Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "thank you paypal"
-
I wonder why banks are always so terribly insecure, given how much money there's for grabs in there for hackers.
Just a while ago I got a new prepaid credit card from bpost, our local postal service that for some reason also does banking. The reason for that being that - thank you 'Murica! - a lot of websites out there don't accept anything but credit cards and PayPal. Because who in their right mind wouldn't use credit cards, right?! As it turns out, it's pretty much every European I've spoken to so far.
That aside, I got that card, all fine and dandy, it's part of the Mastercard network so at least I can get my purchases from those shitty American sites that don't accept anything else now. Looked into the manual of it because bpost's FAQ isn't very clear about what my login data for their online customer area now actually is. Not that their instruction manual was either.
I noticed in that manual that apparently the PIN code can't be changed (for "security reasons", totally not the alternative that probably they didn't want to implement it), and that requesting a forgotten PIN code can be done with as little as calling them up, and they'll then send the password - not a reset form, the password itself! IN THE FUCKING MAIL.
Because that's apparently how financial institutions manage their passwords. The fact that they know your password means that they're storing it in plain text, probably in a database with all the card numbers and CVC's next to it. Wouldn't that be a treasure trove for cybercriminals, I wonder? But YOU the customer can't change your password, because obviously YOU wouldn't be able to maintain a secure password, yet THEY are obviously the ones with all the security and should be the ones to take out of YOUR hands the responsibility to maintain YOUR OWN password.
Banking logic. I fucking love it.
As for their database.. I reckon that that's probably written in COBOL too. Because why wouldn't you.23 -
TLDR: crappy api + idiot ex client combo rant // devam si duška
I saw a lot of people bitching about APIs that don't return proper response codes and other stuff..
Well let me tell you a story. I used to work on a project where we had to do something like booking, but better..crossbreed with the Off&Away bidding site (which btw we had to rip off the .js stuff and reverse engineer the whole timer thingy), using free versions of everything..even though money wasn't an issue (what our client said). Same client decided to go with transhotel because it was sooooo gooood... OK? Why did noone heard of them then?
Anyhow, the api was xml based.. we had to send some xml that was validated against a schema, we received another that was supposed to be validated againts another schema.. and so on and so on..
...
...
supposed..
The API docs were nonexistent.. What was there, was broken English or Spanish.. Even had some comments like Add This & that to chapter xy.. Of course that chapter didn't even exist yet. :( And the last documentation they had, was really really old..more than a year, with visible gaps, we got the validation schemas not even listed in the docs, let alone described properly.
Yaaay! And that was not everything.. besides wrong and missing data, the API itself caused the 500 server error whenever you were no longer authenticated.
Of course it didn't tell you that your session was dead.. Just pooof! Unhandled crap everywhere!
And the best part?! We handled that login after inspecting what the hell happened, but sent the notification to the company anyways.. We had a conf call, and sent numerous emails explaining to them what a 'try catch' is and how they should handle the not authenticated error <= BTW they should have had a handled xml response for that, we got the schema for it! But they didn't. Anyhow, after two agonizing days talking back and forth they at least set up the server to be available again after the horrified 500 error. Before, it even stopped responding until reset (don't ask me how they managed to do that).
Oh yeah, did I mention this was a worldwide renown company?! Where everybody spoke/wrote English?! Yup, they have more than 700 people there, of course they speak English! <= another one of my ex clients fabulous statements... making me wanna strangle him with his tie.. I told him I am not talking to them because no-one there understood/spoke English and it would be a waste of my time.. Guess who spent almost 3 hours to talk to someone who sounded like a stereotypical Indian support tech guy with a flue speaking Italian?! // no offence please for the referenced parties!!
So yeah, sadly I don't have SS of the fucked up documentation..and I cannot post more details (not sure if the NDA still holds even though they canceled the project).. Not that I care really.. not after I saw how the client would treat his customers..
Anywayz I found on the interwebz some proof that this shitty api existed..
picture + link: https://programmableweb.com/api/...
SubRant: the client was an idiot! Probably still is, but no longer my client..
Wanted to store the credit card info + cvc and owner info etc.. in our database.. for easier second payment, like on paypal (which he wanted me to totally customize the payment page of paypal, and if that wasn't possible to collect user data on our personalized payment page and then just send it over to paypal api, if possible in plaintext, he just didn't care as long as he got his personalized payment page) or sth.... I told the company owner that they are fucking retards if they think they can pull this off & that they will lose all their (potential) clients if they figure that out.. or god forbid someone hacked us and stole the data.. I think this shit is also against the law..
I think it goes without saying what happened next.. called him ignorant stupid fucktard to his face and told him I ain't doing that since our company didn't even had a certificate to store the last 4 numbers.. They heard my voice over the whole firm.. we had fish-tank like offices, so they could all see me yelling at the director..
Guess who got laid off due to not being needed anymore the next day?! It was the best day of my life..so far!! Never have I been happier to lose my job!!
P.S. all that crap + test + the whole backand for analysis, the whole crm + campaign emails etc.. the client wanted done in 6 months.. O.o
P.P.S. almost shat my pants when devRant notified my I cannot post and wanted to copy the message and then everything disappeard.. thank god I have written this in the n++ xDundefined venting big time issues no documentation idiot xml security api privacy ashole crappy client rant11 -
Had a mental breakdown a few days ago. Crying like it's the end of the world when computer stopped working. I was a Picasso drawing of the hysteria, basically.
My exams are getting near, I'm really not ready; yet this chick keeps asking me about ten euros I borrowed from her a year and something back when we were going to a club they asked me to go to with them... Given her persistence that I should wire her the money (no PayPal tho) I assume she's up to something super shady. Why does she need my account info for?
Anyways, being annoyed by only ten euros (in our currency, it's not much, btw. It's less than two bags of expensive chips, or 5 dozen of the cheapest eggs on the market) and not studying enough, there is also my work. I feel so incompetent that I may just resign. Like... I'm not smart enough for this project. 😢 And I'm aware of it.
Put that on the side with this uni's project, which is very "Urghhhhh" because of too many people working on the same project, some of who need to be sent back to kindergarten to learn how to cooperate with others.
And in the middle of all of that, I'm trying to stay as zen as possible until the next mental breakdown. 😑😑😐
Thank you for reading this rant.7 -
PayPal = GayPal
PHASE 1
1. I create my personal gaypal account
2. I use my real data
3. Try to link my debit card, denied
4. Call gaypal support via international phone number
5. Guy asks me for my full name email phone number debit card street address, all confirmed and verified
6. Finally i can add my card
PAHSE 2
7. Now the account is temporarily limited and in review, for absolutely no fucking reason, need 3 days for it to be done
8. Five (5) days later still limited i cant deposit or withdraw money
9. Call gaypal support again via phone number, burn my phone bill
10. Guy tells me to wait for 3 days and he'll resolve it
PHASE 3
11. One (1) day later (and not 3), i wake up from a yellow account to a red account where my account is now permanently limited WITHOUT ANY FUCKING REASON WHY
12. They blocked my card and forever blocked my name from using gaypal
13. I contact them on twitter to tell me what their fucking problem is and they tell me this:
"Hi there, thank you for being so patient while your conversation was being escalated to me. I understand from your messages that your PayPal account has been permanently limited, I appreciate this can be concerning. Sometimes PayPal makes the decision to end a relationship with a customer if we believe there has been a violation of our terms of service or if a customer's business or business practices pose a high risk to PayPal or the PayPal community. This type of decision isn’t something we do lightly, and I can assure you that we fully review all factors of an account before making this type of decision. While I appreciate that you don’t agree with the outcome, this is something that would have been fully reviewed and we would be unable to change it. If there are funds on your balance, they can be held for up to 180 days from when you received your most recent payment. This is to reduce the impact of any disputes or chargebacks being filed against you. After this point, you will then receive an email with more information on accessing your balance.
As you can appreciate, I would not be able to share the exact reason why the account was permanently limited as I cannot provide any account-specific information on Twitter for security reasons. Also, we may not be able to share additional information with you as our reviews are based on confidential criteria, and we have no obligation to disclose the details of our risk management or security procedures or our confidential information to you. As you can no longer use our services, I recommend researching payment processors you can use going forward. I aplogise for any inconvenience caused."
PHASE 4
14. I see they basically replied in context of "fuck you and suck my fucking dick". So I reply aggressively:
"That seems like you're a fraudulent company robbing people. The fact that you can't tell me what exactly have i broken for your terms of service, means you're hiding something, because i haven't broken anything. I have NOT violated your terms of service. Prove to me that i have. Your words and confidentially means nothing. CALL MY NUMBER and talk to me privately and explain to me what the problem is. Go 1 on 1 with the account owner and lets talk
You have no right to block my financial statements for 180 days WITHOUT A REASON. I am NOT going to wait 6 months to get my money out
Had i done something wrong or violated your terms of service, I would admit it and not bother trying to get my account back. But knowing i did nothing wrong AND STILL GOT BLOCKED, i will not back down without getting my money out or a reason what the problem is.
Do you understand?"
15. They reply:
"I regret that we're unable to provide you with the answer you're looking for with this. As no additional information can be provided on this topic, any additional questions pertaining to this issue would yield no further responses. Thank you for your time, and I wish you the best of luck in utilizing another payment processor."
16. ARE YOU FUCKING KIDDING ME? I AM BLOCKED FOR NO FUCKING REASON, THEY TOOK MY MONEY AND DONT GIVE A FUCK TO ANSWER WHY THEY DID THAT?
HOW CAN I FILE A LAWSUIT AGAINST THIS FRAUDULENT CORPORATION?12 -
Thank you hosing company, all you had to do was rebuild the crummy php 5.2 cgi with an up to date version of openssl that supports tls 1.2 so the PayPal integrations work for the seven customers who are too fucking tight to pay to have their sites upgraded to something modern...
Not set all 120 sites across five servers to run on php 5.2..
Assholes!2 -
How do I properly and cost effectively integrate payment systems into a website? What do I have to look out for? Which payment portals can you recommend? I have a general hatred towards PayPal, am willing to integrate it though, I want to be able to handle credit cards and as many other payment options as possible (I am based in Europe - Austria). I also want to support payments via Monero. I have experience building websites from front to backend and have handled credentials and stuff like that before in a professional environment but never integrated any payment systems so I'd appreciate links to resources, recommendations and tips for doing so in a safe and cost effective way. Thank you.3
-
Yesterday's was fucking stupid.
It all begins with a fucking online clothes shop that "cancelled" my order from a week ago because "PayPal detected strange account movements". I logged into my PP Account and no notice or whatsoever of that.
Then they tell me I'll have to wait around for ~30 days to get my money back. Are you fucking damn serious? First you delay my fucking order a week then you cancel it without contacting me to "reassure" I put the order and then you say that I'll have my money back on 30 days? Fuck you.
Thereafter, I was going to buy a new phone, which two weeks ago I already went to request a quotation and they told me I was ready to go with paying 50% off.
Well... fuck me, because I went yesterday and they told me that I couldn't get the phone becase "The system says you already have three lines with our company, and all of those have money due" What? Fucking shit, I went two weeks ago and everything was fine, and now this? I don't even have an account in that stupid company and now they tell me I have three with late payments?
FUCKING HELL!!
As if everything wasn't going bad already, I went off and said I'll come back today to see "if the system has been corrected", so I went to grab a burger at McDonalds that's on my way back home.
I make my order and the cashier is like "Hurr durr.. The card terminal doesn't work, do you have cash? If not, don't worry I can cancel the order and switch to the other station so i can charge you"
ARE YOU FUCKING SERIOUS? I mean, come on dude! If you know that the shitty card terminal doesn't work and the station that it's fully functional it's literally three fucking steps next to you, WHY THE FUCKING FLYING FUCK ARE YOU USING THE WRONG ONE?
Then I wait for my order, that I saw they prepared and was ready like in 5 minutes, but the guy went and stood looking at the void. Then he realizes and begins to pick my food and set it up. He puts it on a tray and stands there, I stand there looking at him.
"My order was to go" I said... then he's like "Oh, yeah" and begins to pack.
Dude... the order is in the fucking screen, I said the cashier that It was to go... jesus.
Then I tell him "Can you put some sweet mustard packages?"
"Yeah" he says... but I looked away. When I arrived home, I opened the bag and... FUCKING HELL, NORMAL MUSTARD.
I told him twice, even said "please" and "thank you", but hell no, he had ONE JOB, and he didn't do it.
Seriously guys, stop this fucking mess, somebody call `kill`