HackerTrans
TopNewTrendsCommentsPastAskShowJobs

twunde

no profile record

Submissions

The comforting lie of sha pinning

vaines.org
4 points·by twunde·3 месяца назад·0 comments

comments

twunde
·2 месяца назад·discuss
I can't comment about the minimum number of stores, but I do think its the correct idea. I live in a town of ~12000. We have 6.5 bookstores (including the good local thrift store as .5). Stores/restaurants do turn over fairly regularly, so its still tough, but it certainly seems viable. We get a good number of tourists, which helps but I do think you need a mix of restaurants, and a mix of different types of stores. Even as you go to nearby towns with big box stores, they all have downtowns that are doing ok with locally run businesses. Notably the downtowns all are small business focused with few if any box stores
twunde
·2 месяца назад·discuss
Within the US, energy prices for are typically split into supply and distribution rates with taxes and fees added to each of these. There are typically a large number of these fees that are passed through to the consumer, but just are bundled together to reduce confusion. An example fee is one for keeping power plants idle as extra capacity for when it's needed. Electricity has a nationwide market with different prices for spot prices vs long term although if you are big enough you can also get a direct contract to hedge your energy supply prices.

The complaint here is that PJM is spending money on upgrading the long range wires and passing that fee in a way that's not calculated for usage but instead it's likely divided evenly amongst member states. If you're upgrading wires in PA why should Maryland pay for that? These would taking in new/higher fees being passed to consumers.

The long range transmission lines are different than short term transmission lines. The long range ones appear someone to hit electricity from a power plant in California for a business in Baltimore.
twunde
·2 месяца назад·discuss
This is essentially what some 3rd party vendors do, which is why supply chain malware is typically found in hours now and not weeks.

The reason why npmjs, pypy and other public registries don't do this is because it would likely 10x+ the cost of their infrastructure while not bringing in much new revenue. It's also potentially orthogonal to paint customers needs since it could likely lead to downtime or at least block new releases going out
twunde
·3 месяца назад·discuss
Other airports do have ads for tech companies (Seattle comes to mind) but the concentration is significantly lower.

Billboards are primarily focused on brand awareness since you can't update them frequently and you don't have amazing targeting/attribution data. They're also hyper-geographic specific. For tech companies that means that billboards are most useful when targeting either a specific conference or when targeting people that can make sales decisions.

Sf's billboard space is heavily used by the tech industry because A) you've got a high concentration of consumers for your tech product (developers, marketers, operations, product managers, etc) B) you've got a high concentration of decision-makers in terms of director/VP/execs/consultants going through that airport who may end up making a final decision on your sales. C) you've got a concentration of investors in terms of VC, private equity, angel investors. This helps bring in interest for that next round/acquisition. For your existing investors this means that they've got something to brag about. D) hometown pride. Companies tend to put billboards near where executives travel through since it's a reminder of the work that the marketer is doing. It also helps with hiring and media reputation.

If you compare SF to NYC or Boston, those other cities have a much smaller amount of their workforce in tech (22% compared to 11%). This is especially true if you think about the number of people transferring at these airports. The concentration of customers just isn't there, which is why NYC ads tend to be more consumer driven.
twunde
·4 месяца назад·discuss
For people to care of would have to be like healthcare. The Change Healthcare breach cost 2B+ and led to a huge loss in market share. Or like AMCA, which went bankrupt after the breach (Labcorp's billing company). If you're a health tech company you can no longer insure your way out of the problem over you reach a certain size.

The reality is that we need data breaches to be painful but maybe not company ending events unless it really is sensitive data. As patio11 likes to say the right level of fraud is not zero. There's a middle ground where we can increase company liability or reduce the damage caused by a beach.
twunde
·11 месяцев назад·discuss
This is much more viable than it was in the past with the advent and adoption of nvm, pyenv etc but the limiting factor becomes system dependencies. The typical example from yesteryear was upgrading openssl but inevitably you'll find that some dependency auto updates a system dependency silently or requires a newer version that requires upgrading the OS.
twunde
·7 лет назад·discuss
I work at a 100-person startup. We currently do 1 week secondary followed by 1 week primary. This comes up every 2.5 months. On-call is 8am-8pm with any overnight pages going to execs. I'll not that we originally had people doing daily shifts and it was a huge pain for those who were religiously observant. It was much harder to get someone to cover a Saturday or Sunday shift since nobody wants to cover those. Will send much better