I found out recently that Facebook is embedding tracking data in the form of IPTC metadata in images that you upload. This way the images can be tracked even after you download them.

Because I'm an anarchist and just want to watch the world burn a little, I made a tiny server to replace the id hash that they embed with a random one, just to see if I can't fuck with their algorithm a little bit.

You can check out the project here https://github.com/watzon/fbmdob

[original]

[See image]

This guy is wrong in so many ways.

"Windows/macOS is the best choice for the average user. Prove me wrong."

There are actually many Gnu/Linux based operating systems that's really easy to install and use. For example Debian/any Debian based OS.
There are avarage users that use a Gnu/Linux based operating system because guess what. They think its better and it is.
Lets do a little comparision shall we.

- - - - - Windows 10 - - Debian
Cost $139 Free
Spyware Yes. No
Freedom Limited. A lot

"[Windows] It's easy to set up, easy to use and has all the software you could possibly want. And it gets the job done. What more do you need? I don't see any reason for the average joe to use it. [Linux]"

Well as I said earlier, there are Gnu/Linux based operating systems thats easy to set up too.

And by "[Windows] has all the software you could possibly want." I guess you mean that you can download all software you could possibly want because having every single piece of software (even the ones you dont need or use) on your computer is extremely space inefficient.

"Linux is far from being mainstream, I doubt it's ever gonna happen, in fact"

Yes, Linux isn't mainstream but by the increasing number of people getting to know about Linux it eventually will be mainstream.

"[Linux is] Unusable for non-developers, non-geeks.

Depends heavily on what Gnu/Linux based operating system youre on. If youre on Ubuntu, no. If youre on Arch, yes. Just dont blame Linux for it.

"Lots of usability problems, lots of elitism, lots of deniers ("works for me", "you just don't use it right", "Just git-pull the -latest branch, recompile, mess with 12 conf files and it should work")"

That depends totally on what you're trying to. As the many in the Linux community is open source contributors, the support around open source software is huge and if you have a problem then you can get a genuine answer from someone.

"Linux is a hobby OS because you literally need to make it your 'hobby' to just to figure out how the damn thing works."

First of all, Linux isnt a OS, its a kernel. Second, no you dont. You dont have to know how it works. If you do, yes it can take a while but you dont have to.

"Linux sucks and will never break into the computer market because Linux still struggles with very basic tasks."

Ever heard of System76? What basic tasks does Linux struggle with? I call bullshit.

"It should be possible to configure pretty much everything via GUI (in the end Windows and macOS allow this) which is still not a case for some situations and operations."

Most things is possible to configure via a GUI and if it isnt, use the terminal. Its not so hard

https://boards.4chan.org/g/thread/...

So the bosses and general peeps at work never close our door properly.

Finally earning the "engineer" part of our job titles :p!

My friend dropped her phone and it doesn't turn on anymore, but she has a dual-SIM spare phone. So the problem didn't seem too bad at first. I told her I'd help her with the backup restoration, set everything up on her new (old) phone.
After 30mins of trying to restore the backup from her old phone and moving the SIM card to the new phone...

"But I didn't have a backup and the SIM card tray isn't working. Can you also help me recover my 10 000 pictures and songs?"

I guess I'm done here

(Interview for sde-3 position)
(continuation of https://devrant.com/rants/2132431/... )

Interviewer - *opens laptop. Gives a question.* solve this.

Me - *a bit surprised that such questions were being asked on a sde-3 level*
this is the 4th or 5th question from geeksforgeeks, isn't it? I know the answer to this. Do u still want me to solve it?

Interviewer - *not believing me* Yes

Me - okay. Well this *writing down the original solution mentioned on the site* is the verbatim code mentioned on the website, with complexity O(n^2).
However I feel this is not the optimal solution. Let me write a better solution.
*I provide a better solution*
This has a complexity of O(n log n) . What do you think?

Interviewer - Nope. This could be a lot better.

Me - okay. Let me see. Did some minor changes, added some caching (obviously this will have no effect on the base algorithm) etc
How about now?

Interviewer - nope. Still not good.

Me - okay. Can you tell me how to improve it?

Interviewer - no we are not allowed to solve problems for you. It is not our interview, it is yours.

Me - that makes no sense. Interviews are a two way street. I'd very much like to know the optimal answer to this.

Interviewer - okay
*copies down the answer from geeksforgeeks*
This is good

Me - *at first I thought this was a prank or something. *
I just mentioned this answer here.
Then I spent the next 10 minutes providing a BETTER solution.
May I know how yours is better?

Interviewer - this solution has 2-3 loops. Yours has a function calling itself.

Me - that's called divide and conquer using recursion mf!
Anyways let's take an example and do a dry run.

Interviewer - okay

*we do dry run*

Interviewer - oh yes. Yours ran faster. But it will run fast only sometimes.

Me - yes. Each time the algorithm rolls a dice to decide if it should run fast or slow. You have one goddamn awesome weed dealer man.
I got to go. Thank you for meeting me.

dammmmn are there even offices like that?
(img from: gig, some gaming company's pic on their careers page)

Me: p
Windows Search: Paint
Me: pow
WS: PowerPoint
Me: powers
WS: Powershell
Me (typing too quickly to notice Powershell is already there): powershell
WS: ummm idk

When we finally get to Mars, all programmers on Earth will scream in pain over having to program another timezone

Software just destroyed half a year worth of work today. God bless developers. I'm getting myself a psychologist over a broken fucking server. Because software fucking killed it. And killed me with it. Do I really have to build everything from component to end product myself? Without even being a developer?

Tomorrow, my last high school exam awaits.

Tomorrow, I will be free...

Ouch. Friend started at a smallish company (~20 employees), and instead of a new machine he got handed the CEO's 5 year old Dell so the CEO could buy a new machine.

He sees it as no big deal, but am I the only one that sees that as (to put it mildly) a bit of a red flag? It's not the machine itself that's so much of a problem, more the attitude behind the decision that stinks.

"Yeah, I got your e-mail, I see the subject. Oh no, dude, it says urgent so it went straight to the URGENT queue. Yeah? Ah. Sure, I'll get to it as soon as I get through the ASAP, NOW and YESTERDAY queues. Well, if you wanted me to read it right away you should've say there's NO HURRY - I read only one no-hurry e-mail a day but there's currently 0 tasks on that queue."

Spent a lot of time designing a proper HTTP (dare I even say RESTful) API for our - what is until now a closed system, using a little-known/badly-supported message-over-websocket protocol to do RPC-style communications - supposedly enterprise-grade product.

I make the API spec go through several rounds of review with the rest of the dev team and customers/partners alike. After a few iterations, everybody agrees that the spec will meet the necessary requirements.

I start implementing according to spec. Because this is the first time we're actually building proper HTTP handling into the product, but we of course have to make it work at least somewhat with the RPC-style codebase, it's mostly foundational work. But still, I manage to get some initial endpoints fully implemented and working as per the spec we agreed. The first PR is created, reviews are positive, the direction is clear and what's there already works.

At this point in time, I leave on my honeymoon for two weeks. Naturally, I assume that the remaining endpoints will be completed following the outlines/example of the endpoints which I built. When I come back, the team mentions that the implementation is completed and I believe all is well.

The feature is deployed selectively to some alpha customers to start validation testing before the big rollout. It's been like that for a good month, until a few days ago when I get a question related to a PoC integration which they can't seem to get to work.

I start investigating and notice that the API hasn't been implemented according to the previously agreed upon spec at all. Not only did the team manage to implement the missing functionality in strange and some even broken ways, they also managed to refactor my previously working endpoints into being non-compliant.

Now, I'm a flexible guy. It's not because something isn't done exactly as I've imagined it that it's automatically bad. However, I know from experience that designing a good/clear/future-proof API is a tricky exercise. I've put a lot of time and effort into deliberate design decisions that made up the spec that we all reviewed repeatedly and agreed upon. The current implementation might also be fine, but I now have to go over each endpoint again and reason about whether the implementation still fulfills the requirements (both soft and hard) that we set out to meet.

I'm met with resistance, pushback and disbelief from product management and dev co-workers alike when I raise the concern that the API might actually not be production-ready (while I'm frantically rewriting my integration tests and figuring out how the actual implementation works in comparison to what was spec'ed).

Oh, and did I mention that product management wants to release this by end-of-week?!

Partner of ours claimed they are going to update their api. No breakage. My hopes were low and they did not disappoint.

Soon after the new version of their api went live, of course, loads of breakage. And the email contact with them is really fun.

Me: "Hello, since your update we get the issue A. Here's the complete communication."

Them: "We did not change the existing behavior. You are doing X wrong. Repeat that one call during the step and you should be fine."

Me: "Thank you, if I repeat the call, it does indeed work, albeit slower, since we are now repeating calls. Furthermore, our application was consuming your api for years and we did not change anything. So why is that step necessary now? Only after your update do our logs show errors from your API. And by the way, we now also have a issue with B. Why is that?"

Them: "Oh that's because your query the endpoint with "Fnord", try "Baz".

Me: "Yes, I do know that we query it with "Fnord" as that is what a previous endpoint of yours is responding to us. Why are we getting "Fnord"? What request do I have to make to get a "Baz" back?"

It feels like a game of wackamole. Squash one issue, ten more will pop up. I am one step away from becoming active-aggressive.

Holy shit my server survived a DNS amplification attack!

I thought my iptables rules were not very effective, since I kept seeing 1-2 ANY requests getting through my pihole (only to be ignored by the upstream cloudflare server).
Turns out, they never actually *kicked in*, until now.

The craziest part is that one ip belongs to the Ministry of a country!! :O

Eat that, motherfuckers! God I love it when this shit actually works!

Man, what a way to start the week. Our mailserver went nuts (something about a Shellbot virus, I don't know) and we were forced to migrate to a new one. Clients calling in panic and threatening to sue us and shit. I was the one tasked to fix the problem (I am a developer mind you, my sysadmin knowledge is limited to google searching and contacting support). At the same time, Turkish hackers attacked our other server and forced me to fetch backups and clear spamming scripts. And to top it all, I was forced to answer the phone calls and respond to the threats. Man, I must have been a complete prick in my previous lifetime to deserve this.

Few years ago a girl from our HR was hitting on my co-worker. She was asking all kinds of personal and professional favours just so he would come by her place, etc. One time she asked him to send her few C/C++ questions that she could use to thin the crowd of potential candidates before inviting them for the formal interview that he'd conduct later on. Obviously she wouldn't know if the answer is good or not but hell with it, he was ready to storm that pink fortress! So he came up with some mind twisters. She left two days later before he even reached the drawbridge. Sad.

So about six months ago he got fed up with some bullshit and left the company. Yesterday we had dinner. He was interviewing for quite some time being picky about which offer to accept and, surprisingly, during his last interview he got asked very familiar set of questions. He answered each. Then he couldn't resist and asked if the girl works there. The guy confirmed and, without a warning, called her. As if it wasn't awkward enough this is how I was told the conversation went:

- "Joan! You won't guess who I've got here! Your very good friend, Peter! Nope. Yeah, that one - how did you kn... Uh-huh. Oh? Yeah. Are you sure? I mean, I wouldn't. Deal!"

Then he turned out to Peter and said:

- "You know what? I wasn't going to hire you for shit because in my opinion your knowledge on the subject matter, how to put that gently, sucks ass... But apparently Joan here says you're professional and can handle everything we'll be able to throw at you. So when can you start?"

Needless to say he took the job. The fortress fell soon after and he wanted to meet to ask if I'm coming for the bachelor party. I'm ordering t-shirts with "batch mode off" in monospace.

Made this project "Come Fix Me" in a 24hr hackathon. Won the most innovative solution.

An android application for citizens(users) which allows them to register issues on potholes in their area.
Web for report management 

Usage Flow:

User clicks a photo of the pothole and registers a new issue.

The photo gets uploaded on the firebase database along with other information like GPS co-ordinates.

The image is downloaded in the server and served in the pothole detection script.

If pothole is detected an estimated area is calculated, if no pothole is detected user's issue gets rejected.

After successful detection details are uploaded on the web for administrator, these issue are forwarded to govt. officials.

Once the officials claim that they have fixed the pothole, the user gets a notification and they can close their issue if pothole is fixed

Demontration:
https://youtu.be/cN9kijExwyI

Github Link:
https://github.com/globefire/...

I can't believe this company.

They want to stop using Certificates because it bothers the customer.

I had to use https because we were using service workers for a PWA.

I tried explaining we need them for the product to work, and also it's a basic security measure.

They were removing the certificates without my knowledge.

I found out because a colleague wanted a way to disable the service worker and asked me for help.

The manager said your not the boss of the company, it's not your company to make decisions.

Just do what they say, he tried to justify the decision from above, I said ok when was the last time you installed a certificate? he said never.
Ok, then what the fuck are you talking about, its 10 minutes to get a certificate letscrypt HELLO.

This company is very hierarchical 1900 style, I'm the person who does innovation in the organization, that's the most fucked up part, they say no to everything.
OMG, I'm going to quit.

There just asking to get hacked, this is just the tip of the iceberg.

Is this common or are they morons?

##REAL STORY##
Friend: Hey there, I have a Java Exam after one hour and I have a question for you.

Me: Great ! How can I help

F: They will give us a problem and ask us to solve it by writing a Java code.

Me: Okay,

F: That's it.

Me: Good, so were's the question.

F: Come on, of course I want to know how to solve it.

Me: Absolute Silence.

Me: friendsList.removeAll();

I hear my intern yelling at Cortana in the other room. "Cortana, open keyboard!". He repeats this 5+ times. Issue is there is no keyboard connected so he just wants to use the on screen keyboard, and thinks Cortana will open it for him. Issue is the computer isn't hooked up to the Internet, and Cortana does not do that command without the internet.

Just grab a fucking keyboard!!!

A co-worker/friend came in to work this morning and told me how amazing his interview went yesterday and how amazing the company is. He said he won't know if he got the position till Monday after they interview the other guy.

I didn't have the heart to tell him that the other person they are interviewing is me. I think it might get awkward when Monday comes and I'm not at work and he realizes why.

I'm trying to sign up for insurance benefits at work.

Step 1: Trying to find the website link -- it's non-existent. I don't know where I found it, but I saved it in keepassxc so I wouldn't have to search again. Time wasted: 30 minutes.

Step 2: Trying to log in. Ostensibly, this uses my work account. It does not. Time wasted: 10 minutes.

Step 3: Creating an account. Username and Password requirements are stupid, and the page doesn't show all of them. The username must be /[A-Za-z0-9]{8,60}/. The maximum password length is VARCHAR(20), and must include upper/lower case, number, special symbol, etc. and cannot include "password", repeated charcters, your username, etc. There is also a (required!) hint with /[A-Za-z0-9 ]{8,60}/ validation. Want to type a sentence? better not use any punctuation!

I find it hilarious that both my username and password hint can be three times longer than my actual password -- and can contain the password. Such brilliant security.

My typical username is less than 8 characters. All of my typical password formats are >25 characters. Trying to figure out memorable credentials and figuring out the hidden complexity/validation requirements for all of these and the hint... Time wasted: 30 minutes.

Step 4: Post-login. The website, post-login, does not work in firefox. I assumed it was one of my many ad/tracker/header/etc. blockers, and systematically disabled every one of them. After enabling ad and tracker networks, more and more of the site loaded, but it always failed. After disabling bloody everything, the site still refused to work. Why? It was fetching deeply-nested markup, plus styling and javascript, encoded in xml, via api. And that xml wasn't valid xml (missing root element). The failure wasn't due to blocking a vitally-important ad or tracker (as apparently they're all vital and the site chain-loads them off one another before loading content), it's due to shoddy development and lack of testing. Matches the rest of the site perfectly. Anyway, I eventually managed to get the site to load in Safari, of all browsers, on a different computer. Time wasted: 40 minutes.

Step 5: Contact info. After getting the site to work, I clicked the [Enroll] button. "Please allow about 10 minutes to enroll," it says. I'm up to an hour and 50 minutes by now. The first thing it asks for is contact info, such as email, phone, address, etc. It gives me a warning next to phone, saying I'm not set up for notifications yet. I think that's great. I select "change" next to the email, and try to give it my work email. There are two "preferred" radio buttons, one next to "Work email," one next to "Personal email" -- but there is only one textbox. Fine, I select the "Work" preferred button, sign up for a faux-personal tutanota email for work, and type it in. The site complains that I selected "Work" but only entered a personal email. Seriously serious. Out of curiosity, I select the "change" next to the phone number, and see that it gives me four options (home, work, cell, personal?), but only one set of inputs -- next to personal. Yep. That's amazing. Time spent: 10 minutes.

Step 6: Ranting. I started going through the benefits, realized it would take an hour+ to add dependents, research the various options, pick which benefits I want, etc. I'm already up to two hours by now, so instead I decided to stop and rant about how ridiculous this entire thing is. While typing this up, the site (unsurprisingly) automatically logged me out. Fine, I'll just log in again... and get an error saying my credentials are invalid. Okay... I very carefully type them in again. error: invalid credentials. sajfkasdjf.

Step 7 is going to be: Try to figure out how to log in again. Ugh.

"Please allow about 10 minutes" it said. Where's that facepalm emoji?

But like, seriously. How does someone even build a website THIS bad?

Today was fucking awesome!

I always wanted to do a project in C++ since I've been more of a Java guy for years now.
And today, I finally wrote a full console program in C++! (For windows, it's a .exe)

The purpose of that program is to show if a file has a file lock on it (because of copying for example).

It started as simple as that, but got complicated quickly:
- It needs colors! So I added colors.
- Just a single file? Boring. I need wildcards, so I can put a * for anything in the file name! Jup.
- Just one directory? Boring. I need a recursive directory walk! Got it.
- But wait! There has to be an option to switch between recursive and wildcard/single mode! So I checked if the first argument equals "-r"! Hacky but works.
- Oh uh... that spams a lot now! The purpose was to show locked files, so I need another argument to specify that I only want to see locked files! Damn now it get's hard... I need a Linux-like command line argument parser (this -h and -s "hello" stuff). So I took the opportunity to write one myself! Done.
- Refactoring everything to use my new fancy parser...
- Adding more and more arguments, just because I can:
- "-d" hides "access denied" messages
- "-l" shows only locked files
- "-r" activates recursive directory walk
- "-f" formats everything nicely, basically printf("%-150.150s | %s", filename, locked); a maximum width which get's truncated if too long so everything lines up nicely
- "-h" which of course displays the help page
- "-w file" watches a file, if the file is locked it will refresh every 500ms, if it's still locked nothing happens, if it's unlocked, the program prints "unlocked" in green and exits. And yes, it does have a rotating line (something like this: "-" "\" "|" "/" "-" and so forth...)

That project was just awesome to make. I learn languages fastest if I just do a big project in them, and today, I really learned a lot.

Thank you for reading all this!

I extracted a tangled action to its own api, and wrote a test for it.

The test failed.

I added debugging, more debugging, all the debugging. It still fails. But I can at least see why it fails!

It turns out the api finds and updates the wrong user. It finds and updates the wrong user EVEN WHEN THERE ARE NO OTHER USERS.

WHAT THE SALAMI.

Also, the user lookup it uses is extremely roundabout and takes several seconds with ~2 million users. Normally I'd fix the lookup, but it has been in production for several years, and I'm terrified it will break something if I fix it.

Blargherhagrid.

My previous employer still (contractually) owes me $5k. I still have push access to the repo and prod servers. Should I add a reminder to the admin dashboard? (After yet another email reminder, ofc.)

I could also mail him an invoice, since I have his addresses. Then again, it has been about a year since I was supposed to receive it, so maybe I'll just file a lawsuit. 🙄

Should @Root sue her ex-boss?

[Client]
We've noticed we gave you the wrong product prices for our new online shop.

[Dev]
Yeah, just login to the backend and fix them.

[Client]
But we don't want to use your fancy backend, we'll be using anyway soon - we want EXCEL!
Could you send us an EXCEL, so we can fix that?
How much will this cost?

[Dev]
Sure... here you are.
Not that much, takes about an hour.

[Client]
Great, you'll hear from us in a few days.

(a few months later...)

[Client]
We've finally managed to update the EXCEL. And btw, we've also added a bunch of columns with product pictures and new properties, highlighted products to delete red, inserted some comments with manual instructions and basically destroyed the entire data structure of this table.

Before I forget... also make sure to get this finished today, we have to go live ASAP. Our marketing campaign is already live.

[Dev]
Well, I'm sorry to say this, but this is not possible.
I'm currently working on another project and it will take me hours to clean up the data you sent me, before even starting to build an import tool for the new data you provided. Better stop the campaign and I'll do my best to get this done by the end of the week. Also it may be a bit costly.

(angry client calls immediately...)

(dev transfers to manager...)

(client transfers to client's boss...)

[Manager]
Ok Dev, I think I was able to explain it to them. However, it would be great if you spend day and night to get this thing out ASAP.

[Dev]
No problem...
I'll just do it by hand to get this out immediately.

(few days later; nearly done, exhausted)

[Client]
Hey Dev, here's another EXCEL.
We've just noticed there were a bunch of errors in the previous one. Please use this instead...

I'm really down.
I spent 10 years building on an application worth 800K$ revenue per year.

I tried to build a technical team. All left, because of fights with stupid account managers, CEO, business managers.

I was left alone for almost one year alone, working like 60-70 hours per week to keep the things going and adapt to more customers.

And looking for potential partners to outsource things.

Now out of the blue, 3 weeks before my summer holiday, investors introduce me to a "partner" that will rent to us a "developer" for 2 months. from tomorrow.
What the fuck I'm gonna do with him in 2 weeks I don't know.
Actually I understand that this "partner" will take over the whole project.

They used the word "to help me", but actually during the meeting they said to fix things that are not working, and to develop new features because the project is blocked.

Of course there are bugs, I have no developers with me and hundred of features and integrations to maintain. And of course everything is blocked because I have to think hard about priorities.

I feel humiliated in the worst way.
I don't know what will be my future position.
I wasted time contacting potential partners and the answer was always "there are no money".

The business strategist, entered one year ago and said "no more IT investment".

Basically as cofounder and cto (of myself), they will not fire me, if I stay silent. If I accept to be a puppet. And eat, eat eat a lot of shit. I'll grow fat from the shit I'll eat.
I feel I've lost all my hard work, and I'm alone.

Yes I believe you’re Google and I will click that link.
I don’t care that IP from that you sent it to me is from some company in India.
Probably Google outsourced it’s email service there.

But wait why is this link pointing to Chinese website?
Ouch you provided some ip under A dns record so let me nmap it...
So there’s bunch of services you have there.
ftp, ssh, msrpc, netbios-ssn, snpp, microsoft-ds, sun-answerbook ...wait what ?
Let me curl that 8888 port.
Oh you have login / password form and it’s pagoda linux panel.
Wait a second I will read about it maybe some default login / password will work...

Ok so maybe I just make a script to brute force it as you wanted to brute force my computer motherfucker.