unicolet.org

Continuing my series on the first 25 years in ICT ( previous post ). I've made some mistakes in my career, here are the two most important ones, in ascending order (most serious last), My second biggest mistake is, in hindsight, a trivial network masking error that ended costing a customer a large internet bill (when internet was still metered) and overflowed into an investigation. The investigation ended without consequences but was nonetheless worrisome. The setup was as follows: a flat internal network with a proxy to control outgoing internet traffic. The firewall had rules that only allowed certain hosts (servers, and the proxy itself) to access the internet without restrictions. Everybody else had to go through the proxy. My mistake was adding a rule for a new server, but instead of setting the source ip in the rule to ip/32 in CIDR notation I set it to ip/24, effectively allowing all network to bypass the proxy. This went undetected for a while, at least until the first unu...

Another illuminating quote from Matthew Skelton , posting about Mike Burrows book Wholehearted : Don't re-organize people; re-organize purpose This made immediately sense to me, as I often find that teams that struggle to perform are teams that don't have purpose or have lost it or are so removed from their outcomes that they mechanically complete the next thing. Also, this once again shows how crucial the role of the chain of command is for providing this purpose (the why), making a compelling case against micro-managers, or we-need-a-process-for-everything managers.

One of the things I like the most about Accelerate is how it puts the focus on Culture and how a (measurable) Culture affects information flow. In other words, you can have a great working place and be business-effective (the two are not mutually exclusive, in fact they compound each other). Also, Accelerate introduced Generative Culture to a wider audience. Recently, I read the  Poor Charlie's Almanac and one of the things that caught my attention was the inversion principle . In my words: Inversion says that, often, the best way to solve a problem is to ask ourselves how to cause the problem, and then stopping/avoiding doing that I've set a goal to apply the inversion principle more in my activities, and today I said: what if I applied it to Culture? Being the lazy person that I am I asked Claude the following question: you are a manager in a medium-sized organization. How can you actively disrupt the flow of information in order to reduce the organization's effectivene...

There's many things that motivate us, and like tools from a toolbox, we pick the one that we find to be the most appropriate for the occasion. Spite Driven Development can be a powerful motivator, as long as it's not the only one. SDD essentially works like this: someone slights us, and we resort to proving them wrong by (over)doing exactly the thing that they don't think we can do. This is all fine, in the short term. SDD comes with a few caveats: SDD can feed on resentment and feed resentment equally. Feeding our resentment uncontrollably is an excellent way to end up being miserable SDD leave us hollow when we've accomplished our mission, because it an external motivation . We won, now what? Maybe the other person moved on or does not care, or even worse they genuinely compliment us! if we don't succeed we might end up attaching our sense of worth or identity to the thing we are trying to accomplish. It's easy to see that this is not-a-good-thing™ Profession...

Since I could not find a quickstart to run opengrep with the full set of rules from their fork I thought I'd document what I found out. Setup Download the opengrep binary from github and make it executable with chmod +x . Clone the rules repo: git clone git@github.com:opengrep/opengrep-rules.git and clean it up to make it usable to opengrep: cd opengrep-rules rm -rf ".git",".github",".pre-commit-config.yaml", "elixir", "apex" find . -type f -not -iname "*.yaml" -delete rm -rf .github rm -rf .pre-commit-config.yaml Ensure opengrep can load the rules with: opengrep_manylinux_x86 validate . The same can be done for custom rules maintained in a separate repository. AFAIU Multiple repositories can be specified by repeating -f option as needed, see below. We are now ready to scan a repo, from the repo root directory run: opengrep_manylinux_x86 scan \   -f <path_to>/opengrep-rules \   --error \   --exclude-rule=VAL some ti...

Today April, 1st 2025 marks the 25 years anniversary (quarter of a century sounds more impressive, doesn't it?) working professionally in ICT. My first working day as an ICT professional was on April 1st 2000. I had just graduated from uni (literally the week before) and one of the profs offered me a position at this company. The daily commute over bus and train was about one hour and a half, but I got to work on something really fancy: writing a c-shell script to daily sync data over ftp from an Oracle 7 database running on AIX (looked a lot like this one ) to a Bull mainframe. Development occurrent from a Windows NT4 workstation over telnet (I think). c-shell was a b1tḉh to work with and vim wasn't available (only vi IIRC) so my productivity wasn't great but I got it done and it ran until one of the two system (AIX) was eventually decommissioned. The AIX system might still be in the basement at my $OLDJOB. After that I moved on to more interesting e...