We've all had that feeling before. We see something happening in front of us, yet because the sight doesn't conform to the worldview held within our brain, we just can't believe our own eyes. Dogs playing poker. Cats wearing panty hose. Politicians telling the truth. You get the idea. And depending on your personal threshold for incredulity, you might experience this feeling as a double take, a spit take or a psychotic break. If you happen to be prone to psychotic episodes, then I'm going to have to ask you to move on. Wait for tomorrow's WTF. Or maybe pet some kittens. Here's a picture to help you get started.

Incredibly cute kitten...sorry you can

Feeling calm and relaxed? Good. Now let me tell you a story about Steve. Steve is what you call a 'skeptic' (which is scarily close to septic, but I digress). He questions absolutely everything he encounters. He walks with overly firm footfalls to make sure that the ground won't open up under him. He carries two watches to act as verification for the clock on his smartphone. He even checks his own pulse to make sure he's alive.

"Adding an account on Mint.com, it asks for the last 4 digits of my SSN and for the first 3 digits," John A. wrote, "Seriously? There are only 100 combinations left to guess the full SSN!"

When you read a lot of bad code, you start to get a sense of why the code exists. Often, it’s ignorance- of the language, of the functional requirements, of basic logic. Sometimes, it’s management interference, and the slavish adherence to policy over practicality. Other times, it’s just lazy or sloppy work.

And sometimes, the mysterious logic that gave birth to a WTF is just that- a mystery.

Secure Development

2014-04-16

Steven's multi-billion dollar tech firm spared no expense in providing him two computers. One was stuffed in a broom closet down the hall; he used it for email, Internet access, and other administrative items. At his cubicle sat the computer on which he did all his programming, connected to the company's separated development environment (SDE).

The SDE was a company-wide network that existed in parallel to the normal network. No Internet connectivity, and login was only possible with an RSA SecurID dongle. The stated purpose was to provide a secure environment for software development. The other devs on Steven's team had their own SDE boxes for the same purpose.

Bank of the West Los Altos branch vault

I Had My Reasons

2014-04-15

Trevor spent a huge amount of time writing a 2,000,000+ PHP/JavaScript/HTML system for an e-commerce company. Like a few other I'm-Special geniuses in our field, he believed that he could do it better than everyone else. For this reason, he came up with his own way of doing things. Database queries. Date-time logic. You name it.

Back around the turn of the century, governments were a different place to work at. The public trough, while not as fat as it had been, was still capable of providing funding for boondoggles handed out to friends and family. This was before deficit hawks made a sport of picking off small cost overruns that scurried around the fields of government largesse. Before billions was spent on wars of questionable necessity. Before mayors broke down the stereotype that all crack addicts were skinny.

In this heyday, Ray worked for a government department that contracted, managed and passed-through telecommunications services from external providers to other government departments. The department's central billing and administration system was built and run on the Ingres ABF framework and it's origin dated back to the early 90's. What's more, as soon as the application could be put into minimal funding status, it was. Even in the heady Internet bubble days, no money was spent beyond what was needed to keep the application running.

"I was hoping to take a trip to Hong Kong, but NON-STATIC METHOD seems to be a good value," writes Ryan.

Don't forget, The Daily WTF loves terrible emails. If you have some to share, mail in your mail!


Perfectly Safe to Open This (from Alex)

The Java-based application that Dan M. supports does something that is frequently accomplished by applications the world over - based on the value of a passed string containing a valid date, convert it to datetime. Simple stuff. Java even has built-ins to make this task even easier.

Well, the developer behind the below code decided to take the idea of date conversion using Java's built-ins and run with it ...way off of the reservation.

In the ancient time of 2008, people were still using Lotus Notes. Rumor has it that some still do, even today. Danny worked for an IBM partner which was a “full service” provider. It was the kind of company that you’d leas your entire IT infrastructure from, from servers to desktops and soup to nuts.

Their newest client was the state Nursing Board, the government agency responsible for keeping track of every nurse in the state- when they became a nurse, when they last paid to renew their license, any complaints or reports. From the IT side, this involved tracking payments, physical documents, and navigating custom Lotus Notes applications developed by the Board’s own development team. It was a giant pile of confusion with a highly manual and error prone process.

View Article Archives >>