please update 🙃 🙃

1. high severity production incident was asked to look into at the end of the day.
2. needed fix in ui.
3. fixed and deployed in 1 hour.
4. issue remained. debugging began.
5. gave up at 1 AM and went to sleep.
6. woke up at 6 and after debugging for 2 hours, identified to be a back end issue.
7. worked with back end team for the fix, and 6 hours and 3 deployments later, it worked.
8. third party vendor reported they are still not receiving one parameter from us.
9. back end team realised they forgot to ask ui to send another parameter.
10. added the parameter in ui, redeployed ui.
11. build and deployment tool broke down. got it fixed. delay of 1.5 hours.
12. finally things are in place. total time 26 hours.

13. found half bottle of vodka, leftover from last weekend. *Priceless*

Unsurpisingly, an in-house client reported a visual bug in IE. So I candidly asked him which version of browser he was running. He told me with confidence: 11. As I couldn't reproduce the bug I asked him where he found the version number. He answered: "below the laptop on a sticker".
Well, it happened to be the year of construction of the computer.

The Hungarian public transport company launched an online shop (created by T-Systems), which was clearly rushed. Within the first days people found out that you could modify the headers and buy tickets for whatever price you set, and you could login as anyone else without knowing their password. And they sent out password reminders in plain text in non-encrypted emails. People reported these to the company which claims to have fixed the problems.

Instead of being ashamed of themselves now they're suing those who pointed out the flaws. Fucking dicks, if anyone they should be sued for treating confidential user data (such as national ID numbers) like idiots.

Tesla lost $879M in 2020. Tesla is not profitable.

In USA, gas cars automakers are legally required to give money to EV makers, like Tesla, that has 100% EV fleet. Tesla reported making $727M in 2020. But, other automakers gave it $1.6B. Tesla lost money. They lost $879M.

Tesla manages to lose money even without competition and with all that dotations. Imagine what happens when the competition in EV arises from other automakers? Then, dotations will stop. Tesla had no competition and had dotations. They're not gonna get any dotations anymore, and they will have rising competition.

They're gonna die.

In 2020, in Europe, VW sold more ELECTRIC cars than Tesla. And then you ask why I don't buy Tesla stocks. That's why.

My friend developed an app called "sendanyfile - WhatsApp, messenger" which can be used to send file of any extension via WhatsApp. A week later WhatsApp reported the app saying that it contains the word 'WhatsApp' in the app's title and removed the app from play store. Then 2 weeks later this happens....

Crap. I reported my own rant.

My most satisfying bug fix?

I found a core concurrency issue in this gnarly homegrown ORM and reported it to the lead devs, who (very defensively, having written the damn thing) argued that it would never pop up in a prod environment and I was stupid for even bringing it up. Theoretically, this bug could cause pretty much every foreign key to be assigned to the wrong parent, but only if multiple instances of the application were open/running at once. They were so certain it would never happen on live that they explicitly instructed me not to fix it. After all, this bug had been active for many years on a previous project and nobody complained.

Problem was, that previous project was something that only a single user had open most of the time (think: a manager). The new project was something that would be used by multiple people at the same time (think: all the employees). Once we released this new-project-with-old-orm, it didn't take long at all for our customers to start complaining.

After that, they let me fix the bug. :)

Someone I know quite well just told me that they have a hard drive with a S.M.A.R.T warning and "the internet says" that he can fix the problem by running this amazing built in windows tool called "chkdsk" (he literally learned about this today, as a long-term windows user) or by reformatting the drive.
I've told him that neither of those methods will work, since it is a hardware fault that is being reported by S.M.A.R.T.
He said that there is hope that it'll work, since someone on the internet said so.

ಠ_ಠ

Got a few Jira tickets reassigned to me because the dev who was supposed to work on them got stuck on another project. It's fine, that happens.

I open the tickets. No descriptions for all of them. No screenshots for those reported as bugs, nor any replication steps. No attached test cases or, well, ANY useful information.

I talk to our BA, he says that all information I need are in OTHER tickets on ANOTHER BOARD that business manages but I DON'T HAVE ACCESS TO. Honestly, these shitfucks could've just done simple copy/paste. But nooooo...

So I reassign all the tickets back to their original reporters (business testers) with comments requesting more information.

It's been a week. Now I have no idea what to put in my time sheet.

Hmm internet connection is down. Check isp status page...no issues. Wait 50mins on phone to get to support, where they tell me there is a known issue, reported 4 hours ago. After call check isp status page...no issues

Is AWS selling status pages as a service now?

Google: buys Android
Makes tons of $ from Ads
Meanwhile 7 year old bugs
Are still not fixed

A bug reported in 2012: recently created files are not visible when using MTP protocol.

Guess what? I still have this bug on my 2017 phone, like many other people.
Probably has something to do with file cache.

Because obviously 7 years is not enough to fix a stupid bug. Especially when Google is busy implementing all the other features nobody asked for except marketing department

Windows 10 - Ghost bubbles
Suddenly the ghost bubbles started appearing, with feverish flickering of cursor, not able to click anything, had to do hard restart and the bubbles disappeared. Happened a couple of times, infrequent.

I thought my PC is virus infected. Upon search, many users reported the same. Looks like some windows update messed up the graphic drivers :(

Reported an important security vulnerability inside our organization, right before getting off work. A security team member contacts me over chat asking for some details on my investigation. At the end, he tells me: "thanks, I will copy and paste this conversation on the ticket so that everyone can see".

What I imagined: he would copy and paste the conversation as is, so that every line written by me is prefixed with my name.

What he does: he writes a summary of our conversation, barely mentioning my name, making it look like that part of the investigation was done by him.

Now I have so much anger inside of me that my internal organs are boiling.

Some years ago i was getting some dev training at a medical analysis company. They made a performance report at the end. And well, they sent out the report to my employer before actually discussing it with me. Which would be ok if it wasnt horseshit and full of blatant lies. Apparantly they confused me with someone else. Atleast it got corrected in the end.

Some weeks ago i heard they were heavily sued by swissmedic. An org supervising all medical products within Switzerland capable of shutting down entire companies and hospitals for medical malpractice. Apparantly they fucked up programming a cleaning cycle when running a series of samples trough their machine. Hospitals reported this issue but they ignored it. I guess they had it coming.

Me setting up Webpack for a project

Error: can't resolve ./src

Guess what? ./src exists. So I go searching for an answer, and it turns out webpack looks for ./src/index.js and if it can't find it then it throws an error.

But the error message is: can't resolve ./src

The issue was reported ages ago but webpack devs never improved the error message

THIS IS WHY WEBPACK SUCKS 💩

Yes it might seem like a little detail but it just makes it all the more obvious that Webpack sucks right from the start when you set up a project the error message is stupid and unspecific

Reported a security bug in Chrome two years ago, got the response now -
Moral - even google products are fucked up.

Client: Each invoice should be it's entity. It should only report it's own open amount. Any other open amounts remain on the other invoices.

Me: No problem. ::Sets invoices to only report own open amount::

PM: Hey, the invoices in UAT are not displaying the sum of all open bills.

Me: I know. The client wants each invoice to only report the open amount on that specific invoice.

PM: That can't be right, change it back before we give the client access to the UAT environment.

Me: No problem. ::reverts invoice changes::

Client: We are failing the invoices. The invoices should not be giving total open amounts for the account. Each invoice should only report the open amount for that invoice. We told the development about this...

PM: I see. I'll make sure he understands your request.

Me: ... ::reverts the revert::

PM: Hey, the invoices in UAT aren't giving a total of the open-

Me: OMFG. I just want this task closed!

Client: After the invoice work is done, we need to talk about past due amounts and how they are reported to customers.

PM: Sure thing. It is logical to give a total of a past due amount to the customer...

Me: ::Starts updating resume::

Step one: install the react browsee extensions. They let you know when a website is using react and it gives you a browser inspector.

Its pretty legit.

Step two: laugh while some websites are reported as using an outdated React version.

Every
Other
Fucking
Week

My coworker "fixed" a bug. Then an issue was reported to me. He refactored something that we both used(And my code was already working right). I asked him about it. He didn't care about it and also was upset about my question. A question that I didn't ask in a "rude" way.. The worst: the refactor only required 30 seconds to do!!!

What!!!

Please guys if you refactor do it right or don't do it at all. Have a nice day

I guess that counts? Some of the local burger kings once had an online game they advertised, where you could win free burgers if you are the first on the highscore (the other 2 places got some sort of coupons for cheaper meals), turned out there was a score submit bug you could abuse after finishing a game (me and a colleague noticed, while trying to find some sort of bug), when I reported it they didnt care (didn't get any response, maybe spam filtered?), so I got us some free burgers, scanned in the receipt and send it again, they paniced or just realized you can generate any amount of free burgers for the time of the game being online, took down the game for a day or two, sent me a short email thanking me, thats it.

Fuck, accidentally reported a rant because my hand was resting on the fucking report button.

Shit, and sorry to the comment's author!

We are required to use corporate SSO for any authenticated internal websites, and one of the features they require you to implement is a "logout" button.

They provide a whole slew of specifications, including size and placement/visibility, etc. They provide an SSO logout URL you must redirect to after you take care of your own application logout tasks.

Makes sense... except the logout URL they provide to serve the actual SSO logout function broke over 3 months ago, and remains non-functional to this day.

Apparently I'm the first person (and perhaps one of the only people) who reported it, and was told "just not to worry about it".

So, we have a standing feature request to provide a button... that doesn't actually work.

Corporate Security - Making your corporation _appear_ more secure every day...

Found a bug in the first five minutes and reported.

Today somebody claimed they have the "copyright" of responsive websites.

First of all, I'm here for almost a year now, but this is my first rant. Hello guys!
(linuxxx, call me)

This didn't happen to me.

So, it begins like this:
Some client called us and said "[INSERT_COMPANY_NAME] called us and said they have the copyright of all responsive websites, asking money."

I hanged up, laughed hard and visited [INSERT_COMPANY_NAME] website and saw this:

- Each website that uses the solution must report the domain name in order to register it.
- If a company undertakes web site design, it is the company responsibility to inform and record.
- Any unauthorized website will be considered unauthorized and a violation case will be opened.
...

Pricing (Currency Converted to Dollars)
1 Website ~$260
2 - 10 Website ~$1300
...

Well, eventually I reported this to government. I unmasked this fraud.
OR DID I?

Their site is saying this now: "We do not serve this to anyone except government now, you are making nonsense and we do not want nonsense."

So I posted it on a forum, asking what can we do.

We are suing this company now. Yeah, I said "we".

PS: If we cannot win this, I'll get the copyright of subdomains.

My senior developer says he wont fix any bugs that are reported by any user in the company, because bugs will appear anyway.

I think he needs to change job

so today we used putty and coded the exercise within the university's server. i wanted to use "tree" to see all the files better cause thats what i normally use. turns out i had to install it.

i type in "sudo apt-install tree"

screen: no root priviledges. <university_login> is not included in root.txt. this will be reported immediately.

i forgot i needed root priviledges smh i just wanted to see my files better XD

Just investigating a bug reported by QA. Spoke to the dev responsible for the code, and asked why they'd called a particular function. Their reply:

"Well the function name sounded right. I didn't check what it actually did"

My university alerts all student and staff any time a phishing email is reported. I've yet to attend one class, and I've received a few dozen emails alerting you of phishing emails being sent. It's sad people can't notice the pattern of the emails, and realize right away "Hey this is a bullshit email" and not rely on the alerts.

It's the 21st century; basic computer competency is a necessity.

Just found this absolute 5 head, galaxy brain implementation in a piece of code which is called in a loop by a background scheduler which has performance issues.

There are 20+ properties, some which are recursively calling other properties with the same implementation style in this class.

Constant out of memory errors have been reported for this software, I wonder why...

I've had today a meeting with the CEO regarding some designs. Here have some quotes that he made:

1. So you can click, click, click, click, click
2. numbers are so complicated so I just said something
3. I like the vibe in Amsterdam
4. We are doing a rebranding. Our rebranding document is the color of the 2 blues and one orange
5. I've to ask my wife for the design (with no design experience) to make the rebranding documents
6. In <the app our technicians/support use>, you can brrrrrrrrrrrrrrrrrrrrrrrrrrrrrrb
7. This is what differeniate us between most applications; FAVORITE SQUARES
8. I never watch that mess. I don't even know if it works or have ever worked with it. (talking about a simple table view)
9. You have been reported to the admins (in an admin-only application for our customers)
10. It's always nice to see developers think; when I don't think
11. But it's already an iPhone (when looking at android designs & cries in largest userbase in my country)

Just arrived in Sydney 2 days ago and reported for work yesterday. I looked at my laptop's clock and it said its 4:40pm. Cool! Another 20 min and I'm off.

I started fiddling around with my machine settings and noticed my Location setting is off. I switched it on. My time is updated to 2:43pm.

MOTHERF****!!!

I reported a bug and the PM replied "It's not a bug, it's just an outcome of how the button was coded. Although that's not how we want the button to behave so we'll prioritise this next sprint planning."

I was about sign-out and collegue comes running that something is urgent and can't wait till next day.

I said fuck off to his face and told him to go and resume his tik-tok video. I signed out and left office. Next day he reported me to HR. Disciplinary action will taken against me starting next week.

Awesome 😎

Major state insurance provider, all past and current members data stored unencrypted (including SSN, date of birth, home address, etc.). All developers and contract developers had read access to it. Reported it, nothing was done. Reported it again in my exit interview. Was basically told they had intrusion detection systems in place so it was not an issue.

So a couple of days ago we noticed a strange behaviour with a playment plugin for an online shop of a client. We opened a ticket in the support center and got a response that basically said "Nobody ever reported this behaviour. Therefore this is not a bug."

Found a big box of forgotten thumb drives at the shop, still packaged and everything. 7 yrs old or so. Figured I should test them. They're all the same 2GB Kingston drive. 30 tested good, 13 had 0 byte raw capacity, 12 reported that they were CD drives, 13 reported 1.1TB capacity, and 9 either got really hot or went up in smoke.

I'm pretty sure my clients would fail the marshmallow test 9/10 times if not 10/10 times. We have a certain time period of the day set aside for me to look into new reported bugs but besides that I'm supposed to work on regular tasks. Of course, they ask me five hours after that time period is done, whether I can look into a new (non-urgent) bug. At the cost of the new thing they want to launch in 2 weeks. 🤔 I would love it if we actually had time to fix every single bug in the codebase but what typically happens is I get about 15 bug reports (most duplicates) and I'm expected to fix all of them in a span of 2 hours.

So someone posted their btc wallet details (system automated message through a custom tool) to a paste in alternative.

Was the login for an ssh. Wont confirm or deny ssh-ing into it, but another guy who saw the same thing messaged me, sent a screenshot. Account had 127k usd worth of btc in it.

Called the radio station it belonged to and gave them a heads up. Probably should reported it as well but people already seen it so it'll get taken down soon enough.

Here I am broke, busting my ass and reality throws this in my lap. But I ain't never been no god damn thief. Hope the radio station it belongs to doesnt get robbed by someone less honest though.

Honesty is probably half the reason I've spent half my life broke trying to find or make opportunities.

And frankly I've heard real horror stories of good faith reports (whitehat style pentesting, etc) and the people that report it get fucked hard by authorities. What can you do though.

Enough navel gazing though.
What the fuck is wrong with the people who build these sort of account reset tools anyway?

I want to share this story and need your advise.

When I was teaching exisiting team members about git and new iOS development ecosystem. I was changing the whole ios development practices and processes that time. One of my teammates wasn’t listening, when implementing the new ios development practices and standards, he actually screwed all of the projects.

He’s been with us for 2 years and he even don’t know how to use git. He forcefully push his changes without pulling our changes first. I was so angry that I reported him to my manager to address this matter. And then my manager told me, he is aware of my teammate’s incapabilities. He said he was planning to terminate him, and he is been thinking about it for 3 months.

When the judgement day came, we were in the meeting room. My manager told us the bad news that one of us will be terminated. During the meeting he said, “I am sorry, {my teammate’s name}. You will be out of the team due to {reason of termination}. {my name} reported to me that you dont meet the deadline, you are always late with 2 weekly sprint to your tickets”. As my manager keeps talking, my teammate look at me with his eyes so angry together with his girlfriend (her girlfriend is part of mobile team, but she is focused on UI/UX).

After my manager stops talking, her girlfriend started crying and said I was the one who should be terminated. Her reason was that I keep on giving difficult tasks to his boyfriend, that’s why he is always late to report. In my defense, those tasks are not difficult, most of his tasks is just changing the color of labels, changing layouts. If you are an iOS developer you know how easy it is to change font colors, changing the layouts using storyboards. Her girlfriend keeps on rambling that I should be the one needs to be terminated.

After few days, he left the team and surprisingly his girlfriend stayed and we never talk to each other except anything about work.

I am really pissed guys. Now my teammates think I am the bad guy asking my manager to terminate anyone in the team if I feel to. I feel very very not good in my work now. I can’t function what I used to. The termination of my teammate was already planned why am I should take the blame?

"One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users," according to the report of Bleeping Computer.

Vulnerability hunter Vinoth Kumar reported and later Starbucks responded it as "significant information disclosure" and qualified for a bug bounty. Along with identifying the GitHub repository and specifying the file hosting the API key, Kumar also provided proof-of-concept (PoC) code demonstrating what an attacker could do with the key. Apart from listing systems and users, adversaries could also take control of the Amazon Web Services (AWS) account, execute commands on systems and add or remove users with access to the internal systems.

The company paid Kumar a $4,000 bounty for the disclosure, which is the maximum reward for critical vulnerabilities.

Well I'm officially terrified. My biz/coding partner in a project had to move back to China about a year ago. We have been working on a project for about 2 years. About two weeks we had to use different VPNs about every 30 minutes so we could communicate because Chinese government keeps cutting it off. He said the virus is much worse than reported and he was to be imprisonment in his house. I have not heard back from him in over a week. ☹️

So yesterday I was testing my friend's app which as said by him is 100% okay.
I found 48 major bugs and reported him. His reaction was "Dude these are just minor issues and client don't even know about it. See there is some real bugs?"

RIP to the app developer and the client.

This god damn unknown company reported my websites' Facebook page is violating some intellectual property. Facebook report says I must contact the reporting party to get this resolved but there were no contact details specified!! I searched on Google and Facebook om how to contact Facebook but no luck.

How the fuck can I get this resolved if I don't know who reported this? Does anybody here know how the fuck I can contact Facebook?? If you do then please let me know!

I made changes in production on Friday, surprisingly nothing has been reported yet!

Social Captain (a service to increase a user's Instagram followers) has exposed thousands of Instagram account passwords. The company says it helps thousands of users to grow their Instagram follower counts by connecting their accounts to its platform. Users are asked to enter their Instagram username and password into the platform to get started.

According to TechCrunch : Social Captain was storing the passwords of linked Instagram accounts in unencrypted plaintext. Any user who viewed the web page source code on their Social Captain profile page could see their Instagram username and password in plain text, as they had connected their account to the platform. A website bug allowed anyone access to any Social Captain user's profile without having to log in ; simply plugging in a user's unique account ID into the company's web address would grant access to their Social Captain account and their Instagram login credentials. Because the user account IDs were for the most part sequential, it was possible to access any user's account and view their Instagram password and other account information easily. The security researcher who reported the vulnerability provided a spreadsheet of about 10,000 scraped user accounts to TechCrunch.

When the graphics team at the NY Times fails to test whether there are any votes reported before placing a win indicator next to Trump or Clinton

Sitting in a board room with about 20 people all who have flown in from different parts of the world to discuss the project plan for a web app with an international user base.

We are discussing a web form with a dynamic layout based upon the users profile. Users enters a ton of information, calculations, are made, and info in stored into a db. Info can be updated and will be reported upon later.

One of the project leads representing Europe suggest that the form be exported into Excel so that the user can fill it out in Excel only to be imported via the application. WTH!!!! Later I found out this was that leads 2nd week with the company. Why were you even at the meeting and why did you have input?

So I took over a project from another dev after he left the company and his project was currently in QA pending release. They were blocking it due to some issues around the persons information not appearing consistently. It turned out he wasn't persisting the persons information in the database with the actual record.

It would be as if when you ordered something on amazon and changed your address for a future shipment all shipments would show the new address. So it turned out QA had no idea how bad the problem was and they had pushed this issue to him to fix but he just wasn't fixing it.

When I reported the problem to my boss and due to the time constraints for release they authorized a contractor to come in to assist. I ended up writing a few classes and one table to persist the data and all of it was solved. I ended up fixing the problem in one weekend. Huge problem and I fixed it in just a few days.

I NEED A HACKER TO RECOVER MY LOST BITCOIN / CRYPTO HIRE iFORCE HACKER RECOVERY

iForce Hacker Recovery saved me from nearly losing around $958,000 of my inheritance money in a pig butchering scam on a Chinese trading platform after a stranger used the new AI technology to pose as my friend. I fell for the scam when I received a call with my friend's voice, thinking it was a great investment project because she was already profiting from it, so I decided to invest without realizing I had been duped. After losing the money for a few days, I discovered the top bitcoin recovery expert at iForce Hacker Recovery, so I engaged them and explained my predicament to the staff. To my amazement I got my money retrieved within a few hours. I reported my case to this firm. The service was hassle-free, flawless, and flawless. using iForce Hacker Recovery.
  

A: Seems no error reported yet~

B: Yes, since no one is using it

Everytime i tell the tester that the reported issue is fixed. It should all be good now.

He raises an eyebrow and says
"Should be? And Are you sure?" With a smirk.

I can never answer that :/ -_-

Really regretted to born in India. I know I should not say bad about the country in which I born and living it but there are so many reasons.

Govt of India is very poor. Nothing can be processed if you don't have offered bribe or you don't have political power and pressure.

My company offering me onsite to go London for my project, govt is not issuing me PCC Police Clearance Certificate even I never had any crime.

Police says for your current address 6 month is duration you're living here so we submitted 6 months crime is nil and 4.5 years is more required.

I went to passport office and happy to submit all documentation for previous addresses so that police verification can be done but no body is taking documents

No progress in my file.

I'm too much frustrated now.

I reported to ministry and prime minister of India but even no progress.

I'm really fed-up.

:(

Some Project Manager outsourced a redundant RADIUS setup with MySQL backend. We got 2 copies of a daloradius appliance running on Ubuntu 10.04. Once I saw this, I started to get a bit suspicious and requested to audit the system and database redundancy. With the system in production, and without getting back any documentation, I got into the VMs using the default root password. This was not even the worst part, as I found. One server was using a local MySQL instance, while the other was also using the first one's MySQL instance. When I reported this, I was told to comment clearly any changes to the configuration files, which resulted in commenting the word SHAME above each change.

I am bored !!! No feature request and No bug was reported from last 2 days... Nothing to resolve today.. I am thinking should I create new bug and release it as feature??

You know how my 'about' here says I create features from bugs?!? Well if you didn't before, now you do.. :P

Anyhow, today the most bizzare thing happened.. Customer played 'reverse uno card' on me..

Meaning?!

They reported a feature missing on uat env, when in fact I fixed a bug they have on prod..

Not sure how I should feel about this, but it sure made my day! (: I just hope they will not open a bug report for this missing bug..

// This part of the code should never run

Came across that lovely comment when fixing a reported bug. Guess where the bug was? You guessed it XD

Got my laptop back from SquareTrade today. This is after a month, 2 weeks of which they gave no status updates.

Per their "Repair Summary":
Reported issue: Power/Charging port
Actions: Repaired
Parts repaired/replaced: None. OS reloaded
(Note this was originally a Windows 10/Gentoo setup)

WTF??? I thought the extra M2 SSD they included might have been the drive they had replaced, but nope. Both are blank (one W8/what the computer originally came with, the other W10).
I'm at a loss right now.

Sorry guys but I have to vent!

I made such a stupid mistake I want to kill myself right now. In short you can call it ignorance..........

I spent so many hours trying to find a solution to a problem of invalid signatures being reported by an OAuth provider I'm making, just to find that Chrome was blocking requests to http.

So it was not a problem, to begin with. Aaaaarrh........ I'm so mad at myself.

There is a new phishing site going around called "rogstrike.com" that is being spread by Steam DMs.

Infected asks victim to "vote for their team" and in order to do that, you need to login with steam. The steam login part is sketchy af, litterally spawns a fake new window in the same tab. Doesn't matter what OS you use, it's always Win 10 styled. Lol.

I reported on twitter and via email, i'll see what they will do.

Most unusual place I've coded would probably at a bar while utterly wasted. I fixed a production outage and even got on the phone with tier 1 support when they reported the issue.

How bad is it for a fortune 500 company to open port 22 over the internet for all its linux servers?? Today, I reported this to my boss and he said "it won't be a problem, no one can login without a password".

A hacker wiped some git repos and is asking for ransom in bitcoins. What a shitshow. I'm telling you this guy is messing with the wrong people!

The root cause as reported was weak passwords and unremoved tokens.

Two notable things happened to me today on devRant:
1. I accidentally +1'd a random rant. I feel rude to undo it.
2. I accidentally reported a random comment. I feel stupid for having done such thing.

Now I'm expecting to get a notification saying It wasn't worth reporting :/

The billing system on an enterprise project that I've inherited is a nightmare. The client complained that an aged receivable was being reported as 31-60 days overdue when it should be 0-30 days overdue. I checked the system, and discovered that an account had multiple invoices. One was due in May and one was due in July. The system took a large payment, fully paid the invoice due in July, and partially paid the invoice due in May. That seems wrong.

I checked the code and confirmed my suspicion. The system is ordering open invoices by their creation date, not their due date. The invoice due in May was created after the first invoice, but had a much smaller window to pay. I'll bet anything the original coder assumed all invoices would have the same window to pay.

I think the report rant function should have a verification function. Like asking me if I'm sure I want to report this rant.
I just reported a rant I didn't mean to, because I wanted to mute notifications on it

It's been a week since I last deployed the app and no bugs or errors reported by the client so far :)

What do you mean it doesn't count if the client isn't using the app? Ofc it does, fuck you >:(

We should all share our first reported bug for 2018
Let's start this tag :) "2k18 bug is"

Happy new year everyone !!

fuck oracle. fuck my company.

Using Oracle VM Manager/Servers to host Oracle Phone transfer solution without support coverage from Oracle.

Requiring Unix sysadmins to update to latest release and not telling that we do not have coverage from Oracle if anything goes wrong.

Gues what.. We've updated to Oracle VM Manager/Server 3.4.5 which was released this year and it uses fucking XEN hypervisor version 4.4.4 which has been deprecated and dead since who knows when. Latest release of XEN is 4.11. But that is not an issue, whatever, enterprise, legacy software, etc.

This fucking update introduced memory leak on the hypervisor which has been reported as per xen 4.4.4 history. Furthermore, we have no support from Oracle which means that I have to dig through mailing lists and limited information on the net since oracle has freakin support wall on nearly each of the major bugs found on that shitty software.

I have no idea whether any newer version of xen will work with that old Oracle Linux kernel or not.

Furthermore, Oracle provided great documentation on how to rollback the fcking update. Reinstall the hypervisor. Riiiight. XEN does not have export/import feature.

eh

It's ironing that being developer I have to explain client that bug he has reported is actually functionality. How can someone forget what they ask for??

It was more of "Hate story" with a guy whose mere presence would irritate me very much. He was also close to the girl I liked a bit (not very huge crush or something).

So he was very active on two of his social networks one being fb and second directly connected to fb so basically getting hold of fb would mean that I could control his other one too.

It was Oct 2016 and that time you could easily hack an account using social hacking (not asking OTP out something mere details did it for few accounts).

I hacked his account and wrote curse words and all. As I had already changed the email and password, he couldn't till date retrieve it.
However as he reported to fb, his account was held and I could no longer access it but till then everything was over.
I couldn't still spot him on FB or the other social network.
And this was one of the most evil act I have performed in my life.

Part? The whole damn thing.

We are supposed to be practicing agile, but I haven't seen a single sprint plan till date. All we do is solve issues that are reported from production/QA.

Nobody follows proper documentation, no reviews, no proper version control... Can't wait to finish my contract here and get the hell out.

So couple of days ago a competitor ISP rep. came to our door, describing that people in the neighbourhood reported outtages to them from the competitor (thats already questionable, why would somebody report that to another ISP, instead of the actual ISP? like we always do) and they said they did their magical lines or whatever and that the old line we use is faulty etc. - the internet was actually stable for a good while now finally, now today it cut off, I suspect they want to force contract changes by "accidentally" fucking with the shit somewhere for sure, fucking shit gargling goblins, I was a client of that competitor ISP for a good portion of my life and each time I moved they left me without internet for atleast 5 months and that only because I threatened action, their general service also isn't more stable, literally fucking throwing a paperplane with my packets is more reliable than their bullshit alternative, their offer also would cut 90% of options I have with the current one, leaving me without telephone, tv, mobile and more - since all that would have to be contracted seperately, ending in roughly 450% actual raise per month, I fucking hate ISPs.

It took me two full weeks to study this complex system (the system is a nice piece of work) and learn about graph theory to trace this bug reported by the client in order to find out that it was a data-entry issue. I had to trace x and y coordinates to debug this issue.

Although the result was a bit frustrating, it made feel capable and responsible. It was a good feeling in the end.

So today I found a file share containing some super super sensitive information accessible to what I think was our entire user base (6,500 users) if you knew the server name and had an interest in nosing around.

I reported it to our head of IT and heard nothing after, although 5 mins after reporting I could no longer access...

I suspect the infrastructure lead is going to be a dick (because his one of them awkward non team player kind of guys) and not thank me for preventing our company from being in national news papers... but try to spin it on why am I nosing around his servers in the first place..

I actually feel 50/50 about if I should of told or not.. but on flip side, I guess the access logs of me listing the files as I flick through to confirm my suspicions would of caused s bigger headache.

Fucking useless infrastructure engineers!

PO1: Hey, PO2 just told me that he experiences a lot of crashes in our iOS app!

Me: Whoa! The app hasn’t had any crashes since ages. The testers haven’t reported crashes either. (Me in panic mode). I will ask PO2 about some details about the crashes.

Me to PO2: So, can you please describe me when the crash happens?

PO2: (long story about error messages and UI quirks and how he force quits the app to make them disappear)

Me: OK thanks for that info. Those are definitely valid problems that we have not encountered yet. But none of them are crashes. So are there any other problems that cause crashes?

PO2: Yes and no. (Long story and more problems)

Me: ok we need to investigate that. But are there crashes?

PO2: (Something that doesn’t answer the question)

Me: I need to ask explicitly again: Are there actual crashes where the app closes itself automatically?

PO2: No, that has never happened.

Hi, this is my first rant!

I started working side by side on an AngularJS project with a javascript developer who has been with the company for almost two years now.
Today our Product Owner reported that he couldn't continue with his conformity tests because there were some blocking errors. Looking at the controller's code of the page he reported with errors I found this debugging nightmare

So far everything here is normal. No reported case. Am in East Africa. Normal routine.

I don't know if this was the worst interview I've ever had, but a technical director is looking at my resume, then asks, "So you like programming?"

me: "Uhm... yes, very much so. I typically have at least 4 or 5 side projects going at once on top of my full time job."

Interviewer: "tell me about one."

I tell him, and this process reported 4 more times, as if he wanted to be sure I had 4-5 side projects going... it was almost a little bit like meeting with Peter Gregory from silicon valley, but not quite as awkward.

**Attention @johnmelodyme and all AltRant testers**

I just pushed a quick bugfix update to AltRant, in the hope that it will fix the crashes that were reported. I felt like the app's dodgy situation wasn't up to my standard of quality so I worked as fast as I could to fix the issues, as people are actually starting to prefer my app over the original. Please make sure to perform a full reinstall of the app before continuing, because I actually wasn't experiencing the issues described in my initial testing before releasing the update that needed fixing.

Just had a bug reported that only happens in Chrome. Works in IE and Safari. This is going to be an impossible bug to squash.

Did anyone ever felt that everyday is a loop? Mine is as follows

Bug Reported -> Try to reproduce -> Check on web -> Check iOS -> Check iOS 13.x -> Update or get hold of other simulator/devices -> Check iOS 13.x2 -> Fix it -> Now it breaks on Android -> Fix it -> Get it QAd -> QA feels their should be some more design changes -> Make him/her understand that what is priority for now -> Now everyone has started testing app and everyone have their opinion (designers are asleep at this point) -> Get all of the team in sync -> Start release -> 99% -> Some yells "wait" -> One more thing -> Sleep with nightmares -> Repeat

PS: We have a responsive web application that is also wrapped in Cordova for iOS and Android.

I found xss on the software the my school and many other schools use it. The bug is on every page of their website.
I reported the bug to their team, they fixed it and didnt even reward me.

What do you ranters advice me to?

Get a ticket for a low priority bug, reported internally. Fix the issue mentioned in the bug.

Moves to QA environment, the original bug reporter tests and *passes* the ticket.

Moves to Staging environment, same exact individual then *fails* the testing. Cites totally new/unrelated changes that need to be made.

Apparently our the workflow is -

Code->QA->Staging->Requirements

Makes sense! :)

I just feel that the Intel stuff going now has been in the past year.
Maybe the hackers found it, selled about 5 times in the deep web. Then one reported to the officials, and they are releasing a statement in 2018.

tldr Hackers want devs to go mad from the start of 2018.
a.k.a FUCKWIT

I'm a fullstack engineer, this period there is literally nothing to do, we are a 1000+ employees company.
I got so bored I toke over the database of our production server two times in a week, exploiting dumb vulnerabilities I discovered out of boredom, of course I reported everything.

The funny thing is that they just don't care, no one took action or is willing to fix it and they actually insulted me because I set a query in sleep for 8 minutes exploiting one of the vulnerabilities.

I work for a great company that hosts (in this very server) most italian citizens informations C: free to take for everyone c:

developing Android application for reporting Road events....
I was late to submit an update consisting of the Users Report History with options to view, delete and Re-report(which didn't make sense since it's reported already).....
I had to put a Toast to thank user for reporting but literally nothing is sent to server

In August 2021 I asked my bosses for a raise for my extra work that I done for the last 6 months to create the first 4 microservices in the company and deploy them in production on a new infrastructure that is cloud based.
Today 27/01/2022 they reported how happy they are of me and that they will take my proposal *in consideration*.
Now i am searching for a new job.

Funny part: I am simple guy if they would have given me a NAS from Synology with lot of space as a reward I would actually have been happy.

P.S. jokes on them, i left 4 easter eggs hidden in the app, pipeline, db and user manual.

I am the old famous kiddy here, who just came back days before school exam starts^^

Just to say, I want to ask you all, is it ethical(?) to release a hacking/cheating creation tool for games for educational™ purposes?

I have been making a cheat creation tool called Mysterium, but I am not sure where to use it. I made cheats for some big title games, and reported them to the developers, patched, and got some in game items in return....

Long story short, is it okay to release to the public, or should i release this product to game developers?

Sincerely,
A kid who made cheats since he can't play games well and wanted to get some free items

My life was troublesome today, had to help a non programmer to run jar files.

The jar executed well from command line in Windows 10 but didn't work on double click.

Did all the tricks, registry edits, cmd commands and at last I found a miracle tool called Jarfix.

Just double click and all okay.

The root cause of the problem was 7zip.

This bug is reported in the Oracle bug reporting and they have closed it as " Will not fix" low-priority report.

We had a issue with a webstore that was only affecting users on Windows: one button didn't do anything.

The colleague that was working on the ticket was running Arch, and for him it was working as expected. He reported that the bug couldn't be replicated on Chromium, Firefox or qutebrowser. But our designer, who was running Windows 10, commented that it wasn't working for her in either Chrome or Firefox.

Some more conflicting reports later a colleague using Windows managed to fix it. It was caused by querying the button elements by id selector instead or a class selector. There was multple buttons, one for each product row.

I guess there just are platform differences that aren't specific to browser but instead the OS, that could have caused it

I set up an issue tracker for a software I'm developing for a company. Sent them an invitation to that tracker, stating that I hope to keep discussions more concise and clear that way (they're all HW/Embedded Devs)

The good news is: they've taken to the tracker quite well and are happily reporting issues and discussing them.

The bad news is: they're all sharing a single account.

It's been up for a day now and already no one knows anymore who reported/commented what.

WHY, JUST WHY would you think it's a good idea to share an account between 5 people, maybe more, who knows? Creating one takes less than a minute and it's free ffs.

Okay, had a freelance JavaScript gig (with Three.js 3d lib). Usually I put the code on github so I have easier time switching between Desktop and laptop during work, unless I have to sign an NDA or something. Today at 5 AM I got mail from freelancing site support that client reported me for having code on public repo (but it's not like it is a proprietary software, it's based on threejs editor). I made repo private and went to sleep. Later I'm reading through messages, guy was cursing me, threatend to sue me etc. Ended up dropping the client. Did I do something really unprofessional? Unless I'm told not to, I want to show my code and I don't believe in not showing it by default. What do you guys think?

Get an issue reported today stating that a report can't be submitted in a product we maintain. Taking their word for it I start investigating on our local copy of the product. Everything works as intended. Ok... strange. Take a look at the production copy aaaaand it was submitted. No issues at all.

Note to self. Don't believe the client.

Reported my first bug today ☺

SERIOUS POST/ISSUE

During this time of pandemic all around the world, our government tried to do corruption in the import of medicines for corona victims. This is a major issue itself but has led to IT related issues as well. An online news portal reported this and it was starting to get some heat.

Then a major IT company of my country along with its sister company [The one who developed the news portal] deleted that specific news from the backdoor login.

Due to the pandemic, this news might not get much heat and might be suppressed in time. By the way, that news was a public record.

Please post your honest views on this and please let us know how we can go on after this has happened.

I feel like this thing is gonna fucking ruin the IT industry in my country 😡😡😡😡

Security bug reported 7 years ago!
this is how architect will cover up.. (4)

My company uses a management software to store all sorts of documents. A colleague wanted to test their API.

In a meeting with management he reported that a backup of all receipts was done in a couple of minutes.

They initially thought he had download the files one by one using the browser interface and copy/paste to individual folders... Mad mouse skills my colleague has 🖱

Memorable coworkers? It's a toss up between the guy who got fired for calling a department director a c*nt on a recorded phone line loud enough for the whole call center to hear it, and the guy who reported me to HR for not including him in a private Slack conversation because it had nothing to do with him.

People are weird.

So someone reported a defect, but the data used was not good.

When I tried to tell them, they disconnected.

god dammit

Aber method that was supposed to Check If a payment for a (back then) unimplemented payment methode that returns true as a default value...

A Javascript oneliner to skip the payment... Used to be in produktion for years, before I reported it

Endel, the freemium garbage app for meditation sounds that sells its subscription by telling you to “invest in your happy brain” (despite being FDA approved) and has an unskippable onboarding question on whether you was professionally diagnosed with ADHD, made a collab with Grimes.

Grimes and Elon Musk are X Æ A-Xii Musk’s parents.

So, Grimes recorded an “AI lullaby” supposedly “for her son”, that was really just a paid collab with Endel to sell their garbage app better.

Poor kid wasn’t even born yet, and everything about his life was already commercialised.

Imagine having Elon Musk as your dad. Grimes reported Elon abused her. Among other things, he made her dye her hair white, because Elon prefers blondes. How creepy is that? Now the poor kid with a stupid name made up to keep Elon’s stock bubble afloat will live with divorced parents.

This is capitalism for ya.

How to interpret when you receive bugs reported for your application?
Should I be happy that someone is using them or just be sad that I gotta fix them and how poorly I wrote the code.

Note: will obviously consider turning some of them into features. Though not all.

The best motivational comment

I posted a rant in which I mentioned that "few" developers who don't want other to progress and are present to show off at every platform....
Got a comment, which I want to share...
Thanks to @MrCush

Ya, most of them tend to stalk the stack overflow and Arch Linux communities. On stack overflow they tend to refresh their browser nonstop to see who their next victim is on a new question and then spend an abnormal amount of time searching the site for a similar question and then downvote you and report as a duplicate. “Umm ya, the question you linked is similar to mine. I found that one as well but unfortunately it wasn’t in the same environment with the same conditions that I raised and didn’t help me. Oh btw, he posted that back in 2002 and HEY LOOK, he got reported for a duplicate as well. Seems like you reported him as well.” 
The issues of arrogance and being unhelpful on that site are so vast that nobody else that registers can get enough points to be able to be allowed to answer someone else’s question so you never get any new blood.

Arch Linux “elites” like to answer your question with a link that you’ve already been to as they always link the same site. “Dude! There’s a wiki for a fucking reason. Did you read this page?”
Yes I did read that page and it was helpful to a degree but since I’m absolutely new to Arch, a lot of the information on the wiki is a bit too descriptive and over my head. Not to mention every paragraph links you to another wiki page which then links you to another and so on that I have no idea where I left off....
“Dude! If you don’t understand everything on the wiki then you shouldn’t be using Arch Linux man! Gtfo scrub.”
Took me a long time to get comfortable with Arch because of these assholes. You got to start somewhere and doing is the best way to learn.
Reading the wiki on how to install Arch now seems so simple to me because I know what to ignore and what is required but back when I first started it was absolutely confusing.

Set up an account on cPanel to show the client their final product. Set the bandwidth limit to a low number so that the client can only view the website once and so that if something is not right, I can blame the bandwidth error.

After the client reported an issue, fixed it before resetting bandwidth limit.

CircleCI:
- Ensuring work has meaning: "Let's make yet an other dashboard webapp that going to replace all of our dashboard webapps which we made to replace all of our dashboard webapps"

-Solving interesting problems: "Let's make this with java 15 instead of java 14!!!! Also add graphql to ADD interesting problems nobody had since the nineties!"

- Gain meaningful value from talent: 'Bitbucket and the whole pipeline died fourth time this week, I'm going to drink a coffee or two..."

- Developers in flow: "Joe went to have a lunch around 11:00, you probably should not look for him until 14:30."

- Bring buying decisions closer to the engineering team: "The boss tried to bring up the pros and cons between aws and azure... The police eventually had to break the ensuing fight in the meeting room. The survivors reported things got truly out of hand when someone mentioned line-endings"

- Bring leadership closer to the engineering team: "There was yet an other agile coached hired, when she asked how should we measure velocity one of the lead devs managed to actually wake up and told her that the wifi is still pretty fucking slow"

Whenever you feel the need to rant about your project manager, always remember you'd wish you had one if you reported directly to the CEO.

A lot has changed over the last month for me in my life.

The cases are rising crazily now. Thanks to the stupid govt's immature and unplanned lockdown.

Now while over 20k+ cases are being reported every single day, there is no sign or plan to contain it properly.

Two weeks ago, I had a mental breakdown over the uncertainty in future plans ( was planning to get a job in remote company and ditch current job to go back home in this grave situation but it has been delayed ) and burnout from living almost same routine since mid-March. I just wanted to go back to my home state where I will feel safe even if I get infected somehow.

Me and my friends have vacated our rented apartment last weekend. I'm now at the airport to leave this city and in less than 8 hrs, I will be back to my home where I will stay 14 days in quarantine before I can go out again.

I'm glad to have a job which I can "work from home". But more importantly, I'm glad to go back to my place which I can truly call my home. 🏠♥️

Reporting server connection to database is down, probably due to a user access restriction.

reported the issue to the India sql datacenter and got back: Yes, We see that the connection is down. ( I sent them screenshot of it including the error message ) There is no such database available.
Me: Yes, well I'm in the db working right ( send screenshot) now.
India: ..... disappear offline.

Today I got bug report on code that I thought was fairly well unit and manually tested by me while I was writing it.

What happened:
Our QA was testing other feature and asked someone to deploy into his env other branch, without these changes, and reported that this feature is just straight up not working at all.

That report was kindda big deal

So a team at on-site sent a OOM(Out of Memory) issue in our morning.
Everyone analysed the issue as being code issue since we were bringing too much data into the runtime process. The analysis was done on the heap dumps. The number of records reported by user were 1k. At the end of the day it turns the number of records were actually 100k+.
Why do people jump.to conclusions without thinking about the obvious. :-(

Some staff couldn’t access some admin pages and they thought it was a permissions error. Um, no. Chrome is showing you an “aw snap” error page, which means it’s a problem with the site and not your access. The pages are querying too much data and it’s causing an operation timeout. It’s been like this for months but no one reported it. Did they not need to use these pages at all for these past months? Non technical people keep doings things that make me want to smack my head against my desk. FTR these issues existed before I started.

Just reported a minor tracking bug I found on WebKit to the WebKit bugzilla, and I have a few thoughts:

1. Apple product security can be kind of vague sometimes - they generally don't comment on bugs as they're fixing them, from the looks of it, and I'm not sure why that is policy.

2. Tracking bugs *are* security bugs in WebKit, which is quite neat in a way. What amazes me is how Firefox has had a way to detect private browsing for years that they are still working on addressing (indexedDB doesn't work in private browsing), and chrome occasionally has a thing or two that works, with Safari, Apple consistently plays whack-a-mole with these bugs - news sites that attempt to detect private browsing generally have a more difficult time with Safari/WebKit than with other browsers.

I guess a part of that could be bragging rights - since tracking bugs (and private browsing detection bugs, I think) count as security bugs, people like yours truly are more incentivised to report them to Apple because then you get to say "I found a security bug", and internal prioritisation is also higher for them.

Why would you shame someone for a no repro when the page was clearly removed AFTER I raised the bug? Obviously if the page wasn't there before, I couldn't have reported on it!!!

#QAproblems

That moment you're actually happy a new bug is reported since you're basically out of work...

I'm opening a case against Lenovo due to their bad warranty support. It's been over a month and a half since I reported an issue with my ThinkPad and they still haven't fixed it. The laptop was bought in September, the case opened in October and in December I still have a faulty screen with which I can't no longer work because it was frying my eyes. Note that this machine has a Warranty Extension for 3 years Onsite next business day repair.

TL;DR if you own a ThinkPad, pray that it doesn't have any hardware issues. If you're thinking about buying one, DON'T!

Tricking testers to get around the reported bugs doesn't count, right ?

Ooooops, accidentally reported a comment.. I miss clicked with the "reply" button, and didn't read the dialog

Getting into the third hour of trying to run an android studio emulator on ryzen.

Significant progress is made though, now instead of not working and giving 9 errors, its still not working, but at least there are no more errors being reported...

Dear online services, shops etc.

I already use your service. You have no need to advertise it to me, and I know I opted out of that. Any reminder that I'm missing out and should opt in to marketing, even if it's described as a service/operational message, will itself get reported as spam. Because it explicitly is, by its own confession.

Customer complain about errors reported on their content on their website.
Checking their content in WordPress and they was adding a script to include jQuery and another js with html tags.

So trying to understand why jQuery is required and on a 100 lines js vanilla, was used on line 3 to get an attribute of an element.

And they was breaking a site for this.

I talked to the client how functionality should look like on UI, draw a mockup, designed and made changes to db schema, created REST api, made documentation how to use it, told frontend developer to make changes on frontend application according to the documentation and mockups. Still no one have fucking clue how to do it. Fucking testers can’t write anything, only clicking.
So I sent curl code how the fucking request should look like exactly then resolved bugs they reported as won’t fucking fix because I will not be also making fucking frontend. Probably they even don’t know what curl is. What a fucking fuck.
And that’s what I am mostly doing from Monday till Friday to keep this project going.
It’s cause client are nice guys and we are doing something good, not some fucking ai, blockchain, big data, financial scam everyone is wanking around.
And friends are asking, why I drink.

Im in fb jail for 24 hours because i said everytime someone commented he showed us how idiotic he was (it was about something inactually know a great deal about from a previous career). But yet i reported someone for calling a guy a fatass beaner thats gonna get deported and it didnt violate the rules. :/

Windows 10 insider preview had a critical bug like half a year ago where most browsers would freeze the PC. I've reported it multiple times but my feedback didnt get any attention. The bug made it to production months later...

Now, the story is repeating. I've discovered a bug. Everytime there's a software update for apps that with a built-in updater in the main .exe (JetBrains IDEs, VS etc.) the updater fails, program is corrupted and needs to be reinstalled. For instance, there's a minor bump in Android Studio version, if you try to use autoupdater it will corrupt your Android Studio and you'll have to reinstall.

Been trying to reach out to them but the only "real issues" that are highlighted are "no CPU temp in task manager" or "pls improve automatic problem resolving"

Why the fuck do you even have a feedback program if you're ignoring the people who are reaching out to you, you pieces of shit

PC-Lint is such a useless piece of shit! Tons of warnings with no actual benefit. The obvious motivation behind this crap was to throw as many warnings as this cheap sucker can even generate with no effort to minimise false positives. Typical snakeoil shit, reminds me of ZoneAlarm back then which reported every ping as "attack" just to fool the clueless into buying. Meanwhile, the actual bugs that sophisticated tools can find pass unnoticed through PC-Lint.

In the new job as "Consultant", one of my duties is to maintain the website. Now, the website is based on PHP 5.6 (which they are still using mail method) and without git or sg-git and of course, it is based on cPanel.

Now, I update the website in real time i.e. working on cPanel itself. This is because I don't do for the front end, I do it for SEO. So one day, they reported a "feature" as a bug and assigned it to solve me, I took my time solved it, they did not like it, I reverted it back and I had to listen to a lecture because I did not test it.

Imagine old "wise" ass hats giving a lecture which they do not know about in the first place, 12 of them precisely, yeah that's what happened to me.

Tasked with changing a couple of captions on a form. Literly as simple as 'Enter product' to 'Enter item' kind of change.

Reported in our morning stand up the changes where complete, tested and deployed (maybe 15 minutes worth of work including code check out/in, copying the file, etc)

DevA: "Ha ha...that's why you put those strings in resource files."
DevB: "No kidding. Not sure when we'll ever start doing best practices around here."

It was all I could do from saying "What the -bleep-!? That is the stupidest thing I've ever heard."

Reviewing a newly reported bug from the QA team:

Reproduction Rate: 100%
Process: Load x, click y, observe
Result: Sometimes, z happens.

That moment when you find out, after lots of reading documentation and debugging, that the damn external library has a not yet reported bug -.-