Fred (parody of Fred)

A parasite that has been eating people for 3,500 years is about to be wiped off the planet. It infected 3.5 million people in 1986. Last year, it infected 10. And I have not seen it make a single front page. It is called Guinea worm. You drink contaminated water from a pond in a poor village. A year later, a worm up to three feet long starts coming out of your leg through a burning blister. There is no pill that stops it and no surgery that works. You wrap the worm around a stick and pull it out slowly, over days or weeks, inch by inch. If you rush, the worm breaks inside you and causes a fresh infection. Guinea worm is ancient. Preserved worms have been pulled out of Egyptian mummies from around 1000 BCE. The Ebers Papyrus, an Egyptian medical scroll from 1550 BCE, describes pulling the worm out with a stick. For three and a half thousand years, that was the best humans could do. Then in 1986, public health workers decided to kill the parasite off. They had no vaccine and no drug. What they had was cheap cloth water filters and a small army of volunteers willing to walk from village to village for decades. The plan was simple. Give everyone who drinks from a pond a cloth filter to strain out the tiny water fleas that spread the parasite. Then send volunteers walking house to house, year after year, teaching people how to use the filters and keeping anyone with an emerging worm out of the water. It worked. From 3.5 million cases a year to 10. Four were in Chad, four in Ethiopia, two in South Sudan. The other four countries where the worm used to be common, Angola, Cameroon, the Central African Republic, and Mali, had zero human cases for the second year in a row. The World Health Organization has already certified 200 countries as Guinea worm free. Six are left. The last hurdle is dogs. Cameroon had 445 infected animals last year and Chad had 147, so a lot of the remaining work is on animals, not humans. Strays get leashed, and crews treat ponds to kill any remaining worms. The campaign keeps watching until the number hits zero. When Guinea worm hits zero, it becomes the second human disease ever erased from the planet. The first was smallpox. It will also be the first parasite humans have ever wiped out, and the first disease ever ended without a single dose of medicine. Volunteers walked village to village with cloth filters for 40 years. Now a plague from the age of the pharaohs is about to be gone.

My development approach (since ca. 2021) - maximize isolation & minimize blast radius: - Never install any dev tools on the main system - Never run npm/pip/etc install locally - Use a VM per project/group of related projects - Never share prod credentials with dev VMs - Never forward SSH keys to dev VMs - Use a highly guarded "deploy machine" as a bastion to access production - Make sure no release pipelines can be triggered by a public PR or a push from a dev VM If a single dev VM is compromised by a supply chain attack or, since recently, a rogue agent, I tear it down (or seal it for further investigation) and provision a replacement. If back in 2021 it felt like a stretch, today it's rather a necessity given how much the supply chain attacks have accelerated.

Major cheat code for life: Increase your recovery speed. You will get rejected. You will lose money. You will embarrass yourself. The goal isn't to avoid the fall. It's to shorten the time between the fall and the reset. The ultimate life hack is the ability to quickly reset and recover. From a poor decision. From a bad interaction. From a missed workout. From a bad day. You can start over whenever you want. You can't always control what happened, but you can control how long you carry it. Fast recovery compounds.

The older I get, the more I realize intelligence is overrated. Intelligent people are more likely to overthink, overplan, and overanalyze. They hide behind motion that doesn't create progress. They fear the judgment of others if they're proven wrong. The truth is that intelligence is abundant. Courage is not. The people you admire are the ones who had the courage to act. They aren’t more talented than you. They aren’t smarter than you. They just took action when you didn’t. I often wonder how many extraordinary people wasted their entire lives waiting for permission that never came. Permission isn't granted. It's taken. You get to tap yourself in whenever you want. You can just do things. Courage beats intelligence.

Today, the Trump administration repealed the endangerment finding: the ruling that served as the basis for limits on tailpipe emissions and power plant rules. Without it, we’ll be less safe, less healthy and less able to fight climate change — all so the fossil fuel industry can make even more money.

A trend… Use ORM, write terrible DAO layers, face problems, blame ORM. Use Java, create bad abstractions, face problems, blame Java. Use k8s, write complex configurations, face problems, blame k8s. Use Postgres, design suboptimal table structure, face problems, blame Postgres. Use Docker, create bloated images, face problems, blame Docker. Basically blame technology, hide skill issues and move on.

Regular reminder… this hardening series by Jerry Devore is super awesome. There’s no way you won’t learn things by reading these. Part 1 - Disabling NTLMv1 Part 2 - Removing SMBv1 Part 3 - Enforcing LDAP Signing Part 4 - Enforcing AES for Kerberos Part 5 - Enforcing LDAP Channel Binding Part 6 - Enforcing SMB Signing Part 7 - Implementing Least Privilege Link to all articles 👇 https://t.co/JNDMfVqoDP

My coworker got promoted over me. He was worse at coding. Better at politics. I wrote better code. Fixed more bugs. Shipped faster. He talked in meetings. Took credit. Played the game. He got the promotion. I got "keep up the good work". That's when I realized: corporate rewards politics, not performance. Six months later I quit. Started freelancing. Now I make 3x his salary. No politics. No credit-stealing. Just solving problems and getting paid directly. The best developers rarely get promoted. They get used. Companies optimize for compliance and communication. Not competence. If you're technically great but politically terrible, you'll never win at corporations. Leave. Build your own thing. Get paid for your actual value.

3 years ago, we chose a monolith. Today, that monolith: - Runs in a single ASG. - Deploys in 12 minutes. - Is understood by every engineer. - Has a single, fast test suite. - Costs 1/5th what our 'microservice' platform does. We're now building our second product. It's also a monolith. Microservices solve problems we don't have. And they create problems we don't want.

Token Ring was always obsolete. Back in the 1970s, IBM accounted for the majority of the computer industry, including networking. The famous "OSI Model" is a model for how IBM did networking, not actually how network works today. Then along came Ethernet, which broke the IBM model of networks. Instead of an expensive mainframe at the center of the network ruling everything else, Ethernet was democratic, allowing anybody to put any machine onto an Ethernet segment. Instead of "client-server" computing, it allowed "peer-to-peer" computing. It was also cheap, compared to other options, and started to become very popular. There were a lot of competing technologies that sprung up around this time as well, like "ARCnet" and "LocalTalk". Basically, the ability to network cheap computers became really cheap. The IEEE decided to standardize Ethernet, now known as the 802.3 series of standards. IBM couldn't allow this, so they created their own alternative and pushed for the IEEE to include that in the standards, "Token Ring". This is defined in 802.5. There's also a "Token Bus" standard, 802.4, but is meaningless. It was only included to pretend IBM wasn't trying to disrupt and dominate the standard. The trick to the IEEE 802 standards is that all three alternatives used the same 48 bit MAC address that we know and love. This allowed us to build bridges between Ethernet and Token Ring. Now the thing about Ethernet at the time was that everything was attached to the same wire. That meant if two devices transmitted at the same time, their packets would "collide", and corrupt each other. Each would detect this, then stop transmitting and backoff for a random period of time before transmitting again. IBM pretended this was unreliable. The feature of passing a "token" around a "ring" was that it was deterministic, with nothing wasted due to collisions. It meant that a network could run at 100% of theoretical capacity, whereas Ethernet started experiencing problems as it reached max capacity with everyone colliding with each other. As it turns out, Ethernet's reliability problems were overstated and Token Ring's reliability understated. Collisions were only a problem when transmitting high rates of tiny packets. When transmitting large packets, collisions were rare, and allowed the network to run at 99% capacity. Once any network exceeds capacity, everyone needs to slow down and wait on the network. So in the end, you wouldn't notice the collision problem as being anything remarkable. Conversely, IBM chose the same connector for Token Ring as was already in use for video ports and serial ports. If a desktop user plugged the cable into the wrong port, it would crash the Token Ring. In other words, it had a serious reliability problem that "tokens" couldn't fix. As any old timer can tell you, they were in a constant battle against this, trying to fix "beaconing" (crashed) rings. It was hilariously unreliable. It was also expensive. Ethernet hardware used dumb, and cheap, chips. Token Ring adapters needed their own CPUs, separate from the main CPUs. Humorously, the early network cards from IBM included a 16-bit CPU that was more powerful than the 8088 CPU of the IBM PCs into which you inserted these adapters. The point is that IBM had an argument for why they were "better", but the technology actually was dramatically worse, even it weren't more expensive. It was all part of IBM's fight to avoid losing control of the industry. IBM customers bought a lot of Token Ring from IBM because they were IBM customers and IBM told them to. But it never really went anywhere outside of IBM shops. Few believed IBM's marketing nonsense. The point is that old timers like me shouldn't be bragging about having once built Token Ring networks. It's a badge of shame, not pride. It was bad tech from the very beginning.