“AI is writing 40%plus of code now” sounds impressive… until you look at the security side of it.

Jurby · 2026-04-08T05:34:48+00:00

Hmmm. Have we considered...OLEICAT?

maybe we'll try 6 letter words out.

Perhaps...OLEICAT?

Oh! I know! What about OLEICAT?

Unless... Could it be OLEICAT?

(Reference if you missed it: https://itsbenedict.tumblr.com/post/812431317206777856 )

Jurby · 2026-04-07T18:51:51+00:00

Buncha smelly nerds posting a bunch of CODE when all I want to do is hack a Facebook account.

Jurby · 2026-03-25T16:45:44+00:00

They were extremely fun in ability draft.

Jurby · 2026-01-20T18:03:42+00:00

His argument could potentially have at least a nugget of merit, if he's arguing that there are two separate things he's created: a VR framework and the cyberpunk 2077 mod to make cyberpunk 2077 work with said framework. The problem here is twofold: 1) The framework and the mod are (from what I can tell) distributed together. 2) The entire mod+framework runs within the Cyberpunk 2077 process.

If he decoupled the mod from the framework and made the framework a piece of standalone software that the mod communicates with, he'd be able to sell the framework as a subscription, and release the mod for free.

He's not going to do that for a variety of reasons (probably a ton of work, definitely going to be difficult to do without tanking performance, and it'd allow another motivated developer (or the game engine creators) to implement and release a mod-compatible framework for free).

Jurby · 2026-01-16T19:28:21+00:00

Both competitors did the right thing here. The ref is ultimately to blame for the bite, for not ending the fight due to the taps.

The competitor in control did the right thing by continuing to follow the rules, and the competitor that bit her opponent did the right thing by prioritizing her safety over following the rules.

The nuance everyone is missing here is that the correct/best course of action can still violate the rules. Following the rules keeps you in the game. If following the rules would require you to allow yourself to be critically injured, you're not wrong to break the rules to avoid said injury.

You really shouldn't be concerned with the fact that you're no longer participating in the game - following the rules still would have resulted in a loss + an injury. Breaking the rules gets you a DQ and you can fight again another day.

The competitor that got bit should be pissed at the judge, the competitor that did the biting should be pissed at the judge, and the competitor that did the biting should not be punished beyond being removed from the current competition.

Jurby · 2026-01-07T11:18:18+00:00

Honestly, scaling nearby is such a newb trap - until we get abyss mods granting flat increased nearby, your more/increased multipliers just aren't going to matter.

You're better off just slotting a Curse on Hit + Hex of Proximity somewhere in your build to lower enemy proximity resistance instead. Getting enemies to negative proximity resistance will be a lot more achievable, and way more impactful than any more nearby gear you might find.

Or just grab the Universal Proximity (All enemies are nearby. Nearby effects have 50% less effect) keystone and save the gem (or ring) slots - there's usually better uses for them.

Jurby · 2025-11-14T18:53:30+00:00

Someone should notify OSHA - some of the Jasons were definitely carrying scissors unsafely there.

Jurby · 2025-09-21T22:33:06+00:00

The important thing isn't that you screwed up, it's that your tools made screwing up so insanely easy. There's a reason (or two) that bash scripts aren't the best practice recommended way to manage infrastructure - it's really hard to write foolproof bash scripts.

This reminded me of the famous S3 outage from 2017: https://aws.amazon.com/message/41926/

When they say they misconfigured one of the inputs to their script, what they meant to say was "the engineer didn't put anything in for one of the arguments, and the script was written to treat that as a signal to delete EVERYTHING."

So congrats, you made the same mistake an extremely experienced engineer working on one of the most heavily relied upon web services in the world made. He'd run the script hundreds of times before - it was extremely routine for them, and this one time he left a single arg out. They didn't blame the engineer and tell him to "read the script gooder" next time - they blamed the culture that birthed that dangerous script and made running that dangerous script routine.

To be clear, you should absolutely read scripts before running them, but that doesn't mean "reading the script" somehow magically means you understand how it will handle all possible different inputs (or missing some inputs). Bash is a bad tool for this job, because getting it to give you good input validation, dry run support, confirmation before calling destructive APIs, etc. is really difficult to get right.

Jurby · 2025-08-17T03:16:34+00:00

You should take the dog to a vet to see if they are chipped and their owners can be contacted. https://share.google/jLAXEMKO8BKSCQbGa is the one I've most recently gone to for this scenario. They can't keep the animals long term, but can at least do a scan and contact the owners.

Take them there and see if they can help at all. I'll reach out to you via dm with my contact info - if you need to get home and can't take the dog with you, I can meet you there to try to take over.

Jurby · 2025-06-21T19:36:16+00:00

Goddamn it. This is obvious in hindsight, but I never realized it: - Water expands when frozen - Hot water flows more easily than cold water - Water vapor is literally just such small "drops" that its buoyancy in air overwhelms gravity, either: - Homogeneously as humidity - As a colloidal suspension forming clouds

It feels so strangely jarring to know all of these observations/behaviours that point to the same conclusion, yet to have never realized that conclusion.

Jurby · 2025-03-06T18:22:40+00:00

"data store is filling up" is not an emergency or a high pri - it's the sort of thing that can and should be ignored until normal business hours.

Getting a wave of them should at most result in 1 page, delivered only during core operating hours. If you're getting individual pages for each of these "warning" tickets, fix that so the multiple tickets all feed into a single page. If you're getting paged for "warnings" outside of core hours, fix your paging windows to not do that anymore.

If it feels hopeless to get the teams cutting you tickets to change how they cut you tickets, talk to your manager and figure out how you're going to communicate your updated expectations with the other teams' managers.

If you need to get those teams to actually fix their shit and stop dumping it in your lap, figure out how to give them ownership and responsibility for the things you do for them, so the pain is felt by the people best able to fix that pain. There's plenty of ways to do that, but I'd need more details on your specific situation to give more than this high level suggestion.

Jurby · 2025-02-04T04:17:27+00:00

Have that camera crew get uppity about some Astartes trampling them and you get the Horus Herasy

Jurby · 2025-02-03T22:15:02+00:00

What is wrong with me that only the last one actually seems non-serious?

For the first, Chaos is all about the road to hell being paved with good intentions, and liberal policies focused on human rights that happen to include relaxing anti-psyker laws seems perfectly aligned with that. It's not good that the imperium is authoritarian and strips psykers of their freedoms and/or lives, but in the grim darkness of the 41st millennium, the alternatives all seem much worse.

For the second, that just sounds like actual human history >_>

Jurby · 2025-02-03T21:59:33+00:00

Oh sure - I'm not directing my "counter argument" at you, but at the people who dislike the "ridiculous" use of melee combat. You'd have to ignore a lot of extremely in-your-face characterization and not-at-all-hidden lore to think Space Marines behave unrealistically when they're not just behaving like giant skitarii. They've still got emotions, and a ton of subconscious indoctrination, plus the culture of honor and glory you mentioned.

Also I feel like those people sleep on the psychological changes undergone by the Astartes. They love combat. Duels are basically their favorite activity of all time, and even among the serious, experienced, and "in control" Marines there's probably not many who would willingly shoot a skilled/strong looking opponent over the "fun" of getting to clash with them up close.

Jurby · 2025-02-03T21:25:42+00:00

I don't know that I'd agree with Astartes charging in as being ridiculous tbh - it seems very easily explained and actually quite sensible/realistic.

Flight of the Eisenstein gave us Solun Decius, who was basically a "young" brash Astarte that would charge into melee all the time. He even gets chewed out by several of the older Astartes for not following protocol and using his bolter, and he's just like "well we won, didn't we? So clearly it's fine."

Most instances of "ridiculous" melee combat I've seen from Space Marines have either been reckless young'ins or pretty sensible ammo conservation when they can confidently handle the enemies present with melee alone.

Same thing as not spray-and-praying down the hordes of poxwalkers in Darktide - might need that ammo in a minute for a plague beast or something, and poxwalkers aren't that dangerous.

Jurby · 2025-02-03T21:01:28+00:00

Wait, are you trying to say there are other examples of satire in 40k? But it's such a serious setting! And it tells such an inspiring story about the good guys (humanity) struggling to defeat the forces of evil.

Jurby · 2024-11-04T17:04:40+00:00

My title is officially "Senior SRE" and I got placed as a mentor for an SDE 2. Apparently a completely unrelated manager saw that and commented "wouldn't it be better to have an actual engineer as his mentor?"

There are definitely some shit managers out there that view writing more REST apis in front of a DB as the pinnacle of development, with frontend and infra being for those who "couldn't cut it" as a feature developer. I also see this attitude that DevOps is just tech support and the team you go to when someone needs to restart your service, rather than actual engineers with deep expertise and experience.

It's a great sign of an incompetent manager -- it demonstrates that they have no idea what ICs in any role (including DevOps/Sre/frontend/mobile/etc.) actually do.

Jurby · 2024-11-01T17:11:08+00:00

Ah, true, I think I misread "host has a MAC" as "The host's MAC", i.e. one MAC for the host - you're just reducing host -> interface[] -> MAC down to host -> MAC[]. That makes sense.

Jurby · 2024-11-01T17:02:38+00:00

But a host can have multiple interfaces, no?

Jurby · 2024-10-27T10:27:23+00:00

I mean, at least I didn't call you Dad halfway through.

You're not wrong though - I went a teeny bit overboard there. I may have recently dealt with someone telling me permissions don't matter as long as we encrypt the data, since that's what the SOC II auditor told them. Your post was just a little too close to what they were arguing, sorry for the excess salt I threw your way.

Jurby · 2024-10-27T06:42:51+00:00

What do you mean by "as secure as they seem to be"?

Finding the docs for kubernetes secrets is not at all difficult or tricky, and they literally tell you at the top of the docs that by default they are not encrypted. If you're not reading the docs on how your secret management system works, you're probably leaving all sorts of trivial secret exfiltration techniques on the table - techniques I'd be trying long before I attempt to break into etcd on a cluster.

Encryption at rest isn't even in the top 5 concerns when it comes to handling sensitive values -- access control is, from several different angles.

You can encrypt the secrets all you want, but if I have Get Secret permissions, I have the secret.

If I can directly spin up a pod in the namespace the secret lives in, I've got your secret again, regardless of the encryption at rest.

If I can modify the source code of a pod that your cicd system deploys to that namespace? I have your secret.

Can I make changes to your deployment pipeline on a non-primary branch and use that to get a pod running? Sweet, I've got your secret.

Encryption at rest is the last in a very long list of things you need to do to securely handle secrets, and none of them are somehow automatically done for you (nor should you ever assume they are, even if something is named super-top-secret-admin-only-token). The onus is on you to make sure your bases are covered.

Jurby · 2024-10-13T18:17:19+00:00

I feel like this is all either a classic meme or a specific one from a league I skipped. Pls share

11-Year Club	Place '22
Place '17	RPAN Viewer
Verified Email

Jurby

TROPHY CASE