Our business-critical internal software suite was written in Pascal as a temporary solution and has been unmaintained for almost 20 years. It transmits cleartext usernames and passwords as the URI components of GET requests. They also use a single decade-old Excel file to store vital statistics. A key part of the workflow involves an Excel file with a macro that processes an HTML document from the clipboard.
I offered them a better solution, which was rejected because the downtime and the minimal training would be more costly than working around the current issues.
downtime
minimal retraining
I feel your pain. Many good ideas that cause this are rejected. I have had ideas requiring one big downtime chunk rejected even though it reduces short but constant downtimes and mathematically the fix will pay for itself in a month easily.
Then the minimal retraining is frustrating when work environments and coworkers still pretend computers are some crazy device they’ve never seen before.
The library I worked for as a teen used to process off-site reservations by writing them to a text file, which was automatically e-faxed to all locations every odd day.
If you worked at not-the-main-location, you couldn’t do an off-site reservation, so on even days, you would print your list and fax it to the main site, who would re-enter it into the system.
This was 2005. And yes, it broke every month with an odd number of days.
As weird as it may seem, this might be a good argument in favor of Pascal. I despised learning it at uni, as it seems worthless, but is seems that it can still handle business-critical software for 20 years.
Health insurance company I worked for would automatically reject claims over a certain amount without reviewing them. Just to be dicks and make people have to resubmit. This was over 25 years ago, but it’s my understanding many health insurers still pull this shit. They don’t care if it’s legal or not. Enforcement is lazy and fines are cheaper than medical claims.
Obviously this is in the USA.
The company would bid on government contracts, knowing full well they promised features that didn’t exists and never would, but calculating that the fine for not meeting the specs was lower than the benefit of the contract and getting the buyers locked into our system. I raised this to my boss, nothing changed and I quit shortly after.
I worked in government contracting (and government, for that matter) for years and that blows my mind. I can’t remember the details, but if you even had a bad reviews, much less being found noncompliant, it could disqualify you entirely from some contract vehicles for a matter of years. Wild that there’s some agency that somehow lets people get away with fraud.
Also, if that cost the government money, there’s a chance you could report that after the fact and make some money.
The contractor I worked for was run by a man who used to say “if the contract says they’ll blow up the contractor on delivery, we’re putting in a bid and solve the problem later”
eh DHCP isn’t really important right? obviously if it hasn’t changed since the 80’s why would you need to reboot your server.
what are vulnerabilities?
That I made their DropBox account, and they can’t access it anymore…
I used to work for a popular wrestling company, billionaire owner, very profitable, would write off any OSHA penalties as the ‘cost of doing business’ just as they did in 1998, when The Undertaker threw Mankind off Hell In A Cell, and plummeted 16 ft through an announcer’s table
I want to believe… but the morph has always been exactly.
“nineteen ninety eight when the undertaker threw mankind off hell in a cell and plummeted sixteen feet through an announcer’s table.”
But I want to believe…
Edit: looking back at previous shittymorph posts. Grammar, punctuation and delivery is at much higher standard… I’m sad 😢. I’m hoping that I’m way way wrong. Can anyone reach out to shittymorph on reddit to confirm?
Confirmed imposter. Sorry everyone. 😢
I assumed as much when the story didn’t go on for at least three paragraphs first.
Thank you for doing the research we all needed.
Worked at a globally popular fast food francise many years ago. They had collection boxes for a charity that they raised money for. None of the money went to that charity, but was divided between owners and managers.
I worked for an online payment company you all know. Many eployees have access to the main DB which holds all transactions and names and everything in clear text. You could basically find out all PII (personal identification information) of any celebrity you wanted given they had anaccount. Address, phone number, credit card and all. If you knew a bit of SQL you could basically find whoever person you wanted and get purchase history and all.
Cant say I didnt use this to find stuff about my exes or various celebrities.
I used to work for a cable company whose name rhymes with “bombast”. They offer a wifi service whose name is a derivation of the word “infinity”. Most of the hotspots for this wifi service are provided by the Bombast wireless routers that cable customers have in their homes. So if you’re a Bombast customer, you’re helping to pay the electrical bill and giving up bandwidth in order to provide Infinity wifi.
Another fun Bombast story: the founder, a man who always wore a bowtie, died a few years ago. At a memorial service in his honor, a number of vice presidents and other executives (including my boss at the time) wore bowties. Everyone who wore a bowtie to the service was fired within a week.
I worked as a pastor and professor for a global, evangelical television ministry/college. They knowingly conceal scholarship on the Bible and punish their pastors for asking any questions that undermine their most closely held traditions (including anti-evolution, mental illness is supernatural, etc.). They tell their US viewers that they can’t call themselves Christians if they don’t vote Republican, while still enjoying tax-exempt status. They use pseudohistorians to inspire Christian Nationalism over their network, and are one of the largest propaganda networks for the Religious Right. A U.S. Capitol police commander told me his men were fighting people who were wearing the network’s brand.
Sounds like you escaped a violent theocratic cult.
No, cults are small religions, this is a big religion
I feel like there are minimum two definitions of cult, that being a high controll group like say jones town and to a lesser but still damaging extent seventh day adventists for example and just a smaller religious grouping.
This place would 100% meet the BITE standard of cult classification.
The BITE classification was invented in order to justify hatred of small religions, by taking a word that already had a meaning (cult) and attaching a second, pejorative meaning to it. It’s like if I write a fantasy novel with a species of evil creatures called jews. Jew is already a word, and it’s a horrific act of religious persecution to take a pre-existing word for marginalised religions and spin it into an unrelated negative.
Yes, because controlling a group’s behavior, information access, thoughts, and emotions is completely acceptable. Autonomy be damned.
Office Depot sells printers at very low (or even negative) margin, and then inflates the margins on cables, paper, ink, and warranty. If you want the best deal, get the printer from OD, and everything else you need somewhere else. That $20 USB cable they sell costs them $1 and you can get the same or better online for $2.68.
An AI company… They used to manually change system event logs to show it wasn’t their software that caused the downtime for our clients.
Bought over a million dollars worth hardware (25% of which didn’t even got racked), over 200 46inch LED screens that no one used, and very expensive offices at posh locations in the bid to increase its IPO valuation.
Not strictly a company secret, but I had to sign an NDA for it, because… reasons.
I used to work for a massive conglomerate, these guys are making from components for satellites and tank to rubber gloves for hospitals, and everything in between. My job was to help the company implement regulations, work with auditors and generally follow product specific rules.
So I was on these 2 New Product Development teams and because the products needed some very specific testing equipment, we started working with local authorities and some contractors to build the testing station in the future factory. We drafted plans, prepare documents, we had an auditor come and see the place, the contractor came and checked what he needed to do, everything was going according to plan.
While all of this was happening, I was on a separate project where we were working on closing down the above mentioned factory.
Over a decade ago I worked as a freelancer for an Investment Bank (the largest one that went bankrupt in the 2008 Crash, which was a few years later) were the head of the Proprietary Trading Desk (the team of Traders who invest for the profit of the bank) asked me if I could change the software so that they could see the investments of the Client Trading Desk (who invest for clients with client money) was making, with the assent of the latter team.
Now if the guys investing money for the bank know what they guys investing customer money are doing they can do things like Front-Run the customer trades (or serve them at exactly the right price to barelly beat the competiotion) thus making more profits for the bank and hence get bigger bonuses. This is why Financial regulations say that there is supposed to be so-called Chinese Walls between the proprietary trading and the customer trading activities: they’re supposed to be segregated and not visible to each other.
Note that the heads of both teams were mates and already regularly had chats, so they might already have been exchanging this info informally.
I was quite fresh in there (less than 1 year) and the software system I worked in at the time was used by both teams, but when I started looking into it I saw that the separation was very explicitly coded in software and that got me thinking about what I had learned from the mandatory compliance training I had done when I first joined (so, yeah, that stuff is not totally useless!!!)
So I asked for written confirmation from the heads of both teams, and just got some vague response e-mails, no clear “do such and such”.
So I played the fool and took it to a seperate team called Compliance (responsible for compliance with financial regulations) saying I just wanted to make sure it was all prim and proper, “just in case”.
Of course, it kinda blew up (locally) and I ended up called to a meeting with the heads of the Prop Desk and whatnot - all stern looks and barelly contained angry tones - were I kept playing the fool.
Ultimatelly it ended up not being a problem for me at all, to the point that after that bank went bust and its component parts were sold to another bank, the technical team manager asked me to come back to work with the same IT group (remember, I was a freelancer) with even greater responsabilities, so this didn’t exactly damage my career.
That said, over the years there were various cases of IT guys in large investment banks who went along with “innocent” requests from the Traders and ended up as the fall-guys for subsequent breaking of Finance Regulations, serving jail time, so had I gone along with that request I would’ve actually risked ending up in jail.
(Financial Regulators were and are a complete total joke when it comes to large banks, which actually makes it more likely that some poor techie guy will be made the fall guy to protected the bank and its heads).
Why is everyone here afraid to name the companies?
Unless you’re sharing something that only you would know and the company is aware that you’re the only one who knows it, there’s no way they can identify you.
Something tells me the people posting here who had “NDAs” didn’t actually have any sort of a high level clearance to important information.
The majority of tech startups are super chaotic and barely keeping things running. More than you would ever imagine.
