Our business-critical internal software suite was written in Pascal as a temporary solution and has been unmaintained for almost 20 years. It transmits cleartext usernames and passwords as the URI components of GET requests. They also use a single decade-old Excel file to store vital statistics. A key part of the workflow involves an Excel file with a macro that processes an HTML document from the clipboard.
I offered them a better solution, which was rejected because the downtime and the minimal training would be more costly than working around the current issues.
downtime
minimal retraining
I feel your pain. Many good ideas that cause this are rejected. I have had ideas requiring one big downtime chunk rejected even though it reduces short but constant downtimes and mathematically the fix will pay for itself in a month easily.
Then the minimal retraining is frustrating when work environments and coworkers still pretend computers are some crazy device they’ve never seen before.
The library I worked for as a teen used to process off-site reservations by writing them to a text file, which was automatically e-faxed to all locations every odd day.
If you worked at not-the-main-location, you couldn’t do an off-site reservation, so on even days, you would print your list and fax it to the main site, who would re-enter it into the system.
This was 2005. And yes, it broke every month with an odd number of days.
As weird as it may seem, this might be a good argument in favor of Pascal. I despised learning it at uni, as it seems worthless, but is seems that it can still handle business-critical software for 20 years.
What OP didn’t tell you is that, due to its age, it’s running on an unpatched WinXP SP2 install and patching, upgrading to SP3, or to any newer Windows OS will break the software calls that version of Pascal relies upon.
The company would bid on government contracts, knowing full well they promised features that didn’t exists and never would, but calculating that the fine for not meeting the specs was lower than the benefit of the contract and getting the buyers locked into our system. I raised this to my boss, nothing changed and I quit shortly after.
I’ve worked in IT consulting for over 10 years and have never once lied about the capabilities of a product. I have said, it doesn’t do that natively, but if that’s a requirement we can scope how much it would take to make it happen. Sadly my company is very much the exception.
The worst I saw was years ago I was working on an infrastructure upgrade of a Hyper-V environment. The client purchased a backup solution I wasn’t familiar with but said it supported Hyper-V. It turns out their Hyper-V support was in “beta”. It wasn’t in beta. They were literally using this client as a development environment. It was a freaking joke. At one point I had to get on the phone with one of their developers and explain how high-availability and fail-over worked.
I could very well have been that developer. Usual story, sales promised the world, that our vmware-based system would run on anything and everything, and of course it’s all HA and load balanced, smash cut to me on Monday morning trying to figure out how to make it do that before it goes live on Wednesday.
I worked in government contracting (and government, for that matter) for years and that blows my mind. I can’t remember the details, but if you even had a bad reviews, much less being found noncompliant, it could disqualify you entirely from some contract vehicles for a matter of years. Wild that there’s some agency that somehow lets people get away with fraud.
Also, if that cost the government money, there’s a chance you could report that after the fact and make some money.
eh DHCP isn’t really important right? obviously if it hasn’t changed since the 80’s why would you need to reboot your server.
what are vulnerabilities?
The contractor I worked for was run by a man who used to say “if the contract says they’ll blow up the contractor on delivery, we’re putting in a bid and solve the problem later”
Promising features that never existed is part and parcel to a lot of software sales, whether gov or private. Speaking from post-sales experience.
i worked for a hybrid hosting and cloud provider that was partnered with Electronic Arts for the SimCity reboot.
well half way through they decided our cloud wasn’t worth it, and moved providers. but no one bothered to tell all the outsourced foreign developers that they were on a new provider architecture.
all the shit storm fail launch of SimCity was because of extremely shitty code that was meant to work on one cloud and didn’t really work on another. but they assumed hurr hurr all server same.
so you guys got that shit launch and i knew exactly why and couldn’t say a damn thing for YEARS
Health insurance company I worked for would automatically reject claims over a certain amount without reviewing them. Just to be dicks and make people have to resubmit. This was over 25 years ago, but it’s my understanding many health insurers still pull this shit. They don’t care if it’s legal or not. Enforcement is lazy and fines are cheaper than medical claims.
Obviously this is in the USA.
We need a whole branch of government dedicated to fucking with insurance companies. They basically generate free money by having money, they don’t actually provide any net positive outside of just having money
We need to move to single payer healthcare and just eliminate the need for insurance companies.
Here is an alternative Piped link(s): https://piped.video/watch?v=-wpHszfnJns
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
How does this work? Had someone already uploaded it to an instance of peertube?
From what I can understand, it’s just youtube with another frontend (i.e. it’s an app that shows youtube content)
That’s pretty much the only BDG video I couldn’t finish. Too dark. Everything else has been delightful
I don’t think I’ve finished it either tbh
I did finish it but I need like at the beginning without understandong anything. Lucky for me I am not in USA.
1-800-got-junk? doesn’t care at all about its environmental impact. No sorting what so ever happens to what goes on their trucks it all goes to landfills. All the ads will say they recycle and that they repurpose old furniture but I was threatened with being fired when I recommended donating antiques instead of dumping a load of furniture.
More jobs and more profits comes before anything else in that company, including employee health and safety. Several times I was told to enter spaces we werent trained for (attics and crawl spaces) and carry waste I legally couldn’t transport (human/organic wastes and the laws states the driver is fined, not the company). One guy injured his shoulder during an attic job and was told to finish the shift or lose his job. Absoulte scum of a company with very sleazy management and possibly the labour board in their pocket as they kept “losing the files” when I tried to file a report with buddy’s shoulder (he was hesistant to report for fear of losing his job).
I’ve had a few friends work for them out in Montreal, and their parent company (2 Men and a Truck). According to them it’s a mob-operated business.
Oh no! I had a great experience with 2 men and a truck when I he used them! No idea it was associated with the 1 800 junk folks
Thats painful to read
Anybody knows that one waterfall attraction in the Southeast US? The one that advertises bloody everywhere? Waterfall is pumped during the dry seasons, otherwise there’d be nothing to see. Lots of the formations are fake, and the Cactus and Candle formation was either moved from a different spot in the cave, or is from a different cave in New Mexico. Management doesn’t want people to know that, but fuck 'em.
Ruby Falls?
After looking it up, you can find reports from others stating the same things. When I was there as a kid, I remember that they claimed no one knew where the source of the water came from… I guess they actually know enough to help it out at least, lol
I really enjoyed it and would like to go again, but it’s no Mammoth Cave.
Ye!
Geek Squad, We were flying under the radar upgrading Macbook RAM, until one day we became officially Apple Authorized to fix iPhones, which means we were no longer allowed to upgrade Macbook RAM since the Macbooks were older and considered “obsolete” by apple, meaning we were unable to repair or upgrade the hardware the customer paid for, simply because apple said it was “too old”. it was at this point in my customer interaction, that we recommend a repair shop down the road that isn’t held at gunpoint by apple ;)
Isn’t the ram soldered? Is it too hard to upgrade?
if you have a hot air desoldering station it shouldn’t be too hard. but it’s a tool that most people aren’t going to have on hand.
You used to be able to just pop it out and swap. Those were the days
Not for some models at the time, we also did SSD upgrades which we werent allowed to do. Even more ridiculous
I quit a well known ecomm tech company a few months ago ahead of (another) one of their layoff rounds because upper mgmt was turning into ultra-wall street corpo bullshit. With 30% of staff gone, and yet our userbase almost doubling over the same period, they wanted everyone to continue increasing output and quality. We were barely keeping up with our existing workload at that point, burnout was (and still is) rampant.
Over the two weeks after I gave my notice I discovered that in the third-party app ecosystem many thousands of apps that had (approved) access to the Billing API weren’t even operating anymore. Some had quit operating years ago, but they were still billing end-users on a monthly basis. Many end-users install dozens of apps (just like people do with mobile phones) and then forget they ever did so. The monthly rates for these apps are anywhere from 3 to 20 dollars per month, many people never checked their bank statements or invoices (when they eventually did, they’d contact support to complain about paying for an app that doesn’t even load and may not have for months or years at this point).
I gathered evidence on at least three dozen of these zombie apps. Many of them had hundreds of active installs, and were billing users for in some cases the past three years. I extrapolated that there were probably in the high-hundreds or low-thousands of these zombie apps billing users on the platform, amounting to high-thousands to low-tens-of thousands of installs… amounting to likely millions per year in faulty and sketchy invoicing happening over our Billing API.
Mgmt actually did put together a triage team to address my findings, but I can absolutely assure you the only reason they acted so quickly is because I was on the way out of the company. I’d spotted things like this in the wild previously and nothing had ever been done about it. The pat answer has always been well people are responsible for their own accounts and invoicing. I believe they acted on this one because I was being very vocal about how it would be ‘a shame’ if this situation ever became public, and all those end-users came after the company for those false invoices at one time. It would be a PR and Support nightmare.
You have definitely interacted with this ecommerce platform if you shop online.
I’m unfortunately dependent upon said company, as a “partner”, which just means a hack indie developer who herds customers to the slaughter for the corp.
The last round of layoffs was a brutal experience for the “Plus” customers. They lost crucial advisers and support, and now the guidance available is a bored and untrained chat support thrall on the other side of the world, or a stochastic parrot.
You can smell the enshittification from here. The vendor lock-in is so intense it seemed inevitable.
You’re absolutely right on all counts. And that’s why I quit (without waiting around to be laid off which frankly the severance package would’ve been nice). I got hired into the first (private) company I applied to, I’m thriving, and I don’t miss that stink of wall street/silicon valley money at all.
I recently discovered that somehow I set up billing for a VPN directly from the company and also through Google Play. I probably got a renewal email and just followed the instructions. I went back through my bank statements and I’ve been double charged for probably at least 2 years and just never noticed it. It was only about $10 a month. I just feel really stupid for not noticing it until now and it’s entirely my fault. I cancelled the one through Google Play. You live and you learn!
lmfao. Does the VPN company’s name start with a W by any chance? If so, I am very aware of that issue as well. 😂
I guessing it’s Amazon’s old android app store? I remember lots of users having a lot of hope for that app store bringing competition and higher quality app and app store quality. Oh how naive we were.
AOL was fined some small amount for this exact thing.
This has GOT to be Shopify
✅️ is a shopping platform
✅️ has an app ecosystem with a billing api
✅️ high probability that someone who shops online has interacted with a store on the platform
✅️ multiple rounds of layoffs w/ staff stretched thin
✅️ unclear ambitions of being a megaplatform, beyond what it already is
I guess we’ll never know, lol
Name and shame!
just guessing here but sounds like the rain forest company.
I’m guessing that if you have the right kind of Pal, you could figure out a way to Pay them to help you figure it out…
There is a million times more counterfeit/fake items at amazon than you think, and they dont care one bit to fix the problem
It’s what happens when it turns into a marketplace where 3rd party vendors can sell to.
This is not a secret
I always thought there’s exactly 0 counterfeit/fake items at amazon, so … 0 times million … phew…
/s
I wrote a review about a counterfeit item I received. They never approved that one. I haven’t bought cologne from them since.
I bought a bicycle light set (front and rear) a few years ago. They work fine (in fact, I still use the headlight; the rear still works, but it was replaced by a radar light), and I wrote a review. More recently, I was looking back through my purchases, and I came across the review I’d written, but the lights they were now selling on that page were a completely different design than the ones I had.
I edited my review to note that the current lights didn’t match the ones I had, not that it’ll do any good with a million other reviews of those lights. I know Amazon doesn’t really care, but I very often see “There is a newer version of this item available here” links, so I’m surprised that this was possible.
I’ve gone through reviews where it’s not even the same product. 🤬
I recall watching a video about the nature of how things are stored at Amazon warehouses - basically if there are multiple sellers offering the same item it all goes in the same bin. Even if you are providing a genuine product, there’s a very good chance one of the other sellers is not, and that counterfeit gets sent out attached to your seller ID. Then you get a complaint for selling a counterfeit item someone else provided.
Then when that seller is caught and booted, they just register another trademark with 5-10 random characters and do it again. This is causing a massive headache for the US Trademark Office as well.
Exactly why I only buy from Amazon when I can’t find it after searching elsewhere for a while.
One of the major issues is counterfeit baby products, specifically sleep products. In the US, sleep spaces for babies are highly regulated. The terms “bassinet, crib, and playard” are terms that can only be used for products that pass rigorous ASTM testing. If something doesn’t complete that testing then they are not allowed to use one of those terms in ads or on their manual. This is why you’ll see many products listed as “loungers” because they’re not safe for sleep. There are hundreds of products online that are horribly made and steal manuals of actual approved products. Amazon is notified (groups I’m in notify them) and they don’t care. There are also products that aren’t knock-off versions of things but just flat out lie and say a product is safe for sleep when it isn’t and will use one of the protected terms - which makes the sale of them illegal.
they dont care one bit to fix the problem
Who is they? Warehouse workers? Because without getting into too many details, I know someone fairly high up at Amazon corporate, and if I recall correctly her colleague runs a whole…divison? I don’t know, largish multi-person unit…and their whole job is addressing the counterfeit problem. I think it’s just really hard to do.
Well the easiest solution is to go back to having Amazon be the seller of products on Amazon, but we all one that ship sailed.
But if the problem is shared bin storage, the solution isn’t free, but it’s also not as expensive as lots of buyer confidence:
Tag every item with a QR code indicating its source when it comes into the distribution center. Use that code to identify the bad actors when there are returns and ban them.
“But what about products not shipped by Amazon?”
In that case, you know who sold and shipped the product, and if they can’t get their shit together they shouldn’t be allowed to work with Amazon.
Amazon has a policy of binning items with the same UPC together, regardless of the source. What this means is if you buy a valid product and any vendor who is part of their warehouse storage system sells counterfeits, then there is a chance of you getting a counterfeit part, regardless of who you buy from. This reduces the number of locations required for a given item. It just requires that you trust your vendors to not counterfeit. If they were kept separate you could easily see who is selling counterfeits, but it would require more space.
So Amazon has traded the ability to sell parts from verifiable vendors for short-term profits. At this point in the game, your best assumption is if there is any knock-off company selling the product you wish to buy you have no way of knowing it it’s legitimate or counterfeit. This is currently diluting their brand and will ultimately impact their sales, if not their profits.
Amazon makes something like 80% of their profit off of Amazon web services. They have no reason to give the tiniest crap about any physical product they will ever sell ever again.
It’s not hard to do it, its hard to do it and make the same amount of money…
I bought a pepper grinder called the Pepper Cannon. Yes, its wonderfully overengineered and costs a fortune. But it’s made in the USA, and they’ve been pretty open with their startup process for making it.
Few months ago I was browsing across amazon and lo and behold, some pepper grinders that look identical to the pepper cannon came up. They were all cheaper knockoffs, selling for a fraction of the cost, and outright stealing PCs industrial design. I didn’t buy one, as I don’t need one and didn’t really care enough to test if the mechanism was the same as the one I bought, but I did drop a line to the pepper cannon guys so they can try to get em delisted
Now I want a Pepper Cannon. Would you recommend getting it, before I ruin my hype by looking up the price or what is actually is? :D
Its really great if you like pepper. It puts out an absolute ton of it, and you’ll find yourself going through way more black pepper than you thought you ever could. And the grind settings are unrivaled; you can get tiny little faerie dusts of pepper, all the way up to big honkin flakes that work great on a steak. Whenever I’m doing a brisket or similar on the smoker, its great to have on hand
Its milled out of a single billet of aluminum, the grinding mechanism js custom built, and the whole thing just screams quality.
And you pay for it. They’re around $200
There’s also a salt cannon, if you want the same sort of thing but built for salt. I got it because I like the matching pair, but you don’t strictly need it; salt is salt, regardless of where it was ground.
I worked for a pretty popular magazine back in the late 90’s. One day near the beginning/middle of 2000, we were all called down to the bullpen for a last minute meeting by management and marketing. (That’s never a good sign.)
We were told that we have a great product with amazing writing, but marketing doesn’t know how to sell it so they’re closing us down. Instead, we went online only. I was the web developer so I survived the firings.
So then we figured that we were set because our website produced more content and had more traffic than any of the company’s other websites. However, in March of 2001, we had another emergency meeting. Again, we were told our content was great, but the company was going in another direction. Instead of producing our own content, the company was going to just repost other sites’ content. I and everyone else in my team were let go.
Needless to say, the whole “we’ll just repost what other people posted” plan didn’t go so well. Last time I checked, the company wasn’t doing very well at all.
Probably not, but sounds like Cracked.com?
I worked for an online payment company you all know. Many eployees have access to the main DB which holds all transactions and names and everything in clear text. You could basically find out all PII (personal identification information) of any celebrity you wanted given they had anaccount. Address, phone number, credit card and all. If you knew a bit of SQL you could basically find whoever person you wanted and get purchase history and all.
Cant say I didnt use this to find stuff about my exes or various celebrities.
Address, phone number, credit card and all.
Oh wow. As someone who used to work in Fintech and who built a PCI-DSS compliant system got it successfully certified, it would be a shame if somebody reported that company for violations that could get them to lose their PCI-DSS certification. I mean, do they just bribe their PCI-DSS auditor to overlook this, or have they just managed to hide this blatant issue so far?
Its been about 10 years ago I wasnt a pci expert then as i am now. My understanding today is that the db was probably pci compliant. But access to it was pretty promiscuous.
Please name the company?
Not a chance. I might be in trouble if I expose this. As a data engineer integrity is very important. But trust me you know the company.
If it’s not paypal, deny it
It’s pretty depressing, but the fact that soil and groundwater are almost certainly contaminated anywhere that humans have touched. I’ve seen all kinds of places from gas stations, to dry cleaners, to mines, to fire stations, to military bases, to schools, to hydroelectric plants, the list could go on, and every last one of them had poison in the ground.
Some places are insanely polluted to the point where you wonder how a whole company could be so braindead and essentially poison themselves.
A place not far from where I live had a chemical plant which just dumped loads of chemicals on a meadow for years. Now there are ground water pumps installed there which need to run 24/7 so that the chemicals don’t contaminate nearby rivers and hence the rest of the country.
When taking samples from the pumped up water you can smell gasoline.We’re house shopping and there has been a house on a lake sitting on the market forever. I got curious and researched the lake and… It’s a literal superfund site. The company that was on the other side of the lake just dumped their waste chemicals right on the shore and it has polluted both the lake and ground water forever essentially because they don’t break down. I looked up the previous owner… Died of cancer. The shit that companies are and were allowed to get away with is just insane. Meanwhile right wing nut jobs want to get rid of the EPA (which was ironically created by Richard Nixon).
The largest lake in the UK by area got massively polluted and turned into a swamp of toxic green algae. It’s crazy how people just let stuff like that happen.
The programming team that is working hard on your project is just one dude and he smells funny. The programming team you’ve met in your introductory meeting are just the two unpaid interns that will be fired or will quit within the next two months and don’t know what’s happening. We don’t do agile despite advertising it. Also your project being a priority means it’ll be slapped together from start to finish 24 hours prior to the deadline. Oh and there will be extra charges to fix anything that doesn’t work as it should.
Can confirm. I am the smelly guy. Leave me alone and you get code. Bother me and you don’t.
Worked support for an electricity supplier. I was able to see a frightening amount of info about the customers. Even past ones who had moved elsewhere.
We also kept notes about each call, email, web or app chat. So if you were an asshole in the past, everyone will know going forward.
Also fuck landlords and landladies etc. More often than not, they were shitty to deal with.
Also we would often use Google Maps and Streetview to see what your house looked like. We also had pictures of the inside because the installation techs took pictures to confirm that works were completed as specified.
Alll of this was available to us for any reason, at any time with no oversight. And none of it was encrypted. There was also government websites in use up to 2020 that required internet explorer to use and had passwords as trivial as ‘Password1’.
I left that job because the pay was lousy and the stress was pretty full on. I respected a lot of people that worked there. Both higher ups and people who came after me. But fuck was there a lot of potential for bad actors or like stalkers etc to mess with your info.
I would reccomend to everyone. Please use password managers. Especially decent open source ones like Bitwarden. Take note of every piece of info that you give a company. From your phone number, address, email etc to even when you contacted them. Also try to not have your home look like an abandoned hovel on Streetview lol. Easier said than done I know. But it may affect your dealings with support people that you need help from. And lastly, please dont use Password1 as a login. Ever. Like please.
i would recommend Keepass
I worked as software engineer and my boss tolerated me going to office at 2pm and leave at 9pm. It’s against company policy, certainly, but no one talked about it. It still is my most productive and happy time.
This comment is not like the others, lol.
Good on your manager.
I’m changing jobs at the moment. I accepted a position at a UK office of an American company which I was a perfect fit for but they wouldn’t tolerate remote working or flexitime. A few days after, I was offered a job at a UK company offering 80% remote work and very generous flexi but for £5000/year less. I let the American company know I wouldn’t be starting with them after all. Honestly, it this day and age flexible hours and such aren’t a big ask for most information workers and work-life life balance is too important.
