HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mainde

no profile record

comments

mainde
·2 mesi fa·discuss
Eh, idk, I wouldn't classify these fixes as hacks nor as technical debt. It's labels that only work from a partial perspective. IMHO a solution that expects perfect compliance is not really complete, it's not good enough to put all the burden on the client, idempotency keys are part of the solution, but not the solution. So, in this sense I would say it is a technical problem.
mainde
·2 mesi fa·discuss
Well.. it was ~6 years and ~10 billion payments ago, the clients have been fixed but the "hack" is still there, it has caused no harm as far as I can tell. Worst case scenario it's useless, best case scenario it prevents regressions.

The issue with things that client must not do is that they might still do them, and users don't care whose fault it is. It's important to have auxilliary mechanisms to mitigate these.
mainde
·2 mesi fa·discuss
IMHO it's more: fix problems, or at least mitigate them, regardless whose problem it is.

I've been in this situation, a clientside bug meant that different requests arrived with the same idempotency key.

In my case, updating the client would have taken weeks, in the best case scenario. Updating the backend to check for a matching request body would have taken minutes, maybe hours.

It took me a surprising amount of arguing to convince people that, even if it was a clientside bug, we couldn't let users suffer for weeks in name of "correctness".
mainde
·7 mesi fa·discuss
It kinda works both ways, just yesterday I tried to play the Linux native version of 8bit.runner and it didn't work, I had to install the Windows (beta) version and run it through proton.
mainde
·7 mesi fa·discuss
Don't you find it excessive to imply the above regarding a G7 country?
mainde
·7 mesi fa·discuss
When I upgraded my PC to the same CPU, I had the same problem of crackling/buzzing speakers on my USB DAC (externally powered, but from the same strip/outlet) when the system was under load.

I had a hunch it was power related because my PSU was nearly 10 years old and probably with just barely enough wattage. I bought a new one and all the buzzing went away.

IIRC when I was researching possible causes, beefy Ryzen CPUs were the most commonly mentioned in various forums and reddit threads.
mainde
·8 mesi fa·discuss
This is also my experience, it's not necessarily Apple fans, people just get used to some garbage but necessary workflow/ritual and forget they are doing it. I witnessed multiple colleagues and friends, who are avid and experienced MacOS users, struggle with basic tasks like ..finding the window of an open application after it was minimised, fullscreening applications, screensharing. Yet, somehow, none of that registered for them and their experience was still reported as flawless.
mainde
·10 mesi fa·discuss
None of my claims disagree with what you just said. People posting the "gotcha" also likely don't disagree with you.

In fact, I suspect that most hate firearm-related violence and have worked to stop/curb it, and were opposed by Kirk who undeniably unfairly got a taste of his own medicine.
mainde
·10 mesi fa·discuss
One could argue that advocating against firearm control and regulation has resulted in significantly increased societal harm, which could also be identified as not fair, if not even evil/hateful, especially from those who have directly suffered from it.

Of course two wrongs don't make one right, and people can be more classy than this, but it's a totally understandable sentiment and response.
mainde
·10 mesi fa·discuss
It's being posted as a gotcha because he fought against firearm control and he was killed with a firearm. His death, like many firearm-related others, would have been significantly less likely to occur if firearm possession was properly regulated and curbed, like it is in many other countries.
mainde
·anno scorso·discuss
IMHO the incentives are disproportionately in favour of everyone doing something that hurts consumers (= "something that I don't like"), thus regulation in favour of consumer rights is appropriate.

There isn't a scenario where, at scale, someone can offer a product that respects consumer rights and is successful, because it's too profitable to not respect consumer rights just like it wasn't in many other cases.
mainde
·2 anni fa·discuss
I would be very surprised if bit flipping and ML were really used here, do you have any source?

While for sure there's a lot of signal and value in monitoring auth rates per BIN per payload, flipping bits can be extremely disruptive and counterproductive. From doing the wrong operation to being fined by the schemes, it's a lot of risk for not a lot of gain when these fields can be tuned ad-hoc for the few card issuers that deviate from the standard/norm.
mainde
·2 anni fa·discuss
Yes, the article focuses on GPP, which is more on the gaming side rather than the compute side. CUDA was clearly ahead and I think AMD still hasn't quite caught up, however, call me old fashioned but I don't like arbitrarily hardware-locked proprietay software frameworks like CUDA (and the same applies for all other nvidia stuff imho in the same category: rtx, dlss, gsync, etc).

For sure the better dev team won there, but on the long run, especially once CUDA becomes the only way to do "professional real world work", I'd like the hardware company to sell the hardware and the software company to sell the software, to avoid a dominant market position that hurts consumers and the industry, which is forced to pay premiums to monopolists.

I'm a bigger fan of the approach that AMD had over the years, their software frameworks are open and hardware agnostic, which resulted in improvements for everyone and not just their customers (e.g. Vulkan which came from Mantle, games with FSR or TressFX run well on all hardware, those with DLSS or Hairworks don't) and enable competition that brings prices down.
mainde
·2 anni fa·discuss
I'm of the opinion that NVIDIA raced ahead thanks also to shady anti-consumer tactics (https://www.forbes.com/sites/jasonevangelho/2018/03/08/repor... https://youtu.be/H0L3OTZ13Os) so..
mainde
·2 anni fa·discuss
>"I want to be clear: best practice, ideologically-pure end-to-end apps like Signal absolutely face the same ratchet. What I’m mostly trying to understand here is why Telegram and Blackberry get more publicy targeted."

IMHO it's mainly due to the popularity of the service/product. The concentration of bad actors and the vastness of the audience/userbase make the difference. If Signal was used in the same way, it would get the same attention.
mainde
·2 anni fa·discuss
I agree that testing can reduce the probability of having huge problems, but there are still many ways in which a QA process can fail silently, or even pass properly, without giving a good indication of what will happen in production due to data inconsistencies or environmental differences.

Ultimately we don't know if they QA'd the changes at all, if this was data corruption in production, or anything really. What we know for sure is that they didn't have a good story for rollbacks and enforced staggered rollouts.
mainde
·2 anni fa·discuss
It's quite handy that all the things that pass QA never fail in production. :)

On a serious note, we have no way of knowing whether their update passed some QA or not, likely it hasn't, but we don't know. Regardless, the post you're replying to, IMHO, correctly makes the point that no matter how good your QA is: it will not catch everything. When something slips, you are going to need good observability and staggered, gradual, rollbackable, rollouts.

Ultimately, unless it's a nuclear power plant or something mission critical with no redundancy, I don't care if it passes QA, I care that it doesn't cause damage in production.

Had this been halted after bricking 10, 100, 1.000, 10.000, heck, even 100.000 machines or a whopping 1.000.000 machines, it would have barely made it outside of the tech circle news.
mainde
·2 anni fa·discuss
While I agree that under-engineering can be a problem, it's generally very easy to fix by doing what's now clearly identified as missing/needed. Fixing over-engineering is always a nightmare and rarely a success.

IHMO the experience, the pragmatism and the soft skills needed for a successful/productive informal architectural meeting are too rare for this solution to work consistently.

Personally I've abandoned all hope and interest in software architecture, while on paper it makes a lot of sense, in practice (at least in what I do) it just enables way too many people to throw imaginary problems in the mix, distracting everyone from what matters with something that may eventually be a concern once/if a system hits a top-1% level of criticality/scale.