Welcome back to practiseSafeHex's most incompetent co-worker!

*sitcom audience cheers*

Thank you, thank you. Ok so far we've had a developer from hell and a CEO who shot to fame for being the first rectum to receive a passport and be given a job.

2 pretty strong entrants if you ask me. But its time to slow it down and make sure everyone gets a fair chance. Its not all just about the psychopaths and assholes, what about the general weirdo's and the stoners who just made life awkward?

So here we go, Most incompetent co-worker, candidate 3, "A".

"A" was a bit of an unusual developer, despite having a few years experience in his home country, he applied for an unpaid internship to come work with us ... probably should have rang alarm bells but hey we were all young and dumb back then.

I had to say I felt very bad for A, as he suffered from 2 very serious, and job crippling personal conditions / problems

- Email induced panic attacks
- Extreme multifaceted attachment disorder (also known in layman terms as "get the fuck away from me, and do your job" syndrome)

While he never openly discussed these conditions, it was clear from working with him, that he had gone undiagnosed for years. Every time an email would come in no matter how simple ... even the services team asking to confirm his staff ID, would send him into a panic causing him to drop everything he was doing and like a homing missile find me anywhere in the building and ask me what to do.

Actually "A" also suffered from a debilitating literacy issue too, leaving him completely unable to read our internal wiki's himself. Every week we had to follow a set of steps to upgrade something and every week to mask his issue, he'd ask me what to do instead ... no matter how many times I sat with him previously ... must have been truly embarrassing for him.

But "A"'s finest moment in the company, by far, was the day where out of the blue, at the top of his voice (as if wearing headphones ... without wearing headphones) he asked

"DO YOU KNOW ANYONE WHO SELLS POT?"

... why no, manager of the entire department standing behind you, I do not

... why no, tech lead talking to manager, I do not

... why hello 50% of my team staring at me ... no "A", I do not!

Needless to say all our team meetings were a little awkward for the next few weeks after that but hey who doesn't like being thought of as a stoner / drug dealer by their team mates huh?

Will A make it to the top of the list of most incompetent? Well he has some truly logic defining competition yet to be announced.

Tune in later for more practiceSafeHex's most incompetent co-worker!!!

So, Facebook is acquiring Giphy. The amount of metadata they're about to get is fucking insane.

And since I refuse to personally use anything Facebook related... I won't be able to use the GIF integration of any messenger and many more products/services anymore, I guess...

Just fucking great. Fucking die, Facebook.

Biggest scaling challenge I've faced?

Around 2006~2007 the business was in double-digit growth thanks to the eCommerce boom and we were struggling to keep up with the demand.

Upper IT management being more hardware focused and always threw more hardware at the problem. At its worst, we had over 25 web servers (back then, those physical tall-rectangle boxes..no rack system yet) and corresponding SQL server for each (replicated from our main sql server)

Then business boomed again and projected the need for 40 servers (20 web servers, 20 sql servers) over the next 5 years. Hardware+software costs (they were going to have to tear down a wall in order to expand the server room) were going to be in the $$ millions.

Even though we were making money, the folks spending it didn't seem to care, but I knew this trajectory was not sustainable, so I started utilizing (this was 2007) WCF services and Microsoft's caching framework Velocity. Started out small, product lookup data (description, price, the simple stuff) and within a month, I was able to demonstrate the web site could scale with less than half of our current hardware infrastructure.

After many political battles (I've ranted about a few of those), the $$ won and even with the current load, we were able to scale back to 5 web servers and 2 sql servers. When the business increased in the double-digits again, and again...we were still the same hardware for almost 5 years. We only had to add another service server when the international side of the business started taking off.

Challenge wasn't the scaling issue, the challenge was dealing with individuals who resisted change.

It's maddening how few people working with the internet don't know anything about the protocols that make it work. Web work, especially, I spend far too much time explaining how status codes, methods, content-types etc work, how they're used and basic fundamental shit about how to do the job of someone building internet applications and consumable services.

The following has played out at more than one company:

App: "Hey api, I need some data"
API: "200 (plain text response message, content-type application/json, 'internal server error')"
App: *blows the fuck up

*msg service team*

Me: "Getting a 200 with a plaintext response containing an internal server exception"
Team: "Yeah, what's the problem?"
Me: "...200 means success, the message suggests 500. Either way, it should be one of the error codes. We use the status code to determine how the application processes the request. What do the logs say?"
Team: "Log says that the user wasn't signed in. Can you not read the response message and make a decision?"
Me: "That status for that is 401. And no, that would require us to know every message you have verbatim, in this case, it doesn't even deserialize and causes an exception because it's not actually json."
Team: "Why 401?"
Me: "It's the code for unauthorized. It tells us to redirect the user to the sign in experience"
Team: "We can't authorize until the user signs in"
Me: *angermatopoeia* "Just, trust me. If a user isn't logged in, return 401, if they don't have permissions you send 403"
Team: *googles SO* "Internet says we can use 500"
Me: "That's server error, it says something blew up with an unhandled exception on your end. You've already established it was an auth issue in the logs."
Team: "But there's an error, why doesn't that work?"
Me: "It's generic. It's like me messaging you and saying, "your service is broken". It doesn't give us any insight into what went wrong or *how* we should attempt to troubleshoot the error or where it occurred. You already know what's wrong, so just tell me with the status code."
Team: "But it's ok, right, 500? It's an error?"
Me: "It puts all the troubleshooting responsibility on your consumer to investigate the error at every level. A precise error code could potentially prevent us from bothering you at all."
Team: "How so?"
Me: "Send 401, we know that it's a login issue, 403, something is wrong with the request, 404 we're hitting an endpoint that doesn't exist, 503 we know that the service can't be reached for some reason, 504 means the service exists, but timed out at the gateway or service. In the worst case we're able to triage who needs to be involved to solve the issue, make sense?"
Team: "Oh, sounds cool, so how do we do that?"
Me: "That's down to your technology, your team will need to implement it. Most frameworks handle it out of the box for many cases."
Team: "Ah, ok. We'll send a 500, that sound easiest"
Me: *..l.. -__- ..l..* "Ok, let's get into the other 5 problems with this situation..."

Moral of the story: If this is you: learn the protocol you're utilizing, provide metadata, and stop treating your customers like shit.

First rant, please take pity on the noob! 😐

Recently I've secured many of my user accounts spread throughout the internet. Using the same old password for everything is bad for security and for mental health! 😫

Since I was on the mood, I've tried to do a 'break glass' scenario, simulating an attacker that possessed my Gmail account credentials. "How bad can it be?" I've thought to myself...

... Bad. Very bad. Turns out not only I use lots of oauth based services, I also wasn't able to authenticate back to Google without my pass.

So when you get home today, try simulating what would happen if someone got to your Google or Facebook account.

Makes you consider the amount of control these big companies have over your life 😶

To improve our user's "experience" I suggested to my boss to add a status page showing...well, the current status of our services. Everybody was up for it, so I go off and implement a basic version + automated monitoring backend, get lots of positive feedback, all seems fine.

Then it starts:

Boss: "Can you get it all set up by this Saturday?"
Me: "Uh, today is Wednesday and I've never set up all the stuff needed on a proper server before"
Boss: "Well, you still have a few days. Please also contact your coworker to get it all hooked up in our launcher"
Me: "I'll try, can't make any promises though"

Contact my coworker and tell him what the plan is. I had already given him access to the repo and he is positive to get it all hooked up (I doubt he ever cloned my repo, let alone ran my code)

Spend all Friday getting my stuff set up on the production server, feeling pretty good thanks to the many tutorials.

Contact the boss Friday evening:
Me: "All up and running"
Boss: "Thanks, but we decided to go with a basic HTML page instead. We can just manually edit that, should be enough.
Me: "..."

In the end my stuff was never used, the server I set up was finally taken down a month ago. The gratitude you get when not hacking together some absolute shit that causes problems when you don't add <br/> tags at the correct places to prevent an ugly overflow, cause the coworker was too lazy to implement some form of line wrap in the launcher. I'm not saying my stuff is the best of the best, but at least it was professional looking to a certain extent.

This is going to be a long rant, coz this is the only way to vent out my frustration against our tech head.

Yesterday, while our fucking twat tech head was playing around in company aws account, he terminated the production server. By mistake, apparently. Coz he doesn't know shit about server management. But that egoist ass won't admit and fucked the production server.

And then ran away. We developers sprang into action. Updated dns to point to staging server, setup virtual hosts, env files, point to prod database, force flush dns cache. All systems were up and running in 30 mins. And since it was staging server, it had lot of untested features and codes, and we spent rest of the day fixing the bugs.

And that tech head, who ran away hiding his tail between his legs, after he fucked the server, came back after systems were up. And started cracking jokes, that "so many features got released in 1 day" . "We cut server cost by shutting down 1 server."

We were struggling and working in full throttle to make the services running again. And that fuckity fucker was cracking jokes.

And I don't even know what excuse he gave to ceo for the downtime. I am pretty sure he would have made up some crappy excuse to hide his fucking mistake. That ass never admits his mistake. I am thinking to go to ceo today and tell the real story and get that faggot head fired or at least a strict warning.

Hello everyone, this is my first time here so hi! I want to tell you all a story about my current situation.

At 18 while in the military I was able to get my first computer, it was a small hp pavilion laptop with windows 7. The system would crash constantly, even though I would only use it for googling stuff and using fb to talk to people. 5 months after I got it and continuously hated it decided to find out why and who could I blame (other than myself) for the system making me do the ctrl alt del dance all the time....

Found out that there are people called computer programmers that made software. Decided to give it a go since I had some free time most days. Started out with c++ because it was being recommended in some websites. Had many "oh deeeeer lord" moments. After not getting much traction I decided to move to Java which seemed like an easier step than C++. Had fun, but after some verbosity I decided to move into more dynamic lands. Tried JS and since at the time there was no Node and I was not very into the idea of building websites I decided to move into Python, Ruby, PHP and Perl and had a really great time using and learning all of them. I decided to get good in theoretical aspects of computer programming and since I had a knack for math I decided to get started with basic computer science concepts.

I absolutely frigging loved it. And not only that, but learning new things became an obsession, the kind that would make me go to bed at 02:40 am just to wake up at 04:00 or 06:00 because the military is like that. I really wanted to absorb as much as I could since I wanted to go to college for it and wanted to be prepared since I did not wanted to be a complete newb. Took Harvard CS50, Standford Programming 101 with Java, Rice's Python course and MIT's Python programming class. I had so much fun I don't regret it one bit.
By the time I got to college I had already made the jump to Linux and was an adept Arch user, Its not that it was superior or anything, but it really forced me to learn about Linux and working around a terminal and the internals of the system to get what I want. Now a days I settle for Fedora or Debian based systems since they are easier and time is money.

Uni was a breeze, math was fun and the programming classes seemed like glorified "Hello World" courses. I had fun, but not that much fun, most of my time was spent getting better at actual coding. I am no genius, nor my grades were super amazing(I did graduate with honors though) but I had fun, which never really happened in school before that.

While in school I took my first programming gig! It was in ASP.NET MVC, we were using C#, I got the job through a customer that I met at work, I was working in retail during the time and absolutely hated it. I remember being so excited with the gig, I got to meet other developers! Where I am from there aren't that many and most of them are very specialized, so they only get concerned with certain aspects of coding (e.g VBA developers.....) and that is until I met the lead dev. He was by far one of the biggest assholes I had ever met in my life. Absolutely nothing that I would do or say made hem not be a dick. My code was steady, but I would find bugs of incomplete stuff that he would do, whenever I would fix it he would belittle me and constantly remind me of my position as a "junior dev" in the company saying things as "if you have an issue with my code or standards tell me, but do not touch the code" which was funny considering that I would not be able to advance without those fixes. I quit not even 3 months latter because I could not stand the dick, neither 2 of the other developers since the immediately resigned after they got their own courage.

A year latter I was able to find myself another gig. I was hesitant for a moment since it was another remote position in which I had already had a crappy experience. Boy this one was bad. To be fair, this was on me since I had to get good with Lumen after only having some exposure to Laravel. Which I did mentioned repeatedly even though he did offer to train me in order to help him. Same thing, after a couple of weeks of being told how much I did not know I decided to get out.

That is 2 strikes.

So I waited a little while and took a position inside another company that was using vanilla PHP to build their services. Their system was solid though, the lead engineer remains a friend and I did learn a lot from him. I got contracted because they were looking for a Java developer. The salary was good. But when I got there they mentioned that they wanted a developer in Java...to build Android. At the time I was using Java with Spring so I though "well how hard can this be! I already use Android so the love for the system is there, lets do this!" And it was an intense, fun and really amazing experience.

-- To be continued.

--- UK Mobile carrier O2's data network vanishes like a fart in the wind ---
One of the largest mobile carriers in the UK; O2 has been having all manner of weird and wonderful problems this morning as bleary eyed susbcribers awoke to find their data services unavailable. What makes this particular outage interesting (more so than the annoyingly frequent wobblers some mobile masts have) is that the majority of the UK seems to be affected.

To further compound the hilarity/disaster (depending on which side of the fence you're on), Many smaller independent carriers such as GiffGaff and Tesco Mobile piggy-back off O2's network, meaning they're up the stinky creek without a paddle as well. Formal advice from the gaseous carrier is to reboot your device frequently to force a reconnect attempt, Which we're absolutely sure won't cause any issues at all with millions of devices screaming at the same network when it comes back up.

Issue reports began flooding DownDetector at around 5am (GMT), With PR minions formally acknowledging the issue 2 hours later at 7am (GMT) via the most official channel available - Twitter. After a few recent updates via the grapevine (companies involved seems to be keeping their heads down at the minute) Ericsson has been fingered for pushing out a wonky software update but there's been no official confirmation of this, so pitchforks away please folks.

If you're in need of a giggle while you wait for your 4G goodness to return, You can always hop on an open WiFi network and read the tales of distress the data-less masses are screaming into the void.

Not just another Windows rant:

*Disclaimer* : I'm a full time Linux user for dev work having switched from Windows a couple of years ago. Only open Windows for Photoshop (or games) or when I fuck up my Linux install (Arch user) because I get too adventurous (don't we all)

I have hated Windows 10 from day 1 for being a rebel. Automatic updates and generally so many bugs (specially the 100% disk usage on boot for idk how long) really sucked.

It's got ads now and it's generally much slower than probably a Windows 8 install..

The pathetic memory management and the overall slower interface really ticks me off. I'm trying to work and get access to web services and all I get is hangups.

Chrome is my go-to browser for everything and the experience is sub par. We all know it gobbles up RAM but even more on Windows.

My Linux install on the same computer flies with a heavy project open in Android Studio, 25+ tabs in Chrome and a 1080p video playing in the background.

Up until the creators update, UI bugs were a common sight. Things would just stop working if you clicked them multiple times.

But you know what I'm tired of more?

The ignorant pricks who bash it for being Windows. This OS isn't bad. Sure it's not Linux or MacOS but it stands strong.

You are just bashing it because it's not developer friendly and it's not. It never advertises itself like that.

It's a full fledged OS for everyone. It's not dev friendly but you can make it as much as possible but you're lazy.

People do use Windows to code. If you don't know that, you're ignorant. They also make a living by using Windows all day. How bout tha?

But it tries to make you feel comfortable with the recent bash integration and the plethora of tools that Microsoft builds.

IIS may not be Apache or Nginx but it gets the job done.

Azure uses Windows and it's one of best web services out there. It's freaking amazing with dead simple docs to get up and running with a web app in 10 minutes.

I saw many rants against VS but you know it's one of the best IDEs out there and it runs the best on Windows (for me, at least).

I'm pissed at you - you blind hater you.

Research and appreciate the things good qualities in something instead of trying to be the cool but ignorant dev who codes with Linux/Mac but doesn't know shit about the advantages they offer.

So yesterday I deployed a build on our release environment and i had added a new rest api end-point which I needed to test.. A heads up though, its written in java spring and the entire flow consisted of too many calls/returns from various other java & python services.. Also to make things worse, the entire deployment is a really cumbersome process as you need to copy the build from one box to another..

After like almost 4-5 hours of debugging, adding logs left right & center, crazy upload speeds (yaa this is sarcastic) and frustation at its peak, I found the issue..

There was an if condition that was checking for equality between an enum constant & an enum in a request aaaannnnnddd

*Drum roll

THE CONSTANT ENUM BELONGED TO THE WRONG PACKAGE HENCE ALWAYS EVALUATING TO FALSE... ALSO, BOTH THE ENUMS IN THE DIFFERENT PACKAGES ARE IDENTICAL... FUCCKKKKKKK MY LIFE

😑🔫

You know. I have mixed feelings on the way people have been reacting to senzory's rant regarding the way he deals with clients. Some people believe that he is unethical, some people see it as just business(me included) but to see what the community says is somewhat interesting.

First, let me be clear on something: i have been fucked over by clients many times for being a nice guy and trying to play it nicely.

Because of this I am selective of who deserves good treatment and who gets to fuck off. But regardless of the client I do the same thing: regardless of who it is, nice or otherwise. If a project will take 1 week to complete then I tell them that it will take 3 to 4 weeks. Why? Well because I have many things on my plate, I am married and have two children, one lives with me and I try to spend as much time with them as I can. I work from 8 to 6, sometimes later and when I get home I sometimes don't do shit since at work I maintain the web services of 2 fucking college campuses.
I don't look for my clients. Through word of mouth they come to me. And being in a privileged position(there are about 5 devs here and they all suck) they can either do with my times and fees or can fuck off over the border where Pedro will do their shit on vbscript and classic ASP(which I like, but you know why this is not an option in 2018)

Apps can be sold for large quantities of money, regardless of what their use case is, if a company wants to outsource their apps to an external developer(such as yours truly) that means that they are willing to play the game. And that is what business is: a game, a survival game.

Where I live, a company will not think twice of firing a single mother for whatever reason. In the U.S of A, and specially in Texas, you can be fired for whatever reason. I have automated people's jobs without knowing it, I have made people lose their jobs and saved companies thousands with my apps. Things like that were not know to me, had I known that someone would have lost their jobs I would have tried differently.

If a company is willing to tell employees(loyal employees) to fuck off, then i do not regret charging what I do and hustling the way I do with rat faced dickheads that care not for people. If I could I would destroy entire companies here. But that is for another story.

I have been used, insulted, gambled with and have been lied to, to my face by these companies. Which has left me jaded.

Oh now, trust me. I am still highly optimistic and nice. And if someone has a small business and I can help them out, then I will lower my rate and give positive vibes in the hopes of making things better through karma. I want to see the best in people. But this does not stop me from being a shark and giving quotes the way I do.

Because companies, as an overall entity are not people with the best intentions(sometimes) and they will not take your kindness, they will take advantage if possible in an effort to save money. Its just dickhead business.

So why, as a professional and privileged developer that obtained his skills through intense study and practice, a wizard by all means, should lower to these nameless, Faceless entities?
Why should i give them the fairness they do not give others? Why should I play the high morale game and come out as a loser?

At the end of the day, I get to swim in my own pool of success, knowing that they did not get the chance to fuck me over

So if you tell me that you took advantage of your hard earned skillset, and built a cross platform app(which compiles to native binaries) and sold 2 products for one, I will tell you that you are an excellent player at their game. If you tell me that you finished before and got to charge for 2 weeks of work doing just 2 days I will say that you are an excellent time manager. And if you tell me that at the end of the day you managed to keep said customer I will tell you that you are a true professional.

There is a difference lads, in selling a product to big momma jamma's cajun restaurant, to the largest logistics company around.

Be nice to those that desserve it.

I've recently received another invitation to Google's Foobar challenges.

A while ago someone here on devRant (which I believe works at Google, and whose support I deeply appreciate) sent me a couple of links to it too. Unfortunately back then I didn't take the time to learn the programming languages (Python or Java) that Google requires for these challenges. This time I'm putting everything on Python, as it's the easiest language to learn when coming from Bash.

But at the end of the day.. I am a sysadmin, not a developer. I don't know a single thing about either of these languages. Yet I can't take these challenges as the sysadmin I am. Instead, I have to learn a new language which chances are I'll never need again outside of some HR dickhead's interview with lateral thinking questions and whiteboard programming, probably prohibited from using Google search like every sane programmer and/or sysadmin would for practical challenges that actually occur in real life.

I don't want to do that. Google is a once in a lifetime opportunity, I get that. Many people would probably even steal that foobar link from me if they could. But I don't think that for me it's the right thing to do. Google has made a serious difference by actually challenging developers with practical scenarios, and that's vastly superior to whatever a HR person at any other company could cobble together for an interview. But there's one thing that they don't seem to realize. A company like Google consists of more than just developers. Not only that, it probably consists - even within their developer circles - of more than just Python and Java developers. If any company would know about languages that are more optimized such as C, it would be Google that has to leverage this performance in order to be able to deliver their services.

I'll be frank here. Foobar has its own issues that I don't like. But if Google were a nice company, I'd go for it all the way nonetheless - after all, they are arguably the single biggest tech company in the world, and the tech industry itself is one of the biggest ones in the world nowadays. It's safe to say that there's likely no opportunity like working at Google. But I don't think it's the right thing. Even if I did know Python or Java... Even if I did. I don't like Google's business decisions.

I've recently flashed my OnePlus 6T with LineageOS. It's now completely Google-free, except for a stock Yalp account (that I'm too afraid to replace with my actual Google account because oh dear, third-party app stores, oh dear that could damage our business and has to be made highly illegal!1!). My contacts on that phone are are all gone. They're all stored on a Google server somewhere (except for some like @linuxxx' that I consciously stored on device storage and thus lost a while back), waiting for me to log back in and sync them back. I've never asked for this. If Google explicitly told me that they'd sync all my contacts to my Google account and offer feasible alternatives, I'd probably given more priority to building a CalDAV and CardDAV server of my own. Because I do have the skills and desire to maintain that myself. I don't want Google to do this for me.

Move fast and break things. I've even got a special Termux script on my home screen, aptly named Unfuck-Google-Play. Every other day I have to use it. Google Search. When I open it on my Nexus 6P, which was Google's foray into hardware and in which they failed quite spectacularly - I've even almost bent and killed it tonight, after cursing at that piece of shit every goddamn day - the Google app opens, I type some text into it.. and then it just jumps back to the beginning of whatever I was typing. A preloader of sorts. The app is a fucking web page parser, or heck probably even just an API parser. How does that in any way justify such shitty preloaders? How does that in any way justify such crappy performance on anything but the most recent flagships? I could go on about this all day... I used to run modern Linux on a 15 year old laptop, smoothly. So don't you Google tell me that a - probably trillion dollar - company can't do that shit right. When there's (commercialized) community projects like DuckDuckGo that do things a million times better than you do - yet they can't compete with you due to your shit being preloaded on every phone and tablet and impossible to remove without rooting - that you Google can't do that and a lot more. You've got fucking Google Assistant for fucks sake! Yet you can't make a decent search app - the goddamn thing that your company started with in the first place!?

I'm sorry. I'd love to work at Google and taste the diversity that this company has to offer. But there's *a lot* wrong with it at the business end too. That is something that - in that state - I don't think I want to contribute to, despite it being pretty much a lottery ticket that I've been fortunate enough to draw twice.

Maybe I should just start my own company.

Watch out for these fucking bug bounty idiots.

Some time back I got an email from one shortly after making a website live. Didn't find anything major and just ran a simple tool that can suggest security improvements simply loading the landing page for the site.

Might be useful for some people but not so much for me.

It's the same kind of security tool you can search for, run it and it mostly just checks things like HTTP headers. A harmless surface test. Was nice, polite and didn't demand anything but linked to their profile where you can give them some rep on a system that gamifies security bug hunting.

It's rendering services without being asked like when someone washes your windscreen while stopped at traffic but no demands and no real harm done. Spammed.

I had another one recently though that was a total disgrace.

"I'm a web security Analyst. My Job is to do penetration testing in websites to make them secure."
"While testing your site I found some critical vulnerabilities (bugs) in your site which need to be mitigated."
"If you have a bug bounty program, kindly let me know where I should report those issues."
"Waiting for response."

It immediately stands out that this person is asking for pay before disclosing vulnerabilities but this ends up being stupid on so many other levels.

The second thing that stands out is that he says he's doing a penetration test. This is illegal in most major countries. Even attempting to penetrate a system without consent is illegal.

In many cases if it's trivial or safe no harm no foul but in this case I take a look at what he's sending and he's really trying to hack the site. Sending all kinds of junk data and sending things to try to inject that if they did get through could cause damage or provide sensitive data such as trying SQL injects to get user data.

It doesn't matter the intent it's breaking criminal law and when there's the potential for damages that's serious.

It cannot be understated how unprofessional this is. Irrespective of intent, being a self proclaimed "whitehat" or "ethical hacker" if they test this on a site and some of the commands they sent my way had worked then that would have been a data breach.

These weren't commands to see if something was possible, they were commands to extract data. If some random person from Pakistan extracts sensitive data then that's a breach that has to be reported and disclosed to users with the potential for fines and other consequences.

The sad thing is looking at the logs he's doing it all manually. Copying and pasting extremely specific snippets into all the input boxes of hacked with nothing to do with the stack in use. He can't get that many hits that way.

It was my first time in Berlin. I came as a tourist but started looking for a workplace, with hopes of getting a blue card and continuing work.

I searched online, going through some hiring platforms, and sent out a few messages around. I felt a special connection (I thought I was exactly who they needed), and wrote them a carefully crafted letter of intention alongside my lavish CV.
They got back to me, and I was given this task, to do while at home. I completed it, had a phone interview, and was invited on-site for a face to face interview. Everybody felt warm, I felt a connection. We already talked salary expectations, and all was going great.

They told me they'd get back to me for the next stage. ...
and they actually DID. Yes, they did!
They invited me for a second interview, but this time to prepare a technical topic to present. So I did. I picked one of the 3 topics they offered, which was about performance optimization. I had recently read materials about that, so I felt really empowered.
So far nobody told me what I was supposed to be doing at the new job, I only knew the technologies required, and what the company did for money.
I prepared a thorough presentation, with practical demos of why some things are bad for performance. While I was showing it, many people in the room were learning about this for the first time, which means I did good. The team lead had some extra questions that I wasn't able to answer in full (needed some research), but otherwise it was great.

The CTO then asked me out to lunch, to talk over some more stuff, and we had a general discussion about what drives us, our life story, etc. He said that he'd really like me to be part of the team, and that he's looking forward to working with me.

So I've been at it for almost a month. I've met everyone, got acquainted with the team, knew the biography of some of them, proven my worth, etc. I was ensured with body language, and verbal language that everything was going great. As careful as I was with this kind of stuff, I was positive that I'd get the job. I even started planning my trips, to get the documents ready.

And then I got a message stating the usual stuff "Thank you bla bla bla we don't think we'll need your services". I was shocked, but in good faith I wanted to reply something along the lines "I'm sorry it didn't work out, all the best in finding what you're looking for", but I found out that I was blocked from contacting them.

That's right. Rejected + blocked. After a month of fucking foreplay. I get rejection, even though it hurts. But being blocked?! That's just insane!

Recent life lessons:
◆ Do not buy a domain name without obfuscating your contact information, lest you want to be harried by people offering to provide their services to “grow your business”

◆ Do not change descriptions on your most recent experience that’s set to be ongoing on LinkedIn without making note of the “notify your followers” toggle, lest you wish LinkedIn to post on your behalf a message urging people to congratulate you on your new position. A post which you cannae delete. And lo, if you comment upon it urging well-wishers to not comment upon it or offer congratulations as it is not what it appears, witness the lack of good that doth do. Resort to canned response to DMs explaining the situation and urging the well-wisher to learn from your misfortune. (I find it really difficult to not politely respond to folk. It was a good two days of like 50+ messages.)

◆ If you have a career coach that tells you to connect to as many people as possible on LinkedIn and accept connection requests, perhaps just don’t follow that advice. My second career coach was like “That doesn’t even make sense” “I KNOW!” ... I have so many LinkedIn connections. But I cannae just prune the list because it would take for freaking ever to figure out who was who and who I really still wanted to connect with. *sigh* 900+ is too many. And I have over 100 requests I haven’t even gotten around to looking at.

Me: develops my first android app with firebase by google.
Me: finishes app, tests it and it works.

Firebase after 3 months: we were first going to scale our servers on our own based on how many people are simultaneously using your app. But now fuck you, we will have a cap of 100000 simultaneous users.

Me: fuck this kills my app if it scales. Have to Shard everything on the db side and overhaul the entire app to work will multiple db instances. Takes a month.

Android after 6 months: dude your app is working fine without any hiccups. Let me fuck it up. We will stop all your services when your app is not running or backgrounded. Also we will make it illegal to start services in this case and we will throw exceptions.

Me: what the actual fuck. They now want me to focus on a JobScheduler, fine... But now even intent services won't work properly. So use a job scheduler to start a JobIntentService which is essentially another job scheduler for queuing. wtf android.

Ps solved it and works again.

PS: WAITING FOR ANDROID TO FML WITH ANOTHER NEW VERSION. Maybe they'll say you can't run your app at all now

Inmates are trying to take over the asylum again.

Got a message from the web team manager deeply concerned because since switching to the new logging framework, the site is significantly slower.

She provided no proof or any data to what 'significantly slower' means.

#1 The 'new logging' has been in place and logging for 5 years. We only recently depreciated the ILogger interface ('new' ILogger interface only has 1 method instead of 5)
#2 The 'old logging' was modified 5 years ago, so even if you were using the 'old' interface, the underlying implementation is still the same.

She tried to push the 'it wasn't this slow before' argument, so I decided to do some fact based analysis.
Knowing they deployed their logging changes couple of weeks ago, I opened up AppDynamics, looked at the average call time to Splunk (along with a few other http calls they are doing)
- caching services - 5ms
- splunk - 30ms
- Order Service - 350ms
- Product Data Service -525ms

Then I look at the data they are logging, for the month of June, over 5 million messages. At 30ms each, that's almost 42 hours spent logging errors...yes errors. Null reference exceptions, Argument exceptions, easily fixable stuff.

So far for the month of July (using the 'new' logging), almost 2.5 million errors. Pretty close so far with June's numbers.

My only suggestion was to fix the bugs in their code so they don't log so many errors.

Her response.."Can we have one of our developers review your logging code? We believe we can find ways to optimize the http requests"

Oh good Lord. I'm not a drinking man..but ...I might start.

Best code performance incr. I made?

Many, many years ago our scaling strategy was to throw hardware at performance problems. Hardware consisted of dedicated web server and backing SQL server box, so each site instance had two servers (and data replication processes in place)

Two servers turned into 4, 4 to 8, 8 to around 16 (don't remember exactly what we ended up with). With Window's server and SQL Server licenses getting into the hundreds of thousands of dollars, the 'powers-that-be' were becoming very concerned with our IT budget. With our IT-VP and other web mgrs being hardware-centric, they simply shrugged and told the company that's just the way it is.

Taking it upon myself, started looking into utilizing web services, caching data (Microsoft's Velocity at the time), and a service that returned product data, the bottleneck for most of the performance issues. Description, price, simple stuff. Testing the scaling with our dev environment, single web server and single backing sql server, the service was able to handle 10x the traffic with much better performance.

Since the majority of the IT mgmt were hardware centric, they blew off the results saying my tests were contrived and my solution wouldn't work in 'the real world'. Not 100% wrong, I had no idea what would happen when real traffic would hit the site.

With our other hardware guys concerned the web hardware budget was tearing into everything else, they helped convince the 'powers-that-be' to give my idea a shot.

Fast forward a couple of months (lots of web code changes), early one morning we started slowly turning on the new framework (3 load balanced web service servers, 3 web servers, one sql server). 5 minutes...no issues, 10 minutes...no issues,an hour...everything is looking great. Then (A is a network admin)...
A: "Umm...guys...hardly any of the other web servers are being hit. The new servers are handling almost 100% of the traffic."
VP: "That can't be right. Something must be wrong with the load balancers. Rollback!"
A:"No, everything is fine. Load balancer is working and the performance spikes are coming from the old servers, not the new ones. Wow!, this is awesome!"
<Web manager 'Stacey'>
Stacey: "We probably still need to rollback. We'll need to do a full analysis to why the performance improved and apply it the current hardware setup."
A: "Page load times are now under 100 milliseconds from almost 3 seconds. Lets not rollback and see what happens."
Stacey:"I don't know, customers aren't used to such fast load times. They'll think something is wrong and go to a competitor. Rollback."
VP: "Agreed. We don't why this so fast. We'll need to replicate what is going on to the current architecture. Good try guys."
<later that day>
VP: "We've received hundreds of emails complementing us on the web site performance this morning and upset that the site suddenly slowed down again. CEO got wind of these emails and instructed us to move forward with the new framework."

After full implementation, we were able to scale back to only a few web servers and a single sql server, saving an initial $300,000 and a potential future savings of over $500,000. Budget analysis considering other factors, over the next 7 years, this would save the company over a million dollars.

At the semi-annual company wide meeting, our VP made a speech.

VP: "I'd like to thank everyone for this hard fought journey to get our web site up to industry standards for the benefit of our customers and stakeholders. Most of all, I'd like to thank Stacey for all her effort in designing and implementation of the scaling solution. Great job Stacy!"
<hands her a blank white envelope, hmmm...wonder what was in it?>

A few devs who sat in front of me turn around, network guys to the right, all look at me with puzzled looks with one mouth-ing "WTF?"

Booked an Uber...
ETA: 10 minutes...
*Checks 4 minutes later*
ETA: 12 minutes...
*Calls the driver to confirm pick up*
*waits for another 4 minutes*
ETA: 8 minutes
*Types in this rant with passive aggression*
ETA: 10 minutes...

So, I've waited 10 minutes after an initial ETA of 10 minutes and now I gotta wait 10 minutes extra.

Arggghhhhhh!

I'm not sure who the fuck is at fault here?
The devs? The ones who design the flow? The ones handling the execution at low levels?
Or us, the customers who keep on coming back to their services succumbed to the fact that we don't have many options!

Update: I've had to wait for half an hour till my cab could reach me.
HALF AN HOUR = Practically the time it would have taken me to walk to the cab!

Not necessarily ignorant, but funny.
Before my current job I used to work for a company that provided software services to logistic type corporations, import export and all that jazz.

I was asked to generate an admin interface that would allow people to enter scans from different products, sort them in the right place and update the main interface. During the time we were using Classic ASP with VBScript. There, AJAX and similar functionality can get quite tricky, but definitely doable if you know what you are doing, VBScript has many limitations when compared to something like PHP for example. But thus the application was created in about a week once everything was sorted and then the storage manager came back to ask me if I could put a spinner or something in it to show that the information was loading. I asked him if the information was not being updated accordingly or if there were similar issues to that extent.

He said "no, it is working perfectly and I have no problem with the functionality, but these morons keep trying to scan shit because they can't tell if something is being populated into the main table in the interface because it all happens so quickly" Me: "well it is a very simple process, if you want I can add some sort of additional message to that or a spinner or something of the like that would show for two seconds or something, just so they can get some visual clarification"

Him: "This is a pretty stupid thing isn't it?". Me: Yes. Him: "I am so sorry to ask for this, how long will it take you?" Me: "Lol give me about 30 mins maybe less, it is no problem really, let me get this out of the way so that your people can get to it without loosing anymore time"

Such things are the reason why they literally brought me to the head of the company when I told them that I was leaving in an effort for him to try and convince me to stay. I was not to be contracted into their service anymore, but a full time employee. It was nice for them to ask really, but I declined in favor of the benefits I get from my current company.

To this day I think its funny and they remember as well.

I wish I can fucking clone myself.

We have been providing digital marketing services for like 5 years without having a proper QA team. Well because we cannot afford to hire one. Technically I am supposed to check and control the quality of our operation team. But I have been juggling so many balls and couldn't do that properly.

So this year we decided that we have to seriously take care of that. But we are providing all kinds of services and creating a QA team for all those services is gonna be costly. We wanna solve it, but also doesn't wanna hang ourselves with another rope. So we have decided to just found a QA team with leaders from various departments mainly Sales and Customer Services. They are the ones who have talked with clients. So they should be able to judge the quality of the services our operation made.

It is a fucking nightmare. It is like we have doubled the amount of clients. And that extra half of those newly popped up clients are sitting in our office.

Welp, its official, with Debian Buster adoption into our mainline, we are officially switching from Sys-V-Init to SystemD.

I still do not know how I feel about it.

From the professional point of view - Its a relief. SystemD has so many more neat features that make the life of a sysadmin easier. If any, I love that it tracks the uptime of a service, making it incredibly easy the last time it crashed / restarted...

On the other... I just... Am kind of afraid where the whole systemd environment will go with time... And... I guess... I am also worried about how much systemd is taking over in the system itself... It will mean learning quite a few new services, debugging routines and such...

A new era of GNU/SystemD/Linux is upon us.

So google maps APIs will now basically be a pay to play, like many other services of google, is there any actually good alternative for getting long+lat and distance matrix for free?

Been developing a Java app for 3 months, including basically everything from aop to rest services.

Meeting with po:
Me: So, guess how many loc I wrote.
Po: 400?
Me: *laughs* I'll get to 10.000 this week.

MAN COMES IN WITH CHANGING REQUIREMENTS ON AN HOURLY BASIS YET STILL DOESNT UNDERSTAND HOW MUCH WORK ALL THIS SHIT IS!!

So, with couple of new people in senior managerial roles, pink slips started flying left and right before the holiday season. That didn't happen before in the company. It's still relatively small and when people left that was for better paid or more interesting work.

While I can understand that from the business perspective and especially for a few who might have been considered dead weight (devs and other roles), I have a serious problem with the way it was handled. It's one of those 5 minute notices. If we weren't remote, I guess escorting out by security would follow.

Most recent person to go is actually one of the most senior devs at the position that became redundant over time, as it clashed in the "pyramid" with another dev. He was involved in many aspects of the product and greatly contributed to the overall success during years of hard work, i'd say maybe more than any of us.

He didn't fuck up anything major as far as I know, his services were just not needed anymore, compared to the other guy. Saving money. I get that.

At T-1 day he prepared a demo of his project. Meetings, Slack, everything as usual. Next thing we got was a "we wish him well in future endeavours" e-mail.

What I find most disturbing is the fact his account was removed immediately, and then we were asked to get any files and anything else we might need, all over personal communication channels (private e-mail, Skype etc.) because he was locked out of all company accounts.

I seem to have have survived this year. One thing they have definitely achieved, based on some off the record chat and some public updates, tweets etc I can see, is for many of us to start networking, polishing CVs and generally stop giving many fucks about the company and the outcome.

I've myself started brushing up on some new skills (stacks) and some old ones (algorithms, etc.) I may need any day now, as it seems.

If they can basically tell "thank you and fuck off" to one person maybe most involved with the company growth, with zero dignity and respect for the person, then fuck them.

I hate trying to shop on sites powered by services like Shopify. Especially sites that have so many fucking plugins that pop up every 3 to 5 seconds asking me a fuck ton of questions.

For fuck sake!
Fuck locatefamily.com, just searched out on google my name and surname, both foreign and hard to even spell out for many, and it's the first time that I saw my data(where did I live, my current work phone number, name and surname) open wide as the second link of my search, fuck!

But there's a clue, at that address I lived for a not so long period, so I did search my emails in that period and other than my employers and government emails(in which I don't trust either), here's a list of companies that had my info(partial or full):
Only address(with name and surname):

Amazon.it with 14 other companies(for shipping)
eBay with 4 other companies(for shipping)
voxelfarm.com
trenord.it
DUMA (LIGHT) di Adel
decathlon.com
gruppoargenta.it
paypal.it

All info:
gearbest.com
glistockisti.com
oculus.com
Banggood.com

Overall there are 33(including government, employers and national main mail service) potential leaks of that data, with 7 in full exposure.

After this, I'm thinking how it's even avoidable to not leak personal data, because from any of those businesses I got goods or services that otherwise I couldn't without exposing such informations... fuck.

More of a rave than a rant.

My Dad was having some trouble with a game disconnecting on the PS4 and he read somewhere that it might be a problem with our home router. I didn't think it would be, as every other game works fine. But there was no talking him out of it. And to be fair the current router WAS kind of old.

So I have a look at the one he's decided to buy and it's some massive triple-antenna beast for well over a hundred pounds. I felt like such a weapon might be overkill for 2 people in a house, but did say that it would definitely help with connection issues in some rooms and I kind of wanted to play with it.

So he got it and oh am I glad he did. It has so many fun toys, including a built in VPN. Right now I live abroad so there's a few services I used at home that I can't access, I was literally just considering buying a vpn the other day. I found this while setting up port-fortwarding for my Raspberry Pi to run a discord bot I'm building. I had condisered putting a VPN server on the Pi but this works too!

It also has built in DDNS from ASUS, which IS cool, but our IP hasn't changed in years so I'm not sure we'll need it. I set it up anyway just in case though!

Our school had for an open source way of dealing with home schooling and managing the school network and so on.

Now the government forced a "proprietary" system on our school and everyone hates it. The teachers didn't want it the pupils didn't want it but who cares "what we do is the best".

Btw the proprietary system costs a fuck load of money even though they just mixed many open source projects and made it their own proprietary thing.
And this company now get's loads of money for their shitty system that never really worked once since we got it.

They blocked so many ip's that we can't even access google and it's services on the school wifi and the bandwith dropped severely with the new system.

Oh and many random ip's e.g. one of my vps is accessible but the other one not.
Discord is blocked.
Web whatsapp.
And so on...

Now....

I need to learn for tests next week and need to access that stuff on the portal but...

Now they decided to switch the LDAP server to the new system and since a few hours i can't access this fucking thing.

It seems like the platform now contacts the new server which isn't even up and running....

Never change a fucking running system....

Oh and we got smart boards and it runs on android and they didn't block adb. Now i installed clash of clans on one of those things. Haha whoops.
These boards cost 7000€ and have security patches from 2 years ago....and Android 8

It all started with an undelivereable e-mail.

New manager (soon-to-be boss) walks into admin guy's office and complains about an e-mail he sent to a customer being rejected by the recipient's mail server. I can hear parts of the conversation from my office across the floor.

Recipient uses the spamcop.net blacklist and our mail was rejected since it came from an IP address known to be sending mails to their spamtrap.

Admin guy wants to verify the claim by trying to find out our static public IPv4 address, to compare it to the blacklisted one from the notification.
For half an hour boss and him are trying to find the correct login credentials for the telco's customer-self-care web interface.
Eventually they call telco's support to get new credentials, it turned out during the VoIP migration about six months ago we got new credentials that were apparently not noted anywhere.

Eventually admin guy can log in, and wonders why he can't see any static IP address listed there, calls support again. Turns out we were not even using a static IP address anymore since the VoIP change. Now it's not like we would be hosting any services that need to be publicly accessible, nor would all users send their e-mail via a local server (at least my machine is already configured to talk directly to the telco's smtp, but this was supposedly different in the good ol' days, so I'm not sure whether it still applies to some users).

In any case, the e-mail issue seems completely forgotten by now: Admin guy wants his static ip address back, negotiates with telco support.
The change will require new PPPoE credentials for the VDSL line, he apparently received them over the phone(?) and should update them in the CPE after they had disabled the login for the dynamic address. Obviously something went wrong, admin guy meanwhile having to use his private phone to call support, claims the credentials would be reverted immediately when he changed them in the CPE Web UI.

Now I'm not exactly sure why, there's two scenarios I could imagine:
- Maybe telco would use TR-069/CWMP to remotely provision the credentials which are not updated in their system, thus overwriting CPE to the old ones and don't allow for manual changes, or
- Maybe just a browser issue. The CPE's login page is not even rendered correctly in my browser, but then again I'm the only one at the company using Firefox Private Mode with Ghostery, so it can't be reproduced on another machine. At least viewing the login/status page works with IE11 though, no idea how badly-written the config stuff itself might be.

Many hours pass, I enjoy not being annoyed by incoming phone calls for the rest of the day. Boss is slightly less happy, no internet and no incoming calls.

Next morning, windows would ask me to classify this new network as public/work/private - apparently someone tried factory-resetting the CPE. Or did they even get a replacement!? Still no internet though.
Hours later, everything finally back to normal, no idea what exactly happened - but we have our old static IPv4 address back, still wondering what we need it for.

Oh, and the blacklisted IP address was just the telco's mail server, of course. They end up on the spamcop list every once in a while.

tl;dr: if you're running a business in Germany that needs e-mail, just don't send it via the big magenta monopoly - you would end up sharing the same mail servers with tons of small businesses that might not employ the most qualified people for securing their stuff, so they will naturally be pwned and abused for spam every once in a while, having your mailservers blacklisted.

I'm waiting for the day when the next e-mail will be blocked and manager / boss eventually wonder how the 24-hours-outage did not even fix aynything in the end...

I just finished designing an entire asset management pipeline and christ on a fucking pogo stick, if it isn't convoluted.

Theres a lot of game engines out there, but all of them do it a little different. They all tackle a slightly different problem, without even realizing it.

1. asset management

2. asset change management

3. behavior change management

4. data management

5. combinatorial design management.

6. Combinatorial Behavior management

7. Feature completion

ASSET MANAGEMENT is exactly what it says on the tin.

ASSET CHANGE management can be thought of handling the import, export, formatting, platform specific packing, and versioning (including forking) of an asset.

BEHAVIORAL CHANGE management is a subset of asset management, because code is a subset of assets (depending on how you define 'assets'). The oldest known example of this is commenting and uncommenting code.
Or worse, printf debugging.

This can be file versioning, basic undo services, graph management of forks and mergers, toggles for features or modules, etc.

DATA management is about anything that doesn't fall into the other categories, everything from mission text to npc dialogues, quests, location names, item stats, the works. Anything you'd be tempted to put in a database, falls under this category. Haven't yet seen many engines offer this as an explicit built in tool as of yet, because the other problems are non-trivial as is, so this is a bit of low hanging fruit that gets handled by external tools, or loaded from formats as simple as json.

COMBINATORIAL DESIGN management is the idea of prefabbing, blueprints of broader object design using nested prototypes of existing game objects, to create more complex, reusable set pieces. Unity did this well. GM does this in part.

COMBINATORIAL BEHAVIOR management is entity-component systems, plus tooling to make it easy to add, remove, and configure components and their values on entity blueprints, also not uncommon. Both stencyl and unity do this. GM has a precursor to this in the form of configurable fields, but these fields are not based on component scripts attached to objects.

FEATURE COMPLETION is that set of gameplay mechanics or styles of design that an engine naturally makes easier to include or build in a game.

I don't think I'm aiming for all that, but I think at minimum a good engine has to do asset management, behavioral change management, prefabs, and entity-component systems with management tools for that. And ideally, asset change management.

It's been a while DevRant!

Straight back into it with a rant that no doubt many of us have experienced.

I've been in my current job for a year and a half & accepted the role on lower pay than I normally would as it's in my home town, and jobs in development are scarce.

My background is in Full Stack Development & have a wealth of AWS experience, secure SaaS stacks etc.

My current role is a PHP Systems Developer, a step down from a senior role I was in, but a much bigger company, closer to home, with seemingly a lot more career progression.

My job role/descriptions states the following as desired:

PHP, T-SQL, MySQL, HTML, CSS, JavaScript, Jquery, XML

I am also well versed in various JS frameworks, PHP Frameworks, JAVA, C# as well as other things such as:

Xamarin, Unity3D, Vue, React, Ionic, S3, Cognito, ECS, EBS, EC2, RDS, DynamoDB etc etc.

A couple of months in, I took on all of the external web sites/apps, which historically sit with our Marketing department.

This was all over the place, and I brought it into some sort of control. The previous marketing developer hadn't left and AWS access key, so our GitLabs instance was buggered... that's one example of many many many that I had to work out and piece together, above and beyond my job role.

Done with a smile.

Did a handover to the new Marketing Dev, who still avoid certain work, meaning it gets put onto me. I have had a many a conversation with my line manager about how this is above and beyond what I was hired for and he agrees.

For the last 9 months, I have been working on a JAVA application with ML on the back end, completely separate from what the colleagues in my team do daily (tickets, reports, BI, MI etc.) and in a multi-threaded languages doing much more complicated work.

This is a prototype, been in development for 2 years before I go my hands on it. I needed to redo the entire UI, as well as add in soo many new features it was untrue (in 2 years there was no proper requirements gathering).

I was tasked initially with optimising the original code which utilised a single model & controller :o then after the first discussion with the product owner, it was clear they wanted a lot more features adding in, and that no requirement gathering had every been done effectively.

Throughout the last 9 month, arbitrary deadlines have been set, and I have pulled out all the stops, often doing work in my own time without compensation to meet deadlines set by our director (who is under the C-Suite, CEO, CTO etc.)

During this time, it became apparent that they want to take this product to market, and make it as a SaaS solution, so, given my experience, I was excited for this, and have developed quite a robust but high level view of the infrastructure we need, the Lambda / serverless functions/services we would want to set up, how we would use an API gateway and Cognito with custom claims etc etc etc.

Tomorrow, I go to London to speak with a major cloud company (one of the big ones) to discuss potential approaches & ways to stream the data we require etc.

I love this type of work, however, it is 100% so far above my current job role, and the current level (junior/mid level PHP dev at best) of pay we are given is no where near suitable for what I am doing, and have been doing for all this time, proven, consistent work.

Every conversation I have had with my line manager he tells me how I'm his best employee and how he doesn't want to lose me, and how I am worth the pay rise, (carrot dangling maybe?).

Generally I do believe him, as I too have lived in the culture of this company and there is ALOT of technical debt. Especially so with our Director who has no technical background at all.

Appraisal/review time comes around, I put in a request for a pay rise, along with market rates, lots of details, rates sources from multiple places.

As well that, I also had a job offer, and I rejected it despite it being on a lot more money for the same role as my job description (I rejected due to certain things that didn't sit well with me during the interview).

I used this in my review, and stated I had already rejected it as this is where I want to be, but wanted to use this offer as part of my research for market rates for the role I am employed to do, not the one I am doing.

My pay rise, which was only a small one really (5k, we bring in millions) to bring me in line with what is more suitable for my skills in the job I was employed to do alone.

This was rejected due to a period of sickness, despite, having made up ALL that time without compensation as mentioned.

I'm now unsure what to do, as this was rejected by my director, after my line manager agreed it, before it got to the COO etc.

Even though he sits behind me, sees all the work I put in, creates the arbitrary deadlines that I do work without compensation for, because I was sick, I'm not allowed a pay rise (doctors notes etc supplied).

What would you do in this situation?

TL;DR: Stop. Hating. On. Ads. Here are 5 reasons why:

1. "No one likes ads"
I love seeing *good* ads before I watch a YouTube video. Or I looked up videos that YT recommended because they sounded fun and they were fun:
- Coke - Hey Brother is an amazing and touching short film
- Fressnapf (="food bowl") had an incredibly enjoyable "things you didn't know about cats" video I clicked on purpose and it was good.
- I found JetBrains through ads (free for me, student perks. But tbh I use atom)
and I could name more.

2. What are the alternatives?
I know there are some non-profits and that's cool but you wanna be paid in your job, right? So ads are why Facebook (I know, Facebook isn't enjoyed here but), YouTube, stackoverflow, etc. Wikipedia asks for a few million dollars of donations each year because they don't run ads. Smaller businesses can't do that really. Hell, even codepen has a "sponsored" section. Imagine you would have to pay for all of those services.

3. "Manipulation"
isn't a bad thing unless you abuse it. I manipulate you when I say that I love codepen in the same way an ad does. No one forces you to use a product or watch an ad (you can look away and often times skip).

4. Adblock
What if everyone did that? Adblock blocks happened a while ago and the war between adblock and ad-senders is still ongoing. The moment you see an ad, you are using/watching etc something which the creators thought is worth making money off. If you don't think so, leave the site. I am an adblock user but if the site politely asks me to disable it and I enjoy the content - I will disable it with pleasure.

5. Targeted ads
Yes. The internet is a huge data-crawling piece of shit. But there are many more questionable or even dangerous ways of data-harvesting online. I am glad to see ads I like and not the ones my sister might like. Some services allow you to disable personalized ads. Or use vpn if you really want to.

Bloody mother fucking jesus christ....

It's working.

Sometimes I really wish I had the gift to be creative and to e.g. draw a (metaphoric) image of the shit I had to fix and how it felt to fix it.

It's sad not being able to share stuff in a way everyone can understand it :/

I uncludged the last bits of the networking / loadbalancer / craptastic network.

The whole chart that includes most of the associations / information for the network fits easily on a A2 paper. Internal only.

Just migration of a few remaining servers to Proxmox and a large MySQL to Postgres migration outstanding....

1.75 years and it's the first large milestone achieved. Large milestone as in it will not be a total clusterfuck anymore.

Still a lot of stuff to do...

But down to one major OS, Debian, for everything (container / VMs)... only LTS supported versions for services...

No more stuff that's so old it's near fossil state. We stillhad Ubuntu 12.04 running... :) ;) And XenServer is nearly gone...

Too many feels. Too many brain poofs. And way too much pain.

How is coupling backend + frontend as a single nextjs app a good idea? What the fuck is this?

What if you have to create new replica sets of a backend because of high load pressure? What about load balancers?? What if i want my backend to be a microservice? How do i unit test the backend if its cluttered with frontend? WTF IS THIS

WHY DID NEXTJS THINK THIS IS A GOOD IDEA AND WHY DO SO MANY DEVS LOVE THIS IDEA AND GLORIFY NEXTJS?

Nextjs seems like the type of framework that was built by a frontend web developer who just refuses to learn backend technology at all costs.

---

its been a few hours and the concept of nextjs is bending my mind rn. I thought nextjs is just another frontend framework. A react killer. Only to find out its both a backend + frontend framework.

Cluttering backend stuff into frontend is gonna get messy no matter how much you try to modularize the code. Am i lost or am i right???

---

Scratching my head over nextjs. Looks like a great framework for small-mid project but definitely not large project. The more shit the project needs the more messy shit become. Angular has modularized all of this in separate folders -- components services guards interceptors (now new stuff coming called Signals) etc. All of it is separated in individual folders and kept frontend-only. Simple enough. No backend clutter

---

Can i even use nextjs strictly as a frontend framework while it uses my custom backend built in java spring boot? For example use nextjs /api/ folder to handle custom routes built outside of nextjs framework?

Am i insane here

***ILLEGAL***
so its IPL(cricket) season in india, there is a OTT service called hotstar (its like netflix of india), the cricket streams exclusively on hotstar..
so a quick google search reveals literally thousands of emails & passwords, found a pastebin containing 500 emails&passwords ...but those are leaked last year most of passwords are changed & many of them enabled 2FA.. after looking through them we can find some passwords are similar to their emails , some contains birth year like 1975,1997 etc, some passwords end with 123 ..so after trying a few different versions of the passwords like
1) password123 -> password@123, password1234
2) passwordyear -> password@year
2) for passwords similar to emails, we can add 123 ,1234, @ etc
created a quick python script for sending login requests

so after like 30-40 mins of work, i have 7 working accounts

*for those who have basic idea of security practices you can skip this part

lessons learnt
1) enable 2FA
2) use strong passwords, if you change your password , new password should be very different from the old one

there are several thousands of leaked plaintext passwords for services like netflix,spotify, hulu etc, are easily available using simple google search,
after looking through & analysing thousands of them you can find many common passwords , common patterns
they may not be as obvious as password ,password123 but they are easily guessable.
mainly this is because these type of entertainment services are used by the average joe, they dont care about strong passwords, 2FA etc

Am I the only developer in existence who's ever dealt with Git on Windows? What a colossal train wreck.

1. Authentication. Since there is no ssh key/git url support on Windows, you have to retype your git credentials Every Stinking Time you push. I thought Git Credential Manager was supposed to save your credentials? And this was impossible over SSH (see below). The previous developer had used an http git URL with his username and password baked in for authentication. I thought that was a horrific idea so I eventually figured out how to use a Bitbucket App password.

2. Permissions errors
In order to commit and push updates, I have to run Git for Windows as Administrator.

3. No SSH for easy git access
Here's where I confess that this is a Windows Server machine running as some form of production. Please don't slaughter me! I am not the server admin.
So, I convinced the server guy to find and install some sort of ssh service for Windows just for the off times we have to make a hot fix in production. (Don't ask, but more common than it should be.)
Sadly, this ssh access is totally useless as the git colors are all messed up, the line wrap length and window size are just weird (seems about 60 characters wide by 25 lines tall) and worse of all I can't commit/push in git via ssh because Permissions. Extremely aggravating.

4. Git on Windows hangs open and locks the index file
Finally, we manage to have Git for Windows hang quite frequently and lock the git index file, meaning that we can't do anything in git (commit, push, pull) without manually quitting these processes from task manager, then browsing to the directory and deleting the .git/index.lock file.

Putting this all together, here's the process for a pull on this production server:
Launch a VNC session to the server. Close multiple popups from different services. Ask Windows to please not "restart to install updates". Launch git for Windows. Run a git pull. If the commits to be pulled involve deleting files, the pull will fail with a permissions error. Realize you forgot to launch as Administrator. Depending on how many files were deleted in the last update, you may need to quit the application and force close the process rather than answer "n" for every "would you like to try again?" file. Relaunch Git as Administrator. Run Git pull. Finally everything works.

At this point, I'd be grateful for any tips, appreciate any sympathy, and understand any hatred. Windows Server is bad. Git on Windows is bad.

A client's site got malware infected, so we decided to remove everything and replace the site with a fresh WordPress installation (very basic site with 4 pages of content).

Contacted iPage live support asking them to check and unsuspend the account (with no files on it), but they kept on insisting that I buy their "firewall" and "SiteLock" services, with zero reply related to suspension. I've had live chat with many other hosting companies, never had such a lousy fucked up conversation. Without providing technical support, they keep marketing their useless expensive services. Fuck you iPage, you just lost a customer.

FUCK Banks

Fuck Banks and fuck online Banking

Fuck you for not supporting real 2FA
Fuck you for having such shitty bloated bullshit Websites and online services
Fuck you for taking forever to transfer money
Fuck you for not having public APIs Fuck you for so many uncountable reasons.

And most of all Fuck you for constantly trying to fuck me. I FUCKING HATE BANKS SO FUCKING MUCH.

I hope so much that there'll be a decentralised uncontrollable anonymous and digital currency in the future. Something like Cryptos (like BTC or ETH) but without all the major Problems they have now.

I wish there was a hell Banks could go to. I want to see them burn and suffer so fucking much not even the worst medieval torture methods are enough to satisfy me.

FUCK SPAM !
If you are like me and register to many services online and get spammed with spam (duh) and want to know which services is selling your data , you can register with an email like this :
let's say your email is johndoe@gmail.com
and want to register to Service you can put johndoe+service@gmail.com and mails will still reach johndoe@gmail.com but appear as To : johndoe+service@gmail.com so then you can rant about how Service is selling your data.
credits to reddit.

In my current org we had a AWS SES event processor written in node js, it was struggling everytime we had more than 1000 messages in queue. It looped over every single message made some db calls then processed the next message. At one point we had to run 300 comatiners of this thing to clear out the queue.. It was still horribly slow.

I rewrote it in Golang with channels and goroutines now we need to run a single comatiner to handle upto 100k messages in queue. Used 10 goroutines to pull 10 messages constantly and put them in a channel, then spawned 1 goroutine per message to process them quickly. I'm so proud of this solution, we then brought this workflow to many other event processing services. 😎

Ive got this colleague who knows so much about cloud services, networking etcetera, but 90% of the code he writes I have to rewrite in a way.

So many typos that classnames become unreadable and not understandable.
Small pieces of code that breaks so many other pieces of code.
And code which isnnt needed because it doesnt do shite. "o = (o==null?null: o)" (this is the exact thing he wrote (spacing included))

Sometimes it takes me 6 hours to find the source of an issue because he changed something. Everything I change I confront him about because they are things that can be avoided by rereading the code written.

Fucking doesnt wanna learn....

Project manager: "What is a micro service? I'm dating a girl and she mentioned it and I want to impress her."

Me: "Well, you have monolithic services which tend to serve many different functions whereas a micro service tends to serve a single function or a few related functions. They are usually easier to scale and can be optimized to be faster. Still, right tool for the job."

Project manager: "Oh nice! So I can ask her 'Hey, want to see my micro service? It's quick and scalable.'"

-face palm-

He's leaving this week. I'm going to miss him though.

Seriously though, in that context, would scalability mean you're bringing friends?

Microservices! So many little services and parts communicating and working together and everything going to shit on my first 100 tries, love it.

!rant

So I have bought a new laptop and this time instead of straight up booting linux I had an idea of giving micro$oft a try, so I have decided to use only their services for 2 weeks.

To be honest, I really did not expect windows to use do much cpu and hdd during updates and background tasks, but after a day it was ok and windows feels snappier than during my last encounrer (maybe cause the new hw?).

I was even so dedicated that I started to use cortana and I have to tell, that she is dumb as fuck, since she fails to understand even the basic tasks and if u want something advanced, she refers to the next update. But boy, tell her to open Visual Studio and she asks if you want VS Code or Visual Studio, which seems great. But my response was 'Code' then she insisted that I said Coke. Im like OK, Im not native english speaker, lets try Visual Studio Code, where she told me that there is no such thing and Spelling VS - Code ended me in bing search for Unesco :/

I really want to like Cortana, she has nice name, nice history, but she is like that A girl from class, who looks gorgeous, has great voice, but then u reallise that she just eats a book before exam and after that she is that dumb basic hoe.

I also gave a shot to Bing and Edge. Bing is something between Google and DuckDuckGo, since it gives you a liiitle less results from search history, yet if you want to find something in different language its even possible to tell you that what are you trying to find does not exist.

But I have to tell, that I like Edge and I mean it. Like... Its fast and has some good features, like pushing all your open tavs away, so you can open them Later. It also does not have that stupid ass feature that lets you control tab from left to right, not by chronological order, so you wont end up in infinity loop of 2 tabs. And even if people make fun of M$ trying to convince you to use Edge by being too aggresive. God go on edge and try to use some Google Service(You still dont use chrome?!).

I also tried to play with .Net core and I have to tell that against java they are a bit further. I liked some small features, but what I just simply loved was rhe fucking documentation. You basically dont need google, sincw they give you examples and explain in a human way.

What I didnt quite get was the 'big' Visual Studio. Tje dark theme to me feels strange(personal and irrelevant). Why the hell I do need to press 2 shortcuts to duplicate line?! Why is it so hard to find a plugin to give me back my coloured brackets and why the fuck it takes like a second to Cut one line of code on a damn i7?!

Visual studio Code was something different. It shows how dark theme should be done, the plugin market is full of stuff and the damn shortcuts are not made for octopi. So I have to recommend it ^^.

I even gave a shot to word and office as a whole and fuck I never knew that there are so many templates. It really made my life easier, since all you need to do is find the right one in the app, instead of browsing templates online, where half of them are for another version of your text editor.

Android Launcher was fast, had a clever widget of notes and the sync was pretty handy to be honest so I liked that one as well.

What made me furious was using the CLI. Godfucking damn what the fuck is ipconfig?! :/

Last thing what made me superbhappy was using stuff without wine and all of the addional shit. Especially using stuff like Afinity Designer and having good looking apps in general. I mean Open source has great tools l sometimes with better functionality. But I found out, that what is pleasure to look at, is pleasure to work with.

To Summarize a bit.

It wasnt that bad as I expected. I see where they are heading with building yet another ecosystem of It just works and that they are aiming at professionals once again.

So I would rate it 6/10, would be 7 if that shit was Posix compatible.

I know that for Balmer is a special place in hell... But with that new CEO, Microsoft at the end may make it to purgatory..

I really like my position as the head of my department. But I am most definitely hitting walls(and in some way breaking them) concerning the way the CTO(my direct boss) deals with a lot of the things that his management team wants to do.

For example, the previous manager could only do so much in terms of directing a software team since she did not have a formal background in computer science or engineering, thus the developers that she had would tell her the different deals with many things and she would have to take their word for it. Nothing necessarily bad with this, but it just meant that a lot of things could have gone smoother had she the knowledge to fix said items. Whenever she would try to use resources(dev time or such) the CTO will resort to the all powerful manthra of "if it ain't broke don't fix it!".

but it was about more than fixing things that were breaking, our internal services and admin boards were built using all of the WRONG proper development practices, it feels as if they took the book of best practices.....and said fuck it and did whatever the fuck they wanted. It is the worst PHP/Java/JS code I have ever seen in my entire life and the reason why even though I do not concur with it I will always understand the dislike from other developers. Our services look like something that came out from the 90s, no style, no engineering concepts in place, no versioning no testing NADA zip(these are all web based services)

One in particular, it was an admin board used internally to let students evaluate their professors, the entire app is shit, and it was broken, for some UNGODLY reason, the original dev decided to use some weird external libraries he got from some blog somewhere and as such something that would take about 5 or 6 files is now a mess with over 200 php/js files all over the fucking place. The CTO insisted on fixing them, they were all broken, and I continuously told him that redesigning the application would be faster.

Mofo fought me on it, and in the end I did what I wanted and rebuilt the app.

It took me one afternoon. One fucking afternoon, over possibly 2 weeks of fixing it.

See, I am not one to just do whatever he pleases, but I am firm in my belief that if I know a better way I will do it and save precious time. The dude had to agree with me on this and promised to consider this shit on other items that will undoubtedly come up. He was lying out of his ass but oh well..........

W

The year was 2006. During the first half of my career, I use to work in the NOC. This was before I made my transition to software engineer. I worked on the third shift for a bank services company. The company was on a down turn. Just years earlier they just went public, and secured a deal with a huge well known bank. Eventually they entered a really bad contract with the bank and was put into a deal they couldn't deliver on. The partnership collapse and their stock plummeted. The CEO was dismissed, and a new CEO came in who wanted to "clean things up".

Anyway I entered the company about a year after this whole thing went down. The NOC was a good stepping stone for my career. They let me work as many hours as I liked. And I took advantage of it, clocking in 80 hours a week on average. They gave me the nick name "Iron Man".

Things started to turn around for the company when we were able to secure a support contract with a huge bank in the Alabama area. As the NOC we were told to handle the migration and facilitate the onboarding.

The onboarding was a mess with terrible instructions that didn't work. A bunch of software packages that crashed. And the network engineers were tips off, as they tunnel between our network and the banks was too narrow, creating an unstable connection between us and them. Oh, and there were all sorts of database corruption issues.

There was also another bank that was using an old version of our software. The sells team had been trying to get them off our old software for over a year. They refuse to move. This bank was the last one using this version, and our organization wanted to completely cut support.

One of the issue we would have is that they had an overnight batch job that had an ETA to be done by 7 AM. The job would often get stuck because this version of the software didn't know how to fail when it was caught in an undesired state. So the job hung, and since the job didn't have logging, no one could tell if it failed unless the logs stopped moving for an hour. It was a heavily manually process that was annoying to deal with. So we would kill the JVM to "speed" the job up. One day I killed the JVM but the job was still late. They told me that they appreciated the effort, but that my job was only to report the problem and not fix it.

This got me caught up in a major scandal. Basically they wanted the job to always have issues everyday. Since this was critical for them, all we needed to do was keep reporting it, and then eventually this would cause the client to have to upgrade to our new software. It was our sales team trying to play dirty. It immediately made me a menace in the company.

For the next 6 months I was constantly harassed and bullied by management. My work was nitpicked. They asked me to come into work nearly everyday, and there was a point I worked 7 days with no off days. They were trying to run me so dry that I would quit. But I never did.

On my last day at the company, I was on a critical call with a customer, and my supervisor was also on the line. My supervisor made a request that made no sense, and was impossible. I told her it wasn't possible. She then scalded me on the call in front of customers. She said "I'm your supervisor, you're just a NOC technician, you do what I say and don't talk back". It was embarrassing to be reprimanded on a call with customers. I never quite recovered from that. I could fill myself steaming with anger. It was one of the first times in my adult life that I felt I really wanted to be violent towards someone. It was such a negative feeling I quit that day at the end of my shift with no job lined up.

I walked away from the job feeling very uncertain about my future, but VERY relieved. I paid the price, basically unable to find a job until a year and a half later. And even was forced to move back in with my mother. After I left, the company still gave my a severance. Probably because of the supervisor's unprofessional conduct in front of customers, and the company probably needed to save face. The 2008 crash kept me out of work until 2009. It did give me time to work on myself, and I swore to never let a job stress me out to that degree. That job was also my last NOC job and the last job where did shift work. My next few jobs was Application Support and I eventually moved into development full time, which is what I always wanted to do.

Anyway sorry if it's a bit long, but that's my burnout story.

Service status pages that poorly reflect actual service status are so annoying. Ex. GitHub is having a lot of latency issues with processing updates and like 5 people in my office noticed it while their status page still says everything is fine.

This isn't to explicitly call out GitHub since many service status pages behave like this, but it definitely shows a general weakness in these health checks. I've seen similar issues with tons of services, web hosts, etc. Monitoring is definitely hard but will hopefully keep getting better.

Why do we still speak in direct DNS?

I don't know about you, but I have observed so many DNS mishaps in my day, and also have observed that developers and non-devs consistently fail to have a succinct mental model of how to set DNS properly for a website.

There are lots of services that make setting DNS easier than ever, but I'm kind of surprised so many people still have to think directly in terms of CNAMES, APEX DOMAINS, and all the direct domain knowledge of DNS.

Can't we have a higher level abstraction that compiles to DNS with more safety guards? Sure, let me dip into DNS when I need to, but why are DNS settings tables still such a normal thing?

I write Ruby code so I don't have to write C code. I'm sure there are attempts in DNS abstraction, but the fact that I haven't come across them means they are probably still too leaky or just not mainstream.

Thoughts on the matter?

Um, am I the only one who thinks that the SOS feature for WatchOS3 is going to cause a lot of issues for the emergency services, like as in they will get so many accidental calls?

So, today a developer from a web app consuming our services requested to fix a 429 http error code (too many requests) they are seeing. The request is on an email with our managers cc'ed

Do you think your job is fun?

So many boring jobs out there.. Examples:
- .Net services for some financial institution
- Java business applications for invoice record processing

Yeah, bore me more. Thanks. I prefer something more fun.

Okay... I am more than annoyed. 😵😵😵 I've been trying for days to get 2 small dockerized Spring REST-Services to communicate with each other. Without docker the services work fine with each other. I've tried many tutorials, examples, hints online and so on and none works or does something else. There is so much deprecated stuff or huge tutorials where I have to install 1000 other useless things. I kinda feel like this Microservice Stuff is a myth or I'm just stupid. Even my partner has no clue.

I am slowly turning my home into an automated smart home, however. I have found a lot of responding devices (media players, sockets, etc..) but no trigger devices (buttons, sensors) I can work with.

Am I looking in the wrong place or do I really have to build something myself using arduino?

My setup is the following: I have a central server in my home that hosts a bunch of docker services that all server a certain purpose. All smart devices have static ips so that server can address them quickly. So it is capable of controlling many things. However, now I want to trigger certain actions through a hardware button. It seems I cannot find such a device....

Any other hads on here?

Started working working with Google services. Hell there are so many

This is the single most important question of the year:
Where is a good Minecraft server service that can run FTB Modpacks?
My options are:
1 - A dedicated linux box with Minecraft management software with a port open to the world.
2 - Purchase a vps or something similar to host MC.
I have done 1, and it worked pretty well. It ran on a tiny A8 processor with 8GB ram and an SSD. I see services and they cost like 15 to 20 a month and seem like they are awfully stingy on storage. I can get an enterprise server for 30 a month, but I just asked (my webhost, who I really like) and they said they cannot run Minecraft servers. They said I would need a vps, and they don't have them yet. So I could dig around for a vps service and that is an option. I am really wary of "minecraft" branded services as many are outright ripoffs.

Thoughts? Successes? Just do it myself?

Dude in my Calc 2 class just bitched about iPhones having "shitty software" referencing that bug from around ~6 years ago, when a specific iMessage text would reboot your phone. IMO, 99% of what Apple does well is software. UI is subjective, but final cut pro is unbelievable in terms of functionality for its price, their software is so well optimized that iPhones have been able to use comparably tiny batteries and still compete. They are consistent throughout their company with software design, while companies like Google are so stratified it took years before their material design had been implemented in all their services, there are still a few that aren't (not to mention the meme of Google killing off all their projects). I hate tablets, but the iPad pro has the best software/hardware implementation of any I've ever seen. Apple's interconnectivity between devices is unbelievable, whether it's Continuity features or the setup process just recognizing group devices around and pulling data to create consistent account info and saving you taps. Siri is shit, but apart from that their software isn't bad enough that you should complain about that instead of...

Their Macs are fucking pressure-cookers, and their fuckin marketing department is like a different company all-together, and their anti-fix-it-yourself policies are so user hostile that they're toe-to-toe with being as abusive to customers as Oracle.

TL;DR the biggest scam Apple has pulled off is not that the sheep still think Android and PC users are living in 2010, but they've convinced the sheep that they know what shitty software is. At that point they're too many levels deep and there is no red-pill strong enough for them.

What's the difference between Spring Cloud and Boot? And what's a good book to learn either?

And I guess Spring as well. Is that a pre-req? I'm not familiar with much other than Bean and Context and not sure how AutoWired exactly works...

One project I have is to build an REST service but with subservices, and their replicas, handling different paths and on Openshift.

So these sub services need to be independently started but discoverable by the routing app(s).

Not sure how many layers but basically when a call hits the Router, depending on the path in the URL it sends the request to the appropriate subservices

Meta, Microsoft, Google, and countless startups have been investing and growing, making devs crazy with incredible salaries, incomprehensible hiring processes, and toxic corporate culture. They tried to make masses of end users beta-test their MVP products and services, turning them into subscribers and regular customers. Then they laid off many engineers and now try to run their businesses using immature artificial intelligence instead.

AI, also known as "the one guy that can type real quick" can be very eloquent and replace some junior devs, marketeers and supporters, so it seems, but once someone has a problem that is not already documented unambiguously, then they have a real problem.

I had a pretty good year! I've gone from being a totally unknown passionate web dev to a respected full stack dev. This will be a bit lengthy rant...
Best:
- Got my first full time employment dev role at a company after being self-taught for 8+ years at the start of the year. Finally got someone to take the risk of hiring someone who's "untested" and only done small and odd jobs professionally. This kickstarted my career, super grateful for that!
- Started my own programming consulting company.
- Gained enough confidence to apply to other jobs, snatched a few consulting jobs, nailed the interviews even though I never practiced any leet code.
- Currently work as a 99% remote dev (only meet up in person during the initialization of some projects.) I never thought working remotely could actually work this well. I am able to stay productive and actually focus on the work instead of living up to the 9-5 standard. If I want to go for a walk to think I can do that, I can be as social and asocial as I want. I like to sleep in and work during the night with a cup of tea in the dark and it's not an issue! I really like the freedom and I feel like I've never been more productive.
- Ended up with very happy customers and now got a steady amount of jobs rolling in and contracts are being extended.
- I learned a lot, specialized in graph databases, no more db modelling hell. Loving it!
- Got a job where I can use my favorite tools and actually create something from scratch which includes a lot of different fields. I am really happy I can use all my skills and learn new things along the way, like data analysis, databricks, hadoop, data ingesting, centralised auth like promerium and centralised logging.
- I also learned how important softskills are, I've learned to understand my clients needs and how to both communicate both as a developer and an entrepeneur.
Worst:
- First job had a manager which just gave me the specifications solo project and didn't check in or meet me for 8 weeks with vague specifications. Turns out the manager was super biased on how to write code and wanted to micromanage every aspect while still being totally absent. They got mad that I had used AJAX for requests as that was a "waste of time".
- I learned the harsh reality of working as a contractor in the US from a foreign country. Worked on an "indefinite" contract, suddenly got a 2 day notification to sum up my work (not related to my performance) after being there for 7+ months.
- I really don't like the current industry standard when it comes to developing websites (I mostly work in node.js), I like working with static websites (with static website generators like what the Svelte.js driver) and use a REST API for dynamic content. When working on the backend there's a library for everything and I've wasted so many hours this year to fix bugs and create workarounds related to dependencies. You need to dive into a rabbit hole for every tool and do something which may work or break something later. I've had so many issues with CICD and deployment to the cloud. There's a library for everything but there's so many that it's impossible to learn about the edge cases of everything. Doesn't help that everything is abstracted away, which works 90% of the time but I use 15 times the time to debug things when a bug appears. I work against a black box which may or may not have an up to date documentation and it's so complex that it will require you to yell incantations from the F#$K
era and sacrifice a goat for it to work properly.
- Learned that a lot of companies call their complex services "microservices". Ah yes, the microservice with 20 endpoints which all do completely unrelated tasks?

I’ve become so indecisive in terms of knowing what I want from my career.
All I know is what I don’t want (to end up a in management)

I’m definitely getting a new job and right now it looks like I’ve got 3 offers on the table

Option 1, a previous company I worked for. Still the same problems with the company there as before but the work was interesting and unusual. and my line manager was a good guy.
They have practically no legacy code.
Not much in the way of company benefits but they’re local and it would be nice to see friends again.
So feels like the pull to this is strong.

Option 2, a fully remote company that I’ve been referred to by an ex-workmate.
They’ve not even tech tested me because they’ve read my blogs and GitHub repos instead and said they’re impress. So just had a conversation with them. I feel honoured that they took the time to look at what I’ve done in my own time and use that in their decision.
Benefits are slightly better than option 1 (more hols)
But they’re using .net 6 and get a lot of heavy use on their system and have some big customers. I think the work is integrations to start with and moving services into docker and azure.

Option 3, even though I’ve got an offer from this one but they can’t actually explain the work until We can arrange a call next week (they recruit and then work out what team your in, but Christmas got in the way of me having a call with them straight away)
It’s working on government systems and .net is their least used stack so probably end up switching to Java. Maybe other tech stacks too.
This place has much better benefits than option 1 and 2 (more hols and more pension), but 2 days a week in office.

All of the above pay the same salary.

Having choice feels almost as bad as having no choice.
It’s doing my head in thinking about it , (even tho I might as well not think about it at all until the call with option 3 happens).

On the one hand with option 3, using a tech stack that’s new to me might be refreshing, as I’ve done .net for 10 years.

On the other hand I really like c# and I’m very good at it. So it feels a bit like I should be capitalising on that and using my experience to shape how the dev is done. Not sure I and I can do that with option 3, at least for a while.
C# feels like it’s moving forward nicely and I’m not sure I can say the same for Java or other languages.

I love programming and learning new stuff but so unable to let things go. It’s like I have a fear that c# will move on without me and I’ll end up turning into one of those devs whose skills are a decade out of date.

Maybe the early years of my career formed me in this way.
Early on I worked at a company where there was a high number of Cobol devs who thought they had a job for life.
But then redundancies came and many left. Of those who stayed they had to cross train to Java and they just couldn’t do it.

I don’t think the tech was hard for them, I think they were just so used to not learning that they could no longer adapt.
Think most of them ended up retiring after trying to learn Java for a few years.

I've been wondering about renting a new VPS to get all my websites sorted out again. I am tired of shared hosting and I am able to manage it as I've been in the past.

With so many great people here, I was trying to put together some of the best practices and resources on how to handle the setup and configuration of a new machine, and I hope this post may help someone while trying to gather the best know-how in the comments. Don't be scared by the lengthy post, please.

The following tips are mainly from @Condor, @Noob, @Linuxxx and some other were gathered in the webz. Thanks for @Linux for recommending me Vultr VPS. I would appreciate further feedback from the community on how to improve this and/or change anything that may seem incorrect or should be done in better way.

1. Clean install CentOS 7 or Ubuntu (I am used to both, do you recommend more? Why?)
2. Install existing updates
3. Disable root login
4. Disable password for ssh
5. RSA key login with strong passwords/passphrases
6. Set correct locale and correct timezone (if different from default)
7. Close all ports
8. Disable and delete unneeded services
9. Install CSF
10. Install knockd (is it worth it at all? Isn't it security through obscurity?)
11. Install Fail2Ban (worth to install side by side with CSF? If not, why?)
12. Install ufw firewall (or keep with CSF/Fail2Ban? Why?)
13. Install rkhunter
14. Install anti-rootkit software (side by side with rkhunter?) (SELinux or AppArmor? Why?)
15. Enable Nginx/CSF rate limiting against SYN attacks
16. For a server to be public, is an IDS / IPS recommended? If so, which and why?
17. Log Injection Attacks in Application Layer - I should keep an eye on them. Is there any tool to help scanning?

If I want to have a server that serves multiple websites, would you add/change anything to the following?
18. Install Docker and manage separate instances with a Dockerfile powered base image with the following? Or should I keep all the servers in one main installation?
19. Install Nginx
20. Install PHP-FPM
21. Install PHP7
22. Install Memcached
23. Install MariaDB
24. Install phpMyAdmin (On specific port? Any recommendations here?)

I am sorry if this is somewhat lengthy, but I hope it may get better and be a good starting guide for a new server setup (eventually become a repo). Feel free to contribute in the comments.

#Suphle Rant 11: Laravel board launch

The launch took almost 2 weeks more than originally slated, because I sought to install it manually, just as an outsider would. Installation steps had been documented, automated tests for the installation tests were passing. When time came to actually execute the binary from the terminal, we went from one obstacle to the other. First, were the relatively minor Composer/Roadrunner issues, eventually resolved by the helpful RR maintainers who sat with me through a Discord server for about 2 hours until their command ran the way I needed it to.

Next was the Psalm scare: One of my value propositions was the guarantee of eliminating all type related bugs in Suphle apps. I intended to use Psalm for that. Wrote tests as usual. Turns out the library behaves differently under conditions differing from raw CLI usage. I resurrected threads I'd opened since December that were left unattended, and with some help from the maintainer, we eventually got it to do what I need it to do.

I was all the more frightened by the fact that Transphporm had caused me to renege on one of my earlier promises. I can only miss so many targets. After this, the docs had to be updated with all the changes effected to accurately integrate those two. Project installation and initialization commands were ran rigorously to ensure all progresses smoothly.

Tagged one final release and suddenly became impatient to launch on our local Laravel group chat where I've been a member for the last 4+ years, where we've had a rollercoaster of emotions. In that time, I've refined my launch speech to suit that audience -- obviously, countless times. Not just a tame "It's my pleasure to announce what I've been working on", but near 40 messages going into details about the inner workings, why it was built, how it compares. An expose that dove deeper than I would anywhere else.

I scheduled a time for them to tune in and got some encouraging anticipation. Ended up deflated after posting the whole thing. Only about 5 persons interacted. 1 (who I've chatted with outside the board) was quite enthusiastic. Feverishly checked the docs but commented it was overwhelming and he'd need more time. Already starred the repository.

For some context, there are give or take 250 members on that board. Not all are active but activity there easily reaches a crescendo when the topic discussed is about inanities like what 3rd party services to use for SMS, how to receive salaries from abroad, or job openings. I was optimistic when the acquaintance mentioned above published a payment library and met a riotuous welcome as one of their own. Maybe, they are simply not fond of me and the speech should have been passed off to someone else.

I checked Packagist installs -- not more 10. For 3 years, I'd been hyped up for that night; but for some reason, the audience I considered myself closest to flopped, woefully. Thankfully, this isn't the main launch. I'm still holding out hope for that. If it fails, I would have sunk an immeasurable amount of effort and time, that nobody will compensate me for. That is the one place I go to see those more advanced than me in PHP. I constantly learn there and find stimulating conversations there.

Now, I can no longer predict reception from other presentations. All I can do now is hope

How do you keep shared libraries used by multiple microservices in sync?

For example, a model class in a shared lib used by some of your microservices. If a new field is added, how would you quickly identify which microservices need to be updated, redeployed? And do it quickly.

Or say the model library has many classes, used by different services. 1 class changed, and only 2/10 services reference it. Do you target only three 2 or so of them? Or would those be bad design?

What do you guys think about deploying elastic search on App Engine Custom Runtime?

(Basically, an empty folder with an elastic search Dockerfile.)

I think it's a good idea: you can now deploy your code and storage application (Elastic search, Redis, etc) as services on your cluster.

You can use GCP magic to auto scale those services, you have so many good stuff that come with it.

And it's inside the same network as your services running in the same AppEngine project.

Relatively often the OpenLDAP server (slapd) behaves a bit strange.

While it is little bit slow (I didn't do a benchmark but Active Directory seemed to be a bit faster but has other quirks is Windows only) with a small amount of users it's fine. slapd is the reference implementation of the LDAP protocol and I didn't expect it to be much better.

Some years ago slapd migrated to a different configuration style - instead of a configuration file and a required restart after every change made, it now uses an additional database for "live" configuration which also allows the deployment of multiple servers with the same configuration (I guess this is nice for larger setups). Many documentations online do not reflect the new configuration and so using the new configuration style requires some knowledge of LDAP itself.
It is possible to revert to the old file based method but the possibility might be removed by any future version - and restarts may take a little bit longer. So I guess, don't do that?

To access the configuration over the network (only using the command line on the server to edit the configuration is sometimes a bit... annoying) an additional internal user has to be created in the configuration database (while working on the local machine as root you are authenticated over a unix domain socket). I mean, I had to creat an administration user during the installation of the service but apparently this only for the main database...

The password in the configuration can be hashed as usual - but strangely it does only accept hashes of some passwords (a hashed version of "123456" is accepted but not hashes of different password, I mean what the...?) so I have to use a single plaintext password... (secure password hashing works for normal user and normal admin accounts).

But even worse are the default logging options: By default (atleast on Debian) the log level is set to DEBUG. Additionally if slapd detects optimization opportunities it writes them to the logs - at least once per connection, if not per query. Together with an application that did alot of connections and queries (this was not intendet and got fixed later) THIS RESULTED IN 32 GB LOG FILES IN ≤ 24 HOURS! - enough to fill up the disk and to crash other services (lessons learned: add more monitoring, monitoring, and monitoring and /var/log should be an extra partition). I mean logging optimization hints is certainly nice - it runs faster now (again, I did not do any benchmarks) - but ther verbosity was way too high.

The worst parts are the error messages: When entering a query string with a syntax errors, slapd returns the error code 80 without any additional text - the documentation reveals SO MUCH BETTER meaning: "other error", THIS IS SO HELPFULL... In the end I was able to find the reason why the input was rejected but in my experience the most error messages are little bit more precise.

One of the reasons why I wanted to become a software developer is because I see so many products or services taking the easy way out, at the cost of killing customer expectations. For example, I was told about JobTrack.io, which is supposed to help manage job searching by keeping track of applications and their statuses. But almost as quickly as I was told, my mind goes into automatic promise defense mode. And rightfully so, because the service turned out to be almost as monotaneous as the job search itself! Not as seamless as I'd need it to be to get started right away.

Now, maybe there's a slight chance I don't know wtf I'm talking about here. But, what's stopping this product from using an email client that runs server side, to interface with the user's main inbox, to run sentiment analysis on emails for detecting job application submissions? Such functionality would obviously need permission from the end user, so there are no surprises that some 3rd party app is sorta kinda monitoring your emails. And of course measures should be taken to avoid detecting anything beyond the contextual lines of: "Thank you for applying to so and so", or "We've recieved your application! Next steps".

Present those detections to the user to confirm. And do the same thing for rejections and offers. Shouldn't be that hard especially when most sites these days allow you to sign in with Google, and that Google marks these particular emails as "Important"; which further filters the detection process, and partially does JobTrack's job for them.

Honestly, I think the app has promise, and hope this is just a case of starting off small.

Question to you all, do you really think you own your computer or system/data when almost all sites/services out there state very clearly in there ELUA(Fuck yes ours) that they might use your data how they feel fit, now this does not stop with websites, Mac, Windows and some Linux Distros also do this.

I for one stop thinking that I own data but I just change a few bits to make it look different these days, everything on your computer is not yours, we its and hardware, read the ELUA/TOS many hold the right to recall, revoke and so on use of the items to the point you paid for it they will take it back.

Items now sending keylogs, data usage and apps usage data to MS, Apple, some big linux distro, and YES this happens don't fool yourself Apple and MS both admit this happen and both US and UK now requesting these companies to let the have full access to this data, if it was not there they wouldn't want it.

This wont stop me from messing with code and loving tech but do you really feel you own anything anymore?

I don't :P

I think I just realized what my biggest gripe about our career paths that I hate the most.

This is something that has worsened over time, especially the last 2 to 3 years.

As developers, we have far too many options. Some of the most powerful apps are written with languages that have hard, and I mean HARD, guardrails in place. If the app is written in a language that does not meet this criteria usually a framework has been used to install those guardrails.

We just get our minds so wrapped around the possibilities and the opportunities in the software, that we just can't focus on the end result. We're like puppies that are excited about something and we just piss all over everything.

In my career I have met far too many developers that don't have the capacity and mental fortitude to take control of their actions. Because of this I think the only way for us to stop this corruption, that I feel we are nurturing, the solutions/services that we use need to push back on us and install those guardrails for us.

All this came from a change that Microsoft put in place that seems well intended, but introduces yet another choice and a multitude of opinions in how you release code.

It used to be a simple check box. If it was checked it was pre-release, if it was unchecked it was a production release. That's it. On or off. The simplest choice you ever needed to make on a release.

Now though, there are two check boxes. One for a pre-release and one for a latest release. You can also not check either for some "ephemeral" release? So now something as easy as on or off has been made into a difficult decision on how this works within my pipeline. Now every time I make a release I have to ask myself, "which one do I check?"

I shouldn't need to spend more than a second to identify a path forward on simple shit like this, but here we are with a third choice.

Can we just stop overcomplicating shit?

Design Decision:
We have an API and a lot of microservices based on that API. Additionally we have a store of protobuf-templates (files to automate serializing certain events etc).
Currently for each service we have the API with general stuff (connection stuff etc) and then copy the 5 or 6 proto-files we need for that service, they update sometimes, so does the API, for each service, two things that need to stay updated. Which option would seem more logical to you?

a) Integrate all proto files into the API. The services then only need to update the API but they also have access to many proto files they don't need for that service (which are required for other services however)

or

b) Keep them seperated and keep manually updating the proto-files for affected services

Disclaimer: our proto files are always backwards compatible by design, both the API and protofiles change fairly frequently.

Ty

Another day, another struggle with time zones.

How many fucking helper methods do I need to create for dates and time zones? How many components, pipes and services do I need to wrap just so two datetimes line up? Apparently another one today. At this point I'm ready to accept flat earth theory if it means no more time zones. I'm fucking sold on it if so.

It's not even the time zone that's the issue. It's business needing it formatted, but also offset properly, based on your browser locale, but with points that cross into DST observing time zones of a different locale simultaneously. Sometimes those times are the same, sometimes they're different, sometimes they're different but only in winter. And despite a plethora of libraries to help with these calculations, nothing ever seems to just work out of the box. So here's to another layer of abstraction, because time zones (and DST) are bullshit.

Upgrading my tech skills.. Once again I feel my personal my personal dev environment and told are much more up-to-date than what I use at work.... Though the book Kim reading is on TDD and was written 3 years ago.

Maybe I should read another on in cloud services and ML... but don't have any motivation for these topics.

I need TDD for work because now we're emphasizing unit test coverage...

I usually only use manual functional tests to verify the final outputs as either the testing framework is broken (JS) or I don't have time to relearn the frameworks for the particular language...

Anyway got off topic... So questions after:

1. Do you ever feel your technologically always more ahead than what you do at work and essentially you bring skills to the job but you don't learn much out of it?

2. How do you test? I actually got into a bit of a argument/discussion with my colleagues about how to implement unit tests. Apparently there are 2 ways to test? Black box vs WhiteBox. She said she tests only Public methods using mock inputs, dependencies. She read online and seems there is an opinion that should only test public functions and if you can't then your app is designed incorrectly, not separated enough.

For me I test the private functions individually (WhiteBox/Java reflection) because the public one is like generateReport and as a whole is like a Pachinko machine, too many unique paths that would need a test case for.

So thoughts? Yes sorry for turning it into a remake I guess...

so i've been working with a ux/graphic designer on a pretty large project that will likely have many services attached to it, it's been in "active" development for about a year now. something that concerns me however is how uncertain i feel about what i'm doing, constant questions like "am i doing this right", "is this secure", and many like them plague my mind while i'm coding and it's really discouraging. when i was just learning i didn't really take any heed from these questions, intact i never even really thought about them so why am i now? i feel kid if i'm able to just work and have fun i will be so much more productive and happy. my partner has been learning front end and has been doing great me i'm working on front and back end. i have been making most of the decision in regards to our stack but i feel like i'm making them arbitrarily and to attribute to this fact, i have switched things up several times, we went from react to an mvc framework and now i'm considering going back to react. i just can't seem to keep on track with my decisions, if any of you have experienced this before i would really like some advice on how i can be productive and again and not fall into this never-ending abyss of doubt.

hey, so i have recently started learning about node js and express based backend development.

can you suggest some good github repositories that showcase real life backend systems which i can use as inspiration to learn about the tech?

like for eg, i want to create a general case solution for authentication and profile management : a piece of db+api end points + models to :

- authenticate user : login/signup , session expire, o auth 2 based login/signup, multi account login, role based access, forgot password , reset password, otp login , etc

- authorise user : jwt token authentication, ip whitelisting, ssl pinning , cors, certificate based authentication , etc (

- manage user : update user profile, delete user, map services , subscriptions and transactions to user , dynamic meta properties ( which can be added/removed for a single user and not exactly part of main user profile) , etc

followed by deployment and the assoc concepts involved : deployment, clusters, load balancers, sharding ,... etc

----

these are all the buzzwords that i have heard that goes into consideration when designing a secure authentication system for a particular large scale website like linkedin or youtube. am not even sure how many of these concepts would require actual codelines and how many would require something else.

so wanted inspiration from open source content to learn about it in depth, replicate and create new better stuff if possible .

apart from that, other backend architectures like video/images storage system, or just some server for movie, social media, blog website etc would also help.

Still working on setting up my Kubernetes cluster. Jesus Fuck this is complicated