Hi, I'm from Entitled Inc.
You know that unpaid labour of yours, which we benefit from? You should do more of it. Oh, and you should add all this red tape so that we don't have to do anything ourselves.
We're still not going to pay you.
We also demand that you sign our Modern Slavery statement.
I used to write things for a previous employer's tech blog, but the old URLs may succumb to bitrot. These should work as long as Medium works:
The challenges of running a betting exchange (2016)
Notes on interviewing engineers (2016) -- This one was also picked up by a recruiter's blog.
DevOps is culture, not a title prefix (2017)
Security and Devops - a natural fit (2017)
Wait, what is my fleet doing (2018)
A pentest is like going to the GP for a check-up. An audit is like having a month-long colonoscopy.
This was perfectly predictable. CoPilot generates insecure code, as expected.
Machine Learning, the magic pixie dust of the past decade, is all about volume. And writing secure code is harder than writing insecure code. So by sheer volume there will be a lot more insecure code around.
Given that a lot of code in the wild is essentially a minimum viable copypaste from the highest scoring answer on StackOverflow, teaching the code generator model has obviously consumed a lot of insecure code. Since SO rewards speed, the answers that take the least time to write will receive most points.
Writing secure code takes more time and more space - so by the time someone submits an answer that considers security aspects, the person asking the question has already accepted (and ran with) the first and shortest working answer instead.
StackOverflow has redefined the MVC programming model. It now stands for Minimum Viable Copypaste.
Planning to travel to visit your family in these plague-ridden times, you're really saying:
"I miss my family so much they will see me if it's the last thing they do."
Daddy's crying. Mommy has a black eye. Little sister's hiding under her bed.
Yep, it's christmas.
Holding the number-one spot on Corruption Perceptions Index tells nothing about how well a country is doing.
It merely highlights how bad the situation is even for the runner-up.
The following is an edit of a piece originally written in November 2015.
The pinnacle of non-intrusive online ads were the original Google search ads. They were out of the way, clearly marked as ads - and hence could be visually filtered out. They were pure text, so could be neatly included as elements on the rendered page. And they were always targeting an INTEREST. Not an individual.
I will take that as the minimum acceptable advertising behaviour. I'm not implying it's perfect, but at least we set a clear set of ground rules. With that in mind, my ideal, non-intrusive ads mechanism builds on the following rules:
Breaking even one of the rules automatically disqualifies you.
If you, as an advertiser, find these rules unacceptable - well, then we are in mutual disagreement. I find your ads equally unacceptable and will treat them as a form of cancer.
However, as a genuine service to the user... please allow the users to search for ads that have been displayed to them. Preferably by display context. I would be glad to return to a subject at a later date and search for something I remember seeing earlier.
The above set of rules is still not ideal, but everything that behaved according to them would at least be palatable.
Software is like a diamond ...
... the better it glistens, the more edges there are.
... the toughest substance on planet, yet can shatter from a single impact.
... creating one can destroy your tools.
... no matter how well it wears, it'll still burn.