Gordon Ramsey's Kitchen Nightmares but for development companies/teams. Please make it happen.

Recently started at a new job. Things were going fine, getting along with everyone, everything seems good and running smoothly, a few odd things here and there but for the most part fine.

Then I decided to take a look at our (public facing) website... What's this? Outdated plugins from 2013? Okay, that's an easy fix I guess? All of these are free and the way we're using them wouldn't require a lot of refactoring...

Apparently not. Apparently, we can't even update them ourselves, we have to request that an external company does it (which we pay, by the way, SHITELOADS of money to). A week goes past, and we finally get a response.

No, we won't update it, you'll have to pay for it. Doesn't matter that there's a CVE list a bloody mile long and straight up no input validation in several areas, doesn't matter that tens of thousands of users are at risk, pay us or it stays broken. Boggles the fuckin' mind.

I dug into it a bit more than I probably should have (didn't break no laws though I'm not a complete dumbass, I just work for em) and it turns out it's not just us getting fucked over, it's literally EVERYONE using their service which is the vast majority of people within the industry in my country. It also turns out that the entirety of our region is running off a single bloody IP which if you do a quick search on shodan for, you guessed it, also has a CVE list pop up a fuckin' mile long. Don't get me started on password security (there is none). I hate this, there's fucking nothing I can do and everyone else is just fine sitting on their hands because "nobody would target us because we're not a bank!!", as if it bloody matters and as if peoples names, addresses, phone numbers and assuming someone got into our actual database, which wouldn't be a fuckin' stretch of the imagination let me tell you, far more personal details, that these aren't enticing to anyone.

What would you do in my situation?
What can I even do?
I don't want to piss anyone senior off but honestly, I'm thinkin' they might deserve it. I mean yeah there's nothing we can do but at least make a fuss 'cause they ain't gunna listen to my green ass.

So I got a couple of C.H.I.P. single-board computers a good while back because Raspberry Pi Zero was always out of stock.

I named them pringles, the smooth and synthetic one with a GUI, and ruffles, the sturdier and rugged one with a headless OS.

...They still lack a definitive purpose in life.

TL; DR: Bringing up quantum computing is going to be the next catchall for everything and I'm already fucking sick of it.

Actual convo i had:

"You should really secure your AWS instance."

"Isnt my SSH key alone a good enough barrier?"

"There are hundreds of thousands of incidents where people either get hacked or commit it to github."

"Well i wont"

"Just start using IP/CIDR based filtering, or i will take your instance down."

"But SSH keys are going to be useless in a couple years due to QUANTUM FUCKING COMPUTING, so why wouldnt IP spoofing get even better?"

"Listen motherfucker, i may actually kill you, because today i dont have time for this. The whole point of IP-based security is that you cant look on Shodan for machines with open SSH ports. You want to talk about quantum computing??!! Lets fucking roll motherfucker. I dont think it will be in the next thousand years that we will even come close to fault-tolerant quantum computing.

And even if it did, there have been vulnerabilities in SSH before. How often do you update your instance? I can see the uptime is 395 days, so probably not fucking often! I bet you "dont have anything important anyways" on there! No stored passwords, no stored keys, no nothing, right (she absolutely did)? If you actually think I'm going to back down on this when i sit in the same room as the dude with the root keys to our account, you can kindly take your keyboard and shove it up your ass.

Christ, I bet that the reason you like quantum computing so much is because then you'll be able to get your deepfakes of miley cyrus easier you perv."

It is map of various devices connected over public IP to internet. Any interesting insights or comments that you can infer from this map?

I was bored so I fuzzed around on Shodan and found this piece of gold. GeoVision camera running on Linux 2.6.x (at least that's what Shodan said) and I'm on Firefox 64

Asking for a precise or accurate estimate is asking me to predict the future, which is essentially asking me to lie to your face.

And I'm a terrible liar. Please don't make me lie.

Building games for people to whom the expression "game design" evaluates to "game UI design", which a fancier way to say "a bunch of static slides with arbitrary screenshots"

Whenever you feel the need to rant about your project manager, always remember you'd wish you had one if you reported directly to the CEO.

I like to say programming is the art of "creative logic". Much like architecture has an aesthetic to consider or cooking has well-defined procedures with greatly varying inputs and outputs, there has to be room for creativity, be it at the planning stage or during wild improvisation sessions.

Without that creative aspect, software development sounds dreary to me.

Where science meets art is where the magic happens.

If only the artists shared this view and actually took an interest in the technical side...

Life is to take decisions. Which u prefer
Google vs Shodan vs 🦆 🦆 go
Angular vs vue vs react vs other
Gnome vs unity vs KDE
Atom vs vscode vs sublime or other
iOS vs android vs other
Natives bs ionic vs react native vs xamarin vs flutter
Gmail iCloud or outlook or proton mail
Camel, pascal ,snake case
C# or Java or python
Sql or not sql
Debian , fedora ,linux mint or kali
Server side rendering or client side
Aws vs gcloud vs Azure vs ibm cloud
Firefox vs chrome vs safari
Free without privacy or ads or paid without ads or privacy
Nintendo vs pc vs ps4 or xbox
WhatsApp or telegram or other
Sleep at night or not

Coment your favorite

TFW you know you're going to be seen as a sort of code anarch or unenlightened (foo)barbarian for even suggesting that there are other git workflows more suitable than GitFlow, but you do it anyway.

Saying that I keep my master unprotected feels like telling Grandma I worship Satan.

I work with a very small team that's always physically nearby, we all get along well, trust each other and communicate to know what everyone is up to, which I guess is hard to believe in and of itself, but is it so fucking hard to believe that we'd be okay without redundant eternal branches or a vomitload of unbisectable history-warping merge commits?

!rant

Software development has acquired some interesting jargon over the years, but I keep wondering if other languages and cultures have commonplace expressions for what can be translated as "improvisation-oriented programming" or "hammering code" (i. e. hacking something in a brutish way)

The W3C EME DRM debacle...guess we'll need a new internet soon 🤔

Honest question - when a company offers has an open source software product (in the name of transparency and whatnot), but offers it as a binary release as well for non-developers, what guarantee do you have that the release was *really* compiled from the source they provide?