WTF Bites
-
@Gribnit "Oh, by the way, which one are we, actually?"
-
I find absolutely nothing confusing in that. It's just the common practice.
The Philippines has a couple of
freedom fighterterrorist groups, two of which are the Revolutionary People's Army and the New People's Army, with the RPA being the reformist wing and the NPA the older of the two.Fuck off! 'Judean People's Front'. We're the People's Front of Judea! 'Judean People's Front'.
… was this the inspiration? Or the other way around?
-
I find absolutely nothing confusing in that. It's just the common practice.
The Philippines has a couple of
freedom fighterterrorist groups, two of which are the Revolutionary People's Army and the New People's Army, with the RPA being the reformist wing and the NPA the older of the two.Fuck off! 'Judean People's Front'. We're the People's Front of Judea! 'Judean People's Front'.
… was this the inspiration? Or the other way around?
The NPA is (obviously, right?) older than Life of Brian, so …
-
I find absolutely nothing confusing in that. It's just the common practice.
The Philippines has a couple of
freedom fighterterrorist groups, two of which are the Revolutionary People's Army and the New People's Army, with the RPA being the reformist wing and the NPA the older of the two.Fuck off! 'Judean People's Front'. We're the People's Front of Judea! 'Judean People's Front'.
… was this the inspiration? Or the other way around?
The NPA is (obviously, right?) older than Life of Brian, so …
Correct. Neither.
-
@Gern_Blaanston The oldest still-standing bridge in Paris is the pont neuf ("new bridge").
-
Some joker (or a broken device) sent some log to some endpoint, signed with a
\0
-containing string. This string bounced around a couple of times in Kafka Streams, got saved in some state stores, before finally crashing this one service that tried to ask a Postgres database for some rows containing such a string.
Now,abc\0def
is of course valid unicode, but you cannot use it as text/varchar type in Postgres - driver throws an exception. Apparently it uses null-terminated strings internally.Restarting the service doesn't work, because that message is still there, unconsumed. Now I have to harden everything against this "attack" - which means pretty much recursively walk all incoming JSONs and throw an error when I find any
\0
.This wouldn't be an issue in a normal web service (worst thing the client would get 500), but with Kafka inbetween it blocks processing indefinitely. I wonder how many apps out there are vulnerable to this kind of attack.
-
In other news, our front end is thriving:
1.7G node_modules/
-
@sebastian-galczynski injecting null values where they don't belong is an old tool in the toolkit of attackers. So I'd say it's all over the place. SQLi is still in the top ten of vulnerabilities after all.
-
@sebastian-galczynski I don't have my work laptop on me but that feels like rookie numbers.
-
injecting null values where they don't belong is an old tool in the toolkit of attackers.
Of course it is, but I still didn't expect it in this context (scripting languages and the most popular database). Crashing (or exploiting) some in-house C program would be a more typical case.
-
@sebastian-galczynski said in WTF Bites:
injecting null values where they don't belong is an old tool in the toolkit of attackers.
Of course it is, but I still didn't expect it in this context (scripting languages and the most popular database). Crashing (or exploiting) some in-house C program would be a more typical case.
Oh, I've seen a few web servers that go all wonky from null values the last few years.
-
I don't have my work laptop on me but that feels like rookie numbers.
It gets better: I deleted node_modules, reinstalled, and now it's "only" 1.4GB. Which is kind of expected, because the dockerfile uses 'npm install', not 'npm ci', and in this case package-lock doesn't lock.
Edit: I ran this snippet, and there are 4 copies of react. I wonder which one renders the page?
-
@sebastian-galczynski It took the second mention of the name for me to understand that Kafka is actually the name of a software.
Whose bright idea was this? While not outright Titanic-II grade, this is on par with naming a brand of condoms after a people infamous for letting in something they shouldn't have...
-
@Medinoc Kafka is an Apache project.
Apache Kafka is a distributed event store and stream-processing platform. It is an open-source system developed by the Apache Software Foundation written in Java and Scala.
-
Whose bright idea was this?
Apparently it was originally developed at LinkedIn. Maybe they had some complicated recruitment Process in mind?
-
Did you know winter is highly correlated with less daylight? No, really. As strange as it may sound, research confirms it!
It is also more likely to snow (perhaps also rain) in winter than in in summer! If you go out without a jacket, you can catch a cold. If you want to fight in the dark and don't have equipment that lets you see in the dark, you're likely not to be in the mood for fighting.Behold
herhis majesty's intelligence:
When the snow is on the grass, Putin shall never come to pass!
When the thunder is in the east, it’s good for neither man nor beast.
When the thunder is in the north, Lukashenko will venture forth.
When the thunder is in the south, Crimea's glory do bemouth.
When the thunder is in the west, you fukt up.
-
@LaoC It is highly important news and valuable information that Ukraine is not located down under, where during British winter, daylight will last long, and temperatures may be higher than during other times of the year.
-
@BernieTheBernie said in WTF Bites:
@LaoC It is highly important news and valuable information that Ukraine is not located down under, where during British winter, daylight will last long, and temperatures may be higher than during other times of the year.
I'd have missed it if it wasn't for the secret service!
-
@BernieTheBernie said in WTF Bites:
@LaoC It is highly important news and valuable information that Ukraine is not located down under, where during British winter, daylight will last long, and temperatures may be higher than during other times of the year.
I'd have missed it if it wasn't for the secret service!
The British intelligence offices are well known for releasing both real and chaff intel, but I am being garroted so I will say no more.
-
Laughing my ass off: SAP wants to make their users to be programmers.
SAP.
Yes, really: SAP.
The fucking complicated program where nothing works in a reasonable way. And their users ought to program that themselves...An article in the FAZ (in german):
-
@LaoC Was this startling update by any chance prepared by an officer in the Ministry of Defense with the surname of Obvious and who holds the rank of captain?
-
@HardwareGeek it was delivered by an elderly man wearing only a bathrobe and smoking an unlit pipe upside down.
-
@BernieTheBernie said in WTF Bites:
Laughing my ass off: SAP wants to make their users to be programmers.
SAP.
Yes, really: SAP.
The fucking complicated program where nothing works in a reasonable way. And their users ought to program that themselves...An article in the FAZ (in german):
You're laughing but this is how COBOL happened.
-
-
@BernieTheBernie said in WTF Bites:
Laughing my ass off: SAP wants to make their users to be programmers.
SAP.
Yes, really: SAP.
The fucking complicated program where nothing works in a reasonable way. And their users ought to program that themselves...An article in the FAZ (in german):
You're laughing but this is how COBOL happened.
Those who don't know COBOL are doomed to PERFORM THE-THING WITH TEST AFTER UNTIL COUNT=NaN.
-
Re the "new" discussion. Just found this in our database:
-
@BernieTheBernie said in WTF Bites:
SAP wants to make their users to be programmers.
SAP.
Yes, really: SAP.The article talks about the usual shit, drag and drop programming, low code and no code.
Sounds like pipe dreams that already failed in the 90s, but then I think MS's business arm is also pushing this stuff and even my iPhone has a flow diagram lego editor in the form of the "Shortcuts" app now.But the really ironic part is that it's fucking SAP. Just like Oracle, aren't they known for selling software that requires an army of Highly Paid Consultants to program in their terrible programming language?
-
@BernieTheBernie said in WTF Bites:
SAP wants to make their users to be programmers.
SAP.
Yes, really: SAP.The article talks about the usual shit, drag and drop programming, low code and no code.
Sounds like pipe dreams that already failed in the 90s, but then I think MS's business arm is also pushing this stuff and even my iPhone has a flow diagram lego editor in the form of the "Shortcuts" app now.But the really ironic part is that it's fucking SAP. Just like Oracle, aren't they known for selling software that requires an army of Highly Paid Consultants to program in their terrible programming language?
Of course, that's why it makes sense. Programming in their terrible Drag&Drop programming language will be even more soul-crushing and (hopefully) even straight-out cause insanity after prolonged exposure. This means that it will be even harder to find these consultants, so they will dictate even higher price.
Also, don't forget the theory that SAP is actually a front of Elder Gods cult. But they say the same about Oracle and IBM, so
-
@Kamil-Podlesak said in WTF Bites:
straight-out cause insanity after prolonged exposure. This means that it will be even harder to find these consultants, so they will dictate even higher price.
But it sounds like the idea is that it's not the HPCs that should do the programming, but the normal idiots in administration who already can't use Email or Word correctly, even though it's the fucking tools of their job.
-
@Kamil-Podlesak said in WTF Bites:
Also, don't forget the theory that SAP is actually a front of Elder Gods cult. But they say the same about Oracle and IBM
They all are, just for different deities. I think it's pretty well established that IBM worships Yog-Sothoth.
-
@BernieTheBernie said in WTF Bites:
SAP wants to make their users to be programmers.
SAP.
Yes, really: SAP.The article talks about the usual shit, drag and drop programming, low code and no code.
Sounds like pipe dreams that already failed in the 90s, but then I think MS's business arm is also pushing this stuff and even my iPhone has a flow diagram lego editor in the form of the "Shortcuts" app now.But the really ironic part is that it's fucking SAP. Just like Oracle, aren't they known for selling software that requires an army of Highly Paid Consultants to program in their terrible programming language?
Their language is crappy and , but it was almost certainly conceived with a vision that the business experts will be able to encode the business rules themselves. So I think they are actually returning to their roots and trying to give the pipe night dream another shot.
-
@Kamil-Podlesak said in WTF Bites:
straight-out cause insanity after prolonged exposure. This means that it will be even harder to find these consultants, so they will dictate even higher price.
But it sounds like the idea is that it's not the HPCs that should do the programming, but the normal idiots in administration who already can't use Email or Word correctly, even though it's the fucking tools of their job.
That's the sales pitch. The HPCs show up later once you've realized that your lusers will never be able to make that shit work.
-
When the thunder is in the west, you fukt up.
like when a anti-air missile goes kurwa?
-
When the thunder is in the west, you fukt up.
like when a anti-air missile goes kurwa?
They were supposed to hit przewody, not Przewodów
-
@BernieTheBernie said in WTF Bites:
SAP wants to make their users to be programmers.
SAP.
Yes, really: SAP.The article talks about the usual shit, drag and drop programming, low code and no code.
Sounds like pipe dreams that already failed in the 90s, but then I think MS's business arm is also pushing this stuff and even my iPhone has a flow diagram lego editor in the form of the "Shortcuts" app now.Sounds like yet another attempt to reduce the complexity of something below the minimum.
But the really ironic part is that it's fucking SAP. Just like Oracle, aren't they known for selling software that requires an army of Highly Paid Consultants to program in their terrible programming language?
Next we'll get HPCs writing customisations in their replacements for a programming language (which will look just like a programming language once you file off the serial numbers).
-
@Kamil-Podlesak said in WTF Bites:
Also, don't forget the theory that SAP is actually a front of Elder Gods cult. But they say the same about Oracle and IBM, so
We have enough software consulting behemoths in the world for an entire pantheon of Elder Gods.
-
@BernieTheBernie said in WTF Bites:
in german
it's SAP ... if it's incomprehensible it probably is in german.
Also SAP is as humorous as the average German.Also also it's an obvious secret that it all is just a ruse to force users to obtain enough consultancy hours.
Also also also ... the screenshots gives me a strong MS Power Automate/Apps vibe
so new wine in old bags. No that is not how that goes: old wine in new hags! Perfect!
-
@Vault_Dweller
The responsible was probably let go ...
-
This post is deleted!
-
@sebastian-galczynski said in WTF Bites:
When the thunder is in the west, you fukt up.
like when a anti-air missile goes kurwa?
They were supposed to hit przewody, not Przewodów
W świetle Przewodów, w cieniu Sufitów...
(Translation: Przewodów is in the spotlight, while Sufitów is in the shadow.)
-
@boomzilla said in WTF Bites:
That's the sales pitch. The HPCs show up later once you've realized that your lusers
will never be able to make that shit work.have irrevocably lost all the critical data the company depends on.
-
@boomzilla said in WTF Bites:
@Kamil-Podlesak said in WTF Bites:
straight-out cause insanity after prolonged exposure. This means that it will be even harder to find these consultants, so they will dictate even higher price.
But it sounds like the idea is that it's not the HPCs that should do the programming, but the normal idiots in administration who already can't use Email or Word correctly, even though it's the fucking tools of their job.
That's the sales pitch. The HPCs show up later once you've realized that your lusers will never be able to make that shit work.
See also: Salesforce
-
-
@Kamil-Podlesak said in WTF Bites:
don't forget the theory that SAP is actually a front of Elder Gods cult. But they say the same about Oracle and IBM, so
They are not in fact affiliated with us but certain arrangements exist.
-
@Kamil-Podlesak said in WTF Bites:
don't forget the theory that SAP is actually a front of Elder Gods cult. But they say the same about Oracle and IBM, so
They are not in fact affiliated with us but certain arrangements exist.
Fuck them all!
-
@Tsaukpaetra said in WTF Bites:
@Kamil-Podlesak said in WTF Bites:
don't forget the theory that SAP is actually a front of Elder Gods cult. But they say the same about Oracle and IBM, so
They are not in fact affiliated with us but certain arrangements exist.
Fuck them all!
Oh my. Well, where to make a start. How many directions do you move in time?
-
-
@loopback0 said in WTF Bites:
@boomzilla said in WTF Bites:
@Kamil-Podlesak said in WTF Bites:
straight-out cause insanity after prolonged exposure. This means that it will be even harder to find these consultants, so they will dictate even higher price.
But it sounds like the idea is that it's not the HPCs that should do the programming, but the normal idiots in administration who already can't use Email or Word correctly, even though it's the fucking tools of their job.
That's the sales pitch. The HPCs show up later once you've realized that your lusers will never be able to make that shit work.
See also: Salesforce
And Atos. And a fair chunk of Microsoft. It's a very long list, and I try to not think too much about my dealings with them. All of them selling factories for making Complicators' Gloves, Now With Your Corporate Logo Branded On It™.
-
-
@ixvedeusi it was called Pipe Mania in its original form, the ports to some other platforms (wherein the name Pipe Dream came along) were done by a small video game company called LucasFilm Games.
Not one most people think of when they think of that company.