Bookmarks
🔗 The 2025 journalist’s digital security checklist December 11th, 2024
A pretty good checklist. Some things are tailored for the relatively-higher risk faced by journalists, but with some judicious “not applicable” application could be a good checklist for anyone.
🔗 Democratising publishing October 30th, 2024
“Ghost is a distributed non-profit foundation which gives away all of its intellectual property under a permissive MIT license. The company has no investors and, in fact, no owners of any kind. I don’t own any part of Ghost, and neither does my co-founder Hannah. We currently generate around $7.5M in annual revenue, and have been profitable and sustainable for the past 12 years. “Wait, what?” I’m glad you asked.”…
🔗 Phishing simulations - Rami's Wiki October 22nd, 2024
Round up of research and commentary on phishing sims
🔗 Reflections on Palantir October 17th, 2024
I suspect the tone here — largely laudatory, abd looking up to people like Peter Thiel and Paul Graham — will rub most of my readers the wrong way. Look past that, and pay attention to the notes on what makes Palentir work. I completely agree with a lot of the conclusions about how important being embedded with real customers is. It happens also to be the model that I saw working at 18F and USDS!…
🔗 Prioritizing Detection Engineering October 12th, 2024
Detection Engineering is a concept that has emerged in the detection space. It acknowledges the complexity of a detection stack and the…
🔗 Please Don’t Idolize Me (or Anyone, Really) August 15th, 2024
I only have 1% of the notability as Scalzi but this still super resonates. People think they know me, and look up to me, but they only know this somewhat-curated facade. Please don’t idolize me, either.
🔗 Systems: What does a board of directors do? - Anil Dash June 21st, 2024
A blog about making culture. Since 1999.
🔗 Why, after 6 years, I’m over GraphQL May 30th, 2024
GraphQL is an incredible piece of technology that has captured a lot of mindshare since I first started slinging it in production in 2018. You won’t have to …
🔗 Hierarchy of Controls | NIOSH | CDC March 20th, 2024
Interesting framework for thinking about risk mitigation. Designed for workplace protection, but could be applied to lots of different risk scenarios. Compare with Magoo’s Five Factors, there are some similarities here.
🔗 How to Actually Build a Better Boss February 29th, 2024
We promote people into management and we just hope that they figure it out. And then we stand, mouth agape, when things go sideways. And this isn’t just a problem for our new managers. We are 40 years into this strategy and now the overwhelming majority of the workforce came up through this same form of occupational hazing. Here’s a new job. It’s very high stakes. It’s totally different from what you’ve done to date.…
🔗 NPS, the good parts December 5th, 2023
I’ve only ever seen NPS used in bad ways, ranging from “silly” to “outright sociopathic”. Thus I’m inclined to try to never have to use NPS ever again. But if I ever have to, here is apparently some tools for using it in non-shitty ways.
🔗 Navigators November 25th, 2023
An alternate pattern to architecture teams for determining technical direction.
🔗 Care, Not Respect: Teaching Professionalism November 22nd, 2023
But over time, I’ve come to believe there are some skills at the heart of professionalism that might be worth saving, and as a teacher, I am always trying to balance teaching the way things should be with the way things are. So when I have to teach it, I try to talk about professionalism as a way of caring about others around us. Professionalism, at its best, is as an act of love and belief towards those we work with, rather than a set of behavioral standards that we have to live up to.…
🔗 (People on) Nice Teams Finish Last October 6th, 2023
“So remember, much like many other management problems, trying to be “nice” where you should be clear is one of the worst things you can do. “
🔗 Research: Simulated Phishing Tests Make Organizations Less Secure September 8th, 2023
Actual study is here: https://arxiv.org/pdf/2112.07498.pdf
🔗 Making Large Language Models work for you August 27th, 2023
Maybe the best intro to LLMs I’ve seen yet.
🔗 The one about scientists & engineers & mechanics August 16th, 2023
So this came up in a slack and then i had a long expansion and someone asked me to make it a post so they could link it to people and well ok fair enough It’s gonna be heck…
🔗 Canonical: the recruitment process really is that long/complex/you... August 9th, 2023
If you want to design a good interview process, then read this and do precisely the opposite. Good lord….
🔗 SaaSy Questions #1: Compensation Heuristics June 27th, 2023
“Compensation won’t make people happy on its own Compensation alone can make people very upset Compensation helps to create owners”
🔗 How Are Soft Skills Soft? April 21st, 2023
The origin of the term “soft skills” really highlights the absurdity of what we now call “hard” skills.
🔗 DEI For Dummies April 21st, 2023
Pretty fantastic DEI crash course for companies. Super-tactical, filled with really good specific advice and actions.
🔗 Don't use VPN services. January 25th, 2023
This is the definitive “why you shuoldn’t use a VPN” article that I link every time the topic comes up.
🔗 @[email protected] on BitWarden's design January 23rd, 2023
Unfortunately, it appears Bitwarden may have coppied some of the pretty unfortunate design decisions from LastPass. I might have to revise my recommendation.
🔗 Thoughts on the Python packaging ecosystem January 21st, 2023
The best piece on Python packaging — why it’s the mess that it is — written yet. Required reading if you want to understand how we got here and maybe how we’ll get out.
🔗 Meetings for an effective eng organization. January 17th, 2023
Great (as usual from Will) roundup of the kinds of meetings effectve eng orgs have. My only addition: I find demo days (mentioned breifly) quite useful; they seem to really drive a culture of shipping.
🔗 Getting a job as an engineering executive. January 8th, 2023
I’ve gone through this myself – unsuccessfully – and wish I’d had this guide. Great information about a confusing and opaque process.
🔗 Measuring an engineering organization. January 3rd, 2023
For the past several years, I’ve run a learning circle with engineering executives. The most frequent topic that comes up is career management–what should I do next? The second most frequent topic is measuring engineering teams and organizations–my CEO has asked me to report monthly engineering metrics, what should I actually include in the report? Any discussion about measuring engineering organizations quickly unearths strong opinions. Anything but sprint points! Just use SPACE!…
🔗 A blameless post-mortem of USA v. Joseph Sullivan | by Ryan McGeehan | Dec, 2022 | Medium December 8th, 2022
Fucking excellent analysis of both the technical, legal, and policy failures at play here. Required reading.
🔗 Themed Days - My Productivity Secret November 11th, 2022
Build a virtuous loop of progress, which builds so much joy, which, in turn, makes you more productive
🔗 Thoughts on my first machine learning project November 11th, 2022
Fantastic post about what building an ML system feels like.
🔗 Prioritizing and Planning within Heroku Postgres - Craig Kerstiens October 31st, 2022
My favorite planning exercise
🔗 How to plan? October 28th, 2022
How to plan? How hard could it be? 4k words scribbled down on a sunny October afternoon for people in tech observing the Season’s Traditional Annual Planning Process, inspired by a recent interview question (and 25 years of variously painful planning processes).
🔗 Jade Rubick - What do great engineering managers need to know about compensation and equity? May 15th, 2022
Really fantastic crash course in pay systems.
🔗 Story Points Revisited March 15th, 2022
Feeling pretty vindicated about my feeling that study points are bullshit: the dude who invented them agrees.
🔗 Sometimes you have to choose between being right and being effective February 7th, 2022
My latest in Quartz… My partner and I had a hellish move recently. We were lucky in that our landlords are nice, reasonable people, and unlucky in that they were quite disorganized and hadn’t done …
🔗 Managing people 🤯 | Andreas Klinger February 7th, 2022
“your job is not to manage people but to manage processes and lead people”
🔗 People don't work as much as you think January 30th, 2022
“If you do not realise this, and assume that everyone who says they are working eight hours per day actually is, you are probably going to wreck your mental health trying to keep up with them. Stop it at once.”
🔗 Working with Integrity January 30th, 2022
I’ve been thinking lately about what “professionalism” means. This is a great part of it.
🔗 Becoming a Better Writer in Tech January 19th, 2022
Great advice on getting better at writing.
🔗 Maintaining a healthy work culture is the first role of every executive - Graham says wrong things January 12th, 2022
“This is the part where I say something about how more diverse teams build better products, and how diversity of backgrounds, identities, and opinions leads to better decisions. That is all true. However, in this organization we value diversity and inclusivity because that is the morally and ethically correct thing to do. That it benefits us, our customers, and the company is nice. We will do it regardless of how true that is.…
🔗 Shreyas Doshi on the hiring fallacy December 4th, 2021
Great Twitter thread with some hard truths about “we need to hire more engineers”