The Daily WTF: Curious Perversions in Information Technology

2006-04-06 Reply Admin

So thats Accenture for :-P

2006-04-06 Reply Admin

What does it mean when a line is indented by 892 tabs? I can imagine a good portion of code inspection time debating whether it should be 894.

That's due to JSP. Unless you comment all whitespace out of your tags (c:forEach, c:if, etc.) it ends up in the output.

It's a shame Sun couldn't have made it easy to implement a skip whitespace tag (or for that matter filter type tags in general). You pretty much have to chose between ugly code or ugly output. Since you usually look at the code more...

2006-04-06 Reply Admin

That's not enterprise enough, they actually link directly to a JSP-file! I work on an enterprise portal, and we always link to an action path, which is translations to an action class depending on stuff like which page you came from. The action class does some magic foo involing executing some command-objects and stuff, before choosing the name of a page to show. That name is then mapped to a JSP-file, depending on stuff like which page you came from, and what the action path is.

Looking at a page in a browser, it can take minutes to find out which JSP-file I need to edit. And then the JSP-file just includes a bunch of other JSP-files etc...

Actually, maybe this website costs more than €165.M, only management knows.

A few years ago I laughed at how much easier it would be with PHP. The scary part? Now I can actually see how much work all this saves. This would be so much harder to do with this enterprise-stuff. Yay...

Okay, this may be scarier: The website is actually worth the prise. The clients saves money on some of this, and earns money on the rest. Lots.

2006-04-06 Reply Admin

R.Flowers:
It's a 714-byte session identifier that's unique enough to represent all sessions across all websites across all the Ineternets across all galaxies throughout all of time ... four times over.

Maybe they were burned badly by Y2K.

It reminds me of a base-64 encoded picture.

Why am I thinking to a base-64 encoded serialized Session Object ?

2006-04-06 Reply Admin

Anonymous:
That looks like an IOR (CORBA object handle in string form), an underscore, and a UUID to me.

Yup, it's an IOR.

IOR:

Type_ID: IDL:http/ReqProcessor:1.0

Profiles: 1

profile # 1 =>

tag: TAG_INTERNET_IOP

profile_data:

ProfileBody_1_1:

Version:

major: 1

minor: 2

host: s0202021

port: 60230

object_key: PMCIDL:http/ReqProcessor:1.0 berufe_cluster /tomcat4_poa

TaggedComponent not implemented

</FONT>

(although my IOR parser does not support TaggedComponent... yet)

2006-04-06 Reply Admin

That's not enterprise enough, they actually link directly to a JSP-file! I work on an enterprise portal, and we always link to an action path, which is translations to an action class depending on stuff like which page you came from. The action class does some magic foo involing executing some command-objects and stuff, before choosing the name of a page to show. That name is then mapped to a JSP-file, depending on stuff like which page you came from, and what the action path is.

You think that's enterprisy?

In our app:

Incomming URL is mapped to an action path
Action path is mapped to action class
URL param is mapped to object storing data for "sub" session (allows users to use mulitple windows with same session).
Action class does foo with EJBs
Results are stored in "sub" session
Message ids and message params are stored in "sub" session mapped to a token
Action returns name and token
name+token is translated to URL, and a redirect is sent to browser
Incomming redirect URL is mapped to an action path
Action path is mapped to action class
URL param is mapped to object storing data for "sub" session
Token in URL param is mapped to message ids and message params
Display data is extracted from "sub" session and stored with message ids and message params in request scope
Action class returns name
name is mapped to JSP
JSP renders page translating message ids + message params to messages.

2006-04-06 Reply Admin

160 million?

That's a simple number to explain - they just wanted to beat boo.com's record

2006-04-06 Reply Admin

bullseye:
Anonymous:
... complete with sideways ^.

One of these... > ?

(Sorry, couldn't resist. ;-)

Erm, pretty much... But I couldn't get it superscript.

/should have thought of that

2006-04-06 Reply Admin

http://infobub.arbeitsagentur.de/berufe/alphaSearch.do?alphaCaps=B
http://infobub.arbeitsagentur.de/berufe/alphaSearch.do?alphaCaps=BBB
http://infobub.arbeitsagentur.de/berufe/alphaSearch.do?alphaCaps=B'%20and%201=1%20or%20''='
http://infobub.arbeitsagentur.de/berufe/alphaSearch.do?alphaCaps=B'%20and%201=2%20or%20''='

Is it just me or does this smell like an SQL injection..?

Fred · 2006-04-06 Reply Admin

triso:
Coughptcha:
... http://www.canadiansocialresearch.net/onbkmrk.htm#Andersen
<font size="5">T</font>hanks for that link. Here's another with a top-ten list of Anderson screwups: http://www.nupge.ca/publications/MiscPDFs/andersen.pdf

And they were recently thrown out (all 120 consultants) by a telecommunications company (http://www.tele2.com) because accenture kept demanding more money for extra stuff that was needed to make the system work...

No english link to the story (sorry about that), but here's a couple in Norwegian, Swedish and Danish (respectively): http://www.hegnar.no/IT-Kanalen/newsdet.asp?id=212189
http://www.nyteknik.se/art/45382 http://www.computerworld.dk/art/33322?a=rss&i=0

Do we see an emerging pattern?

Fred · 2006-04-06 Reply Admin

Fred:

...No english link to the story (sorry about that), but here's a couple in Norwegian, Swedish and Danish (respectively):
http://www.hegnar.no/IT-Kanalen/newsdet.asp?id=212189
http://www.nyteknik.se/art/45382
http://www.computerworld.dk/art/33322?a=rss&i=0

Do we see an emerging pattern?

... Now with linebreaks... Sorry about that...

redeye · 2006-04-06 Reply Admin

<font size="2">If you paste that into notepad and use a monospaced font (I used Bitstream Vera Sans Mono, size 8), turn word wrapping on, delete the line breaks then fiddle about with the size of the notepad window you will notice it turns into an ASCII art Homer Simpson...</font>

2006-04-06 Reply Admin

Anonymous:
Directly from the html:

<script src="http://proxy.internetcenter/berufenet.js" type="text/javascript">script>
That comment says something like: This file can only be accessed locally, please ignore errors on other machines.

It gets even worse: below that there is a test to check for this:

<script type="text/javascript">
<!--<br>// Test: Sind wir im InternetCenter?<br>	try{<br>		setzeFilme();<br>		var ic = 1;<br>	}catch(e){<br>		var ic = 0;<br>	}<br>-->
</<span class="end-tag">script>

Now it looks to me that this var ic is a very local variable 
and it goes out of scope - twice. And later on, this variable
is tested in some weirdly commented-out part:
<script type="text/javascript" language="JavaScript">
<!--<br>//var context="/berufe";<br><br>//	if ("undefined" != typeof(ic))<br>if (ic == 1)<br>		{<br>//			document.writeln("<div style=\"text-indent:-0.8em;margin-left:0.8em;\">");<br>//			document.writeln("<img src=\"/berufe/include/global/images/pfeil_rot.gif\" alt=\"\" border=\"0\" />");<br>			document.write("<a href=\"/berufe/film/themes/index.jsp");<br>			document.write("");<br>			document.write("\" tabindex=\"");<br>			document.write("1000");<br>			document.writeln("\">");<br>			document.writeln("Filme zum Thema<br/>");<br>			document.writeln("Arbeit und Beruf");<br>			document.writeln("</a>");<br>//			document.writeln("</div>");<br>			document.writeln("<br/><br/>");<br>	  }<br>// -->
</<span class="end-tag">script>

(let's hope that the forum software doesn't mangle all these less-than signs...)

2006-04-06 Reply Admin

Anonymous:

Anonymous:
Directly from the html:

<script src="http://proxy.internetcenter/berufenet.js" type="text/javascript">script>
That comment says something like: This file can only be accessed locally, please ignore errors on other machines.

It gets even worse: below that there is a test to check for this:

<script type="text/javascript">
<!--<br>// Test: Sind wir im InternetCenter?<br>	try{<br>		setzeFilme();<br>		var ic = 1;<br>	}catch(e){<br>		var ic = 0;<br>	}<br>-->
<!--<span class="end-tag"-->script>

Now it looks to me that this var ic is a very local variable 
and it goes out of scope - twice. And later on, this variable
is tested in some weirdly commented-out part:
<script type="text/javascript" language="JavaScript">
<!--<br>//var context="/berufe";<br><br>//	if ("undefined" != typeof(ic))<br>if (ic == 1)<br>		{<br>//			document.writeln("<div style=\"text-indent:-0.8em;margin-left:0.8em;\">");<br>//			document.writeln("<img src=\"/berufe/include/global/images/pfeil_rot.gif\" alt=\"\" border=\"0\" />");<br>			document.write("<a href=\"/berufe/film/themes/index.jsp");<br>			document.write("");<br>			document.write("\" tabindex=\"");<br>			document.write("1000");<br>			document.writeln("\">");<br>			document.writeln("Filme zum Thema<br/>");<br>			document.writeln("Arbeit und Beruf");<br>			document.writeln("</a>");<br>//			document.writeln("</div>");<br>			document.writeln("<br/><br/>");<br>	  }<br>// -->
<!--<span class="end-tag"-->script>

(let's hope that the forum software doesn't mangle all these less-than signs...)

Yes it did.

2006-04-06 Reply Admin

Anonymous:
Yeah, I don't even see the code. I just see blondes, brunettes, and redheads.

Cracking :-)

2006-04-06 Reply Admin

dunno, but where's the problem? One session id for every unemployed guy in germany :-) Though I think they might even come short with id's soon in the future...

mrsticks1982 · 2006-04-06 Reply Admin

Anonymous:

Accenture - pronounced "ass enter"

assenture.com

try it out!!

mrsticks1982 · 2006-04-06 Reply Admin

Anonymous:
I worked for SBC a while back and they brought Accenture (This was actually during their name transition) in to consult on a project. I was 22 or so at the time and so was everyone that Accenture sent our way. Most of them had chemical engineering degrees or accounting degrees. They were not programmers by trade, but they were being trained to do it Accenture's way.

Well, the VPs at SBC finally bitched and moaned enough that Accenture sent out some real developers and architects (btw...everyone has the title "architect" of some sort there...or so it seemed), but of course, those people cost more. So, the project was 8 months behind schedule at the 1 year mark (no kidding), and we were no closer to a solution at the 14 month mark. I left at the 18 month mark and the first iteration was almost done, a full 13 months behind schedule. Money well spent indeed.

its the accenture way ... just know they are moving to a more secure method of don't sue me, cause a few years ago they create Accenture Technology Solutions!! They want to be technology focused instead of being industry focused, and guess what they hire any one who breathes. If breathe air and have can use a computer you could be hired!!

Hammer · 2006-04-06 Reply Admin

Just created an account so I could post this, kinda related. Just started work at another client site (I'm an IT Consultant) - and yesterday, I was given a web page that had a list of all the project, so I could find some information on some of them. Anyway, long story short, the drop-down list box was sorted by some unknown project number...so I figured I'd just do a view source, and find the project name I was looking for. First thing that made me go WTF? was this, at the beginning of hte source:

No clue what this is for...didn't even bothered to ask.

Hammer · 2006-04-06 Reply Admin

...shoulda formatted it (or cut it short)...heck, didn't even realize how big it was myself until after I posted. Saved it to a file, it's over 96000 bytes long!

d4ddyo · 2006-04-06 Reply Admin

Hammer:
...shoulda formatted it (or cut it short)...heck, didn't even realize how big it was myself until after I posted. Saved it to a file, it's over 96000 bytes long!

That's from an ASP.NET application. It's used to store control context information from request to request. By default, all controls - including any custom controls that derive from ASP.NET web control library classes - have this feature enabled. Typically, you'd disable this feature for controls that don't need to use it, in order to reduce the size of that hidden variable value. WTF? Very possibly so.

2006-04-06 Reply Admin

I would guess that VB is for VisiBroker: the name of Borland's ORB (CORBA)

byte_lancer · 2006-04-06 Reply Admin

Anonymous:
I went for a job at Accenture once, I was lucky enough not to get it.

I went there once and had a look at some of their specs they were willing to show. Immediately opted out. Yea this is their Bangalore location which might be the centre that developed this WTF monster.

2006-04-06 Reply Admin

Too bad for Accenture (I still call them Andersen... the name chance is just a PR ploy)... they can't compete with Wipro on price.

You either hire Arthur Andersen consultants to get nice cologne smelling-college kids on site, resembling the Aryan Nation who bill you into poverty.

Or,

You can hire Wipro for 1/1000th of the cost and get planeloads of Engrish-speakers on your front doorstep, ready to write code for fear of having to go back to the Hyderabad callcenters.

2006-04-06 Reply Admin

kdean:
Sorry, but that's not a WTF.
Now for why the session ID is so large...
In a clustered environment, you could have requests serviced by any one of (for example) eight machines.
In order to locate the same application instance that you used last time, the server name, cluster name, and Tomcat instance name all need to be encoded in the URL.

687 bytes to encode the server name, cluster name, and Tomcat instance name

"Sorry, but that's not a WTF."

oh, that's ok then

2006-04-06 Reply Admin

I think they have some Whitespace code embedded in that page too... just take a look at this
Free Image Hosting at www.ImageShack.us

2006-04-06 Reply Admin

[!-- Request took 0.01 seconds realtime to complete. --]


sure

2006-04-06 Reply Admin

The funniest thing is that the GUID appears 9 times on one page...that is a lot of overhead for no good reason.

Also, I don't think the "keyword" meta tag will be very effective with that many key words.

2006-04-06 Reply Admin

Anonymous:
Yeah, I don't even see the code. I just see blondes, brunettes, and redheads.

quality....

2006-04-06 Reply Admin

Anonymous:
i've worked on Accenture engagments and this does not surprise me in the least... they probably billed out some new college grads fresh from accenture "bootcamp" at 500/hr for that crap....

either that or a bunch of middle aged ex-COBOL developers who suddenly learned ASP.Net

2006-04-06 Reply Admin

GoatCheez:
Anonymous:

Some of the strings embedded:

IDL:http/ReqProcessor:1.0
s0202021
berufe_cluster
/tomcat4_poa
VIS
UserRealm
VB
Borland

More (but much less significant):
F
M
PMC
VB!
W3no7?k,

It definitely looks like it's more than a session ID. Data is definitely stored in there...

I went to the site, and the only thing that changes in that session id is everything after the underscore. For me, the text there converted to "oi*JW8G".

I found

Sincerely,

Gene Wirchenko

In there too!

triso · 2006-04-06 Reply Admin

Fred:
...And they were recently thrown out (all 120 consultants) by a telecommunications company (http://www.tele2.com)...

<font size="5">W</font>ow! 120 consultants. Now that is enterprise class, for sure.

Fred · 2006-04-07 Reply Admin

triso:
Fred:
...And they were recently thrown out (all 120 consultants) by a telecommunications company (http://www.tele2.com)...
<font size="5">W</font>ow! 120 consultants. Now that is enterprise class, for sure.

I think it was an "enterprise billing system"... ;-)

No, seriously; they were (going to) build a billing system for mobile phone calls for all the 24 countries tele2 operate in. The initial budget was around 6-10 million euros (tounge-in-cheek conversion), but surprisingly enough accenture kept billing for extras...

Whiskey Tango Foxtrot? Over. · 2006-04-07 Reply Admin

d4ddyo:
Hammer:

...shoulda formatted it (or cut it short)...heck, didn't even realize how big it was myself until after I posted. Saved it to a file, it's over 96000 bytes long!

That's from an ASP.NET application. It's used to store control context information from request to request. By default, all controls - including any custom controls that derive from ASP.NET web control library classes - have this feature enabled. Typically, you'd disable this feature for controls that don't need to use it, in order to reduce the size of that hidden variable value. WTF? Very possibly so.

Here's some irony that will bust your gut: The Daily WTF forum software makes use of this.

2006-04-08 Reply Admin

nice one

2006-04-10 Reply Admin

Yep, sure is...

$160 MM Euros and still wide open... ouch

Too much enterpriseness. Not enough clues.

2006-04-11 Reply Admin

Simply horrible. When I clinc on the front side menu item "Interesse:Beruf" (interes:occupation) I get

"Ihr Browser sollte automatisch ein Fenster mit dem Angebot "INTERESSE:BERUF" der Bundesagentur für Arbeit geöffnet haben. Wenn dies nicht der Fall ist, klicken Sie bitte hier."

Translated:

Your browser was supposed to open the window with the choice "interest:occupation" from (this full site name). If that is not the case, please click here"

2006-04-12 Reply Admin

Hammer:

No clue what this is for...didn't even bothered to ask.

Well, you should have.

It is a Base-64 encoded string containing control state and retaining it across postbacks (ASP.NET feature, enabled by default). Extremely useful feature for web developers and most definitely NOT a WTF. Merely a life-saver.

2006-06-05 Reply Admin

Actually, it probably stands for VisiBroker, which is Borland's CORBA implementation. (Pretty good for a commercial CORBA implementation, by the way.)

Now, I'm by no means sure of this, but the 'session id' here looks a lot like a stringified CORBA object reference (although the 'IOR:' at the beginning is missing, maybe they cut that off to save space :-).If this is actually the case, the WTF here is an order of magnitude bigger than I initially suspected...

2008-03-03 Reply Admin

I like the list of meta keywords on their page. I'm sure that Ausbildungsbedingungen and Zugangsvoraussetzungen are typed in several times a day by people looking for thia site.

When you are a german, looking for stuff on these people, you DO bombard google with that kind of word, believe it or not...

2011-02-02 Reply Admin

aweew:
From now on, I am appending all sorts of random data to the end of mosts. ichiban37287824wendys3242startrek32423fark.com

Kind of proves that a human can hold seven items of random information at a time...

ichiban 37287824 wendys 3242 startrek 32423 fark.com

2013-08-18 Reply Admin

Coincidentally, "Palant" is in Polish synonym to idiot.sa

2021-07-07 Reply Admin

Its such as you learn my mind! You seem to grasp so much about this, such as you wrote the e-book in it or something.

I believe that you just could do with a few % to power the message home a little bit, but instead of that, that is wonderful blog. A great read. I will definitely be back. http://a.sanok.pl/olejek-cbd-30-ml-1399.html

2021-10-04 Reply Admin

Greetings! This is my first visit to your blog! We are a team of volunteers and starting a new project in a community in the same niche. Your blog provided us useful information to work on. You have done a wonderful job! http://anuluj-dlugi.org/upadlosc-konsumencka-sobienczyce.php

2021-10-06