avatarTeri Radichel

Summarize

Welcome to Bugs that Bite

Introducing a new blog from Teri Radichel

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics | Code.

🔒 Related Stories: Bugs | AWS Security | Secure Code

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Have you ever gotten stuck for way too long on an error message that should have been a simple fix? Do you fix and error and forget what you did to fix it the next time you hit the error? Do you ever spend weeks trying to convince a company that there is a bug in their product? Do you find that some error messages do not correctly describe the problem? Are some UI’s confusing? Is performance problematic with some functionality of certain applications? That’s what this blog is all about.

I rarely pay for support on cloud platforms because, basically, I feel like I’m paying to provide quality assurance. When the documentation is clear and the error messages are even mildly useful I’ll typically figure out the problem faster myself than through customer support. When I do find a problem I can’t fix, it’s often a bug or the service is down. Do I have to pay to report bugs and tell a company their service is down? That doesn’t seem fair.

I will sometimes go around in circles for ages with support teams such as I did trying to resolve some problems with Microsoft Azure recently. I decided to just start writing this blog with the error messages I hit and how to fix them. Maybe this will get to the right people to fix the problems faster than going through a support team that doesn’t always have the time or training to adequately troubleshoot a problem.

Hopefully it helps both people who are hitting the error messages, and the people that are trying to fix them and make their products better. And that usually doesn’t happen by submitting support tickets, unfortunately, or at least not very fast. I recently spent 4 weeks trying to convince an Azure support engineer to escalate a problem that turned out to be an Azure bug, which they said they fixed, but by the time they fixed it, my 6 week Azure class was over and I had to move on so I didn’t test it.

The problem is that I’m not getting paid to report and verify fixes for all these bugs. At least when companies pay a security bug bounty you have a shot at getting paid. I’d rather spend my time on that but I’ve been too busy with cloud and application pentesting to date to have time for bug bounties. I hope to find time someday. I’m working on some automation that might help. :)

Although I write a lot about cybersecurity, security assessments, and penetration testing this blog isn’t all about security. It’s just about error messages I hit and how to fix them. Related that that is poor performance and confusing UI design.

If you want to learn how to secure your systems and code, follow my other blog, Cloud Security:

If you want to write better error messages and improve error handling check out my post on Thoughtful Error Handling:

For more information about security bugs, otherwise know as CVEs, and a subcategory called Zero Days check out CVEs: Security Bugs that Bite:

That’s part of my book linked at the bottom of this blog post which covers cybersecurity fundamentals at an executive level.

If you want to improve testing your code and preventing error messages in general you can read this post on Better testing for better outcomes:

For more on penetration testing or security testing, check out this post on Getting value from security testing:

If an article in this blog helped you or you had the same problem, please clap!

That’s it for now!

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2022

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
Bug
Error Message
Software Development
Quality Assurance
Software Testing
Recommended from ReadMedium
avatarArtturi Jalli
I Built an App in 6 Hours that Makes $1,500/Mo

Copy my strategy!

3 min read
avatarElNiak
CVE-2024–24576: A Critical Rust Vulnerability on Windows

Dive into the technical intricacies of CVE-2024–24576, a critical vulnerability in the Rust programming language that compromises Windows…

4 min read
avatarAkhilesh Mishra
You should stop writing Dockerfiles today —  Do this instead

Using docker init to write Dockerfile and docker-compose configs

5 min read
avatarPh.Hitachi
How i Find Database Credentials via Mass Recon & Recon Scoping on Gcash

Hi guys,

6 min read
avatarSomnath Singh
The Era of High-Paying Tech Jobs is Over

The Death of Tech Jobs.

14 min read
avatarMarc Lopez
Managing Configuration Drift in the Cloud

Like most learning endeavors, the more you start to understand a topic, the more questions arise. I think it’s important as security…

3 min read