Gingerlime - Page 2 of 10 -

Who DOESN’T want to be hired?

Post author By Yoav Aner
Post date 29 February, 2020

There’s a famous thread on Hacker News called “Who wants to be hired?” once every month on the 1st day of the month. Well, famous amongst HN readers I guess. It usually features hundreds of job ads for mostly tech-related jobs.

The common climate seems to suggest that it’s a sellers market. i.e. companies are chasing job applicants, who can pick and choose.

It’s largely true for lots of people with great skills that are high in-demand. But it’s not like the market is completely bone-dry from candidates. Companies might try to “head hunt” some select few people, maybe those already working at the top tech companies (meaning, they at least managed to get through the hard screening process). Otherwise, it’s not uncommon for companies who post job ads to get dozens, hundreds or even thousands of applicants.

Now, I’m not an authority on hiring. I hired only a handful of people so far. But it’s a mind-blowing eye-opening experience to hire even for the smallest freelance jobs.

From my standpoint, it’s shocking how many candidates can (and do) get eliminated within a few seconds.

If you’re applying for a job. Any job. Your chance of getting screened-out within seconds is extremely high, unless you follow some fairly basic rules. And trust me, these are BASIC. Dumb. Simple. Stupid stupid simple.

Does Apple care about your privacy?

Post author By Yoav Aner
Post date 23 February, 2020

I’ve been an Apple user since 2005 or so. Well, unless you consider my Apple IIc, in which case I guess I was a customer since 1987. I managed to negotiate with my parents to bundle two birthdays (my 12th and my Bar Mitzvah, that’s a big one) to get one of those. It was a turning point in my life… But I digress.

I really admire Apple’s push for security without compromising convenience, with Touch ID and Face ID making things safer. Apple’s touting their efforts to reduce web tracking, and Tim Cook publicly stated that “We at Apple believe that privacy is a fundamental human right”.

But when it comes to their own backyard, does Apple even meet the requirements of the GDPR? (The European privacy directive). I don’t think so.

coffee marketing Technology

The cup-of-coffee pricing fallacy

Post author By Yoav Aner
Post date 2 February, 2020

If you’re lurking on HackerNews, or are interesting in entrepreneurship, you might occasionally bump into something like this

Starbucks coffee is $2.45 + taxes. $100/mo is less than a cup of coffee a day.

And it’s very tempting — and somehow logical — to consider how much money we might spend without thinking too much about, and conclude that we should be willing to do the same with online services.

This coffee costs just like a cup of a coffee

And for some services, we might actually think in similar terms. Hey, my Netflix is only 4 cups of coffee per month. Amazon Prime maybe 2…

But why aren’t we spending it just as easily on other online services, software licenses and apps?

Technology

Remember me

Post author By Yoav Aner
Post date 12 August, 2019

No, it’s not about the song …

It’s about those tickboxes we’re all so familiar with, and yet, are we?

Remember me. Keep me Signed-in. Keep me logged in.

Some people always tick them. Some people never tick them.

Most people haven’t got a clue what they do.

docker hosting Security Technology

envwarden and kubernetes secrets

Post author By Yoav Aner
Post date 21 July, 2019

envwarden is a simple open-source script that lets you manage your server secrets with Bitwarden.

Introducing envwarden – manage your server secrets with Bitwarden

hosting-compose (or) the sad buyout of Webfaction

Post author By Yoav Aner
Post date 24 May, 2019

docker-compose is one of those essential tools that make working with docker so much better. I do use docker directly occasionally, but anything non-trivial, I’d reach out docker-compose immediately. It allows you to “glue” things together and describe the stack in such a neat way.

I currently handle my dev environments with docker-compose, and even some live and staging deployments (like thumbor). I also manage remote database backups with it (using restic, postgresql, stunnel, redis and rdb-tools). In the latter example, it saves me from installing different versions of the database clients and connectors. I am able to instantly upgrade them, and then connect to the remote databases and back them up or restore. It makes the backup system itself immutable and disposable.

Recently however, I started using docker-compose for something that I haven’t considered before: a replacement for shared hosting.

a snippet of my hosting-compose docker-compose.yml

Why?

home vintage

too many toys?

Post author By Yoav Aner
Post date 15 April, 2019

My wife and I are wannabe-minimalists. We try to reduce how much we consume, make our home a bit more organized and get rid of excess. We also like vintage items, so it’s always hard. Next to my desk, I have an old calculator from the 60s or 70s (I guess) that I picked up at a flea-market a few years ago. It’s just cool, but serves no purpose. Maybe I should get rid of it, but it’s still there. Next to my own Nokia 8210 from 1998 or so… I somehow got attached to this phone.

Security

Security through obscurity with Bitwarden

Post author By Yoav Aner
Post date 6 April, 2019

I never thought I’ll write something negative about Bitwarden. I love it. It’s an incredible password manager, and I even created envwarden: a small open-source wrapper to handle server secrets with Bitwarden.

But I recently bumped into a small issue that looks like Security through obscurity to me. And I thought it was odd for a security-focused product.

The issue was that I couldn’t export the items in my company’s vault. Even though I had access to the cards ^[1].

I contacted Bitwarden about it, and they said that:

An Organization user cannot export the Organization’s Vault without being an Admin or Owner.

After trying to understand why, since I did have access to cards in my organization, so why couldn’t I export them? I was told:

We do not allow people to export the Organization Vault unless they are an Admin simply because this has been requested by demand from our customers. Being able to dump all passwords in one quick action is different than having to access every one individually to copy them out.

I explained that this seems like Security through obscurity, since I had vault access, and also it’s trivial to dump all passwords using the Bitwarden CLI anyway.

marketing optimization Technology

SEO optimization for suckers

Post author By Yoav Aner
Post date 18 March, 2019

There’s a famous Jewish, Yiddish phrase:

Man plans and God laughs.

I think the same applies to SEO and Google nowadays.

Man SEOs and Google laughs.

I was always a bit suspicious of SEO, and let’s face it, the sea of snake-oil SEO salesmen doesn’t help to establish credibility here, does it?

But I think that I’m becoming even more cynical of it every day.

The problem with getting good advice for SEO is that there’s no money in telling you “Don’t do anything”, “It’s a waste of time”, or “Focus on valuable content for your audience”. But there’s tons of money in doing a site audit, in telling you about best strategies to extract link juice, or why alt tags for images are important.

But it works

work

Planning for the unplanned

Post author By Yoav Aner
Post date 6 March, 2019

There’s an expression in Hebrew: “Baltam”. It’s a shorthand form for something unplanned, or more precisely, it strongly implies: [something that is] impossible to plan. I think it has its roots in the military. In the battle field, you always have to account for some surprises. You cannot possibly have everything planned. Israelis are also (in)famous for improvising. Not so famous for planning ahead.

As an (ex?) Israeli, I recently felt awkward, essentially being accused of being overly bureaucratic. And by a German colleague, of all people. Can you imagine it?? :)

Ok, and just to clarify one thing, this post isn’t about cultural stereotypes, but rather trying to figure out a practical approach to a real problem that my team is facing with new ideas and features:

How do you deal with new tasks or ideas, especially small ones?