Four months ago, I took a break from the news. Partly from exhaustion. Partly because I realized how I wasn’t informed, I was entertained. Mostly because a friend challenged me — to limit inputs and consume slower; to be intentional about information consumption. And I challenge you: I’ll show you how you can learn more and avoid the outrage rollercoaster by going slower. .. (more) →

Google started a shift to real-time, online collaboration with their apps suite. Microsoft quickly chased. Both were primarily replicating a desktop environment on the web. This had many benefits: no forgetting to save, easier collaboration, a chance to drop unused features, better version control, and easier sharing. For many customers, this was an obvious improvement, and so the Shift to Cloud has continued. Piece by piece, however, a new wave of products are entering the market that re-think the form factor of these productivity tools... (more) →

Google recently concluded a program where senior engineering manager candidates could get coaching before interviews, in order to help experienced people be as effective as possible during their interviews. My understanding is that they had systemic problems of engineering managers performing poorly on technical interviews, so the program was created to provide pointed feedback early in the cycle. We’ll ignore what that may say about the interview process (where we provide “training” for candidates ahead of the interview), but the program is changing a bit now, and my role as a coach is ending... (more) →

On Generalists

Over the past couple years, I’ve had the fortune to coach engineers through their career journeys, including people currently in coding bootcamps, to startup founders, to people bored at their BigCo job. Fortune, because it’s entirely as much a benefit for me, as I synthesize patterns for the first time to improve my own career and spot opportunities. One pattern that’s common, especially for new college grads who go straight into a FANG, is becoming specialists early. Certainly, being a proficient machine learning engineer right now is quite lucrative... (more) →

Here are my ideas that are guiding personal investments, as well as macro views. I’ve noted where I have skin in the game with current positioning, which may be useful to project my relative confidence. You’ll notice that I have an active portfolio, while I recommend that others stick to as boring-as-possible three-fund or inexpensive target-retirement portfolios. Later, I’ll write about why I structure investments this way, but it very well may be a “do as I say, not as I do” position... (more) →

Information security has fascinated me as a hobby. Finding web vulnerabilities is a game of (ab)using a system in a permitted but unintended way. Here’s some of the more fun things I have discovered. All were all responsibly disclosed to the vendor and fixed, and outside of established bug bounty programs, I don’t recommend poking around into other people’s systems. XSS on thousands of domains, courtesy of unsubscribe links One obvious place to look for vulnerabilities are in URLs. You see a ?.. (more) →

Slack Hide Typing

I’ve written a very simple Chrome extension that prevents the Slack site from sending typing indications while you’re typing. My primary use case is so that I can type longer messages and use the text as a scratch pad without making others think that a message is incoming immediately. .. (more) →

Startups often “move fast and break things” to get to market faster and test assumptions. However, they also often do not take security seriously enough. I’ve responsibly disclosed web vulnerabilities in sites such as Pinterest, Amazon, IMDB, and many more smaller startups. Typically, the issues were very simple and avoidable by having a culture of security. Recently, I was sent a link of a site that broke many of the guidelines below. Within three minutes, I had their database credentials. The site had many flaws, but I never even had to mangle query parameters... (more) →