Weird and Cringe things you've seen while working in IT - Since everyone is too lazy to make such a thread where IT bros can vent

[Vyse Inglebard]

I'm pretty fucking sick of it at this point what would you guys do? Look for another job? Bear in mind I'm not at management level and for the work I'm doing the pays shite.

+1 for the GTFO crowd.

and burn everything down on your way out

 

[Disco Inferno]

While doing routine maintenance, I found an active printer that hasn't had a firmware or driver update since 2015.

For the last 4 hours, I've been manually checking the driver/firmware version of every printer and scanner. I have no idea how this went unnoticed for almost 10 years.

 

[jeff7989]

Was there any benefit for updating printer firmware? Unless it has network capabilities, what's the point. My HP laser printer has pending updates, and I bet that it will be fresh blacklist for "non-genuine" toner.

 

[Celebrate Nite]

Was there any benefit for updating printer firmware? Unless it has network capabilities, what's the point. My HP laser printer has pending updates, and I bet that it will be fresh blacklist for "non-genuine" toner.

Last place I worked for would just use a generic driver for every printer. Only people in the office that had it different were those supervisors/team leaders that had their own special printers that could also print color while the rest of us plebs used black'n'white only.

As long as the IP was online on the network and people could print to it, nobody cared... until they broke down, and then the chaos would ensue.

 

[Susanna]

Last place I worked for would just use a generic driver for every printer. Only people in the office that had it different were those supervisors/team leaders that had their own special printers that could also print color while the rest of us plebs used black'n'white only.

As long as the IP was online on the network and people could print to it, nobody cared... until they broke down, and then the chaos would ensue.

IPP has done so much good for printers. I have an old HP laser that would still be brilliant, if it weren't for the horrible, horrible driver. On Windows you have to install super old adware to get the driver (you can then uninstall the adware, but it's still awful practice), and on Linux you have to use weird utilities to extract the driver file from the adware installer. For a while I had it connected to a Raspberry Pi whose only purpose was to be a SAMBA print server just so this old printer would work without requiring this awful driver on every device. Apart from that, it was a brilliant printer. Never once broke down or jammed, and the toner lasts forever. But I replaced it anyway, with a Brother laser that supports IPP. I don't doubt the official drivers still come bundled with adware, but thanks to IPP I don't have to bother, it just works.
Thanks Apple! If it weren't for AirPrint requiring IPP support, we'd probably still be forced to install malicious "tools" from the OEMs to use these things. Printers are by far the worst computer peripheral, which is frustrating since they're also literally the oldest computer peripheral, predating PCs by several decades.

 

[ZMOT]

Printers are by far the worst computer peripheral, which is frustrating since they're also literally the oldest computer peripheral, predating PCs by several decades.

wait till you have to deal with scanners...

 

[Gatdam Animal Person]

You’ve probably heard of the countless stories about companies getting fucked by phishing attacks. In order to hide under the radar, phishing actors are using legitimate services for their nefarious needs.
They can also breach legitimate corporations and use them as their attack vector.

As I was doing my IT stuff, I received a call from an user asking for help with opening a document. She received an email from a known client (she had a back and forth with him), and explained the following:

• The message contained a link pointing to a Sharepoint (first red flag);
• After clicking on the link, it showed a OneDrive folder containing one single PDF file;
• Opening the files, it displays a picture of a blurry document with an overlay saying “Please open the scanned attachment” (second red flag);
• When she inevitably clicked on the link, she was greeted with a red screen from Microsoft Defender SmartScreen stating "This site has been reported as a phishing threat".

As I attempt to tell her “Let me look deeper into this”, she kept being mad at me because of my tone (direct and no-bullshit), said she wasn’t dumb, she knew who the recipient was and threatened to call her manager… All I’m trying to do is to prevent disaster, and I’m afraid she walked right into their trap.

Managed to check the email by myself, it smelled as fishy as how she described it to me. I made a copy of the email and took a few pictures, and asked her to report it as phishing. She already clicked on the links in questions, so the damage has already been done.

When I relegated the info to my boss, she took a quick glance, and just spouted “SEEMS LEGIT”. There was no jumbled sender address, and the message was truly sent from a trustworthy source “sharepoint”. She then showed us an example of a true & honest phishing attempt (QR code with jumbled address), something that was completely irrelevant to the main issue. I don’t think she understands the consequences of this.

AFAIK the sender might’ve had a breach, and the pajeets are sending emails to anyone that could take the bait. If Microsoft Defender didn’t do its job, we might’ve been fucked for real. Either a cookie stealer, ransomware, or anything you could think of.

It clearly shows that there’s a lack of training for both the users and our IT team.

 

[Verpa Teutonica Ingens]

The codebase that my team currently works on has a disturbingly frequent usage of
Optional.ofNullable(someObject).isPresent()
to check if an object is non-null, instead of just
someObject != null

It gets worse, because it's often in the form of
Optional.ofNullable(someObject).isPresent() ? someObject.getSomeValue() : getSomeOtherValue()
or
Optional.ofNullable(something).isPresent() ? something : fallback
or even
Optional.ofNullable(something).isPresent() ? something : null

I suspect that it comes from the (stagnant and diseased) flesh equivalent of ChatGPT hearing "you should use java.util.Optional instead of a bunch of null-checking ternary expressions", associating uses of Optional with good code and uses of null-checks with bad code, but failing to understand or even try to learn how to use Optional, so it just continues to shit everywhere as its nature dictates - now made even worse by gaining half of a chunk of knowledge.

It may also be an attempt at generating artificial job security by means of a "life hack", if the performance degradation is more than marginal, or at least perceived to be. The JVM's fancy JIT compiler has become unexpectedly sophisticated over the years, at least by Java standards, but I doubt even it could handle this level of horror.

 

[Celebrate Nite]

Microsoft Defender

I'm legit surprised you guys are actually banking on that instead of using any other corporate antivirus.

But considering your boss sounds like a complete bint, it's no wonder.

 

[Gatdam Animal Person]

I'm legit surprised you guys are actually banking on that instead of using any other corporate antivirus.

But considering your boss sounds like a complete bint, it's no wonder.

There are some that relies on Microsoft Azure's offering. There's others that relied on CrowdStrike. Guess who got RAPED?

It's a very convenient infrastructure that just werks™* for the lazy Sysadmin, however at the same time it's way too easy to abuse if you know what you're doing.

 

[mister meaner]

thank god our work ended up using sentinel one and not crowdstrike

 

[Susanna]

Needed to get a new piece of software installed, so I had a techie remote into the computer to install it for me. He struggled a bit with the driver (there was no W10 option available so I eventually had to tell him to just click Vista, since apparently he didn’t realise that decade-and-a-half old weird engineering stuff seldom ships with up to date drivers but the old ones usually work just fine). Between each of his inept attempts to pick seemingly random folders to try loading .infs from rather than just clicking one of the Windows versions in the folder named Drivers which the file picker defaulted to, he had to enter his administrator’s password. He evidently got fed up with this, so he typed his password out into notepad and copied it. Without blanking the screen. It was easy to memorise, evidently IT have way less stringent length and complexity requirements than the rest of us, but I didn’t even need to because he then forgot to copy something else to wipe it from the buffer.

I’m sure we have a policy to report compromised accounts for a reset or something, but having admin credentials makes my work way more convenient, so I won’t. This guy seriously dragged out installing an old industrial IDE from being a ten minute process (most of which is copying files from a CD) to well over an hour ordeal.

 

[Mortan Shekelstorm]

Working with jeets and dealing with jeet customers. Working with jeets in IT in my experience is hell, they can hardly speak English and prefer using Hindi and know nothing about computers or software. Worse yet they need hand holding for everything, I was new on the job but because I wasn't a 45iq jeet I was placed to train them, instead of actually getting trained on their systems, I was telling jeets how to install a update or restart the computer. None of them seem to actually take the time to read the prompts and I can just read it back to them. I worked mostly in the back as I couldn't get trained on frontend stuff with the amount of jeet interference.

 

[There Is Light At The End]

Now, onto classics - porn on computer. Once one of my colleagues got a laptop to configure for one of higher ups to go to remote work. Laptop was corporate. Porn was "hidden" in all users folder. In video. We all shared a hearty laugh. His reason - it's boring in hotel

 

[HahaYes]

As I was doing my IT stuff, I received a call from an user asking for help with opening a document. She received an email from a known client (she had a back and forth with him), and explained the following:

• The message contained a link pointing to a Sharepoint (first red flag);
• After clicking on the link, it showed a OneDrive folder containing one single PDF file;
• Opening the files, it displays a picture of a blurry document with an overlay saying “Please open the scanned attachment” (second red flag);
• When she inevitably clicked on the link, she was greeted with a red screen from Microsoft Defender SmartScreen stating "This site has been reported as a phishing threat".

Yeah that's a pretty run of the mill campaign structure tbh, you see it a lot these days

I'm legit surprised you guys are actually banking on that instead of using any other corporate antivirus.

Smartscreen isn't exactly defender 365 EDR. It's embedded in a large amount of 365 applications by default and gathers intel from various TI databases, then uses that information to dictate what to block or not (in this case a domain navigation initiated by the user), it's built to work alongside a TI/TH team and your other implemented tools to help secure the environment in a preventative manner. 365 suite as a corporate product isn't too shabby though, I've seen it pick up things even CS and SentinelOne have missed. As an aside, you can run 365 suite in tandem with another EDR on the same host as 365 is built to force itself into passive mode once it detects that another EDR is present

 

[Kiwi Lime Pie]

AFAIK the sender might’ve had a breach, and the pajeets are sending emails to anyone that could take the bait. If Microsoft Defender didn’t do its job, we might’ve been fucked for real. Either a cookie stealer, ransomware, or anything you could think of.

Not only that, a data breach today is a good way to alienate one's customer base or end up out of business if you can't restore everything that needs to be.

Sad to see how the lack of thinking skills today has people convinced these suspicious scam messages are 100% totes legit emails that are safe for link clicking.

The codebase that my team currently works on has a disturbingly frequent usage of
Optional.ofNullable(someObject).isPresent()
to check if an object is non-null, instead of just
someObject != null

It reminds me of a case study in one of my CS textbooks where someone discovered that it took less processor time to do additions versus multiplication and redid the code to use looped addition for multiplication operations to save time. The time they saved during a typical data run was less than a handful of seconds for all the time and hassle they expended making the change.

This appears to be a similar bright idea that makes it look like something important is being done only to have it be a simple operation that's implemented in the most inefficient way possible.

Thread tax: One of the IT projects a coworker and I had to work on involved a client of ours asking us to take over the programming of a software application that had fallen way behind schedule under the previous programmer. We had a chance to have a quick onsite look at some of the source code before we made a copy to take back to our office. Calling the code a hot mess would have been a diplomatic understatement:

• No use of Option Explicit
• Counterintuitive variable names, undeclared variables, and misspelled variable names - the latter of which would be caught had Option Explicit been turned on.
• Unconditional branching all over the place.
• Absolutely no logical thought whatsoever behind the program flow.

As I copied the code to take it back to our office, my coworker talked to the programmer from whom we took the project over. The latter absolutely insisted his programming skills were top-notch even though his spaghetti code told us a different tale - prompting my coworker and I to shake our heads in disbelief on the drive back to our office.

 

[Susanna]

It reminds me of a case study in one of my CS textbooks where someone discovered that it took less processor time to do additions versus multiplication and redid the code to use looped addition for multiplication operations to save time. The time they saved during a typical data run was less than a handful of seconds for all the time and hassle they expended making the change.

I find that anecdote dubious. Looping additions to get faster math over using multiplication has been a thing since the 70s, and it’s not some sort of obscure theory, it was very widespread practice in early microcomputer games, since it wasn’t until the i386 PC that the hardware actually became a little bit not garbage.

 

[Gender: Xenomorph]

Working with jeets and dealing with jeet customers. Working with jeets in IT in my experience is hell, they can hardly speak English and prefer using Hindi and know nothing about computers or software. Worse yet they need hand holding for everything, I was new on the job but because I wasn't a 45iq jeet I was placed to train them, instead of actually getting trained on their systems, I was telling jeets how to install a update or restart the computer. None of them seem to actually take the time to read the prompts and I can just read it back to them. I worked mostly in the back as I couldn't get trained on frontend stuff with the amount of jeet interference.

Sometimes they think they know better because they learned from some shitty wrong or outdated tutorial, and they will adamantly defend their knowledge and think you are wrong.

Have fun!

 

[teriyakiburns]

It clearly shows that there’s a lack of training for both the users and our IT team.

It sounds to me like the manager has had plenty of training, but doesn't actually understand any of it and only applies what she learned by rote. This is far more common than you'd want to believe.

 

[burntKale]

Working with jeets and dealing with jeet customers. Working with jeets in IT in my experience is hell, they can hardly speak English and prefer using Hindi and know nothing about computers or software. Worse yet they need hand holding for everything, I was new on the job but because I wasn't a 45iq jeet I was placed to train them, instead of actually getting trained on their systems, I was telling jeets how to install a update or restart the computer. None of them seem to actually take the time to read the prompts and I can just read it back to them. I worked mostly in the back as I couldn't get trained on frontend stuff with the amount of jeet interference.

I hope yr place ain’t like mine because most jeets are placed on the front, and golly let me tell you.

Appearance wise the front’s okay, but damn the functionality’s just… terrible… have you ever seen a payload that has a fake json nested inside a json nested INSIDE a json sent over the fucking network.
It’s just like the simple concept of foreign keys is foreign to them (ironically).