aramis87

Oh god, the comments I put in the code, explaining what I was doing and why, and how to test that the product had been fixed before changing my code, because I just knew some junior codebro was going to come in and think, “I should clean this code up!” and they’d have no idea why it wasn’t working anymore …

Thank you - I appreciate the help!

It rhymed with Smoracle. Which is really ironic because you’d think that’s the ONE company that would (a) understand how to write a SQL statement, and (b) get really effing concerned when a simple database query broke their product.

I can understand if the reporter is new, or unknown, maybe submitting a lot of videos at once. The guy from the article is a vulnerability expert that’s been working in that role at Carnegie Mellon Software Engineering Institute’s CERT Coordination Center since 2004. I think he gets a pass on the “submitting fake reports for internet clout” front.

Years ago, I was de facto tech lead on a project. Every time a weird issue came up with the closed-system third-party development environment we were using, it fell to me to figure out what was causing it and file a bug report. It took time to figure out what was going on, narrow down the possibilities, get it to reliably reproduce, then word the bug report so that it was clear what the issue was - and this was on top of my regular duties.

I remember figuring out that if your SQL statement was 683 characters long, you were fine, but if it was any longer than that, the program would crash. I filed a bug report saying exactly that and giving the error message that got generated.

They came back and said they didn’t understand the bug report or how to reproduce it. I said, “Write a 683-character SQL statement. The program will run. Add one random space-character anywhere; the program will crash.” As far as I was concerned, this wasn’t my problem, and I was fully tired of finding and reporting bugs on their shitty platform (our customer had locked us into it).

They came whining back, "Oh, but that’s soooo haaarddd … " I’m like, “It’s not. Just write SELECT X, X, X [etc] until you have 683 characters,” (especially true because I had no idea what their database structure looked like) but they kept whining. Eventually they just came straight-out and said, “We need you to send us the entire failing module [because we can’t be arsed to do our own job, tyvm].”

My manager talked me down from the email I wanted to send back and told me to just strip everything else out. Which I did, but it took me like a day and a half to strip it back to something that had enough to reproduce the error without giving things away. I sent them the 683-character version and said, “Run this. Then add a random space anywhere in the SQL statement and it’ll die. This is your job and you’re not even my company, you figure it out from here.”

Then they had the nerve to come whining back, “Oh, we don’t understand what to add to the SQL statement or whe-ere. Pweas pweas pweas send us a non-working copy as well!” I’m like, ADD. A. SPACE. ANYWHERE." We went through a couple rounds of that, then my manager told me to add the space and send it to them so they (the people who developed this entire platform we were working on) could figure out the issue.

Steaming, I sent the second file. Since I had now done their entire diagnose-and-reproduce job for them, they graciously consented to open up a bug report.

We found multiple bugs like this. If you press the Save button it works fine but if you use Ctl-S it sometimes crashed [why are you using two separate Save routines?!?!]. They didn’t left-pad the time call to the operating system (which they said they did), so any program run before 10am had a chance of randomly crashing - that kind of thing. Probably half my overtime was figuring out their bugs so my developers could actually write code.

ISTG, after all the repeated time, stress and effort their shitty product cost me, if they’d insisted “Oh, we can’t do anything without a video showing us how to do our effing job” - well, they’d have been lucky to get a 15-minute troll video because I’d’ve vented two years of anger and frustration with their product and their customer “support” into that video.

Additional question, if I may? I joined kbin and was told to use boost instead of upvote (though both buttons were there). I’m now on mbin [fedia and melroy, RIP kbin] and have the same boost and upvote buttons available. Am I supposed to boost or upvote on mbin?