>be me
>lead on tiny software dev team
>have been collaborating using our company file server for version control and SQL
>it worked perfectly
>write the program, custom industrial software
>catbox the MDF and LDF files and attach them to customer-provided server
>do some set up
>battlecruiser_operational.wav
>simple as that
>company got bought out
>you can't have a fileserver anymore, we use Box for files, you have to migrate
>version control borked, now we ad-hoc it in a cloud folder
>SQL borked, now we pass database scripts back and forth on Teams
>THISCANNOTCONTINUE.hevc
>get in meeting with new parent company's IT director
>"no, you can't use SQL ports, we locked those down on your new office network because reasons"
>what the fuck, what do we do now
>"well, Anon, we have a supplier, we go through them"
>supplier: "We have to set up Azure SQLaaS also it will take us 3 months to set up and cost $900/month"
>baseline price for our custom industrial software is $25000, dev cycle is around 4 months
>we will be 1 month behind schedule as is
>also forced to pass an extra $3600 expense on to the customer
>this WILL lose us contracts
>i'm morbin', my team is morbin' PM is morbin', customer PM is morbin'
>bitch about it to some engineers over a few beers
>mention how I wish I could just ask the company to buy a NUC or something for ez offline access to a shared database and dev environment
>one of them bought a dinky little celeron-powered fanless chink box for some job he ended up not needing it for
>fuckit.avif
>his generosity will not be forgotten
>install pirated windows
>put it on a closed LAN
>install SQL Express
>install our custom version control solution
>point our laptops' wifi to the shitbox router, keep office LAN plugged in
>instant dev environment
>new company's IT dept has no fucking clue, because it's not even on our network

>>105633169 (OP)
Why dont you use github

>>105633169 (OP)
>public open SQL ports
your IT director is right
don't be a retard and let yourself get hacked
just put an API on your application server, and let the app server communicate with the SQL server
...please don't tell me your client apps execute raw SQL queries

>>105633169 (OP)
>jank solutions
Our company is still using old msaccess .mdb databases for operational work some old fart made made in 1999

>>105633169 (OP)
>We have to set up Azure SQLaaS also it will take us 3 months to set up and cost $900/month
Why didn't you just lift and shift to an azure VM? It takes like a day. Cost depends on your needs desu. But if a celeron chink shit board can do it, it's probably less than $900

>>105633169 (OP)
So rather than the company take the L when this goes tits up, you've decided to personally take that L?

great call retard

>>105633169 (OP)
so essentially you are the type that solves problems and is rewarded by being fired. Nice. I hope I meet more like you irl because most niggas do not even care and just leave before they are fired. If you respect yourself, you should look for a new place if they continue to annoy you.

>>105633169 (OP)
>>install pirated windows
brown

>>105633535
maybe he wants to keep the job. in a way he is a hero for being autistic enough to actually solve shit. Most people solve shit by just getting a new job, but this is also a solution. Also it may be a small or local company and he may not want to move. I am too in a small city and i have to be ... adaptive if i do not want to have to go to the capital. When work could be done online and remote, small companies that did shit like that lost a lot of employees, but back then employees also could change jobs too easily.

>>105633706
he found a solution to a problem. You are a dying nation, dying race, dying industry, dying land, dying people, and you do not even solve problems, you just print money to fund meme AI shit.

>>105633169 (OP)
You're an absolute retard, but the based kind.

>>105633169 (OP)
>this WILL lose us contracts
Youre are not the company you fucking bootlicker

>>105633381
1. Yes, I know. But he's also being a hard-ass about it.
2. Our client apps only execute stored procedures with sanitized inputs. It's a dumb solution, but it's secure.
>>105633450
lol yeah, only problem is we need to connect straight to stone-age PLCs on serial and I ain't about to try that from an Azure VM
>>105633785
I am when my fucking bonus depends on it, faggot

>>105633381
>...please don't tell me your client apps execute raw SQL queries
Here in France, a lot of schools use a horrible piece of software called Pronote to keep track of student attendance, enter grades, and stuff like that. These days, everything is done over a Web inteface, but until a few years ago, they used a fat client written in Delphi. Apparently, the fat client in question would send SQL requests directly to the server, which was also written in Delphi. At least, that's what I've been told, I've never taken a look at these old versions. The current version uses a heavily obfuscated REST API, and every request is signed with a private key which is stored directly in the unobfuscated client-side JS code. Some of the requests are also AES-encrypted. The client side code is absolutely horrendous. It looks like what would happen if someone tried translating a Java codebase into JS. Also, since the server is written in Delphi and can only host a single school's content, the company spins up a Windows Server (hopefully they use Server Core) VM for every customer. There are also apparently some components of the infrastructure written in PHP, Rust, C# and even WLangage.

>>105634002
>Our client apps only execute stored procedures with sanitized inputs. It's a dumb solution,
>but it's secure
you can't be serious
so the client potentially can execute arbitrary SQL queries
it takes only one person to modify the application or extract a connection string
security through (easily circumventable) obscurity is not a solution
does at least the SQL user you are using have a security permission to only execute stored procedures, and only some of them?
any permissions on those? e.g. can any user potentially get/modify/delete every data if they know they call the correct sp?

>>105634132
>does at least the SQL user you are using have a security permission to only execute stored procedures, and only some of them?
Yes, specifically because the connection string can be easily extracted from managed code. App logins only have access to its specific procs, and procs are only executable by those logins. Also, no sensitive information is stored. I am not completely retarded, only mostly.

>>105633706
>paying for windows
cuck

>>105633169 (OP)
Does this router support wireless (local) storage via USB SSD?

>>105634002
>connect straight to stone-age PLCs on serial
I see. Definitely possible with azure, but a little bit more complex than a simple database. I'd say a week if you don't know anything about azure.

>>105633169 (OP)
everybody does shadow IT. I swipe computers set for obsolescence and have a corner of the lab dedicated to build servers on old hardware because IT cannot set that shit up in a useful way to save their life

>>105633169 (OP)
Unfortunately this cost me my btrfs volume today

>>105633169 (OP)
I'll post mine when this thread is up in 12 hours. Just got to bed an my frankenstein is on my PC.