AboutSoftware Developer / Angular Enthusiast / Father / Husband / Slightly Overweight
SkillsAngular, Laravel, PHP, JS, CSS
Joined devRant on 10/24/2018
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Just acquired myself a MacPro 3,1
Dual Xeon. 32GB Ram. QuadroFX with 1GB of VRAM.
Just put a 250gb SSD in it and 3 1TB WD Reds.
And I base installed ElementaryOS 5.
For a 10 year old Mac, this thing is fast...
I suppose that’s the Dual Quad core xeons. Even though the Ram is only 800mhz ECC, this thing runs flawlessly.
New Home setup. Now to find myself a pair of Ultrasharps U2515H for it :)
Now to find me a PCIe adapter for an M2 NVME drive.3
Today, I had the greatest pleasure of doing something on my dev-bucketlist.
I actually did the following command
sudo rm -Rf /*
On a live, production server...
Boss told me “destroy the contents of this server, don’t need backups”
It was a dedicated hosted server we’ve had for years and it was no longer needed.19
Where do you do your best debugging?
I was a smoker for 10 years, have been vaping for 5 (2year without any nicotine now) and it’s my happy place. At work, I can take breaks anytime I want, me and the other Dev both vape, so when we’re stuck or we need to theorise something,
I always drop him a “Vape?” Message on slack and meet him outside. We spend 15 mins discussing the code in hand and 9/10 we come up with a solution.
I also had a moment in the shower once, where I was mentally debugging a 4000 (yes 4 thousand) line script to figure out why I was getting the incorrect results.
Never try to debug whilst staring at the screen. Take a break. Visualise code, visualise the problem at a high level.5
Just acquired myself a Dell T420 dual Xeon hex core, 96gb ram, Quadro 4000 and 6 x 2TB WD Reds. And I didn’t actually need a server, so have installed ElementaryOS as my base, 2 x Dell ultra sharp 25in. Now I can run angular shit without node clogging shit up!10
So, a few months ago, I was in a coffee shop doing some work, black hoody on, hood up, headphones in.
When the 2 people in the booth next to me we’re talking really loudly and excited about something. I muted the music but kept the headphones in to listen in on what they were chatting about. Because I couldn’t focus on what I was doing as they were being overly loud.
They’d come to have a discussion about this great new startup business they want to do. They had charts and designs for some shitty product, but we’re being really loud and excited like a 3 year old in a candy store.
I was getting quite frustrated by their overly elaborate discussion as it was meant to be a place to focus. I could see other customers getting annoyed. This is when I heard the best thing, the name of their startup....
Quick check on Nominet, no one owns the domain!!! They were literally in the process of setting up, they’d had logos done, website design, but didn’t buy the domains!
Me being me, and thought ‘this’ll teach em’, I quickly went to 123-reg and purchased the .co.uk, .com and .eu of their business :)
Cost me £20, but serves them right!
Sorry. Not sorry!17
TL:DR Software company is shit
So. Our company hired a software company to build us an online app. A garment designer shop type thing.
2 years later, their lead devs quit and we have to take it as it is... not finished, but they said “it’s perfectly usable, there’s just some angular bugs and UI fixes to do”.
Ok so no problem, fixed the bugs and sorted the UI out, we launched the app. All seems fine for a week or so, then the Project Manager tells me that a certain feature isn’t work as expected, I said no problem, I’ll look into it.
After 3 hours, I stumble across the biggest , most ridiculous thing in the world, something so big, that I was forced to Docker-down the backend immediately without approval.
PM comes screaming into my office literally 3 mins later whilst I’m just triple checking my findings before reporting it.
Basically the app is an Angular front end with a Laravel backend.
So the site has Users, which belong to a team, which can create campaigns, which have products. So you design a teeshirt, give it a url, set your own price and do your own selling blah blah...
The problem is, when anyone visits the site, and adds your product to their basket, in your console, you’re returned all the product JSOn, which isn’t a bad thing, except you’re also given the Campaign that this product belongs too, and the team it belongs to, and its users of that team (email address, address, phone) and any orders for that campaign, with customer data like name address, Stripe ID, last 4 digits of credit card.
Literally every bit of personal information in an unguarded endpoint to be publicly visible even if you went to site.com/api/campaigns
You got all that info, echoed out as JSON on your webpage.... no JWT needed, No authentication.
When I quizzed the company that built it, they were like, “yeah so, we don’t really care anymore, we lost interest in the project”.
What a bunch of cunts...8