The Daily WTF: Curious Perversions in Information Technology

cURLing Up With a Good Hook

by Dan J. in Feature Articles on 2014-04-30

A year into his gig as a senior web developer for ClientServiCo, Eddie felt like he had a good grip on the many disparate systems he and his team had built for their clients over the years. Like most web-dev firms formed during the first bubble, the ClientServiCo team had survived by adopting whatever tools were the right combination of familiar, popular, and available at the time. This approach, while allowing them to be flexible in conforming to their clients' needs, also left a tangled legacy spread across a constellation of web hosts. Yeah, it was kludgy in parts. Sure, Eddie would look at some parts and wonder if the coder was high at the time, but hey - overall, it just worked and nobody complained! ...Then came the notification from their current host that a Drupal installation belonging to a ClientServiCo client was spewing spam and had to be taken offline.

The first oddity Eddie noticed was that Drupal wasn't running the entire site. Instead, it was just a calendar and event-registration system. The administrative section was powered by a CMS that ClientServiCo had written in-house during the aughts, and abandoned years ago in favor of something more robust. Though the site was meant to be accessible to authorized users only, the .htaccess and .htpasswd files which comprised the authorization system were only protecting the third part of the site: a set of static webpages written in FrontPage. With the Drupal system and admin backend both freely accessible from the web, it was incredible that the five year-old site had only recently been compromised. As a simple first step to stop the bleeding, Eddie moved the .htaccess file up one directory to protect the entire web root and trudged on.

77 comments - Last comment @ 2024-01-09

Left Hand, Meet Right Hand

by snoofle in Feature Articles on 2014-04-28

You have to love the folly of big companies. Bear Stearns. Lehman. Tyco. Enron. MF Global. MegaCorp. WTF Inc. They always put out advertisements telling us how soft and gentle their products are for us, our children and the planet. They cajole us with ads extolling the virtues of their products, and how we can't live without them. Of course, you know that they use the strictest rules and procedures to guaranty the safety of our personal data, and take every conceivable measure to make sure that things are done correctly. In short, we can trust them. There are rules for how to do everything. Protocols to be implemented. Procedures will be followed. Period.

Phone companies, especially, take extreme precautions when releasing software because the communications grid simply cannot be allowed to go down. Ever. I mean, it's critical that you be able to get important messages through, like: I'm on my way, or Pick up milk.

78 comments - Last comment @ 2014-05-04

Psychic Software

by Charles Robinson in Feature Articles on 2014-04-24

Lawrence’s first task at his new job would be an easy one. “All you gotta do is carry this across the finish line. It’s practically done already,” Chris the Costly Contractor informed him. Costly Chris was nearing the end of his contract and the company didn’t want to keep paying his jacked-up rates. That’s where Lawrence, the cheaper, full-time alternative to Chris, came in. “But, there are some recent change requests that we need to do. You’ll have the pleasure of talking to Becky about that,” Chris said with a sly grin.

The software was a simple CRM with a PHP front end. It was a straight-forward MVC application with a slew of stored procedures responsible for managing the data. Lawrence’s group worked on the UI layer.

Shepherd, guru, and leader of the UI effort was Becky, the designer. Becky’s background was in graphic design for print, and someone up the management tree had decided that design was design, and appointed her head of the user interface and experience group.

108 comments - Last comment @ 2014-05-14

Desert Packet Storm

by snoofle in Feature Articles on 2014-04-22

Jonathan D. was the system administrator for a school nestled in a war-ravaged city somewhere in the middle of the desert. What with bombings here, explosions there, and the odd RPG whizzing by, dealing with a converted bathroom as an office/datacenter just didn't seem to be all that big of a deal.

The school had roughly 100 computers split between two buildings, along with the laptops everyone used. His office, ...erm... converted bathroom housed all of the servers, and the main computer room for the high school/middle school (grades 6 and up) building was located right outside the door.

98 comments - Last comment @ 2014-06-27

Secure Development

by Ellis Morning in Feature Articles on 2014-04-16

Steven's multi-billion dollar tech firm spared no expense in providing him two computers. One was stuffed in a broom closet down the hall; he used it for email, Internet access, and other administrative items. At his cubicle sat the computer on which he did all his programming, connected to the company's separated development environment (SDE).

The SDE was a company-wide network that existed in parallel to the normal network. No Internet connectivity, and login was only possible with an RSA SecurID dongle. The stated purpose was to provide a secure environment for software development. The other devs on Steven's team had their own SDE boxes for the same purpose.

152 comments - Last comment @ 2014-05-06

All Your RAM Are Belong to Us

by Bruce Johnson in Feature Articles on 2014-04-14

Back around the turn of the century, governments were a different place to work at. The public trough, while not as fat as it had been, was still capable of providing funding for boondoggles handed out to friends and family. This was before deficit hawks made a sport of picking off small cost overruns that scurried around the fields of government largesse. Before billions was spent on wars of questionable necessity. Before mayors broke down the stereotype that all crack addicts were skinny.

In this heyday, Ray worked for a government department that contracted, managed and passed-through telecommunications services from external providers to other government departments. The department's central billing and administration system was built and run on the Ingres ABF framework and it's origin dated back to the early 90's. What's more, as soon as the application could be put into minimal funding status, it was. Even in the heady Internet bubble days, no money was spent beyond what was needed to keep the application running.

122 comments - Last comment @ 2017-12-04

Best of Email: (Un)Helpful Support, An Epic Opportunity, and more!

by Mark Bowytz in Feature Articles on 2014-04-10

Don't forget, The Daily WTF loves terrible emails. If you have some to share, mail in your mail!

Perfectly Safe to Open This (from Alex)

84 comments - Last comment @ 2014-04-17

Nursing the Plan Along

by Remy Porter in Feature Articles on 2014-04-08

In the ancient time of 2008, people were still using Lotus Notes. Rumor has it that some still do, even today. Danny worked for an IBM partner which was a “full service” provider. It was the kind of company that you’d leas your entire IT infrastructure from, from servers to desktops and soup to nuts.

Their newest client was the state Nursing Board, the government agency responsible for keeping track of every nurse in the state- when they became a nurse, when they last paid to renew their license, any complaints or reports. From the IT side, this involved tracking payments, physical documents, and navigating custom Lotus Notes applications developed by the Board’s own development team. It was a giant pile of confusion with a highly manual and error prone process.

85 comments - Last comment @ 2014-04-21

Translate Everything!

by Erik Gern in Feature Articles on 2014-04-03

"Pourriez-vous s'il vous plaît répéter la question?" said Andre, head developer. His voice was garbled over a VoIP connection. "My English ... not great."

Yvonne sighed. She was the project manager of MetaPortal, the creatively named flagship product of MetaCortex. "Why is there no email validation for the signup form?" Yvonne repeated, speaking slowly and clearly.

119 comments - Last comment @ 2022-11-20

Make It Work

by Lorne Kates in Feature Articles on 2014-04-01

Update 2014-04-02 10:07pm (EDT): direct downloads are now hosted on thedailywtf.com instead of Soundcloud. Break out your decoder rings, mix up a glass of Ovaltine, and don't touch that dial! It's time for...

Radio WTF Presents!

Today's episode: "Make It Work", adapted for radio by Lorne Kates, from a submission by Mitch G.

118 comments - Last comment @ 2023-08-09

Recent Feature Articles