Our business-critical internal software suite was written in Pascal as a temporary solution and has been unmaintained for almost 20 years. It transmits cleartext usernames and passwords as the URI components of GET requests. They also use a single decade-old Excel file to store vital statistics. A key part of the workflow involves an Excel file with a macro that processes an HTML document from the clipboard.
I offered them a better solution, which was rejected because the downtime and the minimal training would be more costly than working around the current issues.
The library I worked for as a teen used to process off-site reservations by writing them to a text file, which was automatically e-faxed to all locations every odd day.
If you worked at not-the-main-location, you couldn’t do an off-site reservation, so on even days, you would print your list and fax it to the main site, who would re-enter it into the system.
This was 2005. And yes, it broke every month with an odd number of days.
downtime
minimal retraining
I feel your pain. Many good ideas that cause this are rejected. I have had ideas requiring one big downtime chunk rejected even though it reduces short but constant downtimes and mathematically the fix will pay for itself in a month easily.
Then the minimal retraining is frustrating when work environments and coworkers still pretend computers are some crazy device they’ve never seen before.
cleartext usernames and passwords as the URI components of GET requests
I’m not an infrastructure person. If the receiving web server doesn’t log the URI, and supposing the communication is encrypted with TLS, which removes the credentials from the URI, are there security concerns?
Anyone who has access to any involved network infrastructure can trace the cleartext communication and extract the credentials.
What do you mean by any involved network infrastructure? The URI is encrypted by TLS, you would only see the host address/domain unless you had access to it after decryption on the server.
They said clear text, I would assume it’s not https.
Nope, it’s bare-ass HTTP. The server software also connected to an LDAP server.
Browser history
Even if the destination doesn’t log GET components, there could be corporate proxies that MITM that might log the URL. Corporate proxies usually present an internally trusted certificate to the client.
As weird as it may seem, this might be a good argument in favor of Pascal. I despised learning it at uni, as it seems worthless, but is seems that it can still handle business-critical software for 20 years.
What OP didn’t tell you is that, due to its age, it’s running on an unpatched WinXP SP2 install and patching, upgrading to SP3, or to any newer Windows OS will break the software calls that version of Pascal relies upon.
i worked for a hybrid hosting and cloud provider that was partnered with Electronic Arts for the SimCity reboot.
well half way through they decided our cloud wasn’t worth it, and moved providers. but no one bothered to tell all the outsourced foreign developers that they were on a new provider architecture.
all the shit storm fail launch of SimCity was because of extremely shitty code that was meant to work on one cloud and didn’t really work on another. but they assumed hurr hurr all server same.
so you guys got that shit launch and i knew exactly why and couldn’t say a damn thing for YEARS
Not to put the blame on the devs, but the problems might have been attenuated by defining a proper interface layer against the server.
It’s a damn single player game 💀
The multiplayer stuff was neat in theory, but any multiplayer thing you did took like 20+ minutes to actually propagate to other players games
I wonder if that’s related to “the wrong cloud”. Imagine if someone wrote some super slick code that worked really really well in the original cloud, and just couldn’t figure out how to make it work in the new cloud, so everything is just an awful workaround.
It’s pretty depressing, but the fact that soil and groundwater are almost certainly contaminated anywhere that humans have touched. I’ve seen all kinds of places from gas stations, to dry cleaners, to mines, to fire stations, to military bases, to schools, to hydroelectric plants, the list could go on, and every last one of them had poison in the ground.
Some places are insanely polluted to the point where you wonder how a whole company could be so braindead and essentially poison themselves.
A place not far from where I live had a chemical plant which just dumped loads of chemicals on a meadow for years. Now there are ground water pumps installed there which need to run 24/7 so that the chemicals don’t contaminate nearby rivers and hence the rest of the country.
When taking samples from the pumped up water you can smell gasoline.We’re house shopping and there has been a house on a lake sitting on the market forever. I got curious and researched the lake and… It’s a literal superfund site. The company that was on the other side of the lake just dumped their waste chemicals right on the shore and it has polluted both the lake and ground water forever essentially because they don’t break down. I looked up the previous owner… Died of cancer. The shit that companies are and were allowed to get away with is just insane. Meanwhile right wing nut jobs want to get rid of the EPA (which was ironically created by Richard Nixon).
A place not far from where I live had a chemical plant which just dumped loads of chemicals on a meadow for years.
Sounds cheap.
It’s just as depressing when something counts as “clean”. My saddest example was a former sand pit, they spent 30 years digging out 15 meters of sand, then another 30 years filling it with anything from industrial to veterinary waste, “capped” it with rubble in the late 40s and called it clean enough.
Had a bigass job digging out the top 3 meters of random waste, including several thousand of barrels of whatever the fuck. And definitely no unexploded ordnance (spoiler, after finding several ww2 rifle stocks and helmets, the first mortarshells were dug up too). After makimg room, it was covered in sand, clay, bentonite and a protective grid.
So naturally, 3 months after that finished, some cockhead decided to throw an anchor and hit go all ahead flank on his assholes boat and tore the whole thing up. No need to fix anything though, just shovel some more sand it, that’ll stop the anthrax!
This was all in open connection with a major river, of course. One people swim in.
What are they poisoned with and how does it happen?
Varies depending on the site, sometimes it’s gasoline, or solvents, or heavy metals or PFAS. As for how it happens, accidental or deliberate releases. I’ve found military documents from the 50s that say the official place to dispose of used motor oil was a pit they’d dug in the ground.
Yep, the regulation is now a 5ft cubed hole dug around the soil in any spill. It’s resulted in folks being more careful but also hiding where things are spilled. I’ve not once seen a hole dug. Corporations are roughly similar. Small organizations don’t care at all.
The programming team that is working hard on your project is just one dude and he smells funny. The programming team you’ve met in your introductory meeting are just the two unpaid interns that will be fired or will quit within the next two months and don’t know what’s happening. We don’t do agile despite advertising it. Also your project being a priority means it’ll be slapped together from start to finish 24 hours prior to the deadline. Oh and there will be extra charges to fix anything that doesn’t work as it should.
I think we work in the same company, the dude does not smell funny to me but maybe that’s just me.
Are you that dude?
In my company we have a very modern agile workflow where QA is top priority.
At least that what we advertise. In reality it’s all an unorganized clusterfuck where I’m pretty sure I am the only one who bothers to write automated tests. Who’s got time to write tests bro just push that shit out ASAP we’ll deal with it when the client calls us in the middle of the night to complain about previously-working shit being broken now.
I’ve worked for one company that actually did it right (complete with pair programming, even). It was pretty nice.
Too bad we were apparently the “experimental?” team and the only one in the whole company doing it that way.
I worked for a company like that. Wall Street shits bought us up and sold everything that wasn’t bolted down.
When you have a great programmer working on your project he will be cycled to a new project in 2-3 months. Your new senior developer who silently takes over the project is part time because he’s working on finishing his education.
No one knows how anything works, except that one guy, who left the company half a year ago. That’s how all software development is.
I used to work for a popular wrestling company, billionaire owner, very profitable, would write off any OSHA penalties as the ‘cost of doing business’ just as they did in 1998, when The Undertaker threw Mankind off Hell In A Cell, and plummeted 16 ft through an announcer’s table
I want to believe… but the morph has always been exactly.
“nineteen ninety eight when the undertaker threw mankind off hell in a cell and plummeted sixteen feet through an announcer’s table.”
But I want to believe…
Edit: looking back at previous shittymorph posts. Grammar, punctuation and delivery is at much higher standard… I’m sad 😢. I’m hoping that I’m way way wrong. Can anyone reach out to shittymorph on reddit to confirm?
That is quite an astute observation, in fact many folks would have overlooked such precise details. As you could imagine, with newness and changing situation such as a major platform shift, and as we enter a revolutionary technological time period in hopes of a prosperous fediverse, it’s easy for us to become a overzealous and infatuated with all the excitement, but we must remember, it pales in comparison to the crowd’s excitement in nineteen ninety eight when the undertaker threw mankind off hell in a cell and plummeted sixteen feet through an announcer’s table.
😢 I don’t know what to feel anymore.
What the fuck are you 2 talking about?
Back on the site-that-must-not-be-named, u/shittymorph would occasionally come out of nowhere with the one story about Hell in a Cell. It was his thing. Shortly before the place went to absolute hell, he posted saying he was stepping away for personal reasons.
We believe this is an imposter.
Confirmed imposter. Sorry everyone. 😢
I need a community for shittymorphs
You son of a bitch, I don’t know if you’re the og shittymorph, but I missed that bastard.
I’m not even mad. Feels like being home.
The company would bid on government contracts, knowing full well they promised features that didn’t exists and never would, but calculating that the fine for not meeting the specs was lower than the benefit of the contract and getting the buyers locked into our system. I raised this to my boss, nothing changed and I quit shortly after.
I’ve worked in IT consulting for over 10 years and have never once lied about the capabilities of a product. I have said, it doesn’t do that natively, but if that’s a requirement we can scope how much it would take to make it happen. Sadly my company is very much the exception.
The worst I saw was years ago I was working on an infrastructure upgrade of a Hyper-V environment. The client purchased a backup solution I wasn’t familiar with but said it supported Hyper-V. It turns out their Hyper-V support was in “beta”. It wasn’t in beta. They were literally using this client as a development environment. It was a freaking joke. At one point I had to get on the phone with one of their developers and explain how high-availability and fail-over worked.
I could very well have been that developer. Usual story, sales promised the world, that our vmware-based system would run on anything and everything, and of course it’s all HA and load balanced, smash cut to me on Monday morning trying to figure out how to make it do that before it goes live on Wednesday.
There is a million times more counterfeit/fake items at amazon than you think, and they dont care one bit to fix the problem
I bought a pepper grinder called the Pepper Cannon. Yes, its wonderfully overengineered and costs a fortune. But it’s made in the USA, and they’ve been pretty open with their startup process for making it.
Few months ago I was browsing across amazon and lo and behold, some pepper grinders that look identical to the pepper cannon came up. They were all cheaper knockoffs, selling for a fraction of the cost, and outright stealing PCs industrial design. I didn’t buy one, as I don’t need one and didn’t really care enough to test if the mechanism was the same as the one I bought, but I did drop a line to the pepper cannon guys so they can try to get em delisted
Now I want a Pepper Cannon. Would you recommend getting it, before I ruin my hype by looking up the price or what is actually is? :D
Its really great if you like pepper. It puts out an absolute ton of it, and you’ll find yourself going through way more black pepper than you thought you ever could. And the grind settings are unrivaled; you can get tiny little faerie dusts of pepper, all the way up to big honkin flakes that work great on a steak. Whenever I’m doing a brisket or similar on the smoker, its great to have on hand
Its milled out of a single billet of aluminum, the grinding mechanism js custom built, and the whole thing just screams quality.
And you pay for it. They’re around $200
There’s also a salt cannon, if you want the same sort of thing but built for salt. I got it because I like the matching pair, but you don’t strictly need it; salt is salt, regardless of where it was ground.
I recall watching a video about the nature of how things are stored at Amazon warehouses - basically if there are multiple sellers offering the same item it all goes in the same bin. Even if you are providing a genuine product, there’s a very good chance one of the other sellers is not, and that counterfeit gets sent out attached to your seller ID. Then you get a complaint for selling a counterfeit item someone else provided.
Then when that seller is caught and booted, they just register another trademark with 5-10 random characters and do it again. This is causing a massive headache for the US Trademark Office as well.
Having worked for Amazon across multiple facilities. This is not true or at least wasn’t. When stowing everything seemed pretty random for spots. Seemed to be where ever there was space. But the items themselves when not sold directly by Amazon use a different set of numbers than the B00 number I think it is an FBA (fulfilled by Amazon) number.
That being said, just going to the bathroom was enough to tank the rate for day and have to play catch-up. Lunches reset this.
In one facility they caught two people in a Gaylord having some relations. Same facility they found a used sex toy that had biological material.
they dont care one bit to fix the problem
Who is they? Warehouse workers? Because without getting into too many details, I know someone fairly high up at Amazon corporate, and if I recall correctly her colleague runs a whole…divison? I don’t know, largish multi-person unit…and their whole job is addressing the counterfeit problem. I think it’s just really hard to do.
It’s not hard to do it, its hard to do it and make the same amount of money…
Geek Squad, We were flying under the radar upgrading Macbook RAM, until one day we became officially Apple Authorized to fix iPhones, which means we were no longer allowed to upgrade Macbook RAM since the Macbooks were older and considered “obsolete” by apple, meaning we were unable to repair or upgrade the hardware the customer paid for, simply because apple said it was “too old”. it was at this point in my customer interaction, that we recommend a repair shop down the road that isn’t held at gunpoint by apple ;)
I worked as a pastor and professor for a global, evangelical television ministry/college. They knowingly conceal scholarship on the Bible and punish their pastors for asking any questions that undermine their most closely held traditions (including anti-evolution, mental illness is supernatural, etc.). They tell their US viewers that they can’t call themselves Christians if they don’t vote Republican, while still enjoying tax-exempt status. They use pseudohistorians to inspire Christian Nationalism over their network, and are one of the largest propaganda networks for the Religious Right. A U.S. Capitol police commander told me his men were fighting people who were wearing the network’s brand.
Sounds like you escaped a violent theocratic cult.
No, cults are small religions, this is a big religion
I feel like there are minimum two definitions of cult, that being a high controll group like say jones town and to a lesser but still damaging extent seventh day adventists for example and just a smaller religious grouping.
This place would 100% meet the BITE standard of cult classification.
The BITE classification was invented in order to justify hatred of small religions, by taking a word that already had a meaning (cult) and attaching a second, pejorative meaning to it. It’s like if I write a fantasy novel with a species of evil creatures called jews. Jew is already a word, and it’s a horrific act of religious persecution to take a pre-existing word for marginalised religions and spin it into an unrelated negative.
deleted by creator
I mean, no real surprise here bud.
I worked for for the railroad. Nothing is fixed ever. I witnessed hundreds of code violations every day for years. Doesn’t matter if a rail car or locomotive meets code as long as it “can travel” its good to go.
When an employee inspector finds a defective rail car management determines if it will get fixed. If the supervisor “feels” like “it’s not that bad” then the rail car is “let go”.
A lot of US freight railroads seem to love to manage themselves into the ground.
Oh, so like ambulances in the USA.
“The ambulance had issues making it unsafe (or even illegal) to drive? But it can still drive down the road? Doesn’t seem too bad: keep an eye on it.”
US? Or somewhere else? Not saying that it doesn’t happen other places just curious.
The use of ‘railroad’ instead of ‘railway’ would seem to indicate American English
There’s three ways to do a job. The right way, the wrong way, and the rail way. Also it was the great white north!
OOOOOOOH CAAAAAANADAAAAAA!
I quit a well known ecomm tech company a few months ago ahead of (another) one of their layoff rounds because upper mgmt was turning into ultra-wall street corpo bullshit. With 30% of staff gone, and yet our userbase almost doubling over the same period, they wanted everyone to continue increasing output and quality. We were barely keeping up with our existing workload at that point, burnout was (and still is) rampant.
Over the two weeks after I gave my notice I discovered that in the third-party app ecosystem many thousands of apps that had (approved) access to the Billing API weren’t even operating anymore. Some had quit operating years ago, but they were still billing end-users on a monthly basis. Many end-users install dozens of apps (just like people do with mobile phones) and then forget they ever did so. The monthly rates for these apps are anywhere from 3 to 20 dollars per month, many people never checked their bank statements or invoices (when they eventually did, they’d contact support to complain about paying for an app that doesn’t even load and may not have for months or years at this point).
I gathered evidence on at least three dozen of these zombie apps. Many of them had hundreds of active installs, and were billing users for in some cases the past three years. I extrapolated that there were probably in the high-hundreds or low-thousands of these zombie apps billing users on the platform, amounting to high-thousands to low-tens-of thousands of installs… amounting to likely millions per year in faulty and sketchy invoicing happening over our Billing API.
Mgmt actually did put together a triage team to address my findings, but I can absolutely assure you the only reason they acted so quickly is because I was on the way out of the company. I’d spotted things like this in the wild previously and nothing had ever been done about it. The pat answer has always been well people are responsible for their own accounts and invoicing. I believe they acted on this one because I was being very vocal about how it would be ‘a shame’ if this situation ever became public, and all those end-users came after the company for those false invoices at one time. It would be a PR and Support nightmare.
You have definitely interacted with this ecommerce platform if you shop online.
AOL was fined some small amount for this exact thing.
This has GOT to be Shopify
✅️ is a shopping platform
✅️ has an app ecosystem with a billing api
✅️ high probability that someone who shops online has interacted with a store on the platform
✅️ multiple rounds of layoffs w/ staff stretched thin
✅️ unclear ambitions of being a megaplatform, beyond what it already is
I guess we’ll never know, lol
So glad I never got google play. Thanks for the confirmation that was the right choice.
Name and shame!
just guessing here but sounds like the rain forest company.
I’m guessing that if you have the right kind of Pal, you could figure out a way to Pay them to help you figure it out…
1-800-got-junk? doesn’t care at all about its environmental impact. No sorting what so ever happens to what goes on their trucks it all goes to landfills. All the ads will say they recycle and that they repurpose old furniture but I was threatened with being fired when I recommended donating antiques instead of dumping a load of furniture.
More jobs and more profits comes before anything else in that company, including employee health and safety. Several times I was told to enter spaces we werent trained for (attics and crawl spaces) and carry waste I legally couldn’t transport (human/organic wastes and the laws states the driver is fined, not the company). One guy injured his shoulder during an attic job and was told to finish the shift or lose his job. Absoulte scum of a company with very sleazy management and possibly the labour board in their pocket as they kept “losing the files” when I tried to file a report with buddy’s shoulder (he was hesistant to report for fear of losing his job).
I used to work for a cable company whose name rhymes with “bombast”. They offer a wifi service whose name is a derivation of the word “infinity”. Most of the hotspots for this wifi service are provided by the Bombast wireless routers that cable customers have in their homes. So if you’re a Bombast customer, you’re helping to pay the electrical bill and giving up bandwidth in order to provide Infinity wifi.
Another fun Bombast story: the founder, a man who always wore a bowtie, died a few years ago. At a memorial service in his honor, a number of vice presidents and other executives (including my boss at the time) wore bowties. Everyone who wore a bowtie to the service was fired within a week.
Why were they fired?
The bowties
Well yeah, I got that. But did they interpret that as mockery or did I miss something?
I have no idea why they were fired or who fired them - I just know that they were fired.
Bombast had a lot of helplessly incompetent (and sometimes clinically insane) executives running things, but they never lasted that long. There seemed to be some sort of Avenging Angel of Death wandering the Bombast Center and culling the more useless examples of management. My bowtie-wearing boss was one of these and certainly deserved the axe, but I don’t know if this was true of the other members of the bowtie brigade.
It sounds like the Steven Seagull movie, Marked For Death, over there at Bombast. People who manage telecoms firms are a special kind of psycho. None of their pricing makes any sense. It’s money for old rope and there are massive variations in service and value that depend on the customers having no choice in the matter because there is so little competition in the market.
Anybody knows that one waterfall attraction in the Southeast US? The one that advertises bloody everywhere? Waterfall is pumped during the dry seasons, otherwise there’d be nothing to see. Lots of the formations are fake, and the Cactus and Candle formation was either moved from a different spot in the cave, or is from a different cave in New Mexico. Management doesn’t want people to know that, but fuck 'em.
Ruby Falls?
For some reason I’m not surprised to learn this about Ruby Falls. Lived near it awhile and visited.
Eh kinda cruddy to learn, but also was still a cool experience.
The first steel mill I worked for, the test requirements were more of a suggestion than a rigid specification. I, a trained and skilled engineer with the capacity to make informed decisions, had to run all rejections by my boss who would tell me “it’s close enough” even if it wasn’t. Sometimes it bit us in the ass with warranty failures, but the warranties were probably cheaper than internal rejections (and what is brand perception worth?).
My second steel mill job, I was the one making the rejection decisions. I did the hard thing and rejected our failures but I also troubleshot them to prevent recurrence, making our product and capability better over time.
It very much matters who you buy your steel from; two mills can have vastly different performance for the same products based on how they handle these situations.
