When I worked in cybersecurity I had a similar realization. No one cared about security posture. They cared about insurance policies. People hired us to shift blame instead of improve security posture. this is not terribly different
This is why I've said for years: If you want to drive best practices and policy with companies you can only do it with liability. Particularly non-insurable and non-tax deductible liability. If a company can't offload civil or criminal penalties to their insurance company and take the tax write down, they suddenly start caring about it.
That said, this should be used sparingly; as it embeds a behavior deep. If that behavior later no longer makes sense it can be extremely costly to change it later.
On an emotional level I feel the same way: I would love the company who leaked my PII die and their CEO/CTO be out of job forever.
Practically I think that leaking data is inevitable. A junior developer absolutely WILL vibecode a piece of code with glaring security vulnerabilities. An experienced sysadmin WILL temporarily allow public access to the S3 bucket and then forget.
So if you make sure liabilities are covered by corporate assets and are uninsurable, you will find out a world with no services soon.
I don't know what middle ground is possible to find here.
> Particularly non-insurable and non-tax deductible liability
Too often liabilities exceed assets, or the liabilities are externalised.
Liability doesn't work as an incentive for many risks. For uncommon but extreme risks, it can be better to roll the dice on company failure than regularly pay low amounts for mitigation.
It is especially effective to ignore liabilities when a company has poor profitability anyways.
And then you see major companies sidestep the costs of their liabilities (plenty of examples after security failures, but also companies like Johnson&Johnson).
One of my FAANG security projects incidentally helped with some compliance efforts (I made very sure it was incidental, constantly said things like "I am thrilled that I can help you guys achieve your goals but I wanna be clear that I don't give a shit about compliance and I won't be allowing it to influence the direction of my product" in meetings, it must have been extremely annoying to work with me).
At some point I was asked to look over the documents for the compliance definition and it was really hilarious. I had to give my engineering perspective on which aspects of the requirements we were and weren't meeting.
But they were stuff like "you must have logs". "You must authenticate users". "You must log failed authentication attempts".
Did we fulfill these requirements? It's a meaningless question. Unless you were literally running an open door telnet service or something you could interpret the questions so as to support any answer you wanted to give.
So I just had to be like "do you want me to say yes?" and they did, so I said yes. Nothing productive was ever achieved during that engagement.
Companies do want to be secure. They try, and they often fail because it's hard.
They hire auditors to find problems and to shift blame. But since they only have 30 days to fix the problems that are found, it's going to see a lot like they only care about shifting the blame. Because at that point, they only care about passing that audit.
Right after that, though, they start caring about security again.
How do I know? 19 years experience going through those audits on the company side. For 11 months of the year, it was clear the boss cared about security. For that 1 month during the 'free retest' period, they only cared about passing that audit.
Leaking customers' data bears no meaningful penalties and has no repercussions while securely storing said data costs money, add frictions and brings nothing but expenses to the bottom line.
Many companies will make a wise business decision to never spend a single cent in the direction of security and safety of data.
They also have one of the most profitable business models the world has ever seen.
Their RPE (revenue per employee) is roughly $1mm and growing at a 50% YoY rate...
They heavily use technology as leverage for insane margin growth. 90% rule of 40 as well.
> Are you saying women shouldn't be allowed to vote?
The few comments you have left under this conversation serving it way better than all points I ever made (if I ever made the points to that, shall be added as a disclaimer).
It's sort of funny you even fail to see that.
Classic bad-faith troll response. You refuse to openly state your position, because you know deep down that it is despicable and indefensible.
I am against the surveillance state, but I am not weak, gullible, or lazy enough to believe that it is somehow the result of women's suffrage. The two are not related, and your inability to untangle them shows that misogyny is more important to you than freedom.
Normally I wouldn't dignify that with a response, but just to put a final dot I'll share a few things.
Speaking of openly stating a position - sapienti sat. Can't see how more open it can be, but it's certainly not of everyones capacity to have ability to comprehend a thought. Fully aware of that.
For the rest of your comment - if you kind enough to pardon me for giving unsolicited advice - if I were you i would rather try not to manifest your insecurities but rather work on them, or at least do not show them in civilized discussions, which we all would like to have here on HN.
And certainly would be great if we can keep your fantasies like misogyny and sorts out of the discussion.
I've made a lot of baiting internet comments in my time, but not in my wildest imagination did I expect a response to my comment mocking Palantir to be anti-women's suffrage.
I’m pretty sure that is not an apples-to-apples comparison. Most of the people producing value for OnlyFans are not employed at (or contractors for) OnlyFans. I’m sure other gig platforms also do really well ”per employee”. A comparison between them and Palantir makes little sense to me.
Have you looked at companies such as Jane's? Overall bigger market cap and RPE orders of magintude higher - don't fall for hype like everyone else, or at least check the numbers before saying 'most profitable', they are not even close.
This is so endearing. I've been at odds with my HOA [board] since I moved in and its a decades long tale of my community where everyone is treated poorly by our HOA.
I've asked the board for block parties annually, and events semi annually and theyve rejected it over and over again. Meanwhile I miss this type of community that I had in every building I lived in around NYC before moving to the mountains
If everyone is treated poorly by the HOA, you should be able to get them together and dissolve the HOA. Read the documents, there should be a procedure for dissolution.
Depending on the location, the way to dissolve an HOA is nearly impossible. You need to find out what to do with community assets (in a condo situation, this is not possible), and you also usually need somewhere between 75-100% of all members voting 'yes' (not just present voting). If it's 100% of all members, just a single uncooperative board member could prevent dissolution.
Are you an owner? the hoa is not the board - it’s the entirety of the home owners who can vote and amend any rules at any time with enough momentum and support.
Yea totally. I am an owner and I've been fighting with the board for 3 years over failure to hold elections, and inconsistent treatment of members / rules.
I have a lawyer, have won my first battle already but it cost me $6k out of pocket (and the HOA $25k) for something that should have never happened.
Next step is to expose the board and get people to turn out to vote, sadly there are unelected members on the board since 1995, and not enough turn out for a quorum so I am a bit hamstrung
as an american who avoids sugar and processed foods (like seed oils) its virtually impossible to eat out or buy anything beyond whole foods. Everything is contaminated.
Combine that with forever chemical use in packaging, pesticides in non-organic produce, our food supply chain is killing us.
I buy eggs from reputable regenerative free range, non-vegetarian fed chickens. I order my poultry and beef from regenerative farms across the country who are verified organic + grass fed + grass finished.
I bake my own bread and cook 95% of the meals I eat at home.
It costs an arm and a leg and isnt convenient but I feel much better.
So what you say means that I’m going the US only for a short visit, I’m basically fucked, because none of your options are easily available when living in a hotel for a week or two.
Huh, apparently this originates with Joe Rogan [1].
In any case, I'm happy you found something that works for you. But you can find the quality you're looking for in restaurants in any Tier 1 city and most wealthy suburbs. (We absolutely have an issue with poorer communities having a choice between canned and fast food, in essence.)
Getting things into orbit is table stakes. Boeing needed to prove that they could build a reliable crew vehicle on a reasonable budget, and by that measure they have failed.
The point of Starliner is not simply to get a manned crew to space, it is to implement a reusable ship. People forget that Starliner lands in the desert and is reusable.
That is a far more complicated job than sending a manned crew to space, which is, as other have indicated, table stakes at this point. Coming down safely and going back up with the same hardware is the required part of Starliner that massively failed.
Thats no loonger the standard since many have done that by now. The standard is now manned cost to orbit. The race to the bottom in cost to orbit will inspire the next round of awe inducing spin off whose race to the bottom will then do the same for the next round... we are capturing the ripplesin the pond of capability improvement right now that has been held up for fifty years by space trvel being stuck in the realm of government (computing advancements held us back too so maybe only the last twenty years is attributable to the gocernment).
Are there any other major international airports in the world that have the equivalent setup of Hongkong? For other readers: There is a fast-but-not-high-speed direct train from city centre to the airport. At the city terminal, there are tiny airline checkin booths where you can leave your bags. Magically, they are transported to the airport.
Yes, TPE in Taiwan has the same setup. At Taipei Main Station in the city center, there are airline checkin kiosks and bag drops. You take the train to the airport, and your bags are ingested into the baggage system for you.
The Heathrow Express used to have this at Paddington station, though I think it closed a while ago.
A similar idea which is available in London though is Airportr - this is a company which will send someone to collect your bags from your home/hotel and then inject them directly into the airport baggage system for you (if you're flying with the right airlines and checked in online). I've used it a few times and it's very good.
I remember flying into Germany once, my ticket including the train, and my luggage having been sent on ahead to the Lufthansa terminal at the other end.
(I forget which city now, maybe Frankfurt?)
It was very cool except for the part where it was apparently so normal that they'd keep responsibility for your luggage that there wasn't (that I noticed, at least) any warning that was going to happen. I spent a while at baggage claim going wtf and eventually found a desk with somebody who took pity on me and explained.
A+ would use service again now I know how it works.
I seem to remember Japan would let you check your luggage at the hotel and they'd handle a freight forwarder to your next hotel, which is not quite the same thing but related.
- Can be outside all year round (provided you love snow like everyone else here).
- Tons of activities, culture, and interesting people.
- I get to play hockey and snowboard / mountain bike in the same day, with maybe 20 minutes of time in my car.
- The weather is impeccable (again if you like winter).
- Small town airport is amazing. Get there 15 minutes before boarding and walk right onto your plane.
Cons:
- Small town. 10k people means you run into people all the time, people build reputations, etc.
- Airport can be unreliable in weather.
- Cost prohibitive for most friends or family to visit easily.
- Everyone is white, and mostly rich. Lack of real diversity.
- Eating out is prohibitively expensive and feels extravagant. (Pro to this is I spend more time with my fiancé at home cooking together and eating healthier)
I lived in NYC for nearly 20 years, and I visit for 3-6 weeks a year. I love NYC more than anything, but also for now really love my life I've built here, even if it gets lonely sometimes -- I always remind myself that I was lonely sometimes in NYC too.
Its been really nice to get out of the day to day commute to work, get coffee at [insert favorite local coffee shot], get lunch, commute home, go out to dinner or order in, go to bed, rinse repeat.
I get to snowboard daily in the winter, ride my mountain bike in the summer, see gorgeous scenery on every ride or drive, and really have mother nature as my playground. I am physically and mentally healthier than I've ever been.
I recently moved to Park City and absolutely love it. Same sort of issues as Aspen though, now we just need to expand housing stock and it could be truly incredible.
Could you please stop posting unsubstantive comments and flamebait? You've unfortunately been doing it repeatedly—not that your account has been posting frequently, but this comment and its predecessor https://news.ycombinator.com/item?id=37072443 have both broken the site guidelines.
I've been going down this rabbit hole for a while and don't have any conclusive answers.
I have always slept 7.5 hours in my adult life. I wake up a couple times a night briefly (and usually recall 1-2 time a night that it happens) but fall back asleep quickly.
My room is dark, and cold. Most of the times when I wake up it's because I am warm from my mattress (casper wave).
I am now purchasing a chilling pad for my side of the mattress to address that so I sleep deeper and more consistently.
I take magnesium because I am very active and have suffered for the last year or so from hypnic jerks, which are terrifying but have gone away since I started taking magnesium supplements before bed.
I occasionally have a hard time falling asleep or wake up early and cant get back to bed, but I still average 7.5hrs over a year -- and over 3 years since ive been tracking my sleep nightly.
I get sufficient REM, dont drink alcohol, gave up weed, and only have caffeine from 9am - 11am daily (1 coffee usually, sometimes a shot of espresso in addition).
Yet my deep sleep averages are ~45 minutes a night.
I am about to be 39, and I am unclear what to change beyond the mattress cooling pad which I will measure.
I've also started cold showers when waking up (60 seconds of cold to end my shower, working towards 2 minutes).
My family has zero history of Dementia so I am not as worried, but I am concerned with staying in tip top cognitive shape if possible.
I am tempted to try a sleep study and see what I might learn.
Edit: Lots of comments to address here.
- I exercise 60-90 minutes daily.
- I play a high level of hockey 4 days a week, snowboard or mountain bike 5 days a week.
- I am slightly over weight by scale, but I am just an athletic build.
- I eat healthy and cook nearly every meal I eat (I live in an expensive ski town with only high end eateries so I avoid them). Lots of brown rice, protein, fruit, and veggies.
- I walk 30-60 minutes a day (active dog).
- I get plenty of sunlight (within 30 minutes of waking)
> I take magnesium because I am very active and have suffered for the last year or so from hypnic jerks, which are terrifying but have gone away since I started taking magnesium supplements before bed.
I'm guessing you're taking magnesium L-threonate (Sometimes goes by Magtein). If not, it's worth a try.
> I've also started cold showers when waking up (60 seconds of cold to end my shower, working towards 2 minutes).
I do something similar. 3-min cold showers in the morning, yoga to regain the heat, then meditation, then breakfast. I feel it's relevant to my struggles with attention (doesn't throw me off like adderall does)
Best I ever slept was when I was cycling 45 minutes to and from work every day. It looks like you're doing quite a lot (of the same things I do) but if you're interested in throwing more in there... there's soemthing magical about the kind of cardio that lets you explore your limits.
I discovered by accident that glycine (~3000 mg) + NAC (they also sell it combined as GlyNAC) before bed made my sleep noticeably deeper. I'm not taking it to cure sleep but the effect is strong enough that I have noticed change, quite big actually.
ps. NAC can have sulfury/rotten-egg like scent, don't throw it away thinking it's outdated or something, it's normal
> I am tempted to try a sleep study and see what I might learn.
I strongly recommend to get sleep study, they will help to find the root of the symptoms.
10 years ago, I have issues with my sleeping pattern, waking up tired and still tired during the day. After my sleep study, I discovered I have sleep apnea which affects how I breathe during my sleeping cycle. After the diagnosis, I got a CPAP from my insurance and been using it ever since. It improved my sleep quality and I am able to dream more often than before.
If you have the same diagnosis as mine in the future, it will take some time to get used to Bi/CPAP. It can take up to a year to get used to it, it took me two years get used to wearing a mask. I was horrified to learn from my Somnologist that 90% of his patients are not consistent with CPAP usage or don't bother to use them. I know a friend's husband, who is a Physician Assistant, have the same diagnosis and refused to use the CPAP. His wife been begging him to use it because she can hear how he sleep during the night. Still to this day, he refused to use it and still complaining about the sleep quality.
It's been well over a decade of CPAP usage every night for me, but I still haven't gotten used to the stupid mask. I fight with it literally every single night. I own about 4-5 different masks and have tried probably double that number of variants in an attempt to reduce my frustration with it. I can't sleep without out it though, so there's no other option. I wake up gasping for air within ~3 minutes of sleep. That makes me a 100% compliant user over many years. My sleep neurologist was blown away by that statistic, citing the same issues you described: most people do not consistently use their CPAP machines.
I’ve had two sleep studies. I have once been diagnosed with type 2 narcolepsy and then later as my sleep hygiene improved that was changed to idiopathic hypersomnia. I don’t have sleep apnea.
At any time I call basically fall asleep within 5 minutes and I’m always tired. Has anyone else dealt with this?
I tried modafinil but felt horrible for weeks as I hoped my body would adjust. I’ve also considered armodafinil, but I fear the same effects.
The doctor wants me to try xyrem but it scares me, doesn’t have a lot of studies on it, and it’s basically a nonstarter because I have young jerks and need to be able to wake up if needed.
So all of that to say, is dementia inevitable for me? My guess is that I just sleep terrible.
I'd at least try the xyrem. I've tried it - didn't work for me (my sleep issues are caused by something else), but it's not as incapacitating as it's made out to sound.
I've had a long struggle with sleep. The most effective supplements are:
* magnesium (threonate form before bed)
* D3 BUT MUST BE TAKEN WITH magnesium. 5000IU + 500mg magnesium. These two are linked. Taking D3 without magnesium can make a magnesium deficiency worse. This made a monumental difference for me.
The B-100 complex has helped me a lot. I have to use it twice a day to undo the damage done from drinking energy drinks that have high dosages of inactive B vitamins which compete with the active forms and was leading to deficiency and nerve issues.
I'm not an expert and you should probably listen to the other comments but for me it turned out to be stress. I have been using a Garmin tracker extensively and when I go on a longer vacation and stop thinking about work my stress drops tremendously and correspondingly my deep sleep goes up. The Garmin is not super accurate, but I find it does a good job pointing out trends. Something to consider and it's a lot harder fix than just reducing caffeine consumption or stopping alcohol consumption.
Stress is hard measure so I don't have a way to say I am more or less stressed than normal.
As another poster asked -- I have had tons of trauma but also put work in to overcome it. I have a great, healthy life.
I always work hard to quiet my mind but sometimes its hard to. I am an entrepreneur but rarely find myself ruminating late at night about it (these days). When I am stressed I find it harder to fall asleep for sure, but that isn't as often as it was when I was younger
As another poster linked, you may be a slow caffeine metabolizer. I am and avoiding caffeine entirely makes a big difference.
Another thing that might be making a difference is what you do in the hour to two hours before sleep. If I do anything exciting, like sports, suspenseful media & games, or anything analytical, then that will delay how quickly my body relaxes into later in the night, which messes up the beginning of the night when deep sleep mostly occurs.
Lastly, if you're measuring your deep sleep based off of a device that isn't on your head, then take that data with a huge grain of salt. I compared sleep data from an Oura ring with the Dreem 2 headband and the ring was consistently so wrong as to be useless for driving better sleep behavior.
My ring - thus far - has been extremely correct about my sleep, as far as my wife and I can tell.
However, its activity recording is extremely inaccurate. I get moderate/low activity scores every day despite engaging in intensive weightlifting sessions, riding bicycles, and going to jujutsu class. I lift till I cannot lift; I roll until I gas out... yet my ring tells me, day after day, I need to be more active.
This is a great recommendation -- I dont really need caffeine but its a ritual I adore. I can definitely give it up so I think its where I can start. Thank you!
See my comment above about using chocolate as a bridge to deal with caffeine withdrawal. For me the brain fog and headaches always made it hard to transition to getting off caffeine, but chocolate is a good methadone for a week.
Not really. I feel tired during the day sometimes but way less than when I used to work in an office every day. Usually a quick walk shakes it off if I have no cardio planned.
I think I’m mostly trying to understand what I can and cannot control in my life as I age
Nothing has helped my sleep more than using 3M medical tape to tape my mouth shut during sleep. So I'm forced to breath through my noise when I sleep. (Or I wake up and remove the tape if I'm stuffed up.)
I had sleep issues all my life. My dentist said it looked like I had sleep issues (one side of my teether pushed on more than the others) and a surgeon recommended increasing the size of my nasal cavity. But I didn't want surgery. When the book "Breath: The New Science of a Lost Art" by James Nestor I saw several unrelated people report success with this. It's completely changed my life and I wish I had started this long ago.
(Obviously not medical advice, I'm not a doctor at all, do your own research etc.)
>However, we do know that moderate aerobic exercise increases the amount of slow wave sleep you get. Slow wave sleep refers to deep sleep, where the brain and body have a chance to rejuvenate.
Having gone down this route recently, I can +1 the cooling pad. I used Ooler, there are many options now.
However also worth considering a better mattress, memory foam is really hot. I just upgraded to an innerspring base / latex & microcoil top, and my previous issues with overheating are gone. YMMV, there are arguments for cooling even if your passive situation isn’t too hot.
I avoid all "cooling foam" or "gel foam" as it has a relatively fixed capacity to absorb heat. In other words, it seems cold in the store and also for the first few hours of the night. But after it does its phase-change magic, it gets dramatically hotter and can wake you up around the time cortisol starts increasing like 3-4AM.
Can confirm... I have a foam mattress that claims to have the fancy cooling stuff built in. It's actually all-around fine in the summer when the temps are 75F inside and I can sleep with few/no blankets, but I live in the Midwest and the house thermostat is set to heat up to 65F for 2/3 of the year. For the first 15 minutes, it's like crawling into a very soft refrigerator. And a few hours later, I'll wake up dehydrated and soaked in sweat.
I've managed to mostly tame it by putting a quilt or two under the bottom sheet.
Have you ever tried a different sleep schedule? Or have you ever noticed a difference in a different timezone?
For me I get deep sleep best between around 8-10Pm and about 9Am-1pm. My sleep at night is fairly restless even if I try and do all the proper steps, but I can get great sleep pretty much no matter what during those hours.
I’m an avid snowboarder and mountain biker and live in a Colorado ski town. I had called detection and crash detection enabled on my phone and watch since it came out.
I was thrilled when I took a bad spill over the bars of my mountain bike at 30mph downhill and my phone offered to call 911.
I was dismayed when I started snowboarding this season and without falling my watch texted my emergency contacts and called 911 repeatedly on my first runs of the season.
I’ve now disabled it as my older mother doesn’t need another reason to be scared of her son doing extreme sports regularly.
Now I lost the extra safety the feature provided simply because it was incapable of understanding snowboarding behavior.
reply