I never expected employers to provide snacks and beverages but it is demoralizing when executives take away such perks but continue to fly first-class for the same cost as buying a month of snacks for everyone.
Like when you have to clock in and out at lunch time, but work unpaid overtime and weekends.
Or when you lose admin rights on your own PC
Or you have to start wearing a tie.
For me it was when we had to start signing in and out with a time. Supposedly this was for fire safety, but never seemed to apply to VPs.
We worked on banking systems and often had to work all nighters while the bank was offline. The time tracking system couldn't cope with the concept of being on shift for >24hours - the HR people treated us like it was our fault. Their solution was that we all went out at 23:59 and signed back in at 00:01 and that would solve the problem WE had created.
Generally working unpaid overtime for a long time and then during a quiet patch coming in early and leaving early (5-10 minutes early). I got personally told off by the team lead.
Having a virus checker on my machine that I could not remove on pain of huge financial penalties. It scanned every input, intermediate and output of my compiler and turned the computer into a sloth. Didn't help that the final output was 230mb in size (and had a translation step into another 230mb executable). I tried in vain to get exceptions added but to no avail.
These little things slowly chip away at you and you later realise that you left for the wrong reasons - but it is too late.
It forced me to confront my unquestioning love for creating computer games and made me realise that making games can be fun, but can also be as much as a drag and grind as programming anything else. There is always plenty of meat for the grinder (read shiny-eyed students) coming into the industry to justify low wages and many of my co-workers were burnt out.
So I listened to my wife and moved backed home to New Zealand. I worked in a variety of other positions and decided that I'm not going to be satisfied in any particular 9-5 job for long. The next chapter is being written right now as I continue in my current 9-5 while spending all my free time working on Gridspy (http://gridspy.co.nz) which is the startup that will eventually set me free.
When I say free, I mean it will still be a lot of work, but I will be in control of my destiny. I'll decide what features to work on when, which technology to use and if we will have free lunches and soda. Hopefully I'll manage to democratise the process enough that everyone can enjoy themselves just as much as we grow.
There is a first time for everything I guess - somehow my FTP account was compromised and a script added to the end of the page that injected code into the page.
The script has been removed and the FTP account blocked. The logs indicate that the work was done by a botnet, quite interesting. One IP logs in and gets a file, another (different IP) logs in and replaces that file.
The static content that was compromised is stored on a separate server with separate passwords from the machine that hosts my actual application and associated data.
What really concerns me is how that password got into the open (the logs do not indicate brute forcing). Virus checking here we come!
Perhaps some machine on the wire between the two servers is a member of the botnet? You might want to switch to SCP, HTTPS upload, ipsec tunnel, or something else that'll at least be a speedbump to attackers.
Further info for those interested: My developer machine was infected with the Kryptik trojan. Using WireShark I could see that I had become the proud member of a botnet, it probably found a saved password for FTP on my machine and compromised my server that way. Makes me feel all dirty inside watching my computer send viagra emails and receive "sorry, you are blacklisted" responses.
All the passwords have been changed and the relevant computer quarantined. I'm still working on removing the virus, seems to be using drivers to mask its presence from the virus checkers I am using. I've got some ideas based on using a scanner on a live-cd.
What is really fun is that the virus definition for the trojan was added to NOD32 after I was infected, so I don't know how much help a virus checker would have been, if it was installed.
That will learn me for leaving saved passwords on an otherwise secure machine.
I used an external hard disk drive caddy to mount the infected HDD on another machine. I then used Malware bytes to scan the HDD. It found Trojan.Agent on the hdd (in a dll inside windows/system), which it hadn't found when malwarebytes was run directly on the infected system.
The infected computer has ceased sending suspicious packets. I don't know how I am going to trust this machine again.
FTP is plaintext. You'd be surprised how easy it often is to become a middleman to a transmission on the open internet. Just always assume all ftp passwords to be released to the world when you transmit them. (Or, just don't use it.)
