I suspect this is partly due to the quality of documentation for Elixir, Erlang, and BEAM. The OTP documentation has been around for a long time and has been excellently written. Erlang/Elixer doc gen outputs function signatures, arity, and both Elixir and Erlang handle concepts like function overloading in very explicit, well-defined ways.
* Largely stable and unchanged language through out its whole existance
* Authorship is largely senior engineers so the code you train on is high quality
* Relatively low number of abstractions in comparisson to other languages. Meaning there's less ways to do one thing.
* Functional Programming style pushes down hidden state, which lowers the complexity when understanding how a slice of a system works, and the likelyhood you introduce a bug
I've seen but haven't used CEL. Anybody with experience with competing tech have any strong opinions? I've used OPA, know CEL used by GCP and Kyverno, but otherwise haven't seen anything compelling enough to move away from the OPA ecosystem.
And even then, I'm not sure it's apples to apples, at least if by Rego you're thinking of OPA. CEL and Rego take very different approaches, with CEL being quite procedural, while Rego is about constraint satisfaction, not unlike Prolog. At $WORK, Rego (in the form of OPA) gets used quite a bit for complicated access control logic, while CEL gets used in places where we've simpler logic that needs to be broken out and made configurable, and a more procedural focus works there.
This guide has aged surprisingly well, but I’d add to this: the above response is about as good as you can get—it is firm, non-combative, and moves the conversation forward.
Don’t antagonize your recruiter. You want them to advocate _for you_ when a prospective employer is drafting an offer. Work with them to give them the ammo they need to make that happen.
Would you say I was antagonizing him with my response? Because he was an in-house recruiter (and not a headhunter) and I got along with him pretty well.
I was laid off at my last 3 positions and can really relate to this. If it’s any consolation: how a company handles this is a good indication of the maturity of their management and recruiting function. I also strongly disagree with any assertion that would state “short stints = unreliable employee”. Nobody can make that assertion without confirmation of what caused those stints and the tech market from 2020 - today has been notoriously volatile.
There are plenty of great orgs out there that will soak with you before making assumptions, but as a rule most startups have fairly inexperienced management unless they are founded by a team that’s been through the rodeo a few times.
I always thought of this as authority, accountability, and responsibility of a thing. Ideally one group or person has all three. In practice you’ll have many entities with some combination of the three.
I think for any proposal to change policy that has serious impacts on the economics of the country, we should really be very clear on what problem we see, how we plan to solve it, and what specific trade-offs we're making with our solutions.
Even calling it “illegal immigration” lends fuel to the fire. There’s a very distinct difference between crossing the border illegally and violating the terms of a legally acquired visa or stamp. The latter is a civil matter which is why people weren’t historically rounded up and detained under threat of violence or murder. So yeah this whole thing is strictly about xenophobia being used to whip up the in group about an out group so we don’t look too closely at EG Venezuela or the sales process for presidential pardons.
What you describe sounds a lot like Diátaxis[1], which is a strategy for writing and organizing technical documentation. It categorizes docs into one of four categories: tutorials, explanations, how-tos, and references.
Category is derived from a fairly simple heuristic: whether the content informs action or cognition, and whether the content serves the reader’s application or acquisition of a skill[2]. I’m a fan and it’s simple enough that most anyone can learn it in an afternoon.
Unless my understanding of how IPv6 is flawed, I don’t think your assertion is true in practice. One of the big benefits to IPv6 is that addresses are plentiful and fairly disposable. Getting a /48 block and configuring a router to assign from the block is pretty straightforward.
I’m aka unsure if IPv4 really gets you the privacy advantages you think it does. Your IP address is a data point, but the contents of your TCP/HTTP traffic, your browser JS runtime, and your ISP are typically the more reliable ways to identify you individually.
Other response address how you could go about this, but I'd just like to note that you touch on the core problem of security as a domain: At the end of the day, it's a problem of figuring out who to trust, how much to trust them, and when those assessments need to change.
To use your example: Any cybersecurity firm or practitioner worth their salt should be *very* explicit about the scope of their assessment.
- That scope should exhaustively detail what was and wasn't tested.
- There should be proof of the work product, and an intelligible summary of why, how, and when an assessment was done.
- They should give you what you need to have confidence in *your understanding of* you security posture as well as evidence that you *have* a security posture you can prove with facts and data.
Anybody who tells you not to worry and take their word for something should be viewed with extreme skepticism. It is a completely unacceptable frame of mind when you're legally and ethically responsible for things you're stewarding for other people.
reply