manager: we need to design an admin system for a veterinary centre

dev: ok, this is it, remember your training

class Dog extends Animal {}

Finally did it. Quit my job.

The full story:
Just came back from vacation to find out that pretty much all the work I put at place has been either destroyed by "temporary fixes" or wiped clean in favour of buggy older versions. The reason, and this is a direct quote "Ari left the code riddled with bugs prior to leaving".

Oh no. Oh no I did not you fucker.

Some background:

My boss wrote a piece of major software with another coder (over the course of month and a balf). This software was very fragile as its intention was to demo specific features we want to adopt for a version 2 of it.

I was then handed over this software (which was vanilajs with angular) and was told to "clean it up" introduce a typing system, introduce a build system, add webpack for better module and dependency management, learn cordova (because its essential and I had no idea of how it works). As well as fix the billion of issues with data storage in the software. Add a webgui and setup multiple databses for data exports from the app. Ensure that transmission of the data is clean and valid.

What else. This software had ZERO documentation. And I had to sit my boss for a solid 3hrs plus some occasional questions as I was developing to get a clear idea of whats going on.

Took a bit over 3 weeks. But I had the damn thing ported over. Cleaned up. And partially documented.

During this period, I was suppose to work with another 2 other coders "my team". But they were always pulled into other things by my Boss.

During this period, I kept asking for code reviews (as I was handling a very large code base on my own).

During this period, I was asking for help from my boss to make sure that the visual aspect of the software meets the requirements (there are LOTS of windows, screens, panels etc, which I just could not possibly get to checking on my own).

At the end of this period. I went on vacation (booked by my brothers for my bday <3 ).

I come back. My work is null. The Boss only looked at it on the friday night leading up to my return. And decided to go back to v1 and fix whatever he didnt like there.

So this guy calls me. Calls me on a friggin SUNDAY. I like just got off the plane. Was heading to dinner with my family.
He and another coder have basically nuked my work. And in an extremely hacky way tied some things together to sort of work. Moreever, the webguis that I setup for the database viewing. They were EDITED ON THE PRODUCTION SERVER without git tracking!!

So monday. I get bombarded with over 20 emails. Claiming that I left things in an usuable state with no documentation. As well as I get yelled at by my boss for introducing "unnecessary complicated shit".

For fuck sakes. I was the one to bring the word documentation into the vocabulary of this company. There are literally ZERO documentated projects here. While all of mine are at least partially documented (due to lack of time).

For fuck sakes, during my time here I have been basically begging to pull the coder who made the admin views for our software and clean up some of the views so that no one will ever have to touch any database directly.

To say this story is the only reason I am done is so not true.

I dedicated over a year to this company. During this time I saw aspects of this behaviour attacking other coders as well as me. But never to this level.

I am so friggin happy that I quit. Never gonna look back.

My mom died when I was 7, after which my dad bought me a Commodore 64 so I had something to lose myself in during the mourning process.

I learned everything about that system, from my first GOTO statement to sprite buffers, to soldering my own EPROM cartridges. My dad didn't deal with the loss so well, and became a missing person 5 years later when I was 12.

I got into foster care with a bunch of strict religious cultists who wouldn't allow electronics in the house.

So I ran away at 14, sub-rented a closet in a student apartment using my orphan benefits and bought a secondhand IBM computer. I spent about 16 hours a day learning about BSD and Linux, C, C++, Fortran, ADA, Haskell, Livescript and even more awful things like Visual Basic, ASP, Windows NT, and Active Directory.

I faked my ID (back then it was just a laminated sheet of paper), and got a job at 15-pretending-to-be-17 at one of the first ISPs in my country. I wrote the firmware and admin panel for their router, full of shitty CGI-bin ASP code and vulnerabilities.

That somehow got me into a job at Microsoft, building the MS Office language pack for my country, and as an official "conflict resolver" for their shitty version control system. Yes, they had fulltime people employed just to resolve VCS conflicts.

After that I worked at Arianespace (X-ray NDT, visualizing/tagging dicom scans, image recognition of faulty propellant tank welds), and after that I switched to biotech, first phytogenetics, then immunology, then pharmacokynetics.

In between I have grown & synthesized and sold large quantities of recreational drugs, taken care of some big felines, got a pilot license, taught IT at an elementary school, renovated a house, and procreated.

A lot of it was to prove myself to the world -- prove that a nearly-broke-orphan-high-school-dropout could succeed at life.

But hey, now I work for a "startup", so I guess I failed after all.

Today I discovered that we have a CSV export button for an order transaction system, on a page which is completely disconnected from the rest of the website.

It is only being called by an internal server, used by our Data department.

They run selenium to click the button.

Then they import the CSV into a database.

That database is accessed by an admin panel.

That admin panel has an excel export button.

Which is clicked by our CFO. But he got bored of clicking, so he uses IFTTT to schedule a download of the XLS and import it in Google Sheets.

That sheet uses a Salesforce data connector.

Marketing then sends email campaigns based on that Salesforce data...

😒

A wild Darwin Award nominee appears.

Background: Admins report that a legacy nightly update process isn't working. Ticket actually states problem is obviously in "the codes."

Scene: Meeting with about 20 people to triage the issue (blamestorming)

"Senior" Admin: "update process not working, the file is not present"
Moi: "which file?"
SAdmin: "file that is in ticket, EPN-1003"
Moi: "..." *grumbles, plans murder, opens ticket*
...
Moi: "The config dotfile is missing?"
SAdmin: "Yes, file no there. Can you fix?"
Moi: "Engineers don't have access to the production system. Please share your screen"
SAdmin: "ok"
*time passes, screen appears*
Moi: "ls the configuration dir"
SAdmin: *fails in bash* > ls

*computer prints*
> ls
_.legacyjobrc

Moi: *sees issues, blood pressure rises* "Please run list all long"
SAdmin: *fails in bash, again* > ls ?
Moi: *shakes* "ls -la"
SAdmin: *shonorable mention* > ls -la

*computer prints*
> ls -la
total 1300
drwxrwxrwx- 18 SAdmin {Today} -- _.legacyjobrc

Moi: "Why did you rename the config file?"
SAdmin: "Nothing changed"
Moi: "... are you sure?"
SAdmin: "No, changed nothing."
Moi: "Is the job running as your account for some reason?"
SAdmin: "No, job is root"
Moi: *shares screenshot of previous ls* This suggests your account was likely used to rename the dotfile, did you share your account with anyone?
SAdmin: "No, I rename file because could not see"
Moi: *heavy seething* so, just to make sure I understand, you renamed a dotfile because you couldn't see it in the terminal with ls?
SAdmin: "No, I rename file because it was not visible, now is visible"
Moi: "and then you filed a ticket because the application stopped working after you renamed the configuration file? You didn't think there might be a correlation between those two things?"
SAdmin: "yes, it no work"
Interjecting Director: "How did no one catch this? Why were there no checks, and why is there no user interface to configure this application? When I was writing applications I cared about quality"
Moi: *heavy seething*
IDjit: "Well? Anyone? How are we going to fix this"
Moi: "The administrative team will need to rename the file back to its original name"
IDjit: "can't the engineering team do this?!"
Moi: "We could, but it's corporate policy that we have no access to those environments"
IDjit: "Ok, what caused this issue in the first place? How did it get this way?!"

TFW you think you've hit the bottom of idiocy barrel, and the director says, "hold my mango lassi."

Do not continue reading if you value your life.

Visual fucking studio 2015 installation. MOTHERFUCKER !!!

OK new project will only work on VS2015. Need to download it. OK, go to MS website. Project works with community edition. Fucking great. Download the installer. Run the installer. MOTHERFUCKER DON'T OPEN THE FUCKING BROWSER TO THANK ME, YOU FUCKING FUCK. Ok...Wait to download the packages. One fucking eternity later download completes. FUCKING GREAT. Proceed to package installation. After two fucking hours installation progress bar stays the same. Google "vs 2015 installation stuck windows 7". MOTHERFUCKING BACKGROUND PROCESS IS FUCKING STUCK AND INSTALLATION DOES NOT CONTINUE. FUCK YOU. I'VE LOST TWO HOURS. OK, stop the process. Installation gets cancelled. Run the installer again. STOP THANKING ME YOU PIECE OF SHIT :@ OK, check again all downloaded packages. All good. Continue with installation. Installation completes. MOTHERFUCKER WHY YOU WANT TO RESTART THE WHOLE SYSTEM ? FUCK YOUR WINDOWS UPDATES. Ok, restart and be done with it. SSD to the rescue. Try to set up the project.

MOTHERFUCKER I DIDN'T INSTALL THE C++ PACKAGES. WTF WERE YOU DOING ALL THAT TIME? OK, run installer again and install C++ packages. I SWEAR TO GOD MICROSOFT, IF YOU THANK ME ONE MORE GODDAMN TIME, YOU'RE GETTING HATE MAIL.

Ok, installation completes. It's coding time. NO BITCH. VS2015 silently crashes after splash screen. :@@@ Google wtf is wrong again, turns out the C++ packages fuck shit up. Ok, pass some arguments to devenv.exe to reset. Restart VS. Ok, seems to be working now. Make a test project. Fucking awesome. Close VS and get the project files from perforce.

OK, files downloaded. Open VS again....

VS: "You're my bitch, you won't code today. Run from console and pass some shitty reset parameters"

YOU FUCKING FUCK. GO FUCK YOURSELF UP YOUR FUCKING ARSE. Ok, pass the parameters from console. Run again. Same "you're my bitch message" :@ OK, run with administrator rights, opens like charm. Run without admin rights again, "you're my bitch message". :@@@@@

Restart system, VS2015 finally opens project normally. Build project, 6934 errors.... :@ I'M DONE ! IM GOING BACK TO LINUX PROJECT. FUCK YOU ALL.

If you are a System admin and blocking Spotify for the devs know that you're a fucking asshole and karma is coming for you!

New guy at work doesn't have admin rights and the company wont install anything until Monday... He is going through the code in notepad to learn our system.

Job interview goes really well. Senior Dev 90-100k.

Ok, so for your "test" write up a proposal for a web based bulk email sending system with its own admin panel for building list, tracking emails, and with reporting.

I write up an estimate. Low ball the absolute fuck out of it because I'm trying to get a job. Know a few good libraries I can use to save some time. Figure I can just use sendmail, or PHPMailer, or NodeMailer for the emailing, and DataTables Editor for a simple admin CRUD with reporting. Write the thing up. Tell them they can have it in LAMP or Node.

Come in at 36 hours.

Then these fucking wanks told me they wanted me to actually do the project.

My exact response was:

"I bill $50 an hour, let me know"

They did not let me know.

Young devs, jobless devs, desperate devs. I've seen a fair amount of this. And for the right job I might go as high as maybe 4 - 6 hours of unpaid work for some "programming test". But please be careful. There are those who will try to exploit lack of experience or desperation for free work.

So our public transportation company started to sell tickets online with their brand new fancy​ system.

• You can buy tickets and passes for the price you want
• Passwords are in plaintext
• Communication is through HTTP
• Login state are checked before the password match so you can basically view who is online
• Email password reminders security code can be read from servers response

Oh and I almost forgot admin credentials are FUCKING admin/admin

Who in the fucking name of all gods can commit such idiocracy with a system that would be used by almost millions of people. I hope you will burn in programming hell. Or even worse...

I'm glad I'm having a car and don't have to use that security black hole.

A conversation with our network/system admin.

Me : Can I install linux on my computer, windows is slow and terrible.

Him : No, if you use anything but Windows in this company, you will be fired for bypassing our security protocols. Its written in your contract.

Me : *boots up my Macbook*

Worst thing you've seen another dev do? Long one, but has a happy ending.

Classic 'Dev deploys to production at 5:00PM on a Friday, and goes home.' story.

The web department was managed under the the Marketing department, so they were not required to adhere to any type of coding standards and for months we fought with them on logging. Pre-Splunk, we rolled our own logging/alerting solution and they hated being the #1 reason for phone calls/texts/emails every night.

Wanting to "get it done", 'Tony' decided to bypass the default logging and send himself an email if an exception occurred in his code.

At 5:00PM on a Friday, deploys, goes home.

Around 11:00AM on Sunday (a lot folks are still in church at this time), the VP of IS gets a call from the CEO (who does not go to church) about unable to log into his email. VP has to leave church..drive home and find out he cannot remote access the exchange server. He starts making other phone calls..forcing the entire networking department to drive in and get email back up (you can imagine not a group of happy people)

After some network-admin voodoo, by 12:00, they discover/fix the issue (know it was Tony's email that was the problem)

We find out Monday that not only did Tony deploy at 5:00 on a Friday, the deployment wasn't approved, had features no one asked for, wasn't checked into version control, and the exception during checkout cost the company over $50,000 in lost sales.

Was Tony fired? Noooo. The web is our cash cow and Tony was considered a top web developer (and he knew that), Tony decided to blame logging. While in the discovery meeting, Tony told the bosses that it wasn't his fault logging was so buggy and caused so many phone calls/texts/emails every night, if he had been trained properly, this problem could have been avoided.

Well, since I was responsible for logging, I was next in the hot seat.

For almost 30 minutes I listened to every terrible thing I had done to Tony ever since he started. I was a terrible mentor, I was mean, I was degrading, etc..etc.
Me: "Where is this coming from? I barely know Tony. We're not even in the same building. I met him once when he started, maybe saw him a couple of times in meetings."
Andrew: "Aren't you responsible for this logging fiasco?"
Me: "Good Lord no, why am I here?"
Andrew: "I'll rephrase so you'll understand, aren't you are responsible for the proper training of how developers log errors in their code? This disaster is clearly a consequence of your failure. What do you have to say for yourself?"
Me: "Nothing. Developers are responsible for their own choices. Tony made the choice to bypass our logging and send errors to himself, causing Exchange to lockup and losing sales."
Andrew: "A choice he made because he was not properly informed of the consequences? Again, that is a failure in the proper use of logging, and why you are here."
Me: "I'm done with this. Does John know I'm in here? How about you get John and you talk to him like that."
'John' was the department head at the time.
Andrew:"John, have you spoken to Tony?"
John: "Yes, and I'm very sorry and very disappointed. This won't happen again."
Me: "Um...What?"
John: "You know what. Did you even fucking talk to Tony? You just sit in your ivory tower and think your actions don't matter?"
Me: "Whoa!! What are you talking about!? My responsibility for logging stops with the work instructions. After that if Tony decides to do something else, that is on him."
John: "That is not how Tony tells it. He said he's been struggling with your logging system everyday since he's started and you've done nothing to help. This behavior ends today. We're a fucking team. Get off your damn high horse and help the little guy every once in a while."
Me: "I don't know what Tony has been telling you, but I barely know the guy. If he has been having trouble with the one line of code to log, this is the first I've heard of it."
John: "Like I said, this ends today. You are going to come up with a proper training class and learn to get out and talk to other people."

Over the next couple of weeks I become a powerpoint wizard and 'train' anyone/everyone on the proper use of logging. The one line of code to log. One line of code.

A friend 'Scott' sits close to Tony (I mean I do get out and know people) told me that Tony poured out the crocodile tears. Like cried and cried, apologizing, calling me everything but a kitchen sink,...etc. It was so bad, his manager 'Sally' was crying, her boss 'Andrew', was red in the face, when 'John' heard 'Sally' was crying, you can imagine the high levels of alpha-male 'gotta look like I'm protecting the females' hormones flowing.

Took almost another year, Tony released a change on a Friday, went home, web site crashed (losses were in the thousands of $ per minute this time), and Tony was not let back into the building on Monday (one of the best days of my life).

Before anyone starts going batshit crazy, this is NOT a windows hate post. Just a funny experience imo.

So I was tasked with installing ProxMox on a dedicated server at my last internship. The windows admin was my guider (he could also do debian). (he was a really nice/chill guy)

So we were discussing what VM's we wanted and the boss (really cool dude by the way) said he wanted a VPS for storing some company stuff as well. Fair enough, what would we use? I suggested debian and centos. Then we started discussing what we'd do if the systems would fuck up etc (at installation or whatever).
So I didn't wanna look like a Linux Nazi so I suggested windows. Then the happy/positive guider/windows admin suddenly became dead serious (I was actually like 'woah' for a second) and said this:
No. We're not going to fucking use windows for this. For general servers etc sometimes, fair enough but we're talking about sensitive company data here. I don't want that data to be stored on a proprietary/closed source system, hell what if there's some kinda fucking backdoor build in, who can fucking verify that? We're using Linux, end of discussion.

😓

I was pretty flabbergasted as he's a nice guy and actually really likes windows!

Linux it became.

I guess that is what you get for bringing up security issues on someones website.

Not like I could read, edit or delete customer or company data...

I mean what the shit... all I did was try to help and gives me THIS? I even offered to help... maybe he got angry cause I kind of threw it in his face that the whole fucking system is shit and that you can create admin accounts with ease. No it's not a framework or anything, just one big php file with GET parameters as distinction which function he should use. One fucking file where everything goes into.

Incompetent may not be the right word, but a Linux system admin who had never heard of Ubuntu.

Guys i guess i did it.. more than a year ago i started developing an API.. every admin of it could create new endpoints through the webui.. for rach endpoint you can create an own auth system.. a local company just fucking bought my shit.. a fucking simple API for 12k€.. im kinda proud now because i am only 18

*Client phones me at 11pm*
Client: It's not working!!
Me:What's the error you're getting?
Client: "Database connection error"
*Phones system/dB admin*
DB Admin: Yeah we had to change the SQL logins, I've sent you the new ones
*Phones junior dev in charge of dB programming*
Junior Dev: Yeah you'll just have to go and change the credentials. They're in all the places where we're using the dB, just before the statement, in the connection strings...

We make over 470 calls to the DB 😑

Make fun of your manager or system admin by this. Tell me what happen next!

When I was 10 years old, all kids at my school got access to school emails. The email address book contained everything in my city, like fire department, all pupils of all schools etc. So I decided to "test" the system by sending out a mass email to everyone in the address book (about 3k) with the question "Hi, how are you?".

The sys admins apparently didn't think very far as I got some responses saying like "You have crashed a server in the capital city" and "I have contacted your local IT admin".

So I went to the IT admin and told him the situation. His face turned red of anger and I remember him almost screaming at me.

Who the fuck doesn't set up protection for this and gives out access to 10 year olds? This was 15 years ago, I really hope sys admins are smarter today!

Buckle up kids, this one gets saucy.

At work, we have a stress test machine that trests tensile, puncture and breaking strength for different materials used (wood construction). It had a controller software update that was supposed to be installed. I was called into the office because the folks there were unable to install it, they told me the executable just crashed, and wanted me to take a look as I am the most tech-savvy person there.

I go to the computer and open up the firmware download folder. I see a couple folders, some random VBScript file, and Installation.txt. I open the TXT, and find the first round of bullshit.

"Do not run the installer executable directly as it will not work. Run install.vbs instead."

Now, excuse me for a moment, but what kind of dick-cheese-sniffing cockmonger has end users run VBScript files to install something in 2018?! Shame I didn't think of opening it up and examining it for myself to find out what that piece of boiled dogshit did.

I suspend my cringe and run it, and lo and behold, it installs. I open the program and am faced with entering a license key. I'm given the key by the folks at the office, but quickly conclude no ways of entering it work. I reboot the program and there is an autofilled key I didn't notice previously. Whatever, I think, and hit OK.

The program starts fine, and I try with the login they had previously used. Now it doesn't work for some reason. I try it several times to no avail. Then I check the network inspector and notice that when I hit login, no network activity happens in the program, so I conclude the check must be local against some database.

I browse to the program installation directory for clues. Then I see a folder called "Databases".

"This can't be this easy", I think to myself, expecting to find some kind of JSON or something inside that I can crawl for clues. I open the folder and find something much worse. Oh, so much worse.

I find <SOFTWARE NAME>.accdb in the folder. At this point cold sweat is already running down my back at the sheer thought of using Microsoft Access for any program, but curiosity takes over and I open it anyway.

I find the database for the entire program inside. I also notice at this point that I have read/write access to the database, another thing that sent my alarm bells ringing like St. Pauls cathedral. Then I notice a table called "tUser" in the left panel.

Fearing the worst, I click over and find... And you knew it was coming...

Usernames and passwords in plain text.

Not only that, they're all in the format "admin - admin", "user - user", "tester - tester".

I suspend my will to die, login to the program and re-add the account they used previously. I leave the office and inform the peeps that the program works as intended again.

I wish I was making this shit up, but I really am not. What is the fucking point of having a login system at all when your users can just open the database with a program that nowadays comes bundled with every Windows install and easily read the logins? It's not even like the data structure is confusing like minified JSON or something, it's literally a spreadsheet in a program that a trained monkey could read.

God bless them and Satan condemn the developers of this fuckawful program.

I was trying to fix my computer illiterate sisters computer, then I found out that there were two anti-virus programs that tried to delete each other.

When trying to delete the software I found out that the system admin does not have permission to use administrator rights at all. So in frustration I copied any valuable files, and reinstalled the entire OS.

Sometimes I wonder how people end up in these situations. She had 4 different anti-virus programs and still ended up getting multiple viruses! xD

!rant
*me logging into the demo system*
Me: so what is the login data?
Boss: we are a security company, what do you think?
Me: admin admin?
Boss: admin admin.

Me:, I built you this beautiful site it's super modular, it's really straight forward
Client: urm we aren't tech people if you could..... Set up all the pages for us using the modules so we can just input the data
Me: 😡 yes I could do that or you could take 5, minutes to learn this system. It's simple 😡 see that title there "left image right title module" . I've done the sample for the templates. So if you need to you can duplicate it! There's even a duplicate button!
Client: can you do it I don't want to waste time learning it right now since we are on a tight deadline

Me in head: fuck off you supreme bitch you try to get my mates dad fired! Now I've done you this huge favour getting you out of the shit 😡 and you won't take 5 minutes to just look at the admin section your old site was wix ffs.
My next move(not yet done): here is a word document it outlines what you need to do 😐

If after this see asks again I'm asking to work with someone else or quitting the project

I have no idea why but I think all ranters with long hair are Linux sysadmins

I too have a lot of time... What about you guys.?

Worst WTF dev experience? The login process from hell to a well-fortified dev environment at a client's site.
I assume a noob admin found a list of security tips and just went like "all of the above!".

You boot a Linux VM, necessary to connect to their VPN. Why necessary? Because 1) their VPN is so restrictive it has no internet access 2) the VPN connection prevents *your local PC* from accessing the internet as well. Coworkers have been seen bringing in their private laptops just to be able to google stuff.
So you connect via Cisco AnyConnect proprietary bullshit. A standard VPN client won't work. Their system sends you a one-time key via SMS as your password.

Once on their VPN, you start a remote desktop session to their internal "hopping server", which is a Windows server. After logging in with your Windows user credentials, you start a Windows Remote Desktop session *on that hopping server* to *another* Windows server, where you login with yet another set of Windows user credentials. For all these logins you have 30 seconds, otherwise back to step 1.
On that server you open a browser to access their JIRA, GitLab, etc or SSH into the actual dev machines - which AGAIN need yet another set of credentials.

So in total: VM -> VPN + RDP inside VM -> RDP #2 -> Browser/SSH/... -> Final system to work on
Input lag of one to multiple seconds. It was fucking unusable.

Now, the servers were very disconnect-happy to prevent anything "fishy" going on. Sitting at my desk at my company, connected to my company's wifi, was apparently fishy enough to kick me out every 5 to 20 minutes. And that meant starting from step 1 inside the VM again. So, never forget to plugin your network cable.

There's a special place in hell for this admin. And if there isn't, I'll PERSONALLY make the devil create one. Even now that I'm not even working on this any more.

Admin work, because its all manual:

- Each new project has to fill out an Excel tab in a workbook, with a list of all the major tasks and who is responsible. This then needs to be used to create a Gantt chart, manually, in the same tab, showing in what month a task starts and ends.

- Every month we have to manually enter status updates into a powerpoint slide on a shared deck. Which has a collision at least once per month.

- Once a quarter we need to do something similar as the powerpoint slides, but into a word doc instead.

- Once a week we need to track our time on projects in a tool that can't be integrated with (no API or anything). Meaning we can't link up a ticket tracking system to it, so again, all manual.

- Once every 6 months a new round of research funding opens up and we write proposals. The status for which are tracked in another Excel spreadsheet, manually, once a week until the deadline.

- The instructions for what to do with the proposals are so vague and badly documented that there is an unwritten rule, that for the first time you will have to ask a bunch of questions to the project manager. This is accepted by everyone and its just the done thing.

- Everything is stored in a dropbox style system, which has become so cluttered I can only find resources by saving the links sent out previously.

- Some of these updates / reports also get a 1 hour meeting for everyone to stand up and read out what they've entered.

- From time to time random things will need to be reported on to the higher ups (how many publications, research papers, patents, times and dates etc.). Again rather than a tool, a new Excel spreadsheet is whipped up and emailed to everyone on the team. Whoever sent it out, then has to merge the 20+ copies into 1 doc.

- Some of the staff (mostly the devs), use a ticket tracking system to keep track of everything. Management refuse to use it to track the things they need. Instead we have to copy paste from it into the word docs, powerpoint, excel etc.

- By far the most annoying. Management force all the above as they need the info for finance, accounting, legal etc etc. So we have to do it, but whenever there is a question from legal, management send the question to us. So despite having documented every facet of everything imaginable, it all gets ignored in favour of endless emails.

I once tried to to put an end to all of this madness by proposing the use of a ticket tracking system, and then building reporting tools on top of it.

... I was told that it "wasn't appropriate". Still don't know what that means.

I.
FUCKING.
*HATE*.
THIS.
KIND.
OF.
PEOPLE!!

I KNOW that you don't understand what you're doing or saying, THAT'S WHY I JUST TOLD YOU A VERY SHORT, SIMPLE, AND CLEAR SENTENCE TO SAY WORD-FOR-WORD TO THE OTHER GUY WHO, IF HE'S AT LEAST HALF-COMPETENT SHOULD IMMEDIATELY UNDERSTAND AND RESPOND WITH *FOUR* *WORD* *ANSWER* and instead of that you blabber on for 5 minutes how you don't know what to say to him and how to explain what we need (FUCKIN ADMIN LOGIN YOU BOTH WINEFLY-BRAINED MORONS!), and he blabbers for 5 minutes back something something bullshit someone else and then REMOTES INTO THE COMPUTER, AND DOES A SYSTEM REINSTALL OR REMOVES DUDE'S USER ACCOUNT OR SOME SHIT LIKE THAT BECAUSE MY SKYPE CALL WITH THE DUDE DROPS AND NEXT TIME DUDE IS CALLING ME HE'S CONFUSED ABOUT SYSTEM SETUP SCREENS!!!!!!

WHAT!!!!
THE!!!!!
SHIIIIIITTT!!!!

told him sorry but call the fucker who fucked it up for you, i'm not wasting two hours of my time just because some school "IT admin" thinks the best solution for user not knowing his admin login is to remotely trigger a reinstall or someshit on the machine.

FUCK Windows File locks! I want to fucking delete a file, I don't care if anybody uses it right now! I'm the admin of this system! Fuck you windows

The tech stack at my current gig is the worst shit I’ve ever dealt with...

I can’t fucking stand programs, especially browser based programs, to open new windows. New tab, okay sure, ideally I just want the current tab I’m on to update when I click on a link.

Ticketing system: Autotask
Fucking opens up with a crappy piss poor sorting method and no proper filtering for ticket views. Nope you have to go create a fucking dashboard to parse/filter the shit you want to see. So I either have to go create a metric-arse tonne of custom ticket views and switch between them or just use the default turdburger view. Add to that that when I click on a ticket, it opens another fucking window with the ticket information. If I want to do time entry, it just feels some primal need to open another fucking window!!! Then even if I mark the ticket complete it just minimizes the goddamn second ticket window. So my jankbox-supreme PC that my company provided gets to strugglepuff along trying to keep 10 million chrome windows open. Yeah, sure 6GB of ram is great for IT work, especially when using hot steaming piles of trashjuice software!

I have to manually close these windows regularly throughout the day or the system just shits the bed and halts.

RMM tool: Continuum
This fucker takes the goddamn soggy waffle award for being utterly fucking useless. Same problem with the windows as autotask except this special snowflake likes to open a login prompt as a full-fuck-mothering-new window when we need to open a LMI rescue session!!! I need to enter a username and a password. That’s it! I don’t need a full screen window to enter credentials! FUCK!!! Btw the LMI tools only work like 70% of the time and drag ass compared to literally every other remote support tool I’ve ever used. I’ve found that it’s sometimes just faster to walk someone through enabling RDP on their system then remoting in from another system where LMI didn’t decide to be fully suicidal and just kill itself.

Our fucking chief asshat and sergeant fucknuts mcdoogal can’t fucking setup anything so the antivirus software is pushed to all client systems but everything is just set to the default site settings. Absolutely zero care or thought or effort was put forth and these gorilla spunk drinking, rimjob jockey motherfuckers sell this as a managed AntiVirus.

We use a shitty password manager than no one besides I use because there is a fully unencrypted oneNote notebook that everyone uses because fuck security right? “Sometimes it’s just faster to have the passwords at the ready without having to log into the password manager.” Chief Asshat in my first week on the job.

Not to mention that windows server is unlicensed in almost every client environment, the domain admin password is same across multiple client sites, is the same password to log into firewalls, and office 365 environments!!!

I’ve brought up tons of ways to fix these problems, but they have their heads so far up their own asses getting high on undeserved smugness since “they have been in business for almost ten years”. Like, Whoop Dee MotherFucking Doo! You have only been lucky to skate by with this dumpster fire you call a software stack, you could probably fill 10 olympic sized swimming pools to the brim with the logarrhea that flows from your gullets not only to us but also to your customers, and you won’t implement anything that is good for you, your company, or your poor clients because you take ten minutes to try and understand something new.

I’m fucking livid because I’m stuck in a position where I can’t just quit and work on my business full time. I’m married and have a 6m old baby. Between both my wife and I working we barely make ends meet and there’s absolutely zero reason that I couldn’t be providing better service to customers without having to lie through my teeth to them and I could easily support my family and be about 264826290461% happier!

But because we make so little, I can’t scrap together enough money to get Terranimbus (my startup) bootstrapped. We have zero expendable/savable income each month and it’s killing my soul. It’s so fucking frustrating knowing that a little time and some capital is all that stands between a better life for my family and I and being able to provide a better overall service out there over these kinds of shady as fuck knob gobblers.

A smooth server never made a skilled system admin. 🦉

DevOps required skillset:

* Frontend engineering
* Backend services
* Database administrator
* Security consultant
* Project management
* 3rd party contract negotiator
* Build system monitor
* Build system hostage negotiator
* Paging, alerting, monitoring
* Search server admin
* Old search server admin
* Old-old-new search server admin
* Redis, ElasticSearch, MySQL, PostGres, owner
* Agile coach
* No you shouldn't do that coach
* Oh, you did that anyway coach
* DNS: (Optional) It'll replicate when it wants, and how it wants to to anyway
* Multi-Cloud deployment strategist
* Must be able to translate Klingon to YAML, and YAML to MySQL
* Cost analyzer, reducer, and justifier
* Complex documentation generation in markdown that we should have done years ago anyway
* Marketing's email went to spam analyzer
* Wordpress is broke fixer
* Where the fuck does Wordpress run anyway?
* Ability to fix MySql running Wordpress on marketing's dusty laptop

TL;DR :

"when i die i want my group project members to lower me into my grave so they can let me down one last time"

STORY TIME

Last year in College, I had two simultaneous projects. Both were semester long projects. One was for a database class an another was for a software engineering class.

As you can guess, the focus of the projects was very different. Databases we made some desktop networked chat application with a user login system and what not in Java. SE we made an app store with an approval system and admin panels and ratings and reviews and all that jazz in Meteor.js.

The DB project we had 4 total people and one of them was someone we'll call Frank. Frank was also in my SE project group. Frank disappeared for several weeks. Not in class, didn't contact us, and at one point the professors didn't know much either. As soon as we noticed it would be an issue, we talked to the professors. Just keeping them in the loop will save you a lot of trouble down the road. I'm assuming there was some medical or family emergency because the professors were very understanding with him once he started coming back to class and they had a chance to talk.

Lesson 1: If you have that guy that doesn't show up or communicate, don't be a jerk to them and communicate with your professor. Also, don't stop trying to contact the rogue partner. Maybe they'll come around sometime.

It sucked to lose 25% of our team for a project, but Frank appreciated that we didn't totally ignore him and throw him under the bus to the point that the last day of class he came up to me and said, "hey, open your book bag and bring it next to mine." He then threw a LARGE bottle of booze in there as a thank you.

Lesson 2: Treat humans as humans. Things go wrong and understanding that will get you a lot farther with people than trying to make them feel terrible about something that may have been out of their control.

Our DB project went really well. We got an A, we demoed, it worked, it was cool. The biggest problem is I was the only person that had taken a networking class so I ended up doing a large portion of the work. I wish I had taken other people's skills into account when we were deciding on a project. Especially because the only requirement was that it needed to have a minimum of 5 tables and we had to use some SQL language (aka, we couldn't use no-SQL).

The SE project had Frank and a music major who wanted to minor in CS (and then 3 other regular CS students aside from me). This assignment was make an app store using any technology you want. But, you had to use agile sprints. So we had weekly meetings with the "customer" (the TA), who would change requirements on us to keep us on our toes and tell us what they wanted done as a priority for the next meeting. Seriously, just like real life. It was so much fun trying to stay ahead of that.

So we met up and tried to decided what to use. One kid said Java because we all had it for school. The big issue is trying to make a Java web app is a pain in the ass. Seriously, there are so many better things to use. Other teams decided to use Django because they all wanted to learn Python. I suggested why not use something with a nice package system to minimize duplicating work that had already been done and tested by someone. Kid 1 didn't like that because he said in the real world you have to make your own software and not use packages. Little did he know that I had worked in SE for a few years already and knew damn well that every good project has code from somewhere else that has already solved a problem you're facing. We went with Java the first week. It failed miserably. Nobody could get the server set up on their computers. Using VCS with it required you to keep the repo outside of the where you wrote code and copy and paste changes in there. It was just a huge flop so everyone else voted to change.

Lesson 3: Be flexible. Be open to learning new things. Don't be afraid to try something new. It'll make you a better developer in the long run.

So we ended up using Meteor. Why? We all figured we could pick up javascript super easy.Two of us already knew it. And the real time thing would make for some cool effects when an app got a approved or a comment was made. We got to work and the one kid was still pissed. I just checked the repo and the only thing he committed was fixing the spelling of on word in the readme.

We sat down one day and worked for 4 straight hours. We finished the whole project in that time. While other teams were figuring out how to layout their homepage, we had a working user system and admin page and everything. Our TA was trying to throw us for loops by asking for crazy things and we still came through. We had tests that ran along side the application as you used it. It was friggin cool.

Lesson 4: If possible, pick the right tool for the job. Not the tool you know. Everything in CS has a purpose. If you use it for its purpose, you will save days off of a project.

At the company I worked for earlier, they'd blocked two USB ports citing security policies. The third USB, was unblocked because the system admin didn't know a laptop can have more than 2 USBs .
Gigabit LAN was open.
They just wanted you to copy stuff at higher speed, I think.
If you think blocking a couple of USB ports is going to stop a dev from copying data, well either you're unbearably stupid, or think too less of your devs. It is just gonna hinder their productivity, nothing else.

In highschool we pasted a shutdown batch script in someone's startup folder. Never seen someone more confused than when his pc force shutdown every time he restarted. All fun and giggles until system admin walked in

So this fucktard decided to write the most inefficient way to collect thousands of records.

The system I am working on allows users to book facilities. There is one feature where an admin can generate reports on the bookings made between any two dates. A report for bookings made between January and April generates 7878 records.

So this shithead, after making a call to the server and receiving 7878 records decides to put it through 4 fucking foreach loops (this takes around 44.94 seconds).

After doing that, he passes it to the controller to go through ANOTHER foreach loop to convert those records into a JSON string, using..string..manipulation. (this takes bloody 1 minute and 30 seconds).

Now, my dear, dear supervisor is asking me to fix this saying that there must be a typo somewhere. Typo my arse. This system has been up for more than a year. What have they been doing all this time??? Bloody hell. Fucking idiots everywhere. I now have to refactor
..fucking refactor.

I accidentally terminated both a client's website and my own in a single click

Worst hack/attack I had to deal with?

Worst, or funniest. A partnership with a Canadian company got turned upside down and our company decided to 'part ways' by simply not returning his phone calls/emails, etc. A big 'jerk move' IMO, but all I was responsible for was a web portal into our system (submitting orders, inventory, etc).

After the separation, I removed the login permissions, but the ex-partner system was set up to 'ping' our site for various updates and we were logging the failed login attempts, maybe 5 a day or so. Our network admin got tired of seeing that error in his logs and reached out to the VP (responsible for the 'break up') and requested he tell the partner their system is still trying to login and stop it. Couple of days later, we were getting random 300, 500, 1000 failed login attempts (causing automated emails to notify that there was a problem). The partner knew that we were likely getting alerted, and kept up the barage. When alerts get high enough, they are sent to the IT-VP, which gets a whole bunch of people involved.
VP-Marketing: "Why are you allowing them into our system?! Cut them off, NOW!"
Me: "I'm not letting them in, I'm stopping them, hence the login error."
VP-Marketing: "That jackass said he will keep trying to get into our system unless we pay him $10,000. Just turn those machines off!"
VP-IT : "We can't. They serve our other international partners."
<slams hand on table>
VP-Marketing: "I don't fucking believe this! How the fuck did you let this happen!?"
VP-IT: "Yes, you shouldn't have allowed the partner into our system to begin with. What are you going to do to fix this situation?"
Me: "Um, we've been testing for months already went live some time ago. I didn't know you defaulted on the contract until last week. 'Jake' is likely running a script. He'll get bored of doing that and in a couple of weeks, he'll stop. I say lets ignore him. This really a network problem, not a coding problem."
IT-MGR: "Now..now...lets not make excuses and point fingers. It's time to fix your code."
IT-VP: "I agree. We're not going to let anyone blackmail us. Make it happen."

So I figure out the partner's IP address, and hard-code the value in my service so it doesn't log the login failure (if IP = '10.50.etc and so on' major hack job). That worked for a couple of days, then (I suspect) the ISP re-assigned a new IP and the errors started up again.

After a few angry emails from the 'powers-that-be', our network admin stops by my desk.
D: "Dude, I'm sorry, I've been so busy. I just heard and I wished they had told me what was going on. I'm going to block his entire domain and send a request to the ISP to shut him down. This was my problem to fix, you should have never been involved."

After 'D' worked his mojo, the errors stopped.

Month later, 'D' gave me an update. He was still logging the traffic from the partner's system (the ISP wanted extensive logs to prove the customer was abusing their service) and like magic one day, it all stopped. ~2 weeks after the 'break up'.

Admin comes to my desk and says:
"Hey the CEO wants to know why is the third party application having issues with our system? He wants you to keep me posted on the matter and let us know when will you fix it."
Me:
"Well I'm working on it, we're having a discussion on Slack about it and I'm quite busy right now"
Admin: "Yeah OK but when will you fix it? The CEO wants to know why didn't you reply yesterday"
Me: "Because I was on leave? You would have known if you saw my calendar"
Admin: "oh well, can you keep me updated with how things go?"
Me: "You can join the Slack channel if you want..."

What the f*CK is wrong with people? Do they even know what vacation time means? Why would the CEO ask the admin to talk to me when I'm sitting two rows from him?

Unencrypted, plain text passwords stored in SQL, from lowest role all the way up through Admin. In the same system, they had a "backdoor" password that would log in any user...

When your DevOps is useless

Dumbest request?
Email piping chat system.

The chat system had to take replies from web and send them to an email, which the admin user can reply back via email and it publishes straight into the chat.

It was all fun and games until they wanted HTML based emails and content going back and forth, and attachments going both ways.

My first job was actually nontechnical - I was 18 years old and sold premium office furniture for a small store in Munich.
I did code in my free time though (PHP/JS mostly, had a litte browsergame back then - those were the days), so when my boss approached me and asked me whether I liked to take over a coding project, I agreed to the idea.

Little did I know at the time: I was supposed to work with a web agency the boss had contracted to build their online shop. Only that he had no plan or anything, he basically told them "build me an online shop like abc(a major competitor of ours at the time)"

He employed another sales lady who was supposed to manage the shop (that didn't exist yet). In the end, I think 80% of her job was to keep me from killing my boss.

As you can imagine, with this huuuuge amout of planning and these exact visions of what was supposed to be, things went south fast and far. So far that I could visit my fellow flightless birds down in the Penguin's republic of Antarctica and still need to go further.

Well... When my boss started suing the web agency, I was... ahem, asked to take over. Dumb as I was, I did - I was a PHP kid and thought that Magento, being written in PHP, would be easy to master. If you know Magento, you know that was maybe the wrongest thing I ever said.

Fast forward 3 very exhausting months, the thing was online. Not all of it worked yet, but it was online and fairly secure.

I did next to everything myself, administrating the CentOS box the shop was running on, its (own) e-mail server, the web server, all the coding required for the shop (can you spell 12 hour day for 8 hour pay?)

3 further months later, my life basically was a wreck, I dragged myself to work, the only thing I looked forward being the motorcycle ride home. The system worked though.

Mind you, I was still, at the time, working with three major customers, doing deskside support and some admin (Win Server 2008R2 at the time) - because, to quote my boss, "We could not afford a full time developer and we don't need one".

I think i stopped coding in my free time, the one hobby I used to love more than anything on the world, somewhere Decemerish 2012. I dropped out of the open source projects I was in, quit working on my browser game and let everything slide.

I didn't even care to renew the domains and servers for it, I just let it die without notice.

The little free time I had, I spent playing video games and getting drunk/high.

December 2013, 1.5 years on the job, I reached my breaking point and just left, called in sick at least a week per month because I just could not see this fucking place anymore.

I looked for another job outside of ALL of what I did before. No more Magento, no more sales, no more PHP. I didn't have to look for long, despite what I thought of my skills.

In February 2014, I told my boss that I quit. It was still seven months until my new job started, but I wanted him to know early so we could migrate and find a replacement.

The search for said replacement started in June 2014. I had considerably less work in the months before, looks like he got the hint.

In August 2014, my replacement arrived and I got him started.

I found a job, which I am still in, and still happy about after almost half a decade, at a local, medium sized ISP as a software dev and IT security guy. Got a proper training with a certificate and everything now.

My replacement lasted two months, he was external and never really did his job - the site, which until I had quit, had a total of 3 days downtime for 3 YEARS (they were the hoster's fault, not mine), was down for an entire month and he could not even tell why.

HIS followup was kicked after taking two weeks to familiarize himself with the project. Well, I think that two weeks is not even barely enough to familiarize yourself with nearly three years of work, but my boss gave him two days.

In 2016, the shop was replaced with another one. Different shop system, different OS, different CI. I don't know why and I can't say I give a damn.

Almost all the people that worked at the company back with me have left for greener pastures, taking their customers (and revenue) with them.

As for my boss' comments, instructions and lines: THAT might not be safe for work. Or kids. Or humans in general. And there wouldn't be much left if you put it through a language filter...

Moral of the story: No, it's not a bad thing to leave a place if you're mistreated there. Don't mistake loyalty with stupidity!

And, to quote one of my favourite Bands: "Nothing matters when the pain is all but gone" (Tragedy + Time by Rise Against).

Red flags in your first week of your software engineering job 🚩

You do the first few days not speaking to anyone.
You can't get into the building and no one turns up until mid day.
The receptionist thinks you're too well dressed to work in this building, thinks you're a spy and calls security on you.
You are eating alone during lunch time in the cafeteria
You have bring your own material for making coffee for yourself

When you try to read the onboarding docs and there aren't any.
You have to write the onboarding docs.

You don't have team mates.
When you ask another team how things are going and they just laugh and cry.😂😭

There's no computer for you, and not even an "it's delayed" excuse. They weren't expecting you.
Your are given a TI PC, because "that's all we have", even though there's no software for it, and it's not quite IBM compatible.
You don't have local admin rights on your computer.💀
You have to buy a laptop yourself to be able to do your job.

It's the end of the week and you still don't have your environment set up and running.
You look at the codebase and there are no automated tests.
You have to request access every time you need to install something through a company tool that looks like it was made in 2001.

Various tasks can only be performed by one single person and they are either out sick or on vacation.
You have to keep track of your time in 6 minute increments, assigned to projects you don't know, by project numbers everyone has memorised (and therefore aren't written down).
You have to fill in timesheets and it takes you 30 minutes each day to fill them in because the system is so clunky.🤮

Your first email is a phishing test from the IT department in another country and timezone, but it has useful information in it, like how to login to the VPN.
Your second email is not a phishing test, but has similar information as the first one. (You ignore it.)
Your name is spelled wrong in every system, in a different way. 2 departments decide that it's too much trouble, and they never fix the spelling as long as you work there. One of them fixes it after you leave, and annoys you for a month because you haven't filled out the customer survey.

Is it just me who sees this? JS development in a somewhat more complex setting (like vue-storefront) is just a horrible mess.
I have 10+ experience in java, c# and python, and I've never needed more than a a few hours to get into a new codebase, understanding the overall system, being able to guess where to fix a given problem.
But with JS (and also TS for that matter) I'm at my limits. Most of the files look like they don't do anything. There seems to be no structure, both from a file system point of view, nor from a code point of view.
It start with little things like 300 char long lines including various lambdas, closures and ifs with useless variables names, over overly generic and minified method/function names to inconsistent naming of files, classes and basically everything else.
I used to just set a breakpoint somewhere in my code (or in a compiled dependency) wait this it is being hit and go back and forth to learn how the system state changes.
This seems to be highly limited in JS. I didn't find the one way to just being able to debug, everything that is. There are weird things like transpilers, compiler, minifiers, bablers and what not else. There is an error? Go f... yourself ...
And what do I find as the number one tipp all across the internet? Console.log?? are you kidding me, sure just tell me, your kidding me right?
If I would have to describe the JS world in one word, I would use "inconsistency". It's all just a pain in the ass.

I remember when I switcher from VisualStudio/C# to Eclipse/Java I felt like traveling back in time for about 10 years. Everyting seemd so ... old-schoolish, buggy, weird.
When I now switch from java to JS it makes me feel the same way. It's all so highly unproductive, inconsistent, undeterministic, cobbled together.
For one inconveinience the JS communinity seems to like to build huge shitloads of stuff around it, instead of fixing the obvious. And noone seems to see that.
It's like they are all blinded somehow. Currently I'm also trying to implement a small react app based on react-admin. The simplest things to develop and debug are a nightmare. There is so much boilerplate that to write that most people in the internet just keep copying stuff, without even trying to understand what it actually does.
I've always been a guy that tries to understand what the fuck this code actuall does. And for most of the parts I just thing, that the stuff there is useless or could be done in a way more readable way. But instead, all the devs out there just seem to chose the "copy and fix somehow-ish" way.
I'm all in for component-izing stuff. I like encapsulation, I'm a OOP guy by heart. But what react and similar frameworks do is just insane. It's just not right (for some part).
Especially when you have to remember so much stuff that is just mechanics/boilerplate without having any actual "business logical function".

People always say java is so verbose. I don't think it is, there is so few syntax that it almost reads like a prose story. When I look at JS and TS instead, I'm overwhelmed by all the syntax, almost wondering every second line, what the actual fuck this could mean. The boilerplate/logic ration seems way to off ..

So it really makes me wonder, if all you JS devs out there are just so used to that stuff, that you cannot imagine how it could be done better? I still remember my C# days, but I admin that I just got used to java. So I can somehow understand that all. But JS is just another few levels less deeper.
But maybe I'm just lazy and too old ...

I'm the only developer in my company. I am a "junior dev" who started working like 6 months ago. Safe to say I am not well experienced and have a lot to learn in this journey. Due to this pandemic, my bosses who have been flaunting their wealth have started making losses and now needs to find another way to get money. Mind you, the company I work with is a marketing firm.
So what the bosses thought of doing was creating a delivery service due to the current situation. It is not their field but since they still need to show people they are the rich people, they need money either way. Since I'm the only developer in the company I've to make this application. I've to make an Android and iOS app with a back-end and an admin portal all in 1 month. My pay is shit and by shit I mean less than even 700 USD. I've not done a project like this before so there would be a learning curve as well. And there is no one to guide me either.
They think just because they have hired one developer anything development related is settled and I will do everything no matter how big or complicated or how shitty my salary is.
The feature list is a whole system, like it is so complicated that someone could really make their own company just to work on that application. It's HUGE.

I'm thinking of saying no I can't do this shit. But just wanted to see what some more experienced devs say about this. I've attached the features list in the rant.

a small local social network i made around 2008 as a replacement for the original which the owner closed down.

i missed the people from there, so it motivated me to make a replacement in a week, while learning html+php+mysql+js.

it worked for about 3 years and i redid it from scratch 3 times as i gradually learned more.

it was cool to be basically a host of a community i've come to like in the years before, and it was basically the only project i felt, really felt, had meaning, a point. people were grateful that i made a replacement for the original closed-down site, and i was grateful that they were using it and that i could keep talking to all of them on it.

at the height of its popularity it had about 1500 registered accounts, 150 daily logged in ones, and about 30-40 very active ones.

it was also the place where i went to implement all the cool stuff i learned and came up with.

it had a pretty cool questionnaire creator (originally just a test of how deppressed users are, but then i thought "why not let people make their own tests/questionnaires?"), which tracked people's results over time and showed them on a cool interactive flash-based chart.

also a whole forum system made from scratch, wysiwyg article editor, later seamlessly integrated admin controls for those who had privileges, like, not a separate admin ui, but the admin buttons right on the site, later even a realtime chat persistent across page reloads where you could put special links which, on click, would highlight site elements/buttons, or even complete step-by-step path to them if it was more clicks. would highlight the first step, after clicking would then highlight the second one, and so on...

it was pretty cool stuff for 2008, and afaik it basically landed me my first two full-time jobs with almost no actual job interview, basically just "we looked at the site, interesting stuff, tell us how you did x and y and z on it, okay, hired"

back then i kinda felt i have a bright future ahead of me =D

I have worked with a handful of very green devs in the last 10 years. A common theme has emerged.

They don't heed any of my advice.

An exercise to the reader:

If you have a Windows machine, but need to work in a Linux environment, what would be your first instinct how to proceed?

In this exercise, you are as green as it gets. You have very little professional development experience, let alone server admin experience. And your lead dev has suggested setting up a VM.

1. Set up a Linux VM
2. Use a live CD or set up a dual boot system
3. Pay for a cloud server and set it up from scratch

I have no idea how this person intends to get any work done on a remote, terminal only, Linux server. That is if I can even get their environment into a sane configuration.

The company I am currently working for is partnering with another startup. Nothing special about that. We should integrate their API into our system. I wasn't involved in the process when it came to checking there API and if it would work with our Systems. The Person who did that already left the company so I was left behind with some internal documentation. In that Documentation is already written that API is basically trash....

After I started integrating the API I found more and more flaws in the design. They are not sending any responses that would help, when a param is missing or the authentication isn't correct, only 500's . I got some documentation from the partner company so i thought it will be fine as long as the Documentation would be accurate. Turns out the documentation isn't even close to be up to date. Wrong content types wrong endpoints, wrong naming. Basically we could not work with that. We shortly contacted the partner Company. After a few WEEKS we got a response that they updated the Documentation what was right but still not everything was correct. At this point I lost my mind. I researched a little bit about them, the company is founded from 2 young people who basically came strait out of the University and doest have any experience or idea how to build an API. I investigated a little bit there websites.

They have an Admin panel on the base domain from their API but it is only accessible via HTTP. Like WTF , They use HTTP for an Admin Panel this must be a joke right?

They use Cloudflare without a HTTP to HTTPS redirection ???

I really had not that much time to research in there website but if I find these things in 5 minutes I don't want to know what I can find in like an hour.

At the end we will still use them as partners because surprise surprise our company already sold the product that uses their API.

I know that I will be the person who has to help fixing this shit when it breaks and it will break 1000% JUST FUCK THIS SHIT. FUCK THE PARTNER COMPANY. FUCK THERE API.

Aren't the system admin supposed to figure out how to install something on their server when a developer has requested something from them?

They seem to have no idea when I request them to install php gd extension. They also cannot give me a ssh access to their server. So I have to troubleshoot/help by sending one command and ask for the output from them and give another command to run through mail.

I don't even know what to rant or whom to rant at anymore.

// I'm blue.

Manager: we need to design an admin system for a veterinary centre

Dev: ok, this is it, remember your training

namespace Vetcentre{
class Dog : Animal {

}
}

So we are implementing a big and very complete localization management system on my company. The system has great features, indeed, but:

1. We cannot use the browser back button, because it is js and it appears no one cared about it (I am not a js Dev, but you can UAE the back button on my site that has js);

2. It is very customizable, but not intuitive. So you have one million options and you never know where to change what you need;

3. It has a save button everywhere, but most options are saved automatically, so you never know when you need to save. Actually, people from the webapp company use the save button as refresh, once we cannot use the browser refresh button;

4. Combo boxes load the elements while you scroll them, so to scroll to the bottom, you need to keep scrolling several times, waiting it to load the elements;

5. It does not allow you to open more than one tab of it at the same time. So if you need to see more than one information from different items, you need to navigate and wait the loading times to see what you need;

6. Emails are not sent in a different thread. So each action that send emails you need to keep waiting until the emails are sent (sometimes there are several emails sent in one action) to continue using it;

7. They not only store and send back your password by email if you loose it, but, as admin, if I click the button to send the user password to him/her, it keeps a copy of the email with the user password in my sent items;

8. To be able to send emails (they are really necessary), I need to include my SMTP info with login and password. So they have not only the system password saved, but everyone email login and password as well.

I am sure there is more, but I can't remember for now, and we are still trying to figure it out how to back our data, as it appears the only possible backup is their own.

Got pulled out of bed at 6 am again this morning, our VMs were acting up again. Not booting, running extremely slow, high disk usage, etc.

This was the 6 time in as many weeks this happened. And always the marching orders were the same. Find the bug, smash the bug, get it working with the least effort. I've dumped hundreds of hours maintaining this broken shitheap of a system, putting off other duties to keep mission critical stations running.

The culprits? Scummy consultants, Windows 10 1709, and Citrix Studio.

Xen Server performed well enough, likely due to its open source origins and Centos architecture.

Whelp. DasSeahawks was good and pissed. Nothing like getting rousted out of bed after a few scant hours rest for patching the same broken system.

DasSeahawks lost his temper. Things went flying. Exorcists were dispatched and promptly eaten.

Enough. No consultants, no analysts, and no experts touched it. No phone calls, no manuals, not even a google search. Just a very pissed admin and his minion declaring blitzkrieg.

We made our game plan, moved the users out, smoked our cigs, chugged monster, and queued a gnu-metal playlist on spotify.

Then we took a wrecking ball to the whole setup. User docs were saved, all else was rm -r * && shred && summon -u Poseidon -beast Land_Cracken.

Started at 3pm and finished just after midnight. Rebuilt all the vms with RDP, murdered citrix studio (and their bullshit licenses), completely blocked Windows 10 updates after 1607, and load balanced the network.

So what do we get when all the experts are fired? Stabbed lightning. VMs boot in less than 10 seconds, apps open instantly, and server resources are half their previous usage state. My VMs are now the fastest stations in our complex, as they should be.

Next to do: install our mxgpu, script up snapshots and heartbeat, destroy Windows ads/telemetry, and setup PDQ. damn its good to be good!

What i learned --> never allow testing to go to production, consultants will fuck up your shit for a buck, and vendors are half as reliable over consultants. Windows works great without Microsoft, thin clients are overpriced, and getting pissed gets things done.

This my friends, is why admins are assholes.

The previous manager bought an expensive enterprise level cms with 0 support and documentacion for doing shit, for which the only ninja that knows how to operate it is our cms admin.

And I saw this person posting shit on her instagram about loving wordpress.

Wish your ass would've known about it before you got us this 58k pos system...

Say whatever the fuck you want about wordpress, yeh its fucky, but not fucky AND expensive........

My client's using some legacy server side software. I set it all up nice and isolated with proxmox, tunneled it through cloudflare, got the folks to do their install on a windows vm, passthrough their licensing usb. Hosted GLPI on it too (system inventory) and so on.

Wait for it. Windows Server refuses to accept local or domain passwords. WTF. Even went ahead and did a Utilman reset on it which lets you use an admin cmd prompt to the login screen where you could reset the password. Insane that it was even possible, but no good.

Client blamed linux for it, I switched over to Windows Server on baremetal. I setup Hyper-V thinking it should be just as capable as KVM.

Nope.

Guess what, you can't pass through usb for licensing (the legacy software). MOFOS DECIDED TO install it baremetal. I couldn't even get hyper-v to create a decent virtual network. It keeps changing all my network adapter settings. I COULDN'T EVEN PASSTHROUGH PCIE NETWORK CARDS.

This feels like an eternally stagnated, mossy soup of abandonware.

FUCK YOU WINDOWS. You've been sore pain the ass for EVERYONE.

Reasons why I hate the hospital I work for...

1. NO fucking budget, for fuck sakes our telecom system is still running Merlin Magix. (I’ve been working on getting the trunk and everything to at least push FreePBX out... Configuration configuration.) but, that requires a decent server to host said system... But guess what? We’ve still got a few servers online that are running server 2012 r2. NO FUCKING BUDGET.

2. Training. They don’t have the budget to send me to training, but the doctors here are rolling in Mercedes... Must be fucking nice.

3. I have 5 f-I-v-e job descriptions. I’m a bio medical technician, network admin, system admin, programmer, and help desk... I fucked up allowing them to know I program.

4. On call 365 days a year. That’s nice and all, but when I’ve got shit to do and the nearest Walmart is an hour away I don’t want a call from Louis “oh the printer has a jam” FUCK OFF LOUIS! Get the paper out, we’ve been over this, I believe in you!

5. Some of the FUCKING (l)users.... You wouldn’t imagine some of the calls I receive, some of my favorite being late late “Hey *anonyops* I know it’s late but we’re needing a chair moved from one room to the other.” FUCK YOU YOU CHEEKY FUCKING CUNT.

The only reason I’m still here is my direct supervisor and a hand full of people that I’ve grown to love. Also, because any computer related job here is either outsourced or filled by a YouTubing god. - reason 1 why I started my own business. Supply and demand.

Rural Kansas Hospitals = shit, inb4 thanks —insert president to blame—

Dear school,
even when I'm drunk like now, i still feel a pain in the ass, you know, like if i tried to do a fcking reverse tombstone with a beer bottle in my asshole.

This is the end of my sixth year. Yup, 3 years network/system admin, and now 3 years programming.

Now what, you were useless, didn't teach me anything, i feel like the chimp's sperm filled leprous mare that write planning for the year just want us to learn french and laws.(oh, the chimp as IST prolly.)

You ruinned me, I'm fcking poor now, but i have a degree (yolo)..

Well, you gave me some friends.. thanks for that you dumbass.

Dear teacher, i want to know, why are you so incompetent ? I mean, did you find your degree in Mother of shit' school as me ?

And also, pleaseee : next time i get an exam on a specific software that runs only on windows, i'll probably kill the fcking entire classroom, and this include you, and your merkel's ass licker familly.

That's it, random post, some hate, sorry fellow ranters, have a good day!

The only thing more dangerous than an alcoholic short-term-memory-challenged non-technical throw-you-under-the-bus IT director with self-esteem issues that are sporadically punctuated by delusions of superiority is one who fears for his job. Submitted for your inspection: a besotted mass of near-human brain function who not only has a 50 person IT department to run, but has also been questioned by the business owners as to what he actually does. So he has decided to show them. He has purchased a vendor product to replace a core in-house developed application used to facilitate creating the product the business sells. The purchased software only covers about 40 percent of the in-house application's functionality, so he is contracting with the vendor to perform custom development on the purchased product (at a cost likely to be just shy of six-figures) so that about 90 percent of existing functionality will be covered. He has asked one of his developers (me) to scale down the existing software to cover the functionality gaps the purchased software creates. There is no deployment plan that will allow the business to transition from the current software to the new vendor​-supplied one without significantly hurting the ability of the business to function. When anyone raises this issue he dismisses it with sage musings such as, "I know it will be painful, but we'll just have to give the users really good support." Because he has no idea what any of his staff actually does, he is expecting one of his developers (again, unfortunately, me) to work with the vendor so that the Frankensoftware will perform as effectively as the current software (essentially as a project manager since there will be no in-house coding involved). Lastly, he refuses to assign someone to be responsible for the software: taking care of maintenance, configuration, and issue resolutions after it has been rolled out. When I pointedly tell him I will not be doing that (because this is purchased software and I am not a system admin or desktop engineer) he tells me, "Let me think about this." The worst part is that this is only one of four software replacement initiatives he is injecting himself into so he can prove his worth to the business owners. And by doing so he is systematically making every software development initiative akin to living in Dante's Eighth Circle. I am at the point where I want to burn my eye out with a hot poker, pour salt into the wound, and howl to the heavens in unbearable agony for a month, so when these projects come to fruition, and I am suffering the wrath of the business owners, I can look back on that moment I lost my eye and think "good times."

Yesterday I spend around half an hour 'debugging' why a screen wasn't working. Checking cable connection, drivers and so on. Then the system admin pointed out that the extension power cable box was turned off... In my defence, I only slept for 4 hours that night..

Well in America, developer is the current "hot" career if you wanna make bank and rightly so, you can make a great salary. However the "business types" politicize the position since it's trendy right now and do all sorts of undesirable things like looking for "10x" or "rockstar" devs, etc. It's really just an excuse to have you on call 24/7. Some jobs, you go home, but you never really clock out of work. Well, if you even make it home; you could end up always travelling for your work.

But at least it's a romanticized and well paid position, unlike system admin, who may work the same hours but will never have the "cool" job.

Buffer usage for simple file operation in python.

What the code "should" do, was using I think open or write a stream with a specific buffer size.

Buffer size should be specific, as it was a stream of a multiple gigabyte file over a direct interlink network connection.

Which should have speed things up tremendously, due to fewer syscalls and the machine having beefy resources for a large buffer.

So far the theory.

In practical, the devs made one very very very very very very very very stupid error.

They used dicts for configurations... With extremely bad naming.

configuration = {}
buffer_size = configuration.get("buffering", int(DEFAULT_BUFFERING))

You might immediately guess what has happened here.

DEFAULT_BUFFERING was set to true, evaluating to 1.

Yeah. Writing in 1 byte size chunks results in enormous speed deficiency, as the system is basically bombing itself with syscalls per nanoseconds.

Kinda obvious when you look at it in the raw pure form.

But I guess you can imagine how configuration actually looked....

Wild. Pretty wild. It was the main dict, hard coded, I think 200 entries plus and of course it looked like my toilet after having an spicy food evening and eating too much....

What's even worse is that none made the connection to the buffer size.

This simple and trivial thing entertained us for 2-3 weeks because *drumrolls please* none of the devs tested with large files.

So as usual there was the deployment and then "the sudden miraculous it works totally slow, must be admin / it fault" game.

At some time it landed then on my desk as pretty much everyone who had to deal with it was confused and angry, for understandable reasons (blame game).

It took me and the admin / devs then a few days to track it down, as we really started at the entirely wrong end of the problem, the network...

So much joy for such a stupid thing.

I taught an intro to programming class today, brought back memories of highschool...

I remember when I started my first IT class in grade 10, it was a 50/50 split between IT theory amd programming. Choices were java or delphi...I made the uninformed choice to do java (thank goodness) and really enjoyed it. For some reason the logic and OOP concepts really made sense to me and i was well ahead of the class. I was always top 5 for maths/physics/chem and english literature but never enjoyed them for a second. On the other hand programming was something i could do for hours and still enjoy. In my final year we had to do a project, most of my class was still struggling with very simple for loops and jframes. The projects were terrible drag and drop NetBeans UIs that would convert meters to feet.

I remember being upset with the quality and ended up writing an entire client/server chat system with file sharing, voice notes, voice streaming, server admin controls, usernames and passwords (plaintext sql of course 😂), admins/mods/guests etc...

Got 100% and a personal recognition from the headmaster...found out yesterday the staff at the college have actually been using it since the time I left.

I don't know why i typed this whole story, something about teaching the kids where i was myself made me feel warm and fuzzy inside

It’s still to easy.
I hope one day software will get so complicated no one will be able to fix it.

Somewhere in future :
- government established law that new AI system is only one that can accept new law
- every financial operation is monitored by government supervision AI
- we developed robots that are taking care of us
- everyone is happy cause work for money, shelter and food is now optional
- education is fully digital and managed by AI
- whole knowledge is based on asking questions, we don’t need to write and read anymore
- we use one common language and our knowledge specialization increased

A little more time passed by in this utopia.
- after power loss most of data got corrupted
- last man who knew how to restore backup died last night ( R.I.P. admin we will not forget you )
- people trying to save knowledge base to rebuild part of this civilization but no one knows how to make a paper because it haven’t been used for ages
- we decided to put what is left from knowledge on stone but we forgot how to write since everything is audio or video and most of time we were spending in VR
- someone decided that we draw some pictures
- all of use are now drawing animal heads like we remember ourselves from VR, let people know our tech is good
- some people love cats so they try to make cats from stones
- volcano eruptions destroyed most of stones that we made

Starving waiting for another respawn of my DNA sequence. I hope we manage to survive this time.

The truth has been spoken 😂

Running a fucking conda environment on windows (an update environment from the previous one that I normally use) gets to be a fucking pain in the fucking ass for no fucking reason.

First: Generate a new conda environment, for FUCKING SHITS AND GIGGLES, DO NOT SPECIFY THE PYTHON VERSION, just to see compatibility, this was an experiment, expected to fail.

Install tensorflow on said environment: It does not fucking work, not detecting cuda, the only requirement? To have the cuda dependencies installed, modified, and inside of the system path, check done, it works on 4 other fucking environments, so why not this one.

Still doesn't work, google around and found some thread on github (the errors) that has a way to fix it, do it that way, fucking magic, shit is fixed.

Very well, tensorflow is installed and detecting cuda, no biggie. HAD TO SWITCH TO PYHTHON 3,8 BECAUSE 3.9 WAS GIVING ISSUES FOR SOME UNKNOWN FUCKING REASON

Ok no problem, done.

Install jupyter lab, for which the first in all other 4 environments it works. Guess what a fuckload of errors upon executing the import of tensorflow. They go on a loop that does not fucking end.

The error: imPoRT eRrOr thE Dll waS noT loAdeD

Ok, fucking which one? who fucking knows.

I FUCKING HATE that the main language for this fucking bullshit is python. I guess the benefits of the repl, I do, but the python repl is fucking HORSESHIT compared to the one you get on: Lisp, Ruby and fucking even NODE in which error messages are still more fucking intelligent than those of fucking bullshit ass Python.

Personally? I am betting on Julia devising a smarter environment, it is a better language already, on a second note: If you are worried about A.I taking your job, don't, it requires a team of fucktards working around common basic system administration tasks to get this bullshit running in the first place.

My dream? Julia or Scala (fuck you) for a primary language in machine learning and AI, in which entire environments, with aaaaaaaaaall of the required dlls and dependencies can be downloaded and installed upon can just fucking run. A single directory structure in which shit just fucking works (reason why I like live environments like Smalltalk, but fuck you on that too) and just run your projects from there, without setting a bunch of bullshit from environment variables, cuda dlls installation phases and what not. Something that JUST FUCKING WORKS.

I.....fucking.....HATE the level of system administration required to run fucking anything nowadays, the reason why we had to create shit like devops jobs, for the sad fuckers that have to figure out environment configurations on a box just to run software.

Fuck me man development turned to shit, this is why go mod, node npm, php composer strict folder structure pipelines were created. Bitch all you want about npm, but if I can create a node_modules setting with all of the required dlls to run a project, even if this bitch weights 2.5GB for a project structure you bet your fucking ass that I would.

"YOU JUST DON'T KNOW WHAT YOU ARE DOING" YES I FUCKING DO and I will get this bullshit fixed, I will get it running just like I did the other 4 environments that I fucking use, for different versions of cuda and python and the dependency circle jerk BULLSHIT that I have to manage. But this "follow the guide and it will work, except when it does not and you are looking into obscure github errors" bullshit just takes away from valuable project time when you have a small dedicated group of developers and no sys admin or devops mastermind to resort to.

I have successfully deployed:
Java
Golang
Clojure
Python
Node
PHP
VB/C# .NET
C++
Rails
Django

Projects, and every single fucking time (save for .net, that shit just fucking works on a dedicated windows IIS server) the shit will not work with x..nT reasons. It fucking obliterates me how fucking annoying this bullshit is. And the reason why the ENTIRE FUCKING FIELD of computer science and software engineering is so fucking flawed.

But we can't all just run to simple windows bs in which we have documentation for everything. We have to spend countless hours on fucking Linux figuring shit out (fuck you also, I have been using Linux since I was 18, I am 30 now) for which graphical drivers for machine learning, cuda and whatTheFuckNot require all sorts of sys admin gymnasts to be used.

Y'all fucked up a long time ago. Smalltalk provided an all in one, easily rollable back to previous images, easily administered interfaces for this fileFuckery bullshit, and even though the JVM and the .NET environments did their best to hold shit down, and even though we had npm packages pulling the universe inside, or gomod compiling shit into one place NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO we had to do whatever the fuck we wanted to feel l337 and wanted.

Fuck all of you, fuck this field, fuck setting boxes for ML/AI and fuck every single OS in existence

!rant

when you are the system admin but mysql won't believe that.

I once agreed to maintain and develop an application used in a different section of the school to keep inventory and make sure everything is where it is supposed to be.

At first there was enthusiasm, together with 2 of my classmates we agreed and git clone-d the .NET application that now graduated students built and maintained for the past few years. What could go wrong right?!

It became clear that the original students that worked on it followed an older curriculum, meaning they still got taught .NET instead of the core variant that we get now, not only that but it also seemed that they either did not fully grasp the Clean/Onion architecture or didn't get it in class since there were infrastructure components in the 'Domain' project of the solution. Think of 2 DBContexts in the domain model, yep.

One of us bailed in the first week, the other one and I felt bad for the people using the app so we went on and tried to work on the first bugs that were described in a document. One of these bugs was 'whenever I filter on something in the list, everybody gets to see that filter on their screen instead of only me'. Woah that's weird! Let's see how they put that together!

Oh god, they are using a _static_ variable to store filters, no wonder that it doesn't work properly. Ever heard of sessions?!

Second bug: Sometimes people can't create an account when we sign them up from the admin panel. Alright that is weird, let's figure that one out! Wait a second it seems to work in development? What's this about.

Oh wait I can't create an account on production either? Oh that's weird, wait a second... Why do I have to put my e-mail in a form that was sent to me through e-mail? Why is my address not filled in already? OOH, if someone types in the wrong e-mail address (which is easy since our school has 4 variants of the same f*cking e-mail address) it won't work since it can't recognize the user! Brilliant! Remove e-mail input box and make a token/queryparam determine the user account.

Ah that seems good, it's a mess but it seems a tiny bit better now, great! We're making progress and some sweet buck.

Next bug, trillions of 50x errors on random pages, that's a weird one.

Hm everything works in development, that's odd. Is the production data corrupted?

DID I MENTION that in order to get into the system in development we have to load in a f*cking production database backup ON OUR DEVELOPMENT MACHINE and then ask one of the users' password to login to it and create an account for ourselves? Seeding? What's that, right?!

Anyway, back to bug fixing. I e-mail the the people responsible for the app and get a production admin account, oh I also can't ssh into it because of policies so I have to do everything over e-mail and figure out what's causing the errors. I somehow also wonder if they have any kind of virtualization in place, giving students a VM to do that stuff in doesn't seem so weird does it ? Even with school policies?

Oh btw, 'deploying' means sending a .zip file to a guy in another building and telling him how to configure it, apparently this resulted in a missing folder that the application needed to work and couldn't make on its own. This after 2 weeks of e-mailing back and forth.

After 3 months i quit out of despair and sadness, and due to the fact that I just couldn't do it anymore. I separated everything into logical subprojects and let the last guy handle it, he was OK with that and understood why I left.

Luckily, around that time I already had an actual job at a software development company :)

Windows not powering off when I press the shutdown button.

Mandatory long rant warning

Oh my fucking god, how many times have I lost my shit because of this fucking bullshit.

When I press the shutdown button, I want you to shut the fuck down you sorry excuse for an operating system.

Me and my friends want to hang out together, so I shut down my PC and walk over to their house, expecting an intense session of doing programming stuff and debating linux distros. Whatever the fuck we do when we get together.

I get to their house and pull out my laptop,, only its hot as fuck. And then I see it: the battery indicator is red. "What the balls?" I think to myself. I open the lid, and guess what?
WINDOWS DIDN'T FUCKING SHUT DOWN, AND IT STAYED ON THE POWERING OFF SCREEN ALL THIS FUCKING TIME. WHAT THE FUCK?
Now, my laptop has a bomb ass battery, so I didn't even bring a charger with me, and now I'm fucking stuck at a programming session with friends without a computer. FUCKING BULLSHIT.

If this was a one time thing, I wouldn't have cared so much, but this happened countless fucking times. Too many.

I would have deleted this cum socket of an operating system months ago if it weren't for the Windows exclusive software I need for school, and now that Steam supports games for linux, Windows has even less of an excuse to stay on my fucking laptop.

Windows is supposed be fucking simple, but linux takes it by a goddamn long shot. When I type "shutdown now" or "poweroff", linux shuts the fuck down, no questions asked. And if I ever need root permissions, I just type "sudo" instead of restarting the fucking program and requesting admin privileges.

Most of the software I use is compatible with both MacOS and Windows, and I already have Ubuntu installed on my laptop, so what do you guys think, should I butcher Windows off of my SSD and give MacOS a try?

Also, what is this magic? Ranting actually calmed me the fuck down... I need to start ranting more.

FUCK MICROSOFT AND FUCK WINDOWS, I WISH I COULD BURN TO FUCKING OBLIVION

Built a C#/.NET application with support for a serial device. Tested it on systems A, B, C initially, all Windows system, same .NET version, same targeting, same build tool version, same initial connection configuration etc, etc.

Testing - works on A and C, B nopes.
...
OK, let's check the source, is there something about B that makes it impossible to execute that bit? - No, there is not, you checked that already, stop poking around, it definitively should work on B.
...
OK, maybe admin privileges, there is I/O involved, didn't need that on A and C, but who knows - nope, doesn't work on B.
...
OK, maybe something wrong with the connection settings? First try at reinstalling driver - but no, it doesn't work on B.
...
OK let's try with another device - more/less devices on B. Other USB ports. No. Still does not work on B.
...
OK, this is stupid, but, is the cabling alright? It is, of course it is, stupid - but it still does not work on B.
...
OK, at that point I'm just gonna ask a colleague, GrumpySoftwareDev whether he has any clue why it doesn't work on B. GrumpySoftwareDev knows nothing, but discovers that one of his applications doesn't work on Windows 10. You know nothing, Jon Snow, but it doesn't work on B.
...
OK, now I'm just going to ask another colleague TheLastOfHisKind who handed B down to me somewhat bluntly if he ever experienced problems when working with B and its serial configuration. TheLastOfHisKind tells me he does not and kindly offers me some input on the situation. Still no progress to get it working on B but he hinted he might have fucked up B's driver. I already reinstalled the driver but didn't reboot, which comes after reinstall.
...
OK, I'm just gonna remove and re-install the driver, then restart. Hu! Now the UI is gone but another serial device reacted on a general call. Not fully working on B but we're getting there.
...
OK, I don't know, I'm getting frustrated, let's borrow another system D - which has roughly the same configuration as B - from my colleague StrongCurrentGuy. StrongCurrentGuy borrows me his system and cautions me not to break it. I install the driver, plug the device and copy the application from B. It just works on D. Not on B though.
...
OK, you know what. I'm done. For shits and giggles I'm gonna remove that driver again, reinstall it and restart, maybe it'll magically work afterwar- WHAT THE HELL, I JUST OPENED IT AFTER RESTARTING, IT JUST WORKS - ON B!

... seriously, what the fuck. But yeah, at least it works now.

The client in my previous rant asked me to overhaul their whole internet radio system in three days.

So I went on and install RadioDJ, which needs MySQL, which also needs .NET framework. And an encoder is needed to convert the RadioDJ's output and port it to the streaming host, ShoutCast.

Oh, and every software install needs the network admin's permission.....which won't be here until end of next week.

And here I am, in their broadcasting room on a Sunday, trying to download everything that I can so the admin can install it.

On the bright side, that stupid icon is finally vertically centered.

Our project at work goes live in 3 weeks.

The code base has no automated tests, breaks very often, has never had any level of manual testing

will not be releasing with any form of enforced roles or permissions in our first release now due to no time to enforce, however there is a whole admin api where you can literally change anything in our database including roles.

We also have teams in various countries all working separately on the same solution using microservices with shared nuget packages and they aren't using them properly.

Our pull requests are so big - as much as, 75 file changes - in our fe app that I can't keep up with it and I honestly have no idea if it even works or not due to no automated tests and no time to manually test.

We have no testing team, or qa team of any sort.

Every request into the system has to hit a minimum of 3 different databases via 3 different microservices so 1 request = 4 requests with the load on the servers.

We don't use any file streams so everything is just shoved in the buffer on the server.

Most of the people working on the angular apps cba to learn angular, no one across 2 teams cba to learn git. We use git so they constantly face problems. The guy in charge has 0 experience in angular but makes me do things how he wants architecturally so half the patterns make no sense.

No one looks at the pull requests, they just click approve so they may as well push directly to master.

Unfinished work gets put in for pull request so we don't know if the app is in a release state since aall teams are working independently, but on the same code base.

I sat down and tested the app myself for an hour and found 25 fe only issues, and 5 breaking cross browser issues.

Most of our databases are not normalised. Most of our databases make no sense. 99% of our tables have no indexing since there is no expertise with free time to do it.

No one there understands css properly. Or javascript.

Our. Net core microservices all directly use ef in the controller actions so there is no shared code there.

Our customer facing fe app is not dry because no tests so it was decided it was better this way.

Management has no idea on code state, it seems team lead is lieing to them about things like having any level of tests.

Management hire devs that claim to be experts but then it turns out they have basically no knowledge of what they were hired to do, even don't know what json is or the framework or language they are hired for, but we just leave them to get on with it and again make prs too big to review.

Honestly I have no hope that this will go well now but I am morbidly curious to watch. I've never seen anything like the train wreck that we are about to get experience.

A swedish insurance company has two different solution for logging in to their system.

1. An advanced high security single sign on solution involving active directory, verification of the network the request came from etc etc.

2. Using a link and passing your credentials in the query string!!! Like: insurancecompany.com?username=admin&password=password.

Solution 2 works with admin accounts from anywhere.

Someone wanted me to make a full system from zero with good UI/UX, for 2 different user types (think marketplace style), admin area, and cool features that could only be done through phones because the tech is not available in web. All of this with good security due to the delicate information it would handle. Also of course subscription support as well.

By myself, within a year.

Windows users can't meme.

>tfw osx is more versatile than windows because of Unix structure
>tfw you don't have admin permissions
>tfw your doing important work but you get a forced update because you can't handle your own system

I am a Linux user myself but OSX is a lot more powerful, I don't understand windows fan boyism? The only thing good about windows is their application and game support and a lot of that can be fixed with wine on OSX and Linux

At the institute I did my PhD everyone had to take some role apart from research to keep the infrastructure running. My part was admin for the Linux workstations and supporting the admin of the calculation cluster we had (about 11 machines with 8 cores each... hot shit at the time).

At some point the university had some euros of budget left that had to be spent so the institute decided to buy a shiny new NAS system for the cluster.

I wasn't really involved with the stuff, I was just the replacement admin so everything was handled by the main admin.

A few months on and the cluster starts behaving ... weird. Huge CPU loads, lots of network traffic. No one really knows what's going on. At some point I discover a process on one of the compute nodes that apparently receives commands from an IRC server in the UK... OK code red, we've been hacked.

First thing we needed to find out was how they had broken in, so we looked at the logs of the compute nodes. There was nothing obvious, but the fact that each compute node had its own public IP address and was reachable from all over the world certainly didn't help.
A few hours of poking around not really knowing what I'm looking for, I resort to a TCPDUMP to find whether there is any actor on the network that I might have overlooked. And indeed I found an IP adress that I couldn't match with any of the machines.

Long story short: It was the new NAS box. Our main admin didn't care about the new box, because it was set up by an external company. The guy from the external company didn't care, because he thought he was working on a compute cluster that is sealed off behind some uber-restrictive firewall.

So our shiny new NAS system, filled to the brink with confidential research data, (and also as it turns out a lot of login credentials) was sitting there with its quaint little default config and a DHCP-assigned public IP adress, waiting for the next best rookie hacker to try U:admin/P:admin to take it over.

Looking back this could have gotten a lot worse and we were extremely lucky that these guys either didn't know what they had there or didn't care.

Love the topic, and I have multiple.

We were designing a frontend for a new application and we were using University lingo for the text placeholders. I forgot to remove one section in which the text stated "You are looking to enroll in the University of Deez Nuts", on another section I left "Click here cuh". Our manager at the time liked the design so much, but forgot to check for spelling or texts and as such sent the demo to our entire department. Everyone saw it, and while they all found it funny it could have seriously gone wrong. Thankfully our department VP had a pretty good sense of humor.....dude also knew exactly who it was from the start.

On another application, a director, who is a friend, asked for multiple items on a request form, during testing, I added text in Spanish (I am in Texas, but Spanish is pretty well known and spoken in the state) saying "Que bien chinga <Name of the Director>" which roughly translates to "<Name of the Director> is being annoyong" (but in a very Mexican spanish way)
I neglected to consider that the dude was probably viewing the admin board and checking the items as they were being added to the system and he called me not even 3 minutes later saying "You know I can see what you add right??"

All in all, I was pretty lucky because in any other places I would have been severely reprimanded :P

There are many more, but these came at the top of my head as the better ones.

I don't know what to chose.

The fact that for three months, I had to design a 16-page catalog, when I have no experience and my job is web development;

The fact that I have to do SEO for the site, but that means for my boss that for a one-page long text, we have to find at least 60 (sixty! ) times the occurrences of the keywords;

The fact that when I finally have something interesting to do, the boss finds that it doesn't go fast enough and decide to drop the project even if making a whole new dynamic stock system with the db we have is something hard and long to do;

The fact that when I come to work five minutes late, my boss is at the verge on screaming on me, even if I come ten minutes early every other day;

The fact that when I'm coding, I need concentration, I don't need the boss to give me the phone to answer customers, stop everything I am doing and explain them what products we are selling;

The fact that I am paid the minimum wage for a trainee, and when there's no coffee anymore, we have to buy some ourselves because "you drink way too much coffee, you understand" (three a day, sorry for wanting to stay awake);

The fact that I have asked for one year how many days of vacation I still had, and the only answer they gave to me yet was: "Oh, we have to ask the accountant". I still don't know how many days I have left;

The fact that the site is made only by trainees since the beginning, so circa 2008, and the code is horrible but "it works, so don't touch it". The admin part is in CodeIgniter, the front in laravel 4.2, there are a lot of useless code but we can't touch it because the boss doesn't think it is worth the time.

I almost made a burn-out last year, my doc saw my state right before and made me stop for a week. I still have to work there 'till end of august, then I will have my diploma and find another company to work with. Now, I check everyday on my calendar.

In my senior year of college we had to make a restaurant pos system. Our group made a functional realtime android tablet app.

That allowed for customers to place order, request refills, play a very small game, chat with other tables, and pay for the check which supported splitting.

When an order was placed it strait to the cook part of the app. Which could view orders and complete them based on table number.

When an order was complete or a drink refill request the server part was notified. Where the server could view and finish orders based on table number.

There was also a very lite admin web component for basic reporting.

The UI was horrid, but we completed this in less than a month.

Have you ever had the moment when you were left speechless because a software system was so fucked up and you just sat there and didn't know how to grasp it? I've seen some pretty bad code, products and services but yesterday I got to the next level.

A little background: I live in Europe and we have GDPR so we are required by law to protect our customer data. We need quite a bit to fulfill our services and it is stored in our ERP system which is developed by another company.

My job is to develop services that interact with that system and they provided me with a REST service to achieve that. Since I know how sensitive that data is, I took extra good care of how I processed the data, stored secrets and so on.

Yesterday, when I was developing a new feature, my first WTF moment happened: I was able to see the passwords of every user - in CLEAR TEXT!!

I sat there and was just shocked: We trust you with our most valuable data and you can't even hash our fuckn passwords?

But that was not the end: After I grabbed a coffee and digested what I just saw, I continued to think: OK, I'm logged in with my user and I have pretty massive rights to the system. Since I now knew all the passwords of my colleagues, I could just try it with a different account and see if that works out too.

I found a nice user "test" (guess the password), logged on to the service and tried the same query again. With the same result. You can guess how mad I was - I immediately changed my password to a pretty hard.

And it didn't even end there because obviously user "test" also had full write access to the system and was probably very happy when I made him admin before deleting him on his own credentials.

It never happened to me - I just sat there and didn't know if I should laugh or cry, I even had a small existential crisis because why the fuck do I put any effort in it when the people who are supposed to put a lot of effort in it don't give a shit?

It took them half a day to fix the security issues but now I have 0 trust in the company and the people working for it.
So why - if it only takes you half a day to do the job you are supposed (and requires by law) to do - would you just not do it? Because I was already mildly annoyed of your 2+ months delay at the initial setup (and had to break my own promises to my boss)?

By sharing this story, I want to encourage everyone to have a little thought on the consequences that bad software can have on your company, your customers and your fellow devs who have to use your services.
I'm not a security guy but I guess every developer should have a basic understanding of security, especially in a GDPR area.

So recently I installed Windows 7 on my thiccpad to get Hyperdimension Neptunia to run (yes 50GB wasted just to run a game)... And boy did I love the experience.

ThinkPads are business hardware, remember that. And it's been booting Debian rock solid since.. pretty much forever. There are no hardware issues here. Just saying.

With that out of the way I flashed Windows 7 Ultimate on a USB stick and attempted to boot it... Oh yay, first hurdle to overcome. It can't boot in UEFI mode. Move on Debian, you too shall boot in BIOS mode now! But okay, whatever right. So I set it to BIOS mode and shuffled Debian's partitions around a bit to be left with 3 partitions where Windows could stick in one more.

Installed, it asks for activation. Now my ThinkPad comes with a Windows 7 Pro license key, so fuck it let's just use that and Windows will be able to disable the features that are only available for Ultimate users, right? How convenient would that be, to have one ISO for all the half a dozen editions that each Windows release has? And have the system just disable (or since we're in the installer anyway, not install them in the first place) features depending on what key you used? Haha no, this is Microsoft! Developers developers developers DEVELOPERS!!! Oh and Zune, if anyone remembers that clusterfuck. Crackhead Microsoft.

But okay whatever, no activation then and I'll just fetch Windows Loader from my webserver afterwards to keygen my way through. Too bad you didn't accept that key Microsoft! Wouldn't that have been nice.

So finally booted into the installed system now, and behold finally we find something nice! Apparently Windows 7 Enterprise and Ultimate offer a native NFS driver. That's awesome! That way I don't have to adjust my file server at all. Just some fuckery with registry keys to get the UID and GID correct, but I'll forgive it for that. It's not exactly "native" to Windows after all. The fact that it even has a built-in driver for it is something I found pretty neat already.

Fast-forward a few hours and it's time to Re Boot.. drivers from Lenovo that required reboots and whatnot. Fire the system back up, and low and behold the network drive doesn't mount anymore. I've read that this is apparently due to Windows (not always but often) mounting the network drive before the network comes up. Absolutely brilliant! Move out shitstaind, have you seen this beauty of an init Mr. Poet?

But fuck it we can mount that manually after every single boot.. you know, convenient like that. C O P E.

With it now manually mounted, let's watch a movie! I've recently seen Pyro's review on The Platform and I absolutely loved it. The movie itself is quite good too. Open the directory on my file server and.. oh. Windows.. you just put db.thumb on it and db.thumb:encryptable. I shit you not, with the colon and everything. I thought that file names couldn't contain colons Windows! I thought that was illegal in NTFS. Why you doing this in NFS mate? And "encryptable", am I already infected with ransomware??? If it wasn't for the fact that that could also be disabled with something as easy as a registry key, I would've thought I contracted ransomware!

Oh and sound to go with that video, let's pair up some Bluetooth headphones with that Bluetooth driver I installed earlier! Except.. haha nope. Apparently you don't get that either.

Right so let's just navigate the system in its Aero glory... Gonna need to flick the mouse for that. Except it's excruciatingly slow, even the fastest speed is slower than what I'm used to on Linux.. and it's jerky as hell (Linux doesn't have any of that at higher speed). But hey it can compensate for that! Except that slows down the mouse even more. And occasionally the mouse driver gets fucked up too. Wanna scroll on Telegram messages in a chat where you're admin? Well fuck you mate, let me select all these messages for you and auto scroll at supersonic speeds! And God forbid that you press delete with that admin access of yours. Oh maybe I'll do it for you, helpful OS I am!

And the most saddening part of it all? I'd argue that Windows 7 is the best operating system that Microsoft ever released. Yeah. That's the best they could come up with. But at least it plays le games!

Right.. I spent the hours leading up to the year change by adding a YouTube to MP3 downloader into my Telegram bot. After a bit of fiddling it turned out okay, and the commit for it was mentioned to the last for the year 2020.

I mentioned this in one of my chats, and users came in with more issues. Told them it's the last commit for the year and I'll keep myself to it. I did adjust the code a bit though to fix those issues, awaiting a commit after midnight.

Midnight passes and 2020 turns into 2021.

I commit the new features, and quickly implemented another one I already thought of as well, but needed its own commit.

Quickly afterwards it turns out that the /mp3 feature actually breaks the bot somewhat, especially on long tracks. Users add a slew of 10h songs into what essentially became a long queue of single-threaded bot action (or rather lack thereof).

I made the /mp3 command accessible to myself only like I did with some other administrative commands already. Still no dice, the bot rejected the commands but executed part of the /mp3 command anyway.

I look a bit further into the code and it turns out that while I was restructuring some functions, I forgot to make the admin() function exit the script after it sends the rejection onwards. This was a serious security issue and meant that all authentication was void. Fortunately the chat did not realize this - one of the commands that became available as a result was literally a terminal on the bot's system.

I fix the issue in 7 commits after midnight total, 3 of which were related to /mp3 and admin(). We're now 1 hour after midnight.

Happy New Year everyone... :')

When a university-wide mailing list system restricts posting to a list based solely on the From address... I was able to telnet port 25 from an outside server (so obviously no SPF either), pretend I'm admin@, and send a message to all students and staff...

It all started with an undelivereable e-mail.

New manager (soon-to-be boss) walks into admin guy's office and complains about an e-mail he sent to a customer being rejected by the recipient's mail server. I can hear parts of the conversation from my office across the floor.

Recipient uses the spamcop.net blacklist and our mail was rejected since it came from an IP address known to be sending mails to their spamtrap.

Admin guy wants to verify the claim by trying to find out our static public IPv4 address, to compare it to the blacklisted one from the notification.
For half an hour boss and him are trying to find the correct login credentials for the telco's customer-self-care web interface.
Eventually they call telco's support to get new credentials, it turned out during the VoIP migration about six months ago we got new credentials that were apparently not noted anywhere.

Eventually admin guy can log in, and wonders why he can't see any static IP address listed there, calls support again. Turns out we were not even using a static IP address anymore since the VoIP change. Now it's not like we would be hosting any services that need to be publicly accessible, nor would all users send their e-mail via a local server (at least my machine is already configured to talk directly to the telco's smtp, but this was supposedly different in the good ol' days, so I'm not sure whether it still applies to some users).

In any case, the e-mail issue seems completely forgotten by now: Admin guy wants his static ip address back, negotiates with telco support.
The change will require new PPPoE credentials for the VDSL line, he apparently received them over the phone(?) and should update them in the CPE after they had disabled the login for the dynamic address. Obviously something went wrong, admin guy meanwhile having to use his private phone to call support, claims the credentials would be reverted immediately when he changed them in the CPE Web UI.

Now I'm not exactly sure why, there's two scenarios I could imagine:
- Maybe telco would use TR-069/CWMP to remotely provision the credentials which are not updated in their system, thus overwriting CPE to the old ones and don't allow for manual changes, or
- Maybe just a browser issue. The CPE's login page is not even rendered correctly in my browser, but then again I'm the only one at the company using Firefox Private Mode with Ghostery, so it can't be reproduced on another machine. At least viewing the login/status page works with IE11 though, no idea how badly-written the config stuff itself might be.

Many hours pass, I enjoy not being annoyed by incoming phone calls for the rest of the day. Boss is slightly less happy, no internet and no incoming calls.

Next morning, windows would ask me to classify this new network as public/work/private - apparently someone tried factory-resetting the CPE. Or did they even get a replacement!? Still no internet though.
Hours later, everything finally back to normal, no idea what exactly happened - but we have our old static IPv4 address back, still wondering what we need it for.

Oh, and the blacklisted IP address was just the telco's mail server, of course. They end up on the spamcop list every once in a while.

tl;dr: if you're running a business in Germany that needs e-mail, just don't send it via the big magenta monopoly - you would end up sharing the same mail servers with tons of small businesses that might not employ the most qualified people for securing their stuff, so they will naturally be pwned and abused for spam every once in a while, having your mailservers blacklisted.

I'm waiting for the day when the next e-mail will be blocked and manager / boss eventually wonder how the 24-hours-outage did not even fix aynything in the end...

We make a small server product with a web based admin system, as we were going to have limited customers who will use this (usually just the engineers) and this was not on the www. We dropped all support for all browsers other then chrome/firefox. No more IE/safari bugs for us XD

I was Just college fresher who completed his Engineering. My first week in the office. And a system was provided to me, since it was support project so I was given direct access to production database.

Fresher + Production Database + Access of Admin credentials = Worst Possible Combination

So it was my night shift, I was told to update new tariff plan for our client (which was one of the largest telecom service in India) .

If someone recharges for more than 200 Rupee, that person will get 10% or 20% extra talk time. Which was only applicable for particular circle (Like Bihar and Rajasthan).

Since I was fresher, I was told to update given query from my senior employee which he shared on the shared folder. Production downtime was in the mid night, so at that time I updated that query on the production database.

Query successfully updated. I completed my night shift, went home and slept.

When I woke up, I saw my mobile it had 200+ missed calls from different locations of India. They were Circle heads of that telecom service provider who contacted me. I realized something unexpected is expecting me.

Then at that moment my team lead called me and he asked me to come office right away.

Reminding you I was a fresher, I was shivering. What have I done there?

When I reached office, I came to know that the query I updated on production bombarded.

Every person who recharged that day (duration from midnight to morning 10 AM) got 10 times or 20 times more talktime.

A part of Query was something like this where error was made:

TalkTime = RechargeAmount + RechargeAmount * 10/100; (Bihar)
or

TalkTime = RechargeAmount + RechargeAmount * 20/100; (Rajasthan)
But instead of this query, I updated below one:

TalkTime = RechargeAmount + RechargeAmount * 10;
or

TalkTime = RechargeAmount + RechargeAmount * 20;
In a span of 10 hours, that telecom service lost revenue of 6.5 crore Rupees. Thanks to recovery team they were able to recover 6 crore but still 50 lakh Rupees were in loss.

One small query, and approx 1 million dollar was on stake.

Aftermath of this incident

My Mistake:

I should have taken those queries on mail. Or, there should have been mail communication regarding this.
Never ever do anything over oral communication. Senior employee who did this denied and said he provided correct query, and I had no proof of communication.
I told them, it was me who executed that query on production. Since I was fresher, and took my responsibility of that incident. My team lead rescued me from that situation.
Lesson Learned:

Always test your query and code multiple times before you execute or Go live it on production.
Always have email communication for every action you take on production.
Power comes with responsibility. If you have admin credentials of production never use it for update/delete/drop until you are sure.
Don’t take your job lightly.
I was not fired from that Job, but I have learnt my lesson very well.

Back when I lived in my university dorm I shared my room with internet admin. Usually I helped people with internet problems when he wasn't there and I've placed FAQ on the door how to fix common stuff with a little note, that I can help only with internet problems and only with those that aren't listed. It worked for most people, but one guy knocked and messaged me around 5 times a day to fix his system. So I've decided to finally do what he wants.
He: come on, I heard from XYZ that you are an admin in job and you fixed her computer.

Me: but I work only with servers
He: what's the difference? Just copy my photos to my external drive and install new system on my laptop, just like you do it in job.
Me: so this is that simple job?
He: yup, but I need a laptop tomorrow, because I have something to do at the evening.
Me: okay

I've used find to copy all the photos from his HDD and installed minimal Debian without xorg on the laptop. He hasn't come back after picking up his computer. And that's the way to get rid of leechers that whine for fixing everything because you are IT guy :D

TL;DR; do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that.

They say verbalising it makes it less painful. So I guess I'll try to do just that. Because it still hurts, even though it happened many years ago.

I was about to finish college. As usual, the last year we have to prepare a project and demonstrate it at the end of the year. I worked. I worked hard. Many sleepless nights, many nerves burned. I was making an android app - StudentBuddy. It was supposed to alleviate students' organizational problems: finding the right building (city plans, maps, bus schedules and options/suggestions), the right auditorium (I used pictures of building evac plans with classes indexed on them; drawing the red line as the path to go to find the right room), having the schedule in-app, notifications, push-notifications (e.g. teacher posts "will be 15 minutes late" or "15:30 moved to aud. 326"), homework, etc. Looots of info, loooots of features. Definitely lots of time spent and heaps of new info learned along the way.

The architecture was simple. It was a server-side REST webapp and an Android app as a client. Plenty of entities, as the system had to cover a broad spectrum of features. Consequently, I had to spin up a large number of webmethods, implement them, write clients for them and keep them in-sync. Eventually, I decided to build an annotation processor that generates webmethods and clients automatically - I just had to write a template and define what I want generated. That worked PERFECTLY.

In the end, I spun up and implemented hundreds of webmethods. Most of them were used in the Android app (client) - to access and upsert entities, transition states, etc. Some of them I left as TBD for the future - for when the app gets the ADMIN module created. I still used those webmethods to populate the DB.

The day came when I had to demonstrate my creation. As always, there was a commission: some high-level folks from the college, some guests from businesses.

My turn to speak. Everything went great, as reversed. I present the problem, demonstrate the app, demonstrate the notifications, plans, etc. Then I describe at high level what the implementation is like and future development plans. They ask me questions - I answer them all.

I was sure I was going to get a 10 - the highest score. This was by far the most advanced project of all presented that day!

Other people do their demos. I wait to the end patiently to hear the results. Commission leaves the room. 10 minutes later someone comes in and calls my name. She walks me to the room where the judgement is made. Uh-oh, what could've possibly gone wrong...?

The leader is reading through my project's docs and I don't like the look on his face. He opens the last 7 pages where all the webmethods are listed, points them to me and asks:
LEAD: What is this??? Are all of these implemented? Are they all being used in the app?
ME: Yes, I have implemented all of them. Most of them are used in the app, others are there for future development - for when the ADMIN module is created
LEAD: But why are there so many of them? You can't possibly need them all!
ME: The scope of the application is huge. There are lots of entities, and more than half of the methods are but extended CRUD calls
LEAD: But there are so many of them! And you say you are not using them in your app
ME: Yes, I was using them manually to perform admin tasks, like creating all the entities with all the relations in order to populate the DB (FTR: it was perfectly OK to not have the app completed 100%. We were encouraged to build an MVP and have plans for future development)
LEAD: <shakes his head in disapproval>
LEAD: Okay, That will be all. you can return to the auditorium

In the end, I was not given the highest score, while some other, less advanced projects, were. I was so upset and confused I could not force myself to ask WHY.

I still carry this sore with me and it still hurts to remember. Also, I have learned a painful life lesson: do your best all you like, strive to be the #1 if you want to, but do not expect to be appreciated for walking an extra mile of excellence. You can get burned for that.

Pentesting for undisclosed company. Let's call them X as to not get us into trouble.
We are students and are doing our first pentest at an actual company instead of assignments at school. So we're very anxious. But today was a good day.
We found some servers with open ports so we checked a few of them out. I had a set of them with a bunch of open ports like ftp and... 8080. Time to check this out.
"please install flash player"... Security risk 1 found!

System seemed to be some monitoring system. Trying to log in using admin admin... Fucking works. Group loses it cause the company was being all high and mighty about being secure af. Other shit is pretty tight though.

Able to see logs, change password, add new superuser, do some searches for USERS_LOGGEDIN_TODAY! I shit you not, the system even had SUGGESTIONS for usernames to search for. One of which had something to do with sftp and auth keys. Unfortunatly every search gave a SQL syntax error. Used sniffing tools to maybe intercept message so we could do some queries of our own but nothing. Query is probably not issued from the local machine.

Tried to decompile the flash file but no luck. Only for some weird lines and a few function names I presume. But decompressing it and opening it in a text editor allowed me to see and search text. No GET or POST found. No SQL queries or name checks or anything we could think of.

That's all I could do for today. So we'll have to think of stuff for next week. We've already planned xss so maybe we can do that on this server as well.

We also found some older network printers with open telnet. Servers with a specific SQL variant with a potential exploit to execute terminal commands and some ftp and smb servers we need to check out next week.

Hella excited about this!

If you guys have any suggestions let us know. We are utter noobs when it comes to this.

Everytime you tell yourself "This time I'm going to make them stop putting the cart before the horse again!!! No more forced shit implementations!!! NO MORE ! I'm strong!!"

The last hour in the next week:
- Selinux: off
- Firewall: Any-Any
- Application data: Everything installed on OS disc.
- Documentation: At best, someone remembers the server supposed-to-be dns record
- Service Accounts: Your domain admin account and sysadmin for databases.
- Patching: DON'T EVER THINK ABOUT IT..AND NO REBOOTING! I have set very important runtime variables.
- Backup: Maybe someone else will set this up.
- Monitoring: Not needed since clients will create tickets if system fails.
- Production Status: vague at best. Sort of silently transitioned to production.
- Handover status: Probably, but I quit before the project closed.

!

What was supposed to be an inoffensive shutdown during the weekend for maintenance became a nightmare today. The storage went to the space thanks to a system admin who was supposed to know what is doing. Since there is no power button I just pulled the power cord, he said.

We hired someone to make the new front site because I was too busy.
The guy had a plain text password system to show, mispronounced "FontAwesome", and used WordPress.
He was not an instructor but was supposed to be the "senior option" for when I couldn't do something for any reason.
I later asked him for some opinion on how to translate the site, and he disabled the Captcha plugin. I. Don't. Know. Why. I figured because of all the spam I got suspiciously after he "took a look" at the admin panel.
Luckily I could get him out of the contacts and now we are looking for more devs.

using System;

namespace HelloWorld {
class Hello {
static void Main() {
Console.WriteLine("Hello World!");
}
}
}

So, yeah, hello DevRant...
But that you don't thing I am insane, I also know how to survive in C++ and Python.
Besides the fact that I utilize Mono on my Linux server I am crazy enough to admin Windows servers.

My friend always tell me that I can't do code and didn't understand what is programming... Because what I do is system admin

FUCKING SYSTEMD PIECE OF CRAP.
*Punches a wall or something*

Ugh, newest version of PHP-FPM apparently has a dependency on a Systemd package. The package doesn't change the system's init daemon to systemd, but just the fact that it has that, that more and more stuff is becoming dependent on that crap of a bloated piece of software is driving me crazy.

I hate systemd from the bottom of my soul, not for being a bad piece of software by any means. The systemd environment is quite well fitted together, but for being a monolithic monstrosity that is taking over more and more of the traditionally independent system services.

It would be absolutely good in my book, if it allowed a user or admin to choose which parts of SystemD they are going to install, and so, in the core, it would be a mere init daemon.

But noooooo, systemd has to take over cron, system dns resolver, home and user management and I bet its not the end.

GNU/Linux is becoming GNU/SystemD/Linux...

I already ranted about this particular designer and his need to mess with the client's server configurations.
Last time he thought it would be a good idea to use cloudflare for the 1 visitor per day website. And because he missed adding some important subdomains, the admin and register page didn't work. And oc the client called me in the night and during work because I destroyed her system.
And the worst is that this designer tries to redesign everything for 3 years. Every time he sends me new stuff, something is missing. Then I write him, that xyz is missing and he doesn't respond for months. Then the client calls me, why I still didn't finish the redesign and I have to discuss with her about the designer missed something. Then the designer writes the next time, that he will send me new stuff because the design will change again.
Oh, and I already wrote, that the designer is the client's boyfriend, so he probably sits beside her when I have to defend myself about not being able to finish the redesign.

God I fucking hate macs.
I got a mac at work. I tried to install ubuntu, with rather questionable results (unfortunately, I expected that) - so I tried to get mac work for me the way I like a system to work. I needed to download slack, simple enough, right? Ha, you wish. It's gotta be done through Apple store, so I went to create an Apple ID inside the Apple Store form. And, well, it just errored out on the submission. Great start. I went then to the settings and created an account there, great success, went back to Apple Store. Unfortunately being logged in at the system level doesn't mean you are logged in to the store. So, I went to log in to the store, simple enough, right? No, nothing's simple with Apple. After logging in I got a message that the Apple ID has not yet been used with Apple Store and that I need to review the account's setting. So, I click the "review" button and... I'm presented with a log in form. Yep, a perfect log in loop. I can't log in because I can't review the account but I can't review the account because I can't log in. Fun :)

You can't just go to the web admin panel for your account to review it for Apple Store, that would too be too easy. After a bit of searching I've found an answer on StackOverflow. You need to log in to iTunes. Through a fucking MUSIC APP. To install a free application from the store you need to log in to a music app. Yes, we're all mad here.

Then, after finding out that to be able to use side buttons on my mouse I need an app that I need to manually restart every time I restart the machine and that I need to have an app to fucking transfer files from an android I need another fucking app, because reading a storage of a linux-based system would be too standards compliant - something in me broke. I found out that installing windows on a mac is officially supported.

Supported doesn't mean that it's easy. I tried to install it trying different solutions from SO, but each time I would get an error that Windows couldn't modify the boot partition. Turns out that even wiping the drive and reinstalling OSX doesn't remove residual files on a boot partition and Windows installer is not allowed to modify them. It took me hunting into some shady looking site to actually find this answer. I have no fucking idea how long it all took me, but, finally, great success, Windows, WSL, side buttons working, I can even install slack from an installer. I just wish I could have those hours of my life back.

At my institution there is a sys admin that belongs to an entirely different department. They have their own systems on their own network, separated from ours. I do not care, nor do I mind at all, but this is the second time I've had to put their admin in his place.

The first instance was when we had a security firm gauge our systems for vulnerabilities etc. The one that they have was fine, but required some additional configurations on their Tomcat servers. The "sys-admin" contacted I.T (my department) in order to request assistance, the net manager was the one he contacted, and he told the dude that he is not familiar with the Tomcat environment that they have, but that I, the dev manager, would possibly give him some pointers. The net manager is my friend, and he knows how much of a dickhead I am, so he was careful in what he told him. So the dude calls me:
"Hey, I need some items fixed on my Tomcat servers, they told me you have to do it"
Me: "Who? those are your servers"
Him: "The net manager said that you would do it"
Me: "I am certain he didn't tell you that bud, no one here will take care of your servers, they are yours, I am not doing any configurations on your stuff, that is your job"
Him: "Can't you just do them?"
Me: "No, bye"

The little bitch escalated it to my department director, who told him exactly the same thing, the director did ask if I would be willing to assist, I told him no since even though his configurations were minimal, I was not going to put myself in the position to which that fucker's ineptitude would cause him to point fingers at me, director backed me up and told the fucker to deal with his own shit.

This year it came to my attention that not only do they have their owns servers, but their own SSO system. This moron contacted me, tagging VPS and such in the email to tell me that I had to configure his SSO because "they told me you had to do it". The same shit happened, but this time I put him on blast during a meeting and told him that as "sys admin" for his stuff it was his responsibility to deal with the SSO that they have, and to contact the vendor to ask for the specifications. In front of EVERYONE he asked me if I could do it for him, I fucking looooooooled and told him that he just admitted to not being able to do his job (for which he is paid handsomely) in front of the entire room of VPS. One VP asked me why I was not willing to help him, and I told the VP that it would be the equivalent of me taking his vehicle for services, it is not my vehicle, thus not my responsibility. The VP agreed and told the fucker to get on with it and do what I said: contact his vendor channels to figure it out himself since it was indeed his position.
Yet again he said that he didn't know about SSO configs and that he was "told that I would do it", everyone asked who the fuck told him that and he said that the vendor, they asked again how it was and he showed the message from the vendor telling him: "Have your SSO admin perform the following <bla bla bla bla>" they asked him who was the manager for the SSO that they had. He said that it was him. Then they asked him what logic made him believe that it should be me, he stated again "they told me it was him".

I could hear everyone's brains shortcircuiting as no one could believe someone would be this fucking dense.

I don't think he will continue to have his job for much longer. I understand not knowing something, and I would have been happy to give pointers since I do administer systems of that level, but I can't with the whole made up "they said he would do it"

Bitch who said that? just say that you want me to do it because you can't, I mean, I am still not fucking doing it, but damn. Fucking morons man.

>Be a dedicated server owner
>Fuck up and have an issue you do not know how to solve
>Ask us for help

Huh... Okay, fine
>Machine has apt repos from 4 different system releases

>Nope.elf

Some folk should never decide to admin a machine on their own :|

This is going to be fun. We are switching our phone system to use Zoom and the turn on date is sometime in October (couple of weeks away). I have a feature I'm working on (automated phone calls) that the salesman said was fully functional (jump through a hoop, stand on your head, turn around three times, type of functional). Tried the steps they gave me, got to #3 and there is no virtual agent API call I can find to hand off/transfer the call. Send our contact at Zoom some questions, responds "That is a feature we might put in a future product. Can't do that right now." WTF?!
Other developers are running into similar "How do we get there from here?" issues that features promised, either don't exist or don't work.

One feature in particular I'm receiving a 403 permission denied error.
K: "Feature X needs to be enabled."
Me: "It is."
<send a screenshot showing the feature enabled>
K: "Your account doesn't have permissions. Have the sysadmin elevate you authentication level."
Me: "I'm an admin"
<send a screenshot showing my admin status>
K: "I'll have to get back with you."

Its been 3 days and no update on my ticket. *sigh*

So I just got asked for a quote for developing an app for a client's friend. He wanted an app that requires me to build let's just say a combination of what you see on uber with the live tracking of your uber driver, seeing all cars around your location and determining the closest one (It wasn't necessarily cars) plus profiles and another app for another set of users (I can easily make this one and determine the logged in user and in turn tailor the features for that user but they wanted two). An admin portal also was included and I had to do various integrations with Google maps. In app purchases was also necessary. Logs as the app has to keep track of all activities basically. A wallet feature was also to be implemented, scheduling, rating and complains section was also something requested and finally a mini accounting system was also to be developed. I was going to do this singlehandly as a freelancer. Obviously this is a lot of work. I also gave them a timeline of about 3 months for development. Which meant I was going to be putting all my time into developing this. Front end and backend for the app and front-end and backend for the server and database architecture. I charged them $10,000 not only for the work but also because they were going to be making money off of the app. They go "wow and why does it cost so much"...Judging from their reactions I don't think they will move further with this with me because of costs...😂 I can't even begin to wonder why they think that isn't a fair price. I have learnt from previous work before that you always state a cost for which you are absolutely sure you would want to work for else you would start doing the work and once you see how little you are being paid for so much work you end up hating the work and completing it ends up being a difficult task.

First day at my job and once I got home I immediately crashed into my bed and woke up at 3 AM.

For some reason I still feel physically tired. Even though I woke up by myself (no distractions from my environment).

+ I feel like having worked out even though I did not. I can feel the muscles aching everywhere in my body.

Anyway back to how it went...
I got there (company) and met a young people like me who are also working in this company for the first time.

Once I saw them + the chief and the leaders, my anxiety kicked in, but I made sure not to show it.

We took photos and saw the cubes (data center cubes) and it felt like I was in a hacking scene from Mr Robot or Watch Dogs lol. It was so cool.

After that we were assigned to our temporary work places and mine was at a place where you get packages from the delivery trucks, cut them, sort them, put etiquettes on them and register them in the system.

Another boy (let's call him Daniel) and me were assigned to this place. He is going to be a sys admin.

The people at this workplace were very chill, cool and mature.
You can joke with them and they will not get offended (looking at you, Twitter) lol.

Daniel however is the opposite.
He is so god damn extroverted that he literally won't stop talking.
At some point he asked me if I was even listening and I admitted that the unconcious side of the brain of mine built a filter over the years that only let's valuable information flow through. When there is no valuable information, I do not process them in my conciousness.

Poor guy got a bit sad, but me whatever. Not my problem. He gave me an headache by talking nonstop nonsense.

Today, when my shift begins, I will learn to do drive a forklift and I'm excited about this.

I do not even need a license for it which you normally need in other companies :D

Yet another day at my company, Im rewriting some old code for client (rewriting old, php 4 system for vindications managment) and you know the moment when you are focused and someone comes to you to absolutely ruin your focus. Fine, whatever. Oh, for fuck sake. Again dev is doing as support becouse one moron with second can't login into zimbra admin panel and add fucking mailbox. I show them exacly how they login, remind them they are admins too, slowly show them, so you click "manage" than you click that gear icon and than you click "new", fill in email address and password. As simple as 1-2-3. Okay, fuck it, time to go for a cig. I just finish up few lines and stand, grab my vape and start walking towards door. In door I find my buddy with 2 random people. He told me that they are interns and that I should show them some basics and stuff around that. Oh god, fuck my life. If anything, Im definitely very bad teacher, mainly becouse I often have problems with saying what I mean in the way that somebody actually understans and knows what I am trying to say. Whatever. Fuck it all. I grab two of our old laptops that nobody used in like a year or so, and first thing I quickly figure out, is that one day for some what the fuck reason I dont even dont bothered to remember I installed Arch on both while I dont usually use Arch. I just needed it for some specific reason. Whatever. So I guess I will need to upgrade fucking system. Our network isn't really great so that was like... hour or so. In the meantime I figured what they know about coding in general etc, and holly shit. One of them (there was boy and girl), girl, apparently never ever in her life even touched code. Well... fuck. Why am I wasting my time? Becouse there was some programme or some shit like that... Someone could tell me before so I could mentally prepare.. fuck it. whatever. So while laptops are doing their pacman thing, I sit with them and slowly start to explain based on my machine some really basic concepts. Second guy actually had some expirience, he knew how to make some really really basic logic and stuff, so he had another world of problems, becouse it was PHP and, as we all know, everyone hates PHP, and... yeah.. You can probably imagine his approach. Yes, you get user input in super global array. I really wanted to say "Now shut the fuck up and write that fucking $_POST".

hour or so passed, I was close to giving up to not let my anger rise (im not really good teacher... I mentioned it. I suck at teaching others) but luckly machines upgraded. He wanted to use visual studio code, she didnt care too much, so I installed phpstorm in trial mode. whatever. Since that's linux and they were not comfortable with that, I walked them through installing LAMP stack, and when finally it started to look like LAMP stack, I requested them to google how to install xdebug, becouse xdebug is very usefull and googling skill is your best weapon on that field. I go for cig, come back and what I see boiled me a little bit. The girl was stuck looking at github page randomly looking through xdebug source code and idk... hoping for miracle (she admited she thought there will be instructions somewhere) and the guy was in good place, xdebug has a place to paste your phpinfo() for custom instructions. But it didn't work for him, he claims that wizzard told him it cant help him.. hmm intresting, you are sure you pasted in phpinfo? yes, he is sure. Okay, show me.

Again mindblown how someone can have problems with reading.

so his phpinfo() looked like that:
```<?php
phpinfo();```

I highlighted on the page the words "output of phpinfo". He somehow didn't see it or something. He didnt know, he thought that he needs to put in phpinfo so he did. OMG.

Finally, I figured out I can workaround my intern problem, and I just briefly shown them php.net, how documentation looks, said to allways google in english, if he uses tutorial to read whole fucking thing, not just some parts of it, and left them with simple task, that took them whole day and at which they ultimately failed.

To make 3 buttons labeled "1" "2" "3" and if someone presses one of them, remember in session that they pressed it and disallow pressing other ones.

Never fucking again interns. Especially those who randomly without apparent reason almost literally just spawn in front of you and here, its your fucking problem now.

Fuck it, I have some time to get back to my stuff. Time is running so lets not waste it.

After around 15 minutes my one of my superiors comes in and asks me if I can go on meeting with him and other superior. My buddy goes with us, and next 3 hours I was basically explaining that you cannot do some things (ie. know XYZ happened without any source of information) in code, and I can't listen for callbacks from ABC becouse it wont send anyc cuz in their fucking brilliant idea ABC can't even know that this script would even exist, not to mention it wants callbacks.

Sometimes I hate my job.

Dude at work floats the idea of creating separate Github accounts for personal and work for security. My response:

While we're discussing options, we should also consider maintaining a list of users as a CSV^H^H^H MS Excel file, and install an authentication server that runs off the laptop of an "IT Administrator". That way it'll be super secure because hackers cannot access any system outside of working hours, as well as the days that said admin is off from work.

Trying to setup a staging server boss says just use AWS, system admin doesn't like that thought because it doesn't involve him so waited all day for 3 VM's and still not ready... All I need is 3 blank CoreOS VMs nothing fancy like even doing the cloud config no. Anyone else has colleagues scared of moving out of the private high maintenance servers in the basement?

When the CTO/CEO of your "startup" is always AFK and it takes weeks to get anything approved by them (or even secure a meeting with them) and they have almost-exclusive access to production and the admin account for all third party services.

Want to create a new messaging channel? Too bad! What about a new repository for that cool idea you had, or that new microservice you're expected to build. Expect to be blocked for at least a week.

When they also hold themselves solely responsible for security and operations, they've built their own proprietary framework that handles all the authentication, database models and microservice communications.

Speaking of which, there's more than six microservices per developer!

Oh there's a bug or limitation in the framework? Too bad. It's a black box that nobody else in the company can touch. Good luck with the two week lead time on getting anything changed there. Oh and there's no dedicated issue tracker. Have you heard of email?

When the systems and processes in place were designed for "consistency" and "scalability" in mind you can be certain that everything is consistently broken at scale. Each microservice offers:

1. Anemic & non-idempotent CRUD APIs (Can't believe it's not a Database Table™) because the consumer should do all the work.
2. Race Conditions, because transactions are "not portable" (but not to worry, all the code is written as if it were running single threaded on a single machine).
3. Fault Intolerance, just a single failure in a chain of layered microservice calls will leave the requested operation in a partially applied and corrupted state. Ger ready for manual intervention.
4. Completely Redundant Documentation, our web documentation is automatically generated and is always of the form //[FieldName] of the [ObjectName].
5. Happy Path Support, only the intended use cases and fields work, we added a bunch of others because YouAreGoingToNeedIt™ but it won't work when you do need it. The only record of this happy path is the code itself.

Consider this, you're been building a new microservice, you've carefully followed all the unwritten highly specific technical implementation standards enforced by the CTO/CEO (that your aware of). You've decided to write some unit tests, well um.. didn't you know? There's nothing scalable and consistent about running the system locally! That's not built-in to the framework. So just use curl to test your service whilst it is deployed or connected to the development environment. Then you can open a PR and once it has been approved it will be included in the next full deployment (at least a week later).

Most new 'services' feel like the are about one to five days of writing straightforward code followed by weeks to months of integration hell, testing and blocked dependencies.

When confronted/advised about these issues the response from the CTO/CEO
varies:

(A) "yes but it's an edge case, the cloud is highly available and reliable, our software doesn't crash frequently".
(B) "yes, that's why I'm thinking about adding [idempotency] to the framework to address that when I'm not so busy" two weeks go by...
(C) "yes, but we are still doing better than all of our competitors".
(D) "oh, but you can just [highly specific sequence of undocumented steps, that probably won't work when you try it].
(E) "yes, let's setup a meeting to go through this in more detail" *doesn't show up to the meeting*.
(F) "oh, but our customers are really happy with our level of [Documentation]".

Sometimes it can feel like a bit of a cult, as all of the project managers (and some of the developers) see the CTO/CEO as a sort of 'programming god' because they are never blocked on anything they work on, they're able to bypass all the limitations and obstacles they've placed in front of the 'ordinary' developers.

There's been several instances where the CTO/CEO will suddenly make widespread changes to the codebase (to enforce some 'standard') without having to go through the same review process as everybody else, these changes will usually break something like the automatic build process or something in the dev environment and its up to the developers to pick up the pieces. I think developers find it intimidating to identify issues in the CTO/CEO's code because it's implicitly defined due to their status as the "gold standard".

It's certainly frustrating but I hope this story serves as a bit of a foil to those who wish they had a more technical CTO/CEO in their organisation. Does anybody else have a similar experience or is this situation an absolute one of a kind?

I have a few projects on the go at work at the moment which could be successful, but only time will tell:

1. We have a requirement to monitor or SQL servers for any long running queries (anything that runs longer than 3 minutes). Company didn’t want to pay for enterprise grade solution so as the only SQL Developer I created a small system that involves a database, 2 tables a stored procedure and scheduled job. It goes off every 10 minutes queries some system tables etc and write the results to the tables. Still waiting for it to be deployed to one of the test servers. I have plans for a web front end in the future.

2. My company currently use source safe for version control. They’ve lost the admin password so only 1 person can log in. I’m running he project to plan the migration to GitLab. It’s getting close to completion and soon someone is going to be tasked with creating 100s or projects etc.

3. We use an ERP system which is huge with thousands of tables, but no FKs or anything like that. The current data dictionary is a spreadsheet, as a side project I’m creating a web app so that this information is easily available and searchable.

All 3 projects have the potential to be successful, for my team at least, but stuck waiting for other people to do their stuff first.

As a webdev telling a system admin that he should set the DNS records before moving the domain name to keep the email working. It does bother me

You know that time when somebody had a problem with a system you wrote years ago, and it has taken you an hour to try to remember how to even call it, because the documentation and code didn't get migrated from svn to git, and the svn server has been shut down for some reason, and the admin is out today, and the last time you had the code was three machines ago, so you're trying to gleam what needs to be done to just call the stupid thing from log files set to 'error'?

That time is now.

How to replace rEFInd bcuz M$ locks linux out of your system if M$ installed first.
-----
This will be long so get your salsa ready.
-----

1. Get your rEFInd from sourceforge
Since we are installing INTO windows, dl the zip.

2. extract to a folder.

2-a-: Install themes if you want any or edit the config if you want/need to, at this stage.

3. open a cmd as Admin and cd to the refind's folder.

4. mount system volume
`mountVol S: /S` will mount it to S:

5. use xcopy to copy as system
`xcopy /E refind-bin-x.xx.x\ S:\EFI\refind`

6tynice: go to System volume and to the refind folder
`S:`
`cd EDI\refind\refind`

7:Set rEFInd as Windows Boot Manager
`bcdedit /set {bootmgr} \EFI\refind\refind\refind_x64.efi`
(It's possible to use ia32 or aa64 for different architectures)

At this point, try plugging a linux thumb drive and restart your computer. Windows Boot Manager should be deactivated and should show refind.
You can use mouse and keyboard to select an OS boot or just set config to start one automatically unless you are holding a "power" button.
rEFInd also offers "fallback" boot for linux, which boots the efi from rEFInd and not from syslinux.

Malwares are nasty applications, that can spy on you, use your computer as an attacker or encrypt your files and hold them on ransom.

The reason that malware exists, is because how the file system works. On Windows, everything can access everything. Of course, there are security measures, like needing administrator permissions to edit/delete a file, but they are exploitable.

If the malware is not using an exploit, nothing is there to stop a user from unknowingly clicking the yes button, when an application requests admin rights.

If we want to stop viruses, in the first place, we need to create a new file-sharing system.

Imagine, that every app has a partition, and only that app can access it.

Currently, when you download a Word document, you would go ahead, start up Word, go into the Downloads folder and open the file.

In the new file-sharing system, you would need to click "Send file to Word" in your browser, and the browser would create a copy of the file in a transfer-partition. Then, it would signal to Word, saying "Hey! Here's a file that I sent to you, copy it to your partition please!". After that, Word just copies the file to its own partition, signals "Ok! I'm done!", and then the browser deletes the file from the shared partition.

A little change in the interface, but a huge change in security.

The permission system would be a better UAC. The best way I can describe it is when you install an app on Android. It shows what permission the app wants, and you could choose to install it, or not to.

Replace "install" with "grant" and that's what I imagined.

Of course, there would be blacklisted permissions, that only kernel-level processes have access to, like accessing all of the partitions, modifying applications, etc.

What do you think?

South Africa Release notes version v3.0.2

In 1994 SA underwent one of the biggest system upgrades since 1948. In this new rolling release since the system update called apartheid the system has been annexing resources, locking it down, making it closed source, closing it off community updates and from global updates and minimizing services across the board. On 27 April 1994, the new democratic system update was released with a new system monitor, release resources and balancing efficiency in the system. Though there were remnants of the old code in the system, it was being rewritten by a new generation of users, open source resources were established, giving users the right to choose among themselves how to grow the system , and how to better the experience for all.

In 1999 a new system monitor was created by the users, it wasnt as popular as the ground breaking Madiba release but it was a choice by the community to move forward and grow. The system was stable for a few years, new users were able to develop more on the system, making it more lucrative monetary wise. There were still remnants of the apartheid code but the new generation of developers worked with it making it there own, though they had not yet had admin rights to help change the system, they created a developer culture of their own. A new system resources balancer was introduced called BBEE, that allowed previous disadvantage users more admin rights to other system resources, helping the user base to grow. Though the balancer was biased, and flawed it has helped the system overall to grow and move forward. It has major holes in security and may flood some aspects of the system with more outdated software patches, users have kept it in its system releases until the resource balancer moved the system into a more stable position.

The next interim system monitor release was unexpected, a quiet release that most users did not contribute towards. The system monitor after that nearly brought the system down to a halt, as it was stealing resources from users, using resources for its own gain, and hasn't released any of it back to the system.

The latest user release has been stable. It has brought more interest from users from other countries, it had more monetary advantages than all other releases before. Though it still has flaws, it has tried to balance the system thus far.

Bug report as of 16 Feb 2018
*User experience has been unbalanced since the 1994 release, still leaving some users at a disadvantage.
*The three tier user base that the 1948 release established, creating three main user groups, created a hierarchy of users that are still in effect today, thought the 1994 release tried to balance it out, the user based reversed in its hierarchy, leaving the middle group of users where they were.
*System instability has been at an all time low, allowing users to disable each others accounts, effectively
killing" them off
*Though the infrastructure of the system has been upgraded to global standards ( in some aspects ) expansions are still at an all time low
*Rogue groups of users have been taking most of the infrastructure from established users
*Security services have been heightened among user groups though admins were still able to do as they pleased without being reprimanded
*Female users have been kicked off the system at an alarming rate, the security services have only kicked in recently, but the system admins and system monitor has not done anything about it yet

Bug fixes for a future release:
*Recreating the overall sysadmin team. Removing some admins and bringing others in
*Opening the system more globally to stabilize it more
*Removing and revamping the BBEE system, replacing it with more user documentation, equalizing the user base
*Giving more resources to users that were at a disadvantage during the first release
*Giving the middle group of users more support, documentation and advantages in the system, after removing the security protocols from the user base
*Giving new users who grew up with the post 1994 release more opportunities to help grow the system on a level playing field.
*Establishing the Madiba release principles more efficiently in the current system

Two years ago, i made my graduation and started my training as system administrator. Today I got an email in my inbox; subject: like to help us?
My former IT teacher / admin asked me if I would like to create the new IT infratructure for the new school building. I never thought, that I ever go happily back to school %)

Looking for ideas here...

OK, customer runs a manufacturing business. A local web developer solicits them, convinces them to let him move their website onto his system.

He then promptly disappears. No phone calls, no e-mail, no anything for 3 months by the time they called me looking to fix things.

Since we have no access to FTP or anything except the OpenCart admin, we agree to a basic rebuild of the website and a redeployment onto a SiteGround account that they control. Dev process goes smoothly, customer is happy.

Come time to launch and...naturally, the previous dev pointed the nameservers to his account, which will not allow the business to make changes because they aren't the account owner.

"We can work around this," I figure, since all we *really* need to do is change the A records, and we can leave the e-mail set up as it is (hopefully).

Well, that hopefully is kind of true—turns out instead of being set up in GoDaddy (where the domain is registered) it's set up in Gmail—and the customer doesn't know which account is the Google admin account associated with the domain. For all we know it could be the previous developer—again.

I've been able to dig up the A, MX, and TXT records, and I'm seeing references to dreamhost.com (where the nameservers are at) in the SPF data in the TXT records. Am I going to have to update these records, or will it be safe to just leave them as they are and simply update the A record as originally planned?

So, I decided over the weekend that I would move my entire dev environment to Linux. No Windows on the laptop and only as a backup boot system for my home PC. I wanted to wean myself off of Linux as only being a VM and move to the full blown desktop.

I can only describe my experience to that of having your first kid: lot's of crying and joy at the same time.

Things I've learned:
1. The install is amazingly painless. Wi-Fi and Bluetooth work straight out of the box no configuring needed.
2. OH MY GOD THE CUSTOMIZATION. Rocking Arc Dark theme on Gnome3 = EVERYTHING IS
ALWAYS DARK MICROSOFT WHY IS THIS NOT A THING.
3. Getting Java servlets to work has been hell. I gave up trying to get them to work in eclipse and moved over to IntelliJ. More trial and error before I can figure out why tomcat won't fucking work in eclipse but it's fine in IntelliJ.
4. The UI and overall work flow has been improved after getting past the learning curve. Gnome3 is way better from when I tried it out 4 years ago.
5. Vim has a steep learning curve but I am starting to understand the net benefits of it. It'll probably be a solid month before I get good with it.
6. Loosing Microsoft Office has been a little bit of a challenge but their suite is online so....meh. I do miss Visual Studio though, and am still looking for an adequate replacement for C++ and C# development.

Overall it's been a challenge but I think it's been a net gain. Now if only I could get the whole sys-admin team to use it. ;)

Any recommendations for books on system administration in *nix? BSD books also second!

I've always been a programmer but would love to learn about sys admin.

Nothing like client requesting "Hey can you add a virus scan for every goddamn file in the pipeline ? (We don't know what antivirus software you can use, neither do we know what are the consequences of this virus scan failing. We also don't know why a system admin is not doing this server wide instead of a software Dev doing it for this specific individual component. Heck we don't even know why do we need the virus scan in the first place) You might need to think 'outside the box'. Let's hope this is done by 12th Jan. Regards" on a Friday goddamn night

They probably even expect me to write my own antivirus software instead of paying for one

Why is industry like this ? Is there really any polite way to deny this ?

I manage the infrastructure of an application. Responsible for setup, maintenance and upgrades of all the associated servers, databases, filesystems and tuning. The business area is responsible for maintaining the content and structure of the app.

A couple of weeks ago, the business area started asking me for the system admin passwords in an attempt to integrate a remote service. The reason was because he didn't want to store his own credentials in Jenkins. Imagine the shock when they were told no.

Then a week ago, they asked for the password again so they could update a properties file. Again, the answer was no.

We sent them an email yesterday asking for their change management number so we could make the change to the properties file. They were absolutely shocked to find out that we hadn't already updated the file because they had already deployed their code changes to go with the properties file last Thursday. They submitted the request to us on Friday.

Getting real tired of people screwing up and pointing the finger back at me.

a previous employee used a CMS called pimcore to develop an internal application, using only the admin interface.
now my supervisor wants me to implement a custom functionality that the system doesn't quite offer(querying an external database) in a way so that it doesn't interfere with the rest od the app; so I have to filter through a clusterfuck of auto-generated code and UI to find where, how and why components of the page are generated.
don't get me wrong, pimcore seems to be a solid CMS, but it's just the wrong tool for the job.

Trying out Bootstrap for my new Admin Panel - So far so good, very beautiful.

I do front and backend design but I love to concentrate on the functionality of my system instead of the style. Thy Bootstrap

I am on a conference call and I have this system admin saying it is hard to create a Windows virtual server. And so it starts... *eye roll* 😒😒😒

The conversations that come across my DevOps desk on a monthly basis.... These have come into my care via Slack, Email, Jira Tickets, PagerDuty alerts, text messages, GitHub PR Reviews, and phone calls. I spend most of my day just trying to log the work I'm being asked to do.

From Random People:
* Employee <A> and Contractor <B> are starting today. Please provision all 19 of their required accounts.
* Oh, they actually started yesterday, please hurry on this request.

From Engineers:
* The database is failing. Why?
* The read-only replica isn't accepting writes. Can you fix this?
* We have this new project we're starting and we need you to set up continuous integration, deployment, write our unit tests, define an integration test strategy, tell us how to mock every call to everything. We'll need several thousand dollars in AWS resources that we've barely defined. Can you define what AWS resources we need?
* We didn't like your definition of AWS resources, so we came up with our own. We're also going to need you to rearchitect the networking to support our single typescript API.
* The VPN is down and nobody can do any work because you locked us all out of connecting directly over SSH from home. Please unblock my home IP.
* Oh, looks like my VPN password expired. How do I reset my VPN password?
* My GitHub account doesn't have access to this repo. Please make my PR for me.
* Can you tell me how to run this app's test suite?
* CI system failed a build. Why?
* App doesn't send logs to the logging platform. Please tell me why.
* How do I add logging statements to my app?
* Why would I need a logging library, can't you just understand why my app doesn't need to waste my time with logs?

From Various 3rd party vendors:
* <X> application changed their license terms. How much do you really want to pay us now?

From Management:
* <X> left the company, and he was working on these tasks that seem closely related to your work. Here are the 3 GitHub Repos you now own.
* Why is our AWS bill so high? I need you to lower our bill by tomorrow. Preferably by 10k-20k monthly. Thanks.
* Please send this month's plan for DevOps work.
* Please don't do anything on your plan.
* Here's your actual new plan for the month.
* Please also do these 10 interruptions-which-became-epic-projects

From AWS:
* Dear AWS Admin, 17 instances need to be rebooted. Please do so by tomorrow.
* Dear AWS Admin, 3 user accounts saw suspicious activity. Please confirm these were actually you.
* Dear AWS Admin, you need to relaunch every one of your instances into a new VPC within the next year.
* Dear AWS Admin, Your app was suspiciously accessing XYZ, which is a violation of our terms of service. You have 24 hours to address this before we delete your AWS account.

Finally, From Management:
* Please provide management with updates, nobody knows what you do.

From me:
Please pay me more. Please give me a team to assist so I'm not a team of one. Also, my wife is asking me to look for a new job, and she's not wrong. Just saying.

Program: Meets a critical bug, potentially crashing the whole system.
Administrator: Presses the "Emergency stop" button.
Emergency stop program: Meets a critical bug in itself.
Admin: X . X

[Conference Call on Project Launch]
🤡: we just came up with an extra list of features to add to the system
🙊: but we just finished the system and it is ready on UAT server to sign off
🤡: we want these features, they are essential for a better backend admin experience
🤡: and we have been working on this project for almost a year!! we need these features and launch now!
🙊: (well, it took you guys six months to sign off on the initial graphics designs...) can we first launch what we have on UAT site first as they have been sitting here waiting for your approval
🤡: ok. i will test them and provide feedback. if it’s all good, then you can launch it.
🙊: ok. we will do another set of UAT after launch for your new features.
🤡: ok. i will let you know when we can launch the current UAT.

[Two weeks later]
🤡: #%^#*+!! why are the new features not on the UAT site yet!! why are there no changes after two week!! we cannot accept more delays! really need to launch asap!
🙈: 🖕🏽

During my first internship I had to change a number in an Admin panel (system called "sonata admin").

Couldn't upload the file through ftp, called my supervisor, he SSH'd into the host and replaced the file.

When we refreshed the site it was a blank page with nothing but the logo on it.

We got it working again but man what a scare.

No joke at my old shool computer system. We couldn't install anything on our accounts. As a joke I tried admin and no password. Didn't work. My friend pressed "q" with no password. Got a message "Totally not bloatware is now installing." Amazing.

We have a git hook that posts in a group chat for our whole department when we do a git pull on production. I'm on vacation all next week, here is what I had the git hook display in the chat just like a true commit. "Onyx" is our ERP system and "Onyx Admin" is a key program that runs many "jobs".

Onyx Htdocs Updated: <D.Va> Onyx Admin Self-Destruct. NERF THIS!

personal projects, of course, but let's count the only one that could actually be considered finished and released.

which was a local social network site. i was making and running it for about three years as a replacement for a site that its original admin took down without warning because he got fed up with the community. i loved the community and missed it, so that was my motivation to learn web stack (html, css, php, mysql, js).

first version was done and up in a week, single flat php file, no oop, just ifs. was about 5k lines long and was missing 90% of features, but i got it out and by word of mouth/mail is started gathering the community back.

right as i put it up, i learned about include directive, so i started re-coding it from scratch, and "this time properly", separated into one file per page.

that took about a month, got to about 10k lines of code, with about 30% of planned functionality.

i put it up, and then i learned that php can do objects, so i started another rewrite from scratch. two or three months later, about 15k lines of code, and 60% of the intended functionality.

i put it up, and learned about ajax (which was a pretty new thing since this was 2006), so i started another rewrite, this time not completely from scratch i think.

three months later, final length about 30k lines of code, and 120% of originally intended functionality (since i got some new features ideas along the way).

put it up, was very happy with it, and since i gathered quite a lot of user-generated data already through all of that time, i started seeing patterns, and started to think about some crazy stuff like auto-tagging posts based on their content (tags like positive, negative, angry, sad, family issues, health issues, etc), rewarding users based on auto-detection whether their comments stirred more (and good) discussion, or stifled it, tracking user's mental health and life situation (scale of great to horrible, something like that) based on the analysis of the texts of their posts...

... never got around to that though, missed two months hosting payments and in that time the admin of the original site put it back up, so i just told people to move back there.

awesome experience, though. worth every second.

to this day probably the project i'm most proud of (which is sad, i suppose) - the final version had its own builtin forum section with proper topics, reply threads, wysiwyg post editor, personal diaries where people could set per-post visibility (everyone, only logged in users, only my friends), mental health questionnaires that tracked user's results in time and showed them in a cool flash charts, questionnaire editor where users could make their own tests/quizzes, article section, like/dislike voting on everything, page-global ajax chat of all users that would stay open in bottom right corner, hangouts-style, private messages, even a "pointer" system where sending special commands to the chat aimed at a specific user would cause page elements to highlight on their client, meaning if someone asked "how do i do this thing on the page?", i could send that command and the button to the subpage would get highlighted, after they clicked it and the subpage loaded, the next step in the process would get highlighted, with a custom explanation text, etc...

dammit, now i got seriously nostalgic. it was an awesome piece of work, if i may say so. and i wasn't the only one thinking that, since showing the page off landed me my first two or three programming jobs, right out of highschool. 10 minutes of smalltalk, then they asked about my knowledge, i whipped up that site and gave a short walkthrough talking a bit about how the most interesting pieces were implemented, done, hired XD

those were good times, when I still felt like the programmer whiz kid =D

as i said, worth every second, every drop of sweat, every torn hair, several times over, even though "actual net financial profit" was around minus two hundred euro paid for those two or three years of hosting.

There were two of them, not sure which was completed first. One was malware, the second one -- admin tool.

These were the early XP days

1. A batch [windows] script to ease system users' mgmt. Nothing fancy, just multiple calls to usercontrol. My dad needed it for work, and there, it was born. To extend further I made it into an exe file w/ some icon. I felt very proud of it :)

2. I have already told a story of this one at dR. Anyway, it was also a batch script. Except that it was more advanced. Basicaly it was a trojan. Once executed it discovered all that computer's ip addresses and uploaded them to an ftp. Then - pulled a headless radmin installation and initiated a silent install of radmin server. Added radmin server's executable to autolaunch list so that it would come up after reboots. Once done - uploaded SUCCESS status to my ftp. And then all I had left to do - pick an ip from my ftp and enter it into radmin client's CONNECT window. I had a full controll of over a dozen of pcs

This is the story of probably the least secure CMS ever, at least for the size of it's consumer base. I ran into this many years ago, before I knew anything about how websites work, and the CMS doesn't exist anymore, so I can't really investigate why everything behaved so strangely, but it was strange.

This CMS was a kind of blog platform, except only specially authorised users could view it. It also included hosting. I was helping my friend set it up, and it basically involved sending everybody who was authorized a email with a link to create an account.

The first thing my friend got complaints about was the strange password system. The website had two password boxes, with a limit of (I think) 5 characters each. So when creating a account we recomended people simply insert the first 5 characters in the first box, and the rest in the second. I can not really think of a good explanation for this system, except maybe a shitty way to make sure password are at least 5 characters? Anyway, since this website was insecure the password was emailed to you after the account was created. This is not yet the WTF part.

The CMS forced sidebar with navigation, it also showed the currently logged in users. Except for being unreadable due to a colorful background image, there where many strange behaviors. The sidebar would generally stay even when navigating to external websites. Some internal links would open a second identical sidebar right next to the third. Now, I think that the issue was the main content was in an iframe with the sidebar outside it, but I didn't know about iframe's back then.

So far, we had mostly tested on my friends computer, which was logged in as the blog administrator. At some point, we tried testing with a different account. However, the behavior of sidebars was even stranger now. Now internal links that had previously opened a second, identical sidebar opened a sidebar slightly different from the first: One where the administrator was logged in.

We expirimented somewhat, and found that by clicking links in the second sidebar, we could, with only the login of a random user, change and edit all the settings of the site. Further investigation revealed these urls had a ending like ?user=administrator2J8KZV98YT where administrator was the my friends username. We weren't sure of the exact meaning of the random digits at the end, maybe a hash of the password?

Despite my advice, my friend decided to keep using this CMS. There was also a proper way to do internal links instead of copying the address bar, and he put a warning up not to copy links to on the homepage. Only when the CMS shut down did he finally switch to a system where formatting a link wrong could give anybody admin access.

Fuck, there‘s this cool tool react-admin. I want to use it as generic CRUD UI for my framework. Basics work already.

But fuck it this fucking react crap a PITA. Who for fuck‘s sake invented that shit? Damn facebook crackheads ..
JSX ... the worst idea ever.

I worked with vue before and then .. easy, just awesome.

But this crap is utterly unproductive, way too complex, ugly syntax, needs an unholy shit if dependencies, let alone the build system ...
Fuck u react fuck u ...

A question, because we currently discussing it at work:
We want to add a permission role system and we will have kind of fixed permission roles like a role without any permissions, a support role with some permissions and an admin role with all permissions. Should I add role entries in migrations?
The role system wouldn't be very generic anymore.
But we need e.g. a default role for new users and I don't know how to do it, without a fixed role in db.
Maybe you all have an opinion on it.

The college's Dean of Projects, when evaluating my first year project, which was using blockchains.

DoP: "So, we have this cool cloud system, incase you need to mine or something, come contact me and I'll give you access."

ME: "Sir, this project is distributed and uses computers in a network to protect data, it is not cryptocurrency."

DoP: "Yes, I understand, but we have this system here that can mine a lot, I overheard one of my staff talk about how we were wasting money by not using the system to do such stuff."

ME: "Sure, I'll have it setup to mine some altcoin then."

DoP: "Yeah, well I don't know anything about this stuff, can you do it all, yourself. I'll give you Admin access"

ME AFTER GETTING ADMIN ACCESS

"HOLLY F#@%*! Now I know where these sites are hosted!"

NOTE: I know that every other college has this problem, but the staff is the least innocent.

While Indian govt. talks about digitizing the country and is pushing ahead with it, their Employee's Provident Fund Org (EPFO) infra is absolutely shit and it's killing small time business that want to help their employees.

You need to add Digital Certs to do just about anything (great security wise) BUT,
The digital sign interface is written in Java Flash, that was dropped by all modern browsers 4 years ago.
The only stable working latest browser for it is Firefox 52 released 3 years ago.

The USB tokens used/supported are all Chinese that don't respect OSS drivers and fork built their own (read Watchdata) with no/shitty and cumbersome linux support (couldn't get it working after 2 nights of trying different versions of drivers).
You still have to run Windows to sign the docs or to interact with EPFO using legacy browsers from 2016

Non Tech problems: EPFO charges 500 Rs/month minimum admin charges, and I pay 1200 Rs PF for my driver. That kind of commission is plain stupid and will make small employers run away from paying PF for their employees.

Any interaction with EPFO is like having to eat thorns. painful, unnecessary bullshit. How useless can someone be building such a system released in 2019?
I just hope they fix it. A simple google search shows there is Web Crypto API for modern browsers. Someone wake these people up. SMH

Any Linux system admin here? Or any profession related to Linux? Want to share things with you. Also get some knowledge from small talks.

Opinions

Hello, I’m considering building a web framework.

My ideal features would be:
Customizable authentication system(considering using a jwt lib)
Embedded DB(bolt db)
ORM( writing my own)
REST api to DB (via code generator)
Code generator(generation of models and views via cli)
GUI to db(some admin dashboard)
CORS(web service right?)

Why?
Ease of development
Fast prototyping of small-medium web services.
Fun.

My question is, do i have to many things on my platter? Should i narrow it down into less featured framework? What feature should I focus on? How should i benchmark it? Should i write tests for absolutely everything or just for exported methods? What should i take into consideration when developing ORM API, Auth API...

The language is Go

Thank you for your input

Can someone, anyone, explain to me, how can Microsoft get away with *charging extra* for additional concurrent RDP sessions on a self-hosted instance of Windows Server?

And not only that, but apparently also charges extra once the box gets over a certain amount of system users, too.

As a Linux admin that's used to working in teams over SSH, it just completely baffles me.

It would be terrible if such a practice was in free software... But a system, that one already *pays* for to run?

Or did I understand something wrong from a colleague that claims that this is the reason why I can't get an account on one of our Windows Servers?

Our system admin just claimed that Mac OS runs on Linux kernel

Inherited a legacy system from a previous "developer" who wrote code to sanitize input from sql injection in the front end and then called an web method called execSql which accepts am sql statement in a string value!

Obviously the app ran under admin privileges.

So as a personal project for work I decided to start data logging facility variables, it's something that we might need to pickup at some point in the future so decided to take the initiative since I'm the new guy.
I setup some basic current loop sensors are things like gas line pressures for bulk nitrogen and compressed air but decided to go with a more advanced system for logging the temperature and humidity in the labs. These sensors come with 'software' it's a web site you host internally. Cool so I just need to build a simple web server to run these PoE sensors. No big deal right, it's just an IIS service. Months after ordering Server 2019 though SSC I get 4 activation codes 2 MAK and 2 KMS. I won the lottery now i just have to download the server 2019 retail ISO and... Won't take the keys. Back to purchasing, "oh I can download that for you, what key is yours". Um... I dunno you sent me 4 Can I just get the link, "well you have to have a login". Ok what building are you in I'll drive over with a USB key (hoping there on the same campus), "the download keeps stopping, I'll contact the IT service in your building". a week later I get an install ISO and still no one knows that key is mine. Local IT service suggests it's probably a MAK key since I originally got a quote for a retail copy and we don't run a KMS server on the network I'm using for testing. We'll doesn't windows reject all 4 keys then proceed to register with a non-existent KMS server on the network I'm using for testing. Great so now this server that is supposed to connected to a private network for the sensors and use the second NIC for an internet connection has to be connected to the old network that I'm using for testing because that's where the KMS server seems to be. Ok no big deal the old network has internet except the powers that be want to migrate everything to the new more secure network but I still need to be connected to the KMS server because they sent me the wrong key. So I'm up to three network cards and some of my basic sensors are running on yet another network and I want to migrate the management software to this hardware to have all my data logging in one system. I had to label the Ethernet ports so I could hand over the hardware for certification and security scans.

So at this point I have my system running with a couple sensors setup with static IP's because I haven't had time to setup the DNS for the private network the sensors run on. Local IT goes to install McAfee and can't because it isn't compatible with anything after 1809 or later, I get a message back that " we only support up to 1709" I point out that it's server 2019, "Oh yeah, let me ask about that" a bunch of back and forth ensues and finally Local IT get's a version of McAfee that will install, runs security scan again i get a message back. " There are two high risk issues on your server", my blood pressure is getting high as well. The risks there looking at McAfee versions are out of date and windows Defender is disabled (because of McAfee).

There's a low risk issue as well, something relating to the DNS service I didn't fully setup. I tell local IT just disable it for now, then think we'll heck I'll remote in and do it. Nope can't remote into my server, oh they renamed it well that's lot going to stay that way but whatever oh here's the IP they assigned it, nope cant remote in no privileges. Ok so I run up three flights of stairs to local IT before they leave for the day log into my server yup RDP is enabled, odd but whatever let's delete the DNS role for now, nope you don't have admin privileges. Now I'm really getting displeased, I can;t have admin privileges on the network you want me to use to support the service on a system you can't support and I'm supposed to believe you can migrate the life safety systems you want us to move. I'm using my system to prove that the 2FA system works, at this rate I'm going to have 2FA access to a completely worthless broken system in a few years. good thing I rebuilt the whole server in a VM I'm planning to deploy before I get the official one back. I'm skipping a lot of the ridiculous back and forth conversations because the more I think about it the more irritated I get.

We have 2 sites. I, dev, set the https system for one in 10 minutes. The sys admin has been working on it for two hours already and he doesn't want help

Ok so I'm parts UI/UX designer in a corporate setting so I use graphic editing software like Photoshop rather extensively.

Obviously, I'm confronted to a lot of admin rights restrictions, which is to be expected.

What I'd like to know is why the f*** does ADDING A FONT in W10 require admin rights ?

What's potential security loophole could one exploit using TrueType font installation exactly ? Or are they afraid someone's going to remove all system fonts from the Fonts folder ? Anybody that does that shouldn't be allowed access a computer afterwards.

So I miss my job to go to the local traffic department to check my driver license and their system is out. (boss will fuck me)

Then I see they have 5 brand new Windows powered HP machines you can use to check your processes and stuff. The Internet is blocked, but strangely no one bothered that user has administrative rights.

Cmd and Explorer in the screen are in admin mode

If i have 4 types of user in a system, is it better to separate them each individually into their own models:
- UserA
- UserB
- UserC
- UserD

or should i group them all into 1 model:
- User

And then add an attribute Role in order to distinguish each one?

What is the proper way?

Entities:
- admin
- staff
- seller
- buyer

How would you structure these as ER diagram?

Agency adventures: Client always asking for bespoke hardcoded changes in the system. They want to save budget, so you suggest to make a admin screen for that frequent change so they can manage themselves and not pay you to do. You make that. Client keep creativity on top levels, asking for changes not supported by the new feature and that still have to be hardcoded.

Now, after the time estimates, they kindly ask: "can't you use that admin page to speed up your work?".

Which ons is less risky and which one Is most profitable to succeed ?

0- telling the admin you forgot your password and as he's logging in, sniff his password (you already placed sslstrip)

1- gain access to router using its vulnerabilities and redirect the traffic to a fake page and get the password.

2- exploiting smb port of admin's system and placing a krylogger or stealing his cookies if available

3- brute forcing admin password :/

4- pressing forgot password on admin account and staying close to him and sniff the SMS containing the otp using rtl-sdr (and of course you will be prompted to set a new password)

5- any other way .

Also the website itself is almost secure.
It is using iis 8.5 and windows server 2012
Only open ports are 80 and 443.

!rant
What I tell every Admin Padawan and I hope it will help you, too...

---
Whatever you do on any system, always make sure you know and are able to revert your changes so you can return to the last working system state.
---

It is basically somewhat similar to "always have a backup". But it goes much further in my opinion because it also implies that you know for certain that a recovery works as well since:

"Nobody wants backup, everybody wants recovery"

HOW to document business logic in code?

background:

I'm a frontend dev for admin system of our company. Often times I code things like: if user choose this product type and that settings then I show some other input field to input. I deal with mostly forms and show/hide UI for user. And after some time nor did user/PM/test or myself remember the logic of what should show or why something do not show.

So I want something to be able to let me write code and business logic along the way.(I'm not asking for API docs or function docs like JSDoc)

Great Thanks

Related topics:

And In terms of this, I would also like to build something to centralize PM's business DOC with developers API/dev Doc and also things like how to test for our test team and etc... basically a unified place to document everything, I think scenarios like these inside companies should exists so I would like to know how other company do this.

From one pc problem to the next, today while I thought everything was fine, my pc probably overheated and now the motherboard doesn't seem to boot anymore (rgb turns on, but the lights indicating the current step of the boot don't). I panicked and thought maybe it was the CPU, because it was my first time applying thermal paste and did the thing where I ripped the cooler off the motherboard and the CPU attached to it, which I only learned in retrospect that that was a thing. I slightly bent 2 CPU pins doing that.

So far no reason to be overly pissed than panicked, but then I decided to ask on r/pcmasterrace (or masterinsolent) and boy, probable because I mentioned the game I was playing I was only getting responses like "OP dumb, game doesn't do that. I love this game so much I let the developers fuck my wife while I am playing" instead of trying to help or clear up misunderstandings.

Thankfully a system/server admin I know was able to provide me with advice to fix the bent pins, but the motherboard itself still seems pretty dead.

I'll plug the cpu into my older motherboard tomorrow and see if that might be the reason. If you have additional advice, I would appreciate it

Is academia just a display of how well you can be a good cog in a system? I feel like I've done more admin work than development just to pass. Too far in to quit though.

💡 Have an idea to develop a system

*browse what language to use
*browse what template to use
*meh, I should write my own template cause I'm too smart
*F it, I realized im dumb, back to browse template
*browse why x better than y
*browse which company use x
*browse which hosting to use
*find admin template
*browse cat fighting with subtitle

This rabbit hole. And the project hasn't started yet for weeks and months.

I am working on partitioning my life and getting my tech stuff and online life organized. Partially fun, partially dread. Still one of the better things I'm dealing with right now.

Tech stuff mainly includes desktop PC (Qubes OS), network (to be driven by openwrt) and smartphone (already running Lineage OS, but I want to build my own LOS). This is the fun part. I want to add a NAS, but I'm too cheap for a proper one (at least for my >20TB media).

Furthermore offline stuff: Remove clutter, get analog documents properly organized (with a sustainable system) and possibly digitalized. I already have maybe half of the things I own in boxes each with a specific purpose (e.g. audio cables, network cables and game controllers each have their own box). Can be tiresome, but it's easy to see a progress and that makes it quite okay.

Online life: That's a big one. A large chunk is email and the hundreds of website accounts. I have them in a keepass file, but all running under the same address. Unfortunately I need to have a Facebook account for some purposes, but I'd like to start over with a new one. Not so easy when you have to transfer group admin privileges though, when I tried the last time I tripped some system and the new account was banned. Annoying.

Package build fails on Jenkins. I try to investigate locally. Builds fine locally. Managed to convince admin to let me ssh there to debug there in the exactly same environment. Builds there without any issues when triggered manually. I'm missing some little piece of environment from jenkins job or there could be some race somewhere. I really hate those random errors, we really need to get sane build system so I wouldn't need to debug those irreproducible build issues. Aaarrrghh!!!