this post was submitted on 26 Jul 2025
884 points (99.0% liked)

Programmer Humor

25425 readers
942 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
884
I wonder if this was made by AI or a shit programmer (gregtech.eu)
submitted 1 week ago by lena@gregtech.eu to c/programmer_humor@programming.dev
178 comments fedilink hide all child comments
 
top 50 comments
sorted by: hot top controversial new old
[–] zarkanian@sh.itjust.works 13 points 6 days ago (1 children)

These people should serve jail time. I'm not kidding.

[–] percent@infosec.pub 8 points 6 days ago* (last edited 6 days ago)

I'm no lawyer, but this seems like at least grounds for a class action lawsuit, I would think. Like, it seems like privacy and security is implied (however ironic for an app like this) when requiring users to upload their PII.

Also, I assume their privacy policy didn't mention that they were just gonna publish their users' PII.

[–] NigelFrobisher@aussie.zone 8 points 6 days ago

You could say they “spilled the tea”.

[–] gonf@lemmy.world 5 points 6 days ago

Almost definitely both were involved.

[–] m3t00@lemmy.world 5 points 6 days ago

dev came from marketing. pictures wouldn't show up with all that security enabled.

[–] HugeNerd@lemmy.ca 2 points 6 days ago

Guess someone spilled the tea

[–] m3t00@lemmy.world 2 points 6 days ago

crack heads, meth heads, what's the diff

[–] Stillwater@sh.itjust.works 306 points 1 week ago (10 children)

Believe it or not a lot of hacking is more like this than you think.

[–] hoshikarakitaridia@lemmy.world 118 points 1 week ago (8 children)

Social engineering is probably 95% of modern attack vectors. And that's not even unexpected, some highly regarded computer scientists and security researchers concluded this more than a decade ago.

[–] spankmonkey@lemmy.world 69 points 1 week ago (4 children)

When the technical side reaches a certain level of security, the humans become the weakest link.

load more comments (4 replies)
load more comments (7 replies)
[–] Monument@lemmy.sdf.org 41 points 1 week ago* (last edited 1 week ago)

Many years ago, I discovered that my then-employer’s “home built” e-commerce system had all user and admin passwords displayed in plaintext at home/admin/passwords.

When I brought this to the attention of leadership, they called the “developer” in and he said “oh, well, that’s IP locked, so no one on the web can access it!” When I pulled it up on my phone, he insisted my phone was on the work WiFi, despite it being clearly verifiable that was not the case. (The same work WiFi that had an open public connection, which is the one my phone would have been on, if it were on it…)

He did fix that, but many other issues remained. Eventually a new COO hired someone competent as his ‘backup’, replaced our website and finally suggested he pursue other employment opportunities before he could no longer voluntarily pursue them. (There was concern he might sabotage.)

load more comments (8 replies)
[–] skip0110@lemmy.zip 164 points 1 week ago (2 children)

AI just enables the shit programmers to create a greater volume of shit

[–] Hasherm0n@lemmy.world 5 points 6 days ago

My favorite one I've seen so far was "AI can take a junior programmer and make them a 10x junior programmer."

[–] Asetru@feddit.org 35 points 1 week ago

I'll tape this to my office door.

[–] taiyang@lemmy.world 95 points 1 week ago (1 children)

This reminds me of how I showed a friend and her company how to get databases from BLS and it's basically all just text files with urls. "What API did you call? How did you scrape the data?"

Nah man, it's just... there. As government data should be. They called it a hack.

load more comments (1 replies)
[–] ignotum@lemmy.world 85 points 1 week ago (2 children)

I remember when a senior developer where i worked was tired of connecting to the servers to check its configuration, so they added a public facing rest endpoint that just dumped the entire active config, including credentials and secrets

That was a smaller slip-up than exposing a database like that (he just forgot that the config contained secrets) but still funny that it happened

[–] PattyMcB@lemmy.world 45 points 1 week ago (2 children)

That's not a "senior developer." That's a developer that has just been around for too long.

Secrets shouldn't be in configurations, and developers shouldn't be mucking around in production, nor with production data.

[–] josefo@leminal.space 2 points 6 days ago

That's just a senile developer

load more comments (1 replies)
load more comments (1 replies)
[–] fmstrat@lemmy.nowsci.com 70 points 1 week ago (11 children)

Peak Vibe Coding results.

load more comments (11 replies)
[–] EmilyIsTrans@lemmy.blahaj.zone 44 points 1 week ago (5 children)

I absolutely despise Firebase Firestore (the database technology that was "hacked"). It's like a clarion call for amateur developers, especially low rate/skill contractors who clearly picked it not as part of a considered tech stack, but merely as the simplest and most lax hammer out there. Clearly even DynamoDB with an API gateway is too scary for some professionals. It almost always interfaces directly with clients/the internet without sufficient security rules preventing access to private information (or entire database deletion), and no real forethought as to ongoing maintenance and technical debt.

A Firestore database facing the client directly on any serious project is a code smell in my opinion.

load more comments (5 replies)
load more comments
view more: next ›