▪█─────█▪

  • 3 Posts
  • 146 Comments
Joined 1 year ago
cake
Cake day: June 19th, 2023

help-circle
  • > And despite security recommendations, too many IT depts still force password resets every 90 days…

    It could be for contractual or for insurance reasons. We have some contracts with government agencies that require it, and our cyberinsurance also does. Even though NIST has been recommending for years to do long passphrase + MFA and no reset unless you suspect compromise.

    So yeah, the reason behind this might not be just plain incompetence.


  • tool@r.rosettast0ned.comtoProgrammer HumorFrontend vs backend
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    This is why I got all of our devs to start building with the target of a Docker container in mind.

    And for the ones who still won’t or can’t wrap their brains around Docker, I run their shit through a Github Actions workflow that spits out their ugly baby as a Docker container. In the end, I don’t give a shit what it is, your Rube-Goldberg piece of shit is getting stuffed into a Docker container.

    “It works on my machine!” Yeah, well, your machine is now everyone’s machine thanks to the magic of containers. Now fix your broken shit so PagerDuty doesn’t call me at 3am again. Fuck.



  • All the while they uphold objectively-racist comments despite several reports. Fucking weird.

    I mentally checked out of reddit when I got a comment deleted and a 3-day sitewide ban for saying:

    “It is always OK to punch a Nazi.”

    It was a literal comment, not figurative, nothing was being compared, etc. Just a straight statement about actual past and present-day Nazis. Ban.

    The 3rd-party app fiasco happened a couple of weeks later, and that was the second sign that I needed to GTFO.



  • Well you see, finding a way to reliably deliver ads via the API would have taken far too much developer brainpower for a company that can’t make a functional video player or a mobile app

    It honestly wouldn’t be that hard at all. You deliver ads via the API alongside actual posts, as if they are an actual post, and forbid altering them in the developer ToS. If you want to be anal about enforcement, run popular 3rd-party apps in an emulator to verify that the JSON returned by the site is unaltered when it’s rendered in the app. You could put this together in a weekend.

    Which really just speaks to quality of talent at reddit, or the management at reddit suppressing that talent. Or both.






  • I hate Node and NPM so much that I have a physical reaction to just seeing the words now.

    I already disliked Node & NPM quite a bit, but the hatred and disgust got to the point it is now after having to write a CI/CD pipeline in Groovy/Jenkins for a Node site that that our devs were building. I had to automate the build/deployment of Satan’s favorite framework in Satan’s favorite language. I came pretty close to quitting.

    It’s out the door now, but I’m in the middle of reimplementing the pipeline in Github Actions so I don’t drink myself to death when they come knocking to do it again.