Our business-critical internal software suite was written in Pascal as a temporary solution and has been unmaintained for almost 20 years. It transmits cleartext usernames and passwords as the URI components of GET requests. They also use a single decade-old Excel file to store vital statistics. A key part of the workflow involves an Excel file with a macro that processes an HTML document from the clipboard.
I offered them a better solution, which was rejected because the downtime and the minimal training would be more costly than working around the current issues.
downtime
minimal retraining
I feel your pain. Many good ideas that cause this are rejected. I have had ideas requiring one big downtime chunk rejected even though it reduces short but constant downtimes and mathematically the fix will pay for itself in a month easily.
Then the minimal retraining is frustrating when work environments and coworkers still pretend computers are some crazy device they’ve never seen before.
The library I worked for as a teen used to process off-site reservations by writing them to a text file, which was automatically e-faxed to all locations every odd day.
If you worked at not-the-main-location, you couldn’t do an off-site reservation, so on even days, you would print your list and fax it to the main site, who would re-enter it into the system.
This was 2005. And yes, it broke every month with an odd number of days.
As weird as it may seem, this might be a good argument in favor of Pascal. I despised learning it at uni, as it seems worthless, but is seems that it can still handle business-critical software for 20 years.
Health insurance company I worked for would automatically reject claims over a certain amount without reviewing them. Just to be dicks and make people have to resubmit. This was over 25 years ago, but it’s my understanding many health insurers still pull this shit. They don’t care if it’s legal or not. Enforcement is lazy and fines are cheaper than medical claims.
Obviously this is in the USA.
We need a whole branch of government dedicated to fucking with insurance companies. They basically generate free money by having money, they don’t actually provide any net positive outside of just having money
We need to move to single payer healthcare and just eliminate the need for insurance companies.
The company would bid on government contracts, knowing full well they promised features that didn’t exists and never would, but calculating that the fine for not meeting the specs was lower than the benefit of the contract and getting the buyers locked into our system. I raised this to my boss, nothing changed and I quit shortly after.
I worked as software engineer and my boss tolerated me going to office at 2pm and leave at 9pm. It’s against company policy, certainly, but no one talked about it. It still is my most productive and happy time.
I’m changing jobs at the moment. I accepted a position at a UK office of an American company which I was a perfect fit for but they wouldn’t tolerate remote working or flexitime. A few days after, I was offered a job at a UK company offering 80% remote work and very generous flexi but for £5000/year less. I let the American company know I wouldn’t be starting with them after all. Honestly, it this day and age flexible hours and such aren’t a big ask for most information workers and work-life life balance is too important.
This comment is not like the others, lol.
Good on your manager.
1-800-got-junk? doesn’t care at all about its environmental impact. No sorting what so ever happens to what goes on their trucks it all goes to landfills. All the ads will say they recycle and that they repurpose old furniture but I was threatened with being fired when I recommended donating antiques instead of dumping a load of furniture.
More jobs and more profits comes before anything else in that company, including employee health and safety. Several times I was told to enter spaces we werent trained for (attics and crawl spaces) and carry waste I legally couldn’t transport (human/organic wastes and the laws states the driver is fined, not the company). One guy injured his shoulder during an attic job and was told to finish the shift or lose his job. Absoulte scum of a company with very sleazy management and possibly the labour board in their pocket as they kept “losing the files” when I tried to file a report with buddy’s shoulder (he was hesistant to report for fear of losing his job).
I’ve had a few friends work for them out in Montreal, and their parent company (2 Men and a Truck). According to them it’s a mob-operated business.
Oh no! I had a great experience with 2 men and a truck when I he used them! No idea it was associated with the 1 800 junk folks
I quit a well known ecomm tech company a few months ago ahead of (another) one of their layoff rounds because upper mgmt was turning into ultra-wall street corpo bullshit. With 30% of staff gone, and yet our userbase almost doubling over the same period, they wanted everyone to continue increasing output and quality. We were barely keeping up with our existing workload at that point, burnout was (and still is) rampant.
Over the two weeks after I gave my notice I discovered that in the third-party app ecosystem many thousands of apps that had (approved) access to the Billing API weren’t even operating anymore. Some had quit operating years ago, but they were still billing end-users on a monthly basis. Many end-users install dozens of apps (just like people do with mobile phones) and then forget they ever did so. The monthly rates for these apps are anywhere from 3 to 20 dollars per month, many people never checked their bank statements or invoices (when they eventually did, they’d contact support to complain about paying for an app that doesn’t even load and may not have for months or years at this point).
I gathered evidence on at least three dozen of these zombie apps. Many of them had hundreds of active installs, and were billing users for in some cases the past three years. I extrapolated that there were probably in the high-hundreds or low-thousands of these zombie apps billing users on the platform, amounting to high-thousands to low-tens-of thousands of installs… amounting to likely millions per year in faulty and sketchy invoicing happening over our Billing API.
Mgmt actually did put together a triage team to address my findings, but I can absolutely assure you the only reason they acted so quickly is because I was on the way out of the company. I’d spotted things like this in the wild previously and nothing had ever been done about it. The pat answer has always been well people are responsible for their own accounts and invoicing. I believe they acted on this one because I was being very vocal about how it would be ‘a shame’ if this situation ever became public, and all those end-users came after the company for those false invoices at one time. It would be a PR and Support nightmare.
You have definitely interacted with this ecommerce platform if you shop online.
I’m unfortunately dependent upon said company, as a “partner”, which just means a hack indie developer who herds customers to the slaughter for the corp.
The last round of layoffs was a brutal experience for the “Plus” customers. They lost crucial advisers and support, and now the guidance available is a bored and untrained chat support thrall on the other side of the world, or a stochastic parrot.
You can smell the enshittification from here. The vendor lock-in is so intense it seemed inevitable.
Name and shame!
just guessing here but sounds like the rain forest company.
I’m guessing that if you have the right kind of Pal, you could figure out a way to Pay them to help you figure it out…
This has GOT to be Shopify
✅️ is a shopping platform
✅️ has an app ecosystem with a billing api
✅️ high probability that someone who shops online has interacted with a store on the platform
✅️ multiple rounds of layoffs w/ staff stretched thin
✅️ unclear ambitions of being a megaplatform, beyond what it already is
I guess we’ll never know, lol
Nice try fbi
Just remembered another one:
Have you ever had an anonymous survey sent to you by your work or by a company your work has hired? They’re not anonymous. Management knows what your opinions are and will use them against you.
I worked for a consultant that would try and help fix businesses. The worst example I can think of was when I saw one person had answered a survey question saying that their employer had a “blame culture”. Rather than trying to work on the processes or address why something had gone wrong, staff would start pointing fingers to keep out of trouble. This didn’t fix anything and only made people spend all the time covering their posteriors.
The manager called a general meeting of everyone at that site and then singled out the employee who’d mentioned the blame culture, blaming him for saying there was a blame culture. The employee then pointed out that they’d been told, in writing, that the survey was anonymous. That employee called the manager a liar and then she lost control of the meeting, with lots of employees calling her a liar and several storming out. They weren’t in business the next year.
You work in the US, right?
I’m so sure that this would be absolutely illegal in the EU. Privacy laws are rather strict here and I can’t imagine that it would be legal in any way to say that you’re doing an anonymous survey if it isn’t actually anonymous.I live in the UK.
The consultancy never claimed that the surveys were anonymous. Pretty much every manager did when they sent it out to their employees. I guess lots of bosses in the UK have no problem with lying to their employees.
Privacy laws are only as good as their enforcement. I’ve seen first hand the slap-dash attitude the NHS has to patient confidentiality and the police using databases for their own personal reasons. I’ve also experienced UK primary schools violating confidentialities. No repercussions for any of them.
If you were to reveal this information while you were still employed, would they have had legal repercussions against you as a whistle blower?
No legal repercussions.
I did some consultancy for the NHS (hint for anyone in IT: DON’T) and tried to whistle-blow the absolute shocking state of patient confidentiality. Nurses would routinely look up things to use or for gossip or leverage over people. For example, one nurse was able to access patient details to help her friend get ammunition in a divorce and custody battle. Another used it for playground gossip against a mother who had offended her and spread around that she was on antidepressants. When I started the complaint (giving multiple examples), they closed ranks and decided my claims were due to “miscommunication” and/or were fabricated. I could prove this data had been accessed and who had accessed it on the system’s audit trail. Nothing was done. They have policies in place stating not to do that, but they were routinely ignored.
Same with the police. Officers were using police databases to stalk and harass exes, exes new partners or neighbours who had pissed them off. The Independent Police Complaints Commission are a joke and are staffed by ex police officers who had personal relationships with the people involved. The complaint was closed and I received a letter months later thanking me for withdrawring my complaint. I never withdrew the complaint and was informed that I had and I was unable to open it up again. This was 10 years ago and I haven’t worked for any police department since or relied on the police for anything.
GDPR and data protections laws are all well and good, but without enforcement they are meaningless.
I worked for a pretty popular magazine back in the late 90’s. One day near the beginning/middle of 2000, we were all called down to the bullpen for a last minute meeting by management and marketing. (That’s never a good sign.)
We were told that we have a great product with amazing writing, but marketing doesn’t know how to sell it so they’re closing us down. Instead, we went online only. I was the web developer so I survived the firings.
So then we figured that we were set because our website produced more content and had more traffic than any of the company’s other websites. However, in March of 2001, we had another emergency meeting. Again, we were told our content was great, but the company was going in another direction. Instead of producing our own content, the company was going to just repost other sites’ content. I and everyone else in my team were let go.
Needless to say, the whole “we’ll just repost what other people posted” plan didn’t go so well. Last time I checked, the company wasn’t doing very well at all.
I work in IT. Most systems have laughable security. Passwords are often saved in plain text in scripts or config files. I went to a site to help out a very large provincial governmental organization move some data out of one system and into another. They sat me down with a loaner laptop and the guy logged me into his user account on the server. When I asked for escalated privileges, he told me he’d go get someone who knew the service account passwords.
After a few minutes, I started poking around on my own… And had administrative access within an hour. I could read the database (raw data), access documents, start and stop the software, plus, figured out how to get into the upstream system that fed data to this server… I was working on figuring out the software’s admin password when the guy came back. I’m sure that given some more time, I could have rooted the box because the OS hadn’t been updated in years.
It’s pretty depressing, but the fact that soil and groundwater are almost certainly contaminated anywhere that humans have touched. I’ve seen all kinds of places from gas stations, to dry cleaners, to mines, to fire stations, to military bases, to schools, to hydroelectric plants, the list could go on, and every last one of them had poison in the ground.
Some places are insanely polluted to the point where you wonder how a whole company could be so braindead and essentially poison themselves.
A place not far from where I live had a chemical plant which just dumped loads of chemicals on a meadow for years. Now there are ground water pumps installed there which need to run 24/7 so that the chemicals don’t contaminate nearby rivers and hence the rest of the country.
When taking samples from the pumped up water you can smell gasoline.The largest lake in the UK by area got massively polluted and turned into a swamp of toxic green algae. It’s crazy how people just let stuff like that happen.
We’re house shopping and there has been a house on a lake sitting on the market forever. I got curious and researched the lake and… It’s a literal superfund site. The company that was on the other side of the lake just dumped their waste chemicals right on the shore and it has polluted both the lake and ground water forever essentially because they don’t break down. I looked up the previous owner… Died of cancer. The shit that companies are and were allowed to get away with is just insane. Meanwhile right wing nut jobs want to get rid of the EPA (which was ironically created by Richard Nixon).
Worked support for an electricity supplier. I was able to see a frightening amount of info about the customers. Even past ones who had moved elsewhere.
We also kept notes about each call, email, web or app chat. So if you were an asshole in the past, everyone will know going forward.
Also fuck landlords and landladies etc. More often than not, they were shitty to deal with.
Also we would often use Google Maps and Streetview to see what your house looked like. We also had pictures of the inside because the installation techs took pictures to confirm that works were completed as specified.
Alll of this was available to us for any reason, at any time with no oversight. And none of it was encrypted. There was also government websites in use up to 2020 that required internet explorer to use and had passwords as trivial as ‘Password1’.
I left that job because the pay was lousy and the stress was pretty full on. I respected a lot of people that worked there. Both higher ups and people who came after me. But fuck was there a lot of potential for bad actors or like stalkers etc to mess with your info.
I would reccomend to everyone. Please use password managers. Especially decent open source ones like Bitwarden. Take note of every piece of info that you give a company. From your phone number, address, email etc to even when you contacted them. Also try to not have your home look like an abandoned hovel on Streetview lol. Easier said than done I know. But it may affect your dealings with support people that you need help from. And lastly, please dont use Password1 as a login. Ever. Like please.
i would recommend Keepass
The buildings alarm code was 0711. Guess where I worked…
My boss was high 99% of the time he was at work.
Or awake.
We didn’t investigate an online theft from any bank account unless it was over US $100k.
