WTF Bites
-
@Benjamin-Hall said in WTF Bites:
WTF Status: Taking Linkedin "skill quizzes" to pretend I'm doing something useful. Just took a .NET one. Passed "above the 70th percentile". Considering that I totally guessed on about half of them (usually could narrow it down to 2 answers out of 4), I'm not sure I like what that says about the competition. Hence why it's in this thread.
Most people go to LinkedIn to browse job postings and nothing else. I bet a vast majority of those taking the quiz are too stupid to realize how useless it is. Does-worse-than-a-monkey-selecting-answers-at-random stupid. No offense.
-
@loopback0 I don't even care at this point. I just hope it doesn't accidentally any of the important files.
-
@Benjamin-Hall said in WTF Bites:
WTF Status: Taking Linkedin "skill quizzes" to pretend I'm doing something useful. Just took a .NET one. Passed "above the 70th percentile". Considering that I totally guessed on about half of them (usually could narrow it down to 2 answers out of 4), I'm not sure I like what that says about the competition. Hence why it's in this thread.
Most people go to LinkedIn to browse job postings and nothing else. I bet a vast majority of those taking the quiz are too stupid to realize how useless it is. Does-worse-than-a-monkey-selecting-answers-at-random stupid. No offense.
Oh I'm sure that the quizzes are pointless. Unless they help me pass a robo-screen. And anyway, at this particular point it's more about tricking myself into thinking that I'm doing something useful, while not actually spending any real effort. Because there's very little of the latter to go around right now.
-
And now for something completely different:
I wonder if he spent even one second thinking over the name of his channel.
He introduces himself as "TomatoAngus. the G is silent" at GDQ.
-
@ben_lubar but on ESA he used his real name. I guess he'd do the same on GDQ if they didn't stop him. Still, I wonder how it impacts his YT monetization.
-
@ben_lubar but on ESA he used his real name. I guess he'd do the same on GDQ if they didn't stop him. Still, I wonder how it impacts his YT monetization.
I feel like the censored version of his introduction is funnier
-
by the way, if anyone wants to see a really entertaining speedrun with explanations and props(!)
-
@HardwareGeek said in WTF Bites:
I want to buy some stuff from Lowes. I want to buy it from Lowes rather than Home Depot because BofA will give me 10% cash back on an online purchase from lowes.com for a limited time if I use my debit card. So I'm buying a bunch of stuff I probably would have bought onesy-twosy over the next couple of months — maximize that 10% saving — including a bunch of lumber. Home delivery, because social distancing, and the delivery fee doesn't seem to increase, no matter how much stuff I'm having delivered. (At least I haven't hit any fee increase since I changed the first item to "delivery.")
So I have $1500 worth of stuff in my cart, and I'm figuratively waving a fistful of cash yelling "Shut up and take my money!" Checkout. Enter name and address. CONTINUE is still grayed-out. Click it anyway. Nothing happens. Maybe it didn't like the fact that FireFox automatically filled in the form fields; it wants to detect a keypress in each field. Nope; still disabled.
F12 Console. Lots of red. Apparently, the form depends on some non-lowes.com JS that is blocked by CORS policy. Or maybe it's one of the 2651635420182 scripts blocked by ABP and/or Ghostery.
If Lowes really doesn't want my money, I'm happy to give my business to Home Depot. (Some stuff I wanted to order I didn't order from Lowes, because their quality/selection of those particular items is
.) The 10% rebate would be nice, though.If it's a
strategy to get me to think of more stuff I need/want while trying to place the order, it's working. I've more than doubled the amount of money I want to give them (I'm pretty much buying a complete woodworking shop in one purchase, except a table saw, because my current projects don't need one, and a drill press, because I don't like their selection), but they still won't take it. I'll call their customer service tomorrow and see if they can get the order to go through. In the meantime, though, I think some stuff that was discounted when I put it in my cart isn't discounted anymore; my cart currently says "Total Savings $100.20", but I'm almost certain it was around $150 when I first tried to check out.
-
The study found that 70% of applications have a security flaw in an open source library on an initial scan. The other big picture findings were:
- The most commonly included libraries are present in over 75% of applications for each language.
- 47% of those flawed libraries in applications are transitive.
- More than 61% of flawed libraries in JavaScript contain vulnerabilities without corresponding common vulnerabilities and exposures (CVEs).
- Using any given PHP library has a greater than 50% chance of bringing a security flaw along with it.
- Fixing most library-introduced flaws can be done with a minor version upgrade.
-
@Zerosquare Don't forget that some of these reports are a bit over-zealous. I fixed a problem the other day where a dependency had a CVE reported against it which would have been serious, except that the CVE was in a component of the library that we didn't use and the whole thing is a local application (not a service) so there's basically no scope for doing anything bad anyway; nothing to escalate to that the user didn't already have.
Automated scanning tools are still not close to catching everything, and are still reporting plenty of noise from false positives.
-
WTF are you doing, auto-correct?!
And fuck the
composer window for screwing up text entry so it didn’t show a preview of what auto-correct was about to do. (You can see it did show three suggestions I didn’t tap for the underlined word, but normally it’d also show the word it would auto-replace with once you’re finished, including an x you can tap to cancel. That one didn’t appear.)Can we please at least optionally get a native, plain text field instead of whatever JS abomination this composer is?
-
WTF are you doing, auto-correct?!
Could you have accidentally enabled Discourse mode by any chance?
-
WTF of my day: Okay, LDAP is weird. My current Node project is using LDAP to check the credentials and get the userinfo. Among those points of data: First and last name.
Because I'm loathe to trust a node module where the last update was from five years ago (with the "issues" category having a non-zero amount of issues), I'm simply usingldap-tools, issuing ldap commands directly to the command line and then parsing the return. Yes, with regexp. Sue me.Today I noticed that some names did not come through, resulting in empty strings for the first name or last name (or both). Oh, yeah,
/sn: (\w+)/will not hit anything special like Umlauts. No worries, simply put the Unicode area for special characters in there (but only those based on Latin characters) and Bob's your uncle.Yeah, no. Still no hits. So I looked a bit more closely at what was actually returned. Turns out that, as soon as you have something special in there, you get this
sn:: Rm9vIGJhciA=Basically, a Base64encoded UTF8 string. And there won't be an
sn:line. But only sometimes. Sometimes it will do an approximation whereÖturns intooe(which is the proper way to do it if you're converting to plain ASCII).
-
@Rhywden At least it doubles up the colon character so you know what happened...
This reminds me of a bugfix which I've seen recently where somebody was assuming that the base64-encoded output from ldap-tools was the same as what is actually being returned from the LDAP server. Well, the people with simple Latin characters which just happened to be 4 or 8 characters long didn't appreciate it when their name field was turned into a bunch of control characters...
-
the people with simple Latin characters which just happened to be 4 or 8 characters long didn't appreciate it when their name field was turned into a bunch of control characters...
: Cool! I'm safe!
-
Phase diagrams are involved. Water, for example, is not merely three phases:
No, that's not correct
Polywater missing! And some when all water will turn into polywater.
-
https://twitter.com/mcbazza/status/1264551898473955328
eBay is port scanning visitors to their website - and they aren't the only ones - nem.ec
Websites are scanning for open ports on your PC to help fight fraud, but this data also flows into a massive, global tracking database.
-
More iPad app updating
noticed. Update during night while idling, connected to charger and with wifi? Still nah. Update while the iPad is being actively used and on mobile data? Yes! And I checked the settings and downloading updates on mobile data is disabled. Good job, Apple...
-
More iPad app updating
noticed. Update during night while idling, connected to charger and with wifi? Still nah. Update while the iPad is being actively used and on mobile data? Yes! And I checked the settings and downloading updates on mobile data is disabled. Good job, Apple...Where could they possibly learn that? Reminds me of one incident...
It was in early oughts (2004 or something) and I was in remote location with some friends, connected by mobile data (not phone, but special network with special receiver, using the then-recently freed 450MHz band). And suddenly the connection became completely clogged. By packet-snooping, we quickly traced the culprit: my Windows XP box, downloading something big from Microsoft IP address.
All updates were, of course, completely disabled. Nothing was shown anywhere, no "Windows update is running" or anything; everything completely hidden, in background.
Out of curiosity, we let it run the whole download, to see what is this critical super-secret super-important update.And after 6-7 hours, the download finished and installer window poped up.
Windows Media Player (the New And Shiny version).
-
Well, the people with simple Latin characters which just happened to be 4 or 8 characters long didn't appreciate it when their name field was turned into a bunch of control characters...
I was fixing something similar—after myself, it only popped up when the configuration broke—just yesterday. I needed to pick something¹ from a config in json format. So I did
auth=$(jq -r ".auths[\"$hostname\"].auth" | base64 -d) [ -n "$auth" ] || error …Well, it turns out that when the entry is not there,
jqdoes not error out, but simply returnsnull. Andnullis actually a valid base64, producing some byte-string that is not valid utf-8, but shell does not care (much) about encodings and just takes it and it is non-empty, so the error did not trigger.Part of the reason for this mistake is that the behaviour of
jqis rather surprising (like if that was surprising with anything javascript-related, right?):$ echo '{ "foo": { "bar": "yes" }}' | jq -r .foo.bar yes $ echo '{ "foo": 42 }' | jq -r .foo.bar jq: error (at <stdin>:1): Cannot index number with string "bar" $ echo '{ "foo": {} }' | jq -r .foo.bar null $ echo '{ "foo": null }' | jq -r .foo.bar nullThat is, trying to index non-object results in an error, but trying to index null results in null. And while there is a way to ignore the error in the former case, there does not seem to be any to force it in the later. The only way I found was to add
// error("missing"), which errors on the null value of the final result.
-
More iPad app updating
noticed. Update during night while idling, connected to charger and with wifi? Still nah. Update while the iPad is being actively used and on mobile data? Yes! And I checked the settings and downloading updates on mobile data is disabled. Good job, Apple...They must have mixed up imperial and metric booleans. They should talk with NASA about that...
-
@loopback0 I don't even care at this point. I just hope it doesn't accidentally any of the important files.
I used to have a laptop I used all the time for playing Minecraft and other games. The GPU would often overheat while gaming and it would trigger a poweroff safety mechanism. I just ignored it every time, never running a disk check or anything like that. The first time I used the Disk Cleanup utility after years of abuse to this poor laptop, the filesystem corruption was so bad that it nuked most of the system files. Only programs that were already running still worked (such as Google Drive and Chrome); it was impossible to start any new programs or run any command line utilities because they were all deleted or depended on missing system DLLs. I used Google Drive to salvage all data I could and then upon restarting it wouldn't boot. Always run disk check and sfc before Disk Cleanup.
-
Duck Duck Go suggested this word, "froughtious", while I was searching for the spelling of something else:
I got curious on what it meant:
-
They must have mixed up imperial and metric booleans. They should talk with NASA about that...
NASA does not mix these things up—NASA uses metric everywhere. It's just that the rest of the USA is misguided on the matter.
-
Update while the iPad is being actively used and on mobile data? Yes!
What
? Only on "common" mobile data, not on "roaming" in a far away (i.e. very expensive) country? E.g. my German prepaid card charges me 12 Euros per Mega(!)byte in Asia. That would be a deal, yeah!
-
Defining a System.TimeSpa
mn can be complicated. And my good cow-orkers found a way to obfuscate it.What about
private TimeSpan m_Timeout = new TimeSpan(0, 0, 0, 0, 8000);Yes, that's a correct definition. There's a constructor
public TimeSpan(int days, int hours, int minutes, int seconds, int milliseconds)hence it's correct. But why does Johnny not use a clear and simple
private TimeSpan m_Timeout = TimeSpan.FromSeconds(8);? Well, he is a C programmer, and C has no actual concept of TimeSpan. Instead, everything taking a time span takes a number of milliseconds...
Again, he offered proof that you can write C code in C#.
-
@BernieTheBernie said in WTF Bites:
you can write C code in C#
But here's the kicker: I've never actually written C code (outside of college). I amaze myself...
-
@BernieTheBernie said in WTF Bites:
C programmer, and C has no actual concept of TimeSpan
C or C++? Very different languages, even though the later mostly includes the former as a subset.
The later does, now, have a concept of a timespan though, std::chrono::duration. It is constructed like
std::chrono::seconds(8).@BernieTheBernie said in WTF Bites:
Instead, everything taking a time span takes a number of milliseconds...
Only on Windows. On Unix it generally takes either microseconds,
struct timeval, which has seconds and microseconds, orstruct timespec, which has seconds and nanoseconds. Which function takes which is rather random. It would be too easy otherwise.
-
-
@PleegWat
struct tmis a time point, not a duration, and only has precision of 1 second. It can only be converted to and fromtime_t, nottimevalortimespecdirectly, though of course you can stick thattime_tinto the seconds member of those structs easily.
-
They must have mixed up imperial and metric booleans. They should talk with NASA about that...
NASA does not mix these things up—NASA uses metric everywhere. It's just that the rest of the USA is misguided on the matter.
Mars Probe Lost Due to Simple Math Error
NASA lost its $125-million Mars Climate Orbiter because spacecraft engineers failed to convert from English to metric measurements when exchanging vital data before the craft was launched, space agency officials said Thursday.
-
They must have mixed up imperial and metric booleans. They should talk with NASA about that...
NASA does not mix these things up—NASA uses metric everywhere. It's just that the rest of the USA is misguided on the matter.
Mars Probe Lost Due to Simple Math Error
NASA lost its $125-million Mars Climate Orbiter because spacecraft engineers failed to convert from English to metric measurements when exchanging vital data before the craft was launched, space agency officials said Thursday.
... which agrees with what @Bulb said.
-
-
@BernieTheBernie said in WTF Bites:
What ? Only on "common" mobile data, not on "roaming" in a far away (i.e. very expensive) country?
Considering us Swedes are banned from entering pretty much every country over overblown Covid fears I do not think that is a risk anytime soon...
-
Swedes are banned from entering pretty much every country over overblown Covid fears
Well, at least there's some benefit from the lockdown.
-
Finally a new release from Connection failed! I hope Error code 8 will be at least as good as Error code 7!
-
Word can't auto-save locally
-
@TimeBandit said in WTF Bites:
Word can't auto-save locally
Is that a new unfeature? I think it did it earlier.
-
-
When a player selected a custom "Install Location" in the Dungeons installation dialog, the Dungeons Launcher was taking that location and naively considering that only files written by the Dungeons Launcher would live there. Thus, when uninstalling the Launcher, the uninstall logic would simply delete that "Install Location" folder, to leave no traces of program files created by the Launcher on disk.
We didn't consider that the custom location chosen by players could also have files belonging to other programs in it.
-
@Zerosquare said in WTF Bites:
We didn't consider that the custom location chosen by players could also have files belonging to other programs in it.
And it definitely shouldn't. But the installer should check it before installing.
-
@Zerosquare said in WTF Bites:
We didn't consider that the custom location chosen by players could also have files belonging to other programs in it.
And it definitely shouldn't. But the installer should check it before installing.
Then another program could be installed there later and you'd still have the same problem. The uninstaller should only delete files created by the installer instead of just nuking everything.
-
@topspin If the installer is properly upfront about requiring a new directory that it will have complete control over then there is no helping the user. If the installer has good idea what actually belongs to the application, which means the application does not create any files there itself and does not install any plugins via other means than the installer etc., then the installer can properly clean it up, but often that's not the case.
-
@topspin the problem with adding software protections against human stupidity is that human stupidity will always win. Sure - a user can install two programs in the same location; but what you gonna do when some files overwrite each other?
When someone drives too fast on a corner, slides off the road and hits a tree, nobody blames the car manufacturer. But somehow the same principle doesn't apply to software.
-
Here's a possible scenario:
- User chooses to install in "C:\Program Files", expecting the installer to create a subfolder.
- Instead, the installer copies everything to "C:\Program Files" directly.
- Later, the user uninstalls the software.
- The uninstaller cheerfully deletes "C:\Program Files" and its contents.
- User goes
It's not the first time such a blunder happens, and that's why there's a golden rule for installers: only delete files that you created. It's much better to err on the side of caution and leave a few files behind than accidentally delete something you shouldn't have.
An even better solution is not to reinvent the wheel, and use the installation features every modern OS has.
-
This post is deleted!
-
@Zerosquare said in WTF Bites:
Instead, the installer copies everything to "C:\Program Files" directly.
Asking for an installer which won't even check its installation directory is empty before installing to keep track of its files seems like a stretch.
-
@Zerosquare said in WTF Bites:
An even better solution is not to reinvent the wheel, and use the installation features every modern OS has.
Hey!
-
@Zerosquare said in WTF Bites:
An even better solution is not to reinvent the wheel, and use the installation features every modern OS has.
You mean, like the Debian Package Manager released in 1994?
-
Asking for an installer which won't even check its installation directory is empty before installing to keep track of its files seems like a stretch.
Well, considering upgrades are just another install that installs into a pre-existing directory, they probably broke their brains and decided "we can't check". And you really expect them to do versioning correctly? I'll bet they tried using MSI, but on V2 of their product, one of their files went from v1.2 to v1.1. "OMG MSI CAN'T WORK!!! WE'RE TOO STUPID TO VERSION CORRECTLY AND MSI GOT CONFUSED" (yeah, I worked on msi installers for a couple years)
Open source | TechRepublic
Loading...
