Like what you see? Subscribe here and get it every week in your inbox!
Issue #72 - July 19, 2020
Here are the top threads of the week, happy reading!
1. Ask HN: My GitHub account got suspended without any notice
Top comment by gojomo
Had a similar thing happen to me with Github a while back (pre-Microsoft acquisition).
Even as a paying customer for many years, my account was disabled – without even receiving an email warning. I only discovered when browsing issue histories where I knew I'd left detailed comments, and noticing my comments gone without even a note about deletion, leaving threads nonsensically fragmented.
When I tried to login, I was only faced with a generic "activity that looked malicious" message – but no hint of what that might have been. Once I complained, I was restored quickly – but if I'd been on extended vacation, or perhaps even passed away, there'd have remained giant holes, indefinitely, in projects I'd contributed to.
Was anything I legitimately did as myself suspect? (They couldn't say.) Was some third party trying to get access – or did they even briefly succeed, perhaps with some compromised credential somewhere? (That was my fear – but they couldn't say & there was no evidence of compromise in what I could see.)
After several angry emails about how they shouldn't accuse a longtime paying account in good standing of 'malicious activity' – creating fear of an account compromise of unknown extent – they finally said no, it wasn't unauthorized access (or attempts thereof) but some comment (unspecified in age/topic) that a filter deemed similar to other malicious comments.
I'd paid them ~$600 over the previous 5 years, and still had an active subscription with working billing details. My account was nearly a decade old with a wide variety of contributions & comments. But still, an automated system with no apparent human review disappeared my account, without even generating a notification.
2. Ask HN: What is the best enterprise software you use every day?
Top comment by wenc
Things that we pay for.
SQL Server: it's not cheap, but it's genuinely good. Live query plans, clustered columnstore indices, linked servers, rich SQL features.
Tableau: more than a dashboarding tool, it's actually a really good multivariate exploratory data analysis (EDA) tool. You can use it to visualize multidimensional data easily. I do use Jupyter (seaborn, plotly) and R (ggplot2) which are good, but Tableau lets you touch your data and move stuff around in a more fluid fashion. The UI lets you really interact deeply with your data. I find that on a new dataset, I can get usable results out of Tableau faster than if were to muck around with ggplot2's syntax, even though I'm familiar with the latter. There is a learning curve for Tableau though, especially around how to structure your data for visualization (you have to think in SQL-like operations). It's not just dragging-and-dropping -- a certain mindset is required.
Active Directory: it's just there. It's pretty decent.
Visual Studio: I don't use this every day, but I do maintain a complex C# codebase from time to time (among other things), and Visual Studio (not VS Code! though I like VS Code too) is genuinely a pleasant IDE. I'm a big fan of the C# language and the integration with dev tooling is unparalleled e.g. solid refactoring, peeks, referencing, Intellisense, etc. The IDE supplies a ton of guards to help avoid human errors.
Splunk: it's good. Not the cheapest though.
3. Ask HN: Advanced Linux users, which distribution do you run? Why?
Top comment by traceroute66
Debian all the way.
Used to use Ubuntu, but then they lost their way and went all sucky (both Canocial and the software itself).
Used to use CentOS, but then they lost their way, e.g. CentOS 8 was in the pipeline for an eternity, meaning CentOS 7 packages became increasingly rapidly obsolete.
Tried Alpine Linux, I really wanted to like it. But it sucks. The team managing the AL product is a bit stretched. Plus some of the design decisions make it a bit of a pain (e.g. DASH, musl libc etc.)
Tried OpenSUSE but found it a bit too opinionated for my liking.
So I settled on Debian, and the same on the vast majority of server instances at work.
Debian is solid and well maintained, and I prefer their erring on the side of stability rather than bleeding-edge (most of the packages are still reasonably in-date).
4. Tell HN: 6.3% of HN top submissions in plain HTTP, more than half upgradable
Top comment by tjoff
The biggest crime here is ISPs that inject ads.
That is not something that one should accept. The whole concept should fall flat in any working market.
About as absurd as getting audio adverts inserted into your phone calls.
"This call has been going on for more than 10 minutes, have a listen to our sponsor".
Maybe that is a thing already?
Top comment by hprotagonist
I try very hard not to get caught in bikeshedding the perfect note system over actually writing things down. This is very much in the “don’t let the perfect be the enemy of doing literally anything at all” territory.
Features i find are actually helpful:
- keep a link to the source where you found the information summarized in the note. A url, a DOI and an equation number, whatever.
- when you can, physically recopy the data in the note. Retype the code, write ideas out long-form.
- ELI5 (explain it like i’m five) or up-goer [0] the contents of a collection of notes. Or at least write summaries or abstracts about a collection of them. Recapitulating information instead of blindly saving it makes you digest it better.
- Rubber ducking works. Go pester your partner, your pet, the potted plant, whatever.
[0]: https://www.splasho.com/upgoer5/
6. Ask HN: Which book helped you understand the world?
Top comment by m0th87
Understanding Power by Chomsky had a big impact on me. I read it after this compelling blog post by Aaron Swartz (RIP): http://www.aaronsw.com/weblog/epiphany
7. Ask HN: What do you want to see in a resume / GitHub profile?
Top comment by gas9S9zw3P9c
Let me give you a slightly different take. There are no specific things I'm looking for. But here are a few red flags that have proven to be good indicators of who NOT to hire. Don't
- Use high-level vague marketing speech like "helped reduce customers acquisition cost by $X" - The world is complex, who knows what that means in practice.
- List MOOCs, certificates, or free online courses on your resume. 99% of these require no commitment and don't teach you anything. Listing them signals that you care about cheap credentials more than learning. If you wanted to learn, you would've created a project out of it, tried to implement something, or written a blog post, etc. I'd rather see "I privately read books about X in my free time" than cheap MOOC credential signaling. That'd be more impressive and I could ask about it in an interview.
- List software like Excel or Google spreadsheets. I mean, if you're an engineer I'm assuming you can use a computer. Listing this means that you're living in a different world.
- List fluffy soft skills like "I am a good communicator" without any backup. Results speak louder than words.
- Too many spelling mistakes.
These are the things off the top of my head, I may add to it later.
8. Ask HN: Anyone from Apple here? It's impossible to enroll the dev program
Top comment by GordonS
A bit if a tangent, but a company I worked with recently had an issue enrolling in the Enterprise dev program.
It's a large company with thousands of employees, so definitely enterprise scale. They heard nothing for months after applying, and weren't able to find any way to chase the application. Eventually Apple got back to them to say the company didn't meet the Enterprise program requirements. The company asked which requirement they didn't meet, because it was plain that they did in fact meet all the requirements - Apple wouldn't say! They said their decision was final, and they wouldn't say why.
Absolutely crazy.
9. Ask HN: Google removed my site from search results, what can I do?
Top comment by throwmeaway5689
I've been through this multiple times in the last couple of years, it's worked well for me to move domain authority around in this manner. Maintaining a 301 redirect map on the original subdomain should work fine (probably better than meta headers on reinstated pages, I haven't heard of Google paying much attention to that) and you should be able to claw back your rankings. Running something like jekyll-redirect-from within your old github pages project looks like the ticket. Good luck!
10. Ask HN: Best resources to learn about stock trading and investing?
Top comment by compumike
Bogleheads community, including a wiki https://www.bogleheads.org/wiki/Main_Page and forums https://www.bogleheads.org/