AboutHi! I am interested in web development and online security. Also controversial opinion on some things.
Joined devRant on 11/5/2020
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
I have no clue if this has been posted here already. It probably has plenty of times but damn, I've been laughing for the past 10 minutes now and that's rare.
Compiled new linux kernel for my phone today.
All went good.
Except it got really hot and it appears that my sdcard died.
At least now I can tether over bluetooth.8
I used to do audits for private companies with a team. Most of them where black box audits and we were allowed to physically manipulate certain machines in and around the building, as long as we could get to them unnoticed.
Usually when doing such jobs, you get a contract signed by the CEO or the head of security stating that if you're caught, and your actions were within the scope of the audit, no legal action will be taken against you.
There was this one time a company hired us to test their badge system, and our main objective was to scrape the data on the smartcards with a skimmer on the scanner at the front of the building.
It's easy to get to as it's outside and almost everyone has to scan their card there in order to enter the building. They used ISO 7816 cards so we didn't even really need specified tools or hardware.
Now, we get assigned this task. Seems easy enough. We receive the "Stay-out-of-jail"-contract signed by the CEO for Company xyz. We head to the address stated on the contract, place the skimmer etc etc all good.
One of our team gets caught fetching the data from the skimmer a week later (it had to be physically removed). Turns out: wrong Building, wrong company. This was a kind of "building park" (don't really know how to say it in English) where all the buildings looked very similar. The only difference between them was the streetnumber, painted on them in big. They gave us the wrong address.
I still have nightmares about this from time to time. In the end, because the collected data was never used and we could somewhat justify our actions because we had that contract and we had the calls and mails with the CEO of xyz. It never came to a lawsuit. We were, and still are pretty sure though that the CEO of xyz himself was very interesed in the data of that other company and sent us out to the wrong building on purpose.
I don't really know what his plan after that would have been though. We don't just give the data to anyone. We show them how they can protect it better and then we erase everything. They don't actually get to see the data.
I quit doing audits some time ago. It's very stressful and I felt like I either had no spare time at all (when having an active assignment) or had nothing but spare time (when not on an assignment). The pay also wasn't that great.
But some people just really are polished turds.4
People who delete their entire password from the inputfield when they make a typo suck.
People who mumble their password while typing it, like someone who came to the helpdesk today, are braindead and should not ever use a computer.8
Whenever I have my mac crash and corrupt its OS, I just get a backup harddrive and it copies itself FLAWESSLY. I have all my programs, settings, settings in programs and files.
When Windows crashes, and I use the recovery tool, I LOOSE EVERYTHING. The only thing I get to keep are my files, and they most of the time have permission issues after a restore.
Windows is like the toddler that stares out to void of existance and can't do anything but drool on their shirt, while its parents say he's highly gifted.
Fuck me we're able to choose between only a few OS'es that my clients know and allow me to work on but things like this just make me want to go be a chicken farmer or something.25
PHP code that didn't use sanitize, but manually checked if strings contained ' or ". Not even in a function, but manually implemented whenever the person writing that burning dumpsterfire thought it was a good idea to check for that.
Code also didn't report, it just exited without error code. Users would just get a white screen if that spaghetti code "security" system got tripped.
Why is web development such a headache?
I'm writing a responsive wesbite from scratch. All goes perfect, even cross browser.
It all works, adapts to screen size etc. Nice! About to get this code into production.
Me: I'll test the iPhone 5 viewport size before I push the code...
Responsive Developer Tools:
FireFox: nu uh, there's a magic random 1px margin to every element on your page now, which you cannot find in your css or in the computed tab. It's magical.
Me: weird, what if I change the viewport size to the iPhone 6's dimensions?
Me: hmm, what if I add or substract one fucking pixel from the viewport width or height?
FireFox: What 1px margin? Don't know what you're talking about ... There never was one...
Me: ok, weird (sets viewport size back to the iPhone 5 format for testing)
FireFox: I present to you: the magic random 1px margin.
I'm at a loss. I really am. Been clicking and unclicking almost every responsive part of my css I could find for this page and it just doesn't want to work persistently. And I swear to god that it worked a week ago in that exact viewport size. It's so frustrating.32