Which asshole designer and stupid website owners decide to embed 110 trackers on a single page!!
I mean sure some ads add their own trackers....but THIS is beyond shit
R.I.P Privacy

Google sucks!
No, not as e-mail or for privacy reasons. Sure, that too, but it comes with "free" stuff.

It sucks because it's breaking every possible record in the worst, shittiest, most insanely stupid APIs and integrations out there on the entire fucking planet!

It is comically stupid!

Aside from their LOVE of hard-deprecating APIs every few months, requiring constant, time consuming maintenance of every tool that integrates deeply with Google services, some of their APIs, for expensive stuff, look like they've been written by Bobby McFartface from 7th grade.

Take a look at DoubleClick Search (their ad performance reporting tool, that sure does sound like one). To upload custom, additional data, you must pass in a ton of parameter, and they REQUIRE some of them to have a specific, hardcoded value. What's the point in passing that parameter then you dickheads?!
But fine, so you uploaded some stuff using the API. Now you want to delete everything and try again after you fixed a bug - well you fucking CAN'T! You can't delete stuff, you can only mark them as "deleted" using an update call.
Bulk operations? Fuck no!
Can I just add on top? Well of course not! That will raise a ton of exceptions. Same message should be transmitted using the PUT, not POST request, in order to edit.
Can I send everything to PUT? Of course not! You can't edit something that's not there, dummy!

Can I see what's there so that I can update it, and add what's missing?
Well of course not! Why on Earth would you need to see what information is in there after you uploaded it? Who needs that anyway?

Simply send, pray, and hope that everything will be fine (it will not).

Like holy fucking crap, it can't get any more stupid!
Google is a huge pile of idiots who feed on only a single cow - the search engine.

It's times like these when I think that Google right now is the worst thing that exists for everyone in tech. It's dragging everyone down with their monopolies everywhere and complete idiocy in managing them.

Omg, when does the Stupid stop? New Zealand just passed a law that empowers immigration officials to compel travellers to unlock their devices. Otherwise, you pay a hefty fine. They are also allowed to copy the data and do God knows what with.

The horrible invasion of privacy aside, it also brings with it some legal hurdles. What if you are making a presentation or report to an investor or someone you have a fiduciary obligation with. You are carrying IP bound by several NDA's and other funding red tape that would end your life if it got out. Are you in breach if the data gets copied by the gov officials? Worse yet you have zero control over what they do afterwards.

I don't think any of this inspires investor confidence.

Government needs to stop touching things!

Finally deleted WhatsApp!

Paranoid Developers - It's a long one
Backstory: I was a freelance web developer when I managed to land a place on a cyber security program with who I consider to be the world leaders in the field (details deliberately withheld; who's paranoid now?). Other than the basic security practices of web dev, my experience with Cyber was limited to the OU introduction course, so I was wholly unprepared for the level of, occasionally hysterical, paranoia that my fellow cohort seemed to perpetually live in. The following is a collection of stories from several of these people, because if I only wrote about one they would accuse me of providing too much data allowing an attacker to aggregate and steal their identity. They do use devrant so if you're reading this, know that I love you and that something is wrong with you.

That time when...

He wrote a social media network with end-to-end encryption before it was cool.

He wrote custom 64kb encryption for his academic HDD.

He removed the 3 HDD from his desktop and stored them in a safe, whenever he left the house.

He set up a pfsense virtualbox with a firewall policy to block the port the student monitoring software used (effectively rendering it useless and definitely in breach of the IT policy).

He used only hashes of passwords as passwords (which isn't actually good).

He kept a drill on the desk ready to destroy his HDD at a moments notice.

He started developing a device to drill through his HDD when he pushed a button. May or may not have finished it.

He set up a new email account for each individual online service.

He hosted a website from his own home server so he didn't have to host the files elsewhere (which is just awful for home network security).

He unplugged the home router and began scanning his devices and manually searching through the process list when his music stopped playing on the laptop several times (turns out he had a wobbly spacebar and the shaking washing machine provided enough jittering for a button press).

He brought his own privacy screen to work (remember, this is a security place, with like background checks and all sorts).

He gave his C programming coursework (a simple messaging program) 2048 bit encryption, which was not required.

He wrote a custom encryption for his other C programming coursework as well as writing out the enigma encryption because there was no library, again not required.

He bought a burner phone to visit the capital city.

He bought a burner phone whenever he left his hometown come to think of it.

He bought a smartphone online, wiped it and installed new firmware (it was Chinese; I'm not saying anything about the Chinese, you're the one thinking it).

He bought a smartphone and installed Kali Linux NetHunter so he could test WiFi networks he connected to before using them on his personal device.

(You might be noticing it's all he's. Maybe it is, maybe it isn't).

He ate a sim card.

He brought a balaclava to pentesting training (it was pretty meme).

He printed out his source code as a manual read-only method.

He made a rule on his academic email to block incoming mail from the academic body (to be fair this is a good spam policy).

He withdraws money from a different cashpoint everytime to avoid patterns in his behaviour (the irony).

He reported someone for hacking the centre's network when they built their own website for practice using XAMMP.

I'm going to stop there. I could tell you so many more stories about these guys, some about them being paranoid and some about the stupid antics Cyber Security and Information Assurance students get up to. Well done for making it this far. Hope you enjoyed it.

Um.. yea I've published a GDPR contact email on our website, for issues about our privacy policy. Not sure if you Chinese marketing fucks behind the GFW know what this regulation is about though. I'm not interested in your stupid moulds.
Perhaps that firewall of China could use some further tightening... 😒

I just had to print out some bills for a colleague.
Nothing too bad you say?

Well.. She doesn't seem to care about security or privacy at all.
I opened the website of her email provider at my computer and moved away from the keyboard, so she could log in.
But instead she told me her email and password... In an office with some other colleagues... Multiple times and wrote it onto a piece of paper that the later left on my table.
After that I should look through her inbox to find the bills.
(Yup, I know a lot more about her now)
After finding and printing out her bills, she just thanked me and walked out of the office, because hey, why should I log out of her account?

It's nice that she trusts me... But that was a bit too much...

So we send a quote out to a client to update his website to make it compliant with the new privacy guidelines: SSL encryption, removing external libraries, removing Facebook Plug-ins, all that stuff. We didn't get a response.

On Monday, he called in a panic. "The website does not work, fix immediately!"

I check out the server, what do I see? An SSL cert installed the Friday before... Client decided to do it himself, on a Friday, without testing. He broke something, but cannot tell me exactly what he did.

And somehow he thinks all that is my fault :D

One of the things I have no fucking patience for is bureaucracy. For the last year I've been working for a company I have no problem with, I like the place and I like the people here. Recently I was contacted by another company and offered a better salary to work for them. I was open about it with my boss and we both accorded that I will receive the same salary to stay (It was ok to me since I feel comfortable here), but in order to do that I'll have to sign a new contract. Ok, no big deal. Few days later a HR girl contacts me to send her all the documentation needed to elaborate a contract, and I was like 'You guys already have all my documents, been working here for a year'. But Ok, I tried not to be picky and just sent her everything again. Then she requests online psychometric tests, sends a shitload of formats to fill, like personal references, their company-custom resume format, privacy policies, and many more stupid and irrellevant paperwork nobody should need when a person has been working for you for a year and you want him to stay. I really tried to be patient and do everything the HR girl wanted me to do, but for one reason or other, she kept rejecting the formats I was sending (I had to download, print, sign, scan and resend many of them). We've been wrestling for an entire fucking week over this shit via email and she can't just write a new contract, make me sign it and leave me the fuck alone. The last thing she compained about was a stupid personal reference format I didnt scan with my signature on. This other company wants me to start next monday. I guess the next document I'll be sending her will be my resignation letter.

FUCK!
After submitting a registration form I noticed the site is served over plain HTTP. Their marketing site is served encrypted, but login and register are not! What the fuck!!!

Fuck everyone who does this stupid fucking shit with disregard to basic security features! Their goddamn bullshit privacy policy is bragging about how it's top priority to protect their customers' information and shit like that. Get the fuck out, cunts!!

I contacted them so I might have a continuation to this rant if I'm not satisfied with their answers.

Goddamn it!

My org (of which i'm basically CTO) has this administrative tool that a team uses to combat spam and scams, which is quite the problem for us.. the tool was written like 9 years ago, by my predecessor, very quick & dirty and unaesthetic and without input from those who would use it as far as interface or UX... it got modded a little a few years later by a kind of amateur coder who was at the time on the spam control team, and now there's this new maybe slightly less amateur coder guy on the team who has written this amateur tool that scrapes data off our site and massages it and stores it on his own server and then provides a better interface, or so they say.... this is all because for a couple of years people didnt want to "bother me" with a request to improve our internal tool, they thought I was "too busy" doing other things... so instead this outsider has built this stupid thing that lives on his own personal server and so now we have these problems to do with performance, security, privacy for user info, etc etc... someone please shoot me....

I am SOOO fucking sick of being asked if our website and gaming servers are going to be GDPR compliant. All these game owners in a panic changing everything they do just to conform to this law.

Fuck GDPR. In all reality COME AT ME BITCH. The EU wants to grow a pair of balls and act like the world internet police? Bring it the FUCK on. You can't even stop pirating in your own country, so how the FUCK are you going to regulate and enforce this law on HUNDREDS of THOUSANDS of servers, when your punk ass government can't even shutdown a single torrenting website.

Give me a fucking break, and shame on you pussies for allowing it. All you people running around scared acting like your private gaming servers are important. I give a shit less how much work you put into your server. I have put more work than most anyone else, but you don't see me trying to act self important as if my gaming server is some fortune 500 company.

Your server isn't important and neither are you. The government doesn't give a shit about your server so can we all just stop acting like this fucking matters. NO ONE FUCKING CARES ABOUT YOUR SERVER.

NO ONE is going to come and sue you for not complying. GDPR is for business, and anyone that wants to argue no look it says right here it applies to all is a fucking MORON. Do you idiots stop and think or do you just believe everything typed out on paper.

THEY CANT ENFORCE THIS ON EVERYONE. They don't have the resources. So use your fucking heads and stop being so fucking scared of a law that has no resources to stop you. THEY CAN"T DO ANYTHING. EU and whoever made their polices, I DARE them to try and touch my server, I WANT them to start something with me, just so I can show the rest of the world why the Internet is still the wild west and why they have no power over me.

You think pirate bay is the only one who knows how to hide their server? You think pirate bay is the only one who keeps backups of their server to be able to re release in an instant somewhere else in the world? Bitch get real this is the internet, a place where a 5 year old can buy hand grenades from the Red Silk Road, and you wanna talk to me about your privacy? Go fuck yourself.

It's not my problem some douche bag went onto a site that used his personal information in the wrong manner. So how about you do what everyone else does and browse ANONYMOUSLY. But no it would be to easy for governments to make their own citizens responsible. Instead they have to hold all of YOUR hands, because you people are to stupid to protect yourself.

Wake the fuck up world, and stop being a bunch of whining little brats who cry for the government to bubble wrap your world so you can live safer. Natural selection is long overdue for a lot of morons still breathing air.

Imagine a web way ahead of our time where its size goes beyond our imagination...

This is my first rant, and I'll cut to the chase! I don't like how web currently stands. Here's what makes me angry the most altough I know there's a myriad of solutions or workarounds:

- A gazillion credentials/accounts/services in your lifetime.

- Everyone tries to reinvent the wheel.

- There's no single source of truth.

- Why the fuck there's so much design in a vision that started as a network of documents? Why is it that we need to spend time and energy to absorb the page design before we can read what we are after?

- What's up with the JS front end frameworks?! MB's of code I need to download on every page I visit and the worse is the evaluation/parsing of it. Talk about acessibility and the energy bills. I don't freaking need a SPA just give a 20-50ms page load and I'm good to go!

- I understand that there's a whole market based on it but do we really need all that developer tools and services?

- Where's our privacy by the way? Why the fuck do I need ads? Can't I have a clue about what I wan't to buy?

Sticking with this points for now... Got plenty more to discuss though.

What I would like to see:

A unique account where i can subscribe services/forums/whatever. No credentials. Credentials should be on your hardware or OS. Desktop Browser and mobile versions sync everything seemlesly. Something like OpenID.

Each person has his account and a profile associated where I share only what I want with whom I want when I want to.

Sharing stuff individually with someone is easy and secure.

There's no more email system like we know. Email should be just email like it started to be. Why the hell are we allowing companies to send us so much freaking "look at me now, we are awesome", "hey hey buy from me".. Here's an idea, only humans should send emails. Any new email address that sends you an email automatically requests your "permission" to communicate with you. Like a friend request.

Oh by the way did I tell you that static mail is too old for us? What we need is dynamic email. Editing documents on the fly, together, realtime, on the freaking email. Better than mail, slack and google docs combined.

In order for that to work reasonably well, the individual "letter" communication would have to be revamped in a new modern approach.

What about the single source of truth I talked about? Well heres what we should do. Wikipedia (community) and Larry Page (concept) gave us tremendous help. We just need to do better now.

Take the spirit of wikipedia and the discoverability that a good search engine provides us and amp that to a bigger scale. A global encyclopedia about everything known to mankind. Content could be curated from us all just like a true a network.

In this new web, new browser or whatever needed to make this happen I could save whatever I want, notes, files, pictures... and have it as I left it from device to device.

Oh please make web simple again, not easy just simple and bigger.

I'm not old by the way and I don't see a problem with being older btw.

Those are just my stupid rants and ideas. They are worth nothing. What I know for sure is that I'll do something about or fail trying to.

Oh my dear internet,

FUCK THIS FUCKING SHIT
I AM SICK AND TIRED OF IT, WHO BUILT THIS HACKED TOGETHER ORWELLIAN SWAMP PIT?

Fuck the same fucking Envato template on every content page with 70 layers of sidebars, inline ads, popups, cookies and content shifting as if I was playing CATCH UP WITH YOUR FUCKING CONTENT.

FUCK the same fucking annual upselling 'plans' on every 7-day trial overengineered scam app that requires me to sign up for 1 fucking, falsely advertised task where my fucking password generator doesn't even recognize the input as a password field so I have to cmd+, to my FUCKING BABYLONIAN PASSWORD ARCHIVES PROMPTING ME FOR THE MASTER PASSWORD.
Thank god I can at least CREATE A BURNER CREDIT CARD THAT FREEZES ITSELF BECAUSE I CANNOT BE BOTHERED TO UNSUBSCRIBE FROM YOUR FUCKING STEAMING CRAP.

FUCK every fucking step I take being recorded by our CYBERPUNK OVERLORDS REQUIRING ME to sign up for 5 different fucking privacy protection tools' annual plan or duct tape some open source shit onto my browser just for some BASIC PRIVACY WHILE TRYING TO NAVIGATE ALL THE OTHER 5000 annuals plan naval mines like A FUCKING FRENCH SUBMARINE IN 1940 GERMAN WATERS.

FUCK my walled garden scam ecosystem not being compatible with your walled garden scam ecosystem prompting me to reactivate my old SATANIC GOOGLE DON'T BE EVIL ACCOUNT from 2012 sending me on a DANTE ALIGHIERI STYLE ODYSSEY THROUGH THE 9 LAYERS OF PASSWORD RESET QUESTIONS, UNEXPECTED ERROR, 2FA MY PHONE DIED HELL to come out on the other side as a broken man.

Thank GOD I have your useless SUPPORT PAGE to aid with my signup problems that is actually just an FAQ with a hidden EASTER EGG HUNT for your support form CRISP AI BOT THAT IS ALSO 'currently experiencing high demand due to COVID' which is peculiar since that has been 3 years ago, but fortunately for you enabled you to fire ALL YOUR SUPPORT STAFF AND REPLACE IT WITH THIS BANNER.

I might as well just SCRAPE your fucking content, it'd be faster.

And although it is quite funny, FUCK THIS PAGE TOO for having me create another of 10.000 accounts to write this shit, where my browser firmly placed a newly created burner email into the PASSWORD FIELD.

I do not know how we managed to create something that is even more unwieldy than 56k DIAL-UPS, but I know that if this shit continues I'll have to train my own AGI to proudly interact with of all this STUPID SHIT on my behalf or I'll have to move into THE FUCKING MOUNTAINS AND LIVE WITH THE DEER.

These days i like to think of our data privacy as that of an amazon package delivery between person A to B

- Person A wants a packet of condoms and guns, but don't want society to know about it
- person B wants to send guns and condoms to B
- Amazon is willing to provide transportation with a pinky promise that it won't tell anyone about the delivery.
- Thus B gives the condoms and guns to Amazon wrapped up in hard box hoping that Amazon or anybody else won't open it. Similarly A receives the packet hoping that nobody else got to know about it.

But the problem is a LOT of people could possibly know of the contents, even if A or B aren't willing to share details
- Amazon can look into it.
- government can stop the amazon car transporting the packet and force them to look into it.
- some 3rd person(aka hacker) could fool the delivery truck and get access to packet contents.

=======================================
and this morning, my neighbour, A very radical hindu supporter, frustrated by the recent tablighi jamaat fuck-up , gave a very strange statement "you know in future, the government would pass a law which will allow them to hear these ppl's calls /whatsapp messages. This will allow government to detect and take actions on every of these anti-national scums"

I wanted to say WHAT THE FUCK ARE YOU HOPING FOR, BOOMER? THAT'S CENSORSHIP!! but i couldn't say because his illiterate vision is no longer a hope, i can see it becoming reality.

Personally i am equally angry with that whole incident and how that community handled it. But how can anyone ask for censorship, just because a few elements misused it? The problem lies with thise elements and people who support their thoughts not the whole community or the communication medium.

From what i have heard in the recent US and indian law news, they are essentially trying to peek into the data we send to each other legally.

So going by the package delivery analogy, its like government now wants to have every amazon delivery happen in transparent boxes in a transparent truck, just because a few people ordered illegal items via amazon delivery.

This world is going crazy and stupid.

Testing is important. Like when you test your server program that forks another program in the privacy of your home, only to discover you put the child code where the parent code should have gone and vice-versa.
You and your wife can have a laugh about it, instead of getting reamed out by the client or your boss for fork-bombing the server.
Sucks because it's still a stupid mistake, but at least I managed to minimize the amount of shit that would have otherwise landed on me.

Why the fuck is everyone behind this whole privacy thing . I mean what did you expect , servers do cost... you know . No one wants to provide you a service to chat with your shit collecting butler in the adjacent room unless it's going to benefit them .

Stick your face on the internet and want people to date you ?

Understand that your virtual social needs need to be supported by a ridiculous amount of electricity and man power which wouldn't be required if you could just throw out your rotting willie nilles in the open .

All this isn't fucking free .. wait were you shocked ? Oh so you just thought there were a few thousand servers powering buckets of pictures of horse poop that you for some reason thought your girlfriend was interested in . NO!

IT'S PRIVACY you are paying with your gaddamn privacy !! Information pays just like the time you paid a 100 bucks to the boyfriend of your girlfriend to find out more details .

Ridiculous . You people don't like ads . You don't like paying . You don't like providing information . THEN DON'T USE THE DAMN INTERNET .

IF YOU'RE REALLY THAT CONCERNED ABOUT YOUR PRIVACY THEN SPEND SOME VALUABLE TIME TO ACQUIRE ENOUGH OF A SKILLSET TO SETUP A VPN AND STOP POSTING YOUR PHONE NUMBER ON YOUR EX'S WALL ASKING HER TO CALL YOU.

One more honest thing to rant about is ads . As much as you hate them they're an easy way out . I'm not sure why a 20 second ad would bother you on mobile and not on television and I'm not sure why you wouldn't buy the ad company and shut it down if 20 seconds were so costly to you .

I want to rant even more on uninstalling services like Windows and Google for stupid reasons but I'll take a break here . My frustration has touched low levels.

This is not a rant. Not really. It's more expressing my own insecurity with a certain topic, which somehow upsets me sometimes (the insecurity, not the topic though).

I have nearly no knowledge about security/privacy stuff. I mean, yeah, I know how to choose secure passwords and don't make stupid DAU mistakes. The very basics you would expect someone to have after a CS bachelor's degree.
But other than that... Nothing. And I would like to get a bit into that stuff, but I have no clue where to start. First getting my head wrapped around low-level stuff like network layers? Or something completely else.
This topic is so intimidating to me as it seems huge, I have no idea where to start, and I feel that if you don't have "full" knowledge, you are going to make mistakes which you might not even notice.

I sometimes get really scared about having an account hijacked or similar. Also in our job it seems to become more and more of a topic we should know about.

Anybody got any advice?
I am looking for a way to improve my knowledge in security in general for professional reasons and my knowledge about privacy for private reasons.
It's just, every time I start reading something related it seems that I am lacking some other knowledge etc...

Fuck external stake holders, like politicians, those know-nothings, that pump their ego by finding multiple "issues" with our software like how we display the privacy data agreement and impose their stupid fucking nonsense rules on our software. Even if it is not part in any official law or GDPR
So there is the request that one needs to scroll down the whole data privacy crap nobody reads until you can press "Continue" and we *have* to implement that shit. Although it is completely out of line with Apple's usual installer handling. Nobody will understand it. It cripples the workflow.
But some Mr. Important demanded it, as if he is protecting users with this and makes a great contribution to the data privacy in our country. Yeah! And guy is so high up, unreachable for us through all the layers of other people, leaving us no time and means to dissuade this shitty request. If all your 'ideas' are so great you should not be allowed to do jack shit.

I can't wait for the release of Snips Air sometime in 2019 so that I can stop using my Google home. It's not even the privacy concern that bugs me, it's the stupid shit like alarm management. To preface, I've had a Google home since late last year and since I got it the alarms have been nothing but trouble. More than half the time when I ask it when my next alarm is, it will respond with "You have an alarm for Friday at 7pm that is going off right now" (At the time of this response it was Tuesday). Then snoozing sometimes just doesn't work, I told it to snooze for 10 minutes, it worked just fine. Then today I made the mistake of asking it to snooze a second time which responded with "Sure, snoozing for 5 minutes", I wake up 45 minutes later, and ask "Hey Google, when's my next alarm?", it responds "You have an alarm today for 7:00 snoozed until 7:15". I have an exam today so luckily I didn't sleep in too late but againg this isn't the first occurence. To prevent this I normally just have a backup alarm on my phone and the one on my phone will wake me up in case something happens. On top of that though I've had rarer cases where it will delete all my alarms and I'll have to go command by command reminding of each alarm. That's just alarms though, I also have it control several IoT devices, and me having to use IFTTT requires the utmost precision in my phrasing otherwise it won't understand ( although this issue is mainly due to how the assistant service trigger on IFTTT is configured ). It still does much better than Siri ( at least my home can set alarms unlike my mac ), I have yet to try Alexa though. Of course my last problem is the hotword, saying "Hey Google" is much better than "Ok Google" but it's still excessive when I have to repeat it for each individual command. This is why I'm so excited for snips air, a set of devices that look pretty great, hackable, and as a bonus much more private that the current options. I realize that I could get a dev kit or set up snips on a pi but the dev kit isn't exactly visually appealing and I doubt I could get something that looks or functions half decent on the pi.

Ram drives are a very good and useful thing why has no one made a nice ram drive caddy using laptop ram, the speeds on the older ram and drives out do any drive on the market and the unit is not a lot to make, I happy to put some old DDR 2 ram a new life as a USB ram drive using as a page or swop drive or Live CD Drive.

Or am I missing something and they really hiding somewhere, the ram drives I seen are stupid price and offer functions we don't need or aimed at big server companies but this would really help privacy, or better still anyone know if we can make some kind of ram drive with maybe a maker board and laptop ram ?