Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "verified"
-
console.log('This website owner is a verified shit nugget. Avoid business.');
If you get a bad client, warn others! ;)11 -
If drinking coffee doesn't wake you up in the morning, try deleting a table in the production database.
Verified, it worked.4 -
My code review nightmare part 3
Performed a review on/against a workplace 'nemesis'. I didn't follow the department standards document (cause I could care less about spacing, sorted usings, etc) and identified over 80 bugs, logic errors, n+1 patterns, memory leaks (yes, even in .net devs can cause em'), and general bad behavior (ex.'eating' exceptions that should be handled or at least logged)
Because 'Jeff' was considered a golden child (that's another long TL;DR), his boss and others took a major offense and demanded I justify my review, item by item.
About 2 hours into the meeting, our department mgr realized embarrassing Jeff any further wasn't doing anyone any good and decided to take matters into his own hands. Thinking 'well, its about time he did his job', I go back to my desk. About an hour later..
Mgr: "I need you in the conference room, RIGHT NOW!"
<oh crap>
Mgr: "I spoke to Jeff and I think I know what the problem is. Did you ever train him on any of the problems you identified in the review?"
Me: "Um, no. Why would I?"
Mgr: "Ha!..I was right. So lets agree the problems are partially your fault, OK?"
Me: "Finding the bugs in his code is somehow my fault?"
Mgr: "Yes! For example, the n+1 problem in using the WCF service, you never trained him on how to use the service. You wrote the service, correct?"
Me: "Yes, but it's not my job to teach him how to write C#. I documented the process and have examples in the document to avoid n+1. All he had to do was copy/paste."
Mgr: "But you never sat with Jeff and talked to him like a human being? You sit over there in your silo and are oblivious to the problems you cause. This ends today!"
Me: "What the...I have no idea what you are talking about. What in the world did Jeff tell you?"
Mgr: "He told me enough and I'm putting an end to it. I want a compressive training class developed on how to use your service. I'll give you a month to get your act together and properly train these developers."
3 days later, I submit the power-point presentation and accompanying docs. It was only one WCF with a handful of methods. Mgr approved the training, etc..etc. execute the 'training', and Jeff submits a code review a couple of weeks later. From over 80 issues to around 50. The poop hits the fan again.
Mgr: "What's your problem? When are you going to take your responsibility seriously?"
Me: "Its pretty clear I don't have the problem. All the review items were also verified by other devs. Its not me trying to be an asshole."
Mgr: "Enough with the excuses. If you think you can do a better job *you* make the code changes and submit them for Jeff for review. No More Excuses!"
Couple of days later, I make the changes, submit them for review, and Jeff really couldn't say too much other than "I don't see this as an improvement"
TL;DR, I had been tracking the errors generated by the site due to the bugs prior to my changes. After deployment, # of errors went from thousands per hour to maybe hundreds per day (that's another story) and the site saw significant performance increases, fewer customer complaints, etc..etc.
At a company event, the department VP hands out special recognition awards:
VP: "This award is especially well earned. Not only does this individual exemplify the company's focus on teamwork, he also went above and beyond the call of duty to serve our customers. Jeff, come on up and get this well deserved award."19 -
Story time :
Sometime ago I posted a video on YouTube on how to root a particular phone that was lying around at home. I was trying to demonstrate one of those "one-tap root" apps that were plentiful in the market. It so happened that one specific version of Framaroot and one particular method of exploit works for that device. I even verified this by trying different versions and it didn't work. So in the description it was mentioned to use ONLY this version that worked. Few days later there were atleast 5 dislikes and comments that it didn't work on some other version.
Seriously?
That's how I understood how stupid and dumb people can get.7 -
I've found sites like Udemy/Khanacademy/Codecademy/Brilliant/Edx to be very useful — possibly more useful than expensive education.
But they still need:
1. Better correction/update mechanisms. Human teachers make mistakes and material gets outdated, and while online teachers are rectified faster than classroom teachers, the procedure is still not optimal. Knowledge should be a bit more like a verified wiki.
2. Some have great interactive coding environments, some have great videos, some have awesome texts, some have helpful communities. None has it all. In the end, I don't want to learn a new language by writing code in my browser. It could all be integrated/synced to the point where IDEs have plugins which are synced to online videos, with tests and exercises built in, up to a social network where you could send snippets for review and add reviews to other people's code.
3. Accreditation. Some platforms offer this against payment, but I think those platforms often feel very old school (pun intended), with fixed schedules, marks and enrollments. Self paced is a must.
4. Depth is important. Current online courses are often a bit introductory. We need more advanced courses about algorithms, theoretical computer science, code design, relational algebra, category theory, etc. I get that it's about supply/demand, but we will eventually need to have those topics covered.
I do believe that for CS, full online education will eventually win from the classroom — it's still in its infancy, but has more potential to grow into correct, modern education.10 -
POSTMORTEM
"4096 bit ~ 96 hours is what he said.
IDK why, but when he took the challenge, he posted that it'd take 36 hours"
As @cbsa wrote, and nitwhiz wrote "but the statement was that op's i3 did it in 11 hours. So there must be a result already, which can be verified?"
I added time because I was in the middle of a port involving ArbFloat so I could get arbitrary precision. I had a crude desmos graph doing projections on what I'd already factored in order to get an idea of how long it'd take to do larger
bit lengths
@p100sch speculated on the walked back time, and overstating the rig capabilities. Instead I spent a lot of time trying to get it 'just-so'.
Worse, because I had to resort to "Decimal" in python (and am currently experimenting with the same in Julia), both of which are immutable types, the GC was taking > 25% of the cpu time.
Performancewise, the numbers I cited in the actual thread, as of this time:
largest product factored was 32bit, 1855526741 * 2163967087, took 1116.111s in python.
Julia build used a slightly different method, & managed to factor a 27 bit number, 103147223 * 88789957 in 20.9s,
but this wasn't typical.
What surprised me was the variability. One bit length could take 100s or a couple thousand seconds even, and a product that was 1-2 bits longer could return a result in under a minute, sometimes in seconds.
This started cropping up, ironically, right after I posted the thread, whats a man to do?
So I started trying a bunch of things, some of which worked. Shameless as I am, I accepted the challenge. Things weren't perfect but it was going well enough. At that point I hadn't slept in 30~ hours so when I thought I had it I let it run and went to bed. 5 AM comes, I check the program. Still calculating, and way overshot. Fuuuuuuccc...
So here we are now and it's say to safe the worlds not gonna burn if I explain it seeing as it doesn't work, or at least only some of the time.
Others people, much smarter than me, mentioned it may be a means of finding more secure pairs, and maybe so, I'm not familiar enough to know.
For everyone that followed, commented, those who contributed, even the doubters who kept a sanity check on this without whom this would have been an even bigger embarassement, and the people with their pins and tactical dots, thanks.
So here it is.
A few assumptions first.
Assuming p = the product,
a = some prime,
b = another prime,
and r = a/b (where a is smaller than b)
w = 1/sqrt(p)
(also experimented with w = 1/sqrt(p)*2 but I kept overshooting my a very small margin)
x = a/p
y = b/p
1. for every two numbers, there is a ratio (r) that you can search for among the decimals, starting at 1.0, counting down. You can use this to find the original factors e.x. p*r=n, p/n=m (assuming the product has only two factors), instead of having to do a sieve.
2. You don't need the first number you find to be the precise value of a factor (we're doing floating point math), a large subset of decimal values for the value of a or b will naturally 'fall' into the value of a (or b) + some fractional number, which is lost. Some of you will object, "But if thats wrong, your result will be wrong!" but hear me out.
3. You round for the first factor 'found', and from there, you take the result and do p/a to get b. If 'a' is actually a factor of p, then mod(b, 1) == 0, and then naturally, a*b SHOULD equal p.
If not, you throw out both numbers, rinse and repeat.
Now I knew this this could be faster. Realized the finer the representation, the less important the fractional digits further right in the number were, it was just a matter of how much precision I could AFFORD to lose and still get an accurate result for r*p=a.
Fast forward, lot of experimentation, was hitting a lot of worst case time complexities, where the most significant digits had a bunch of zeroes in front of them so starting at 1.0 was a no go in many situations. Started looking and realized
I didn't NEED the ratio of a/b, I just needed the ratio of a to p.
Intuitively it made sense, but starting at 1.0 was blowing up the calculation time, and this made it so much worse.
I realized if I could start at r=1/sqrt(p) instead, and that because of certain properties, the fractional result of this, r, would ALWAYS be 1. close to one of the factors fractional value of n/p, and 2. it looked like it was guaranteed that r=1/sqrt(p) would ALWAYS be less than at least one of the primes, putting a bound on worst case.
The final result in executable pseudo code (python lol) looks something like the above variables plus
while w >= 0.0:
if (p / round(w*p)) % 1 == 0:
x = round(w*p)
y = p / round(w*p)
if x*y == p:
print("factors found!")
print(x)
print(y)
break
w = w + i
Still working but if anyone sees obvious problems I'd LOVE to hear about it.38 -
*part rant part developers are the best people in the world*
years back a friend got a job at some non profit, as a program coordinator, and his first task was to "coordinate" the work on creating the new website for the organisation. current website they had was a monster built on some custom cms, 7 languages, 5 years of almost dayly content updates, etc. so he asked me if i would took the job of creating a new website on wordpress. i wasn t really keen on doing it, but he is a good friend so i said ok. i wrote down the SOW, which clearly stated that i will not be responsible for migrating the old content to the new website. i had experience working with non it clients, and made sure everyone understood the SOW before the contract was signed. everyone was ok with it. after three weeks my job was done, all milestones and requirenments were met. peechy! and then all hell breaks loose when the president of the organisation (the most evil person i ve met in my life) told my friend that she expects me to migrate the content as well. he tried explaining her that that was not agreed, that it will cost extra, etc. but she didn t want to hear any of that. despite the fact that she was a part of the entire SOW creation process, because she is a micro managing bitch. in any other situation i wouldn t budge, because we have the contract and i kept all the paper trail, but since my friends job was on the line i agreed to do it. my SQL knowldge at the time, and even now, was very rudimentary, the db organisation of their cms was confusing as fuck... so i took two days of searching tutorials and SO threads and was doing ok, until i got to a problem i couldn t solve on my own. i posted the issue on SO and some guy asked for some clarifications, and we went back and forth, and decided to move to chat. while chatting with him i realised that there was not a chance for me to do all the work in few days without a lot of errors so i offered him to do it for a fee. he agreed. i asked him for his rate, he said if this is a community work i will do it for free, but if it is commercial i will charge the standard rate, 50$/hr. i told him it was commercial, and agreed to his rate. i asked him if he needed an advance payment, he said no need, you ll pay me when the job is done. i sent him the db dumps, after two days he sent me the csv, i checked it, all was good and wired him the money.
now compare this work relatioship with the relatioship with that bitch from the non profit.
* we met online, on a semi-anonymous forum, this guys profile was empty
* he trusted me enough to say that he would do it for free if i wasn t payed either
* i wasn t an asshole to take advantage of that trust
* he did the work without the advance payment
* i payed him the moment i verified the work
faith in humanity restored3 -
You can always fucking tell when it is the season of economics student "entrepreneurs", by just scrolling through the job feed - "payment not verified", "$10k", "NEXT BIG IDEA", "I need", ..7
-
I took a civil service exam October last year, the list of passers where posted in the government website last December. My name wasn't on the list. I was heart broken. :'(
I wasn't able to apply for the job I wanted. I thought that I'm so stupid I can't even pass an exam.
I was depressed for almost a month.
Then yesterday, a friend of mine was searching google since I refuse to tell her my middle name.
Suddenly she exclaimed, wow! you're a civil service exam passer!
I was shocked beyond belief!
I checked the website, my name is still not there. HAHA. (deep inside it hurts)
I cursed my friend for trolling me but she swear that it's true. She sent me the link and BOOM! my name is on the list of APRIL passers!
WHAT THE HECK???
i just verified through phone that I actually passed and that it was an error on their website that included me on the wrong list. I don't know whether to be angry or pleased. lol XDundefined error404 name not found oops it's there...wrong error. i passed oh my gosh after 6 months good news8 -
Client:
"Ok,. so your saying that its gonna take you 63 hrs to create a simplified CRM with basic functionality and auto fill docs or automated work flow docs as an added feature?"
My response (after already under-quoting and planning on cutting some corners because he has a smaller budget than normally necessary):
"It sounds simpler than it is. There are a lot of things I need to take into account that you wouldn't even think about.
For instance:
Making sure your emails don't go to the client's spam folder. This requires the sending domain to be verified via DNS settings. I have to ensure your email content passes a spam test (link to text ratio needs to be good). I assumed you'd want an email that has your logo and looks good. This means testing the design in Outlook to make sure it's not broken.
What if the email doesn't send due to an invalid email address, or bounces back? You'll need to be notified.
What if the client list for the week contains duplicates? You need them merged or ignored.
Generating a PDF from HTML can be tricky because the conversion isn't apples to apples so there are things I need to adjust to make them as close as possible.
Making a site completely mobile friendly (the tier 3 option) can be very time consuming as well. It's not about whether or not it fits on a mobile phone, it's about whether or not it's intuitive and useful. You're essentially getting a mobile app without paying for separate development of an app.
If I took everything into consideration and built this to be 100% bullet proof, it would cost tens of thousands.
I'm doing my best to leverage your needs with the probability of running into an issue. I'm not going waste my time/your money on something that will likely never happen."9 -
Two years ago: company exec (Mac fan) buys a Surface Pro to show off our .NET application to customers as he travels. Hands it to me (I build releases) and I iron out a few Win 8 bugs since we'd always used Win 7 before. Get it set up, get to like the device a little, he takes it home... and returns it within 24 hours because he didn't mesh well with Windows. (Again, Mac user.)
8 months later he buys a Surface Pro again. I install our latest release, verify that everything is working as expected with hardware we normally don't use, and give him a controlled setup that will just work when he's at a customer site. Once again, he returns the Surface within 24 hours because he can't get used to Windows.
At least we verified Windows 8 compatibility, I guess.1 -
So woke up this morning and Paypal had just banned my account with no reason whatsoever. I only receive funds from 3 clients who I have been working with for a few years now. My account is already verified with my ID and utilities bill. Am a freelance so I depend on it. So it's a case of ' hey, we think you did something wrong, we are not going to tell you what but are banning you permanently and keeping your money for 6 months'. F piss of shit of a company.23
-
My girlfriend configuring her e-mail account in the app because her phone had to be reset to factory :
-I can't figure out how to do these setting, annoying...
-Oh yeah the imap and smtp servers can be tricky, let me put that
(I Google the settings for her mail provider and put them in)
-It still doesn't work.
-Uuuh, maybe with another security setting, try it.
-This shit still doesn't work, seriously my phone is broken.
-Have you verified the e-mail address and carefully typed the password?
-Yes of course, I've tried it several time
(I take the phone and check all the parameters... During a looooong time... Until it hits me.)
-Hmm... Can you read the e-mail you've entered?
-Yeah, it's my mail, blabla@hotmail.com.
-No can you read it again please?
-It's blabla, why?
-No, can you *spell* your e-mail?
-Yeah it's B-L-A-B-L-A-@-H-O-M-A... Ow shit...
- ¯\_(ツ)_/¯ -
Part 3: today has become a blog post.
WARNING: this is loooooooooooong
Background is my boss and I were talking about hiring the right people, also generalists vs specialists.
Essentially John and I are the specialists. When something goes wrong it ends up escalating to either him or me. But this is not sustainable as I can't handle the stress and most likely he eventually won't either.
And this goes back to general hiring standards.
All the good people leave and the remaining ones are stuck with all the problems and eventually for one reason or another they leave as well... or the code keeps getting worse... until someone decides to scrap everything and build a new one... But now the only people left to lead teams are monkeys.
Now current problem is the only person that can replace me is John and the only person that can replace John, at least in handling issues, is me...
It's a certain type of person, people that have a growth mindset and can pick things up.
Google and strong tech companies are full of these types of people where if needed there's always someone that can step in and help. They have the background and the ability to quickly learn. This also lets them innovate and identify and solve new problems.
I think that's what the technical interviews are for, to find these types of people.
And you really can't train this. I'm not sure how effective our "new" training program on high quality development is but I'm guessing it's not. Excellence has to be in the culture and it's not something that can be built overnight or by randomly hiring people.
So in a sense, tech companies aren't really paying well, they're paying cost to what their hires are really worth, after they've verified it, and enough to keep them from leaving.3 -
This brings joy
https://reddit.com/r/technology/...
Bypass paywall:
A series of scandals and missteps has damaged Facebook's reputation so much that the company is being forced to pay ever larger compensation to hire and retain workers, according to industry recruiters, former employees, and data reviewed by Insider.
The company has always competed aggressively for talent, and the tech job market in general is on fire. But a deteriorating public image means the social-media giant now has to outbid other major tech companies, such as Google.
"One thing Facebook can still do is pay a lot more," said Jose Guardado, an experienced tech recruiter and the founder of Build Talent. "They can easily throw more compensation at people they currently have, and cover any brand tax and pay a little more to get people to come on."
Silicon Valley companies thrive or whither based on their ability to recruit the smartest employees. Without a steady influx of engineers and other technical experts, new products and important updates take longer to release, and rivals can quickly get ahead. Then there's the financial cost: In 2022, Facebook projected, expenses could jump as high as $97 billion from $70 billion this year, in large part because of "investments in technical and product talent." A company spokesperson did not respond to a request for comment.
Other companies, and even whole industries, have had to increase compensation to overcome hiring and retention problems caused by scandal and shifting public perceptions, said Alan Johnson, a managing director at the compensation consulting firm Johnson Associates. "If you're an oil company, if you make cigarettes, if you're in cattle or Wells Fargo, sure," he said.
How well this is working for Facebook is debatable as the company has more than 4,300 open jobs and has seen decreasing rates of acceptance on job offers, according to internal documents reported by Protocol. It's also seen dozens of high-level executives leave this year, and recruiters say employees are now more open to considering jobs elsewhere. Facebook used to be a place that people rarely left, given its reach, pay, and perks.
A former Oculus engineer who left last year said Facebook could now be seen as a "black mark" on someone's career. A hardware engineer who exited in 2020 shared similar sentiments: They said they quit because of concerns about misinformation on the platform and the effect of that on children. Another employee said their department was dissolved in late 2019 by Facebook and, although the company offered another position that paid more, they left last year anyway for a different industry. The workers, and many other people who spoke with Insider for this story, asked not to be identified because of the sensitive nature of the topic.
For those who stick around and people who take new jobs at Facebook, base pay and stock grants have gone up a "sizable" amount in the past year, said Zuhayeer Musa, cofounder of Levels.fyi, a platform that collects pay data based on verified offers and compensation disclosures.
During the second quarter of 2021, the median compensation for an upper-mid-level engineer, an E5, was $400,000, up from $380,000 a year earlier. For an E4, the median pay jumped to $276,000 from $256,000 in the same period. For both groups, the increases were double the gains between 2018 and 2019, Levels.fyi data showed.
Musa, who's firm also offers pay-negotiation coaching, said previously that the total compensation ceiling for an E5 engineer at Facebook was $450,000. "We recently had a client get up to $510,000 for E5," he added.
Equity awards at the company are getting more generous, too. At the group-director and VP levels, Facebook staff are getting $3 million to $6 million in restricted stock units each year, another tech recruiter said. Directors and managers are getting on average $1 million a year. In engineering, a high-level engineer is getting $600,000 in stock and a $75,000 bonus, while even an entry-level engineer is getting $50,000 to $100,000 in stock and a $20,000 to $50,000 bonus, Levels.fyi data indicated.
Even compared to Google, Facebook's stock awards are generous and increasing, Levels.fyi data shows. While base pay is about the same, Facebook offers more in stock grants, significantly increasing total compensation. At Google, entry-level equity awards range from $20,000 to $38,000, while Facebook grants are worth $40,000 to $60,000. Sign-on bonuses at Facebook are often about $50,000, while Google gives about $20,000, according to the data.
"It's not normal, but it's consistent with the craziness that's happening in the market right now," said Aalap Shah, a managing director focused on the tech industry at the consulting firm Pearl Meyer.10 -
Only touching the topic slightly:
In my school time we had a windows domain where everyone would login to on every computer. You also had a small private storage accessible as network share that would be mapped to a drive letter so everyone could find it. The whole folder containing the private subfolders of everyone was shared so you could see all names but they were only accessible to the owner.
At some point, though, I tried opening them again but this time I could see the contents. That was quite unexpected so I tried reading some generic file which also worked without problems. Even the write command went through successfully. Beginning to grasp the severity of the misconfiguration I verified with other userfolders and even borrowed the account of someone else.
Skipping the "report a problem" form, which would have been read at at least in the next couple hours but I figured this was too serious, I went straight to the admin and told him what I found. You can't believe how quickly he ran off to the admin room to have a look/fix the permissions. -
Finally finished the screwdriver followup ticket. I think.
I spent almost two full days (14 hours) on a seemingly simple bug on Friday, and then another four hours yesterday. Worse yet: I can’t test this locally due to how Apple notifications work, so I can only debug this on one particular server that lives outside of our VPN — which is ofc in high demand. And the servers are unreliable, often have incorrect configuration, missing data, random 504s, and ssh likes to disconnect. Especially while running setup scripts, hence the above. So it’s difficult to know if things are failing because there’s a bug or the server is just a piece of shit, or just doesn’t like you that day.
But the worst fucking part of all? The bug appeared different on Monday than it did on Friday. Like, significantly different.
On Friday, a particular event killed all notifications for all subsequent events thereafter, even unrelated ones, and nothing would cause them to work again. This had me diving through the bowels of several systems, scouring the application logs, replicating the issue across multiple devices, etc. I verified the exact same behavior several times over, and it made absolutely no sense. I wrote specs to verify the screwdriver code worked as expected, and it always did. But an integration test that used consumer-facing controller actions exhibited the behavior, so it wasn’t in my code.
On Monday while someone else was watching: That particular event killed all notifications but ONLY FOR RELATED EVENTS, AND THEY RESUMED AFTER ANOTHER EVENT. All other events and their notifications worked perfectly.
AKL;SJF;LSF
I think I fixed it — waiting on verification — and if it is indeed fixed, it was because two fucking push event records were treated as unique and silently failing to save, run callbacks, etc.
BUT THIS DOESN’T MATCH WHAT I VERIFIED MULTIPLE TIMES! ASDFJ;AKLSDF
I’m so fucking done with this bs.8 -
Aus Gov: here's a bright idea, let's enforce social media accounts being verified with enough identification to pull of identify theft with ease for the greater good.
https://news.com.au/technology/...
Facebook: 533 million accounts leaked with names, email, phone, address details.
https://mobile.twitter.com/UnderThe...
Me: 🤦♂️12 -
My god the wall looks really punchable right now. Let me tell you why.
So I’m working on a data mining project, and I’m trying to get data from google trends. Unfortunately, there have been a lot of roadblocks for what should have been an easy task.
First it won’t give a raw search volume, only relative “interest”.
Fortunately it lets me compare search terms, which would work for my needs however it will only let me compare a few at a time. I need to compare 300.
So my solution is simple: compare all the terms relative to one term. Simple enough, but it would be time consuming so I figured I’d write a program to get the data.
But then I learned that they don’t have an official api. There’s a node module for this very thing based on a python module that reverse engineers the api endpoints. I thought as long as it works I’d use it.
It does work... But then I discovered that google heavily rate limits the endpoints.
So... I figured I’d build a system to route the requests through different tor nodes to get around the rate limit. Good solution right? Well like a slap to the face, after spending way to much time getting requests through tor working, I discovered that THEY FUCKING BLOCKED TOR IPS.
So I gave up, and resigned to wait 5 hours for my program to get the data... 1 comparison at a time... 60s interval between requests. They, of course, don’t tell you the rate limit threshold, so this is more or less a guess (I verified that 30s interval was too short and another person using the module suggested 60s).
Remember when I said the discovery that the blocked tor came like a slap to the face? This came as a sledge hammer to the face: for some reason my program didn’t dump the data at the end. I waited 5 fucking hours to get nothing.
I am so mad right now. I am so fucking mad.4 -
When there’s a glaring user-facing issue in your company’s app that can cause the user to spend mobile data after specifically choosing a setting that’s supposed to prevent that.
And your boss says your fix is “out of scope for the current sprint.” And the product team agrees with him.
I ALREADY DID THE WORK AND HAD IT VERIFIED BY QA.
Sometimes I Hate agile. Then again, I don’t think we’re doing it quite right anyway.2 -
PayPal = GayPal
PHASE 1
1. I create my personal gaypal account
2. I use my real data
3. Try to link my debit card, denied
4. Call gaypal support via international phone number
5. Guy asks me for my full name email phone number debit card street address, all confirmed and verified
6. Finally i can add my card
PAHSE 2
7. Now the account is temporarily limited and in review, for absolutely no fucking reason, need 3 days for it to be done
8. Five (5) days later still limited i cant deposit or withdraw money
9. Call gaypal support again via phone number, burn my phone bill
10. Guy tells me to wait for 3 days and he'll resolve it
PHASE 3
11. One (1) day later (and not 3), i wake up from a yellow account to a red account where my account is now permanently limited WITHOUT ANY FUCKING REASON WHY
12. They blocked my card and forever blocked my name from using gaypal
13. I contact them on twitter to tell me what their fucking problem is and they tell me this:
"Hi there, thank you for being so patient while your conversation was being escalated to me. I understand from your messages that your PayPal account has been permanently limited, I appreciate this can be concerning. Sometimes PayPal makes the decision to end a relationship with a customer if we believe there has been a violation of our terms of service or if a customer's business or business practices pose a high risk to PayPal or the PayPal community. This type of decision isn’t something we do lightly, and I can assure you that we fully review all factors of an account before making this type of decision. While I appreciate that you don’t agree with the outcome, this is something that would have been fully reviewed and we would be unable to change it. If there are funds on your balance, they can be held for up to 180 days from when you received your most recent payment. This is to reduce the impact of any disputes or chargebacks being filed against you. After this point, you will then receive an email with more information on accessing your balance.
As you can appreciate, I would not be able to share the exact reason why the account was permanently limited as I cannot provide any account-specific information on Twitter for security reasons. Also, we may not be able to share additional information with you as our reviews are based on confidential criteria, and we have no obligation to disclose the details of our risk management or security procedures or our confidential information to you. As you can no longer use our services, I recommend researching payment processors you can use going forward. I aplogise for any inconvenience caused."
PHASE 4
14. I see they basically replied in context of "fuck you and suck my fucking dick". So I reply aggressively:
"That seems like you're a fraudulent company robbing people. The fact that you can't tell me what exactly have i broken for your terms of service, means you're hiding something, because i haven't broken anything. I have NOT violated your terms of service. Prove to me that i have. Your words and confidentially means nothing. CALL MY NUMBER and talk to me privately and explain to me what the problem is. Go 1 on 1 with the account owner and lets talk
You have no right to block my financial statements for 180 days WITHOUT A REASON. I am NOT going to wait 6 months to get my money out
Had i done something wrong or violated your terms of service, I would admit it and not bother trying to get my account back. But knowing i did nothing wrong AND STILL GOT BLOCKED, i will not back down without getting my money out or a reason what the problem is.
Do you understand?"
15. They reply:
"I regret that we're unable to provide you with the answer you're looking for with this. As no additional information can be provided on this topic, any additional questions pertaining to this issue would yield no further responses. Thank you for your time, and I wish you the best of luck in utilizing another payment processor."
16. ARE YOU FUCKING KIDDING ME? I AM BLOCKED FOR NO FUCKING REASON, THEY TOOK MY MONEY AND DONT GIVE A FUCK TO ANSWER WHY THEY DID THAT?
HOW CAN I FILE A LAWSUIT AGAINST THIS FRAUDULENT CORPORATION?12 -
Boss: The numbers on the report don't look right. Can you check?
Me: <checks> Yep! I verified the numbers against all external data sources and they match perfectly.
Boss: OK well we need to take a deeper look because they don't look right.
Me: ... I don't follow?
Boss: The numbers... don't... feel right.3 -
Let's talk about the cargo cult of N-factor authentication. It's not some magic security dust you can just sprinkle onto your app "for security purposes".
I once had a client who had a client who I did server maintenance for. Every month I was scheduled to go to the site, stick my fingerprint in their scanner, which would then display my recorded face prominently on their screens, have my name and purpose verified by the contact person, and only then would the guards let me in.
HAHA no of course not. On top of all of that, they ask for a company ID and will not let me in without one.
Because after all, I can easily forge my face, fingerprints, on-site client contact, appointment, and approval. But printing out and laminating a company ID is impossible.
---
With apologies to my "first best friend" in High School, I've forgotten which of the dozens of canonicalisations of which of your nicknames I've put in as my answer to your security question. I've also forgotten if I actually listed you as my first best friend, or my dog - which would actually be more accurate - and actually which dog, as there are times in my High School life that there were more tails than humans in the house.
I have not forgotten these out of spite, but simply because I have also forgotten which of the dozen services of this prominent bullshit computer company I actually signed up for way back in college, which itself has been more than a decade ago. That I actually apparently already signed up for the service before actually eludes me, because in fact, I have no love for their myriad products.
What I have NOT forgotten is my "end of the universe"-grade password, or email, or full legal name and the ability to demonstrate a clear line of continuity of my identity from wherever that was to now.
Because of previous security screwups in the past, this prominent bullshit company has forced its users to activate its second, third, and Nth factors. A possibly decade-old security question; a phone number long lost; whatever - before you can use your account.
Note: not "view sensitive data" about the account, like full name, billing address, and contact info. Not "change settings" of the account, such as changing account info, email, etc. Apparently all those are the lowest tier of security meant to be protected by mere "end of the universe"-grade passwords and a second factor such as email, which itself is likely to be sold by a company that also cargo cults N-factor auth. For REAL hard info, let's ask the guy who we just showed the address to "What street he lived in" and a couple others.
Explaining this to the company's support hotline is an exercise in...
"It's for your security."
"It's not. You're just locking me out of my account. I can show you a government ID corroborating all the other account info."
"But we can't, for security."
"It's not security. Get me your boss."
...
"It's for security."8 -
What do you do when your redirect doesn’t go where you tell it?
Clearly I’m missing something.
I stepped through the code, following the failure path of Sheogorath’s Recaptcha. It fails as expected, and hits this redirect before doing anything else:
`return redirect_to new_user_session_path`
I verified that this redirects to the “/users/sign_in” path, and it returns so the server doesn’t even try to authenticate the user. It just nopes out as it should to prevent timing attacks.
But somehow instead of doing that and redirecting as it should, it signs the user in and redirects somewhere else entirely: the role select page, which only happens after authenticating an admin user. It never even hits my breakpoint after the recaptcha check! It never authenticates!
I think what I’m missing is my old reality where things made sense.3 -
Who else is loving the twitter dumpster fire? He threatens to fire the devs if they don't roll out the verified account to anyone willing to pay.
The shipped that bomb just like you demanded assface.15 -
Nothing like a client bitching on the weekend that a promo code is broken on their site. Except it works just fine and they printed your physical materials with the wrong code to hand out. And they tested and verified it working with the correct code on QA. AND IN TWO SEPARATE FUCKING EMAILS
-
I'm facing a conundrum. I saw a job posting for <Company A> weeks ago, but wasn't really interested and moved on.
Got in touch with a standalone recruitment company today who had an exciting job offer. The recruiter refused to tell me the name of the company until he spoke to me as they directed him to not disclose the name of the company or any details until he has verified the candidate is genuine. To my absolute shock and disbelief it was <Company A>!!!!
So heres the conundrum. External recruiters don't lie, why would they? Clearly this company MUST keep their hiring top secret, and some poor employee didn't get the memo before posting that job publicly. Should I report the <Company A> employee?
I don't want to report them and get them in trouble, but feel I must in order to help the company fix this leak ... before its too late ... and people find out the are hiring!
Thoughts?5 -
* Developing a new "My pages" NBV offer/order solution for customer
_Thursday
Customer: Are we ready for testing?
Me: Almost, we need to receive the SSL cert and then do a full test run to see if your sales services get the orders correctly. At this point, all orders made via this flow are tagged so they will not be sent to the Sales services. We also still need to implement the tracking to see who has been exposed to what in My Pages.
Customer: Ok, great!
_Friday
Customer: My web team needs these customers to have fake offers on them, to validate the layout and content
Me: Ok, my colleague can fix this by Tuesday - he has all the other things with higher prio from you to complete first
Customer: Ok! Good!
_Sunday
Me: Good news, got the SSL cert installed and have verified the flow from my side. Now you need to verify the full flow from your side.
Customer: Ok! Great! Will do.
_Monday
*quiet*
_Tuesday
Customer: Can you see how things are going? Any good news?
Me: ???
*looks into the system*
WTF!?!
- Have you set this into production on your side? We are not finished with the implementation on our side!
Customer: Oh, sorry - well, it looked fine when we tested with the test links you sent (3 weeks ago)
Me: But did you make a complete test run, and make sure that Sales services got the order?
Customer: Oh, no they didn't receive anything - but we thought that was just because of it being a test link
Me: Seriously - you didn't read what i wrote last Thursday?
Customer: ...
Me: Ok, so what happens if something goes wrong - who get's blamed?
Customer: ...
Me: FML!!!2 -
ChaseBank is getting up my nose. Twice in four business days my account was flagged and I had to change my password for 'security' purposes. I spent the better part of 90 minutes in a futile attempt to find out why, when there's been no suspicious activity on my account, I'm being flagged. My father contacted a branch manager near him who told him to dial the priolrity customer service number and key in the letters (I shit you not) HO HO. I called the number. It's the same damn number I'd been calling. I called the branch. They told me I'd definitely receive a call back last Friday by 1800. No call. So, yesterday I called the manager of that branch, verified its location, told the manager he was supposed to call me by 1800 last Friday, and Chase Corporate would be in touch with him soon to explain that when you tell a customer you'll call them, you'll fucking call them.2
-
This is embarrassing, but the first days of learning about AngularJS I had to implement functionality about a new component of the WebApp I was building.
I did a good templating, I build the component along with its controller and services, I verified there wasn’t any memory leak and that everything was in an isolated scope. Yet nothing at all appeared on the app. It took me more than 30 minutes until I realized...
I didn’t put the source code on the index.html file 😅
For people who know more about compiled languages such as C or Java... that’s like not putting your source code file in the makefile. 😅
I felt literally like the dumbest person in the planet at that moment. 😀🔫1 -
Scariest moment of my life:
Known mouse holes: 4, so far
Known mice coming into the house last night: 5, verified by recordings
Mice left on floor by cats the next morning: 7... wait.7 -
Some time ago at work, I verified a system design by running the whole thing in my head, bombarding it with various fault conditions in all phases in order to check whether I had forgotten anything. I had my eyes closed, and my PC was not even switched on. Right in that moment, the boss of my department came in.
He: what are you doing?
Me, without opening the eyes: thinking.
He: don't you want to code?
Me, eyes still closed: no.
He: (leaving)1 -
Prequel to my previous post:
I received an offer from a startup that did not meet the originally advertised salary range. In every other aspect this place seemed like where I'd enjoy working the most and each previous interaction made a very good impression on me. So needless to say this was quite a shock.
They immediately apologised and explained the situation. They only now started to expand to and hire from my location (which can be verified) and I would be the very first person from this location (seems true too but I could only really verify this after joining). They explained the salary range I had seen was for their main hub location (accurate too) and said that the recruiter who posted the ad did not adjust it to mine. I asked why tf they didn't notify me of this earlier and they said they are super busy with everything, are new to location based salaries and normally don't check the recruiters posts as it should be her work.
Now, even if this is totally true, it was an awful sudden shock and felt a bit like a scam - totally contradicting my previous impressions.
Here are a couple of other points that I'll just sum to save time:
- before seeing the job ad I had a *reasonable* salary expectation even lower than their actual offering
- on the ad, the bottom end of their salary range far exceeded my reasonable exp.
- the relative level of my position would be even higher up the range that I have seen realised would be top 5%
- having had seen the ad, I started to have an *ideal* expectation being the bottom of the range
- in first interview I told them my exp. is the bottom end of their range +- a bit
- I told this to a dev guy who has no fucking idea about this stuff and I don't blame him but he noted this down to higher management
- generally I have not been very precise of my expectation as previously I only had lower class dev jobs, this would be the first decent.
- Hence I have seen an enormously high variation in salaries offered to me so this advertised range whilst high seemed possible
Now, with all this in mind I posted here a question about what some of you would do in my position.
I received the following group of responses:
- it's a scam, bad place, run
- it's an intentional (common) trick
- people make mistakes like this esp. startups so find out if this is intentional or not
- just decide if their current offering is reasonable for the position and location, ignore the rest
- just decide if the amount is enough
- location based salaries are retarded, don't work there (I kinda agree and also don't)
- if they can afford the higher pay in another place they should have no prob. meeting the range
- it's more important that you'd enjoy it there if the pay is sufficient for general needs
- company culture is generally more important these days
- fuck recruiters and hr people (amen to that btw)
Here is what I did:
Regardless of whether I believe them or not I hyperfocused on the potential scam/trick aspect.
I told them that every other interaction with them was positive and would love to join them but this was a really bad impression and feels like they are playing with me. I made up some bullshit previous examples of companies trying the same trick on me (which obv. never happened).
Then I said that I think to resolve this they should invite me to their main office for a day (all interviews had been online) and if after that they are still not ok to offer me at least the bottom of the adv. range then we can part ways. Otherwise this should ensure both of us that we are a good match, etc.
They seemed to love the idea and said that I should go there for x till y (3 days) and if we don't hate each other by the end I'll get the amount at the bottom of the range and they apologised again about it looking like a scam, etc.
So thanks a bunch again to those of you who provided valuable input. -
With a recent HAProxy update on our reverse proxy VM I decided to enable http/2, disable TLS 1.0 and drop support for non forward-secrecy ciphers.
Tested our sites in Chrome and Firefox, all was well, went to bed.
Next morning a medium-critical havock went loose. Our ERP system couldn't create tickets in our ticket system anymore, the ticket systems Outlook AddIn refused to connect, the mobile app we use to access our anti-spam appliance wouldn't connect although our internal blackboard app still connected over the same load balancer without any issues.
So i declared a 10min maintenance window and disabled HTTP/2, thinking that this was the culprit.
Nope. No dice.
Okay, i thought, enable TLS 1.0 again.
Suddenly the ticket system related stuff starts to work again.
So since both the ERP system and the AddIn run on .NET i dug through the .NET documentation and found out that for some fucking reason even in the newest .NET framework version (4.7.2) you have to explicitly enable TLS 1.1 and 1.2 or else you just get a 'socket reset' error. Why the fuck?!
Okay, now that i had the ticket system out of the way i enabled HTTP/2 and verified that everything still works.
It did, nice.
The anti-spam appliance app still did not work however, so i enabled one non-pfs cipher in the OpenSSL config and tested the app.
Behold, it worked.
I'm currently creating a ticket with them asking politely why the fuck their app has pfs-ciphers disabled.
And I thought disabling DEPRECEATED tech wouldn't be an issue... Wrong... -
Studying engineering doesn't make you an expert physicist, and studying medicine doesn't make you an expert virologist. Learn the bloody difference, just because somebody has a degree doesn't mean all they say is true and verified, especially if the don't list their sources or talk about it "exclusively" for one media.3
-
Sus!
yesterday I bought a cool domain in namecheap, I was very lucky to find short and good one for my case.
Today (at weekends!!!!) I receive a letter:
>Hello **redacted name**,
>
>We are contacting you from the Namecheap Risk Management Team regarding your '**redacted name account**' account.
>
>Unfortunately, your Namecheap account was flagged by our fraud screening system as requiring verification and was locked.
>
>Please follow the instructions below to get your account verified:
>
>- take a color photo of the credit card used for the payment at **redacted link**
>
>Please make sure all of the edges of the credit card are visible, and that we can clearly see the card holder's name, expiration, and last four digits of the card number. The screenshots or images of the card cannot be accepted for verification. >If the submission does not meet these requirements, we can either request to submit the details again or permanently suspend your account.
>
>- provide a valid phone number and the best time to call you (within normal business hours, US Pacific time).
>
>If we do not hear back from you within 24 hours, we will be forced to cancel your orders.
>
>We apologize for any inconvenience that may result from this process. This extra verification is done for your security and to ensure that orders are legitimate. This industry, unfortunately, has a high rate of fraudulent orders, and this sort of >verification helps us drastically reduce fraud and ensure our customers remain secure. Such documents are used for verification only and are not provided to third parties in any way. Account verification is a one-time procedure, after your account >is verified, you will never face this issue again.
>
>Looking forward to your reply.
>
>---------------
>Dmitriy K.
>Risk Management
> Namecheap, Inc.
what if I did not notice it in 24 hours? It is the weekend for god's sake! People usually rest until monday.
They would what, cancel order and scalpel it to super high price?!
I have some doubts if the request is trully having anti fraudulent origins.
What if I used digital visa card? How was I supposed to photo it?
And the service they provided for photoing accepts only photos from web camera. I was lucky that I bought recently web camera with high enough amount of pixel power and manual focus. What if I did not?
That's all really SUS!
The person can not notice the letter within 24 hours time frame until the morning, when it would be already too late.10 -
!dev?
Colleges now require proof of vaccination but admins are worried about the spread of fake vaccine cards
https://apnews.com/article/...
My mindblowing solution: require students to submit a covid antibody test result instead.
You can't spoof the lab test result number and it can be easily verified by calling the lab...
Can even create a site for that...
isTestValid.com
Worried about privacy... Have labs upload a hash of the data...
And user submit their hash...
Clearly nobody asked a dev for they're input... again3 -
A friend of mine who wants to learn about Linux has a stronger will than me, as I think installing Linux in 2020 is gonna break me but he's still stoked as shit. I'm fucking serious. He asked me to install several distros, in order of interest (because they all fucking failed, because of fucking course they did) on a USB HDD he was using just for this.
We tried, in order:
Arch: initramfs wiped his Windows HDD when it crashed. IDFK how, but it zeroed the top 32KB of the drive. It wasn't even the right HDD...
Linux Mint: nvidia drivers refused to see his GPU after install. No matter what we did. Live media saw it fine until it was installed on the external drive, too.
Debian: Installer couldn't see the external HDD, ever. No matter what we did. It had a /dev entry, lsblk and fdisk saw it, I could format and mount it, but the installer crashed when it refreshed the device list when it was present. Every goddamn time.
Fedora: Installer broke halfway through as an executable (or 70) were corrupted, but the disc matched the ISO and the ISO sums correctly, so this is apparently how it was packed and shipped.
CentOS: Refused to boot. Just entirely. GRUB would go to load the kernel and it'd hang.
All ISOs and discs were verified as matching provided sums using MD5 and SHA256. How the fuck is Linux so fucking hard to get working on older hardware in 2020? Worked great in 2008, worked great in 2018, why is 2020 such a goddamn issue?11 -
I feel like writing or telling people about the time I jumped from Windows 7 Ultimate and jumping to Windows 10. (I'm not against 10, but I'm never updating after what had happened to me)
It all starts when none of my games will play due to a possible issue with my graphics card. I look up "3D source game bug" and not many results pop up. I go on Microsoft's Qna areas and ask this question but to my surprise nothing they say would make sense. "Clean the pins of your graphics card, make sure you verify the games on Steam". I verified the games and they checked out as perfectly fine. I don't have access to my graphics card because this is a laptop, sadly not a tower.
Two months pass and my computer is already showing signs of stress, like it didn't want to live in a sense. It was three times slower than when I was on Windows 7 and it was unallocating areas of my main hard drive where I could make virtual hard drives.
Instantly I start looking up Linux distros and find Linux Mint. 17.3 was the current version at the time. I downloaded it and burned it onto a DVD-rom and rebooted my computer. I loaded into the disc and to my surprise it seemed almost like Windows 7 apart from the Linux part. I grab my external hard drive and partition it to hold the Linux distro and leave it plugged in incase Windows 10 does actually fail.
On December 19, a few months after Windows 10 had released. I start my laptop to try and continue my studies in video game development. But to my surprise, Windows 10 had finally crashed permanently. The screen flickered blue and black, and an error box saying Loginui.exe failed to start. I look at it for a solid minute as my computer had just committed suicide in a sense.
I reboot thinking it would fix the error but it didn't. I couldn't log in anymore.
I force shutdown the laptop and turn it back on putting it into safe mode.
To my surprise loginui.exe works and I sign in. I look at my desktop, the space wallpaper I always admired, the sound files, screen shots I had saved.
I go into file explorer and grab everything out of my default hard drive Windows was installed on. Nothing but 400gb got left behind and that was mainly garbage prototypes I had made and Windows itself. I formatted my external hard drive and placed everything on it. Escaping Windows 10 with around 100GB of useful data I looked at the final shutdown button I would look at.
I click it and try to boot into normal Windows 10. But it doesn't work. It flickers and the error pops up once more.
I force it to shutdown and insert the previous Linux Mint disc I made and format the default hard drive through Linux. I was done. 10 gave me a lot of shit. Java wouldn't work, my games has a functional UI but no screen popped up except a black abyss and it wouldn't even let me try to update my graphics card, apparently my AMD Radeon 5450 was up to date at the AMD Radeon 5000's.
I installed Linux Mint and thinking the games would actually play I open steam and Launch Half-Life 2 to check if Linux would be nicer to me than Windows 10 had been.
To my surprise the game ran. The scene from Highway 17 popped on screen and the UI was fully functional. But it was playing at 10-15fps rather than the usual 60-70fps. Keep look at my drivers and see my graphics card isn't in use. I do some research and it turns out I have a Hybrid Laptop.
Intel HD Graphics and an AMD Radeon 5450 and it was using the Intel and not the AMD. Months of testing and attempts of getting the games to work at high frame rates pass and the Damn thing still functions at a low terrible fps. Finally I give up. I ask my mom for a Windows 7 disc and she says we can't afford it. A few months pass and I finally get a Windows 7 installation disc through money I've saved up. Proudly I put it into my optical disc drive and install it to my main hard drive deleting Linux completely. I announced to all my friends my computer was back in working order and I install everything I needed, Steam, Skype, Blender, and Unity as well as all my games. I test Half-Life 2 and it's running exceptionally smoothly, I test Minecraft at max settings and it's working beautifully. The computer was functioning properly once again and my life as a developer started as I modeled things and blender, learned beginners C# and learned a lot of Batch. Today the computer still runs at a great speed and I warn others of what happened to me after I installed Windows 10 to my machine if they are thinking of switching from 7 or 8 on an older machine.
Truly the damage to my data cannot be undone. But the memory of the maintenance, work, tests, all are a memory of how Windows 10 ruined me and every night before the one year anniversary of Windows 10's release, I took out the battery of my laptop and unplugged it from the a.c. power, just so Windows 10 doesn't show it's DLLs, batch scripts, vbs scripts, anything on my computer. But now, after this has happened and I have recovered, I now only have a story to tell5 -
Had to port a python code some other guy wrote using opencv for some image processing stuff to Java. I thought "how tough can it be? Let's just try it out on python first just to verify the results", only to waste an entire fucking day trying to install opencv first and make it work and to add to it the crappy opencv documentation were no help. In the end I had to just give up on this shit and decide to just do the Java implementation which I later verified from the python guy's results.
-
Imagine an online, public service, that allows you to communicate with others (for example a simple chat, game, whatever ).
The users connect to each others via p2p. Based on this, you can easily get the ip address of any user directly connected to you. P2p is used to reduce server load, but information is still verified (for example using RACS), so let's assume the data is always safe.
(please remember, this is just a imagined Szenario)
Now the question: AFAIK, the IP address is a sensitive information. Would p2p in this scenario still be 'legal' in the EU given the latest changes in the laws?7 -
1) Had to fix severe bugs in a dynamic UI (configuration-driven forms) component.
Recognized undocumented Copy/Paste/Modify/FuckUp driven variations of the same component all over the project. Unsurprisingly, the implementations covered 99% of the antipattern catalog on wiki.c2.com and could compete with brainfuck in regard to human-readable code.
Escalated the issue, proposed a redesign using a new approach, got it approved.
Designed, Implemented, tested and verified the new shared and generic component. Integrated into the main product in the experimental branch. Presented to tech lead/management. Everyone was happy and my solution opened even more possibilities.
Now the WTF moment: the product with the updated dynamic UI solution never has been completely tested by a QA engineer despite my multiple requests and reminders.
It never got merged into baseline.
New initiatives to fix the dynamic UI issues have been made by other developers. Basically looking up my implementation. Removing parts they do not understand and wondering why the data validation does not work. And of course taking the credit.
2) back in 2013, boss wanted me to optimize batch processing performance in the product I developed. Profiling proved that the bottleneck ist not my code, but the "core" I had to use and which I must never ever touch. Reported back to him. He said he does not care and the processing has to get faster. And I must not touch the "core".
(FYI: the "core" was auto-generated from VB6 to VB.Net. Stored in SourceSafe. Unmaintainable, distributed about a bunch of 5000+ LoC files, eye-cancer inducing singlethreaded something, which had naive raw database queries causing the low performance.) -
Although iv only been developing in android for around 7 months yet I fail to see the appeal of Kotlin.
It has no real advantage over Java. In my opinion its fucking lazy code. It might look pretty but that's about it. So I don't see why employers are opening their arseholes for people with Kotlin experience.
Im pretty sure they are doing it because its "the next big thing". If you can write solid Java I dont know what the big deal is.. Maybe someone can shed some light on this..
Android studio can convert Java to Kotlin with one click. So No Mr employer I do not see your reason why you employed someone over me because he has Kotlin experience. Its fucked!! So that project I handed you... the one where I had pride in my ability to apply solid Java... Yes remember fucking Java everyone?!... well it works exactly the fucking same and in my opinion is much more verified and readable. SOOOO FUCK YOUUUU MR EMPLOYER!!!!! Go FuckYourStupidLittleKotlinBumChumsRightInTheirShitRiddenFuckHoles!!!!!!
Rant over...3 -
Did anyone hear of Twitter limiting viewing tweets to 300 to new unverified accounts, 600 to older unverified accounts and 6000 for verified accounts? You can't view tweets if you are not signed up, too... They did say it was a temporary thing, but still is a pretty weird move, if you ask me.
This is gonna fuck over so many people it's hard to put into words.15 -
Okay I'm guessing everyone here has experienced something like this but...
I dev for Company A and we have various other companies and clients utilize our service. Now, a client from Company B comes to us and says that they are having problems signing in. Apparently the page just tells them "Can't sign in".
"That's odd," I think to myself, "because our failed sign-in messages aren't that terse and usually tell you why."
I look on the system, client is registered under Company B and has verified their email address. All good there. My guess? Trying to sign in to the wrong site (we have a jobs site too) because that sometimes comes up first on the googs.
We get an email from client just now: "Hi, still can't sign in. Please see screenshot below."
I shit you not, she was trying to sign in to her own company's website that clearly had "Company B" written above the sign in box.1 -
Can anyfuck tell me what the fuck I'm supposed to do?
So I installed gitlab, reachable under a subdomain (gitlab.example.com) behind apache2. everything works fine.
Now I see this bullshit in my logs, appearing EVERY GODFORSAKEN SECOND: https://gist.github.com/nitwhiz/...
I disabled the bundled nginx in the gitlab.rb and no, it's not "some nginx system service", I verified it is coming from gitlab and oh - btw - some weird svc logfuck runs even after gitlab is stopped! :)
No I won't try your random google result because I read all 3 tickets being at least half relevant to my situation as ANYFUCKER ON THIS PLANET seems to use the internal nginx.
FML.14 -
Good code is a lie imho.
When you see a project as code, there are 3 variables in most cases:
- time
- people / human resources
- rules
Every variable plays a certain role in how the code (project) evolves.
Time - two different forms: when certain parts of code are either changed in a high frequency or a very low frequency, it's a bad omen.
Too high - somehow this area seems to be relentless. Be it features, regressions or bugs - it takes usually in larger code bases 3 - 4 weeks till all code pathes were triggered.
Too low - it can be a good sign. But it should be on the radar imho. Code that never changes should be reviewed at an - depending on size of codebase - max. yearly audit. Git / VCS is very helpful here.
Why? Mostly because the chances are very high that the code was once written for a completely different requirement set. Hence the audit - check if this code still is doing the right job or if you have a ticking time bomb that needs to be defused.
People
If a project has only person working on it, it most certainly isn't verified by another person. Meaning that only one person worked on it - I'd say it's pretty bad to bad, as no discussion / review / verification was done. The author did the best he / she could do, but maybe another person would have had an better idea?
Too many people working on one thing is only bad when there are no rules ;)
Rules. There are two different kind of rules.
Styling / Organisation / Dokumentation - everything that has not much to do with coding itself. These should be enforced at a certain point, otherwise the code will become a hot glued mess noone wants to work on.
Coding itself. This is a very critical thing.
Do: Forbid things that are known to be problematic in the programming language itself. Eg. usage of variables in variables, reflection, deprecated features.
Do: Define a feature set for each language. Feature set not meaning every feature you want to use! Rather a fixed minimum version every developer must use and - in case of library / module / plugin support - which additional extras are supported.
Every extra costs. Most developers don't want to realize this... And a code base that evolves over time should have minimal dependencies. Every new version of an extra can have bugs, breakages, incompabilties and so on.
Don't: don't specify a way of coding. Most coding guidelines are horrific copy pastures from some books some smart people wrote who have no fucking clue what you're doing and why.
If you don't know how to operate on people, standing in an OR and doing what a book told you to do would end in dead person pretty sure. Same for code.
Learn from mistakes and experience, respect knowledge from other persons, but always reflect on wether this makes sense at this specific area of code.
There are very few things which are applicable to a large codebase on a global level. Even DRY / SOLID and what ever you can come up with can be at a certain point completely wrong.
Good code is a lie - because it can only exist at a certain point of time.
A codebase should be a living thing - when certain parts rot, other parts will be affected too.
The reason for the length of the comment was to give some hints on what my principles are that code stays in an "okayish" state, but good is a very rare state -
This happened last November. I was on my merry way, not using Windows on my laptop. When suddenly a friend asks me to do some heavy video editing work.
And none of the softwares on Linux are as good as Premiere Pro, After Effects etc
Davinci Resolve on Linux has codec issues and is a pain to deal with
Anyway, I boot up windows and somehow it updates itself (I distinctly remember disabling the update service permanently).
So now, it bugs me every fucking minute to reboot.
Luckily I decide to finish my project before rebooting.
Coz as soon as I reboot, it throws me an error saying something like my license key couldn't be verified. One key recovery doesn't help
I have a OEM licensed Windows 10 Home that came with the laptop.
The solutions are to either recover windows, which needs a fucking 11GB download or reinstall Windows (but hey... Lenovo didn't give me a Windows License key. And I have a lot of pre setup folders on the windows drive linked to my Linux, making it a bad choice to wipe that drive). To put the cherry on the top, I have to download a software that Lenovo provides (Windows only) to download that 11GB iso.
Every sane person around me uses Linux (I only used Windows for Video Editing)
Also, living in India, 11GB is a fucking big size to download.... And the software doesn't support interrupted downloads
One more pain in the ass....
So, fuck you Windows. Fuck you Lenovo.
Living happily with elementary OS since then
Never bothered to download the Windows iso6 -
this.post != rant
Just had my first job interview for backend dev position. Hopefully, it went well. Not that much technical questions but the interviewer sure did verified all the things I wrote on my cv. Good thing I included my side projects, that way we have a topic to talk about. Hope ill get the offer. Yaaaaas!!! -
Like 4 years ago I worked in a company as IT that used a windows desktop app with SQL Server 2008 (yep that old) to manage their sales, this app was written in WPF, the app was good because it was customizable with reports
One day the boss wanted to keep extra some data in the customer invoice, so they contacted the app developers to add this data to the invoice, so they they did it, but it in their own way, because the didn't modify the app itself(even if it was an useful idea for the app and companies that use it) they just used other unused fields in the invoice to keep this data and one of the field that the boss was interested was currency rate, later I verified in the DB this rate was saved as string in the database
The boss was not interested in reports because he just wanted to test it first and let time to know what the boss will need in the reports, so at the of the year they will contact again the devs to talk about the reports
So is the end of that year and the boss contacted the devs to talk about the reports of the invoices using the currency rate, this rate was just printed in the invoice nothing more, that's what the boss wanted that's what's the devs did, but when asked to do the reports they said they could'nt because the data was saved as string in the DB o_O
Well, that was one the most stupid excuses I ever heard...
So I started to digging on it and I found why... and the reason is that they were just lazy, at the end I did it but it took some work and the main the problem was that the rate was saved like this 1,01 here we use comma for decimal separator but in SQL you must use the dot (.) as decimal separator like this 1.01, also there was a problem with exact numbers, for example if the rate was exactly 1, that data must be saved just 1 in the field, but it was saved as 1,00 so not just replace all the commas with dots, it's also delete all ,00 and with all that I did the reports for my boss and everyone was happy
Some programmers just want to do easy things... -
Set up customer's e-mail addresses in Plesk. Worked fine in testing, all goes well for about a week.
Then their e-mail stops delivering. Stuff arrives, but outgoing messages either bounce or fail silently altogether. I contact 1&1 support, and they help set up SPF and DMARC on the domain, and then we wait and see once the DNS changes propagate.
Well, something about these changes caused my business e-mail (on a separate server) to exhibit the same problem now, when it had been working for 3 years without issue prior to that.
Check back with 1&1 2 days later to see why the first one isn't working; we verified all of the records across everything, tweaked a couple other things (like setting the full hostname in Plesk to mail.servername.com), and waited 2 more days.
Still having the same problem on both accounts. did a bit of looking up the issue for Plesk and found that in order for SPF/DMARC to work, they have to be activated on the Plesk-wide mail settings, and then again individually at the domain level.
Made these changes on my business e-mail's server and domain and it fixed the problem!
Made the same changes on the server with the customer's domain and...still seeing the same issue.
Have checked all settings between them and they're identical. All the appropriate DNS records are in place. I'm kind of at a loss for waht else to check at this point.1 -
Currently studying.
I feel like degrees are quite valuable. It is basically the university vouching for you and that they think you are qualified within an area. This is quite valuable.
Through work, I have seen some horrible shit in production, therefore i think it makes good sense for a company to ask for some "minimum requirements" which can be verified by an institution like a university. Not saying that all who graduates are good programmers, they just have the minimum required knowledge and skill that the university demands in order to vouch for them.
I believe that on average the "average bad programmer" from a university will be better than "average bad programmer" without degree.
Plus, if you have a decent education system in your country, you shouldn't have to pay for you degree.1 -
Someone else updated a firmware and noticed that its worse than the older? The worst ia when you try to fix it and it broke another thing.
Too many bugs in a release (yes, a "verified" release)3 -
I have come to learn that when you script nearly everything in your job, what remains are the real pain in the ass clients.
I have told this particular client before that the issue does not lie with our equipment. I have verified while on a conference call with the other vendors that I am out of the equation. They concurred while the client was on the phone.
And yet.... Today, almost two weeks later, I have been assigned a ticket to re-verify our settings and to potentially troubleshoot !OurEquipment.
What hurts me the most is that my CEO is the best boss I have ever had, but he panders to these clients that do not listen to the diagnosis.
I am literally doing the same thing over again. I am not expecting a different outcome. I don't know why others expect a different outcome.
Because of this one example (and other similar ones), I am so tempted to leave an otherwise great company and environment. -
The fucking release process. We release weekly which is stressful for both Devs and QA’s. Everything should be committed/promoted in our DVCS by Thursday and should be verified beforehand. The problem is, QA’s doesn’t take development builds, they only want to take whats fucking next in release. In other words WE. FUCKING. RELEASE. UNTESTED. SOFTWARE.
Man, BA’s have it easy on our team.1 -
I just completed this heartfelt and sincere little cry for help on another ste but it wasn't verified because I'm not special enough to format it like a PAD, whatever that means. I cannot seem to simply burn music files anymore. I'm using a Samsung laptop Device name DESKTOP-AII2T2S
Processor Intel(R) Core(TM) i7-2675QM CPU @ 2.20GHz 2.20 GHz
Installed RAM 8.00 GB
Device ID D766A89B-5671-4D9F-B6F9-2D884E9EA309
Product ID 00326-10000-00000-AA880
System type 64-bit operating system, x64-based processor
Pen and touch No pen or touch input is available for this display
Edition Windows 10 Home
Version 20H2
Installed on 09/08/2020
OS build 19042.928
Experience Windows Feature Experience Pack 120.2212.551.0
The music is a combination of commercially relased material as well as bootleg recorded material.
I am not looking for a "This is Why We Can No Longer Burn Our Music Files" Intro. All you need to tell me is the corporations that eat the world are protecting their copywrighted music and I must be up earlier and eat bettter breakkie than those individuals. That I can handle. Although I'm not a dev, I'm sure you can understand the feelling after you have worked for hours on attempting something, only to discover your effort has been in vain (much like my former relationships). Again, if you can give me any direction aside from hanging it up and attempting to find happeniness elsewhere, sock it to me. I deserve it. Thanks.
11 years ago when I used a Macbook putting together a playlist, inserting a blank CDR, and burning the file onto the CDR was very easy. I\'m am now faced with hurdles I sometimes scale, only to fall on my face.
I\'m not stupid, or uneducatated about flac, blah blah. I learnt it all myself. I\'m now using a windows operating system. Afew weeks ago I was able to burn what ever I pleased and it was OK.
Then one day, it just wouldn\'t do it. I was following no altered procedures. Since then it\'s been misery. I remember that ocenaudio once burned music files for me.
I don\'t know how to go about retrieving an instruction manual that will take me step by step as to how to do this.
You help would be appreciated.
Cheers,
Jonno
I've been lurking here since 2017 when my Macbook died. I've always enjoy the level of sanity and have attempted to add my jaded, distant and nihilistic spin on a few threads. It won't destroy me if I can't burn files anymore, I'll just go back on heavy tranques and change my name to Ben Zo. Dia Za P.een3 -
#Suphle Rant 9: a tsunami on authenticators
I was approaching the finish line, slowly but surely. I had a rare ecstatic day after finding a long forgotten netlify app where I'd linked docs deployment to the repository. I didn't realise it was weighing down on me, the thought of how to do that. I just corrected some deprecated settings and saw the 93% finished work online. Everything suddenly made me happier that day
With half an appendix chapter to go, I decided to review an important class I stole from my old company for clues when I need to illustrate something involved using a semblance of a real world example (in the appendix, not abstract foo-bar passable for the docs)
It turns out, I hadn't implemented a functionality for restricting access to resources to only verified accounts. It just hasn't been required in the scheme of things. No matter, should be a piece of cake. I create a new middleware and it's done before I get to 50 lines. Then I try to update the documentation but to my surprise, user verification status turns out to be a subset of authentication locking. Instead of duplicating bindings for both authentication and verification, dev might as well use one middleware that checks for both and throws exceptions where appropriate.
BUT!
These aspects of the framework aren't middleware, at all. Call it poor design but I didn't envisage a situation where the indicators (authentication, path based authorisation and a 3rd one I don't recall), would perform behaviour deviating from the default. They were directly connected to their handlers and executed after within the final middleware. So there's no way to replace that default authentication scheme with one that additionally checks for verification status.
Whew
You aren't going to believe this. It may seem like I'm not serious and will never finish. I shut my system down for that day, even unsure how those indicators now have to refactored to work as middleware, their binding and detachment, considering route collections are composed down a trie
I'm mysteriously stronger the following day, draw up designs, draft a bunch of notes, roll my sleeves, and the tsunami began. Was surprisingly able to get most of previous middleware tests passing again before bed, with the exception of reshuffled classes. So I guess we can be optimistic that those other indicators won't cause more suffering or take us additional days off course2 -
Spent a couple hours trying to obtain an SSL certificate to encrypt my site last night... No luck so far. It kept saying it doesn't have access, when I verified that nginx serves to port 443...20
-
Chinese remainder theorem
So the idea is that a partial or zero knowledge proof is used for not just encryption but also for a sort of distributed ledger or proof-of-membership, in addition to being used to add new members where additional layers of distributive proofs are at it, so that rollbacks can be performed on a network to remove members or revoke content.
Data is NOT automatically distributed throughout a network, rather sharing is the equivalent of replicating and syncing data to your instance.
Therefore if you don't like something on a network or think it's a liability (hate speech for the left, violent content for the right for example), the degree to which it is not shared is the degree to which it is censored.
By automatically not showing images posted by people you're subscribed to or following, infiltrators or state level actors who post things like calls to terrorism or csam to open platforms in order to justify shutting down platforms they don't control, are cut off at the knees. Their may also be a case for tools built on AI that automatically determine if something like a thumbnail should be censored or give the user an NSFW warning before clicking a link that may appear innocuous but is actually malicious.
Server nodes may be virtual in that they are merely a graph of people connected in a group by each person in the group having a piece of a shared key.
Because Chinese remainder theorem only requires a subset of all the info in the original key it also Acts as a voting mechanism to decide whether a piece of content is allowed to be synced to an entire group or remain permanently.
Data that hasn't been verified yet may go into a case for a given cluster of users who are mutually subscribed or following in a small world graph, but at the same time it doesn't get shared out of that subgraph in may expire if enough users don't hit a like button or a retain button or a share or "verify" button.
The algorithm here then is no algorithm at all but merely the natural association process between people and their likes and dislikes directly affecting the outcome of what they see via that process of association to begin with.
We can even go so far as to dog food content that's already been synced to a graph into evolutions of the existing key such that the retention of new generations of key, dependent on the previous key, also act as a store of the data that's been synced to the members of the node.
Therefore remember that continually post content that doesn't get verified slowly falls out of the node such that eventually their content becomes merely temporary in the cases or index of the node members, driving index and node subgraph membership in an organic and natural process based purely on affiliation and identification.
Here I've sort of butchered the idea of the Chinese remainder theorem in shoehorned it into the idea of zero knowledge proofs but you can see where I'm going with this if you squint at the idea mentally and look at it at just the right angle.
The big idea was to remove the influence of centralized algorithms to begin with, and implement mechanisms such that third-party organizations that exist to discredit or shut down small platforms are hindered by the design of the platform itself.
I think if you look over the ideas here you'll see that's what the general design thrust achieves or could achieve if implemented into a platform.
The addition of indexes in a node or "server" or "room" (being a set of users mutually subscribed to a particular tag or topic or each other), where the index is an index of text audio videos and other media including user posts that are available on the given node, in the index being titled but blind links (no pictures/media, or media verified as safe through an automatic tool) would also be useful.12 -
TLDR
Apparently if you delete your google account as an only admin of a workplace by just clicking remove account on expired subscription screen when you are on document page you not only loose access to google workplace but also you can create new workplace google account using same domain and email immediately and it’s fresh google domain account without domain verification and with everything wiped off from your old account. So you don’t have access to anything but on the other side there is possibility to use gmail as spam hub if google fucked ip something in their dns verification and once verified and after that expired domain gets bought again it stays verified.
Well I luckily migrated my gmail to other provider 3 years ago and I lost nothing important there but lol.
You can easily lock out yourself from your domain.
I opened ticket using some questionnaire and by adding another dns txt record to my domain to claim access to workplace admin page and let’s see what they do.
If they ever respond to that ticket and how long it will take to get it resolved.
This is good test to see if google is still a people’s company or an evil corporation.
I was using workplace as long as it was free from days of google app engine and begging of cloud revolution. I remember at best times I could chat with google support employee about spam I got from domain registered on google servers and he was processing ticket for me.2 -
speedrun.com completely destroyed itself today.
Apparently they thought it was funny to change all kinds of labels, links, images etc. around for April fool's, so now the site became completely unusable. In a game that I identified as Minecraft by looking at the URL, over 10 moderators were added and minutes later, a 5 minute world record of getting all achievements was verified, which didn't even have a (complete?) video. Context: The previous world record was over an hour. I would check what the correct previous time was, but I can't figure out what any of the labels are supposed to say.
I already wrote them a mail saying that they should revert it as soon as possible, because the site is completely unusable, and that they should consider that there are people who don't like being blocked from doing anything just because it's April again. Hopefully they made a backup recently, because they might as well reset to yesterday's data.7 -
Already starting to regret trying to learn c++ AND test driven development at the same time. Do you think i can even get the boost-test headers located anywhere from a binary package installation.
3 days on no learning code cause i cant even get the testing suite up and verified.1 -
Question about GPG:
So I understood the concept and successfully applied it to my Gitlab, but how helpful is it?
From what I understood it helps detecting which commits are from verified authors and which are from just someone who has access?
I'd appreciate if someone explains more on how helpful it is :)5 -
Comcast has called me every day for the past week. Everytime I pick up there's a two second pause and then they hang up.
Now they left me a voice message saying they have an important notice about my account and they need to get ahold of me.
They call again- and immediately hang up.
Why. Fix your automated phone service ffs!
It's Comcast supports actual number, verified. Not even a scammer or such.3 -
Fuck the long process to make a new Microsoft Azure account. It needs both a verified email and a verified phone number, and (especially) doesn't accept a Google Voice number, which is the main number I actually use for everything. And of course, this is after doing the exact same process to make a new Microsoft account.1
-
Is it just me or are graphical software verification libraries useless? I have had to take courses in several is them at uni. Usually, the diagrams end up being externally complex and more prone to errors than the software they are supposed to verify.
The fact that the "final project"of one course was to verify 100 lines of java in 2 weeks. Any beginning programmer could read the java code and confirm it was correct. The diagram my group produced could only be verified by a team of experts over the course of a year. How is it valuable to spend time "verifying"software if the verification needs even more verification than the original software.
Maybe I'm missing the point but I just don't get why there is a market for expensive propratary software in this area.1 -
What's the most insane deployment scheme you've had to work with? One client has a release schedule that deploys all major projects once a month(!). Bugfixes get deployed once a day (systemwide), so any issue that can't be verified until it's in production has at least a days delay when iterating.
-
Before now, Twitter was under a bitcoin twister verified attack ( that is my name for it ), now Snapchat is on a photo exposing viral attack.
is this World War including hackers, messing with social media handles.
World War 3 will be fought online, i know yeah.1 -
Algolia says:
"So our price widget doesn't allow decimals, you'll have to create a custom widget"
I do it.
"Hey, It's not working and I verified it's applying the filter correctly. I noticed my price is a string in your index, maybe that's incorrect and causing it to not work?"
They say: "Yep, you'll need to run an update to fix that and change all to floats" (charges an arm and a leg for the thousands of index operations needed to update the data type)
I clear the index and send a single one as a test, verifying it's a float by casting it using (float) then var_dumping. It shows "double(3.99)", but when it gets to Algolia, it's 0.
So I contact support.
"Hi, I'm sending across floats like you say but it's receiving it as 0, am I doing something wrong? Here's my code and the result of the var_dump"
They respond: "Looks like you're doing it right, but our log shows us receiving 3.999399593939, maybe check your PHP.ini for "serialize_precision" and make sure it's set to -1"
I check and it's fine, then I realize that var_dump is probably rounding to 2 decimal points so I change my cast to (float) number_format($row['Price'], 2) and wallah...it works.
Now I've wasted days of paying for their service, a ton of charges for indexing operations, and it was such a simple fix.
if they had thrown an error for the infinite decimal, that would have helped, but instead I had to reach out to find out that was the issue.
#Frustrated. -
A young new dev was working on his first ticket, about a bug during parsing of an uploaded excel file. Our issue was that if the file contained an empty line, all remaining rows were ignored. So the task included extending our tests to cover this case. After 2 weeks (!), his merge request comes in. His idea (without ever asking for help) was to parse the whole file (in some cases huge) in the production code a second time, just to count the rows (!!) and save the count in a public static int field, which was verified in his new test.2
-
Gotta be honest, I'm getting real sick of seeing "View my verified achievement" posts on LinkedIn. I have gotten a few certifications, but I have never posted them on LinkedIn because its irrelevant for 98% of my peers. How about simply telling your relevant peers of your so called achievement. Your manager would probably interested in knowing, but most of your 500 followers sure ain't. You can still put your certification on your LinkedIn profile for the recruiters to glob over while doing the rest a favor.2
-
Infineon infineon infineon...
Your aurix tricore is amazing for all safet systems... On paper.
Your support is abysmal. Tried forums, support line to verify a demo that only seems to work sometimes.
I just wanted to get ethernet communication using the demo. But hey one week gone and no success....
And the code seems to behave differently for each run :| the debugger works only on global variables and no printf statements. But hey just make a lot of globals right? So little footprint available so not possible :-\
Hoped that some forum could confirm the demo so I knew I was just making a fuck up, but cannot get that verified...
Embedded programming not for me... :/ -
I made some commits just past midnight. But they’re not showing up on the repo on the 23rd nor on the 22nd. At what time are contributions updated on the profile ? Or is this some stale_chache issue I read about earlier.
Edit—
Perhaps because they are not verified. I found out about it only now.2 -
I just though to myself... “I’d pay $10 a month for a verified ‘age’ filter for posts.” I guess, sometimes I’d like to know the person fire-storming me isn’t 14 years old. Just for like - an hour here or there. Unusual. Maybe I just turned “old.”
-
Thoughts on buying a raspberry pi off of eBay? I know it’s definitely not a verified seller but the seller has great reviews2
-
Why is my Spark Dataframe getting written as empty in the database table when deleting records? There’s no problem when inserting records, and I I have verified that my Spark Dataframe is not empty when trying to rewrite using Overwrite method. Then why is my whole table data getting deleted when I’m just trying to remove a few records using left_anti join?1
-
you know how i hate things that can't be verified without far more man hours than I have available ?
just requires you to take something on faith which may not be vital but it still requires you to take something on faith from a source you don't always trust. -
Ranting doesn't help if the you didn't verified the email. Really devRant, all my ranting I did previous about the customer is gone. _-_2