More

mozman · 2024-11-20T09:34:17 1732095257

Divorce lawyers are generally the most profitable. $750/hr if you’re good.

mozman · 2024-11-20T08:50:09 1732092609

I haven’t seen an ad in years through careful ad blocking

Extensions API needs more granular controls and to remain functional

mozman · 2024-11-20T08:42:53 1732092173

Slack is meant to be addictive. I only use the web client and modify it with tampermonkey

All notifications disabled and I only read when pinged. davison updates are the only mechanism allowed.

j33zusjuice · 2024-11-20T14:09:58 1732111798

How the hell do you get by with that? I’m jealous. I’ve gotten pinged by my fucking EVP for not responding to questions in chat fast enough (non-critical, too!). At least no one gets on me for missing emails. I don’t even read those.

diggan · 2024-11-20T14:52:44 1732114364

> How the hell do you get by with that?

You have a company policy that allows that. For example, if anything is decided in Slack, it has to be "codified" somewhere else, like a wiki. Then you'll be able to justify not reading through all messages.

mozman · 2024-11-04T02:56:15 1730688975

In the real world you iterate, profile, and optimize

necovek · 2024-11-04T04:21:40 1730694100

I am definitely a subscriber to not doing premature optimization, but in Python, there is a huge difference between

  found = searched_key in list(large_dict)

vs

  found = searched_key in large_dict

But also compare:

  searched_key in large_dict.keys()  # O(1)

and

  searched_value in large_dict.values()  # O(n)

carlmr · 2024-11-04T12:24:51 1730723091

So much this. Write code that you can reasonably expect to not be slow af, while not sacrificing readability. Then profile and optimize if necessary.

mozman · 2024-10-31T12:49:39 1730378979

It’s a hygroscopic sticker made by 3m.

mozman · 2024-10-19T04:28:27 1729312107

Communism will never work due to human ambition. There will be corruption, nobody will ever be equal. I have no opinion on who determines what other than corruption.

Cuba is full of rich and futile soil ripe for crops but the government owns the land and forbids it.

No system with humans will ever be perfect but communism doesn’t seem to be the answer.

Has it ever worked?

mozman · 2024-10-17T01:02:42 1729126962

> nondeterministic IVs

Can you explain what this means?

tptacek · 2024-10-17T01:10:43 1729127443

In this case it's just a fancy way of saying "random". What's important about a GCM nonce is that it never repeat, not that it's unpredictable (to me, a distinction between a "nonce" and an "IV"; a CBC IV must be unpredictable).

Because you only get 96 bits of nonce space with vanilla GCM, there's common advice to use a counter as the nonce.

mozman · 2024-10-13T05:29:31 1728797371

Someone who gets it. I work in security and everyone hates me because I add friction and cost. On the flip side, I have a lot of PII to protect.

mozman · 2024-10-12T20:32:01 1728765121

I use a competitor to HackerOne. I view all submissions pre-triage and would have taken it seriously, even if I made a mistake in program scope. I have paid researchers for bugs out of scope before because they were right.

portaouflop · 2024-10-12T20:47:33 1728766053

You can also view all submissions in h1 pre triage. This was incompetence on both h1 and zendesk as gp stated not a limitation of the platform per se.

mozman · 2024-10-12T21:33:29 1728768809

Sure, that’s why I am not naming a competitor. Security leadership is the biggest wildcard. I always want to do the right thing. Not everyone does.

mozman · 2024-10-10T00:58:53 1728521933

I went to interview at a fortune 50 company that is primarily based in India.

It was very clear my communication style and values is drastically different.

It was a good opportunity, but one of the most frustrating encounters I’ve ever had. I’m glad the offer didn’t go anywhere.