1. MrDarcy 1 day ago

   They are building data centers of TPUs now, not general purpose processors.
2. MrDarcy 2 days ago

   As a hiring manager, if someone shared a profile of a person with a PHD in earth sciences and 8 years of “full stack” experience I’d immediately assume they were a generalist with surface level familiarity and no mastery or depth in any one area.

   I’d then look over the profile trying to disprove my assumption. Lacking a very strong signal in mastery of something, I’d pass on the profile.

   Only at small scales are full stack engineers valuable. Their value is not in the quality of their output but in their ability to deliver make shift with that avoids having to pay for specialist who can deliver quality.

   Assuming there is product market fit then generalists are replaced by specialists. This is where the true value aligns in terms of high quality output being compensated proportional to value created.

   Given all this my advice is to pick two complementary areas, specialize in those areas and develop deep mastery. Keep your broad general skills. Then market yourself as the T or H shaped engineer that’s most valuable.

3. MrDarcy 3 days ago

   Who cares? Nobody is building large scale inference services with macs.
4. MrDarcy 3 days ago

   For both home and travel routers OpenWRT is far and away superior to Unifi gear. Usability, configurability, and especially security.
5. MrDarcy Dec 17, 2025

   Counterpoint: most likely no, it really is about all the downstream impacts of critical and high findings in scanners. The risk of failing a soc2 audit for example. Once that risk is removed then the value prop is also removed.
6. MrDarcy Dec 15, 2025

   Right and in my example it would be the principal of the service account, not the compromised AWS account.

   If you ran a cloud trail query that's essentially "Did Alice access user data in S3 ever?" the answer would be "No"

   So that brings us back to the question, what is meant by "trust CloudTrail"

7. MrDarcy Dec 15, 2025

   What do you mean by “trust cloud trail”

   So cloud trail shows the compromised account logging into an EC2 instance every day like normal.

   Then service account credentials are used to access user data in S3.

   How does cloud trail indicate the compromised credentials were used to access the customer data in S3?

8. MrDarcy Dec 14, 2025

   Unless the attacker used any one of hundreds of other avenues to access the AWS resource.

   Are you sure they didn’t get a service account token from some other service then use that to access customer data?

   I’ve never seen anyone claim in writing all permutations are exhaustively checked in the audit logs.

9. MrDarcy Dec 13, 2025

   Reading it with hindsight, their problems have less to do with the technical trade off of micro or monolith services and much more to do with the quality and organizational structure of their engineering department. The decisions and reasons given shine a light on the quality. The repository and test layout shine a light on the structure.

   Given the quality and the structure neither approach really matters much. The root problems are elsewhere.

10. MrDarcy Dec 12, 2025

    And off by one errors.
11. MrDarcy Dec 9, 2025

    This is a land grab and not much else.
12. MrDarcy Dec 9, 2025

    This is nonsensical. Most F500 companies are globally distributed. Most of onboarding is gaining access to systems.

    It’s far easier and more efficient to search slack, find the person you need to talk to and DM them in your first week than it is to pester the person who sits next to you to figure out how to click the right Sailpoint buttons.

13. MrDarcy Dec 8, 2025

    The ivory tower standing in the way of delivering value I think.
14. MrDarcy Dec 7, 2025

    This matches my personal experience having worked with OpenStack.
15. MrDarcy Dec 7, 2025

    “Show me the incentive, I’ll show you the outcome.” -Charlie Munger
16. MrDarcy Dec 7, 2025

    The idea is sound but the feeling of hate is perhaps strong. It’s understandable there’s no incentive to pay for open source software, and doing so would be seen as an unnecessary allocation of resources that could better be allocated elsewhere.

    Given this understanding, the best away to achieve the desired outcome is to get creative about aligning incentives at the top of org structures where resources are allocated.

17. MrDarcy Dec 6, 2025

    In the 2000’s Python was also a sysadmin language.

    Edit: But I see your point, Google SRE’s around the late 2000’s reached for Python more than Perl.

18. MrDarcy Nov 29, 2025

    This is correct and applies to security in general. Security is one facet of reliability.
19. MrDarcy Nov 26, 2025

    I honestly don’t understand why you’re presuming to tell me what I think.

    I consider myself a craftsman. I craft tools. I also am a manager. I also am a consultant. I am both a subcontractor and I subcontract out.

    Above all else I’m a hacker.

    I also use LLM’s daily and rather enjoy incorporating this new technology into what I consider my craft.

    Please stop arrogantly presuming you know what is best for me to think and feel about all of this.

20. MrDarcy Nov 26, 2025

    I’m a hacker and I’d show respect to that latter person if they did the subcontracting and reviewed their craft well.

This user hasn’t submitted anything.