subwindow's comments

This has negative implications for security. For instance, one reason why DNS resolvers might block or modify requests is to blacklist domains used for malware operation (botnet C&C domains). Other things like DNS sinkholing and poisoning are also frequently used as tools to disrupt malware communication.

In addition, collection and analysis of below-the-recursive DNS traffic is one of the primary ways in which security researchers discover the infrastructure of botnet networks.

Overall DoH is probably a net positive, but I don't see downsides like this being discussed.

Why would you _want_ 10 acres? What are you going to do with all of that space?

I like walking to the grocery store (or bar, or restaurants, etc). I like biking to work. I live within walking distance of literally 6 parks, so it's not like I'm starved for green or open space.

I don't understand your point of view to the exact same degree that you don't understand mine.

I have, and instead took the job for almost half that at a startup. It's not that tough of a decision if you properly weigh the quality of your time.

Keep in mind that you spend roughly half of your waking hours at work. It's important to do what you love during that time. I'm personally not a fan of spending my life to make tiny increases in some ad placement algorithm.

If you're asking questions related to "raw algorithmic skill" you're filtering for people who either: 1) Have had a computer science education and happen to remember the algorithm at hand. This is also a function of recency so senior engineers are less likely to remember any given algorithm. 2) Study algorithms so they can do well at job interviews.

Neither one is something you want to be selecting for. Some of the best engineers I've worked with haven't had a proper CS education. I've known extremely strong engineers with Neuroscience, Mathematics, Physics and Public Policy degrees. I've got a business degree.

Unless you're working in certain extremely hard (and extremely rare) areas you do _not_ need to filter for algorithmic skill. Most ML doesn't count. Neither does Data Science. In 99% of engineering jobs it's more important to be diligent, rigorous, and organized. (Of course, filtering for those is another issue altogether)

Postgres offers a variety of session-based tunings for their genetic query optimizer. See items such as geqo_effort. Note that postgres caches query plans, so the query planning cost for a well-constructed query will only be paid once(ish).

http://www.postgresql.org/docs/9.2/static/runtime-config-que...

I tried to be pretty explicit about that in the README. However, the project is now 5 years old and I have yet to hear of a single case where this approach has failed to weed out the vast majority of spam submissions.

Perhaps I'm misunderstanding your post, but that's exactly what this does.

Excellent insight, Mr. "Account Created 66 Days Ago".

Reading HN is not the be-all-end-all of technical knowledge. In fact, at a certain point it most definitely becomes negatively correlated with productivity (and subsequently value/salary).

This all looks unnecessarily complicated. I had really bad posture for most of my life and I fixed it with two things: deadlifts and cable rows. After the major muscular weaknesses are corrected (and those two exercises will correct them), it's just a matter of habit correction- stand while you work, walk with your stomach tight and shoulders back, don't let yourself slouch when you sit, etc.

This ain't rocket science. You don't need to spend an hour a day with 10 different exercises. You can fix the muscular weaknesses in 30 minutes, once a week.

Why was this article suddenly de-ranked? It was on the front page, and literally 10 seconds later it is on page 3. Is there some kind of rule that this article violated? Who makes this decision? Why is there not any transparency on if an article is de-ranked and why?

I'm 29

Individual caliper readings have a pretty high margin of error- I've noticed up to 3% swings from week to week. But when the readings are done regularly and applied as a trend, it's pretty clear.

I've also changed my diet significantly- I eat way more protein and fat and almost no carbohydrates. I think that has as much to do with my fat loss as the exercise.

It's 40 pounds of muscle, give or take (at most) a couple of pounds of increased bone mass. I take weekly caliper-based readings of body fat percentage, which has fallen by over 10% in the last 6 months. Overall I've gained 20 pounds while losing 20 pounds of fat.

I read this article around the time it was first published, and it has changed my life. I know it sounds corny and cliched, but it's true. This article was the first seed in my head that I needed to change the way I was doing things.

It took me about 18 months after reading it to actually buckle down and start lifting, but it's no doubt that the journey started here. I ended up reading "Starting Strength" and started up on the program. It's been about 6 months now and I'm stronger than I've ever been in my entire life- by a significant margin. I've gained 40 pounds of muscle. I feel confident, capable, and strong.

The only downside is that I cannot fit into regular clothes anymore- I have to buy clothes made for fat people and just deal with the extra room in the midsection. I also eat an incredible amount of food, which can get tiring and expensive (I eat $40 a week in steak alone). Overall, though, I'm thoroughly satisfied with the path that I'm on, and wish I had started years earlier.

Damballa is hiring in Atlanta, GA or possibly remote for the right candidate.

Damballa offers a line of security appliances for enterprises and ISP customers. The appliance identifies unknown and hidden threats long before traditional security solutions by monitoring network communications and doing a wealth of analysis and correlation on this data.

We're looking to hire multiple people for each of the following positions:

- UI/UX/Front-end engineer. Javascript (CoffeeScript), CSS, Rails. Designing and implementing customer interfaces. We have many challenges with distilling huge quantities of information down into digestible bites.

- Back-end engineer. C, Ruby. High-performance deep packet inspection and analysis.

- R&D Developer. Ruby, Clojure, C, Python, Java. Working with processing, storing and analyzing huge quantities of information using Hadoop, Couch and Cassandra.

- Also hiring for DevOps, Technical PM, Malware Researchers and more. Read about them at https://www.damballa.com/company/employment.php.

Email me if interested at [email protected]. I'm an engineer, not a recruiter or HR person.

Just a reminder that the spec for refinements continues to change radically: http://bugs.ruby-lang.org/issues/4085

As far as I understand it the current spec is to have "using" be available only to main and only apply in the file scope. IMHO this makes the feature nearly useless.

Some of them do, notably Zeus. It takes quite a bit of work to make a botnet take instructions in a peer to peer fashion, so only the most sophisticated pieces of malware offer that feature.

Amen. Almost.

I was in a startlingly similar position a few years ago- I graduated from Georgia State. I went there not because it was the best school, but because tuition was paid (HOPE scholarship) and the classes were offered at flexible times so I could work while going to school. I had to turn down an acceptance from Tech because of that.

While it hurt my career initially, I think the value of education is drastically diminished in just a few short years. By the time I was 25 what I'd accomplished professionally mattered far more than where I went to school. Sure, I was still in debt from school so starting a company is difficult, but open source contributions and side projects are a signifcant part of my "resume" and far outweigh my schooling.

It's pretty good. Last time I looked (3-4 years ago), the hard part was getting decent radar data/images.

I wrote software for medical devices for 3 years. Saying 'just use NTP' is all well and good, except that getting Internet access inside of a hospital is usually impossible. So of course we offered a configurable setting so that they could use an internal or firewall-allowed server. I think one hospital took advantage of that setting. Everybody else was just wrong.