I think I've shown in my past rants and comments that I'm pretty experienced. Looking back though, I was really fucking stupid. Since I haven't posted a rant yet on the weekly topics, I figure I would share this humbling little gem.

Way back in the ancient era known as 2009, I was working my first desk job as a "web designer". Apparently the owner of this company didn't know the difference between "designer", which I'm not, and "developer", which I am, nor the responsibilities of each role.

It was a shitty job paying $12/hour. It was such a nightmare to work at. I guess the silver lining is that this company now no longer exists as it was because of my mistake, but it was definitely a learning experience I hold in high regard even today. Okay, enough filler...

I was told to wipe the Dev server in order to start fresh and set up an entirely new distro of Linux. I was to swap out the drives with whatever was available from the non-production machines, set up the RAID 5 array and route it through the router and firewall, as we needed to bring this Dev server online to allow clients to monitor the work. I had no idea what any of this meant, but I was expected to learn it that day because the next day I would be commencing with the task.

Astonishingly, I managed to set up the server and everything worked great! I got a pat on the back and the boss offered me a 4 day weekend with pay to get some R&R. I decided to take the time to go camping. I let him know I would be out of town and possibly unreachable because of cell service, to which he said no problem.

Tuesday afternoon I walked into work and noticed two of the field techs messing with the Dev server I built. One was holding a drive while the other was holding a clipboard. I was immediately called into the boss's office.

He told me the drives on the production server failed during the weekend, resulting in the loss of the data. He then asked me where I got the drives from for the Dev server upgrade. I told him that they came from one of the inactive systems on the shelf. What he told me next through the deafening screams rendered me speechless.

I had gutted the drives from our backup server that was just set up the week prior. Every Friday at midnight, it would turn on through a remote power switch on a schedule, then the system would boot and proceed to copy over the production server's files into an archive for that night and shutdown when it completed. Well, that last Friday night/Saturday morning, the machine kicked on, but guess what didn't happen? The files weren't copied. Not only were they not copied, but the existing files that got backed up previously we're gone. Why? Because I wiped those drives when I put them into the Dev server.

I would up quitting because the conversation was very hostile and I couldn't deal with it. The next week, I was served with a suit for damages to this company. Long story short, the employer was found in the wrong from emails I saved of him giving me the task and not once stating that machine was excluded in the inactive machines I could salvage drives from. The company sued me because they were being sued by a client, whose entire company presence was hosted by us and we lost the data. In total just shy of 1TB of data was lost, all because of my mistake. The company filed for bankruptcy as a result of the lawsuit against them and someone bought the company name and location, putting my boss and its employees out of a job.

If there's one lesson I have learned that I take with the utmost respect to even this day, it's this: Know your infrastructure front to back before you change it, especially when it comes to data.

In a user-interface design meeting over a regulatory compliance implementation:
User: “We’ll need to input a city.”
Dev: “Should we validate that city against the state, zip code, and country?”
User: “You are going to make me enter all that data? Ugh…then make it a drop-down. I select the city and the state, zip code auto-fill. I don’t want to make a mistake typing any of that data in.”
Me: “I don’t think a drop-down of every city in the US is feasible.”
Manage: “Why? There cannot be that many. Drop-down is fine. What about the button? We have a few icons to choose from…”
Me: “Uh..yea…there are thousands of cities in the US. Way too much data to for anyone to realistically scroll through”
Dev: “They won’t have to scroll, I’ll filter the list when they start typing.”
Me: “That’s not really the issue and if they are typing the city anyway, just let them type it in.”
User: “What if I mistype Ch1cago? We could inadvertently be out of compliance. The system should never open the company up for federal lawsuits”
Me: “If we’re hiring individuals responsible for legal compliance who can’t spell Chicago, we should be sued by the federal government. We should validate the data the best we can, but it is ultimately your department’s responsibility for data accuracy.”
Manager: “Now now…it’s all our responsibility. What is wrong with a few thousand item drop-down?”
Me: “Um, memory, network bandwidth, database storage, who maintains this list of cities? A lot of time and resources could be saved by simply paying attention.”
Manager: “Memory? Well, memory is cheap. If the workstation needs more memory, we’ll add more”
Dev: “Creating a drop-down is easy and selecting thousands of rows from the database should be fast enough. If the selection is slow, I’ll put it in a thread.”
DBA: “Table won’t be that big and won’t take up much disk space. We’ll need to setup stored procedures, and data import jobs from somewhere to maintain the data. New cities, name changes, ect. ”
Manager: “And if the network starts becoming too slow, we’ll have the Networking dept. open up the valves.”
Me: “Am I the only one seeing all the moving parts we’re introducing just to keep someone from misspelling ‘Chicago’? I’ll admit I’m wrong or maybe I’m not looking at the problem correctly. The point of redesigning the compliance system is to make it simpler, not more complex.”
Manager: “I’m missing the point to why we’re still talking about this. Decision has been made. Drop-down of all cities in the US. Moving on to the button’s icon ..”
Me: “Where is the list of cities going to come from?”
<few seconds of silence>
Dev: “Post office I guess.”
Me: “You guess?…OK…Who is going to manage this list of cities? The manager responsible for regulations?”
User: “Thousands of cities? Oh no …no one is our area has time for that. The system should do it”
Me: “OK, the system. That falls on the DBA. Are you going to be responsible for keeping the data accurate? What is going to audit the cities to make sure the names are properly named and associated with the correct state?”
DBA: “Uh..I don’t know…um…I can set up a job to run every night”
Me: “A job to do what? Validate the data against what?”
Manager: “Do you have a point? No one said it would be easy and all of those details can be answered later.”
Me: “Almost done, and this should be easy. How many cities do we currently have to maintain compliance?”
User: “Maybe 4 or 5. Not many. Regulations are mostly on a state level.”
Me: “When was the last time we created a new city compliance?”
User: “Maybe, 8 years ago. It was before I started.”
Me: “So we’re creating all this complexity for data that, realistically, probably won’t ever change?”
User: “Oh crap, you’re right. What the hell was I thinking…Scratch the drop-down idea. I doubt we’re have a new city regulation anytime soon and how hard is it to type in a city?”
Manager: “OK, are we done wasting everyone’s time on this? No drop-down of cities...next …Let’s get back to the button’s icon …”

Simplicity 1, complexity 0.

Summing up many ridiculous meetings I've been in.

Many years ago we hired someone for HR that came from a large fortune 500 company, really big deal at the time.

Over the next 6 months, she scheduled weekly to bi-weekly, 1 to 2 hour meetings with *everyone* throughout the day. Meeting topics included 'How to better yourself', 'Trust the winner inside you'...you get the idea.

One 2-hour meeting involved taking a personality test. Her big plan was to force everyone to take the test, and weed out anyone who didn't fit the 'company culture'. Whatever that meant.

Knowing the game being played, several of us answered in the most introverted, border-line sociopath, 'leave me the frack alone!' way we could.

When she got the test results back, she called an 'emergency' meeting with all the devs and the VP of IS, deeply concerned about our fit in the company.

HR: "These tests results were very disturbing, but don't worry, none of you are being fired today. Together, we can work as team to bring you up to our standards. Any questions before we begin?"
Me: "Not a question, just a comment about the ABC personality test you used."
<she was a bit shocked I knew the name of the test because it was anonymized on the site and written portion>
Me: "That test was discredited 5 years ago and a few company's sued because the test could be used to discriminate against a certain demographic. It is still used in psychology, but along with other personality tests. The test is not a one-size-fits-all."

VP, in the front row, looked back at me, then at her.
HR: "Well....um...uh...um...We're not using the test that way. No one is getting fired."
DevA: "Then why are we here?"
DevB:"What was the point of the test? I don't understand?"
HR: "No, no...you don't understand...that wasn't the point at all, I'm sorry, this is getting blown out of proportion."
VP: "What is getting blown out of proportion? Now I'm confused. I think we all need some cooling off. Guys, head back to the office and let me figure out the next course of action."

She was fired about two weeks later. Any/all documentation relating to the tests were deleted from the server.

I was supporting a legacy CRM app which front end used Visual Basic 6 and almost the entire business logic was written on SQL store procedures.

A "feature" of the product was the open code, anyone with admin access could modify forms, code and store procedures.

We also sold "official" (and expensive) consulting services to modify the code.

A long time customer owned this thing and it was heavily customized. They had hired us to change something, hired a third party to make other changes and decided to modify some stuff themselves because, why not?

Suddenly they came to product support asking to fix a bug. The problem happened on a non customized form.

After reviewing, I realized the form used several of the modified store procedures in the business layer. I tried saying we don't support custom code but my boss was being pushed and said "look into it"

All 3 parties denied responsibility and said their changes were NOT the problem (of course). Neither of them commented or documented their changes.

The customer started to threaten to sue us.

I spent 5 full days following every field on the form through the nested and recurrent SQL store procedures and turns out it was a very simple error. A failed insert statement.

I was puzzled of why the thing didn't throw any error even while debugging. Turns out in SQL 2003 (this was a while ago) someone used a print line statement and SQL stopped throwing errors to the console. I can only assume "printing" in SQL empties the buffered error which would be shown in the console.

I removed the print statement and the error showed up, we fixed it and didn't get sued
:)

I promised a friend to have a look over his dads website to add a small blog. No big deal, I've got it on my drive, can reuse it just need to adapt it to the environment.

I take a look at what I'm working with and I see the most terrifying piece of "Please, take my data" code I could possibly imagine (And I've seen passwords, in plain text in a script tag). I quote "function queryDB(mode, val) {
var query=" ";
if(mode==="findProd")
query="Select * from Products where ProdNam=" +val;
... (same shit for different cases)
sendQuery(query) ;
}

He literally built the query on the client side sent it to a php script (without validation) and inserted it into the database.
You could literally call window.sendQuery with any sql query and get the result printed into the console.
And other than the plain text passwords guy that wasn't some kid someone knew, this was a "Webdesign" Agency.
Now I took the entire thing offline, called my friends dad, explained it to him and try to sort this out. I would not charge a good friends father but that hack will get a quite hefty bill since my hourly rate just tripled.

And the worst thing : If I publicly name that asshole or warn the people in his portfolio I can, according to Google, be sued. (But, and I assume thats vague enough not to count as bad mouthing, if anyone of you has a customer from Rheinland-Pfalz, Germany with a preexisting page, please have a look at the database interface)
I will call that agency tomorrow, ask for a detailed explanation for why they apparently let trained monkeys write their code and anonymously warn everyone in their portfolio about those flaws...

I don't know if I'm cursed or if there are just that many bad devs but it seems that once a year I have to stumble over some "mistakes" that make me question my sanity.

Ordered something techy from the US and A, because it looked like what I wanted, smelled like what I wanted, and I thought it'll taste like what I wanted.

It arrived today and ooooohhh boy was I wrong.

It's kind of like if you won a car.

But you have no drivers license.
And it is so futuristic, it runs on unicorn piss.
Good luck getting that anywhere.

Another tech-brick on the wall.

Well i could write some tech publications to give them a chance to cover it in depth first, since everyone else will be gaged by NDAS until like q2 2019.

Naaaa, I probably wouldn't even respond to myself if I wrote.

"Nice try kiddo, did hell freeze over?"