Sorry, I missed this comment. I actually love doing that kind of shit, I get some sort of weird pleasure out of fixing chaotic stuff like that. That tends to be my role almost all the time; I’ll come in, stay a few years, fix everything and get bored, and then move on somewhere else to do it again.

My current job is the only place that I haven’t done that, because it’s probably the best company that I’ve ever worked for.

I’m in this comment and I don’t like it.

I just finished up a ~700 line PowerShell script to send input/keep a login session from timing out due to inactivity, and prior to that was a Python script to format LetsEncrypt SSL certs in a way haproxy likes + an accompanying Bash script to make sure those certs are correct, check in the current good haproxy config to a git repo, and then restart it if there are new certs.

The only thing that I know is that I know nothing.

While those don’t tell the full story, they can be useful if deciding to have your water tested at a lab.

Everyone should spend at least a few bucks to know what they will be drinking at home on a regular basis, IMHO.

Lab testing is going to be a waste of money for most people not using well water, unless you have a strong reason to suspect something is up aside from test-strip reaults. Especially seeing as how the water chemistry is going to change at least twice per year when the water provider switches from chlorine to the chloramines and vice-versa. And pretty much all providers will give you a report of exactly what’s in the water on a monthly basis if you ask for it.

Lab results would be useful if you’re serious about homebrewing beer and don’t want to build up the water profile from scratch or really into baking, though. Just don’t do it in the early Spring/Fall, because that’s when the treatment chemicals switch and the results aren’t going to be representative of what the water is really like for that time of the year.

Before I replace it with something that won’t catastrophically collapse when the wind blows the wrong way, I get some sort of sick satisfaction out of doing autopsies on the house-built-of-matchsticks “solutions” that users come up with and I don’t know why. Some of them are truly fascinating and make you wonder how someone could possibly arrive at that conclusion based on what they were actually try to achieve.

It’s also why if I’m asked to implement something, my first question isn’t “When does this need to be done?,” it’s “What exactly is the problem you’re trying to solve?”

What a user asks for and what they actually need very rarely intersect.

Seriously, it feels like 1999 internet. And I’m loving it!

56K modem handshake sound intensifies

Try submitting a pull request for something in one of the core repos.

They behave as if every line of code in your commit is a sentence proclaiming “Why yes, your wife is a whore, your dog doesn’t love you, AND your baby is ugly.”

I’m not kidding, there’s no hyperbole in that statement. Go read some of their declined pull requests threads for some entertainment.

Even those who try to contribute to the project get eventually feeling pushed out.

Submitting a pull request to one of their repos on Github was really an experience, and I can tell you that I will never submit another one to the Lemmy project while they’re still the lead devs based on that experience.

While on the topic, this isn’t how passwords work in systems.

Passwords are stored as one way hashes. So it’s cryptoed only in one direction, it’s lossy, and can’t be recovered back to the original password.

When you log on, your cleartext PW is hashed in ephemeral memory/storage and then the cleartext password is thrown away.

That hash is compared to the hash in the DB. If the hash matches, then you have access. If it doesn’t, then your PW is incorrect.

Oh my sweet Summer Child. This is definitely how it’s supposed to work, but there are plenty of services that just don’t know what the fuck they’re doing.

Have you ever been on a site that has a stupid-low character limit for a password? There’s literally no reason to do that, all the hashes are going to end up the same size in the DB anyway regardless of the original string length. Even bcrypt’s max secret character limit is 70-something characters.

Ever change a password and have it not work on the next login because they’re silently truncating it after a certain character limit? Ever get an email with an actual password in it?

The only reason you would do things like this is if you’re storing/processing passwords in plaintext and not hashing it client-side first.

I can think of 3 offenders of this off the top of my head. It’s a lot more common than you’d think.

hunter2

Wow, what a coincidence, my password is ******* too!

Were told our assignments in high school would get an automatic zero if we didn’t turn them in in cursive, even…

Lots of those in C# now, especially with Unity coming along like it did.

On Error Resume Next never before have more terrible words been spoken.

Every time I’m reading a PowerShell script at work and see -ErrorAction SilentlyContinue I want to scream into a pillow and forcefully revert their commit.

I’ve actually done it a few times, but I want to do it every time.

Eh, it depends. Other low-level things (systemd, glibc, etc) need a reboot too.

It’s likely because they use it as the primary/unique identifier for the account, which is just dumb. It’s like they’ve never heard of a UUID/GUID before.

CBOE will create options for it pretty soon after IPO, probably that week or the next. You’ll definitely be able to buy puts on it before you’ll be allowed to short sell it.

They really don’t, though. Inclusion/exclusion operators work most of the time, but it’ll still return results with explicitly-excluded keywords. It also fucks up results by returning entries with similar words to your query, even when you double-quote a part of the search term. Advanced queries that use booleans and logical AND/OR don’t work at all anymore, that functionality has been completely removed. It returns what it thinks you want, not what you actually want, even when explicitly crafting a query to be as specific as possible.

I use Kagi for search now and it’s 1000x better, especially when researching technical issues; it’s like when Google actually respected your search terms and query as a whole.

BTW, any authenticator app works when it tells you to use one. They all use a standard, so it doesn’t matter which one you use.

Eh, it’s a little more nuanced than that, there’re more standards for MFA code generation than just TOTP.

And even within the TOTP standard, there are options to adjust the code generation (timing, hash algorithm, # of characters in the generated code, etc.) that not all clients are going to support or will be user-configureable. Blizzard’s Battle.net MFA is a good example of that.

If the code is just your basic 6-digit HMAC/SHA1 30-second code, yeah, odds are almost 100% that your client of choice will support it, but anything other than that I wouldn’t automatically assume that it’s going to work.

The tipping point for me was getting a sitewide ban for commenting “It’s always OK to punch a Nazi.”

really wish Linux would could up something similar.

I mean, it kinda already exists. Just run it in a Docker container and remap the users in the container to non-existent uids/gids on the host.

I wonder when there will be a Windows client for KDE Connect.

Wonder no more.