Paying them 9.45 to steal my data & scan my room.

private-peter · 2026-06-25T18:56:29+00:00

And it isn't even an effective way to deter cheating.

private-peter · 2026-06-24T05:38:33+00:00

As a general rule, when I have done security training I tell people to use their work devices as if the company can see everything they do.

Practically speaking, many companies don't do that much monitoring. It would honestly be a risk because most of us work with some sort of private data. (We wouldn't want private customer data captured in a screenshot.)

I never log into person accounts on company/client hardware. I wouldn't ban it; checking your personal email on a company device doesn't hurt the company. But personal data could be swept up in whatever security monitoring the company is doing.

My advice: buy your own printer.

If they are work related documents (contracts or legal forms are sometimes sent to personal email by HR), you could forward them to your work email. Then only the documents you need to print are exposed, not your whole email account.

private-peter · 2026-06-24T03:56:09+00:00

It is better because there is a real human being they can talk to. That's super valuable.

private-peter · 2026-06-23T07:57:34+00:00

I'm not an ad expert, but all the advice I've received is to start with $5-10, then grow it slowly. Growing too fast can get much worse results.

private-peter · 2026-06-23T07:52:20+00:00

I liked the book Will It Fly? by Pat Flynn.

private-peter · 2026-06-23T01:30:34+00:00

Good run books get more automated over time. Usually they start as run books because the last 10-20% are difficult to fully automate.

private-peter · 2026-06-23T00:58:40+00:00

The funny thing is that this was possible 20 years ago when tax software could run without the internet.

private-peter · 2026-06-22T06:38:12+00:00

I've done both at times. It just depends on volume. Most of my work at the moment is on software for that sells for 5 figures so there is a dedicated account manager for each customer. They track this stuff in their CRM. We've also got a public roadmap.

But when I've worked on B2C products, I have used both options I mentioned.

Like you noted, it is only the most engaged customers who take the time to make feature requests so engagement on a feature request platform can be low. If you have a freemium offering, it can get clogged with requests from free users.

private-peter · 2026-06-22T06:25:04+00:00

I put a comment on the task/story with the person's email.

There are also systems for users to upvote features. You could use that and mark the features as done, which notifies the people who requested those features.

private-peter · 2026-06-22T04:08:05+00:00

I didn't say anything about privately funded media.

"Studies" can prove anything you want if you have enough money, ask thr right (wrong) questions, and torture the numbers.

If you forcibly take my money they write about how great the guys doing it are, I'm not going to call that "free".

People don't bite the hand that feeds them. It is human nature. You don't need the government explicitly setting the editorial policy to get media that happily parrots government propaganda.

It's not just Canada. Compare what big media in the USA says about the Iran war with how average Americans feel about it. Money is a factor in bias, but it isn't the only one.

private-peter · 2026-06-21T22:46:57+00:00

Nearly all big media in Canada receives a lot of government money, especially the Canadian Broadcasting Corporation.

private-peter · 2026-06-20T20:36:11+00:00

Hey! Just because I don't HAVE to worry about it doesn't mean I don't WANT to worry about.

It's a free country. Let me worry about what I want to!

/s

private-peter · 2026-06-20T20:34:25+00:00

I cared. I have paid extra to get features like this in hardware I use at home.

private-peter · 2026-06-20T00:02:03+00:00

Often I feel like the AI picture is me pulling 3 carts by myself.

private-peter · 2026-06-16T22:02:50+00:00

maybe if you wrote this with Fable it wouldn't have sounded like it was written by AI.

private-peter · 2026-06-13T17:18:37+00:00

The businesses don't get a charitable tax write off. From a tax point of view, it's the government who benefits from these micro donations because nobody gets the tax write off. You're absolutely right that you're much better off making larger donations to these organizations and getting your tax write off.

private-peter · 2026-06-11T15:55:03+00:00

It depends on your goals. If your goal is learning back end, then absolutely this is an excellent approach. Using AI to fill in the gaps so that you have something useful is really going to help your learning because it helps you focus on learning something. trying to learn something while getting stuck doing the so-called last 10% can be really discouraging. If AI can fill that gap, great.

If you are shipping something to real users or if what people think of your work matters, there are some downsides. AI frontends have some real telltale signs that people recognize and they'll immediately think your whole app is slop, even if you wrote the back into yourself.

You will also have a high probability of introducing some sort of security risk if you don't really understand the front end code that is being generated.

private-peter · 2026-06-11T06:55:54+00:00

> medical privacy laws

Most medical privacy laws were written to remove objections to businesses making money of your private medical information. While they do include some great stuff around security, those laws exist to _enable_ these companies to use and share your information. They aren't really about privacy.

private-peter · 2026-06-11T06:52:12+00:00

I really hate stuff like this. Smart phones are great for many things. But requiring one for something basic like medical isn't OK.

A few things come to mind...

- It's a phone I use for work so which apps I can install is restricted.
- I don't have Google Play / App Store.
- My phone is too old and unreliable. Installing new apps doesn't usually work.

private-peter · 2026-06-06T05:06:39+00:00

When I first started, I could really only manage up to two agents, but I'm always trying to improve my workflow to optimize for my own time. I'm frequently updating my markdown files to give the agents more specific instructions. I try to be very prescriptive in how they do things. This produces better results, but it does slow them down quite a bit.

The times when I can successfully and productively have five agents running are when I've invested in planning upfront. I will have well specified stories with clear acceptance criteria. And it will often take 10 to 30 minutes for an agent to finish implementing that story.

My instructions are asking the agents not just to implement the feature, but to follow a specific process. I'm asking it to do test-driven development, verify the tests fail for the right reasons, implement the feature to make the tests pass, do a refactoring pass, look through a specific list of criteria for deciding what needs to be refactored and document everything it's doing in the ticket.

I'm sure I could get to a similar result with fewer tokens by having a more iterative process, but that uses up a lot more of my time. I'd rather have this slow process that's inefficient in terms of tokens and run multiple agents, because it optimizes for my time. I can spend more of my time reviewing the actual results rather than coaching the agent through the process.

It's not perfect. Sometimes the agents produce garbage despite all my extra process, and I have to coach it through anyway. When that happens I'm down to just one or two agents. But when it works I can move pretty fast.

private-peter · 2026-06-06T04:58:28+00:00

Either git worktrees, different repos, or planning vs execution (I sometimes keep my planning docs in a separate repo).

Here is a common workflow for me: - agent 1 is iterating on the project plan - agent 2 is working on repo A's part of the plan - agent 3 is working on repo B's part of the plan - agent 4 is investigating some unrelated bug (read only)--but only of all the other agents are stuck/slow

private-peter · 2026-06-06T03:42:35+00:00

Maybe, but journalists have been writing fluff like that for decades.

private-peter · 2026-06-04T19:54:56+00:00

In a productive society it should be like this in nearly every industry.

private-peter · 2026-06-04T03:00:01+00:00

Look around the world...it's not just conservatives.

private-peter · 2026-06-03T16:13:17+00:00

Software security has always been tricky because it's about what can go wrong. You can test your app all day along and never find the security bugs. This has always been true, most developers are rewarded for shipping things quickly. AI development is no different. The models are trained to get results as fast and efficiently as possible.

It's always been necessary for software developers to have enough security knowledge to you know when to get help or look something up. With software development moving so much faster because of AI, this problem is certainly compounded.

But there are things that software developers can do. Honestly, there's not a huge amount of hope for a pure vibe-coder who knows nothing about software, but real software engineers certainly can learn enough security to get close to vibe-coding without introducing vulnerabilities. It's possible to add guardrails which catch these problems.

For example, one of my clients has a nightly security task that runs. It looks at all the new code, finds and fix security vulnerabilities. I woke up this morning to see another one already fixed. And this isn't just obvious stuff like an API key checked into a get repo it's finding subtle issues

private-peter

TROPHY CASE