Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Each month my department compiles a 4M row 150 column data table for compliance with a federal agency. Before submitting, we check it against about 400 rules.
The existing system was simply 400 queries that ran in sequence, table-scanning 4M rows each time, taking upwards of 6 hours, which is a huge bottleneck, especially if you have to make changes and rerun. Plus the output was rather one-dimensional.
I built a proper normalized database and created a sort of rules engine, running all 400 rules in one table scan. Not only does it complete in 30 minutes, but the reports generate automatically, and the results can be filtered on several dimensions to aid with root-cause analysis.
Management was pleased.4 -
Navy story time, and this one is lengthy.
As a Lieutenant Jr. I served for a year on a large (>100m) ship, with the duties of assistant navigation officer, and of course, unofficial computer guy. When I first entered the ship (carrying my trusty laptop), I had to wait for 2 hours at the officer's wardroom... where I noticed an ethernet plug. After 15 minutes of waiting, I got bored. Like, really bored. What on TCP/IP could possibly go wrong?
So, scanning the network it is. Besides the usual security holes I came to expect in ""military secure networks"" (Windows XP SP2 unpatched and Windows 2003 Servers, also unpatched) I came along a variety of interesting computers with interesting things... that I cannot name. The aggressive scan also crashed the SMB service on the server causing no end of cute reactions, until I restarted it remotely.
But me and my big mouth... I actually talked about it with the ship's CO and the electronics officer, and promptly got the unofficial duty of computer guy, aka helldesk, technical support and I-try-to-explain-you-that-it-is-impossible-given-my-resources guy. I seriously think that this was their punishment for me messing around. At one time I received a call, that a certain PC was disconnected. I repeatedly told them to look if the ethernet cable was on. "Yes, of course it's on, I am not an idiot." (yea, right)
So I went to that room, 4 decks down and 3 sections aft. Just to push in the half-popped out ethernet jack. I would swear it was on purpose, but reality showed me I was wrong, oh so dead wrong.
For the full year of my commission, I kept pestering the CO to assign me with an assistant to teach them, and to give approval for some serious upgrades, patching and documenting. No good.
I set up some little things to get them interested, like some NMEA relays and installed navigation software on certain computers, re-enabled the server's webmail and patched the server itself, tried to clean the malware (aka. Sisyphus' rock), and tried to enforce a security policy. I also tried to convince the CO to install a document management system, to his utter horror and refusal (he was the hard copy type, as were most officers in the ship). I gave up on almost all besides the assistant thing, because I knew that once I left, everything would go to the high-entropy status of carrying papers around, but the CO kept telling me that would be unnecessary.
"You'll always be our man, you'll fix it (sic)".
What could go wrong?
I got my transfer with 1 week's notice. Panic struck. The CO was... well, he was less shocked than I expected, but still shocked (I learned later that he knew beforehand, but decided not to tell anybody anything). So came the most rediculous request of all:
To put down, within 1 A4 sheet, and in simple instructions, the things one had to do in order to fulfil the duties of the computer guy.
I. SHIT. YOU. NOT.
My answer:
"What I can do is write: 'Please read the following:', followed by the list of books one must read in order to get some introductory understanding of network and server management, with most accompanying skills."
I was so glad I got out of that hellhole.6 -
TABLE BASED WEB DESIGN
I was surprised there were no rants about this topic before I realized it was more than a decade back 😳
We've never had it better! So to help add a little perspective for all those ranting about what is unarguably the golden age for web developers... let me fill you in on web dev in the late 90's;
JavaScript was a joke. No seriously! - I once got laughed out of the room for suggesting we try use it for more than disabling a button - (I wanted to check out the new XHR request thingy [read AJAX]).
HTML was simple and purely a markup language (with the exception of the marquee tag). The tags were basically just p,ul,ol,h*,form inputs,img and table and html took 10 minutes to learn. Any style was inline and equally crude - anything that wasn't crude could not be trusted and probably wouldn't render at all in most browsers (never mind render correctly).
There were rumors of a style TAG and something called a cascading style sheet which were received with much skepticism since it went against the old ways and any time saved would be lost writing multiple [IE version specific] style sheets for each browser just to get it to work - so we simply didn't.
No CSS meant the only tags you had to work with to create a structured layout were br, hr and table... so naturally EVERYTHING was in nested tables! JS callback hell can't touch this! - it was not uncommon to have 50+ nested tables all with inline style in a single page which would be edited without any dev tools or linting.
You would spend 30 minutes scanning td tags until your eyes bled to find something, make a change, ftp the file to the server, reload the web page and then spend 10 minutes staring at the devastation on your screen convinced you broke
the internet before spotting an un-closed td tag with your bloodshot eyes.
Tables were not just a silver bullet - they were the ONLY bullet and were in the wild west!
Q: Want an inline form or to align your inputs left?
A: Duh table!
Q: Want a border with round-corners, a shadow or blur?
A: That's easy! Your gonna want to put that table in the center cell of another table then crop a image of the border into 6 smaller images to put in the surrounding cells... oh and then spend 10 minutes fucking with mystical attributes like cell-padding and valign to get them flush.
...But hey at least on the bright-side vertically & horizontally centering stuff was a breeze!22 -
Navy story time again. Grab that coffee and fire up Kali, the theme is security.
So, when I got promoted to Lieutenant Jr. I had to attend a 1-year school inside my nostalgic Naval Academy... BUT! I was wiser, I was older... and I was bored. Like, really bored. What could go wrong? Well, all my fellow officers were bored too, so they started downloading/streaming/torrenting like crazy, and I had to wait for hours for the Kali updates to download, so...
mdk3 wlan0mon -d
I had this external wifi atheros card with two antennae and kicked all of them off the wifi. Some slightly smarter ones plugged cables on the net, and kept going, enjoying much faster speeds. I had to go to the bathroom, and once I returned they had unplugged the card. That kind of pissed me off, since they also thought it would be funny to hide it, along with the mouse.
But, oh boy, they had no idea what supreme asshole I can be when I am irked.
So, arpspoof it is. Turns out, there were no subnetworks, and the broadcast domain was ALL of the academy. That means I shut EVERYONE off, except me. Hardware was returned in 1 minute with the requested apologies, but fuck it, I kept the whole academy off the net for 6 hours. The sysadmin ran around like crazy, because nothing was working. Not even the servers.
I finally took pity on the guy (he had gotten the duties of sysadmin when the previous sysad died, so think about that) and he almost assaulted me when I told him. As it turned out, the guy never had any training or knowledge on security, so I had to show him a few things, and point him to where he could study about the rest. But still, some selective arp poison on select douchebags was in order...
Needless to say, people were VERY polite to me after that. And the net speed was up again, so I got bored. Again. So I started scanning the net.
To be continued...3 -
Navy story continued.
And continuing from the arp poisoning and boredom, I started scanning the network...
So I found plenty of WinXP computers, even some Win2k servers (I shit you not, the year was 201X) I decided to play around with merasploit a bit. I mean, this had to be a secure net, right?
Like hell it was.
Among the select douchebags I arp poisoned was a senior officer that had a VERY high idea for himself, and also believed he was tech-savvy. Now that, is a combination that is the red cloth for assholes like me. But I had to be more careful, as news of the network outage leaked, and rumours of "that guy" went amok, but because the whole sysadmin thing was on the shoulders of one guy, none could track it to me in explicit way. Not that i cared, actually, when I am pissed I act with all the subtleness of an atom bomb on steroids.
So, after some scanning and arp poisoning (changing the source MAC address this time) I said...
"Let's try this common exploit, it supposedly shouldn't work, there have been notifications about it, I've read them." Oh boy, was I in for a treat. 12 meterpreter sessions. FUCKING 12. The academy's online printer had no authentication, so I took the liberty of printing a few pages of ASCII jolly rogers (cute stuff, I know, but I was still in ITSec puberty) and decided to fuck around with the other PCs. One thing I found out is that some professors' PCs had the extreme password of 1234. Serious security, that was. Had I known earlier, I could have skipped a TON of pointless memorising...
Anyway, I was running amok the entire network, the sysad never had a chance on that, and he seemed preoccupied with EVERYTHING ELSE besides monitoring the net, like fixing (replacing) the keyboard for the commander's secretary, so...
BTW, most PCs had antivirus, but SO out of date that I didn't even need to encode the payload or do any other trick. An LDAP server was open, and the hashed admin password was the name of his wife. Go figure.
I looked at a WinXP laptop with a weird name, and fired my trusty ms08_067 on it. Passowrd: "aaw". I seriously thought that Ophcrack was broken, but I confirmed it. WTF? I started looking into the files... nothing too suspicious... wait a min, this guy is supposed to work, why his browser is showing porn?
Looking at the ""Deleted"" files (hah!) I fount a TON of documents with "SECRET" in them. Curious...
Decided to download everything, like the asshole I am, and restart his PC, AND to leave him with another desktop wallpaper and a text message. Thinking that he took the hint, I told the sysadmin about the vulnerable PCs and went to class...
In the middle of the class (I think it was anti-air warfare or anti-submarine warfare) the sysad burst through the door shouting "Stop it, that's the second-in-command's PC!".
Stunned silence. Even the professor (who was an officer). God, that was awkward. So, to make things MORE awkward (like the asshole I am) I burned every document to a DVD and the next day I took the sysad and went to the second-in-command of the academy.
Surprisingly he took the whole thing in quite the easygoing fashion. I half-expected court martial or at least a good yelling, but no. Anyway, after our conversation I cornered the sysad and barraged him with some tons of security holes, needed upgrades and settings etc. I still don't know if he managed to patch everything (I left him a detailed report) because, as I've written before, budget constraints in the military are the stuff of nightmares. Still, after that, oddly, most people wouldn't even talk to me.
God, that was a nice period of my life, not having to pretend to be interested about sports and TV shows. It would be almost like a story from highschool (if our highschool had such things as a network back then - yes, I am old).
Your stories?8 -
It's done! Network printer and scanner, hosted by a Raspberry Pi Zero W. I used CUPS to host the printer, but the scanner was much more difficult. I installed apache2 on the Pi to host a HTML front-end that I wrote. Once you set up the scan, the front-end makes an AJAX call to a PHP script, which then calls my Python script that does the scanning and converting. Once that's done, it returns the file name via the AJAX call, then the front-end downloads the scanned PDF on the computer. I even managed to impress my girlfriend, who didn't really understand what I was doing until I showed her the end result 😄
I might try to pipe the output of the conversion straight back via AJAX, to be downloaded without a second call.
9 -
So...
I'm penetrationtesting a network and the servers on said network
The network administrator and IT security officer knows this, because they hired me..
TL;DR a scan caused the network to crash.
Today I received a very angry email going "Stop scanning NOW!" from one of the IT departments.
Apparently I crashed their login server and thus their entire network...
It happened d the first time I scanned the network from the outside and they had spend an entire day figuring out how and repairing the service they thought was the problem, but then it crashed again, when I scanned from within the network.
Now they want to send me a list of IP's that I'm not allowed to scan and want to know exactly what and when I'm scanning...
How crap can they be at their job, if they weren't able to spot a scan... The only reason they found out it was me was because the NA had whitelistet my IP, so that I could scan in peace...5 -
Year 2200, somewhere unknown. A robot drone flies above a now destroyed city. As it slowly descends down, it finds it's way into a building. In the rubble, a monitor is still flashing. The drone moves toward the monitor. After few minutes of analysis, drone releases a connector from it's belly. It connects to CPU nearby. After scanning the system for another few minutes, it's apparent the system was not the new OS which the Government released and Mandated. Rather, a prehistoric OS which legends spoke in hushed tones. An OS so powerful, which controlled then millions of computers.
Like the story so far? Should I continue?9 -
Typical TSA (Airport Security)
Security: Please put all of your handheld objects and your outer clothes in this basket.
Me: (puts my bag, in flight luggage, and takes out laptop, bluetooth speaker, bluetooth mouse, bluetooth keyboard, tablet, android phone, dongle bag, and windows phone)
S: (stares at me as if I am a rich kid)
M: May I go through?
S: (nods)
M: (smirks, and goes through metal detector)
BeepBeepBeep!
M: (oh shit.)
Scanning Officer: Raise your hand!
M: Mmmhmm
S: (Hovers the detection stick around my body, but it doesn't ring, tells me to pass through the detector again. Still rings. Super confused. Asks me to do this 2-3 times more. Still same.)
M: Aha! I have my bluetooth earphones here! Sorry!
S: (stares at me, as if he is saying what a f****** weirdo)
My stuff comes out. I put my devices in the bag. The scanning officer stares at me.
M: (smirks)
To be continued....2 -
so my isp assigned all of our devices WAN ip's instead of giving our router a WAN ip and letting us handle our own lan.
so our subnet is x.x.15.255
but when I subnet scan x.x.255.255 I get 1337 results, no joke 1337
so I can access windows servers, ip cameras, sure a lot of them are locked, I'm scanning 0.0.0.1 - 255.255.255.255 now to see what else there is.
wwyd?35 -
Real life job interview…
Manager: what about this problem? Could you solve it? (Showing me a problem about scanning a 2d array to find a value written on a piece of paper)
Me: sure! Just give me a piece of paper and I will write a solution.
Manager: no need for that. I don’t have the knowledge to check that anyway… if I wanted you to solve it I would have called one of my programmers.
…
Manager: do you have any question about the company?
Me: What do you exactly do in the company? I wonder what is the purpose of a person that makes questions about things he doesn’t know.3 -
Paranoid Developers - It's a long one
Backstory: I was a freelance web developer when I managed to land a place on a cyber security program with who I consider to be the world leaders in the field (details deliberately withheld; who's paranoid now?). Other than the basic security practices of web dev, my experience with Cyber was limited to the OU introduction course, so I was wholly unprepared for the level of, occasionally hysterical, paranoia that my fellow cohort seemed to perpetually live in. The following is a collection of stories from several of these people, because if I only wrote about one they would accuse me of providing too much data allowing an attacker to aggregate and steal their identity. They do use devrant so if you're reading this, know that I love you and that something is wrong with you.
That time when...
He wrote a social media network with end-to-end encryption before it was cool.
He wrote custom 64kb encryption for his academic HDD.
He removed the 3 HDD from his desktop and stored them in a safe, whenever he left the house.
He set up a pfsense virtualbox with a firewall policy to block the port the student monitoring software used (effectively rendering it useless and definitely in breach of the IT policy).
He used only hashes of passwords as passwords (which isn't actually good).
He kept a drill on the desk ready to destroy his HDD at a moments notice.
He started developing a device to drill through his HDD when he pushed a button. May or may not have finished it.
He set up a new email account for each individual online service.
He hosted a website from his own home server so he didn't have to host the files elsewhere (which is just awful for home network security).
He unplugged the home router and began scanning his devices and manually searching through the process list when his music stopped playing on the laptop several times (turns out he had a wobbly spacebar and the shaking washing machine provided enough jittering for a button press).
He brought his own privacy screen to work (remember, this is a security place, with like background checks and all sorts).
He gave his C programming coursework (a simple messaging program) 2048 bit encryption, which was not required.
He wrote a custom encryption for his other C programming coursework as well as writing out the enigma encryption because there was no library, again not required.
He bought a burner phone to visit the capital city.
He bought a burner phone whenever he left his hometown come to think of it.
He bought a smartphone online, wiped it and installed new firmware (it was Chinese; I'm not saying anything about the Chinese, you're the one thinking it).
He bought a smartphone and installed Kali Linux NetHunter so he could test WiFi networks he connected to before using them on his personal device.
(You might be noticing it's all he's. Maybe it is, maybe it isn't).
He ate a sim card.
He brought a balaclava to pentesting training (it was pretty meme).
He printed out his source code as a manual read-only method.
He made a rule on his academic email to block incoming mail from the academic body (to be fair this is a good spam policy).
He withdraws money from a different cashpoint everytime to avoid patterns in his behaviour (the irony).
He reported someone for hacking the centre's network when they built their own website for practice using XAMMP.
I'm going to stop there. I could tell you so many more stories about these guys, some about them being paranoid and some about the stupid antics Cyber Security and Information Assurance students get up to. Well done for making it this far. Hope you enjoyed it.
26 -
Remember Apple's initiative to scan photos on user's devices to find child pornography?
Today I finally decided to research this.
The evidence is conflicting.
For context, the database of prohibited material is called CSAM (child sexual abuse material).
“If it finds any CSAM, it will report the user to law enforcement.”
— Futurism
“Apple said neither feature would compromise the security of private communications or notify police.”
— NPR
CSAM initiative is dead. It won't scan photos in iCloud. It won't scan photos on your device. It will be a feature that only works in some countries, only on children's devices, and it will be opt-in. It will only work for iMessage attachments.
This is what Apple actually said at https://www.apple.com/child-safety:
- “Features available in Australia, Belgium, Brazil, Canada, France, Germany, Italy, Japan, Netherlands, New Zealand, South Korea, Spain, Sweden, UK, and U.S.”
- “The Messages app includes tools to warn children when receiving or sending photos that contain nudity. These features are not enabled by default. If parents opt in, these warnings will be turned on for the child accounts in their Family Sharing plan.”
News outlets telling people they will be automatically reported to authorities, and then telling there can be false-positives is a classic example of fearmongering. I hate this. Remember, anger and fear are the most marketable emotions. They make you click. News are and will always be worded to cause these emotions — it brings in money.
When presented with good news, people think they're not being told the truth. When presented with bad news, even when they're made up, people think it's the truth that's being hidden from them. This is how news works.
Now, a HUGE but:
Apple is a multi-billion dollar corporation. There is no such thing as good billionaires. Corporations will always wait for chances to invade privacy. It's like boiling the frog — one tiny measure here, one there, and just like this, step by step, they will eliminate the privacy completely. It's in their interest to have all the data about you. It brings control.
This is not the first time Apple tries to do shit like this, and it definitely won't be the last. You have to keep an eye on your privacy. If you want your privacy in the digital age, it's necessary to fight back. If you live in Europe, take the action and vote for initiatives that oppose corporate tyranny and privacy invasions.
Privacy on the internet is one thing, but scanning people's devices is a whole another thing. This is unacceptable no matter the rationale behind it. Expect more measures like that in the near future.
Research Linux. Find a distro that suits you. The notion that you can't switch because of apps/UI/etc. may be dictated by our brain's tendency to conserve energy and avoid the change.
Take a look at mobile distros like Graphene OS and LineageOS. The former only supports Pixel devices, the latter supports a wide range of devices including OnePlus and Xiaomi. They'll have FAR better privacy than iPhones.
Consider switching. It's easier than you think. Yes, it's me who's saying this. I do and will always protect people/companies from unjust criticism, and I consider myself an Apple fangirl for personal reasons related to my childhood, yet I won't fight blindly. CSAM initiative is a valid criticism, and there's nothing preventing me from saying this is unacceptable, and Apple deserves the backlash they got.11 -
I've caught the efficiency bug.
I recently started a minimum wage job to get my life back in order after a failed 2 year project (post mortem: next time bring more cash for a longer runway)
I've noticed this thing I do at every job, where I see inefficiency and I think "how can I use technology to automate myself out of this job?"
My first ever application was in C++ for college (a BASIC interpreter) and it's been so long I've since forgotten the language.
But after a while every language starts to look like every other language, and you start to wonder if maybe the reason you never seriously went anywhere as a programmer was because you never really were cut out for it.
Code monkey, sure. Programmer? Dunno, maybe I just suffer from imposter syndrome.
So a few years back I worked at a retail chain. Nothing as big as walmart, but they have well over 10k store locations. They had two IBM handscanners per store, old grungy ugly things, and one of these machines would inevitably be broken, lost or in need of upgrade/replacement about once a year, per location. District manager, who I hit it off with, and made a point of building report with, told me they were paying something like $1500 a piece.
After a programming dry spell, I picked up 'coding' with MIT app inventor. Built a 'mostly complete' inventory management app over the course of a month, and waited for the right time.
The day of a big store audit, (and the day before a multi-regional meeting), I made sure I was in-store at the same time as my district manager, so he could 'stumble upon' me working, scanning in and pricing items into the app.
Naturally he asked about it, and I had the numbers, the print outs, and the app itself to show him. He seemed impressed by what amounted to a code monkeys 'non-code' solution for a problem they had.
Long story short, he does what I expected, runs it by the other regionals and middle executives at the meeting, and six months later they had invested in a full blown in house app, cutting IBM out of the mix I presume.
From what I understand they now use the app throughout the entire store chain.
So if you work at IBM, sorry, that contract you lost for handscanners at 10k+ stores? Yeah that was my fault (and MIT app inventor).
They say software is 'eating the world' but it really goes to show, for a lot of 'almost coders' and 'code monkeys' half our problem is dealing with setup and platform boilerplate. I think in the future that a lot of jobs are either going to be created or destroyed thanks to better 'low code' solutions, and it seems to be a big potential future market.
In the mean while I've realized, while working on side projects, that maybe I can do this after all, and taken up Kotlin. I want to do a couple of apps for efficiency and store tracking at my current employer to see if I'm capable and not just an mit app-inventor codemonkey after all.
I'm hoping, by demonstrating what I can do, I can use that as a springboard into an internal programming position at my current gig (which seems to be a company thats moving towards a more tech oriented approach to efficiency and management). Also watching money walk out the door due to inefficiency kinda pisses me off, and the thought of fixing those issues sounds really interesting. At the end of the day I just like learning new technologies, and maybe this is all just an excuse to pick up something new after spending so long on less serious work.
I still have a ways to go, but the prospect of working on B2B, and being able to offer technological solutions to common and recurring business needs excites the hell out of me..as cringy and over-repeated as that may sound.5 -
Casual workday be like:
Project manager: It is important we deliver these features.
Me & Coworker: Sounds reasonable, here is how long we need, roughly.
Mgr: Well, the deadline is already set and the contract is signed and written.
M&C: Ummm...
Mgr: Also, while we are hosting the application, we are not paid for operational cost, so make sure to optimise the crap out of it immediatly. Preferably while developing the features.
(A wild architect appears): Also everything has to be built on cans and kubernuts, with rectangular ui and bootstyling and with these internally developed backend frameworks NOBODY tests. Coroporate policy you know.
(A wilder division CEO appears on meeting): Also we are rolling out code KPI's across the organisation. Everyone is expected to Focus on documentation, test coverage and there is now mandatory SonarQube scanning of repos. ZERO DEFECTS PEOPLE
M&C: ...
(Wildest Salesteam appears): By the way we sold the application to these other customers, they love feature XYZ and must have it.
M&C: It does not have feature XYZ
Mgr: It will have feature XYZ
M&C: Allright so with all the extra funding from the sales, we need to hire atleast one Machine learning guy, an extra frontend specialist a developer and maybe funnel some of the funding into slacking the operational budget in the start.
Animated Suit *Railing a line of coke from his gold plated ihpone 15*: What funding? Get to work. Also your havent been super sharp with your time registration.
2 -
While Apple is putting 12-year-old fingerprint readers into MacBooks, Microsoft is scanning your eyes with Windows Hello. Who's innovative?13
-
Just when you are done working and want to relax so you start the pc, and this shows. Tableflip. 😒
9 -
Had a late night thought and I made this handy tool. It Lets you transfer files and directories from your computer to your mobile device by scanning a QR code right from the terminal.
https://github.com/mirimmad/...2 -
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.
Vulnerability scanning is not penetration testing.9 -
Walk into mall, bring my child to kids zone. They have free wifi 🤤
Accessing -> Scanning -> Got Ya! -> Brute Force -> Cracked!
There you're.
Now I can monitoring my kid while reading rant!
Just normal day in my life
6 -
What features would you want in a logger?
Here's what I'm planning so far:
- Tagged entries for easy scanning of log file
- Support for indenting to group similar sequential entries
- Multiple entry types (normal, info, event, warning, error, fatal, debug, verbose)
- Meta entries, so the logger logging about itself, e.g. disk i/o failures.
- Ability to add custom entry types, including tag, log-level, etc.
- Customizable timestamp function
- Support for JS's async nature -- this equates to passing a unique key per 'thread'; the logger will re-write all the parent blocks for context, if necessary. if that sounds confusing, it's okay; just trust that it makes sense.
- Caching, retries, etc. in the event of disk i/o issues.
- Support for custom writers, allowing you to e.g. write logs to an API rather than console or disk.
How about these features?
- Multiple (named) logs with separate writers (console, disk, etc.)
- Ability to individually enable/disable writing of specific entry types. (want verbose but not info? sure thing, weirdo!)
- Multiple writers per log. Combined with the above, this would allow you to write specific entry types (e.g. error, warning, fatal) to stderr instead of stdout, or to different apis.
- Ability to write the same log entry to multiple logs simultaneously
What do you think of these features?
What other features would you want?
I'm open to suggestions!18 -
Germany trying to fight Covid with digital tools (at least not another app today): registered for a test with QR-Code, Webform and E-Mail. After being tested by friendly people, I received an email that contains a link to a download of a PDF document.
Inside the PDF, a QR code, and a bureaucratic text like during the time of the Prussian emperor: "Bescheinigung über das Vorliegen eines positiven oder negativen Tests (Antigen Schnelltest) zum Nachweis des SARS-CoV-2 Virus".
Okay, we have a national "Corona Warn App" using Google's bluetooth based distancing detection, that also allows to add a test by scanning a QR code.
Scanned the code, got
"QR code is invalid".
Despite the unfriendly UX writing and the unhelpful description, another proof of the state of digitalization in Germany in 2021.
I am not even surprised.
At least my test result is negative.11 -
When you thought web browsers use too much memory, introducing a document scanning app that uses only 2,7 GB of ram.
Just a slight memory leak.
5 -
A guy I work with put some sort of network scanning software on his phone. It reported 2 machines on our network with the word "China" in them.
So I changed the name of my machine to "Russian-Hacker".6 -
Storytime!
I got a ticket near the end of the day, asking to install a printer on a computer. The branch in question was in a different time zone (I'm in US-Pacific [GMT-07] and the computer was in US-Eastern [GMT-04]). I figured I wouldn't worry about it; after all, I had other tickets to work on that were much higher priority.
The next day I come into work and immediately get a message from one of my East Coast coworkers, telling me that this branch is calling and asking how the printer is coming. I told him to tell them I would call them a bit later. I do a couple of easy jobs and then begrudgingly call the branch. I listen to the phone tree that they have (which requires two button presses instead of one in order to speak with someone) and finally get in contact with a person... only to have the call disconnect.
I call back and ask for the person who called in the ticket and then followed up, who had apparently gone to lunch. I informed the person that I was just going to install the printer and it would be good to go. This would be fine... up until she mentioned she needed scanning functionality.
Now I wasn't sure if the driver we have in AD is set up with the scan functionality, so I said okay, but that meant I would have to get the driver from the website. The connection to our branches are about 1Mbps, so even downloading Java updates (60-ish MB) take about 5-10 minutes on a good day. The file for this printer was about 700MB (thanks HP). So I went and did other stuff while that downloaded.
I come back after it finished and started the install process. Right away it asks to re-seat the USB cable. So I call the branch. The call disconnects. I call again. It disconnects. I call one more time, and finally get the person who called the ticket in. I instruct him to re-seat the cable. He does. The driver starts doing its thing. I tell him I'll call back if I run into any issues and we hang up.
The driver goes through the install process for about 20 minutes, stops at 99%, then fails. I want to restart the computer, just in case there's a conflict somewhere, but that would require calling the store again, so I put it off.
About an hour later I get a message from another East Coast coworker, telling me the branch is calling about the printer again. I was in the middle of another call and said I would call back later. I do. It disconnects. I call again, and get the person who called the ticket in again. I tell him I want to restart the computer, but wasn't sure if it was okay. He checks with the people using it, who says it's okay, so I reboot. I hang up.
Once the computer comes back up I start the install process again. It asks to re-seat the cable. Fuck. I don't want to call the store again, so I open notepad and say "Please take out the printer's USB connection from the back of the computer."
Three. Fucking. People. Saw it. They moved the window and one even tried to close it, but they didn't re-seat the cable. I opened another window, telling them to call me at my number. They didn't. I called them. Got disconnected. I called them again, finally got someone, told them to re-seat the printer cable again. They do, thank god.
I say thank you and hang up. Continue the installer. It stops at 99% again and fails. I reboot the computer; screw it, I'm just going to install the driver from Active Directory. Check Devices and Printers. It's installed successfully. Hallelujah!
I get the printer set up for the various programs they use and print a test page. I call them one last time; their phone system sounding like they were connected via an underwater line connected by tin cans. I get someone.
$me: Hi, I want to know if the printer has printed something.
$them (garbled): -et me shee... yesh, it -rint-d a *beezelborp*.
$me: Perfect, I'm going to close this ticket! Thanks, goodbye! *hangs up*
tl;dr - I hate printers -
A few years ago I was in high school and used to have a small reputation of hacking things. I could hack, just would never hack any school networks or systems (reputation + notice that there was a breach is a bad combo since everyone would immediately suspect you).
Anyways one day the networks internet connection went down in the school district and I was the only one who used a laptop to take notes. So I quickly opened the terminal and ran Wireshark and said to the person to my right "see that button there? yeah I programmed this last night. anytime I press it I can shut down the network so the teacher can't reach her files (she famously only saved them online). *Long dramatic press* Wireshark started scanning the network so all the numbers and lines were going crazy as it viewed the packet info "Now just wait", soon the whole class knew what I had done through whispers and lo and behold a few minutes later and the teacher couldn't reach her files.
Everyone loved me for the rest of the year for saving them from the homework for the week the wifi network was out since it also ended up having to cancel two tests in the class, and a lot more homework and tests in all their other classes. Solidified my reputation and no one fucked with me from that day on. -
My mom asked me to speed up her PC's startup process. I looked into it and and probably found the problem: G Data.
I told her she has to delete it, there is windows defender anyways (and virus scanners are just snake oil). She refused and said: But I bought it from the local IT shop. They said it is the best.
I said: Yeah because they cannot sell windows defender...
She still argued that she paid for it and wants to keep it.
That was were I said: then enjoy your slow startups.
She also said she feels more secure with it. 🙄
I would not even be able to work with that PC! Its not old at all, but the permanent scanning comes at a high cost and probably does not help much.
But she trusts that local it store guy more than me apparently.5 -
And just when you like Linux a little too much, it bites you in the ass to remind you why the year of the Linux desktop never happened.
Wifi printer is installed, CUPS test page works, even scanning works. But printing anything else results in the printer spitting out raw postscript with a few random lines per page.
Great. Looks like I'll have to print to PDF, then go to a copy shop and print because printing under Linux is still an unsolved issue.
And yes, that would have worked even with Windows 10. Fuck.24 -
TL;DR just read this
So my current (student) job. Asked me to count inventory. Did so, on paper because nobody had a list of the product barcodes for easy cumulative scanning. I also made records for every single barcode. Then I had to key it in onto the Bookkeeping and sales software thing. They don't have keyboard shortcuts, so I quickly made an ahk script.
Had to manually type in everything 3ven though I had a digital listing.
Software lets you print barcodes for products but gives you an error when you try because you haven't assigned a code. WHICH YOU CAN'T DO IN THAT Crap. You also can't search for a product based on code.
Found out it used access as a back end for that buggy c++ thing that crashes with 'operation not permitted' when you press the red x. Great! Now I can import! And there is a barcode field. Wow. Fucking fantastic. What a fuckfest.
Their website. Their fucking website. Great from a user's standpoint, but my God. It uses joomla! However, version 2.5. That hasn't been supported for a long time. Part of the images are hard coded into the theme. The text editor flips. Adding a page sometimes works, sometimes it doesn't, and sometimes makes 2 pages.
And their cnc lathe runs on a laptop with Windows 3 on it, but hey, fine5 -
I'm making a telegram bot to allow printing and scanning for my roommates that have Windows and since printer and scanner are prehistoric there are no drivers that work with Windows higher than XP.
I'm looking for more ideas on features for bot.18 -
Angular is still a pile of steaming donkey shit in 2023 and whoever thinks the opposite is either a damn js hipster (you know, those types that put js in everything they do and that run like a fly on a lot of turds form one js framework to the next saying "hey you tried this cool framework, this will solve everything" everytime), or you don't understand anything about software developement.
I am a 14 year developer so don't even try to tell me you don't understand this so you complain.
I build every fucking thing imaginable. from firmware interfaces for high level languaces from C++, to RFID low level reading code, to full blown business level web apps (yes, unluckily even with js, and yes, even with Angular up to Angular15, Vue, React etc etc), barcode scanning and windows ce embedded systems, every flavour of sql and documental db, vectorial db code, tech assistance and help desk on every OS, every kind of .NET/C# flavour (Xamarin, CE, WPF, Net framework, net core, .NET 5-8 etc etc) and many more
Everytime, since I've put my hands on angularJs, up from angular 2, angular 8, and now angular 15 (the only 3 version I've touched) I'm always baffled on how bad and stupid that dumpster fire shit excuse of a framework is.
They added observables everywhere to look cool and it's not necessary.
They care about making it look "hey we use observables, we are coo, up to date and reactive!!11!!1!" and they can't even fix their shit with the change detection mechanism, a notorious shitty patchwork of bugs since earlier angular version.
They literally built a whole ecosystem of shitty hacks around it to make it work and it's 100x times complex than anything else comparable around. except maybe for vanilla js (fucking js).
I don't event want todig in in the shit pool that is their whole ecosystem of tooling (webpack, npm, ng-something, angular.json, package.json), they are just too ridiculous to even be mentioned.
Countless time I dwelled the humongous mazes of those unstable, unrealiable shitty files/tools that give more troubles than those that solve.
I am here again, building the nth business critical web portal in angular 16 (latest sack of purtrid shit they put out) and like Pink Floyd says "What we found, same old fears".
Nothing changed, it's the same unintelligible product of the mind of a total dumbass.
Fuck off js, I will not find peace until Brendan Eich dies of some agonizing illness or by my hands
I don't write many rants but this, I've been keeping it inside my chest for too long.
I fucking hate js and I want to open the head of js creator like the doom marine on berserk19 -
ARE YOU READY FOR WORKPLACE BRAIN SCANNING?
Extracting and using brain data will make workers happier and more productive, backers say
https://spectrum.ieee.org/neurotech...
"What takes much more time are the cognitive and motor processes that occur after the decision making—planning a response (such as saying something or pushing a button) and then executing that response. If you can skip these planning and execution phases and instead use EEG to directly access the output of the brain’s visual processing and decision-making systems, you can perform image-recognition tasks far faster. The user no longer has to actively think: For an expert, just that fleeting first impression is enough for their brain to make an accurate determination of what’s in the image."12 -
I was originally looking for a USB print and scanner server, but I ended up getting two Raspberry Pis instead. The Zero W will serve the printer (CUPS for printing and SANE for an online PDF scanning system that I'll create) and I'll use the 3B as a media server. Time to learn some Python 😄3
-
As I read this headline, all I could imagine was Mark Zuckerberg stood by an office scanner literally scanning each individual image or text that were printed on separate pieces of paper
2 -
I'm performing a pentest for my client.
So after scanning my client's network I understood they're using IIS 4.5 and windows server 2012 (or 2012 R2)
I know the systems are real old.
And there are known exploits for them.
The tricky part is I have to stay hidden and I only have my own credentials for logging in to the asp page. (Uploading a script is almost crossed cuz it will reveal my identity)
Also I have access to the local network with some of the other employees user/pass.
Any recommendation for exploiting and staying hidden at the same time ?
One more question : will exploits for newer versions work for the older ones necessarily?8 -
Working for a company with solid procedures really makes me appreciate how important they are. Knowing someone will be scanning through my pull request made me *really think* about appropriate layout and commenting. Before I could submit any old code and the other programmer wouldn't give a monkeys.
I guess that's a poor reflection on my performance but, I'm working on it -
Father's friend ask if I'm gonna open printing and scanning press when I'm done with IT degree.
I said yes to avoid been his tech support1 -
Okay so my brother in law has a laptop that is... To put it mildly, chockful of viruses of all sort, as it's an old machine still running w7 while still being online and an av about 7 years out of date.
So my bro in law (let's just call him my bro) asked me to install an adblock.
As I launched chrome and went to install it, how ever, the addon page said something like "Cannot install, chrome is managed by your company" - wtf?
Also, the out of date AV couldn't even be updated as its main service just wouldn't start.
Okay, something fishy going on... Uninstalled the old av, downloaded malware bytes and went to scan the whole pc.
Before I went to bed, it'd already found >150 detections. Though as the computer is so old, the progress was slow.
Thinking it would have enough time over night, I went to bed... Only to find out the next morning... It BSoD'd over night, and so none of the finds were removed.
Uuugh! Okay, so... Scanning out of a live booted linux it is I thought! Little did I know how much it'd infuriate me!
Looking through google, I found several live rescue images from popular AV brands. But:
1 - Kaspersky Sys Rescue -- Doesn't even support non-EFI systems
2 - Eset SysRescue -- Doesn't mount the system drive, terminal emulator is X64 while the CPU of the laptop is X86 meaning I cannot run that. Doesn't provide any info on username and passwords, had to dig around the image from the laptop I used to burn it to the USB drive to find the user was, in fact, called eset and had an empty password. Root had pass set but not in the image shadow file, so no idea really. Couldn't sudo as the eset user, except for the terminal emulator, which crashes thanks to the architecture mismatch.
3 - avast - live usb / cd cannot be downloaded from web, has to be installed through avast, which I really didn't want to install on my laptop just to make a rescue flash drive
4 - comodo - didn't even boot due to architecture mismatch
Fuck it! Sick and tired of this, I'm downloading Debian with XFCE. Switched to a tty1 after kernel loads, killed lightdm and Xserver to minimize usb drive reads, downloaded clamav (which got stuck on man-db update. After 20 minutes... I just killed it from a second tty, and the install finished successfully)
A definitions update, short manual skimover, and finally, got scanning!
Only... It's taking forever and not printing anything. Stracing the clamscan command showed it was... Loading the virus definitions lol... Okay, it's doing its thing, I can finally go have dinner
Man I didn't know x86 support got so weak in the couple years I haven't used Linux on a laptop lol.9 -
Who the fuck comes to the idea of printing the local IP address on the Fucking screen?
Yes, I know that it is not remotely accessable (only when there is no port forwarding set for that ip), but think of that this way: Someone manages to get in that network. Without scanning the network, you would have your first victim. You could analyzer the traffic of that victim and find more victims. And so on
8 -
Funny how DPI impacts scanning speed... I have been scanning 150 DPI the whole time hoping it would save me some time, I'm better off with 225.
(Left: DPI, Right: seconds)
4 -
Hey Google
Did you know that
uuuuuuh
you can go choke on my already available location that my phone already shows?
1 -
I decided to tweak my two years old-mild overclocking on my main/home pc, to get more juice out of it.
Started with small steps running benchmarks each time I upped the clock.
Didnt crash me once up until it crashed while windows was booting after restart.
I thought to myself, that's normal, now I just have to lower it a bit until I find the sweet spot.
After windows finished crash dumping, restarted, lowered clock from bios, and headed to boot windows.
Windows recovery came up to scan my installation, pretty normal after a bsod.
I was waiting for it to finish, thinking that ofc there is no error you silly windows, until the recovery said that it could not recognize the error.
Proceeding to boot normal windows via the correspndent button in the recovery, the recovery itself came up again scanning for errors. I waited again only for the same outcome, and restarted my pc.
Yeap the recovery again scanning for errors.
How the hell did my boot became corrupted after just a crash. I've been fighting since yesterday for hours to fix this shitty situation but to no avail. I really dont want to clean install...
I couldnt even sleep well last night thinking that I have to fix this after work today...
Fuck my life, fuck windows3 -
So working on the cutting edge of 3d scanning (think project tango) i feel like my boss and his client are trying to sell a sham.
The technology is amazing but very limited. They are trying to sell magic. The PoC barrely works properly by their standards, and the one they are trying to sell to saw a fluke in behaviour that made it appear as if the PoC worked like how they are trying to sell it.
I hear them brooding over this plan to just sell that without any real plans to make this project work. There is no way they can make it work eithout compromises.
I do not want to be part of this ._.2 -
We support a system we inherited from another company, it’s an online document store for technical specifications of electronic devices used by loads of people.
This thing is the biggest pile of shite I’ve ever seen, it wasn’t written by developers but rather by civil engineers who could write vb...so needless to say it’s classic asp running on iis, but it’s not only written in vbscript oh god no, some of it is vb other parts is jscript (Microsoft’s janky old JavaScript implementation) and the rest is php.
When we first inherited it we spent the best part of 2 months fixing security vulnerabilities before we were willing to put it near the internet - to this day I remain convinced the only reason it was never hacked is that everything scanning it thought it was a honeypot.
We’ve told the client that this thing needs put out of its misery but they insist on keeping it going. Whenever anything goes wrong it falls to me and it ends up taking me days to work out what’s happening with it. So far the only way I’ve worked out how to debug it is to start doing “Response.AddHeader(‘debug’, ‘<thing>’) on the production site and looking at the header responses in the browser.
I feel dirty doing that but it works so I don’t really care at this point
FUCK I hate this thing!3 -
Gotta love the IoT.
They set up a new surveillance camera in the company, that can stream live footage over the network and that little shit picked the IP adress of a coworker one day AFTER being set up.
Hurray for static routing. Hurray to the person who didn't disable DHCP on the router (Should probably configure my PC to use a static IP as well lel)
Anyways, this happened outta nowhere when I, the only guy who knows shit about IT and is usually present at yhe office, wasn't there and could not connect remotely.
The other, remote programmer, who set up the network, could guide the coworker to get a new IP but, he was worried that we got ourselves an intruder.
Since nobody told me yet that we (should) have static routing, I thought there was a mastermind at work who could get into a network without a wifi-access point and spoof the coworker in order to access the some documents.
The adrenaline rush was real 😨
Scanning the network with nmap solved the mystery rather quickly but thought me that I need to set up a secure way to get remote access on the network.
I would appreciate some input on the set up I thought of:
A raspberry Pi connected to a vpn that runs ssh with pw auth disabled and the ssh port moved.
Would set up the vpn in a similar fashion. -
Finally got myself a rocketbook everlast. Now just 1 Notebook instead of pads and bits of paper. It was a sound investment and the phone app for scanning is great. I can scribble all i want and only save the important bits. I’d highly recommend this.
https://kickstarter.com/projects/...
you can buy it on amazon.
its not an advert, it helped me stay organised and just wanted to share with the community.2 -
i feel like machine learning is gonna be redundant when used for high level analytics:
`starting up…
scanning through every rant of every user…
analytics found: the score and is in correlation to the sum of the ++ for every rant’
🙄1 -
got first assignment on my first meet on Network Security. it require to pentest one unsecured specified website. yet they don't tell me shit about anything just try it.
i need to :
1. Footprint
2. Scanning
3. Enumeration
4. Gaining Access (previledges raising?) (bonus)
suppose : <target-website> is x
i've done this:
1. whois x
2. got the ipaddress via :
host x
3. nmap -F ip.of.x
my head is already spinning, i need to know what BASICLY each of what i've done. i only get that 'whois' get the information about that domain, 'host' is used to know the target ip address and nmap to find what are the open ports. i don't know what else should i do. need help :(13 -
I know I am probably late to the facebook drama, but I think taking out of this all is just how genius and evil all those collector companies are.
I would have probably never thought of collecting data off of mechanical turks and quick jobbers, but they did not only think of it, they deployed their system across multiple jobs, scanning more and more data in from all those connected logins, for less than a dollar per profile, which generates atleast 300 profiles on average.
The real question is why is it allowed for a third party app to actually access all that? even if there's a permission for that, why would such exist?
I really can't see why any application would need access to likes, shares, all friends, all their profiles etc. -
What's the worst thing that happened to you today?! 🥲 😕
For me, it is, accidentally putting my node_modules folder into antivirus for scanning!! 😭 😩
I don't know whether I can use my antivirus ever again ... 🥺 😞9 -
GitHub has launched Codespaces : A feature that lets you code directly on the web {as a virtual Integrated Development Environment (IDE) on the cloud}.
According to the Github Blog: Earlier, to contribute to a project you would need to make a pull request and set up the environment on your local machine according to the requirements of a project. With Codespaces, you don't need to do that anymore. As soon as you click on the code button, the website sets up the environment in seconds.
In addition to Codespaces, GitHub is also launching Discussions : A forum-like feature that lives under your project that allows others to engage with you and other contributors.
Code scanning : With code scanning enabled, every git push is scanned for new potential security vulnerabilities, and results are displayed directly in your pull request.19 -
!rant
So thanks for whoever pointed out my mistake with the “!” operator.
I tried to be devcool but i failed ;) but im allgood now!
Getting to the topic:
After scanning people's opinion here i have decided to learn C.
I have done js react and html css for the last year and have an okay grasp on it but i want to learn more.
Mainly:
-security
-network
-memory and ressources
Im a noob ant ive only scratched the surface. Im gonna be soon working on databases and backend java to master the functioning of a backoffice with its API and the handling of form and crud automisation (i probably am not using all the right words. I am learning and being told what to do).
Am i helping myself with C and if so any tutorial advice or good teaching resource that could be advised to me.
Thanks ;)6 -
Fucking fuckwits! I sent a digital contract to sign online via hellobonsai.com. The client said he hadnt recieved it. After resending and pestering him he finally signed it, but not in the way a normal person would. He printed it out, all of it, signed it, scanned it and generated a pdf to which he emailed back to me. It would have taken 3 seconds to digitally sign it. I wondered if his secretary had done all the scanning and shit.
-
So I’ve asked my Unis infrastructure guys via mail, why we don’t use the digital id with our phone additional to our RFID Badge.
One of those (maybe a moron, I don’t judge yet, see question below) replies, that they would need to replace all readers “as current ones rely on RFID scanning chips” and they are not sure how US Unis implemented it.
Thing is, that when I hold my iPhone SE 2020 next to the reader, my phone shows my credit card to use for Apple Pay.
Doesn’t that mean, that they use compatible RFID frequencies ?
I’m not an iOS dev, so maybe someone can help me out. Any info appreciated!11 -
I was scanning over a dreadful code base I had to work on and found SQL injection vulnerabilities. THE SITE WAS LAUNCHED IN 2017!!!! 😢2
-
After brute forced access to her hardware I spotted huge memory leak spreading on my key logger I just installed. She couldn’t resist right after my data reached her database so I inserted it once more to duplicate her primary key, she instantly locked my transaction and screamed so loud that all neighborhood was broadcasted with a message that exception is being raised. Right after she grabbed back of my stick just to push my exploit harder to it’s limits and make sure all stack trace is being logged into her security kernel log.
Fortunately my spyware was obfuscated and my metadata was hidden so despite she wanted to copy my code into her newly established kernel and clone it into new deadly weapon all my data went into temporary file I could flush right after my stick was unloaded.
Right after deeply scanning her localhost I removed my stick from her desktop and left the building, she was left alone again, loudly complaining about her security hole being exploited.
My work was done and I was preparing to break into another corporate security system.
- penetration tester diaries2 -
So yes, Microsoft is scanning my emails for keywords. I tried to send an email using the word PFA and did not attach any file. It gives a pop up to attach one.
3 -
I've been wondering about renting a new VPS to get all my websites sorted out again. I am tired of shared hosting and I am able to manage it as I've been in the past.
With so many great people here, I was trying to put together some of the best practices and resources on how to handle the setup and configuration of a new machine, and I hope this post may help someone while trying to gather the best know-how in the comments. Don't be scared by the lengthy post, please.
The following tips are mainly from @Condor, @Noob, @Linuxxx and some other were gathered in the webz. Thanks for @Linux for recommending me Vultr VPS. I would appreciate further feedback from the community on how to improve this and/or change anything that may seem incorrect or should be done in better way.
1. Clean install CentOS 7 or Ubuntu (I am used to both, do you recommend more? Why?)
2. Install existing updates
3. Disable root login
4. Disable password for ssh
5. RSA key login with strong passwords/passphrases
6. Set correct locale and correct timezone (if different from default)
7. Close all ports
8. Disable and delete unneeded services
9. Install CSF
10. Install knockd (is it worth it at all? Isn't it security through obscurity?)
11. Install Fail2Ban (worth to install side by side with CSF? If not, why?)
12. Install ufw firewall (or keep with CSF/Fail2Ban? Why?)
13. Install rkhunter
14. Install anti-rootkit software (side by side with rkhunter?) (SELinux or AppArmor? Why?)
15. Enable Nginx/CSF rate limiting against SYN attacks
16. For a server to be public, is an IDS / IPS recommended? If so, which and why?
17. Log Injection Attacks in Application Layer - I should keep an eye on them. Is there any tool to help scanning?
If I want to have a server that serves multiple websites, would you add/change anything to the following?
18. Install Docker and manage separate instances with a Dockerfile powered base image with the following? Or should I keep all the servers in one main installation?
19. Install Nginx
20. Install PHP-FPM
21. Install PHP7
22. Install Memcached
23. Install MariaDB
24. Install phpMyAdmin (On specific port? Any recommendations here?)
I am sorry if this is somewhat lengthy, but I hope it may get better and be a good starting guide for a new server setup (eventually become a repo). Feel free to contribute in the comments.24 -
If only more devs would use short, yet concise, modern constructs instead of archaic ones.
For example in C#: using lambdas, extension methods, LinQ,.. much easier to read through if you know how these work, rather than having to spend all day scanning tedious for-loops and over-engineered classes your colleagues wrote who don't know any better.
Examples:
vs.foreach(v => console.write(v));
initialList = secondList.Where(p => initialList.Contains(p, valueComparer))
.Concat(initialList.Where(p => !secondList.Contains(p, valueComparer))).ToList(); -
And there I was thinking Maven is going to make life simpler, with this granular dependency management and IDE independence (no extraneous classpath and module management required). But wait, it turns out that to run simple Ant task I need all my dependencies to have *.pom. Every. Fricking. Dependency.
I mean, sure, only if I knew which sub-dependencies they all had, but that seems like heck a lot of work to make external JAR libraries to work with Maven process.
WHY TODAY? Yesterday I had no issue: uploaded few libraries in corporate repository, refreshed index, dependencies downloaded, even had time appending javadoc to one of them and it worked. But today is the day, right? I just run simple task with maven-antrun-plugin (mvn antrun:run@<executionID>), and it starts scanning each dependency for *.pom file. I DON'T WANT THIS. Google, help me. Oh, no direct answers and clues?
Just... fuck you, Maven. With all 2 days effort I could just litter in IDE's classpath, write build.xml in no time, make normal webservice, but that would require me to also litter sources with required libraries. FML!4 -
Hello.. This is my first rant..
Got an Idea but not sure how to proceed..
A server machine has antivirus and all client machine don't have AV. So I will use the server machine to scan files of client machine.
I implemented this idea using Java EE with the help of windows defender (using cmd via js code). Problem is that I am scanning only file at a time.
How to upload and scan a whole folder/drive?2 -
Fucking windows not releasing my hard drive. I was in a kind of a hurry, but you just have to be a pain in the arse. Now I even have to wait for you to fix an indexing error for something I did not agree to?
FUCKING BULLSHIT, MY DUDE NEXT TO ME USING LINUX WAS USING IT JUST FINE!
I want enough time to replace this garbage.
By the time I got here, it finished scanning for errors. NO. FUCKING. ERRORS. FOUND. FUCKING. WASTE. OF. TIME. -
Hi guys,
im developing a medical app which is able track and remind you with your medication intakes. The app lets you scan the barcode of your pills.
For testing of the scanning i would need pictures of french (CIP) and spanish medication barcodes.
Would be super awesome if you guys and girls could send me a quick picture of the barcodes ❤️
Thank you6 -
Always nice coming into office with 4h of sleep, realizing you're the only developer in today, so all support stuff falls on me. Which is evenmore fun since I'm still a trainee and don't know everything yet.
Oh and I also spent 1h explaining the logistics/IT director how to generate a label to send off a package and then scanning said labels in. -
Scanning antennas TV channels again on my HDTV and now reviewing my catch (50 channels) and saw this, now in HD.
Looks so much better now then when I was a kid but also started to get a bit emotional
-
In reply to this:
https://devrant.com/rants/260590/...
As a senior dev for over 13 years, I will break you point by point in the most realistic way, so you don't get in troubles for following internet boring paternal advices.
1) False. Being go-ahead, pro active and prone to learn is a good thing in most places.
This doesn't mean being an entitled asshole, but standing for yourself (don't get put down and used to do shit for others, or it will become the routine) and show good learning and exploration skills will definitely put you under a good light.
2)False. 2 things to check:
a) if the guy over you is an entitled asshole who thinkg you're going to steal his job and will try to sabotage you or not answer acting annoyed, or if it's a cool guy.
Choose wisely your questions and put them all togheter. Don't be that guy that fires questions in crumbles, one every 2 minutes.
Put them togheter and try to work out the obvious and what can be done through google or chatgpt by yourself. Then collect the hard ones for the experienced guy and ask them all at once. He's been put over you to help you.
3) Idiotic. NO.
Working code = good code. It's always been like this.
If you follow this idiotic advice you will annoy everyone.
The thing about renaming variables and crap it's called a standard. Most company will have a document with one if there is a need to follow it.
What remains are common programming conventions that everyone mostly follows.
Else you'll end up getting crazy at all the rules and small conventions and will start to do messy hot spaghetti code filled with syntactic sugar that no one likes, included yourself.
4)LMAO.
This mostly never happens (seniors send to juniors) in real life.
But it happens on the other side (junior code gets reviewed).
He must either be a crap programmer or stopped learning years ago(?)
5) This is absolutely true.
Programming is not a forgiving job if you're not honest.
Covering up mess in programming is mostly impossible, expecially when git and all that stuff with your name on it came out.
Be honest, admit your faults, ask if not sure.
Code is code, if it's wrong it won't work magically and sooner or later it will fire back.
6)Somewhat true, but it all depends on the deadline you're given and the complexity of the logic to be implemented.
If very complex you have to divide an conquer (usually)
7)LMAO, this one might be true for multi billionaire companies with thousand of employees.
Normal companies rarely do that because it's a waste of time. They pass knowledge by word or with concise documentation that later gets explained by seniors or TL's to the devs.
Try following this and as a junior:
1) you will have written shit docs and wasted time
2) you will come up to the devs at the deadline with half of the code done and them saying wtf who told you to do that
8) See? What an oxymoron ahahah
Look at point 3 of this guy than re-read this.
This alone should prove you that I'm right for everything else.
9) Half true.
Watch your ass. You need to understand what you're going to put yourself into.
If it's some unknown deep sea shit, with no documentations whatsoever you will end up with a sore ass and pulling your hair finding crumbles of code that make that unknown thing work.
Believe me and not him.
I have been there. To say one, I've been doing some high level project for using powerful RFID reading antennas for doing large warehouse inventory with high speed (instead of counting manually or scanning pieces, the put rfid tags inside the boxes and pass a scanner between shelves, reading all the inventory).
I had to deal with all the RFID protocol, the math behind radio waves (yes, knowing it will let you configure them more efficently and avoid conflicts), know a whole new SDK from them I've never used again (useless knowledge = time wasted and no resume worthy material for your next job) and so on.
It was a grueling, hair pulling, horrible experience that brought me nothing in return execpt the skill of accepting and embracing the pain of such experiences.
And I can go on with other stories. Horror Stories.
If it's something that is doable but it's complex, hard or just interesting, go for it. Expecially if the tech involved is something marketable.
10) Yes, and you can't stop learning, expecially now that AI will start to cover more and more of our work.4 -
Tonic is the most fucked up app on iOS. It just straight up internally dies. As soon as you try scanning the piano it scans it in the wrong plane and doesn’t scan like the picture wants it to. Then it asks you to map the first key of the piano and it moves the key vertically instead of horizontal. If you scan it the other way it does the opposite plane. I just want to try a cool app for my phone and you call your app a functional app. How.
-
How did you get the people from Info Security and Compliance on board this continuous delivery thing ?
I am being asked to run antivirus scans on my own code and binaries as part of build.
Is this common practice? Am I missing something?
I am going to deploy stuff on Azure PaaS. I can understand having malware scan agent on azure VMs scanning the infra, but this?4 -
Fucking 3rd party virus scanning garbage on a mac ventura. Shuts down java. Awesome. I now live in clusterfuck city. Take that shit off my machine you paranoid security fuckwads.
-
Except COVID-19, Airport security is also scanning preflight requests and incoming traffic for CORS with its dated test kit (found this unused gem in an old PHP codebase):
-
Not a fan of the new avatars. Every avatar looks because is big yellow head and it feels confusing scanning through comments.6
-
I've had to update some 200 scanning devices on the only available computer old enough to still have the necessary connector. Over a serial connection that was so slow I could've probably written the firmware faster than updating it. It took me 14 hours to update all devices.
-
Remember in the Matrix how they learned things just by scanning a memory chip into their brain?
I think that's how learning programming languages should be...the technology should exist to make that happen :(1
Top Tags
Weekly Rant
View