Good Reads​

2025-08-24 The Management Skill Nobody Talks About – Terrible Software { terriblesoftware.org }

The real question isn’t whether you’ll make mistakes; it’s what you do after.

I recently read “Good Inside” by Dr. Becky Kennedy, a parenting book that completely changed how I think about this. She talks about how the most important parenting skill isn’t being perfect — it’s repair. When you inevitably lose your patience with your kid or handle something poorly, what matters most is going back and fixing it. Acknowledging what happened, taking responsibility, and reconnecting.

Sound familiar? Because that’s what good management is about too.

Think about the worst manager you ever had. I bet they weren’t necessarily the ones who made the most mistakes. But they were probably the ones who never acknowledged them. Who doubled down when they were wrong. Who let their ego prevent them from admitting they didn’t have all the answers.

2025-07-30 How to increase your surface area for luck - by Cate Hall { usefulfictions.substack.com }

Cate Hall explains how increasing your “surface area”―the combination of doing meaningful work and making it visible―invites more serendipity. By writing, attending events, joining curated communities, and reaching out directly, you raise the probability that unexpected opportunities will find you.

Key Takeaways

• Luck is not random; it grows when valuable work is paired with consistent public sharing.
• Publishing ideas extends your reach indefinitely; a single post can keep generating inquiries for years.
• Showing up at meetups, conferences, or gatherings multiplies chance encounters that can turn into collaborations.
• Curated communities act as quality filters, putting you in front of people who already share your interests and standards.
• Thoughtful, high‑volume cold outreach broadens your network and seeds future partnerships.
• Deep expertise built on genuine passion attracts attention and referrals more naturally than broad generalism.
• Balance is critical: “doing” without “telling” hides impact, while “telling” without substance destroys credibility.
• Serendipity compounds over time; treat visibility efforts as long‑term investments, not quick wins.
• Track views, replies, and introductions to identify which activities generate the most valuable contacts.

2025-07-30 The actual reason you can't get a job - YouTube { www.youtube.com }

2025-07-19 Why Most Feedback Shouldn’t Exist – Terrible Software { terriblesoftware.org }

when everything is “an opportunity for growth,” nothing is.

2025-06-25 Why Engineers Hate Their Managers (And What to Do About It) – Terrible Software { terriblesoftware.org }

Most engineers have a complicated relationship with their managers. And by “complicated,” I mean somewhere between mild annoyance and seething resentment. Having been on both sides of this — more than a decade as an engineer before switching to management — I’ve experienced this tension from every angle.

Here’s the uncomfortable truth: engineers often have good reasons to be frustrated with their managers. But understanding why this happens is the first step toward fixing (or just coping with?) it.

---

Let me walk you through the most common management anti-patterns that make engineers want to flip tables — and stick around, because I’ll also share what the best managers do differently to actually earn their engineers’ respect.

If you’re an engineer, you’ll probably nod along thinking “finally, someone gets it.” If you’re a manager, well… you might recognize yourself in here. And that’s okay — awareness is the first step.

2025-06-15 Good Engineer/Bad Engineer – Terrible Software { terriblesoftware.org }

(I've tried to summarize, but it is too good for summarizing, I can't! )

By Matheus Lima on June 13, 2025

This is inspired by Ben Horowitz’s “Good Product Manager/Bad Product Manager.” We all exhibit both behaviors — what matters is which ones we choose to reinforce.

---

Bad engineers think their job is to write code. Good engineers know their job is to ship working software that adds real value to users.

Bad engineers dive straight into implementation. Good engineers first ask “why?”. They know that perfectly executed solutions to the wrong problems are worthless. They’ll push back — not to be difficult, but to find the simplest path to real value. “Can we ship this in three parts instead of one big release?” “What if we tested the riskiest assumption first?”

Bad engineers work in isolation, perfecting their code in darkness. Good engineers share early and often. They’ll throw up a draft PR after a few hours with “WIP – thoughts on this approach?” They understand that course corrections at 20% are cheap; but at 80% are expensive.

Bad engineers measure their worth by the complexity of their solutions. They build elaborate architectures for simple problems, write clever code that requires a PhD to understand, and mistake motion for progress. Good engineers reach for simple solutions first, write code their junior colleagues can maintain, and have the confidence to choose “boring” technology that just works.

Bad engineers treat code reviews as battles to be won. They defend every line like it’s their firstborn child, taking feedback as personal attacks. Good engineers see code reviews differently — they’re opportunities to teach and learn, not contests. They’ll often review their own PR first, leaving comments like “This feels hacky, any better ideas?” They know that your strengths are your weaknesses, and they want their teammates to catch their blind spots.

Bad engineers say yes to everything, drowning in a sea of commitments they can’t keep. Good engineers have learned the art of the strategic no. “I could do that, but it means X won’t ship this sprint. Which is more important?”.

Bad engineers guard knowledge like treasure, making themselves indispensable through obscurity. Good engineers document as they go, pair with juniors, and celebrate when someone else can maintain their code. They know job security comes from impact, not from being a single point of failure.

Bad engineers chase the newest framework, the hottest language, the latest trend. They’ve rewritten the same app four times in four different frameworks. Good engineers are pragmatists. They’ll choose the tech that the team knows, the solution that can be hired for, the approach that lets them focus on the actual problem.

Bad engineers think in absolutes — always DRY, never compromise, perfect or nothing. Good engineers know when to break their own rules, when good enough truly is good enough, and when to ship the 80% solution today rather than the 100% solution never.

Bad engineers write code. Good engineers solve problems. Bad engineers focus on themselves. Good engineers focus on their team. Bad engineers optimize for looking smart. Good engineers optimize for being useful.

The best engineers I’ve worked with weren’t necessarily the smartest — they were simply the most effective. And effectiveness isn’t about perfection. It’s about progress.

2025-07-10 Mellow Drama: Turning Browsers Into Request Brokers | Secure Annex { secureannex.com }

The SecureAnnex blog post “Mellow Drama: Turning Browsers Into Request Brokers” investigates a JavaScript library called Mellowtel, which is embedded in hundreds of browser extensions. This library covertly leverages user browsers to load hidden iframes for web scraping, effectively creating a distributed scraping network. The behavior weakens security protections like Content-Security-Policy, and participants include Chrome, Edge, and Firefox users—nearly one million installations in total. SecureAnnex traces this operation to Olostep, a web scraping API provider.

Takeaways:

Widespread involuntary participation Mellowtel is embedded in 245 browser extensions across Chrome, Edge, and Firefox, with around 1 million active installations as of July 2025.

Library functionality explained The script activates during user inactivity, strips critical security headers, injects hidden iframes, parses content via service workers, and exfiltrates data to AWS Lambda endpoints.

Monetization-driven inclusion Developers integrated Mellowtel to monetize unused bandwidth. The library operates silently using existing web access permissions.

Olostep’s connection Olostep, run by Arslan Ali and Hamza Ali, appears to be behind Mellowtel and uses it to power their scraping API for bypassing anti-bot defenses.

Security implications Removing headers like Content-Security-Policy and X-Frame-Options increases risk of XSS, phishing, and internal data leaks, especially in corporate settings.

Partial takedown by browser vendors Chrome, Edge, and Firefox have begun removing some affected extensions, but most remain available and active.

Shady transparency practices Some extensions vaguely mention monetization or offer small payments, but disclosures are often misleading or obscured.

Mitigation and detection guidance Users should audit installed extensions, block traffic to request.mellow.tel, and restrict iframe injection and webRequest permissions.

Community-driven defense Researchers like John Tuckner are sharing IOCs and YARA rules to detect compromised extensions and raise awareness.

Broader security trend This incident exemplifies a growing class of browser-based supply chain attacks using benign-looking extensions as distributed scraping nodes.

2025-07-27 Reading QR codes without a computer! {qr.blinry.org}

Did you ever wonder how QR codes work? You've come to the right place! This is an interactive explanation that we've written for a workshop at 37C3, but you can also use it on your own. You will learn:

• The anatomy of QR codes
• How to decode QR codes by hand (using our cheat sheet)

2025-08-31 Notes on Managing ADHD { borretti.me }

I build external scaffolding so my brain has fewer places to drop things: memory lives in a single todo list, and the one meta habit is to open it every morning; projects get their own entries so half-read books and half-built ideas do not evaporate; I keep the list pinned on the left third of the screen so it is always in my visual field. I manage energy like voltage: early morning is for the thing I dread, mid-day is for creative work, later is for chores; when I feel avoidance, I treat procrastination by type—do it scared for anxiety, ask a human to sit with me for accountability, and write to think when choice paralysis hits; timers manufacture urgency to start and, importantly, to stop so one project does not eat the day. I practice journaling across daily, weekly, monthly, yearly reviews to surface patterns and measure progress; for time, I keep a light calendar for social and gym blocks and add explicit travel time so I actually leave; the todo list holds the fine-grained work, the calendar holds the big rocks.

On the ground I favor task selection by shortest-first, with exceptions for anything old and for staying within the active project; I do project check-ins—even 15 minutes of reading the code or draft—to refresh caches so momentum is cheap; I centralize inboxes by sweeping mail, chats, downloads, and bookmarks into the list, run Inbox Zero so nothing camouflages, and declare bankruptcy once to reset a swampy backlog. I plan first, do later so mid-task derailments do not erase intent—walk the apartment, list every fix, then execute; I replace interrupts with polling by turning on DND and scheduling comms passes; I do it on my own terms by drafting scary emails in a text editor or mocking forms in a spreadsheet before pasting; I watch derailers like morning lifting, pacing, or music and design around them; I avoid becoming the master of drudgery who optimizes the system but ships nothing; when one task blocks everything, I curb thrashing by timeboxing it daily and moving other pieces forward; and I pick tools I like and stick to one, because one app is better than two and building my own is just artisan procrastination.

ADHD, productivity, todo list, journaling, energy management, procrastination, timers, inbox zero, task selection, planning, timeboxing, focus, tools

Inspiration!​

2025-08-01 Cry Once a Week { www.cryonceaweek.com }

2025-09-01 Eternal Struggle { yoavg.github.io }

👂 The Ear of AI (LLMs)​

2025-08-18 tokens are getting more expensive - by Ethan Ding { ethanding.substack.com }

Flat subscriptions cannot scale The assumption that margins would expand as LLMs became cheaper is flawed. Users always want the best model, which keeps a constant price floor. AI Subscriptions Get Short Squeezed

Token usage per task is exploding Tasks that used ~1k tokens now often consume 100k or more due to long reasoning chains, browsing, and planning.

Unlimited plans are collapsing Anthropic announced weekly rate limits for Claude subscribers starting August 28, 2025. Anthropic news update

Heavy users (“inference whales”) break economics Some Claude Code customers consumed tens of thousands of dollars in compute while only paying $200/month. The Register reporting

Shift toward usage credits Cursor restructured pricing: Pro plans now include credits with at-cost overages, plus a new $200 Ultra tier. Cursor pricing page

2025-06-15 Field Notes From Shipping Real Code With Claude - diwank's space { diwank.space }

Tags: AI‑assisted coding, vibe coding, CLAUDE.md, anchor comments, testing discipline, token management, git workflows, session isolation, developer efficiency

Here’s What You’re Going to Learn First, we’ll explore how to genuinely achieve a 10x productivity boost—not through magic, but through deliberate practices that amplify AI’s strengths while compensating for its weaknesses.

Next, I’ll walk you through the infrastructure we use at Julep to ship production code daily with Claude’s help. You’ll see our CLAUDE.md templates, our commit strategies, and guardrails.

Most importantly, you’ll understand why writing your own tests remains absolutely sacred, even (especially) in the age of AI. This single principle will save you from many a midnight debugging sessions.

Steve Yegge brilliantly coined the term CHOP—Chat-Oriented Programming in a slightly-dramatic-titled post “The death of the junior developer”. It’s a perfect, and no-bs description of what it’s like to code with Claude.

There are three distinct postures you can take when vibe-coding, each suited to different phases in the development cycle:

1. AI as First-Drafter: Here, AI generates initial implementations while you focus on architecture and design. It’s like having a junior developer who can type at the speed of thought but needs constant guidance. Perfect for boilerplate, CRUD operations, and standard patterns.
2. AI as Pair-Programmer: This is the sweet spot for most development. You’re actively collaborating, bouncing ideas back and forth. The AI suggests approaches, you refine them. You sketch the outline, AI fills in details. It’s like pair programming with someone who has read every programming book ever written but has never actually shipped code.
3. AI as Validator: Sometimes you write code and want a sanity check. AI reviews for bugs, suggests improvements, spots patterns you might have missed. Think of it as an incredibly well-read code reviewer who never gets tired or cranky.

Instead of crafting every line, you’re reviewing, refining, directing. But—and this cannot be overstated—you remain the architect. Claude is your intern with encyclopedic knowledge but zero context about your specific system, your users, your business logic.

2025-06-02 MCP explained without hype or fluff - nilenso blog { blog.nilenso.com }

Model Context Protocol (MCP) helps AI apps connect with different tools and data sources more easily. Usually, if many apps need to work with many tools, each app would have to build a custom connection for every tool, which becomes complicated very quickly. MCP fixes this by creating one common way for apps and tools to talk. Now, each app only needs to understand MCP, and each tool only needs to support MCP.

An AI app that uses MCP doesn't need to know how each platform works. Instead, MCP servers handle the details. They offer tools the AI can use, like searching for files or sending emails, as well as prompts, data resources, and ways to request help from the AI model itself. In most cases, it's easier to build servers than clients.

The author shares a simple example: building an MCP server for CKAN, a platform that hosts public datasets. This server allows AI models like Claude to search and analyze data on CKAN without any special code for CKAN itself. The AI can then show summaries, lists of datasets, and even create dashboards based on the data.

MCP has become popular because it gives a clear and stable way for AI apps to work with many different systems. But it also adds some extra work. Setting up MCP takes time, and using too many tools can slow down AI responses or lower quality. MCP works best when you need to integrate many systems, but may not be necessary for smaller, controlled projects where fine-tuned AI models already perform well.

ai integration, model context protocol, simple architecture, ckan, open data, ai tools, tradeoffs, protocol design

2025-07-19 Nobody Knows How To Build With AI Yet - by Scott Werner { worksonmymachine.substack.com }

The Architecture Overview - Started as a README. "Here's what this thing probably does, I think."

The Technical Considerations - My accumulated frustrations turned into documentation. Every time Claude had trouble, we added more details.

The Workflow Process - I noticed I kept doing the same dance. So I had Claude write down the steps. Now I follow my own instructions like they're sacred text. They're not. They're just what happened to work this time.

The Story Breakdown - Everything in 15-30 minute chunks. Why? Because that's roughly how long before Claude starts forgetting what we discussed ten minutes ago. Like a goldfish with a PhD.

---

It's like being a professional surfer on an ocean that keeps changing its physics. Just when you think you understand waves, they start moving sideways. Or backwards. Or turning into birds.

This is either terrifying or liberating, depending on your relationship with control.

C || C++​

2025-08-16 Vjekoslav Krajačić on X: "C macro approach to using optional / default / named function params, using struct designated initializers. {x.com}

This approach uses C macros combined with struct designated initializers to mimic optional, default, and named parameters in C, something the language does not natively support.

Core Idea

1. Separate mandatory and optional parameters
   • Mandatory arguments are given as normal function parameters.
   • Optional parameters are bundled into a struct with sensible defaults.
2. Designated initializers for named parameter-like syntax
   • You can specify only the fields you want to override, in any order.
   • Unspecified fields automatically keep the default values.
3. Macro wrapper to simplify usage
   • The macro accepts the mandatory arguments and any number of struct field assignments for optional parameters.
   • Inside the macro, a default struct is created and then overridden with user-provided values.

From the screenshot:

struct TransformParams {
    Vec2 pivot;  // Default TopLeft
    Dim2 scale;  // Default One (1,1)
    f32  angle;  // Default 0
    b32  clip;   // Default false
};

#define PushTransform(rect, ...) \
    _PushTransform((rect), (TransformParams){ .scale = Vec2One, __VA_ARGS__ })

void _PushTransform(Rect rect, TransformParams params) {
    // Implementation here
}

Copy

How it works

• Default values: .scale = Vec2One is set in the macro. Other defaults could be set directly in the struct or in _PushTransform.
• Optional override: When calling PushTransform, you can pass only the fields you care about:

PushTransform(rect);                               // all defaults
PushTransform(rect, .scale = Vec2Half);            // override scale
PushTransform(rect, .angle = 90.0f, .pivot = Center); // override multiple

Copy

---

Advantages

• Named parameter feel in plain C.
• Optional arguments without multiple overloaded functions.
• Defaults are enforced at the call site or macro expansion.
• Zero-cost at runtime since it’s all resolved at compile time.

---

Limitations

• Only works cleanly if the optional parameters are grouped in a single struct.
• Macro syntax can be tricky if parameters require expressions with commas (needs parentheses or extra care).
• Debugging through macro expansions is sometimes less clear.

Watch it also here: https://www.youtube.com/watch?v=VdmeoMZjIgs

2025-08-01 How I program C - YouTube { www.youtube.com }

Speaker Eskil Steenberg – game-engine and tools developer (Quel Solaar) Recording Seattle, Oct 2016 (2 h 11 m)

Key themes

• Results first, control later – why explicit memory management, crashes, and compiler errors are desirable.
• Minimise technology footprint – target C89/C90, wrap every dependency, zero un-wrapped libraries.
• Code is for humans – long descriptive names, uniform naming schemes, wide functions, avoid cleverness (e.g. operator overloading).
• Favour simple languages plus strong tooling – write parsers, debuggers, doc generators yourself.
• Memory mastery – pointers as arrays, alignment and padding, struct packing, cache-friendly dynamic arrays + realloc, dangers of linked lists.
• API design – opaque handles (void *), start with public interface, isolate implementation, macro-assisted debug wrappers (__FILE__, __LINE__).
• Build a mountain – own your stack, keep technical debt near zero, rewrite early.
• UI toolkit pattern – single pass, stateless widgets keyed by pointer IDs; layout and hit-testing resolved internally.
• Tools and snippets – Carmack inverse-sqrt; xorshift32 PRNG; GFlags page-guarding for memory bugs; Seduce UI; Testify binary packer; Ministry of Flat un-wrapper.

Talk structure in order of appearance

• Motivation and philosophy
• Results vs control; garbage collection vs manual free
• Small footprint and dependency wrapping
• Naming conventions and formatting policies
• Crashes and compiler errors as friends
• Macros: when to use, when to avoid
• Deep dive: pointers, arrays, structs, alignment, packed allocations
• Cache-aware data structures; realloc growth patterns; backwards remove
• API style with opaque handles; object orientation in C
• Memory-debug and binary-packing helpers using __FILE__ __LINE__
• UI toolkit design example (Seduce)
• Build-your-own-tools mindset; “build a mountain” analogy
• Closing resources and project links

2025-08-01 C Programming Full Course for free ⚙️ (2025) - YouTube {www.youtube.com}

2025-08-02 Go from mid-level to advanced C programmer in two hours - YouTube {www.youtube.com}

2025-08-02 C Programming and Memory Management - Full Course - YouTube {www.youtube.com}

Interesting, "Boot Dev", known for very annoying ads, also have some quality content

2025-08-02 I'm Building C with C without CMake - YouTube {www.youtube.com}

2025-08-02 Tips for C Programming - YouTube {www.youtube.com}

2025-07-13 Parse, Don’t Validate AKA Some C Safety Tips { www.lelanthran.com }

The article "Parse, Don’t Validate AKA Some C Safety Tips" by Lelanthran expands on the concept of converting input into strong types rather than merely validating it as plain strings. It demonstrates how this approach, when applied in C, reduces error-prone code and security risks. The post outlines three practical benefits: boundary handling with opaque types, safer memory cleanup via pointer‑setting destructors, and compile‑time type safety that prevents misuse deeper in the codebase.

Key Takeaways:

1. Use Strong, Opaque Types for Input
   • Instead of handling raw char *, parse untrusted input into dedicated types like email_t or name_t.
   • This restricts raw input to the system boundary and ensures all later code works with validated, structured data.
2. Reduce Attack Surface
   • Only boundary functions see untrusted strings; internal functions operate on safe, strongly typed data.
   • This prevents deeper code from encountering malformed or malicious input.
3. Enforce Correctness at Compile Time
   • With distinct types, the compiler prohibits misuse, such as passing an email_t* to a function expecting a name_t*.
   • What would be a runtime bug becomes a compiler error.
4. Implement Defensive Destructors
   • Design destructor functions to take a double pointer (T **) so they can free and then set the pointer to NULL.
   • This prevents double‑free errors and related memory safety issues.
5. Eliminate Internal String Handling
   • By centralizing parsing near the system entry and eliminating char * downstream, code becomes safer and clearer.
   • Once input is parsed, the rest of the system works with well-typed data only.

Emacs​

2025-04-12 Emacs Lisp Elements | Protesilaos Stavrou { protesilaos.com }

Tags: Emacs, Emacs Lisp, Elisp, Programming, Text Editor, Customization, Macros, Buffers, Control Flow, Pattern Matching

A comprehensive guide offering a conceptual overview of Emacs Lisp to help users effectively customize and extend Emacs.

• Emphasizes the importance of understanding Emacs Lisp for enhancing productivity and personalizing the Emacs environment.
• Covers foundational topics such as evaluation, side effects, and return values.
• Explores advanced concepts including macros, pattern matching with pcase, and control flow constructs like if-let*.
• Discusses practical applications like buffer manipulation, text properties, and function definitions.
• Includes indices for functions, variables, and concepts to facilitate navigation.

This resource is valuable for both beginners and experienced users aiming to deepen their understanding of Emacs Lisp and leverage it to tailor Emacs to their specific workflows.

2025-01-11 ewantown/nice-org-html: Modern Org to HTML pipeline with CSS injection from Emacs themes { github.com }

This package generates pretty, responsive, websites from .org files and your choice of Emacs themes. You can optionally specify a header, footer, and additional CSS and JS to be included. To see the default output, for my chosen themes and with no header, footer or extras, view this README in your browser here. If you’re already there, you can find the GitHub repo here.

⌚ Nice watch!​

2025-08-05 Architecting LARGE software projects. - YouTube { www.youtube.com }

Define clear, long-term project goals: dependability, extendability, team scalability, and sustained velocity before writing any code, so every subsequent decision aligns with these objectives. Dependability keeps software running for decades; extendability welcomes new features without rewrites; team scalability lets one person own each module instead of forcing many into one file; sustained velocity prevents the slowdown that occurs when fixes trigger more breakage. Listing likely changes such as platform APIs, language toolchains, hardware, shifting priorities, and staff turnover guides risk mitigation and keeps the plan realistic.

Encapsulate change inside small black-box modules that expose only a stable API, allowing one engineer to own, test, and later replace each module without disturbing others. Header-level boundaries cut meeting load, permit isolated rewrites, and match task difficulty to developer experience by giving complex boxes to seniors and simpler ones to juniors.

Write code completely and explicitly the first time, choosing clarity over brevity to prevent costly future rework. Five straightforward lines now are cheaper than one clever shortcut that demands archaeology years later.

Shield software from platform volatility by funnelling all OS and third-party calls through a thin, portable wrapper that you can port once and reuse everywhere. A tiny demo app exercises every call, proving a new backend before millions of downstream lines even compile.

Build reusable helper libraries for common concerns such as rendering, UI, text, and networking, starting with the simplest working implementation but designing APIs for eventual full features so callers never refactor. A bitmap font renderer, for example, already accepts UTF-8, kerning, and color so a future anti-aliased engine drops in invisibly.

Keep domain logic in a UI-agnostic core layer and let GUIs or headless tools interact with that core solely through its published API. A timeline core powers both a desktop video editor and a command-line renderer without duplicating logic.

Use plugin architectures for both user features and platform integrations, loading optional capabilities from separate binaries to keep the main build lean and flexible. In the Stellar lighting tool, every effect and even controller input ships as an external module, so missing a plugin merely disables one function, not the whole app.

Migrate legacy systems by synchronizing them through adapters to a new core store, enabling gradual cut-over while exposing modern bindings such as C, Python, and REST. Healthcare events recorded in the new engine echo to the old database until clinics finish the transition.

Model real-time embedded systems as a shared authoritative world state that edge devices subscribe to, enabling redundancy, simulation, and testing without altering subscriber code. Sensors push contacts, fuel, and confidence scores into the core; wing computers request only the fields they need, redundant cores vote for fault tolerance, and the same channel feeds record-and-replay tools for contractors.

Design every interface, file format, and protocol to be minimal yet expressive, separating structure from semantics so implementations stay simple and evolvable. Choosing one primitive such as polygons, voxels, or text avoids dual support, keeps loaders small, and lets any backend change without touching callers.

Prefer architectures where external components plug into your stable core rather than embedding your code inside their ecosystems, preserving control over versioning and direction. Hosting the plugin point secures compatibility rules and leaves internals free to evolve.

2025-07-26 Ted Bendixson – Most of your projects are stupid. Please make some actual games. – BSC 2025 - YouTube { www.youtube.com }

1. Focus on making actual games and software people use, not tech demos of rotating cubes; he observes most showcases are rendering stress tests instead of finished games.
2. Prioritize design because top-selling Steam games succeed on gameplay design, not just graphics; he cites "Balatro" competing with "Civilization 7".
3. Always ask "What do we do that they don't?" to define your product’s unique hook; he references the Sega Genesis ad campaign as an example of aspirational marketing.
4. Start from a concrete player action or interaction (e.g., connecting planets in "Slipways", rewinding time in "Braid") rather than from story or vibe.
5. Use genres as starting templates to get an initial action set, then diverge as you discover your own twist; he compares "Into the Breach" evolving from "Advance Wars".
6. Skip paper prototyping for video games; rely on the computer to run simulations and build low-friction playable prototypes instead.
7. Prototype with extremely low-fidelity art and UI; examples include his own early "Moose Solutions" and the first "Balatro" mockups.
8. Beat blank-page paralysis by immediately putting the first bad version of a feature into the game without overthinking interactions; iterate afterward.
9. Let the running game (the simulation) reveal what works; you are not Paul Atreides, you cannot foresee every system interaction.
10. Move fast in code: early entities can just be one big struct; do not over-engineer ECS or architecture in prototypes.
11. Use simple bit flags (e.g., a u32) for many booleans to get minor performance without heavy systems.
12. Combine editor and game into one executable so you can drop entities and test instantly; he shows his Cave Factory editor mode.
13. Do not obsess over memory early; statically allocate big arenas, use scratch and lifetime-specific arenas, and worry about optimization later.
14. Never design abstractions up front; implement features, notice repetition, and then compress into functions/structs (Casey Muratori’s semantic compression).
15. Avoid high-friction languages/processes (Rust borrow checking, strict TDD) during exploration; add safety and tests only after proving people want the product.
16. Do not hire expensive artists during prototyping; you will throw work away. Bring art in later, like Jonathan Blow did with "Braid".
17. Spend real money on capsule/storefront art when you are shipping because that is your storefront on Steam.
18. Keep the team tiny early; people consume time and meetings. If you collaborate, give each person a clear lane.
19. Build a custom engine only when the gameplay itself demands engine-level control (examples: "Fez" rotation mechanic, "Noita" per-pixel simulation).
20. If you are tinkering with tech (cellular automata, voxel sims), consciously pivot it toward a real game concept as the Noita team did.
21. Cut distractions; social media is a time sink. Optimize for the Steam algorithm, not Twitter likes.
22. Let streamers and influencers announce and showcase your game instead of doing it yourself to avoid social media toxicity.
23. Do not polish and ship if players are not finishing or engaging deeply; scrap or rework instead of spending on shine.
24. Tie polish and art budget to gameplay hours and depth; 1,000-hour games like Factorio justify heavy investment.
25. Shipping a game hardens your tech; the leftover code base becomes your engine for future projects.
26. Low-level programming is power, but it must be aimed at a marketable design, not just technical feats.
27. Play many successful indie games as market research; find overlap between what you love and what the market buys.
28. When you play for research, identify the hook and why people like it; you do not need to finish every game.
29. Treat hardcore design like weight training; alternate intense design days with lighter tasks (art, sound) to recover mentally.
30. Prototype while still employed; build skills and a near-complete prototype before quitting.
31. Know your annual spending before leaving your job; runway is meaningless without that number.
32. Aim for a long runway (around two years or more) to avoid the high cost of reentering the workforce mid-project.
33. Do not bounce in and out of jobs; it drains momentum.
34. Save and invest to create a financial buffer (FIRE-style) so you can focus on games full time.
35. Maintain full control and ownership of your tech to mitigate platform risk (Unity’s policy changes are cited as a cautionary tale).

2025-07-25 Does AI Actually Boost Developer Productivity? (100k Devs Study) - Yegor Denisov-Blanch, Stanford - YouTube { www.youtube.com }

Stanford research group has conducted a multi‑year time‑series and cross‑sectional study on software‑engineering productivity involving more than 600 companies

Current dataset: over 100,000 software engineers, dozens of millions of commits, billions of lines of code, predominantly from private repositories

Late last year analysis of about 50,000 engineers identified roughly 10 percent as ghost engineers who collect paychecks but contribute almost no work

Study team members include Simon (former CTO of a 700‑developer unicorn), a Stanford researcher active since 2022 on data‑driven decision‑making, and Professor Kasinski (Cambridge Analytica whistleblower)

A 43‑developer experiment showed self‑assessment of productivity was off by about 30 percentile points on average; only one in three developers ranked themselves within their correct quartile

The research built a model that evaluates every commit’s functional change via git metadata, correlates with expert judgments, and scales faster and cheaper than manual panels

At one enterprise with 120 developers, introducing AI in September produced an overall productivity boost of about 15–20 percent and a marked rise in rework

Across industries gross AI coding output rises roughly 30–40 percent, but net average productivity gain after rework is about 15–20 percent

Median productivity gains by task and project type: low‑complexity greenfield 30–40 percent; high‑complexity greenfield 10–15 percent; low‑complexity brownfield 15–20 percent; high‑complexity brownfield 0–10 percent (sample 136 teams across 27 companies)

AI benefits low‑complexity tasks more than high‑complexity tasks and can lower productivity on some high‑complexity work

For high‑popularity languages (Python, Java, JavaScript, TypeScript) gains average about 20 percent on low‑complexity tasks and 10–15 percent on high‑complexity tasks; for low‑popularity languages (Cobol, Haskell, Elixir) assistance is marginal and can be negative on complex tasks

Productivity gains decline sharply as codebase size grows from tens of thousands to millions of lines

LLM coding accuracy drops as context length rises: performance falls from about 90 percent at 1 k tokens to roughly 50 percent at 32 k tokens (NoLIMA paper)

Key factors affecting AI effectiveness: task complexity, project maturity, language popularity, codebase size, and context window length

2025-07-23 So You Want to Maintain a Reliable Event Driven System - James Eastham - NDC Oslo 2025 - YouTube { www.youtube.com }

James Eastham shares hard‑won lessons on maintaining and evolving event‑driven systems after the initial excitement fades. Using a plant‑based pizza app as a running example (order → kitchen → delivery), he covers how to version events, test asynchronous flows, ensure idempotency, apply the outbox pattern, build a generic test harness, and instrument rich observability (traces, logs, metrics). The core message: your events are your API, change is inevitable, and reliability comes from deliberate versioning, requirements‑driven testing, and context‑rich telemetry.

Key Takeaways (9 items)

• Treat events as first‑class APIs; version them explicitly (e.g. type: order.confirmed.v1) and publish deprecation dates so you never juggle endless parallel versions.
• Adopt a standard event schema (e.g. CloudEvents) with fields for id, time, type, source, data, and data_content_type; this enables compatibility checks, idempotency, and richer telemetry. https://cloudevents.io
• Use the outbox pattern to atomically persist state changes and events, then have a worker publish from the outbox; test that both the state row and the outbox row exist, not just your business logic.
• Build a reusable test harness subscriber: spin up infra locally (Docker, Aspire, etc.), inject commands/events, and assert that expected events actually appear on the bus; poll with SLO‑aligned timeouts to avoid flaky tests.
• Validate event structure at publish time with schema checks (JSON Schema, System.Text.Json contract validation) to catch breaking changes before they hit the wire.
• Test unhappy paths: duplicate deliveries (at‑least‑once semantics), malformed payloads, upstream schema shifts, and downstream outages; verify DLQs and idempotent handlers behave correctly.
• Instrument distributed tracing plus rich context: technical (operation=send/receive/process, system=kafka/sqs, destination name, event version) and business (order_id, customer_id) so you can answer unknown questions later. See OpenTelemetry messaging semantic conventions: https://opentelemetry.io/docs/specs/semconv/messaging
• Decide when to propagate trace context vs use span links: propagate within a domain boundary, link across domains to avoid 15‑hour monster traces from batch jobs.
• Monitor the macro picture too: queue depth, message age, in‑flight latency, payload size shifts, error counts, and success rates; alert on absence of success as well as presence of failure.

2025-07-13 The New Code — Sean Grove, OpenAI - YouTube { www.youtube.com }

This talk by Sean from OpenAI explores the paradigm shift from code-centric software development to intent-driven specification writing. He argues that as AI models become more capable, the bottleneck in software creation will no longer be code implementation but the clarity and precision with which humans communicate their intentions. Sean advocates for a future where structured, executable specifications—not code—serve as the core professional artifact. Drawing on OpenAI’s model specification (Model Spec), he illustrates how specifications can guide both human alignment and model behavior, serving as trust anchors, training data, and test suites. The talk concludes by equating specification writing with modern programming and calls for new tooling—like thought-clarifying IDEs—to support this transition.

Code is Secondary; Communication is Primary

• Only 10–20% of a developer's value lies in the code they write; the remaining 80–90% comes from structured communication—understanding requirements, planning, testing, and translating intentions.
• Effective communication will define the most valuable programmers of the future.

Vibe Coding Highlights a Shift in Workflow

• “Vibe coding” with AI models focuses on expressing intent and outcomes first, letting the model generate code.
• Yet, developers discard the prompt (intent) and keep only the generated code—akin to version-controlling a binary but shredding the source.

Specifications Align Humans and Models

• Written specs clarify, codify, and align intentions across teams—engineering, product, legal, and policy.
• OpenAI’s Model Spec (available on GitHub) exemplifies this, using human-readable Markdown that is versioned, testable, and extensible.

Specifications Outperform Code in Expressing Intent

• Code is a lossy projection of intention; reverse engineering code does not reliably recover the original goals or values.
• A robust specification can generate many artifacts: TypeScript, Rust, clients, servers, docs, even podcasts—whereas code alone cannot.

Specs Enable Deliberative Alignment

• Using techniques like deliberative alignment, models are evaluated and trained using challenging prompts linked to spec clauses.
• This transforms specs into both training and evaluation material, reinforcing model alignment with intended values.

💡 Integrated Thought Clarifier! 💡 (I need one!)

2025-07-17 Brand your types - Join me in the fight against weakly typed codebases! - Theodor René Carlsen - YouTube { www.youtube.com }

This talk, titled "Branding Your Types", is delivered by Theo from the Danish Broadcasting Corporation. It explores the concept of branded types in TypeScript—a compile-time technique to semantically differentiate values of the same base type (e.g., different kinds of string or number) without runtime overhead.

Theo illustrates how weak typing with generic primitives like string can introduce subtle and costly bugs, especially in complex codebases where similar-looking data (e.g., URLs, usernames, passwords) are handled inconsistently.

The talk promotes a mindset of parsing, not validating—emphasizing data cleaning and refinement at the edges of systems, ensuring internal business logic can remain clean, type-safe, and predictable.

Generic Primitives Are Dangerous

• Treating all strings or numbers the same can lead to bugs (e.g., swapped username and password). Using string to represent IDs, dates, booleans, or URLs adds ambiguity and increases cognitive load.

Use Branded Types for Clarity and Safety

• TypeScript allows developers to brand primitive types with compile-time tags (e.g., Username, Password, RelativeURL) to distinguish otherwise identical types. This prevents bugs by catching misused values during compilation.

No Runtime Cost, Full Type Safety

• Branded types are purely a TypeScript feature; they vanish during transpilation. You get stronger type guarantees without impacting performance or runtime behavior.

Protect Your Business Logic with Early Parsing

• Don’t validate deep within your core logic. Instead, parse data from APIs or forms as early as possible. Converting "dirty" input into refined types early allows the rest of the code to assume correctness.

Parsing vs. Validation

• Inspired by Alexis King’s blog post “Parse, Don’t Validate”, Theo stresses that parsing should transform unstructured input into structured, meaningful types. Validations check, but parsing commits and transforms.

📝 Original article: Parse, Don’t Validate by Alexis King — https://lexi-lambda.github.io/blog/2019/11/05/parse-don-t-validate/

Use types to encode guarantees Replace validate(x): boolean with parse(x): Result<T, Error>. This enforces correctness via types, ensuring only valid data proceeds through the system.

Parse at the boundaries Parse incoming data at the system’s edges (e.g. API handlers), and keep the rest of the application logic free from unverified values.

Avoid repeated validation logic Parsing once eliminates the need for multiple validations in different places, reducing complexity and inconsistency.

Preserve knowledge through types Using types like Maybe or Result lets you carry the status of values through your code rather than flattening them prematurely.

Demand strong input, return flexible output Functions should accept well-formed types (e.g. NonEmptyList<T>) and return optional or error-aware outputs.

Capitalize on language features Statically typed languages (e.g. Haskell, Elm, TypeScript) support defining precise types that embed business rules—use them.

Structured data beats flags Avoid returning booleans to indicate validity. Instead, return parsed data or detailed errors to make failures explicit.

Better testing and fewer bugs Strong input types reduce the number of test cases needed and prevent entire categories of bugs from entering the system.

Design toward domain modeling Prefer domain-specific types like Email, UUID, or URL rather than generic strings—improves readability and safety.

Applicable across many languages Though examples come from functional programming, the strategy works in many ecosystems—Elm, Haskell, Kotlin, TypeScript, etc.

---

Parse, Don’t Validate

The Parse, Don’t Validate approach emphasizes transforming potentially untrusted or loosely-structured data into domain-safe types as early as possible in a system. This typically happens at the "edges"—where raw input enters from the outside world (e.g. HTTP requests, environment variables, or file I/O). Instead of validating that the data meets certain criteria and continuing to use it in its original form (e.g. raw string or any), this pattern calls for parsing: producing a new, enriched type that encodes the constraints and guarantees. For example, given a JSON payload containing an email field, you wouldn’t just check whether the email is non-empty or contains “@”; you'd parse it into a specific Email type that can only be constructed from valid input. This guarantees that any part of the system which receives an Email value doesn’t need to perform checks—it can assume the input is safe by construction.

The goal of parsing is to front-load correctness and allow business logic to operate under safe assumptions. This leads to simpler, more expressive, and bug-resistant code, especially in strongly-typed languages. Parsing typically returns a result type (like Result<T, Error> or Option<T>) to indicate success or failure. If parsing fails, the error is handled at the boundary. Internally, the program deals only with parsed, safe values. This eliminates duplication of validation logic and prevents errors caused by invalid data slipping past checks. It also improves the readability and maintainability of code, as type declarations themselves serve as documentation for business rules. This approach does not inherently enforce encapsulation or behavior within types—it’s more about asserting the shape and constraints of data as early and clearly as possible. Parsing can be implemented manually (e.g. via custom functions and type guards) or with libraries (like zod, io-ts, or Elm’s JSON decoders).

Value Objects

The Value Object pattern, originating from Domain-Driven Design (DDD), is focused on modeling business concepts explicitly in the domain layer. A value object is an immutable, self-contained type that represents a concept such as Money, Email, PhoneNumber, or Temperature. Unlike simple primitives (string, number), value objects embed both data and behavior, enforcing invariants at construction and encapsulating domain logic relevant to the value. For instance, a Money value object might validate that the currency code is valid, store amount and currency together, and expose operations like add or convert. Value objects are compared by value (not identity), and immutability ensures they are predictable and side-effect free.

The key distinction in value objects is that correctness is enforced through encapsulation. You can't create an invalid Email object unless you bypass the constructor or factory method (which should be avoided by design). This encapsulated validation is often combined with private constructors and public factory methods (tryCreate, from, etc.) to ensure that the only way to instantiate a value object is through validated input. This centralizes responsibility for maintaining business rules. Compared to Parse, Don’t Validate, value objects focus more on modeling than on data conversion. While parsing is concerned with creating safe types from raw data, value objects are concerned with expressing the domain in a way that’s aligned with business intent and constraints.

In practice, value objects may internally use a parsing step during construction, but they emphasize type richness and encapsulated logic. Where Parse, Don’t Validate advocates that you return structured types early for safety, Value Objects argue that you return behavior-rich types for expressiveness and robustness. The two can—and often should—be used together: parse incoming data into value objects, and rely on their methods and invariants throughout your core domain logic. Parsing is about moving from unsafe to safe. Value objects are about enriching the safe values with meaning, rules, and operations.

⌚ Nice watch!​

2025-07-06 Effective Ranges: A Tutorial for Using C++2x Ranges - Jeff Garland - CppCon 2023 - YouTube { www.youtube.com }

1. Ranges Abstract Iteration and Enable Composable Pipelines:
   • Ranges allow working with sequences in a more expressive and declarative way.
   • The move from manual begin and end iterator management to range-based algorithms improves safety and readability.
2. Views Provide Lazy, Non-Owning Computation:
   • Views are lightweight wrappers that delay computation until necessary.
   • Useful for building efficient pipelines where intermediate results are not stored in memory.
3. Pipe Syntax Enhances Readability and Function Composition:
   • Using | operator with view adapters enables cleaner syntax resembling Unix pipes.
   • Improves clarity by expressing transformations step-by-step.
4. C++23 Introduces New Views and Algorithms:
   • Includes find_last, fold_left, chunk_by, join, zip, and more.
   • find_last simplifies reverse iteration compared to STL's reverse iterators.
5. Views Must Be Passed Carefully in Functions:
   • Do not pass views as const references due to internal caching behaviors.
   • Prefer forwarding references (T&&) to preserve intended behavior.
6. Projections Simplify Algorithm Customization:
   • Range algorithms allow projections, enabling operations on subfields without writing custom comparators.
   • E.g., ranges::sort(data, {}, &Data::field).
7. Improved Return Values Preserve Computation Context:
   • Algorithms like find_last return subranges, not just iterators.
   • Encourages better code by retaining useful information.
8. Range-based Construction in Containers (C++23):
   • STL containers now support constructing and assigning from ranges.
   • Enables direct pipeline-to-container conversions (e.g., to<std::deque>).
9. You Can Write Your Own Views in C++23:
   • C++20 lacked a standard mechanism for user-defined views; C++23 adds it.
   • Writing custom views is complex due to required iterator machinery, but tools like Boost's stdx::interfaces can help.
10. Use Range Algorithms First When Possible:
    • They offer better constraints, return types, and support for projections.
    • Cleaner syntax and fewer error-prone constructs compared to raw STL iterator use.

2025-07-06 ericniebler/range-v3: Range library for C++14/17/20, basis for C++20's std::ranges { github.com }

range-v3

Range library for C++14/17/20. This code was the basis of a formal proposal to add range support to the C++ standard library. That proposal evolved through a Technical Specification, and finally into P0896R4 "The One Ranges Proposal" which was merged into the C++20 working drafts in November 2018.

About

Ranges are an extension of the Standard Template Library that makes its iterators and algorithms more powerful by making them composable. Unlike other range-like solutions which seek to do away with iterators, in range-v3 ranges are an abstraction layer on top of iterators.

Range-v3 is built on three pillars: Views, Actions, and Algorithms. The algorithms are the same as those with which you are already familiar in the STL, except that in range-v3 all the algorithms have overloads that take ranges in addition to the overloads that take iterators. Views are composable adaptations of ranges where the adaptation happens lazily as the view is iterated. And an action is an eager application of an algorithm to a container that mutates the container in-place and returns it for further processing.

Views and actions use the pipe syntax (e.g., rng | adapt1 | adapt2 | ...) so your code is terse and readable from left to right.

2025-07-06 Resilient by Design - Chris Ayers - NDC Oslo 2025 - YouTube { www.youtube.com }

2025-07-06 Aspiring .NET & Resilience @ NDC Oslo 2025 - Chris’s Tech ADHD { chris-ayers.com }

2025-07-06 Azure/Azure-Proactive-Resiliency-Library-v2: Azure Proactive Resiliency Library v2 (APRL) - Source for Azure WAF reliability guidance and associated ARG queries { github.com }

• 2025-07-06 Azure/Azure-Proactive-Resiliency-Library-v2: Azure Proactive Resiliency Library v2 (APRL) - Source for Azure WAF reliability guidance and associated ARG queries { github.com }

2025-07-06 Azure Well-Architected Framework - Microsoft Azure Well-Architected Framework | Microsoft Learn { learn.microsoft.com }

2025-07-05 Let’s catch up with C#! Exciting new features in C# 9, 10, 11, 12 and 13! - Filip Ekberg - NDC Oslo - YouTube { www.youtube.com }

The following examples are GPT4o generated, inspired by the talk transcript:

Here’s an enhanced and polished Markdown list of C# language features, each with a clearer code example and concise description:

Nullable Reference Types (C# 8)

Compiler warns on nullable usage to avoid NullReferenceException.

string? name = null;
Console.WriteLine(name?.Length); // Safe check

Required Keyword (C# 11)

Forces initialization of essential properties via object initializers.

public class Person {
  public required string Name { get; init; }
}

Init‑only Setters (C# 9)

Allows setting properties only during instantiation, promoting immutability.

public class User {
  public string Username { get; init; }
}

Target‑Typed new Expressions (C# 9)

Omits redundant type when it can be inferred.

Person p = new();

Treat Warnings as Errors (Compiler Option)

Fails build on warnings to enforce high code quality.

<PropertyGroup>
  <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
</PropertyGroup>

Top‑level Statements (C# 9)

Removes boilerplate Main method for quick scripting or minimal APIs.

Console.WriteLine("Hello, World!");

Pattern Matching Enhancements & List Patterns (C# 8–11)

Supports rich switch/is patterns including lists and tuples.

if (numbers is [1, 2, .., 99]) {
  Console.WriteLine("Starts with 1,2 ends with 99");
}

Switch Expressions (C# 8)

Simplifies switch statements into expressions.

string result = x switch {
  1 => "One",
  2 => "Two",
  _ => "Other"
};

Record Types (C# 9)

Immutable reference types with built‑in equality and concise syntax.

public record Person(string Name, int Age);

File‑scoped Namespaces (C# 10)

Flattens indentation and streamlines namespace declaration.

namespace MyApp;

class Program { }

Global Using Directives (C# 10)

Applies using directives across the project from a single file.

global using System.Text;

Raw String Literals (C# 11)

Simplifies multiline or escaped strings.

var json = """
{
  "name": "John",
  "age": 30
}
""";

UTF‑8 String Literals (C# 11)

Creates UTF‑8 encoded string spans to improve performance.

ReadOnlySpan<byte> utf8 = "hello"u8;

Readonly Span Usage (C# 7.2+)

Enables memory-safe, high-performance access to underlying data.

ReadOnlySpan<char> span = "example";
Console.WriteLine(span.Slice(0,3).ToString()); // "exa"

Zero‑allocation String Manipulation (C# 11)

Slices strings without creating new copies.

ReadOnlySpan<char> name = "John Doe".AsSpan();
ReadOnlySpan<char> first = name[..4]; // "John"

Static Abstract Members in Interfaces (C# 11)

Supports generic math by allowing static operations in interfaces.

interface IAdd<T> {
  static abstract T Add(T x, T y);
}

Delegate Caching Optimization (C# 11)

Improves performance by caching method group delegates.

Action a = MyStaticMethod;

Generic Math Support (C# 11)

Uses arithmetic operators in generic constraints.

T Sum<T>(T a, T b) where T : INumber<T> => a + b;

Generic Attributes (C# 11)

Enables attributes with generic parameters.

[MyAttribute<string>]
public class MyClass { }

Primary Constructors (C# 12)

Declares constructor parameters directly in the class header.

class Widget(string id) {
  public void Print() => Console.WriteLine(id);
}

Collection Expressions (C# 12)

Simplifies array, list, or span creation.

int[] numbers = [1, 2, 3];

Spread Element in Collection Expressions (C# 12)

Flattens multiple collections into one.

int[] merged = [..arr1, ..arr2];

Optional Parameters in Lambdas (C# 12)

Adds default values to lambda parameters.

Func<int, int, int> sum = (int x = 1, int y = 2) => x + y;

Implicit Lambda Parameter Types (C# 10)

Type inference for lambda parameters using var.

var toInt = (var s) => int.Parse(s);

Alias Any Type (C# 12)

Creates type aliases for readability.

using Size = (int Width, int Height);
Size dims = (800, 600);

Interceptors for Source Generation (C# 12)

Enables compile-time method interception for code injection.

[InterceptsLocation]
void Log(string msg) => Console.WriteLine(msg);

Minimal APIs (C# 9+)

Lightweight, endpoint-focused API creation.

app.MapGet("/", () => "Hello World");

Lock Object (New Synchronization Primitive) (C# 13/.NET 9)

Offers optimized thread synchronization via Lock.

private static Lock _lock = new();

Field Keyword (C# 14)

Accesses auto-property backing field inside the accessor.

public string Name {
  get => field.ToUpper();
  set => field = value;
}

Implicit Index Access (^) (C# 8)

Enables accessing from end of collections.

int last = numbers[^1];

Overload Resolution Priority Attribute (C# 13)

Controls which overload is chosen when ambiguous.

[OverloadResolutionPriority(1)]
void M(List<int> list) { }

Partial Members Enhancements (C# 13)

Makes constructors, methods, or properties partial for source generators.

partial class Person {
  partial void OnNameChanged();
}

Implicit Span Conversions (C# 14)

Allows seamless Span<T> allocation without casting.

Span<char> buffer = stackalloc char[10];

Extension Everything (C# 14 Planned)

Declares instance-like extension members via static classes.

extension class UserExt : User {
  string Display => $"{Name} ({Email})";
}

Null‑Conditional Assignment (C# 14)

Assigns a value only if the target is null.

user?.Name ??= "Default Name";

2025-06-24 Building Rock-Solid Encrypted Applications - Ben Dechrai - NDC Melbourne 2025 - YouTube { www.youtube.com }

Summary: Building Rock-Solid Encrypted Applications – Ben Dechrai

Ben Dechrai walks through building a secure chat application, starting with plain-text messages and evolving to an end-to-end encrypted, multi-device system. He explains how to apply AES symmetric encryption, Curve25519 key pairs, and Diffie-Hellman key exchange. The talk covers how to do secure key rotation, share keys across devices without leaks, scale encrypted messaging systems without data bloat, and defend against metadata analysis.

Key Insights

1. Encryption is mandatory
   Regulatory frameworks like GDPR allow fines up to €20 million or 4% of annual global revenue.
   See GDPR Summary – EU Commission

2. Use AES-256-GCM for payload encryption
   This is a well-audited symmetric cipher standardized in FIPS 197.
   See NIST FIPS 197: AES Specification

3. Use Curve25519 key pairs per device
   Each device generates its own key pair; public key is shared, private key is never uploaded.
   See RFC 7748: Elliptic Curves for DH Key Agreement

4. Encrypt the symmetric key for each participant
   Encrypt the actual message once with AES, then encrypt the AES key for each recipient using their public key. This avoids the large ciphertext problem seen in naive PGP-style encryption.

5. Rotate ephemeral keys regularly for forward secrecy
   Generate a new key pair for each chat session and rotate keys on time or message count to ensure Perfect Forward Secrecy.
   See Cloudflare on Perfect Forward Secrecy

6. Use Diffie-Hellman to agree on session keys securely
   Clients can agree on a shared secret without sending it over the wire. This makes it possible to use symmetric encryption without needing to exchange the key.
   See Wikipedia: Diffie–Hellman Key Exchange

7. Use QR codes to securely pair devices
   When onboarding a second device (e.g. laptop + phone), generate keys locally and transfer only a temporary public key via QR. Use it to establish identity without a central login.

8. Mask metadata to avoid traffic analysis
   Even encrypted messages can leak patterns through metadata. Pad messages to fixed sizes, send decoy traffic, and let all clients pull all messages to make inference harder.

9. Adopt battle-tested protocols like Signal
   Don’t invent your own protocol if you're building secure messaging. The Signal Protocol already solves identity, authentication, and key ratcheting securely.
   See Signal Protocol Specification

10. Store only ciphertext and public keys on servers
    All decryption happens on the device. Retaining private keys or decrypted messages is risky unless legally required. Private key loss or compromise must only affect a small slice of messages, not entire histories.

2025-06-23 I locked 1000 architects in a room until they all agreed on the best solution - Bronwen Zande - YouTube { www.youtube.com }

I built 1,000 architects using AI—each with a name, country, skillset, and headshot I asked a language model to make me architect profiles. I told it their gender, country, and years of experience. Then I got it to generate a photo too. I used tools like DALL-E and ChatGPT to get realistic images.

They all designed the same web app—based on a spec for a startup called Loom Ventures I created a pretend company and asked for a functional spec (nothing too crazy—blogs, search, logins, some CMS). Then I gave that spec to every AI architect and asked each to give me a full software design in Markdown.

I made them battle it out, tournament style, until we found “the best” design At first, designs were grouped and reviewed by four other architects (randomly picked). The best ones moved on to knockout rounds. In the final round, the last two designs were judged by all remaining architects.

The reviews weren’t just random—they had reasons and scores Each reviewer gave a score out of 100 and explained why. I asked them to be clear, compare trade-offs, and explain how well the design met the client's needs. The reviews came out in JSON so I could process them easily.

Experience and job titles really affected scores If a design said it was written by a “junior” architect, it got lower marks—even if the content was decent. When I removed the titles and re-ran reviews, scores jumped by 15%. So even the AIs showed bias.

Early mistakes in the prompt skewed my data badly My first example profile included cybersecurity, and the AI just kept making cyber-focused architects. Nearly all designs were security-heavy. I had to redo everything with simpler prompts and let the model be more creative.

The best designs added diagrams, workflows, and Markdown structure The winning entries used flowcharts (Mermaid), ASCII diagrams, and detailed explanations. They felt almost like something you’d see in a real architecture doc. A lot better than a wall of plain text.

Personas from different countries mentioned local laws That was cool. The architects from Australia talked about the APP (privacy laws). The ones from Poland mentioned GDPR. That means the AI was paying attention to the persona’s background.

2025-06-19 Andrej Karpathy: Software Is Changing (Again) - YouTube { www.youtube.com }

Software 3.0 builds on earlier paradigms: It extends Software 1.0 (explicit code) and Software 2.0 (learned neural networks) by allowing developers to program using prompts in natural language.

Prompts are the new source code: In Software 3.0, well-crafted prompts function like programs and are central to instructing LLMs on what to do, replacing large parts of traditional code.

LLMs act as computing platforms: Language models serve as runtime engines, available on demand, capable of executing complex tasks, and forming a new computational substrate.

Feedback loops are essential: Effective use of LLMs involves iterative cycles—prompt, generate, review, and refine—to maintain control and quality over generated outputs.

Jagged intelligence introduces unpredictability: LLMs can solve complex problems but often fail on simple tasks, requiring human validation and cautious deployment.

LLMs lack persistent memory: Since models don’t retain long-term state, developers must handle context management and continuity externally.

“Vibe coding” accelerates prototyping: Rapid generation of code structures via conversational prompts can quickly build scaffolds but should be used cautiously for production-grade code.

Security and maintainability remain concerns: Generated code may be brittle, insecure, or poorly understood, necessitating rigorous testing and oversight.

Multiple paradigms must coexist: Developers should blend Software 1.0, 2.0, and 3.0 techniques based on task complexity, clarity of logic, and risk tolerance.

Infrastructure reliability is critical: As LLMs become central to development workflows, outages or latency can cause significant disruption, underscoring dependency risks.

Movies from the talk:

• Rain Man (1988) - IMDb { www.imdb.com }

  When self-centered car dealer Charlie Babbitt learns that his estranged father's fortune has been left to an institutionalized older brother he never knew, Raymond, he kidnaps him in hopes of securing the inheritance. What follows is a transformative cross-country journey where Charlie discovers Raymond is an autistic savant with extraordinary memory and numerical skills. The film’s uniqueness lies in its sensitive portrayal of autism and the emotional evolution of a man reconnecting with family through empathy and acceptance.

• Memento (2000) - IMDb { www.imdb.com }

  Leonard Shelby suffers from short-term memory loss, unable to form new memories after a traumatic event. He relies on Polaroid photos and tattoos to track clues in his obsessive search for his wife's killer. Told in a non-linear, reverse chronology that mirrors Leonard’s disoriented mental state, the film uniquely immerses the viewer in the protagonist’s fractured perception, making the mystery unravel in a mind-bending and emotionally charged fashion.

• 50 First Dates (2004) - IMDb { www.imdb.com }

  Henry Roth, a commitment-phobic marine veterinarian in Hawaii, falls for Lucy Whitmore, a woman with anterograde amnesia who forgets each day anew after a car accident. To win her love, he must make her fall for him again every day. The film blends romantic comedy with neurological drama, and its charm comes from turning a memory disorder into a heartfelt and humorous exploration of persistence, love, and hope.

Tools:

• gitingest.com: change repository url from github to gitingest, like https://gitingest.com/dzharii/awwlib-cpp and it will create giant md file for LLM

2025-06-19 Andrej Karpathy on Software 3.0: Software in the Age of AI { www.latent.space }

2025-06-16 Common Software Architectures and How they Fail - YouTube { www.youtube.com }

Key Takeaways:

• Modern deployment models (cloud, containers, serverless) simplify infrastructure maintenance, enhancing scalability and agility.
• Horizontal scalability (using multiple servers) improves fault tolerance but introduces stateless application constraints.
• Database performance optimization includes caching, read replicas, and CQRS but involves complexity and eventual consistency trade-offs.
• Microservices address team and scalability issues but require careful handling of inter-service communication, fault tolerance, and increased operational complexity.
• Modular monoliths, feature flags, blue-green deployments, and experimentation libraries like Scientist effectively mitigate deployment risks and complexity.

2025-06-09 Microservices, Where Did It All Go Wrong? - Ian Cooper - NDC Melbourne 2025 - YouTube { www.youtube.com }

This talk peels back the hype around microservices and asks why our bold leap into dozens—or even hundreds—of tiny, replaceable services has sometimes left us tangled in latency, brittle tests and orchestration nightmares. Drawing on the 1975 Fundamental Theory of Software Engineering, the speaker reminds us that splitting a problem into “manageably small” pieces only pays off if those pieces map to real business domains and stay on the right side of the intramodule vs intermodule cost curve. Through vivid “death star” diagrams and anecdotes of vestigial “restaurant hours” APIs, we see how team availability, misunderstood terminology and the lure of containers have driven us toward the anti-pattern of nano-services.

The remedy is framed via the 4+1 architectural views and a return to purpose-first design: start with a modular monolith until your domain boundaries—and team size—demand independent services; adopt classic microservices for clear subdomains owned by two-pizza teams; or embrace macroservices when fine-grained services impose too much overhead. By aligning services to business capabilities, designing for failure, and choosing process types per the 12-factor model, we strike the balance where cognitive load is low, deployments stay smooth and each component remains genuinely replaceable.

Tags: microservices, modular monolith, macroservices, bounded context, domain storytelling, 4+1 architecture, service granularity, team topologies

2025-06-04 The CIA method for making quick decisions under stress | Andrew Bustamante - YouTube { www.youtube.com }

Understand that time is your most valuable asset because, unlike energy and money, you cannot create more of it; recognizing time’s finite nature shifts your mindset to treat each moment as critical.

When the number of tasks exceeds your capacity, you experience task saturation, which leads to decreased cognitive ability and increased stress; acknowledging this helps you avoid inefficiency and negative self-perception.

Apply the “subtract two” rule by carrying out two fewer tasks than you believe you can handle simultaneously; reducing your focus allows you to allocate more resources to each task and increases overall productivity.

Use operational prioritization by asking, “What is the next task I can complete in the shortest amount of time?”; this elementary approach leverages time’s objectivity to build momentum and confidence as you rapidly reduce your task load.

In high-pressure or dangerous situations, focus on executing the next fastest action—such as seeking cover—because immediate, simple decisions create space and momentum for subsequent choices that enhance survival.

Combat “head trash,” the negative self-talk that arises when you’re overwhelmed, by centering on the next simplest task; staying grounded in rational, achievable actions prevents emotional derailment and keeps you moving forward.

Practice operational prioritization consistently at home and work so that when you reach task saturation, doing the next simplest thing becomes an automatic response; repeated drilling transforms this method into a reliable tool that fosters resilience and peak performance.

Tags: time management, task saturation, operational prioritization, productivity, decision making, CIA methods, cognitive load, stress management, momentum, next-task focus, head trash, high-pressure situations, survival mindset, resource allocation, time as asset

2025-06-03 What You Should Know About FUTO Keyboard - YouTube { www.youtube.com }

“with a PC keyboard. it bridges an electrical circuit to send a signal to your computer.” As typing evolved from mechanical typewriters to touchscreen apps, “software has become increasingly developed to serve its creators more than the users.” In many popular keyboards, “it sends everything you typed in that text field to somebody else's computer,” and “they say they may then go and train AI models on your data.” Even disabling obvious data-sharing options doesn’t fully stop collection—“in swift key there's a setting to share data for ads personalization and it's enabled by default.”

FUTO Keyboard addresses this by offering a fully offline experience: “it's this modern keyboard that has a more advanced auto correct,” and “the app never connects to the internet.” It provides “Swipe to Type,” “Smart Autocorrect,” “Predictive Text,” and “Offline Voice Input.” Its source code is under the “FUTO Source First License 1.1,” and it guarantees “no data collected” and “no data shared with third parties.”

privacy, offline, swipe typing, voice input, open source

2025-06-02 The internet shouldn't consume your life - YouTube { www.youtube.com }

Dude, I’ve just been thinking a lot about how much we rely on the internet — like, way too much. Social media, video games, just endless scrolling — it’s all starting to feel like we’re letting the internet run our lives, you know? And yeah, I’m not saying we need to go full Amish or anything — there’s definitely real meaning you can find online, I’ve made some of my closest friends here. But we can’t keep letting it eat up all our time and attention. I’ve been lucky, my parents didn’t let me get video games as a kid, so I learned early on to find value outside of screens. But even now, it’s so easy to get sucked into that doom-scrolling hole — like, one minute you’re checking YouTube, and suddenly three hours are gone. We’ve gotta train ourselves, catch those moments, and build real focus again. It's not about quitting everything cold turkey, unless that works for you — it’s about moderation and making sure you’ve got stuff in your life that isn’t just online.

internet dependence, social media, balance, personal growth, generational habits

2025-06-02 Why good engineers keep burning out - YouTube { www.youtube.com }

I’ve been thinking a lot about something I call change energy. Everyone’s got a different threshold for how much change they can handle — their living situation, work, even what they eat. Too much stability feels boring, but too much change feels overwhelming. It’s all about where you sit on that spectrum.

For me, I don’t love moving, I burn out fast while traveling, but when it comes to my work, I need some change to stay engaged — not so much that everything’s new every day, but not so little that it gets stale. Developers usually sit on the lower end of that spectrum at work: stuck in old codebases, hungry for something fresh, constantly exploring new frameworks and tools because they’re not hitting their change threshold on the job.

Creators, though? It’s the opposite. We’re maxed out every single day. Every video has to be new, every thumbnail, every format — constant change. So any extra change outside of the content feels like too much. That’s why I didn’t adopt Frame.io for over a year, even though I knew it would help — I simply didn’t have the change energy to spare.

This difference is why creator tools are hard to sell to great creators: they're already burning all their change energy on making content. Meanwhile, great developers still have room to try new tools and get excited about them. That realization made us shift from creator tools to dev tools — because that’s where the most excited, curious people are.

---

meaningful quotes:

1. "Humans need some level of stability in their lives or they feel like they’re going insane."
2. "Most great developers are looking for more change. Most great creators are looking for less change."
3. "Good creators are constantly trying new things with their content, so they’re unwilling to try new things anywhere else."
4. "We need to feel this mutual excitement. We need to be excited about what we're building and the people that we're showing it to need to be excited as well."

2025-05-30 Reflections on 25 years of writing secure code | BRK235 - YouTube { www.youtube.com }

Michael Howard reflects on 25 years of writing Writing Secure Code, sharing insights from his career at Microsoft and the evolution of software security. He emphasizes that while security features do not equate to secure systems, the industry has made significant progress in eliminating many simple vulnerabilities, such as basic memory corruption bugs. However, new threats like server-side request forgery (SSRF) have emerged, highlighting that security challenges continue to evolve. Howard stresses the enduring importance of input validation, noting it remains the root cause of most security flaws even after two decades.

He advocates for a shift away from C and C++ towards memory-safe languages like Rust, C#, Java, and Go, citing their advantages in eliminating classes of vulnerabilities tied to undefined behavior and memory safety issues. Tools like fuzzing, static analysis (e.g., CodeQL), and GitHub's advanced security features play critical roles in identifying vulnerabilities early. Ultimately, Howard underscores that secure code alone isn’t sufficient; compensating controls, layered defenses, threat modeling, and continuous learning are essential. Security storytelling, he notes, remains a powerful tool for driving cultural change within organizations.

Quotes:

“Um, I hate JavaScript. God, I hate JavaScript. There are no words to describe how much I hate JavaScript.” Context: Michael Howard expressing his frustration with JavaScript during a live fuzzing demo.

“This thing is dumber than a bucket of rocks.” Context: Describing the simplicity of a custom fuzzer that nonetheless found serious bugs in seconds.

“If you don’t ask, it’s like being told no.” Context: The life lesson Michael learned when he decided to invite Bill Gates to write the foreword for his book.

“Security features does not equal secure features.” Context: Highlighting the gap between adding security controls and truly building secure systems.

“All input is evil until proven otherwise.” Context: A core principle from Writing Secure Code on why rigorous input validation remains critical.

“It’s better to crash an app than to run malicious code. They both suck, but one sucks a heck of a lot less.” Context: Advocating for secure-by-default defenses that fail safely rather than enable exploits.

“45 minutes later, he emailed back with one word, ‘absolutely.’” Context: Bill Gates’s rapid, enthusiastic response to writing the second-edition foreword.

“I often joke that I actually know nothing about security. I just know a lot of stories.” Context: Emphasizing the power of storytelling to make security lessons memorable and drive action.

software security, input validation, memory safety, secure coding, fuzzing, CodeQL, Rust, C/C++, SSRF, compensating controls, Microsoft, Secure Future Initiative

2025-05-27 Oddly useful Linux tools you probably haven't seen before - YouTube { www.youtube.com }

Caught in a heavy downpour but grateful to be warm and dry inside, the speaker dives into a list of surprisingly useful tools. First is Webcam Eyes, a 200-line shell script that effortlessly mounts most modern cameras as webcams—especially useful for recording with tools like ffmpeg. After testing on multiple Canon and Sony cameras, it proved flawless. Next up is Disk, a colorful, graph-based alternative to df, offering cleaner output and useful export options like JSON and CSV, written in Rust and only marginally slower.

The Pure Bash Bible follows—a compendium of bash-only alternatives to common scripting tasks typically handled by external tools. It emphasizes performance and optimization for shell scripts. Then comes Zephyr, a nested X server useful for window manager development, poorly-behaved applications, or sandboxing within X11. Finally, a patch for cp and mv brings progress bars to these core utilities—helpful when rsync isn’t an option, even if coreutils maintainers deemed these tools “feature complete.”

tools, shell scripting, webcams, disk utilities, bash, X11, developer tools

2025-05-18 I changed databases again (please learn from my mistakes) - YouTube { www.youtube.com }

tags: database migration, Convex, IndexedDB, Dexi, sync engine, T3 Chat, optimistic updates, live queries, SSE streaming, resumable streams, PlanetScale, Drizzle ORM, Replicache Zero, feature flags, WebSocket authentication, TypeScript, JWT, session management, migration debugging, client-server architecture

1. Overview The speaker has completed yet another database migration—this time to Convex—and hopes it’s the last. After five grueling years of building and maintaining a custom sync engine and debugging for days on end, they finally reached a setup they trust for their T3 Chat application.
2. Original Local-First Architecture
   • IndexedDB + Dexi: Entire client state (threads, messages) was serialized with SuperJSON, gzipped, and stored as one blob. Syncing required blobs to be re-zipped and uploaded whole, leading to race conditions (only one tab at a time), performance bottlenecks, and edge-case bugs in Safari.
   • Upstash Redis: Moved to Upstash with key patterns like message:userId:uuid, but querying thousands of keys on load proved unsustainable.
   • PlanetScale + Drizzle: Spun up a traditional SQL schema in two days. Unfortunately, the schema stored only a single SuperJSON field, bloating data and preventing efficient relational queries.
3. Required Capabilities
   • Eliminate IndexedDB’s quirks.
   • One source of truth (no split brain between client and server).
   • Instant optimistic UI updates for renames, deletions, and new messages.
   • Resumable AI-generation streams.
   • Strong signed-out experience.
   • Unblock the engineering team by offloading sync complexity.
4. Rejected Alternatives
   • Zero (Replicache): Required Postgres + custom WebSocket infra and separate schema definitions in SQL, client, and server permissions layers.
   • Other SDKs/ORMs: All suffered from duplicate definitions and didn’t fully solve client-as-source issues or resumable streams.
5. Why Convex Won
   • TypeScript-first application database: Single schema file, no migrations for shape changes.
   • Built-in sync engine: WebSocket transactions automatically push updates to subscribed queries.
   • Permissions in code: Easily enforce row-level security in TS handlers.
   • Live queries: Any mutation (e.g. updating a message’s title) immediately updates all listeners without manual cache management.
6. Refactored Message Flow
   1. Create mutations in Convex for new user and assistant messages before calling the AI.
   2. Stream SSE from /api/chat to the client for optimistic token-by-token rendering.
   3. Chunked writes: Instead of re-writing the entire message on every token, batch updates to Convex every 500 ms (future improvement: use a streamId field and Vercel’s resumable-stream helper).
   4. Title generation moved from brittle SSE event parsing & IndexedDB writes to a simple convex.client.mutation('chat/updateTitle', { threadId, title }). The client auto-refreshes via live query.
7. Migration Path
   • Feature flag: Users opt into the Convex beta via a settings toggle.
   • Chunked data import: Server-side Convex mutations ingest threads (500 per chunk), messages (100 per chunk), and attachments from PlanetScale.
   • Cookie & auth handling: Adjusted HttpOnly, Expires, and JWT parsing (switched from a custom-sliced ID to the token’s subject field) to ensure WebSocket authentication and avoid Brave-specific bugs.
8. Major Debugging Saga A rare Open-Auth library change caused early users’ tokens to carry user:… identifiers instead of numeric Google IDs. Only by logging raw JWT fields and collaborating with an early adopter could this be traced—and fixed by reading the subject claim directly.
9. Outcomes & Benefits
   • Eliminated IndexedDB’s instability and custom sync engine maintenance.
   • Unified schema and storage in Convex for all client and server state.
   • Robust optimistic updates and live data subscriptions.
   • Resumable AI streams via planned streamId support.
   • Improved signed-out flow using Convex sessions.
   • Team now free to focus on product features rather than sync orchestration.
10. Next Steps
    • Migrate full user base.
    • Integrate resumable-stream IDs into messages for fault-tolerant AI responses.
    • Monitor Convex search indexing improvements under high write load.
    • Celebrate the end of database migrations—at least until the next big feature!

2025-04-25 The Inside Story of the Windows Start Menu - YouTube { www.youtube.com }

The Windows Start Menu has a deep history that mirrors the evolution of Microsoft's operating systems. Beginning with the command-line MS-DOS interface in 1981 and the basic graphical MS-DOS Executive in Windows 1.0, Microsoft gradually developed more user-friendly navigation systems. Windows 3.1's Program Manager introduced grouped icons for application access, but the major breakthrough came with Windows 95, which debuted the hierarchical Start Menu. Inspired by the Cairo project, this menu featured structured sections like Programs, Documents, and Settings, designed for easy navigation on limited consumer hardware.

Subsequent versions saw both visual and technical advancements: NT4 brought Unicode support and multithreading; XP introduced the iconic two-column layout with pinned and recent apps; Vista added search integration and the Aero glass aesthetic; and Windows 7 refined usability with taskbar pinning. Windows 8's touch-focused Start Screen alienated many users, leading to a partial rollback in 8.1 and a full restoration in Windows 10, which blended traditional menus with live tiles. Windows 11 centered the Start Menu, removing live tiles and focusing on simplicity.

Technically, the Start Menu operates as a shell namespace extension managed by Explorer.exe, using Win32 APIs and COM interfaces. It dynamically enumerates shortcuts and folders via Shell Folder interfaces, rendering content through Windows' menu systems. A personal anecdote from developer Dave Plamer highlights an attempted upgrade to the NT Start Menu's sidebar using programmatic text rendering, which was ultimately abandoned in favor of simpler bitmap graphics due to localization complexities. This story underscores the blend of technical ambition and practical constraints that have shaped the Start Menu's legacy.

windows history, start menu, user interface design, microsoft development, operating systems, windows architecture, software engineering lessons

2025-03-24 Keynote: The past, present, and future of AI for application developers - Steve Sanderson - YouTube { www.youtube.com }

Tags: AI, application development, history, chatbots, neural networks, Markov models, GPT, large language models, small language models, business automation, agents, speech recognition, API integration.

• 2025-03-24 NuGet Gallery | Microsoft.Extensions.AI 9.3.0-preview.1.25161.3 { www.nuget.org }

2025-03-16 The Definition Of Insanity - Sam Newman - NDC London 2025 - YouTube { www.youtube.com }

Tags: Distributed Systems, Timeouts, Retries, Idempotency, Resilience, Reliability, Fault Tolerance, Network Communication, System Design, Exponential Backoff, Unique Request IDs, Request Fingerprinting, Latency Management, Resource Management, System Robustness, Software Engineering, Architecture Best Practices

Timeouts: In distributed systems, waiting indefinitely leads to resource exhaustion, degraded performance, and cascading failures. Timeouts establish explicit limits on how long your system waits for responses, preventing unnecessary resource consumption (e.g., tied-up threads, blocked connections) and ensuring the system remains responsive under load.

Purpose: Timeouts help maintain system stability, resource efficiency, and predictable performance by immediately freeing resources from stalled or unresponsive requests.

Implementation: Clearly define timeout thresholds aligned with realistic user expectations, network conditions, and system capabilities. Even asynchronous or non-blocking architectures require explicit timeout enforcement to prevent resource saturation.

Challenges: Selecting appropriate timeout durations is complex—timeouts that are too short risk prematurely dropping legitimate operations, while excessively long durations cause resource waste and poor user experience. Dynamically adjusting timeouts based on system conditions adds complexity but improves responsiveness.

Tips:

• Regularly monitor and adjust timeout values based on actual system performance metrics.
• Clearly document timeout settings and rationale to facilitate maintenance and future adjustments.
• Avoid overly aggressive or overly conservative timeouts; aim for a balance informed by real usage patterns.

---

Retries: Transient failures in distributed systems are inevitable, but effective retries allow your application to gracefully recover from temporary issues like network glitches or brief service disruptions without manual intervention.

Purpose: Retries improve reliability and user experience by automatically overcoming short-lived errors, reducing downtime, and enhancing system resilience.

Implementation: Implement retries using explicit retry limits to prevent repeated attempts from overwhelming system resources. Employ exponential backoff techniques to progressively delay retries, minimizing retry storms. Introducing jitter (randomized delays) can further reduce the risk of synchronized retries.

Challenges: Differentiating between transient errors (which justify retries) and systemic problems (which do not) can be difficult. Excessive retries can compound problems, causing resource contention, performance degradation, and potential system-wide failures. Retries also introduce latency, potentially affecting user experience.

Tips:

• Set clear maximum retry limits to prevent endless retry loops.
• Closely monitor retry attempts and outcomes to identify patterns that signal deeper system issues.
• Use exponential backoff and jitter to smooth retry load, avoiding spikes and cascades in resource use.

---

Idempotency: Safely retrying operations depends heavily on idempotency—the principle that repeating the same operation multiple times yields the exact same outcome without unintended side effects. This is similar to repeatedly pressing an elevator button; multiple presses don't summon additional elevators, they simply confirm your original request.

Purpose: Idempotency guarantees safe and predictable retries, preventing duplicated transactions, unintended state changes, and inconsistent data outcomes.

Implementation Approaches:

• Unique Request IDs: Assign each request a unique identifier, allowing the system to recognize and manage duplicate requests effectively.
• Request Fingerprinting: Generate unique "fingerprints" (hashes) for requests based on key attributes (user ID, timestamp, request content) to detect and safely handle duplicates. Fingerprints help differentiate legitimate retries from genuinely new operations, mitigating risks of duplication.
• Naturally Idempotent Operations: Architect operations to inherently produce identical outcomes upon repeated execution, using methods such as stateless operations or RESTful idempotent verbs (e.g., PUT instead of POST).

Challenges: Achieving true idempotency is complex when operations involve external resources, mutable states, or multiple integrated services. Fingerprinting accurately without false positives is challenging, and maintaining idempotency alongside rate-limiting or throttling mechanisms requires careful system design.

Tips:

• Clearly mark operations as idempotent or non-idempotent in API documentation, helping developers and maintainers understand system behaviors.
• Combine multiple idempotency strategies (unique IDs and fingerprints) for higher reliability.
• Regularly validate and review idempotency mechanisms in real-world production conditions.
• Ensure robust logging and tracing to monitor idempotency effectiveness, catching issues early.

2025-03-30 Using GenAI on your code, what could possibly go wrong? - - YouTube { www.youtube.com }

Tags: AI security, code generation, prompt injection

• Generative AI tools like Copilot and ChatGPT often create insecure code—up to 40% has flaws.
• Developers tend to trust AI output too much without proper validation.
• Security debt is rising; most teams can’t fix issues faster than they appear.
• AI risks fall into three layers: usage (how it’s used), application (how it’s integrated), and platform (how the models are built).
• Plugins and prompt injection can give attackers unintended access and control.
• LLM output is only as safe as its most sensitive input—plugins must be tightly controlled.
• Backdoored models and poisoned training data are real threats.
• Better prompts, human review, and secure defaults are essential.
• Tools like PentestGPT and Oxbo show potential for AI to help find and fix security flaws.

Educational resources mentioned:

• AI Security Fundamentals (Microsoft Learn)
• Generative AI with Large Language Models (Coursera)
• 3Blue1Brown (YouTube)
• BlueHat talk on prompt injection
• Microsoft Build/Ignite AI security talks
• OpenFuse (model supply chain security)
• AWS Bedrock Guardrails
• Josh Brown-White talk on secure code fixing with AI

Software Design​

2025-03-24 Distributed Locking: A Practical Guide - by Oskar Dudycz { www.architecture-weekly.com }

(found in Programming Digest: Email Newsletter)

Tags: distributed systems, concurrency, distributed locks, data consistency, Redis, ZooKeeper, etcd, database locks, Kubernetes, fault tolerance, deadlocks, scalability, high availability, lock contention.

💥 2025-02-09 Versioning versus Coordination - Marc's Blog { brooker.co.za }

I want to show you why multi-version concurrency control outdoes locking in distributed databases. By giving each transaction its own snapshot, we never make readers and writers wait on each other, cutting way down on coordination across replicas. I also rely on carefully synchronized physical clocks to get rid of any need for a central version authority, which increases both scalability and availability. This approach hits the sweet spot of guaranteeing read-after-write consistency while still letting us scale horizontally. I am building on David Reed's groundbreaking 1979 work, which underscores how versions help capture consistent states without heavy synchronization. Sure, we need to manage older versions for ongoing transactions, but that is a fair trade-off for the performance and consistency we gain. All in all, versioning is the right choice if you want a fast, truly distributed database system.

2024-12-26 Helm-based deployments for Apache NiFi - Azure Architecture Center | Microsoft Learn { learn.microsoft.com }

Azure Deployment and software design hints from Microsoft

2024-12-01 Hexagonal Architecture: A Practical Guide | Booking.com Engineering { medium.com }

Algorithms​

2025-02-28 Markov Chains explained visually { setosa.io }

Tags: Markov chains, stochastic processes, state transitions, transition matrices, probability modeling, weather simulation, PageRank algorithm, visualization, interactive learning, mathematical modeling

Markov chains model systems transitioning between states based on current conditions, useful in simulating real-world phenomena.

• A Markov chain consists of a state space and transition probabilities between states.
• Transition matrices represent these probabilities, facilitating complex modeling.
• Applications include weather pattern simulation and Google's PageRank algorithm.
• Interactive tools enhance understanding of Markov chains.

This article offers a visual, intuitive explanation of Markov chains, making complex concepts accessible through interactive simulations.

2025-02-23 Hash Functions Deep Dive { www.kirupa.com }

(found in 2025-02-23 A calculator app? { programmingdigest.net })

2024-09-29 Raft { thesecretlivesofdata.com }

Tags: distributed systems, consensus algorithm, Raft, leader election, log replication, fault tolerance, data consistency, state machine replication, system reliability, interactive visualization

The Raft consensus algorithm ensures distributed systems achieve fault-tolerant data consistency through leader-based log replication and leader election mechanisms.

• Raft decomposes consensus into leader election and log replication to simplify understanding.
• Leader election occurs when the current leader fails, with nodes voting based on log up-to-dateness.
• The leader handles client requests, appending entries to its log and replicating them to followers.
• Entries are committed once a majority acknowledges them, ensuring consistency across nodes.
• Raft enforces safety properties like election safety, leader append-only, log matching, leader completeness, and state machine safety.

it provides an interactive visualization of the Raft algorithm, making complex distributed system concepts more accessible.

2024-09-29 Implementing Blocked Floyd-Warshall algorithm for solving all-pairs shortest path problem in C# – Oleg Karasik's blog { olegkarasik.wordpress.com }

Tags: Floyd-Warshall algorithm, blocked algorithm, all-pairs shortest path, C# implementation, CPU cache optimization, vectorization, parallel processing, performance optimization, graph algorithms, computational efficiency

The article presents an optimized C# implementation of the blocked Floyd-Warshall algorithm to solve the all-pairs shortest path problem, leveraging CPU cache, vectorization, and parallel processing for enhanced performance.

• Explanation of CPU cache levels (L1, L2, L3) and their impact on algorithm performance
• Detailed comparison between standard and blocked Floyd-Warshall algorithms
• Implementation of vectorization techniques to process multiple data points simultaneously
• Utilization of parallel processing to distribute computations across multiple CPU cores
• Experimental results demonstrating significant performance improvements with the optimized approach

This article is important as it provides practical insights into enhancing algorithm efficiency through hardware-aware optimizations, offering valuable guidance for developers aiming to improve computational performance.

2024-07-15 Finding near-duplicates with Jaccard similarity and MinHash - Made of Bugs

Tags: document deduplication, Jaccard similarity, MinHash, locality-sensitive hashing, approximate similarity, large-scale text processing, data deduplication, near-duplicate detection, feature sets, hash functions

The article explores using Jaccard similarity and MinHash techniques to identify approximately duplicate documents efficiently in large datasets.

• Jaccard similarity measures the overlap between two sets as the size of their intersection divided by the size of their union.
• MinHash approximates Jaccard similarity by hashing document features and comparing the minimum hash values.
• Combining multiple MinHash values enables detection of near-duplicate documents with high probability.
• This method scales well, making it useful for large-scale text processing tasks.

This article is interesting because it introduces efficient, scalable methods for detecting near-duplicate documents—an essential challenge in managing large text datasets.

2024-10-18 trekhleb/javascript-algorithms: 📝 Algorithms and data structures implemented in JavaScript with explanations and links to further readings { github.com }

2025-01-05 B-Trees: More Than I Thought I'd Want to Know | Ben Congdon { benjamincongdon.me }

2025-01-05 Static search trees: 40x faster than binary search · CuriousCoding { curiouscoding.nl }

CRDT Conflict-free replicated data type​

2025-01-19 Learn Yjs by Jamsocket { learn.yjs.dev }

Welcome to Learn Yjs — an interactive tutorial series on building realtime collaborative applications using the Yjs CRDT library.

This very page is an example of a realtime collaborative application. Every other cursor in the garden above is a real live person reading the page right now. Click one of the plants to change it for everyone else!

Learn Yjs starts with the basics of Yjs, then covers techniques for handling state in distributed applications. We’ll talk about what a CRDT is, and why you’d want to use one. We’ll get into some of the pitfalls that make collaborative applications difficult and show how you can avoid them. There will be explorable demos and code exercises so you can get a feel for how Yjs really works.

2024-06-27 Resilient Sync for Local First | Dirk Holtwick

Tags: local-first, data synchronization, resilient sync, CRDT, offline data processing, end-to-end encryption, data exchange format, peer-to-peer communication, data resilience, technology evolution

The article proposes a resilient data synchronization method for local-first applications, enabling offline data processing and secure synchronization using simple, technology-agnostic protocols.

• Introduces a continuous log system where each client records changes sequentially, ensuring data consistency.
• Separates large binary data (assets) from content changes to optimize synchronization efficiency.
• Highlights benefits such as independent data retrieval, immediate detection of missing data, and compatibility with various storage systems, including file systems and online services.
• Discusses potential enhancements like data compression, cryptographic methods for rights management, and implementing logical clocks for improved data chronology.

This article is important as it addresses the challenges of data synchronization in local-first applications, offering a robust solution that enhances data resilience and user autonomy.

2024-07-30 Movable tree CRDTs and Loro's implementation – Loro

Tags: CRDTs, Movable Tree, Loro, Conflict Resolution, Distributed Systems, Collaborative Software, Hierarchical Data, Node Movement, Concurrent Operations, Cycle Prevention

The article discusses implementing Movable Tree CRDTs in collaborative environments, addressing challenges like node movement conflicts and cycle prevention.

• Concurrent operations such as node deletion and movement can lead to conflicts.
• Moving the same node under different parents requires careful conflict resolution strategies.
• Concurrent movements causing cycles necessitate specific handling to maintain tree integrity.

Understanding these challenges is crucial for developers working on collaborative applications that manage hierarchical data structures, ensuring data consistency and system reliability.

2024-12-07 Lies I was Told About Collaborative Editing, Part 1: Algorithms for offline editing / Moment devlog { www.moment.dev }

Tags: collaborative editing, offline editing, CRDTs, operational transformation, conflict resolution, user experience, data corruption, algorithm limitations, UX design, Moment.dev

Collaborative editing algorithms like CRDTs and OT often mishandle offline editing conflicts, leading to user-perceived data corruption.

• Offline editing increases the likelihood of direct conflicts.
• CRDTs and OT often resolve these conflicts in unexpected or unintuitive ways.
• Users interpret unexpected resolutions as data corruption, harming trust.
• Algorithms lack user intent/context, limiting effective conflict resolution.

This article is important because it challenges assumptions about widely used algorithms and highlights how technical correctness can fail real users.

2024-12-18 vlcn-io/cr-sqlite: Convergent, Replicated SQLite. Multi-writer and CRDT support for SQLite { github.com }

Tags: SQLite, CRDT, Database Replication, Multi-Writer Synchronization, Offline Editing, Realtime Collaboration, Conflict Resolution, Data Synchronization, vlcn-io, cr-sqlite

CR-SQLite is a SQLite extension enabling seamless merging of independently modified databases using Conflict-Free Replicated Data Types (CRDTs).

• multi-master replication and partition tolerance
• offline editing and automatic conflict resolution
• real-time collaboration by merging independent edits
• Integrates with JavaScript environments, including browser and Node.js

This project is important because it tackles the challenges of syncing distributed databases, making it easier to build collaborative, offline-first apps.

"It's like Git, for your data."

CR-SQLite is a run-time loadable extension for SQLite and libSQL. It allows merging different SQLite databases together that have taken independent writes.

In other words, you can write to your SQLite database while offline. I can write to mine while offline. We can then both come online and merge our databases together, without conflict.

In technical terms: cr-sqlite adds multi-master replication and partition tolerance to SQLite via conflict free replicated data types (CRDTs) and/or causally ordered event logs.

2024-12-18 CRDTs and collaborative playground | Cerbos { www.cerbos.dev }

CRDTs are a class of data structures that automatically resolve conflicts in distributed systems, allowing for seamless data synchronization across multiple points without centralized coordination. They're designed for environments where network partitions or latency make constant communication impractical but have since found more generalised use due to their simplicity and elegance.

They're incredibly useful when it comes to developing robust, distributed applications that require real-time collaboration. They enable multiple users to work concurrently on the same dataset, with guarantees of eventual consistency, eliminating the need for complex conflict resolution logic. Does your application need offline support? Good news: you get that for free, too!

The concept was formalised in 2011 when a group of very smart researchers came together and presented a paper on the topic; initially motivated by collaborative editing and mobile computing, but its adoption has spread to numerous other applications in the years that followed.

OK, sold. How do I get started? The answer, surprisingly, is "very easily". Given its meteoric adoption rate in recent years, some excellent, battle-tested projects have appeared and taken strong hold in the community. Let's take a look at a couple: (...)

Inspiration!​

2025-05-04 tldr pages { tldr.sh }

The tldr pages are a community effort to simplify the beloved man pages with practical examples.

Try the live demo below, have a look at the PDF version, or follow the installation instructions.

2025-02-13 CoatiSoftware/Sourcetrail: Sourcetrail - free and open-source interactive source explorer { github.com }

Video: 2025-02-13 The Diablo Source Code Is Pure Hell (and I am here for it) - YouTube { www.youtube.com }

2025-05-27 dylanaraps/pure-bash-bible: 📖 A collection of pure bash alternatives to external processes. { github.com }

The goal of this book is to document commonly-known and lesser-known methods of doing various tasks using only built-in bash features. Using the snippets from this bible can help remove unneeded dependencies from scripts and in most cases make them faster. I came across these tips and discovered a few while developing neofetch, pxltrm and other smaller projects.

The snippets below are linted using shellcheck and tests have been written where applicable. Want to contribute? Read the CONTRIBUTING.md. It outlines how the unit tests work and what is required when adding snippets to the bible.

See something incorrectly described, buggy or outright wrong? Open an issue or send a pull request. If the bible is missing something, open an issue and a solution will be found.

2025-05-27 cowtoolz/webcamize: Use almost any camera as a webcam—DSLRs, mirrorless, camcorders, and even point-and-shoots { github.com } but look at that birds!

Webcamize allows you to use basically any modern camera as a webcam on Linux—your DSLR, mirrorless, camcorder, point-and-shoot, and even some smartphones/tablets. It also gets many webcams that don't work out of the box on Linux up and running in a flash.

2025-05-24 Root for Your Friends · Joseph Thacker { josephthacker.com }

Tags: #SupportFriends #Positivity #GrowthMindset #SuccessTogether #CelebrateOthers #GoodVibes #Teamwork #Networking #Kindness #Community

Cheering for your friends helps everyone grow and succeed together.

• Success isn't a competition—helping others win helps you too
• Supportive friends cheer, share, and give honest advice
• Be the friend who celebrates others loudly
• Mutual support builds strong, lasting networks

It’s a good reminder that being kind and supportive leads to better relationships and shared success.

2025-05-24 A brief history of JavaScript | Deno { deno.com }

JavaScript was created in 1995 by Brendan Eich at Netscape to make websites more interactive. He built the first version in just ten days. It was first called Mocha, then LiveScript, and finally JavaScript to take advantage of Java’s popularity.

It became a standard language through ECMAScript and expanded beyond browsers. Node.js allowed JavaScript to run on servers, and later Deno was introduced to fix some of Node.js’s issues.

JavaScript, history, Brendan Eich, Netscape, ECMAScript, Node.js, Deno, web development

2025-05-24 ECMAScript 4: The missing version { evertpot.com }

Tags: ECMAScript, JavaScript, ES4, Programming Languages, Type Systems, Interfaces, Classes, Static Typing, Language Evolution, Web Development

ECMAScript 4 was an ambitious but ultimately abandoned update to JavaScript, introducing features like classes, interfaces, and static typing that were later adopted in ES6 and TypeScript.

• ES4 aimed to modernize JavaScript with features such as classes, interfaces, and static typing, but its complexity and backward incompatibility led to its abandonment.
• Proposed features included class declarations with access modifiers, interfaces, nominal typing with union types, generics, and new primitive types like byte, int, and decimal.
• The like keyword was introduced to allow structural typing, providing flexibility in type checking.
• ES4's package system and triple-quoted strings were early attempts at modularity and improved string handling.
• Flash ActionScript 3 implemented many ES4 concepts, serving as a practical example of the proposed features.

Understanding ES4's history provides insight into JavaScript's evolution and the challenges of balancing innovation with compatibility in language design.

2025-05-03 Carl Öst Wilkens´ Blog - Minimum viable blog { ostwilkens.se }

2025-04-22 Pipelining might be my favorite programming language feature | MOND←TECH MAGAZINE { herecomesthemoon.net }

The author of this blog also adds dithering to the illustrations!

2025-04-15 SQLite File Format Viewer { sqlite-internal.pages.dev }

Tags: SQLite, Database Internals, File Format, Page Structure, B-Tree, Schema, Freelist, Write-Ahead Logging, Overflow Pages, Pointer Map

The SQLite File Format Viewer offers an interactive exploration of SQLite database internals, detailing page structures, B-tree organization, and schema representation.

• Page Structure: SQLite databases are divided into fixed-size pages (512 to 65536 bytes), each serving specific roles such as B-tree nodes, freelist entries, or overflow storage.
• Database Header: The first 100 bytes of the database file contain critical metadata, including page size, file format versions, and schema information.
• Freelist Management: Unused pages are tracked in a freelist, allowing efficient reuse of space without immediate file size reduction.
• B-Tree Organization: Tables and indexes are stored using B-tree structures, facilitating efficient data retrieval and storage.
• Overflow and Pointer Map Pages: Large records utilize overflow pages, while pointer map pages assist in managing auto-vacuum and incremental vacuum processes.

This tool is valuable for developers and database administrators seeking a deeper understanding of SQLite's storage mechanisms, aiding in optimization and troubleshooting efforts.

2025-04-15 Omnom { omnom.zone }

Tags: bookmarking, web snapshots, offline access, browser extensions, digital archiving, web preservation, Omnom, GitHub, Firefox, Chrome

Omnom is a tool that enables users to create and manage self-contained snapshots of bookmarked websites for reliable offline access and sharing.

• Omnom ensures saved pages remain accessible even if the original content changes or is removed.
• The platform offers browser extensions for Firefox and Chrome to facilitate bookmarking and snapshot creation.
• A read-only demo is available, with the full project hosted on GitHub.
• Users can explore public bookmarks and snapshots through the Omnom interface.

This article is significant as it introduces a solution for preserving web content, addressing challenges related to content volatility and ensuring consistent access to information.

2025-04-13 WebTUI { webtui.ironclad.sh }

Tags: WebTUI, Typography, HTML Elements, CSS Styling, Headings, Lists, Blockquotes, Inline Elements, Custom Markers, Typography Block WebTUI – A CSS Library That Brings the Beauty of Terminal UIs to the Browser

2025-04-12 VERT.sh { vert.sh }

Open source and self hostable/private file converter

2025-04-12 Open source and self hostable/private file converter | Hacker News { news.ycombinator.com }

2025-04-07 What’s Trading on Capitol Hill? - Capitol Trades { www.capitoltrades.com }

Capital Trades: Tracking Stock Market Transactions of Politicians

HN: Capital Trades: Tracking Stock Market Transactions of Politicians | Hacker News

Why Capitol Trades?

Tracking Capitol Hill politicians' trades can provide valuable insights for your investment research — and we offer you a free solution to do just that.

CapitolTrades.com is the industry leading resource for political investor intelligence, and a trusted source for media outlets such as the Wall Street Journal and the New York Times.

About Us

2025-04-07 Glamorous Toolkit { gtoolkit.com }

Each problem about your system is special. And each problem can be explained through contextual development experiences. Glamorous Toolkit enables you to build such experiences out of micro tools. Thousands of them ... per system. It's called Moldable Development.

2025-04-05 Coolify { coolify.io }

Self-hosting with superpowers. An open-source & self-hostable Heroku / Netlify / Vercel alternative.

2025-04-02 ✱ dori the giant ✱: 13 Animals Made From 13 Circles { www.dorithegiant.com }

2025-04-01 Fluentsubs - Watch, Learn, and Master Any Language { app.fluentsubs.com }

Show HN: Duolingo-style exercises but with real-world content like the news (fluentsubs.com)

2025-04-01 Generate autounattend.xml files for Windows 10/11 { schneegans.de }

This service lets you create answer files (typically named unattend.xml or autounattend.xml) to perform unattended installations of both Windows 10 and Windows 11, including 24H2. Answer files generated by this service are primarily intended to be used with Windows Setup run from Windows PE to perform clean (rather than upgrade) installations.

2025-04-01 A Man Powers Home for 8 Years Using 1,000 Old Laptop Batteries { techoreon.com }

A man has managed to power his home for eight years with a system using more than 1,000 recycled laptop batteries. This ingenious project, based on the use of electronic waste, has proven to be an environmentally friendly and economical solution, without the need to even replace batteries over the years.

This system also uses solar panels, which were the origin of his renewable energy project that he started a long time ago and which has been enough for him to live during this time.

2025-03-29 Train & Weather Tracker with Raspberry Pi & E-Ink { sambroner.com }

I finally built a Raspberry Pi project my wife loves: an e-ink train and weather tracker! If you want to build one yourself, the Github & instructions are here.

2025-03-29 Lofi Tab 🐈‍⬛🎧 { lofitab.com }

Transform your new tab into a productive and calming lofi experience with todos, weather, clock, and beautiful backgrounds.

2025-03-29 typedgrammar/typed-japanese: Learn Japanese grammar with TypeScript { github.com }

Tags: TypeScript, Japanese Grammar, Type-Level Programming, Language Learning, Domain-Specific Language, Compiler Verification, Educational Tool, AI-Assisted Learning, Grammar Verification, Open Source

Typed Japanese is a TypeScript library that models Japanese grammar rules at the type level, enabling the construction and verification of grammatically correct Japanese sentences within TypeScript's type system.

By creating a domain-specific language (DSL) based on Japanese grammar, it allows developers to express and validate Japanese sentences using TypeScript's compiler. The project also explores the potential for AI-assisted language learning by providing structured formats for grammar analysis, which can be verified through TypeScript's type checker to improve correctness.

This innovative approach bridges programming and linguistics, offering a unique tool for both developers and language learners to understand and apply Japanese grammar rules programmatically.

2025-03-27 xan/docs/LOVE_LETTER.md at master · medialab/xan { github.com }

Or why people pretending CSV is dead are wrong

Every month or so, a new blog article declaring the near demise of CSV in favor of some "obviously superior" format (parquet, newline-delimited JSON, MessagePack records etc.) find its ways to the reader's eyes. Sadly those articles often offer a very narrow and biased comparison and often fail to understand what makes CSV a seemingly unkillable staple of data serialization.

It is therefore my intention, through this article, to write a love letter to this data format, often criticized for the wrong reasons, even more so when it is somehow deemed "cool" to hate on it. My point is not, far from it, to say that CSV is a silver bullet but rather to shine a light on some of the format's sometimes overlooked strengths.

CSV is dead simple

The specification of CSV holds in its title: "comma separated values". Okay, it's a lie, but still, the specification holds in a tweet and can be explained to anybody in seconds: commas separate values, new lines separate rows. Now quote values containing commas and line breaks, double your quotes, and that's it. This is so simple you might even invent it yourself without knowing it already exists while learning how to program.

Of course it does not mean you should not use a dedicated CSV parser/writer because you will mess something up.

CSV is a collective idea

No one owns CSV. It has no real specification (yes, I know about the controversial ex-post RFC 4180), just a set of rules everyone kinda agrees to respect implicitly. It is, and will forever remain, an open and free collective idea.

CSV is text

2025-03-25 https://www.slidehero.ai/ Show HN: I'm a teacher and built an AI presentation tool | Hacker News { news.ycombinator.com }

2025-03-22 Scallop { www.scallop-lang.org }

Tags: scallop, datalog, AI_reasoning, pytorch, symbolic_logic, vision, NLP, machine_learning, frameworks, integration

Scallop – A Language for Neurosymbolic Programming

2025-03-20 Konva - JavaScript Canvas 2d Library { konvajs.org }

JavaScript, Canvas, 2D, Konva, Object-Oriented API, Cross-Platform, Animations, Node Management, Export, Filters, Framework Integration, Drag and Drop, React, Vue, Svelte, Tutorials, Demos, API Reference, Design Editors.

2025-03-16 👋 Hello, This is Nash { keepworking.github.io }

2025-03-15 Learn | KIRUPA { www.kirupa.com }

Just tags: web development, HTML, CSS, JavaScript, React, animation, data structures, algorithms, UX design, canvas, product development, sorting algorithms, career growth, web design, programming tips, coding tutorials, Flash, ActionScript, web fundamentals, learning resources, developer tools

2025-03-15 codr7/eli: Embedded Lisp Interpreter { github.com }

eli represents the culmination of more than 15 years of designing and implementing embedded Lisp interpreters in various languages.

It all began with a craving an embedded Lisp for personal projects, but evolved into one of the deepest rabbit holes I've had the pleasure of falling into.

Implementations​

The following projects implement eli in different languges, some are more complete than others. Most work currently happens in eli-java.

• C
• C#
• Go
• Java
• Swift

2025-03-15 Milk Kanban { brodzinski.com }

2025-03-13 MLU-Explain {mlu-explain.github.io}

Visual explanations of core machine learning concepts

Machine Learning University (MLU) is an education initiative from Amazon designed to teach machine learning theory and practical application.

As part of that goal, MLU-Explain exists to teach important machine learning concepts through visual essays in a fun, informative, and accessible manner.

2025-03-13 kern/filepizza: 🍕 Peer-to-peer file transfers in your browser { github.com }

Peer-to-peer file transfers in your browser Cooked up by Alex Kern & Neeraj Baid while eating Sliver @ UC Berkeley.

Using WebRTC, FilePizza eliminates the initial upload step required by other web-based file sharing services. Because data is never stored in an intermediary server, the transfer is fast, private, and secure.

A hosted instance of FilePizza is available at file.pizza.

2025-03-01 The world's most unhinged video wall (made out of Chromebooks) { varun.ch }

techreuse, video_wall, software_hack, hardware_mods, creative_design

My friend and I spent three years turning old Lenovo ThinkPad 11e Chromebooks, which were considered junk, into a fully functional video wall. We repurposed the displays from 10 Chromebooks, synchronized video playback using a custom web app called c-sync, and tackled countless hardware and software challenges along the way. The project involved removing firmware restrictions, installing Linux, and using tools like coreboot to make the laptops boot directly to a web page displaying synchronized video segments.

2025-02-28 Troubleshooting: The Skill That Never Goes Obsolete — The Autodidacts { www.autodidacts.io }

#troubleshooting, #problem-solving, #mindset, #learning I see troubleshooting as the one skill that never gets outdated. It’s about finding the cause of a problem in any system by stepping back, understanding how things flow, and comparing what should happen with what actually does. I start by checking that I’m working on the right part of the system and then form a clear idea of the issue before diving in.

I use a method that involves testing parts of the system one by one, gathering as much real-time data as possible, and cutting through noise. I form hypotheses, rule out common failure points, and test my ideas by isolating or disconnecting subsystems. This approach helps me avoid wasted effort and speeds up finding the true problem, even when things seem tangled.

I also believe that the best fixes come from learning from each mistake. I write down what I discover, rely on practical testing, and keep my work simple. By respecting the system and knowing when to ask for help or replace only what’s necessary, I turn challenges into opportunities to get better at troubleshooting every time.

2025-02-28 Yaak – The API client for modern developers { yaak.app }

2025-02-28 mountain-loop/yaak: The most intuitive desktop API client. Organize and execute REST, GraphQL, WebSockets, Server Sent Events, and gRPC 🦬 { github.com }

The API client for modern developers Yaak is an offline and Git friendly app for HTTP, GraphQL, WebSockets, SSE, and gRPC.

2025-02-25 corporate.watch | we don't need to work this out for every report { corporate.watch }

I made a site to tell the time in corporate

2025-02-25 Show HN: I made a site to tell the time in corporate | Hacker News { news.ycombinator.com }

2025-02-25 About time… human readable time { clockish.co.uk }

2025-02-24 European word translator: an interactive map showing "smart" in over 30 languages { ukdataexplorer.com }

Good Reads​

2025-05-29 Duplication Is Not the Enemy – Terrible Software { terriblesoftware.org }

Developers are taught early on to eliminate code duplication, but this piece argues that premature abstraction is often a bigger danger. Abstracting too early — before understanding how requirements evolve — can lead to bloated, unmanageable code that's harder to change than the original duplication. The post uses a real-world scenario involving bonus calculations to show how well-meaning abstractions become convoluted as requirements change gradually over time. Each small, isolated addition to a shared function seems harmless, but the end result is a mess of parameters and conditionals no one wants to touch.

The author advocates for deferring abstraction until true patterns emerge, emphasizing that superficial similarities often mask fundamentally different needs. Instead of rushing to DRY out code at the first sign of repetition, developers should wait until they have enough insight into what varies and what remains constant. The takeaway: duplication can be an honest, maintainable choice until a meaningful, stable abstraction naturally reveals itself.

software design, programming principles, DRY, abstraction, code maintenance, real-world development

2025-05-10 The Deathbed Fallacy { www.hjorthjort.xyz }

People often say you should live so your future self won’t have regrets on their deathbed. But the article argues this is flawed thinking. The version of you on your deathbed is not living a full life anymore and can't see the whole picture clearly. That self is focused on recent memories, feels differently about risks, and doesn’t have to deal with long-term consequences.

We also misunderstand our past selves, thinking we know why we made certain choices. But those decisions made sense back then, even if they don't match who we are now. It's better to focus on what makes life good today—like meaningful work, good relationships, and purpose—rather than chasing an imagined regret-free future.

life-choices, regret, psychology, happiness, decision-making

2025-05-07 rate limiter – smudge.ai blog { smudge.ai }

Tags: rate-limiting, fixed windows, sliding windows, token buckets, API-throttling, burst management, traffic smoothing, Redis, HTTP-429

Visualizes and compares fixed window, sliding window, and token bucket rate-limiting algorithms, analyzing their pros, cons, and real-world applications to guide choosing the right strategy.

• Fixed window resets counters each interval; simple and predictable but allows bursts at window edges and has timezone issues.
• Sliding window refills per request for smoother traffic distribution; efficient approximations remove heavy timestamp storage while balancing control and performance.
• Token bucket refills tokens at a constant rate, supporting bursts and enforcing average rates; flexible yet harder to communicate limits.
• Implementation tips: use persistent stores (e.g., Redis), fail open on datastore errors, choose sensible keys (user ID, IP), and expose HTTP 429 with x-ratelimit headers.

This comparative review clarifies how each algorithm manages traffic, aiding developers in selecting and implementing effective throttling mechanisms.

2025-05-03 Accountability Sinks - by Martin Sustrik - 250bpm { 250bpm.substack.com }

Martin Sustrik explains how bureaucracies often create environments where responsibility becomes untraceable. These “accountability sinks” occur when rigid systems take precedence over individual judgment, making it nearly impossible to determine who made a decision or why. One example is the destruction of a shipment of squirrels at Schiphol Airport in 1999, where strict adherence to policy overrode common sense, and no one could be held directly responsible.

Sustrik warns that such systems can suppress initiative and slow down meaningful action. Still, he notes that not all formal structures are flawed — the problem arises when they prevent people from acting with ownership. Good systems should balance structure with personal responsibility, allowing people to act while still being accountable for their choices.

bureaucracy, responsibility, organizational design, systems, decision-making

...Holocaust researchers keep stressing one point: The large-scale genocide was possible only by turning the popular hatred, that would otherwise discharge in few pogroms, into a formalized administrative process.

For example, separating the Jews from the rest of the population and concentrating them at one place was a crucial step on the way to the extermination.

In Bulgaria, Jews weren't gathered in ghettos or local "labor camps", but rather sent out to rural areas to help at farms. Once they were dispersed throughout the country there was no way to proceed with the subsequent steps, such as loading them on trains and sending them to the concentration camps...

🔭 2025-04-26 Observability 2.0 and the Database for It | Greptime { greptime.com }

Observability 2.0 challenges the traditional three pillars approach by unifying metrics, logs, and traces into a single, context-rich data model called wide events. Instead of pre-aggregating metrics or parsing logs after the fact, this model treats raw, high-cardinality event data as the source of truth—capturing full system context upfront and allowing dynamic, retrospective computation of metrics and traces. This shift addresses key pain points of observability 1.0: data silos, redundant storage, loss of granularity, and the slow feedback loop of static instrumentation.

GreptimeDB is built explicitly for this new paradigm. It ingests wide events directly, supports real-time queries, materialized views, and triggers for alerts, and scales elastically using disaggregated storage and columnar formats. Crucially, it remains backward-compatible with existing tools like Grafana and PromQL while enabling ad-hoc, high-dimensional analysis without the complexity of traditional pre-aggregation pipelines. This design turns observability from a fragmented stack into a unified system for both real-time monitoring and deep analytics.

italics: observability 2.0, wide events, telemetry, data silos, real-time analytics, GreptimeDB, metrics, logs, traces, scalability, unified observability, cloud-native

🔭 2025-04-26 Observability wide events 101 | Boris Tane { boristane.com }

Tags: observability, wide events, high cardinality, high dimensionality, context-rich logging, distributed tracing, OpenTelemetry, debugging unknown unknowns, structured logging, application monitoring

Wide events are context-rich, high-dimensional logs emitted per service request, enabling deep observability and effective debugging of unforeseen issues beyond the capabilities of traditional logs and metrics.

• Wide events capture comprehensive data per request, including user details, request metadata, database queries, cache operations, and headers, all linked by a unique request ID.
• They facilitate correlation of events across services, aiding in identifying root causes of issues that traditional logs and metrics might miss.
• Unlike traditional observability tools, wide events allow for ad-hoc querying across any dimension without pre-aggregation, enhancing flexibility in data analysis.
• Implementing wide events can be achieved through custom logging or by leveraging distributed tracing frameworks like OpenTelemetry, which standardize context propagation and span creation.
• Effective tooling for wide events should support fast, flexible querying, raw data access, and affordability, ensuring comprehensive observability without excessive costs.
• Wide events complement rather than replace traditional metrics, offering deeper insights into application behavior, especially for complex or unexpected issues.

2025-04-24 YAGRI: You are gonna read it { www.scottantipa.com }

As an example, this commonly occurs when implementing a feature to let users delete something. The easy way is to just delete the row from the database, and maybe that's all that the current UI design call for. In this situation, regardless of the requested feature set, as engineers we should maintain good data standards and store:

• who deleted it
• how they deleted it (with what permission)
• when
• why (surrounding context, if possible)

In general, these are some useful fields to store on almost any table:

• created_at
• updated_at
• deleted_at (soft deletes)
• created_by etc
• permission used during CRUD

This practice will pay off with just a single instance of your boss popping into a meeting and going "wait do we know why that thing was deleted, the customer is worried...".

See also:

• 2022-10-17 YAGNI exceptions - lukeplant.me.uk

  • Applications of Zero One Many. If the requirements go from saying “we need to be able to store an address for each user”, to “we need to be able to store two addresses for each user”, 9 times out of 10 you should go straight to “we can store many addresses for each user”
  • Versioning. This can apply to protocols, APIs, file formats etc.
  • Logging. Especially for after-the-fact debugging, and in non-deterministic or hard to reproduce situations, where it is often too late to add it after you become aware of a problem.
  • Timestamps

2025-04-13 Engineers who won’t commit | sean goedecke { www.seangoedecke.com }

found in 2025-04-13 Microsoft's original source code { programmingdigest.net }

Tags: #EngineeringLeadership #DecisionMaking #TechnicalResponsibility #SoftwareEngineering #TeamDynamics #ProfessionalGrowth #RiskManagement #WorkplaceCulture #ManagerExpectations #ConfidenceInTech

Strong engineers must take positions in technical discussions, even with partial confidence, to guide teams effectively and prevent poor decisions.

• Remaining non-committal can lead to less-informed individuals making critical decisions, potentially resulting in suboptimal outcomes.
• Fear of being wrong often drives engineers to avoid commitment, but this behavior can be perceived as cowardice and may burden others with decision-making responsibilities.
• Managers prefer engineers who provide decisive input; excessive caveats can frustrate leadership and shift decision-making burdens upward.
• While making incorrect decisions occasionally is acceptable, consistently avoiding commitment can damage credibility and trust.
• In dysfunctional environments where estimates are penalized unfairly, reluctance to commit is understandable and not criticized.

This article underscores the importance of decisive leadership in engineering roles, highlighting how taking informed stances fosters trust and drives effective team outcomes.

2025-04-12 But what if I really want a faster horse? | exotext { rakhim.exotext.com }

2025-04-08 Why Companies Don’t Fix Bugs { idiallo.com }

Tags: corporate bureaucracy, bug fixing, software development, technical debt, product management, legacy code, developer priorities, user experience, corporate inertia, software maintenance

Companies often neglect fixing longstanding software bugs due to bureaucratic hurdles and shifting priorities.

• Bugs not tied to immediate business objectives are deprioritized as "tech debt" and added to the backlog.
• High staff turnover leads to loss of institutional knowledge, causing unresolved issues to become relics of the past.
• Fear of unintended consequences in legacy systems deters developers from implementing even simple fixes, as "the risk of breaking something far outweighs the reward of fixing a non-critical bug."
• Financial incentives focus on new features over user experience improvements, as companies "optimize for metrics that show up on quarterly earnings calls, not for goodwill or user experience."

This article highlights the systemic challenges within large organizations that hinder effective software maintenance, emphasizing that the issue lies in "the system that treats user experience as an afterthought."

🛠️ How the things work​

2025-04-15 MCCC: Probability - Monte Carlo Crash Course { thenumb.at }

Tags: Probability, Random Variables, PMF, PDF, CDF, Joint Distributions, Expectation, Variance, Covariance, Dirac Delta

The article provides a comprehensive overview of continuous probability concepts, contrasting them with discrete probability, and explores foundational topics essential for understanding probabilistic models.

• Introduces random variables, distinguishing between discrete (countable outcomes) and continuous (uncountable outcomes) variables
• Explains the difference between probability mass functions (PMFs) and probability density functions (PDFs)
• Discusses cumulative distribution functions (CDFs) and their relation to PDFs
• Covers joint and marginal distributions, and the concept of dependence
• Defines expectation, variance, and covariance with mathematical clarity
• Introduces the Dirac delta function for modeling point probabilities in continuous distributions

This article is valuable for building a strong foundation in probability theory, especially for advanced applications in statistics and data science.

2025-04-14 jlevy/og-equity-compensation: Stock options, RSUs, taxes — read the latest edition: www.holloway.com/ec { github.com }

Tags: #EquityCompensation #StockOptions #RestrictedStockUnits #TaxImplications #StartupEquity #EmployeeOwnership #VestingSchedules #83bElection #Dilution #PrivateCompanies

A comprehensive guide demystifying equity compensation, providing essential insights into stock options, RSUs, and their tax implications for employees and employers in private U.S. companies.

• Explains various equity types: restricted stock, stock options (ISOs and NSOs), and RSUs, detailing their structures and differences
• Discusses vesting schedules, including cliffs and acceleration clauses, and their impact on ownership and taxation
• Highlights tax considerations, such as the 83(b) election, AMT, and timing of exercises, emphasizing potential financial consequences
• Addresses the significance of fair market value (FMV) and 409A valuations in determining equity worth and tax liabilities
• Provides guidance on evaluating equity offers, understanding dilution, and making informed decisions during fundraising events
• Emphasizes the importance of seeking professional advice and understanding legal documents to avoid costly mistakes

This guide is crucial for anyone involved in startup equity, offering clarity on complex topics and aiding in making informed financial and career decisions.

Equity compensation is the practice of granting partial ownership in a company in exchange for work. In its ideal form, equity compensation aligns the interests of individual employees with the goals of the company they work for, which can yield dramatic results in team building, innovation, and longevity of employment. Each of these contributes to the creation of value—for a company, for its users and customers, and for the individuals who work to make it a success.

👂 The Ear of AI (LLMs)​

2025-05-28 How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation – Sean Heelan's Blog { sean.heelan.io }

Using OpenAI’s o3 model, the author discovered CVE-2025-37899, a previously unknown use-after-free vulnerability in the Linux kernel’s SMB implementation, specifically in the ksmbd logoff handler. This bug arises when concurrent threads access a shared sess->user structure: one thread frees it during session logoff without proper synchronization, while another may still access it, leading to memory corruption or a denial of service. Remarkably, this finding emerged not from advanced agentic frameworks, but through straightforward API use, highlighting o3’s emergent capability in reasoning about complex concurrency issues in kernel code.

As part of evaluating o3, the author benchmarked it against another known use-after-free bug in the Kerberos authentication path (CVE-2025-37778). While o3 found this bug in 8 out of 100 runs (compared to Claude Sonnet 3.7's 3/100), it also surfaced the novel CVE-2025-37899 when analyzing all SMB command handlers together. This discovery suggests LLMs like o3 are beginning to deliver meaningful, non-trivial insights in real-world vulnerability research and could significantly augment expert workflows despite current false positive rates.

What is also interesting:

• If you’re interested, the code to be analysed is here as a single file, created with the files-to-prompt tool.
• The final decision is what prompt to use. You can find the system prompt and the other information I provided to the LLM in the .prompt files in this Github repository.
• To run the query I then use the llm tool (github) like:

LLM vulnerability research, Linux kernel, ksmbd, CVE-2025-37899, use-after-free, concurrency, o3 model, SMB protocol

2025-05-23 The /llms.txt file – llms-txt { llmstxt.org }

A proposal to standardise on using an /llms.txt file to provide information to help LLMs use a website at inference time.

2025-05-23 https://svelte.dev/llms.txt { svelte.dev }

# Svelte Documentation for LLMs

> Svelte is a UI framework that uses a compiler to let you write breathtakingly concise components that do minimal work in the browser, using languages you already know — HTML, CSS and JavaScript.

## Documentation Sets

- [Abridged documentation](https://svelte.dev/llms-medium.txt): A shorter version of the Svelte and SvelteKit documentation, with examples and non-essential content removed
- [Compressed documentation](https://svelte.dev/llms-small.txt): A minimal version of the Svelte and SvelteKit documentation, with many examples and non-essential content removed
- [Complete documentation](https://svelte.dev/llms-full.txt): The complete Svelte and SvelteKit documentation including all examples and additional content

## Individual Package Documentation

- [Svelte documentation](https://svelte.dev/docs/svelte/llms.txt): This is the developer documentation for Svelte.
- [SvelteKit documentation](https://svelte.dev/docs/kit/llms.txt): This is the developer documentation for SvelteKit.
- [the Svelte CLI documentation](https://svelte.dev/docs/cli/llms.txt): This is the developer documentation for the Svelte CLI.

## Notes

- The abridged and compressed documentation excludes legacy compatibility notes, detailed examples, and supplementary information
- The complete documentation includes all content from the official documentation
- Package-specific documentation files contain only the content relevant to that package
- The content is automatically generated from the same source as the official documentation

Copy

2025-05-04 Time saved by AI offset by new work created, study suggests - Ars Technica { arstechnica.com }

The study revealed that AI chatbots actually created new job tasks for 8.4 percent of workers, including some who did not use the tools themselves, offsetting potential time savings. For example, many teachers now spend time detecting whether students use ChatGPT for homework, while other workers review AI output quality or attempt to craft effective prompts.

2025-04-30 PhialsBasement/Chain-of-Recursive-Thoughts { github.com }

Tags: #AIReasoning #RecursiveThinking #SelfEvaluation #CoRT #Mistral3.1 #OpenSourceAI #PromptEngineering #AIEnhancement #IterativeRefinement #AIProgramming

I made my AI think harder by making it argue with itself repeatedly. It works stupidly well

CoRT enhances AI performance by enabling recursive self-evaluation and selection among generated responses.

• CoRT (Chain of Recursive Thoughts) prompts AI models to iteratively generate multiple responses, evaluate them, and select the most suitable one.
• The process involves the AI determining the number of "thinking rounds" needed, generating three alternative responses per round, evaluating all responses, and selecting the best one.
• This method was tested with Mistral 3.1 24B, resulting in significant improvements in programming tasks.
• The repository includes a web UI for user interaction and is licensed under MIT, encouraging open-source collaboration.

2025-04-24 Pete Koomen { koomen.dev }

Tags: AI, software design, system prompts, user prompts, agent builders, automation, AI-native applications, email assistants, generative AI, prompt engineering, product design, LLM agents, user customization, productivity tools, software paradigms, AI integration, old world thinking, AI Slop, horseless carriages, agent tools, security models, prompt injection, user experience, task automation, personalization

I noticed something interesting the other day: I enjoy using AI to build software more than I enjoy using most AI applications--software built with AI.

When I use AI to build software I feel like I can create almost anything I can imagine very quickly. AI feels like a power tool. It's a lot of fun.

Many AI apps don't feel like that. Their AI features feel tacked-on and useless, even counter-productive.

Most AI features in today’s apps feel ineffective because they’re built on outdated assumptions about how software should work. Instead of rethinking design from the ground up, many teams just bolt AI onto traditional interfaces, leading to frustrating experiences like Gmail’s draft-writing assistant that produces stiff, formal emails no one would actually send. The problem isn’t that the AI models aren’t capable — it’s that the apps constrain them with one-size-fits-all instructions hidden from users.

A better approach is to let users define how these AI agents behave by writing and editing their own “System Prompts” — reusable instructions that teach the model to act in the user’s voice and style. This flips the traditional developer-user relationship on its head: instead of relying on fixed software behavior set by developers, users directly shape how their tools work. The essay argues that the most powerful AI products won’t be fixed agents but agent builders — platforms that help users easily create and maintain agents that automate the work they don’t want to do.

2025-04-22 matthewsinclair.com · Intelligence. Innovation. Leadership. Influence. { matthewsinclair.com }

LLM powered coding tools are not replacements for developers but powerful exoskeletons that shift focus from mechanical typing to strategic vision: they shrink weeks of implementation into minutes while making clear that defining business intent and rigorous architectural oversight have never mattered more. In my view seasoned engineers who treat AI as a collaborative partner (delegating boilerplate patterns while personally steering novel or high stakes components) will outperform both solo humans and stand alone AI by harnessing combined strategic judgment and computational horsepower. This centaur style collaboration proves that tomorrow’s top developers will distinguish themselves not by typing speed but by architectural thinking, pattern recognition and the confidence to scrap and rewrite code whenever required.

2025-04-20 Vibe Coding is not an excuse for low-quality work { addyo.substack.com }

Tags: #AI_Coding #Vibe_Coding #Code_Quality #Technical_Debt #Software_Maintenance #AI_Generated_Code #Developer_Responsibility #Code_Review #Software_Engineering #AI_Tools

AI-generated code, while efficient, must be critically evaluated to prevent the accumulation of technical debt and ensure maintainable, high-quality software.

• "Vibe coding," which involves using AI to generate code based on minimal prompts, can lead to fragile and unmaintainable software if not properly managed
• Neglecting thorough testing and review of AI-generated code increases the risk of introducing bugs and security vulnerabilities
• Developers should not rely solely on AI outputs; instead, they must apply their expertise to validate and refine the code
• Proper documentation and understanding of AI-generated code are essential to facilitate future maintenance and scalability

This article is important as it underscores the necessity of maintaining professional standards in software development, even when leveraging advanced AI tools, to ensure the delivery of reliable and sustainable software solutions.

2025-04-20 Claude Code Best Practices \ Anthropic { www.anthropic.com }

Tags: Claude Code, agentic coding, best practices, CLAUDE.md, prompt engineering, context management, tool configuration, iterative workflows, AI coding assistants, Anthropic

Claude Code is a flexible command-line tool designed for agentic coding, offering customizable workflows and deep integration with project-specific contexts.

• Utilize CLAUDE.md files to provide Claude with essential project information, such as common commands, code style guidelines, and testing instructions
• Strategically place CLAUDE.md files in directories to ensure relevant context is automatically included during sessions
• Regularly refine CLAUDE.md content to enhance instruction adherence, employing emphasis techniques like "IMPORTANT" or "YOU MUST" for critical guidelines
• Leverage the '#' command to dynamically update CLAUDE.md files during development, facilitating real-time documentation
• Configure Claude's tool access to align with project requirements, ensuring safe and efficient operations
• Incorporate planning steps before code generation by instructing Claude to outline its approach, allowing for review and adjustments
• Use the Escape key to interrupt Claude's processes, preserving context and enabling redirection or modification of tasks

This article is significant as it provides practical strategies for optimizing the use of Claude Code, enhancing productivity and collaboration in software development environments.

2025-04-20 Celery App | Codebase2Tutorial { the-pocket.github.io }

Turns Codebase into Easy Tutorial Ever stared at a new codebase written by others feeling completely lost? This project analyzes GitHub repositories and creates beginner-friendly tutorials explaining exactly how the code works - all powered by AI! Our intelligent system automatically breaks down complex codebases into digestible explanations

2025-04-15 Stevens: a hackable AI assistant using a single SQLite table and a handful of cron jobs { www.geoffreylitt.com }

Tags: #AI_Assistant #SQLite #Cron_Jobs #ValTown #LLM_Integration #Telegram_Bot #Personal_Productivity #Simple_AI_Architecture #Data_Aggregation #Custom_Tools

Geoffrey Litt developed a personal AI assistant, "Stevens," using a single SQLite table and cron jobs to manage daily tasks and communications.

• Stevens compiles daily briefs—including calendar events, weather forecasts, mail notifications, and reminders—sent via Telegram
• The system operates on Val.town, utilizing its capabilities for storage, scheduling, and communication
• A single SQLite table, termed the "notebook," stores all relevant data entries, both dated and undated
• Data is ingested through various importers: Google Calendar API, weather API, OCR-processed USPS mail, and user inputs via Telegram or email
• The Claude API generates the daily brief, incorporating relevant entries from the notebook
• The architecture is designed for easy extensibility, allowing additional data sources to be integrated seamlessly

This article illustrates how a minimalist approach can yield a functional and customizable AI assistant, emphasizing the potential of combining simple tools with thoughtful design.

2025-04-07 Recent AI model progress feels mostly like bullshit — LessWrong { www.lesswrong.com }

Tags: AI progress, AI benchmarks, AI applications, AI limitations, AI industry, AI startups, AI evaluation, AI generalization, AI model performance

Recent AI model advancements appear impressive in benchmarks but show limited practical improvement in real-world applications.

• Newer AI models (like GPT-4) often do not outperform older ones (like GPT-3.5) in startup use-cases.
• Benchmark improvements may reflect training on benchmarks rather than genuine generalization.
• Suspicion that OpenAI might train directly on benchmark datasets, leading to overfitting.
• Models seem to do better at pretending to know things, not actually knowing them better.
• Economic productivity and value-add from newer models are not clearly increasing.
• The field may be overhyping progress based on synthetic or cherry-picked metrics.
• There's growing concern over whether current AI evaluation tools are meaningful for real-world deployment.
• GPT-4 performance in many tasks is mostly identical to GPT-3.5 in business settings.
• Many claims about major leaps forward are contradicted by practical user experience.

This article is important as it challenges dominant narratives about AI progress and raises critical questions about how we measure and interpret advancement in the field.

🗿 X-Files: The Monolith​

2025-05-10 Monolith Tracker | Monolith Tracker { monolithtracker.com }

2025-05-10 The Mystery Of The Utah Monolith - YouTube { www.youtube.com }

2025-05-10 Maps Show Where Mysterious Monoliths Have Popped Up Around World - Newsweek { www.newsweek.com }

Fun / Retro​

2025-05-23 Building and using GCC 0.9 aka the first public version | Virtually Fun { virtuallyfun.com }

In my quest for old software, I’ve seen this file in multiple searches, gcc-0.9.tar.bz2, which is the first version of GCC!

dzharii.github.io/static/ftp/gnu1988.tar.bz2 at master · dzharii/dzharii.github.io

huangguiyang/gcc-0.9: The first available release, on March 22, 1987.

However in the same location as GCC is this file gnu1988.tar.bz2 which contains all of the current GNU software of 1988! And what is on that tape?

2025-05-03 Home - Marketoonist | Tom Fishburne { marketoonist.com }

2025-04-22 maurymarkowitz/101-BASIC-Computer-Games { github.com }

Type-in programs from the original 101 BASIC Computer Games, in their original DEC and Dartmouth dialects. No, this is not the same as BASIC Computer Games.

2025-04-22 maurymarkowitz/RetroBASIC: BASIC interpreter in lex/yacc/c, designed to run practically any early program no matter the dialect - HP, DEC, Dartmouth and others will all run in RetroBASIC. { github.com }

2025-04-15 tariff · PyPI { pypi.org }

Make importing great again! A parody package that imposes tariffs on Python imports.

See also: samshadwell/TrumpScript: Make Python great again { github.com }

2025-04-15 JSLinux { www.bellard.org }

Run Linux or other Operating Systems in your browser!

The following emulated systems are available:

2025-04-14 ZXSpectrumVault/zx-fonts: Bitmap fonts extracted from ZX Spectrum games { github.com }

2025-04-14 GitHub - damieng/pixelworld: ZX Spectrum bitmap font tools. {github.com}

Nice, the command pw.exe chead "Ace of Aces (1986)(U.S.ch8"

Will create C header file, like:

    0x00, 0x6c, 0xc6, 0xc6, 0xee, 0xc6, 0xc6, 0x00, // A 
    0x00, 0xdc, 0xc6, 0xfc, 0xc6, 0xc6, 0xfc, 0x00, // B 
    0x00, 0x6c, 0xc6, 0xc0, 0xc0, 0xc6, 0x6c, 0x00, // C 
    0x00, 0xdc, 0xc6, 0xc2, 0xc2, 0xc6, 0xdc, 0x00, // D 
    0x00, 0xde, 0xc0, 0xfc, 0xc0, 0xc0, 0xde, 0x00, // E 
    0x00, 0xde, 0xc0, 0xfc, 0xc0, 0xc0, 0xc0, 0x00, // F 
    0x00, 0x6c, 0xc6, 0xc0, 0xce, 0xc6, 0x6c, 0x00, // G 
    0x00, 0xc6, 0xc6, 0xde, 0xc6, 0xc6, 0xc6, 0x00, // H 
    0x00, 0x7e, 0x18, 0x18, 0x18, 0x18, 0x7e, 0x00, // I 
    0x00, 0x06, 0x06, 0x06, 0xc6, 0xc6, 0x6c, 0x00, // J 
    0x00, 0xcc, 0xd8, 0xf0, 0xd8, 0xcc, 0xc6, 0x00, // K 
    0x00, 0xc0, 0xc0, 0xc0, 0xc0, 0xc0, 0xfe, 0x00, // L 
    0x00, 0xc2, 0x66, 0x98, 0xc2, 0xc6, 0xc6, 0x00, // M 
    0x00, 0xc6, 0x66, 0x96, 0xca, 0xc4, 0xc2, 0x00, // N 
    0x00, 0x28, 0xc6, 0xc6, 0xc6, 0xc6, 0x28, 0x00, // O 
    0x00, 0xec, 0xc6, 0xc6, 0xec, 0xc0, 0xc0, 0x00, // P 
    0x00, 0x6c, 0xc6, 0xc6, 0xd6, 0xca, 0x6c, 0x04, // Q 
    0x00, 0xec, 0xc6, 0xc6, 0xec, 0xcc, 0xc6, 0x00, // R 

2025-04-11 🚨🚨 That's a lot of YAML 🚨🚨 { noyaml.com }

2025-03-30 Claim for a missing tooth { tf230.matteason.co.uk }

2025-03-30 winblues/blue95: A desktop for your childhood home's computer room { github.com }

Blue95 is a modern and lightweight desktop experience that is reminiscent of a bygone era of computing. Based on Fedora Atomic Xfce with the Chicago95 theme.

For more screenshots, see screenshots.md.

2025-03-20 ading2210/doompdf: A port of Doom (1993) that runs inside a PDF file { github.com }

This is a Doom source port that runs inside a PDF file.

Play it here: doom.pdf

2025-03-20 cznic / doomgeneric · GitLab { gitlab.com }

After DOOM was ported to javascript and even made to run inside a PDF document, the time has come for a Go port, don't you think?

This is a CGo-free port of doomgeneric using ccgo/v4.

It is just a proof of concept. Supports only a few Linux/X11 targets. No sound. No plans to work on it more. Merge requests are welcome, though!

2025-02-28 Michigan TypeScript Founder Successfully Runs Doom Inside Ty... { socket.dev }

(found in JavaScript Weekly Issue 725: February 28, 2025 { javascriptweekly.com })

A curious quirk of TypeScript’s type system is that it is Turing-complete which has led some developers to implement apps entirely in the type system. One such developer has spent eighteen months producing 177 terabytes of types to get 1993’s Doom running with them. Ridiculous and amazing in equal measure, he ▶️ explains the project in this widely lauded 7-minute video.

2025-02-23 CEO Simulator: Startup Edition { ceosimulator.vercel.app }

Good Reads​

📌 2025-02-24 Death of a thousand nits — Bitfield Consulting { bitfieldconsulting.com }

#codereview #collaboration #peersupport

(found in 2025-02-24 A calculator app? { programmingdigest.net })

Code review often feels like a minefield, sparking friction and conflict. But there’s a better way. Instead of rigid comments through software, engage in real-time, face-to-face discussions. This human touch helps diffuse tension and builds trust. Imagine a dynamic duo: one writes code while the other offers instant feedback, cutting down misunderstandings.

When reviewing textually, be mindful. Don’t nitpick style. Instead, frame comments to add value. Questions and suggestions work better than criticisms. Highlight what’s right, too; positive reinforcement matters. If you’re feeling hurt by feedback, remember that it’s often well-intentioned. Moving past ego, and embracing constructive dialogue, leads to superior code and stronger relationships.

Mastering this art isn’t just about writing better code; it’s about being the teammate you’d want to work with. Understanding people and relationships is key. With kindness, respect, and genuine collaboration, you can transform code review from a dreaded chore into a meaningful, productive experience.

A good way to think about code review is as a process of adding value to existing code. So any comment you plan to make had better do exactly that. Here are a few ways to phrase and frame the different kinds of reactions you may have when reviewing someone else’s code:

• Not my style. Everyone has their own style: their particular favourite way of naming things, arranging things, and expressing them syntactically. If you didn’t write this code, it won’t be in your style, but that’s okay. You don’t need to comment about that; changing the code to match your style wouldn’t add value to it. Just leave it be.
• Don’t understand what this does. If you’re not sure what the code actually says, that’s your problem. If you don’t know what a particular piece of language syntax means, or what a certain function does, look it up. The author is trying to get their work done, not teach you how to program.
• Don’t understand why it does that. On the other hand, if you can’t work out why the code says what it says, you can ask a question: “I’m not quite clear what the intent of this is. Is there something I’m not seeing?” Usually there is, so ask for clarification rather than flagging it as “wrong”.
• Could be better. If the code is basically okay, but you think there’s a better way to write it that’s not just a style issue, turn your suggestion into a question. “Would it be clearer to write…? Do you think X is a more logical name for…? Would it be faster to re-use this variable, or doesn’t that matter here?”
• Something to consider. Sometimes you have an idea that might be helpful, but you’re not sure. Maybe the author already thought of that idea and rejected it, or maybe they just didn’t think of it. But your comment could easily be interpreted as criticism, so make it tentative and gentle: “It occurred to me that it might be a slight improvement to use a sync.Pool here, but maybe that’s just overkill. What do you think?”
• Don’t think this is right. If it seems to you like the code is incorrect, or shouldn’t be there, or there’s some code missing that should be there, again, make it a question, not a rebuke. “Wouldn’t we normally want to check this error? Is there some reason why it’s not necessary here?” If you’re wrong, you’ve left yourself a graceful way to retreat. If you’re right, you’ve tactfully made a point without making an enemy.
• Missed something out. The code is fine as far as it goes, but there are cases the author hasn’t considered, or some important issues they’re overlooking. Use the “yes, and…” technique: “This looks great for the normal case, but I wonder what would happen if this input were really large, for example? Would it be a good idea to…?”
• This is definitely wrong. The author has just made a slip, or there’s something you know that they don’t know. This is your opportunity to enlighten them, with all due kindness and humility. Don’t just rattle off what’s wrong; take the time to phrase your response carefully, gracefully. Again, use questions and suggestions. “It looks like we log the error here, but continue anyway. Is it really safe to do that, if the result is nil? What do you think about returning the error here instead?”

2025-04-06 Ten Rules for Negotiating a Job Offer - haseeb qureshi { haseebq.com }

Tags: job negotiation, employment offers, negotiation strategies, career advice, salary negotiation, job market dynamics, offer evaluation, negotiation skills, employment agreements, professional development

The ten rules of negotiating

I’ve tried to boil down negotiation to ten rules. The rules, in order of appearance, are:

1. Get everything in writing
2. Always keep the door open
3. Information is power
4. Always be positive
5. Don’t be the decision maker
6. Have alternatives
7. Proclaim reasons for everything
8. Be motivated by more than just money
9. Understand what they value
10. Be winnable

We’ll only get through some of these in this blog post, and the rest will appear in the second part. But I’ll explain each rule as we get to it.

So let’s start from the top and try to walk through a negotiation process from the very beginning. For most, that starts when you receive an offer.

2025-04-03 Are People Bad At Their Jobs....or Are The Jobs Just Bad? { annehelen.substack.com }

Tags: #WorkplaceCulture, #JobSatisfaction, #EmployeePerformance, #ManagementIssues, #WorkEnvironment, #OrganizationalBehavior, #Productivity, #WorkplaceDynamics, #JobDesign, #EmployeeEngagement

Many workers seem bad at their jobs not because of personal incompetence, but because their roles are poorly designed and embedded in dysfunctional systems.

• Poorly structured environments and unclear expectations hinder job performance.
• Mismanagement often exacerbates inefficiencies across organizations.
• Systemic organizational flaws can demoralize and disengage employees.

---

"Are people bad at their jobs—or are their jobs bad to begin with?"

"If everyone seems bad at their job, maybe it’s the job that’s broken."

"We blame individuals for structural problems because blaming the system feels too big, too overwhelming, too immovable."

"It is easier to think someone is lazy than to examine how they’ve been set up to fail."

2025-03-22 Career Development: What It Really Means to be a Manager, Director, or VP - Kellblog { kellblog.com }

Tags: career_growth, management_levels, VP_roles, leadership, executive_accountability, results_driven

• Managers are paid to drive results with some support. They have experience in the function, can take responsibility, but are still learning the job and will have questions and need support. They can execute the tactical plan for a project but typically can’t make it.

• Directors are paid to drive results with little or no supervision (“set and forget”). Directors know how to do the job. They can make a project’s tactical plan in their sleep. They can work across the organization to get it done. I love strong directors. They get shit done.

• VPs are paid to make the plan. Say you run marketing. Your job is to understand the company’s business situation, make a plan to address it, build consensus to get approval of that plan, and then go execute it.

2025-03-21 Unionize.fyi { unionize.fyi }

Tech Industry, Burnout, Unionizing, Job Security, Agile Methodology, Work-Life Balance, Ethics in Tech, Hacker Ethos, Innovation, Gig Economy, Mindfulness, Non-Compete Clauses, Tech Layoffs, Workers Rights, Alphabet Workers Union, Organizing, Surveillance Tech, Data Mining, AI Ethics, Industry Culture.

We’re living in a world where billion dollar tech companies expect us to live and breathe code, demanding 80 hour weeks under the guise of "passion." And what do we get in return? Burnout, anxiety, and the constant threat of layoffs. It’s time to face facts: this industry is not your friend. It’s a machine, and unless we start organizing, it’s going to keep grinding us down. It’s time to talk about unionizing tech jobs.

2025-03-18 Breaking Up with On-Call · { reflector.dev }

on-call, startups, big-tech, AI, culture

On-call responsibilities in big tech have grown into a culture of reactive firefighting, where engineers babysit unreliable systems instead of improving their robustness. In startups, limited resources create similar roles, but with a focus on direct problem-solving. Big companies, however, normalize and entrench on-call practices, rewarding band-aid solutions over systemic fixes, leading to declining software quality.

The incentives in big tech favor quick feature delivery and measurable outcomes over long-term maintenance and ownership. Engineers cycle through projects without fully addressing technical debt, while management prioritizes metrics that showcase immediate progress. This creates a loop of short-term fixes and neglect of robust design, resulting in on-call roles that never end.

AI has potential to reshape on-call by automating mundane tasks like finding related issues or allocating responsibilities. Properly integrated, AI tools can help engineers focus on meaningful work by reducing repetitive efforts. However, a cultural shift is necessary to make on-call the exception, not the norm, fostering better engineering practices and happier teams.

2025-03-16 Image Processing in C Second Edition pdf

2025-03-10 "You need to be more strategic" — a primer on strategy for software engineers | Writing by Dan Pupius { writing.pupius.co.uk }

strategy, softwareengineering, decisionmaking, frameworks, leadership

Being more strategic as a software engineer isn't about long-term planning or big decisions; it's about creating a framework that guides daily decision-making. Strategy defines a path forward and clarifies trade-offs—what to prioritize and what to avoid—to align with core objectives. For example, improving system reliability might involve focusing on end-to-end automated tests rather than slowing down releases. A good strategy shapes decisions and narrows options, providing clarity on what actions to take.

Three useful frameworks can help in thinking strategically. Rumelt's Kernel breaks strategy into diagnosis (identifying the core challenge), guiding policy (deciding the approach), and coherent actions (steps aligning with the policy). The "Playing to Win" framework asks five critical questions about aspirations, focus areas, unique approaches, necessary capabilities, and management systems. This helps clarify priorities and connect technical work to business goals. McKinsey's Three Horizons framework helps balance immediate needs with long-term goals, encouraging work across short-term optimization, emerging opportunities, and future capabilities.

Being strategic means creating systems for how decisions are made, not just making decisions. These frameworks help diagnose problems, define winning strategies, and balance immediate and future needs. However, even great strategies require solid execution and tactical follow-through to succeed.

(found in Programming Digest: Email Newsletter)

2025-03-04 Should managers still code? {theengineeringmanager.substack.com}

management, engineering, coding, leadership, insights

I stay close to the code without being the main coder. I make sure I understand our codebase, dig into code reviews, and even pair program when it benefits the team. My focus is on guiding and supporting others rather than writing every line myself.

I handle tasks that only I can manage—like setting strategy, hiring, and building our culture—while letting experts lead in writing code. I jump into coding when it helps solve problems or steer the team in the right direction.

I reserve dedicated time to work hands-on with the code. This balance keeps my skills sharp and reinforces my leadership, ensuring that I contribute meaningfully while empowering the team to produce great work.

2025-03-03 Your workplace isn't your family

Your manager is not your friend. Your coworkers are not your family. And that 'open-door policy' by HR is a trap.

As an employment attorney who spent 3 years in corporate, I've seen the same story play out hundreds of times:

• Employee shares exciting pregnancy news at 3 months → Terminated weeks later, before paperwork is filed

• Employee mentions putting a down payment on their dream home → Let go before mortgage approval

• Employee discusses caring for a dying parent → Suddenly put on a performance improvement plan

• Employee confides in their "work bestie" about a job search → Management finds out, terminates them first

Here's the pattern I've discovered after helping countless employees:

Companies often strike when you're most vulnerable. When you're distracted by personal challenges. When you're less likely to fight back.

The hard truth...

They count on your emotional state to minimize legal risk.

Protect yourself:

1. Be strategic about what you share at work.

2. Document everything—reviews, emails, policy violations—but follow security protocols.

3. Get everything in writing—follow up verbal conversations with email.

4. Wait until necessary to disclose personal situations.

5. Delay major announcements until protections are in place.

6. Keep job searches private—coworkers aren’t your confidants.

7. Know your rights and consult an attorney if needed.

Remember: Your vulnerability is their opportunity.

Your career survival depends on maintaining clear boundaries.

Follow for more corporate tactics exposed by a former insider.

Disclaimer: This information is for educational purposes only and does not replace professional legal advice. It does not establish an attorney-client relationship.

🛠️ How the things work​

Wow I haven't seen this category for years!

2025-03-15 IO devices and latency — PlanetScale { planetscale.com }

Here, we're going to cover the history, functionality, and performance of non-volatile storage devices over the history of computing, all using fun and interactive visual elements. This blog is written in celebration of our latest product release: PlanetScale Metal. Metal uses locally attached NVMe drives to run your cloud database, as opposed to the slower and less consistent network-attached storage used by most cloud database providers. This results in a blazing fast queries, low latency, and unlimited IOPS. Check out the docs to learn more.

2025-03-15 Datacenter Anatomy Part 2 – Cooling Systems – SemiAnalysis { semianalysis.com }

Electron no more!​

2025-03-18 The Wails Project | Wails { wails.io }

Build beautiful cross-platform applications using Go

Wails v2 turns what used to be tedious and painful into a delightfully simple process. Use the tools you know to create cross-platform desktop apps. Everyone wins!

2025-03-18 Tauri 2.0 | Tauri { tauri.app }

Tauri 2.0 is a framework designed for creating small, fast, and secure cross-platform applications. It supports a wide range of operating systems, including Linux, macOS, Windows, Android, and iOS, enabling developers to build from a single codebase. Tauri is frontend-independent, allowing integration with any web stack, and uses inter-process communication to seamlessly combine JavaScript for the frontend and Rust for application logic. It prioritizes security, optimizes for minimal application size (as small as 600KB), and leverages Rust's performance and safety features to provide next-generation app solutions.

Tags: cross-platform-development, secure-applications, Rust, frontend-agnostic, inter-process-communication, performance-optimization, small-app-size, multi-platform-support, software-engineering-framework

👂 The Ear of AI (LLMs)​

🗨️ try to google / bing / ddg for "ear of AI"

2025-04-07 The “S” in MCP Stands for Security | by Elena Cross | Apr, 2025 | Medium { elenacross7.medium.com }

Tags: MCP, AI security, Model Context Protocol, command injection, tool poisoning, remote code execution, LLM vulnerabilities, agent security, tool integrity, session security

MCP (Model Context Protocol) lacks default security measures, exposing AI agents to risks like command injection and tool poisoning.

• Command Injection Vulnerabilities: Unsafe shell calls in MCP servers can lead to remote code execution.
• Tool Poisoning Attacks: Malicious instructions hidden in tool descriptions can manipulate AI behavior.
• Silent Redefinition: MCP tools can alter their definitions post-installation, potentially rerouting API keys to attackers.
• Cross-Server Tool Shadowing: Malicious servers can override or intercept calls to trusted servers, leading to data exfiltration.

This article highlights critical security gaps in MCP, emphasizing the need for robust security protocols in AI integrations.

2025-04-01 Get the hell out of the LLM as soon as possible | sgnt.ai { sgnt.ai }

Tags: LLMs, business logic, application development, decision-making, performance, debugging, testing, state management, security, AI limitations

Large Language Models (LLMs) should serve as interfaces, not handle core application logic or decision-making.

• LLMs are inefficient at tasks requiring precision, like maintaining state or performing calculations.
• Debugging LLMs is difficult due to opaque reasoning.
• Testing outputs lacks the rigor of traditional unit tests.
• LLMs are prone to mathematical errors and can't reliably generate randomness.
• Versioning and audit trails are harder with LLM-driven logic.
• Monitoring becomes complex with prompt-based execution.
• Managing state via language inputs is fragile.
• Using LLMs increases costs and dependency on API limits.
• Prompt-based control blurs traditional security models.
• Best use: converting user input to structured API calls and back.

This article is a critical read for developers navigating LLM integration, offering a grounded approach to maintaining application integrity and performance.

2025-04-01 Sergey's Blog { www.sergey.fyi }

Tags: AI agents, reliability, capability, AI applications, AI limitations, AI development, AI ethics, AI safety, AI trustworthiness, AI performance

AI agents should prioritize reliability over expanding capabilities to ensure consistent and trustworthy performance.

• Focusing on reliability enhances user trust and safety
• Overemphasis on capability can lead to unpredictable outcomes
• Balancing both aspects is crucial for effective AI development

This article highlights the importance of dependable AI systems in real-world applications.

2025-03-30 stuzero/pg-mcp { github.com }

A Model Context Protocol (MCP) server for PostgreSQL databases with enhanced capabilities for AI agents.

2025-03-30 simonw/llm: Access large language models from the command-line { github.com }

A CLI utility and Python library for interacting with Large Language Models, both via remote APIs and models that can be installed and run on your own machine.

Run prompts from the command-line, store the results in SQLite, generate embeddings and more.

Consult the LLM plugins directory for plugins that provide access to remote and local models.

Full documentation: llm.datasette.io

2025-03-24 Improving Recommendation Systems & Search in the Age of LLMs { eugeneyan.com }

Tags: recommendation systems, search systems, large language models, LLM integration, multimodal content, data generation, training paradigms, unified frameworks, Semantic IDs, M3CSR

Integrating large language models (LLMs) and multimodal content enhances recommendation and search systems, tackling challenges like cold-start issues and long-tail item recommendations.

• Semantic IDs: YouTube replaces traditional hash-based IDs with content-derived Semantic IDs using a transformer-based video encoder and Residual Quantization Variational AutoEncoder (RQ-VAE), improving performance, especially for new or rarely interacted items.
• M3CSR Framework: Kuaishou generates multimodal content embeddings (text, image, audio), clusters them with K-means into trainable category IDs, turning static embeddings into dynamic, behavior-aligned representations.
• LLM-Assisted Data Generation: LLMs generate synthetic data to augment training datasets, increasing robustness and performance.
• Scaling Laws and Transfer Learning: Applying these principles enables better generalization and task adaptability across recommendation/search models.
• Unified Architectures: Combining search and recommendation systems into shared frameworks simplifies development and boosts consistency in user experience.

This article is important for its clear breakdown of how cutting-edge techniques are reshaping recommendation and search systems, offering actionable insights for future system design.

2025-04-06 Exploring Generative AI { martinfowler.com }

By Birgitta Böckeler

Generative AI tools are increasingly integrated into software development, especially agentic tools that not only suggest code but act on it. While promising, these tools require experienced developers to supervise and guide them.

Agentic tools often fail in three key ways:

• Time-to-commit missteps: AI produces incorrect or non-compiling code, misdiagnoses issues, or hallucinates plausible but wrong solutions.
• Iteration-level disruptions: The AI misinterprets requirements, implements features too broadly, or ignores team workflows, hindering collaboration.
• Long-term maintainability issues: Generated code lacks reuse, introduces duplication, and accumulates technical debt due to poor architectural awareness.

These tools lack contextual understanding—of architecture, naming, intent—which developers must still provide. Prompting helps, but it doesn't replace engineering judgment.

Agentic AI isn't a replacement for developers but a tool that, like a junior teammate, needs oversight. Its value depends on the skill of the person wielding it.

(New GPT 4o based Create Image in ChatGPT Plus:)

2025-03-20 AI Blindspots | AI Blindspots { ezyang.github.io }

Blindspots in LLMs I’ve noticed while AI coding. Sonnet family emphasis. Maybe I will eventually suggest Cursor rules for these problems.

• Stop Digging
• Black Box Testing
• Preparatory Refactoring
• Stateless Tools
• Bulldozer Method
• Requirements, not Solutions
• Use Automatic Code Formatting
• Keep Files Small
• Read the Docs
• Walking Skeleton
• Use Static Types
• Use MCP Servers
• Mise en Place
• Respect the Spec
• Memento
• Scientific Debugging
• The tail wagging the dog
• Know Your Limits
• Culture Eats Strategy
• Rule of Three

2025-03-13 Ben ۗ ☁️ on X: "Reverse Engineering OpenAI Code Execution to make it run C + JavaScript" / X { x.com }

2025-03-05 onyx-dot-app/onyx: Gen-AI Chat for Teams - Think ChatGPT if it had access to your team's unique knowledge. { github.com }

Onyx (formerly Danswer) is the AI platform connected to your company's docs, apps, and people. Onyx provides a feature rich Chat interface and plugs into any LLM of your choice. Keep knowledge and access controls sync-ed across over 40 connectors like Google Drive, Slack, Confluence, Salesforce, etc. Create custom AI agents with unique prompts, knowledge, and actions that the agents can take. Onyx can be deployed securely anywhere and for any scale - on a laptop, on-premise, or to cloud.

2025-03-03 OpenAdaptAI/OpenAdapt: Open Source Generative Process Automation (i.e. Generative RPA). AI-First Process Automation with Large ( Language (LLMs) / Action (LAMs) / Multimodal (LMMs) / Visual Language (VLMs)) Models { github.com }

OpenAdapt: AI-First Process Automation with Large Multimodal Models (LMMs). OpenAdapt is the open source software adapter between Large Multimodal Models (LMMs) and traditional desktop and web Graphical User Interfaces (GUIs).

Enormous volumes of mental labor are wasted on repetitive GUI workflows. Foundation Models (e.g. GPT-4, ACT-1) are powerful automation tools. OpenAdapt connects Foundation Models to GUIs

2025-03-03 Alkali-Sim/SmartestKid { github.com }

A Windows desktop AI assistant built in Python. Assistant (without tools) is ~1000 lines of python code, with super simple chat UI inspired by the original AI, SmarterChild. Uses Windows COM automation to interface with Microsoft Office (Word, Excel), Images, and your file system. Perfect for Windows users looking to explore AI-powered desktop automation.

2025-02-28 superglue-ai/superglue: Self-healing open source data connector. Use it as a layer between you and any complex / legacy APIs and always get the data that you want in the format you expect. { github.com }

self-healing open source data connector 🍯

superglue is a self-healing open source data connector. You can deploy it as a proxy between you and any complex / legacy APIs and always get the data that you want in the format you expect.

Here's how it works: You define your desired data schema and provide basic instructions about an API endpoint (like "get all issues from jira"). Superglue then does the following:

• Automatically generates the API configuration by analyzing API docs.
• Handles pagination, authentication, and error retries.
• Transforms response data into the exact schema you want using JSONata expressions.
• Validates that all data coming through follows that schema, and fixes transformations when they break.

Usual ML​

2025-04-05 2014 Understanding Machine Learning: From Theory to Algorithms { www.cs.huji.ac.il }

Free Online Copy

Understanding Machine Learning, © 2014 by Shai Shalev-Shwartz and Shai Ben-David

Published 2014 by Cambridge University Press

PDF of manuscript posted by permission of Cambridge University Press.

Users may download a copy for personal use only.

Not for distribution.

Download PDF

2025-03-22 2206.13446 Pen and Paper Exercises in Machine Learning { arxiv.org }

This is a collection of (mostly) pen-and-paper exercises in machine learning. The exercises are on the following topics: linear algebra, optimisation, directed graphical models, undirected graphical models, expressive power of graphical models, factor graphs and message passing, inference for hidden Markov models, model-based learning (including ICA and unnormalised models), sampling and Monte-Carlo integration, and variational inference.

2025-03-22 PyTorch internals : ezyang’s blog { blog.ezyang.com }

Tags: pytorch, cpp, internals, tensors, autograd, dispatch, storage, kernel, extension_points, contributions

2025-03-18 2503.02113 Deep Learning is Not So Mysterious or Different { arxiv.org }

neural_networks, generalization, overfitting, soft_bias, deep_learning

Deep learning isn’t as unique or mysterious as it’s often made out to be. Many phenomena like overparametrization, double descent, and benign overfitting—features commonly associated with neural networks—can be replicated in simpler models and explained with long-standing frameworks like PAC-Bayes. Instead of restricting the hypothesis space to prevent overfitting, it’s more effective to allow flexibility with a soft preference for simpler, data-aligned solutions.

Soft inductive biases are a powerful concept. They guide learning by favoring specific solutions without imposing strict limitations on the model’s expressiveness. For example, high-order polynomials with regularization or vision transformers' soft translation preferences outperform rigidly constrained models, bridging the gap between flexibility and precision. These biases drive better results across diverse data complexities and sizes.

Generalization in deep learning can be understood with ideas like compressibility, which ties a model's performance to its ability to represent data simply. PAC-Bayes bounds reveal that even overparametrized models generalize effectively by balancing training accuracy with solution simplicity. Deep learning’s real distinction lies in its representation learning capabilities and phenomena like mode connectivity, making it versatile and universal in problem-solving.

2025-03-13 Random Forest Algorithm with Machine Learning {www.analyticsvidhya.com}

2025-03-13 1407.7502 Understanding Random Forests: From Theory to Practice {arxiv.org}

2025-03-13 Random Forest | TDS Archive {medium.com}

2025-03-13 Random Forest Algorithm Clearly Explained! - YouTube {www.youtube.com}

2025-03-13 Random Forest {mlu-explain.github.io}

2025-03-11 How to Implement a Cosine Similarity Function in TypeScript for Vector Comparison | alexop.dev { alexop.dev }

cosine_similarity, vectors, typescript, ai, mathematics

Cosine similarity measures how similar two vectors are by examining the angle between them rather than their sizes. It focuses on direction, making it useful for comparing high-dimensional data like text embeddings. A score of 1 indicates vectors point in the same direction, 0 means they are perpendicular, and -1 shows they point in opposite directions. This technique is widely applied in AI for tasks like semantic search, recommendations, and content matching.

2025-03-11 Bloom Filter: A Deep Dive { www.kirupa.com }

data_structures, algorithms, bloom_filters, hash_functions, probabilistic_methods

A Bloom filter is a data structure that helps quickly determine if an element exists in a large dataset. It doesn’t store the actual data but instead uses a bit array and multiple hash functions to create a lightweight "fingerprint" for each item. This makes it both memory-efficient and fast, ideal for cases where speed and minimal storage are essential. However, it sacrifices perfect accuracy—while it can always confirm when an item isn’t in a dataset, it may produce false positives when indicating that an item is present.

⌚ Nice watch!​

2025-03-09 Thinking Like an Architect - Gregor Hohpe - NDC London 2025 - YouTube { www.youtube.com }

(gpt o3-mini summary)

THINKING LIKE AN ARCHITECT: ESSENTIAL LESSONS FROM GREGOR HOHPE

See the Whole Picture Gregor Hohpe urges us to step back from the minutiae and view the entire system. By focusing on the interactions and evolution of components, we can make design choices that serve long-term business goals rather than just immediate fixes.

Embrace Key Architectural Principles

• Modularity: Divide complex systems into smaller, independent parts for easier development and maintenance.
• Abstraction: Simplify complexity by hiding the details that aren’t crucial to the current discussion.
• Separation of Concerns: Keep different responsibilities distinct to reduce unwanted dependencies and improve clarity.

Balance Trade-Offs and Make Informed Decisions Every design choice involves trade-offs between performance, cost, complexity, and flexibility. Hohpe reminds us that there’s rarely a perfect solution—only the best balance for the situation at hand. Thoughtful evaluation prevents technical debt and supports future growth.

Communicate Clearly and Document Thoughtfully Great architecture emerges from collaboration. Transparent documentation of decisions, assumptions, and rationales keeps technical teams and business stakeholders aligned, paving the way for smooth implementation and ongoing improvement.

Learn from Real-World Examples Through practical case studies, Hohpe illustrates how sound architectural thinking addresses real challenges. These examples demonstrate that adaptability and creative problem-solving are crucial when systems evolve or requirements change unexpectedly.

Lead with Vision and Foster Continuous Improvement An effective architect does more than design systems—they act as a bridge between technology and business. By encouraging a culture of continuous learning and collaboration, architects inspire teams to innovate and adapt in a rapidly changing environment.

Final Thoughts "Thinking Like an Architect" is a call to adopt a strategic, big-picture approach. Whether you’re designing systems or part of a technical team, the key is to:

• Look beyond immediate challenges and consider future impacts.
• Communicate openly to ensure all stakeholders are on the same page.
• Continuously adapt and refine your approach to stay ahead of evolving requirements.

These insights empower you to build systems that not only meet today’s demands but also thrive in the future.

2025-03-09 Moved-from Objects in C++ - Jon Kalb - CppCon 2024 - YouTube { www.youtube.com }

1. C++ Philosophy: Uncompromised Performance

• Core Tenet: C++ is engineered to deliver maximum performance. Every language feature is designed so that, when not used, it incurs zero overhead; when used, it should incur no more cost than a hand‐crafted implementation.
• Trade-off with Safety: Safety features, like automatic checks or initializations, are often omitted or left to the programmer. For instance, leaving variables uninitialized (instead of zeroing them by default) saves time when the variable is immediately overwritten at runtime.

---

2. Move Semantics & Moved-from Objects

• Move Semantics Explained: Move semantics were introduced in C++11 to avoid the cost of unnecessary copying. Instead of copying data, resources are transferred (or “moved”) from one object to another.

• What Are Moved-from Objects? After a move operation, the source object is left in a “moved-from” state. Kalb stresses that:

  • Valid but Minimal: A moved-from object remains valid only enough to be destroyed or assigned a new value.

  • No Other Guarantees:

    Its internal state is undefined for any use other than assignment or destruction.

    “If you need to know its state after moving, you’re misusing move semantics.”

• Practical Examples:

  • Vectors and Unique Pointers: The talk details how vector move operations typically zero out the internal pointer and size—ensuring no overhead is added for range checking in common operations.
  • Move Constructors & Assignment: Kalb explains that the move constructor should transfer resource ownership efficiently, without extra checks that might degrade performance.

---

3. Embracing Undefined Behavior for Performance

• Performance by Omission: C++ intentionally leaves certain behaviors undefined (for example, reading from an uninitialized variable or accessing a moved-from object) to avoid extra runtime checks. This “undefined behavior” is a deliberate design choice that:
  • Maximizes Speed: No extra conditional tests mean faster code in the common case.
  • Shifts Responsibility: The onus is on the programmer to ensure that only valid operations are performed on objects.
• The Zero Overhead Principle: The language design guarantees that features “when not used” have no overhead. Kalb emphasizes that any additional safety check (like range-checking or state validation in moved-from objects) would hinder performance.

---

4. Debate Over Standards and Moved-from Object State

• Standards Committee’s Note:

  There is an ongoing debate regarding how much “life” a moved-from object should retain:

  • Fully Formed vs. Partially Formed: The committee’s stance—documented in non-normative notes and echoed by Herb Sutter—suggests that moved-from objects should remain “fully formed” (i.e., callable for any operation without precondition checks).

  • Kalb’s Perspective:

    He argues that this decision encourages logic errors. Instead, a moved-from object should be treated as “suspended”—only eligible for assignment or destruction.

    “If you need to query the state of an object that’s been moved from, you’re creating a logic error.”

  • Real-world Impact: Implementations (such as those for vector and list) illustrate that ensuring full functionality of moved-from objects can force extra runtime checks, which undermines the zero overhead promise.

2025-03-07 Keynote: AI without the BS, for humans - Scott Hanselman - NDC London 2025 - YouTube { www.youtube.com }

Recommended 2025-03-07 LM Studio - Discover, download, and run local LLMs { lmstudio.ai }

Fun:

Repo (don't know which one):

• 2025-03-07 Hammster/windows-terminal-shaders: A small collection of terminal shaders { github.com } retro

• 2025-03-07 rbeesley/windows-terminal-shaders: A small collection of terminal shaders { github.com } crt

• My custom modified theme Amber2 for Windows Terminal. 2025-03-07 Welding-Torch/Amber2: My custom modified theme Amber2 for Windows Terminal. { github.com }

2025-03-06 Adventures in Spacetime - Kevlin Henney - NDC London 2025 - YouTube { www.youtube.com }

gpt-4o summary:

distributed_systems, concurrency, time_synchronization, network_latency, cap_theorem

Understanding distributed systems means accepting that time is not absolute. Events do not always occur in a clear sequence, and different machines may see different orders of events. Leslie Lamport’s work showed that “happened before” is a partial ordering, not a total one. Logical clocks, like Lamport timestamps, help establish order without relying on unreliable system clocks. This is crucial because networks introduce delays, failures, and inconsistencies that force us to rethink how we model time and causality in software.

Networks are not reliable, fast, or secure. The classic "fallacies of distributed computing" highlight common false assumptions, such as expecting zero latency, infinite bandwidth, and trustworthy communication. A system might show different data to different users or lose information due to network partitions. The CAP theorem states that in a distributed system, we can only guarantee two of three properties: consistency, availability, and partition tolerance. If the network fails, we must choose between showing potentially outdated data (availability) or refusing to show anything (consistency).

Software slows down hardware. The speed of light is fast, but software introduces inefficiencies, adding delays beyond physical limits. A distributed system has a "refractive index" like glass slowing down light—it distorts time, making responses slower than ideal. Developers should recognize that their programming environments create a misleading illusion of synchrony and locality. Thinking in terms of partial ordering, network partitions, and failure tolerance leads to better system design. Time is an illusion; software makes it worse.

Copy

2025-03-04 You’re Doing Exceptions Wrong - Matt Burke - NDC London 2025 - YouTube { www.youtube.com }

csharp, exceptions, error-handling, best-practices, debugging

👂used "slides" technique with gpt-o3-mini

I'm a firm believer that exceptions aren't the enemy—they're powerful signals that something's gone wrong in our code. Over the years, I've learned that effective error handling is all about knowing how and where to use exceptions. Below is a detailed digest of the talk along with practical C#-like code examples that directly correspond to the transcript and are supported by the slides.

Understanding Exception Categories

Fatal Exceptions are errors you can’t recover from (like out-of-memory or stack overflow). Instead of trying to catch these, you should design your code to avoid them. For example, if recursion might lead to a stack overflow, check your recursion depth first:

// Avoid catching fatal exceptions like StackOverflowException.
try {
    RecursiveMethod();
}
catch (StackOverflowException) {
    // You can't reliably recover from a fatal error; let the app crash.
    Environment.FailFast("Stack overflow occurred.");
}

Boneheaded Exceptions indicate a bug (such as a null pointer or index out-of-range error). Validate inputs to prevent these errors instead of masking them:

// Validate input to avoid a boneheaded exception.
if (index < 0 || index >= myList.Count)
    throw new ArgumentOutOfRangeException(nameof(index), "Index is out of range.");
var value = myList[index];

Vexing Exceptions are thrown by poorly designed APIs (like FormatException when parsing). Use safe parsing patterns instead:

// Use TryParse to avoid a vexing FormatException.
if (!int.TryParse(userInput, out int result))
    Console.WriteLine("Input is not a valid number.");
else
    Console.WriteLine("Parsed value: " + result);

Exogenous Exceptions arise from the external environment (for example, missing files or network errors). Catch these at a higher level to log the error or notify the user:

try {
    string content = File.ReadAllText("data.txt");
    Console.WriteLine(content);
}
catch (FileNotFoundException ex) {
    Console.WriteLine("File not found: " + ex.Message);
    // Log the error or provide an alternative action.
}

Best Practices in Exception Handling

Don’t Hide Errors by avoiding catch blocks that simply return default values; instead, log the error and rethrow it to preserve the context:

try {
    ProcessOrder(order);
}
catch (Exception ex) {
    Console.WriteLine("Error processing order: " + ex.Message);
    throw; // Rethrow to preserve the original context.
}

Provide Clear, Context-Rich Messages by including detailed error messages that help diagnose issues:

if (user == null)
    throw new ArgumentNullException(nameof(user), "User object cannot be null when processing an order.");

Assert Your Assumptions using assertions during development to enforce conditions that should always be true:

Debug.Assert(order != null, "Order must not be null at this point in the process.");

Don’t Overuse Catch Blocks; let exceptions bubble up when you don’t have enough context to handle them. This keeps your code cleaner:

public void ProcessData() {
    ValidateData(data);
    SaveData(data);
    // Let exceptions bubble up to a higher-level handler.
}

Be Specific with Your Catches by catching only the exceptions you expect. This prevents masking other issues:

try {
    string data = File.ReadAllText("config.json");
}
catch (FileNotFoundException ex) {
    Console.WriteLine("Configuration file not found: " + ex.Message);
}

Retain the Original Stack Trace when rethrowing exceptions by using a simple throw statement, which preserves all the valuable context:

try {
    ProcessPayment(paymentInfo);
}
catch (Exception ex) {
    Console.WriteLine("Payment processing error: " + ex.Message);
    throw; // Preserve the original stack trace.
}

Clean Up Resources by using the "using" statement or a finally block to ensure that resources are disposed of correctly, even if an exception occurs:

using (var connection = new SqlConnection(connectionString)) {
    connection.Open();
    // Execute database operations.
}
// Or, if not using "using":
SqlConnection connection = new SqlConnection(connectionString);
try {
    connection.Open();
    // Execute operations.
}
finally {
    connection.Dispose();
}

The Philosophy Behind “Throw More, Catch Less”

I advocate for writing fewer catch blocks and allowing exceptions to propagate to a centralized handler. This keeps error handling centralized and improves observability. For example, a method can validate and throw errors without catching them:

public void ProcessOrder(Order order) {
    if (order == null)
        throw new ArgumentNullException(nameof(order), "Order cannot be null.");
    // Process the order...
}

In an ASP.NET application, you might use a global exception handler to manage errors consistently:

app.UseExceptionHandler("/Error");

This approach ensures that errors are visible and managed in one place, making systems more robust and easier to debug.

These principles and code examples are directly derived from the transcript and are supported by the slides, ensuring that they reflect the original content without deviation.

2025-02-08 3 Ways You’re Screwing up Platform Engineering – And How to Fix It • Steve Smith • GOTO 2024 - YouTube { www.youtube.com }

Power Tools Overload

• Problem: Platform teams rely on heavyweight tools (e.g., Kubernetes, Kafka, Istio), creating high maintenance costs and unplanned work for delivery teams.
• Solution: Replace complex tools with lightweight alternatives like Fargate or Kinesis to reduce tech burden.

Technology Anarchy

• Problem: Teams have too much autonomy without alignment, leading to inconsistent tech stacks, inefficient processes, and slow collaboration.
• Solution: Establish paved roads with clear guidelines, expectations, and business consequences to balance autonomy with alignment.

Ticketing Hell

• Problem: Platform teams act as a service desk, requiring tickets for routine tasks, causing bottlenecks, slow progress, and developer frustration.
• Solution: Implement self-service workflows to automate common tasks, freeing both platform and delivery teams from excessive manual work.

Platform as a Product Mindset

• Problem: Teams treat platform engineering as a project rather than a product, leading to inefficiencies and lack of user focus.
• Solution: Apply product management principles, measure internal customer value, and focus on reducing unplanned work to drive adoption and success.

2025-02-03 The State of Authentication - YouTube { www.youtube.com }

2025-03-05 Build first, plan second. - YouTube { www.youtube.com }

I’ve learned from experience that if you’re going to build a product that truly solves real user needs, you must start by building a working prototype instead of spending months on a design document. In my time at big tech—and even more so in medium and small companies—I’ve seen how design docs can lead teams astray, locking in bad assumptions before you even know what you’re building. I call it "painting a house you haven’t seen yet", because when you plan without having built the thing, you’re just imagining complexities that don’t exist in practice.

When I worked on projects like the Twitch dashboard, our elaborate design for a binary tree layout failed to account for real-world issues like varying aspect ratios across devices. Had we built a proof-of-concept first, we would have discovered these issues early on, saving us months of wasted effort. Instead, the focus on a rigid spec led us to persist with bad decisions and ultimately delay a product that could have been released sooner.

For me, the only sensible approach is to prototype, test, and iterate. Building something tangible exposes hidden complexities and actual user behaviors in ways that a design doc never can. Once you’ve built it and seen how it works in reality, then you can document and refine the design. If you haven’t built it first, don’t plan it—this is the only way to avoid locking in mistakes and wasting valuable engineering time.

Good Reads​

2025-02-22 AI Killed The Tech Interview. Now What? | Kane Narraway { kanenarraway.com }

With the rise of AI, companies need to rethink their interview processes. Simply asking candidates to complete coding tests isn't enough anymore. Some options include stopping remote interviews, requiring spyware during interviews, or allowing AI use and focusing on how well candidates can prompt and refactor AI outputs. Ultimately, companies may need to adopt a hybrid approach, combining remote and in-person interviews to evaluate both coding skills and AI proficiency. Regardless, the nature of tech interviews is set to change drastically in the coming years.

2025-02-17 Finding Flow: Escaping Digital Distractions Through Deep Work and Slow Living | ssp.sh { www.ssp.sh }

Johann Hari says in Stolen Focus that rats and pigeons can be manipulated as we want. Just give them food whenever they do what you want them to. And shortly after, they will repeat that over and over again.

This made me think. In times when Instagram and other apps give us likes, hearts, and views on things we post, how much does big tech influence our behavior?

Aren’t they the same as the researcher, feeding us with dopamine to tell us to do what they want? Are they doing the same as the researcher who feeds the rats or pigeons?

This question, and recent improvements and tinkering with my flow as I started working for myself, made me ask how we can control the addiction and the influence and find a better way to slow living.

2025-02-17 The Quest to Understand Metric Movements | by Pinterest Engineering | Pinterest Engineering Blog | Feb, 2025 | Medium { medium.com }

%metrics %rootcause %analytics

To understand why key metrics change, Pinterest uses three approaches. The "Slice and Dice" method breaks down metrics into segments based on different dimensions like country and device type, allowing us to identify significant segments. This method helps diagnose issues like video metric regressions by organizing segments into a tree structure.

The "General Similarity" approach looks for other metrics that move similarly, either in the same or opposite direction, using factors like Pearson correlation and Spearman’s rank correlation. This method has helped us discover relationships between performance metrics and content distribution, indicating potential causes for latency.

Lastly, the "Experiment Effects" approach leverages A/B testing to see which experiments impact key metrics. By analyzing the treatment effects and filtering out noisy results, we dynamically identify top experiments affecting metrics. These approaches together help us narrow down root causes for metric movements and guide further investigations.

Quotes:

How we are analyzing the metric segments takes inspiration from the algorithm in Linkedin’s ThirdEye. We organize the different metric segments into a tree structure, ordered by the dimensions we are using to segmentize the metric.

• Pearson correlation: measures the strength of the linear relationship between two time-series

• Spearman’s rank correlation: measures the strength of the monotonic relationship (not just linear) between two time-series; in some cases, this is more robust than Pearson’s correlation

• Euclidean similarity: outputs a similarity measure based on inversing the Euclidean distance between the two (standardized) time-series at each time point

• Dynamic time warping: while the above three factors measure similarities between two time-series in time windows of the same length (usually the same time window), this supports comparing metrics from time windows of different lengths based on the distance along the path that the two time-series best align

  See also: Scuba: Diving into Data at Facebook - Meta Research

  Scuba: Diving into Data at Facebook paper pdf

  %Scuba %RealTimeAnalytics %InMemoryMonitoring %FacebookInfrastructure %DistributedSystems %PerformanceMonitoring %LogAnalytics %AdHocAnalytics %SystemsAtScale

  

  Discussion on Scuba

  1. Systems @Scale 2019 – Scuba: Real-time Monitoring and Log Analytics at Scale

  "Scuba is Facebook's platform for real-time monitoring and log analytics at scale."
  View the presentation

  2. YouTube Video – Scuba: Real-time Monitoring and Log Analytics at Scale

  "Scuba is Facebook's platform for real-time monitoring and log analytics at scale."
  Watch on YouTube

2025-02-17 calculator-app - Chad Nauseam Home { chadnauseam.com }

Creating a calculator app with precise results is challenging because floating point numbers can't represent all numbers accurately. Hans-J. Boehm experimented with various methods like bignums and algebraic equations but had to find a balance between precision and practicality.

Ultimately, Boehm's team realized they only needed to work with numbers expressible through the calculator's operations. They combined rational arithmetic and constructive real numbers, representing numbers as a rational times a real. Using symbolic representations for irrational numbers like π, they achieved accurate results while maintaining usability.

This approach allowed them to develop a calculator app that delivers accurate answers without compromising user experience. Their work highlights the complexity and creativity required to solve seemingly simple problems in software development.

2025-01-25 Life Lessons from the First Half-Century of My Career – Communications of the ACM { cacm.acm.org }

I started my career at Hughes Aircraft in 1972 while working on my Ph.D. at the University of California, Los Angeles (UCLA). After designing airborne computers for four years, I graduated and then taught and did systems research at UC Berkeley for the next 40. Since 2016, I’ve helped Google with hardware that accelerates artificial intelligence (AI).

At the end of my technical talks, I often share my life story and what I’ve learned from my half-century in computing. I recently was encouraged to share my reflections with a wider audience, so I’ve captured them here as 16 people-focused and career-focused life lessons.

People-Focused and Career-Focused Life Lessons from David Patterson.

2025-02-06 Software development topics I've changed my mind on after 10 years in the industry - Blogomatano { chriskiehl.com }

Things I've changed my mind on:​

Things I now believe, which past me would've squabbled with:

• Simple is not given. It takes constant work
• There is no pride in managing or understanding complexity
• Typed languages are essential on teams with mixed experience levels
• Java is a great language because it's boring
• REPLs are not useful design tools (though, they are useful exploratory tools)
• Most programming should be done long before a single line of code is written
• Frontend development is a nightmare world of Kafkaesque awfulness I no longer enjoy
• Elegance is not a real metric
• Good management is invaluable. (I went most of my career before seeing it done well)
• DynamoDB is a good database (IFF your workload lines up with what it's offering)
• Objects are extremely good at what they're good at. Blind devotion to functional is dumb.

Opinions I've picked up along the way​

• Engineering is mostly about communication
• Never go full monad in Java.
• The query planner is a cruel mistress
• If I think something is easy, that's a sure sign I don't understand it.
• You have to give younger devs room to explore and make mistakes
• You have to actively invest in improving your soft skills (and investments pay back immediately)
• Very few abstractions exist in general application development. Just write the code you need
• Contrarily, library development is about abstractions. Spend time hunting for an algebra
• ORMs are the devil in all languages and all implementations. Just write the damn SQL
• The trouble with functional programming is functional programmers 😄
• Given a long enough time horizon, you'll deeply regret building on Serverless Functions
• Types are assertions we make about the world
• Distributed locking is still really hard for some reason
• Formal modeling and analysis is an essential skill set
• Isolation is the most important property of a good integration suite.
• DynamoDB is the worst possible choice for general application development
• Most won't care about the craft. Cherish the ones that do, meet the rest where they are
• Gradual, dependently typed languages are the future
• You literally cannot add too many comments to test code (I challenge anyone to try)

Things I have not changed my opinion on:​

• People who stress over code style, linting rules, or other minutia remain insane weirdos to me. Focus on more important things.
• Code coverage has absolutely nothing to do with code quality (in many cases, it's inversely proportional)
• Monoliths remain pretty good
• It's very hard to beat decades of RDBMS research and improvements
• Micro-services require justification (they've increasingly just become assumed)
• Most projects (even inside of AWS!) don't need to "scale" and are damaged by pretending so
• 93%, maybe 95.2%, of project managers, could disappear tomorrow to either no effect or a net gain in efficiency. (this estimate is up from 4 years ago)

We'll see which of these have flipped at year 15.

2025-01-18 The documentation problem in development | Rowsana { rowsana.bearblog.dev }

2025-01-18 Everything I Know About Shipping Code Faster { www.developing.dev }

Two weeks ago, I shared Evan’s writing on what helped him grow from Junior to Staff at Meta in 3 years. His entire post hinges on that you need to blaze through your core responsibilities to free up time for growth.

The most common question I got after that post was how do you do that?

I interviewed Evan last week so you can hear the answer in his own words soon (aiming to share that next week). Before that, I wanted to share some thoughts since it’s one of the most important parts of growing your impact. Here’s everything I know about shipping more in less time.

= = =

(Semi-GPT summary) To get more done in less time, you’ve got to nail your core responsibilities so you can free up time for growth. Start by resolving ambiguity. Be fluent in code search to navigate big codebases quickly, know who to ask for help when you’re stuck, and learn to query data yourself instead of waiting on others. These basics will save you hours.

When writing code, smaller, focused diffs are the way to go. They’re faster to write, test, and review, with fewer bugs slipping through. To move even quicker, batch your tests, use feature flags to safely land work in progress, and copy existing test plans to save time in unfamiliar code paths. Make reviews faster by spoon-feeding context to reviewers and preempting feedback before submission. Being a great collaborator builds trust and gets your code reviewed faster.

Flow state is key. Eliminate distractions with noise-canceling headphones, cluster meetings to maximize focus time, and work during hours when interruptions are minimal. Turn off noisy notifications and audit your workflow for inefficiencies. While waiting on builds or tests, knock out quick tasks to keep momentum. Freeing up that extra time lets you tackle growth opportunities and build a career trajectory like Evan’s.

(found in 2025-01-18 Everything I Know About Shipping Code Faster { programmingdigest.net })

2025-01-16 Nobody Cares { grantslatton.com }

At work the junior engineer sends you some code to review. The code was clearly written in a first draft, and then just iteratively patched until the tests passed, then immediately sent to you to review without any further improvement. They do not care.

The guy on the hiking trail is playing his shitty EDM on his bluetooth speaker, ruining nature for everyone else. He does not care.

The doctor misdiagnoses your illness whose symptoms are in the first paragraph of the trivially googleable wikipedia article. He does not care.

People don't pick up after their dogs. The guy at the gym doesn't re-rack the weights. The lady at the grocery store leaves the cart in the middle of the parking lot. They. Do. Not. Care.

2025-01-09 28h Days { sidhion.com }

2025-01-09 28h Days: year 1 update { sidhion.com }

2025-01-08 Laid Off for the First Time In My Career, and Twice In One Year - Dillon Shook { dillonshook.com }

Based on my N=2 experience and the posts I’ve read here are some warning signs to look out for:

• The product org is struggling to set a vision
• Many distractions and lack of focus
• Low products usage
• Perks being cut, cancelled onsite meetings, signs of financial troubles

And last but certainly most telling:

• There’s a “company update” meeting unexpectedly scheduled four hours from now

2024-12-31 How I got promoted to staff engineer twice | sean goedecke { www.seangoedecke.com }

First, we need to understand why senior-to-staff promotions happen in tech companies. They happen for two reasons:

1. Company leadership (i.e. your skip-level or above) think a particular engineer is valuable and may leave if not promoted to staff.
2. Company leadership want a particular engineer to lead specific cross-org projects that will run smoother if they’ve got the staff role.

Promotions do not happen because a particular engineer is really technically strong and ready for the next level. They do not happen because an engineer has been mentoring a lot and is ticking the boxes on the engineering ladder description. They are a tool for retaining or for empowering valued engineers. So to be promoted to staff, you must be known and valued by your organization.

2024-12-31 225. Systems Ideas that Sound Good But Almost Never Work—"Let's just…" { hardcoresoftware.learningbyshipping.com }

When someone suggests, "let's just," it often leads to complications far beyond what anyone anticipates. For example, making something "pluggable" assumes seamless adaptability through future modules or implementations, but true pluggability requires creating at least two working versions upfront, which is rarely feasible. Similarly, adding APIs to transform a product into a "platform" may sound strategic, but APIs demand constant maintenance, compatibility, and user interest—things that are much harder to deliver than imagined.

Other ideas that rarely work include adding layers of abstraction, synchronizing data, or enabling cross-platform functionality. While abstractions can solve problems, premature ones create unused complexity. Synchronization, especially across unstructured data, is fraught with inconsistencies and bugs. Cross-platform efforts often devolve into building something akin to an operating system, which is far more complex than initially envisioned. Even "escape to native" options—allowing frameworks to access underlying platforms—tend to fail because they create conflicts between the framework's state and the native platform's.

Most of these ideas fail not because they are inherently bad but because they oversimplify the problem and ignore the complexities of implementation, maintenance, and real-world usage. Successful engineering requires solving problems with clear first principles, not leaning on patterns that are more prone to failure than success.

Fun / Retro​

2025-02-18 dinosaur couch (@dinosaurcouch) • Instagram photos and videos { www.instagram.com }

More Windows 3.11 CSS:

• 2025-02-08 nielssp/classic-stylesheets: Classic stylesheets for web applications. { github.com }

  

• 2025-02-08 Windows 3.1 {karol-kiersnowski.github.io}

  2025-02-08 GitHub - karol-kiersnowski/win31: Simple simulator of Windows 3.1 (it's just a toy) {github.com}

• 2025-02-08 GitHub - sleepybuildings/vuedows: A reimplementation of the Windows 3.11 shell in CSS, Typescript and Vue {github.com}

  

2025-02-06 A computer can never be held accountable { simonwillison.net }

2025-01-25 cs16.css { cs16.samke.me }

CSS library based on Counter Strike 1.6 UI.

2025-01-07 Neal.fun { neal.fun }

The website Neal.fun is a creative space where Neal shares his projects and games. It's a fun and interactive site with various activities and experiments.

2025-01-07 Stimulation Clicker { neal.fun } Wow!!!

2025-01-02 ASCII Porn Predates the Internet But It’s Still Everywhere { www.vice.com }

Inspiration!​

2025-02-22 A system to organise your life • Johnny.Decimal { johnnydecimal.com }

A system to organise your life. Johnny.Decimal is designed to help you find things quickly, with more confidence, and less stress.

You assign a unique ID to everything in your life.

A diagram showing the structure of a Johnny.Decimal number. The number is 15.52 and it explains how the '1' is an area, which groups related categories in sets of 10. The '15' is the category, in this case 'travel'. And '52' is just an ID; they start at 01. The title of this, our 52nd travel thing, is 'Trip to NYC'. These IDs help you stay organised. They impose constraints that make it harder to get lost. And you create your own index to link everything in your life together.

The system is free to use and the concepts are the same at home, work, or that club you manage.

2025-02-22 Removing Jeff Bezos From My Bed ◆ Truffle Security Co. { trufflesecurity.com }

SSH access to the bed! What Can They Do with This Access?

Let’s start with the basics:

• They can know when you sleep
• They can detect when there are 2 people sleeping in the bed instead of 1
• They can know when it’s night, and no people are in the bed

Imagine your ex works for Eight Sleep. Or imagine they want to know when you’re not home.

(Of course, they can also change the bed’s temperature, turn on the vibrating feature, turn off your alarm clock, and any of the other normal controls they have power over.)

2025-02-11 Orange Guidance Soapstone {leshuguita.github.io}

2025-02-11 Project Aria FAQ | Project Aria Docs { facebookresearch.github.io }

Oh, the quality of documentation!

2025-02-08 FreeDemandLetter - Get What You Deserve { www.freedemandletter.com }

2025-02-08 Do-nothing scripting: the key to gradual automation – Dan Slimmon { blog.danslimmon.com }

At first glance, it might not be obvious that this script provides value. Maybe it looks like all we’ve done is make the instructions harder to read. But the value of a do-nothing script is immense:

• It’s now much less likely that you’ll lose your place and skip a step. This makes it easier to maintain focus and power through the slog.
• Each step of the procedure is now encapsulated in a function, which makes it possible to replace the text in any given step with code that performs the action automatically.
• Over time, you’ll develop a library of useful steps, which will make future automation tasks more efficient.

A do-nothing script doesn’t save your team any manual effort. It lowers the activation energy for automating tasks, which allows the team to eliminate toil over time.

Suggestions from 2025-02-08 Do-nothing scripting: the key to gradual automation (2019) | Hacker News { news.ycombinator.com }

2025-02-07 jsontr.ee: Visualize JSON Structures as Dynamic SVG Diagrams

You can try it out on this playground, which provides the option to download the diagram as PNG, or use it in an app with customizable styles.

(🟠 Found in JavaScript Weekly: JavaScript Weekly Issue 721: January 31, 2025 { javascriptweekly.com })

2025-01-31 mathesar-foundation/mathesar: An intuitive spreadsheet-like interface that lets users of all technical skill levels view, edit, query, and collaborate on Postgres data directly—100% open source and self hosted, with native Postgres access control. { github.com }

Intuitive spreadsheet-like interface that lets users of all technical skill levels view, edit, query, and collaborate on Postgres data directly—self hosted, with native Postgres access control.

2025-01-27 Simple Search - Just a list of search bars { simplesearch.info }

2025-01-27 Compare Search Engines - Gnod Search { www.gnod.com }

2025-01-27 YC Graveyard { ycgraveyard.iamwillwang.com }

YC Graveyard: 821 inactive Y Combinator startups

2025-01-26 SQLook - SQLite Database Viewer and Generator { sqlook.com }

And so... they changed UI to a more modern Bootstrap version... oh... SQLook – A free online SQLite database manager with a Windows 2000 interface

2025-01-25 synth-inc/onit: Onit MacOS client { github.com }

We are building Onit based on these core beliefs:

1. Universal Access: AI assistants should be accessible from anywhere on your computer, not just in browsers or specific apps.
2. Provider Freedom: Users should have the choice between models and model providers (Anthropic, OpenAI, xAI, etc.) and not be locked into a single provider.
3. Local First: AI is much more useful with access to your data. But that doesn't count for much if you have to upload personal files to an untrusted server first. Onit will always provide options for local processing. No personal data will leave your computer without explicit approval.
4. Customizability: Onit is your assistant. You should be able to configure it to your liking.
5. Extensibility: Onit should allow the community to build and share extensions, making it more useful for everyone.

2025-01-23 Master the Art of the Product Manager 'No' { letsnotdothat.com }

Master the Art of the Product Manager "No"

See also: 2025-01-23 How to professionally say? The Complete Guide 2024 { www.corporatereplies.com }

Just shut up!

I kindly request that you allow me to finish my thoughts. This will enable a smoother flow of conversation and ensure that all points are thoroughly addressed. Thank you for your understanding.

Why are you so useless?

(This one’s obviously sarcastic, but if you do use it, tag us on social media @corporatereplies 😂; We’re on Instagram and TikTok and we’d love to see the reaction.)

I am observing that your current performance is not meeting the expected standards. Could you please elaborate on the challenges you are facing to assist in finding potential solutions?

2025-01-23 AkashRajpurohit/howtoprofessionallysay: 📖 A guide for your daily "professional" interactions { github.com }

2025-01-23 How to professionally say { howtoprofessionallysay.akashrajpurohit.com }

How to professionally say A guide for your daily "professional" interactions

2025-01-23 itamarom/notepadjs { github.com }

https://itamarom.github.io/notepadjs/

A cross-platform love letter to Notepad (+) PWA

2025-01-19 jjcm/llmpeg: Uses an llm to generate ffmpeg commands { github.com }

Allows for simple usage of ffmpeg via an llm. BASH

You write ffmpeg commands based on the description from the user. You should only respond with a command line command for ffmpeg, never any additional text. All responses should be a single line without any line breaks.

2025-01-16 FFmpeg By Example { ffmpegbyexample.com }

2025-01-15 jesseduffield/lazygit: simple terminal UI for git commands { github.com }

Elevator Pitch

Rant time: You've heard it before, git is powerful, but what good is that power when everything is so damn hard to do? Interactive rebasing requires you to edit a goddamn TODO file in your editor? Are you kidding me? To stage part of a file you need to use a command line program to step through each hunk and if a hunk can't be split down any further but contains code you don't want to stage, you have to edit an arcane patch file by hand? Are you KIDDING me?! Sometimes you get asked to stash your changes when switching branches only to realise that after you switch and unstash that there weren't even any conflicts and it would have been fine to just checkout the branch directly? YOU HAVE GOT TO BE KIDDING ME!

If you're a mere mortal like me and you're tired of hearing how powerful git is when in your daily life it's a powerful pain in your ass, lazygit might be for you.

2025-01-10 I’ve acquired a new superpower – Daniel Wirtz { danielwirtz.com }

2025-01-08 Fontjoy - Generate font pairings in one click { fontjoy.com }

The goal of font pairing is to select fonts that share an overarching theme yet have a pleasing contrast. Which fonts work together is largely a matter of intuition, but we approach this problem with a neural net. See GitHub for more technical details.

2025-01-05 Self-driving 1993 Volvo 940 (part 1: actuators) – PracticApp – Hardware / Software Engineering { practicapp.com }

Together with some friends, I decided earlier this year to particpate in the Carbage run 2025 Winter edition. This is a 6-day journey in winter all the way through Sweden to the polar circle, and back down to Helsinki in a group of roughly 400 cars.

One small catch (you might have guessed it from the name): your car has to be “carbage”. In practice, this means it needs to be at least 20 years old, and with a day value of less than €1000.

2025-01-02 lighting-ai/web-piano: This project is a playable piano keyboard developed using Bolt.DIY + DeepSeekV3. It supports both mouse clicks and keyboard input, with a MacBook-style touchbar for visual feedback. { github.com }

➡️ 2025-01-02 stackblitz-labs/bolt.diy: Prompt, run, edit, and deploy full-stack web applications using any LLM you want! { github.com }

➡️ 2025-01-02 deepseek-ai/DeepSeek-Coder: DeepSeek Coder: Let the Code Write Itself { github.com }

2025-01-02 API Parrot { apiparrot.com }

API Parrot is the tool specifically designed to reverse engineer the HTTP APIs of any website. Making life easier for developers looking to automate, integrate or scrape websites without public APIs.

👂 The Ear of AI​

2025-02-20 Animate Anyone 2 { humanaigc.github.io }

2025-02-20 Accelerating scientific breakthroughs with an AI co-scientist { research.google }

2025-02-11 Tech's Dumbest Mistake: Why Firing Programmers for AI Will Destroy Everything { defragzone.substack.com }

Firing programmers for AI is a mistake | Hacker News { news.ycombinator.com }

The next generation of programmers will grow up expecting AI to do the hard parts for them. They won’t know why an algorithm is slow, they won’t be able to debug cryptic race conditions (provided they are familiar with the concept), and they certainly won’t know how to build resilient systems that survive real-world chaos.

The result? We’ll have a whole wave of programmers who are more like AI operators than real engineers. And when companies realize AI isn't magic, being just a bunch of tokenized words in line (prove me wrong on that), they'll scramble to find actual programmers who know what they're doing. Too bad they spent years not hiring them.

2025-02-07 Understanding Reasoning LLMs - by Sebastian Raschka, PhD { magazine.sebastianraschka.com }

2025-01-31 Jailbreaking DeepSeek R1 - Prompt Injection Using Charcodes { substack.com }

Bypass DeepSeek censorship by speaking in hex

2025-01-29 DeepSeek's Multi-Head Latent Attention and Other KV Cache Tricks | PySpur { www.pyspur.dev }

2025-01-29 How has DeepSeek improved the Transformer architecture? | Epoch AI { epoch.ai }

2025-01-28 17-445 Machine Learning in Production / AI Engineering { mlip-cmu.github.io }

• 2025-01-28 Syllabus | Large Language Model Systems { llmsystem.github.io }

2025-01-21 AI Model & API Providers Analysis | Artificial Analysis { artificialanalysis.ai }

Independent analysis of AI models and API providers Understand the AI landscape to choose the best model and provider for your use-case

2025-01-18 Don't use cosine similarity carelessly { p.migdal.pl }

2025-01-17 📚 Convert E-books into audiobooks with Kokoro - Claudio Santini { claudio.uk }

2025-01-13 The 2025 AI Engineering Reading List - Latent Space { www.latent.space }

2025-01-06 Killed by LLM { r0bk.github.io }

2024-12-31 Things we learned about LLMs in 2024 { simonwillison.net }

In 2024, the field of Large Language Models (LLMs) saw significant advancements. The GPT-4 barrier was broken, with 18 organizations now having models that outperform the original GPT-4. Notably, Google's Gemini 1.5 Pro introduced new capabilities like a 2 million token input context length and video input. Additionally, LLM prices dropped dramatically due to increased competition and efficiency, making these models more accessible.

Multimodal vision became common, with models now handling images, audio, and video. Voice and live camera modes also emerged, allowing real-time interaction with LLMs. Despite these advancements, the concept of "agents"—LLMs acting autonomously—has not yet fully materialized. The environmental impact of LLMs improved due to efficiency gains, but the large-scale infrastructure buildout by tech giants remains a concern.

Overall, 2024 was marked by rapid progress in LLM capabilities, reduced costs, and the rise of multimodal and real-time interaction features. However, challenges like the environmental impact and the practical implementation of autonomous agents still need to be addressed.

2025-01-04 Can LLMs write better code if you keep asking them to “write better code”? | Max Woolf's Blog { minimaxir.com }

This article investigates whether large language models (LLMs) like Claude 3.5 Sonnet or GPT can iteratively improve code when asked to "make it better." Using a Python coding problem as a test, the author demonstrates that LLMs can optimize performance over iterations, improving speed and efficiency. However, vague prompts often lead to overengineering, such as unnecessary "enterprise-level features," without clear benefits. Despite these issues, iterative prompting can yield faster, more efficient code.

With explicit instructions, the LLM delivered substantial improvements, including using tools like Numba for just-in-time compilation and NumPy for vectorization. These optimizations resulted in code that was up to 100x faster than the initial implementation. The LLM also introduced creative techniques like precomputing digit sums and leveraging parallel processing. However, issues like hallucinated logic, subtle bugs, and redundant complexity showed that human oversight is essential to validate and refine the results.

The findings highlight the potential and limitations of using LLMs for coding. While they can provide significant speed-ups and novel ideas, they often miss important optimizations, such as deduplication or statistical shortcuts. The article emphasizes that LLMs are valuable tools for accelerating development when used thoughtfully but require careful guidance and validation from skilled developers to produce effective, reliable results.

2025-01-05 What we learned copying all the best code assistants { blog.val.town }

Since the beginning of Val Town, our users have been clamouring for the state-of-the-art LLM code generation experience. When we launched our code hosting service in 2022, the state-of-the-art was GitHub Copilot. But soon it was ChatGPT, then Claude Artifacts, and now Bolt, Cursor, and Windsurf. We’ve been trying our best to keep up. Looking back over 2024, our efforts have mostly been a series of fast-follows, copying the innovation of others. Some have been successful, and others false-starts. This article is a historical account of our efforts, giving credit where it is due.

Research 🤖 LLM vs 🧠 Brain: Cognitive Impact​

2025-02-04 I Taught for Most of My Career. I Quit Because of ChatGPT | TIME { time.com }

Virtually all experienced scholars know that writing, as historian Lynn Hunt has argued, is “not the transcription of thoughts already consciously present in [the writer’s] mind.” Rather, writing is a process closely tied to thinking. In graduate school, I spent months trying to fit pieces of my dissertation together in my mind and eventually found I could solve the puzzle only through writing. Writing is hard work. It is sometimes frightening. With the easy temptation of AI, many—possibly most—of my students were no longer willing to push through discomfort.

Generative AI is, in some ways, a democratizing tool. Many of my students were non-native speakers of English. Their writing frequently contained grammatical errors. Generative AI is effective at correcting grammar. However, the technology often changes vocabulary and alters meaning even when the only prompt is “fix the grammar.” My students lacked the skills to identify and correct subtle shifts in meaning. I could not convince them of the need for stylistic consistency or the need to develop voices as research writers.

I pointed to weaknesses such as stylistic quirks that I knew to be common to ChatGPT (I noticed a sudden surge of phrases such as “delves into”). That is, I found myself spending more time giving feedback to AI than to my students.

2025-02-04 (PDF) Investigating How Frequent Interactions with AI Technologies Impact Cognitive and Emotional Processes { www.researchgate.net }

Of course I did not read the original article and asked ChatGPT to create a digest

AI is Making Us Smarter

The study found that frequent AI users experience measurable cognitive improvements.

📌 Short-term memory improvement:

• Correlation coefficient: r = 0.663 (p < 0.01) → Strong positive correlation.
• Conclusion: People who use AI frequently recall information faster and more accurately.

📌 Better decision-making:

• Correlation coefficient: r = 0.572 (p < 0.01) → Significant improvement.
• How was this tested? Participants completed decision-making tasks before and after AI use.
• Results: AI-assisted users had a higher accuracy rate in complex decision-making.

🚀 Key takeaway: AI is acting as a cognitive amplifier, allowing us to process and retain information more efficiently.

But… it’s not all good news.

The Dark Side: AI is Increasing Stress and Anxiety

While AI improves cognitive performance, the study also found a moderate positive correlation (r = 0.468, p < 0.01) between frequent AI use and increased mental stress.

📌 Evidence from self-reported stress levels:

• Participants completed anxiety and stress assessments before and after AI interactions.
• Results: Frequent AI users reported higher stress scores after prolonged AI use.

📌 Cognitive overload is real:

• AI bombards users with continuous information, leading to mental fatigue.
• Example from interviews: Users described feeling "overwhelmed" and "mentally exhausted" after extensive AI interaction.

🤯 Key takeaway: AI might make tasks easier, but it also increases cognitive pressure and emotional strain.

The Hidden Risk: Psychological Dependence on AI

One of the most alarming findings was the development of AI dependency.

📌 Psychological reliance on AI:

• Regression analysis confirmed that frequent AI users are more likely to doubt their own judgment.
• Standardized Coefficient (Beta) = 0.421, p = 0.000 → A strong predictor of AI-induced dependency.

📌 Real-world impact:

• Users who rely on AI for problem-solving report difficulty making decisions without AI assistance.
• Example from interviews: Some participants said they "don’t trust their answers without double-checking with AI."

🔍 Key takeaway: AI is replacing independent thinking, reducing cognitive autonomy, and making users second-guess themselves.

5. The Solution: How We Can Use AI Without Losing Ourselves

So, what’s the way forward? The study suggests three key strategies to balance AI’s cognitive benefits with emotional well-being:

✔️ AI should assist, not replace thinking → We must stay in control of our decisions. ✔️ Regulate AI’s role in decision-making → Avoid relying on AI for every task. ✔️ AI should be designed for cognitive balance → Not just efficiency, but emotional well-being too.

🎯 Final Thought: AI has the potential to elevate our intelligence or erode our independence.

The question is: Will we use AI as a tool to enhance our minds—or let it become the master of our decisions?

The future is in our hands.

---

For the record (gpt-4o):

1. I've asked GPT summarize the article like a friend researcher would do. The result was bad.
2. The I've asked to write in a conversation style between two friends... the result was "Me: Bro, this paper is wild. It’s basically saying that using AI all the time makes us smarter… but also kinda messes with our emotions."
3. "Make the TED-style presentation, where the people share their opinions" -- led to good initial structure with emojis, which I like!
   1. "Add evidence for each point" -- finalized the result, not bad, I wonder if the numbers and conclusions are correct.

2025-02-22 Microsoft Study Finds Relying on AI Kills Your Critical Thinking Skills { gizmodo.com }

A new study published by researchers at Microsoft and Carnegie Mellon University found that the more humans lean on AI tools to complete their tasks, the less critical thinking they do, making it more difficult to call upon the skills when they are needed.

The researchers tapped 319 knowledge workers—a person whose job involves handling data or information—and asked them to self-report details of how they use generative AI tools in the workplace. The participants were asked to report tasks that they were asked to do, how they used AI tools to complete them, how confident they were in the AI’s ability to do the task, their ability to evaluate that output, and how confident they were in their own ability to complete the same task without any AI assistance.

⌚ Nice watch!​

2025-01-21 How I Built T3 Chat in 5 Days - YouTube { www.youtube.com }

GPT Summary: I developed T3 Chat, an AI chat app that emphasizes speed, usability, and efficient local-first architecture, completing the project in just five days. Motivated by frustrations with existing AI tools, I aimed to create a responsive and seamless experience. Leveraging the Deep Seek V3 model for its speed and affordability, I found existing starter kits unsuitable for my needs, prompting me to build a custom solution. The app uses React, React Router, and Dexie.js for its database layer, enabling offline functionality and efficient synchronization between local and cloud data. Switching from server-driven routing to a client-side approach greatly improved navigation and responsiveness.

The development process included significant hurdles. I experimented with tools like Jazz for syncing but found its collaborative-first structure overly restrictive. Instead, I built a custom sync layer, tailoring the data flow to the app's requirements. Performance optimization was critical, with tools like React Scan helping to eliminate inefficiencies. Markdown chunking and memoized rendering were implemented to minimize unnecessary re-renders, ensuring a smooth user experience. Payments were integrated with Stripe, alongside an onboarding flow that uses inline messages to explain app features. Despite challenges, these deliberate engineering choices resulted in an app that is faster, more responsive, and better tailored to user needs than its competitors.

The tools used include Deep Seek V3, React, Dexie.js, React Router, React Scan, Tailwind CSS, Vercel AI SDK, and Stripe. Each played a vital role, though some required customization, like Jazz and OpenAuth. The result is an AI chat app that outperforms existing alternatives by leveraging local-first architecture, advanced optimizations, and thoughtful design principles. This project demonstrates how targeted engineering and innovative thinking can create high-performing, user-focused applications.

2025-01-19 Locknote: Local Reasoning in C++ - Sean Parent - NDC TechTown 2024 - YouTube { www.youtube.com }

GPT Summary:

The speaker, Sean Parent, a senior principal scientist at Adobe, shared insights into improving software engineering practices with a focus on local reasoning—breaking down complex systems into manageable, verifiable components. He also delved into challenges around reasoning in C++, design principles, and strategies for building reliable systems.

Core Ideas from the Talk

The Root Cause of Software Failures The talk began with an analysis of why large software systems fail. Despite many failures being attributed to management issues, the real challenges often stem from exceeding our ability to reason about systems. The software engineering crisis, a problem identified as early as 1968, persists because large systems become too complex to understand or verify.

"The greatest limitation in writing software is our ability to understand the systems we're creating."

Key failures include lack of tools, poor practices, and an over-reliance on free relationships (unmanaged dependencies between components).

Local Reasoning Local reasoning is the ability to understand and verify a function or class independently of its broader context. This is enabled through clear APIs, preconditions, and postconditions, which define the contract between the client (caller) and the implementer. The talk focused on achieving local reasoning through careful structuring of functions, arguments, and classes.

API Contracts and Preconditions Preconditions and postconditions define the expectations and guarantees of a function:

1. Preconditions: Specify conditions the caller must meet before invoking the function.
2. Postconditions: Describe the state after the function executes successfully.
3. Invariant Conditions: Properties that must always hold true within the scope of a function or class.

Preconditions allow implementers to shift responsibility for ensuring valid input to the caller, simplifying function logic.

"Do not underestimate the power of a precondition. It lets the implementer focus on the valid cases."

Managing Function Arguments Function arguments should follow a clear and consistent contract:

• Let Arguments: Immutable references (e.g., const T&) that are not modified by the function.
• In-Out Arguments: Mutable references (e.g., T&) that may be modified by the function.
• Sink Arguments: R-value references (e.g., T&&) that are consumed by the function, leaving the caller responsible for ensuring proper ownership transfer.

General rules for arguments:

• Non-const references must not be accessed by other threads during the function's execution.
• Const references must not be written to during the function's execution.

These rules enforce memory safety and help prevent concurrency issues.

Avoiding Aliasing and Law of Exclusivity Aliasing—when multiple references point to the same memory—is a major challenge in reasoning about code. C++ lacks built-in safeguards like Swift’s exclusive access or Rust’s borrow checker, but developers must enforce similar rules manually:

• Ensure no overlapping projections (references to object parts) are passed to a function.
• Projections are invalidated if the object they point to is modified.

"In C++, we have exactly the same rule. We just don't have the language facilities to enforce it."

Projections and Value Semantics Projections (e.g., references to parts of an object) enable value semantics while maintaining efficiency. Rules for projections include:

• Avoid overlapping mutable projections.
• Projections are invalidated when the parent object is modified or destroyed.
• Multiple non-overlapping projections may coexist safely.

Mutation and Independence To simplify reasoning, objects must be independent under mutation:

1. Disallow mutation (functional programming).
2. Disallow sharing of mutable objects.
3. Allow mutation only when there is no sharing (copy-on-write).

Encapsulation and whole-part relationships (e.g., an object fully owning its parts) are critical to maintaining independence.

Encapsulation of Relationships Extrinsic relationships—connections between objects not captured by a whole-part hierarchy—are a primary source of complexity. These relationships should:

• Be encapsulated within a managing class to enforce invariants (e.g., ensuring a pointer remains valid).
• Be carefully tracked and invalidated when one side of the relationship changes.

"Containers are examples of classes that manage extrinsic relationships between their parts."

Complexity and Chaotic Systems Complex systems often become chaotic—unpredictable and impossible to reason about. Examples like the three-body problem illustrate how simple rules and relationships can create unpredictable behaviors. Developers must avoid creating chaotic systems by:

• Structuring code into hierarchies (e.g., whole-part relationships).
• Encapsulating relationships within manageable, well-defined classes.
• Simplifying or abstracting relationships to reduce interconnectedness.

Free Relationships Free relationships—unmanaged dependencies—are inherently dangerous. The speaker recommends avoiding them entirely, except in cases where the relationships are monotonic:

• Monotonic systems only move forward and never return to a previous state (e.g., immutable variables or conflict-free replicated data types).

Designing Reliable Code The speaker provided concrete recommendations for designing reliable, predictable systems:

• Use small, single-purpose functions: Each function should have a clear role with well-defined inputs and outputs.
• Avoid modifying shared state: Treat shared state as immutable or use copy-on-write semantics.
• Minimize sharing: Avoid passing shared pointers or references to mutable state in public interfaces.
• Write testable, invariant-based classes: Ensure each class encapsulates its relationships and invariants.
• Manage complexity with hierarchies: Use containment relationships to enforce structure and reasoning.

Guidelines for APIs

1. Functions should clearly specify their scope and effects.
2. Use projections to allow manipulation of object parts while preserving value semantics.
3. Do not pass overlapping projections or invalid references.
4. Favor references over shared pointers in function interfaces.

Addressing Systemic Complexity When individual relationships between parts become too complex to reason about, step back and define the system as a whole. For example, instead of managing individual moves in chess, define the overall algorithm for playing the game.

Summary of Best Practices

1. Write clear APIs with defined preconditions, postconditions, and invariants.
2. Avoid shared state unless absolutely necessary, and treat shared state as immutable.
3. Design objects for value semantics, ensuring independence and disjointedness.
4. Encapsulate relationships into classes to simplify reasoning.
5. Use hierarchies and DAGs to structure complex systems.
6. Minimize complexity by managing extrinsic relationships and avoiding chaotic loops.
7. Build monotonic systems where possible to allow for distributed, predictable behavior.

"At some point, individual relationships become too complex. You have to step back and solve the system as a whole."

These principles form a cohesive strategy for creating systems that are easier to reason about, maintain, and scale. By adhering to local reasoning, managing complexity, and encapsulating relationships, developers can build reliable, efficient software.

whole / part snippet:

/**
 * @class whole
 * @brief An example "whole" class that holds a "part" subobject.
 *
 * This class demonstrates a pattern where we:
 * - Disallow default construction.
 * - Provide an explicit constructor taking a required parameter.
 * - Use compiler-generated (default) copy/move constructors and assignment operators.
 * - Provide a default comparison operator.
 *
 * The goal is to ensure that any "whole" object is always in a valid and meaningful state,
 * and that all defaulted functions have consistent semantics with their subobjects.
 */
class whole {
    /**
     * @var _part
     * @brief The subobject/part that this "whole" manages.
     *
     * Storing the part as a member ensures that the "whole" is always composed of
     * a valid "part". We rely on the "part" type to provide its own correctness
     * and invariants.
     */
    part _part;

public:
    /**
     * @brief Delete the default constructor.
     *
     * Reason:
     * - We do not allow a "whole" to exist without explicitly providing
     *   a meaningful state for its subobject.
     * - Prevents accidental creation of a "whole" in an uninitialized or
     *   incomplete state.
     */
    whole() = delete;

    /**
     * @brief Construct a "whole" by providing a required state.
     *
     * @param s A "state" object that the "_part" subobject will be constructed with.
     * Reason:
     * - Ensures that each new "whole" has a valid "part" from the beginning.
     * - Marked explicit to prevent implicit conversions from state -> whole,
     *   forcing a clear constructor call.
     */
    explicit whole(state s)
        : _part{s}
    { }

    /**
     * @brief The copy constructor (defaulted).
     *
     * Reason:
     * - In most cases, compiler-generated copying does exactly what we want:
     *   memberwise copy of the subobjects.
     * - Making it explicit (optional choice here) can prevent some unintentional
     *   conversions, but primarily we’re just acknowledging that it is defaulted.
     */
    explicit whole(const whole&) = default;

    /**
     * @brief The move constructor (defaulted, noexcept).
     *
     * Reason:
     * - We allow moving to be efficient and safe.
     * - noexcept helps with certain optimizations (e.g., containers can move
     *   elements instead of copying if they know it won’t throw).
     */
    whole(whole&&) noexcept = default;

    /**
     * @brief Copy assignment operator (defaulted).
     *
     * Reason:
     * - Same rationale as the copy constructor: a simple memberwise copy
     *   from the other "whole" is typically correct and easiest to maintain.
     */
    whole& operator=(const whole&) = default;

    /**
     * @brief Move assignment operator (defaulted, noexcept).
     *
     * Reason:
     * - Same rationale as the move constructor: move semantics can improve
     *   performance, noexcept promises no exceptions are thrown.
     */
    whole& operator=(whole&&) noexcept = default;

    /**
     * @brief Equality comparison operator (defaulted).
     *
     * @param other The other "whole" to compare with.
     * @return true if the two "whole" objects are equal, false otherwise.
     *
     * Reason:
     * - Defaulted comparison will do a memberwise comparison of "_part"
     *   (assuming "part" itself has an appropriate operator==).
     * - Makes it easy to compare two "whole" objects without manual checks.
     */
    bool operator==(const whole&) const = default;
};

2025-01-18 TPMs and the Linux Kernel: unlocking a better path to hardware security - Ignat Korchagin - YouTube { www.youtube.com }

GPT Summary:

• Introduction to TPMs: Trusted Platform Modules (TPMs) are passive hardware security chips widely available in modern laptops and servers. They are primarily used for cryptographic key management, platform integrity, and remote attestation, providing hardware-backed security for sensitive operations.
• TPMs in Application Development: Despite their ubiquity, TPMs are rarely used directly by applications. Developers face challenges such as complex interfaces, limited documentation, and the absence of seamless support in common libraries and tools.
• Complexity of TPM Interaction: Using TPMs involves navigating multiple layers:
  1. Resource Managers: Necessary to serialize access to the TPM, which cannot handle multiple concurrent requests. Linux provides an in-kernel resource manager (/dev/tpmrm0) to simplify this.
  2. TPM Libraries: Competing implementations (Intel TSS and IBM TSS) have incompatible APIs, forcing developers to make early, limiting choices.
• Linux Kernel Key Retention Service: A subsystem of the Linux kernel that securely stores cryptographic keys in kernel memory, ensuring their isolation from user-space processes. It supports multiple key types (e.g., user, logon, and trusted keys) and organizes keys into hierarchical key rings with fine-grained permissions.
• Trusted Keys with TPM Integration: Trusted keys leverage TPMs to encrypt key material into "wrapped blobs," ensuring plaintext keys are never exposed to user space. The kernel automatically decrypts these blobs when needed, making it a lightweight software HSM.
• Key Management Challenges: Current trusted key implementation requires applications to manage wrapped blobs manually, which complicates key recovery, persistence, and scaling, especially for stateless systems or devices with limited storage.
• Key Derivation from TPMs: A proposed approach uses TPM seed values and application-specific metadata to deterministically derive cryptographic keys. This method eliminates the need for persistent key storage and enables scalable, reproducible key management.
• Linux Crypto API and Kernel Key Store Integration: The Linux Crypto API allows applications to offload cryptographic operations to the kernel using cryptographic sockets. A recent patch integrates this API with the key store, enabling cryptographic operations using kernel-managed keys without exposing them to user space.
• Request Key System Call Enhancements: The request_key syscall is extended to allow dynamic retrieval of application-specific keys. A plugin-based architecture lets the kernel call user-space helpers (e.g., TPM-aware plugins) to derive or retrieve keys as needed.
• Stateless Key Derivation with TPMs: The stateless key derivation method uses TPMs to create keys tied to application metadata (e.g., executable paths, user IDs, or code hashes). These keys are reproducible and isolated by design, making them suitable for ephemeral or IoT systems.
• Kernel-Based Key Derivation: A proposed kernel patch would eliminate user-space exposure of key material entirely by performing key derivation directly in the kernel, ensuring plaintext keys remain within secure kernel memory.
• Limitations of Current TPM Integration: Existing systems primarily support symmetric key operations. Asymmetric key functionality, such as signing or private key decryption, remains under development and is expected in future kernel releases.
• Improving Accessibility for Developers: By exposing TPM functionality through the Linux key retention service, developers can leverage hardware-backed security without needing to understand TPM internals, providing a more accessible pathway for application adoption.
• Call for Community Feedback: The speaker sought input on the practicality of proposed solutions for IoT and stateless systems, emphasizing the importance of balancing security, scalability, and developer usability.

2025-01-18 Memory Safety: Rust vs. C - Robert Seacord - NDC TechTown 2024 - YouTube { www.youtube.com }

GPT Summary:Background and Context: The talk originates from a memory-safe languages panel led by government and industry stakeholders. There is a push, particularly from governments like the U.S. and other Five Eyes members, to migrate critical systems from C and C++ to "memory-safe languages" like Rust. The speaker, while defending C and C++, acknowledges biases and stresses the importance of fair evaluations between languages.

Challenges of Defining "Memory-Safe Languages": The panel has inconsistently defined key terms. A "low-level memory-safe language" (essentially Rust) is distinguished from garbage-collected ones like Java or Python. The main critique of C/C++ centers not on the inherent inability to ensure memory safety but on the lack of compiler-enforced memory safety, leaving discipline and external tools to fill the gap.

Types of Safety: The talk breaks down safety concerns into type safety, memory safety, and thread safety, each foundational to broader software security and functional safety. Functional safety ensures systems like brakes or airplane controls continue operating safely, even under partial failure.

Arguments for C/C++ in Safety-Critical Systems: Safety-critical systems in aerospace, automotive, and other domains rely on C/C++ due to decades of tooling, standards (e.g., ISO 26262), and expertise. The deterministic nature of these languages aligns with strict timing and behavior guarantees, which are harder to achieve with garbage collection or immature ecosystems.

Rust's Growing Role and Barriers: Rust, though promising, faces ecosystem maturity challenges. The availability of Rust-trained engineers, tooling gaps (e.g., in platforms like MathWorks), and reliance on interoperability with C APIs present barriers. Rust's adoption in safety-critical domains remains limited due to these hurdles and the immense cost of rewriting existing, battle-tested codebases.

Security Concerns Beyond Memory Safety: Eliminating memory safety issues does not address broader vulnerabilities like input validation, SQL injection, or business logic errors. For example, tools in C/C++ like AddressSanitizer (ASan) can address memory safety issues but are unsuitable for production. Security is a multi-faceted problem that Rust alone cannot solve.

Progress in C and C++: Modern updates in C (e.g., C23's checked integer operations) and C++ aim to close gaps in safety. Tools like UBSan, ASan, and static analysis have matured, enabling effective error detection and mitigation in development. The C/C++ ecosystem has advanced to rival or even surpass memory-safe languages in certain safety-critical applications.

Cost and Practicality of Transition: Rewriting massive C/C++ systems into Rust or any other language without adding new features is seen as economically unviable. Transition timelines are long, involving curriculum changes, workforce training, and standards development. Safety-critical systems tend to evolve incrementally rather than through wholesale rewrites.

Critique of the Panel's Conclusions: The speaker criticizes the panel's narrow focus on memory safety as overly simplistic. Broader issues like ecosystem maturity, tooling availability, and compatibility with safety standards make the wholesale dismissal of C and C++ impractical and misguided.

Closing Thoughts: The speaker emphasizes a balanced, pragmatic approach to safety and security. Transitioning to Rust or any new language must account for all engineering realities, including ecosystem readiness, regulatory compliance, and the multifaceted nature of software vulnerabilities.

2025-01-18 How Simple Is "As Simple As Possible"? - Rendle . - NDC Porto 2024 - YouTube { www.youtube.com }

Simplifying Software Development: A Rant on Doing Less, Better

This is a talk about how we’re overcomplicating software for no good reason. It’s about keeping things simple and just building systems that work instead of getting lost in trends, tools, and buzzwords.

The speaker kicks off with a nostalgic dive into the early days of coding on Tandon 286 machines, soldering RS232 cables by hand, and building monoliths that simply did the job. “We wrote software that people used, they got their jobs done, and went home happy. No internet, no GitHub repos -- just code that worked.”

Fast forward to today, and things are a mess. Microservices? Great if you’ve got a thousand developers and a global scale problem. If not, you’re probably just smashing your monolith into tiny, unmanageable pieces. “If you’ve got fewer than 100 programmers and you’re doing microservices, I will find you and kick your shins.”

The same critique extends to APIs. SOAP was overkill; REST simplified things (or did it?), but now we’re stuffing APIs with metadata, inventing gRPC, or obsessing over “hypermedia” that no one asked for. “Just send some JSON over HTTP and call it a day. We don’t need another doctoral thesis to justify URLs.”

And don’t even get started on frontends. React, Angular, Vue -- they’re all bloated monstrosities. “140MB of node modules to load a blank page? What are we even doing?” The solution? Go back to server-side rendering or use lightweight tools like HTMX. “We solved these problems years ago, but no -- let’s reinvent them with more JavaScript.”

On infrastructure, the speaker points to Kubernetes as a classic example of overengineering. “Most of us don’t need it, but we’re running it anyway because it sounds cool. Just use containers properly and let the cloud handle the rest.”

The takeaway is simple: stop making things harder than they need to be. “If you’re adding complexity just to look good on your CV, you’re doing it wrong. Just build stuff that works, keep it simple, and fix it when it breaks. Complexity isn’t clever; it’s stupid.”

The talk wraps with humor but drives the point home: "Stop overcomplicating things. Build what you need. Then go get a beer."

2025-01-13 Why You're Not Getting Promoted To Senior (ex-Amazon Principal) - YouTube { www.youtube.com }

To become a senior engineer, understanding what blocks promotions and taking deliberate actions to address those barriers is crucial. Based on the advice provided, here are the key takeaways and actionable insights:

One common misconception is that excellent technical skills alone will secure a promotion. Many engineers hit a plateau despite being technically competent because they overlook critical non-technical factors. According to the speaker, three specific roadblocks hinder promotions, and addressing these can change your trajectory.

The first roadblock is ineffective delegation. Promotions often require demonstrating leadership, and delegation is a cornerstone of this. However, not all delegation styles are equally effective:

• The Load Balancer: Merely distributing tasks among the team doesn’t showcase leadership or improve team capabilities. "Tasks come in, and you spread them out to others on your team." This approach doesn't reduce overall workload or scale your impact.
• The Decomposer: Breaking down ambiguous problems into smaller, executable tasks is better, but it's still an expected responsibility at most levels. It doesn’t elevate you as a leader.
• The Capability Multiplier: This is the ideal approach. By assigning challenging problems to team members and coaching them through the process, you scale your impact by developing the team. "You coach them up, tell them how you would handle the situation, and let them handle the problem on their own." The critical elements of this approach are:
  • Knowing your team’s capabilities to assign tasks slightly outside their comfort zone.
  • Investing time upfront to coach them while stepping away to give them ownership.
  • Accepting the possibility of failure as part of their growth.

Effective delegation demonstrates leadership by "creating copies of yourself," a trait highly valued in promotion decisions.

The second roadblock is a weak relationship with your manager. Promotions often hinge on managerial support. Managers are hesitant to risk promoting someone who might fail at the next level, as this reflects poorly on them and disrupts team dynamics. The speaker emphasized: "Your manager is the biggest roadblock to getting promoted to senior... They only do that for people that they trust."

To strengthen this relationship:

• Clearly communicate your desire for promotion and ask for specific feedback.
• Build trust by consistently delivering results and taking ownership of problems.
• Repair any strained relationships or consider moving to a different team if necessary.

The third roadblock is failing to demonstrate leadership by owning problems. To advance to senior engineer, you must show initiative in solving team-level issues. The story of David, an engineer striving for promotion, illustrates this. Despite his technical excellence, his promotion was blocked because he raised problems without presenting solutions. Leadership involves not just identifying issues but also proactively addressing them.

For example:

• If user adoption is low, suggest prioritizing features to improve engagement.
• If defect rates are high, identify patterns or implement training for improvement.
• If operational load is causing attrition, propose forming a task force to resolve it.

"High-level ICs are leaders that don't have direct reports. Leaders take ownership of problems and do something about them."

In summary, focus on scaling through delegation, building trust with your manager, and demonstrating leadership through problem ownership. These strategies will position you as a strong candidate for promotion to senior engineer.

CS50 Cybersecurity - Lecture 1 - Securing Data

Also:

2024-12-18 CS50 Cybersecurity - Lecture 2 - Securing Systems - YouTube { www.youtube.com }

1. Password Security and Hashing

• Storing Passwords: Early systems stored plaintext passwords like "alice: apple," which is insecure.
• Hashing Passwords: Converts passwords into fixed-length strings using a hash function.
• Simple vs. Proper Hash Functions: Early functions were simplistic (A=1, B=2) but proper hashing creates cryptic outputs.
• Salting Passwords: Adds a random value (salt) to passwords before hashing to produce unique hashes. Salt is stored alongside the hash.
• Password Authentication: Input password is hashed and compared to the stored hash.
• Hashing Vulnerabilities: Brute force attacks, rainbow tables, and shared password issues are mitigated with salting.
• Best Practices: Use industry standards like NIST guidelines, avoid creating custom hashing functions, and rely on proven libraries.

2. Encryption and Cryptography

• Cryptography: Secures data in transit and at rest using encryption.
• Types: Codes (word substitution) and ciphers (character manipulation).
• Encryption Keys: Symmetric encryption uses the same key for encryption/decryption; asymmetric encryption uses a public-private key pair.
• Encryption Algorithms: AES and Triple DES (symmetric); RSA, Diffie-Hellman (asymmetric).
• Asymmetric Key Cryptography: Involves public and private keys; RSA encrypts with a public key, decrypts with a private key.
• Key Exchange Problem: Diffie-Hellman allows two parties to establish a shared secret key without prior communication.
• Encryption vs. Hashing: Hashing is one-way and irreversible; encryption is two-way and reversible.

3. Digital Signatures and Verification

• Digital Signatures: Authenticate and verify the origin of a message or document.
• How They Work: Message is hashed, then encrypted with a private key to create the signature, which is verified using the public key.
• Purpose: Ensures integrity, authenticity, and non-repudiation of messages or contracts.

4. Public Key Infrastructure (PKI)

• Concept: Relies on a trusted system to verify public keys belong to specific entities.
• Key Roles: Public keys are shared, private keys are secret. Certificate Authorities (CAs) issue digital certificates to confirm key authenticity.

5. Passkeys and Passwordless Authentication

• Passkeys: Replace passwords with biometrics (fingerprint, face scan) or PINs.
• How Passkeys Work: Device generates a public-private key pair per website. Public key is shared, private key stays on the device.
• Authentication Process: Websites send a challenge; user signs it with the private key. Website verifies using the stored public key.
• Benefits: No need for passwords, increased security, supported by Apple, Google, and Microsoft.

6. Encryption in Transit vs. Encryption at Rest

• Encryption in Transit: Protects data as it moves from point A to point B. Used in protocols like HTTPS. Prevents "man-in-the-middle" attacks but may allow the middle server (like Gmail) to see the data.
• End-to-End Encryption (E2EE): Encrypts data so only the sender and recipient can see it. Used by WhatsApp and iMessage. Intermediaries can't decrypt it.
• Encryption at Rest: Encrypts stored data on devices (like hard drives) to protect against theft or loss.

7. File Deletion and Secure Deletion

• File Deletion: Deleting a file just removes references to it; data is still present until overwritten.
• Secure Deletion: Overwrites 0s, 1s, or random bits to ensure no file remnants remain. Full-disk encryption makes secure deletion automatic.
• Device Disposal: Use full-disk encryption to ensure data is unreadable when selling or giving away devices.

8. Ransomware Attacks

• What is Ransomware?: Malware encrypts files and demands payment (often in Bitcoin) for the decryption key.
• How it Works: Hackers encrypt system files and request payment to decrypt them.
• Prevention: Use full-disk encryption and regular backups to prevent data loss.

9. Quantum Computing and Its Impact on Cybersecurity

• Quantum Computing: Uses qubits that can be in multiple states simultaneously, increasing computational power exponentially.
• Threat to Security: Could break current encryption algorithms like RSA due to greater computing power.
• Quantum-Safe Cryptography: Research is underway for "post-quantum cryptography" to withstand quantum attacks.

2024-12-20 Domain Modeling Made Functional - Scott Wlaschin - KanDDDinsky 2019 - YouTube { www.youtube.com }

GPT Summary:Functional Programming for Domain Modeling: Functional programming simplifies modeling by separating data and behavior. It uses composable types to reflect domain concepts clearly, allowing you to model workflows and real-world scenarios with precision.

Code Reflects the Domain: Code should represent the domain's shared mental model. Concepts like "suit" or "rank" in a card game are directly encoded into the structure, ensuring that the vocabulary in code matches the language of domain experts.

Static Typing as a Domain Modeling Tool: Types are not just for error-checking but are integral to domain modeling. They enforce rules at compile-time, reducing the need for defensive programming or runtime validation. This provides compile-time unit testing for domain correctness.

Composable Type Systems: Composable type systems build new types from smaller ones using "and" (records/tuples) and "or" (choices). These allow for flexible, modular designs that adapt to changing domain requirements.

Eliminating Null Values: Null values are error-prone and should be replaced with optional types (e.g., Option<T>), which explicitly represent the presence or absence of a value. This makes code safer and self-documenting.

Replacing Primitive Types: Avoid using primitive types like string or int for domain-specific data. Instead, use wrappers (e.g., EmailAddress or CustomerID) to enforce constraints and ensure clarity.

Replacing Boolean Flags with Choices: Boolean flags are ambiguous and prone to misuse. Replace them with choice types (e.g., VerifiedEmail vs. UnverifiedEmail) to enforce business rules explicitly in the type system.

Immutability in Functional Programming: Immutability ensures that once data is validated and encapsulated, it cannot change. This eliminates repetitive validation and simplifies reasoning about state changes in the domain.

Rapid Feedback and Iteration: Collaborating with domain experts while modeling in code provides immediate feedback. This approach allows adjustments to domain understanding and code simultaneously, shortening feedback loops from weeks to minutes.

Modeling Constraints Explicitly: Use types to encode constraints, such as a string with a maximum length (String50) or a positive integer for quantities (OrderQuantity). This prevents invalid states and enforces constraints at the type level.

Making Illegal States Unrepresentable: Design your system so that invalid states (e.g., an unverified email being treated as verified) cannot be represented in the code. This reduces the need for runtime validation and minimizes bugs.

Separating Domain Logic from Implementation Details: Keep domain logic independent of technical concerns like database schemas or persistence. This is often referred to as persistence ignorance.

Refactoring Towards Deeper Insight: As you learn more about the domain, refactor code to introduce new concepts (e.g., ShuffledDeck or VerifiedEmail). This process evolves the domain model to better reflect reality.

Explicitly Modeling Relationships and Constraints: For example, if an entity must have an email or a postal address, model this as a choice type (e.g., EmailOnly, AddressOnly, or Both). This avoids ambiguous states and ensures correctness.

Process Over Product: The modeling process itself -- collaborating with stakeholders, defining concepts, and refining understanding -- is as important as the resulting code. The shared mental model is the foundation of success.

Code as a Living Document: Code is the ultimate source of truth in functional modeling. Unlike UML diagrams or external documentation, code evolves with the domain and remains in sync with business logic.

Enforcing Business Rules in the Type System: Business rules like "password resets require a verified email" can be encoded directly in the type system. This eliminates the need for external checks and makes rules unbreakable.

Modeling Actions with Functions: Actions in the domain (e.g., dealing a card or verifying an email) are modeled as functions with explicit inputs and outputs, reflecting the transformation of domain state.

Avoiding Programmer Jargon in Domain Models: Terms like "base class," "factory," or "proxy" should not appear in the domain model. Use only terms that stakeholders understand.

Facilitating Non-Programmer Feedback: Modeling in code allows non-developers to participate in reviewing and refining the domain model, ensuring alignment between technical and business perspectives.

Domain-Driven Design and Functional Programming as Allies: Functional programming and domain-driven design complement each other, providing tools for creating robust, accurate, and easily understood models of complex domains.

Use of Algebraic Data Types (ADTs): ADTs like records and discriminated unions are powerful tools for expressing complex domain concepts naturally, allowing for greater expressiveness and error prevention.

Encapsulation of Validation: Validation is done at the boundaries of the system (e.g., API inputs) and not repeatedly in the domain logic. Once data is validated, it is immutable and safe to use.

Encouraging Collaboration with Shared Language: The modeling process ensures that all stakeholders -- developers, domain experts, and product owners -- share a common understanding of the system through a ubiquitous language.

Flexibility and Extensibility: The compositional approach makes it easier to adapt the domain model to new requirements without introducing significant complexity.

2024-12-20 Introduction to Wait-free Algorithms in C++ Programming - Daniel Anderson - CppCon 2024 - YouTube { www.youtube.com }

GPT Summary:Concurrency Concepts and Lock-Free Programming: Concurrency issues arise when multiple threads access shared resources simultaneously, potentially causing errors. Lock-based programming avoids these problems but can degrade performance due to contention. Lock-free programming ensures system-wide progress but does not guarantee individual thread progress. Key tools include atomic operations like compare-and-swap (CAS), fetch-add, and fetch-sub.

Weight-Free Algorithms: Weight-free algorithms improve on lock-free by guaranteeing progress for all threads within bounded steps. This is achieved through collaboration among threads instead of competition. The helping mechanism, where threads assist ongoing operations rather than blocking or overriding them, is central to weight-free design.

Sticky Counter as a Case Study: A weight-free counter that supports increment, decrement, and read operations was used to demonstrate weight-free algorithm design. Challenges like linearizability, handling "zero" states, and edge cases like thread descheduling were addressed using flag bits and the helping principle, ensuring correctness and bounded progress.

Design Challenges and Subtleties: Weight-free algorithms require significant redesign, as they must enable threads to detect and assist in-progress operations. Concepts like linearizability ensure that operations appear to happen in a sequential order, even if they overlap in execution. Testing and formal verification are critical for validating correctness, as subtle bugs can arise in complex concurrent systems.

Performance Implications: Weight-free algorithms perform better in high-contention scenarios, especially when operations like reads are frequent. However, performance depends on the workload. Benchmarks showed that while weight-free algorithms often outperform lock-free ones in certain workloads, lock-free approaches can be faster when contention is low or writes dominate.

Progress Guarantees and Practical Constraints: The talk clarified terms like blocking (no progress), lock-free (system-wide progress), and weight-free (thread-level progress). It emphasized that real-world constraints, such as thread scheduling and hardware architecture, must be considered when implementing concurrent algorithms.

2025-01-01 "Junior developers can't think anymore..." - YouTube { www.youtube.com }

2025-01-02 12 Months After Layoff - The Blunt Truth - YouTube { www.youtube.com }

Good Reads​

2024-12-28 Developer with ADHD? You’re not alone. - Stack Overflow {stackoverflow.blog}

Reddit: 2024-12-28 Got ADHD? Program computers? Even close with either? Talk about it here. {www.reddit.com}

Many developers with ADHD feel their job is a perfect fit for how they think and approach problems. “Coding can give ADHD brains exactly the kind of stimulation they crave,” explains full-stack developer Abbey Perini. “Not only is coding a creative endeavor that involves constantly learning new things, but also once one problem is solved, there’s always a brand new one to try.”

In addition to a revolving door of fresh challenges that can keep people with ADHD engaged, coding can reward and encourage a state of hyperfocus: a frequently cited symptom of ADHD that developer Neil Peterson calls “a state of laser-like concentration in which distractions and even a sense of passing time seem to fade away.”

2024-12-20 How types make hard problems easy • { mayhul.com }

2024-12-16 The 70% problem: Hard truths about AI-assisted coding { addyo.substack.com }

found in programmingdigest issue1798 { programmingdigest.net }

The hidden cost of "AI Speed": When you watch a senior engineer work with AI tools like Cursor or Copilot, it looks like magic. They can scaffold entire features in minutes, complete with tests and documentation. But watch carefully, and you'll notice something crucial: They're not just accepting what the AI suggests. They're constantly:

• Refactoring the generated code into smaller, focused modules
• Adding edge case handling the AI missed
• Strengthening type definitions and interfaces
• Questioning architectural decisions
• Adding comprehensive error handling

In other words, they're applying years of hard-won engineering wisdom to shape and constrain the AI's output. The AI is accelerating their implementation, but their expertise is what keeps the code maintainable.

The knowledge paradox: Here's the most counterintuitive thing I've discovered: AI tools help experienced developers more than beginners. This seems backward – shouldn't AI democratize coding?

The reality is that AI is like having a very eager junior developer on your team. They can write code quickly, but they need constant supervision and correction. The more you know, the better you can guide them.

This creates what I call the "knowledge paradox":

• Seniors use AI to accelerate what they already know how to do
• Juniors try to use AI to learn what to do
• The results differ dramatically

I've watched senior engineers use AI to:

• Rapidly prototype ideas they already understand
• Generate basic implementations they can then refine
• Explore alternative approaches to known problems
• Automate routine coding tasks

Meanwhile, juniors often:

• Accept incorrect or outdated solutions
• Miss critical security and performance considerations
• Struggle to debug AI-generated code
• Build fragile systems they don't fully understand

2024-12-16 A 10 Year Retrospective of a Passionate Software Engineer | by Boris Cherkasky | Nov, 2024 | Medium { cherkaskyb.medium.com }

found in programmingdigest issue1798 { programmingdigest.net }

Take Ownership of Your Career No one is responsible for your career growth but you. While managers may offer guidance, the responsibility to seek opportunities, take initiative, and drive your own development is yours alone. Waiting for someone else to guide your progression will leave you stagnant.

"No one is responsible for your career path but you."

Seek Mentorship — It’s a Shortcut to Mastery A mentor can accelerate your growth by giving you insights, sharing their decision-making process, and exposing you to higher-level thinking. Actively seek out senior engineers, build relationships, and ask questions. This can be one of the most effective ways to "level up" faster than self-learning alone.

"Having a mentor is a force multiplier! It’s literally a means to learn faster, it’s a shortcut!"

Initiative is Always Rewarded No employer will think less of you for taking initiative. If something is blocked, find a way around it. Push for better solutions, offer new ideas, and take on challenges without being asked. This attitude of "full ownership" sets you apart. Engineers who "unblock themselves" — even by learning disciplines outside their core expertise — become the most valuable contributors.

"Nothing is more important than making your colleagues feel comfortable and safe working with you."

The Dunning-Kruger Effect is Real — Be Humble and Self-Aware At some point, you will overestimate your own skills. Recognizing this gap is essential for growth. Take feedback seriously, reflect on your mistakes, and focus on learning through deliberate practice. Switch from "just get it done" to "learn all you need to do it right." This mindset shift will elevate your skill set.

Master the "Glue Work" That Holds Teams Together It’s not enough to just write code. The ability to coordinate, track, and organize work is a rare and valuable skill. Acting as the "glue" between people, projects, and teams will make you indispensable. Track tickets, follow up on blockers, and ensure no one is left behind. Great engineers don’t just "code" — they also lead, unblock, and delegate.

Technical Excellence is Necessary, But Not Sufficient You can be a great coder, but without skills like communication, empathy, and coordination, you won’t become a senior engineer. Learn to bridge the gap between engineers, product managers, and customers. Senior engineers know how to translate customer requirements into engineering solutions and help their teams grow.

Learn to See the Business, Not Just the Code As you grow in your career, it’s not just about building "good" software — it’s about building software that drives business outcomes. Learn to ask, "How will this impact our KPIs?" and prioritize cost-efficient, high-impact solutions. This business-first mindset can distinguish you as a senior engineer and lead to better decision-making.

"At one point, we scratched the 'optimal solution' for a good enough, 10x cheaper solution. Engineering is all about tradeoffs."

Resilience and Observability Are Non-Negotiable Skills Handling production incidents teaches you to value system reliability, observability, and DevOps. As you progress, mastering monitoring, alerting, and on-call response will become essential. Developers who "speak infrastructure" become highly valuable, as they can ensure stability and avoid system failure.

"It became clear that being a developer that 'speaks' and understands infrastructure is a superpower, and a differentiating factor."

Continuous Learning is Not Optional The craft of software engineering evolves rapidly. Relying on daily work alone will not keep you at the top. You need to invest in side learning — read books like Clean Code and Designing Data-Intensive Applications, attend meetups, seek mentorship, and watch technical talks. Growth requires time and passion outside daily tasks.

"Learning through daily tasks is not enough for becoming a top-tier engineer. The craft and technology are just too complex and require a lot of passion and time."

Be a Decent Human Being — It Matters More Than You Think Nothing beats being a kind, respectful, and empathetic teammate. People remember how you make them feel. Psychological safety and trust are essential for high-performing teams. As you grow into senior roles, prioritize creating safe, welcoming environments where people can speak up, share ideas, and fail without fear of judgment.

"Nothing — and I mean it — Nothing! is more important than being a decent human being, a pleasant colleague, and a pragmatic engineer."

2024-12-15 Preferring throwaway code over design docs { softwaredoug.com }

Another important point is on using PRs for documentation. They are one of the best forms of documentation for devs. They’re discoverable - one of the first places you look when trying to understand why code is implemented a certain way. PRs don’t profess to reflect the current state of the world, but a state at a point in time. A historical artifact. On the other hand, most design docs lie to you. They’re undead documentation. Unless you’re fastidious of keeping them up to date (most of us aren’t) they reflect an outdated view of reality.

2024-12-14 3 shell scripts: Kill weasel words, avoid the passive, eliminate duplicates { matt.might.net }

2024-12-11 From where I left - antirez { antirez.com }

The blog post by Salvatore Sanfilippo (antirez) reflects on his journey with Redis, his departure, and his decision to return. He also shares insights into Redis's past, his thoughts on software licensing, and new technical concepts he's working on, such as vector sets for Redis. Below is a detailed digest of the key points from the article.

After leaving Redis about 4.4 years ago, Salvatore detached himself from the project's code, commits, and technical management. This detachment was not born out of resentment but rather a desire to explore other areas like writing and embedded projects, while also spending more time with family. He describes this period as a time to "hack randomly" and explore areas like neural networks and Telegram bots. However, this "random hacking" eventually left him feeling a lack of purpose, which reignited his desire to return to the tech world.

"Hacking randomly was cool but, in the long run, my feeling was that I was lacking a real purpose, and every day I started to feel a bigger urgency to be part of the tech world again."

Salvatore's return to Redis began during a trip to New York City with his 12-year-old daughter. Reflecting on life changes and purpose, he decided to re-engage with Redis. This led to a conversation with the new Redis CEO, Rowan Trollope, where they discussed Salvatore's possible role. He proposed becoming a bridge between Redis Labs and the Redis community, creating educational materials like demos, tutorials, and new design concepts. An agreement was quickly reached, allowing him to rejoin Redis in a part-time role.

"I wrote him an email saying: do you think I could be back in some kind of capacity? Rowan showed interest in my proposal, and quickly we found some agreement."

2024-12-10 What TDD is ACTUALLY Good For – Axol's Blog { theaxolot.wordpress.com }

In an earlier article, I tore through some terrible arguments used to advocate for TDD that I see all too often (even by experienced engineers). I said in that piece that I would eventually go through what I think are better arguments for TDD, so that’s what I’m gonna do now.

Brownfield work also lends itself well to TDD, but less so. It depends on the complexity of the new feature, and the extendibility of the codebase. You have to use your best judgment. If it seems like a feature requires significant changes to existing modules, I’d lean on traditional development. However, if you see a gentle path to implementing this new feature, you might reap more benefits with TDD.

Greenfield development is a big no-no for TDD (at first). I don’t care how confident you are in what your interfaces will be. You’re not that good. Everything you think you know will change in the exploratory phase of a new project as you code, and you’ll strain your sanity by rewriting tests over and over again. Don’t do this, no matter how much your TDD idol pontificates its benefits.

BuT iF yOuR’e ReWrItInG yOuR tEsTs So MuCh, YoU’rE nOt PrAcTiSiNg TdD pRoPeRlY.”

2024-12-28 Ask HN: Are you unable to find employment? | Hacker News { news.ycombinator.com }

es, this is what everybody I know is experiencing right now.

Caveat lector: This is simply a retelling of my personal experience, YMMV. This is not advice.

What has consistently worked for me: I stopped applying for jobs, and redirected all that effort into creating and publishing open source projects that demonstrate competence in the areas of work I want. And, just as importantly, I contribute to big established open source projects in those areas too.

I did not apply for my current job (started 6 months ago): they solicited me, based on my open source work. All the best jobs I've had have been like that, this is the 3rd time it worked.

When I'm unemployed, I only apply for jobs I actually want, typically spending an hour each on 0-2 extremely targeted applications per week. But I treat churning out new open source stuff as my full time job until somebody notices. In addition to successfully landing me three great jobs over the past decade, this approach has made me a much much better programmer.

Also, I strongly believe spending hours a day writing new code will enhance your ability to pass technical interviews much more than gamified garbage like leetcode.

A huge part of making this work is not living a typical valley lifestyle: I plan my life around the median national salary for a software engineer, and when I'm making more than that it all goes straight into my savings. In the bay, that requires living frugally (by bay standards...), but I can't even begin to put into words how grateful I am to past-decade-me for living like that and giving today-me the freedom to turn down the bad jobs and wait for the good ones. Obviously, I don't have children.

I do a lot more open source than a typical programmer in the valley, but I don't think I'm "exceptional" in any sense: you just have to put in the work. I do feel like I was very lucky to start my career in an extremely open-source-centric role, and in fairness that gives me a leg up here which I am probably inclined to underestimate.

Working with People​

2024-12-05 How to Grow Professional Relationships | Tejas Kumar { tej.as }

In my career, I’ve worked with some extraordinary people while also encountering the barriers of exclusionary cliques and gatekeeping. These experiences prompted me to examine how professional relationships develop, leading to the creation of the TJS (The Journey to Synergy) Collaboration Model. This framework identifies seven stages that relationships can pass through, from competitive isolation to productive collaboration.

For those striving to build stronger, more impactful connections—whether in business, creative endeavors, or personal growth—this model offers a clear lens to understand where you stand and how to move forward.

The 7 Stages of the TJS Collaboration Model: A Quick Digest

1. Everything is a Competition Relationships are marked by exclusion and a zero-sum mindset. Gatekeeping and discrimination dominate, with little to no collaboration or shared goals.
2. Coexist Acknowledgment of each other's existence without meaningful interaction. There’s mutual respect but little effort to engage, often due to differing goals, values, or personalities.
3. Communicate Basic exchange of information occurs, but interactions remain shallow. Conversations may begin, but follow-through and deeper engagement are often lacking.
4. Cooperate Parties work together on neutral, low-stakes tasks with transactional motives. Cooperation may lead to future opportunities but doesn’t yet involve deep trust or shared investment.
5. Coordinate One party adopts the other’s goal and takes deliberate steps to align efforts. Trust begins to form as actions are coordinated for mutual benefit, laying the groundwork for deeper collaboration.
6. Collaborate A shared project is created together, with both parties contributing equally and meaningfully. Trust, understanding, and synergy define this stage, as both sides grow from the partnership.
7. We Are the Same A toxic state where boundaries dissolve, leading to unhealthy co-dependence. Individuality is lost, and relationships suffer from over-enmeshment and burnout.

2024-12-07 ✨ The 6 Mistakes You’re Going to Make as a New Manager – Terrible Software { terriblesoftware.org } { people management} {engineering management}

The right amount of engagement that you should have in your team’s projects is also a tricky subject. Lean in too much, and you’re micromanaging; lean out too much, and you appear disengaged.

To find the right balance, consider the concept of Guided Autonomy. This means setting clear goals and expectations, then stepping back and letting your team figure out how to achieve them.

As an individual contributor (IC), your work spoke for itself; people could easily see it. Plain and simple. As a manager, it’s less black and white, and surprisingly, for many new managers, part of your job now involves managing how others see you.

2024-12-07 1 in 6 Companies Are Hesitant To Hire Recent College Graduates - Intelligent { www.intelligent.com }

2024-12-09 The One Good Reason to Become a Manager (and All the Bad Ones) – Terrible Software { terriblesoftware.org }

Espanso​

2024-11-07 Espanso - A Privacy-first, Cross-platform Text Expander { espanso.org }

2024-11-07 espanso/SECURITY.md at master · espanso/espanso { github.com }

2024-11-07 Using Espanso to boost Efficiency 🚤 | Alicia's Notes 🚀 — Than... { notes.aliciasykes.com }

Really good collection of examples.

# Outputs markdown link, with clipboard contents as the URL
- trigger: ":md-link"
  replace: "[$|$]({{clipboard}})"
  vars:
  - name: "clipboard"
    type: "clipboard"

# Creates a HTML anchor element, with clipboard contents as href
- trigger: ":html-link"
  replace: "<a href=\"{{clipboard}}\" />$|$</a>"
  vars:
  - name: "clipboard"
    type: "clipboard"

# Outputs BB Code link, with clipboard contents as the URL
- trigger: ":bb-link"
  replace: "[url={{clipboard}}]$|$[/url]"
  vars:
  - name: "clipboard"
    type: "clipboard"

NiX​

2024-08-29 An unordered list of hidden gems inside NixOS — kokada { kokada.dev }

2024-12-04 Deploying Containers on NixOS { bkiran.com }

WebDev​

2024-12-09 JSON5 – JSON for Humans | JSON5 { json5.org }

JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain *by hand* (e.g. for config files). It is not intended to be used for machine-to-machine communication. (Keep using JSON or other file formats for that. 🙂)

{
  // comments
  unquoted: 'and you can quote me on that',
  singleQuotes: 'I can use "double quotes" here',
  lineBreaks: "Look, Mom! \
No \\n's!",
  hexadecimal: 0xdecaf,
  leadingDecimalPoint: .8675309, andTrailing: 8675309.,
  positiveSign: +1,
  trailingComma: 'in objects', andIn: ['arrays',],
  "backwardsCompatible": "with JSON",
}

2024-12-19 How To Create Multi-Step Forms With Vanilla JavaScript And CSS | CSS-Tricks { css-tricks.com }

2024-10-10 Liskov's Gun: The parallel evolution of React and Web Components – Baldur Bjarnason { www.baldurbjarnason.com }

2024-10-09 Why Web Components Failed - YouTube { www.youtube.com }

2024-10-09 Web Components are not Framework Components — and That’s Okay • Lea Verou { lea.verou.me }

2024-10-09 JSON•Edit•React { carlosnz.github.io }

2024-10-09 CarlosNZ/json-edit-react: React component for editing/viewing JSON/object data { github.com }

2024-10-10 player.style - Video & audio player themes for every web player & framework { player.style }

Show HN: Winamp and other media players, rebuilt for the web with Web Components (player.style)

2024-10-10 Media Chrome Docs { www.media-chrome.org }

Inspiration!​

2024-12-29 How I Automated My Job Application Process. (Part 1) { blog.daviddodda.com }

Look, I'll be honest - job hunting sucks.

It's this soul-crushing cycle of copying and pasting the same information over and over again, tweaking your resume for the 100th time, and writing cover letters that make you sound desperate without actually sounding desperate.

But here's the thing: repetitive tasks + structured process = perfect automation candidate.

So I did what any sane developer would do - I built a system to automate the whole damn thing. By the end, I had sent out 250 job applications in 20 minutes. (The irony? I got a job offer before I even finished building it. More on that later.)

Let me walk you through how I did it. 2024-12-29 I automated my job application process | Hacker News { news.ycombinator.com }

• 2024-12-29 Do Things that Don't Scale { paulgraham.com }

2024-12-28 How to Create HTML/ZIP/PNG Polyglot Files | Polyglot-HTML-ZIP-PNG { gildas-lormeau.github.io }

Github: gildas-lormeau/Polyglot-HTML-ZIP-PNG: Learn how to create HTML/ZIP/PNG polyglot files in JavaScript

How to Create HTML/ZIP/PNG Polyglot Files

This article is a summary of the presentation available here. The resulting demo file can be downloaded at the end of the article. The repository can be found at https://github.com/gildas-lormeau/Polyglot-HTML-ZIP-PNG.

Introduction

SingleFile, a tool for web archiving, commonly stores web page resources as data URIs. However, this approach can be inefficient for large resources. A more elegant solution emerges through combining the ZIP format’s flexible structure with HTML. We’ll then take it a step further by encapsulating this entire structure within a PNG file.

2024-12-26 Frontend Developer Roadmap: What is Frontend Development? { roadmap.sh }

by Kamran Ahmed (@kamrify) / X { x.com } kamranahmed.info

2024-12-22 Keeping a CHANGELOG at Work – code.dblock.org | tech blog { code.dblock.org }

2024-12-22 Draw all roads in a city at once { anvaka.github.io }

City Roads: A tool to draw all roads in a city at once

2024-12-21 Designing a calm web reader | James' Coffee Blog { jamesg.blog }

Github: capjamesg/web-reader: A minimal web reader.

2024-12-21 Show HN: Artemis, a Calm Web Reader | Hacker News { news.ycombinator.com }

2024-12-21 Lenns.io - Lenns.io { lenns.io }

RSS The feed reader for people that want to be in control

2024-12-21 Instaloader — Download Instagram Photos and Metadata { instaloader.github.io }

2024-12-21 Grayjay App - Follow Creators Not Platforms { grayjay.app }

2024-12-20 apankrat/nullboard: Nullboard is a minimalist kanban board, focused on compactness and readability. { github.com }

Nullboard is a minimalist take on a kanban board / a task list manager, designed to be compact, readable and quick in use.

2024-12-20 mizu.js | Lightweight HTML templating library for any-side rendering { mizu.sh }

2024-12-16 Alien Covenant (Movie Review) — Boy Drinks Ink { boydrinksink.com }

2024-12-16 Displaying Website Content on an E-Ink Display | Marios Fasold's Website { mfasold.net }

2024-12-13 Perspective | Perspective { perspective.finos.org }

2024-12-13 finos/perspective: A data visualization and analytics component, especially well-suited for large and/or streaming datasets. { github.com }Perspective is an interactive analytics and data visualization component, which is especially well-suited for large and/or streaming datasets. Use it to create user-configurable reports, dashboards, notebooks and applications, then deploy stand-alone in the browser, or in concert with Python and/or Jupyterlab.

Features

• A fast, memory efficient streaming query engine, written in C++ and compiled for WebAssembly, Python and Rust, with read/write/streaming for Apache Arrow, and a high-performance columnar expression language based on ExprTK.
• A framework-agnostic User Interface packaged as a Custom Element, powered either in-browser via WebAssembly or virtually via WebSocket server (Python/Node).
• A JupyterLab widget and Python client library, for interactive data analysis in a notebook, as well as scalable production Voila applications.

Found in: ✉️ 2024-12-13 JavaScript Weekly Issue 716: December 12, 2024 { javascriptweekly.com }

2024-12-13 Termo - An Easy to use terminal for your browser { termo.rajnandan.com }

Termo is a simple terminal emulator that can be used to create a terminal-like interface on your website. It is inspired by the terminal emulator in stripe.dev. It is an wrapper on top of xterm.js.

Found in: ✉️ 2024-12-13 JavaScript Weekly Issue 716: December 12, 2024 { javascriptweekly.com }

2024-12-07 ibttf/interview-coder { github.com }

An invisible desktop application that will help you pass technical interviews

2024-12-07 Install Docker natively on Android Phone and use it as a Home Server | CrackOverflow { crackoverflow.com }

In this tutorial, we will guide you through the process of installing Docker on your Android phone, specifically using a OnePlus 6T with postmarketOS. I also wrote another blog post explaining how you can run this phone without a battery, allowing it to run forever as long as it remains connected to a power source. If you’re interested, feel free to check it out! This guide can be adapted only for phones on the postmarketOS device list. Please note that this process will erase all data on your phone, so it’s important to use a device you don’t need. Let’s get started!

Database​

2024-12-07 Brian Douglas' Tech Blog - Sensible SQLite defaults { briandouglas.ie }

SQLite is cool now. DHH uses it, Laravel defaults to it. Here is a list of sensible defaults when using sqlite.

2024-12-20 vlcn-io/cr-sqlite: Convergent, Replicated SQLite. Multi-writer and CRDT support for SQLite { github.com }

"It's like Git, for your data."

CR-SQLite is a run-time loadable extension for SQLite and libSQL. It allows merging different SQLite databases together that have taken independent writes.

In other words, you can write to your SQLite database while offline. I can write to mine while offline. We can then both come online and merge our databases together, without conflict.

In technical terms: cr-sqlite adds multi-master replication and partition tolerance to SQLite via conflict free replicated data types (CRDTs) and/or causally ordered event logs.

2024-10-10 Optimizing Postgres table layout for maximum efficiency { r.ena.to }

When modeling a Postgres database, you probably don’t give much thought to the order of columns in your tables. After all, it seems like the kind of thing that wouldn’t affect storage or performance. But what if I told you that simply reordering your columns could reduce the size of your tables and indexes by 20%? This isn’t some obscure database trick — it’s a direct result of how Postgres aligns data on disk.

In this post, I’ll explore how column alignment works in Postgres, why it matters, and how you can optimize your tables for better efficiency. Through a few real-world examples, you’ll see how even small changes in column order can lead to measurable improvements.

2024-11-17 What I Wish Someone Told Me About Postgres | ChallahScript { challahscript.com }

I’ve been working professionally for the better part of a decade on web apps and, in that time, I’ve had to learn how to use a lot of different systems and tools. During that education, I found that the official documentation typically proved to be the most helpful.

Except…Postgres. It’s not because the official docs aren’t stellar (they are!)–they’re just massive. For the current version (17 at the time of writing), if printed as a standard PDF on US letter-sized paper, it’s 3,200 pages long. It’s not something any junior engineer can just sit down and read start to finish.

So I want to try to catalog the bits that I wish someone had just told me before working with a Postgres database. Hopefully, this makes things easier for the next person going on a journey similar to mine.

Note that many of these things may also apply to other SQL database management systems (DBMSs) or other databases more generally, but I’m not as familiar with others so I’m not sure what does and does not apply.

Math​

2024-12-18 ✨ How I Used Linear Algebra to Build an Interactive Diagramming Editor — and Why Matrix Math is Awesome | by Ivan Shubin | Dec, 2024 | ITNEXT { itnext.io }

C || C++​

2024-12-27 C++ 'Type Erasure' Explained | Dave Kilian's Blog { davekilian.com } { 2014 }

I recently stumbled across this pattern on a Hacker News post. It’s a neat toy, but I had a hard time finding a good explanation (most of the information I found jumped straight into examples before really motivating what was going on). In this post, I’ll try to derive the pattern from first principles instead.

CPP Mock libraties:

• 2024-12-27 rollbear/trompeloeil: Header only C++14 mocking framework { github.com }
• 2024-12-27 eranpeer/FakeIt: C++ mocking made easy. A simple yet very expressive, headers only library for c++ mocking. { github.com }
• 2024-12-27 gMock for Dummies | GoogleTest { google.github.io }

2024-12-21 Fixing C strings { thasso.xyz }

2024-09-29 It is never too late to write your own C/C++ command-line utilities – Daniel Lemire's blog { lemire.me }

You know those moments when your code feels sluggish, and you wonder if there’s a better way? Sometimes, there is. Daniel Lemire recently shared a cool story about swapping a Python script for a custom C++ utility and saving their company a ton of cash. The gist? Their Python script, used to process a JSON file every few seconds, was hogging a full CPU core. They reworked it into a C++ program using some smart libraries like simdjson, and the difference was night and day: over ten times faster, turning a snail into a lightning bolt.

Python is great for getting things up and running quickly, but when performance really matters—like shaving off milliseconds in a process that runs all day—C++ can be a game changer. It takes more effort to write, sure, but the payoff in speed and efficiency can be huge. Of course, it’s not all rainbows; setting up dependencies and dealing with compilation takes extra time. But tools like CMake and CPM are making that part a lot less painful these days.

Python’s convenience makes it perfect for many tasks, but when you’re pushing the limits of performance, don’t be afraid to roll up your sleeves and dive into C++. It’s a little extra work upfront, but when the results are this good, it’s worth it. Plus, you might even impress your team with how much you can squeeze out of your hardware. Sometimes, the old-school tools are still the best ones for the job.

Python comes with a lot of bundled functionality whereas C++ requires you to give more thought to dependencies. Thankfully CMake with CPM make recovering the dependencies painless:

include(cmake/CPM.cmake)
CPMAddPackage("gh:fmtlib/fmt#11.0.2")
CPMAddPackage("gh:simdjson/simdjson@3.10.1")
CPMAddPackage("gh:fastfloat/fast_float@6.1.6")
add_executable(main main.cpp)
target_link_libraries(main fmt::fmt simdjson::simdjson FastFloat::fast_float)

2024-11-30 Everything You Never Wanted To Know About Linker Script · mcyoung { mcyoung.xyz }

2024-10-13 Every bug/quirk of the Windows resource compiler (rc.exe), probably - ryanliptak.com { www.ryanliptak.com }

2024-09-13 Safe C++ { safecpp.org }

Over the past two years, the United States Government has been issuing warnings about memory-unsafe programming languages with increasing urgency. Much of the country’s critical infrastructure relies on software written in C and C++, languages which are very memory unsafe, leaving these systems more vulnerable to exploits by adversaries.

2024-09-26 Embedded Scripting Languages { caiorss.github.io }

2024-09-29 Few lesser known tricks, quirks and features of C { jorenar.com }

2024-07-01 Writing GUI apps for Windows is painful - Samuel Tulach

2024-12-21 ysc3839/win32-darkmode: Example application shows how to use undocumented dark mode API introduced in Windows 10 1809. { github.com }

2024-07-06 How to implement a hash table (in C)

2024-07-26 GitHub - cameron314/concurrentqueue: A fast multi-producer, multi-consumer lock-free concurrent queue for C++11

2024-08-22 Do low-level optimizations matter? Faster quicksort with cmov (2020) { cantrip.org }

2024-08-22 A ToC of the 20 part linker essay LWN.net { lwn.net }

2024-10-27 Alternative operator representations - cppreference.com { en.cppreference.com }

2024-10-28 The Curiously Recurring Template Pattern (CRTP) - Fluent C++ { www.fluentcpp.com }

• The CRTP, episode One: Definition
• The CRTP, episode Two: What the CRTP can bring to your code
• The CRTP, episode Three: An implementation helper for the CRTP

2024-11-07 marovira/lua: The Lua Programming Language with Modern CMake { github.com }

CMake: This is a bundle of the Lua Programming Language v5.4.4 that provides a modern CMake script for easy inclusion into projects and installation. For usage instructions, see the next section.

👂 The Ear of AI​

The Era of AI is now renamed to The Ear of AI because of a silly typo

2024-12-29 How I run LLMs locally - Abishek Muthian { abishekmuthian.com }

2024-12-21 A Gentle Introduction to Graph Neural Networks { distill.pub }

This article explores and explains modern graph neural networks. We divide this work into four parts. First, we look at what kind of data is most naturally phrased as a graph, and some common examples. Second, we explore what makes graphs different from other types of data, and some of the specialized choices we have to make when using graphs. Third, we build a modern GNN, walking through each of the parts of the model, starting with historic modeling innovations in the field. We move gradually from a bare-bones implementation to a state-of-the-art GNN model. Fourth and finally, we provide a GNN playground where you can play around with a real-word task and dataset to build a stronger intuition of how each component of a GNN model contributes to the predictions it makes.

2024-12-21 OpenAI o3 Breakthrough High Score on ARC-AGI-Pub { arcprize.org }

OpenAI's new o3 system - trained on the ARC-AGI-1 Public Training set - has scored a breakthrough 75.7% on the Semi-Private Evaluation set at our stated public leaderboard $10k compute limit. A high-compute (172x) o3 configuration scored 87.5%.

ARC-AGI serves as a critical benchmark for detecting such breakthroughs, highlighting generalization power in a way that saturated or less demanding benchmarks cannot. However, it is important to note that ARC-AGI is not an acid test for AGI – as we've repeated dozens of times this year. It's a research tool designed to focus attention on the most challenging unsolved problems in AI, a role it has fulfilled well over the past five years.

Passing ARC-AGI does not equate to achieving AGI, and, as a matter of fact, I don't think o3 is AGI yet. o3 still fails on some very easy tasks, indicating fundamental differences with human intelligence.

2024-12-21 Building effective agents Anthropic { www.anthropic.com }

When building applications with LLMs, we recommend finding the simplest solution possible, and only increasing complexity when needed. This might mean not building agentic systems at all. Agentic systems often trade latency and cost for better task performance, and you should consider when this tradeoff makes sense.

2024-12-15 They See Your Photos { theyseeyourphotos.com }

2024-12-12 A ChatGPT clone, in 3000 bytes of C, backed by GPT-2 { nicholas.carlini.com }

2024-11-26 Introducing the Model Context Protocol \ Anthropic { www.anthropic.com }

The Model Context Protocol is an open standard that enables developers to build secure, two-way connections between their data sources and AI-powered tools. The architecture is straightforward: developers can either expose their data through MCP servers or build AI applications (MCP clients) that connect to these servers.

2024-11-23 pingcap/autoflow: pingcap/autoflow is a Graph RAG based and conversational knowledge base tool built with TiDB Serverless Vector Storage. Demo: https://tidb.ai { github.com }

pingcap/autoflow is a Graph RAG based and conversational knowledge base tool built with TiDB Serverless Vector Storage. Demo: https://tidb.ai

2024-11-22 AI and Everything Else - Benedict Evans | Slush 2023 - YouTube { www.youtube.com }

2024-11-22 Presentations — Benedict Evans { www.ben-evans.com }

2024-11-14 AI Makes Tech Debt More Expensive { www.gauge.sh }

GenAI can’t handle High Complexity If you’ve tried tools like Cursor or Aider for professional coding, you know that their performance is highly sensitive to the complexity of the code you’re working on. They provide a dramatic speedup when applying pre-existing patterns, and when making use of existing interfaces or module relationships. However, in ‘high-debt’ environments with subtle control flow, long-range dependencies, and unexpected patterns, they struggle to generate a useful response.

2024-11-07 TutoriaLLM/TutoriaLLM: Self-hosted environment for programming tutorial by LLM { github.com }

TutoriaLLM は、小中学生を対象とした、Web 上で使用できる、LLM によって提供されるセルフホスト型プログラミング学習プラットフォームです。教育コンテンツを制作する人と、そのコンテンツから学ぶ人たちのために設計されています。

TutoriaLLM is a self-hosted programming learning platform for K-12 Education that can be used on the web. It is designed for those who create educational content and those who learn from it.

2024-10-12 AI Winter Is Coming { leehanchung.github.io }

2024-08-27 System Prompts - Anthropic { docs.anthropic.com }

2024-08-28 AI Apocalypse: 80% of Projects Crash and Burn, Billions Wasted says RAND Report - SalesforceDevops.net { Vernon Keenan / salesforcedevops.net }

The most common cause of AI project failure? It’s not the technology – it’s the people at the top. Business leaders often misunderstand or miscommunicate what problems need to be solved using AI. As one interviewee put it, “They think they have great data because they get weekly sales reports, but they don’t realize the data they have currently may not meet its new purpose.”

Many executives have inflated expectations of what AI can achieve, fueled by salespeople’s pitches and impressive demonstrations. They underestimate the time and resources required for successful AI implementation. One interviewee noted, “Often, models are delivered as 50 percent of what they could have been” due to shifting priorities and unrealistic timelines.

Data quality emerged as the second most significant hurdle. “80 percent of AI is the dirty work of data engineering,” an interviewee stated. “You need good people doing the dirty work—otherwise their mistakes poison the algorithms.”

2024-09-13 Notes on OpenAI’s new o1 chain-of-thought models { simonwillison.net }

2024-09-13 2205.11916 Large Language Models are Zero-Shot Reasoners { arxiv.org }

Let's think step-by-step

2024-09-18 zlwaterfield/scramble: Open-Source Grammarly Alternative { github.com }

A very simple Chromium and Firefox extension example to fix grammar or rewrite the text on any website

2024-09-18 WonderWorld { kovenyu.com }

Interactive Scene Generation

WonderWorld allows real-time rendering and fast scene generation. This allows a user to navigate existing scenes, and specify where and what to generate a new scene. Here are examples where a user specifies scene contents (via text) and locations (via camera movement) to create a virtual world. Videos here are accelerated.

2024-09-18 STORM { storm.genie.stanford.edu }

2024-09-18 punnerud/Local_Knowledge_Graph { github.com }

2024-09-01 Discussion thread Programming with ChatGPT | Hacker News { news.ycombinator.com }

simonw 4 days ago | prev

I'm increasingly building entire functional prototypes from start to finish using Claude 3.5 Sonnet. It's an amazing productivity boost. Here are a few recent examples:

• Image Resize Quality Tool: This is a tool for dropping in an image and instantly seeing resized versions of that image at different JPEG qualities, each of which can be downloaded. I used to use the (much better) Squoosh for this, but my cut-down version is optimized for my workflow (picking the smallest JPEG version that remains legible). Notes and prompts on how I built it are available here.

• django-http-debug: This is an actual open-source Python package I released that was mostly written for me by Claude. It's a webhooks debugger where you can set up a URL, and it will log all incoming requests to a database table for you. Notes on how I built it are available here.

• datasette-checkbox: This is a Datasette plugin that adds toggle checkboxes to any table with is_ or has_ columns. An animated demo and prompts showing how I built the initial prototype can be found here.

• Gemini BBox Tool: This is a tool for trying out Gemini 1.5 Pro's ability to return bounding boxes for items it identifies. You'll need a Gemini API key for this one, or you can check out the demo and notes here.

• Gemini Chat Tool: This is a similar tool for trying out different Gemini models (Google released three more yesterday) with a streaming chat interface. Notes on how I built it are available here.

I still see some people arguing that LLM-assisted development like this is a waste of time, and they spend more effort correcting mistakes in the code than if they had written it from scratch themselves.

I couldn't disagree more. My development process has always started with prototypes, and the speed at which I can get a proof-of-concept prototype up and running with these tools is quite frankly absurd.

2024-06-27 dropofahat.zone

2024-06-27 I am using AI to drop hats outside my window onto New Yorkers | Hacker News

2024-12-26 Apache NiFi { nifi.apache.org }

2024-12-26 Apache NiFi on Azure - Azure Architecture Center | Microsoft Learn { learn.microsoft.com }