So a few days ago I felt pretty h*ckin professional.

I'm an intern and my job was to get the last 2003 server off the racks (It's a government job, so it's a wonder we only have one 2003 server left). The problem being that the service running on that server cannot just be placed on a new OS. It's some custom engineering document server that was built in 2003 on a 1995 tech stack and it had been abandoned for so long that it was apparently lost to time with no hope of recovery.

"Please redesign the system. Use a modern tech stack. Have at it, she's your project, do as you wish."

Music to my ears.

First challenge is getting the data off the old server. It's a 1995 .mdb file, so the most recent version of Access that would be able to open it is 2010.

Option two: There's an "export" button that literally just vomits all 16,644 records into a tab-delimited text file. Since this option didn't require scavenging up an old version of Access, I wrote a Python script to just read the export file.

And something like 30% of the records were invalid. Why? Well, one of the fields allowed for newline characters. This was an issue because records were separated by newline. So any record with a field containing newline became invalid.

Although, this did not stop me. Not even close. I figured it out and fixed it in about 10 minutes. All records read into the program without issue.

Next for designing the database. My stack is MySQL and NodeJS, which my supervisors approved of. There was a lot of data that looked like it would fit into an integer, but one or two odd records would have something like "1050b" which mean that just a few items prevented me from having as slick of a database design as I wanted. I designed the tables, about 18 columns per record, mostly varchar(64).

Next challenge was putting the exported data into the database. At first I thought of doing it record by record from my python script. Connect to the MySQL server and just iterate over all the data I had. But what I ended up actually doing was generating a .sql file and running that on the server. This took a few tries thanks to a lot of inconsistencies in the data, but eventually, I got all 16k records in the new database and I had never been so happy.

The next two hours were very productive, designing a front end which was very clean. I had just enough time to design a rough prototype that works totally off ajax requests. I want to keep it that way so that other services can contact this data, as it may be useful to have an engineering data API.

Anyways, that was my win story of the week. I was handed a challenge; an old, decaying server full of important data, and despite the hitches one might expect from archaic data, I was able to rescue every byte. I will probably be presenting my prototype to the higher ups in Engineering sometime this week.

Happy Algo!

So, you start with a PHP website.

Nah, no hating on PHP here, this is not about language design or performance or strict type systems...

This is about architecture.

No backend web framework, just "plain PHP".

Well, I can deal with that. As long as there is some consistency, I wouldn't even mind maintaining a PHP4 site with Y2K-era HTML4 and zero Javascript.

That sounds like fucking paradise to me right now. 😍

But no, of course it was updated to PHP7, using Laravel, and a main.js file was created. GREAT.... right? Yes. Sure. Totally cool. Gotta stay with the times. But there's still remnants of that ancient framework-less website underneath. So we enter an era of Laravel + Blade templates, with a little sprinkle of raw imported PHP files here and there.

Fine. Ancient PHP + Laravel + Blade + main.js + bootstrap.css. Whatever. I can still handle this. 🤨

But then the Frontend hipsters swoosh back their shawls, sip from their caramel lattes, and start whining: "We want React! We want SPA! No more BootstrapCSS, we're going to launch our own suite of SASS styles! IT'S BETTER".

OK, so we create REST endpoints, and the little monkeys who spend their time animating spinners to cover up all the XHR fuckups are satisfied. But they only care about the top most visited pages, so we ALSO need to keep our Blade templated HTML. We now have about 200 SPA/REST routes, and about 350 classic PHP/Blade pages.

So we enter the Era of Ancient PHP + Laravel + Blade + main.js + bootstrap.css + hipster.sass + REST + React + SPA 😑

Now the Backend grizzlies wake from their hibernation, growling: We have nearly 25 million lines of PHP! Monoliths are evil! Did you know Netflix uses microservices? If we break everything into tiny chunks of code, all our problems will be solved! Let's use DDD! Let's use messaging pipelines! Let's use caching! Let's use big data! Let's use search indexes!... Good right? Sure. Whatever.

OK, so we enter the Era of Ancient PHP + Laravel + Blade + main.js + bootstrap.css + hipster.sass + REST + React + SPA + Redis + RabbitMQ + Cassandra + Elastic 😫

Our monolith starts pooping out little microservices. Some polished pieces turn into pretty little gems... but the obese monolith keeps swelling as well, while simultaneously pooping out more and more little ugly turds at an ever faster rate.

Management rushes in: "Forget about frontend and microservices! We need a desktop app! We need mobile apps! I read in a magazine that the era of the web is over!"

OK, so we enter the Era of Ancient PHP + Laravel + Blade + main.js + bootstrap.css + hipster.sass + REST + GraphQL + React + SPA + Redis + RabbitMQ + Google pub/sub + Neo4J + Cassandra + Elastic + UWP + Android + iOS 😠

"Do you have a monolith or microservices" -- "Yes"

"Which database do you use" -- "Yes"

"Which API standard do you follow" -- "Yes"

"Do you use a CI/building service?" -- "Yes, 3"

"Which Laravel version do you use?" -- "Nine" -- "What, Laravel 9, that isn't even out yet?" -- "No, nine different versions, depends on the services"

"Besides PHP, do you use any Python, Ruby, NodeJS, C#, Golang, or Java?" -- "Not OR, AND. So that's a yes. And bash. Oh and Perl. Oh... and a bit of LUA I think?"

2% of pages are still served by raw, framework-less PHP.

*casually clicking through aws services*

*discoveres ses (email service)*

*tries it out as email driver in laravel project*

*discoveres you are in sandbox by default, means you can only send emails to yourself*

*reads documentation, says to get out of sandbox request a limit increase with default values*

// 200 per day, max 1 per second

*request what is mentioned*

*while waiting, find threads of people with the most well documented use case requests getting denied*

*pretty sure i will be denied to, thinking of starting to look elsewhere*

// next morning

*opens mail*

# your application is now out of sandbox and can now send 50k emails a day with a max of 14 per second.

Back-end as a service for Real-time applications, based on a multi-layered micro-services stack

My current project at work: purchase verification, aka anti-fraud.

It's been two weeks, and my boss is flipping out because it isn't done. A robust anti-fraud solution. in two weeks. And he thought one week was a little much.

like, fucking really?

There are companies whose entire service is helping combat fraud. and he wants this done in a bloody week?

What makes me laugh through my tears of frustration is that the company that moved into the previous office? Yep, anti-fraud. Their entire business model is providing anti-fraud services to other businesses. They even tried selling him on it when they moved in. Bossman sales guy turned it around and sold my freaking desk out from under me instead.

But like. They're a small company: they had 9 people when they moved in, and were looking to add three more, so a total of 12 people. (I totally considered jumping ship, but their stack was too different.)

So. Bossman wants me to replace 9-12 people and their entire business in a fucking week. Yeah.

"Oh, but it's just sms verification" says he. What he also wants is the ability to flag users as fraudulent, have sticky verifications so they can't bypass them by backing out, have email checks as well as sms, have deferred verification to allow collecting required info (e.g. phone number), verification fallback, lockouts, manual admin whitelisting, admin blacklisting, and different rules per merchant and rule groups for affiliates to apply to all of their merchants, and of course the ability to customize those merchant/affiliate anti-fraud rules. But he shortens this gigantic list to "I want sms verification," despite actually asking for all of the above. I don't want to know about the mental gymnastics and/or blindfolding required to equate the two, but he's nuts.

Yeah.
All of that.
In a goddamn week.

And I get chewed out when it isn't done? Fuck off.

Go build me a goddamn 5m ft^2 castle out of basalt and marble using only your toothbrush and a rusty garden trowel, and have it done in a week. No outsourcing.

talk about ridiculous.

So today our CFO stepped into IT and angrily proclaimed someone using tech@ e-mail and fake name is defrauding company funds buying themselves... "used female lingerie with extra virgin juice" (sic!).

I work for an IPSP, we handle finance for commercial services (think PayPal but smaller). One of our clients is a big platform where girls can sell items like bath water, used socks and more. CFO demanded our admins found out who and when connected to that website, what URLs and so on.

As mentioned, said platform is pretty big, hence, from time to time we help them with their service when they ask us to, that's why we have a tech@ account. Last month there was a minor issue with one of the banks, someone fixed it and, as per usual, made a small payment of €1 topping up the account wallet to make sure everything works. It was an intern whose will to live is still strong and unencumbered with experience so she jokingly wrote "panties juice, extra virgin" in the payment note. What she *didn't know*, however, is that admins on that platform used the very same account to test new billing system they've implemented and our CFO received an invoice.

Today my manager asked me about my research into using RabbitMQ as a backup in case Azure Service Bus ever goes down.

Me: "Good. The way we designed the framework, all we have to do is drop the DLLs into the directory, update the config, and the services will start using RabbitMQ."
Mgr: "Excellent. Probably should be looking into using RabbitMQ as a permanent replacement for Azure"
Me: "What? The whole reason we moved to Azure was to eliminate the problems with having an on prem service bus. Since we've switched, there has been zero downtime."
Mgr: "That's what VP-Joe is afraid of. If Azure ever goes down, he won't know how to explain Azure to the president as to why we're not taking orders or can't ship packages."
Me: "That makes no sense. What did VP-Joe tell the president when a database goes down or a server mis-configuration?"
Mgr: "President understands internal outages, its just the whole 'cloud' thing he doesn't understand."
Me: "Um..then VP-Joe needs to explain it to him?"
Mgr: "The decision has already been made. Are you on board? Lets look at this move as a cost savings."
Me: "You mean the $10 a month? How much hardware will we need to support RabbitMQ?"
Mgr: "Yea, nobody probably thought of that."
Me: "I'm on board with whatever decision, but I'd like a little more than VP-Joe being afraid of the president."
Mgr: "I'm sure its not being afraid."
Me: "..."
Mgr: "OK, lets wait and see if VP-Joe forgets about this and moves on to something new."

!(short rant)

Look I understand online privacy is a concern and we should really be very much aware about what data we are giving to whom. But when does it turn from being aware to just being paranoid and a maniac about it.? I mean okay, I know facebook has access to your data including your whatsapp chat (presumably), google listens to your conversations and snoops on your mail and shit, amazon advertises that you must have their spy system (read alexa) install in your homes and numerous other cases. But in the end it really boils down to "everyone wants your data but who do you trust your data with?"

For me, facebook and the so-called social media sites are a strict no-no but I use whatsapp as my primary chating application. I like to use google for my searches because yaa it gives me more accurate search results as compared to ddg because it has my search history. I use gmail as my primary as well as work email because it is convinient and an adv here and there doesnt bother me. Their spam filters, the easy accessibility options, the storage they offer everything is much more convinient for me. I use linux for my work related stuff (obviously) but I play my games on windows. Alexa and such type of products are again a big no-no for me but I regularly shop from amazon and unless I am searching for some weird ass shit (which if you want to, do it in some incognito mode) I am fine with coming across some advs about things I searched for. Sometimes it reminds me of things I need to buy which I might have put off and later on forgot. I have an amazon prime account because prime video has some good shows in there. My primary web browser is chrome because I simply love its developer tools and I now have gotten used to it. So unless chrome is very much hogging on my ram, in which case I switch over to firefox for some of my tabs, I am okay with using chrome. I have a motorola phone with stock android which means all google apps pre-installed. I use hangouts, google keep, google map(cannot live without it now), heck even google photos, but I also deny certain accesses to apps which I find fishy like if you are a game, you should not have access to my gps. I live in India where we have aadhar cards(like the social securtiy number in the USA) where the government has our fingerprints and all our data because every damn thing now needs to be linked with your aadhar otherwise your service will be terminated. Like your mobile number, your investment policies, your income tax, heck even your marraige certificates need to be linked with your aadhar card. Here, I dont have any option but to give in because somehow "its in the interest of the nation". Not surprisingly, this thing recently came to light where you can get your hands on anyone's aadhar details including their fingerprints for just ₹50($1). Fuck that shit.

tl;dr
There are and should be always exceptions when it comes to privacy because when you give the other person your data, it sometimes makes your life much easier. On the other hand, people/services asking for your data with the sole purpose of infilterating into your private life and not providing any usefulness should just be boycotted. It all boils down to till what extent you wish to share your data(ranging from literally installing a spying device in your house to them knowing that I want to understand how spring security works) and how much do you trust the service with your data. Example being, I just shared most of my private data in this rant with a group of unknown people and I am okay with it, because I know I can trust dev rant with my posts(unlike facebook).

I've been doing programming as a hobby since I was 10 years old, I've always found my teachers are good at IT but not that good in Computer Science and programming, this year a new teacher joined the IT department who has actual experience in programming etc.
Our school uses two services, a rewards system which for some reason can also show our timetable, and another service for displaying our homework. In my spare time I made a project which combined these two services and showed it to him. As the first teacher with actual programming experience he was impressed and now I get to 'pitch' my project to the teachers higher up.

TLDR; It's good to have a good teacher

I'm starting to think customers know when I'm busy and take that moment to break their products.

I JUST WANT TO LET MY LEG SOAK IN EPSOM WATER... your users are going to bed soon, it's a freaking Saturday, and you need to go get laid because you have too much time on your hands. I'm in pain and cannot help you restore service if you don't stay on the line. So please... don't. Fucking. Call me. Unless you're going to stay on the line to test. You're pushing my limits, and if my voice gets any quieter, it means I'm about to find your porn accounts and register you as an amateur, uploading cows fucking to get you banned from all the services. Congratulations sir, you've pissed me off so bad, I'm using my "I'm not mad, I'm just disappointed" voice I learned from my mother. I hope you're happy. I'm so mad I'm not even swearing anymore. I always swear.

Edit: if my voice ever sounds sweet and demure over the phone, someone is about to get fucked with a red hot fireplace poker. This fucker getting close.

!!privacy
!!political

I had a discussion with a coworker earlier.

I owed him for lunch the other day, and he suggested I pay him back either with cash (which I didn't have), Venmo, or just by him lunch the next time (which I ended up doing).

I asked about Venmo, and he said it was like paypal, but always free. that sounded a bit off -- because how are they in business if it's always free? -- so I looked it up, and paid special attention to their privacy policy.

The short of it: they make money by selling your information. That's worth far more than charging users a small fee when sending $5 every few weeks. Sort of what I expected when I heard "always free," but what surprised me is just how much they collect. (In retrospect, I really shouldn't have been surprised at all...)

Here's an incomplete list:
* full name, physical address, email, DoB, SSN (or other government IDs, depending on country)
* Complete contact list (phone numbers, names, photos)
* Browser/device fingerprint
* (optional) Your entire Facebook feed and history
* (optional) all of your Facebook friends' contact info
* Your Twitter feed
* Your FourSquare activity
(The above four ostensibly for "fraud prevention")
* GPS data
* Usage info about the actual service
* Other users' usage info (e.g. mentioning you)
* Financial info (the only thing not shared with third parties)

Like, scary?

And, of course, they share all of this with their parent company, PayPal. (The privacy policy does not specify what PayPal does with it, nor does it provide any links that might describe it, e.g. PayPal's "info-shared-by-third-parties" privacy policy)

So I won't be using Venmo. ever.

I mentioned all of this to my coworker, and he just doesn't understand. at all. He even asks "So what are they going do with that, send me ads? like they already do?"

I told him why I think it's scary. Everything from them freely selling all of your info, to someone being able to look through your entire online life's history, to being able to masquerade around as you, to even reproducing your voice (e.g. voice clips collected by google assistant), to grouping people by political affiliations.

He didn't have much to say about any of them, and actually thought the voice thing was really cool. (All I could think of was would happen if the "news" had that ability....) All of his other responses were "that doesn't bother me at all" and/or "using all of these services is so convenient."

but what really got me was his reaction to the last one.

I said, "If you're part of the NRA, for example, you'd be grouped with Republicans. If they sell all of this information, which they do, and they don't really care who buys it or what they do with it... someone could look through the data and very very easily target those political groups."

His response? "I don't have to worry about that. I'm a Democrat, and have always voted Democrat. I'll tell anyone that."

Like.
That's basically saying every non-democrat is someone you should be wary of and keep an eye on. That's saying Democrats are the norm and everyone else is deviant and/or wrong.

and I couldn't say anything after this because... no matter what I said, it would start a political conflict, and would likely end with me being fired (since the owner is also a democrat, and they're very buddy-buddy). "What if they target democrats?" -> "They already do!" or "What if democrats use it against others?" -> "They deserve it for being violent and racist, but we never would" (except, you know, that IRS/tea-party incident for example...)

But like, this is coming from someone who firmly believes conservatives are responsible for all of the violence and looting and rioting and mass shootings in the country. ... even when every single instance has been by committed by democrats. every. single. one.

Just...
jfl;askjfasflkj.

He doesn't understand the need for privacy, and his world view is just... he actually thinks everyone with different beliefs is wrong and dangerous.

I don't even know how to deal with people like this. and with how prevalent this mindset is... coupled with the aforementioned privacy concerns... it's honestly *terrifying.*

I'd love to finish a few projects I'm currently working on:

- An add-on which gives a middle finger to websites which use services/products ran by companies which are known to be integrated within the biggest mass surveillance system ever created (US powered). Not because just fuck those websites but because I think (@PonySlaystation came up with this idea) that its only fair that people get to know which websites 'sell them out'. Oh and "but not everyone cares about that" - you don't HAVE to install the addon.
(will be open sourced)

- Notes service with a fun thing.

- PHP based server/website/whateverthefuckyouwant monitoring system which is pretty much module based and works with json files as configuration. (kinda works but still loads of bugs to solve and gotta improve the module system a lot).
(will be open sourced)

- PHP based pihole alternative which suits my needs (will be open sourced)

- Forgot one 😅

Sorry for being late, stuffs came inbetween!

I have done a few privacy rants/posts before but why not another one. @tahnik did one a few days ago so I thought I'd do a new one myself based on his rant.

So, online privacy. Some people say it's entirely dead, that's bullshit. It's up to an individual, though, how far they want to go as for protecting it.

I personally want to retain as much control over my data as possible (this seems to be a weird thing these days for unknown reasons...). That's why I spend quite some time/effort to take precautions, read myself into how to protect my data more and so on.

'Everyone should have the choice of what services they use' - fully agreed, no doubt about that.

I just find one thing problematic. Some services/companies handle data in a way or have certain business models which takes the control which some people want/have over their data away when you communicate with someone using that service.

Some people (like me) don't want anything to do with google but even when I want to email my best fucking friend, I lose the control over that email data since he uses gmail.

So, when someone chooses to use gmail and I *HAVE* to email them, my choice is gone.

TO BE VERY CLEAR: I'm not blaming that on the users, I'm blaming that on the company/service.

Then for example, google analytics. It's a very good/powerful when you're solely looking at its functions.
I just don't want to be part of their data collection as I don't want to get any data into the google engine.

There's a solution for that: installing an addon in order to opt out.

I'm sorry, WHAT?! --> I <-- have to install an addon in order to opt out of something that is happening on my own motherfucking computer?! What the actual fuck, I don't call that a fucking solution. I'll use Privacy Badger + hosts files to block that instead.

Google vs 'privacy' friendly search engines - I don't trust DDG completely because their backend is closed/not available to the public but I'd rather use them then a search engine which is known to be integrated into PRISM/other surveillance engines by default.

I don't mind the existence of certain services, as long as they don't integrated you with data hungry companies/mass surveillance without you even using their services.

Now lets see how fast the comment section explodes!

Question regarding implementing two factor authentication.

I want to implement 2FA for at least one service I'm writing but I'm wondering, next to email, what services/implementations could I use?

I know that email isn't the best when it comes to security but I also don't want to force (a-technical) users to install an app specifically for 2FA so keeping email as an option as well.

But except for email, any ideas? Anything related to Google/facebook (prism integrated services) are a no go anyways (this has, as mentioned before, nothing to do with my ego or giving myself 'a pat on the back')

As for costs, I don't mind a little bit of money but the service will be free at first and I'm not rich :)

Looking forward to the comments!

So a friend called me over to his newly opened company. He just started, along with two other partners, so 3 of them on the management structure. It started as a service-oriented company, not single-product based company. Strategically, over the course of 4 years, these two other bosses kicked my friend out. I followed. All the people in the company eventually followed. Now we are about to start selling our services to them for around double the fee. #justice

Indian web dev companies suck ( for developers )

when I finished 3 year grad program in computer application here in my country (India), I thought life's gonna be fun working as a developer. Oh boy, I was so wrong.

I started out working for a small service based IT company, followed by 2 more. I realized really quickly that they're nothing short of a scam. If your company's only agenda to somehow survive in the market and showing no signs of growth in 8 fucking years, then I'm sorry you're working for scamsters.

Now I'm not saying that all of them are alike. But most of them sorta are.

They don't give a shit about quality, not one bit. Quality means no money in the short run. And they haven't been able to develop any strategy to deal with that. Hence, no growth.

They promise 100 things on their website but only provide shitty services in 10.

There is no pair programming, no code review, no code quality check, no architect, no database designer. They won't give you extra time to write test cases. They use git as a storage device.

They don't put their developers (especially the ones who are learning) under any sort of managed development framework to ensure smooth work.

At the end of the day, their main objective is to somehow NOT deliver a project but finish a milestone and make money out of it.

After cashing out for a milestone, they want you to put your current project on hold and start working on a new project until you have like 10-15 projects in the pipeline and you're severely overwhelmed and you just wanna fucking QUIT.

They would say YES to literally every fucking thing, only to disappoint the client later.

I can't believe someone in the US, or UK thought it'd be a good idea to approach these companies
for their brand new app ideas. They're so fucked.

They're rarely finishing any project.

I'm sorry if I hurt your feelings. I had to get it out of my system.

--- iOS-Jailbreak-AppStore "Cydia" shuts down ---

This Friday, Jay Freeman, the maintainer of the iOS-Jailbreak-AppStore "Cydia", announced that he will shut-down his services.
"Cydia" is a app store for people that jailbreaked their iPhones and allows them to buy and download apps. Apple's AppStore doesn't allow jailbreaked apps, that's the reason it was created in 2009.

Jay Freeman, also known as "Saurik", explained that he wanted to shut down the service at the end of 2018 anyways.
Now, a recent security issue, threatening the data of all users, caused that the store no longer existed with immediate effect.
In addition to the security issue, "Cydia" was said to be no more profitable.
To calm you breakers down: Previous purchases can still be downloaded!

The software itself will continue to exist, but without a back-end for payments and stuff like that. Users are still able to do payments through third-party repositories, which already happened anyway, so that lowers the impact of the shut-down.

Just like "Cydia", other services are shutting down too.
One of the three big Cydia-repositories, ModMyi, said they wont allow any new apps and archived all existing ones.
ZodTTD and MacCiti will also be discontinued.
"Bigboss" is the only repository remaining.

Jailbreaks just lost their popularity over the last years. There's still no jailbreak for iOS 11! This shows that Apple is getting better and better at preventing jailbreaks.
On the other hand, it shows that the need for jailbreaks is not quite as high anymore and therefore the developers don't spend too much energy for breaking up iOS anymore.

Did you use Cydia, or any of the other services? Write us in the comments!

Thanks for reading!

I've found and fixed any kind of "bad bug" I can think of over my career from allowing negative financial transfers to weird platform specific behaviour, here are a few of the more interesting ones that come to mind...

#1 - Most expensive lesson learned

Almost 10 years ago (while learning to code) I wrote a loyalty card system that ended up going national. Fast forward 2 years and by some miracle the system still worked and had services running on 500+ POS servers in large retail stores uploading thousands of transactions each second - due to this increased traffic to stay ahead of any trouble we decided to add a loadbalancer to our backend.

This was simply a matter of re-assigning the IP and would cause 10-15 minutes of downtime (for the first time ever), we made the switch and everything seemed perfect. Too perfect...

After 10 minutes every phone in the office started going beserk - calls where coming in about store servers irreparably crashing all over the country taking all the tills offline and forcing them to close doors midday. It was bad and we couldn't conceive how it could possibly be us or our software to blame.

Turns out we made the local service write any web service errors to a log file upon failure for debugging purposes before retrying - a perfectly sensible thing to do if I hadn't forgotten to check the size of or clear the log file. In about 15 minutes of downtime each stores error log proceeded to grow and consume every available byte of HD space before crashing windows.

#2 - Hardest to find

This was a true "Nessie" bug.. We had a single codebase powering a few hundred sites. Every now and then at some point the web server would spontaneously die and vommit a bunch of sql statements and sensitive data back to the user causing huge concern but I could never remotely replicate the behaviour - until 4 years later it happened to one of our support staff and I could pull out their network & session info.

Turns out years back when the server was first setup each domain was added as an individual "Site" on IIS but shared the same root directory and hence the same session path. It would have remained unnoticed if we had not grown but as our traffic increased ever so often 2 users of different sites would end up sharing a session id causing the server to promptly implode on itself.

#3 - Most elegant fix

Same bastard IIS server as #2. Codebase was the most unsecure unstable travesty I've ever worked with - sql injection vuns in EVERY URL, sql statements stored in COOKIES... this thing was irreparably fucked up but had to stay online until it could be replaced. Basically every other day it got hit by bots ended up sending bluepill spam or mining shitcoin and I would simply delete the instance and recreate it in a semi un-compromised state which was an acceptable solution for the business for uptime... until we we're DDOS'ed for 5 days straight.

My hands were tied and there was no way to mitigate it except for stopping individual sites as they came under attack and starting them after it subsided... (for some reason they seemed to be targeting by domain instead of ip). After 3 days of doing this manually I was given the go ahead to use any resources necessary to make it stop and especially since it was IIS6 I had no fucking clue where to start.

So I stuck to what I knew and deployed a $5 vm running an Nginx reverse proxy with heavy caching and rate limiting linked to a custom fail2ban plugin in in front of the insecure server. The attacks died instantly, the server sped up 10x and was never compromised by bots again (presumably since they got back a linux user agent). To this day I marvel at this miracle $5 fix.

Yes I believe you’re Google and I will click that link.
I don’t care that IP from that you sent it to me is from some company in India.
Probably Google outsourced it’s email service there.

But wait why is this link pointing to Chinese website?
Ouch you provided some ip under A dns record so let me nmap it...
So there’s bunch of services you have there.
ftp, ssh, msrpc, netbios-ssn, snpp, microsoft-ds, sun-answerbook ...wait what ?
Let me curl that 8888 port.
Oh you have login / password form and it’s pagoda linux panel.
Wait a second I will read about it maybe some default login / password will work...

Ok so maybe I just make a script to brute force it as you wanted to brute force my computer motherfucker.

Was explaining a technical concept at a "family" dinner. Suddenly stepmother wanted my help for something technical.

Stepmother: Say Awlex, could you help me install some software I recently bought?

Me: (Not this shit again) I even don't know what software you're talking about. How is the software called, what does it do?
Sm: it's calles digital... *long pause*
Me: (I don't like where this is going)
Sm: software... *another long pause*
Me: (fuck me harder than that lightly clothed woman outside)
Sm: something... *long pause*
Me: (alright brain, which way out of here doesn't involves me creating a bullet hole in either one of us?)
Sm: And you can use it to sell something...
Me: (tf do you event sell?!)
Sm: but not like ebay
Me: (what is it then? A platform for selling services? I don't even know what kind of software you'd have to install, given that most of these platforms are be web applications, whcih makes sense for selling stuff on the internet)
Sm: Anyway, could you help me install it? It would take me hours to get into it.
Me: (You think just installing would solve it? As soon as I install it, you probably expect me to be your walking manual as well, don't you?) Look, I'm gonna be honest with you, since I started working I don't have nearly as much free time as I used to have (Not everybody works when they feel like it, you know that?) I get home at around almost 7pm (most of the time) and don't really wanna work afterwards. Most of the time there's a support service from the people who made this software and they would be glad to help you. (Sorry support team, for pushing this bundle of incompetence onto you, but I guess she didn't even listen to my advice).

After that she didn't back down and still wanted my help. Then my grandmother derailed the conversation and got me out of this. When I thanked her later she yold me that she saw I saw uncomfortable and wanted to help. I love my grandmother.

So I am not going to be your "family" tech support. You b(r)ought this onto yourself. Are more than twice my age and still can't use your brain to solve problems like these on your own and you can even less reason abiut your motives and desires when asking for help. I am sick of you and shutty opinions about people, just because I work as a software engineer doesn't mean I'm exist solely for satisfying your unreasonable desires.

Stop offending me and my profession and get yourself some common sense.
Protip #0: Give me one fucking reason to help you, because you're not family enough and your personality really doesn't bring forth any emotion but annoyance

I have a Windows machine sitting behind the TV, hooked to two controllers, set up as basically a console for the big TV. It doesn't get a lot of use, and mostly just churns out folding@home work units lately. It's connected by ethernet via a wired connection, and it has a local static IP for the sake of simplicity.

In January, Windows Update started throwing a nonspecific error and failing. After a couple weeks I decided to look up the error, and all the recommendations I found online said to make sure several critical services were running. I did, but it appeared to make no difference.

Yesterday, I finally engaged MS support. Priyank remoted into my machine and attempted all the steps I had already tried. I just let him go, so he could get through his checklist and get to the resolution steps. Well, his checklist began and ended with those steps, and he started rather insistently telling me that I had to reinstall, and that he had to do it for me. I told him no thank you, "I know how to reinstall windows, and I'll do it when I'm ready."

In his investigation though, I did notice that he opened MS Edge and tried to load Bing to search for something. But Edge had no connection. No pages would load. I didn't take any special notice of it at the time though, because of the argument I was having with him about reinstalling. And it was no great loss to me that Edge wasn't working, because that was literally the first time it'd ever been launched on that computer.

We got off the phone and I gave him top marks in the CS survey that was sent, as it appeared there was nothing he could do. It wasn't until a couple hours later that I remembered the connectivity problem. I went back and checked again. Edge couldn't load anything. Firefox, the ping command, Steam, Vivaldi, parsec and RDP all worked fine. The Windows Store couldn't connect either. That was when it occurred to me that its was likely that Windows Update was just unable to reach the internet.

As I have no problem whatsoever with MS services being unable to call home, I began trying to set up an on-demand proxy for use when I want to update, and I noticed that when I fill out the proxy details in Internet Options, or in Windows 10's more windows10-ish UI for a system proxy, the "save" button didn't respond to clicks. So I looked that problem up, and saw that it depends on a service called WinHttpAutoProxySvc, which I found itself depends on something called IP Helper, which led me to the root cause of all my issues: IP Helper now depends on the DHCP Client service, which I have explicitly disabled on non-wifi Windows installs since the '90s.

Just to see, I re-enabled DHCP Client, and boom! Everything came back on. Edge, the MS Store, and Windows Update all worked. So I updated, went through a couple reboots-- because that's the name of the game with windows update --and had a fully updated machine.

It occurred to me then that this is probably how MS sends all its spy data too, and since the things I actually use work just fine, I disabled DHCP Client again. I figure that's easier than navigating an intentionally annoying menu tree of privacy options that changes and resets with every major update.

But holy shit, microsoft! How can you hinge the entire system's OS connectivity on something that not everybody uses?

<just got out of this meeting>
Mgr: “Can we log the messages coming from the services?”
Me: “Absolutely, but it could be a lot of network traffic and create a lot of noise. I’m not sure if our current logging infrastructure is the right fit for this.”
Senior Dev: “We could use Log4Net. That will take care of the logging.”
Mgr: “Log4Net?…Yea…I’ve heard of it…Great, make it happen.”
Me: “Um…Log4Net is just the client library, I’m talking about the back-end, where the data is logged. For this issue, we want to make sure the data we’re logging is as concise as possible. We don’t want to cause a bottleneck inside the service logging informational messages.”
Mgr: “Oh, no, absolutely not, but I don’t know the right answer, which is why I’ll let you two figure it out.”
Senior Dev: “Log4Net will take care of any threading issues we have with logging. It’ll work.”
Me: “Um..I’m sure…but we need to figure out what we need to log before we decide how we’re logging it.”
Senior Dev: “Yea, but if we log to SQL database, it will scale just fine.”
Mgr: “A SQL database? For logging? That seems excessive.”
Senior Dev: “No, not really. Log4Net takes care of all the details.”
Me: “That’s not going to happen. We’re not going to set up an entire sql database infrastructure to log data.”
Senior Dev: “Yea…probably right. We could use ElasticSearch or even Redis. Those are lightweight.”
Mgr: “Oh..yea…I’ve heard good things about Redis.”
Senior Dev: “Yea, and it runs on Linux and Linux is free.”
Mgr: “I like free, but I’m late for another meeting…you guys figure it out and let me know.”
<mgr leaves>
Me: “So..Linux…um…know anything about administrating Redis on Linux?”
Senior Dev: ”Oh no…not a clue.”

It was all I could do from doing physical harm to another human being.
I really hate people playing buzzword bingo with projects I’m responsible for.

Only good piece is he’s not changing any of the code.

*Working on a project with boss, I am working on a mobile app, he is working on web service app.

Me: this service takes user id as parameter to get all account details (all other web services are like that)

Boss: yes, I use the id to filter the data.

Me: but by this, everyone has the id can do anything ! why we do not use session token?

Boss: this is a detail, it is not important !

Me:...

*7 years of experience my ass

Got pretty peeved with EU and my own bank today.

My bank was loudly advertising how "progressive" they were by having an Open API!

Well, it just so happened I got an inkling to write me a small app that would make statistics of the payments going in and out of my account, without relying on anything third-party. It should be possible, right? Right?

Wrong...

The bank's "Open API" can be used to fetch the locations of all the physical locations of the bank branches and ATMs, so, completely useless for me.

The API I was after was one apparently made obligatory (don't quote me on that) by EU called the PSD2 - Payment Services Directive 2.

It defines three independent APIs - AISP, CISP and PISP, each for a different set of actions one could perform.

I was only after AISP, or the Account Information Service Provider. It provides all the account and transactions information.

There was only one issue. I needed a client SSL certificate signed by a specific local CA to prove my identity to the API.

Okay, I could get that, it would cost like.. $15 - $50, but whatever. Cheap.

First issue - These certificates for the PSD2 are only issued to legal entities.

That was my first source of hate for politicians.

Then... As a cherry on top, I found out I'd also need a certification from the local capital bank which, you guessed it, is also only given to legal entities, while also being incredibly hard to get in and of itself, and so far, only one company in my country got it.

So here I am, reading through the documentation of something, that would completely satisfy all my needs, yet that is locked behind a stupid legal wall because politicians and laws gotta keep the technology back. And I can't help but seethe in anger towards both, the EU that made this regulation, and the fact that the bank even mentions this API anywhere.

Seriously, if 99.9% of programmers would never ever get access to that API, why bother mentioning it on your public main API page?!

It... It made me sad more than anything...

Most ignorant ask from a PM or client?

Migrated to SharePoint 2016 which included Reporting Services, and trying to fix a bug in the reporting services scheduler, I created a report (aka, copied an existing one) 'A Klingon Walks Into a Bar', so it would first in the list and distinct enough so the QA testers would (hopefully) leave it alone.

The PM for the project calls me.
PM: "What is this Klingon report? It looks like a copy of the daily inventory report"
Me: "It is. The reporting service job keeps crashing on certain reports that have daily execution schedules."
PM: "I need you to delete it"
Me: "What? Why? The report is on the dev sharepoint site. I named the report so it was unique and be at the top of the list so I can find it easily."
PM: "The name doesn't conform to our standards and it's confusing the testers."
Me: "The testers? You mean Dan, you, and Heather?"
PM: "Yes, smartass. Can you name the report something like daily inventory report 2, or something else?"
Me: "I could, but since this is in development, no. You've already proofed out the upgrade. You're waiting on me to fix this sharepoint bug. Why do you care what I do on this server? It's going away after the upgrade."
PM: "Yea, about that. We like having the server. It gives us a place to test reports. Would really appreciate it if you would rename or delete that report."
Me: "A test sharepoint reporting services server out of scope, so no, we're not keeping it."
PM: "Having a server just for us would be nice."
Me: "$10,000 nice? We're kinda fudging on the licensing now. If we're keeping it, we will be required to be in compliance. That's a server license, sharepoint license, sql server license, and the dedicated hardware. We talked about that, remember?"
PM: "Why is keeping that report so important to you? I don't want to explain to a VP what a Klingon is."
Me: "I'm not keeping the report or moving it to production. When I figure out the problem, I'll delete the report. OK?"
PM: "I would prefer you delete the report before a VP sees it."
Me: "Why would a VP be looking? They probably have better things to do."
PM: "Jeff wants to see our progress, I'll have to him the site, and he'll see the report."
Me: "OK? You tell Jeff it's a report I'm working on, I'll explain what a Klingon is, Jeff will call me a nerd, and we all move on."
PM: "I'm not comfortable with this upgrade."
Me: "What does that mean?"
PM: "I asked for something simple and I can't be responsible for the consequences. I'll be documenting this situation as a 'no-go' for deployment"
Me: "Oookaayyy?"

I figured out the bug, deleted the 'Klingon' report, and the PM couldn't do anything to delay the deployment.

There is a company providing a very speciffic service. And it has a core application for that svc, supported by a core app team.
That company also has other services, which are derivations of the core one. So every svc depends on core.

Now that we're clear on that... I was working in a team of one of the subservices. We very strongly depended on core. In fact, our svc was useless if integration w/ core broke down.

The core team had an annoying habbit. They refused to version their webservices and they LOVED to push api updates w/o any warnings. Our prod, test, other envs used to fail bcz of core api changes quite often. Mgmt, IT head was aware of the problem and customers' complaints as well.

So as a result, once core api changes we're all in a panic mode: all prior priorities are lowered and revival of prod is to be our main focus. Core api is not docummented, the changes are not clear, so we have to reverse engineer the shit out of it. We manage to patch our prod up w/ hotfixes, but now we have tech debt. While working on the debt, core api changed again, in test env. Mgmt pushes debt back and reallocates us to hotfix test. Hotfix is 80% done when another core api breaks. Now mgmt asks us to drop wtv we're working on and fix that new break. By the time we're to deploy the hotfix, another api breaks in another env. The mgmt..... You get the picture :)

2 years go by, nothing has changed so far.

-GDPR
-News letter
-Ads blocker blocker
-Ads popup insite
-Ads popin in video
-Ads popin podcast
-Ads in mail
-Ads in software
-Ads in any android application
-Ads in windows
-Ads in ads
-Auto scrolling
-Slideshow
-Scroll position reset on back button
-Aria-label aria-labelledby aria-role aria-aria of game of thrones
-Order in dom for a11y different of the display order -Button :hover, :focus-visible, :focus-within :fuck-this
- SVG abandoned ware
- I make you a illustrators X version that not work with yours, i use figma. I use affinity, i use akira. I use photoshop, i use word. I use powerpoint, i use publisher, i use paint, i use all Asss (application as a service) on the web and to see what i make you need to pay you an account
-We all make frontend backend... No linter or something... Why we have always 848274 change in git ....
We not host anymore we use 62616 different cloud services to try all the fucking company everywhere
-Make a Drupal CMS to a client that's are to idiots to use it and call you each time they have something to modify

And goes on

Web tooday is fucking crap shit
People realize that you cannot make money anymore with informative website. Then everybody try to squish people at the last drop... Because of selfishness.

I recently started my professional journey as a developer and I stumbled upon a very strange git repo configuration..

Background: The projects consist on a web app and a lot of backend services in C# (1 service on each project).

The project manager decided to configure the the git repo as a single repo with all of the different projects for the services and the project of the webapp. All in one. Everytime you update something the merge results absurd and this happened…

On the game front, I see so much conflicting advice. "Start getting feedback" as soon as possible. "Donnt soft launch on steam! The algol will wreck you.", "soft launch on itch to get feedback", "dont soft launch on itch!"

"Start marketing today", "focus on influencers", "get to know communities *before* you advertise", "dont get to know communities beforehand if you're just planning on self prompting", "dont self promote".
"CPM is important.", "CPA is important". Etc.

Sounds a lot like "have a bunch of money upfront." The solution is just to succeed from the start! It's so obvious. Just invent the next gta. The next facebook. Get a small loan of 50,000 dollars, or a million. Donate for a year to other kickstarter projects so people will know you and reciprocate! But also dont ebeg!

How about no. How about fuck all this advice by silver spoon assholes that didnt have to work on shoestring budgets. The advice is the equivalent of having a 300 page tonedeaf book, every page blank except page 150, where the words "fuck you. I got mine." Are printed in times new Roman, 14pt font, neatly in the center of the page.

The truth is most of the "indies" already made it in the software industry proper, before switching over. $5k kickstarter videos, with $15k marketing budgets, no doubt funded in part through their own money funneled through services that provide shell donations, because KS is being used as a glorified advertising service. People buying off steam curators for promotions, youtubers making sponsored videos without disclosing they're sponsored. Fake viralility. Fake campaigns. Predetermined success for those who could *already* afford to develop and go commercial without a publisher. And they came into the market and cannibalized the opportunity, raising the bar for everyone that wasnt them. I guess that's actually a good thing, because we wouldnt have half the amazing games we do, and the pressure to produce quality. But then I see fantastic games utterly ignored or flailing in an attempt to compete for eyeballs in an industry frequently dominated by gatekeeping marketeers and influencers, where human grace determines success or complete oblivion. And I'm just disgusted with it.

Also buy my game. Preorder NOW! And you'll get a REAL canvas bag, I'll go to like the goodwill and buy one and screen print the game logo on it or some shit. Buy the special collectors edition and get pictures of my feet. Buy the game of the year edition and get a real gasmask. Preorder now and I'll fucking suck your di k right now. No lie. Preorder the diamond edition RIGHT NOW in the next six minutes and I will send you one hundred thousand dollars in gold plated bottle caps. Limited supply. one million per customer. Offer expires soon. This is not a scam. I repeat. This is NOT a scam.

In other news I'm soft launching Atom Ranger in six months (assuming the nuclear apocalypse hasn't *actually* started by then). Its state of decay and fallout meets rimworld. Build and manage a sprawling base, resolving conflicts, exploring post apocalyptic Colorado and surrounding territories of no-mans-land. Navigate hazardous weather, radioactive terrain, collapsed bridges, dangerous rivers, and deal with cultists, bandits, slavers, and hungry cannibals. Broker peace between not just the factions outside your settlements, but within your base too. Manage conflicts, settle disputes, avert disasters, barter, scavenge, and survive in a fully dynamic world, where buildings slowly crumble, grass and trees sprout up in the road and vacant lots, fires burn out of control, and factions loot, ruin, and takeover settlements. Watch the world and the survivors in it change and survive. Help them to survive, or become a warlord and rule over the wastes.

Lets be honest. It's basically kenshi but less complicated.

If you want to volunteer to test (instead of paying to be a glorified tester, aka "alpha") let me know in the comments.

I'm currently setting up a discord and mailing list.

Inherited a simple marketplace website that matches job seekers and hospitals in healthcare. Typically, all you need for this sort of thing is a web server, a database with search

But the precious devs decided to go micro-services in a container and db per service fashion. They ended up with over 50 docker containers with 50ish databases. It was a nightmare to scale or maintain!

With 50 database for for a simple web application that clearly needs to share data, integration testing was impossible, data loss became common, very hard to pin down, debugging was a nightmare, and also dangerous to change a service’s schema as dependencies were all tangled up.

The obvious thing was to scale down the infrastructure, so we could scale up properly, in a resource driven manner, rather than following the trend.

We made plans, but the CTO seemed worried about yet another architectural changes, so he invested in more infrastructure services, kubernetes, zipkin, prometheus etc without any idea what problems those infra services would solve.

The internet is expensive as hell compared with salaries, we can't access to services like amazon, google cloud, gitlab, private github, Android, and a lot more because of USA sanctions (we have to do some magic and sorcery to use them), and in the other hand our government applys restrictive laws (we call it the double embargo) like that one who says that you can't host services for the country with international providers, and the only national hosting provider has a terrible, feature-less and super expensive service. But hey, we like a lot what we do!!

- Cuba

Not necessarily ignorant, but funny.
Before my current job I used to work for a company that provided software services to logistic type corporations, import export and all that jazz.

I was asked to generate an admin interface that would allow people to enter scans from different products, sort them in the right place and update the main interface. During the time we were using Classic ASP with VBScript. There, AJAX and similar functionality can get quite tricky, but definitely doable if you know what you are doing, VBScript has many limitations when compared to something like PHP for example. But thus the application was created in about a week once everything was sorted and then the storage manager came back to ask me if I could put a spinner or something in it to show that the information was loading. I asked him if the information was not being updated accordingly or if there were similar issues to that extent.

He said "no, it is working perfectly and I have no problem with the functionality, but these morons keep trying to scan shit because they can't tell if something is being populated into the main table in the interface because it all happens so quickly" Me: "well it is a very simple process, if you want I can add some sort of additional message to that or a spinner or something of the like that would show for two seconds or something, just so they can get some visual clarification"

Him: "This is a pretty stupid thing isn't it?". Me: Yes. Him: "I am so sorry to ask for this, how long will it take you?" Me: "Lol give me about 30 mins maybe less, it is no problem really, let me get this out of the way so that your people can get to it without loosing anymore time"

Such things are the reason why they literally brought me to the head of the company when I told them that I was leaving in an effort for him to try and convince me to stay. I was not to be contracted into their service anymore, but a full time employee. It was nice for them to ask really, but I declined in favor of the benefits I get from my current company.

To this day I think its funny and they remember as well.

We should not tolerate censorship.
Beyond all the u.s. hype over elections
(and the division in the west in general), the real story is all the censorship on both sides.
Reasonable voices are quickly banned, while violent voices and loud angry people are amplified.

I broke out of the left-right illusion when
I realized what this was all about. Why
so much fighting in the street was allowed, both
justified and unjustified. Why so much hate
and division and slander, and back and forth
was allowed to be spread.

It's problem, reaction, solution.
The old order of liberal democracy, represented
in the u.s. by the facade of the GOP and DNC,
doesn't know how to handle the free *distributed*
flow of information.

That free-flow of information has caused us to
transition to a *participatory* democracy, where
*networks* are the lever of power, rather than
top down institutions.

Consequently, the power in the *new era* is
to decide, not what the *narrative* is, but
who can even *participate*, in spreading,
ideating, and sharing their opinions on that
narrative, and more broadly, who is even allowed
to participate in society itself.

The u.s. and west wants the chinese model of
control in america. you are part of a network, a
collective, through services and software, and
you can be shut off from *society* itself at
the drop of a pin.

The only way they get that is by creating a crisis,
outright fighting in the streets. Thats why
people keep being released after committing serious
fucking crimes. It's why the DOJ and FBI are
intent on letting both sides people walk.
They want them at each others literal throat,
calling for each other's blood. All so they
can step back and then step in the middle when
the chorus for change cries out loud enough.

And the answer will be

1. regulated tech

2. an end to television media as we know it

3. the ability to shut someone off from any service on a dime

4. new hatespeech laws that will bite *all* sides in the ass.

5. the ability to shape the narrative of society by simply 'pruning' networks as they see fit, limiting the reach of individuals on all sides, who are problematic to
the collective direction.

I was so caught up in the illusion of us-vs-them I didn't
see it before now. This is a monstrous power grab.

And instead of focusing on a farce of election, where the party *organizations* involved are institutional facades for industrialists, we should be focusing on the real issue:

* Failure of law to do its job online, especially failures of slander and libel laws, failures of laws against conspiracy to commit crime or assault

* New laws that offer injunctive relief against censorship, now that tech really is the commons. Because whats worse than someone online whipping up a mob on either side, is
someone who is innocent being *silenced* for disagreeing with something someone in authority said, or for questioning a politician, party, or corporation.

* Very serious felony level laws against doxxing and harassment on all sides, with retroactive application of said laws because theres a lot of people on all sides who won't be satisfied with the outcome until people who are guilty are brought to justice.

CTO: We'll use epochs for any time related fields in our services.

After service integration...

Dev from producer team: Hey the time field is showing up as 1970 and not null in your table. That seems to be a bug.

Me: Code looks fine. We are converting epochs to timestamps here. Null is taken care by the library function itself.

The same dev: Actually we are sending zero instead of null values in that time field. But we'd want the end table to treat that as null.

Me: Why can't you send null then?

The dev: Actually avro doesn't support nulls. Hence the zero.

Me: WTF??????

Manager to me: Actually you need to convert them as null. Anyways, this is not a blocker and we can live with it for now.

END OF RANT

Why can't they fucking send it as null? And when I asked about the details, that particular event type doesn't require that field. Still the manager insists on sending that field for it.

So ok here it is, as asked in the comments.

Setting: customer (huge electronics chain) wants a huge migration from custom software to SAP erp, hybris commere for b2b and ... azure cloud
Timeframe: ~10 months….

My colleague and me had the glorious task to make the evaluation result of the B2B approval process (like you can only buy up till € 1000, then someone has to approve) available in the cart view, not just the end of the checkout. Well I though, easy, we have the results, just put them in the cart … hmm :-\
The whole thing is that the the storefront - called accelerator (although it should rather be called decelerator) is a 10-year old (looking) buggy interface, that promises to the customers, that it solves all their problems and just needs some minor customization. Fact is, it’s an abomination, which makes us spend 2 months in every project to „ripp it apart“ and fix/repair/rebuild major functionality (which changes every 6 months because of „updates“.

After a week of reading the scarce (aka non-existing) docs and decompiling and debugging hybris code, we found out (besides dozends of bugs) that this is not going to be easy. The domain model is fucked up - both CartModel and OrderModel extend AbstractOrderModel. Though we only need functionality that is in the AbstractOrderModel, the hybris guys decided (for an unknown reason) to use OrderModel in every single fucking method (about 30 nested calls ….). So what shall we do, we don’t have an order yet, only a cart. Fuck lets fake an order, push it through use the results and dismiss the order … good idea!? BAD IDEA (don’t ask …). So after a week or two we changed our strategy: create duplicate interface for nearly all (spring) services with changed method signatures that override the hybris beans and allow to use CartModels (which is possible, because within the super methods, they actually „cast" it to AbstractOrderModel *facepalm*).
After about 2 months (2 people full time) we have a working „prototype“. It works with the default-sample-accelerator data. Unfortunately the customer wanted to have it’s own dateset in the system (what a shock). Well you guess it … everything collapsed. The way the customer wanted to "have it working“ was just incompatible with the way hybris wants it (yeah yeah SAP, hybris is sooo customizable …). Well we basically had to rewrite everything again.
Just in case your wondering … the requirements were clear in the beginning (stick to the standard! [configuration/functinonality]). Well, then the customer found out that this is shit … and well …

So some months later, next big thing. I was appointed technical sublead (is that a word)/sub pm for the topics‚delivery service‘ (cart, delivery time calculation, u name it) and customerregistration - a reward for my great work with the b2b approval process???

Customer's office: 20+ people, mostly SAP related, a few c# guys, and drumrole .... the main (external) overall superhero ‚im the greates and ur shit‘ architect.
Aberage age 45+, me - the ‚hybris guy’ (he really just called me that all the time), age 32.
He powerpoints his „ tables" and other weird out of this world stuff on the wall, talks and talks. Everyone is in awe (or fear?). Everything he says is just bullshit and I see it in the eyes of the others. Finally the hybris guy interrups him, as he explains the overall architecture (which is just wrong) and points out how it should be (according to my docs which very more up to date. From now on he didn't just "not like" me anymore. (good first day)
I remember the looks of the other guys - they were releaved that someone pointed that out - saved the weeks of useless work ...

Instead of talking the customer's tongue he just spoke gibberish SAP … arg (common in SAP land as I had to learn the hard way).
Outcome of about (useless) 5 meetings later: we are going to blow out data from informatica to sap to azure to datahub to hybris ... hmpf needless to say its fucking super slow.
But who cares, I‘ll get my own rest endpoint that‘ll do all I need.

First try: error 500, 2. try: 20 seconds later, error message in html, content type json, a few days later the c# guy manages to deliver a kinda working still slow service, only the results are wrong, customer blames the hybris team, hmm we r just using their fucking results ...
The sap guys (customer service) just don't seem to be able to activate/configure the OOTB odata service, so I was told)
Several email rounds, meetings later, about 2 months, still no working hybris integration (all my emails with detailed checklists for every participent and deadlines were unanswered/ignored or answered with unrelated stuff). Customer pissed at us (god knows why, I tried, I really did!). So I decide to fly up there to handle it all by myself

This was a long time ago, when I was working part time in my uni helpdesk. as part of the uni IT service, they offered ISP services at the dorms. It was cheap, and fast. This essentially allowed students living in the dorms to connect thier personal computers to the uni LAN. Then one day...
An ARP poison malware infected some of those computers. An arp poison attack is simple (look at ettercap) - it redirects network traffic via the affected computer, and adds malware to webtraffic to infect more computers. One of these on a network is bad enough, but when there more then one... traffic was redirected a lot. this caused the Dorm switches to collapse under the load. Fun times to work at the helpdesk...
The IT guys came up with a solution for this: they blocked the arp poision attacks at the firewall, and then disabled the switch port for the infected computer for 24 hours. so, when someone called with 'I have no internet!', we told them to bring us the computer, and installed an AV on it.
3-4 month the problem was cleared.

You mother fucking piece of shit.

Whoever taught you programming should be removed from history.

And whatever form of intelligence you claim to possess, let me assure you: breathing is the limit of it.

--

Some of the projects I'm working on are really the epitome of "YOLO let's turn the poopomat machine on in diarrhea mode".

The worst: I cannot really give examples.

I've seen the last days everything.

(bash scripting, docker, services like nginx /haproxy/...)

Eval as an template generator in bash...

Declaring an whole environment in an Dockerfile, that should never be used as it is only necessary for building... But not checking if an env file is provided, so the whole thing can blow up spectacularly.

A nearly 1k long bash calculator for system limits, reading out all kinds of stuff from /proc and /sys, seemingly partially stolen from NGINX Docker.

Declaring and starting an own DNS Server to bypass the Docker DNS service inside an docker container.

Mkfifo fun for creating several stdout and stderrs for seemingly no reason...

Actively not using bash, instead of creating shell only functions to emulate bash...

I could go on.

But really. I'm getting too old for this shit.

Anything I (am able to) build myself.
Also, things that are reasonably standardized. So you probably won't see me using a commercial NAS (needing a web browser to navigate and up-/download my files, say what?) nor would I use something like Mega, despite being encrypted. I don't like lock-in into certain clients to speak some proprietary "secure protocol". Same reason why I don't use ProtonMail or that other one.. Tutanota. As a service, use the standards that already exist, implement those well and then come offer it to me.

But yeah. Self-hosted DNS, email (modified iRedMail), Samba file server, a blog where I have unlimited editing capabilities (God I miss that feature here on devRant), ... Don't trust the machines nor the services you don't truly own, or at least make an informed decision about them. That is not to say that any compute task should be kept local such as search engines or AI or whatever that's best suited for centralized use.. but ideally, I do most of my computing locally, in a standardized way, and in a way that I completely control. Most commercial cloud services unfortunately do not offer that.

Edit: Except mail servers. Fuck mail servers. Nastiest things I've ever built, to the point where I'd argue that it was wrong to ever make email in the first place. Such a broken clusterfuck of protocols, add-ons (SPF, DKIM, DMARC etc), reputation to maintain... Fuck mail servers. Bloody soulsuckers those are. If you don't do system administration for a living, by all means do use the likes of ProtonMail and Tutanota, their security features are nonstandard but at least they (claim to) actually respect your privacy.

Soo, my manager asked me to create tool for CSI. Sort of ticketing tool for service improvements.

So I spent a few months working on it including design, websocket based real time statistics, exports to their belowed excel, easy to use, fast and so on.
I've presented it to mgmt, told them that deployment was easy and just need a simple linux virtual and all is automated.

They told me that they don't have a server. Company where main business is cloud services. Didn't pay me a penny for my effort even though worked on that mostly in my free time.
I didn't even want anything for the tool, just for my time.

Then a month later they've introduced similar thing based on Sharepoint with 1/10th of fuctionality, slow as hell, buggy, unintuitive.

And guess what, I can't open source my tool because it is a company property.

So, fuck it, never gonna do anything again without proper contract, even if for the same department.

I've already left that hell hole, but thought I would share my story.

Seems like everything on android is a "hack" or temporary solution, thanks to google .

Now how the fuck should i create a custom SMS inbox when:
1) i can't run the SMS broadcast reciever in a background service(because background services are deprecated )
2)message SMS reciever in a foreground service ,because this service is not fucking foreground! when the app is cleared from the recents , it shows the service as running, but on recieving the next message , the service dies??wtf?? i think its something related to processes

the app needs to detect a message instantly because some messages are needed to be sent to server the moment they are recieved :/

For fucks sake, Amazon Prime has also decided that they are adding ads to their *paid subscription*. Because I guess paying them fucking monthly is not enough for them greedy fucks. It's not like they were loosing money either, the service had a slow but exponential growth ever since 2014 (slow in the sense that it was only hundreds of millions at first, but luckily it was tens of billions by 2022, poor amazon eh?) ... first fucking Netflix does this, and now these retarded fucks follow suit like little retarded ducklings with dollar signs for eyes. You can bet your fucking hats that the other services will jump on the adWagon soon too...

"you will own nothing and be happy".. yeah fuck you, you fucks. As if owning nothing wasn't bad enough, now that nothing comes with fucking ads on top FOR THE SAME FUCKING PRICE?!... And they have the audacity to fucking ask for *more* monthly money to get rid of the ads they oh so graciously provided?!

I don't even use fucking amazon prime, but what the actual fuck. This is *one* of the reasons I canceled my netflix sub. I'm not going to fucking support this behavior even if it doesn't affect me. But I guess some people keep showing netflix dicks into their gaping asses because they sure don't seem to be taking this bullshit back... And I assume even more people will keep sucking amazon dicks as if this was a-ok behavior.

god, shit like this really makes me angry...

As usual a rather clickbait title, because only the chrome extensions (as always) seem to be vulnerable:

"Warning – 3 Popular VPN Services Are Leaking Your IP Address"

"Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data."

"VPN Mentor revealed that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate"

"PureVPN is the same company who lied to have a 'no log' policy, but a few months ago helped the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case."

"Hijack all traffic (CVE-2018-7879) "
"DNS leak (CVE-2018-7878)"
"Real IP Address leak (CVE-2018-7880)"

I contacted the creators of Nova Launcher because I want the full version. They have both an google play upgrade as an input code upgrade.

Since I dont have any google service anywhere I contacted them to ask how to get such a code because I dont have any google service. This was their reply:
"You would need to purchase the app via the Google Play Store, then once you have, email us a copy of the receipt and the email you used to purchase the app with, then we can give you a Direct License to use since you don't have Google Play Services."

How do I buy it if I dont have any fucking google service?

I am currently looking for a DAW (Digital Audio Workstation), because my music projects are starting to get a little too complex for Audacity.

So I started looking for a good, easy-to-learn, ideally free program, and quickly learned that Avid now has a free version of Pro Tools called First.

So I go to their site and fill out the registration form to get the download. In addition to creating an account with Avid, you also need to create one with iLok, which apparently has something to do with how they manage their licenses. Kinda overkill for a free program, but okay...

I download the program (about 3gigs...), install it and try to start it. It gives me an error message about missing some service. Okay? I'm confused because I notice that an 'Application Manager' service has appeared in my tray, and when I open that I can log into my new account just fine. But it still doesn't work.

There's a link in the error message to the iLok website, and it looks like ai need to dowload and install another component. Why didn't that get installed with the program if it's required?

Hmm...

So I go to the iLok site, download it and install it. Pro Tools First still won't start. I realize that the PTF installer asked me to reboot, which I didn't do because: a) I always have a lot of windows open, and b) How often is a reboot ACTUALLY required? Why would you need to reboot?

So I (begrudgingly) reboot, and now the program seems to start initializing... but then it throws an error message about some plugin that it can't load because it doesn't work for the 64 bit version. Then... why are you even looking for it?
And then it says something like: 'I can't handle that, I'm just gonna shut down'.

What?

I try starting it again. Same error appears, but then it gets past it this time... Only to throw another error message about something else it can't load, and therefore it must shut down.

Deep breath.

Third time is the charm, the program actually made it to the project create/load screen! Huzzah!
So I look around a bit, but don't do much. It doesn't seem too intuitive to me, so I start watching some tutorials on YouTube from Avid themselves. It's a little late by now, so I don't get my hands dirty that day.

Next time I want to try out the program I start it up, still get error messages, but it does seem to initialize okay. But then the 'Create project' button doesn't react when I press it.

It turns out that the program takes a looong time to log in to the avid account, even though the manager service is running and logged in...

When it finally logs on I create a new blank project, but it doesn't ask me where to save it to. I see there is a counter saying 1/3 and looking around I find some info about 'cloud based projects'.

It would seem that this program only supports saving projects to the cloud, and you get only 3 projects total. Three. THREE?

Ahem...

I add an instrument track to my new project and select the one and only plugin, which is a synth. I don't see the plugin window, like in the tutorials I watched. I fiddle around with the windows, but I only manage to get the layout fucked up. There's a handy 'Window' menu, but none of the options resets the view. The main window is now sporting a WINDOWS FUCKING 7 BORDER! And partially blocking the view of the top menu.

Blaaargh!

Frustrated, I shut the program down and restart it. I now select one of the project templates (after waiting for it to LOG IN AGAIN!) in the hope that I might have a bit more luck with that starting point.

But when the template has loaded, out of nowhere, the program goes from maximized to windowed mode! And the fucking Win7 border is back again, still messing with the main menu!

FFS!

I get the sucker maximized again and select one of the synth tracks, and Lo and Behold! The synth plugin window actually shows up! But of course there is no sound produced when I play, neither with the keyboard or my midi keyboard.

Oh no, that would have been too easy.

I see some the meters moving when I play, but no sound is produced. I check the options menu, but find out nothing useful except for the fact that the program only support 48kHz sample rate. That's pretty disappointing when you have a 192kHz/24bit soundcard.

I'm done. This piece of shit software is NOT for me. It's bloated, complicated to sign up for and install, extremely limited and buggy as hell!

The final insult is that it takes 5 minutes to uninstall because there is no uninstall option in the so-called 'Application Manager' (of course fucking not!), and doing it through Programs & Features there are 5 (FIVE!!) different apps and services to uninstall, one by one.

0/10, would not recommend.

Yes, a plus, i.e. `+`, is a fucking valid char for an email address.

Your online service is shit, you don't know your craft, and you should feel bad about yourself!

But you thought email is fucking simple, google for email validation regex and took copy pasted the first fucking find from some random blog that validates anything but an actual fucking valid email addresses, didn't you!?

(Funfact, the plus sign allow to create email aliases in some free mailer services. GMail for instance. That's why I l like using emails like my.actual.mail+I_KNOW_WHY_YOU_ARE_SENDING_SPAM@gmail.com as my registration email. Also, brute-force that login email.)

PayPal = GayPal

PHASE 1

1. I create my personal gaypal account
2. I use my real data
3. Try to link my debit card, denied
4. Call gaypal support via international phone number
5. Guy asks me for my full name email phone number debit card street address, all confirmed and verified
6. Finally i can add my card

PAHSE 2

7. Now the account is temporarily limited and in review, for absolutely no fucking reason, need 3 days for it to be done

8. Five (5) days later still limited i cant deposit or withdraw money

9. Call gaypal support again via phone number, burn my phone bill

10. Guy tells me to wait for 3 days and he'll resolve it

PHASE 3

11. One (1) day later (and not 3), i wake up from a yellow account to a red account where my account is now permanently limited WITHOUT ANY FUCKING REASON WHY

12. They blocked my card and forever blocked my name from using gaypal

13. I contact them on twitter to tell me what their fucking problem is and they tell me this:

"Hi there, thank you for being so patient while your conversation was being escalated to me. I understand from your messages that your PayPal account has been permanently limited, I appreciate this can be concerning. Sometimes PayPal makes the decision to end a relationship with a customer if we believe there has been a violation of our terms of service or if a customer's business or business practices pose a high risk to PayPal or the PayPal community. This type of decision isn’t something we do lightly, and I can assure you that we fully review all factors of an account before making this type of decision. While I appreciate that you don’t agree with the outcome, this is something that would have been fully reviewed and we would be unable to change it. If there are funds on your balance, they can be held for up to 180 days from when you received your most recent payment. This is to reduce the impact of any disputes or chargebacks being filed against you. After this point, you will then receive an email with more information on accessing your balance.

As you can appreciate, I would not be able to share the exact reason why the account was permanently limited as I cannot provide any account-specific information on Twitter for security reasons. Also, we may not be able to share additional information with you as our reviews are based on confidential criteria, and we have no obligation to disclose the details of our risk management or security procedures or our confidential information to you. As you can no longer use our services, I recommend researching payment processors you can use going forward. I aplogise for any inconvenience caused."

PHASE 4

14. I see they basically replied in context of "fuck you and suck my fucking dick". So I reply aggressively:

"That seems like you're a fraudulent company robbing people. The fact that you can't tell me what exactly have i broken for your terms of service, means you're hiding something, because i haven't broken anything. I have NOT violated your terms of service. Prove to me that i have. Your words and confidentially means nothing. CALL MY NUMBER and talk to me privately and explain to me what the problem is. Go 1 on 1 with the account owner and lets talk

You have no right to block my financial statements for 180 days WITHOUT A REASON. I am NOT going to wait 6 months to get my money out

Had i done something wrong or violated your terms of service, I would admit it and not bother trying to get my account back. But knowing i did nothing wrong AND STILL GOT BLOCKED, i will not back down without getting my money out or a reason what the problem is.

Do you understand?"

15. They reply:

"I regret that we're unable to provide you with the answer you're looking for with this. As no additional information can be provided on this topic, any additional questions pertaining to this issue would yield no further responses. Thank you for your time, and I wish you the best of luck in utilizing another payment processor."

16. ARE YOU FUCKING KIDDING ME? I AM BLOCKED FOR NO FUCKING REASON, THEY TOOK MY MONEY AND DONT GIVE A FUCK TO ANSWER WHY THEY DID THAT?

HOW CAN I FILE A LAWSUIT AGAINST THIS FRAUDULENT CORPORATION?

Conversation yesterday (senior dev and the mgr)..

SeniorDev: "Yea, I told Ken when using the service, pass the JSON string and serialize to their object. JSON eliminates the data contract mismatch errors they keep running into."
Mgr: "That sounds really familiar. Didn't we do this before?"
SeniorDev: "Hmmm...no. I doubt anyone has done this before."
Me: "Yea, our business tier processor handled transactions via XML. It allowed the client and server to process business objects regardless of platform. Partners using Perl,
clients using Delphi, website using .aspx, and our SQLServer broker even used it."
Mgr: "Oh yea...why did we stop using it?"
Me: "WCF. Remember, the new dev manager at the time and his team broke up the business processor into individual WCF services."
Mgr: "Boy, that was a crap fest. We're still fighting bugs from the mobile devices. Can't wait until we migrate everything to REST."
SeniorDev: "Yea, that was such a -bleep-ing joke."
Me: "You were on Jake's team at the time. You were the primary developer in the re-write process saying passing strings around wasn't the way true object-oriented developers write code.
So it's OK now because the string is in JSON format or because using a JSON string your idea?"

SeniorDev turns around in his desk and puts his headphones back on.

That's right you lying SOB...I remember exactly the level of personal attacks you spewed on me and other developers behind our backs for using XML as the message format.

Keep your fat ass in your seat and shut the hell up.

Am I the only guy using the GDPR emails as a to-do list? For each email I either delete the account with that service OR I take the opportunity to change the password. Tedious? Yeah. Satisfying? You bet!

I see all these people complaining about their inbox blowing up with "spam" but how many of those accounts or services do you still use? I bet over half of them were only signed up for to try their demo and then forgotten about.

The "unit" in unit test does not mean your ENTIRE APPLICATION. Ever heard of scope!?

I am amazed how often people write overblown test setups, mock hundreds of unrelated services, just to test one tiny bit of logic.

That bit of logic could have been a pure function.

For that pure function you could write a dead simple unit test. Given that input, I expect that output. Nothing more, nothing less. (It helps even more if the pure functions only accepts primitives, like string and numbers, or very simple immutable value objects).

No I don't care that the service is used by another service, as your mocked interaction also doesn't test the service as a whole but you just assume the happy case most of the time anyway. You want to test the entire application? Let's not use unit tests for that but let's use a different kind of test for that (integration test, functional tests, e2e-tests).

If you write code in a way that easily allows for unit testing, your need to mock goes away.

!rant

I've seen some rants about people complaining about websites using the 'www' subdomain, so I'd like to take this opportunity to try to explain my opinion about why sites might use it.

I use to feel the same way about not having the www subdomain. It felt like an outdated standard that serves no purpose. But I have changed my option...

Sometimes certain servers have other services running other than just the website, such as ssh, ftp, sql, etc., running on different ports. What if you want to use a web proxy and caching service similar to cloudflare or a cdn? We'll you can't, because they won't allow traffic to flow through to your other ports.

That's where the www subdomain comes in. Enable your caching and cdn on your www subdomain, and slap a 301 redirect from your primary domain on port 80 or 443 to the www subdomain. This still allows you to access your other services via the domain name while still gaining the benefits of using a cdn.

Now I know you could use an 'ftp' subdomain or the like, but to each their own in that regard.

For fuck sake!
Fuck locatefamily.com, just searched out on google my name and surname, both foreign and hard to even spell out for many, and it's the first time that I saw my data(where did I live, my current work phone number, name and surname) open wide as the second link of my search, fuck!

But there's a clue, at that address I lived for a not so long period, so I did search my emails in that period and other than my employers and government emails(in which I don't trust either), here's a list of companies that had my info(partial or full):
Only address(with name and surname):

Amazon.it with 14 other companies(for shipping)
eBay with 4 other companies(for shipping)
voxelfarm.com
trenord.it
DUMA (LIGHT) di Adel
decathlon.com
gruppoargenta.it
paypal.it

All info:
gearbest.com
glistockisti.com
oculus.com
Banggood.com

Overall there are 33(including government, employers and national main mail service) potential leaks of that data, with 7 in full exposure.

After this, I'm thinking how it's even avoidable to not leak personal data, because from any of those businesses I got goods or services that otherwise I couldn't without exposing such informations... fuck.

Let's talk about the cargo cult of N-factor authentication. It's not some magic security dust you can just sprinkle onto your app "for security purposes".

I once had a client who had a client who I did server maintenance for. Every month I was scheduled to go to the site, stick my fingerprint in their scanner, which would then display my recorded face prominently on their screens, have my name and purpose verified by the contact person, and only then would the guards let me in.

HAHA no of course not. On top of all of that, they ask for a company ID and will not let me in without one.

Because after all, I can easily forge my face, fingerprints, on-site client contact, appointment, and approval. But printing out and laminating a company ID is impossible.

---

With apologies to my "first best friend" in High School, I've forgotten which of the dozens of canonicalisations of which of your nicknames I've put in as my answer to your security question. I've also forgotten if I actually listed you as my first best friend, or my dog - which would actually be more accurate - and actually which dog, as there are times in my High School life that there were more tails than humans in the house.

I have not forgotten these out of spite, but simply because I have also forgotten which of the dozen services of this prominent bullshit computer company I actually signed up for way back in college, which itself has been more than a decade ago. That I actually apparently already signed up for the service before actually eludes me, because in fact, I have no love for their myriad products.

What I have NOT forgotten is my "end of the universe"-grade password, or email, or full legal name and the ability to demonstrate a clear line of continuity of my identity from wherever that was to now.

Because of previous security screwups in the past, this prominent bullshit company has forced its users to activate its second, third, and Nth factors. A possibly decade-old security question; a phone number long lost; whatever - before you can use your account.

Note: not "view sensitive data" about the account, like full name, billing address, and contact info. Not "change settings" of the account, such as changing account info, email, etc. Apparently all those are the lowest tier of security meant to be protected by mere "end of the universe"-grade passwords and a second factor such as email, which itself is likely to be sold by a company that also cargo cults N-factor auth. For REAL hard info, let's ask the guy who we just showed the address to "What street he lived in" and a couple others.

Explaining this to the company's support hotline is an exercise in...

"It's for your security."

"It's not. You're just locking me out of my account. I can show you a government ID corroborating all the other account info."

"But we can't, for security."

"It's not security. Get me your boss."

...

"It's for security."

I explained last week in great detail to a new team member of a dev team (yeah hire or fire part 2) why it is an extremely bad idea to do proactive error handling somewhere down in the stack...

Example
Controller -> Business/Application Logic -> Infrastructure Layer

(shortened)

Now in the infrastructure layer we have a cache that caches an http rest call to another service.

One should not implement retry or some other proactive error handling down in the cache / infra stack, instead propagate the error to the upper layer(s) like application / business logic.
Let them decide what's the course of action, so ...
1) no error is swallowed
2) no unintended side effects like latency spikes / hickups due to retries or similar techniques happens
3) one can actually understand what the services do - behaviour should either be configured explicitly or passed down as a programmed choice from the upper layer... Not randomly implemented in some services.

The explanation was long and I thought ... Well let's call the recruit like the Gremlin he is... Gizmo got the message.

Today Gizmo presented a new solution.

The solution was to log and swallow all exceptions and just return null everywhere.

Yay... Gizmo. You won the Oscar for bad choices TM.

Thx for not asking whether that brain fart made any sense and wasting 5 days with implementing the worst of it all.

We had a school project where we where supposed to implement a software with a heavy client in C# and web services for it in C#, but the web services HAD TO COMMUNICATE WITH SMTP AND IMAP. And do that in 8 days.

We were 6 in the team. 4 had no idea what a web service is, and I and the designated project lead were the only ones knowing what to do. The lead had paperwork to do for the project, so I had to do everything but the UI alone. So 1 guy did the UI, 3 were... Playing Minecraft... The lead was doing paperwork and ranting about how noisy idiots these guys were... And I was sick as hell and could not eat anything, I was vomiting all day in between which moment I managed to make half of the functionalities of the project, despite having to go to the hospital and have to continue working despite the medical request not to work.

So the day before the presentation I had half of the functionalities done and I had to explain them yet another time what web services are so they can answer the questions and cover for themselves.

On the day of the presentation it went kinda fine. It was not finished but it worked like asked.

We were asked for peer evaluation and I gave A to the lead and the UI guy and B to the 3 other lazy asses.

Shortly after I am called by the tutor in the office : "What happened on this project? Were you not working at all? Apart for the lead who gave you an A, every one gave you a D (lowest grade). I demand for explanations"

I said never mind and got back to studying. I got a B, all the rest of the group an A.

Get a "Covid-19" email from an online service I last used 4 years ago. The email boils down to 2 sentences of "we are working remotely as we have always done, there is no impact".

3 paragraphs of "here are the services we offer you should check out".

Fuck off

With all M$ buying GitHub thing i really hope some good things will come out of it like:

- Better version control inside Visual Studio.
- Microsoft making its projects more open source, since it now has an official platform for itself.
- Faster and better service from GitHub since there is now a much bigger budget for servers and other things.

But there are some things that i think are worth thinking about:

- Will this be another one of Microsoft's paid services?
- Will there be "intergration" into the Office apps along Skype, Word and others?
- Will the privacy policy change?

Most likely, none of the bad things happen but me being paranoid as i am, I'd prepare. I always try to be optimistic and just ignore it for now until Microsoft start doing things.

Not really a rant and not very random. More like a very short story.

So I didn't write any rant regarding the whole Microsoft GitHub topic. I don't like to judge stuff quickly. I participated in few threads though.

Another thing is I also don't use GitHub very much apart from giving 🌟 to repos as a bookmark. Have one hobby project there. That's all. So I don't worry that much. I'm that selfish and self concerned. :3

I was first introduced to version control system by learning how to use tortoisesvn around 2008. We had a group project and one of the guys was an experienced and amazing programmer unlike the rest of us. He was doing commercial projects while we were at our 1st and 2nd year. Uni had svn repo server. He taught us about tortoisesvn. He also had Basecamp and taught us how to use it as well. So that's how I learned the benefits of using versioning tools and project management tools. On side note, our uni didn't teach any of those in detail :3

After that project, I was hooked to use versioning tools. So until school kicked me out, I was able to use their svn server. When I was on my own, I had to ask Google for help. I found a new world. There are still free svn services that I can use with certain limited functions. That's not the new world; I found people saying how git is better than svn in various ways. It was around 2010,2011.

At first I was a bit reluctant to touch git because of all the commands in terminal approach. But then I found that there is tortoisegit. I still thank tortoisesvn creator for that. I'm a sucker for GUI tools. So then I also have to pick which git servers to use. Hell yeah, self hosted gitlab is the way to go man. Well that's what the internet said. So I listened. I got it up and running after numerous trial and error. I used it briefly. Then I came back to my country on 2012-2013; the land of kilobytes per minute (yes not second, minute).

My country's internet was improved only after 2016. So from 2013 to 2016, I did my best not to rely on internet. I wasn't able to afford a server at my less than 10 people, 12ft*50ft office. So I had to find alternative to gitlab which preferably run on windows. Found bonobo and it was alright. It worked. Well had crazy moments here and there when the PC running Bonobo got virus and stuff. But we managed. We survived. Then finally multi national Telecom corporates came to our country.

We got cheaper and faster mobile data, broadband and fiber plans. Finally I can visit pornhub ... sorry github. Github is good. I like it. But that doesn't mean I should share my ugly mutated projects to the rest of the world. I could keep using Bonobo but it has risks. So I had to think for an alternative. I remembered that gitlab didn't have cloud hosting service when I checked them out in the past. So I just looked into Bitbucket and happy with their free plans of 5 users and unlimited private repos. I am very very cheap and broke.

That's why I said I don't really care that much about the whole M$GitHub topic at the beginning. However due to that topic, I have visited GitLab website again and found out they have cloud hosting now and their free plan is unlimited users and unlimited repos. So hell yeah. Sorry BB. I am gonna move to cheaper and wider land.

TL;DR : I am gonna move to GitLab because of their free plan.

What you could have:
- simple project structure
- common lib with modular logic
- import logic as needed in you services

What you do:
- waste months to write an opinionated framework that works only if used in a super specific way
- have a fat sample project as example
- use a code generator to copy and rename the said sample project whenever you create a new service
- have everything break whenever something new is added in the framework
- oh and keep the framework in active development while others work on the client services, so lots of things will break often and out of nowhere

Fucking god, i hate when people make pet projects out of work projects

Ok, first rant, about my struggles getting reliable internet over the past 6 years. It's not too interesting of a topic, but here we go:

I'm living in a more rural part of Germany and internet here is shit. I pay more than 50 bucks a month for 700kb/s downstream (let's just not talk about upstream...), which is meh by itself but it gets worse. Before this I had roughly 230kb/s downstream using DSL. My provider came out with a new oh-so-fucking-fancy solution for giving people faster internet without upgrading their lame ass fucking backbone and POS infrastructure from 70 years ago: they sell you hybrid internet which combines your shit DSL and an LTE connection using TCP Multicast. Not only do I get only 6 of my promised (and payed for) 50 Mbit, no, It's also a fucking piece of nonworking shit!!!

Let me illustrate:
You constantly have problems with web content (or any remote content) not loading because the host server does not support TCP Multicast. It either refuses connection altogether or it takes about 30-50 seconds to establish a connection. Think about your live when it takes two or three fucking minutes to load 5 YouTube thumbnails or load new tweets at the bottom of the Twitter page! Also, you never know if you a) have an error in your implementation of a new API or if b) the remote host doesn't support TCPMC (there's never an error for that! Fuck you!), your SSH sessions ALWAYS drop in the most inopportune fucking moments because the LTE thing lost connection, you always have to turn on a VPN if you want to visit specific websites (for example your school's website) and so on....

Oh and also, my provider started throttling specific services again these days with Netflix and YouTube struggling to display 240p, fucking 240p video without buffering when I get 600kbit down on steam (ofc the steam download is paused when watching videos). When using a VPN, YouTube 720p and Netflix HD work like a charm again. Fucking Telekom bastards

Then there is the problem with VPNs. The good thing about them is that they solve all the TCP Multicast problems. Yay. Now for the bad things:
First of all, as soon as I use a VPN, access times to remote go up by like fucking 500%. A fucking DNS lookup takes 8-15 seconds!!! The bandwidth is there but it takes forever.. because reasons I guess. Then the speed drops to DSL speeds after a while because the router turns off my LTE connection when it is unused and it does not detect VPN traffic as traffic (again because... Reasons?) And also, the VPN just dies after an hour and you have to manually reconnect (with every VPN provider so far)

And as if that wasn't enough, now the lan is dying on me, too, with the router (the fucking expensive hybrid piece of shit, 230 bucks..) not providing DHCP service anymore or completely refusing all wifi connections or randomly dropping 5Ghz devices, or.....

You get the point.

The worst thing is, they recently layed down 400mbit fiber in my neighborhood. Guess where the FUCKING PIECE OF SHIT CABLE ENDS??? YEAH, RIGHT IN FRONT OF MY NEIGHBORS HOUSE. STREET NUMBER 19 IS SERVED WITH 400MBIT AND MY HOME, THE 20, IS NOT IN THEIR FUCKING SERVICE REGION. Even though there is a fucking cable with the cable companies name on it on my property, even leading up to my house! They still refuse to acknowledge it! FUCK YOU!!!!

Well anyways thanks for reading. Any of you got the same problems? :/

About slightly more than a year ago I started volunteering at the local general students committee. They desperately searched for someone playing the role of both political head of division as well as the system administrator, for around half a year before I took the job.

When I started the data center was mostly abandoned with most of the computational power and resources just laying around unused. They already ran some kvm-hosts with around 6 virtual machines, including a cloud service, internally used shared storage, a user directory and also 10 workstations and a WiFi-Network. Everything except one virtual machine ran on GNU/Linux-systems and was built on open source technology. The administration was done through shared passwords, bash-scripts and instructions in an extensive MediaWiki instance.

My introduction into this whole eco-system was basically this:
"Ever did something with linux before? Here you have the logins - have fun. Oh, and please don't break stuff. Thank you!"

Since I had only managed a small personal server before and learned stuff about networking, it-sec and administration only from courses in university I quickly shaped a small team eager to build great things which would bring in the knowledge necessary to create something awesome. We had a lot of fun diving into modern technologies, discussing the future of this infrastructure and simply try out and fail hard while implementing those ideas.

Today, a year and a half later, we look at around 40 virtual machines spiced with a lot of magic. We host several internal and external services like cloud, chat, ticket-system, websites, blog, notepad, DNS, DHCP, VPN, firewall, confluence, freifunk (free network mesh), ubuntu mirror etc. Everything is managed through a central puppet-configuration infrastructure. Changes in configuration are deployed in minutes across all servers. We utilize docker for application deployment and gitlab for code management. We provide incremental, distributed backups, a central database and a distributed network across the campus. We created a desktop workstation environment based on Ubuntu Server for deployment on bare-metal machines through the foreman project. Almost everything free and open source.

The whole system now is easily configurable, allows updating, maintenance and deployment of old and new services. We reached our main goal for this year which was the creation of a documented environment which is maintainable by one administrator.

Although we did this in our free-time without any payment it was a great year with a lot of experience which pays off now.

***ILLEGAL***
so its IPL(cricket) season in india, there is a OTT service called hotstar (its like netflix of india), the cricket streams exclusively on hotstar..
so a quick google search reveals literally thousands of emails & passwords, found a pastebin containing 500 emails&passwords ...but those are leaked last year most of passwords are changed & many of them enabled 2FA.. after looking through them we can find some passwords are similar to their emails , some contains birth year like 1975,1997 etc, some passwords end with 123 ..so after trying a few different versions of the passwords like
1) password123 -> password@123, password1234
2) passwordyear -> password@year
2) for passwords similar to emails, we can add 123 ,1234, @ etc
created a quick python script for sending login requests

so after like 30-40 mins of work, i have 7 working accounts

*for those who have basic idea of security practices you can skip this part

lessons learnt
1) enable 2FA
2) use strong passwords, if you change your password , new password should be very different from the old one

there are several thousands of leaked plaintext passwords for services like netflix,spotify, hulu etc, are easily available using simple google search,
after looking through & analysing thousands of them you can find many common passwords , common patterns
they may not be as obvious as password ,password123 but they are easily guessable.
mainly this is because these type of entertainment services are used by the average joe, they dont care about strong passwords, 2FA etc

SO MAD. Hands are shaking after dealing with this awful API for too long. I just sent this to a contact at JP Morgan Chase.

-------------------
Hello [X],
1. I'm having absolutely no luck logging in to this account to check the Order Abstraction service settings. I was able to log in once earlier this morning, but ever since I've received this frustratingly vague "We are currently unable to complete your request" error message (attached). I even switched IP's via a VPN, and was able to get as far as entering the below Identification Code until I got the same message. Has this account been blocked? Password incorrect? What's the issue?

2. I've been researching the Order Abstraction API for hours as well, attempting to defuddle this gem of an API call response:

error=1&message=Authentication+failure....processing+stopped

NOWHERE in the documentation (last updated 14 months ago) is there any reference to this^^ error or any sort of standardized error-handling description whatsoever - unless you count the detailed error codes outlined for the Hosted Payment responses, which this Order Abstraction service completely ignores. Finally, the HTTP response status code from the Abstraction API is "200 OK", signaling that everything is fine and dandy, which is incorrect. The error message indicates there should be a 400-level status code response, such as 401 Unauthorized, 403 Forbidden or at least 400 Bad Request.

Frankly, I am extremely frustrated and tired of working with poorly documented, poorly designed and poorly maintained developer services which fail to follow basic methodology standardized decades ago. Error messages should be clear and descriptive, including HTTP status codes and a parseable response - preferably JSON or XML.
-----

This whole piece of garbage is junk. If you're big enough to own a bank, you're big enough to provide useful error messages to the developers kind enough to attempt to work with you.

TL;DR Calendar services sucks.

Imagine yourself as startup. You don't want to spend fortune on paying $5 per user per month for Google Services. Also you don't want to pay that to Microsoft for O365. You want to run it itself because you already have droplet running with your other services (ERP for example. Funny story too btw.) Ok, decision has been made, let install something.

I have pretty good experience with OwnCloud from past as Cloud file sharing service. Calendar is not bad for single user purpose (understand it as personal calendar, no invitations to others, sharing is maximum I tried) What can possibly go wrong when I deploy that and use its Calendar?

Well, lot. OwnCloud itself runs well (no rant here) but Calendar is such pain in ass. Trouble is with CalDav under hood and its fragmented standards. So, you want to send invitation to your team for recurrent meeting. Nothing weird. It sends as one invitation to each one, good. Now you realize you have a conflict, so you need to change time of one occurence. Move it, send update. And here comes shitstorm. It is not able to bisect one occurence from series. So it splits it to separate events and send invitation for every single one. 30 INVITATIONS IN 2 SECONDS! Holy sh*t! You want to revert that. Nope, won't do. So you accept your destiny and manually erase every single one with memo in head about planning recurring events.

Another funny issue is when SwiftMailer library (which is responsive for sending e-mails from OwnCloud) goes to spamming mayhem. It is pretty easy to do. When e-mail doesn't comply to RFC, it is rejected, right? So if because of some error CalDav client passes non-compliant e-mail (space as last character is non-compliant btw) and SwiftMailer tries to send it to multiple recepients (one of them is broken, rest is fine), it results in repetitive sending same invitation over and over in 30 minute interval. Sweet.

So now I am sitting in front of browser, looking for alternatives. Not much to choose from. I guess I'll try SOGO. It looks nice. For now.

Am I the only developer in existence who's ever dealt with Git on Windows? What a colossal train wreck.

1. Authentication. Since there is no ssh key/git url support on Windows, you have to retype your git credentials Every Stinking Time you push. I thought Git Credential Manager was supposed to save your credentials? And this was impossible over SSH (see below). The previous developer had used an http git URL with his username and password baked in for authentication. I thought that was a horrific idea so I eventually figured out how to use a Bitbucket App password.

2. Permissions errors
In order to commit and push updates, I have to run Git for Windows as Administrator.

3. No SSH for easy git access
Here's where I confess that this is a Windows Server machine running as some form of production. Please don't slaughter me! I am not the server admin.
So, I convinced the server guy to find and install some sort of ssh service for Windows just for the off times we have to make a hot fix in production. (Don't ask, but more common than it should be.)
Sadly, this ssh access is totally useless as the git colors are all messed up, the line wrap length and window size are just weird (seems about 60 characters wide by 25 lines tall) and worse of all I can't commit/push in git via ssh because Permissions. Extremely aggravating.

4. Git on Windows hangs open and locks the index file
Finally, we manage to have Git for Windows hang quite frequently and lock the git index file, meaning that we can't do anything in git (commit, push, pull) without manually quitting these processes from task manager, then browsing to the directory and deleting the .git/index.lock file.

Putting this all together, here's the process for a pull on this production server:
Launch a VNC session to the server. Close multiple popups from different services. Ask Windows to please not "restart to install updates". Launch git for Windows. Run a git pull. If the commits to be pulled involve deleting files, the pull will fail with a permissions error. Realize you forgot to launch as Administrator. Depending on how many files were deleted in the last update, you may need to quit the application and force close the process rather than answer "n" for every "would you like to try again?" file. Relaunch Git as Administrator. Run Git pull. Finally everything works.

At this point, I'd be grateful for any tips, appreciate any sympathy, and understand any hatred. Windows Server is bad. Git on Windows is bad.

I was never a big fan of Github to be used within a company. So about 3 years ago where I used to work I implemented all the tools from Atlassian. Like litteraly all of them. And first I was stunned of the possibilities I had with Jira, Confluence, Bamboo and Bitbucket! But while self-hosting all thoose services you always felt, that Atlassian just bought all thoose companies and "threw them together"
BUT with newest features of Gitlab, I think they outperformed everyone! I absolutely love what they offer, even as a free service. They integrate all features in one product where you would otherwise relay on different products.
Whats important to you when it comes to VCS?

You cannot completely delete a windows service, as long as the services panel is open. The service stays undead and prevents any reinstallation until the services panel is closed.

Thanks Microsoft.
Separation of GUI and business logic does not apply here, because it's kernel logic, right?

But at least you're consistents, there is a similar issue with not installing USB drivers if the new hardware dialog is open.

So, in Germany apprentices at companies need to file a "Berichtsheft".
It's a thing where you have to file, for each day that is, what you did at work or in job college and how long you did it.

Basically every company keeps records of their employees activities in their CRM or other management system and all schools use services for keeping timetables that include lesson duration and activity.

So why the fuck do we apprentices have to write that shit ourselves when we could literally just acces the databases and SELECT THE SHIT FROM FILED_ACTIVITIES, I thought.

So I'm writing scripts to acces our CRM database and a puppeteer script now that scrapes the Untis (online timetable service for schools) timetables to extract everything, group it by date and format it nicely as CSV.

I'm sick of this: Digital system & Digital system = write it yourself bullshit.

Once I'm done I'll make a github repo for the Untis scraper.

Also, I'll be making the tools usable for the other apprentices at my company to spare them the suffering.

I remember someday from a few years ago, because i just got off the phone with a customer calling me way too early! (meaning i still was in my pyjamas)

C:"Hey NNP, why si that software not available (He refers to fail2ban on his server)
Me: "It's there" (shows him terminal output)
C: " But i cannot invoke it, there is no fail2ban command! you're lieing"
Me: "well, try that sudoers command i gave you (basically it just tails all the possible log files in /var/log ) , do you see that last part with fail2ban on it?
C: "Yeah, but there is only a file descriptor! nothing is showing! It doesnt do anything.
Me: "That's actually good, it means that fail2ban does not detect any anomalies so it does not need to log it"
C:" How can you be sure!?"
Me: "Shut up and trust me, i am ROOT"

(Fail2ban is a software service that checks log files like your webserver or SSH to detect floods or brute force attempts, you set it up by defining some "jails" that monitor the things you wish to watch out for. A sane SSH jail is to listen to incoming connection attempts and after 5 or 10 attempts you block that user's IP address on firewall level. It uses IPtables. Can be used for several other web services like webservers to detect and act upon flooding attempts. It uses the logfiles of those services to analyze them and to take the appropriate action. One those jails are defined and the service is up, you should see as little log as possible for fail2ban.)

So, I've been reading all this complaints about micro services which started to be loud thanks to the mad CEO of Twitter.
Keep reading but I am curious about your opinion as well

To me all the point of micro services has never been about improving the speed, in fact it might have a negative impact on the performances of an application. I think that given the calculation power we have nowdays, it's not a big deal

However on the other side, it makes all the rest so much easier.
When there's a problem on one service, I can just debug the given service without spending hours starting a huge slow turtle
If something goes down, it doesn't make unhealthy the whole app, and if I am lucky it's not gonna be a critical service (so very few people will be pissed).
I have documentation for each of them so it's easier to find what I am looking for.
If I have to work on that particular service, I don't have to go through thousands of tangled lines of code unrelated to each other but instead work on an isolated, one-purpose service.
Releasing takes minutes, not hours, and without risk of crashing everything.

So I understand the complaint about the fact that it's making the app run slower but all the rest is just making it easier.

Before biting my ass, I am not working at Twitter, I don't know the state of their application (which seems to be extremely complicated for an app deigned to post a bit of text and a few pictures), but in a company with skilled people, and a well designed architecture.

Everyone I tell this to, thinks it’s cutting edge, but I see it as a stitched together mess. Regardless:

A micro-service based application that stages machine learning tasks, and is meant to be deployed on 4+ machines. Running with two message queues at its heart and several workers, each worker configured to run optimally for either heavy cpu or gpu tasks.

The technology stack includes rabbitmq, Redis, Postgres, tensorflow, torch and the services are written in nodejs, lua and python. All packaged as a Kubernetes application.

Worked on this for 9 months now. I was the only constant on the project, and the architecture design has been basically re-engineered by myself. Since the last guy underestimated the ask.

When the CTO/CEO of your "startup" is always AFK and it takes weeks to get anything approved by them (or even secure a meeting with them) and they have almost-exclusive access to production and the admin account for all third party services.

Want to create a new messaging channel? Too bad! What about a new repository for that cool idea you had, or that new microservice you're expected to build. Expect to be blocked for at least a week.

When they also hold themselves solely responsible for security and operations, they've built their own proprietary framework that handles all the authentication, database models and microservice communications.

Speaking of which, there's more than six microservices per developer!

Oh there's a bug or limitation in the framework? Too bad. It's a black box that nobody else in the company can touch. Good luck with the two week lead time on getting anything changed there. Oh and there's no dedicated issue tracker. Have you heard of email?

When the systems and processes in place were designed for "consistency" and "scalability" in mind you can be certain that everything is consistently broken at scale. Each microservice offers:

1. Anemic & non-idempotent CRUD APIs (Can't believe it's not a Database Table™) because the consumer should do all the work.
2. Race Conditions, because transactions are "not portable" (but not to worry, all the code is written as if it were running single threaded on a single machine).
3. Fault Intolerance, just a single failure in a chain of layered microservice calls will leave the requested operation in a partially applied and corrupted state. Ger ready for manual intervention.
4. Completely Redundant Documentation, our web documentation is automatically generated and is always of the form //[FieldName] of the [ObjectName].
5. Happy Path Support, only the intended use cases and fields work, we added a bunch of others because YouAreGoingToNeedIt™ but it won't work when you do need it. The only record of this happy path is the code itself.

Consider this, you're been building a new microservice, you've carefully followed all the unwritten highly specific technical implementation standards enforced by the CTO/CEO (that your aware of). You've decided to write some unit tests, well um.. didn't you know? There's nothing scalable and consistent about running the system locally! That's not built-in to the framework. So just use curl to test your service whilst it is deployed or connected to the development environment. Then you can open a PR and once it has been approved it will be included in the next full deployment (at least a week later).

Most new 'services' feel like the are about one to five days of writing straightforward code followed by weeks to months of integration hell, testing and blocked dependencies.

When confronted/advised about these issues the response from the CTO/CEO
varies:

(A) "yes but it's an edge case, the cloud is highly available and reliable, our software doesn't crash frequently".
(B) "yes, that's why I'm thinking about adding [idempotency] to the framework to address that when I'm not so busy" two weeks go by...
(C) "yes, but we are still doing better than all of our competitors".
(D) "oh, but you can just [highly specific sequence of undocumented steps, that probably won't work when you try it].
(E) "yes, let's setup a meeting to go through this in more detail" *doesn't show up to the meeting*.
(F) "oh, but our customers are really happy with our level of [Documentation]".

Sometimes it can feel like a bit of a cult, as all of the project managers (and some of the developers) see the CTO/CEO as a sort of 'programming god' because they are never blocked on anything they work on, they're able to bypass all the limitations and obstacles they've placed in front of the 'ordinary' developers.

There's been several instances where the CTO/CEO will suddenly make widespread changes to the codebase (to enforce some 'standard') without having to go through the same review process as everybody else, these changes will usually break something like the automatic build process or something in the dev environment and its up to the developers to pick up the pieces. I think developers find it intimidating to identify issues in the CTO/CEO's code because it's implicitly defined due to their status as the "gold standard".

It's certainly frustrating but I hope this story serves as a bit of a foil to those who wish they had a more technical CTO/CEO in their organisation. Does anybody else have a similar experience or is this situation an absolute one of a kind?

!rant

So I have bought a new laptop and this time instead of straight up booting linux I had an idea of giving micro$oft a try, so I have decided to use only their services for 2 weeks.

To be honest, I really did not expect windows to use do much cpu and hdd during updates and background tasks, but after a day it was ok and windows feels snappier than during my last encounrer (maybe cause the new hw?).

I was even so dedicated that I started to use cortana and I have to tell, that she is dumb as fuck, since she fails to understand even the basic tasks and if u want something advanced, she refers to the next update. But boy, tell her to open Visual Studio and she asks if you want VS Code or Visual Studio, which seems great. But my response was 'Code' then she insisted that I said Coke. Im like OK, Im not native english speaker, lets try Visual Studio Code, where she told me that there is no such thing and Spelling VS - Code ended me in bing search for Unesco :/

I really want to like Cortana, she has nice name, nice history, but she is like that A girl from class, who looks gorgeous, has great voice, but then u reallise that she just eats a book before exam and after that she is that dumb basic hoe.

I also gave a shot to Bing and Edge. Bing is something between Google and DuckDuckGo, since it gives you a liiitle less results from search history, yet if you want to find something in different language its even possible to tell you that what are you trying to find does not exist.

But I have to tell, that I like Edge and I mean it. Like... Its fast and has some good features, like pushing all your open tavs away, so you can open them Later. It also does not have that stupid ass feature that lets you control tab from left to right, not by chronological order, so you wont end up in infinity loop of 2 tabs. And even if people make fun of M$ trying to convince you to use Edge by being too aggresive. God go on edge and try to use some Google Service(You still dont use chrome?!).

I also tried to play with .Net core and I have to tell that against java they are a bit further. I liked some small features, but what I just simply loved was rhe fucking documentation. You basically dont need google, sincw they give you examples and explain in a human way.

What I didnt quite get was the 'big' Visual Studio. Tje dark theme to me feels strange(personal and irrelevant). Why the hell I do need to press 2 shortcuts to duplicate line?! Why is it so hard to find a plugin to give me back my coloured brackets and why the fuck it takes like a second to Cut one line of code on a damn i7?!

Visual studio Code was something different. It shows how dark theme should be done, the plugin market is full of stuff and the damn shortcuts are not made for octopi. So I have to recommend it ^^.

I even gave a shot to word and office as a whole and fuck I never knew that there are so many templates. It really made my life easier, since all you need to do is find the right one in the app, instead of browsing templates online, where half of them are for another version of your text editor.

Android Launcher was fast, had a clever widget of notes and the sync was pretty handy to be honest so I liked that one as well.

What made me furious was using the CLI. Godfucking damn what the fuck is ipconfig?! :/

Last thing what made me superbhappy was using stuff without wine and all of the addional shit. Especially using stuff like Afinity Designer and having good looking apps in general. I mean Open source has great tools l sometimes with better functionality. But I found out, that what is pleasure to look at, is pleasure to work with.

To Summarize a bit.

It wasnt that bad as I expected. I see where they are heading with building yet another ecosystem of It just works and that they are aiming at professionals once again.

So I would rate it 6/10, would be 7 if that shit was Posix compatible.

I know that for Balmer is a special place in hell... But with that new CEO, Microsoft at the end may make it to purgatory..

Allright, so now I have to extend a brand new application, released to LIVE just weeks ago by devs at out client's company. This application is advertised as very well structured, easy to work on, µservices-based masterpiece.

Well either I lack a loooot of xp to understand the "µservices", "easy to work on" and "well structured" parts in this app or I'm really underpaid to deal with all of this...

- part of business logic is implemented in controllers. Good luck reusing it w/o bringing up all the mappings...
- magic numbers every-fucking-where... I tried adding some constants to make it at least a tiny bit more configurable... I was yelled at by the lead dev of the app for this later.
- crud-only subservices (wrapped by facade-like services, but still.. CRUD (sub)services? Then what's a repository for...?). As a result devs didn't have a place where they could write business logic. So business logic is now in: controllers (also responsible for mapping), helpers (also application layer; used by controllers; using services).
- no transactions wrapping several actions, like removing item from CURRENT table first and then recreating it in HISTORY table. No rollback/recovery mechanism in service layers if things go South.
- no clean-code. One can easily find lines (streams) 400+ cols long.
- no encapsulation. Object fields are accessed directly
- Controllers, once get result from Services (i.e. Facade), must have a tree of: if (result instanceof SomeService.SomeSubservice1.Item1) {...} else if (result instanceof SomeService.SomeSubservice2.Item4) {...} etc. to build a proper DTO. IMO this is not a way to make abstraction - application should NOT know services' internals.
- µservices use different tables (hats off for this one!) but their records must have the same IDs. E.g. if I order a burger and coke - there are 2 order items in my order #442. When I make a payment I create an invoice which must have an id #442. And I'm talking about data layer, not service or application (dto)! Shouldn't µservices be loosely coupled and be able to serve independently...? What happens if I reuse InvoiceµService in some other app?

What are your thoughts?

Ugh am so done with linux.

I dualbooted ubuntu 16.4 LTS alongside win10 on my new laptop 3 years ago. Back then , the whole os and kernel stuff were new for me, but once i understood how things work in it, i always found linux to be a superior alternative for doing any development related task than windows.
The way terminal gives us sheer raw power to handle services and applications ourselves makes everything easy in linux.

Wanna run a lamp server? Install all parts by yourselves. Problems with the lamp server? You are just 1 command away to know which service/package is causing issue. Some python module fucked up? You can go on checking every package present anywhere on your disk. No permissions? Sudo.

But recently i got so much fed up of its gui. I have gone from 16.4 to 18.4 to 20.4 , but no version seems to handle multiple gui s/w running parallely .
I usually have the requirement to open 2-3 windows of chrome with 30-40 tabs, 1-2 projects of Android studio and studio emulator. But this shit blows even with just 1 project open on studio and nothing else! The even the keyboard and mouse gets stuck when i studio is making a built.
And don't get me started on how slow my system becomes when switching b/w AS and chrome :''( . Maybe there's issue with the dual boot or because i gave very large swap/root partitions when i first dualbooted or something else , but i am in so much pain :/

Finally i went back to win10 a month ago and was a little surprised to find that it sucks a little less now. Aside from the ugly forceful updates, it has been a breeze for working . The builds take longer time (fuck windows defender), but My Android studio (and everything else) does not lag when switching between multiple processes. I even once ran an emulator instance and it was still working fine . The process management of windows is very good.

I have heard that mac is kind of in middle of the 2 and better than both providing rich process management and powerful terminal commands . Waiting for the day when i have enough money(or no longer require my kidney) to buy and maintain a MacBook :/

Dear online services, shops etc.

I already use your service. You have no need to advertise it to me, and I know I opted out of that. Any reminder that I'm missing out and should opt in to marketing, even if it's described as a service/operational message, will itself get reported as spam. Because it explicitly is, by its own confession.

!dev

I hate every private package delivery service!
I ordered two things from the same shop. The first delivery came on Monday and because I wasn't home I got a notice which said I have to get the package from the pickup shop right around the corner. So far, so good.
Second delivery should come on Wednesday. I wasn't home again, so I got a notice to get the delivery from the pick up store....30 MINUTES AWAY!
Because the delivery should be quite heavy, I organized a friend with a car to help me.
At the pickup store I I got the package and it wasn't as heavy as I expected.
At home I opened the package and noticed that stuff is missing. In my order email a discovered, that there should be two package.
Slightly pissed off I drove back to the pickup store to get the other package, but it wasn't there.
Because the the delivery guy brought it to another pickup store...30 MINUTES AWAY IN THE OPOSITE DIRECTION OF MY HOME! WITHOUT A NOTICE!
And of course the shop was closed at this time :[
This wasn't the first time stuff like this happened with private delivery services. I cannot understand why people are ranting about the state postal service and prefer those private companys.

Today I spent 9 hours trying to resolve an issue with .net core integration testing a project with soap services created using a third party soap library since .net core doesn't support soap anymore. And WCF is before my time.

The tests run in-process so that we can override services like the database, file storage, basically io settings but not code.

This morning I write the first test by creating a connected service reference to generate a service client. That way I don't need to worry about generating soap messages and keeping them in sync with the code.

I sent my first request and... Can't find endpoint.

3 hours later I learn via fiddler that a real request is being made. It's not using the virtual in-process server and http client, it's sending an actual network request that fiddler picks up, and of course that needs a real server accepting requests... Which I don't have.

So I start on MSDN. Please God help me. Nope. Nothing. Makes sense since soap is dead on .net core.

Now what? Nothing on the internet because above. Nothing in the third party soap library. Nothing. At this point I question of I have hit my wall as a developer.

Another 4 hours later I have reverse engineered the Microsoft code on GitHub and figured out that I am fucked. It's so hard to understand.

2 more hours later I have figured out a solution. It's pure filth..I hide it away in another tooling project and move all the filth to internal classes :D the equivalent of tidying your room as a kid by shoving it all under the bed. But fuck it.

My soap tests now use the correct http client with the virtual server. I am a magician.

Friendly reminder to trim your services list with msconfig if using Windows. Services that are STOPPED are not DISABLED, and they can be brought back up when just stopped, sometimes remotely.

(This reduces chances of being bitten by malware that uses the Fax service or similar, as there are a few that have in past used often-unused services to propagate. It also reclaims a small bit of memory, and the more real memory you have, the less you page out when compiling or similar, which is slow as fuck.)

also for the love of god stop using RDP and use something that's more penetration-proof than a paper plate...

Oh the joys of working with an Enterprise customer.

Background:
Discussion about service architecture with me, development architect (ArchDev) and integration architect (ArchInt). The topic arises of needing to access int. segment systems for a public facing cloud application.

Me: so we'll just need a s2s vpn and then we can just create a route and call the services normally.
ArchDev: sounds good to me, it will take a few months to get that set up
ArchInt: we done need that, we can just use the gateway and then route all the requests through the ESB.
Me: 😕 do you mean the service gateway?
ArchInt: (drops bomb) no, we decide that all API should be implement in ESB, so ESB will handle traffic
Me: *pauses, steps up to the whiteboard, does latency math* setting aside the fact that isn't how ESB's work, that will add at least 700ms latency to each request.
ArchInt: well that is fine for enterprise, things not usually as fast in enterprise you must expect slowdown to be safe
ArchDev: *starts updating resume on the ladders
Me: 💀🔫

This is the single most important question of the year:
Where is a good Minecraft server service that can run FTB Modpacks?
My options are:
1 - A dedicated linux box with Minecraft management software with a port open to the world.
2 - Purchase a vps or something similar to host MC.
I have done 1, and it worked pretty well. It ran on a tiny A8 processor with 8GB ram and an SSD. I see services and they cost like 15 to 20 a month and seem like they are awfully stingy on storage. I can get an enterprise server for 30 a month, but I just asked (my webhost, who I really like) and they said they cannot run Minecraft servers. They said I would need a vps, and they don't have them yet. So I could dig around for a vps service and that is an option. I am really wary of "minecraft" branded services as many are outright ripoffs.

Thoughts? Successes? Just do it myself?

Why the fuck is everyone behind this whole privacy thing . I mean what did you expect , servers do cost... you know . No one wants to provide you a service to chat with your shit collecting butler in the adjacent room unless it's going to benefit them .

Stick your face on the internet and want people to date you ?

Understand that your virtual social needs need to be supported by a ridiculous amount of electricity and man power which wouldn't be required if you could just throw out your rotting willie nilles in the open .

All this isn't fucking free .. wait were you shocked ? Oh so you just thought there were a few thousand servers powering buckets of pictures of horse poop that you for some reason thought your girlfriend was interested in . NO!

IT'S PRIVACY you are paying with your gaddamn privacy !! Information pays just like the time you paid a 100 bucks to the boyfriend of your girlfriend to find out more details .

Ridiculous . You people don't like ads . You don't like paying . You don't like providing information . THEN DON'T USE THE DAMN INTERNET .

IF YOU'RE REALLY THAT CONCERNED ABOUT YOUR PRIVACY THEN SPEND SOME VALUABLE TIME TO ACQUIRE ENOUGH OF A SKILLSET TO SETUP A VPN AND STOP POSTING YOUR PHONE NUMBER ON YOUR EX'S WALL ASKING HER TO CALL YOU.

One more honest thing to rant about is ads . As much as you hate them they're an easy way out . I'm not sure why a 20 second ad would bother you on mobile and not on television and I'm not sure why you wouldn't buy the ad company and shut it down if 20 seconds were so costly to you .

I want to rant even more on uninstalling services like Windows and Google for stupid reasons but I'll take a break here . My frustration has touched low levels.

Another 'fun' rant

Wrote a new server application and got the request from customer services to make it compatible with a slightly older DB version.

Today, CS asked me to install everything on the customer's test environment so I made a build and installed it there.

Wanted to run the service, no .Net framework 4.7.1 installed. Fine, download the installer ...

Start installing .Net framework 'unsupported OS'. Started looking into it. Customer is still running an old unsupported Windows Server 2008 ...

Asked some colleagues whether this was normal. Apparently, yes.

Seems CS isn't capable of telling customers to at least have a supported windows version when they want our software. As if security issues due to people here not understanding TCP/IP isn't enough, we now have security issues due to old, unsupported Windows versions.

Note to self: never trust anyone who says that 'security is the most important thing in our software enviornment'.

So I was looking into phone app development again (as you do) and I'm working on a simple QoL app for me and my SO that will help us automate some home management and finances stuff. Naturally I delved down the rabbit hole deep and wanted to have push notifications so we don't have to check the app periodically to know when certain things happen... Oh boy... Why is mobile development so convoluted, especially if you don't want to rely on Google Services...

It seems that the most accepted way of doing this is Firebase (FCM). Well me being me, I refuse to use google services for this and I prefer self hosted solutions (for data privacy reasons) which eliminates most products out there.

It also didn't help that my framework of choice is Flutter/Dart, because fuck Android Studio and the insane buggy XML stuff and fuck Android and it's constantly changing APIs...

Well In the end I decided on a rather simple solution and self hosted an AMQP service (RabbitMQ in my case, as I have some experience with it already) and implemented a foreground service in android platform specific code on top of my flutter project to kickstart it and made my phone a queue listener... This now means I can push notifications from my server to the Messaging Queue and it will be pushed into my App automatically!

One thing I found out on this journey was that Android now kills most background services and enforces foreground services to have a visible notification in the status drawer... which I actually approve of. It's a bit annoying that you can start a reliable background service, but I'm absolutely on-board with long running processes started by my apps are constantly visible...

Long story short, I love reinventing all the wheels, especially if it's for free and private... And I also went to sleep at 2AM again because this took longer that I'd like to tune... but it works, and it's google free...

I'm thinking of trying to package this up as a flutter module later, but first I want to do testing on battery life and the general life cycle of the service. RabbitMQ says they have the client library optimized for long-lasting connections and it should be just using a tcp socket, which should pretty much be what all the push notification services are doing anyway. I'm also not completely satisfied with how the permanent notification looks.. it isn't collapsible like some of the other ones from other apps and it's about 2 lines high instead of single line... which is something quite annoying and I'm struggling to find any relevant docs on how this is done other than possible making a custom Notification Style... but I just can't believe that everyone is doing that.. there must be a built-in somewhere -_-... Ugh Android is hell...

Anyway, if any android devs here have some hints, tips and tricks on how to handle this type of background/foreground process stuff and I'm doing something wrong let me know, cause googling this shit is a nightmare too!

Imagine you're in a company, one year in now. You've tried your best to amass as much knowledge of legacy services as you can (specially given no documentation) and you think you've done the best you can.

Now imagine your manager is upset that you haven't gotten as much domain knowledge as an engineer who's been in the team for five years now. Then also imagine that your manager whenever asked about specific product or tech or any knowledge on a service just keep tagging the 5 year engineer. If he ever gives an update in slack on any incident, he doesn't read what everyone has written in the channel so far, but invites the team on a call, and asks them to verbally tell him what to write as an update so as to show he actually understands it all and is showing leadership. What do you do?

Also I've read a good manager let's his team self function without any micromanaging but I feel this is literally hypocritical (lack of knowledge comparison) and useless of him to essentially making no decisions or understanding anything without pointing fingers. What would you all do about this kind of manager, or am I just inexperienced and maybe not seeing what he's actually doing and contributing.

So today I got to see one of the most stupid architectural choices I have ever seen.

They have a service-oriented architecture. Mainly Python and Elixir.
A lot of computation goes in the Python services.

And the Elixir services as used to expose RestApi. Basic ones, basically DB proxies.

Not a lot of async, or communication... Just plain CRUD.

Why the fuck do you use Elixir for that?? And now they can't recruit someone... And the CTO doesn't get why it was a stupid choice!!!

And in python, they use async functions with sync DB APIs...

What's the difference between Spring Cloud and Boot? And what's a good book to learn either?

And I guess Spring as well. Is that a pre-req? I'm not familiar with much other than Bean and Context and not sure how AutoWired exactly works...

One project I have is to build an REST service but with subservices, and their replicas, handling different paths and on Openshift.

So these sub services need to be independently started but discoverable by the routing app(s).

Not sure how many layers but basically when a call hits the Router, depending on the path in the URL it sends the request to the appropriate subservices

My answer to their survey -->

What, if anything, do you most _dislike_ about Firebase In-App Messaging?

Come on, have you sit a normal dev, completely new to this push notification thing and ask him to make run a simple app like the flutter firebase_messaging plugin example? For sure you did not oh dear brain dead moron that found his college degree in a Linux magazine 'Ruby special edition'.

Every-f**kin thing about that Firebase is loose end. I read all Medium articles, your utterly soporific documentation that never ends, I am actually running the flutter plugin example firebase_messaging. Nothing works or is referenced correctly: nothing. You really go blind eyes in life... you guys; right? Oh, there is a flimsy workaround in the 100th post under the Github issue number 10 thousand... lets close the crash report. If I did not change 50 meaningless lines in gradle-what-not files to make your brick-of-puke to work, I did not changed a single one.

I dream of you, looking at all those nonsense config files, with cross side eyes and some small but constant sweat, sweat that stinks piss btw, leaving your eyes because you see the end, the absolute total fuckup coming. The day where all that thick stinky shit will become beyond salvation; blurred by infinite uncontrolled and skewed complexity; your creation, your pathetic brain exposed for us all.

For sure I am not the first one to complain... your whole thing, from the first to last quark that constitute it, is irrelevant; a never ending pile of non sense. Someone with all the world contained sabotage determination would not have done lower. Thank you for making me loose hours down deep your shit show. So appreciated.

The setup is: servers, your crap-as-a-service and some mobile devices. For Christ sake, sending 100 bytes as a little [ beep beep + 'hello kitty' ] is not fucking rocket science. Yet you fuckin push it to be a grinding task ... for eternity!!!

You know what, you should invent and require another, new, useless key-value called 'Registration API Key Plugin ID Service' that we have to generate and sync on two machines, everyday, using something obscure shit like a 'Gradle terminal'. Maybe also you could deprecate another key, rename another one to make things worst and I propose to choose a new hash function that we have to compile ourselves. A good candidate would be a C buggy source code from some random Github hacker... who has injected some platform dependent SIMD code (he works on PowerPC and have not test on x64); you know, the guy you admire because he is so much more lowlife that you and has all the Pokemon on his desk. Well that guy just finished a really really rapid hash function... over GPU in a server less fashion... we have an API for it. Every new user will gain 3ms for every new key. WOW, Imagine the gain over millions of users!!! Push that in the official pipe fucktard!.. What are you waiting for? Wait, no, change the whole service name and infrastructure. Move everything to CLSG (cloud lambda service ... by Google); that is it, brilliant!

And Oh, yeah, to secure the whole void, bury the doc for the new hash under 3000 words, lost between v2, v1 and some other deprecated doc that also have 3000 and are still first result on Google. Finally I think about it, let go the doc, fuck it... a tutorial, for 'weak ass' right.
One last thing, rewrite all your tech in the latest new in house language, split everything in 'femto services' => ( one assembly operation by OS process ) and finally cramp all those in containers... Agile, for sure it has to be Agile. Users will really appreciate the improvements of your mandatory service.

So Microsoft and github...

You can always host gitlab youreself if you är concerned about someone else running the service. I did some years ago. But the question is why not use the free services? I'll stay using github or gitlab as long as it's free... I use VSTS att work and have no problem using Microsoft products as long as they do what they är suposed to...

But if youre reely upset. The community edition of gitlab is free so you can host youre own instance in youre basement or in a cloud... AWS, GCP, Azure... Then you own the data.

I got a fuzzy understanding of differences between Platform as a Service (PaaS) , Infrastructure as a Service (IaaS), and Software as a Service (SaaS).

I wanted you guy to clarify it for me. For me

IaaS = You choose how much RAM , CPU , Storage you wanted and the provider create the OS for you by virtualization technology and you can do whatever you want on that OS

PaaS = The provider said here is a services (database , docker ,---etc) we offer to help you develop your own software. You use the service we offer and we charge you by how much you use our service.

SaaS = The provider said here is the complete software. You can just use the software and we charge you how many request you send or how many data you store,--etc.

Is the differences between IaaS and dedicated server is that in IaaS you may share the server with other client by virtualization and dedicated server give you the whole server?

I have a dream that one day companies will understand that most people who pirate music/movies/games etc. do it because they don't have enough money or because they can't get them any other way. They don't lose money, as those people are not able to buy their products anyway, instead, they gain supporters and possible future clients. Piracy is one of the reasons Windows is the king OS(prove me wrong...) and also the reason Game of Thrones is the most popular show on the planet. Instead of hunting torrent site founders maybe they could, I don't know, build great and cheap services. Spotify is such a service, no reason to pirate music anymore, but everything else still lies in the middle ages...

This may be the most beautifully succinct service doc intro sentence I've ever written...

working on a shell library with the business logic for an Angular "white label" app workspace, and `ShellService` just got introduced as:

"this service serves to serve all other services.."

me thinks today is a good day for coding. 😎

I'm in need of advice. I reckon this is no stack overflow but that's probably for the best as I wouldn't feel as comfortable posting there as I am doing it here. So, back to the question: I'm currently working with legacy code, written in .NET 2.0. This code is responsible for calling upon PEC services in order to finally create personal smart cards. I was tasked with the job of creating a repository system that would allow the program to call on the old legacy services or the new ones without any distinction. We are talking about SOAP services in both cases. The issues is: the new service definition is comprised of soap policies. This wouldn't be a problem per se, with more modern version of the framework, but with .NET 2.0? Yes, it is. It doesn't support policies and signing the body with a certificate right out of the box. How can I manage this? I feel like the only way would be letting the proxy class do its thing up until the very last moment: intercept the SOAP request before its sent and modify it according to the specifications. But I reckon this is very bad practice. Is there any other way out of this?

Thanks for anyone that would like to help. 🙂

Wanted to add alerting for systemd services in Prometheus today, which spontaneously turned out to be a huge pain in the lower human backend.

For some reason, on Ubuntu 16.04 systemd adds services without unit files for software, that isn't even installed on the damn server (in this case for mysql-server / mysql-common and mysql-client are installed) and lists them as "not-found" and "inactive". The prometheus node exporter that we use, has a little bug in the systemd collector that makes sure that the states of *all* services are collected - even those without a unit file.

so those metrics are pulled by prometheus and now I have to take with those faulty metrics in the condition logic of the alert, because I'm trying to trigger that one on a service which is listed with state "active" = 0 or "failed" = 1.

now guess. right! If the unit file doesn't exist, the regarded systemd service is marked as "inactive", which is another possible state of the metrics in the node exporter. the problem is that the value 1 for state "inactive" means, that "active" has the value 0 (not even wrong) and the alert is triggered.

so systemd fucks up somehow, the node exporter collector fucks up because systemd fucked up and I have to unfuck this with some crazy horse shit logic. w.t.f. to that.

the only good news is, that it works like a charm on Ubuntu 18.04, as far, as I can tell.

while writing this little rant, I thought of a solution.
I could try to change the alert condition to state "active" = 0 AND "failed" = 1.. but that will wait till tomorrow.

one does not simply patch monitoring conditions at midnight..

Relatively often the OpenLDAP server (slapd) behaves a bit strange.

While it is little bit slow (I didn't do a benchmark but Active Directory seemed to be a bit faster but has other quirks is Windows only) with a small amount of users it's fine. slapd is the reference implementation of the LDAP protocol and I didn't expect it to be much better.

Some years ago slapd migrated to a different configuration style - instead of a configuration file and a required restart after every change made, it now uses an additional database for "live" configuration which also allows the deployment of multiple servers with the same configuration (I guess this is nice for larger setups). Many documentations online do not reflect the new configuration and so using the new configuration style requires some knowledge of LDAP itself.
It is possible to revert to the old file based method but the possibility might be removed by any future version - and restarts may take a little bit longer. So I guess, don't do that?

To access the configuration over the network (only using the command line on the server to edit the configuration is sometimes a bit... annoying) an additional internal user has to be created in the configuration database (while working on the local machine as root you are authenticated over a unix domain socket). I mean, I had to creat an administration user during the installation of the service but apparently this only for the main database...

The password in the configuration can be hashed as usual - but strangely it does only accept hashes of some passwords (a hashed version of "123456" is accepted but not hashes of different password, I mean what the...?) so I have to use a single plaintext password... (secure password hashing works for normal user and normal admin accounts).

But even worse are the default logging options: By default (atleast on Debian) the log level is set to DEBUG. Additionally if slapd detects optimization opportunities it writes them to the logs - at least once per connection, if not per query. Together with an application that did alot of connections and queries (this was not intendet and got fixed later) THIS RESULTED IN 32 GB LOG FILES IN ≤ 24 HOURS! - enough to fill up the disk and to crash other services (lessons learned: add more monitoring, monitoring, and monitoring and /var/log should be an extra partition). I mean logging optimization hints is certainly nice - it runs faster now (again, I did not do any benchmarks) - but ther verbosity was way too high.

The worst parts are the error messages: When entering a query string with a syntax errors, slapd returns the error code 80 without any additional text - the documentation reveals SO MUCH BETTER meaning: "other error", THIS IS SO HELPFULL... In the end I was able to find the reason why the input was rejected but in my experience the most error messages are little bit more precise.

macOS - just nothing makes sense.

You try to go away from the deprecated stuff, use the new shinier API to stop and start services with launchctl (bootstrap/bootout vs. load/unload). And how does this stellar OS thank you for that? By crashing your service. Thanks for nothing.

From developer perspective this whole OS is just such a nightmarish clusterfuck. If you want to set up code signing with some special entitlements and you try to use the provisioning profiles as advertised, it's like pulling the one-armed bandit. It will plunder your coins and sanity. You try to compile it, it fails or the executable will be killed - you enable and disable the automatic codesigning in Xcode, or delete and download you old code signing cert and suddenly it works. It's just random - and you have to perform random walks on the Xcode project settings to make it run. So Apple turned us into Xcode clicking monkeys...

Being a webdev has ruined my ability to use any website/online service. Does this happen to anyone else? I invariably end up sending the developer a stack of feature requests and suggestions as I'm sat there thinking "I could do this better!"

Ofc in truth I may be able to do that one part better (usually bits around making the experience as simple and fluid as possible for users), but I wouldn't be able to do other parts half as well. I wonder if I built services like that I would have some annoying git emailing me with all the things they think I've missed... ;-)

Not a horror. I'm rewriting services.

It started as a help request. I was asked to help with completing a service dealing with push notifications which was a research prototype. It was suggested to keep core part of it, but it was so awful that I just removed all files and wrote the service from scratch.

The second service had been developed for more than a year by a junior and then by our manager who wanted to complete it as fast as possible, without taking care of code quality. Then I was asked to take over the project and after some time I agreed with one condition: I'll have 1 month on takeover. But when I looked at the code, it became clear that it's much faster and better to rewrite everything except API and database than to takeover existing code.

The third service dealing with file exchange was working, but the junior who wrote it advised to rewrite it because it was a very simple service. So, I initiated rewriting, designed a new API and reviewed the final result.

And now I'm dealing with the fourth one. It was developed in my team but not under control. Now, when I "inherited" this complicated project, I decided to rewrite it because it should be simple, but it doesn't. It features reflection, layers inside layers, strange namespaces, strange solution structure. And that's after months of refactorings and improvements. So, wish me luck because I want to keep part of the infrastructure, but I don't know if it's possible.

Visual Studio's intellisence recommending me NOT to use

ISomeService = new Service() and just Service coz the latter is faster (these are non-DI services)

is giving me a wierd anxiety. I'd prefer to stick to exposing Interfaces just as a convention but the constant💡is killing me :v
//I know the actual performance difference is neglible, but retarded mind still focuses on it even if I dont want it to

Sorry, I'm very stupid and know nothing about cloud development.

My need: I have a php code I want to put in cloud and launch as a task every N minutes automatically until I decide to stop it.

What is the best solution to do it, do you know some good services that allows me to do it easily, quickly and affordably?
For ex. "Heroku" allows me to do something like that?

Thanks in advance, I would really like to learn this part of software development I never touched in my life.

P.S. It's not a service I want to put online with access for users, it's just a "script" I want to have running on a server until I'm done.

Some background:

About 2 months ago, my company wanted to build a micro service that will be used to integrate 3 of our products with external ticketing systems.

So, I was asked to take on this task. Design the service, ensure extendability and universality between our products (all have very different use cases, data models and their own sets of services).

Two weeks of meetings with multiple stakeholders and tech leads. Got the okay by 4-6 people. Built the thing with one other guy in a manner of a week. Stress tested it against one ticketing service that is used in a product my team is developing.

Everyone is happy.

Fast forward to last Thursday night.

“Email from human X”: hey, I extended the shared micro service for ticketing to add support for one of clients ghetto ticketing systems. Review my PR please. P.S. release date is Monday and I am on a personal day on Friday.

I’m thinking. Cool I know this guy. He helped me design this API. He must’ve done good. . . *looks at code* . . . work..... it’s due... Monday? Huh? Personal day? Huh?

So not to shit on the day. He did add much needed support for bear tokens and generalized some of the environment variables. Cleaned up some code. But.... big no no no...

The original code was written with a factory pattern in mind. The solution is supposed to handle communication to multiple 3rd parties, but using the same interfaces.

What did this guy do wrong? Well other than the fact that he basically put me in a spot where if I reject his code, it will look like I’m blocking progress on his code...

His “implementation” is literally copy-paste the entire class. Add 3 be urls to his specific implementation of the API.

Now we have

POST /ticket
PUT /ticket
POST /ticket-scripted
PUT /ticket-scripted
POST /callback

The latter 3 are his additions... only the last one should have been added in reality... why not just add a type to the payload of the post/put? Is he expecting us to write new endpoints for every damn integration? At this rate we might as well not have this component...

But seriously this cheeses me... especially since Monday is my day off! So not only do I have to reject this code. I also have to have a call now with him on my fucking day off!!!!

Arghhhhhh

One of the reasons why I wanted to become a software developer is because I see so many products or services taking the easy way out, at the cost of killing customer expectations. For example, I was told about JobTrack.io, which is supposed to help manage job searching by keeping track of applications and their statuses. But almost as quickly as I was told, my mind goes into automatic promise defense mode. And rightfully so, because the service turned out to be almost as monotaneous as the job search itself! Not as seamless as I'd need it to be to get started right away.

Now, maybe there's a slight chance I don't know wtf I'm talking about here. But, what's stopping this product from using an email client that runs server side, to interface with the user's main inbox, to run sentiment analysis on emails for detecting job application submissions? Such functionality would obviously need permission from the end user, so there are no surprises that some 3rd party app is sorta kinda monitoring your emails. And of course measures should be taken to avoid detecting anything beyond the contextual lines of: "Thank you for applying to so and so", or "We've recieved your application! Next steps".

Present those detections to the user to confirm. And do the same thing for rejections and offers. Shouldn't be that hard especially when most sites these days allow you to sign in with Google, and that Google marks these particular emails as "Important"; which further filters the detection process, and partially does JobTrack's job for them.

Honestly, I think the app has promise, and hope this is just a case of starting off small.

Maybe not as much a question as a request for advice.

What I'm looking for is a free website hosting service that preferably lets you import your own source code. If it's got paid services for access to things like your own custom url and such, that's just fine. :) It's a for a hobby group project with people that aren't necessarily programmers in any way.

What we've checked so far is just Svenska Domäner, which have a site builder tool, but the custom source code feature is a paid service.

Since there's so much to choose from in this field I thought I'd check with some of the people I trust the most in these kinds of things. :) Any good suggestions?

Before he began dropping the 20K proposed to remodel my flat, I told my father I much preferred a contractor who was recommended by someone I knew, as opposed to using a big corporation like Home Depot. FAMOUS LAST... a neighbour in my building highly recommended the contractor we chose. And, week 7 [or is it 8?] of what was proposed to take no longer than two weeks has begun afresh!
On Friday the fellow who is the owner of the contract remodeling company was here touching the paint. He was here because I forbade the two painters he sent to do the initial painting job.
My internet cut out suddenly around 1300 Friday. He set to leave for the weekend shortly after that. I mentioned the outage to him. The essence of his reply was that there was no way it could have had anything to do with him. The following day, my internet provider sent a tech out to diagnose the problem. What was the problem? The head of the remodeling firm removed a face plate from the wall where there were telephone wires and disconnect them when he tore the wires as he replaced the face plate.
Although the tech told me he wasn't going to charge my account the $85.00 fee for his services because the outage was caused within my flat, I wish to be sure of this. Which brings us to the punchline.
My internet provider is a lame ass business model, dreamed up by a squint-eyed ex-circus monkey, never well endowed in the top story, and now just plain sad.
There were some 911 outages in Washington State last Thursday night. All during the day Friday when you dialled their freephone #. the recorded announcement, before saying anything else, told you they were experiencing heavier than usual call volumes, and my wait would be greater than `10 minutes. Fine. What fried my La Croix silk was that after their customer service dept closed for the weekend, that outgoing message remained.
Today, I wanted to contact my provider to see if they would know if the $ was going to be charged to my account. After pressing the 'send' key, my computer came back with an error message, saying they were having technical difficulties. So, I went on over to the 'chat' page. There's nothing to click on to take me to this enfabled location. So, can't reach them by phone unless I want to hear, every 30 seconds whether or not I wish to, how sorry they are for my delay.
A few years ago I would've used this as an excuse to have a technicolour meltdown. The reason I'm posting this is that I am now able to see beforehand what I'll be doing to myself getting upset over the circumstances. When I do reach somebody, I'm going to tell them as lightly as possible, that if they were an airline, I wouldn't board any of their aircraft. Ever.

Can you start services manually when using docker compose?

As in having container A, B and C with an executable A, B and C (originating from the same source btw) where I can start/stop A, B, C independently?

All examples seem to use it as a whole thing where all containers must be up for the service to work.

!rant
Does anybody use SomaFm as their daily driver? It's an online curated radio service. They have a very interesting list of channels and each channel is curated. They have channels from metal to alt rock to electronica to trance to folk.

I have recently discovered them and loving it. Clementine has SomaFM in its list of internet services. That's how I discovered them.

could anyone help me calculating costs for AWS and Google Colab Services? I find it quite intransparent...

i would like to host 1x Python App which runs once a day or week (API call, enrichment uf JSON, JSON 2 CSV, FTP transfer). runtime is probably a few seconds, something between 1 and 5.

in AWS i created a Lambda function and for scheduling i guess i need CloudWatch. what really grind my gears is the combination of free contingent and paied service - i really don't have an overview right now, so my question here: how could i calculate it and what would be the monthly/yearly costs?

in Google Colab created a notebook and for scheduling i would need Google Cloud Scheduler. as far as i understand the hosting of the notebook is for free and the costs of cloud scheduler is $0.10 per job per project per month. 3 are for free. so 1 project, 1 job = scheduler for free?

Also, i'm open for other services such as digital ocean droplets or similar.

thx in advance for your help!

I used parse-server and services back when it was a web service at an internship, just loved the way it did things it did. Backend as a service was new to me as a mobile application developer. 5 years down the lane. My first go-to backend is Parse. I know firebase does XYZ things better. But I love the simplicity and openness of parse.
Community picked up parse as a self hosted open source service and its still going strong.

Just love the possibility of starting a mobile project and not having to worry about setting up a whole web service to cater to it.

AWS offers a wide range of services that can be used to automate your IT operations. Some of the most popular services for automation include:

*AWS Systems Manager Automation: This
service allows you to automate tasks such as
provisioning servers, deploying applications, and
configuring security policies.
*AWS Lambda: This service allows you to run
code without provisioning or managing servers.
This can be used to automate tasks such as
sending emails, updating databases, and
processing data.
*AWS CloudFormation: This service allows you
to create and manage infrastructure as code.
This can be used to automate the deployment
of complex IT environments.
*AWS CodePipeline: This service allows you to
automate the software development lifecycle.
This can be used to automate the build, test,
and deploy of applications.

Question:

I want to develop a simple reminders service. People will go online and set a reminder and the service will send an email when the reminder is schedule.

I want to use the simplest stack I can. It will be very simple so I don't want anything complex.

So I need a DB backend, a server to host the web interface so people can set up the reminders, and a background process that send out the emails.
People set up reminders, they are stored in the DB and the process read the reminders every X amount of time and send the emails scheduled in that particular time.

I was thinking about using Firebase (only tried it once in a small chat app for practice). A small web interface stored in a server (which? idk. Heroku, AWS?). And a deamon scheduled to run every half an hour (running where? idk. I have a spare laptop that I can use as server for this purpose or Heroku or any other).

What services (free, or at least free at the beginning) would you use in order to save time and money.

PS: I know Python and Java. But I've worked with PHP (and HTML+CSS). I know next to nothing about JS.