HackerTrans
TopNewTrendsCommentsPastAskShowJobs

620gelato

no profile record

comments

620gelato
·12 giorni fa·discuss
That's a good tradeoff I suppose. I've been racking my brain trying to find a solution recently that solves both of these but haven't been able to.

What I had landed on was idempotency on a best effort basis and just made the event processing safely retryable without violating any system invariants.
620gelato
·12 giorni fa·discuss
I explicitly make sure services I lead have Integration tests in CI pipeline to validate the "negative paths" against all APIs with missing, invalid, un-authorised identities, expired, un-authenticated tokens. Of course that still doesn't cover every surface, but even that gets sideways glances from some folks who think we should just test happy paths and why we're testing for access controls in Integration tests.
620gelato
·2 mesi fa·discuss
Realized this during a particularly stressful time in 2021 - back then, I used to spend hours walking just thinking through problems, all night long. I’ve since abandoned the all night long part, but have an almost daily ritual to walk around thinking about whatever problem - small or big - I’m working on at the moment.

I’ve also found that during these walks, the more I talk out loud to myself and move my hands as if I’m writing on a whiteboard, the faster I get to an answer.
620gelato
·7 mesi fa·discuss
Been buying mullvad for the last 4-5 years but oftentimes I can’t even browse the fucking New York Times website due to low bandwidth, let alone stream anything. At this point, I just keep adding time to my account just in case, without using it.
620gelato
·anno scorso·discuss
This. No more juniors, and the skills of the seniors is going to atrophy when all they're doing is review and "move around" code an LLM spat out.
620gelato
·anno scorso·discuss
Advance of civilization is nothing but an exercise in the limiting of privacy. (Foundation's edge)
620gelato
·anno scorso·discuss
> jack up premiums by 20% unless you force employees to change their password once every 90 days"

Always made me judge my company's security teams as to why they enable this stupidity. Thankfully they got rid of this gradually, nearly 2 years ago now (90 days to 365 days to never). New passwords were just one key l/r/u/d on the keyboard.

Now I'm thinking maybe this is why the app for a govt savings scheme in my country won't allow password autofill at all. Imagine expecting a new password every 90 days and not allowing auto fill - that just makes passwords worse.
620gelato
·anno scorso·discuss
> AI to run in loop, fixing compile errors, fixing tests, do builds, run the app and do API calls...

Ah I really wanna trust AI won't "fix" the tests by commenting out the assert statements or changing the comparison inputs willy-nilly. I guess that's something terrible human engineers also do. I review changes to tests even more critically than the actual code.
620gelato
·anno scorso·discuss
Oh the sha-256 hashes are precisely what I used for a quick script I put together to parse through various backups of my work laptop in different places (tool changes and laziness). I had 10 different backups going back 4 years, and I wanted to make sure I - 1) preserved all unique files, 2) preserve the latest folder structure they showed up in.

Using sha256 was a no-brainer, at least for me.
620gelato
·2 anni fa·discuss
For better or worse, I have a habit of clicking the touchpad or a few keys after I shut down my laptop. Just to make sure it's shut down properly. Back in Windows days with HDDs and hibernate, laptops sometimes took minutes to shut down completely, and I don't like closing the lid before shut down is complete.

Now, I end up restarting with that mere act, and have to long-press to shut down again because the shut down option won't show up on login screen.
620gelato
·2 anni fa·discuss
[dead]
620gelato
·2 anni fa·discuss
India basically has this - when creating subscriptions, merchants typically create "mandates" which specify max amount permitted per month, frequency, and duration.

Afterwards, 1) if per month amount is greater than a regulated threshold, manual confirmation is needed. [ This is friction ] , 2) cancelling can be as simple as going to your bank's website and deleting the "mandate".

In all honesty, this is probably a really balanced approach, but the roll out was a real pain, with banks and merchants collaborating on who supports whom, etc. International payments got screwed completely - to this day, I can't subscribe to nytimes, after almost 2.5 years of this.

(A good summary - https://support.stripe.com/questions/rbi-e-mandate-regulatio... )
620gelato
·2 anni fa·discuss
2100 clusters, 16k nodes, and data is replicated across every node "within a cluster" with nodes placed in different data centers/regions.

That doesn't sound unreasonable, on average. But I suspect the distribution is likely pretty uneven.
620gelato
·2 anni fa·discuss
(Speaking as an Indian engineer)

Hate to generalize, but this has less to do with "Indian style" but rather adding a lot of fluff to make a problem appear more complex than it is, OR maybe someone set a template that you must write such and such sections, despite there not being relevant content. [ Half the sections from this article could be cut without losing anything ]

In this case, the _former_ really shouldn't have been the case. I for one would love to read a whole lot more about rollback planning, traffic shifting, which query patterns saw most improvements, hardware cost optimizations, if any, etc.
620gelato
·2 anni fa·discuss
> trying to jump on a "hot topic" bandwagon

I don't know exactly what they hope to gain by jumping on that bandwagon though; neither the physicists nor the computer scientists are going to value this at all. And dare I say, the general populace associated with the two fields isn't going to either - case in point, this hn post.

If there weren't any noble-worthy nominations for physics, maybe skip it? (Although that hasn't happened since 1972 across any field)
620gelato
·2 anni fa·discuss
I think I'd be curious to know, if the size of ensemble is another scaling dimension for compute, alongside the "thinking time".
620gelato
·2 anni fa·discuss
Ah yes - perfect.
620gelato
·2 anni fa·discuss
Or perhaps even, insert yet another header with just the list of internal headers being added to the request, assuming this happens at a single place, otherwise a recipe for disaster.

I have a slightly different example of this, where a rpc framework used in my company disallows the service owner from modifying certain headers (say request identifier), and will instead create a duplicate header with a suffix. In that scenario at least, I can see this as a fairly reasonable tradeoff, as the goal is to control certain headers from being modified, not because they are platform internal but because there are certain assumptions associated with those headers that are followed company-wide.

I'll go check what mechanism is used for this matching.
620gelato
·2 anni fa·discuss
Just FYI, the actual headline doesn't include the word Tech. It's filed under Tech category, and I'm guessing OP messed up copy pasting.
620gelato
·2 anni fa·discuss
99% of corporate networks? That can't be true.

I do know that this is done - in fact worked at a pretty major smartphone manufacturer and never logged in to any personal account on work devices. It was pretty obvious by even just looking at the security info on chrome/firefox that the certificate used was a root signed by the company itself. I used to shout at the top of my lungs to my friends, that hey, _this_ is how your information is vulnerable to the corporate overlords, but I guess they weren't as paranoid as I.

The first thing I checked when moving to my next employer was if they were intercepting SSL traffic like this. (They weren't - they used Falcon)