AboutNeed regular doses of coffee to prevent buffering.
SkillsNode.js, PHP, Python, Android, Java
Joined devRant on 7/4/2017
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
As a developer, sometimes you hammer away on some useless solo side project for a few weeks. Maybe a small game, a web interface for your home-built storage server, or an app to turn your living room lights on an off.
I often see these posts and graphs here about motivation, about a desire to conceive perfection. You want to create a self-hosted Spotify clone "but better", or you set out to make the best todo app for iOS ever written.
These rants and memes often highlight how you start with this incredible drive, how your code is perfectly clean when you begin. Then it all oscillates between states of panic and surprise, sweat, tears and euphoria, an end in a disillusioned stare at the tangled mess you created, to gather dust forever in some private repository.
Writing a physics engine from scratch was harder than you expected. You needed a lot of ugly code to get your admin panel working in Safari. Some other shiny idea came along, and you decided to bite, even though you feel a burning guilt about the ever growing pile of unfinished failures.
All I want to say is:
No time was lost.
This is how senior developers are born. You strengthen your brain, the calluses on your mind provide you with perseverance to solve problems. Even if (no, *especially* if) you gave up on your project.
Eventually, giving up is good, it's a sign of wisdom an flexibility to focus on the broader domain again.
One of the things I love about failures is how varied they tend to be, how they force you to start seeing overarching patterns.
You don't notice the things you take back from your failures, they slip back sticking to you, undetected.
You get intuitions for strengths and weaknesses in patterns. Whenever you're matching two sparse ordered indexed lists, there's this corner of your brain lighting up on how to do it efficiently. You realize it's not the ORMs which suck, it's the fundamental object-relational impedance mismatch existing in all languages which causes problems, and you feel your fingers tingling whenever you encounter its effects in the future, ready to dive in ever so slightly deeper.
You notice you can suddenly solve completely abstract data problems using the pathfinding logic from your failed game. You realize you can use vector calculations from your physics engine to compare similarities in psychological behavior. You never understood trigonometry in high school, but while building a a deficient robotic Arduino abomination it suddenly started making sense.
You're building intuitions, continuously. These intuitions are grooves which become deeper each time you encounter fundamental patterns. The more variation in environments and topics you expose yourself to, the more permanent these associations become.
Failure is inconsequential, failure even deserves respect, failure builds intuition about patterns. Every single epiphany about similarity in patterns is an incredible victory.
Please, for the love of code...
Start and fail as many projects as you can.30
Let's take a moment to appreciate interested and enthousiastic non-developers who really want to learn a programming language.
I am studying Medical IT at my college and most of my classmates aren't coming from an IT background.
Some of my classmates approach me when they're stuck while coding and I try to teach them as much as possible so they understand what they are doing wrong and how to fix it.
I also show them how they can optimise their code step by step and they love it!
As a classmate told me yesterday:
"It's always so much fun working with you. I come up with a small problem, but I end up learning so much more about programming when solving a problem with you. I appreciate that."
It's a mindset I've learned when I was doing my developer apprenticeship back in the day. One of my colleagues told me: "if they want your help because they need a quick fix, tell them to kiss your ass. If you know they've already tried everything they could and ask you specifically because they want to understand what they are doing wrong, they are future developers with great potential, so go teach them."
May the force be with you, my enthousiastic little non-devs ❤️5
App ratings in a nutshell:
This is by far the best app of the entire store! But it doesn't have X feature so I rated it with 1 star. You will get 5 if X is added!
Everytime I start the app it crashes. I never fucking used the app itself, but just because I'm using an outdated system you only get 1 star. Please fix
I found a bug in the app and I do not tell you where the fuck it is located. Only 1 star for you
Awesome app but please remove ads. This is completely free but I don't want the dev who spent 10 hours a day developing this app to make any form of profit9
Me: *listening to some random semi-obscure track on spotify, liking it, add it to playlist*
Come home, girlfriend playing the same track. "Yeah I've had that in my playlist for two weeks now". Our accounts are not linked in any way, and I only use Spotify on a PC at work, while my girlfriend only uses it at home.
It might just be coincidence, or us having similar tastes.
But the issue is that it's getting more and more difficult to know whether me and my girl are spiritually linked unique snowflake soulmates who are so perfectly in sync with each other, or whether an algorithm suggestively linked us both that song based on scraped location and behavior data.
And whether it matters. Maybe it matters. I don't know yet.
In twenty years maybe humans will be unsure whether it was a wonderful coincidence bordering on cosmic fate that you ran into your new love, or whether Google purposefully drove you towards the same lunch cafe at a specific time because it calculated that she was the perfect candidate to strengthen your susceptibility to advertisements over the coming decade.
Malicious AI will not come into lives bearing guns.
It will not instantly take all of our jobs and enslave us.
It will just know you better than you know yourself, it will know everyone around you better than you know them, and it will play incredible mind games. It will not be designed with malicious intent, just perfectly execute on top of the malicious systems we already have, and even arise as an emergent property within new systems.
It will rarely be clearly visible, but you will increasingly say to yourself: "That's odd, I was just thinking about that". It will detect depression from a smile, physical attraction from a glance, reliability from patterns in your voice and illness from the bloodflow in your cheeks.
It will not just make our cars autonomous, it will make our lives autonomous. It will protect us, decide for us, keep revenues and human satisfaction in a "balanced maximized" state, it will make everything feel easy, slightly abuse us, and when one of us suddenly crashes at 140 mph into depression, debt or addiction it will prove impossible to know whether the humans or the algorithms were at fault.
I'm incredibly afraid and excited about the coming 10 years.13
I just uninstalled vscode and im installing atom. Why does it have to be so hard to uninstall stuff!?9
Freaking genius dev made a system access password @$$Monk3y1
Had to share that with a vendor...on a conference call5
These guys were studying for a Java exam...from PRINTED OUT PHONE PICTURES OF CODE ON THEIR SCREENS31
Interlude (Break Room)
Me (Lead Developer), HR lady (HR)
Enter stage right ME
Me > "Oh hey HR lady, how was your vacation?"
HR lady > "Well, we didn't end up taking the kids to Disneyland after all."
Me > "What? Why not? Come on, I have to hear this!"
HR lady > "Long story short my husband and I are getting a divorce."
Me > "Oh shi-"14
Today I received the best bug report I could've ever asked for..
Received an email from a member of our customer service centre containing a description of the bug they'd found and not only did it contain the steps to reproduce the bug, but a goddamn video of him reproducing the suspected bug!
The greatest feeling when the client decides to take time to make your life that little bit easier24
User: We can not register three users on your website, it allowed us to register only first one
Me: What does it say? Some kind of error? Tell me so I can reproduce.
User: Well it says email address is already taken
- so yeah, they tried to register three users under the same email address.7
I JUST FINISHED MY FIRST NEURAL NETWORK!!!
But first of all, as I know you guys, it's spaghetti code and even I as a newb see places where I used too few-dimensional array or passed useless parameters or simply wrote too many redundant lines of code. I know it. I will make it MUCH better next time. Period.
But OMFG this made me scream from happiness today!! Just these few seemingly random numbers... I'm really done.. That's why I jumped into coding year or two ago..
And for some background, I didn't study any IT school, I'm just highschooler (general grammar school) who traded gaming for learning. Also my maths teacher teached NNs on university and is very keen to teach me, so that's that.
Now I wanna make the best out of it and I'm looking forward to write some well documented and flexible library, parallelized and everything (I'm gonna learn a lot in the process of doing this) better then FANN.
Maybe I'm gonna fail(99% probability but hey, I'm programmer beginner, I still think I can code everything I want). But if there is just one moment like when I saw this screen today, I'mma trade my life for it.
Sorry for taking your time guys, I was just genuinely stunned... A lot24
I dont need no girlfriend. Stack is my bae.
PS: Please inform me if this is a repost but haven't seen this on devrant23
So this happened today.
Client: hey I sent this ticket, what's the status/have you located the issue?
Me: well, it says it quite obviously in the error message...? (i actually said that, toned down afterwards a little)
Client: where's the error message then?
Me: 5th line....? It's literally there in plain english?
Client: ok so what does it mean?
Me:..............? "marked as spam by the receiving server"?!
Client: yeah ok but what does that mean?
Thing to keep in mind: they're a web dev/email solutions company.
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜
Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.
First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.
Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.
Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.
Dealing with attacks and getting hacked.
Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.
linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)
How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!
One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)
Dealing with different kinds of attacks:
Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.
So yah, hereby :P38
I got my wife pregnant despite birth control being used... You could say she *puts on sunglasses* failed the penetration test.
I'll see myself out.14
So I made this simple lamp that shows what is current build status on Jenkins CI.
- Change color depending on Jenkins build status
- Automaticaly turn on/off if user is logged on Hipchat
- Beam effect if somebody makes coffee
- Unicorn effect if food is delivered
- Big red arcade button that can send random message to somebody on Hipchat