"Opps.. I'm sorry, but you have insufficient rights to open this Ticket."

Well. You know what? I AM THE FUCKING SYSTEM ADMINISTRATOR YOU CUNT!
YOU HAVE INSUFFICIENT RIGHTS to restrict me access to that fucking ticket!

"Oh. In that case, go ahead."

THANK YOU. FUCKING PRICK.

I normally don't post silly things, hoping I can restrict myself to only do so on rare occasions #shortweeksilly

Apple at its finest. Sold the iPhone I used to own. Wanted to remove from iCloud. Open chrome on my Android device and was greeted with unsupported browser. Funny thing is it works if I tick open as desktop website.

Ffs apple. Your safari browser is the new IE of browsers. Yes my device is supported. Yes for Christ sake it can render stuff. It's not an old Nokia... Who even thought it was remotely a good idea to restrict mobile access...

Developers - The Real Superheroes.

Once I moved to new flat that had no internet connection yet, so I went to restaurant located under my apartment, that had WiFi secured with password. I asked for it while waiting for the order - it was "A1B2C3D4". After a while I got anoyed that it was so slow, so checked if can acces router admin page and restrict access for their clients. It turned out I can and they used default login and password, so they ended up with only my MAC whitelisted. Seemed they had connected their own business PC ("office PC") via LAN too, so I was curious if they call ISP to check it out. I checked the router settings every day, even after I got my own internet connction and they had it blocked for about 3 weeks. Then they changed WiFi password, so I came again, asked for password (another shitty one), checked router admin page and... still default login and password...

I'm fixing a security exploit, and it's a goddamn mountain of fuckups.

First, some idiot (read: the legendary dev himself) decided to use a gem to do some basic fucking searching instead of writing a simple fucking query.

Second, security ... didn't just drop the ball, they shit on it and flushed it down the toilet. The gem in question allows users to search by FUCKING EVERYTHING on EVERY FUCKING TABLE IN THE DB using really nice tools, actually, that let you do fancy things like traverse all the internal associations to find the users table, then list all users whose password reset hashes begin with "a" then "ab" then "abc" ... Want to steal an account? Hell, want to automate stealing all accounts? Only takes a few hundred requests apiece! Oooh, there's CC data, too, and its encryption keys!

Third, the gem does actually allow whitelisting associations, methods, etc. but ... well, the documentation actually recommends against it for whatever fucking reason, and that whitelisting is about as fine-grained as a club. You wanna restrict it to accessing the "name" column, but it needs to access both the "site" and "user" tables? Cool, users can now access site.name AND user.name... which is PII and totally leads to hefty fines. Thanks!

Fourth. If the gem can't access something thanks to the whitelist, it doesn't catch the exception and give you a useful error message or anything, no way. It just throws NoMethodErrors because fuck you. Good luck figuring out what they mean, especially if you have no idea you're even using the fucking thing.

Fifth. Thanks to the follower mentality prevalent in this hellhole, this shit is now used in a lot of places (and all indirectly!) so there's no searching for uses. Once I banhammer everything... well, loads of shit is going to break, and I won't have a fucking clue where because very few of these brainless sheep write decent test coverage (or even fucking write view tests), so I'll be doing tons of manual fucking testing. Oh, and I only have a week to finish everything, because fucking of course.

So, in summary. The stupid and lazy (and legendary!) dev fucked up. The stupid gem's author fucked up, and kept fucking up. The stupid devs followed the first fuckup's lead and repeated his fuck up, and fucked up on their own some more. It's fuckups all the fucking way down.

Was it it with clients and wanting to restrict the height of webpages?

Client: Can you make it all fit on the screen?

Me: What this particular screen?

Client: Well all screens, some people might not realise there is more content.

Me: What if the screen is tiny?

Client: make it smaller

Me: What if you add more content to it?

Client: Hmm, your the developer.

Me: Teeny tiny text coming right up.

Why does almost everyone act as if the world they live in is perfect, or is supposed to be perfect?

This is about approaching IT infrastructures, but goes way beyond IT, into daily lives.

Daniel Kahneman wrote about the "Econs" - a mythical creature that behaves according to rules and rational thoughts, that everybody is guided by, as opposed to Humans, who are irrational, intuitive and emotional.
My beef is with a wider perception, beyond economical analysis, profit, investment and so on.

Examples:
Organization A uses a 15 year old system that is crappy beyond description, but any recent attempt to replace it have failed. Josh thinks that this is a crappy organization, any problem lies within the replacement of that system, and all resources should be devoted to that. Josh lives in a perfect world - where shit can be replaced, where people don't have to live with crappy systems. Josh is stupid, unless he can replace that old system with something better. Don't be Josh. Adapt to the fucking reality, unless you have the power to change it.

Peter is a moron who downloads pirated software with cracks, at the office. He introduced a ransomware that encrypted the entire company NAS. Peter was fired obviously, but Sylvia, the systems administrator, got off easily because Peter the moron was the scapegoat. Sylvia truly believes that it's not her fault, that Peter happened to be a cosmic overgrown lobotomized amoeba. Sylvia is a fucking idiot, because she didn't do backups, restrict access, etc. Because she relied on all people being rational and smart, as people in her imaginary world would be.

Amit finished a project for his company, which is a nice modern website frontend. Tom, the manager says that the website doesn't work with Internet Explorer 8, and Amit is outraged that Tom would even ask this, quoting that IE8 is a dinosaur that should've been euthanized before even hatching. Amit doesn't give a shit about the fact that 20% of the revenue comes from customers that use IE8, what's more important to him is that in his perfect imaginary world everybody uses new hardware and software, and if someone doesn't - it's their fault and that's final. Amit is a fucking asshole. Don't be like Amit.

React to the REAL world, not what you WANT the world to be. Otherwise you're one of them.
The real world can be determined by looking at all the fuck ups and bad situations, admit that they happen, that they're real, that they will keep happening unless you do something that will make them impossible to happen or exist.

Acting as if these bad things don't exist, or that they won't exist because someone would or should change it, is retarded.

The situation right now:

Our client: full of legacy desktop solutions that always ran inside a VPN, but wanting to modernize the system and migrate to be hosted in the cloud.

Our first project with them: Frontend built with Angular, backend in a serverless model, all with GraphQL and heavily tested to assure quality. The system is mostly an internal software for management, but the backed may receive data from an App.

The problem: all management users have weak passwords (like "12345", "password", or their first name).

The solution: restrict our system to be accessible only inside the VPN

The new problem: how the mobile app will send data to our backend?

The new solution: Let's duplicate the backend, one public and the other private. The public one will accept only a few GraphQL operations.

------

This could be avoided if the passwords weren't so easily deductible

Taking IT classes in college. The school bought us all lynda and office365 accounts but we can't use them because the classroom's network has been severed from the Active Directory server that holds our credentials. Because "hackers." (The non-IT classrooms don't have this problem, but they also don't need lynda accounts. What gives?)

So, I got bored, and irritated, so I decided to see just how secure the classroom really was.

It wasn't.

So I created a text file with the following rant and put it on the desktop of the "locked" admin account. Cheers. :)

1. don't make a show of "beefing up security" because that only makes people curious.
I'm referring of course to isolating the network. This wouldn't be a problem except:

2. don't restrict the good guys. only the bad guys.
I can't access resources for THIS CLASS that I use in THIS CLASS. That's a hassle.
It also gives me legitimate motivation to try to break your security.

3. don't secure it if you don't care. that is ALSO a hassle.
I know you don't care because you left secure boot off, no BIOS password, and nothing
stopping someone from using a different OS with fewer restrictions, or USB tethering,
or some sort malware, probably, in addition to security practices that are
wildly inconsistent, which leads me to the final and largest grievance:

4. don't give admin priveledges to an account without a password.

seriously. why would you do this? I don't understand.
you at least bothered to secure the accounts that don't even matter,
albeit with weak and publicly known passwords (that are the same on all machines),
but then you went and left the LEAST secure account with the MOST priveledges?
I could understand if it were just a single-user machine. Auto login as admin.
Lots of people do that and have a reason for it. But... no. I just... why?

anyway, don't worry, all I did was install python so I could play with scripting
during class. if that bothers you, trust me, you have much bigger problems.

I mean you no malice. just trying to help.

For real. Don't kick me out of school for being helpful. That would be unproductive.
Plus, maybe I'd be a good candidate for your cybersec track. haven't decided yet.

-- a guy who isn't very good at this and didn't have to be
have a nice day <3

oh, and I fixed the clock. you're welcome.

Argh... Fuck you with a rusty pole while monkeys hanging on them. Why the fuck did you not take the extra five minutes that would have been taken to restrict that fucking datepicker to not allow users to pick a date before the current day??

Thanks to you asshole I've managed to book my accommodation from February 2nd to 4th instead of March.

Now I don't have anywhere to sleep while I must go there for the weekend because I have some course to attend to.

Abso-fucking-lutely great.

dear api author at my company pt. 2:

If you're gonna create an api method that takes some arguments.

And one of those arguments is an array.

THEN MAKE THE FUCKING ARGUMENT'S NAME PLURAL YOU FUCKING PIECE OF SHIT.

REPEAT WITH ME, MOTHERFUCKER.
ARRAY, PLURAL, NON-ARRAY, SINGULAR.

I need to pass a shitload of filters for the data for this table, and for every suckin fuckin filter I need to singularize this shit. Thank god for es6.

I know this sounds like nitpick, but I swear to fucking alpha omega this guy is inconsistent as fuck.

Every time it feels like he makes up a new rule.

Sometimes I need to send arrays of ids, other times arrays of objects with an id property on each.

He uses synonyms too, sometimes it's remove, other times erase.

PICK ONE MOTHERFUCKER.

If you can't do the basic things well, then what is to expect of more advanced stuff?

Naming conventions you fucking idiot, follow them. It's programming 101.

You're already sending them as plural in the fucking response. Why change them for the request?

And that's just style, conventions.

This idiot asshole also RARELY DOES ANY FUCKING CHECK ON THE ARGUMENTS.

"Oh, you sent a required argument as null? 500"

We get exceptions on sentry UP THE ASS thanks to this useless bone container.

YOU'RE SEEING THE EXCEPTIONS TOO!!!!! 500'S ARE BUGS YOU NEED TO FIX, YOU CUMCHUGGER

And sometimes he does send 400, you know what the messages usually are?
"Validation failed".

WHYYYYYY YOU GODDAMN APATHETIC TASTELESS FUCK???
WHAT EXACTLY CAUSED THE FUCKING VALIDATION TO FAIL????

EXCEPTIONS HAPPEN AND THANKS TO YOU I HAVE NO IDEA WHY.

The worst of all... the worst of fucking all is that everytime I make a suggestion to change shit, every time, you act like you care.
You act like the api is the way it is because you designed it in a calculated manner.

MOTHERFUCKER. IF A USER HAS ONLY PRODUCT A, THEN HE SHOULDN'T BE ABLE TO ACCESS DATA FOR PRODUCT B. IT IS NOT ENOUGH TO JUST RESTRICT SHIT WITH ADMIN ROLES. IDIOT!!!!!

This is the work of someone who has no passion for programming.

Today the 'restrict account' feature I made hit production. Restricted an account and got an angry email with broken english.
Funniest shit that happened today. Made me proud.

To top it off we might get free loadtesting lol

So we have an API that my team is supposed send messages to in a fire and forget kind of style.

We are dependent on it. If it fails there is some annoying manual labor involved to clean that mess up. (If it even can be cleaned up, as sometimes it is also time-sensitive.)

Yet once in a while, that endpoint just crashes by letting the request vanish. No response, no error, nothing, it is just gone.

Digging through the log files of that API nothing pops up. Yet then I realize the size of the log files. About ~30GB on good old plain text log files.

It turns out that that API has taken the LOG EVERYTHING approach so much too heart that it logs to the point of its own death.

Is circular logging such a bleeding edge technology? It's not like there are external solutions for it like loggly or kibana. But oh, one might have to pay for them. Just dump it to the disk :/

This is again a combination of developers thinking "I don't need to care about space! It's cheap!" and managers thinking "100 GB should be enough for that server cluster. Let's restrict its HDD to 100GB, save some money!"

And then, here I stand trying to keep my sanity :/

Network Security at it's best at my school.
So firstly our school has only one wifi AP in the whole building and you can only access Internet from there or their PCs which have just like the AP restricted internet with mc afee Webgateway even though they didn't even restrict shuting down computers remotely with shutdown -i.
The next stupid thing is cmd is disabled but powershell isn't and you can execute cmd commands with batch files.
But back to internet access: the proxy with Mcafee is permanently added in these PCs and you don't havs admin rights to change them.
Although this can be bypassed by basically everone because everyone knows one or two teacher accounts, its still restricted right.
So I thought I could try to get around. My first first few tries failed until I found out that they apparently have a mac adress wthitelist for their lan.
Then I just copied a mac adress of one of their ARM terminals pc and set up a raspberry pi with a mac change at startup.
Finally I got an Ip with normal DHCP and internet but port 80 was blocked in contrast to others like 443. So I set up an tcp openvpn server on port 443 elsewhere on a server to mimic ssl traffic.
Then I set up my raspberry pi to change mac, connect to this vpn at startup and provide a wifi ap with an own ip address range and internet over vpn.
As a little extra feature I also added a script for it to act as Spotify connect speaker.
So basically I now have a raspberry pi which I can plugin into power and Ethernet and an aux cable of the always-on-speakers in every room.
My own portable 10mbit/s unrestricted AP with spotify connect speaker.
Last but not least I learnt very many things about networks, vpns and so on while exploiting my schools security as a 16 year old.

If you're making a game, dont start by thinking about your inventory system. Start by thinking about what you want your player to be able to DO, the cost of those things, and the constraints.

For example, ages of empires didnt have you worrying about unit equipment at all. every villager could do almost any job. while survival games, especially survival horror, like the recent RE remake, severly restrict inventory and stack sizes to make resource managenent more important.

Games like Fallout had list based inventories because lists are cheap, and it allowed a tighter interaction loop. players would loot. go into inventory. close container, onto the next container, keeping the player in the exploration loop longer. neoscav did the opposite *for effect* harkening back to diablo, but taken to the nth degree: *everything*, actions, combat, exploration, character design, all based on an inventory-style grid.
while games like rimworld and dwarf fortress have your inventory represented by zones where items are physically *stored* in stacks on the ground, extending the concept of base management to resource management through physical layout and build optimization.

its important to think about what kind of actions you want players to be able to do, and the kinds of challenges and constraints you want on them at each point of the game and each mechanic they engage in.

other examples, though terrible, include fortnite, where the limitations of competitive play had inventory limited to a resource system and a hotbar. while earlier battle royale and sandboxs games like rust and battleground induced tension by combining loot mechanics and grid inventories with the constant danger of competing players, allowing them to have richer inventory systems at the risk of frusterating players who frequently died while managing their inventory. meanwhile in overwatch, notice how the HUD changes to best represent the abilities of each character.

all in all it is better to stop thinking of inventory systems as a means to an end, and instead as the end representation of desired mechanics, or artificially selected representations for particular effects.

this applies likewise to ui and ux in general. because the design of interface is fundementally about the design of *interactions*, and what you want to enable a user or customer to *do* will ultimately drive those interactions.

A dev adds a nice range of categories that content creators can select from. Users get a neat filtering system to restrict the unwanted content.

And then...! People post everything in default category.

My day:

9 am: crack knuckles, ready to start day

9:01 am: oh, that PR I sent last week hasn't been reviewed yet and I need it in mainline. Better merge latest and get someone to look over it.

9:02 am: now the test suite is broken, better fix that up before getting it reviewed.

1 pm: phew, that was a slog. Now to get on with today actual programming

1:01 pm: "hey buddy, you coming to that tech leads strategy meeting?"

5 pm: Jesus what a meeting. Now maybe I can get a little code written. I'll just fast-forward to latest...

5:01 pm: WHAT DO YOU MEAN THERES A BAD MIGRATION AND EVERYONE SHOULD AVOID USING THE LATEST VERSION WHY DIDN'T YOU REVERT THAT SHIT DO I NEED TO COME OVER THERE AND RESTRICT YOUR STUPID WINDPIPE UNTIL YOU UNDERSTAND GIT *RAGE TABLEFLIP*

Fuck this client's IT department. They're a bunch of Microsoft asslickers.

How am I supposed to push code to your self-hosted GitLab instance if you restrict me to Citrix RDP????? No OpenVPN access because I'm on Linux?? Seriously? Because I am not using any of your laptops?

FUCK YOU DUMBASSES, I COULD DO A BETTER JOB THAN YOU AND I JUST PLAY WITH LINUX.

When I said I only needed terminal access I would have never imagined they were thinking of Putty inside an RDP. What a steaming shit.

Oh you guys don't have a secret management service as any enterprise should? Oh I cannot add a secret management service as part of the solution I am building for you guys because "Hurr Durr yOu HaVe NoT pUt ThIs In ThE pRoJeCt PrOpOsAl sO nO"

Fuck you guys. You guys only don't want to move to the cloud to not lose your jobs. I would be far more productive than relying on you pieces of dumbassery.

They are all having each others back in using shit technology and practices.

Both GCC and Clang can switch off the braindead type-based aliasing rules through the "-fno-strict-aliasing" compiler option so that everything can alias everything.

On the other hand, C offers the "restrict" qualifier for pointers where you promise that nothing will alias this memory area, not even same type pointers.

What happens if you use "restrict", but compile with "-fno-strict-aliasing"? Will the "restrict" be obeyed or disregarded?

Answer in the comments.

I'm learning nginx and it's simplying the way I think about web projects.

I used to think that when I used a server side framework, then that should be the master and all should go through it. Noob me.

I used to put client side projects (like create-react-app of vue-cli projects) right inside the server side project.

But with nginx you can just route subpaths to different places, then instead of having, let's say, the react project inside rails, they would be in separate git projects.

In fact, I no longer need to restrict myself to a single server framework.

I love several aspects of rails. I love several others of node. And if I need multithreaded performance, I'd very much use something like phoenix or go.

Again, with nginx, you setup subpaths with the `location` directive in the same server and voila, a no CORS setup, cookies shared and homogenous versatile website.

Windows restrict us from going out of the box (house), and allow us to see the world only through the window, sitting in.

Not much of a haxk, just a stupid thing that works.

In my hs videogame programming class, the teacher has this program called LANSchool (most of you have heard of it) which he used to restrict apps/browsers to the point of uselessness . He didn't (and still doesn't) know anything about the stuff he 'teaches', most is tought by TAs.

Here's the dumb part: he WHITELISTED APPS. A friend, one of the TAs, figured out that if you rename something 'Google Chrome', lanschool wouldn't care. So I got Chromium (for unblocked internet) and switched its blue icons in the exe for original chrome icons, then renamed it 'Google Chrime'. Woo.

LANSchool is such a bad program (you can even unblock a site by spamming the F key for refresh).

The teacher did, and still does, treat the TAs like trash. He's a babysitter while students listen to online vids and the TAs.

Welp, this made my night and sorta ruined my night at the same time.

He decided to work on a new gaming community but has limited programming knowledge, but has enough to patch and repair minor issues. He's waiting for an old friend of his to come back to start helping him again, so this leads to me. He needed a custom backend made for his server, which required pulling data from an SQL/API and syncing with the server, and he was falling behind pace and asked for my help. He's a good friend that I've known for a while, and I knew it wouldn't take to long to create this, so I decided to help him. Which lead to an interesting find, and sorta made my night.

It wasn't really difficult, got it done within an hour, took some time to test and fix any bugs with his SQL database. But this is where it get's interesting, at least for me. He had roughly a few hundred people that did beta testing of the server, anyways, once the new backend was hooked in and working, I realized that the other developer he works with had created a 'custom' script to make sure there are no leaks of the database. Well, that 'custom' script actually begins wiping rows/tables (Depends on the sub-table, some get wiped row by row, some just get completely dropped), I just couldn't comprehend what had happened, as rows/tables just slowly started disappearing. It took me a while of checking, before checking his SQL query logs (At least the custom script did that properly and logged every query), to realize it just basically wiped the database.

Welp, after that, it began to restrict the API I was using, and due to this it identified the server as foreign access (Since it wasn't using the same key as his plugin, even though I had an API key created just so it could only access ranks and such, to prevent abuse) and begin responding not with denied, but with a lovely "Fuck you hacker!" This really made my night, I don't know why, but I was genuinely laughing pretty hard at this response.

God, I love his developer. Luckily, I had created a backup earlier, so I patched it and just worked around the plugin/API to get it working. (Hopefully, it's not a clusterfuck to read, writing this at 2 am with less than an hour of sleep, bedtime! Goodnight everyone.)

PouchDB.

It promised full-blown CRDT functionality. So I decided to adopt it.

Disappointment number one: you have to use CouchDB, so your data model is under strict regulations now. Okay.

Disappointment number two: absolutely messed up hack required to restrict users from accessing other users’ data, otherwise you have to store all the user data in single collection. Not the most performant solution.

Disappointment number three: pagination is utter mess. Server-side timestamps are utter mess. ANY server-side logic is utter mess.

Just to set it to work, you need PouchDB itself, websocket adapter (otherwise only three simultaneous syncs), auth adapter (doesn’t work via sockets), which came out fucking large pile of bullshit at the frontend.

Disappointment number four, the final one: auth somehow works but it doesn’t set cookie. I don’t know how to get access.

GitHub user named Wohali, number one CouchDB specialist over there, doesn’t know that either.

It also doesn’t work at Incognito mode, doesn’t work at Firefox at all.

So, if you want to use PouchDB, bear that in mind:
1. CouchDB only
2. No server-side logic
3. Authorization is a mess
4. Error logs are mess too: “ERROR 83929629 broken pipe” means “out of disk space” in Erlang, the CouchDB language.
5. No hosting solutions. No backup solutions, no infrastructure around that at all. You are tied to bare metal VPS and Ansible.
6. Huge pile of bullshit at frontend. Doesn’t work at Incognito mode, doesn’t work at Firefox.

Because everyone else is ranting about this too:
I'm not afraid of Microsoft wanting to monetize everything or that they will restrict site access to Microsoft Edge only. What I am afraid of is that they change the privacy policy.
Who knows what they are up to?
I hope GitHub is awesome enough to decline the offer.... Let's see.

Hi my dear fellow coders, I have a small request for you.

If you are among those coders who are working on microchipping people / quantum dot something, tracking people, classifying people, AI, ML or any other such software which is going to harm or cage us or take away our freedom. Please stop doing so.

Why I came out with this rant?
I myself am working on a covid-19 screening app which would rate people based on symptoms and if they seem high risk they would not be allowed to enter unless they do a covid-19 test. I am tracking their movement and the requirement is to restrict people’s movement.
My conscience says that this is incorrect and and I should not be a part of such things which take away the freedom and liberty of people.
I am stopping it now.

I'll post a rant (will be long) soon-ish on the root of the asinine problem...

TL;DR
Anyone got a better suggestion of killing a WLAN router signal than a Faraday Cage?
-----------------------
As to the point as I can manage atm...
My ISP forces a proprietary router/modem for them to script my static IPv4 block (/28, aka 13 usable). Modifying this equipment in any way or using the vast majority of tactics to modify its behaviour = Federal Felony... with my history, it couldn't be construed as mistake/ignorance of this fact, so I'd likely end up working for some branch of the gov to mitigate the costs of standard prison (on both ends... handicapped af = expensive af to comply with base human rights laws... plus I'd be a dangerous prisoner from what I've been told).

I NEED the ipv6 functionality TOTALLY off... I've written this into every kernel and every container config at kernel level.

The issue is, I don't trust their shit device (which "should" also be set to no ipv6 via gui... non-GUI = fed felony).

This horrid device, they apparently made them for home use initially (to be fair it has decent specs and tolerable RAM), so included WiFi... that comes on by itself.
Disable the WiFi!... except I cant (at least not without 'tampering').
Why? Well acc to the GUI it's not enabled in the first place. Acc to the 'tech support' it's apparently a paid feature (yes, nonsense) that I have not paid for (nor would I), meaning on their end's GUI and DBs I also don't have WiFi ability from that dev.

So... Not trusting the other settings and the dev, being something im not allowed to directly config outside of their GUI that doesn't realise it's putting out a usable signal despite registering DHCP on behalf of that non-existent signal. I NEED to kill those signals.

I realise it likely sounds extreme to make and use a Faraday Cage for a router/modem (secondary modem, it parses the initial modem's output, via script, to allow the static block to be accessed). I really dont know any other way that's legal to restrict it.

Oh, in case unclear, I have tried so many ways to get them to just allow me to use any device (pref. mine, but even their's) that i can simply script myself... it's a no-go.

I work on a team project for a test and maintenance course in University. We agreed as a team to adopt a git infrastructure that would prioritize the stability of the master branch at all cost by only updating commits up to the next stable point and tagging every single release. We have a long polling development branch to prepare our releases and we create feature branches for the tickets we need to resolve. I even wrote documentation to make sure that we don't forget and protected the master branch on gitlab from direct modifications.

Can someone fucking tell me how one of my teammates managed to fuck over all of this and work on an unfinished feature straight on master?

N.b. I know that he probably edited straight from gitlab's online text editor because they have a big where they don't restrict modifications on protected branches.

Stakeholder: We have users who are putting like “John and Mary” on their membership’s first name field. Can we restrict that field so they can’t do that?

Me: But what if that user does identify as “John and Mary”?

Besides, what’s to stop any user from taking out the “and” and making it “John Mary” so they can get around input validation for words like “and”?

In a previous job, I was trying to organize a common repository with our shitty business partner so we could both be able to contribute our part so our work would not overlap. Not like they cared anyways.

One thing I quickly noticed is those fuckers would just straight up commit untested changes on master and cripples our whole testing and prod deployment at times because we were depending on a shitty IoT service they provided us onto which we had no control whatsoever.

I told my boss, who was often complaining about them being unreliable in the first place, I would simply restrict them from merging and commiting to develop or to master without my approval. We cannot keep working like this.

He told me that we could not impose on them our work practices and that I should not try to piss them off. To be diplomatic.

I politely and professionally refused to do it, but he did change his mind in the end. He and I left not too long after. I guess he felt obliged to respond that having his job at stake but you cannot condone voluntarily shitty work.

We have a web application that will be deployed to the client premises. Part of the agreement is that the full source code will be provided. Now my manager asked me to hide/restrict the usage of a certain feature, and should not be hackable even if we give the full source code. Gosh help me guys, I don't know what I'm doing here.

Today, after searching for 4~ hours for a solution to host a little script that would hide a private API key, I discovered Google Apps Script. What a fucking nice service. Seriously, check it out, you may need it some day.

Anyway I don't understand why Google wants to restrict network access from the Firebase functions when a shitty little script hosted on the same servers can run without any restriction in memory or data transfer. It also provides a cache service, I could save my whole photo gallery on it without them even noticing.

My latest project is going quite well, I think some of guys might like it! Basically it is a entirely new Fallout game with multiplayer aspects made in Unreal. Now most of you are saying "dude make textures is going to take years!" However I can extract models and textures from Fallout itself, saving time. The next question will be the legal stuff however Zenimax gave me permission as long as I don't restrict access, money or otherwise. If you want to check it out or think you can help go to the sub Reddit and click the discord link!

Reddit.com/r/FalloutMP

Thanks,
Patryk Grzelak

How hard can it be to sort content stored in a relational database by a custom meta parameter and restrict the results to a certain language using a very popular content management system in 2023?

After wasting several hours trying to get my head around reference documents, 20 years of anecdotal StackExchange + WordPress.org discussion and ACF + Polylang support, and trying to debug my code, I will now either write my own SQL query or put the meta query results in a hashed object to sort it using my own PHP code.

What time is it now? 2003?

I used to be a big security guy, not allowing stuff like most of the social media, not bringing my phone anywhere, carrying a RPi tablet for privacy reasons. Very Stallman stuff.

Recently I noticed that I don't care so much.. I see these things as opportunities, for instance Microsoft products could be benefitial for job opportunities, I have some workout sessions on my phone.

I could restrict myself... but is it worth it just to decline some capitalist/politician's row in a dataset for analysis?

But then again I feel as a society I think we should either do this or request this data to be distributed to us as well.

Should you be playing a game of cards, when the enemy can see your hand? What do u think?

For those who worked with Firebase database..
is it safe (and possible) to make everyone can read/write data without being authenticated, and restrict deleting data to the authenticated users?

Thanks

In my company one of the tech leads created a “framework” for other devs to code on. His main goal is to restrict devs from doing whatever the hell they want and follow his platform. But that makes everything so complicated. If I need to find where it sets the connectionString, I’d have to go 7 levels deep in the code. Do you agree with this whole approach? If they wanted to standardize the dev process why can’t they document it and enforce it in code reviews. Restricting devs will lead to workarounds. They will find ways to do stuff by hacking the “framework”

A cool bash shell script to download (cut) a portion of video from youtube. It depends on youtube-dl and avconv/ffmpeg tools which can be installed from the distribution.

Bash Shell Script (can be named as ytcut):
Note: No error handing implemented

#!/bin/bash
#set -x

_yt_id="$1"
_yt_start_time="$2"
_yt_end_time="$3"

#_yt_format_id="bestvideo[ext=mp4]+bestaudio[ext=m4a]/bestvideo+bestaudio"
# use youtube-dl -F <video id> to get the list of formats available
# Using format id as 22 as the above one didn't work.
_yt_format_id=22

_yt_time_selection_opts="-ss ${_yt_start_time}"
_yt_time_selection_opts="${_yt_time_selection_opts} -to ${_yt_end_time}"

_yt_url=$(youtube-dl -f ${_yt_format_id} -g "${_yt_id}")
_yt_filename=$(youtube-dl --get-filename --restrict-filenames -f ${_yt_format_id} "${_yt_id}")

avconv -y -nostats -loglevel 0 -i "${_yt_url}" ${_yt_time_selection_opts} -codec copy "file:${_yt_filename}"

Example Usage:
ytcut 3dWrKNrWbWQ 0:40 1:40

Just posted this in another thread, but i think you'll all like it too:

I once had a dev who was allowing his site elements to be embedded everywhere in the world (intentional) and it was vulnerable to clickjacking (not intentional). I told him to restrict frame origin and then implement a whitelist.

My man comes back a month later with this issue of someone in google sites not being able to embed the element. GOOGLE FUCKING SITES!!!!! I didnt even know that shit existed! So natually i go through all the extremely in depth and nuanced explanations first: we start looking at web traffic logs and find out that its not the google site name thats trying to access the element, but one of google's web crawler-type things. Whatever. Whitelist that url. Nothing.

Another weird thing was the way that google sites referenced the iframe was a copy of it stored in a google subsite???? Something like "googleusercontent.com" instead of the actual site we were referencing. Whatever. Whitelisted it. Nothing.

We even looked at other solutions like opening the whitelist completely for a span of time to test to see if we could get it to work without the whitelist, as the dev was convinced that the whitelist was the issue. It STILL didnt work!

Because of this development i got more frustrated because this wasnt tested beforehand, and finally asked the question: do other web template sites have this issue like squarespace or wix?

Nope. Just google sites.

We concluded its not an issue with the whitelist, but merely an issue with either google sites or the way the webapp is designed, but considering it works on LITERALLY ANYTHING ELSE i am unsure that the latter is the answer.

We use MDD!! I coined this term one night after getting frustrated and having a lot of drinks. What's that, you ask?
MAGIC DRIVEN DEVELOPMENT
It's when you're working on a not-so-recent code base and are afraid to make any changes in fear of breaking things up. You've touched some modules, and now you restrict yourself to work only on those treating all others as a blackbox. Even if something can be achieved by a small change in one of the blackboxes, you still go for multiple changes in the modules you're familiar with! Such is the horror. You start saying that those modules work by some dark magic that nobody understands!

Ever since I started learning about React with Typescript my respect for design patterns that restrict how state can change has grown massively. On the web, nothing happens when you say it should happen; everything always takes a while to execute and there is always a transactional period between validating an action with client-side state and receiving the result from the server, and if you want to account for that everything becomes infinitely more complex and you eventually end up with mutexes.

I‘m currently trying to get an SFTP user for our school's webspace (preinstalled WordPress, don't hate it - it's "great" for non-"it" people) and our network administrator means that he can't create one for me because I would have access to all files on the server.
WTF, you can create SFTP users on Linux and restrict their access and even set a home directory.

Yeah, now we need to forget about themes and plugins in WordPress.

(He said that he also can't create an FTP user)

Today I am experiencing all the joys of workspace virtualisation, with CIT that only looks at security, not what is used by the people and why... They restrict me now from doing my work... While I am sitting at home 🤭 yeah open up another ticket explaining these asshats that we need things to get our jobs done, and that they just do things to pretend to enhance security by destroying productivity

Let us walk into ragnarok with sun on our faces... Why the fuck do I even work here?

A question to all software security specialists of devRant. Please, take it serious.

Is it fundamentally possible to restrict a SQL database like Postgres in a way that unintended SQL queries are impossible to execute? Perhaps in some kind of whitelist fashion. Is it possible to achieve the kind of security that will be just fine exposed to the outside world akin to "SQL queries in onClick handlers" scenario?

Or is this an uphill battle of never being able to moderate an infinite set of possible fraudulent queries?

//Feature request
!rant
Ability to block people or ability to restrict rant audience

So, it turns out I have hyper-mobility in my hands. The constant flexing of my wrists in positions it shouldn't be in has been why I've experienced pain while working.

I've been advised to wear splints to restrict the movement but I'm kinda worried. Got my first job coming up and don't want to turn up wearing these fucking things.

Trying to write a program a la `man` in ncurses and just, is this hell?

I just want a floating header, a scrollable main body that reads from a file, and a command line footer, why is that so difficult? I finally got it to handle resizing terminals but now I need to try to compile it for windows, which does have unofficial ports of ncurses, but I have no idea how to use them.

Should I just restrict the windows version to a non-interactive command instead of a TUI like I want?

What is it with websites that restrict content with "We're not gonna let you get past us" banners blocking the page like they're gatekeepers?

Some even go the extra half mile of disabling right clicking 😕

Don't they learn from analytics when a coder comes through?

Maybe they should ask Heimdall for some advice.

The more I learn the less I feel like I know with regards to programming.

As time goes on it seems more and more important to restrict picking up new topics so I can gain focus and clarity on the ones I already know a bit.

Should I double down on the ones I know or continue to try a bit of everything?

Fucking Quarkus. Fucking Panache. Fucking ORM.
I wanted to do a fucking simple projection. First this piece of fuck, the Panache, won't let me do a Projection because of a fucking bug, that haven't implemented it properly until 2.12 (fuck and you call this v2?). Ok, upgraded, to the latest 2.16, cuz why the fuck, i'm upgrading already. But now the whole fucking quarkus app won't start! Noice! Ok, fuck it, let's go down exactly to 2.12. Quarkus started, perfect. But now, this pice of fuck Hibernate says 'collection was evicted' whenever i tried to read a collection in the setter (Access.PROPERTY), which worked just fucking fine before. But okay, fuck you. I'll write a @PostLoad method, fine, just fuck off.
But that's not the end! Now it says I cannot write `select parent.someColl is not null and parent.collection is empty as canProcess` because "is empty" only supported in where clauses. What fucking wonderful system! Well, fuck you. I'll write a union query. But guess what! JPA standard does not support union queries, nor HQL (Eclipse Link does, btw). Ok, fuck this shit, let's write a native query. But hey, fucking Panache does not support that. There is no fucking place in their fucking docs stating anything about how to use native queries.
So, fuck you quarkus, fuck you panache, fuck you hibernate, fuck you overcomplicated limiting bullshit called full-fledged ORMs. I'm moving to a fucking mybatis and fuck it. It's simple as fuck, does not fucking restrict me in writing whatever shit query I want to write and let's me map the shit just fine.

The Restrict Act is a blatant power grab, after the kangaroo court which failed to propagandize US to hate tiktok. I guess not many even know what that means. Sleepwalking into information lockdown, tyranny.

One of those debugging days where minutes feel like hours, and hours like days.

I had the bad luck of being asked to dive into a legacy project which was unmaintained for months, but of course it's still on prod. And very suddenly the urgent need arrises to change stuff.

Yet: the docker stack won't work. It builds fine but the stack crashes.

Long story short: some internal api URI were renamed and at some point one internal api started to always require an access token. Which we set for the stage, prod env yet somebody forgot to mention that to the devs of legacy-project.

That ain't too bad.

WHAT IS FUCKING BAD IS THAT YOUR SHITTY APP SWALLOWS THE ERROR MESSAGE!

I mean it's bad enough I have to `var_dump && die` your app since you never bothered to setup a xdebug that I could use out of the box, yet egregious fact that your app would catch a valid exception but transforms it into an "internal warning" is borderline insane!

It's ok to throw exceptions. It's ok to let your service die. That's how other will know what and where to fix it. (You may want to restrict the data visible to the outside, but that's a whole different conversation.)

I am not a very experienced developer, so naturally I don't know many fundamental things. My thinking around a lot of the necessary things is that the answer should come to me according to the need. So an oversimplified example could be, say I'm solving a Dynamic programming problem, I should not need to know the algorithm beforehand I can maybe invent it. This thinking stops me learning a lot things because I feel like then when I learn a pattern I will restrict my thought process within the knowledge I have and not think beyond it. I feel like that I am doing the dumb mistake of learning things bt heart and not understanding.
Does anyone felt the same? What your experience says about this?

I don't understand how Facebook can restrict my account when I'm following *their official guide* to make a WhatsApp bot (which entails creating a business manager account and all that tralala) which basically makes it impossible to continue through the guide to get the WhatsApp bot to do what I want it to do (I only got as far as having it send a demo text and set up some of the account BS).

Needless to say, I went for the Discord bot approach and got it to do what I needed.

!tech . Can a doctor ever advise to get off the preventive measures?
I had a fracture 2 months ago which lead to a surgery in which a plate was inserted in my arm. post surgery i was asked to wear an arm brace (pic in comments)
this is basically a preventive brace to restrict certain movements while new bone is coming up at the crack.

i can understand its need but i am not sure if the doctor is going to recommend not using it ever. my arm has healed enough that i no longer feel pain in the surgery area, but in x rays, the bone still shows as not healed.

my feeling is that i should start wearing normal clothes and discard the brace and bone will eventually come on its own. its been 60+ days already.

But last time i had checkup with the doctor, he said to continue my daily operations while wearing ba brace because "what's wrong with wearing a brace in public? your hand was broken, now you can work with both hands but wearing a brace while your hand heals?"