Details
-
SkillsA lot
-
LocationHere
-
Website
-
Github
Joined devRant on 5/23/2017
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Christmas lights were blinking randomly IN SECTIONS without any sort of "control brick", just with a plain wall plug and TWO wires coming out of it.
In this house we obey the laws of physics, I immediately called magic on this and started digging. I found out that was like five chains of lights wired in parallel, and every chain contained one special lamp that had a thin plate of some thermal-sensitive material inside. It heats up which makes it go straight, thus breaking its chain until it cools down enough to curl again and make the contacts touch.
Brilliant and really cheap way of making randomly blinking Christmas lights without any kind of controller, with just two wires and some physics. That's what I call "nocode".14 -
Worst of 2020:
Seeing company get stuck in an organizational swamp. Devs tend to be reasonably good at working from home...
Management isn't. Meeting quality has gone down the drain, half of management thinks "if the boss can't see me why work at all?", the other half has constant calls with tiny working groups where nothing is final and everyone is left confused.
I'm convinced: Everything management is afraid of about allowing devs to work from home is based on projection of their own weaknesses.
They're not passionate enough to work without oversight. They might not be introverts, but extroverts are perfectly able to communicate poorly, especially when a few digital hurdles get in the way.
The average developer might actually be more attuned to the intricacies of emotionless text chats, and preventing disruptive elements in video calls.
Also, unless someone physically helps a manager to remove their head from their own ass once in a while, their "gut feelings" about the market and products are actually just amplified bias caused by their endless self-absorbed yelling into the echo chamber that is their stretched out rectum.
Holy motherfucking hell, have I seen some weird projects float by in 2020, pooped out by isolated product managers whose brain clearly has melted when they had to survive without office fruitbaskets and organizational post-it walls.
Yeah let's promote our international character, by giving away travels and hotel bookings, using pictures of happy hugging people in foreign countries... Great promo during a pandemic.
Or let's get "woke" and promote the "colored users" on our platforms, by training ML to categorize people by skin pigment (Apart from how illegal and ethically insane that is on multiple levels, about 85% of our users pick shit like anime characters and memes for their avatar).
Or how about we make a Microsoft Store app, even though the vast majority of our end users are students using cheap Android phones, older iPhones, Macbooks and Chromebooks.
😡
Anyway, now that I have dressed up my Christmas tree with some manager intestines...
Best of 2020:
I got to play through my Steam backlog, work on hobby projects, and watch a lot of YouTube.
All this pandemic insanity has convinced me all the more that I want to work way more in Rust, and publish way more on open source projects.
I became maintainer/collaborator on a bunch of semi-prominent libraries & frameworks, and while no community is perfect, I enjoy my laid-back coffee-fueled debugging on those packages much more than listening to another crack addicted cocksucker in a suit explain their half-assed A/B test idea to me at 9AM.
So, 2021 will be me half-assing through the spaghetti at my official fuckfest of a job so I can keep filling my bank account — and investing way more time and effort into stuff I find truly engaging, into projects with a heart and a soul.6 -
Continuation of the story with Linux Mint 20 Cinnamon on the old Core2 Duo with 2 GB RAM and HDD. The guy has had that PC under Linux for 1.5 months now, had never had Linux before, has no IT background, and is over 70.
Upon visit, I checked how the machine was doing. OK, he had forgotten to apply the updates, so I highlighted paying attention to the red icon in the tray. Launched the updates, all ran through.
Otherwise, he had managed to install Skype all by himself (network effect because of his family...) and had bought a webcam plus a microphone. Linux had just recognised everything without any fuzz. Even his Skype buddies were impressed, he said.
On top of that, he likes how much faster that PC is compared to his much more current Win 10 laptop and actually uses the old Linux PC more than the laptop.
He also enjoys that Linux doesn't do weird things all by itself all the time. That's not his experience with Win 10.13 -
One of the biggest reality checks you will run into when starting your first dev related job - and which they don't teach you about in school - is that a lot of the time will be spent working with other people's code, and rewriting it into "your own" is rarely an option.
You might be super into making things, but not everyone manages to maintain that same spark while taking over a 15 year old project with fundamental issues that have to be triaged "for now" because you need a hotfix on this other specific thing out in prod before lunch.
There are no gods now. They left the company years ago and nobody knows why they used the windows registry as a user repo.3 -
Ok so this is my first rant. I'm 16 years old. Have had some experience with Python and AI and I want to pursue it. But, I'm in class 12 and all my teacher teaches me is how to open a frickin file in python. I mean I have begged her to tach me Django but she's like no no child we only study what's in the syllabus. I mean it's so frustrating17
-
I absolutely hate software to the point where I started converting from sysadmin to becoming more like a dev. That way I could just write my own implementations at will. Easier said than done, that's for sure. And it goes both ways.
I think that in order to be a good dev, you need these skills the most:
- Problem solving skills
- Creativity, you're making stuff
- Logical reasoning
- Connecting the dots
- Reading complex documentation
- Breaking down said documentation
- A strong desire to create order and patterns
- ...
If you don't have the above, you may still be able to become a dev.. but it would be harder for sure, and in some cases acceptance will be lower (seriously, learn to Google!)
One thing I don't think you need in development is mathematics. Sure there's a correlation between it and logic reasoning, but you're not solving big mathematical monsters here. At most you'd probably be dealing with arrays and loops (well.. program logic).
Also, written and spoken English! The language of the internet must be known. If it's not your first language, learn it. All the good (and crucial) documentation out there is in English after all.
One final thing would be security in my opinion, since you're releasing your application to the internet and may even run certain services, and deal with a lot of user data. Making those things secure takes some effort and knowledge on security, but it's so worth it. At the most basic level, it requires a certain mindset: "how would I break this thing I just made?"4 -
Hey everyone,
We have a few pieces of news we're very excited to share with everyone today. Apologies for the long post, but there's a lot to cover!
First, as some of you might have already seen, we just launched the "subscribed" tab in the devRant app on iOS and Android. This feature shows you a feed of the most recent rant posts, likes, and comments from all of the people you subscribe to. This activity feed is updated in real-time (although you have to manually refresh it right now), so you can quickly see the latest activity. Additionally, the feed also shows recommended users (based on your tastes) that you might want to subscribe to. We think both of these aspects of the feed will greatly improve the devRant content discovery experience.
This new feature leads directly into this next announcement. Tim (@trogus) and I just launched a public SaaS API service that powers the features above (and can power many more use-cases across recommendations and activity feeds, with more to come). The service is called Pipeless (https://pipeless.io) and it is currently live (beta), and we encourage everyone to check it out. All feedback is greatly appreciated. It is called Pipeless because it removes the need to create complicated pipelines to power features/algorithms, by instead utilizing the flexibility of graph databases.
Pipeless was born out of the years of experience Tim and I have had working on devRant and from the desire we've seen from the community to have more insight into our technology. One of my favorite (and earliest) devRant memories is from around when we launched, and we instantly had many questions from the community about what tech stack we were using. That interest is what encouraged us to create the "about" page in the app that gives an overview of what technologies we use for devRant.
Since launch, the biggest technology powering devRant has always been our graph database. It's been fun discussing that technology with many of you. Now, we're excited to bring this technology to everyone in the form of a very simple REST API that you can use to quickly build projects that include real-time recommendations and activity feeds. Tim and I are really looking forward to hopefully seeing members of the community make really cool and unique things with the API.
Pipeless has a free plan where you get 75,000 API calls/month and 75,000 items stored. We think this is a solid amount of calls/storage to test out and even build cool projects/features with the API. Additionally, as a thanks for continued support, for devRant++ subscribers who were subscribed before this announcement was posted, we will give some bonus calls/data storage. If you'd like that special bonus, you can just let me know in the comments (as long as your devRant email is the same as Pipeless account email) or feel free to email me (david@hexicallabs.com).
Lastly, and also related, we think Pipeless is going to help us fulfill one of the biggest pieces of feedback we’ve heard from the community. Now, it is going to be our goal to open source the various components of devRant. Although there’s been a few reasons stated in the past for why we haven’t done that, one of the biggest reasons was always the highly proprietary and complicated nature of our backend storage systems. But now, with Pipeless, it will allow us to start moving data there, and then everyone has access to the same system/technology that is powering the devRant backend. The first step for this transition was building the new “subscribed” feed completely on top of Pipeless. We will be following up with more details about this open sourcing effort soon, and we’re very excited for it and we think the community will be too.
Anyway, thank you for reading this and we are really looking forward to everyone’s feedback and seeing what members of the community create with the service. If you’re looking for a very simple way to get started, we have a full sample dataset (1 click to import!) with a tutorial that Tim put together (https://docs.pipeless.io/docs/...) and a full dev portal/documentation (https://docs.pipeless.io).
Let us know if you have any questions and thanks everyone!
- David & Tim (@dfox & @trogus)49 -
A year ago I would have said:
"Because I love solving logic puzzles, there's no greater joy than finding a very simple, elegant translation of a user's requirements into code"
Then 2020 came. I'm SO FUCKING FED UP with coworkers and managers who miss all the required competence to organize and communicate about projects as they are fundamentally incompatible with the concept of working from home.
I'm quite sure I'm the last one to give up at my work.
The company chat has completely died down. I've tried setting up meetings, but even my bosses show up irregularly, confused about why I'm calling them in the middle of their Netflix marathon.
So if you can't beat 'em, join 'em. My answer is now:
"I'm a developer because I get nearly 6 figures, for going through my Steam Library while completely shitfaced at 11AM. When I sober up in the afternoon, I work on some hobby projects. I get to spend 500/m on ordering sandwiches"9 -
Dear external developer dumbass from hell.
We bought your company under the assumption you had a borderline functioning product and/or dev team. Ideally both
For future reference expect "file path" arguments can contain backslashes and perhaps even the '.' character. It ain't that hard. Maybe try using the damn built in path parsing capabilities every halfway decent programming environment has had since before you figured out how to smash your head against the keyboard hard enough for your shitty excuse of a compiler stops arguing and gives in.
I am fixing your shit by completely removing it with one line of code calling the framework and you better not reject this.
This is not a pull request ITS A GOD DAMN PULL COMMAND.
- Is what i would _like_ to say right now... you know if i wouldn't be promptly fired for doing so :p
How's you guys friday going?8 -
!Story
The day I became the 400 pound Chinese hacker 4chan.
I built this front-end solution for a client (but behind a back end login), and we get on the line with some fancy European team who will handle penetration testing for the client as we are nearing dev completion.
They seem... pretty confident in themselves, and pretty disrespectful to the LAMP environment, and make the client worry even though it's behind a login the project is still vulnerable. No idea why the client hired an uppity .NET house to test a LAMP app. I don't even bother asking these questions anymore...
And worse, they insist we allow them to scrape for vulnerabilities BEHIND the server side login. As though a user was already compromised.
So, I know I want to fuck with them. and I sit around and smoke some weed and just let this issue marinate around in my crazy ass brain for a bit. Trying to think of a way I can obfuscate all this localStorage and what it's doing... And then, inspiration strikes.
I know this library for compressing JSON. I only use it when localStorage space gets tight, and this project was only storing a few k to localStorage... so compression was unnecessary, but what the hell. Problem: it would be obvious from exposed source that it was being called.
After a little more thought, I decide to override the addslashes and stripslashes functions and to do the compression/decompression from within those overrides.
I then minify the whole thing and stash it in the minified jquery file.
So, what LOOKS from exposed client side code to be a simple addslashes ends up compressing the JSON before putting it in localStorage. And what LOOKS like a stripslashes decompresses.
Now, the compression does some bit math that frankly is over my head, but the practical result is if you output the data compressed, it looks like mandarin and random characters. As a result, everything that can be seen in dev tools looks like the image.
So we GIVE the penetration team login credentials... they log in and start trying to crack it.
I sit and wait. Grinning as fuck.
Not even an hour goes by and they call an emergency meeting. I can barely contain laughter.
We get my PM and me and then several guys from their team on the line. They share screen and show the dev tools.
"We think you may have been compromised by a Chinese hacker!"
I mute and then die my ass off. Holy shit this is maybe the best thing I've ever done.
My PM, who has seen me use the JSON compression technique before and knows exactly whats up starts telling them about it so they don't freak out. And finally I unmute and manage a, "Guys... I'm standing right here." between gasped laughter.
If only it was more common to use video in these calls because I WISH I could have seen their faces.
Anyway, they calmed their attitude down, we told them how to decompress the localStorage, and then they still didn't find jack shit because i'm a fucking badass and even after we gave them keys to the login and gave them keys to my secret localStorage it only led to AWS Cognito protected async calls.
Anyway, that's the story of how I became a "Chinese hacker" and made a room full of penetration testers look like morons with a (reasonably) simple JS trick.9 -
So I have that custom-made wifi router I've built. And it uses a USB wifi adapter with AC (wifi5) capability - the fastest one I could find in AliExpress.
I set it up a while ago - the internet access works fine, although speeds are somewhat sluggish. But hey, what to expect from a cheapo on Ali! Not to mention it's USB, not a PCIe...
A few days ago I ran a few speedtest.net tests with my actual AC router and the one I've built. Results were so different I wanted to cry :( some pathetic 23Mbps with my custom router :(
This evening I had some time on my hands and finally decided to have an umpteenth look.
nmcli d wifi
this is what caught my eye first. The RATE column listed my custom router as 54Mbps, whereas the actual router had 195Mbps.
I have reviewed the hostapd configuration sooo many times - this time nothing caught my eye as well.
Googling did not give anything obvious as well.
What do we do next? Yes, that's right - enable debug and read the logs.
> VHT (IEEE 802.11ac) with WPA/WPA2 requires CCMP/GCMP to be enabled, disabling VHT capabilities
This is one of the lines at the top of the log. Waaaaiiitttt.. VHT is something I definitely want with ac -- why does it disable that??? Sounds like a configuration fuckup rather than the HW limitation! And config fuckups CAN be fixed!
Turns out, an innocently looking
`wpa_pairwise=TKIP`
change into
`wpa_pairwise=TKIP CCMP`
made a world of a difference!
:wq
!hostapd
connect to the hostapd hotspot and run that iperf3 test again, and... Oh my. Oh boi! My pants fell off -- the speed increased >3x times!
A quick speedtest.net test deems my custom router's download speeds hardly any worse than the speeds obtained using my LInksys!!
The moral of the story: no matter how innocent some configurations look, they might make a huge difference. And RTFL [read the fucking logs]
In the pic -- left - my actual router, right - my custom-built router with a USB wifi adapter. Not too shabby!8 -
Job interview goes really well. Senior Dev 90-100k.
Ok, so for your "test" write up a proposal for a web based bulk email sending system with its own admin panel for building list, tracking emails, and with reporting.
I write up an estimate. Low ball the absolute fuck out of it because I'm trying to get a job. Know a few good libraries I can use to save some time. Figure I can just use sendmail, or PHPMailer, or NodeMailer for the emailing, and DataTables Editor for a simple admin CRUD with reporting. Write the thing up. Tell them they can have it in LAMP or Node.
Come in at 36 hours.
Then these fucking wanks told me they wanted me to actually do the project.
My exact response was:
"I bill $50 an hour, let me know"
They did not let me know.
Young devs, jobless devs, desperate devs. I've seen a fair amount of this. And for the right job I might go as high as maybe 4 - 6 hours of unpaid work for some "programming test". But please be careful. There are those who will try to exploit lack of experience or desperation for free work.16 -
You know what?
Young cocky React devs can suck my old fuckin LAMP and Objective-C balls.
Got a new freelance job and got brought in to triage a React Native iOS/Android app. Lead dev's first comment to me is: "Bro, have you ever used React Native".
To which I had to reply to save my honor publicly, "No, but I have like 8 years with Objective-C and 3 years with Swift, and 3 years with Node, so I maybe I'll still be able help. Sometimes it just helps to have a fresh set of eyes."
"Well, nobody but me can work on this code."
And that, as it turned out was almost true.
After going back and forth with our PM and this dev I finally get his code base.
"Just run "npm install" he says".
Like no fuckin shit junior... lets see if that will actually work.
Node 14... nope whole project dies.
Node 12 LTS... nope whole project dies.
Install all of react native globally because fuck it, try again... still dies.
Node 10 LTS... project installs but still won't run or build complaining about some conflict with React Native libraries and Cocoa pods.
Go back to my PM... "Um, this project won't work on any version of Node newer than about 5 years old... and even if it did it still won't build, and even if it would build it still runs like shit. And even if we fix all of that Apple might still tell us to fuck off because it's React Native.
Spend like a week in npm and node hell just trying to fucking hand install enough dependencies to unfuck this turds project.
All the while the original dev is still trying TO FIX HIS OWN FUCKING CODE while also being a cocky ass the entire time. Now, I can appreciate a cocky dev... I was horrendously cocky in my younger days and have only gotten marginally better with age. But if you're gonna be cocky, you also have to be good at it. And this guy was not.
Lo, we're not done. OG Dev comes down with "Corona Virus"... I put this in quotes because the dude ends up drawing out his "virus" for over 4 months before finally putting us in touch with "another dev team he sometimes uses".
Next, me and my PM get on a MS Teams call with this Indian house. No problems there, I've worked with the Indians before... but... these are guys are not good. They're talking about how they've already built the iOS build... but then I ask them what they did to sort out the ReactNative/Cocoa Pods conflict and they have no idea what I'm talking about.
Why?
Well, one of these suckers sends a link to some repo and I find out why. When he sends the link it exposes his email...
This Indian dude's emails was our-devs-name@gmail.com...
We'd been played.
Company sued the shit out of the OG dev and the Indian company he was selling off his work to.
I rewrote the app in Swift.
So, lets review... the React dev fucked up his own project so bad even he couldn't fix it... had to get a team of Indians to help who also couldn't fix it... was still a dickhead to me when I couldn't fix it... and in the end it was all so broken we had to just do a rewrite.
None of you get npm. None of you get React. None of you get that doing the web the way Mark Zucherberg does it just makes you a choad locked into that ecosystem. None of you can fix your own damn projects when one of the 6,000 dependency developers pushes breaking changes. None of you ever even bother with "npm audit fix" because if security was a concern you'd be using a server side language for fucking server side programming like a grown up.
So, next time a senior dev with 20 years exp. gets brought in to help triage a project that you yourself fucked up... Remember that the new thing you know and think makes you cool? It's not new and it's not cool. It's just JavaScript on the server so you script kiddies never have to learn anything but JavaScript... which makes you inarguably worse programmers.
And, MF, I was literally writing javascript while you were sucking your mommas titties so just chill... this shit ain't new and I've got a dozen of my own Node daemons running right now... difference is?
Mine are still working.34 -
Last rant was about games and graphics cards (admittedly not received too well), time for a rant about game development houses.. especially you EA.
So yesterday a friend of mine showed me in one of our Telegram chats that he'd modified some cheats in an old FPS game by editing these scripts (not Lua for some reason) that the game used as a.. configuration language I guess? He called the result a tank cemetery 🙃
Honestly the game looked a lot like Medal of Honor to stoned me at the time, so I figured, well why not fire up that old nx7010 I had laying around for so long, get a new Debian installation on that and rip the Medal of Honor: Allied Assault war chest that I still had, and play it on one of my more modern laptops? Those CD's are now very old anyway, maybe time to archive those before they rot away.
So I installed Debian on it again, looked up how to rip CD's from the command line, and it seemed that dd could do it - just give /dev/cdrom as the input file, and wherever you want to store your copy as the output file. Brilliant! Except.. uh, yeah. It wasn't that easy. So after checking the CD and finding that it was still pristine, and seeing another CD in that war chest fail just the same, I tried burning and then ripping a copy of Debian onto another CD.. checksummed them and yes, it ripped just fine, bit for bit equal. So what the fuck EA, why is your game such a special snowflake that it's apparently too difficult to even spin up the drive to be copied?
So I looked around on plebbit and found this: https://reddit.com/r/DataHoarder/... - the top comment of that post shattered all my hopes for this disc to be possible to rip. Turns out that DRM schemes intentionally screw up the protocols that make up a functioning disc, and detecting those fuck-ups is part of the actual DRM.
"I also remember some forms of DRM will even include disc mastering errors/physical corruption on the actual disc and use those as a sort of fingerprint for the DRM. The copied ISO has to include them at the exact same place in the ISO as on the IRL disc and the ISO emulator has to emulate the disc drive read errors they cause."
So yeah. Never mind that I already own this goddamn game, and that it's allowed by law to make one copy for personal use, AND that intentionally breaking something is very shady indeed.. apparently I don't really own this game after all. So I went onto the almighty search engines, and instantly found a copy of this game for download. You know EA.. I wanted to play nice. You didn't let me. Still wondering why people do piracy now? Might take your top suits that suggested these fucked up DRM schemes another decade to figure out maybe.. even given the obvious now.
But hey I wouldn't even care that much if the medium these games are stored on wouldn't be so volatile (remember these discs are now close to 20 years old, and data rot sets in after 30 years or so). You company decided to publish these on CD. We've had cartridges in many forms before, those are pretty much indestructible and inherently near impossible to duplicate. And why would you want to? But CD is what you chose because you company were too cheap to go to China, get someone to make some plastic molds and put your board and a memory chip in that. Oh and don't even get me started on the working conditions for game devs.. EA and co, aren't you ashamed of yourselves? No wonder that people hate game development houses so much.
Yay, almost finished downloading that copy of Medal of Honor! Whatever you say EA.. I've done everything I could to do it legally. You are the ones who fucked it up.10 -
Why do big companies hire such loser engineers ??? I mean what the hell man. When you are hiring a fresher to code they should at least know how to apply/write a for loop. I once had a colleague who assigned each array element individually instead of writing a for loop and asked me why I refused to approve his stupid code. What do I reply to this ? It was so dumb, I could not articulate an answer.14
-
Don't waste your time - they said.
Use Spring - the good ol' framework - they said
It's not slow - they said
me: ignores them, builds a custom jetty-based webserver with the same functionality Spring+tomcat can offer (mappings, routings, etc).
My app: boots up completely in <300ms, while Spring tutorials say a hello-world app takes 3+ seconds to spin-up http://websystique.com/spring-boot/...
me: already set for deployment in lambda. I bet I can tune it up even further with lazy-loading if I really have to...
Moral of the story: sometimes bare-bones solution is a better choice: more performant, more extendable, more testable, more lightweight.
That, dear folks, is the classic LESS IS MORE :)12 -
that's quite accurate :) ofc there are exceptions (looking at you two naughty bois, metaspace and off-heap allocations!), but it's true for the most of it :)5
-
A few days ago Aruba Cloud terminated my VPS's without notice (shortly after my previous rant about email spam). The reason behind it is rather mundane - while slightly tipsy I wanted to send some traffic back to those Chinese smtp-shop assholes.
Around half an hour later I found that e1.nixmagic.com had lost its network link. I logged into the admin panel at Aruba and connected to the recovery console. In the kernel log there was a mention of the main network link being unresponsive. Apparently Aruba Cloud's automated systems had cut it off.
Shortly afterwards I got an email about the suspension, requested that I get back to them within 72 hours.. despite the email being from a noreply address. Big brain right there.
Now one server wasn't yet a reason to consider this a major outage. I did have 3 edge nodes, all of which had equal duties and importance in the network. However an hour later I found that Aruba had also shut down the other 2 instances, despite those doing nothing wrong. Another hour later I found my account limited, unable to login to the admin panel. Oh and did I mention that for anything in that admin panel, you have to login to the customer area first? And that the account ID used to login there is more secure than the password? Yeah their password security is that good. Normally my passwords would be 64 random characters.. not there.
So with all my servers now gone, I immediately considered it an emergency. Aruba's employees had already left the office, and wouldn't get back to me until the next day (on-call be damned I guess?). So I had to immediately pull an all-nighter and deploy new servers elsewhere and move my DNS records to those ASAP. For that I chose Hetzner.
Now at Hetzner I was actually very pleasantly surprised at just how clean the interface was, how it puts the project front and center in everything, and just tells you "this is what this is and what it does", nothing else. Despite being a sysadmin myself, I find the hosting part of it insignificant. The project - the application that is to be hosted - that's what's important. Administration of a datacenter on the other hand is background stuff. Aruba's interface is very cluttered, on Hetzner it's super clean. Night and day difference.
Oh and the specs are better for the same price, the password security is actually decent, and the servers are already up despite me not having paid for anything yet. That's incredible if you ask me.. they actually trust a new customer to pay the bills afterwards. How about you Aruba Cloud? Oh yeah.. too much to ask for right. Even the network isn't something you can trust a long-time customer of yours with.
So everything has been set up again now, and there are some things I would like to stress about hosting providers.
You don't own the hardware. While you do have root access, you don't have hardware access at all. Remember that therefore you can't store anything on it that you can't afford to lose, have stolen, or otherwise compromised. This is something I kept in mind when I made my servers. The edge nodes do nothing but reverse proxying the services from my LXC containers at home. Therefore the edge nodes could go down, while the worker nodes still kept running. All that was necessary was a new set of reverse proxies. On the other hand, if e.g. my Gitea server were to be hosted directly on those VPS's, losing that would've been devastating. All my configs, projects, mirrors and shit are hosted there.
Also remember that your hosting provider can terminate you at any time, for any reason. Server redundancy is not enough. If you can afford multiple redundant servers, get them at different hosting providers. I've looked at Aruba Cloud's Terms of Use and this is indeed something they were legally allowed to do. Any reason, any time, no notice. They covered all their bases. Make sure you do too, and hope that you'll never need it.
Oh, right - this is a rant - Aruba Cloud you are a bunch of assholes. Kindly take a 1Gbps DDoS attack up your ass in exchange for that termination without notice, will you?7 -
"There's more to it"
This is something that has been bugging me for a long time now, so <rant>.
Yesterday in one of my chats in Telegram I had a question from someone wanting to make their laptop completely bulletproof privacy respecting, yada yada.. down to the MAC address being randomized. Now I am a networking guy.. or at least I like to think I am.
So I told him, routers must block any MAC addresses from leaking out. So the MAC address is only relevant inside of the network you're in. IPv6 changes this and there is network discovery involved with fandroids and cryphones where WiFi remains turned on as you leave the house (price of convenience amirite?) - but I'll get back to that later.
Now for a laptop MAC address randomization isn't exactly relevant yet I'd say.. at least in something other than Windows where your privacy is right out the window anyway. MAC randomization while Nadella does the whole assfuck, sign me up! /s
So let's assume Linux. No MAC randomization, not necessary, privacy respecting nonetheless. MAC addresses do not leak outside of the network in traditional IPv4 networking. So what would you be worried about inside the network? A hacker inside Starbucks? This is the question I asked him, and argued that if you don't trust the network (and with a public hotspot I personally don't) you shouldn't connect to it in the first place. And since I recall MAC randomization being discussed on the ISC's dhcp-users mailing list a few months ago (http://isc-dhcp-users.2343191.n4.nabble.com/...), I linked that in as well. These are the hardcore networking guys, on the forum of one of the granddaddies of the internet. They make BIND which pretty much everyone uses. It's the de facto standard DNS server out there.
The reply to all of this was simply to the "don't connect to it if you don't trust it" - I guess that's all the privacy nut could argue with. And here we get to the topic of this rant. The almighty rebuttal "there's more to it than that!1! HTTPS doesn't require trust anymore!1!"
... An encrypted connection to a website meaning that you could connect to just about any hostile network. Are you fucking retarded? Ever heard of SSL stripping? Yeah HSTS solves that but only a handful of websites use it and it doesn't scale up properly, since it's pretty much a hardcoded list in web browsers. And you know what? Yes "there's more to it"! There's more to networking than just web browsing. There's 65 THOUSAND ports available on both TCP and UDP, and there you go narrow your understanding of networking to just 2 of them - 80 and 443. Yes there's a lot more to it. But not exactly the kind of thing you're arguing about.
Enjoy your cheap-ass Xiaomeme phone where the "phone" part means phoning home to China, and raging about the Google apps on there. Then try to solve problems that aren't actually problems and pretty vital network components, just because it's an identifier.
</rant>
P.S. I do care a lot about privacy. My web and mail servers for example do not know where my visitors are coming from. All they see is some reverse proxies that they think is the whole internet. So yes I care about my own and others' privacy. But you know.. I'm old-fashioned. I like to solve problems with actual solutions.11 -
Things I learned this month.
1. Do not reference your solution as a hack. As in "I can make a hack to get around that" management actually views the solution as bad. But present the same solution with "I have this idea to get around that" then they love it and think you're great.
2. Management has no idea the difference between ML and if/else statements. If you can mimick ML with if/else then do it. Takes a lot less time and resources.
3. Don't enter a video meeting in just your skivvies, management views this as bad and HR will release a bunch of work-from-home policies in retaliation.
4. When explaining things to management don't try to explain the technical stuff. Is a waste of time and breath. All they really want to know is when you will be done. They don't care the difficulty level of the code involved.
I'm sure next month I'll learn more things.10 -
A box with 20 blotters of LSD, a bottle of Tawny Port, some rock climber's hand strength training clay which is great against RSI, a very undomesticated purring feline, some leatherworking tools (making a new folding case for my phone), 2 sesame bagels with cream cheese, a piece of cherry wood, two routers (one woodworking, one internet), one Ducky Horizon and one ErgoDox keyboard, two boxes of baby wipes and a bottle of formula, an expired ticket to a corona-cancelled concert, my sleeping newborn daughter wrapped in a black hoodie, a bottle of cognac, 3x 1440p displays, a chunk of chocolate, one freshly brewed cortado, a bottle of dimethylsulfoxide, 3 laptops, a TV remote, a glass of water, and one bolt which was left over from an IKEA box but I'm unsure which furniture item it belongs to.4
-
So, I grew up on the US/Mexican border, in a city where saying there's no opportunity is like saying the Titanic suffered a small leak on its maiden voyage. There were two kinds of people in said town: Mexicans trying to find something less shit than juarez and white trash reveling in their own failure. I came from the latter, for whatever that's worth.
I graduated high school when I was almost 16 years old. Parents couldn't really afford to support three kids and pay the rent on the latest in a long line of shit holes we migrated in and out of. If being a serial eviction artist is a thing, my family were savants.
I applied to college and got accepted only to be told by my father that he didn't see the need. Turns out the only reason he'd helped me graduate early was so I could start working and help pay his bills. I said okay, turned around and tossed a bag and my shitty af spare parts computer into the back of the junkyard Vega I generously referred to as a car and moved cross country. Car died on arrival, so I was basically committed.
Pulled shifts at two part times and what kids today call a side hustle to pay for school, couch surfed most of the time. Sleep deprivation was the only constant.
Over the first 4 months I'd tried leveraging some certs and previous experience I'd obtained in high school to get employment, but wasn't having much luck in the bay area. And then I lost my job. The book store having burned down on the same weekend the owner was conveniently looking to buy property in Vegas.
Depression sets in, that wonderful soul crushing variety that comes with what little safety net you had evaporating.
At a certain point, I was basically living out of the campus computer lab, TA friend of mine nice enough to accidentally lock me in on the reg. Got really into online gaming as a means of dealing with my depression. One night, I dropped some code on a UO shard I'd been playing around on. Host was local, saw the code and offered me a job at his firm that paid chump change, but was three times what all my other work did combined and left time for school. Ground there for a few years until I got a position with work study at LBL that conflicted too much for it to remain mutually beneficial. Amicable parting of the ways.
Fucking poverty is what convinced me to code for a living. It's a solid guarantee of never going back to it. And to anyone who preaches the virtues of it and skipping opportunity on grounds of the moral high ground, well, you know.17 -
The way 90% of the population wears their face masks really explains a lot about their approach to using software, apps & websites as well.
I feel like giving up.
I am not a developer for the salary, or just to solve analytical puzzles. Those are motivators, but my main drive is to make the world more comfortable and enjoyable, better optimized, build ethical services which bring happiness into people's lives. I want to improve society, even if it's just a tiny bit.
But if users invest absolutely zero percent of their limited brain capacity into understanding a product that already has a super-clean design and responds with helpful validation messages...
...why the fuck bother.
I used to think of the gap between technology and tech-incompetent people as an optimization problem.
As something which could be fixed by spending a fortune on UX research. Write tests, hire QA employees, decrease tech debt, create a bold but unified & simple design.
But the technologically incompetent just get more entitled with every small thing you simplify.
It's never fucking fool-proof enough.
Why can't I upload a 220MB PDF as profile picture? Why doesn't the app install on my 9 year old Android Froyo phone? Why can't I sign up if my phone number contains a  U+FFFC? Why does this page load so slowly from my rural concrete bunker in East Ukraine? WHY DO I HAVE PNEUMONIA, HOW DID I GET INFECTED EVEN THOUGH I WAS WEARING A MOUTH MASK ON MY FOREHEAD?
This is why I ran away from Frontend, to Backend, to DBA.
If I could remove myself further from the end user, I would.
At least I still have a full glass of tawny port and a huge database which needs to be normalized & migrated.
Fuck humans, I'm going to hug a server.30 -
I work for a big financial company and they're saying i'm going to get a promotion but have to go through an interview process and be compared with external candidates. Basically that a new position will be created and I need to apply for it.
To me it feels like an insult as promotions should be a reward for good work done on the job?
And technically I'm like the most experienced, expert on the team...
Everyone comes to me asking for help or to explain things...24 -
*Me, sittting in a sprint planning meeting*
PM: We are going to start a 2 weeks sprint and everyone is expected to meet the deadlines no matter the cost.
*Scrum master being an intern doesn't still know how to plan the sprint*
Me: we are having a week long holiday due to elections next week and how do you expect to finish within the deadline when office is closed.
PM: we are aware of that, but who is ready to take this as a challenge and be proactive in completing the tasks?
How many of you have faced this situation where the company expects you to work from home and get the tasks done even during the holidays. The company only values their work and not the employees. They want us to work as slaves without valuing us. They expect us to be loyal to the company through work but they aren't ready to be loyal to us through payments.
DONT DEVELOPERS HAVE THEIR HOLIDAYS TO SPEND TIME WITH THEIR LOVED ONES? ARE WE MACHINES?16 -
Around 2 years ago:
Manager: What's the run time complexity on this algorithm for 100 vectors?
Me: Worst case its O(n^2)
Manager: That is unacceptable! Make it better!!
Me: Well *points at block diagram of another component*, this is way more than n^2, should focus on that instead.
Manager: Don't give excuses! N^2 is not acceptable.
It turned out my manager didn't really know about run time complexity and thought of it as how badly the code was written.
This was evident when after refactoring with deletion of 300+ LOC,
Manager: Nice! Now the complexity is low! Good work! 👍
SMH..18 -
Client had a rule that the backup must finish successfully. I saw a bunch of empty backups in the green for the stuff our company was responsible for back then. I saw that the nfs folders got copied over empty as the folders were not mounted. Me: "You ppl do not have your databases backed up." Client :"Sure we do, look at the backup job status. It's all green." Me: "It's also 0MB in size." Client: " Must be good compression."
Me: "That must be it."12