Abouta geek diggin' deep
SkillsJava dev, Linux/UNIX sysadmin
Joined devRant on 2/26/2018
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
black mirror - bandersnatch. This is some next level shit... I kept postponing watching this on netflix. Just watched it today.
It's so twisted on soooo many levels..
How many times did you watch it?
No spoilers please :)5
Anywhere quiet. And 18C<X<25C.
On my sofa, on my bed, in a car, at the office, in a lobby, ... You name it6
At someone's wedding. Don't know anyone except my wife. She knows noone except for me and the bride.
Already spotted 3 programmers and I can give you my hat to shit into if that particular one of the three doesn't own a macbook. It's all over his face...10
At someone's wedding. Don't know anyone except my wife. She known noone except me and the bride.
It's freaking 35C outside.
Guys, please close all the windows while compiling. Global warming is not a joke18
There was a bug in "Change email" module. When the functionality is called, it sends 2 emails:
1. to a current email w/ a link to 'reject email change'
2. to a new email w/ a link to 'confirm email change'
The flaw was in how these links worked (the clockwork behind them). If one link is clicked, another one is NOT deactivated in the bkend :)
Now the task for you is to figure out why this is wrong :)6
a stored XSS vuln in a banner-like component, visible in ALL the pages in the portal. Anyone can attack anyone.
HOWEVER this was not discovered by 3rd-party security specialists during latest security audit. I have escalated this to my manager and got replied that unless client actively requests this to be fixed should I do anything about it.
FFS.. it's only 2 lines of code.. And there's nothing I can do about it.
Eventualy I was transfered to another project. Now it's not my problem anymore.5
They always say "Stop wasting time".
They always say "Just use the tools we are all using".
They always say "I get it, you're the OSS guy. IDC, go to work now".
They always say "I hope you won't be logging this time on our customer's timesheet".
And they always come back to me "Look, I've heard that tool you've made/found is really cool and efficient, saves lots of trouble and makes us go faster. Can you send it to me via slack? TIA"
I see things that could/should work better and I make them do exactly that. It's my gift. It's my curse.3
My kid has a toy car he can sit on, ride and play some music by pressing a huge button. He loves it! And he loves that music.
I don't mind the music, but I do mind how loud it is. When it's playing it's VERY hard to understand what other people in the same room are saying. Now imagine that car starts playing while you're still asleep....
It can scare the shit out of someone! Not to mention it is annoying af.
So today I dug up my never-used kit of eclectronics compoents and some tools. Spent an hour or so and installed a potentiometer in that car from hell! Now I can alter its volume.
I know it's not much, but I feel as if I were an engineer :) That's a nice feeling. I like it.
Just wanted to share6
tl;dr; analog FTW!
so we've just had a nice game. A few teams internationally gathered together in the aws gameDay. We had aws accounts set up [one per team] and our goal was to maintain our t2.Micros to deal with incoming load. The higher the latency - the less points we get, the more 5xx - the more points we lose. The more infra we have, the more points we pay for it.
So we are quite new in aws, most of us know aws only in theory. And that's the best part!
So at first we had some steady, mild load incoming. But then bursts came up and we went offline. It's obvious we needed an lb w/ autoscaling. Lb was allright, we did set it up and got back online. We also created an autoscaling group and set it up.
Now what we couldn't figure out is how the f* do we make that group scale automatically, as a response to traffic! So we did what every sane person would do - we monitored LB's stats and changed autoscaling group's config manually 😁
needless to say we won the game w/ 23k points. 2nd place had 9k.
That was fun!3
There were two of them, not sure which was completed first. One was malware, the second one -- admin tool.
These were the early XP days
1. A batch [windows] script to ease system users' mgmt. Nothing fancy, just multiple calls to usercontrol. My dad needed it for work, and there, it was born. To extend further I made it into an exe file w/ some icon. I felt very proud of it :)
2. I have already told a story of this one at dR. Anyway, it was also a batch script. Except that it was more advanced. Basicaly it was a trojan. Once executed it discovered all that computer's ip addresses and uploaded them to an ftp. Then - pulled a headless radmin installation and initiated a silent install of radmin server. Added radmin server's executable to autolaunch list so that it would come up after reboots. Once done - uploaded SUCCESS status to my ftp. And then all I had left to do - pick an ip from my ftp and enter it into radmin client's CONNECT window. I had a full controll of over a dozen of pcs2
I'm not very good in remembering numbers. But I have lots to remember: apartment entrance code, maestrocard pin, phone pin, s few pins at work, and so on. So I remember patterns my finger mskes on a numpad instead [if you have played Ingress, you know exactly how it works].
There is a pattern for a bank card. Another one for phone pin, etc.
I've been using this technique for years... It has never failed me. I never could remember my pins, but give me a keypad and I'll enter it right away.
Last week smth happened. I forgot 2 pins from both of my bank cards... Both at the same day. And I did not have them written down anywhere for years...
FUUCCKKKK!! I need to hit smth. Or rant..
So that flaky ec2 issue.. These ec2s act as a shared environment for multiple apps. Our app is one of them. I have no access to those ec2s at all.
What I have access to is my app and some monitoring. Now the app randomly starts lagging while nearly idling. At the same random times monitoring stops completely and doesn't come back up. This happens to random app instances at random times.
Reached out to infra support, managed to get attention from the big boys [mgmt]. Today we got the fix deployed. I test it out -- problem persists.
I find this behaviour somewhat familiar. Managed to get some server stats from infra folks. Apparently cpu% is high as well as load avg [cpu queue]. Bingo! I know how to fix it!
So I write a long comment w/ all the commands and all the 'if that, do this'. Send it to one of the infra technitians
and I get a reply: 'we will apply cpu usage limitations to fix the issue'
wait... Cpu% limitations will do nothing but highlight the underlying problem...
'no, instances have high cpu utilisation which is causing those lags. We will limit cpu resources and it will be fixed'
oh ffs... Cpu utilization and cpu queue are VERY different things.. I tried explaining that to them like 7-9 times. And all I get is:
'yes, cpu utilization is the problem. We will limit it and solve the problem'
I would surely escalate all of this through higher channels if only I could get my hands on those ec2s and have a proof. But that is not happening and I'm forced to sit back and watch them break things even worse until they are out of options and mark my query as 'wont fix'....
Fuck that's frustrating....
*thinking to myself* so I've read about that new vulnerability 2 days ago that allows one to escape from docker container to the host... What if <...>6
I must be a madman.
Trying to log in to appDynamics. enter account name, hit ENTER -- <...>/appdynamics.com/controller/undefined, 404: Page not found.
Go back, do that again -- same result
Go back, ctrl+F5, try again -- same result.
So in the end I did 17 or 19 back-retry attempts in a row and the last one DID log me in.
> Hi xx team, we are getting 500 errors from your api. Here's http request and resp.
< hi, we are calling yy team's api http://yy.Com?/api/yyy and it does not respond in 3 minutes, so we treat this as an esockettimeout. Please reach out to yy team
> hi yy team, can you assist us?
< hi, please provide request, url and response you're getting from us
> yy, all this info is in this very mailtrail
< hi, I cannot see request nor response anywhere
> [screenshot w/ highlighted "http://yy.Com?/api/yyy" and "and it does not respond in 3 minutes". Please read through this email thread, it has all the info
< hi, I need request and response to investigate this issue. Esockettimeout is not our error
<wtf are you smoking???>8
I think I still have a 64MB HDD somewhere on a shelf at my late grandpa's house.
Now they make CPUs with caches of that capacity...
FFS! This CPU cache contains >44 floppy disks! I've never even had that many!!!12
To those who own a huawei
assumind they will remain functioning, just w/o any updates. Do you reckon you'll stay w/ huawei? Or get a new, supported device?
And what if all the google services get cut off later on? How much do you rely on them?18
Now seriously, WHAT THE FUCK???
Every single time I have to work with people from a particular country [you have one guess. Yepp, that's the one], I see A-FUCKING-LOOOOOOT of manual work?!?
"can you reboot the server?"
-"sure, let me help you, sir" <20 minutes later> "done"
"can you unlock my account?"
-"yes, just a moment sir" <20 minutes later> "please check now"
"can you restart this environment w/ 200 instances?"
-"yes sir, let me check" <6 hours later> "please check now"
"you've missed 18 containers"
-"oh okay sir, will restart them now" <2hours later> "please check now"
[I am already OoO]
why is it that every time I have to work with you guys I am the one who is automating shit. How come you never think of/do any automata? You are fucking technitians, you should know how. WHY DO YOU ENJOY CLICKING ALL-DAY-LONG????
I'm serious. Why??? I'm struggling to understand...29
How long should one stay in a new role before... Well.. You know... letting all the rants out off the closet?1
Don't you just love how dR's avatars are all nice and fit? Making us think no developers are overweight thanks to sitting down all the fucking day?16
Here's a life hack for you.
If you're ever in need of a whiteboard for drawing/sketching, grab a few white a4 paper sheets, a roll of transparent duct tape, tape both sheets together side-by-side. Cover both sheets with tape
et voila! You have yourself a portable & foldable whiteboard!
The more sheets you involve, the bigger the whiteboard will be :)
P.S. It's very handy!!11
@netikras since when does proprietary mean bad?
Lemme tell you 3 stories.
- come in to the office
- use internal resources (company newsletter, jira, etc.)
- connect to client's VPN using Cisco AnyConnect
- lose access to my company resources, because AnyConnect overwrites routing table (rather normal for VPN clients)
- issue a route command updating routing table so you could reach confluence page in the intranet
- route command executes successfully, `route -n` shows nothing has changed
- google this whole WTF case
- Cisco AnyConnect constantly overwrites OS routing table to ENFORCE you to use VPN settings and nothing else.
Sooo basically if you want to check your company's email, you have to disconnect from client's VPN, check email and reconnect again. Neat!
Can be easily resolved by using opensource VPN client -- openconnect
- get a server in your company
- connect it to client's VPN and keep the VPN running for data sync. VPN has to be UP at all times
- network glitch [uh-oh]
- VPN is no longer working, AnyConnect still believes everything is peachy. No reconnect attempts.
- service is unable to sync data w/ client's systems. Data gets outdated and eventually corrupted
OpenConnect (OSS alternative to AnyConnect) detects all network glitches, reports them to the log and attempts reconnect immediatelly. Subsequent reconnect attempts getting triggered with longer delays to not to spam network.
SYMANTEC VIP (alleged 2FA?):
- client's portal requires Sym VIP otp code to log in
- open up a browser in your laptop
- navigate to the portal
- enter your credentials
- click on a Sym VIP icon in the systray
- write down the shown otp number
- log in
umm... in what fucking way is that a secure 2FA? Everything is IN the same fucking device, a single click away.
Can be easily solved by opensource alternatives to Sym VIP app: they make HTTP calls to Symantec to register a new token and return you the whole totp url. You can convert that url to a qr code and scan it w/ your phone (e.g. Google's Authenticator). Now you have a true 2FA.
Proprietary is not always bad. There are good propr sw too. But the ones that are core to your BAU and are doing shit -- well these ARE bad. and w/o an oppurtunity to workaround/fix it yourself.19
I'm thinking about starting a blog. Though I have no interest in building it myself, esp. when we already have plenty blogging platforms out there.
What blog platform would you recommend?4
Back in my sysadmin days we had an IT zoo to look after. And I mean it... Linux side was allright, but unix.... Most unices were no longer supported. Some of their vendors' companies were already long gone.
There was a distant corner in our estate known to like 2 people only, both have left the company long ago. And one server in that corner went down. It took 2 days to find any info about the device. And connecting to it looked like:
1 ssh to a jumpbox #1
2 ssh to a jumpbox #2
3 ssh to a dmz jumpbox
4 ssh to an aix workload
5 fire up a vnc server
6 open up a vnc client on my workstation, connect to than vnc server [forgot to mention, all ssh connections had to forward a vnc port to my pc]
7 in vnc viewer, open up a terminal
8 ssh to hp-uxes' jumpbox
9 ssh to the problematic hp-ux
Hey, internet! Does chrome/FF have any plugins enabling any tab to become a monitoring dashboard? I have too many monitoring tools to keep an eye on at the same time... Opening multiple chrome windows and tiling them on the screen is one way, but tile 6 windows and the desktop gets cluttered by taskbars/arrdessbars/other stuff. Doing it all in one tab would save space.
Soo.. anyone knows the right tool for the job? TIA2