I remember a similar experience. So much time was wasted just keeping some small app limping along with security patches because no one knew or wanted to know how it worked.

Pair that with oracle’s notoriously useless support which always required you to be on the latest patch before even providing an answer and it made the decision to leave it in the rearview mirror the easiest part of some modernization effort.

Top [number] [product/place] in [year].

Real travel videos for niche places are so annoying to find now.

Good luck finding a review of a niche product category among the slop lists.

Check those in to source control and it kind of takes care of that (except passwords/secrets or configs which have them).

I found a git repo with docker compose and the config files works well enough as long as you are willing to maintain a backup of the volumes and an .env file on KeePass (also backed up) for anything that might not be OK on a repo (even if private) like passwords and keys.

It means you are invited to the most pointless stuff because someone from the team needs to attend and you have more experience on how the different teams interact (ideally, some people are there for the potential higher salary most companies structure management under).

Nothing of note happens 75% of the time (maybe being generous there). You just don’t want it to come to your team last minute about 2 weeks from release with high priority because it was “already discussed and agreed to” on some obscure 2 hour inter project planning session (recurring very boring biweekly meeting).

I had more power to affect things as a senior developer than a team lead on a previous company since I could actually make technical decisions and my boss (great person) trusted me since I spent most of my time trying to learn things (since I had the time to do so without the meetings).

I won’t tell you it could not work since you are allowed to make some calls based on your experience and intuition, which is nice and rewarding, but have realistic expectations to avoid being let down.

What’s the expected volume of records planned to be stored?

For a small volume on a school assignment (a few thousand records on each query), I would do a processor/filter on my base database access layer and do the encryption and decryption there for any field annotated as @Encrypt at the field level or similar (language dependent, not sure what you are using).

Some libraries use a similar approach during serialization and deserialization steps. I’m guessing you are required to write the whole thing, but reading how those work might give you ideas since they tend to have hooks to wire custom logic during the process.

This would add overhead during read and create, but would be pretty transparent to the rest business logic and as mentioned, as long as the requirements don’t say you need to support searching over a few million records in X amount of time, it might be OK.

The hash idea sounds quicker at first (hashing vs on the fly encryption/decryption), but it does not sound like it would scale well either unless the message size is constrained like you mentioned. Another problem us that it could be extremely easy to brute force with a rainbow table which kind of defeats encrypting it to begin with. If pursuing that approach, you’d need to also store a salt with each hash to prevent that attack type.

Custom encryption solutions and security through obscurity tend to be the weakest points in an implementation, which sounds like is part of the assignment to think about.

Right, sorry that’s what I meant to type which got corrected to “exit”. When I tried it it would be exported as a separate set of json files instead of being part of the images. Glad to hear that’s not the case any longer or that this tool can automatically handle it.

Right, the problem only happened on google checkout for me.

Does that properly keep metadata like location and other exit entries? I recall google takeout used to suck at that. I had to export using their web UI 1000 at a time or so back in the day to keep that info.

… Software no longer needs to be preserved. Systems will be created, tested and discarded naturally.

By far the dumbest word vomit take on software I’ve seen in a while. Who wouldn’t want to have tax systems and critical infrastructure being treated like slop with no accountability, and many rewrites because “software is no longer scarce”…

My intro to computer science professors said the problem with computer (sans the now rare hardware bug not worked around by the OS and lower layers) is that a computer will do exactly what you tell it to… And that’s where most bugs come from. I’ve found computers can do very silly things over the years due to operator error 🤕

I only had an older iPhone (which I liked for the most part), but it was announced to not be getting security and related updates soon (what apple calls vintage at this point) so there wasn’t much of an ecosystem once I got a different phone and exporting my pictures to my NAS, new phone, desktop and laptop made more sense.

I supposed I could lose everything if all of those burn in a house fire, but since I always have my phone on me, I’d imagine there would be more pressing matters like not burning to death myself.

Edit: I also have some stuff at my relatives, but their internet sucks, so I only sync family and more important pics there.

Forgot about that yes, heard of horror stories of people being locked out of gmail, google support being useless and losing so much time and money migrating accounts manually by having to visit banks and the like.

Whichever one you go with, don’t expose it to the internet directly or use their offerings. They are a big target and just don’t get enough security.

One reason I would give is that apple and google makes it incredibly hard to leave. I had to use some third party script (and give it my credentials or token…) Just to export pictures with the exif metadata from iOS. Even Google’s obnoxious “select a few thousand pics at a time” was easier (Google takeout puts the metadata separately, so it was also not an option).

Another reason is that big tech companies are complacent with kidnappings and oppressors and don’t want to give them money.

I could see apple breaking the tool or throwing their legal team around in the future if it keeps some people on their platform, why not leave while you can more easily.

I used them for Christmas lights with that sundown condition (+just a time trigger for off at night).

Also came in handy for a light switch that was unfortunately on the wrong side from a table, now its just uses a motion sensor when someone walks to the kitchen and tells a third reality smart switch (screws on top of regular switch, so it works with any light type (e.g. fluorescent)) and is renter friendly.

Bonus points for no lag at all compared to crappy cloud dependent garbage and no need for apps for each device manufacturer. Just look if it is home assistant compatible and no cloud before buying devices since it us a lot harder or impossible in some cases to de-cloud them later.

Edit: plus same motion sensor concept to link several lights on the living room (those are just dimmable smart lights on table and floor lamps). Makes the place look cozy and feel well illuminated vs the usual single light with a wall switch. Aquara Wireless clicker to toggle between dim percentages. Its awesome (third reality or other home assistant friendly brand would work, I just already had this one).

For new people, for ongoing domain registrations people should also consider the renewal costs. There are some registrars with somewhat predatory pricing schemes that end up being very expensive long term (e.g. the trendy .io TLD).

Dot com and dot net are some of the most stable ones, even though they might not appear as such at first glance. Almost anything less costly on initial costs will cost you in some other way (might not offer whois privacy (.us iirc) or be limited to residents or people with legit business on that country (.ca) or have a mixed reputation with being labeled spam (.xyz - although I believe this last one was kind of proactive in clearing that up).

Sorry to highjack the comment, but I wish someone had warned me to look, not all TLDs are administered the same.

There’s something called NAT reflection that does a local lookup if the request originated in the internal network and avoids going via the external route. Some software for routers like ONPSense and/or PFSense support it (but I wouldn’t be surprised if DD-WRT, Tomato, etc supported it as well (its been a while since I used them)).

It might work better of your DNS provider supports API based challenges vs traditional ACME challenges that might require you to still expose your IP/challenge ports with public DNS to get your certificates.

All my internal DNS has the option of SSL certs while my IP is not on any public DNS and it routes to the internal IPs with the above. Not sure how that would work with wireguard or tailacale/headscale, but I’m assuming they probably could complement nicely.

They saw restaurant workers as just a cog in their machine that would put up with an error prone voice assistant. Hard to get that from minimum wage workers.

On my area some restaurants have just stopped answering the phone that you could previously use to place orders. I’d do the same (stop caring) if I could barely afford life even with a bunch if roommates.

A beating on a good day.