It looks fairly useful for development! Quick questions what's the difference between you guys and any persistent development memory tools like https://github.com/thedotmack/claude-mem ?
Thanks! claude-mem captures what the AI did locally and replays it next session, great for solo continuity. Hopsule works at the organizational level: shared memories, structured decisions with lifecycle and enforcement, synced across your team via MCP, IDE extension, or CLI. Different layers, can coexist.
- This certificates has to be accepted by browsers which most developed by western companies (Like emphasized on the article). So you have to manually add TLS certificate to these browsers. (Which does not sound safe since these service will own by Russian Government)
- Even if they find a solution for this problem. There are many sanction on SWIFT, which will not allow users of this sites to have a purchase.
So is this service is only for their own citizens? If so, why not they just ban other browsers? (We all know how authoritarian and crazy the regime over there. They can kinda do that?)
This national TLC certificate authority not sound so smart. It's like having your own Credit Rating Agency which no body gives a shit about.
This is for Russian websites serving Russian customers, using TLS certificates they had previously sourced from outside of Russia. Because of the sanctions, those websites can't pay to renew their certificates, so this Russian CA offers them domestic-sourced certificates that they can pay for. I'm certain they have no expectation whatsoever that anyone outside of Russia would install this CA certificate; it's not the point of this.
A ban is unnecessary; the websites don't work in other browsers. Switching to a Russian browser or installing the CA certificate will fix the websites. That's what Russian users will do if they want to continue using the websites. You don't need to use the stick when the carrot already exists.
A Certificate authority is someone/group that can create certificates for domains/websites. Anyone can create a certificate authority in 10seconds in cli. For instance it is common for corporations to create their own certificate authority and create certificates for their local intranet corp sites. The problem is that browsers need to trust this certificate authority.
- This certificates has to be accepted by browsers which most developed by western companies (Like emphasized on the article). So you have to manually add TLS certificate to these browsers. (Which does not sound safe since these service will own by Russian Government)
A CA or certs aren't unsafe because of russian government. Certs do 2 things: create an encrypted connection and prove that the website has payed/bribed a CA for a cert. Since Russian sites cannot bribe/pay western companies for a cert and because they are cutting themselves off the internet they (probably) will not be able to access free certs from letencrypt.
The article talks about man in the middle attacks. With a cert a browser can create an encrypted connected between itself and the website. If a person tries to listen in the middle they just get "gibberish" because its encrypted. If the Russian government is acting as the CA it means they have access to the private cert Russian websites are using. They could theoretically change the contents the website sends to the browser because they can create a secure/encrypted connection that is deemed "trusted". They could also modify routes that go to Facebook (because they control the local russian internet/intranet) and instead go to a dummy/fake version. That version could also have a valid & trusted cert issued by the Russian government and says "yes this is facebook".
- Even if they find a solution for this problem. There are many sanction on SWIFT, which will not allow users of this sites to have a purchase.
SWIFT doesn't matter here. If Russia Gov'n or a Russian based company create's a CA and a way to bribe/purchase certs then all is good for Russian websites. Russians just need to have the CA added to their browser or OS.
So is this service is only for their own citizens? If so, why not they just ban other browsers? (We all know how authoritarian and crazy the regime over there. They can kinda do that?)
Browsers aren't the problem, the problem is the centralized "web of trust" used by browsers basically only includes CA from western countries. CA either are so large and used by so many websites that browser must included them as trusted, they bribed the browser maker with money (like Google does with Apple to get google search as default), or CAs come with the OS.
This national TLC certificate authority not sound so smart. It's like having your own Credit Rating Agency which no body gives a shit about.
CA are basically companies that websites/people/corps have to bribe to get a cert trusted by browers. Thanks to letsencrypt we can finally get around the cheapest level of bribes.
- https://coda.io/@yuhki/figmas-approach-to-product-requiremen... (And lastly CODA library, there are a lot of PM docs over here which explains how companies like Figma manage their PRD, just copy the process and simplfy it. Don't use them how they use like. Why? Because you don't need that complicated process w/ 6 people)
In terms of books, there are only few great ones like;
- Hooked by Nir Eyal
- Inspired by Marty Cagan
- Design of Everyday Things by Don Norman (Not a PM book but you should read as a PM)
That's an interesting and scary theory. Don't try that shit at home ahaha.
But to be honest I'm doing intermittent fasting for 4-5 years now. I don't count hours I don't follow up what I eat. I just exercise couple of times per week. Maybe 2-4, and start eating at 1pm, and stop eating at 7-8pm.
But that's most of the days. Sometimes I go out, drink couple of boozes with my friends, etc.
I tried to keep it simple. And here's the catch, I was overweight back then. I did workout a lot, do all the diets. Keto, Paleo etc. They're just hard to keep up with. It's hard to stay in those lifestyles.
So this simple routine makes things easier and simple for me tbh.
It is a full-text search so candidates can search millions of jobs instantly. The key differences with other job boards:
For candidates:
1. Showing the job highlights. Most job descriptions lose the formatting after being posted via partners, making the job description unreadable. The highlight will show the candidate the essential points to help candidates decide if the job is a good fit, and then they can read the full job description.
2. Filter jobs that only have a salary, sign-on bonus, or both. I always wished to see this when I was looking for jobs in the past.
3. Blazing fast.
4. You don't need to browse multiple pages to find your perfect job (when browsing using Desktop). Everything will be on a single page.
For employers:
1. Optimize the job for candidates (highlights) and Google For Jobs.
2. Employer page where candidates can search all the opening roles by the employer.
3. There are some future features for employers, including adding skills, fixing grammar and styling issues .. etc.
Firat from Permify here. My co-founders and I have been building things together since high school. Almost a year ago, we started building a project management system for a client.
We start simple but things got complicated pretty fast, as the project grew clients need new access control features.
Authorization is usually something overlooked. So it gets harder, and harder. And when the time comes to create a granular system.
Oh boy, you just realize what happens.
So we did what every dev would do. Instead of doing the task, we build an authorization and access control system on top of OPA.
So that everyone can easily decouple authorizations and access control from their code without messing up the business logic.
Permify is an plug-&-play authorization and access control API build on OPA. We make you deploy complex authorizations system under 30 mins.
So that you can focus on your core product.
You can create policies, rules and options with Permify. What we basically do is give you tools to build RBAC and ABAC.
It's Firat from Permify here. Me and my co-founders build because we live through how frustrating it is to build access control that lasts and give you piece of mind especially for Go Lang.
We have been building things over 5 years with my co-founders, and every time we get into authorizations it's just repetitive code as well as painful in terms thinking
- what users will nee
- what's the future reqs.
etc.
We had a commissioned project with a dozen of roles which both need ABAC & RBAC, and that's what makes us build Permify.
Permify is an plug-&-play API that helps you build ABAC & RBAC under 30mins. We have build Permify top on OPA. Which is an Open Source rule engine.
openpolicyagent.org
OPA has language called REGO. In times it's pretty hard navigate through, and get be master at.
So we make it crazy easy to right policies instead of using.
We have talk bunch of people about this, and we realize when you pass certain point even a small needs this.
For instance, it's not evident for small teams, and indies how useful this might be until they use it. But once they use it, they realized it's not a issue of prioritization since it almost take no time setup.
Right now, we have around 1200 devs signed up for our waitlist at permify.co
Me and my co-founder will be around to answer any question you have.
reply