why stackoverflow sucks

In my series of “why x sucks” articles, today I add AskUbuntu.com, one of the off-shoots of the StackOverflow collection of forums.  If you’ve not yet had the opportunity to go there for computer or software support, I’d strongly suggest against it.

I learned from before that StackOverflow is populated by packs of people who in real life you’d want to punch in the face. That probably sounds like a mean statement if you’d not had any interaction with these people. The big problem with the forum’s system is that it accidentally rewards power-hungry assholes.

And today’s PHA appears to be none other than CelticWarrior who takes little effort in solving problems but every opportunity to show to others on the forum that he’s claimed it as his turf.

Next, mark-ysiri jumps into the conversation to backup the bullying by CelticWarrior, suggesting that my advice is “low quality” and without offering any advice to the OP.

Immediately, a seemingly kind-hearted person named fabby jumps into the conversation to suggest to me that I ought to simply delete my post to avoid the negative down-ticks of reputation. Basically, he’s supporting that anyone who’s a noob should just not post. He means well but I’m really not into self-censorship as you might have guessed from my own posts here.

I’ve now been informed there that helping people with hardware-related problems is considered “off-topic” by the collection of software-loving folks who frequent the forum on a Saturday, you know, that day that people are usually out there enjoying the sunshine. I suppose for the person whose computer needs possibly a better driver, then they’re totally screwed on that forum.

Oh fun, and not two minutes goes by but fabby now is closing the topic because he’s ruling it off-topic and the original author is screwed out of any support whatsoever.

Read it and weep

Advertisements

crowd-sourcing your bugs

Most of us in the contracting space are interested in alternate ways of making money. Personally, I enjoy straight programming to almost any other means of earning it but I discovered something recently that looks interesting. There’s a website now that seemingly pays for finding bugs in the code of others. As programmers we are often good at spotting problems early and we’re probably the best at finding them. Troubleshooting is usually something that isn’t seen as a profit center so why not flip things and make some money doing it?

Bugcrowd.com

Enter the new website which appears to be crowd-sourcing the problem of code testing. Various companies then work with the website to outsource this task to others who attempt to identify a problem worth fixing. If they decide that it’s indeed a bug then they usually pay some form of money to the researcher.

My Anecdote

From my own limited experience, I created an account, reviewed the many offers and picked the Tesla Motors website to look for security problems. Within an hour I identified something from a third-party webtiming partner which turned out to be flagged by Microsoft Security Essentials as the Win32/Spursint.A Trojan. (Not bad for just an hour’s work, I thought.) I then wrote up my findings and awaited  a response. Someone  did respond within 24 hours.

But then the fun began as I attempted to communicate what I’d found. Since they couldn’t recreate what I’d seen they submitted the linked JavaScript to other antivirus sites which found it to be clean.

Next, I tried to explain the nature of the Akamai network of caching servers and how a local version of their server might be delivering different content than what I’d received: some get the Trojan and some do not, in other words. Again, this was falling upon deaf ears.

I then tried to convince them that development-related timing code isn’t normally pushed to production, that their build process should have groomed this out in the first place. Again, no sale. They just didn’t want to hear that their third-party JavaScript provider could have been compromised. Lesson learned: don’t waste your time twice with the same company who won’t listen to reason.

Closing Thoughts

Will I use Bugcrowd again? I like the concept. I think I had rather spend my time, though, in a more fruitful venture with a less risky return.

New wisdom: Avoid systems in which you perform labor and then someone else decides whether or not your labor deserves getting paid for. Oh, and unless you have an up-to-date virus checker you may want to avoid the Tesla website since it sometimes delivers a Trojan to your browser.