The Daily WTF

Sometimes the writing is on the wall; sometimes, you know you have to get out. Today's submitter, Pietyr, was in just that sort of situation. He decided to head for greener pastures, hoping for a job with a good atmosphere, someplace where he could take it easier and enjoy his work more.Initech was a startup, one that didn't have any clients yet. No external deadline pressure, just venture funding and free beer Fridays. Pietyr gave them a call and spoke with their receptionist-who-was-also-HR, Chrysanthemum."May I call you Chrissy?" he asked, trying not to laugh."You can call me anything you like, Sugar, so long as it's not 'late for dinner.'"Pietyr scored an interview same day—"Come on over when you get a chance, darling, we're here all afternoon"—and so, at 4:00, he called off for a doctor's appointment and drove to the site. It was a suite in a larger building, all one dim room, lit mostly by Christmas lights ... in March. A dozen people crowded onto long tables, plugging away at MacBooks, entirely uninterested in his arrival. While Chrissy answered phones, he watched a good ten minutes of Kindergarten Cop on the large TV they clearly had on for white noise in the background.At least it's different, he told himself."Mr. Taberd will see you now," Chrissy said, interrupting Arnold."Ah, right. And that is ...?""The CTO."With no further preparation than that, he was ushered into a side room, little bigger than a closet, into which a lean blond man and a midsize desk had been crammed unceremoniously. He shook hands, sat, and let the CTO do most of the talking."What's the biggest issue with cloud computing?" Mr. Taberd finally asked, leaning forward."Security?" guessed Pietyr."Wrong! It's monitoring. When you don't have access to the servers, you don't know what they're doing! But that's where Initech comes in," boasted the blond, in what was clearly a prepared elevator pitch. "Windows is always doing things under the hood, and it's impossible to tell what at scale. Not without a centralized system. What we're doing here is hooking the Windows API calls—""Which ones?""All of them! Every API in the user, gdi, and networking DLLs, plus some of the internal kernel functions. We hook them through a backdoor my boys have cooked up, save off all the parameters whenever they're called. Our background process reads those parameters from shared memory, ships them to a cluster of databases—we're doing about 250 elastisearch instances per server—and reads it all into our responsive web frontend. That way you know exactly what it's doing at all times!"Pietyr could tell right away it would never work. Not even in Windows XP, let alone more secure versions. Too much overhead; it would bring the monitored server to its knees.But, on the other hand, free beer. And hey, if the product never sold, he could kick back and take it easy, right? As soon as Tabard mentioned free lunch every day—"Thanks to our Venture Capital funds!"—he was in.He took the job, working on the low-level hook code so that all the cloud nonsense was someone else's problem. A month later, he received a letter informing him his shares were effectively worthless. Fine by him, since he had no shares anyway.It took another month before he casually asked a coworker how long they'd been working there."Oh, not long. Only about two years.""Really? You must have been here since the beginning then, or nearly," Pietyr commented. He would have guessed from the codebase the company had only been running six months or so, but he kept that to himself."No, no. Jan has been here all seven years, I've only been here two."Pietyr stared. "Seven years?! You've been working on this with no customers for seven years?!""Well, I heard a rumor we've got a client about to sign up for the beta.""A rumor." Pietyr sighed, firmly placing the conversation in the not-my-business bucket, and got on with his work. Still, the sense of unease didn't leave him.A month after that, the unthinkable happened: Taberd not only left his little office, but turned off the television. "Alright, everyone, listen up! Stop what you're doing. We're out of money."And just like that, Pietyr was back on the job market. That day, he learned a valuable lesson: don't let free beer convince you to ignore red flags. [Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!

Not so long ago in 2015, Carl C. was asked to give a talk to an amateur radio club. The venue was a local church that rented out their meeting hall to various community groups, businesses, and even the odd academic session. The space boasted a multimedia setup with several video screens, making it a great place at which to present.Carl prepared his talk, and a PowerPoint slide deck to go with. On the day of the presentation, he arrived at the meeting hall with plenty of time to spare. Alone in silence, he headed toward the front of the room and surveyed the technical setup. Thankfully, it was straightforward: there was a table set up in front of the projector screen, with a VGA connector resting directly on it. Carl unpacked his laptop, retrieved the HDMI-to-VGA adapter he'd brought along, and began plugging everything together."NOOO!"Carl jumped, then glanced up wide-eyed like a deer in headlights. It wasn't a truck bearing down on him, but rather a flustered gentleman hugging a laptop to his chest."I'm the IT guru here," he introduced himself breathlessly, hurrying around the table to all but elbow Carl aside. "We don't allow outside computers to be connected to our system. That's how viruses spread! You'll have to run your presentation from our computer." He connected his own laptop to the AV system in lieu of Carl's."Uh ..." Carl blurted."Yes?" The guru fixed him with a withering stare.I'm not joining your network, Carl thought. There's no such thing as VGA viruses! But the stare was so intense that the objections died before they left his throat."How, uh ... how do I get my presentation on there?" he asked instead, gesturing to the guru's laptop."Can you copy it to a USB stick?" the guru asked. "That's the best way."Right. No one's ever gotten a virus from a random USB stick. Biting his lip to short-circuit a laugh, Carl dug through the side pockets on his laptop bag. "I think I've got one with me." [Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

Alvin had the fortune of working with an exceptional talent while he was employed at Virtucon. Bart knew how to do everything from desktop support to software development to database administration to IT security. Not only was he proficient in all of them, he also knew them better than those with many years of experience.Bart had been with Virtucon since the early days, racking up nearly 20 years of tenure. During this time, he 'mastered' everything and asserted himself to the point that no changes could happen without his approval. His changes were auto-approved because of course any idea he had was a good one. This led to myriad problems for fellow IT people like Alvin, who were hired after Bart."Be wary of Bart," Alvin was warned by his coworker Bob, who was Bart's junior by a couple years. "He has a long history of buffoonery, yet has somehow ascended to the #3 position in IT." Alvin sipped on a generous mug of coffee while Bob regaled with the Ballad of Bart. From the time he was just a helpdesk intern that put his shoulder through a core switch after tripping while carrying boxes, Bart was wrecking things.When Bart worked his way up to server support, he 'fixed' an Exchange issue by restoring a backup into production without warning because "It worked when the backup was taken." When he was assigned a web server problem, he spent a few days troubleshooting it without asking for any help. When he finally gave in, he told Bob that he couldn't figure out a frustrating IIS HTTPS binding issue. Bob explained to him that something else had to be the problem because the server was running Apache 2.4 on Ubuntu 16.04 LTS.When Bart added software development to his repertoire, he clearly didn't understand how code changes worked. Or code repositories for that matter. He always wanted to be the one to fix problems, so he would stick his nose in code that it didn't belong.Bart once tried to make fee schedule changes to accounting software by opening its PowerBuilder libraries in Notepad++. He proceeded to print out the .PBL and use a pencil to scribble out every value from the old schedule and wrote in the new ones. He then scanned his penciled changes in as a PDF and emailed it to Bob to implement.Frustrated, Bob spent an entire day showing Bart how their GitHub repositories worked. He seemed to understand, so Bob went on his way. While Bob hoped Bart wouldn't actually produce any more code, perhaps it would save their printer some toner if he did. The next day, all the developers were complaining to Bob that they couldn't access GitHub. It turns out Bart saw GitHub as a threatening malicious code breeding ground so he had a network admin block it on the firewall. He then sent an email to development staff explaining this and that they were supposed to now use 'BartHub', a file share he set up on his own computer.Bob and the developers managed to distract Bart by pointing out how the DBA team needed help. The first thing he did was try to create an SSRS report using a series of text boxes in a grid to make a matrix. The DBA's had a good laugh at that until Bart started to commit worse atrocities.One day an entire metrics database suddenly became a bunch of null values, which is not very helpful for metrics. Bart threw a fit because the data he was working on was gone. He demanded whomever messed up the data be hunted down. He suggested that missing historical data could be found by performing 'key triggers', whatever those were. He emphasized his point by making hand motions like he was scrambling a Rubik's cube. They ignored him and a lead DBA ran a profiler trace to find that the unconstrained null updates came from... Bart's workstation.Alvin had long since imbibed his coffee when Bob finished his story. Bob turned back to his workstation to check his email, "Oh, would you look at that. I guess we have some changes up top!" The email stated that the current VP of IT was announcing his retirement after 30 years at Virtucon. The CTO would be taking on that new role at the end of the month.The transition plan began and the CTO was groomed to take over. That plan was shredded a week before it was to take place because the CTO suddenly found himself unemployed. The finance department was investigating his use of the company credit card and found thousands of dollars in personal charges, so he was unceremoniously terminated. Turmoil gripped the office as an entire department waited to find out who their new leader would be.Everyone except Bart put in a good word for Bob to become the next VP of IT. At minimum, they should hire someone from the outside. Pretty much anyone but Bart was the popular suggestion.Bart predictably put in a good word for himself and talked a big game about all of his expertise. He added security expert to his resume by talking about disabling his home WIFI’s SSID broadcast and changing the default password. Then there was the previously-unmentioned experience as an IT Project Manager where he apparently led several teams at Schmoeing.That Friday, that dreaded email with the subject New VP of IT came out. Being the most tenured person remaining while having "great leadership qualities," Bart got the promotion and Bob didn't. Many job search sites probably thought they were getting a DDoS attack over the weekend while everyone in Virtucon IT looked to abandon ship. Bart's reign of terror lasted 18 months before Virtucon realized they made a grave mistake. Bob, Alvin, and many others weren't around to see the way it all ended. [Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

Radio WTF Presents!Jump to transcriptWelcome back to Radio WTF. This week, we learn of the power of confidence.Soundcloud Links:Radio WTF: ConfidenceDirect Download:DownloadStarring (in order of appearance)Remy Porter... as Kyle

A couple weeks back, I posted the Free Mug Day campaign: run through the quick BuildMaster tutorial, and I'll send you a free mug. Today, I have a slightly different offer: meet me at InedoCon (Portland, May 22/23) as a TDWTF delegate, and let's chat software over scotch!Why Portland? As part of the mug campaign, I asked everyone to share their feedback/comments/advice, and I got lots of suggestions on how we can improve the software itself. That was great, and then I saw this:

If you ask an engineer whether it's safe to cross a bridge, he'll happily walk you through how safe bridges are, how the mathematics work out, how far we've come in structural safety. You'll come away from the conversation feeling confident that no bridge will ever collapse anywhere on the face of the Earth. If you ask a software engineer about banks, however, you'll likely come away terrified, with a 50/50 chance you're now convinced to put all your money in bitcoin. Banks are notorious for bad software decisions—not so much because the decisions are worse, but because most people assume banks are more careful and security-minded.Today's submitter, Kato, worked at Inibank, where they used a commercial product called T24 as the core of their banking system. T24 is used by hundreds of banks worldwide. It's customizable for a wide range of banking solutions, and so like most large customizable suites, there are programmers that specialize in writing custom code for it and consultants that will hold your hand through major upgrades.Inibank brought in a consultant to take on a special project while their resources were busy. At the end of the business day, there is a Close Of Business process that has to be done to ensure all the money gets where it's going, all the appropriate outputs are recalculated, and all the relevant reports are run. In banks, this also changes the system's date to the next working day—which is why if you do online banking on a Sunday, none of it begins to process until Monday morning. The consultant was meant to create a new report that would run during the Close Of Business process, which would do extra processing if it were also the End of Month.Kato sat down with the new guy, showing him how they'd set up their end of day reports. "You see here, there's a global for the last working day, one for today, and one for the next working day. Those are YYMMDD, so they're easier to work with.""Right, right okay, gotcha. Gotcha. And what format is that?""... I don't know the standard off the top of my head, but it's year, month, day.""Right, right, okay. Cool. I'll get right to work, then."Kato walked away from the conversation with a sinking feeling in the pit of his stomach, but he tried to ignore it. The consultant said he was all set up and ready. Surely he knew what he was doing, right? Kato put it out of his mind, and didn't worry about it again until it came time to review the code, and he found this gem:

Many moons ago, when PCs came housed within heavy cases of metal and plastic, Matt Q. and his colleague were assigned to evaluate a software package for an upcoming sales venture. Unfortunately, he and the colleague worked in different offices within the same metro area. As this was an age bereft of effective online collaboration tools, Matt had to travel regularly to the other office, carrying his PC with him. Each time, that meant unscrewing and unhooking the customary 473 peripheral cables from the back of the box, schlepping it through the halls and down the stairs, and catching the bus to reach the other office, where he got to do all those things again in reverse order. When poor scheduling forced the pair to work on the weekend, they hauled their work boxes between apartments as well.As their work proceeded, Matt reached the limits of what his 20 MB hard drive could offer. From his home office, Matt filed a support ticket with IT. The technician assigned to his ticket—Gary—arrived at Matt's cubicle some time later, brandishing a new hard drive and a screwdriver. Gary shooed Matt away for more coffee to better focus on his patient. One minor surgery later, Matt's PC was back up and running with a bigger hard drive.One day ahead of the project deadline, Matt was nearly done with his share of the work. He just had a few tweaks to make to his reports before copying them to the floppy disks needed by the sales team. Having hooked his PC back up within his cubicle, he switched it on—only to be greeted with a literal bang. The PC was dead and would not start.After a panicked call to IT, Gary eventually reappeared at his desk with a screwdriver. Upon cracking open the PC case, he immediately cried, "Wait a minute! Have you been carting this PC around?"Matt frowned. "Er, yes. Is that a problem?""I'll say! You weren't supposed to do that!" Gary scolded. "The hard drive's come loose and shorted out the workings!"Matt darted over to Gary's side so he could see the computer's innards for himself. It didn't take long at all to notice that the new hard drive had been "secured" into place using Scotch tape."Hang on! I daresay you weren't supposed to do that!" Matt pointed to the offending tape. "Shall I check with your manager to be on the safe side?"Gary's face crumpled. "I don't have access to the proper mountings!""Then find someone who does!"Armed with his looming deadline and boss' approval, Matt escalated his support ticket even higher. It didn't take long at all for genuine mounting brackets to replace the tape. He never learned why IT techs were being deprived of necessary hardware; he assumed it was some fool's idea of a brilliant cost-cutting measure. He had to wonder how many desperate improvisations held their IT infrastructure together, and how much longer they would've gone unnoticed if it hadn't been for his PC-toting ways. [Advertisement] Forget logs. Next time you're struggling to replicate error, crash and performance issues in your apps - Think Raygun! Installs in minutes. Learn more.

People like hot dogs until they see how it's made. Most people don't ask, because they don't want to know and keep eating hot dogs. In software, sometimes we have to ask. It's not just about solving problems, but because what scares some programmers is the knowledge that their car's software might be little more than the equivalent of driving duct-taped toothpicks down the highway at 70MPH. Our entire field is bad at what we do.Brett worked as a system analyst for a medical research institution, MedStitute. MedStitute used proprietary software for data storage and analysis, called MedTech. Doctors and researchers like MedTech's results, but Brett his co-worker Tyree- know how it's made.The software has no backend access, and all software development happens in a "click-to-program" GUI. The GUI looks like it was built from someone who learned to code by copy/pasting from 1990s era websites, watching ten minutes of Jurassic Park, and searching StackOverflow until something compiled. The "language" shows the same careful design philosophy. Every if must have an else. Some modules use booleans, some return an empty string to represent false values. Documentation is unclear about which situation is which. Essentially, every if statement becomes three statements.Brett needed to launch a new study. A study depends on some basic set of statistics and groups patients based on a randomized variable. Brett looked through the list of variables he could randomize on, and the one he wanted was missing. Brett assumed he made a mistake, and went back a few screens to check the name, copying it down for reference. He went back to the list of randomizable variables. It wasn't there. He looked closer at the list. He noticed that the list of randomized variables only included data from multiple-choice fields. The field he wanted to randomize on was based on a calculated field.Brett knew that Tyree had worked on another project that randomized on a calculated field, so he messaged Tyree on Slack. "How did you code this random variable? In Medtech it won't let you?""I'm on a conference call, let me call you afterward," Tyree wrote.A few minutes later, Tyree called Brett."What you have to do is start with two fields. Let's call it $variable_choice, that's a multiple choice question, and $variable_calced that's your calculated field. When you want to create a variable that randomly selects based on your calculated field, you start by telling Medtech that this random variable is based on $variable_choice. Then you delete $variable_choice, and then rename $variable_calced to be $variable_choice.""Wait, they allow you to do that, but don't allow you to randomize calculated fields any other way? And they don't check?""Hopefully, they don't decide to start checking before this project is over," Tyree said."This study is supposed to go on for ten years. This project succeeding comes down to them never treating this workaround as a bug?""It was the only solution I could find. Let me know if you need anything else?"Brett wasn't completely satisfied with the hack and went back to the documentation. He found a "better" solution: he could make a read-only multiple-choice field with only one choice, the value of the calculated field, as the default answer. Unfortunately, it was possible that the user would alter the list unintentionally by answering the multiple-choice question before the calculated field was evaluated.Ultimately, the only choice left to Brett was to take his lunch break, go to the cafeteria, and order two hot dogs. [Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!

Long time, no mug! It's been an insanely long time since we've held a Free TDWTF Mug Day. So long that I'm sure most of you have forgotten the joy that is free mug day. Here's how it works:I've been pretty excited about BuildMaster 6.1, in part because it returns the product to my original vision of helping developers focus on writing great software instead of worrying about how to build, test, and deploy it from source code to production. Or, CI/CD as we'd call it today.I'd love to get your feedback on the release, and perhaps ideas on how I can work to improve the product. If you'd be willing to help me, I'll send you one of these beautiful, oversized TDWTF mugs, as modeled by Jawaad M:To get one, all you have to do is either download/install BuildMaster or spin up our pre-made virtual machine(AMI) image, then run through this quick configuration and fill out this form with your name, address, etc. It should take all of 15 minutes or so to complete.Everything's free, and there's no credit card needed, or anything like that. In fact, you can keep using BuildMaster for free if you'd like -- there's no server, application, or even user limit.This offer expires on March 31, 2019, and supply is limited to 250, so sign up soon! To get started, just follow this link and, in a few weeks time, you'll not only be more knowledgeable about BuildMaster, but you'll be enjoying beverages much more fashionably with these nice, hefty The Daily WTF mugs. [Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!

Carl C spent some time in the late 1980's at a software firm that developed avionics and global positioning systems for military and civilian customers. In their employ, he frequently visited Schlockdeed Corp, a customer with a contract to develop a new generation of jet fighters for the US military. Due to the top secret nature of their work, security was a big deal there.Whenever Carl entered or left the facility, he had to pass through the security office to get clearance. They would thoroughly inspect his briefcase, jacket, lunchbox, and just about everything short of a full cavity search. Despite the meticulous nature of daily inspections at Schlockdeed, some of their "security measures" bordered on the absurd.During this era of Sneakernet-type transfers of information, it wasn't uncommon for a programmer to take a box full of floppy disks to and from work every day. Schlockdeed had a rather lax policy regarding disk transportation even though it would be a super easy way to steal their secrets. Subcontractors like Carl would be issued a "media pass" after passing the initial background check to work with Schlockdeed. It was a card that allowed them to carry any number of floppy disks in and out of the building without question.Carl's tenure was uneventful until he decided to bring his beloved HP-41CX calculator to the office. They were working on some complex algorithms and drawing up equations on a chalkboard was taking too long, so Carl hoped to speed up the process. During his morning inspection, Bill the security guy pulled out the HP-41CX and immediately had a concerned look come over his face.Bill reached for the radio on his shoulder, "Paulie, we're going to need you. We have a situation." Carl became extremely confused. Had the 41CX been known to be used in bombs? Was it April Fool's Day? "Sir, we need to send you to our CIO for secondary inspection. Right this way," Bill motioned.Carl's face flushed as he wondered what kind of trouble he was in, especially since "trouble" could quickly escalate to handcuffs and holding cells. He also wondered why a Chief Information Officer would be doing secondary security inspections. Bill led him to Paulie's office, which housed a portly man with a sweet 80's mustache. The nameplate on his desk identified him as the Calculator Inspection Officer."I'm gonna need to see yer adding machine there, buddy," Paulie said, holding his hand out. Bill placed the HP-41CX in his palm. He gave it a closer look and grunted, "I'll have to confiscate this from you. It's got internal memory in it, y'see, so you could potentially use it to sneak secrets out. You can have it back at the end of the day, but don't let me ever catch you bringing this here again!" Bill led a calculator-less Carl back to the main security office.On the way, Bill explained how programmable calculators were strictly forbidden in the facility. Paulie was in charge of enforcing this policy and took his job very seriously. If Carl wanted to bring a calculator, it would have to be a very basic model. Once Paulie approved it, an "AC" (Approved Calculator) sticker would be placed on the back to allow its entry. Feeling discouraged without his HP-41CX, Carl resigned himself to inhaling chalk dust for the rest of his time at Schlockdeed. At least he had a media pass, so he could still freely take floppy disks in and out of the facility. [Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!