I'm at my seat during the regular morning routine of checking emails, planning the things I need to complete/study when my phone rings.

HR: Good Morning, can you come over to the conference room please ?

Me: Sure

I enter the conference room and on the other side of the table, I see a group of 3 HR Managers (not a very nice feeling), especially when it was 10 months into my first job as a Trainee Software Developer.

HR: The company hasn't been performing as expected. For this reason, we've been told to cut down our staff. We're sorry but we have to let you go. You've been doing a great job all along. Thank you.

Me: ---- (seriously ?!)

The security-in-chief 'escorts' me out of the premises and I hand over the badge. I'm not allowed to return to my desk.

This happened about 16 years ago. But it stuck with me throughout my programming career.

A couple of Lessons Learnt which may help some of the developers today :

- You're not as important as you think, no matter what you do and how well you do it.
- Working hard is one thing, working smart is another. You'll understand the difference when your appraisals comes around each year.
- Focus on your work but always keep an eye on your company's health.
- Be patient with your Manager; if you're having a rough time, its likely he/she is suffering more.
- Programming solo is great fun. However it takes other skills that are not so interesting, to earn a living.
- You may think the Clients sounds stupid, talks silly and demands the stars; ever wonder what they think about you.
- When faced with a tough problem, try to 'fix' the Client first, then look for a solution.
- If you hate making code changes, don't curse the Client or your Manager - we coders collectively created a world of infinite possibilities. No point blaming them.
- Sharing your ideas matter.
- Software Development is a really long chain of ever-growing links that you may grok rather late in your career. But its still worth all the effort if you enjoy it.

I like to think of programming as a pursuit that combines mathematical precision and artistic randomness to create some pretty amazing stuff.

Thanks for reading.

Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜

Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.

First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.

Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.

Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.

Dealing with attacks and getting hacked.

Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.

linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)

How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!

One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)

Dealing with different kinds of attacks:

Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.

So yah, hereby :P

The year was 1983. My best friend and neighbour at the time invited me over to see an amazing device that his father had brought home from work, an IBM PC. We played a game called Track & Field, and I was amazed that the machine remembered my name once I've entered it. (Uptil then the only machines with any kind of memory that I've come in touch with, were arcade games and my cousin's video game console, which was also the first electronic gaming device I've ever played, back in 1978). In the early 1980s, computers were anything but commonplace in Åland Islands, but I think that it was in 1983 that people became aware of them, and there was a budding interest to buy one, at least among us kids. It was my sister who wished for a home computer for Christmas, so the same year Santa gave us a ZX Spectrum. It came with a game called Thro' the Wall, an Arcanoid clone(, that has inspired me to make my own clone "Wall" for all the different home computers I've had, ranging from Commodore 16 and Canon V-20 to Amiga 500 and Amiga 1200). Unfortunately, we only managed to load the game (delivered on a C cassette) like once or twice after several attempts. It turned out that the hardware was faulty and dad got a refund after first having had to complain a lot at the dealer (which went out of business some ten years ago), and then bought the Commodore the next Christmas. Anyway, I wrote my first code on the ZX Spectrum. It doesn't really count for programming as all I did was typing examples and running them. I do recall altering one example though, a program drawing the Swedish flag on the screen, by adding an inner red cross thus turning it in the Åland flag. But, with the Commodore 16 (which had an excellent Basic interpreter) I got started with programming almost immediately and by the end of 1984 I had written my fist very own Basic programs. In 1996 I got my first IT job, and am still a dev. So, what became of my childhood friend and neighbour? He runs a successful computer dealership :)

Best code performance incr. I made?

Many, many years ago our scaling strategy was to throw hardware at performance problems. Hardware consisted of dedicated web server and backing SQL server box, so each site instance had two servers (and data replication processes in place)

Two servers turned into 4, 4 to 8, 8 to around 16 (don't remember exactly what we ended up with). With Window's server and SQL Server licenses getting into the hundreds of thousands of dollars, the 'powers-that-be' were becoming very concerned with our IT budget. With our IT-VP and other web mgrs being hardware-centric, they simply shrugged and told the company that's just the way it is.

Taking it upon myself, started looking into utilizing web services, caching data (Microsoft's Velocity at the time), and a service that returned product data, the bottleneck for most of the performance issues. Description, price, simple stuff. Testing the scaling with our dev environment, single web server and single backing sql server, the service was able to handle 10x the traffic with much better performance.

Since the majority of the IT mgmt were hardware centric, they blew off the results saying my tests were contrived and my solution wouldn't work in 'the real world'. Not 100% wrong, I had no idea what would happen when real traffic would hit the site.

With our other hardware guys concerned the web hardware budget was tearing into everything else, they helped convince the 'powers-that-be' to give my idea a shot.

Fast forward a couple of months (lots of web code changes), early one morning we started slowly turning on the new framework (3 load balanced web service servers, 3 web servers, one sql server). 5 minutes...no issues, 10 minutes...no issues,an hour...everything is looking great. Then (A is a network admin)...
A: "Umm...guys...hardly any of the other web servers are being hit. The new servers are handling almost 100% of the traffic."
VP: "That can't be right. Something must be wrong with the load balancers. Rollback!"
A:"No, everything is fine. Load balancer is working and the performance spikes are coming from the old servers, not the new ones. Wow!, this is awesome!"
<Web manager 'Stacey'>
Stacey: "We probably still need to rollback. We'll need to do a full analysis to why the performance improved and apply it the current hardware setup."
A: "Page load times are now under 100 milliseconds from almost 3 seconds. Lets not rollback and see what happens."
Stacey:"I don't know, customers aren't used to such fast load times. They'll think something is wrong and go to a competitor. Rollback."
VP: "Agreed. We don't why this so fast. We'll need to replicate what is going on to the current architecture. Good try guys."
<later that day>
VP: "We've received hundreds of emails complementing us on the web site performance this morning and upset that the site suddenly slowed down again. CEO got wind of these emails and instructed us to move forward with the new framework."

After full implementation, we were able to scale back to only a few web servers and a single sql server, saving an initial $300,000 and a potential future savings of over $500,000. Budget analysis considering other factors, over the next 7 years, this would save the company over a million dollars.

At the semi-annual company wide meeting, our VP made a speech.

VP: "I'd like to thank everyone for this hard fought journey to get our web site up to industry standards for the benefit of our customers and stakeholders. Most of all, I'd like to thank Stacey for all her effort in designing and implementation of the scaling solution. Great job Stacy!"
<hands her a blank white envelope, hmmm...wonder what was in it?>

A few devs who sat in front of me turn around, network guys to the right, all look at me with puzzled looks with one mouth-ing "WTF?"

Not at all dev related but I don’t have a social life so I share with you guys:)

I’ve been fat for all my life. You might say it’s my own fault blah blah but I quit sugar over 10 years ago, I don’t snack and eat 1-2 meals a day, not much more than others do.

The first time I was in good shape was when I was 16. I was growing, I started boxing and I was happy-ish with my body for the first time. I got down from 110kgs to ~87kgs, which is a good weight for me, I have heavy bones and wide shoulders I guess.
I insured my shoulder and couldn’t do boxing anymore but my weight was still pretty much stable. After working in the office for a few months I started gaining weight again, I think mainly due to the stress and lack of sleep.
In 2017 for the first time I hit a new high with 120kgs. I quit my terrible, stressful 24/7 job and relocated and got down to ~115 which I maintained for quite a while (still going to the gym and stuff).

And then the lockdown started..
I went up to >120 in no time.
(Sounds really bad but as mentioned, I’m heavy anyway so I’m not THAT obese, just fat.

Seeing my weight was really scary to me so I started a keto diet again, which I did before but with limited success.

Warning: Controversial topic coming up..

I took it a bit further and tried 0-carb (carnivore diet) instead of low carb and I lost 6kg within a month. Then the next plateau at 114, then at 112 etc.
Went more strict and removed seasoning and stuff and started eating more nutritious meat, liver, heart, tongue etc and my weight started dripping again.

Yesterday for the first time in ~a decade I got down to 105kg.
My end goal is 90, so I made it half way through.

Just really happy to have achieved this. The 1 good thing about lockdown I guess, I had so much time to be on my own.

Before you say eating no greens is bad, keep in mind that most not old people die because of obesity, not because of a lack of fiber.

It’s a big achievement for me and I hope that I can get to 90kg in another 3 months..

Story over

I started programing when I almost failed at some IT class 7 years ago when I was 16 in high school. So I started googling how to do basic stuff in java (if, for, while,... ) and I just fall in love with it 😊 I still remember how I wanted to make a button in Java so I googled: how to button in java 😂
Here I am still in love with it and I think I will always have this need to learn new programming languages, technologies, frameworks,... 😊🤓

I have been keeping this inside for long time and I need to rant it somewhere and hear your opinion.

So I'm working as a Team Lead Developer at a small company remotely based in Netherlands, I've been working there for about 8 years now and I am the only developer left, so the company basically consists of me and the owner of the company which is also the project manager.

As my role title says I am responsible for many things, I maintain multiple environments:
- Maintain Web Version of the App
- Maintain A Cordova app for Android, iOS and Windows
- Working with pure JavaScript (ES5..) and CSS
- Development and maintenance of Cordova Plugins for the project in Java/Swift
- Trying to keep things stable while trying very hard to transit ancient code to new standards
- Testing, Testing, Testing
- Keeping App Stable without a single Testing Unit (sadly yes..)
- Just pure JavaScript no framework apart from JQuery and Bootstrap for which I strongly insist to be removed and its being slowly done.

On the backend side I maintain:
- A Symfony project
- MySQL
- RabbitMQ
- AWS
- FCM
- Stripe/In-App Purchases
- Other things I can't disclose

I can't disclose the nature of the app but the app is quite rich in features and complex its limited to certain regions only but so far we have around 100K monthly users on all platforms, it involves too much work especially because I am the only developer there so when I am implementing some feature on one side I also have to think about the other side so I need to constantly switch between different languages and environments when working, not to mention I have to maintain a very old code and the Project Owner doesn't want to transit to some more modern technologies as that would be expensive.

The last raise I had was 3 years ago, and so far he hasn't invested in anything to improve my development process, as an example we have an iOS version of the app in Cordova which of course involves building , testing, working on both frontend and native side and etc., and I am working in a somewhat slow virtual machine of Monterey with just 16 GB of RAM which consumed days of my free time just to get it working and when I'm running it I need to close other apps, keep in mind I am working there for about 8 years.

The last time I needed to reconfigure my work computer and setup the virtual machine it costed me 4 days of small unpaid holiday I had taken for Christmas, just because he doesn't have the enough money to provide me with a decent MacBook laptop. I do get that its not a large company, but still I am the only developer there its not like he needs to keep paying 10 Developers.

Also:
- I don't get paid vacation
- I don't have paid holiday
- I don't have paid sick days
- My Monthly salary is 2000 euro GROSS (before taxes) which hourly translates to 12 Euro per hour
- I have to pay taxes by myself
- Working remotely has its own expenses: food, heating, electricity, internet and etc.
- There are few other technical stuff I am responsible of which I can't disclose in this post.

I don't know if I'm overacting and asking a lot, but summarizing everything the only expense he has regarding me is the 2000 euro he sends me on which of course he doesn't need to pay taxes as I'm doing that in my country.

Apart from that just in case I spend my free time in keeping myself updated with other tech which I would say I fairly experienced with like: Flutter/Dart, ES6, NodeJS, Express, GraphQL, MongoDB, WebSockets, ReactJS, React Native just to name few, some I know better than the other and still I feel like I don't get what I deserve.

What do you think, do I ask a lot or should I start searching for other job?

Figured I'd post for some advice here and see if anybody has had previous experience or success with a situation like this.

My team is generally comprised of full-stack developers completing front-end custom work on sites, writing back-end tools, and fixing broken sites. We are a rapid-response DEV team, and we typically turn around any custom requests in less than 5 days and fix any broken sites on the same day as they were reported. We manage almost 15,000 sites across multiple countries, and deal with very large corporations that many of you interact with every day (I'm trying to be cryptic here hahaha.) There are 16 of us on our team, and we are the only DEV team within our department of 500+ people. We are also the only DEV team taking requests from these 500+ people. The way the department works, we are the final say on whether a specific piece of custom work will get completed or not, and we are the go-to people when anybody has a question about our system infrastructure or if our system can accommodate a request, along with how to fix any broken pieces of our platform. We typically get about 150 requests per day. Lately, the entire team has become unhappy with our compensation for the work we do. We're quite underpaid, and they keep giving us more responsibilities without any sort of extra compensation. We've discovered that there are a large amount of non-developers below us that are getting paid more than we are. We've found that we get paid about $15,000 less than a comparable DEV team in a different department (let's call that team DEV_2,) just because of which department our team exists within, and how our department defined our job back when this position was created a few years ago. Ever since the position was created, our team's responsibilities have exponentially increased. We believe that there is absolutely no reason that an entry-level position below us should get paid just as much, or even more in some cases, than a developer. Of course, we're not asking to pay them less. Instead, we've decided that we're going to bring this up with our manager and schedule a meeting with him, our Department Director, and Human Resources, and voice that we believe that we should be on the same payscale as the comparable DEV_2 in the other department.

To be a good developer on our team, you need to not only have coding expertise, but also an encyclopedic knowledge of what you can do within our platform without any coding. You need this knowledge so you can pass it along to any people in positions below you, in case they didn't know that something could be done without custom code.

We're going to argue that if it weren't for our team, the company would be losing millions of dollars in clients, because people wouldn't have anybody to go to for platform infrastructure questions, broken websites, or custom work. Instead, they would need to send these requests to the DEV_2 team, which currently take about 6 months to turnaround requests. Like I said, we are a rapid-response DEV team, and these particular clients think that a 5 day turnaround time is ridiculous. If they had to wait 6 months for their request to be completed, they would cancel their contracts.

Not to mention the general loss of knowledge if the members of our team went to a different department, which would be catastrophic for our current department. Believe me, this department could not function without this DEV team. If we all went on vacation for a week, the place would be on fire by the time we got back, and many clients would be lost.

Do any of you have any experience with a situation like this, and if so, how did it turn out? Thank you!

A question here reminded me of how websites were made long ago. Frames! Remember those little jewels? <frameset> and <iframe>, I still remember them. Man, even then it felt terribly wrong to use them. I remember using them to create web pages with header and side bar.

The only alternative was using <tables>, which, well, we know how they ended up. Frames today have been silently forgotten, but tables have been loudly hated for many years!

Ahhh, those were the times. So much has happened since then.

(Is "website" still a word today, btw?)

At the time I had been squatting, arrested, driven 300 miles across country only to be released - mistaken identity with just the clothes on my back. Decided to stay and lined up a couple of interviews. I got offered both but took the one which meant 2 busses and a ferry and 2 hours each way for a data entry position.

They were migrating to a new database and my job was to type it in to a screen so from print outs. Didn’t take long for me to work through that and they were struggling to find stuff for me to do, I mean at one point I was filing paper files. So I saw the 2 it guys doing the same thing with loads of excel files , hours and hours a month just wasted. I wrote a vba excel macro to do it for them at the click of a button and suddenly a position opened up as a junior programmer. Still at the same place 16 years later and were still using software I wrote 15 years ago (.net 1.1) quite happily on win10 surprisingly.

I guess I should relate what work experience I have: my internship.

A little backstory I suppose. It's required at my school to do an internship to graduate except under certain circumstances. They encourage work experience a lot where I study. It was around time for me to apply for internships. However, the closest I got was a phone call with Amazon that I biffed when they started asking about stuff like sorting algorithms and other Big O notation stuff. So I was pretty desperate. I found a small company that were looking for internships and got an interview with them. The pay was dirt (I made more as a crew trainer at McDonalds) but I needed that internship and they were only 10 minutes away.

Immediate red flags when I showed up to the address. At first I thought I was wrong, But I noticed the sign of the company pointing up some stairs that were installed on the side of the house I was in front of.

Interview was a bit weird. It was with the CEO and the marketing manager. Again red flags. I show up for work a week later.

Turns out, they have no full time developers. 1st day was getting my workstation ready and 2nd day I was running Ethernet cables to the basement where the phones were connected. Spent around a week doing that.

This was supposed to be a Software Engineering internship?? Excuse me?? I came here to learn how working on Software is supposed to be like! I was also their "tech support" both for their computers and their crappy software that was built 16 years ago that people still pay for that I had NO idea how it worked because I just started and NOBODY taught me anything! To make matters worse, even if I wanted to delve into the code to see how it works it was all made in ancient Perl which didn't make things any easier.

But I needed that internship to graduate. And thus begun my 9 months with them and boy howdy I have stories to tell. Stay tuned in the future.

How do you guys motivate yourself to work out.
Its been 2 times... First i tried 2 years ago in Aug 16.
Back then , my college started and i got busy in that so left the gym after a month. I blamed myself, the tiredness it gave me and lack of friends/work out partners there at that time.
Second time, i tried more hardly in jan 2018. This time, i had my gym companions, nd i was doing better. At the start i was handling the stress well, since it was just the clg and gym,then came along the internship, but i still handled it. But after the internship, i felt the need to up my skills and do more personal projects which was still not happening because of the gym tiredness. And then came along a scholarship into one of my favorite courses, and then the papers, and then.... A lot of 'other' things started happening, so i leftthe gym jn may 18.
I am concerned about a few things. 1)These days, I am usually entangled between entertainment, clg work, self learning/ scholarships. I used to do gymming in evening hours after clg and self learning on weekends, but now i am like everyday am straight to home from clg, onto bed, into the sheets, laptop on, and am doing scholarships task till late night. I fear that my work is now so important that i cannot push it to weekends. How do you guys manage learning and maintaining your body together?
2. Gym is a sick environment. We see pumped up people with 8% body fat , skin sticking to their ugly muscles while i am there , juggling my belly fat on the treadmill. For 2 months straight i was just doing the cardio. It gave me some results i guess, my belly got a Little loose but no one really saw much changes. I am not concerned about other people or fast results particularly, but when combined, i feel like am going to a royal house party everyday, where everyone except me is a beautiful king or queen , except me, a lowly peasent . Those pumped up kings are beating their bodies and getting more beautiful, while i am trying to beat these dead belly meat which won't flatten up .

Meh.