N++ , nuff said. Plain as plaintext .

Mhm my windows just went full retard on me and I was such a mastermind that before I installed win10 I installed a kali linux so that when the windows would fail to boot then and only then would kali boot up to save my arse...then again , apparently , grub dislikes windows over it so...I'm just sitting here...in my kali cave , with kali only booting when my phone is connected via usb (?) searching like mad for a usb stick...I made this whole failsafe thing so long ago I barely remember how I did it...

I like complainers... So... Someone who works 9-6 (and is often late by half hour and leaves at 6 sharp also takes extended lunch break) complained to my manager that I'm late for work , which I am , no denying , but , I take no lunch break and I work until 7:30-8 . Why on planet earth would you even care to make a complaint about someone whose manager you don't even know ? What the fuck kind of a person even does that ?! No one in my office has any kind of direct interaction with me , no idea of the work I do yet someone found it fitting to complain . Anyway , manager didn't even listen to the guy so I'm good...just pissed at haters .

So...new intern , table paired to mine , get my hopes up that it's hopefully not another stuck up uni kiddo , hopes get ruined . He asked me my name and what I do , when I told him I do product security his reaction was 'oh so you're not a dev ?' . Go.eat.shit.and.choke.with.those.alienware.headphones. he didn't even listen to what I had to say about that , just put on his headphones and ignored me . Prick.

Frigging jvm crashing god every god dammed time...Here I was all jolly about to start presenting a report to my team , I hadn't exported it to HTML yet so I was presenting in the app . Half an hour goes by and it's all good no problems , manager suggest I export a report and pass it to everyone . The moment I right click jvm HANGS THE APP . I try to save the session file but fail horribly , the temp file only has unreadable , unimportable data...fml now I have to go back through all that from memory...

!rant
How many of you guys take security into consideration when developing an app ?

@dfox Could we also get watches on the right hand ? I've been wearing mine on the right hand ever since I've started wearing a watch and I feel awkward wearing it on the left :)

Area of focus...leaving a couple tests running while I go enjoy a coffee on the balcony and focus on making the payloads more serious/articulate/real .

So...Today I found an SQLI (sql injection , google if you're not aware) in one of our products , I start exploring it , I get my trusty Kali on me workstation . sqlmap etc. Tell my manager it's a true positive... I start exploring the db , half the devs at my manager's place start staring at his screen as I proper fuck a QA db server... I hear a qa guy mention triangulation as sqlmap dumps a uid table in his face . I hear my manager's manager saying 'this has been in our app for so long and we found it just now ? Who found it ?' *manager proudly saying me name* 'He's still working this late ?' ...apparently now my trip to england is getting covered for both me and me gf by the company...

Bug is not fixable

I get these as I have to submit security issues as bugs and then help whoever is in charge of the fixing find and implement a good solution. But apparently , nope . In some devs opinion , sqli issues are not fixable .

Hmm...recently I've seen an increase in the idea of raising security awareness at a user level...but really now , it gets me thinking , why not raise security awareness at a coding level ? Just having one guy do encryption and encoding most certainly isn't enough for an app to be considered secure . In this day an age where most apps are web based and even open source some of them , I think that first of all it should be our duty to protect the customer/consumer rather than make him protect himself . Most of everyone knows how to get user input from the UI but how many out here actually think that the normal dummy user might actually type unintentional malicious code which would break the app or give him access to something he shouldn't be allowed into ? I've seen very few developers/software architects/engineers actually take the blame for insecure code . I've seen people build apps starting on an unacceptable idea security wise and then in the end thinking of patching in filters , encryptions , encodings , tokens and days before release realise that their app is half broken because they didn't start the whole project in a more secure way for the user .

Just my two cents...we as devs should be more aware of coding in a way that makes apps more secure from and for the user rather than saying that we had some epic mythical hackers pull all the user tables that also contained unhashed unencrypted passwords by using magix . It certainly isn't magic , it's just our bad coding that lets outside code interact with our own code .

Yep...another shitload of deathfreezing eyeblinding snow...hopefully I won't be dealing with the Indians today...

Woke up this morning to a fucking giant snowstorm and my first reaction was 'fml' , poured some coffee , lit a smoke and started checking my work mail 'Issue xxxx response : Not solvable '...what the...I go through the files on my phone , look at what that issue was : lack of proper validation , filtering and encoding of input thus enabling xss . Not solvable my ass ...simply adding literally 3 more characters to that fucking retarded filter would stop all the bypasses . This issue is a showstopper for their project and that is what they answer ?
Sorry to indians out here but some of your colleagues are as stupid and unimaginative as they can possibly ever come .

I work as part of a small international team in a big corp , we work product quality of sorts but work closer to dev than qa , last week we found several giant issues and reported them in . Dev and Qa teams of said project are Indians . Meeting starts , two of my colleagues are indian as well , so dev , qa and all the other involved parties from india decided they should join in from the same conference room . My manager(he's a brit) presents the issues . Dev manager starts talking , qa manager talks over him , they start to formally yell at one another . One of them (couldn't figure out which one) started asking my two colleagues which one of them found these issues . At this point I had already passed a headphone to my ex-colleague who still sits next to me , he looks at me when he hears the question . I panic . Colleagues say they don't know (*phu* I didn't CC them in emails and my manager didn't tell them ) . My manager tells them to calm down , take responsibility and find solutions else he'll veto the product back into fullblown development . Other managers start growling and fighting again (more than 10 people were in the same room arguing) me and my ex-colleague decide to go take a coffee since I didn't have a saying in the meeting . We get back 10 minutes later , indians are still arguing over my manager trying to explain the issues a 4th time . I IM my manager and ask to drop the meeting , he gave me the ok and I dropped out, my head was hurting after an hour long meeting of angry indians arguing in a conference room and it kept hurting the whole day...yeah...meetings...fun time...

Apartment owner tells me to get out for a few hours while he repairs some stuff around the house . Get laptop , get wallet , go to kfc , go to order , only have money to get a large coke and a coffee , set up laptop , start working on my 2D game project , one hour later hobo comes in and begs around for 2 mins , before the guard catches him , he goes to order instead and gets a large duo bucket with coffee ...fml being a poor dev before paycheck...