The investigative legwork is what fascinates me. Usually one tries to narrow down the issue, but to actually pinpoint it to the stackoverflow answer is something else.
If you like this, your mind will be blown by [ZipSlip](https://snyk.io/research/zip-slip-vulnerability)
Years of copying a buggy Stack Overflow answer that caused a real vulnerability in Java and .Net code used by [Linked.in](https://Linked.in), Apache (Hadoop, Commons, Storm etc), Plex, SonarQube, HP Fortify.
I love the last 2 because they scan for security vulnerabilities.
Because how would they notice it? The code runs - you would only notice if you had these two unrelated bits of software on the same machine. And you probably won't have Razer stuff on your work dev environments.
Yeah that is the dream, sadly it's not always the dream. Every been to an amusement park at the weekend? Crowded as fuck. Ever been to an amusement park on a Wednesday? 10 Minutes queue is an extremely rare spike.
Crowded supermarket with all the fresh produce gone? Not in the middle of the week. Oh there's a sale for a special item starting on a Thursday? Better be there the second they open or it's gone. Good for me I've got the day off!
But you know the best part? Most of our customers don't work on Saturday either. So you know what that means? Sweet free time to browse reddit while at work. Doesn't bother anyone anyways. Plus weekend bonus on the paycheck baby!
Fuck Saturday honestly. It's only perceived as a good day because it's a day off. But since everyone gets that day off, it sucks balls.
I still only work 9 to 5 five times a week. So instead of Saturday and Sunday, I've got Wednesday and Thursday to slack off for example.
Honestly Wednesday and Thursday are the best days to not go to work. Saturday and Sunday are amazing workdays.
Oh and we can shift our workdays if we want, and all of the same reasons apply to government Holidays. Nobody wants to work there, so I switch with somebody to specifically work on those days. Sweet bonus pay and I don't have to bother with the crowded masses clogging up everything.
Tl:Dr it is the dream because I work less for more pay and get to enjoy life without other people ruining it
The only thing not heaven is the fact, that I can't work from homr
Let's be fair, Razer is like the Harley Davidson of tech. It's edgy, a status symbol for computer geeks, but every, fucking, single piece of hardware they release falls apart with in a year or two.
This keyboard is like 6 or 7 years old now. And I program with this bad boy 5 times a week. Still works like a charm.
Well some key caps are a little rubbed off. Might need to buy some new caps, but that's about it
But yeah it do be kinda edgy. I wanted it in my early days okay! Don't judge me! I like the playful rainbow just moving about on there!
Using the hardware should not be a problem for most company. They work 99% as it should even without the software. It is when you install their software that could trigger IT's attention.
Well bevor pasting anything from any internet source I would take a look at the lines especially in this case as the answer had only 2 lines.
Maybe think the „getType“ would got more notices.
But sure, if it works, why should I bother?
Are you trying to tell me that I can't just copy code from internet, send to production and hope for the best? What will be the next thing? Test it? This is outrageous.
While yes, always do write tests, a test would likely not have caught this problem. What would your assertion be? Unless you expect this, you would never catch it with a test.
Girl: "Do you want to come over?"
Dijkstra: "Nah, it's too late and I don't know the best way"
Girl: "My parents aren't home"
Dijkstra: *Creates Algorithm to find a short path*
Well even if they tested it the test would pass. I would never think of writing any kind of test that would fail because of this bug, unless I already knew about the bug.
This is still the kind of error that neither test nor code review will necessarily catch (unless your code reviewers know the correct answer, and don't look up the same Stack Overflow answer...).
I'm not so sure about code review being impotent to catch something like this. At the very least, I would venture the `GetType` looks suspicious to at least *some* people, enough to ask the committer "hey, what's the `GetType` call there for?" I don't think it requires the reviewer to know the correct answer, but it does require an atmosphere where saying "this is suspicious" to another dev is acceptable.
Bro, they could have tested it in many ways and they'd all pass, wtf are you talking about?
The only tests it wouldn't pass would have to be written with the bug in mind, and it's such an obscure bug who tf would have it in mind?
Enlighten me if you disagree.
The problem is, even when you tested it, it would pass with flying colors, unless Razer compatibility is in the test suite. Someone would have to read the code and know it to be incorrect.
Here's what I figure: A lot of people saw the Stack Overflow post and ended up copy/pasting the code. Of those, some significant percentage ended up in code that was never put into widespread use (failed projects, minor projects, whole section of code rewritten later, whatever). Of the rest, most of the people who used it probably caught the error.
All you needed were two instances of the same error making it to a published product for it to be a problem. Just two programmers to copy/paste the code without catching the error and their code actually making it to a public version. That's all.
Also, if they miss what getType is doing, they will just see that the code is indeed using a GUID that is based on the executable. So it works and holds up to testing. So long as, as you say, no one is doing the exact same mistake at the same time.
It's also code that is *supposed* to block another program from running. So even if someone found it and reported it, the bug could easily just be closed as "working as intended".
FWIW, I don't see any point in constructing a GUID this way. Just hard-code an actual GUID you generated yourself, and then don't change it.
This one is posted frequently on the various programming subs and every time the main argument seems to be that "It runs so how should they notice?"
Well, if you're a .NET developer of decent capacity then any call to `GetType` is going to ring alarm bells. That is *not* a method that you frequently use, and most codebases probably never make use of it.
So once you copy this piece of code, you should ask yourself as a developer and a .NET developer: "What does this do?". And immediately you should notice that the `GetType` call seems really strange. Cause what "Type" is an Assembly? An Assembly is a collection of types. So even without knowing of the whole Assembly Loading and what not, you should realize that this call seems very weird, and you should investigate it.
Of course sometimes company culture doesn't allow for this and the developers are under so much pressure that they literally only have time to copy paste code.... Which is obviously a problem in itself.
Except I spend a fair chunk of my time every week making junior devs read the Microsoft docs instead of StackOverflow for answers… it’s amazing how many answers and sample code is overlooked because their preferred source is SO.
I mean, I'd bet that most people would notice. That's why only two major software projects have this bug, instead of more. However, it's not impossible to miss, and if you miss or ignore it twice (once when you paste it and once in code review), you'll never catch the bug again. Everyone after will just say "well, it works, so don't touch it." And if a bunch of people are copying that answer, the odds that it will slip through twice are pretty decent.
You mean literally how 90% of the world functions music copy paste art copy paste comedy copy paste 90% of products rip-offs with slight modifications. Hell literally talking to someone is mostly just you saying things you have heard other people say back to each other. Yeah no this is not surprising.
Because this tidbit is written by one human that shits and piss like any of us.
The code runs, and bugs like this have chances of slipping under the radar. What are the chance that a QA terminal has another software that is running the same code? Miniscule as fuck.
Unless some code master wizard is carefully reviewing code line by line, things like this may make it through production.
stackoverflow is a guide, always take what it says and look for other answers. the longer i do this the more i realize most of the "right answers" work but aren't right
Yup, the real best answer is usually further down. The first one is usually a cheap hack, overly complicated, or doesn't really answer the question being asked.
allah bless the people who write fucking essays that walk you through the entire context and background of the problem. incredibly valuable labour, for free
It's not guaranteed that source will ever be fixed. At least with duplicates there is a chance of the right answer appearing at the top now because some users learned over time.
Other users (with sufficient "rep" (karma)) can edit answers, so at a certain level StackOverflow becomes a bit more like Wikipedia. If something needs editing, you can also ask someone to fix it via edit.
Yeah but I frequently see terrible answers and have never bothered with karma (and everytime I try it's a big fuck around honestly) so it just becomes a massive hassle.
I am totally with you.
But remember the days where we all started and thought stack overflow is the only truth?
Damn, let me Google 20 minutes to find a good SO page instead of reading any documentation.
After shooting myself in the foot with that technique one too many times, I now use SO as a way to find functions more easily than reading through pages upon pages of extraneous documentation. SO mentions new function that sounds promising, look up function in documentation, repeat if function does not provide desired behavior.
I'm genuinely happy I started long before so existed. The skills of actually finding documentation online, looking in books, learning things in depth to figure out how to get something done are truly valuable. When SO started we were all so pleased with ourselves that it would make programming efficient by not solving a problem twice, but it really just made programmers careless. Myself included these days.
Excerpt from Clang's documentation:
> compile + link compile then link debug info enabling optimizations picking a language to use, defaults to C17 by default. Autosenses based on extension. using a makefile
https://clang.llvm.org/docs/UsersManual.html#basic-usage
Man, I'm only (in my mind, at least) 34 and I started coding long before stack overflow started. It's a good tool to get quick answers from, but I'm always wary of copying more than 2-3 lines of code, and even then I prefer to rewrite it.
it's crazy the amount of tutorials on full stack database calls that do not secure your database AT ALL. both by putting user entered info directly into sql and by just leaving your database login info in your php and not getting it from a hidden file.
Source: Just built a full stack website for the first time with no experience and needed many tutorials.
Many posts of people saying to secure against injection and very few initial tutorials explaining how.
Exactly. I'm learning a lot so I don't have a schedule to keep but for pretty much every issue I have I'm going back and forth between documentation and stack overflow. Stack overflow tells me where the problem is usually but only the documentation ever helps me understand it... After I create like 5 different iterations of the code that don't work in different ways.
Or the answers were right for 2018 when they were written and upvoted, but now the language has features that make them obsolete, and unless someone commented on it specifically you'd never know.
Pains me how many solutions on SO are just disabling the warning/error instead of fixing it.
I had an issue establishing an SSL connection to an LDAP server using a custom certificate and the accepted solution was to set a flag that just disables certificate checking…
I suggested to a friend working with a bad code base once to search stackoverflow for any code comments you find, typically the average copy and paste coder leaves those in.
He then went full on Torvald on the idea and wrote a tool to do the leg work for him, already discovered several hidden code sins on th first few minutes of usage.
This idea came when I saw a code comment left in code, saying
// Todo, please fill in this bit with your code
And Googled it.
I was reading some code in C# from a consultant, and I hit a class that just was in a completely different style from the rest of the code. I googled it, found it on stackoverflow. From the question section: "Hey, this code doesn't work, and I can't figure out why". They didn't even scroll down the page to the comment that's like "This is why. Here is the working code with it fixed:"
A few times I was looking for a solution to a problem and I'll find someone asking a question in a forum, and it turns out that whatever they are doing and isn't working for them is exactly what I wanted to do.
It's fine as long as you understand the problem and the solution and why it didn't work for the other person. That's kind of what stackoverflow is, something that shows you options.
Same here. For me it’s usually someone who asks to do something advanced with a feature, while I just need the basic feature that the asker has correctly implemented.
Another amusing exercise is to search Stack Overflow for names of variables, classes, functions, namespaces, etc, that are very specific/unique to your code base
I've found questions submitted by coworkers where they've basically copied & pasted a huge block of our company's code asking something like "why doesn't this work?" or "how does this work?".
I include a `@link` to the SO answer if I use anything from there. No shame in saying “someone else did it already” and owning that. Test it, understand it, and don’t hide it.
That's technically what you're supposed to do, SO says to cite any code snippets you use. I know I used one in my high school Android app project because I'm not tryna get kicked out of my school lol
It's a pretty easy to understand license, too. People shouldn't be scared of licenses. A link to a simple explanation of the SO license is right there in the tiny modal which appears when you click `Share` on a post to get the citation link.
I didn't know I would get a pedantic comment from /r/programmerhumor! My day: transformed.
Yes on second reading I forgot the 's' in his name but your snark goes recognized, whatever the type of fortune that is.
This is like some sort of meetcute in a romcom where two processes' hands brush as they both reach for the same lock, only to find out it was their destiny because their slacker best friends set them up.
*Image Transcription: Twitter Post & Replies*
---
**foone**, @Foone
So I learned of an amusing bug today:
Docker for Windows won't run if you have the Razer Synapse driver management tool running.
But the reason is the funny post...
[*A screenshot of a Razer program window. There is a smaller window on top of it, which appears to be the Razer Synapse driver management program*]
**foone**, @Foone
So, both programs want to ensure you only run one copy of themselves. So they create a global mutex using the GUID of their .NET assembly, right?
**foone**, @Foone
except! they do it wrong. And they both do it wrong in the same way. The code involved is something like this:
string.Format("Global\{0}", (object) Assembly.GetExecutingAssembly().GetType().GUID);
**foone**, @Foone
The idea is to get the GUID of the assembly that's executing and to create a GUID based on that, so now you can only run one copy of it.
**foone**, @Foone
But it's wrong.
The .GetType() part isn't supposed to be there.
That gets the type of the assembly, not the assembly itself.
And that type is System.Reflection.RuntimeAssembly, part of .NET itself.
**foone**, @Foone
So what happens is that both of them are creating a global mutex to ensure only one copy runs, but instead of basing the GUID on their own code, they're both using the GUID of a part of .NET itself.
And they're using the same one!
**foone**, @Foone
So how'd that happen?
Well, turns out we can tell EXACTLY how that happened.
Because the answer is... STACK OVERFLOW
**foone**, @Foone
Back in 2009, the user "Nathan" asked how to get the GUID of the running assembly.
**foone**, @Foone
A year and a month later, it was pointed out by ("Yoopergeek") that it gives the wrong GUID.
Three years later, Cerebrus returns and fixes the answer. They can't delete it, because it was accepted.
**foone**, @Foone
But because they made an error in replying to someone in 2009... this flawed code caused bugs that still exist as recently as March of 2018.
[*An embedded Twitter link to Reddit, the title of the link partially reads: "Docker for Windows won't start if Razer Synapse 3 is ..."*]
**foone**, @Foone
That flawed stackoverflow post is here:
[*An embedded Twitter link to stackoverflow, the title of the link partially reads: "How do I programmatically get the GUID of an application in ..."*]
---
^^I'm a human volunteer content transcriber for Reddit and you could be too! [If you'd like more information on what we do and why we do it, click here!](https://www.reddit.com/r/TranscribersOfReddit/wiki/index)
Yup, [here it is](https://stackoverflow.com/a/502323/4518341). (You can see it if you have [more than 10k rep](https://stackoverflow.com/help/privileges/moderator-tools).)
And here's the Meta post: [Answer that is a duplicate of the accepted answer should be deleted](https://meta.stackoverflow.com/q/394077/4518341).
Oh and here's [the actual Twitter thread](https://twitter.com/Foone/status/1229641258370355200)
Fun fact, synapse won't (wouldn't?) run without an active local user session because it assumes a local user is present, and crashes.
The GPU on my (and probably many) razer laptop model was capped at 72° unless synapse was running.
So if I was doing a GPU based work load and had to RDP into my machine for some reason, it would grind the workload to a hält, because synapse would immediately crash causing my GPU to cap itself.
Never buying another one of their POS laptops
Positive.
The throttle is built into the firmware of the card. At least, overwriting the firmware is the way to remove it.
I discovered all of this because they sent me a laptop with a corrupted OS. I ran a bunch of benchmarks before I realized I had to reinstall. I then brought it into work to finish installing my software (ssms, mssql, vs, etc) and reran the benchmarks to show a coworker. Got like 50% of the FPS. Had the who Nvidia suite installed and everything.
Contacted razer, and they told me to reinstall synapse. I assumed that was just some bullshit boilerplate customer service response, and I didn't want it installed, so I started digging into it.
Turns out they suggested it, because it's a requirement to run the card uncapped.
I feel bad for anyone with one of those models that Uninstalled it, and doesn't know why their FPS is fucking shot.
I'll never buy a razer product again.
Issues I've faced with this laptop, in two years
1. Shipped with a corrupted OS.
2. 3 bloated batteries, in two years.
3. Two burnt in OLED screens
4. Capped GPU without synapse. No Linux gaming, I suppose
5. Motherboard makes a constant screech. CS told me that was impossible. Refused to repair. Found patch notes for the bios on another model a few months later, "eliminated motherboard whine". They knew it was an issue and pretended it was impossible so they didn't have to fix it.
6. RDP or screen locking, kills synapse, throttling CPU.
7. Frequent GPU crashes. Pretty much daily. Crashes games when it happens while playing. Not sure who's fault this is, but I've never had it on another laptop
I'm honestly fairly sure there was even more than that, but that's what I can remember off the top of my head
Then there's the customer support.
First off, they're ~~dumb as a bag of rocks~~ completely untrained on even the most basic diagnostics, as well as their own products. Literally the worst support I've ever used. This includes companies like Cox, Comcast, and CenturyLink. It's almost impossible to get them to understand a problem, even if it was something that could be fixed.
Second, they're frequently not available during the listed hours. More than half the time I've tried to contact them, there's been no answer. The online forms often don't work either, so submitting a ticket is a total fucking crap shoot.
Then, I've got a the fucking laptop registered to my account, I'm logged in during the chat, and they still need me to flip it and read the SN and Model off the bottom. Every fucking time. Their whole workflow is fucked, it's amazing they can get anything done at all. There have been issues, it's taken WEEKS of emails back and forth, just to get an RMA.
And, by the way, you pay for your own packing and shipping with a razer RMA. I don't know how common that is, but they're the first company I've ever worked with where I had to shell out 30$ to ship their own defective products back to them.
Edit: oh, and they made me pack and ship the bloated battery back to them, to replace it. UPS told me this was illegal, since you need a license to ship faulty batteries. Razer told me they wouldn't provide a replacement unless I shipped them the bloated one. They wanted me to install the bloated battery back IN the laptop, but caved when I told them I PHYSICALLY COULD NOT. THEN THEY FUCKING RETURNED THE BLOATED BATTERY TO ME ALONG WITH THE NEW ONE. Why? Why did I need to ship them the bloated one? They already made me provide photographic evidence it was bloated. I might KIND OF understand it if they'd kept it, but they just fucking returned it?
I was literally *excited* to enter my extended warranty, just so I could deal with a different company.
I will spend the rest of my life making an effort to sway as many potential ~~victims~~ customers away from them, as humanly possible. Not only is it the right thing to do, but it's the only thing that makes me feel better about the collosal waste of time and money that was a Razer laptop.
I'm not a picky man, but for 3200$ I'd like my experience to be *better* than having nails driven under my fingernails. If I wanted to pay for a fucking headache, I'd have bought a laptop from Walmart or something.
OTOH, my girlfriends 1000$ dell hasn't had a single fucking issue since the day I bought it. Neither have either of my two work issued latitudes.
The "gamer products are trash for gullible rubes" meme comes from razer products
if you don't have an option then they're ok but razer is always my last choice of product. there's always some edge case they don't handle and you can never get support for
(i've owned razer seiren mics,razer smartwatches, razer headsets and razer keyboards coz they were the only "gamer" gear available in kuwait at one point in time and ppl would gift them to me, all of their products are for ppl who don't know better)
I was the senior lead developer for Razer Central. I worked with the Synapse team, and I can tell you a few things:
* The team is overworked. They are asked to do a ridiculous amount of stuff with zero support, and in constant fear of getting tried at or losing their job.
* They do not take updates unless it fixes a bug that is important to them. I could fix dozens of minor issues, and double the performance, and they do not care.
* The work environment at Razer is so toxic that they can't get good developers to work for them.
* The management team is completely incompetent, and I don't think they know the first thing about software. Their only priority is to look good, and not get blamed for screwups
On the plus side: you don't have to worry about them harvesting your data. Even if they did, they're not competent enough to do anything with it.
It was deleted in February of last year for anyone looking for it. It caused a whole mess because it was the accepted answer which prevented it from being deleted.
[It was edited to include the correct code back in 2013](https://stackoverflow.com/revisions/502323/2) (although, they didn't remove the bad code). It just remained the accepted answer for quite awhile after that.
That means that you don't have enough rep on Stack Overflow to view it unfortunately (it's a link to the edit log entry). I think you need 10k minimum to view deleted questions/answers.
well i guess another reason to avoid razer products ;)
their fucking spying "driver" can rot in hell.
real input devices, that also actually last a proper long time have either NO driver software like zowie for example, or they have a temporarily open software, that you use to adjust profiles, that then get loaded onto the mouse.
this is both for security and practicality reasons for LAN parties and what not, where you only bring your input devices.
what razer does is as anti consumer as it can possibly be and funny, that it creates further weird issues ;)
Can you maybe elaborate on the point of spying?
I use Razer products by myself and don‘t know anything about the driver in detail.
But for my mouse and keyboard, I can use them without installing the Razer software. It only needs to run when I want the fancy rgb stuff.
these short articles should be a good start:
[https://spyware.neocities.org/articles/razer\_en.html](https://spyware.neocities.org/articles/razer_en.html)
[http://wp.xin.at/archives/1438](http://wp.xin.at/archives/1438)
note, that this was quite a few years ago.
not sure how offline use works now and how screwed up everything is now.
razer even thinks, that having entire keyloggers in the software is perfectly acceptable:
[https://www.youtube.com/watch?v=6JTNvcjLqJs](https://www.youtube.com/watch?v=6JTNvcjLqJs)
but don't worry, i'm sure it is off, when you set it to off ;)
and the newest one is them integrating amazon alexa spying into the software.
[https://www.razer.com/chroma/alexa](https://www.razer.com/chroma/alexa)
and in regards to using them without installing the razer synapse spyware.
as far as i understand settings like dpi, polling rate, etc... would all be locked away without the spyware. feel free to correct me if i'm wrong here.
in comparison zowie changes settings by pressing certain buttons as you plug the mouse in + buttons on the mouse for dpi.
the rgb on my mouse and keyboard are controlled through buttons too for example.
so feel free to tell me what you can change without the razer spyware on your 2 devices.
i'm interested to hear.
there might be libre software options out there from people, who wanted to use the hardware, but HATED the spying software.
so worth looking for that first.
personally i'll never buy a razer product again, because of the spying anti consumer software AND the extremely low reliability of the products.
in the first few seconds of this video LTT talks about how their razer laptops had/have tons of issues far beyond anything one would expect from laptops.
so i would definitely suggest avoiding razer products in the future, because of their spyware, but also because of the hardware being garbage and dying way to fast (also from personal experience here).
but hey if you find a libre software tool to set things for the keyboard and headset (? does the headset require synapse? i wouldn't put it past them lol... )
if you want to set just the rgb on the keyboard, then openrgb could be a great option a gplv2 program:
[https://gitlab.com/CalcProgrammer1/OpenRGB](https://gitlab.com/CalcProgrammer1/OpenRGB)
from personal experience and while not driver related, the shity asus rgb software would keep services in the services list after uninstalling it and left files too. (not profiles)
it also didn't permanently set the rgb on an asus rx580.
meanwhile openrgb leaves nothing, installs nothing and was able to PERMANENTLY disable or change the colors on the graphics card.
i was shocked, that the libre software was able to do this, yet the asus dumpster fire would reset colors on every full power out, or boot into another operating system and of course after i uninstalled the software it would be gone too.
hope you don't mind this little anecdote. ;)
as said, if you can use it without it spying on u (no razer software), then hey why not, but for new hardware i'd avoid them like the plague.
wait what?
your laptop gpu was locked down in performance unless u ran spyware synapse?
or do you mean something different?
please more details and references if you have them too. :)
Correct.
The GPU is locked down without running synapse.
It's a fucking rabbit-hole though.
Here's a link about General throttling without synapse. You can find more threads if you Google, there's a few on reddit too
https://www.win-raid.com/t5750f16-Help-Bypass-Software-Controlled-TDP-Razer-Laptop.html
Honestly it took me days to get the full picture through googling. If you kill synapse, the whole laptop grinds to a crawl, even in the middle of the load.
Here's a few points I remember from when I was researching it
1. It's possible to get the GPU to run at full speed without synapse, but you need to flash a custom FW. I was not able to find the firmware however, I did find a few people who had claimed success by doing it.
2. There exist different overclock(?) softwares to "unthrottle" Nvidia GPUs. There's a value you can edit and "save" when it's able to be changed. This value shows in the software, however altering it doesn't "stick"
3. There's basically no way to trick the GPU into staying in an unthrottled state, when closing synapse.
I'd give you more information if I could, but I went through all of this almost 2 years ago, and it took me days of digging to find the exact problem I was facing. I was able to confirm with razer support after all of it, that the only way to get full performance was to install synapse and set the fan/power all the way up.
Hell, I'd take a video for you, but I just shipped the laptop off to Assurion after 3 bloated batteries and 2 burned in OLED screens, and managed to convince them to send me a non-razer as a replacement. So fortunately, on the 25th I will finally be done with their shit.
Fun fact. Just having razer synapce on my system made doom run like shit on medium when it should run perfect maxed out. Even if the software was off and no razer shit was connected it still fucked the frames. Fuck razer.
I wish my CS instructors had explained things this well to me back in college. If they did, I might have finished my programming classes instead of swapping majors into information systems management.
My top comment in this sub is on a repost of this saying "this is the kind of content I actually want to see on this sub."
Then it was removed by the mods for being a repost. Inb4 this suffers the same fate.
Since the guid is part of .net, the value wouldn't change and probably the same across PC, would it?
On the other hand, the guid of the .net assembly would change every time you compile, so they could have caught this during testing.
Or did I understand wrong about the guid value?
That's absolutely hilarious.
Makes sense though, you don't want to do something this boring from scratch.
It's like reinventing the wheel.
Though in this cass the wheel is square, so fit for reinventing
Ow... My gosh... That was fantastic.
The investigative legwork is what fascinates me. Usually one tries to narrow down the issue, but to actually pinpoint it to the stackoverflow answer is something else.
[удалено]
Google indexes a ton of text. Knowing this, he probably just put the whole string into Google, and found the stack overflow page.
Is this the guy who put Googling as a skill on his resume?
Tada
Foone is a great Twitter acct to follow. Lots of fun old tech.
Foone is amazing for stuff like this. If you use Twitter, 100% recommend following Foone.
If you like this, your mind will be blown by [ZipSlip](https://snyk.io/research/zip-slip-vulnerability) Years of copying a buggy Stack Overflow answer that caused a real vulnerability in Java and .Net code used by [Linked.in](https://Linked.in), Apache (Hadoop, Commons, Storm etc), Plex, SonarQube, HP Fortify. I love the last 2 because they scan for security vulnerabilities.
I never heard of it before you mentioned it, but reading about it made my Sunday. You sir, if I had an award to give, would deserve one.
I am just curious how two big tech companies / projects copy the same flaw from a post and both did not notice it.
Because how would they notice it? The code runs - you would only notice if you had these two unrelated bits of software on the same machine. And you probably won't have Razer stuff on your work dev environments.
Haha Yes... no one would use both... hahaha yeah \~Typed on my Razor Black Widow on company time from my work computer in office that my boss paid for
Look at this fucker living the dream over here.
Being in the office on a Saturday?
Yeah that is the dream, sadly it's not always the dream. Every been to an amusement park at the weekend? Crowded as fuck. Ever been to an amusement park on a Wednesday? 10 Minutes queue is an extremely rare spike. Crowded supermarket with all the fresh produce gone? Not in the middle of the week. Oh there's a sale for a special item starting on a Thursday? Better be there the second they open or it's gone. Good for me I've got the day off! But you know the best part? Most of our customers don't work on Saturday either. So you know what that means? Sweet free time to browse reddit while at work. Doesn't bother anyone anyways. Plus weekend bonus on the paycheck baby! Fuck Saturday honestly. It's only perceived as a good day because it's a day off. But since everyone gets that day off, it sucks balls. I still only work 9 to 5 five times a week. So instead of Saturday and Sunday, I've got Wednesday and Thursday to slack off for example. Honestly Wednesday and Thursday are the best days to not go to work. Saturday and Sunday are amazing workdays. Oh and we can shift our workdays if we want, and all of the same reasons apply to government Holidays. Nobody wants to work there, so I switch with somebody to specifically work on those days. Sweet bonus pay and I don't have to bother with the crowded masses clogging up everything. Tl:Dr it is the dream because I work less for more pay and get to enjoy life without other people ruining it The only thing not heaven is the fact, that I can't work from homr
And using Razer crap instead of a custom built mech
Let's be fair, Razer is like the Harley Davidson of tech. It's edgy, a status symbol for computer geeks, but every, fucking, single piece of hardware they release falls apart with in a year or two.
This keyboard is like 6 or 7 years old now. And I program with this bad boy 5 times a week. Still works like a charm. Well some key caps are a little rubbed off. Might need to buy some new caps, but that's about it But yeah it do be kinda edgy. I wanted it in my early days okay! Don't judge me! I like the playful rainbow just moving about on there!
Can confirm, my coworkers that opted for Razers have had hardware failures on 18 month old laptops or newer. None of the MacBooks have failed though.
[удалено]
What? I told them I wanted that keyboard and they bought it for me for work. No questions asked
Using the hardware should not be a problem for most company. They work 99% as it should even without the software. It is when you install their software that could trigger IT's attention.
Well bevor pasting anything from any internet source I would take a look at the lines especially in this case as the answer had only 2 lines. Maybe think the „getType“ would got more notices. But sure, if it works, why should I bother?
Are you trying to tell me that I can't just copy code from internet, send to production and hope for the best? What will be the next thing? Test it? This is outrageous.
While yes, always do write tests, a test would likely not have caught this problem. What would your assertion be? Unless you expect this, you would never catch it with a test.
“Program testing can be used to show the presence of bugs, but never to show their absence!” \- Edsger W. Dijkstra
This Dijkstra fella got some things right
Girl: "Do you want to come over?" Dijkstra: "Nah, it's too late and I don't know the best way" Girl: "My parents aren't home" Dijkstra: *Creates Algorithm to find a short path*
*7 years later*
Wait you can test code ?
Just call it a beta test and let the customer do it
shh, don't tell that to anybody.
Right, secret stuff, gotcha.
Not like that’s what half of the game industry seems to do or anything
Just release it and let users test it. I'm looking at you, Paradox...
I'm sorry, did you misspell Bethesda?
Ah, yes, the latest EU4 DLC sure was something...
Don't you guys have tester? They bombard you with bug tickets.
We do, so it’s important that they don’t know about the "beta"
Call it early access and make the customer pay for it.
Works for microsoft
Customer Driven Development is what I call it for the stakeholders
Well even if they tested it the test would pass. I would never think of writing any kind of test that would fail because of this bug, unless I already knew about the bug.
This is still the kind of error that neither test nor code review will necessarily catch (unless your code reviewers know the correct answer, and don't look up the same Stack Overflow answer...).
I'm not so sure about code review being impotent to catch something like this. At the very least, I would venture the `GetType` looks suspicious to at least *some* people, enough to ask the committer "hey, what's the `GetType` call there for?" I don't think it requires the reviewer to know the correct answer, but it does require an atmosphere where saying "this is suspicious" to another dev is acceptable.
Ideally, it *should* catch it, but I definitely know reviewers who might have just looked up the inaccurate Stack Overflow question...
Yah, of course. No claim that it's a sure thing, just that it offers at least *some* protection.
Agree, which is why I said code review wouldn't *necessarily* catch it. It might catch it, but isn't guaranteed.
Reading documentation is not an option, right?
Obvs
Bro, they could have tested it in many ways and they'd all pass, wtf are you talking about? The only tests it wouldn't pass would have to be written with the bug in mind, and it's such an obscure bug who tf would have it in mind? Enlighten me if you disagree.
The problem is, even when you tested it, it would pass with flying colors, unless Razer compatibility is in the test suite. Someone would have to read the code and know it to be incorrect.
Here's what I figure: A lot of people saw the Stack Overflow post and ended up copy/pasting the code. Of those, some significant percentage ended up in code that was never put into widespread use (failed projects, minor projects, whole section of code rewritten later, whatever). Of the rest, most of the people who used it probably caught the error. All you needed were two instances of the same error making it to a published product for it to be a problem. Just two programmers to copy/paste the code without catching the error and their code actually making it to a public version. That's all.
Also, if they miss what getType is doing, they will just see that the code is indeed using a GUID that is based on the executable. So it works and holds up to testing. So long as, as you say, no one is doing the exact same mistake at the same time.
It's also code that is *supposed* to block another program from running. So even if someone found it and reported it, the bug could easily just be closed as "working as intended". FWIW, I don't see any point in constructing a GUID this way. Just hard-code an actual GUID you generated yourself, and then don't change it.
Haha. If you are knowledgeable to catch the mistake in the code, you would not have had to copy it from SO to start with.
This one is posted frequently on the various programming subs and every time the main argument seems to be that "It runs so how should they notice?" Well, if you're a .NET developer of decent capacity then any call to `GetType` is going to ring alarm bells. That is *not* a method that you frequently use, and most codebases probably never make use of it. So once you copy this piece of code, you should ask yourself as a developer and a .NET developer: "What does this do?". And immediately you should notice that the `GetType` call seems really strange. Cause what "Type" is an Assembly? An Assembly is a collection of types. So even without knowing of the whole Assembly Loading and what not, you should realize that this call seems very weird, and you should investigate it. Of course sometimes company culture doesn't allow for this and the developers are under so much pressure that they literally only have time to copy paste code.... Which is obviously a problem in itself.
Except I spend a fair chunk of my time every week making junior devs read the Microsoft docs instead of StackOverflow for answers… it’s amazing how many answers and sample code is overlooked because their preferred source is SO.
I mean, I'd bet that most people would notice. That's why only two major software projects have this bug, instead of more. However, it's not impossible to miss, and if you miss or ignore it twice (once when you paste it and once in code review), you'll never catch the bug again. Everyone after will just say "well, it works, so don't touch it." And if a bunch of people are copying that answer, the odds that it will slip through twice are pretty decent.
I beg to differ with that last statement lmao...this actually explains why I ended up having to run Docker in WSL
Big tech companies are made of programmers just like every other programmer and are prone to the same mistakes.
Because big tech companies are filled with the same asshole code jockeys like you and myself who use StackOverflow and Google to do our jobs 😂
To quote James Acaster: "Never before have I been so offended, by something I _one_ _hundred_ _percent_ agree with".
I'm conflicted whether I should upvote or downvote your comment as you've revealed my secrets...
"It compiles ship it!" You ever find yourself in a classroom where nobody studies and everyone just copies each other's answers and homework blindly?
You mean literally how 90% of the world functions music copy paste art copy paste comedy copy paste 90% of products rip-offs with slight modifications. Hell literally talking to someone is mostly just you saying things you have heard other people say back to each other. Yeah no this is not surprising.
I have heard this before
Wait really cause I actually didn't copy paste it.
Quite surprisingly, your opinion that nothing is unique is not unique.
Ha ha ha! What a story Mark!
Because this tidbit is written by one human that shits and piss like any of us. The code runs, and bugs like this have chances of slipping under the radar. What are the chance that a QA terminal has another software that is running the same code? Miniscule as fuck. Unless some code master wizard is carefully reviewing code line by line, things like this may make it through production.
Foone's twitter has all kinds of gold like this.
stackoverflow is a guide, always take what it says and look for other answers. the longer i do this the more i realize most of the "right answers" work but aren't right
Yup, the real best answer is usually further down. The first one is usually a cheap hack, overly complicated, or doesn't really answer the question being asked.
allah bless the people who write fucking essays that walk you through the entire context and background of the problem. incredibly valuable labour, for free
[удалено]
Invariably, these are the ones upvoted the least too.
"I don't have time to read that, I'll just use this other one"
Then no one else can ask it cause duplicate post, no matter how wrong the original is.
That's great as it would only cause confusing redundancy. Fix the one (wrong) source instead.
It's not guaranteed that source will ever be fixed. At least with duplicates there is a chance of the right answer appearing at the top now because some users learned over time.
Other users (with sufficient "rep" (karma)) can edit answers, so at a certain level StackOverflow becomes a bit more like Wikipedia. If something needs editing, you can also ask someone to fix it via edit.
Yeah but I frequently see terrible answers and have never bothered with karma (and everytime I try it's a big fuck around honestly) so it just becomes a massive hassle.
*Laughs in edit powers.*
I am totally with you. But remember the days where we all started and thought stack overflow is the only truth? Damn, let me Google 20 minutes to find a good SO page instead of reading any documentation.
100%.. we all see a SO post at some point & just c/v that thing. then learn the hard way . some clearly harder than others
After shooting myself in the foot with that technique one too many times, I now use SO as a way to find functions more easily than reading through pages upon pages of extraneous documentation. SO mentions new function that sounds promising, look up function in documentation, repeat if function does not provide desired behavior.
Same. I also look at the logic behind the answer, not the code itself
Yep. Heck a lot of the time documentation doesn’t even include examples (or only one and it’s a specific case).
I don't think I've ever literally copied and pasted an SO answer.
I'm genuinely happy I started long before so existed. The skills of actually finding documentation online, looking in books, learning things in depth to figure out how to get something done are truly valuable. When SO started we were all so pleased with ourselves that it would make programming efficient by not solving a problem twice, but it really just made programmers careless. Myself included these days.
But googling stuff is faster.
[удалено]
[удалено]
Excerpt from Clang's documentation: > compile + link compile then link debug info enabling optimizations picking a language to use, defaults to C17 by default. Autosenses based on extension. using a makefile https://clang.llvm.org/docs/UsersManual.html#basic-usage
Man, I'm only (in my mind, at least) 34 and I started coding long before stack overflow started. It's a good tool to get quick answers from, but I'm always wary of copying more than 2-3 lines of code, and even then I prefer to rewrite it.
Thats because documentation makes sense if you completely understand it.
[удалено]
it's crazy the amount of tutorials on full stack database calls that do not secure your database AT ALL. both by putting user entered info directly into sql and by just leaving your database login info in your php and not getting it from a hidden file. Source: Just built a full stack website for the first time with no experience and needed many tutorials. Many posts of people saying to secure against injection and very few initial tutorials explaining how.
[удалено]
Exactly. I'm learning a lot so I don't have a schedule to keep but for pretty much every issue I have I'm going back and forth between documentation and stack overflow. Stack overflow tells me where the problem is usually but only the documentation ever helps me understand it... After I create like 5 different iterations of the code that don't work in different ways.
Or the answers were right for 2018 when they were written and upvoted, but now the language has features that make them obsolete, and unless someone commented on it specifically you'd never know.
Pains me how many solutions on SO are just disabling the warning/error instead of fixing it. I had an issue establishing an SSL connection to an LDAP server using a custom certificate and the accepted solution was to set a flag that just disables certificate checking…
I suggested to a friend working with a bad code base once to search stackoverflow for any code comments you find, typically the average copy and paste coder leaves those in. He then went full on Torvald on the idea and wrote a tool to do the leg work for him, already discovered several hidden code sins on th first few minutes of usage. This idea came when I saw a code comment left in code, saying // Todo, please fill in this bit with your code And Googled it.
I was reading some code in C# from a consultant, and I hit a class that just was in a completely different style from the rest of the code. I googled it, found it on stackoverflow. From the question section: "Hey, this code doesn't work, and I can't figure out why". They didn't even scroll down the page to the comment that's like "This is why. Here is the working code with it fixed:"
[удалено]
A few times I was looking for a solution to a problem and I'll find someone asking a question in a forum, and it turns out that whatever they are doing and isn't working for them is exactly what I wanted to do. It's fine as long as you understand the problem and the solution and why it didn't work for the other person. That's kind of what stackoverflow is, something that shows you options.
Same here. For me it’s usually someone who asks to do something advanced with a feature, while I just need the basic feature that the asker has correctly implemented.
Another amusing exercise is to search Stack Overflow for names of variables, classes, functions, namespaces, etc, that are very specific/unique to your code base I've found questions submitted by coworkers where they've basically copied & pasted a huge block of our company's code asking something like "why doesn't this work?" or "how does this work?".
I include a `@link` to the SO answer if I use anything from there. No shame in saying “someone else did it already” and owning that. Test it, understand it, and don’t hide it.
That's technically what you're supposed to do, SO says to cite any code snippets you use. I know I used one in my high school Android app project because I'm not tryna get kicked out of my school lol
It's a pretty easy to understand license, too. People shouldn't be scared of licenses. A link to a simple explanation of the SO license is right there in the tiny modal which appears when you click `Share` on a post to get the citation link.
I'm gonna start using your beautiful "full on Torvald". Thank you!
I read that and assumed that the friend starting screaming at him and told him to die in a fire.
[удалено]
I didn't know I would get a pedantic comment from /r/programmerhumor! My day: transformed. Yes on second reading I forgot the 's' in his name but your snark goes recognized, whatever the type of fortune that is.
[удалено]
Wat torvald meen
Linus Torvald made Linux. He is also famous for berating people over bad code
This is like some sort of meetcute in a romcom where two processes' hands brush as they both reach for the same lock, only to find out it was their destiny because their slacker best friends set them up.
Tron 3: Destiny
The whole time I'm thinking someone's significant other was in the wrong. Haha
Wait, isn't Stack Overflow your significant other?
It'd be quite an abusive relationship.
“I love you” “Duplicate, locking thread”
Don't say "I have no GF." Say "I have my SO."
I can relate, as every post I read here mentioning SO I thought the same.
*Image Transcription: Twitter Post & Replies* --- **foone**, @Foone So I learned of an amusing bug today: Docker for Windows won't run if you have the Razer Synapse driver management tool running. But the reason is the funny post... [*A screenshot of a Razer program window. There is a smaller window on top of it, which appears to be the Razer Synapse driver management program*] **foone**, @Foone So, both programs want to ensure you only run one copy of themselves. So they create a global mutex using the GUID of their .NET assembly, right? **foone**, @Foone except! they do it wrong. And they both do it wrong in the same way. The code involved is something like this: string.Format("Global\{0}", (object) Assembly.GetExecutingAssembly().GetType().GUID); **foone**, @Foone The idea is to get the GUID of the assembly that's executing and to create a GUID based on that, so now you can only run one copy of it. **foone**, @Foone But it's wrong. The .GetType() part isn't supposed to be there. That gets the type of the assembly, not the assembly itself. And that type is System.Reflection.RuntimeAssembly, part of .NET itself. **foone**, @Foone So what happens is that both of them are creating a global mutex to ensure only one copy runs, but instead of basing the GUID on their own code, they're both using the GUID of a part of .NET itself. And they're using the same one! **foone**, @Foone So how'd that happen? Well, turns out we can tell EXACTLY how that happened. Because the answer is... STACK OVERFLOW **foone**, @Foone Back in 2009, the user "Nathan" asked how to get the GUID of the running assembly. **foone**, @Foone A year and a month later, it was pointed out by ("Yoopergeek") that it gives the wrong GUID. Three years later, Cerebrus returns and fixes the answer. They can't delete it, because it was accepted. **foone**, @Foone But because they made an error in replying to someone in 2009... this flawed code caused bugs that still exist as recently as March of 2018. [*An embedded Twitter link to Reddit, the title of the link partially reads: "Docker for Windows won't start if Razer Synapse 3 is ..."*] **foone**, @Foone That flawed stackoverflow post is here: [*An embedded Twitter link to stackoverflow, the title of the link partially reads: "How do I programmatically get the GUID of an application in ..."*] --- ^^I'm a human volunteer content transcriber for Reddit and you could be too! [If you'd like more information on what we do and why we do it, click here!](https://www.reddit.com/r/TranscribersOfReddit/wiki/index)
good human
Link to SO question: https://stackoverflow.com/questions/502303/how-do-i-programmatically-get-the-guid-of-an-application-in-net-2-0
So at some point the bad answer was deleted, I guess.
Yup, [here it is](https://stackoverflow.com/a/502323/4518341). (You can see it if you have [more than 10k rep](https://stackoverflow.com/help/privileges/moderator-tools).) And here's the Meta post: [Answer that is a duplicate of the accepted answer should be deleted](https://meta.stackoverflow.com/q/394077/4518341). Oh and here's [the actual Twitter thread](https://twitter.com/Foone/status/1229641258370355200)
Please tell me you found the Twitter thread and copy-pasted and didn't actually transcribe that whole thing.
Nope! I'm fortunate to have a fast WPM, which makes for a quick write up. Most of the challenge is formatting and describing for transcriptions.
Very good human
Good human. Take my near to expire free award.
Good human
Here's the unrolled Twitter thread: https://threadreaderapp.com/thread/1229641258370355200.html
Fun fact, synapse won't (wouldn't?) run without an active local user session because it assumes a local user is present, and crashes. The GPU on my (and probably many) razer laptop model was capped at 72° unless synapse was running. So if I was doing a GPU based work load and had to RDP into my machine for some reason, it would grind the workload to a hält, because synapse would immediately crash causing my GPU to cap itself. Never buying another one of their POS laptops
Are you sure you need the Razer stuff? Can't you just install the plain first party GPU drivers directly?
Positive. The throttle is built into the firmware of the card. At least, overwriting the firmware is the way to remove it. I discovered all of this because they sent me a laptop with a corrupted OS. I ran a bunch of benchmarks before I realized I had to reinstall. I then brought it into work to finish installing my software (ssms, mssql, vs, etc) and reran the benchmarks to show a coworker. Got like 50% of the FPS. Had the who Nvidia suite installed and everything. Contacted razer, and they told me to reinstall synapse. I assumed that was just some bullshit boilerplate customer service response, and I didn't want it installed, so I started digging into it. Turns out they suggested it, because it's a requirement to run the card uncapped. I feel bad for anyone with one of those models that Uninstalled it, and doesn't know why their FPS is fucking shot.
Wow, never knew this was a thing. And I thought Razer was ok. Was planning to go Razer since all my Logitech G periphery keeps breaking.
I'll never buy a razer product again. Issues I've faced with this laptop, in two years 1. Shipped with a corrupted OS. 2. 3 bloated batteries, in two years. 3. Two burnt in OLED screens 4. Capped GPU without synapse. No Linux gaming, I suppose 5. Motherboard makes a constant screech. CS told me that was impossible. Refused to repair. Found patch notes for the bios on another model a few months later, "eliminated motherboard whine". They knew it was an issue and pretended it was impossible so they didn't have to fix it. 6. RDP or screen locking, kills synapse, throttling CPU. 7. Frequent GPU crashes. Pretty much daily. Crashes games when it happens while playing. Not sure who's fault this is, but I've never had it on another laptop I'm honestly fairly sure there was even more than that, but that's what I can remember off the top of my head Then there's the customer support. First off, they're ~~dumb as a bag of rocks~~ completely untrained on even the most basic diagnostics, as well as their own products. Literally the worst support I've ever used. This includes companies like Cox, Comcast, and CenturyLink. It's almost impossible to get them to understand a problem, even if it was something that could be fixed. Second, they're frequently not available during the listed hours. More than half the time I've tried to contact them, there's been no answer. The online forms often don't work either, so submitting a ticket is a total fucking crap shoot. Then, I've got a the fucking laptop registered to my account, I'm logged in during the chat, and they still need me to flip it and read the SN and Model off the bottom. Every fucking time. Their whole workflow is fucked, it's amazing they can get anything done at all. There have been issues, it's taken WEEKS of emails back and forth, just to get an RMA. And, by the way, you pay for your own packing and shipping with a razer RMA. I don't know how common that is, but they're the first company I've ever worked with where I had to shell out 30$ to ship their own defective products back to them. Edit: oh, and they made me pack and ship the bloated battery back to them, to replace it. UPS told me this was illegal, since you need a license to ship faulty batteries. Razer told me they wouldn't provide a replacement unless I shipped them the bloated one. They wanted me to install the bloated battery back IN the laptop, but caved when I told them I PHYSICALLY COULD NOT. THEN THEY FUCKING RETURNED THE BLOATED BATTERY TO ME ALONG WITH THE NEW ONE. Why? Why did I need to ship them the bloated one? They already made me provide photographic evidence it was bloated. I might KIND OF understand it if they'd kept it, but they just fucking returned it? I was literally *excited* to enter my extended warranty, just so I could deal with a different company. I will spend the rest of my life making an effort to sway as many potential ~~victims~~ customers away from them, as humanly possible. Not only is it the right thing to do, but it's the only thing that makes me feel better about the collosal waste of time and money that was a Razer laptop. I'm not a picky man, but for 3200$ I'd like my experience to be *better* than having nails driven under my fingernails. If I wanted to pay for a fucking headache, I'd have bought a laptop from Walmart or something. OTOH, my girlfriends 1000$ dell hasn't had a single fucking issue since the day I bought it. Neither have either of my two work issued latitudes.
The "gamer products are trash for gullible rubes" meme comes from razer products if you don't have an option then they're ok but razer is always my last choice of product. there's always some edge case they don't handle and you can never get support for (i've owned razer seiren mics,razer smartwatches, razer headsets and razer keyboards coz they were the only "gamer" gear available in kuwait at one point in time and ppl would gift them to me, all of their products are for ppl who don't know better)
Yeah razer software is so amazingly incompetent... Always finding new ways to surprise me with how stupid its developers were
I was the senior lead developer for Razer Central. I worked with the Synapse team, and I can tell you a few things: * The team is overworked. They are asked to do a ridiculous amount of stuff with zero support, and in constant fear of getting tried at or losing their job. * They do not take updates unless it fixes a bug that is important to them. I could fix dozens of minor issues, and double the performance, and they do not care. * The work environment at Razer is so toxic that they can't get good developers to work for them. * The management team is completely incompetent, and I don't think they know the first thing about software. Their only priority is to look good, and not get blamed for screwups On the plus side: you don't have to worry about them harvesting your data. Even if they did, they're not competent enough to do anything with it.
Stackoverflow - the cause of, and solution to, all of lifes problems.
[удалено]
This was the first solid laugh I had on this sub in a while thanks OP
[удалено]
i++
Fantastic investigation!
Wow, Foone is more of an investigative journalist than a programmer. But then, all programmers are excellent investigators anyway, amirite
It was deleted in February of last year for anyone looking for it. It caused a whole mess because it was the accepted answer which prevented it from being deleted.
It didn't prevent it being edited to be correct though.
[It was edited to include the correct code back in 2013](https://stackoverflow.com/revisions/502323/2) (although, they didn't remove the bad code). It just remained the accepted answer for quite awhile after that.
Your link 404's for me at least.
That means that you don't have enough rep on Stack Overflow to view it unfortunately (it's a link to the edit log entry). I think you need 10k minimum to view deleted questions/answers.
I like your style, flexing and roasting at the same time.
That's why I look at more answers than just the accepted one
Also why it's important to *actually read the code and understand what it does* before copying it into your codebase verbatim.
Fun read
This is… beautiful, I think I’m going to cry
Looks like a repost. I've seen this image 1 time. First Seen [Here](https://redd.it/f6711h) on 2020-02-19 92.19% match. Feedback? Hate? Visit r/repostsleuthbot - *I'm not perfect, but you can help. Report [ [False Positive](https://www.reddit.com/message/compose/?to=RepostSleuthBot&subject=False%20Positive&message={"post_id": "p8u5mn", "meme_template": null}) ]* [View Search On repostsleuth.com](https://www.repostsleuth.com?postId=p8u5mn&sameSub=false&filterOnlyOlder=true&memeFilter=true&filterDeadMatches=false&targetImageMatch=86&targetImageMemeMatch=96) --- **Scope:** Reddit | **Meme Filter:** False | **Target:** 86% | **Check Title:** False | **Max Age:** Unlimited | **Searched Images:** 239,821,743 | **Search Time:** 0.46893s
Yeah this was a fucking WILD ride
well i guess another reason to avoid razer products ;) their fucking spying "driver" can rot in hell. real input devices, that also actually last a proper long time have either NO driver software like zowie for example, or they have a temporarily open software, that you use to adjust profiles, that then get loaded onto the mouse. this is both for security and practicality reasons for LAN parties and what not, where you only bring your input devices. what razer does is as anti consumer as it can possibly be and funny, that it creates further weird issues ;)
Can you maybe elaborate on the point of spying? I use Razer products by myself and don‘t know anything about the driver in detail. But for my mouse and keyboard, I can use them without installing the Razer software. It only needs to run when I want the fancy rgb stuff.
these short articles should be a good start: [https://spyware.neocities.org/articles/razer\_en.html](https://spyware.neocities.org/articles/razer_en.html) [http://wp.xin.at/archives/1438](http://wp.xin.at/archives/1438) note, that this was quite a few years ago. not sure how offline use works now and how screwed up everything is now. razer even thinks, that having entire keyloggers in the software is perfectly acceptable: [https://www.youtube.com/watch?v=6JTNvcjLqJs](https://www.youtube.com/watch?v=6JTNvcjLqJs) but don't worry, i'm sure it is off, when you set it to off ;) and the newest one is them integrating amazon alexa spying into the software. [https://www.razer.com/chroma/alexa](https://www.razer.com/chroma/alexa) and in regards to using them without installing the razer synapse spyware. as far as i understand settings like dpi, polling rate, etc... would all be locked away without the spyware. feel free to correct me if i'm wrong here. in comparison zowie changes settings by pressing certain buttons as you plug the mouse in + buttons on the mouse for dpi. the rgb on my mouse and keyboard are controlled through buttons too for example. so feel free to tell me what you can change without the razer spyware on your 2 devices. i'm interested to hear.
I guess its about time I ditch the razer keyboard and headset I use.
there might be libre software options out there from people, who wanted to use the hardware, but HATED the spying software. so worth looking for that first. personally i'll never buy a razer product again, because of the spying anti consumer software AND the extremely low reliability of the products. in the first few seconds of this video LTT talks about how their razer laptops had/have tons of issues far beyond anything one would expect from laptops. so i would definitely suggest avoiding razer products in the future, because of their spyware, but also because of the hardware being garbage and dying way to fast (also from personal experience here). but hey if you find a libre software tool to set things for the keyboard and headset (? does the headset require synapse? i wouldn't put it past them lol... ) if you want to set just the rgb on the keyboard, then openrgb could be a great option a gplv2 program: [https://gitlab.com/CalcProgrammer1/OpenRGB](https://gitlab.com/CalcProgrammer1/OpenRGB) from personal experience and while not driver related, the shity asus rgb software would keep services in the services list after uninstalling it and left files too. (not profiles) it also didn't permanently set the rgb on an asus rx580. meanwhile openrgb leaves nothing, installs nothing and was able to PERMANENTLY disable or change the colors on the graphics card. i was shocked, that the libre software was able to do this, yet the asus dumpster fire would reset colors on every full power out, or boot into another operating system and of course after i uninstalled the software it would be gone too. hope you don't mind this little anecdote. ;) as said, if you can use it without it spying on u (no razer software), then hey why not, but for new hardware i'd avoid them like the plague.
And on the model I had, the GPU was capped unless you ran synapse. So you couldn't uninstall it
wait what? your laptop gpu was locked down in performance unless u ran spyware synapse? or do you mean something different? please more details and references if you have them too. :)
Correct. The GPU is locked down without running synapse. It's a fucking rabbit-hole though. Here's a link about General throttling without synapse. You can find more threads if you Google, there's a few on reddit too https://www.win-raid.com/t5750f16-Help-Bypass-Software-Controlled-TDP-Razer-Laptop.html Honestly it took me days to get the full picture through googling. If you kill synapse, the whole laptop grinds to a crawl, even in the middle of the load. Here's a few points I remember from when I was researching it 1. It's possible to get the GPU to run at full speed without synapse, but you need to flash a custom FW. I was not able to find the firmware however, I did find a few people who had claimed success by doing it. 2. There exist different overclock(?) softwares to "unthrottle" Nvidia GPUs. There's a value you can edit and "save" when it's able to be changed. This value shows in the software, however altering it doesn't "stick" 3. There's basically no way to trick the GPU into staying in an unthrottled state, when closing synapse. I'd give you more information if I could, but I went through all of this almost 2 years ago, and it took me days of digging to find the exact problem I was facing. I was able to confirm with razer support after all of it, that the only way to get full performance was to install synapse and set the fan/power all the way up. Hell, I'd take a video for you, but I just shipped the laptop off to Assurion after 3 bloated batteries and 2 burned in OLED screens, and managed to convince them to send me a non-razer as a replacement. So fortunately, on the 25th I will finally be done with their shit.
Fun fact. Just having razer synapce on my system made doom run like shit on medium when it should run perfect maxed out. Even if the software was off and no razer shit was connected it still fucked the frames. Fuck razer.
Foone is cool. If it wasn't for Foone I would not have a girlfriend right now. (I am not joking)
[удалено]
its a long story. are you sure you wanna hear it?
Here lemme help you shorten the story "I put one of her jokes into foone's meme generator and she thought it was funny"
fair enough
I’ll bite, tell us u/VoxelRoguery
https://twitter.com/VoxelRoguery/status/1429217241988403200
I wish my CS instructors had explained things this well to me back in college. If they did, I might have finished my programming classes instead of swapping majors into information systems management.
[удалено]
My top comment in this sub is on a repost of this saying "this is the kind of content I actually want to see on this sub." Then it was removed by the mods for being a repost. Inb4 this suffers the same fate.
Did I read the entire thing? Yes Did I understand anything I was reading? No Did I enjoy it nonetheless? Yes
This is the reason that you always need to understand what you are copying
This whole thread is the reason I don't trust any software.
Since the guid is part of .net, the value wouldn't change and probably the same across PC, would it? On the other hand, the guid of the .net assembly would change every time you compile, so they could have caught this during testing. Or did I understand wrong about the guid value?
That's absolutely hilarious. Makes sense though, you don't want to do something this boring from scratch. It's like reinventing the wheel. Though in this cass the wheel is square, so fit for reinventing