• zazilicious@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    6 months ago

    I know this thread is old but: so many HIPPA violations, oh my God. I am a pediatric therapists/child psych, and the clinic I used to work at constantly stored client data in the most insecure ways, and therapists and staff would discuss client names, diagnosis’, address, EVERYTHING openly in the break room. I complained at one point, but it went nowhere. Turns out nobody cares, lol. They also frequently ignored the best interests of our clients to maximize profit from insurance (leaning towards fraud). I ultimately left the company when my boss blatantly violated the safety of one of my clients by refusing to send her home when she had a fever of 104 F. Sure, working with kids means everyone gets sick a lot, but when the child is THAT sick, they need to be in a hospital, not in a hot, cramped room with a therapist.

  • ???@lemmy.world
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    4 months ago

    Every time we notified anyone about a potential illegal breach of gdpr that could get us fined or sued, admin pretended they had never been informed because the changes would take too long and collide with their plans to “revamp everything, reinvent the platform, and rebrand”.

    I should have whistleblown them myself if it were not for the fact that doing so would probably get some previous employees fired rather than hurt the company.

  • FuckOff@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    The people who negotiate your medical claims make more money on the settlement commissions than the doctors even make from their procedures.

    And there’s like 25-40 people total who handle the claims for every single health insurance company.

    • RGB3x3@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      The US healthcare and insurance industry is such a scam. There are so many people making so much money off denying claims and overcharging for procedures.

  • W1Z_4RD@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Worked in tech support for a major internet provider. We would constantly have major ouages in various locations due to overtaxed systems going down. Corporate refused to allow us to admit that there were problems on our end and forced the techs to troubleshoot the customer calls, even though we all knew that we could do nothing for the customer. Saw multiple techs releived of their job for telling the truth to the customers. So many hours wasted on both the customer and techs part.

  • shadesdk@lemmy.ml
    link
    fedilink
    arrow-up
    32
    ·
    edit-2
    1 year ago

    The company would bid on government contracts, knowing full well they promised features that didn’t exists and never would, but calculating that the fine for not meeting the specs was lower than the benefit of the contract and getting the buyers locked into our system. I raised this to my boss, nothing changed and I quit shortly after.

    • forgotaboutlaye@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Promising features that never existed is part and parcel to a lot of software sales, whether gov or private. Speaking from post-sales experience.

    • hactar42@lemmy.world
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      I’ve worked in IT consulting for over 10 years and have never once lied about the capabilities of a product. I have said, it doesn’t do that natively, but if that’s a requirement we can scope how much it would take to make it happen. Sadly my company is very much the exception.

      The worst I saw was years ago I was working on an infrastructure upgrade of a Hyper-V environment. The client purchased a backup solution I wasn’t familiar with but said it supported Hyper-V. It turns out their Hyper-V support was in “beta”. It wasn’t in beta. They were literally using this client as a development environment. It was a freaking joke. At one point I had to get on the phone with one of their developers and explain how high-availability and fail-over worked.

      • bpm@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I could very well have been that developer. Usual story, sales promised the world, that our vmware-based system would run on anything and everything, and of course it’s all HA and load balanced, smash cut to me on Monday morning trying to figure out how to make it do that before it goes live on Wednesday.

    • esadatari@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      eh DHCP isn’t really important right? obviously if it hasn’t changed since the 80’s why would you need to reboot your server.

      what are vulnerabilities?

    • drphungky@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I worked in government contracting (and government, for that matter) for years and that blows my mind. I can’t remember the details, but if you even had a bad reviews, much less being found noncompliant, it could disqualify you entirely from some contract vehicles for a matter of years. Wild that there’s some agency that somehow lets people get away with fraud.

      Also, if that cost the government money, there’s a chance you could report that after the fact and make some money.

    • Tar_alcaran@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      The contractor I worked for was run by a man who used to say “if the contract says they’ll blow up the contractor on delivery, we’re putting in a bid and solve the problem later”

  • rtxn@lemmy.world
    link
    fedilink
    arrow-up
    19
    ·
    edit-2
    1 year ago

    Our business-critical internal software suite was written in Pascal as a temporary solution and has been unmaintained for almost 20 years. It transmits cleartext usernames and passwords as the URI components of GET requests. They also use a single decade-old Excel file to store vital statistics. A key part of the workflow involves an Excel file with a macro that processes an HTML document from the clipboard.

    I offered them a better solution, which was rejected because the downtime and the minimal training would be more costly than working around the current issues.

    • Tar_alcaran@lemmy.world
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      The library I worked for as a teen used to process off-site reservations by writing them to a text file, which was automatically e-faxed to all locations every odd day.

      If you worked at not-the-main-location, you couldn’t do an off-site reservation, so on even days, you would print your list and fax it to the main site, who would re-enter it into the system.

      This was 2005. And yes, it broke every month with an odd number of days.

    • SSTF@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      downtime

      minimal retraining

      I feel your pain. Many good ideas that cause this are rejected. I have had ideas requiring one big downtime chunk rejected even though it reduces short but constant downtimes and mathematically the fix will pay for itself in a month easily.

      Then the minimal retraining is frustrating when work environments and coworkers still pretend computers are some crazy device they’ve never seen before.

    • bleistift2@feddit.de
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      cleartext usernames and passwords as the URI components of GET requests

      I’m not an infrastructure person. If the receiving web server doesn’t log the URI, and supposing the communication is encrypted with TLS, which removes the credentials from the URI, are there security concerns?

      • ItsMyFirstDay@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        I’m not 100% on this but I think GET requests are logged by default.

        POST requests, normally used for passwords, don’t get logged by default.

        BUT the Uri would get logged would get logged on both, so if the URI contained @username:Password then it’s likely all there in the logs

        • SzethFriendOfNimi@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Get and post requests are logged

          The difference is that the logged get requests will also include any query params

          GET /some/uri?user=Alpha&pass=bravo

          While a post request will have those same params sent as part of a form body request. Those aren’t logged and so it would look like this

          POST /some/uri

      • nudelbiotop@feddit.de
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        1 year ago

        Anyone who has access to any involved network infrastructure can trace the cleartext communication and extract the credentials.

    • V4uban@lemmy.world
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      1 year ago

      As weird as it may seem, this might be a good argument in favor of Pascal. I despised learning it at uni, as it seems worthless, but is seems that it can still handle business-critical software for 20 years.

      • Overzeetop@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        What OP didn’t tell you is that, due to its age, it’s running on an unpatched WinXP SP2 install and patching, upgrading to SP3, or to any newer Windows OS will break the software calls that version of Pascal relies upon.

  • TerkErJerbs@lemm.ee
    link
    fedilink
    arrow-up
    18
    ·
    1 year ago

    I quit a well known ecomm tech company a few months ago ahead of (another) one of their layoff rounds because upper mgmt was turning into ultra-wall street corpo bullshit. With 30% of staff gone, and yet our userbase almost doubling over the same period, they wanted everyone to continue increasing output and quality. We were barely keeping up with our existing workload at that point, burnout was (and still is) rampant.

    Over the two weeks after I gave my notice I discovered that in the third-party app ecosystem many thousands of apps that had (approved) access to the Billing API weren’t even operating anymore. Some had quit operating years ago, but they were still billing end-users on a monthly basis. Many end-users install dozens of apps (just like people do with mobile phones) and then forget they ever did so. The monthly rates for these apps are anywhere from 3 to 20 dollars per month, many people never checked their bank statements or invoices (when they eventually did, they’d contact support to complain about paying for an app that doesn’t even load and may not have for months or years at this point).

    I gathered evidence on at least three dozen of these zombie apps. Many of them had hundreds of active installs, and were billing users for in some cases the past three years. I extrapolated that there were probably in the high-hundreds or low-thousands of these zombie apps billing users on the platform, amounting to high-thousands to low-tens-of thousands of installs… amounting to likely millions per year in faulty and sketchy invoicing happening over our Billing API.

    Mgmt actually did put together a triage team to address my findings, but I can absolutely assure you the only reason they acted so quickly is because I was on the way out of the company. I’d spotted things like this in the wild previously and nothing had ever been done about it. The pat answer has always been well people are responsible for their own accounts and invoicing. I believe they acted on this one because I was being very vocal about how it would be ‘a shame’ if this situation ever became public, and all those end-users came after the company for those false invoices at one time. It would be a PR and Support nightmare.

    You have definitely interacted with this ecommerce platform if you shop online.

    • SreudianFlip@sh.itjust.works
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      5 months ago

      I’m unfortunately dependent upon said company, as a “partner”, which just means a hack indie developer who herds customers to the slaughter for the corp.

      The last round of layoffs was a brutal experience for the “Plus” customers. They lost crucial advisers and support, and now the guidance available is a bored and untrained chat support thrall on the other side of the world, or a stochastic parrot.

      You can smell the enshittification from here. The vendor lock-in is so intense it seemed inevitable.

      • TerkErJerbs@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        You’re absolutely right on all counts. And that’s why I quit (without waiting around to be laid off which frankly the severance package would’ve been nice). I got hired into the first (private) company I applied to, I’m thriving, and I don’t miss that stink of wall street/silicon valley money at all.

    • Veltoss@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I guessing it’s Amazon’s old android app store? I remember lots of users having a lot of hope for that app store bringing competition and higher quality app and app store quality. Oh how naive we were.

    • ki77erb@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I recently discovered that somehow I set up billing for a VPN directly from the company and also through Google Play. I probably got a renewal email and just followed the instructions. I went back through my bank statements and I’ve been double charged for probably at least 2 years and just never noticed it. It was only about $10 a month. I just feel really stupid for not noticing it until now and it’s entirely my fault. I cancelled the one through Google Play. You live and you learn!

      • TerkErJerbs@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        lmfao. Does the VPN company’s name start with a W by any chance? If so, I am very aware of that issue as well. 😂

      • booty_flexx@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        1 year ago

        ✅️ is a shopping platform

        ✅️ has an app ecosystem with a billing api

        ✅️ high probability that someone who shops online has interacted with a store on the platform

        ✅️ multiple rounds of layoffs w/ staff stretched thin

        ✅️ unclear ambitions of being a megaplatform, beyond what it already is

        I guess we’ll never know, lol

  • esadatari@lemmy.world
    link
    fedilink
    arrow-up
    17
    ·
    1 year ago

    i worked for a hybrid hosting and cloud provider that was partnered with Electronic Arts for the SimCity reboot.

    well half way through they decided our cloud wasn’t worth it, and moved providers. but no one bothered to tell all the outsourced foreign developers that they were on a new provider architecture.

    all the shit storm fail launch of SimCity was because of extremely shitty code that was meant to work on one cloud and didn’t really work on another. but they assumed hurr hurr all server same.

    so you guys got that shit launch and i knew exactly why and couldn’t say a damn thing for YEARS

  • Abrslam @sh.itjust.works
    link
    fedilink
    arrow-up
    13
    ·
    1 year ago

    I worked for for the railroad. Nothing is fixed ever. I witnessed hundreds of code violations every day for years. Doesn’t matter if a rail car or locomotive meets code as long as it “can travel” its good to go.

    When an employee inspector finds a defective rail car management determines if it will get fixed. If the supervisor “feels” like “it’s not that bad” then the rail car is “let go”.

  • Teppichbrand@feddit.de
    link
    fedilink
    arrow-up
    12
    ·
    1 year ago

    Big german TV production company with succesful primetime action series used rented cars for their stunts. Different people from the team rented them with full insurance, returned them crashed. They did this until every car rent in the city stopped offering insurance without retention.

  • FireRetardant@lemmy.world
    link
    fedilink
    arrow-up
    12
    ·
    edit-2
    1 year ago

    1-800-got-junk? doesn’t care at all about its environmental impact. No sorting what so ever happens to what goes on their trucks it all goes to landfills. All the ads will say they recycle and that they repurpose old furniture but I was threatened with being fired when I recommended donating antiques instead of dumping a load of furniture.

    More jobs and more profits comes before anything else in that company, including employee health and safety. Several times I was told to enter spaces we werent trained for (attics and crawl spaces) and carry waste I legally couldn’t transport (human/organic wastes and the laws states the driver is fined, not the company). One guy injured his shoulder during an attic job and was told to finish the shift or lose his job. Absoulte scum of a company with very sleazy management and possibly the labour board in their pocket as they kept “losing the files” when I tried to file a report with buddy’s shoulder (he was hesistant to report for fear of losing his job).

  • Boozilla@lemmy.world
    link
    fedilink
    arrow-up
    12
    ·
    1 year ago

    Health insurance company I worked for would automatically reject claims over a certain amount without reviewing them. Just to be dicks and make people have to resubmit. This was over 25 years ago, but it’s my understanding many health insurers still pull this shit. They don’t care if it’s legal or not. Enforcement is lazy and fines are cheaper than medical claims.

    Obviously this is in the USA.

  • shittymorph@lemmy.world
    link
    fedilink
    arrow-up
    13
    arrow-down
    1
    ·
    1 year ago

    I used to work for a popular wrestling company, billionaire owner, very profitable, would write off any OSHA penalties as the ‘cost of doing business’ just as they did in 1998, when The Undertaker threw Mankind off Hell In A Cell, and plummeted 16 ft through an announcer’s table

    • Gearheart@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      1 year ago

      I want to believe… but the morph has always been exactly.

      “nineteen ninety eight when the undertaker threw mankind off hell in a cell and plummeted sixteen feet through an announcer’s table.”

      But I want to believe…

      Edit: looking back at previous shittymorph posts. Grammar, punctuation and delivery is at much higher standard… I’m sad 😢. I’m hoping that I’m way way wrong. Can anyone reach out to shittymorph on reddit to confirm?

      • shittymorph@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        That is quite an astute observation, in fact many folks would have overlooked such precise details. As you could imagine, with newness and changing situation such as a major platform shift, and as we enter a revolutionary technological time period in hopes of a prosperous fediverse, it’s easy for us to become a overzealous and infatuated with all the excitement, but we must remember, it pales in comparison to the crowd’s excitement in nineteen ninety eight when the undertaker threw mankind off hell in a cell and plummeted sixteen feet through an announcer’s table.

            • ThtCrzyBstrd@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              Back on the site-that-must-not-be-named, u/shittymorph would occasionally come out of nowhere with the one story about Hell in a Cell. It was his thing. Shortly before the place went to absolute hell, he posted saying he was stepping away for personal reasons.

              We believe this is an imposter.

    • ikidd@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      You son of a bitch, I don’t know if you’re the og shittymorph, but I missed that bastard.

  • thrawn@lemmy.world
    link
    fedilink
    arrow-up
    11
    ·
    1 year ago

    It’s pretty depressing, but the fact that soil and groundwater are almost certainly contaminated anywhere that humans have touched. I’ve seen all kinds of places from gas stations, to dry cleaners, to mines, to fire stations, to military bases, to schools, to hydroelectric plants, the list could go on, and every last one of them had poison in the ground.

    • pfannkuchen_gesicht@lemmy.one
      link
      fedilink
      arrow-up
      10
      ·
      1 year ago

      Some places are insanely polluted to the point where you wonder how a whole company could be so braindead and essentially poison themselves.
      A place not far from where I live had a chemical plant which just dumped loads of chemicals on a meadow for years. Now there are ground water pumps installed there which need to run 24/7 so that the chemicals don’t contaminate nearby rivers and hence the rest of the country.
      When taking samples from the pumped up water you can smell gasoline.

      • Flax@feddit.uk
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        The largest lake in the UK by area got massively polluted and turned into a swamp of toxic green algae. It’s crazy how people just let stuff like that happen.

      • dammitBobby@lemm.ee
        link
        fedilink
        arrow-up
        9
        ·
        1 year ago

        We’re house shopping and there has been a house on a lake sitting on the market forever. I got curious and researched the lake and… It’s a literal superfund site. The company that was on the other side of the lake just dumped their waste chemicals right on the shore and it has polluted both the lake and ground water forever essentially because they don’t break down. I looked up the previous owner… Died of cancer. The shit that companies are and were allowed to get away with is just insane. Meanwhile right wing nut jobs want to get rid of the EPA (which was ironically created by Richard Nixon).

      • PoliticalAgitator@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        A place not far from where I live had a chemical plant which just dumped loads of chemicals on a meadow for years.

        Sounds cheap.

    • Tar_alcaran@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      It’s just as depressing when something counts as “clean”. My saddest example was a former sand pit, they spent 30 years digging out 15 meters of sand, then another 30 years filling it with anything from industrial to veterinary waste, “capped” it with rubble in the late 40s and called it clean enough.

      Had a bigass job digging out the top 3 meters of random waste, including several thousand of barrels of whatever the fuck. And definitely no unexploded ordnance (spoiler, after finding several ww2 rifle stocks and helmets, the first mortarshells were dug up too). After makimg room, it was covered in sand, clay, bentonite and a protective grid.

      So naturally, 3 months after that finished, some cockhead decided to throw an anchor and hit go all ahead flank on his assholes boat and tore the whole thing up. No need to fix anything though, just shovel some more sand it, that’ll stop the anthrax!

      This was all in open connection with a major river, of course. One people swim in.

    • Buffaloaf@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I work in air quality and it’s a similar story. It’s crazy to me seeing how much is unregulated, grandfathered in, or simply not enforced.

  • pureness@lemmy.world
    link
    fedilink
    arrow-up
    11
    ·
    1 year ago

    Geek Squad, We were flying under the radar upgrading Macbook RAM, until one day we became officially Apple Authorized to fix iPhones, which means we were no longer allowed to upgrade Macbook RAM since the Macbooks were older and considered “obsolete” by apple, meaning we were unable to repair or upgrade the hardware the customer paid for, simply because apple said it was “too old”. it was at this point in my customer interaction, that we recommend a repair shop down the road that isn’t held at gunpoint by apple ;)

    • Another Person @lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      1 year ago

      I worked at a 3rd party Apple retailer (they had a legacy contract from the 90s that only expired about 5-10 years ago) and they bought the cheapest RAM they could find to upgrade the Macs. They made hand over fist on RAM upgrades and still came in under what Apple charged for the same upgrade.