I don't pray for the confidence of a mediocre white guy. I pray for the sort of encouraging environment that says it's okay to not be super confident, they'll acknowledge and accept your ideas and effort even when you're not confident.
I swear, I talk to people who are all down on themselves being self deprecating, and then it turns out they have debugged kernel drivers for the fun of it. Or make beautiful artwork. Or can give you exact quotes, episode number, and minute of every single Simpson's episode. Or manage to be a 24/7/365 home health aid of a disabled person while having to live inside said disabled person. Or a professor. Or 50 zero days to their name. Or raising awesome kids. Or climb mountains in their spare time. Or idk, all sorts of shit I certainly can't do. But I guess I do some things they can't too.
Hot take:
I blame the modern trend towards containerization of code as a not insignificant partial cause for all the recent package repository breaches being as bad as they are.
Okay, hear me out.
When a developer had to get her code to actually build on a machine she doesn't have full control over, it's in her own best interest to keep the dependency graph comparatively straightforward and oftentimes statically linked. If she's trying to build on an arbitrary server OS, she won't want her dependency's dependencies's dependency to suddenly be angry about some random library that is installed in a different version and bork the whole thing. So the application and its dependencies remain more tightly coupled.
When an application can be shipped in a container, a developer doesn't have to worry about his container image changing unexpectedly. He can define the whole manifest and get it built the same way every time. Which sure, is good for reliability in the sense that it's going to build the same way on a desktop and Azure and AWS and GCP. But that also means it creates weird incentives to just add all sorts of 3rd party libraries to the package manifest whenever he wants without even thinking too hard about it, because why not? As long as it builds in the CI/CD, it'll be fine. A sysadmin won't come along and run an update and break shit, it only gets updated on a redeploy.
But of course, now it means that dependency graphs sprawl uncontrollably, because there's way less back pressure to keep your dependencies under control.
People who used to be in cybersecurity, but now do different jobs, what do you do now? I'm trying to think of what the shape of my last half of my career could look like, but kinda keep drawing a blank.
Both within tech/IT and outside of it. Or even if I needed to go back to school. Idk, just trying to think of other things that might be interesting.
Can I please get a:
"Fuck Hillary Clinton"?
Prem Thakker ツ
@premthakker.bsky.social
Hillary Clinton blames TikTok and “totally made up” videos for young people’s views on Israel and Palestine.
She says social media influenced “not just the usual suspects” but also “young Jewish Americans who don’t know the history and don’t understand.”
