I remember a book I read in elementary school (in the Cam Jansen series, IIRC) where the main conflict was a mean older brother put a password on the new family computer (a huge deal in the early 90s), and the younger hires the kid detective to find the password. The password is “hot dog”, ultimately determined because the desktop BG was a picture of ketchup and mustard.
I recall being not super satisfied with that ending.
Yeah, I've implemented OTP before, and I can think of no way this could be a surveillance move. If they required you use their app because they use a custom solution, sure, maybe, but they're OTP is currently entirely standard, so you can use a plethora of app (or roll your own in about 14 lines of Python)
I kinda feel your pain. A project that I helped launch is written in Typescript technically, but the actual on-the-ground developers were averse to using type safety, so any is used everywhere. So, it becomes worst of both worlds, and the code is a mess (I don't have authority in the project anymore, and wouldn't touch it even if I could).
I'm also annoyed at some level because some of the devs are pretty junior, and I fear they are going to go forward thinking Typescript or type safety in general is bad, which hurts my type-safety-loving-soul
Putting aside the "should/shouldn't do" argument, I was also wondering if the code is even viable. I imagine that 'ls' and 'sudo' are probably pretty ubiquitous, but I bet there exist some Linux installs out there with a different shell than 'bash', and some might not have 'grep' too. That would lead to some pretty cryptic bugs for the end user, eh?