Ask Lemmy

I worked for an online payment company you all know. Many eployees have access to the main DB which holds all transactions and names and everything in clear text. You could basically find out all PII (personal identification information) of any celebrity you wanted given they had anaccount. Address, phone number, credit card and all. If you knew a bit of SQL you could basically find whoever person you wanted and get purchase history and all.

Cant say I didnt use this to find stuff about my exes or various celebrities.

Geek Squad, We were flying under the radar upgrading Macbook RAM, until one day we became officially Apple Authorized to fix iPhones, which means we were no longer allowed to upgrade Macbook RAM since the Macbooks were older and considered "obsolete" by apple, meaning we were unable to repair or upgrade the hardware the customer paid for, simply because apple said it was "too old". it was at this point in my customer interaction, that we recommend a repair shop down the road that isn't held at gunpoint by apple ;)

I worked as software engineer and my boss tolerated me going to office at 2pm and leave at 9pm. It's against company policy, certainly, but no one talked about it. It still is my most productive and happy time.

Acronis Backup charges you for local data backups from one device to the other. So basically if you are using Acronis to move data from your local drive to another local device like a NAS, you pay money for every gigabyte transferred. During the time I worked for them, the script to run the transfer was literally the most simple robocopy command, even simpler than one you could write yourself. And they still do it, charge for local to local data movement. Its fucking insane. One of my clients had a $15k a month bill for local data movement. Straight up highway robbery.

Snake Farm, when asked how to sell a policy that's clearly more expensive than the competition's answer was "They should feel privilege to be a Snake Farm customer."

The hubris was baffling.

I worked for an MSP doing IT for an assortment of companies. Most of the companies were in the medical or legal fields. Every single computer they sold to their clients, used the exact same bitlocker key when booting the computer. If you've worked for one of the companies we supported, you knew the bitlocker key for all of them. Iat been the exact same bitlocker key for at least 10 years. This MSP also regularly puts out social media posts and emails saying how security focused they are etc, etc.

I used to work at a hotel and they never changed the duvet covers guest to guest, only the other sheets.

Over a decade ago I worked as a freelancer for an Investment Bank (the largest one that went bankrupt in the 2008 Crash, which was a few years later) were the head of the Proprietary Trading Desk (the team of Traders who invest for the profit of the bank) asked me if I could change the software so that they could see the investments of the Client Trading Desk (who invest for clients with client money) was making, with the assent of the latter team.

Now if the guys investing money for the bank know what they guys investing customer money are doing they can do things like Front-Run the customer trades (or serve them at exactly the right price to barelly beat the competiotion) thus making more profits for the bank and hence get bigger bonuses. This is why Financial regulations say that there is supposed to be so-called Chinese Walls between the proprietary trading and the customer trading activities: they're supposed to be segregated and not visible to each other.

Note that the heads of both teams were mates and already regularly had chats, so they might already have been exchanging this info informally.

I was quite fresh in there (less than 1 year) and the software system I worked in at the time was used by both teams, but when I started looking into it I saw that the separation was very explicitly coded in software and that got me thinking about what I had learned from the mandatory compliance training I had done when I first joined (so, yeah, that stuff is not totally useless!!!)

So I asked for written confirmation from the heads of both teams, and just got some vague response e-mails, no clear "do such and such".

So I played the fool and took it to a seperate team called Compliance (responsible for compliance with financial regulations) saying I just wanted to make sure it was all prim and proper, "just in case".

Of course, it kinda blew up (locally) and I ended up called to a meeting with the heads of the Prop Desk and whatnot - all stern looks and barelly contained angry tones - were I kept playing the fool.

Ultimatelly it ended up not being a problem for me at all, to the point that after that bank went bust and its component parts were sold to another bank, the technical team manager asked me to come back to work with the same IT group (remember, I was a freelancer) with even greater responsabilities, so this didn't exactly damage my career.

That said, over the years there were various cases of IT guys in large investment banks who went along with "innocent" requests from the Traders and ended up as the fall-guys for subsequent breaking of Finance Regulations, serving jail time, so had I gone along with that request I would've actually risked ending up in jail.

(Financial Regulators were and are a complete total joke when it comes to large banks, which actually makes it more likely that some poor techie guy will be made the fall guy to protected the bank and its heads).

We used to sell Windows built-in Recovery tool.

i worked in a place where we put journal,magasin in leters and film. we got a DISGUSTING porn thing like... i dont even think it was legal (zoo ect) i personaly refuse to put that in envelope. and you know what? the most common adress we got? religious person. yup most recieve it was the one in church reading you the bibles...

I quit a well known ecomm tech company a few months ago ahead of (another) one of their layoff rounds because upper mgmt was turning into ultra-wall street corpo bullshit. With 30% of staff gone, and yet our userbase almost doubling over the same period, they wanted everyone to continue increasing output and quality. We were barely keeping up with our existing workload at that point, burnout was (and still is) rampant.

Over the two weeks after I gave my notice I discovered that in the third-party app ecosystem many thousands of apps that had (approved) access to the Billing API weren't even operating anymore. Some had quit operating years ago, but they were still billing end-users on a monthly basis. Many end-users install dozens of apps (just like people do with mobile phones) and then forget they ever did so. The monthly rates for these apps are anywhere from 3 to 20 dollars per month, many people never checked their bank statements or invoices (when they eventually did, they'd contact support to complain about paying for an app that doesn't even load and may not have for months or years at this point).

I gathered evidence on at least three dozen of these zombie apps. Many of them had hundreds of active installs, and were billing users for in some cases the past three years. I extrapolated that there were probably in the high-hundreds or low-thousands of these zombie apps billing users on the platform, amounting to high-thousands to low-tens-of thousands of installs... amounting to likely millions per year in faulty and sketchy invoicing happening over our Billing API.

Mgmt actually did put together a triage team to address my findings, but I can absolutely assure you the only reason they acted so quickly is because I was on the way out of the company. I'd spotted things like this in the wild previously and nothing had ever been done about it. The pat answer has always been well people are responsible for their own accounts and invoicing. I believe they acted on this one because I was being very vocal about how it would be 'a shame' if this situation ever became public, and all those end-users came after the company for those false invoices at one time. It would be a PR and Support nightmare.

You have definitely interacted with this ecommerce platform if you shop online.

Worked at a globally popular fast food francise many years ago. They had collection boxes for a charity that they raised money for. None of the money went to that charity, but was divided between owners and managers.

1-800-got-junk? doesn't care at all about its environmental impact. No sorting what so ever happens to what goes on their trucks it all goes to landfills. All the ads will say they recycle and that they repurpose old furniture but I was threatened with being fired when I recommended donating antiques instead of dumping a load of furniture.

More jobs and more profits comes before anything else in that company, including employee health and safety. Several times I was told to enter spaces we werent trained for (attics and crawl spaces) and carry waste I legally couldn't transport (human/organic wastes and the laws states the driver is fined, not the company). One guy injured his shoulder during an attic job and was told to finish the shift or lose his job. Absoulte scum of a company with very sleazy management and possibly the labour board in their pocket as they kept "losing the files" when I tried to file a report with buddy's shoulder (he was hesistant to report for fear of losing his job).

I worked for for the railroad. Nothing is fixed ever. I witnessed hundreds of code violations every day for years. Doesn't matter if a rail car or locomotive meets code as long as it "can travel" its good to go.

When an employee inspector finds a defective rail car management determines if it will get fixed. If the supervisor "feels" like "it's not that bad" then the rail car is "let go".