GingerlimeWhen I first saw the tracking pixel blocking feature of hey.com I didn’t think too much of it. In fact, I thought it was making it into something more than it really was.
I typically block all images on my emails, and that’s good enough. I also have an ad-blocker (both via DNS and in the browser), so I can eliminate the issue right there without too much fanfare.
But I was wrong. It’s not just about blocking them.
My wife and I joined Bunq a couple of months ago. Bunq is a fairly new European bank, based in the Netherlands. It’s one of the new breed of mobile-first banks that offer a more modern experience. It has a neat mobile app with some clever features like dynamic sub-accounts, spend tracking, better credit card control and more.
Their slogan is “bank of the free”. Whilst other banks might not charge you to open an account or use it, Bunq actually does charge for its account. However, the “free” part, as far as I understood it, is that by paying bunq, they can provide a service to you, rather than find ways to monetize you (e.g. by advertising, selling your data).
As you can see from the marketing spiel, they value transparency and don’t do any dirty business.
Until they do…
There’s a famous thread on Hacker News called “Who wants to be hired?” once every month on the 1st day of the month. Well, famous amongst HN readers I guess. It usually features hundreds of job ads for mostly tech-related jobs.
The common climate seems to suggest that it’s a sellers market. i.e. companies are chasing job applicants, who can pick and choose.
It’s largely true for lots of people with great skills that are high in-demand. But it’s not like the market is completely bone-dry from candidates. Companies might try to “head hunt” some select few people, maybe those already working at the top tech companies (meaning, they at least managed to get through the hard screening process). Otherwise, it’s not uncommon for companies who post job ads to get dozens, hundreds or even thousands of applicants.
Now, I’m not an authority on hiring. I hired only a handful of people so far. But it’s a mind-blowing eye-opening experience to hire even for the smallest freelance jobs.
From my standpoint, it’s shocking how many candidates can (and do) get eliminated within a few seconds.
If you’re applying for a job. Any job. Your chance of getting screened-out within seconds is extremely high, unless you follow some fairly basic rules. And trust me, these are BASIC. Dumb. Simple. Stupid stupid simple.
I’ve been an Apple user since 2005 or so. Well, unless you consider my Apple IIc, in which case I guess I was a customer since 1987. I managed to negotiate with my parents to bundle two birthdays (my 12th and my Bar Mitzvah, that’s a big one) to get one of those. It was a turning point in my life… But I digress.
I really admire Apple’s push for security without compromising convenience, with Touch ID and Face ID making things safer. Apple’s touting their efforts to reduce web tracking, and Tim Cook publicly stated that “We at Apple believe that privacy is a fundamental human right”.
But when it comes to their own backyard, does Apple even meet the requirements of the GDPR? (The European privacy directive). I don’t think so.
If you’re lurking on HackerNews, or are interesting in entrepreneurship, you might occasionally bump into something like this
Starbucks coffee is $2.45 + taxes. $100/mo is less than a cup of coffee a day.
And it’s very tempting — and somehow logical — to consider how much money we might spend without thinking too much about, and conclude that we should be willing to do the same with online services.
And for some services, we might actually think in similar terms. Hey, my Netflix is only 4 cups of coffee per month. Amazon Prime maybe 2…
But why aren’t we spending it just as easily on other online services, software licenses and apps?
No, it’s not about the song …
It’s about those tickboxes we’re all so familiar with, and yet, are we?
Remember me. Keep me Signed-in. Keep me logged in.
Some people always tick them. Some people never tick them.
Most people haven’t got a clue what they do.
envwarden is a simple open-source script that lets you manage your server secrets with Bitwarden.
Here’s a simple way to update your Kubernetes secrets directly from envwraden, so they are always in-sync.
docker-compose is one of those essential tools that make working with docker so much better. I do use docker directly occasionally, but anything non-trivial, I’d reach out docker-compose immediately. It allows you to “glue” things together and describe the stack in such a neat way.
I currently handle my dev environments with docker-compose, and even some live and staging deployments (like thumbor). I also manage remote database backups with it (using restic, postgresql, stunnel, redis and rdb-tools). In the latter example, it saves me from installing different versions of the database clients and connectors. I am able to instantly upgrade them, and then connect to the remote databases and back them up or restore. It makes the backup system itself immutable and disposable.
Recently however, I started using docker-compose for something that I haven’t considered before: a replacement for shared hosting.
My wife and I are wannabe-minimalists. We try to reduce how much we consume, make our home a bit more organized and get rid of excess. We also like vintage items, so it’s always hard. Next to my desk, I have an old calculator from the 60s or 70s (I guess) that I picked up at a flea-market a few years ago. It’s just cool, but serves no purpose. Maybe I should get rid of it, but it’s still there. Next to my own Nokia 8210 from 1998 or so… I somehow got attached to this phone.
I never thought I’ll write something negative about Bitwarden. I love it. It’s an incredible password manager, and I even created envwarden: a small open-source wrapper to handle server secrets with Bitwarden.
But I recently bumped into a small issue that looks like Security through obscurity to me. And I thought it was odd for a security-focused product.
The issue was that I couldn’t export the items in my company’s vault. Even though I had access to the cards [1].
I contacted Bitwarden about it, and they said that:
An Organization user cannot export the Organization’s Vault without being an Admin or Owner.
After trying to understand why, since I did have access to cards in my organization, so why couldn’t I export them? I was told:
We do not allow people to export the Organization Vault unless they are an Admin simply because this has been requested by demand from our customers. Being able to dump all passwords in one quick action is different than having to access every one individually to copy them out.
I explained that this seems like Security through obscurity, since I had vault access, and also it’s trivial to dump all passwords using the Bitwarden CLI anyway.
