Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "web services"
-
So, you start with a PHP website.
Nah, no hating on PHP here, this is not about language design or performance or strict type systems...
This is about architecture.
No backend web framework, just "plain PHP".
Well, I can deal with that. As long as there is some consistency, I wouldn't even mind maintaining a PHP4 site with Y2K-era HTML4 and zero Javascript.
That sounds like fucking paradise to me right now. 😍
But no, of course it was updated to PHP7, using Laravel, and a main.js file was created. GREAT.... right? Yes. Sure. Totally cool. Gotta stay with the times. But there's still remnants of that ancient framework-less website underneath. So we enter an era of Laravel + Blade templates, with a little sprinkle of raw imported PHP files here and there.
Fine. Ancient PHP + Laravel + Blade + main.js + bootstrap.css. Whatever. I can still handle this. 🤨
But then the Frontend hipsters swoosh back their shawls, sip from their caramel lattes, and start whining: "We want React! We want SPA! No more BootstrapCSS, we're going to launch our own suite of SASS styles! IT'S BETTER".
OK, so we create REST endpoints, and the little monkeys who spend their time animating spinners to cover up all the XHR fuckups are satisfied. But they only care about the top most visited pages, so we ALSO need to keep our Blade templated HTML. We now have about 200 SPA/REST routes, and about 350 classic PHP/Blade pages.
So we enter the Era of Ancient PHP + Laravel + Blade + main.js + bootstrap.css + hipster.sass + REST + React + SPA 😑
Now the Backend grizzlies wake from their hibernation, growling: We have nearly 25 million lines of PHP! Monoliths are evil! Did you know Netflix uses microservices? If we break everything into tiny chunks of code, all our problems will be solved! Let's use DDD! Let's use messaging pipelines! Let's use caching! Let's use big data! Let's use search indexes!... Good right? Sure. Whatever.
OK, so we enter the Era of Ancient PHP + Laravel + Blade + main.js + bootstrap.css + hipster.sass + REST + React + SPA + Redis + RabbitMQ + Cassandra + Elastic 😫
Our monolith starts pooping out little microservices. Some polished pieces turn into pretty little gems... but the obese monolith keeps swelling as well, while simultaneously pooping out more and more little ugly turds at an ever faster rate.
Management rushes in: "Forget about frontend and microservices! We need a desktop app! We need mobile apps! I read in a magazine that the era of the web is over!"
OK, so we enter the Era of Ancient PHP + Laravel + Blade + main.js + bootstrap.css + hipster.sass + REST + GraphQL + React + SPA + Redis + RabbitMQ + Google pub/sub + Neo4J + Cassandra + Elastic + UWP + Android + iOS 😠
"Do you have a monolith or microservices" -- "Yes"
"Which database do you use" -- "Yes"
"Which API standard do you follow" -- "Yes"
"Do you use a CI/building service?" -- "Yes, 3"
"Which Laravel version do you use?" -- "Nine" -- "What, Laravel 9, that isn't even out yet?" -- "No, nine different versions, depends on the services"
"Besides PHP, do you use any Python, Ruby, NodeJS, C#, Golang, or Java?" -- "Not OR, AND. So that's a yes. And bash. Oh and Perl. Oh... and a bit of LUA I think?"
2% of pages are still served by raw, framework-less PHP.32 -
Me: "I'm a programmer"
Others: talks about linux
Others: search algorithms!
Others: service infrastructure
Others: memory optimization
Others: encryption
Me: "I'm a front end web developer"
Others: complex services
Others: strong user form validation
Others: lazy loading
Others: SEO
Me: "fucking, I make shit look pretty alright"11 -
Biggest scaling challenge I've faced?
Around 2006~2007 the business was in double-digit growth thanks to the eCommerce boom and we were struggling to keep up with the demand.
Upper IT management being more hardware focused and always threw more hardware at the problem. At its worst, we had over 25 web servers (back then, those physical tall-rectangle boxes..no rack system yet) and corresponding SQL server for each (replicated from our main sql server)
Then business boomed again and projected the need for 40 servers (20 web servers, 20 sql servers) over the next 5 years. Hardware+software costs (they were going to have to tear down a wall in order to expand the server room) were going to be in the $$ millions.
Even though we were making money, the folks spending it didn't seem to care, but I knew this trajectory was not sustainable, so I started utilizing (this was 2007) WCF services and Microsoft's caching framework Velocity. Started out small, product lookup data (description, price, the simple stuff) and within a month, I was able to demonstrate the web site could scale with less than half of our current hardware infrastructure.
After many political battles (I've ranted about a few of those), the $$ won and even with the current load, we were able to scale back to 5 web servers and 2 sql servers. When the business increased in the double-digits again, and again...we were still the same hardware for almost 5 years. We only had to add another service server when the international side of the business started taking off.
Challenge wasn't the scaling issue, the challenge was dealing with individuals who resisted change.3 -
It's maddening how few people working with the internet don't know anything about the protocols that make it work. Web work, especially, I spend far too much time explaining how status codes, methods, content-types etc work, how they're used and basic fundamental shit about how to do the job of someone building internet applications and consumable services.
The following has played out at more than one company:
App: "Hey api, I need some data"
API: "200 (plain text response message, content-type application/json, 'internal server error')"
App: *blows the fuck up
*msg service team*
Me: "Getting a 200 with a plaintext response containing an internal server exception"
Team: "Yeah, what's the problem?"
Me: "...200 means success, the message suggests 500. Either way, it should be one of the error codes. We use the status code to determine how the application processes the request. What do the logs say?"
Team: "Log says that the user wasn't signed in. Can you not read the response message and make a decision?"
Me: "That status for that is 401. And no, that would require us to know every message you have verbatim, in this case, it doesn't even deserialize and causes an exception because it's not actually json."
Team: "Why 401?"
Me: "It's the code for unauthorized. It tells us to redirect the user to the sign in experience"
Team: "We can't authorize until the user signs in"
Me: *angermatopoeia* "Just, trust me. If a user isn't logged in, return 401, if they don't have permissions you send 403"
Team: *googles SO* "Internet says we can use 500"
Me: "That's server error, it says something blew up with an unhandled exception on your end. You've already established it was an auth issue in the logs."
Team: "But there's an error, why doesn't that work?"
Me: "It's generic. It's like me messaging you and saying, "your service is broken". It doesn't give us any insight into what went wrong or *how* we should attempt to troubleshoot the error or where it occurred. You already know what's wrong, so just tell me with the status code."
Team: "But it's ok, right, 500? It's an error?"
Me: "It puts all the troubleshooting responsibility on your consumer to investigate the error at every level. A precise error code could potentially prevent us from bothering you at all."
Team: "How so?"
Me: "Send 401, we know that it's a login issue, 403, something is wrong with the request, 404 we're hitting an endpoint that doesn't exist, 503 we know that the service can't be reached for some reason, 504 means the service exists, but timed out at the gateway or service. In the worst case we're able to triage who needs to be involved to solve the issue, make sense?"
Team: "Oh, sounds cool, so how do we do that?"
Me: "That's down to your technology, your team will need to implement it. Most frameworks handle it out of the box for many cases."
Team: "Ah, ok. We'll send a 500, that sound easiest"
Me: *..l.. -__- ..l..* "Ok, let's get into the other 5 problems with this situation..."
Moral of the story: If this is you: learn the protocol you're utilizing, provide metadata, and stop treating your customers like shit.22 -
!(short rant)
Look I understand online privacy is a concern and we should really be very much aware about what data we are giving to whom. But when does it turn from being aware to just being paranoid and a maniac about it.? I mean okay, I know facebook has access to your data including your whatsapp chat (presumably), google listens to your conversations and snoops on your mail and shit, amazon advertises that you must have their spy system (read alexa) install in your homes and numerous other cases. But in the end it really boils down to "everyone wants your data but who do you trust your data with?"
For me, facebook and the so-called social media sites are a strict no-no but I use whatsapp as my primary chating application. I like to use google for my searches because yaa it gives me more accurate search results as compared to ddg because it has my search history. I use gmail as my primary as well as work email because it is convinient and an adv here and there doesnt bother me. Their spam filters, the easy accessibility options, the storage they offer everything is much more convinient for me. I use linux for my work related stuff (obviously) but I play my games on windows. Alexa and such type of products are again a big no-no for me but I regularly shop from amazon and unless I am searching for some weird ass shit (which if you want to, do it in some incognito mode) I am fine with coming across some advs about things I searched for. Sometimes it reminds me of things I need to buy which I might have put off and later on forgot. I have an amazon prime account because prime video has some good shows in there. My primary web browser is chrome because I simply love its developer tools and I now have gotten used to it. So unless chrome is very much hogging on my ram, in which case I switch over to firefox for some of my tabs, I am okay with using chrome. I have a motorola phone with stock android which means all google apps pre-installed. I use hangouts, google keep, google map(cannot live without it now), heck even google photos, but I also deny certain accesses to apps which I find fishy like if you are a game, you should not have access to my gps. I live in India where we have aadhar cards(like the social securtiy number in the USA) where the government has our fingerprints and all our data because every damn thing now needs to be linked with your aadhar otherwise your service will be terminated. Like your mobile number, your investment policies, your income tax, heck even your marraige certificates need to be linked with your aadhar card. Here, I dont have any option but to give in because somehow "its in the interest of the nation". Not surprisingly, this thing recently came to light where you can get your hands on anyone's aadhar details including their fingerprints for just ₹50($1). Fuck that shit.
tl;dr
There are and should be always exceptions when it comes to privacy because when you give the other person your data, it sometimes makes your life much easier. On the other hand, people/services asking for your data with the sole purpose of infilterating into your private life and not providing any usefulness should just be boycotted. It all boils down to till what extent you wish to share your data(ranging from literally installing a spying device in your house to them knowing that I want to understand how spring security works) and how much do you trust the service with your data. Example being, I just shared most of my private data in this rant with a group of unknown people and I am okay with it, because I know I can trust dev rant with my posts(unlike facebook).29 -
"Fuck JavaScript, its such a shitty language" seems to be quite a common rant today. It seems as if JS is actually getting more hate than PHP, which is certainly odd, considering the stereotype.
So, as someone who has spent a lot of time in JS and a lot of time elsewhere, here are my views. Please, discuss your opinions with me as well. I am genuinely interested in an intelligent conversation about this topic.
So here's my background: learned HTML/CSS/JS in that order when I was 12 because I liked computers. I was pretty shitty at JS until U was at least 15, but you get the point, Ive had it sploshing about in my brain for a while.
Now, JS certainly has its quirks, no doubt, but theres nothing about the language itself that I would say makes it shitty. Its a very easy leanguage to use, but isn't overdeveloped like VB.net (Or, as I like to call it, TheresAFunctionForThat)
Most of the hate is centered around JS being used for a very broad range of systems. I doubt JS would be in the rant feed so often if it were to stay in its native ecosystem of web browsers. JS can be used in server backend, web frontent, desktop and mobile applications, and even in some system services (Although this isn't very popular as of yet). People seem to be terrified that one very easy to learn language can go so far. And, oh god, its interpreted... How can a system app run off an interpreted language? That's absurd.
My opinion on JSEverything is that it's progress. Thats what we're all about, right? The technologies already in place are unthreatened by JS, it isn't a gamechanger. The only thing JS integration is doing is making tedius and simple tasks easier. Big companies with large systems aren't going to jump ship and migrate to JS. A startup, however, could save a fucking ton of development time by using a JS framework, however. I want to live in a world where startups can become the next Google, because technology will stagnate when youre trying to protect your fortune, (Look at Apple for fucks sake) but innovation is born of small people with big ideas.
I have a feeling the hate for JS is coming from fear of abandoning what you're already doing. You don't have to do that. JS is only another option (And a very good one, which is why it's becoming so popular).
As for my personal opinion from my experiences... I've left this part til the end on purpose. I love programming and learning and creating, so I've never hated a lamguage, really. It all depends on what I want to do. In the times i've played arpund with JS, I've loved it. Very very easy. The idea of having it on both ends of web development makes a lot of sense too, no conversion, just direct communication. I would imagine this really helps with speed, as well. I wouldn't use it in a complicated system, though. Small things, medium size projects: perfect. Running a bank? No.
So what do you think about this JSUniverse?13 -
I made a web app that utilizes the GeoLocation API, that is used by search and rescue services in a couple of countries, to located missing and/or injured people “in the wild”. Over a few years, hundreds of people has been found due to this tool, some of them would probably not have survived without it! Made the first prototype myself, then two other devs joined in.
Open source and SaaS is offered free of charge to the rescue services. :)4 -
More Unix commands are becoming web services. What else can you think of?
Grep -> Google
rsync -> Dropbox
man -> stack overflow
cron -> ifttt"9 -
Due to the coronavirus we are currently required to develop all our web services with SOAP and sanitise all our input for at least 20 seconds.2
-
Generic-IT
--------------
Client:"So we would like to found a new company and offer IT and network consulting. Would you be able to build our website?"
Me:"Absolutely. What will be the name of your company?"
Client:"The name is going to be 'Generic-IT'. The website is going to be 'generic-IT.com' . We checked that with google."
Me:"I am sorry to tell you that generic.com is already taken by another company. Incidentally that company offers the same services, that you intend to offer. They also seem to be quite big an have businesses in 5 different countries.
Because of this I advise you to pick a different name that does not get you into trouble and makes positioning your own brand easier."
Client:"We want to neglect that problem for now."
Me:"0.0 ..... -_-""""
"Well, listen. Apart from the possible branding and copyright problems imagine how people will find you on the web. ...What will happen if you google 'generic IT'?"
Client:"Yeah well, we want to neglect that. And with SEO you can do something about that."
Me:"..........Welllll, you that SEO is not a cure all, right? The older an bigger company will come up first. Why not avoid that missunderstanding and come up with a unique name?"
Client:"......"
Me:"Please tell me. Doesn't any part of my argument make sense to you?"
Client:"..."
Me:"Well, ok. I will send you the estimate on monday."
___________
Then over a back channel I hear that the client is ...bewildered, why I would not stick to my area of expertise.
There I was now. Left bewildered myself, being the one with the webagency that does frontend design and branding.undefined naming bewilderment clients expertise company culture branding brain dead sadness startup brain fart boundaries7 -
Dropped out to grow a business I co-founded. Respect to all those that finished. I was already working a six figure salary as a software engineer before I even started at a university. I decided to attend though to have a more complete resume. One day a professor explained that we could look forward to doing really "advanced concepts" like web services OUR SENIOR YEAR. That was already daily life for me. Our business was starting to grow quickly and it needed more and more of my time. I chose the business and for me, that was the correct choice.6
-
Project Cortana: Day 1
I have seen a lot of people switching to Linux or other services to get away from all the data collections. It makes a lot of sense as no one would want their data to be sold without their consent.
But I am going to do something different. My aim is to integrate with Microsoft apps as much as possible and review the experience. So here is what I have done so far:
* Use Cortana in desktop and mobile (Android)
* Use Microsoft launcher in mobile
* Outlook as primary email provider (I was already using them as my default provider)
* Use Microsoft To-Do and calendar to keep track of things
* Use OneDrive to store all my files (I am moving them from Google Drive)
* Use the default Mail app on the Windows 10
* Use Onenote (I was using Evernote before)
* Use Edge on desktop and Mobile
* Use Skype instead of Hangouts
It's day one but I think I have already found it quite useful. For example:
* Adding reminder is much easier. I get them on both desktop and mobile which is nice.
* Mail app has been really useful. Especially the focused inbox really helps to get rid of the clutters. Also, I can immediately add a mail to the calendar (like Inbox by Google) which is really helpful.
* One of the features of edge that I have found really useful is that you can send web pages from mobile to desktop in one tap. That is extremely useful.
So far I am loving it.
Also, I tried to make sure that I am not sharing my data with third-party apps as I have turned off "relevant ads" feature.43 -
At my old job, me and a colleague were tasked with designing a new backup system. It had integrations for database systems, remote file storage and other goodies.
Once we were done, we ran our tests, and sure enough. The files and folder from A were in fact present at B and properly encrypted. So we deployed it.
The next day, after the backup routine had run over night, I got to work and noone was able to log in. They were all puzzled.
I accessed a root account to find the issue. Apparantly, we had made a mistake!
All files on A were present at B... But they were no longer present at A.
We had issued 'move' instead of 'copy' on all the backups. So all of peoples files and even the shared drives have had everything moved to remote storage :D
We spent 4 hours getting everything back in place, starting with the files of the people who were in the office that day.
Boss took it pretty well at least, but not my proudest moment.
*Stay tuned for the story of how I accidentally leaked our Amazon Web Services API key on stack overflow*
/facepalm5 -
Looking for jobs..
Position: Junior Java Developer
Requiements: Minimum 3 years experience with JEE, Applikations-Server, Persistenz, Open Source Frameworks, Web Services
Honey, trust me, if I had 3 years experience I wouldn't be applying to junior positions.
Job descriptions like this make me so MAD!5 -
-- How I succeeded turning a PHP/MYSQL app into Android app within a week --
Alright. So I wanted to grab your attention to what I'm about to write. If you are here just to read about the technologies I used, jump to bottom.
This is also a kind of rant; rant against the other fellow devs who demotivated me originally when I asked a question.
I'll not go in the details of my original question. Here's the link for those who are interested:
https://www.devrant.io/rants/366496
It's been days since I achieved what I wanted to but I thought someone might learn from my experience. So here it goes.
Why FREE?
Well, it was an important client. I worked on his website and he asked for an app for the same website and told me he won't be able to pay me anything for the app. I was, somewhat, under the impression that he might be testing me. If not, then I would end up learning something new. It wasn't a bad deal for me so I didn't hesitate to took it.
Within a week, I was able to pull the job and finish it. I felt so much better (and proud of myself) when I finished the app within the week and client approved it. What did I get? I got a GOOD BANK CLIENT in my pocket now. Got a lot more worth of projects from the same client. If I were being paid for the app, I might not have pulled the job so much better.
So the moral of this story is never to give up. NOT EVERY DEVELOPER SELLS SHORT ONLY FOR "MONEY". Some enjoy learning new things. And some like me love to accept new challenges and are not afraid to try something new everyday.
In case, someone is interested in knowing the technologies I used, here they go;
PhoneGap
Framework7
Template7
Apache Cordova
I wrote an API for the interaction between the web services and the app.
Also, Ionic Framework seems promising but it had a learning curve and time was of the essence. But I'm gonna learn it anyhow.14 -
**Web Host Rant**
I can't believe how saturated the market is. I also can't believe how many Web hosts do not know a thing about development. You would think you'd want to read up on development practices before going into the business since developers are your customers.
Not to mention that a lot of hosting services are resellers of resellers of resellers. It's to the point where a 15 year old with their mom's credit card can start doing Web hosting. The problem is... they don't know how to answer actually development questions... they won't be in a conference call with you while you do deployments.
It infuriated me to the point where I've started my own hosting company. Completely managed and using the most advanced technologies aimed towards developers. Not only that but an advanced managment package that will teach proper deployment procedures and be there to hold your hand when you do deploy.
Oh and did I mention git will be available to even shared hosting? Oh and did I also mention that we are currently setting up put own git server?36 -
Not just another Windows rant:
*Disclaimer* : I'm a full time Linux user for dev work having switched from Windows a couple of years ago. Only open Windows for Photoshop (or games) or when I fuck up my Linux install (Arch user) because I get too adventurous (don't we all)
I have hated Windows 10 from day 1 for being a rebel. Automatic updates and generally so many bugs (specially the 100% disk usage on boot for idk how long) really sucked.
It's got ads now and it's generally much slower than probably a Windows 8 install..
The pathetic memory management and the overall slower interface really ticks me off. I'm trying to work and get access to web services and all I get is hangups.
Chrome is my go-to browser for everything and the experience is sub par. We all know it gobbles up RAM but even more on Windows.
My Linux install on the same computer flies with a heavy project open in Android Studio, 25+ tabs in Chrome and a 1080p video playing in the background.
Up until the creators update, UI bugs were a common sight. Things would just stop working if you clicked them multiple times.
But you know what I'm tired of more?
The ignorant pricks who bash it for being Windows. This OS isn't bad. Sure it's not Linux or MacOS but it stands strong.
You are just bashing it because it's not developer friendly and it's not. It never advertises itself like that.
It's a full fledged OS for everyone. It's not dev friendly but you can make it as much as possible but you're lazy.
People do use Windows to code. If you don't know that, you're ignorant. They also make a living by using Windows all day. How bout tha?
But it tries to make you feel comfortable with the recent bash integration and the plethora of tools that Microsoft builds.
IIS may not be Apache or Nginx but it gets the job done.
Azure uses Windows and it's one of best web services out there. It's freaking amazing with dead simple docs to get up and running with a web app in 10 minutes.
I saw many rants against VS but you know it's one of the best IDEs out there and it runs the best on Windows (for me, at least).
I'm pissed at you - you blind hater you.
Research and appreciate the things good qualities in something instead of trying to be the cool but ignorant dev who codes with Linux/Mac but doesn't know shit about the advantages they offer.undefined windows 10 sucks visual studio unix macos ignorance mac terminal windows 10 linux developer22 -
*Got a request for installing and configuring an online shop for a client*
Me: Do you have a web space already?
Client: No, I don't want to pay for it. (FYI: They only cost about 20€ a year)
Me: Okay, but free hosters are often slow and unprofessional. I really do not recommend using free hosting services.
Client: Doesn't matter, do it.
Me: *Working on the shop for several weeks, finally goes online*
One week later, client contacts me saying shop is offline. I realize the free hoster he used shut down their services (bankruptcy), resulting in the loss of about 90% of the work that I had done (no proper backups due to complexity)
Client: How can that even happen? You'll redo the shop, right?
♪~ ᕕ(ᐛ)ᕗ5 -
I really hate it when online sources aimed at educating people looking to get into programming attack specific languages. I'm ok with them recommending some good starting languages (ex. JavaScript, Python, etc.) but I find it extremely inappropriate and damaging when they list languages they consider "bad." Languages like JavaScript, PHP and Java constantly get called out even though they power a huge chunk of the web and services hundreds of millions of people use every day. IMO it's a huge disservice to tell beginners not to even look at these languages. We should be teaching the language isn't really what's important - it's what you build with it.5
-
Indian web dev companies suck ( for developers )
when I finished 3 year grad program in computer application here in my country (India), I thought life's gonna be fun working as a developer. Oh boy, I was so wrong.
I started out working for a small service based IT company, followed by 2 more. I realized really quickly that they're nothing short of a scam. If your company's only agenda to somehow survive in the market and showing no signs of growth in 8 fucking years, then I'm sorry you're working for scamsters.
Now I'm not saying that all of them are alike. But most of them sorta are.
They don't give a shit about quality, not one bit. Quality means no money in the short run. And they haven't been able to develop any strategy to deal with that. Hence, no growth.
They promise 100 things on their website but only provide shitty services in 10.
There is no pair programming, no code review, no code quality check, no architect, no database designer. They won't give you extra time to write test cases. They use git as a storage device.
They don't put their developers (especially the ones who are learning) under any sort of managed development framework to ensure smooth work.
At the end of the day, their main objective is to somehow NOT deliver a project but finish a milestone and make money out of it.
After cashing out for a milestone, they want you to put your current project on hold and start working on a new project until you have like 10-15 projects in the pipeline and you're severely overwhelmed and you just wanna fucking QUIT.
They would say YES to literally every fucking thing, only to disappoint the client later.
I can't believe someone in the US, or UK thought it'd be a good idea to approach these companies
for their brand new app ideas. They're so fucked.
They're rarely finishing any project.
I'm sorry if I hurt your feelings. I had to get it out of my system.11 -
I've found and fixed any kind of "bad bug" I can think of over my career from allowing negative financial transfers to weird platform specific behaviour, here are a few of the more interesting ones that come to mind...
#1 - Most expensive lesson learned
Almost 10 years ago (while learning to code) I wrote a loyalty card system that ended up going national. Fast forward 2 years and by some miracle the system still worked and had services running on 500+ POS servers in large retail stores uploading thousands of transactions each second - due to this increased traffic to stay ahead of any trouble we decided to add a loadbalancer to our backend.
This was simply a matter of re-assigning the IP and would cause 10-15 minutes of downtime (for the first time ever), we made the switch and everything seemed perfect. Too perfect...
After 10 minutes every phone in the office started going beserk - calls where coming in about store servers irreparably crashing all over the country taking all the tills offline and forcing them to close doors midday. It was bad and we couldn't conceive how it could possibly be us or our software to blame.
Turns out we made the local service write any web service errors to a log file upon failure for debugging purposes before retrying - a perfectly sensible thing to do if I hadn't forgotten to check the size of or clear the log file. In about 15 minutes of downtime each stores error log proceeded to grow and consume every available byte of HD space before crashing windows.
#2 - Hardest to find
This was a true "Nessie" bug.. We had a single codebase powering a few hundred sites. Every now and then at some point the web server would spontaneously die and vommit a bunch of sql statements and sensitive data back to the user causing huge concern but I could never remotely replicate the behaviour - until 4 years later it happened to one of our support staff and I could pull out their network & session info.
Turns out years back when the server was first setup each domain was added as an individual "Site" on IIS but shared the same root directory and hence the same session path. It would have remained unnoticed if we had not grown but as our traffic increased ever so often 2 users of different sites would end up sharing a session id causing the server to promptly implode on itself.
#3 - Most elegant fix
Same bastard IIS server as #2. Codebase was the most unsecure unstable travesty I've ever worked with - sql injection vuns in EVERY URL, sql statements stored in COOKIES... this thing was irreparably fucked up but had to stay online until it could be replaced. Basically every other day it got hit by bots ended up sending bluepill spam or mining shitcoin and I would simply delete the instance and recreate it in a semi un-compromised state which was an acceptable solution for the business for uptime... until we we're DDOS'ed for 5 days straight.
My hands were tied and there was no way to mitigate it except for stopping individual sites as they came under attack and starting them after it subsided... (for some reason they seemed to be targeting by domain instead of ip). After 3 days of doing this manually I was given the go ahead to use any resources necessary to make it stop and especially since it was IIS6 I had no fucking clue where to start.
So I stuck to what I knew and deployed a $5 vm running an Nginx reverse proxy with heavy caching and rate limiting linked to a custom fail2ban plugin in in front of the insecure server. The attacks died instantly, the server sped up 10x and was never compromised by bots again (presumably since they got back a linux user agent). To this day I marvel at this miracle $5 fix.1 -
Was explaining a technical concept at a "family" dinner. Suddenly stepmother wanted my help for something technical.
Stepmother: Say Awlex, could you help me install some software I recently bought?
Me: (Not this shit again) I even don't know what software you're talking about. How is the software called, what does it do?
Sm: it's calles digital... *long pause*
Me: (I don't like where this is going)
Sm: software... *another long pause*
Me: (fuck me harder than that lightly clothed woman outside)
Sm: something... *long pause*
Me: (alright brain, which way out of here doesn't involves me creating a bullet hole in either one of us?)
Sm: And you can use it to sell something...
Me: (tf do you event sell?!)
Sm: but not like ebay
Me: (what is it then? A platform for selling services? I don't even know what kind of software you'd have to install, given that most of these platforms are be web applications, whcih makes sense for selling stuff on the internet)
Sm: Anyway, could you help me install it? It would take me hours to get into it.
Me: (You think just installing would solve it? As soon as I install it, you probably expect me to be your walking manual as well, don't you?) Look, I'm gonna be honest with you, since I started working I don't have nearly as much free time as I used to have (Not everybody works when they feel like it, you know that?) I get home at around almost 7pm (most of the time) and don't really wanna work afterwards. Most of the time there's a support service from the people who made this software and they would be glad to help you. (Sorry support team, for pushing this bundle of incompetence onto you, but I guess she didn't even listen to my advice).
After that she didn't back down and still wanted my help. Then my grandmother derailed the conversation and got me out of this. When I thanked her later she yold me that she saw I saw uncomfortable and wanted to help. I love my grandmother.
So I am not going to be your "family" tech support. You b(r)ought this onto yourself. Are more than twice my age and still can't use your brain to solve problems like these on your own and you can even less reason abiut your motives and desires when asking for help. I am sick of you and shutty opinions about people, just because I work as a software engineer doesn't mean I'm exist solely for satisfying your unreasonable desires.
Stop offending me and my profession and get yourself some common sense.
Protip #0: Give me one fucking reason to help you, because you're not family enough and your personality really doesn't bring forth any emotion but annoyance5 -
Congratulations? For fucking what. So you built a wix website. Now youre a web developer and the whole world knows it, my services aren't needed anymore.
Congratulations you bypassed half a decade in 50 hours a week of coding, then you have the bone and fucking marrow of emailing me because your like buttons are causing users to create a new instagran account. Good one kid.3 -
Stupid bluemix console, build a translator web apps which processed by translator api services. When I pushed it, error occurred *panic begins*. Then I decided to create a default netcore template and push it. It worked. Push the former one again and it worked.
Stupid server honestly1 -
➡️You Are Not A Software Developer⬅️
When I became a developer, I thought that my job is to write software. When my customer had a problem, I was ready to write software that solves that problem. I was taught to write software.
But what customers need is not software. They need a solution to their problem. Your job is to find the most cost-effective solution, what software often is not.
According to the universal law of software development, more code leads to more bugs:
e = mc²
Or
errors = (more code)²
The number of bugs grows with the amount of code. You have to prioritize, reproduce and fix bugs.
The more code you write, the more your team and the team after it has to maintain. Even if you split the system into micro services, the complexity remains.
Writing well-tested, clean code takes a lot of time. When you’re writing code, other important work is idle. The work that prevents your company from becoming rich.
A for-profit company wants to make money and reduce expenses. Then the company hires you to solve problems that prevent it from becoming rich. Confused by your job title, you take their money and turn it into expensive software.
But business has nothing to do about software. Even software business is not about software. Business is about making money.
Your job is to understand how the company is making money, help make more money and reduce expenses. Once you know that, you will become the most valuable asset in the company.
Stop viewing yourself as a software developer. You are a money maker.
Think about how to save and make money for your customers.
Find the most annoying problem and fix it:
▶️Is adding a new feature too costly? Solve the problem manually.
▶️Is testing slow? Become a tester.
▶️Is hiring not going well? Speak at a meetup and advertise your company.
▶️Is your team not productive enough? Bring them coffee.
Your job title doesn’t matter. Ego doesn’t matter either.
Titles and roles are distracting us from what matters to our customers – money.💸
You are a money maker. Thinking as a money maker can help choose the next skill for development. For example:
Serverless: pay only for resources you consume, spend less time on capacity planning = 💰
Machine Learning: get rid of manual decision-making = 💰
TDD: shorter feedback cycle, fewer bugs = 💰
Soft Skills: inspire teammates, so they are more productive and happy = 💰
If you don’t know what to learn next — answer a simple question:
What skills can help my company make more money and reduce expenses?
Very unlikely it’s another web framework written in JavaScript.
Article by Eduards Sizovs
Sizovs.net18 -
You know. I have mixed feelings on the way people have been reacting to senzory's rant regarding the way he deals with clients. Some people believe that he is unethical, some people see it as just business(me included) but to see what the community says is somewhat interesting.
First, let me be clear on something: i have been fucked over by clients many times for being a nice guy and trying to play it nicely.
Because of this I am selective of who deserves good treatment and who gets to fuck off. But regardless of the client I do the same thing: regardless of who it is, nice or otherwise. If a project will take 1 week to complete then I tell them that it will take 3 to 4 weeks. Why? Well because I have many things on my plate, I am married and have two children, one lives with me and I try to spend as much time with them as I can. I work from 8 to 6, sometimes later and when I get home I sometimes don't do shit since at work I maintain the web services of 2 fucking college campuses.
I don't look for my clients. Through word of mouth they come to me. And being in a privileged position(there are about 5 devs here and they all suck) they can either do with my times and fees or can fuck off over the border where Pedro will do their shit on vbscript and classic ASP(which I like, but you know why this is not an option in 2018)
Apps can be sold for large quantities of money, regardless of what their use case is, if a company wants to outsource their apps to an external developer(such as yours truly) that means that they are willing to play the game. And that is what business is: a game, a survival game.
Where I live, a company will not think twice of firing a single mother for whatever reason. In the U.S of A, and specially in Texas, you can be fired for whatever reason. I have automated people's jobs without knowing it, I have made people lose their jobs and saved companies thousands with my apps. Things like that were not know to me, had I known that someone would have lost their jobs I would have tried differently.
If a company is willing to tell employees(loyal employees) to fuck off, then i do not regret charging what I do and hustling the way I do with rat faced dickheads that care not for people. If I could I would destroy entire companies here. But that is for another story.
I have been used, insulted, gambled with and have been lied to, to my face by these companies. Which has left me jaded.
Oh now, trust me. I am still highly optimistic and nice. And if someone has a small business and I can help them out, then I will lower my rate and give positive vibes in the hopes of making things better through karma. I want to see the best in people. But this does not stop me from being a shark and giving quotes the way I do.
Because companies, as an overall entity are not people with the best intentions(sometimes) and they will not take your kindness, they will take advantage if possible in an effort to save money. Its just dickhead business.
So why, as a professional and privileged developer that obtained his skills through intense study and practice, a wizard by all means, should lower to these nameless, Faceless entities?
Why should i give them the fairness they do not give others? Why should I play the high morale game and come out as a loser?
At the end of the day, I get to swim in my own pool of success, knowing that they did not get the chance to fuck me over
So if you tell me that you took advantage of your hard earned skillset, and built a cross platform app(which compiles to native binaries) and sold 2 products for one, I will tell you that you are an excellent player at their game. If you tell me that you finished before and got to charge for 2 weeks of work doing just 2 days I will say that you are an excellent time manager. And if you tell me that at the end of the day you managed to keep said customer I will tell you that you are a true professional.
There is a difference lads, in selling a product to big momma jamma's cajun restaurant, to the largest logistics company around.
Be nice to those that desserve it.6 -
Tl;dr younger people on here, especially passionate ones, don't worry about comparing yourself to people who appear to have tremendous laurels, those people are probably completely full of shit.
I say kids because you may be like me and more likely to underestimate your ability or more likely to be modest about your accomplishments, and you're too young to know you're doing that.
Either way. I've been doing a web development boot camp the last six months. It's been quite good with the teachers, and some of the classmates. Hell career services is now run by this woman who really actually seems like she knows what she's doing. It's pretty awesome.
That said, my teammates on the group projects have been a different story. I've primarily stuck with some of them out of loyalty and friendship. But one guy in particular has pissed me off to no end. He said he was a computer scientist going for masters. I thought I could learn from this guy. Now I wonder if he's a pathological liar.
Our first project he made one commit. Ripped straight from the homework. It was a simple api mash-up so alright. Fair enough. Next project was when he really started to piss me off.
He didn't do shit the first week and a half. No PM, no design, no programming. Nothing. Comes in two days before project is due, and me one other guy are fucking scrambling. Because of course no one else is there.
I live significantly further than my teammates mind you. We're busting ass. This fucking guy, this dumbass pick who is convinced he's a genius that will work in higher academia clobbers our whole fucking repo.
Why you ask? To put in an unrelated commit that replicated homework from the week before. Why you ask, again? Because this person is a borderline sociopath trying to appear busy in the commit logs.
We're onto the third project now. I spend days designing something original. Side note: I fucking hate design.
So I design my heart out come up with something awesome. This fuck ass, disappears. And another group member. This was the end of November, I hear from this prick last week about refactoring to ES6. But here's the kicker-fucker, our shit ALREADY WAS IN ES6!
I go in Saturday, slack a message I'll be late. I see this fucking "genius dedicated computer scientist" leaving the fucking university shadily checking to see who was watching. He saw me see him. Coward tried to shrug it off.
Here we are, end of semester. He gets the same certification as I do. The difference? I actually know what I'm taking about, I haven't paid in full to fail.
So never, ever fucking ever take what someone says on their resume or LinkedIn as truth. The better it sounds, the more full of shit they may very well be.
And as for our presentation on Saturday? I plan on handling that but letting him do all of the talking. Let's even see if he knows what the project is about :).6 -
I just launched a small web service/app. I know this looks like a promo thing, but it's completely non-profit, open source and I'm only in it for the experience. So...
Introducing: https://gol.li
All this little app offers is a personal micro site that lists all your social network profiles. Basically share one link for all your different profiles. And yes, it includes DevRant of course. :)
There's also an iframe template for easy integration into other web apps and for the devs there's a super simple REST GET endpoint for inclusion of the data in your own apps.
The whole thing is on GitHub and I'd be more than happy for any kind of contribution. I'm looking forward to adding features like more personalization, optimizing stuff and fixing things. Also any suggestions on services you'd like see. Pretty much anything that involves a public profile goes.
I know this isn't exactly world changing, but it's just a thing I wanted to do for some time now, getting my own little app out there.9 -
Worked with a European consulting company to integrate some shared business data (aka. calling a service).
VP of IT called an emergency meeting (IT managers, network admins) deeply concerned about the performance of the international web site since adding our services.
VP: “The partner’s site is much slower than ours. Only common piece that could cause that is your service.”
Me: “Um, their site is vastly different than ours. I don’t think we can compare their performance to ours.”
VP: “Performance is #1! I need your service fixed ASAP!”
Me: “OK, but what exactly is slow? How did you measure their site? The servers are in Germany”
VP: “I measured performance from my house last night.”
Me: “Did you use an application?”
VP: “<laughs> oh no, I was at home. When I opened the page, I counted one Mississippi, two Mississippi, three Mississippi, then the page displayed.”
Me: “Wow…um…OK…uh…how long does our page take to load?”
VP: “Two Mississippi’s”
Me: “Um…wow…OK…wow…uh, no, we don’t measure performance like that, but I’ll work with our partners and develop a performance benchmark to determine if the shared service is behaving differently.”
VP: “Whatever it is, the service is slow. Bill, what do you think is slowing down the service?”
NetworkAdmin-Bill: “The Atlantic Ocean?”
VP got up and left the meeting.2 -
Got laid off last week with the rest of the dev team, except one full stack Laravel dev. Investors money drying up, and the clowns can't figure out how to sell what we have.
I was all of devops and cloud infra. Had a nice k8s cluster, all terraform and gitops. The only dev left is being asked to migrate all of it to Laravel forge. 7 ML microservices, monolith web app, hashicorp vault, perfect, mlflow, kubecost, rancher, some other random services.
The genius asked the dev to move everything to a single aws account and deploy publicly with Laravel forge... While adding more features. The VP of engineering just finished his 3 year plan for the 5 months of runway they have left.
I already have another job offer for 50k more a year. I'm out of here!13 -
I bought an internet radio from pioneer...
Unfortunately, the remote control has a small delay. So I thought, maybe there's an app to control the radio. But after downloading the app could not connect. During a network scan several services appeared. You are able to update the firmware via an unprotected web interface which makes me sad. But that's not the best thing yet. You can also connect to the device via the telnet port. Guess which user you are...3 -
I've recently received another invitation to Google's Foobar challenges.
A while ago someone here on devRant (which I believe works at Google, and whose support I deeply appreciate) sent me a couple of links to it too. Unfortunately back then I didn't take the time to learn the programming languages (Python or Java) that Google requires for these challenges. This time I'm putting everything on Python, as it's the easiest language to learn when coming from Bash.
But at the end of the day.. I am a sysadmin, not a developer. I don't know a single thing about either of these languages. Yet I can't take these challenges as the sysadmin I am. Instead, I have to learn a new language which chances are I'll never need again outside of some HR dickhead's interview with lateral thinking questions and whiteboard programming, probably prohibited from using Google search like every sane programmer and/or sysadmin would for practical challenges that actually occur in real life.
I don't want to do that. Google is a once in a lifetime opportunity, I get that. Many people would probably even steal that foobar link from me if they could. But I don't think that for me it's the right thing to do. Google has made a serious difference by actually challenging developers with practical scenarios, and that's vastly superior to whatever a HR person at any other company could cobble together for an interview. But there's one thing that they don't seem to realize. A company like Google consists of more than just developers. Not only that, it probably consists - even within their developer circles - of more than just Python and Java developers. If any company would know about languages that are more optimized such as C, it would be Google that has to leverage this performance in order to be able to deliver their services.
I'll be frank here. Foobar has its own issues that I don't like. But if Google were a nice company, I'd go for it all the way nonetheless - after all, they are arguably the single biggest tech company in the world, and the tech industry itself is one of the biggest ones in the world nowadays. It's safe to say that there's likely no opportunity like working at Google. But I don't think it's the right thing. Even if I did know Python or Java... Even if I did. I don't like Google's business decisions.
I've recently flashed my OnePlus 6T with LineageOS. It's now completely Google-free, except for a stock Yalp account (that I'm too afraid to replace with my actual Google account because oh dear, third-party app stores, oh dear that could damage our business and has to be made highly illegal!1!). My contacts on that phone are are all gone. They're all stored on a Google server somewhere (except for some like @linuxxx' that I consciously stored on device storage and thus lost a while back), waiting for me to log back in and sync them back. I've never asked for this. If Google explicitly told me that they'd sync all my contacts to my Google account and offer feasible alternatives, I'd probably given more priority to building a CalDAV and CardDAV server of my own. Because I do have the skills and desire to maintain that myself. I don't want Google to do this for me.
Move fast and break things. I've even got a special Termux script on my home screen, aptly named Unfuck-Google-Play. Every other day I have to use it. Google Search. When I open it on my Nexus 6P, which was Google's foray into hardware and in which they failed quite spectacularly - I've even almost bent and killed it tonight, after cursing at that piece of shit every goddamn day - the Google app opens, I type some text into it.. and then it just jumps back to the beginning of whatever I was typing. A preloader of sorts. The app is a fucking web page parser, or heck probably even just an API parser. How does that in any way justify such shitty preloaders? How does that in any way justify such crappy performance on anything but the most recent flagships? I could go on about this all day... I used to run modern Linux on a 15 year old laptop, smoothly. So don't you Google tell me that a - probably trillion dollar - company can't do that shit right. When there's (commercialized) community projects like DuckDuckGo that do things a million times better than you do - yet they can't compete with you due to your shit being preloaded on every phone and tablet and impossible to remove without rooting - that you Google can't do that and a lot more. You've got fucking Google Assistant for fucks sake! Yet you can't make a decent search app - the goddamn thing that your company started with in the first place!?
I'm sorry. I'd love to work at Google and taste the diversity that this company has to offer. But there's *a lot* wrong with it at the business end too. That is something that - in that state - I don't think I want to contribute to, despite it being pretty much a lottery ticket that I've been fortunate enough to draw twice.
Maybe I should just start my own company.6 -
Watch out for these fucking bug bounty idiots.
Some time back I got an email from one shortly after making a website live. Didn't find anything major and just ran a simple tool that can suggest security improvements simply loading the landing page for the site.
Might be useful for some people but not so much for me.
It's the same kind of security tool you can search for, run it and it mostly just checks things like HTTP headers. A harmless surface test. Was nice, polite and didn't demand anything but linked to their profile where you can give them some rep on a system that gamifies security bug hunting.
It's rendering services without being asked like when someone washes your windscreen while stopped at traffic but no demands and no real harm done. Spammed.
I had another one recently though that was a total disgrace.
"I'm a web security Analyst. My Job is to do penetration testing in websites to make them secure."
"While testing your site I found some critical vulnerabilities (bugs) in your site which need to be mitigated."
"If you have a bug bounty program, kindly let me know where I should report those issues."
"Waiting for response."
It immediately stands out that this person is asking for pay before disclosing vulnerabilities but this ends up being stupid on so many other levels.
The second thing that stands out is that he says he's doing a penetration test. This is illegal in most major countries. Even attempting to penetrate a system without consent is illegal.
In many cases if it's trivial or safe no harm no foul but in this case I take a look at what he's sending and he's really trying to hack the site. Sending all kinds of junk data and sending things to try to inject that if they did get through could cause damage or provide sensitive data such as trying SQL injects to get user data.
It doesn't matter the intent it's breaking criminal law and when there's the potential for damages that's serious.
It cannot be understated how unprofessional this is. Irrespective of intent, being a self proclaimed "whitehat" or "ethical hacker" if they test this on a site and some of the commands they sent my way had worked then that would have been a data breach.
These weren't commands to see if something was possible, they were commands to extract data. If some random person from Pakistan extracts sensitive data then that's a breach that has to be reported and disclosed to users with the potential for fines and other consequences.
The sad thing is looking at the logs he's doing it all manually. Copying and pasting extremely specific snippets into all the input boxes of hacked with nothing to do with the stack in use. He can't get that many hits that way.4 -
Writing a Firefox add-on which analyzes the current webpage's links and puts a warning if one of those links to one of the prism (surveillance network) integrated services/companies.
Nearly ready enough for testing (real working version) when I suddenly realize: web pages can request resources without links.
Gotta rewrite the fucker partly now.
How fucking stupid can I be. 😐11 -
*Working on a project with boss, I am working on a mobile app, he is working on web service app.
Me: this service takes user id as parameter to get all account details (all other web services are like that)
Boss: yes, I use the id to filter the data.
Me: but by this, everyone has the id can do anything ! why we do not use session token?
Boss: this is a detail, it is not important !
Me:...
*7 years of experience my ass5 -
Inmates are trying to take over the asylum again.
Got a message from the web team manager deeply concerned because since switching to the new logging framework, the site is significantly slower.
She provided no proof or any data to what 'significantly slower' means.
#1 The 'new logging' has been in place and logging for 5 years. We only recently depreciated the ILogger interface ('new' ILogger interface only has 1 method instead of 5)
#2 The 'old logging' was modified 5 years ago, so even if you were using the 'old' interface, the underlying implementation is still the same.
She tried to push the 'it wasn't this slow before' argument, so I decided to do some fact based analysis.
Knowing they deployed their logging changes couple of weeks ago, I opened up AppDynamics, looked at the average call time to Splunk (along with a few other http calls they are doing)
- caching services - 5ms
- splunk - 30ms
- Order Service - 350ms
- Product Data Service -525ms
Then I look at the data they are logging, for the month of June, over 5 million messages. At 30ms each, that's almost 42 hours spent logging errors...yes errors. Null reference exceptions, Argument exceptions, easily fixable stuff.
So far for the month of July (using the 'new' logging), almost 2.5 million errors. Pretty close so far with June's numbers.
My only suggestion was to fix the bugs in their code so they don't log so many errors.
Her response.."Can we have one of our developers review your logging code? We believe we can find ways to optimize the http requests"
Oh good Lord. I'm not a drinking man..but ...I might start.1 -
I miss cigarettes.
Sometimes I am dying for a smoke.
This would happen to you after dealing with the web services of 2 campuses. Should have never stopped smoking eh?
Fuck11 -
Best code performance incr. I made?
Many, many years ago our scaling strategy was to throw hardware at performance problems. Hardware consisted of dedicated web server and backing SQL server box, so each site instance had two servers (and data replication processes in place)
Two servers turned into 4, 4 to 8, 8 to around 16 (don't remember exactly what we ended up with). With Window's server and SQL Server licenses getting into the hundreds of thousands of dollars, the 'powers-that-be' were becoming very concerned with our IT budget. With our IT-VP and other web mgrs being hardware-centric, they simply shrugged and told the company that's just the way it is.
Taking it upon myself, started looking into utilizing web services, caching data (Microsoft's Velocity at the time), and a service that returned product data, the bottleneck for most of the performance issues. Description, price, simple stuff. Testing the scaling with our dev environment, single web server and single backing sql server, the service was able to handle 10x the traffic with much better performance.
Since the majority of the IT mgmt were hardware centric, they blew off the results saying my tests were contrived and my solution wouldn't work in 'the real world'. Not 100% wrong, I had no idea what would happen when real traffic would hit the site.
With our other hardware guys concerned the web hardware budget was tearing into everything else, they helped convince the 'powers-that-be' to give my idea a shot.
Fast forward a couple of months (lots of web code changes), early one morning we started slowly turning on the new framework (3 load balanced web service servers, 3 web servers, one sql server). 5 minutes...no issues, 10 minutes...no issues,an hour...everything is looking great. Then (A is a network admin)...
A: "Umm...guys...hardly any of the other web servers are being hit. The new servers are handling almost 100% of the traffic."
VP: "That can't be right. Something must be wrong with the load balancers. Rollback!"
A:"No, everything is fine. Load balancer is working and the performance spikes are coming from the old servers, not the new ones. Wow!, this is awesome!"
<Web manager 'Stacey'>
Stacey: "We probably still need to rollback. We'll need to do a full analysis to why the performance improved and apply it the current hardware setup."
A: "Page load times are now under 100 milliseconds from almost 3 seconds. Lets not rollback and see what happens."
Stacey:"I don't know, customers aren't used to such fast load times. They'll think something is wrong and go to a competitor. Rollback."
VP: "Agreed. We don't why this so fast. We'll need to replicate what is going on to the current architecture. Good try guys."
<later that day>
VP: "We've received hundreds of emails complementing us on the web site performance this morning and upset that the site suddenly slowed down again. CEO got wind of these emails and instructed us to move forward with the new framework."
After full implementation, we were able to scale back to only a few web servers and a single sql server, saving an initial $300,000 and a potential future savings of over $500,000. Budget analysis considering other factors, over the next 7 years, this would save the company over a million dollars.
At the semi-annual company wide meeting, our VP made a speech.
VP: "I'd like to thank everyone for this hard fought journey to get our web site up to industry standards for the benefit of our customers and stakeholders. Most of all, I'd like to thank Stacey for all her effort in designing and implementation of the scaling solution. Great job Stacy!"
<hands her a blank white envelope, hmmm...wonder what was in it?>
A few devs who sat in front of me turn around, network guys to the right, all look at me with puzzled looks with one mouth-ing "WTF?"9 -
When I cost the company half a million.
We recently got incubated and signed up for an accelerator programme, it was a life changing moment for me especially after having worked with my startup unpaid for almost a year. So naturally, it meant a lot to me.
But my friends / colleagues had to leave for a trip leaving me to work along side this other startup in the same batch. They needed a front end guy for their web stuff so we naturally offered our services except they needed me to work on Angular and I didn't know jack shit about it but pretended I did.
I couldn't reach out to my friends for help because I felt bad and wanted to prove my worth, and I pressured myself to the point where I called the client our batch mate brought on board making him leave.
I lost credibility as a professional, trust as a friend and my place at the office because it's gotten extremely awkward to go back there.
I fucked up my one way ticket out of my current certain household circumstances and realized I'm just a shitty developer who's all talk and no show.9 -
The website of the italian post service is "closed" between 23:45 and 00:15, everyday.
I don't know if something like this happens in other countries...
And do you know when I really need to access it?
ALWAYS IN THESE 30 MINUTES, not the others 1.410 of the day!
P.S.
What do you think, what could be a valid reason to "close" a web service?
I thought about backup, but other services don't have this problem.4 -
Legit considering quitting my job and going back to my old workplace.
Fucking getting real tired of fucking around with html and css on the daily.
The school is fucking crashing down on our shitty as web services. But my manager (as much as we love her) is forcing everyone to double time on a rather stupid project that keeps constantly changing on the daily.
I am so fucking tired of it4 -
- Back in October 2019 -
- Me: Hey, these two servers are having weird problems. Several services we use stop functioning every 7-10 days. I can temporarily fix them by taking them off the domain and putting them back on, but I don’t know why they’re happening or what further damage this workaround causes.
- Boss: Thats not good. Well. Keep doing the fix when it’s needed.
- Me: We should really reach out to someone at Microsoft through our support plan. I have no idea how to fix any of this and it’s making our Hyper-V environment very unstable.
- Boss: K. Let’s not worry about that now, let’s just keep working around it.
- In January 2020 -
- Me: Hey boss. More and more errors are generating from these servers. I’ve created a log of everything Ive found to hand off to a support agent. We really need to.
- Boss: Okay. Let’s talk to our internal team that uses Hyper-V and see what they did since they don’t have any problems.
- Me: Its not Hyper-V specific. It’s stemming from AD and authentication. It causes problems even without Hyper-V installed, so I don’t think it will help.
- Boss: K. Let’s just do what we can with what we got.
- Today, May 2020 -
- Me: Hey. The servers no longer work at all, and the workaround has no effect anymore. I’m completely stalled on my project now and have nothing to do.
- Boss: What?? What happened to them?
- Me: *Sends 17 page PDF file documenting all found issues, errors, warnings, and weird anomalies in both servers, as well as troubleshooting steps I’ve already performed*
- Boss: None of this makes any sense. I need you to start troubleshooting right away.
- Me: But... I can’t... *Sends screenshots of errors having no search results on the web, screenshots of Microsoft Support Techs on forums telling me we need to open tickets with Microsoft directly, other reasons why I’m completely blocked*
- Boss: Keep trying to figure it out. We need this resolved as soon as possible and we can’t let it happen again in the future.
Now I’m completely alone in our office, bitterly staring at the servers, trying to force an epiphany on how to fix these dumb boxes.5 -
Tldr; its a long introduction
Hi Ranters,
I've been on this app for quite a while now. As a shy cat watching from a distance and reading all kinds of rants. Anywho I feel comfortable enough to crawl out of my shell and introduce myself. Since I feel you guys together made such a pleasant and safe community, I'm really happy to be a part of it!
Anyway I'm Sam, 24 year old, from the Netherlands. My favorite color is green. Mostly the green you can find in nature. The one that calms you down:). I'm a very introverted person but always very curious and eager to learn new things.
I started to program when I was 12. I did assembly and C++. Because I liked making cheats for online games. Later I learned about C#, Java and Python. Mostly used it for web stuff, scraping, services etc. But also chatbots (for Skype for example).
Currently I'm 2 years in as a data scientist, mostly working in Python.
But on the side as a hobby and with an ambition I have a basic understanding of full stack development.
Mostly Nodejs, express, mongo, and frontend, no frameworks.
(I will later ask you guys some more questions about that! I could really use some advice!)
Anyway enough about me! Tell a bit about yourselves! Happy to get to know you all a little better!22 -
Today I learned that bugs in Proxmox aren't bugs because they're not *exactly* within the scope of le fancy PVE web UI.
Today I also learned that running Samba on the PVE host is stupid. No real reasons but let's assume security. Well it's decently secured, has good passwords, and the killer is.. it isn't even fucking accessible to the internet! And even if it was, privilege separation is no secret to me.
But clearly I'm an idiot for even thinking about running Samba on PVE. Well guess what?! PVE is aimed at sysadmins that want to deploy a virtualization server. It's not a big stretch to imagine that those sysadmins might be halfway competent and want to run external services on the PVE host, is it.
But apparently it is. I'm an idiot and bugs aren't bugs anymore. Go fucking kill yourself, motherfuckers in the ##proxmox IRC channel. I really hope that your servers will go down on Friday when you're on call. Fucking cunts 😑
Edit: IRC chatlog @ https://clbin.com/nU9Fu13 -
Inherited a simple marketplace website that matches job seekers and hospitals in healthcare. Typically, all you need for this sort of thing is a web server, a database with search
But the precious devs decided to go micro-services in a container and db per service fashion. They ended up with over 50 docker containers with 50ish databases. It was a nightmare to scale or maintain!
With 50 database for for a simple web application that clearly needs to share data, integration testing was impossible, data loss became common, very hard to pin down, debugging was a nightmare, and also dangerous to change a service’s schema as dependencies were all tangled up.
The obvious thing was to scale down the infrastructure, so we could scale up properly, in a resource driven manner, rather than following the trend.
We made plans, but the CTO seemed worried about yet another architectural changes, so he invested in more infrastructure services, kubernetes, zipkin, prometheus etc without any idea what problems those infra services would solve.2 -
-GDPR
-News letter
-Ads blocker blocker
-Ads popup insite
-Ads popin in video
-Ads popin podcast
-Ads in mail
-Ads in software
-Ads in any android application
-Ads in windows
-Ads in ads
-Auto scrolling
-Slideshow
-Scroll position reset on back button
-Aria-label aria-labelledby aria-role aria-aria of game of thrones
-Order in dom for a11y different of the display order -Button :hover, :focus-visible, :focus-within :fuck-this
- SVG abandoned ware
- I make you a illustrators X version that not work with yours, i use figma. I use affinity, i use akira. I use photoshop, i use word. I use powerpoint, i use publisher, i use paint, i use all Asss (application as a service) on the web and to see what i make you need to pay you an account
-We all make frontend backend... No linter or something... Why we have always 848274 change in git ....
We not host anymore we use 62616 different cloud services to try all the fucking company everywhere
-Make a Drupal CMS to a client that's are to idiots to use it and call you each time they have something to modify
And goes on
Web tooday is fucking crap shit
People realize that you cannot make money anymore with informative website. Then everybody try to squish people at the last drop... Because of selfishness.3 -
I recently started my professional journey as a developer and I stumbled upon a very strange git repo configuration..
Background: The projects consist on a web app and a lot of backend services in C# (1 service on each project).
The project manager decided to configure the the git repo as a single repo with all of the different projects for the services and the project of the webapp. All in one. Everytime you update something the merge results absurd and this happened…19 -
Indian outsourcing web companies on their websites be like:
"We provide services in IOT, Machine Learning, Data Analysis, Web security analysis, blah blah"
Me excitingly joins the company and finds out, they all are PHP developers developing unsecured websites.1 -
Just purchased a new house and was looking for a new ISP. Found a local ISP that is still offering dial up services and "Professional Website Design". Their website was obviously pre-web 2.0 all static nested tables and sliced images.4
-
Anything I (am able to) build myself.
Also, things that are reasonably standardized. So you probably won't see me using a commercial NAS (needing a web browser to navigate and up-/download my files, say what?) nor would I use something like Mega, despite being encrypted. I don't like lock-in into certain clients to speak some proprietary "secure protocol". Same reason why I don't use ProtonMail or that other one.. Tutanota. As a service, use the standards that already exist, implement those well and then come offer it to me.
But yeah. Self-hosted DNS, email (modified iRedMail), Samba file server, a blog where I have unlimited editing capabilities (God I miss that feature here on devRant), ... Don't trust the machines nor the services you don't truly own, or at least make an informed decision about them. That is not to say that any compute task should be kept local such as search engines or AI or whatever that's best suited for centralized use.. but ideally, I do most of my computing locally, in a standardized way, and in a way that I completely control. Most commercial cloud services unfortunately do not offer that.
Edit: Except mail servers. Fuck mail servers. Nastiest things I've ever built, to the point where I'd argue that it was wrong to ever make email in the first place. Such a broken clusterfuck of protocols, add-ons (SPF, DKIM, DMARC etc), reputation to maintain... Fuck mail servers. Bloody soulsuckers those are. If you don't do system administration for a living, by all means do use the likes of ProtonMail and Tutanota, their security features are nonstandard but at least they (claim to) actually respect your privacy.2 -
When I think how big companies like Google, Amazon, Netflix manage all their services so well (all those load balancings, caching, etc. ), I feel so bad I don't know anything about it. I don't even know how people decide which technology to use. E.g., for a scalable Web app, one can use Node.js or maybe Django (but not definitely Flask, I suppose). Also, which DBMS to use, how to write flawless APIs. You see, I am just beginning my career. Any recommendations (books, videos, etc.) that teach these things? Please help.4
-
So i just had an interesting conversation.
View source images in comments
So some background. I used to do a lot of Minecraft development and server configuration. And Minecraft being made of mostly 12-year-olds they really don't pay very well. So I moved on from Minecraft but someone reached out for me to do their configuration for their server. (this was about a month ago) and I quoted them 40/hr because that's what I charge for my web dev work. So he promptly declined and I thought that was that. But tonight he messaged me and found a 5 month old post saying how I was looking to do free development work in order to get experience. And here is how the converstion when.
(His name is "Candy")
Candy:
Lol
Trying to take advantage of me with your bullshit $40/hour claims
Which is outright laughable
https://mc-market.org/threads/...
”I am looking for a network to stay long-term with and help/see it grow into a bigger server. (I would expect pay later down the road if we work together on an ongoing basis)”
—
Quoting your MC-Market post.
What do you have to say for yourself? Trying to take advantage of people?
Going to say something else completely delusional or own up to the fact that you were trying to take advantage of me?
I already knew you were, but now I have the hard evidence.
As I am not a stupid person.
Not only did your friend lie, but you tried to take advantage of me, thinking I was stupid enough to fall for your $40/hour bullshit for basic configuration work. MineSaga charges $30.00 an hour on the high. Don’t even try to do the same shit you did to me to anyone else. It won’t work.
Me:I was interested in doing plugin development and learning so I offered my services for free so I could learn in a more real environment. I no longer do minecraft plugins rather I am a web developer and my rate is $40/hr I am good at configuration which is why i contacted you but I am not going to lower my rate because it is "simpler" work. Just like how you can higher a prostitute to wash your car but it would be cheaper to get the kid from around the block to do it. Also not sure what your end goal is here. I gave you my rate and you didn't agree with it. So you should just move on. Plus this is the minecraft world let me know when you get to the real world so you you can pay in big boy money.
Candy:
So your configuration work for minecraft is $40/h as well?
Lol
Absolutely hilarious.
Me:
did you not read my message?
"I am not going to lower my rate because it is "simpler" work."
Candy:
Who were your most recent clients?
Me:
i'm not going to give you that information
Candy:
Because you know you are lying to me with your crazy rates, and if you aren't, that means you have near to no clients.
Yet another lie.
Me:
keep telling yourself that buddy
Candy:
Lol
Good luck getting any more clients.
rip
Me:
?
I get more clients all the time
They just are not in your realm of your minecraft imagination where you can pay a developer 20$/hr
Candy:
I just strongly disagree with the fact that you are charging $40/hour for configurative work
xD
Me:
Okay
But why even contact me? Did you really think trying to "Call me out" was going to have me lower my rates or something.
Just get over it
Candy:
I haven't called you out and overcharging like that to others in the minecraft realm for a significant gain in money for work that is not worth nearly that amount is absolutely delusional.
I would recommend you stop making up false assumptions
Me: What ever you say
I left it at that. There was some more stuff but it was not that interesting so i left it out6 -
Providing a web site to pay electricity and other services, but guess what? THE CONNECTION IS NOT SeCuRe !! (What can possibly can go wRoNg).
This retarded country have a lot of skilled people, but the dinosaurs who in charge are literally afraid of new technology.
Wake up bitches, it's almost 2020 -
Yet another day at work:
My job is to write test libraries for web services and test others code. Yes I know to code, and have a niche in software testing.
Sometimes developers (whose code I find bugs in) get so defensive and scream in emails and meetings if I point out an issue in their code.
Today, when I pointed a bug in his repo, a developer questioned me in an email asking if I even understood his code, and as a tester I shouldn’t look at his code and only blackbox test it.
I wish I can educate the defensive developer that sometimes, it’s okay to make mistakes and be corrected. That’s how we deliver services that doesn’t suck in production.10 -
Soooo might turn into the lead developer of the web services of 2 fucking schools with the manpower of 2 for which one of us ain't even a developer all because HR put my lead developer in the hospital and he might be so fucking fed up that he may not come back to work.
Fuck
Human
Resources
Holy fuck man.....I was already a lead mobile developer before and i fucking hated every minute of it and the pay raise ain't even gonna be worth it for the ammount of shit that i am going to be required to do.
Fuck this, fingers crossed man I really want my boy to come back cuz I don't wanna deal with this bullshit.
I seriously never thought i would be in this position and by heavens i have been in some shit before.
Fuck fuckity fuck fuck fuck.
Fingers crossed my boy gets better man fr.7 -
!rant
Goodbye Java I will not miss you at all! I swear ...
I do like it when making web services (especially that I can use Java8) but for Android you have been a torture. Hello sweet Kotlin! I shall embrace you and treat you like my newly born baby!!
Story is:
Working on a new project where I need to talk to a web service (also made by me).
Started writing in Java, all is cool and unit tests pass.
Downloaded Android Studio 3 Beta 1 and converted my Java code to Kotlin, That AsyncTask did not look nice in kotlin, converted it to async & await feature and I must admit lots of code removed, no more need to create a new fucking AsyncTask every time the app sneezes for data!
I feel like I'm working with C# but with difference in syntax.
My life is now complete :)undefined java goodbye! am i drunk? koline: sorry i have a boyfriend hi there kotlin i shall not miss you what the fuck did i just use for a tag?8 -
#!/usr/bin/rant
So, we are a web development and marketing agency. That's fine... except now it seems that we are a marketing and web development agency. Where the head marketing guy feels it's his job to head up web development.
This is NOT what I signed up for.
When you offer web services to a client, the one meeting with the client should understand at least basic stuff, and know when to pull in a heavyweight for more questions. Instead, our web team is summarized by a guy who listens to 80's rock music in a shared office (used to be just me in there) and spends his days trying to get 30-year-olds on Facebook to click an ad.
He was on the phone yesterday with some ecommerce / CRM support, trying to tell them that they have an API, that "it's a simple thing, I'm sure you have it", and that's all we need to do business with them. Which is not his call, it's my call, but for some reason he's the one on the phone asking for API info. The last time I took someone else's word on an API, I underquoted the work and eventually found out that their "API" was nothing more than a cron job which places a CSV file on your server via FTP.
Anyway, we now have a full-time marketer and two part-time interns, with another ad out for an AdWords specialist. Meanwhile, I'm senior dev with a server admin / retired senior dev, and if we don't focus on hiring a front-end guy soon we're going to lose business.
Long story short, I'm getting sick of having a guy who does not understand basic web concepts run the show because he's the one who talks to the client.3 -
"One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users," according to the report of Bleeping Computer.
Vulnerability hunter Vinoth Kumar reported and later Starbucks responded it as "significant information disclosure" and qualified for a bug bounty. Along with identifying the GitHub repository and specifying the file hosting the API key, Kumar also provided proof-of-concept (PoC) code demonstrating what an attacker could do with the key. Apart from listing systems and users, adversaries could also take control of the Amazon Web Services (AWS) account, execute commands on systems and add or remove users with access to the internal systems.
The company paid Kumar a $4,000 bounty for the disclosure, which is the maximum reward for critical vulnerabilities.6 -
Fucking jesus christ, for some reason in chromium-based browsers if you have a table that fills up to the full height of the parent using flexbox rules, if you go to print it, it will fucking
i forgor 💀
and give it a height of minimum content height. The solution is to ALSO give it height: 100%;
Google completely unhelpful (I guess it's too specific and most people don't write web services specifically made for printing out?) but luckily it only took me like 3 guesses to figure out on my own.
But I could have easily seen this completely pissing me off to the point of quitting. FireFox doesn't have this issue.
RELATED TANGENT RANT:
Why the fuck is the default to use headers, footers, margin, and no background images (colors) ?!?!?!? The default printing for browsers COMPLETELY FUCKS UP THE PRINT
God FUCKING damnit.14 -
So I currently use Edge as my web browser (and DuckDuckGo as my search engine) because I avoid Google’s services when possible. I have heard several good comments about Firefox recently. Is it worth the switch?19
-
Me: Boycotting Facebook lately due to shady business practices, is very outspoken about how people shouldn't use Facebook services
Also me: Literally uses React for every web app
... conflicted 🤔3 -
A friend came to me whether i want to do a project on c++(someone asked him to find a c++ guy).
Me needing money didn’t refuse. Even though i am a Java developer with 0 skills on c++, but wanted to give it a try.
So project started, and it was about a plugin for rhinoceros app(3d graphics app).
The plugin was simple, had some views and some services to upload a file into s3 and some api calls, not something complex..
So i ended up working on the project together with my friend(web dev).
So long story short, we had a lot of issues, but considering we both had no knowledge on c++, we were really lucky to finish the product almost on time(3 days after).
Did no memory management even though i’ve read that we have to do that by our selfs and that c++ doesn’t have garbage collector.
But the plugin worked great even without garbage collector.
Had a lot issues with string manipulation, which almost drive me crazy.
PS: did a post here before taking the project, to ask whether it is a good idea to take the project or not, had some positive and some negative replies, but i deleted the post since i thought i was breaking the NDA i signed 😂😂
PS2: just finished OCAJP 8 last week with a great score😃6 -
Soo I’ve been frustrated with my luck in finding a job, but I need to start working!
I have been thinking about starting my own web services (of some type) business.
I need a mentor, or a partner or just someone to talk about ideas with.
How does one go about finding someone like that?
BTW I know this isn’t a networking specific but I think it’s worth a shot.16 -
Worst exp. with manager/higher-up?
Too many to pick the worst, but here are a few:
Manager demoted me because he believed I would be a roadblock to his wet dream of re-writing all the business services in WCF
https://youtube.com/watch/...
Manager spent years and wasted countless man hours retiring a single ASP.Net web service by converting the individual supporting assemblies into specific WCF services..
https://youtube.com/watch/...
Manager once berated me for 'missing' time log entries
https://youtube.com/watch/...
Manager scolded me for not fixing a 'bug' while praised another developer who re-wrote a reporting application due to a fixable hardware problem and deleting the source code files from source control.
https://youtube.com/watch/...
Manager wanted to rewrite all our code in XML.
https://youtube.com/watch/...
Manager wanted integration with a new phone system knowing the hardware+software did not exist yet ..
https://youtube.com/watch/...
Manager wanted me to 'take the lead' to speed up a web site in a foreign country we didn't control.
https://youtube.com/watch/... -
!rant
I've seen some rants about people complaining about websites using the 'www' subdomain, so I'd like to take this opportunity to try to explain my opinion about why sites might use it.
I use to feel the same way about not having the www subdomain. It felt like an outdated standard that serves no purpose. But I have changed my option...
Sometimes certain servers have other services running other than just the website, such as ssh, ftp, sql, etc., running on different ports. What if you want to use a web proxy and caching service similar to cloudflare or a cdn? We'll you can't, because they won't allow traffic to flow through to your other ports.
That's where the www subdomain comes in. Enable your caching and cdn on your www subdomain, and slap a 301 redirect from your primary domain on port 80 or 443 to the www subdomain. This still allows you to access your other services via the domain name while still gaining the benefits of using a cdn.
Now I know you could use an 'ftp' subdomain or the like, but to each their own in that regard.7 -
Woke up this morning to Amazon charging me over $100 bucks for the web services I used at my Hackathon last month. What the hell, I thought the free tier covered that?13
-
So, in my company we where initially about 20 programmers doing two big projects.
The client (who also is the owner of the company) keep asking more and more and more things. Each 3 months we update the site but the client doesn't start the marketing or anything else, so the app don't have any users.
After two years of development, 26 micro services, one big web platform in Python (web2py, bad decision) and a hybrid mobile app the client decide to shut down the project because it was "a little bit illegal".
The second project have the same problems, but this project does have marketing, the shitty part is after two year and a lot of development now the project isn't viable because the market is gone.
The boss calls, says he have some problems and he will fire 18 persons and reduce the payment of the rest, he ask us to "hold" for the good times.
The great idea he had for earn money is rewriting a WordPress app that have 4 years in production to angular (because he, who knows why, thinks angular is the best shit out there)
I want to quit but even with the reduced payment I know he pays way more than the market average, plus I'm still student.1 -
Whaaaat theeeee actual fuuuuuuuuck. So basically I've got a server running and everything is fine. All services are working and I can access the webserver running on it over every browser. But randomly my ssh access stopped working (can connect but doesn't return shit after last login message) and when loading the web config thingie from my provider it gives me an empty response (all other pages from the provider are working). So basically I've got a working server I cannot access. But I'd like to access it and cannot even restart that shitty thing.
Anybody else had a problem like that or has any idea wtf is going on?5 -
We had a school project where we where supposed to implement a software with a heavy client in C# and web services for it in C#, but the web services HAD TO COMMUNICATE WITH SMTP AND IMAP. And do that in 8 days.
We were 6 in the team. 4 had no idea what a web service is, and I and the designated project lead were the only ones knowing what to do. The lead had paperwork to do for the project, so I had to do everything but the UI alone. So 1 guy did the UI, 3 were... Playing Minecraft... The lead was doing paperwork and ranting about how noisy idiots these guys were... And I was sick as hell and could not eat anything, I was vomiting all day in between which moment I managed to make half of the functionalities of the project, despite having to go to the hospital and have to continue working despite the medical request not to work.
So the day before the presentation I had half of the functionalities done and I had to explain them yet another time what web services are so they can answer the questions and cover for themselves.
On the day of the presentation it went kinda fine. It was not finished but it worked like asked.
We were asked for peer evaluation and I gave A to the lead and the UI guy and B to the 3 other lazy asses.
Shortly after I am called by the tutor in the office : "What happened on this project? Were you not working at all? Apart for the lead who gave you an A, every one gave you a D (lowest grade). I demand for explanations"
I said never mind and got back to studying. I got a B, all the rest of the group an A.2 -
In a meeting yesterday working through our WebAPI coding standards, starting from File -> New project..etc..etc.. and ironing out some of the left-or-right decisions so we can have a consistent coding style, working in a meeting room with an overhead projector and sharing keyboard around with one another.
Then we hit the routing 'rules' in the WebApiConfig, "api/{controller}/{id}"…
DevMgr: "Do we need the 'api' prefix? It seems redundant."
Ralph: "Yes it's needed. Prefixing the controllers with 'api' is industry best practice. Otherwise, how is anyone to know it's a web api"
Prancer: "Yea, it's part of the REST standard."
Me: "I don't think so. That is only part of the Asp.Net routing rule. We can put anything we want or take anything out."
DevMgr: "Yea, it looks silly. All the new services are going to be business process specific."
Ralph: "That's how everyone does it. It's kind of the point of why REST services are called WebApi"
Prancer: "What's the point of doing any of this work if we're not going to follow industry standards."
Me: "I understand if the service is part of larger web site, but we're developing standalone services. Prefixing routes with 'api' is redundant. I mean who are these 'everyone' you're talking about?"
<ralph rolls his eyes>
Ralph: "Lets see …uhhh… Netflix?. They're kinda a big deal."
Me: "Like I said, it's an integral part of their site and the services they provide. That's fine. I'm talking about the 12 other 3rd party services we integrate with. None of them have 'api' on any of their routes."
Prancer: "We're talking about serious web services."
Me: "Last time I checked, UPS is a big and serious service."
Ralph: "Their services are a fracking joke" – he didn't say fracking.
Me: "Our payroll system, our billing system, billion dollar companies, didn't have '/api' prefix anywhere. Heck, even that free faxing service we used for a while was a dead-simple routing path."
<I take the keyboard away from Ralph, remove the 'api' from the route.>
Me: "There. Done. Now, lets talk about error handling.."
Rest of the meeting Ralph and Prancer don't say much of anything, arms crossed…I swear Ralph looked like he was going to cry.
This morning I catch my boss…
Me: "What did you think of the meeting? I thought Ralph was going to take a swing at me when I took the keyboard away from him."
DevMgr: "Oh yes…I almost laughed out loud….blows my freaking mind how worked up people get about crap that doesn't matter. Api..or not…who the frack cares. Just make it consistent"
Me: "Exactly…I didn't care either way, but I enjoyed calling out that nonsense."
DevMgr: "Yes..waaay too much."
If I didn't call them on their BS and the 'standard' allowed to continue, I can bet my paycheck when the subject comes up in a few months (another mgr asks 'isn't this api prefix redundant?') Ralph and Prancer will be the first to say "Yea, its stupid. We fought really hard to remove it from the standard...its not our fault...its <insert scapegoat> fault." -
better late than never.
So I just decided to go with Gitlab after being a Microsoft Team Services user.
To do next on my list:
Move away from .Net for backend services, any suggestions? I use dotnet core due to being able to easily finish what I want and with less code to write. Tried Springboot for Java but not a Java fan, might checkout kotlin though17 -
It was funny. But when I told the head of my dptmnt that I was getting bored at work they kinda freaked out. I really love my workplace. The people are nice everywhere and this is something I am not used to.
I started working when I was 13 at one of my dad's business. It was a lot of manual labor and every day my hands would be bruised because of all the cleaning and shit I had to do. Then he moved me to another one of his businesses and it was worse but I continued doing it for only 1 year. By 16 I had moved to simpler things, I was a waiter and even tho I hated it I was making enough money to go out on dates and buy whatever a 16 year old wanted. I continued being a waiter until I was 17(changed to two other places) and before I turned 18 I joined the U.S Army. That broke my body in ways that I would normally not believe a 18 year old capable of. It was around the time that I discovered programming but even after I left the military(at 22 I believe) I never worked on a programming job. Back at home I worked in retail. And believe you me....it is far more pleasant to be constantly getting blown up and broken than dealing with the most retarded people imaginable(this is what made me hate Mexican people even tho I am Mexican myself)
Fast forward at 23 and I landed my first programming jobs. As stated in other initial rant it was surrounded by assholes. Assholes everywhere that would cower at the idea of speaking to me face to face due to the possibility of being left as physically broken as I am.
But at 27 now I found myself in a happy place. With nice people, good coworkers, an amazing manager that also serves as eye candy and good benefits. But the job is boring, boring beyond belief and this is due to the fact that they have a self taught and academically trained computer scientist doing the most menial things on a daily basis. The shit that I do would be more becoming of a designer, which has a different set of mental skills that would probably engage them more. But I really don't want to work on the web unless I am doing something that actually takes some challenge, even tho I maintain Java and PHP web services, the shit is so boring that anyone would be able to finish the proceadures in hours on a day leaving one with nothing engaging to do. Sometimes I let shit get close to the deadline just to feel some sort of pressure that would keep me awake.
I just wanted to vent on how ceremoniously BORED i really am.
I want more shit to do. Can't really have much patience for the freelance shit since it doesn't make sense to hire me in exchange of having some indian dude doing it for a quarter of the price.4 -
1. I have to learn German (as a language).
2. I have undiagnosed and subclinical ADHD.
3. I have a job that partially needs my brain for 9 hours of the day.
4. I'm coming off of antidepressants. (Life has been hard lately. Needed a little help to cope.)
5. I need to finish learning German in about 2-3 months.
6. I don't enjoy interacting with people.
Any suggestions for what can help with the goal? Software, web apps, services, etc. Specially good non-violent and non-depressing tv-series.15 -
Our school had for an open source way of dealing with home schooling and managing the school network and so on.
Now the government forced a "proprietary" system on our school and everyone hates it. The teachers didn't want it the pupils didn't want it but who cares "what we do is the best".
Btw the proprietary system costs a fuck load of money even though they just mixed many open source projects and made it their own proprietary thing.
And this company now get's loads of money for their shitty system that never really worked once since we got it.
They blocked so many ip's that we can't even access google and it's services on the school wifi and the bandwith dropped severely with the new system.
Oh and many random ip's e.g. one of my vps is accessible but the other one not.
Discord is blocked.
Web whatsapp.
And so on...
Now....
I need to learn for tests next week and need to access that stuff on the portal but...
Now they decided to switch the LDAP server to the new system and since a few hours i can't access this fucking thing.
It seems like the platform now contacts the new server which isn't even up and running....
Never change a fucking running system....
Oh and we got smart boards and it runs on android and they didn't block adb. Now i installed clash of clans on one of those things. Haha whoops.
These boards cost 7000€ and have security patches from 2 years ago....and Android 87 -
TLDR;
How much do you earn for your skill set in your country vs your cost of living?
BONUS;
See how much I & others earn.
Recently I became aware of just how massive the gap in developers earnings are between countries. I'd love to calculate a fixed score for income vs cost of living.
I know this stuff is sensitive to some so if you prefer just post your score (avg income p/m after tax / cost of living).
I'm not shy so I'll go first:
MY RATES
Normal Rate (Long term): $23
Consulting / Short term: $30-$74
Pen Test: $1500 once off.
Pen Test Fixes: consulting rate.
Simple work/websites: min $400+
Family & Friends: Dev friends are usually free (when mutually beneficial). Family and others can fuck off, even if they can pay (I pass their info to dev friends with fair warning).
GENERAL INFO
Experience: 9 years
Country: South Africa
Developer rareness in country: Very Rare (+-90 job openings per job seeker).
Middle class wage in country: $1550 p/m (can afford a new car, decent apartment & some luxuries like beer/eating out).
Employment type: Permanent though I can and do freelance occasionally.
Client Locality: Mostly local.
Developer Type: Web Developer (True web dev - I do anything web related from custom HTTP servers to sockets, services, advanced browser api's, apps & more).
STACKS / SKILLSETS
I'M PROFICIENT IN:
python, JavaScript, ASP classic, bash, php, html, css, sql, msql, elastic search, REST, SOAP, DOM, IIS, apache
I DABBLE WITH:
ASP.net, C++, ruby, GO, nginx, tesseract
MY SPECIALTIES:
application architecture, automation, integrations, db's, real time data, advanced browser apps/extensions (webRTC, canvas etc).
SUMMARY
Avg income p/m after tax: $2250
Cost of living (car+rent+food): $1200
Score: 1.85
*Note: For integrity when calculating my cost of living I excluded debt repayments and only kept my necessities which are transport, food & shelter.
I really hope you guy's post your results, it would be great to get an idea of which is really the worst / best country to be a developer in.20 -
It all started with an undelivereable e-mail.
New manager (soon-to-be boss) walks into admin guy's office and complains about an e-mail he sent to a customer being rejected by the recipient's mail server. I can hear parts of the conversation from my office across the floor.
Recipient uses the spamcop.net blacklist and our mail was rejected since it came from an IP address known to be sending mails to their spamtrap.
Admin guy wants to verify the claim by trying to find out our static public IPv4 address, to compare it to the blacklisted one from the notification.
For half an hour boss and him are trying to find the correct login credentials for the telco's customer-self-care web interface.
Eventually they call telco's support to get new credentials, it turned out during the VoIP migration about six months ago we got new credentials that were apparently not noted anywhere.
Eventually admin guy can log in, and wonders why he can't see any static IP address listed there, calls support again. Turns out we were not even using a static IP address anymore since the VoIP change. Now it's not like we would be hosting any services that need to be publicly accessible, nor would all users send their e-mail via a local server (at least my machine is already configured to talk directly to the telco's smtp, but this was supposedly different in the good ol' days, so I'm not sure whether it still applies to some users).
In any case, the e-mail issue seems completely forgotten by now: Admin guy wants his static ip address back, negotiates with telco support.
The change will require new PPPoE credentials for the VDSL line, he apparently received them over the phone(?) and should update them in the CPE after they had disabled the login for the dynamic address. Obviously something went wrong, admin guy meanwhile having to use his private phone to call support, claims the credentials would be reverted immediately when he changed them in the CPE Web UI.
Now I'm not exactly sure why, there's two scenarios I could imagine:
- Maybe telco would use TR-069/CWMP to remotely provision the credentials which are not updated in their system, thus overwriting CPE to the old ones and don't allow for manual changes, or
- Maybe just a browser issue. The CPE's login page is not even rendered correctly in my browser, but then again I'm the only one at the company using Firefox Private Mode with Ghostery, so it can't be reproduced on another machine. At least viewing the login/status page works with IE11 though, no idea how badly-written the config stuff itself might be.
Many hours pass, I enjoy not being annoyed by incoming phone calls for the rest of the day. Boss is slightly less happy, no internet and no incoming calls.
Next morning, windows would ask me to classify this new network as public/work/private - apparently someone tried factory-resetting the CPE. Or did they even get a replacement!? Still no internet though.
Hours later, everything finally back to normal, no idea what exactly happened - but we have our old static IPv4 address back, still wondering what we need it for.
Oh, and the blacklisted IP address was just the telco's mail server, of course. They end up on the spamcop list every once in a while.
tl;dr: if you're running a business in Germany that needs e-mail, just don't send it via the big magenta monopoly - you would end up sharing the same mail servers with tons of small businesses that might not employ the most qualified people for securing their stuff, so they will naturally be pwned and abused for spam every once in a while, having your mailservers blacklisted.
I'm waiting for the day when the next e-mail will be blocked and manager / boss eventually wonder how the 24-hours-outage did not even fix aynything in the end... -
My bookmark bar has a random entry for "Clam Poisoning" , between all the Amazon Web Services and Ruby entries. I'm not sure who put it there? It wasn't my wife or I. Should I be worried? Should I avoid all the shellfish for a while?
-
Follow up on a previous rant:
I visited a customer to talk about the reporting discrepancy between two applications.
It turns out the applications were custom built by outsourced developers from Russia, that communicate with each other through a byzantine (and completely undocumented) series of web services, excel import/export tasks, and a customized SSRS environment.
These are spread across at least half a dozen servers, some on-premise and some cloud based, there are at least 3 SQL servers (2 running 2005, one running 2000), a 10 year old local install of TFS (which no one knows a username/password for), and who-knows-what-else.
They laid off their entire IT team years ago, and they have no backups.
I'm not certain anyone there even understands what the software is supposed to be doing beyond the most general terms.
No one knows if they even have source code.
Biggest case of "nope!" I've encountered in more than 20 years of IT experience.1 -
As I already said on devrant, I'm a freelance web developer and I also often sell my services for teaching, loving that. Currently I'm teaching PHP with 30 students and it's going very well.
But yesterday, I received an offer for giving another course next month, this time on HTML and CSS, for a company I don't know yet. Almost every line of this email is wrong, outdated by 20 years, or just basically meaningless...
So I thought I could do my best to translate this as close as possible to the original, preserving the wrong formulations too, just for you devranters fellas.
"Hello,
I have an offer for a 2 days course for 5 people (level 1+ and/or 2), on HTML5 and CSS3. Below, the program :
1. XHTML AND CSS2 INTRODUCTION
Advantages and benefits of change
Understanding compatibility for different versions of browsers
HTML, XHTML, CSS edition tools : presentation of the different tools
The CSS language : different types of selectors : class of selector, identifier of selector, contextual selectors, grouped selectors
Blocks of text, boxes of text
The CSS1, CSSP, CSS2 properties
Relative and absolute measures units
2. LAYOUT TECHNIQUES
Full CSS, XHTML websites demo
Positioning with the position property, positioning with the float property
Columns creation
Layout for forms
Layout for data tables
Layout for menus
3. INTRODUCTION TO SVG (SCALABLE VECTOR GRAPHICS)
Role and importance of SVG
Using SVG on client side : basic shapes
SVG structure of document, tags examples
Using CSS styles with SVG
Different integration methods for SVG in a XHTML document
4. OPTIMISATION OF JAVASCRIPT CODE
Introduction to DOM and Javascript
Access to document objects : different access techniques, using this keyword, create elements dynamically
Positioning elements with the help of Javascript : positionning elements relatively to the mouse, move elements
Show/hide elements for creating hierarchical menus
Code optimisation techniques : using objects, objects litterals, loops optimisation
Can you please give me your availability ?"
Seriously...
CSS-fucking-1 ! Is it a course for dinosaurs ?
...And if only my rant was just about the program...
It's totally impossible to cover all these subjects in only 2 days with people of different levels and experience.
The guy exactly said to me : "don't worry about the program, it's an old text but they agreed to it anyway. They just want to learn HTML and CSS, some of them already know it but want to learn more, and the others are total beginers.".
And here is the meaning for the "(level 1+ and/or 2)" part in the email.
So... Surprizingly, I accepted the offer, but asked for at least a 3rd day. I'm waiting for their answer, but I'll do it anyway, adapting the course content to the actual students knowledge. I need the money, after all.
Wish me luck...
It's just sad that these formation companies are selling bullshit to clients that just want to learn something useful. It's too often like that, they sell shitty/useless programs and we have to catch up in real time with students that don't understand why they don't learn what was told to them.3 -
Ok, first rant, about my struggles getting reliable internet over the past 6 years. It's not too interesting of a topic, but here we go:
I'm living in a more rural part of Germany and internet here is shit. I pay more than 50 bucks a month for 700kb/s downstream (let's just not talk about upstream...), which is meh by itself but it gets worse. Before this I had roughly 230kb/s downstream using DSL. My provider came out with a new oh-so-fucking-fancy solution for giving people faster internet without upgrading their lame ass fucking backbone and POS infrastructure from 70 years ago: they sell you hybrid internet which combines your shit DSL and an LTE connection using TCP Multicast. Not only do I get only 6 of my promised (and payed for) 50 Mbit, no, It's also a fucking piece of nonworking shit!!!
Let me illustrate:
You constantly have problems with web content (or any remote content) not loading because the host server does not support TCP Multicast. It either refuses connection altogether or it takes about 30-50 seconds to establish a connection. Think about your live when it takes two or three fucking minutes to load 5 YouTube thumbnails or load new tweets at the bottom of the Twitter page! Also, you never know if you a) have an error in your implementation of a new API or if b) the remote host doesn't support TCPMC (there's never an error for that! Fuck you!), your SSH sessions ALWAYS drop in the most inopportune fucking moments because the LTE thing lost connection, you always have to turn on a VPN if you want to visit specific websites (for example your school's website) and so on....
Oh and also, my provider started throttling specific services again these days with Netflix and YouTube struggling to display 240p, fucking 240p video without buffering when I get 600kbit down on steam (ofc the steam download is paused when watching videos). When using a VPN, YouTube 720p and Netflix HD work like a charm again. Fucking Telekom bastards
Then there is the problem with VPNs. The good thing about them is that they solve all the TCP Multicast problems. Yay. Now for the bad things:
First of all, as soon as I use a VPN, access times to remote go up by like fucking 500%. A fucking DNS lookup takes 8-15 seconds!!! The bandwidth is there but it takes forever.. because reasons I guess. Then the speed drops to DSL speeds after a while because the router turns off my LTE connection when it is unused and it does not detect VPN traffic as traffic (again because... Reasons?) And also, the VPN just dies after an hour and you have to manually reconnect (with every VPN provider so far)
And as if that wasn't enough, now the lan is dying on me, too, with the router (the fucking expensive hybrid piece of shit, 230 bucks..) not providing DHCP service anymore or completely refusing all wifi connections or randomly dropping 5Ghz devices, or.....
You get the point.
The worst thing is, they recently layed down 400mbit fiber in my neighborhood. Guess where the FUCKING PIECE OF SHIT CABLE ENDS??? YEAH, RIGHT IN FRONT OF MY NEIGHBORS HOUSE. STREET NUMBER 19 IS SERVED WITH 400MBIT AND MY HOME, THE 20, IS NOT IN THEIR FUCKING SERVICE REGION. Even though there is a fucking cable with the cable companies name on it on my property, even leading up to my house! They still refuse to acknowledge it! FUCK YOU!!!!
Well anyways thanks for reading. Any of you got the same problems? :/2 -
After years of only breaking even or low profitability BECAUSE PEOPLE ARE CHEAPSKATES WHO THINK WHAT I DO IS EASY AND SHOULD BE FREE OR $5 OR WHATEVER AND FRIENDS I DID WORK FOR FOR FREE TOTALLY ABANDONED OUR FRIENDSHIP AFTERWARDS FOR STUPID MISUNDERSTANDINGS ON THEIR PART I closed down my web dev business and now focus only on full time employment. I don’t even do sites for friends anymore.
But did that stop people who before wanted to haggle prices from now BEGGING me to go back into business or to help their referral or to please-pretty-please just help them with one more problem?
Nnnnnnope!
And even now I hate disappointing people and telling them no even though I know they’ll have tiny budgets and will stall and delay and not deliver content or make decisions so I can finish and GET PAID.
WTF IS WRONG WITH PEOPLE? WTF IS WRONG WITH ME?! AND WHERE WERE ALL THESE OPPORTUNITIES WHEN FEWER PEOPLE WERE INTERESTED IN MY SERVICES?!5 -
Worst architecture I've seen?
The worst (working here) follow the academic pattern of trying to be perfect when the only measure of 'perfect' should be the user saying "Thank you" or one that no one knows about (the 'it just works' architectural pattern).
A senior developer with a masters degree in software engineering developed a class/object architecture for representing an Invoice in our system. Took almost 3 months to come up with ..
- Contained over 50 interfaces (IInvoice, IOrder, IProduct, etc. mostly just data bags)
- Abstract classes that implemented the interfaces
- Concrete classes that injected behavior via the abstract classes (constructors, Copy methods, converter functions, etc)
- Various data access (SQL server/WCF services) factories
During code reviews I kept saying this design was too complex and too brittle for the changes everyone knew were coming. The web team that would ultimately be using the framework had, at best, vague requirements. Because he had a masters degree, he knew best.
He was proud of nearly perfect academic design (almost 100% test code coverage, very nice class diagrams, lines and boxes, auto-generated documentation, etc), until the DBAs changed table relationships (1:1 turned into 1:M and M:M), field names, etc, and users changed business requirements (ex. concept of an invoice fee changed the total amount due calculation, which broke nearly everything).
That change caused a ripple affect that resulted in a major delay in the web site feature release.
By the time the developer fixed all the issues, the web team wrote their framework and hit the database directly (Dapper+simple DTOs) and his library was never used.1 -
Signed up on Freelancer as a soft engg. graduate with quite a lot of projects in Android and web services. A guy inboxes me regarding an applied bid and once everything's clear and mutually agreed upon with, he presents me with this one God damn question - "how many years of experience have you got?"
With truth said, all I get in response is, "looking for people with more exp. thanks for your time".
Yeah I'm sure he was born with 5+ y experience right off the bat. 😠12 -
My company provides its services as web pages and web services to our customers.
Once a year we update the certificate used for the https connections.
I notified the update to the clients that use the web services.
One of them asked me a copy of the public key.
No problem. Open the web site with the browser, save the key and send by email.
One day later the client asked me the public key in a zip file because the anti virus blocked my attachment.
Why the client hates the Chain of Trust ?
He could obtain the public key by them self from the browser or openssl.1 -
It's been a while DevRant!
Straight back into it with a rant that no doubt many of us have experienced.
I've been in my current job for a year and a half & accepted the role on lower pay than I normally would as it's in my home town, and jobs in development are scarce.
My background is in Full Stack Development & have a wealth of AWS experience, secure SaaS stacks etc.
My current role is a PHP Systems Developer, a step down from a senior role I was in, but a much bigger company, closer to home, with seemingly a lot more career progression.
My job role/descriptions states the following as desired:
PHP, T-SQL, MySQL, HTML, CSS, JavaScript, Jquery, XML
I am also well versed in various JS frameworks, PHP Frameworks, JAVA, C# as well as other things such as:
Xamarin, Unity3D, Vue, React, Ionic, S3, Cognito, ECS, EBS, EC2, RDS, DynamoDB etc etc.
A couple of months in, I took on all of the external web sites/apps, which historically sit with our Marketing department.
This was all over the place, and I brought it into some sort of control. The previous marketing developer hadn't left and AWS access key, so our GitLabs instance was buggered... that's one example of many many many that I had to work out and piece together, above and beyond my job role.
Done with a smile.
Did a handover to the new Marketing Dev, who still avoid certain work, meaning it gets put onto me. I have had a many a conversation with my line manager about how this is above and beyond what I was hired for and he agrees.
For the last 9 months, I have been working on a JAVA application with ML on the back end, completely separate from what the colleagues in my team do daily (tickets, reports, BI, MI etc.) and in a multi-threaded languages doing much more complicated work.
This is a prototype, been in development for 2 years before I go my hands on it. I needed to redo the entire UI, as well as add in soo many new features it was untrue (in 2 years there was no proper requirements gathering).
I was tasked initially with optimising the original code which utilised a single model & controller :o then after the first discussion with the product owner, it was clear they wanted a lot more features adding in, and that no requirement gathering had every been done effectively.
Throughout the last 9 month, arbitrary deadlines have been set, and I have pulled out all the stops, often doing work in my own time without compensation to meet deadlines set by our director (who is under the C-Suite, CEO, CTO etc.)
During this time, it became apparent that they want to take this product to market, and make it as a SaaS solution, so, given my experience, I was excited for this, and have developed quite a robust but high level view of the infrastructure we need, the Lambda / serverless functions/services we would want to set up, how we would use an API gateway and Cognito with custom claims etc etc etc.
Tomorrow, I go to London to speak with a major cloud company (one of the big ones) to discuss potential approaches & ways to stream the data we require etc.
I love this type of work, however, it is 100% so far above my current job role, and the current level (junior/mid level PHP dev at best) of pay we are given is no where near suitable for what I am doing, and have been doing for all this time, proven, consistent work.
Every conversation I have had with my line manager he tells me how I'm his best employee and how he doesn't want to lose me, and how I am worth the pay rise, (carrot dangling maybe?).
Generally I do believe him, as I too have lived in the culture of this company and there is ALOT of technical debt. Especially so with our Director who has no technical background at all.
Appraisal/review time comes around, I put in a request for a pay rise, along with market rates, lots of details, rates sources from multiple places.
As well that, I also had a job offer, and I rejected it despite it being on a lot more money for the same role as my job description (I rejected due to certain things that didn't sit well with me during the interview).
I used this in my review, and stated I had already rejected it as this is where I want to be, but wanted to use this offer as part of my research for market rates for the role I am employed to do, not the one I am doing.
My pay rise, which was only a small one really (5k, we bring in millions) to bring me in line with what is more suitable for my skills in the job I was employed to do alone.
This was rejected due to a period of sickness, despite, having made up ALL that time without compensation as mentioned.
I'm now unsure what to do, as this was rejected by my director, after my line manager agreed it, before it got to the COO etc.
Even though he sits behind me, sees all the work I put in, creates the arbitrary deadlines that I do work without compensation for, because I was sick, I'm not allowed a pay rise (doctors notes etc supplied).
What would you do in this situation?4 -
How is coupling backend + frontend as a single nextjs app a good idea? What the fuck is this?
What if you have to create new replica sets of a backend because of high load pressure? What about load balancers?? What if i want my backend to be a microservice? How do i unit test the backend if its cluttered with frontend? WTF IS THIS
WHY DID NEXTJS THINK THIS IS A GOOD IDEA AND WHY DO SO MANY DEVS LOVE THIS IDEA AND GLORIFY NEXTJS?
Nextjs seems like the type of framework that was built by a frontend web developer who just refuses to learn backend technology at all costs.
---
its been a few hours and the concept of nextjs is bending my mind rn. I thought nextjs is just another frontend framework. A react killer. Only to find out its both a backend + frontend framework.
Cluttering backend stuff into frontend is gonna get messy no matter how much you try to modularize the code. Am i lost or am i right???
---
Scratching my head over nextjs. Looks like a great framework for small-mid project but definitely not large project. The more shit the project needs the more messy shit become. Angular has modularized all of this in separate folders -- components services guards interceptors (now new stuff coming called Signals) etc. All of it is separated in individual folders and kept frontend-only. Simple enough. No backend clutter
---
Can i even use nextjs strictly as a frontend framework while it uses my custom backend built in java spring boot? For example use nextjs /api/ folder to handle custom routes built outside of nextjs framework?
Am i insane here21 -
Back at <biginternationalorg> I witnessed a developer deliberately build an xss vuln into a company web application, so that he could plug a JS file in with all of his passwords hardcoded. Bear in mind, this is an org that provides services to both the UK and US military, and if you have access to some stuff you have access to the tools you need to impersonate high-ranking military folks.
I know its like, twenty different passwords, but that's what a goddamn keychain is for! If you don't trust windows keychains, do what I did and run a VM with a Foss keychain installed! Don't build a vuln right into a public facing web app, that's just stupidity. -
Please repeat after me:
"I will use 'Content-Disposition: attachment' whenever a file is supposed to be downloaded"
Write that sentence 100 times. Then re-read it every morning for at least one month.
Ahh, I don't even have the strength to rant. I'm so fucking tired of these shitty websites and web services. I should probably become an Amish.5 -
Python Question:
I'm learning Python and thought I'd start with web services since that's a concept I'm familiar with. My question is, in the attached code, am I doing it right when it comes to python? Cuz I feel like I'm following the same structure I follow in C# WebAPI and NodeJs
What about naming style? Is is the default for python? cuz I'm also using C# naming style :\
Thanks in advance ranters :)26 -
ZNC shenanigans yesterday...
So, yesterday in the midst a massive heat wave I went ahead, booze in hand, to install myself an IRC bouncer called ZNC. All goes well, it gets its own little container, VPN connection, own user, yada yada yada.. a nice configuration system-wise.
But then comes ZNC. Installed it a few times actually, and failed a fair few times too. Apparently Chrome and Firefox block port 6697 for ZNC's web interface outright. Firefox allows you to override it manually, Chrome flat out refuses to do anything with it. Thank you for this amazing level of protection Google. I didn't notice a thing. Thank you so much for treating me like a goddamn user. You know Google, it felt a lot like those plastic nightmares in electronics, ultrasonic welding, gluing shit in (oh that reminds me of the Nexus 6P, but let's not go there).. Google, you are amazing. Best billion dollar company I've ever seen. Anyway.
So I installed ZNC, moved the client to bouncer connection to port 8080 eventually, and it somewhat worked. Though apparently ZNC in its infinite wisdom does both web interface and IRC itself on the same port. How they do it, no idea. But somehow they do.
And now comes the good part.. configuration of this complete and utter piece of shit, ZNC. So I added my Freenode username, password, yada yada yada.. turns out that ZNC in its infinite wisdom puts the password on the stdout. Reminded me a lot about my ISP sending me my password via postal mail. You know, it's one thing that your application knows the plaintext password, but it's something else entirely to openly share that you do. If anything it tells them that something is seriously wrong but fuck! You don't put passwords on the goddamn stdout!
But it doesn't end there. The default configuration it did for Freenode was a server password. Now, you can usually use 3 ways to authenticate, each with their advantages and disadvantages. These are server password, SASL and NickServ. SASL is widely regarded to be the best option and if it's supported by the IRC server, that's what everyone should use. Server password and NickServ are pretty much fallback.
So, plaintext password, default server password instead of SASL, what else.. oh, yeah. ZNC would be a server, right. Something that runs pretty much forever, 24/7. So you'd probably expect there to be a systemd unit for it... Except, nope, there isn't. The ZNC project recommends that you launch it from the crontab. Let that sink in for a moment.. the fucking crontab. For initializing services. My whole life as a sysadmin was a lie. Cron is now an init system.
Fortunately that's about all I recall to be wrong with this thing. But there's a few things that I really want to tell any greenhorn developers out there... Always look at best practices. Never take shortcuts. The right way is going to be the best way 99% of the time. That way you don't have to go back and fix it. Do your app modularly so that a fix can be done quickly and easily. Store passwords securely and if you can't, let the user know and offer alternatives. Don't put it on the stdout. Always assume that your users will go with default options when in doubt. I love tweaking but defaults should always be sane ones.
One more thing that's mostly a jab. The ZNC software is hosted on a .in domain, which would.. quite honestly.. explain a lot. Is India becoming the next Chinese manufacturers for software? Except that in India the internet access is not restricted despite their civilization perhaps not being fully ready for it yet. India, develop and develop properly. It will take a while but you'll get there. But please don't put atrocities like this into the world. Lastly, I know it's hard and I've been there with my own distribution project too. Accept feedback. It's rough, but it is valuable. Listen to the people that criticize your project.9 -
I just used booking.com and good fucking god is the whole website a shit infested hell hole. They use scammiest and pushiest techniques to make you book a place asap without giving you space to breathe and read details.
They try to obfuscate what's actually necessary with what they want to take from you. For example just before reserving a room there's a checkbox that's close enough to words "terms and conditions" and "privacy policy" for unsuspecting user to habitually check it to proceed. However, you clicking "reserve" is considered your consent and that checkbox simply adds your email to their spamming list.
There are countless examples of absolute asshole design within every inch of that place and I don't even want to imagine what they do with my data.
Suffice to say this was the first and last time I will use their services and if I were to give any advice, is "don't be the dick responsible for website/app/service similar to booking.com"5 -
Biggest lesson learned for me was believing some guy wearing a comb over & a fake tan who sounds like a car salesman. He claimed selling web app services to companies was no different than selling cars. It turns out that a lot of investors were not too happy that the company went under (b4 anything was released) b/c the CEO/CFO somehow managed to burn several million dollars on first class flights, cruises, 5 star restaurants, a luxury company car (for himself), hotels, etc.,. oh and even some fake tans!
Worst part about all that he wasn't even worth sueing because he had no money after all that. He even signed the 'company' car over to one of his kids!3 -
Anyone else feels technology didn't have a major turning point in a while?
I mean, since the late 1980's we had an explosion of technologies:
Gaming consoles
Macintosh
Windows
GNU/Linux
World Wide Web
Smartphones
The rise of advanced web applications and JavaScript
But now? It seems like stagnation for the past 5-10 years or so.
Sure here and there there some nice stuff(like Cryptocurrency, Cloud services, IoT), but nothing that feels completely game-changing.
What do you think will be the next thing that will completely change our lives?18 -
After spending weeks fucking around with Pharo Smalltalk building different web services....I don't want to go back to using other languages anymore.
fuck me....I got hit by Pharo really hard.9 -
* Developing a new "My pages" NBV offer/order solution for customer
_Thursday
Customer: Are we ready for testing?
Me: Almost, we need to receive the SSL cert and then do a full test run to see if your sales services get the orders correctly. At this point, all orders made via this flow are tagged so they will not be sent to the Sales services. We also still need to implement the tracking to see who has been exposed to what in My Pages.
Customer: Ok, great!
_Friday
Customer: My web team needs these customers to have fake offers on them, to validate the layout and content
Me: Ok, my colleague can fix this by Tuesday - he has all the other things with higher prio from you to complete first
Customer: Ok! Good!
_Sunday
Me: Good news, got the SSL cert installed and have verified the flow from my side. Now you need to verify the full flow from your side.
Customer: Ok! Great! Will do.
_Monday
*quiet*
_Tuesday
Customer: Can you see how things are going? Any good news?
Me: ???
*looks into the system*
WTF!?!
- Have you set this into production on your side? We are not finished with the implementation on our side!
Customer: Oh, sorry - well, it looked fine when we tested with the test links you sent (3 weeks ago)
Me: But did you make a complete test run, and make sure that Sales services got the order?
Customer: Oh, no they didn't receive anything - but we thought that was just because of it being a test link
Me: Seriously - you didn't read what i wrote last Thursday?
Customer: ...
Me: Ok, so what happens if something goes wrong - who get's blamed?
Customer: ...
Me: FML!!!2 -
Three-factor authentication:
1. Setup an Amazon.com account.
2. Setup an Amazon Web Services account under the same e-mail address
3. Setup two-factor authentication for both systems.
4. Login to Amazon Web Services in a new browser session, and you'll be required to provide BOTH security tokens at login (Amazon.com first, then AWS second.)3 -
Spent the day refactoring a REST app into graphQL, that feeling when all tests are green and everything is committed and merged 😧🤓3
-
I remember someday from a few years ago, because i just got off the phone with a customer calling me way too early! (meaning i still was in my pyjamas)
C:"Hey NNP, why si that software not available (He refers to fail2ban on his server)
Me: "It's there" (shows him terminal output)
C: " But i cannot invoke it, there is no fail2ban command! you're lieing"
Me: "well, try that sudoers command i gave you (basically it just tails all the possible log files in /var/log ) , do you see that last part with fail2ban on it?
C: "Yeah, but there is only a file descriptor! nothing is showing! It doesnt do anything.
Me: "That's actually good, it means that fail2ban does not detect any anomalies so it does not need to log it"
C:" How can you be sure!?"
Me: "Shut up and trust me, i am ROOT"
(Fail2ban is a software service that checks log files like your webserver or SSH to detect floods or brute force attempts, you set it up by defining some "jails" that monitor the things you wish to watch out for. A sane SSH jail is to listen to incoming connection attempts and after 5 or 10 attempts you block that user's IP address on firewall level. It uses IPtables. Can be used for several other web services like webservers to detect and act upon flooding attempts. It uses the logfiles of those services to analyze them and to take the appropriate action. One those jails are defined and the service is up, you should see as little log as possible for fail2ban.)5 -
1. Kill Internet Explorer
2. Kill anyone who sell their web/app/design services cheaply that broke the market value
3. Kill anyone who want something in exchange of "exposure" or "you'll get the money when we get funding or IPO" or some shit like that, you name it.1 -
Imagine a web way ahead of our time where its size goes beyond our imagination...
This is my first rant, and I'll cut to the chase! I don't like how web currently stands. Here's what makes me angry the most altough I know there's a myriad of solutions or workarounds:
- A gazillion credentials/accounts/services in your lifetime.
- Everyone tries to reinvent the wheel.
- There's no single source of truth.
- Why the fuck there's so much design in a vision that started as a network of documents? Why is it that we need to spend time and energy to absorb the page design before we can read what we are after?
- What's up with the JS front end frameworks?! MB's of code I need to download on every page I visit and the worse is the evaluation/parsing of it. Talk about acessibility and the energy bills. I don't freaking need a SPA just give a 20-50ms page load and I'm good to go!
- I understand that there's a whole market based on it but do we really need all that developer tools and services?
- Where's our privacy by the way? Why the fuck do I need ads? Can't I have a clue about what I wan't to buy?
Sticking with this points for now... Got plenty more to discuss though.
What I would like to see:
A unique account where i can subscribe services/forums/whatever. No credentials. Credentials should be on your hardware or OS. Desktop Browser and mobile versions sync everything seemlesly. Something like OpenID.
Each person has his account and a profile associated where I share only what I want with whom I want when I want to.
Sharing stuff individually with someone is easy and secure.
There's no more email system like we know. Email should be just email like it started to be. Why the hell are we allowing companies to send us so much freaking "look at me now, we are awesome", "hey hey buy from me".. Here's an idea, only humans should send emails. Any new email address that sends you an email automatically requests your "permission" to communicate with you. Like a friend request.
Oh by the way did I tell you that static mail is too old for us? What we need is dynamic email. Editing documents on the fly, together, realtime, on the freaking email. Better than mail, slack and google docs combined.
In order for that to work reasonably well, the individual "letter" communication would have to be revamped in a new modern approach.
What about the single source of truth I talked about? Well heres what we should do. Wikipedia (community) and Larry Page (concept) gave us tremendous help. We just need to do better now.
Take the spirit of wikipedia and the discoverability that a good search engine provides us and amp that to a bigger scale. A global encyclopedia about everything known to mankind. Content could be curated from us all just like a true a network.
In this new web, new browser or whatever needed to make this happen I could save whatever I want, notes, files, pictures... and have it as I left it from device to device.
Oh please make web simple again, not easy just simple and bigger.
I'm not old by the way and I don't see a problem with being older btw.
Those are just my stupid rants and ideas. They are worth nothing. What I know for sure is that I'll do something about or fail trying to.12 -
Two (2) senior developers and one (1) senior tester left our team and I am left with two (2) Java legacy applications that are hard to maintain. Here is a list of things I hate about these old webapps (let's call them app A and B):
1. App A depends on 80% web services. If one web service for a product or warehouse goes down, work flow is impeded while prod support team checks with the core services team for repair
2. App B is a maven project with multiple modules dependent on libraries that are dependent on company's internal libraries. So if we want to upgrade to OpenJdk 9 and up, the project will definitely produce a lot of errors due to deprecated/unsupported codes
3. App A is dependent on Tibco and I have no experience on that
4. App B's continuous integration build tool is Jenkins and the jobs that build it has a shell script that wasn't updated during the tech upgrade enhancement. The previous developer who did the knowledge transfer to me didn't tell me about this (it should be considered a defect on her part but she already resigned)
5. App A when loaded in eclipse IDE is a pain to work with since it is only allowed to build a war file using ant. I have to lookup in quick search instead of calling shortcuts (call hierarchy) because the project wasn't compiled via eclipse.
6. It's impossible to debug app A because of #5
7. Both applications have high priority and complex enhancements and I have no other teammates to help me
8. You never know what else can go wrong anytime1 -
Why has authentication of web services to be so fucking complicated?
PAM, OpenID, LDAP, SSO...
Every fucking service supports something different and I have a hard time finding a decent tutorial on LDAP and the likes.6 -
At my previous company, we used tools from all over the place. We switched between tools at will. Sometimes, some team would decide to use some tool while the rest of the company would use something else. The worst part was that there was no Single-Sign-On (SSO) either. Everyone would need to have an account on all of these said tools. It was chaos.
I realized that being integrated into one environment (even though would have the cost of a vendor-lock-in) was the best option to have because in that case, we wouldn't have to deal with operational hurdles like having integration from one tool to another. They would just come baked-in with the whole environment. That's how GSuite (formerly Google Apps for Work), Atlassian and other players succeeded - they gave a complete suite of services / software that integrated well with each other. You could jump back and forth between services without having to bother about integration with other tools. They'd all be there wherever you wanted them to be. Even cloud providers so that opportunity and built on it - Amazon Web Services (AWS), Google Cloud Platform (GCP), Kubernetes (in itself).
Another example is a company that used Jira, Confluence and Hipchat but for some dumb reason used Gerrit for their code review / hosting. Eventually, they realized that managing the integration with the Atlassian tools was far more expensive than getting bitbucket and migrating completely into the Atlassian environment.
It's always the integration that matters. Everything else is secondary. -
When the CTO/CEO of your "startup" is always AFK and it takes weeks to get anything approved by them (or even secure a meeting with them) and they have almost-exclusive access to production and the admin account for all third party services.
Want to create a new messaging channel? Too bad! What about a new repository for that cool idea you had, or that new microservice you're expected to build. Expect to be blocked for at least a week.
When they also hold themselves solely responsible for security and operations, they've built their own proprietary framework that handles all the authentication, database models and microservice communications.
Speaking of which, there's more than six microservices per developer!
Oh there's a bug or limitation in the framework? Too bad. It's a black box that nobody else in the company can touch. Good luck with the two week lead time on getting anything changed there. Oh and there's no dedicated issue tracker. Have you heard of email?
When the systems and processes in place were designed for "consistency" and "scalability" in mind you can be certain that everything is consistently broken at scale. Each microservice offers:
1. Anemic & non-idempotent CRUD APIs (Can't believe it's not a Database Table™) because the consumer should do all the work.
2. Race Conditions, because transactions are "not portable" (but not to worry, all the code is written as if it were running single threaded on a single machine).
3. Fault Intolerance, just a single failure in a chain of layered microservice calls will leave the requested operation in a partially applied and corrupted state. Ger ready for manual intervention.
4. Completely Redundant Documentation, our web documentation is automatically generated and is always of the form //[FieldName] of the [ObjectName].
5. Happy Path Support, only the intended use cases and fields work, we added a bunch of others because YouAreGoingToNeedIt™ but it won't work when you do need it. The only record of this happy path is the code itself.
Consider this, you're been building a new microservice, you've carefully followed all the unwritten highly specific technical implementation standards enforced by the CTO/CEO (that your aware of). You've decided to write some unit tests, well um.. didn't you know? There's nothing scalable and consistent about running the system locally! That's not built-in to the framework. So just use curl to test your service whilst it is deployed or connected to the development environment. Then you can open a PR and once it has been approved it will be included in the next full deployment (at least a week later).
Most new 'services' feel like the are about one to five days of writing straightforward code followed by weeks to months of integration hell, testing and blocked dependencies.
When confronted/advised about these issues the response from the CTO/CEO
varies:
(A) "yes but it's an edge case, the cloud is highly available and reliable, our software doesn't crash frequently".
(B) "yes, that's why I'm thinking about adding [idempotency] to the framework to address that when I'm not so busy" two weeks go by...
(C) "yes, but we are still doing better than all of our competitors".
(D) "oh, but you can just [highly specific sequence of undocumented steps, that probably won't work when you try it].
(E) "yes, let's setup a meeting to go through this in more detail" *doesn't show up to the meeting*.
(F) "oh, but our customers are really happy with our level of [Documentation]".
Sometimes it can feel like a bit of a cult, as all of the project managers (and some of the developers) see the CTO/CEO as a sort of 'programming god' because they are never blocked on anything they work on, they're able to bypass all the limitations and obstacles they've placed in front of the 'ordinary' developers.
There's been several instances where the CTO/CEO will suddenly make widespread changes to the codebase (to enforce some 'standard') without having to go through the same review process as everybody else, these changes will usually break something like the automatic build process or something in the dev environment and its up to the developers to pick up the pieces. I think developers find it intimidating to identify issues in the CTO/CEO's code because it's implicitly defined due to their status as the "gold standard".
It's certainly frustrating but I hope this story serves as a bit of a foil to those who wish they had a more technical CTO/CEO in their organisation. Does anybody else have a similar experience or is this situation an absolute one of a kind?2 -
Amazon Web Services has the worst naming among clouds.
They have "Aurora" and "Athena". Both services relate to data. Both are woman's names. Both start with "A".
Amazon, what's wrong with you?13 -
Best experience: web development boot camp with serious and knowledgeable teachers who work hard. Classmates that are skilled professionals looking to succeed.
Worst experience: web development boot camp where the administration are jackasses. The career services are useless. And my project teammates are mostly lazy morons. -
I really like my position as the head of my department. But I am most definitely hitting walls(and in some way breaking them) concerning the way the CTO(my direct boss) deals with a lot of the things that his management team wants to do.
For example, the previous manager could only do so much in terms of directing a software team since she did not have a formal background in computer science or engineering, thus the developers that she had would tell her the different deals with many things and she would have to take their word for it. Nothing necessarily bad with this, but it just meant that a lot of things could have gone smoother had she the knowledge to fix said items. Whenever she would try to use resources(dev time or such) the CTO will resort to the all powerful manthra of "if it ain't broke don't fix it!".
but it was about more than fixing things that were breaking, our internal services and admin boards were built using all of the WRONG proper development practices, it feels as if they took the book of best practices.....and said fuck it and did whatever the fuck they wanted. It is the worst PHP/Java/JS code I have ever seen in my entire life and the reason why even though I do not concur with it I will always understand the dislike from other developers. Our services look like something that came out from the 90s, no style, no engineering concepts in place, no versioning no testing NADA zip(these are all web based services)
One in particular, it was an admin board used internally to let students evaluate their professors, the entire app is shit, and it was broken, for some UNGODLY reason, the original dev decided to use some weird external libraries he got from some blog somewhere and as such something that would take about 5 or 6 files is now a mess with over 200 php/js files all over the fucking place. The CTO insisted on fixing them, they were all broken, and I continuously told him that redesigning the application would be faster.
Mofo fought me on it, and in the end I did what I wanted and rebuilt the app.
It took me one afternoon. One fucking afternoon, over possibly 2 weeks of fixing it.
See, I am not one to just do whatever he pleases, but I am firm in my belief that if I know a better way I will do it and save precious time. The dude had to agree with me on this and promised to consider this shit on other items that will undoubtedly come up. He was lying out of his ass but oh well..........
W3 -
My first job as a '"dev"' (I really need some kind of super quotation mark for this).
I was young and too stupid too know how stupid I really was, I jobbed at a small recruiting firm and one day my boss complained about her database system and that she needed to hire a student to remake it. Suffering from the problem to be too incompetent to even recognise I'm incompetent I obviously offered my services as a python wizard I mean I could write a program that saves fibonacci numbers to a csv file, how much more could there possibly be? Fast forward two months and I proudly presented a GUI written in VB (it had an wysiwyg GUI editor) that was loosely frankensteined onto a bunch of together copy pasted python scripts running on a Windows Server. No web interface just accessible via vnc. It was slow, sluggish and soo ugly but it worked and did exactly what she wanted it to do. Sure the database was a bunch of csv files but non the less, to say it in pm, it resolved the user story. I quit shortly after because of her tendency to not pay the last bill after something was done (and tbh i deserved it) but she never removed my account from the server. So I copied my "magnus opus" from there... Let's just say whenever I look back at it I feel ashamed and yet it serves as a reminder to never be content with how good you are. -
Service status pages that poorly reflect actual service status are so annoying. Ex. GitHub is having a lot of latency issues with processing updates and like 5 people in my office noticed it while their status page still says everything is fine.
This isn't to explicitly call out GitHub since many service status pages behave like this, but it definitely shows a general weakness in these health checks. I've seen similar issues with tons of services, web hosts, etc. Monitoring is definitely hard but will hopefully keep getting better.1 -
I know compiled languages will always be the norm for performance applications and operating systems. But do you guys feel like general purpose applications are moving away from compiled languages to interpreted ones? Web apps are exceedingly common now, and even many server infrastructural applications and services are being coded in interpreted languages. Am I observing accurately, or is just maybe my exposure?12
-
Been working on AWS for about 8 months. Always looked at Cloudformation like an Alien thing. Never thought I'd be the one diving into this Rabbit hole.
But now here I am, 3rd day, trying to Automate the whole infrastructure of my App via Cloudformation.1 -
It's 2022 and mobile web browsers still lack basic export options.
Without root access, the bookmarks, session, history, and possibly saved pages are locked in. There is no way to create an external backup or search them using external tools such as grep.
Sure, it is possible to manually copy and paste individual bookmarks and tabs into a text file. However, obviously, that takes lots of annoying repetitive effort.
Exporting is a basic feature. One might want to clean up the bookmarks or start a new session, but have a snapshot of the previous state so anything needed in future can be retrieved from there.
Without the ability to export these things, it becomes difficult to find web resources one might need in future. Due to the abundance of new incoming Internet posts and videos, the existing ones tend to drown in the search results and become very difficult to find after some time. Or they might be taken down and one might end up spending time searching for something that does not exist anymore. It's better to find out immediately it is no longer available than a futile search.
----
Some mobile web browsers such as Chrome (to Google's credit) thankfully store saved pages as MHTML files into the common Download folder, where they can be backed up and moved elsewhere using a file manager or an external computer. However, other browsers like Kiwi browser and Samsung Internet incorrectly store saved pages into their respective locked directories inside "/data/". Without root access, those files are locked in there and can only be accessed through that one web browser for the lifespan of that one device.
For tabs, there are some services like Firefox Sync. However, in order to create a text file of the opened tabs, one needs an external computer and needs to create an account on the service. For something that is technically possible in one second directly on the phone. The service can also have outages or be discontinued. This is the danger of vendor lock-in: if something is no longer supported, it can lead to data loss.
For Chrome, there is a "remote debugging" feature on the developer tools of the desktop edition that is supposedly able to get a list of the tabs ( https://android.stackexchange.com/q... ). However, I tried it and it did not work. No connection could be established. And it should not be necessary in first place.7 -
So, today a developer from a web app consuming our services requested to fix a 429 http error code (too many requests) they are seeing. The request is on an email with our managers cc'ed4
-
So finally selected..
Long waiting and fighting for the fucking development field ;)
So new journey is started now..
Enjoyed this duration.
Going to work on web services.
Feeling happy ;) -
That feeling when the Jenkins build fails and fixing it is both out of your scope and permission.
Dear devops, you should know when a certificate expires that we use to authenticate with external web services. -
Me: there seems to be a problem in the Web Sphere app server...I would recommend u change it to weblogic
Client( IT division head of his company): is it compatible with websphere soap..??
Me: soap is generic, websphere is just an app server
Client: no but we have been told to use only websphere soap, is weblogic having that..??
Me: soap is protocol, app server is changeable..
Client: no we want only websphere soap.
Me:....(trying to find the nearest exit)4 -
For : Web devs, especially corporate website developers. (home, about, services, contact pages with content update features, bla bla)
Question : Is there an open sourced PHP solution between Wordpress and Laravel?
Reasons
- I do not want full framework like laravel for such simple website.
- Laravel is too much and heavy for standard corporate websites and not all clients can afford ssh-enabled servers.
- I do not want full CMS features like plugins, themes, etc from Wordpress.
- Wordpress themeing is not super difficult but also not as simple as Laravel's blades.
- I also don't wanna go static since the content update needs to be dynamic.
- I am willing to write own templates, CRUDs in minimal approach just for specific parts based on clients requirements.
- I want something that can easily host on shared hosting. (do not have to worry about composer and ssh)
Any thought?8 -
IBM Cloud seems to be the only cloud computing platform that has a responsive website.
Admittedly I have only used GCP and AWS, I haven't touched Azure yet. Both GCP and AWS have incredibly slow web portals that take ages to load after every single click.
IBM Cloud is the only cloud service platform when I clicked a button and it loaded the next page like a normal website. It honestly felt surreal to navigate through all of their services. I have no clue why AWS and GCP are both so bad, it reflects really poorly on their services. If they can't get their own web portals to run quickly, why should I expect their services to be fast and reliable?2 -
Whoever the fuck at my university thought that a distributed systems project using Java Web services was a good idea? The server we're supposed to use (Glassfish) is so out-of-date, half the time spent on this project is just spent fixing fucking broken dependencies and otherwise getting it to play nice. Please just tell me this shit isn't used in industry outside of legacy applications.5
-
My ideal dev job, would be a job I can show compassion towards. A team I can be proud of and learn from. And a vibrant workspace with likeminded individuals who just want to improve themselves even if they feel their at their pinnacle.
My current office tries to make use of new technologies, we've embedded docker, vagrant, a few ci systems on an in need basis per team, and a lot of other tools.
My only real qualms are they feel indifferent towards new languages and eco systems ( Node.js, GoLang, etc ). Our web team is still using angular.js 1.x, bower, refuses to look into webpack or a new framework for our front end which is currently being bogged down by angulars dirty checking.
Our automated quality assurance team is forced to use Python for end to end testing, I've written an extensive package to make their lives easier including an entire JavaScript interface for dispatching events and properly interacting with custom DOMs outside of the scope of the official selenium bindings.
Our RESTful services are all using flask and Python, which become increasingly slow with our increase in services. I've pushed for the use of Node or GoLang with a GraphQL interface but I'm shot down consistently by our principle engineers who believe everything and anything must be written in Python.
I could go on, but tldr; I'm 21 and I have a ton of aspirations for web development. I'd like to believe I'm well rounded for my age, especially without any formal education. I'd love to be surrounded by individuals who want the same, to learn and architect the greatest platforms and services possible.1 -
Would someone like to review my new website for web development and tech work?
www.thewebnician.com
ToDo
add services via back end(hard-coded in right now)
make it easy to apply discounts
A rating system
add chat to website
add site specs
add a more detailed about page6 -
This week has been a good week, work wise at least.
My projects are coming along, I’m getting a CI-CD server spun up so we can start making use of Gitlab runners for builds and testing (deployment is next on my list)
The boss gave good feed back in the gitlab issues I raised after a demo yesterday (new features, nothing major but it’s nice to have positive feed back)
My focus has very much been on the technical side of things, testing and de-bugging web services,
The boss is very keen for me to start implementing apis, starting with one of the apps I’m working on, so we can start writing apis for other systems which integrate with third parties.
I’m actually excited about my work again, and I think it shows, which is why they’re steering me this way.
I’m going to give it 6 months and then ask for a pay review, as I think my responsibilities have increased enough to warrant at least asking about a pay rise -
We have to deliver a new functionality in 2 weeks and the client hasn't share with as the specs of the flow and the business details yet.
So until today we had developed the half functionality believing that our system will communicate with Web services with a third - not the actual one.
We figured it almost by luck, when randomly, a colleague from the third system made a funny comment.....2 -
Co-founder: "It doesn't make sense in the sense that it doesn't make sense with regards to our services."
Me: I'll ask again when your meds have worm off.
My co-founder is evidently on some pretty strong pain killers, when I just asked him about a logo idea for promoting our company (it's a web dev company so it's relevant here).1 -
I have a client who I do web design and hosting for. He texted me at 5am to tell me that his website "was no longer working" and he wanted me to fix it. He got mad and threatened to cancel his services because we couldn't "keep his site up". It turned out that he let his domain name expire. I am not a morning person and that was my only day off. I guess that's what you call self employment.1
-
My 2 cents on different OSes to use.
I think Linux is best for running servers and services and having long run times with little issues (when its Console and not GUI based.) But I have a lot of issues with using its GUI distributions like Ubuntu and it feels kind of unpolished in that area.
I prefer macOS for its GUI as it actually works and has far less issues than Windows GUI and is (IMO) better than Linux GUI's by far. But macOS just doesn't feel like it was designed super users and it can feel like its holding you back a bit. Also you have to use Mac hardware which are amazing machines, they are just overpriced.
I prefer Windows for its GUI and despite its problems, it is very well designed for super users and has very well designed remote desktop features and scalability (although it is a pain to maintain.) Windows works well for connected company systems.
In my opion:
Linux: Servers, databases (no GUI)
macOS: Designers, photo/video editing, IT/programmers and general use as a standalone (not part of a company system).
Windows: IT/programmers, super users, general use but better than macOS at working together in a company setup, but macOS is better at being a personal laptop or PC.
I personally use Linux for our email and web servers. Windows for our company computers (designers use Macs) and I have a Macbook as my own personal computer.25 -
The first dev project, like real dev project, I participated in was a school one and it was double.
The class was meant to make us learn about the software's life cycle, so the teacher wanted us to develop a simple, yet complicated, thing: a Web platform to help tutors send/refer students to the university services (psychologist, nutriologist, etc) and to keep track of them visits.
We all agreed on it being easy.
Boy were we so wrong.
I was appointed as dev leader as well as some others (I was the programming leader, the other ones were the DB guy and the security guy) and as such I was in charge of the technology used (well, now we all know that the client is the one in charge of that as well as the designer) and I chose Django because we had some experience with it. We used it for the two projects the teacher asked us to do (the second one was to find a little shop and develop something for it, obviously with the permission and all that), but in the second one I decided to use React on top of Djangl, which ended being a really good combination tho.
So, in the first project, the other ones (all the classroom) started to discuss and decided to use some other stuff like unnecessary carousel for images, unnecessary functions, they created mock ups for stuff that was never there to begin with, etc. It was really awful, we had meetings with the client (the teacher) with updates on the project, and in not a single one he was satisfied with the results. But still, we continued with the path the majority chose and it was the worst: deadlines were not met, team members just vanished until the end of the semester, one guy broke his leg (and was a dev leader) and never said a word not did anything about the project. At the end, we presented literal garbage, the UI was awful, its colors were so ugly because we had to use the university official colors, the functionality was not there, there literally was a calendar to make appointments for the services (when did the client ask for that? No one knows), but hey, you could add services and their data to it, was it what the client wanted? Of course not! What do you think we are? Devs?
Suffice to say that, although we passed with good grades, the project and the team was shit (and I'm counting me in)
The good part is that the second project was finished by me and it looked really good, yet it didn't matter, the first project was supposed to be used by the university, but that thing was unusable.
Then, in the subsequent vacations I tried to make pretty and functional/usable, yet I failed because I had a deadline for another thing I had to do, but hey, the login screen looked amazing! -
I've been complaining for 2 years about working on a project with shitty external developers. Finally get another project done by internal developers and the architecture and decisions made were just as shitty. Like, there are Soap web services implemented solely for the web app ui alongside rest services for the mobile app. Now I'm left to maintain the failed attempt to correct the architecture 3 years ago and all the devs already left. Oh joy.
-
Senile Web login services from 2009 grind my gears, and tertiary education administration snorts the powder.
Trying to apply online at a local university. They didn't have place for me 3 years ago so I went elsewhere but for my 4th year I have to go to them.
Because of my previous application I still have a student number. Online application says I have to log in to another portal and apply there. Then that portal now requests a Pin that I was never sent, and the "request new pin" function doesn't work because apparently my email is not in the database for my ID. My email was 100000% sure on my application, but some dingus never inserted it into the system.
Why not just start a "new" application you ask? Because the New Applications portal won't allow it for my ID number since it has a student number already. Now I either have to apply manually and pay the fee or wrangle Uni staff to reset my account.
I'm calling you, your slapdash JavaScript 1.2 code and your unhelpful staff out, Cape Peninsula University of Technology. -
All the summers a small local company that offers IT services, mobile and web development hires me to help, as in that time they have a peak of work and is when the employees takes vacations, so, this year my job there is to help with a web they decided to make using django, over it installed other framework and also installed a lot of libraries that some are in beta.
We have limited time and we are wasting it fixing all the fucking broken code, incompatibility between libs and other fucking problems because their lack of vision.
I'm fucking mad as we are not even close finishing the project and the deadline is near. I fear this will mark me for the company to hire me future years.1 -
What the fuck is this trend of pricing cloud services by the minute? I mean It's fucking great and all that I buy 2 minutes with a sql db but who the fuck actually does that?
After another night working on a server I (strongly) suggest we move our shit to a cloud service. It's cool providing I promise the costs don't rape us blind folded. Seems easy enough, right? Nope it's not.
6 hours later, halfway to becoming a fucking network engineer and I'm more lost than ever.
Seriously can't the fuck AWS and google cloud show a monthly price - even an estimate for generic shit like $x for the average crappy wp blog!
If anyone has some helpful info / experience on the true cost of hosting generic web apps - the retardedly simple app I'm trying to price is:
1 php web application with 150 domains, 3gb mysql db and 30gb ssd.
I gets has 45000 sessions with 250000 page views.
Your help would be greatly appreciated. Currently I'm leaning towards deploying a clone sending 250 000 random requests and praying my $300 cloud platform credit will cover the bill.4 -
Hello. (Android) dev here contemplating about the future of my profession.
I am looking for a specialization or a field in my profession where i can be free of dependencies from GAFAM (The big five)
Basically software development is me only using dependencies and stuff they and 3rdparty people have created and then it works or it doesnt. Or if you dont keep it up2date it wont work because deprecation and breaking changes. I was web developer before and changed to android because of all the libs and frameworks one needed to wield for proper development. And now android has mostly become the same. Vanilla android is easy, but u start using google apis or 3rdparty services u quickly realize how far u get away from your actual usecase. Usermanagement, oauth, 2fa, userdatamanagement, crossplattform, offline, syncing etc.
I am pretty sure the topic came up before (dev fatigue, dependency fatigue) and most of you know what i mean but i might be the recent casualty here.2 -
I need to run a cloud Linux vm. My need is limited to running tomcat and about 10 web services- that's it. What I would like is an easy to use Linux flavor with a nice UI.
I need to know what cloud service and what flavor of Linux. And please don't get snotty with me because I have run massive applications on Solaris, AIX and HPUX - I am over doing things in a shell.2 -
Amazon prime days sale...
I find a Fire 7 for $30 instead of $50. I think that would be great to put books on. I am thinking Kindle is an Android type device. Even some searches for Android tablets bring up Kindles on Amazon and web.
I get my kindle and like it. I signed up for trial of Kindle Unlimited. There is almost no selection for Kindle Unlimited for technical books. So I think I can just put the Paktpub app on the Kindle. No app for Kindle. That is okay, I can just put the Play store on there. Technically you can, if you side load it, but it will stop functioning after a day. Not an officially licensed Android device so cannot use Google services.
At this point I am not happy with the Kindle. I got it to read technical books and the selection of technical books is poor. At least on Kindle Unlimited. So I start looking at tablets on Amazon.
I find that there is a serious price breakpoint on Android tablets (cannot get Paktpub app for Windows tablets). For $100 (US) they are not very good. At > $150 they start getting really good feature wise. I end up buying a Samsung tablet for $200. It has 2GB ram and 8 cores at 1.6GHz.
I have been using the tablet for a few days now and am happy with what I can do with it. Now I have to wonder if Kindle is actually an upsell product rather than a serious product. I might not have went for a $200 tablet unless I had not had issues with the Kindle. Not sure there. Amazon made out for both product sales as I just gave the Kindle to the kids.
In the end I am very happy. Paktpub has all the tech books I can handle at the moment. Will probably not consider Kindle Unlimited again. This tells me that competition is good in the book sector. Good for the end user.5 -
Hardware classes for software dev student?
Hey guys. Currently getting into second year of a 5 year curriculum to get an 'Integrated Master of Computer Engineering & Informatics' Degree here in Greece.
I'm already into software, I'm fooling around with java, go and php, making some games, web services and anything I find interesting in general. Recently, with the logic design class, I started liking hardware stuff (I didn't really like them before).
We're getting to a point where we might have to decide between picking hardware-centered or software centered subjects. I'm thinking that I can probably learn whatever is taught on the software side by myself (with a bit more studying of course), whereas hardware would be more difficult to study alone.
That said, I'm considering picking hardware, but I am skeptical. What do you think? I'll certainly miss out on the concurrent processing, data structure and how-a-compiler-works classes.
What do you think?
P.S. University here is free2 -
I can't believe this is happening... I'm coding something in PHP...
It's the only language the makes sense for this project really. I need something that can easily run Linux commands.. it needs a small footprint... and it needs to be something people are familiar with.
I feel sick thinking about it... just looking at frameworks was making me want to puke. Luckily I found one that was my style. MVC and it is TINY...
I guess my next issues is.. should this application be OS or should I make it proprietary to my Web hosting services?2 -
Amazon Web Services conference and main question is...
"how do we turn off costs?"
Basically we don't want to pay -
!rant
TL;DR - not sure if I should take a full-time gig at my current pretty good job, or go do an internship with AWS for the summer.
Needing some wizened development career advice, guys. I am coming to a small crossroads at the moment.
I am in my last year of school getting a BS in Computer Science. I love it. I had a pretty sweet job at a cool startup, until recently, when they were bought by a bigger company. This turned out to still be alright though, since they hired everyone on to the new company to keep our codebase alive and well (it's a pretty good product that they don't want to get rid of). Except they hired me as an Intern instead, which I thought was weird, but they said that's normally what they do with peeps that are still in school. Whatevs. But then I got offered an internship at some company called Amazon Web Services to be a Systems Analyst Intern (basically cloud support engineering from the sounds of it). And then I told the cats at the new company that I was considering this internship and they started saying they'd consider giving me full-time. And they didn't want to lose me.
Well... my thing is that both are tempting. Like the company that'd offer me a full-time gig would be cool because I'd get to keep working on the projects I'm currently on and I'd be immersed in a good development cycle and whatnot. Probably more full-stack programming, which I like a good bit and want to master more of. The Amazon thing seems cool, but I worry that it'd be more of a support gig. And as well as they pay, I may not get as good of development experience. Granted I was told I could definitely get into scripting to automate various things. But I just don't know how much would actually be that. Except having Amazon on my resume would likely be pretty great to have also coming out of graduation.
Down yet another avenue of thought, the AWS internship would only be for a few months in the Summer. So there's a chance I could come back and I could get my old job back. But maybe they would see me as disloyal or something and not want me to come back. I would also likely forfeit my retention bonus (which is an ok amount, but not a deal-breaker and it's spread out over 3 years) for staying on with the company after the acquisition.
I just don't know. Would it be better to stay where I'm at or go on a wild adventure over the summer? Help me, DevRant Kenobi you're my only hope...3 -
!rant
Frontend people, I need your opinion.
I will soon start building the next version of a rather large project's frontend but I am mostly a backend guy.
It is a custom made web application (PHP, Postgres) that handles all business aspects of a shipping company of about 50 people (trucks, truck free space in shipments for new packages, package tracking via gps on the truck, invoicing, reselling shipping services to other businesses, everything).
The existing frontend is using an ancient version (1.x) of the YUI framework and uses AJAX heavily to refresh the user interface. It's usable, but maintaining and extending it is getting really hard as the project grows larger and larger and more systems are integrated.
So the question is, given this use case, what JS framework do I use and what is a good resource to start learning it?5 -
Just spent the better part of my day making our QA environment work and look like our CAT/UAT environment for a website and supporting web services that was built to look like 1998 puked on it. Wrong way people. Other Devs skipped QA due to external reasons (admittedly I was one) and never kept it updated... Everything from database comparisons to IIS configurations needed to be redone.
-
"Dear TitanLannister : You are in the final year. A lot of shit is happening around u. its now time to make a career and take tough decisions. What would you do?"
CHOICE 1: COMPETITIVE
>>>>background : "a lot of super companies like wallmart, fb, amazon, ms, google,.. etc simply takes a straight coding test for fresher placement. They ask tough bad ass level questions, but with right guidance, a hell ton of dedicated hours of coding, and making it to the top of various coding tests could make you a potential candidate"
>>>>+ve points :
- "You got the teachers and professionals with great experience to guide you"
- "a dream job come true.you can go there and join teams that interests you"
- "it was your first exposure to computer world. maybe you would like doing it again, after 4 years"
>>>> -ve points:
- "You have always been an average 70 percentile guy. The task requires 2000-3000 hours of coding an year. it will be hard and you always grow bored out of this pretty quickly"
- "Even If you did that , you stand a lesser chance because your maths is shitty.There are millions running in this race with brains faster than your IDE"
- "your college will riot with you because they expect 75% attendance"
- "You are virtually out of college placements, in which , even though shitty companies come and offer even shittier 4LPA packages($6000 per annum), would take a tough logical/aptitude based test for which you won't be able to prepare"
CHOICE 2: PROFESSIONAL WORK
>>>>background: "you always wanted to create something , and therefore you started taking android based courses. you have been doing android for over 2 years and today you know a lot of things in android. you might be good in other professional lines like web dev, data analytics, ml,ai, etc too if you give time to that"
>>>>+ve points :
- "you will love doing this, you always did"
- "With the support of a good team, you will always be able to complete tasks and build new things quickly"
- "Start ups might offer you the placement, they always need students with some good exposure"
>>>>-ve points :
- "Every established company which provides interesting dev work takes their first round as coding, and do not considers your extra curricular dev work. So you are placing your all hopes in 1 good start up with super offerings that would somehow be amazed by your average profile and offer you a position"
- "start ups are well, startups and may not offer a job security as strong as est. companies"
- "You are probably not as awesome dev as you think you are. for 2 years, you have only learned the concepts , and not launched more than 1 shitty app and a few open source work"
CHOICE 3: NON CODING
>>>>background: "companies coming in college placements have 1-2 rounds of aptitude,logical reasoning , analysis based questions and other non tech tests. There are also online tests available like elitmus,AMCAT, etc which, when cleared with good marks help receive placements from decent established companies like TCS, infosys, accenture,etc"
>>>>+ve points :
- "you will eventually get placed from college, or online tests"
- "there will be a job security, as most of these companies bonds the person for 2-3 years"
>>>> -ve points:
- "You really don't like this. These companies are low profile consultant/services based companies which would put you in any area: from testing to sales, and job offers are again $5000-6000 per annum at max"
- "Since it includes college, the other factors like your average cgpa and 1 backlog will play an opposing role"
- "Again, you are a 70 percentile avg guy. who knows you might not able to crack even these simple tests"
Ugh... I am fucking confused. Please be me, and help.The things that i wrote about myself are true, but the things that i assumed about super companies, start ups or low profile companies might not be correct, these points comes from my limited knowledge ,terrified and confused brain, after all.
:(7 -
I had a pretty good year! I've gone from being a totally unknown passionate web dev to a respected full stack dev. This will be a bit lengthy rant...
Best:
- Got my first full time employment dev role at a company after being self-taught for 8+ years at the start of the year. Finally got someone to take the risk of hiring someone who's "untested" and only done small and odd jobs professionally. This kickstarted my career, super grateful for that!
- Started my own programming consulting company.
- Gained enough confidence to apply to other jobs, snatched a few consulting jobs, nailed the interviews even though I never practiced any leet code.
- Currently work as a 99% remote dev (only meet up in person during the initialization of some projects.) I never thought working remotely could actually work this well. I am able to stay productive and actually focus on the work instead of living up to the 9-5 standard. If I want to go for a walk to think I can do that, I can be as social and asocial as I want. I like to sleep in and work during the night with a cup of tea in the dark and it's not an issue! I really like the freedom and I feel like I've never been more productive.
- Ended up with very happy customers and now got a steady amount of jobs rolling in and contracts are being extended.
- I learned a lot, specialized in graph databases, no more db modelling hell. Loving it!
- Got a job where I can use my favorite tools and actually create something from scratch which includes a lot of different fields. I am really happy I can use all my skills and learn new things along the way, like data analysis, databricks, hadoop, data ingesting, centralised auth like promerium and centralised logging.
- I also learned how important softskills are, I've learned to understand my clients needs and how to both communicate both as a developer and an entrepeneur.
Worst:
- First job had a manager which just gave me the specifications solo project and didn't check in or meet me for 8 weeks with vague specifications. Turns out the manager was super biased on how to write code and wanted to micromanage every aspect while still being totally absent. They got mad that I had used AJAX for requests as that was a "waste of time".
- I learned the harsh reality of working as a contractor in the US from a foreign country. Worked on an "indefinite" contract, suddenly got a 2 day notification to sum up my work (not related to my performance) after being there for 7+ months.
- I really don't like the current industry standard when it comes to developing websites (I mostly work in node.js), I like working with static websites (with static website generators like what the Svelte.js driver) and use a REST API for dynamic content. When working on the backend there's a library for everything and I've wasted so many hours this year to fix bugs and create workarounds related to dependencies. You need to dive into a rabbit hole for every tool and do something which may work or break something later. I've had so many issues with CICD and deployment to the cloud. There's a library for everything but there's so many that it's impossible to learn about the edge cases of everything. Doesn't help that everything is abstracted away, which works 90% of the time but I use 15 times the time to debug things when a bug appears. I work against a black box which may or may not have an up to date documentation and it's so complex that it will require you to yell incantations from the F#$K
era and sacrifice a goat for it to work properly.
- Learned that a lot of companies call their complex services "microservices". Ah yes, the microservice with 20 endpoints which all do completely unrelated tasks? -
!rant about WordPress
I came across a rant about WordPress this morning. Whatever the quality of the code, there is a lot of good that has come from WordPress.
For a substantial number of people, it has made it possible for them to create their own spaces on the Web that they can use to express themselves, build businesses, and share their lives.
Remember that WordPress arrived at a time when you basically had to use a few large blog services if you wanted your own site. It wasn't perfect then (and isn't now) but WordPress did a lot to democratize the Web.1 -
"Download our app for some lovely additional ass licking features....."
Why tech industry love apps? also I hate these days not only mobile phones, but also computers are in progression of "applification."
Programs are only installed do some advanced things that were absurd and inappropriate to work on web browser. like video editing or programming, or file management.. etc. but in recent days, everything is fucking apps. why just not improve your web version of your service and make the shortcut from that? Weather app. youtube app. reddit app. 'tips' app by apple that is totally useless. news app. map app. so much wasteful. these kind of services are MUST be on the UPPER layer than the web browser laid on. also apps are taking much resources on local hardware and that makes my hardware too much slow.
That is not how tech works. that is not how software engineering, hardware engineering works, every single thing in technology must NOT work like that. If it does, then that is not technology, and just stack of cow shit.3 -
Bloody fucking Android! Updates, updates and more updates! My development Nexus 5X won't allow me to sideload apps since it updated... Hello, printf debugging! Goodbye, profiler and debugger!
My hate for Android grows with each version after 4.0.$something... 2 was shit, I missed 3, 4 was OK, and since then it's going steeply down.
And don't get me started on Material Design...! Good luck figuring out what's a button and what's a label...
And what's up with the "let's keep all apps running all the time to save a few ms on start" philosophy!? Who thought that is a good idea!? Yeah, System.exit(0) works, but... Is it so hard to determine when it's not needed anymore (has no services running etc.)? Why should a web browser (for example) stay in memory after I quit? Minimize is a thing (Home button), why make it so confusing?
Another thing - feedback-less async tasks - why? I like to know when it is working in the background... How the hell am I supposed to find out if it is supposed to do this or if it is frozen?
And Android deciding to kill your process whenever it pleases without any callback... Happened to me once with an Activity in the foreground (no exceptions anywhere in my app, it just quit). How do you do IO properly? It seems you can't guarantee some file or socket or something that must be closed doesn't stay open (requiring to restart Bluetooth 'cause the socket wasn't closed, for example)...4 -
Opinions
Hello, I’m considering building a web framework.
My ideal features would be:
Customizable authentication system(considering using a jwt lib)
Embedded DB(bolt db)
ORM( writing my own)
REST api to DB (via code generator)
Code generator(generation of models and views via cli)
GUI to db(some admin dashboard)
CORS(web service right?)
Why?
Ease of development
Fast prototyping of small-medium web services.
Fun.
My question is, do i have to many things on my platter? Should i narrow it down into less featured framework? What feature should I focus on? How should i benchmark it? Should i write tests for absolutely everything or just for exported methods? What should i take into consideration when developing ORM API, Auth API...
The language is Go
Thank you for your input10 -
How do you guys monitor programs on your servers?
For example, I have a raspberry pi zero w running raspbian (headless). On this pi, I have a bunch of discord bots and web scrapers running at the same time. My solution was to run them all from a bash file:
Python3 discordbot1.py &
Python3 discordbot2.py &
Python3 webscraper1.py &
Node webscraper2.js & etc.
Is there a better way I could be running these services? How is stuff like this usually done?8 -
Cross post from /r/cscareerquestions
Hey guys how are you all doing!?
I got into university this September (Computer Engineering & Informatics).
Although I've been programming java since I was 14 (github.com/zarkopafilis), discussions with a friend who is a dot net guy and has been working full-time C# for 2 years now got me thinking.
Alright, Java's good. I've learned to love and hate the language. I also like Spring Boot and whole this ecosystem of stuff including Scala and the other Java based languages. Currently I'm in the proccess of completing some personal project of mine.
Alright, here's the big question: Assuming I am going to graduate (and start working) in 5-7-8 years (Masters, PhD - who knows), which language would you suggest I stick with and start learning? - for backend programming of course.
Don't tell me JavaScript. Although I don't like it I've digested the fact that I'll have to learn some of it for sure.
Currently that's what I'm thinking: Invest some more time learning how the JVM works (and probably keep improving my code quality). Also learn some more stuff regarding Spring Boot (and/or Web Services in general). Then advance onto Scala till couple of years pass. In that time I shall keep improving my SQL skills.
On the other hand I may start learning C# along with .NETcore .
Sidenote: Personally I prefer statically typed languages, that's why I dislike stuff like js and python although I occasionally find myself fiddling with small projects like some laser tracker written with python + opencv.
Sorry if this reads like a big disorganized dump of thoughts. Thanks in advance! :)3 -
Someone knows what does GDPR law\s mean in practice for developers of web services open to the public and businesses?1
-
Boom, my boss agrees that the work I’ve spent the last 3 months on cross checking spreadsheets, manually inputting 100s of records into the system, then closing them and inputting more records isn’t the best way to do this particular task.
As the process wasn’t designed for this.
So I’m getting to build a new program that will integrate with the existing software, but make the job easier.
It’s not going to be easy, the software only supports web services so no apis, and it is massively lacking in documentation, but hey, I actually get to do some development work.
And there is no deadline, but I’ll probably knock up proper requirement gathering docs etc, so it gets done properly -
So I’ve spent the last 20 minutes waiting for an Amazon S3 and Cloudfront Pro and another Amazon Web Services WordPress plugin to delete from a server via FileZilla. How’s your day going so far?6
-
Have you ever tried, getting a free web server from portal.azure.com, with your university account? It took me 2 seperate accounts, 5 hours and lots and lots of different services to manage it. I am sure now, that I will use Linux later on.4
-
Yo been a longtime.
So I basically quit my last job to have successfully reached the top company in my country only to find they are such a mess.
No code quality whatsoever, testing? Yiu crazy? And all the old people who think they are senior whilst they do not know jack..
I do distribured web applications, but shit I hate titles and I think of myself as a software guy, I can do software that opens the fridge when I close the toilet lid ffs!
So, I am looking to deviate my career from web to something more deep such as distributed systems and services where I can use all of my skills and expand my knowledge more, and be able to code in js, c++ golang and more, handle and tackle infrastructure issues, virtualization etc...
So I want to ask you guys what would be an interesting project I can work on to concretize my skill and be able to convince my next recruiter that I walk the talk.
Thank you everyone7 -
What is everyone's opinion on companies/organisations 'too big to fail'...?
I was just pondering on how 'just Google it' has become so 'natural' as a way of saying search the Internet. The more I think about it, the less I like it.
I know the chances of them failing/crumbling are neary zero (hence the name) but if an org, Ie Alphabet, made some shit decisions and bankrupted their company, what would happen then? Any ideas? I don't mean in terms of social fallout, economic etc.
I mean in terms of network infrastructure, them being such a central part of 'the web', all their Dns services, their backbone links, Google drive, Google fiber etc. What would happen to all user data? Just be destroyed?
I've never 'seen' a large tech company collapse, but just wander as to how that process would work for such a huge organisation, and the literal mountains of data they have which will need destroying or relocating.
Inb4 watch Mr robot hurrr5 -
For 2020 I want to achieve more insight of my already running collaboration service/tool for businesses by talking more to managers, chiefs and workers.
And for a better internet community a GUI for NGINX for home servers (any PC) that could interface with purchased domains to make configuration become automatic, to make self hosted web-apps/services more accessible and streamlined. -
!dev
I've finally been so agitated at G+ I need somewhere to just vent.
So for context. What I'm talking about is Google+, or more specifically, the Android app. The website is bad in its own way, but that's not here nor there. No opinions on the iOS version, as I simply REFUSE to touch iOS.
So anyways. The platform itself honestly is not bad. With competent developers behind it, and them actually listening to their dwindling fucking userbase, they could easily turn it into something successful, but the issue is that they just aren't
You see, it's almost like they change dev staff every 6 or so months. Why do I believe this? Because the GUI changes about that fucking often. They also have a history of forcing updates, but allowing you to use an older version, just horrifically slapping on a new and unwelcome skin. This isn't an isolated practice by any means, but it's by far the most prevalent here.
So, now a list of some of the issues the current version has:
-After about a week, the app becomes unstably slow, to the point of it taking about a minute to refresh your home feed, or an individual page.
-Searching is never good, always being slow and rarely giving you who you asked for.
-Transparency is non fucking existent. There isn't a development roadmap to speak of, and when something happens we get it second hand from staff in a "G+ help" community.
There is a solution for the first one, going and clearing the data/cache, but really, the end user shouldn't have to regularly do that. Not to mention the storage space Google apps IN GENERAL fucking take up. Why does Google Play Services regularly use 250MB? (For most people, this really isn't much. But when you only get to fucking use 4 GB of internal storage it's a giant fuck you.)
Bah, back to the topic at hand.
There isn't a good solution to searching, or for transparency at the moment.
The spam filter is awful as well. REGULARLY letting obvious spam pass, regularly blocking and filtering genuine users. It's real annoying that the Android app itself doesn't have support for seeing these flags outside of rooting through the settings a bit, but still. The web and iOS versions have this already.
Oh, it also completely lacks a dark mode like most Google apps for some fuckin reason.
That concludes my random 1:30 AM rant about something I have no ability to change, except hope in vain that someone who has the ability to change this forwards this to the developers of G+.
I need a better sleep schedule.3 -
Hey guys, a quick question: what's your main area of expertise? Mine is web backend (so web services, servers, cloud systems etc)12
-
I know how to build mobile apps (design and apps themselves).
I want to open a small services company, but I realized that I will need a website with portfolio of the jobs I did. Im working on gathering a portfolio, but have no idea how to make a proper website for representing my services.
Popular choice seeems to be getting a wordpress theme for $50-$60 modifying it and that's all. Is there a better way to do this and look professional without hiring a web dev?6 -
Got an email “Welcome to Amazon Web Services” to an old GMail account I no longer use. Seems genuine with no links to shady websites or anything. Does Amazon not verify email addresses or how does that happen?
Also, the mail says I have now 12 months of free tier access, so will they start billing me instead of the random fuck who signed up with my email address?3 -
Work! Terribile doubt about our project 😭i will leave this company if we do not come up with an adult solution 😔
We are working for another Company, they asked to add a web app to their project.
We made frontend and backend, we make user auth to their api, then call their api (place order, get orders etc), passing their auth token to their services.
Which Means that our endpoints are not really protected (i think) and if we add an endpoint that does not use their api, the only way to secure them Is to take the token, validate It by calling for example get /order of the api and if It fails just discard the request....too slow?
my colleagues do not want to put a serious auth they Just want to use the company api and leave the rest open...
And the customer Just asked to use some other api functionality, but that api has another auth... How do we pur them togheter? The last api want the id of the user to do machine ti machine auth
It Is my 6th month here no one thaught me anything, i think i'll Just leave ..or am i Just experiencing the developer Daily work?😔7 -
Hi react developers. Noob question, I am making a new (my first) react+redux toolkit+axios website…
So umm, what folder structure is best, and where does the user authentication part , the web services go?
Currently I have
-src
-pages
-index.js
-app.js
-about
-index.js
-stores
-common8 -
What is better, Career as a web developer or as a software engineer? I am a CS student Are there good jobs for web developers?
Also, let me know which one has more pay scale.
I have go through some blog and resources to find about web development information like this https://squareboat.com/services/... If anyone knows about payscale which is higher, Please suggest me4 -
This might be a stupid question but due to the rise of services like Wix and Wordpress that make creating websites a breeze, will web design and development die in the near future?3
-
Most of the web stuff I have done in the past have been PHP, Wordpress, cgi, etc. I read about nginx and was very impressed by what it accomplished in the last 20 years. Now I have a desire to play with this tech for fun.
What I want to do:
- create, manage, and launch minecraft servers
- provide a web interface for managing servers (I would like to learn how to make the server use the infrastructure of nginx to be managed like its other services)
- make this packaged so others can use this (probably on github)
I don't know anything about nginx other than it is really really cool, can serve massive amounts of web pages, and can do a whole lot more than that.
Question:
Is nginx suitable for this? Is this a big learning curve? Will I have fun doing this?
I am currently running a multi-instance minecraft server being managed by a piece of software called Crafty Controller. It is really neat. However, I am finding it buggy. I also see that the next version of this software will be behind a patreon. This is really disappointing. So this is spurring me to consider building something fun for myself, and if useful, for others.
I will most likely do very barebones and inflexible web interface that just gets the job done. I know enough to get by. So I assume I have a large learning curve ahead to do this.
Any advice? Is this going to turn into a large time sink?2 -
Does anyone use Amazon Web Services? Do you have an suggestions regarding where to start when coming from the .NET and Azure side of things?5
-
Hi Guys if you can share your opinion/experience in what I wrote below it would help me a lot, thanks !
Im a full-stack developer with 4 years of experience, worked with different technologies in backend, frontend, mobile etc.. so I have general knowdgele of how systems works and how they should be built.
So I work as CTO in a startup, Im for almost 2 years here I started here with minimum salary (I decided that, because they said to me we are startup and such things so I wanted to help) 2.2k Euros and it has been almost 2 years without pay rise, so last month I asked for pay rise, but they said to me that they dont have money and sent me +300 euros as gift.
One week ago I wrote to them again (co-founders) that I have a lot of pressure and I dont know if I can handle all of that for much time he told me that I got +300 euro pay rise (which it was gift from them in first place, I refused them to sent this to me), but TODAY CEO and Co-Founder wrote to again me asking if I accept +300 euro pay rise because they can afford to pay me 2.5k or if I dont accept this they can sent me 2.2k again (they think that 2.5k is maximum that they can pay me right now and that this is enough for me).
I want to ask you guys what would you do, would you accepting something like this, considering that right now Im only dev here (yes Im only dev) and Im taking care of these(yes all of these) :
1. Company Website (react js)
2. Web Admin Panel (that clients use to manage their data)(react js)
3. Web Application (that visitors use to see client data)(react js)
4. Widgets (some code that is integrated into clients websites it's same as application, but integrated directly to client website)(react js)
5. Backend of all 3 apps mentioned above (asp.net core)
6. AWS Architecture( some of services : Cognito,Lambda,RDS,API Gateway,CloudFront,S3)
7. DevOps Role
Also consider that I didnt take holidays for 1 year now working on weekends too :)3 -
I have been told to brush up on my windows/.net web services stuff for an interview. Any recommendations?2
-
!rant !dev
So, following up my last rant.
https://devrant.com/rants/2433162
I quit on Friday, this is what I said to my bosses.
"In the last week I had, 2 panic attacks, and I have 2 theories for this, one is that I have underlying psychological problems, the other theory is that we are under an impossible task, I choose to say now that I have to quit because I have psychological issues, but if you are willing to hear my other theory, that involves saying that meeting the deadline is not viable, then I can tell you that, so do want to listen that part?.
Bosses: No, we heard enough, we are going to have your contract terminated in order, and we will let you know when you can come and pick your paycheck."
So, that's them. Now about me and how I re-discovered GTD, or more precisely how I organized my whole weekend using taskwarrior with GTD, and why I think is going to be useful as a freelancer.
Before I feel good about telling you about my weekend I have to tell you a few things about myself.
I am a very impulsive person, I have a lot of energy in short surges, so I have to be able to maximize my activity when I'm in a surge, and I have to maximize my rest when I am not.
That's hard to do, it requires a balanced lifestyle, I am also very prone to being neurotic, and overwhelmed by the amount of stuff that I want to do.
And on top of that, when I am resting, I have surges of things that I want to have, do, or implement, it could be software related, as "Doing an app that will be the Uber of home services", to house improvements like, "I have to fix that leaking roof", and all the sort of stuff that happens in between hardware and software. That surge of consciousness doesn't allow me to have the proper rest that I need before I engage with activities again.
Because of this I have a very cyclic rhythm, with whole weeks burning my energy into doing stuff, and weeks resting doing very little and thinking too much.
Now about my weekend. Friday night I was browsing the web, and a thought came to my head. "The way you use your terminal, says a lot about your personality", and I got curious, so I searched for, "Show me your terminal", and found a post in dev.to to see all kind of nice terminal setups, from the very minimalist to very feature rich oh-my-zsh themes with plugins for git, aws and what not. One of these pictures really got my attention, a guy had set up his terminal to show him, how many task has he done in the day, and how many cups of coffee has he had.
So by investigating how he set up his terminal to show in the prompt the number of successfully completed tasks in the day, I found out that he was using taskwarrior, he was also kind enough to share the source code of his prompt setup, which I bookmarked to later incorporate that into my oh-my-zsh config.
After reading about taskwarrior, I also got a reference to GTD, I don't remember if this was one of those thoughts that I have and follow immediately, or if I read something that led me to a YouTube video summarizing GTD.
In the end, after watching that GTD video, I decided to give it a try to organize my life, and help me find a remote job, keep my house in order, plan my social activities as "hang out with friends", "visit mom and dad", and give the proper amount of attention to my GF, with whom I am deeply in love, and willing to spend the remaining of my years with her.
So my fist task was.
task add Ask for GF's parents blessing.
Which of course I have no intention of doing right now, but is one of the things that I will eventually have to do.
Then it started, I started adding tasks, and things to do, and go through the whole Capture phase of GTD.
Now it is a good time to write a small summary of what I think GTD is.
GTD is a life habit of organizing your life in todo-lists. And it was a very specific core method, that in the video summary that I watched was called CPR.
Capture, Process and Review.
Capture:
When you capture you just add your tasks to a bucket list.
So I took a notebook and started writing down everything that I wanted to have done. I also started to capture ideas as they came up to me, I did this by writing a telegram saved message in my phone, or directly adding it as a task in TW.
Process:
I read my telegram messages and put them into my task warrior list, then I started to organize my tasks into projects, breaking down every task that was not an atomic unit.
* And different projects started to emerge from this. One of them was project:Housekeeping.
And here's my screenshot of what I did this weekend, also the number of projects that I have, and all the things that I have to do in order to have what I think would be a very balanced, fun, and productive life.
You'll be able to see in the screenshot, that there's a blocked task, yes, tw allows you to organize dependencies too, so one task is delegated, and blocked by the delegation task.1 -
Out input web services are called webservice_out (and vice versa) so that the calling code can build a proxy client and call webservice_out.method(xyz).
And we can't change it now. Idiots. -
hi guys, I wonder if you can help me, I've been asked by my Line Manager to liase with an app building firm that is going to make an Angular APP and host it on AWS (Amazon Web Services). I've never used AWS before and have no idea what to expect for pricing.
The APP will be educational, questions, answers and resources like slides, text and video etc and available to 400 pupils over 5 schools in place of regular workbooks that they currently use but are unable to due to covid-19.
So that's 2000 pupils all told. What AWS services should I use and what is a fair bill I can expect from them in the UK. The boss is insistent that we have our own AWS account and self host the app when it's done.
I have no experience of this at all so any help will be appreciated. Cheers everyone in advance!
Also the AWS website is a confusing mess and their chat options are not working at the time of posting this lol.4 -
Is there a desktop widget to monitor my websites if they are down, slow.
I know I can have web services for that to receive emails about down websites
But I really just want a simple widget with a simple ui that tells warns me when my website is down4 -
Hi everyone, I have a question about VPN and hosting.
I have rpi which runs ubuntu where I have several things running like nextcloud, transmission, minidlna, samba etc.
I want to use a VPN due to torrenting via transmission on the pi. I had used private internet access(PIA) before and I'm thinking to go back to them as I had issue only once with them.
Question is if I had installed their client and connected to VPN, would I still be able to access to my services over the internet? As per my understanding only the outgoing and incoming generated from outgoing should follow the VPN tunnel, therefore interacting with my pi with it's public IP should still be possible, am I right?
I'm a newb when it comes to web stuff so any help is appreciated, also you can recommend other VPN providers if you think PIA sucks for any reason.2 -
I got deployed to a client who uses Java. I have no knowledge in Java. Can I learn it in only half a month? Also including spring boot to create web services. The project will start soon.
They say the number 1 skill of a developer is the ability to learn fast. I'm a PHP JS guy by the way.8 -
Has anyone had the idea to just use the smartphones fingerprint as a second factor for logins on web services? Just fingerprint scan in a given timespan, no codes or so...1
-
I have seen references to API keys in several places. I have setup a few for various web services. However, I don't have a firm understanding of how they are protected (or not protected) from being copied and used by apps other than my own. I read a quick blurb from Google that said to use regular authentication over API keys due to them being able to be copied.
So my questions are: Are API keys just a bad way to subscribe services? Is there a way to protect them from being discovered? Maybe the app logs into a auth point for your services and is served the key to use with other services? But this key could still be gleaned from memory. Are API keys going to go away maybe in deference to things like oauth?3 -
General inquiry and also I guess spreading awareness (for lack of a better category as far as I can tell) considering nothing turned up when I searched for it on here: what do you guys think about Sourcehut?
For those who don't know about it, I find it a great alternative to GitHub and GitLab considering it uses more federated collaboration methods (mostly email) mostly already built into Git which in fact predate pull requests and the like (all while providing a more modern web interface to those traditional utilities than what currently exists) on top of many other cool features (for those who prefer Mercurial, it offers first-class repo support too, and generally it also has issue tracking, pastebins, CI services, and an equivalent to GitHub Pages over HTTP as well as Gemini in fact, to name a few; it's all on its website: https://sourcehut.org/). It's very new (2019) and currently in public alpha (seems fairly stable though actually), but it will be paid in the future on the main instance (seems easy enough to self-host though, specially compared to GitLab, so I'll probably do that soon); I usually prefer not to have to pay but considering it seems to be done mostly by 1 guy (who also maintains the infrastructure) and considering how much I like it and everything it stands for, here I actually might 😅2 -
How do you pick a new language to learn?
I am a C# developer and at work I work on desktop apps and legacy web services etc.
I fancy learning something else so I can have a bit of variety when working on personal projects etc.
I am doing a distance learning degree which has used Java and Python so far, with some PHP and JS etc to come later.
I’m drawn to Ruby as I already have experience there, but I was also thinking about looking at Node as that covers back end and front end all using JS which is definitely useful in general as I look at moving to a more web based role.7 -
So, I have joined this new company where I used to work few years back. Something happened before I rejoined, so no one is working there now except me. It's web agency run by my boss and I am the only employee working on over 7 projects including front end, back end, mobile, devops, and some marketing also.
Now, I got offers from couple of other series a funded startups who are willing to pay me 30% more salary. I know I will have less responsibility and more work life balance. But I hate the politics in those companies.
My current company is making good revenue but my boss isn't giving me the salary I am expecting.
He said it will take few more months to give me the salary I demanded.
I also want to build my own company and provide services someday. That's why I thought it'll be better to stick with the company so that I cam learn other aspects of the business.
So. If the company is making say over 200k usd a year and its paying me around 23k usd per year, isn't this kinda low salary for my experience, skills and value I bring?
How should I go about asking a raise?
Also, I don't wanna move to another big tech company. I hate coding questions in the interview as its been years I have prepared for a proper tech interview.
Also, how secure do you think my job is? Is there any future working here? Will I ever be able to reach a salary comparable to big tech companies?
Is it a good place be in right now? (i jave over 5 years of experience)5 -
Approx. 24 hours ago I proceeded to use MEGA NZ to download a file It's something I've done before. I have an account with them.
This is part of the email I received from MEGA NZ following the dowload: "
zemenwambuis2015@gmail.com
YOUR MEGA ACCOUNT HAS BEEN LOCKED FOR YOUR SAFETY; WE SUSPECT THAT YOU ARE USING THE SAME PASSWORD FOR YOUR MEGA ACCOUNT AS FOR OTHER SERVICES, AND THAT AT LEAST ONE OF THESE OTHER SERVICES HAS SUFFERED A DATA BREACH.
While MEGA remains secure, many big players have suffered a data breach (e.g. yahoo.com, dropbox.com, linkedin.com, adobe.com, myspace.com, tumblr.com, last.fm, snapchat.com, ashleymadison.com - check haveibeenpwned.com/PwnedWebsites for details), exposing millions of users who have used the same password on multiple services to credential stuffers (https://en.wikipedia.org/wiki/...). Your password leaked and is now being used by bad actors to log into your accounts, including, but not limited to, your MEGA account.
To unlock your MEGA account, please follow the link below. You will be required to change your account password - please use a strong password that you have not used anywhere else. We also recommend you change the passwords you have used on other services to strong, unique passwords. Do not ever reuse a password.
Verify my email
Didn’t work? Copy the link below into your web browser:
https://mega.nz//...
To prevent this from happening in the future, use a strong and unique password. Please also make sure you do not lose your password, otherwise you will lose access to your data; MEGA strongly recommends the use of a password manager. For more info on best security practices see: https://mega.nz/security
Best regards,
— Team MEGA
Mega Limited 2020."
Who in their right mind is going to believe something like that that's worded so poorly.
Can anybody shed some light on this latest bit of MEGA's fuckery?
Thank you very much.4 -
Just published my first chatbot about of my college tech fest of SRM. Just open google assistant and say "Talk to Aaruush SRM". Kindly give me suggestions on how to improve user experience after testing the bot and also possible Q and A.All suggestions are welcome.
Reviews would be amazing:
https://assistant.google.com/servic... -
The weather.gov API is a great teaching API. https://weather.gov/documentation/...
It’s simple but has lots of flexibility. -
Sophomore year starting soon so I'm looking for new project (s) to complete in parallel with the studies.
Some are more design-y and some more backend-y but I recently started getting better at designing so :)
1) Learn some fragment shader stuff. I've always been messing around with graphics and have a game on steam, so I think that's a good idea to be paired with signal processing.
2) Reactive web services. Preferably with spring-boot or vert.x but
3) I would also like to dive into golang (and make some reactive thing with it)
4) WebAssembly seems nice... But I got some concerns
5) exercise making wireframes -> CSS (with some js)
6) I've never really done any real backed work with nodejs, except serving and aot compiling js, or doing gulp tasks
7) Implementing a whole project, or a fraction of it as serverless on aws
* I'm definitely going to use a couple very simple services to make a docker swarm with load balancing, etc, just because I know how everything works but got no practical knowledge
8) Design an esports jersey for the university department I'm in (shouldn't take long)
So what do you guys think? Recommendations are welcome :)
P.S. last year in review:
> A webapp running on a raspberry pi powering a reflex testing game on gpio (java/spring-boot , codename: buttonmasher)
> small Elastic search cluster to monitor some random university servers through kibana dashboards
> laser tracking on wall of *any* colour and variable light conditions via a webcam (opencv) , controlling the mouse pointer, whether you run it against a projector or any wall
> jstrain.herokuapp.com => a small JavaScript powered tool with a DSL to help you train more efficiently without a coach
> Various random Photoshop stuff -
Question:
I want to develop a simple reminders service. People will go online and set a reminder and the service will send an email when the reminder is schedule.
I want to use the simplest stack I can. It will be very simple so I don't want anything complex.
So I need a DB backend, a server to host the web interface so people can set up the reminders, and a background process that send out the emails.
People set up reminders, they are stored in the DB and the process read the reminders every X amount of time and send the emails scheduled in that particular time.
I was thinking about using Firebase (only tried it once in a small chat app for practice). A small web interface stored in a server (which? idk. Heroku, AWS?). And a deamon scheduled to run every half an hour (running where? idk. I have a spare laptop that I can use as server for this purpose or Heroku or any other).
What services (free, or at least free at the beginning) would you use in order to save time and money.
PS: I know Python and Java. But I've worked with PHP (and HTML+CSS). I know next to nothing about JS.11 -
All students building are close to stop the propagation of the virus. But you web developer are an essential services you need to be there for two week to make an remote course system in 2 week 😆🤭3
-
I used parse-server and services back when it was a web service at an internship, just loved the way it did things it did. Backend as a service was new to me as a mobile application developer. 5 years down the lane. My first go-to backend is Parse. I know firebase does XYZ things better. But I love the simplicity and openness of parse.
Community picked up parse as a self hosted open source service and its still going strong.
Just love the possibility of starting a mobile project and not having to worry about setting up a whole web service to cater to it.