The story would be better, if they had kept the real numbers, and not added fake numbers afterwards (maybe they didn't keep notes, and forgot the real numbers).
At the end of the story, that 3 millilightseconds is the one-way distance, and that can't be correct.
Yes, that part doesn't add up. The time from sending SYN to receiving SYN+ACK would be six milliseconds assuming lightspeed between the source and a destination 500 miles away.
That said: I know the ending, and by now the details about SunOS and sendmail aren't too interesting, but the "This is the chairman of statistics" line always gets me laughing out loud.
why would anybody want to do that? I thought karma points above a certain low number don't offer benefits and the number is not visible to anybody but you.
EDIT: I just realized it's visible in profiles :facepalm:
Every September (in the 90s) a new cohort of University students would start and gain access to the internet, such as it was. Hence the reference to timing
As the Wikipedia article states, it's more about the specific period of late 1993–early 1994 when some large online service providers in the US started providing access to the greater internet, the USENET in particular, and masses of new (and usually clueless wrt established norms and netiquette) internet users flooded newsgroups and forever changed and disrupted their character and culture.
Yeah, but that was given the name 'Eternal September' as a reference to the literal Septembers of the preceding years, when there would be a regular influx of newbies.
I'm pretty new to this community and this was my first exposure to this story. It's definitely going into my "anecdotes from the internet" mental repository.
Admitting defeat is the wrong way to frame the situation. You have learned a lot and gained a lot of experience. There has never been a better time to market your skills, to companies all over the world, and see what is out there.
Your company compensates you for work that you've already done. You are not paid in advance. You owe them nothing. Be respectful, professional and polite... but, always do what you feel is the best thing for you.
The main vulnerability isn't the man in the middle per se. Rather it's the unforgeable attestation of exactly what software an end-user is running, by the user's own hardware having been designed to betray the user's interests. This would allow powerful websites to prohibit the use of user-representing agents altogether, and essentially mark the end of the open web.
> I'm not a tinfoil hat, but security can't hang it's hat on the kindness of strangers.
Given that SSO is a massive security win and has been a game changer for removing passwords, I think it's been shown that delegation is extremely effective.
1. Instead of needing 100 passwords, which increases the chance of users just choosing something and repeating it, you have 1 password.
2. Similarly, instead of needing 2FA on 100 sites they can just have 2FA on their SSO. In fact, the other sites don't even need to support 2FA - you get that "for free" with SSO.
3. SSO providers implement auth really well. They make it smooth, as in "I don't have to reauth when it's obviously me" and safe, as in "that might not be a valid auth, let's get them to 2fa again".
Of course, if you have a password manager then (1) is not a problem. But SSO is a lot simpler for users.
As long as using it remains optional, I don't mind that SSO systems exist. But I am personally allergic to them, so I fear the day that they are no longer optional.
I fully advocate for users to be in control over how they choose to identify themselves on the internet. It's part of why I'm against the integrity proposal despite seeing a lot of value in it.
Both things can be significant. It's worth noting that:
a) SSO has no financial cost. Hardware keys do.
b) SSO has been implemented and standard for years and is trivial for sites to support, hardware keys are much newer and are still rarely supported for authentication.
c) You can use hardware keys with SSO, which I'd recommend, and now you've gotten the benefits of both.
You will inevitably give the best deal to your first enterprise customer, embrace it.
Enterprises negotiate. So, no matter what you propose, they will want a better deal. The simplest way to start is extend the current best pricing you offer to small businesses and throw in a modest 10-20% discount. It's a stake in the ground and shows you want their business.
Now, here's the key. Make sure you specify what that covers. For example, if small companies don't get weekly meeting during onboarding and monthly / quarterly meetings with a TAM, say that. If the enterprise wants that, they'll pay for it.
Does the enterprise want professional services? Do they want support with an SLA? Make sure they know it doesn't come with it or what it comes with is standard for all. If they want more, they should pay for it.
Once you tell them what's baked into the price, you'll find yourself with a list of things that they want, that don't come with it. Then, figure out what you can do for them and what it's going to cost.
Even after all of that, you'll look back to find they got the best deal and rightfully so. They are taking a huge risk on you. Off the cuff, if a single seat costs $49, if you can land them at $30 per user with 10-15% on top for enterprise support, it's a huge win.
Licenses in the enterprise vary, but seat-licenses are common. Multi-year agrees, for additional discounts are great, some take them and some don't. But, larger companies tend to have generous termination rights.
A lot goes into enterprise contracts. I'm happy to talk offline and congrats!
This isn't gonna end well, in the short-term. However, you can prepare yourself for the longer term. Many companies, especially startups, just don't care.
Document, or send a recap email, acknowledging that you talked with your boss about the parental leave. Anything not in writing, didn't really happen - an email that they don't respond to or agree with is still good. Point out your concerns, based on this performance feedback and state that you believe it's related to bringing up parental leave - "I believe I am being retaliated against for expressing my intent to go on paterbity leave". Then, loop in HR. Then, continue to raise the concerns as they arise. The more appropriate people that get these emails, the less likely the company can claim ignorance. A pattern of behavior and negligent / discriminatory practices is what you are trying to establish. If one manager is bad that's unfortunate, if all of HR / legal / founders / CEO all know this is going on and do nothing or are complicit, that's way worse.
All the while, consult a plaintiff side employment attorney and start looking for another job. Now that I think about it, you might want to talk to an attorney first - there could be FMLA issues or CRA issues in play.
Best case, everything is documented (keep copies of your emails / slack / etc, for your records) and the company changes their ways. Worst case, you get fired and your attorney takes it from there.
Re-negotiating is all about leverage and after signing, you have none. SAFE's are pretty standard, so I presume you aren't happy with the Cap or discount. Here are a few things to consider, before you become a huge problem for the CEO:
- If you invested at the tail end of the good times and are upset that everything re-priced, that's just how things go sometimes.
- If you are a part of a round with other investors, you all have the same terms. Changing just your terms will create problems. Changing everyone's terms will create problems.
- Early investing is about swinging for the fences. No matter what the terms, as long as they are somewhat reasonable, will have great upside. If the company is a bust, your investment is worth nothing. If there is a small / non-existing exit, you have blah returns. A little more or a little less doesn't really matter.
Unless there is more to it, you're probably having buyers remorse. It sounds like you weren't really mentally prepared to invest in startups and that's a tough place to be.
>At this point in your career, no one is paying you to explain anything to them, u less they ask. Your unsolicited opinion is only doing you harm.
>Your are the most inexperienced and, likely, the lowest paid. You will get the grunt work.
>The fact that you are overqualified is of no consequence to them.
>Not all jobs are like this one. But, many are. Just do the best job you can do, until you find another one.
>Don't burn any bridges. The best outcome is making everyone love you and think you are a huge asset. Trying to reason them out of their plan will make you an ass^at, not an asset.
OP, listen to this comment. If you’re on a rocket ship, be absolutely sure you don’t want to be kicked off of it before doing or saying something that gets you kicked off.
Hyper inflation would be a catastrophic risk to the entire economy. If it happened in the US, it would be a catastrophic risk to the world economy.
Insofar as everyone should be worried, startups should be worried. However, the only way to manage that risk would be to focus on markets that would be insolated from such a risk. That would be economies like Russia, Iran, North Korea, etc... many of which US startups can't operate in anyway.
One should be aware, but there isn't much you can do against hyperinflation in the US and the world.
Modern security is all about enabling modern engineering and allowing them to go ask quickly as responsible. Responsible has always been a function of risk / risk profile, always defined as likelihood * impact.
Please don't build a security product without having any experience or validating any real problems. This is especially true in security, where not every potential problem gets prioritized and solved.
Bigger doesn't prove the game is not zero sum. There is no valid underlying use for any cryptocurrency for the average person. If you take away early adopters, crypto-zealots, shills, criminals organizations and suckers, what's left is far from clear. Is cryptocurrency some transformative, post-governmental currency, controlled by the people - or the next speculative de jour - or a scam - with a better marketing strategy?
What seems clear is that when you confound speculative utopian societal changes with the underworld's dream currency, crazy things happen.
I'm sorry, but do you know what zero-sum means? Maybe go look it up. It's okay, you're one of today's lucky 10,000.
The market has grown in size. The value of crypto companies and market caps today is not literally the sum of the value of crypto companies and market caps 10 years ago. Ergo, not zero-sum. This is purely a mathematical statement about industry financials, not a moral judgement about abstract "value" in terms of societal contribution.
My implication is that ultimately crypto will go to zero - because it is worthless. When you sell something that is worthless to someone, that is a zero sum game.
