It sounds like they're doing something similar to Seagate's Field Access Reliability Metrics (FARM) log where IIRC it's much harder to reset or forge their wear-leveling/usage stats, vs SMART metrics which certain manufacturers seem to clear when drives are re-certified[0]. I've seen this tool[1] mentioned often in /r/DataHoarder discussions about checking whether second hand drives have had this stat-reset done. I'm assuming it compares `smartctl --log=farm` output with the attribute/device-statistic log counter values.
A friend and I have been building our own solution[2] for monitoring these wear-leveling attributes on NVMe and SATA drives, with the focus being on tracking and visualizing trends over time. We both have a large collection of drives in various servers and laptops and found that SMART metrics can be reported somewhat inconsistently from vendor to vendor so what started as a simple shell script to scrape `smartctl` output has now turned into a lightweight desktop agent that attempts to normalize all these inconsistencies and let us focus on the actual signals while also allowing us to define alerts/notify us of anomalies via email - maybe something HN users will find useful.
Fun fact: did you know that most drives maintain a pool of spare sectors/cells that are used by the firmware to replace blocks that have failed? It's one of the many metrics we like to track and visualize in Sentinowl [2]!
Only asking since this was also the editor I ended up settling on in Android, but it seems like TMarkor is just a repackaging of Markor without any references to its forked(?) source.
My requirement was that the editor had to be open source so that I could audit the repo and compile the APK from source, as well as potentially fork it for personal modifications if needed.
Can also vouch for this. Bought a 2nd gen AMD Thinkpad T14 ~last year and haven't had any issues at all running Debian testing (bookworm). Swapped the m.2 with a 4TB one and added an extra 16GB of RAM to supplement the soldered 16GB. I believe they're on 3rd gen now but I imagine hardware compatibility is probably similar to 2nd gen.
The size/form factor is basically the same as my old T460s which I've had for ~8+ years and is still running, but a bit dated now with a 2c/4t Intel CPU. I believe back then the T460s was the "slim" version of the T460, but Lenovo seems to have dropped the "s" for the T14 even though the dimensions of both seem the same to me, maybe a couple extra mm in height on the T14.
One of my quick-and-dirty gotos for getting a rough idea of buffered-writes size + disk-write activity on random linux systems is: `watch -n1 grep -ie dirty -e writeback /proc/meminfo`.
You can invoke `sync` to watch the buffered-writes queue burn down when you have lots of pending writes.
I think anyone who suggests daily driving Debian testing should also mention the fact that packages can disappear from testing for weeks/months at a time (and reappear later). It's recommended to configure `unstable` in your sources as well but set up apt pinning so that those packages are only pulled in if they're missing in testing. See: https://wiki.debian.org/DebianTesting "Best practices for Testing users"
In practice this means adding something like this to /etc/apt/preferences (along with adding entries for `unstable` in /etc/apt/sources.list)
# use `n=` when referencing codename (i.e. buster/bullseye/...)
Package: *
Pin: release n=bookworm
Pin-Priority: 550
# use `a=` when referencing archive (i.e. stable/testing/unstable)
Package: *
Pin: release a=unstable
Pin-Priority: 520
That way apt will pull in any packages missing in testing from unstable, and once the package is reintroduced to testing, will prefer that version rather than continue to track unstable.
Maybe I've been lucky but I've been running testing on my non-server desktops and laptops for 13 years now and have only rendered my system unbootable once (required having to boot up a live CD to reinstall an older working version of some bad libpcre update that had been rolled out).
> This eventually succeeded, giving the threat actor access to one of our GitHub organizations where they proceeded to copy 130 of our code repositories.
When I was at dropbox I saw quite a few devs provisioning non-mac laptops with their linux distro of choice. Always wondered what was stopping those people from just making a copy of rserver/rclient without IT/security noticing.
There was an attempt to improve this situation but it got canned. That said, there actually weren't a ton of Linux laptops when I was there - relatively speaking, at least. We knew of them though.
If you wanted linux on your laptop you'd have to do a bit more than just provision the laptop with it, I don't want to get too detailed but it ends up giving the security more insight into the device than you may imagine. Indeed, at the time I worked there, we likely would have been able to piece things together to see that between the 2FA logs, Github logs, netflow, etc. If you were in an office we could likely track down exactly where you were sitting based on that - we definitely had done so before during a red team exercise.
Security has changed radically since my time there so I couldn't speak to what's possible now.
The authors develop the book, as well as a few micro-books on topics like SDN, 5G, TCP congestion control, on github: https://github.com/SystemsApproach
One thing I've noticed is that the people making these counter-arguments seem to completely ignore (or don't know about) the ridiculous amounts of equity that $big_tech_co's are handing out.
Yes some of those points can be valid, and I understand that not all software companies hand out that much stock or are private and therefore it's harder to depend on, etc. But maybe it's just the bubble of tech that I've existed in within the PNW, but tonnes of people in my circle have built FIRE-level wealth by just having been driven enough to put up with bullshit interviews and staying long enough to get their stock grants.
I can say personally I definitely wouldn't have made it to where I did financially had I stayed in Canada, or it probably would've taken me at least 15 years instead of ~5.
If you're the type of person for who money can solve a lot of problems, I always suggest considering this as an option. It's solved ~90% of the problems in my life and has bought me years of time to be able to do what I actually want in life.
This is mostly an argument for people who have either gotten a lot of equity at large public tech companies--at least some of them--and/or just had a lot of money in equities, including large public tech companies, over the past 10 years or so.
Even if someone hasn't won the FAANG lottery, there are a lot of folks, including those that aren't collecting SV-level comp, who have done pretty well being well-invested in diversified equities.
Equity is great when the stock market is booming, but when it decides to drop off a cliff every decade or so for whatever reason I'd prefer if my actual salary didn't go with it
The thing is, it's very hard to get rich without some sort of equity. Maybe it's not equity in public companies, but almost all wealthy people get to that point by owning something. Whether that's stock options in a startup or a general partnership in a hedge fund or a medical practice or a piece of property that gets developed.
All equity comes with risk. Doubly so for the type of equity that generates a lot of wealth. Stability is nice, but expect to pay through the nose for it. The only real exception I can think of are people with exceptional talent in an exceptionally in demand skill. E.g. Tom Brady or Linus Torvalds or a world-class neurosurgeon.
Linus Torvalds makes a lot less than Tom Brady. He basically makes as much as the executive director at the Linux Foundation, something over $600K, but nothing extraordinary by SV standards. And there's no equity associated with the LF.
I once saw him walking the floor at Comdex (not the main Las Vegas one but in Chicago). Watchig him walking around, shaking hands, and catching up with his old friends at Red Hat and the like, I couldn't help but feel an intangible sense that the guy was happy. Someone who had created something significant out of nothing (This was before Linux really took off in the 90s). I was starstruck.
> His fortunes changed in 1999. Red Hat and VA Linux, both leading purveyors of Linux-based software packages tailored for large enterprises, had granted him stock options with no strings attached, thank-yous from entrepreneurs who hoped to grow rich off his creation. When Red Hat went public that year, Torvalds was suddenly worth $1 million. On the day VA Linux (now VA Software) went public, Torvalds was worth roughly $20 million, though by the time he could sell his shares, they were valued at only a fraction of that.
> Torvalds hesitated before buying himself his first expensive bauble, a two-seater BMW convertible. "I was a bit nervous about people's reaction," he confesses. "Are they going to think I've gone over to the dark side?" In the end he decided that the shape and price of the hunk of metal he drove to and from work each day was his own business. Despite counsel to the contrary, Torvalds wisely sold all of his stock and spent almost all of the windfall on his home and his cars, trusting that he'd always be able to earn a good salary as an engineer.
Sure, but there are also strategies to buffer yourself from that. Barring the first year where you have to wait/make it up to the 12-month mark to get the full 25% of your equity paid out, 99% of companies (i.e. almost everyone except for Amazon IME) will vest 1/4 of your annual 25% stock comp quarterly - I've even seen 1/12th-monthly in an offer.
If you're willing to take the short-term cap gains hit you can sell your stock immediately after vesting and reinvest in a total market index or w/e aligns with your investing philosophy. If we're talking hard numbers, you'd still be pulling in 150-200k+ in base salary/cash and let's say, in a non-ideal situation, what would've been your $125k of annual stock vest is now worth 30% less - still not a bad deal IMO.
By my understanding RSUs vest monthly at Google and Facebook with no cliff, making them a slightly more volatile cash equivalent. Many diversify immediately by auto-selling the bulk of their stock grants and buying tracker funds.
> I can say personally I definitely wouldn't have made it to where I did financially had I stayed in Canada, or it probably would've taken me at least 15 years instead of ~5
This is my experience coming from Britain too, but honestly not sure it's had any great effect on my level of life satisfaction - you can live a pretty comfortable life on software engineer's salary most places. The work available in Silicon Valley is definitely more interesting, but you now work in an office park 30 miles form the city centre and housing has gotten so expensive its driven out a lot of the interesting cultural life.
Your post reminded me of the presentation on cantor.dust:
https://sites.google.com/site/xxcantorxdustxx/
https://www.youtube.com/watch?v=4bM3Gut1hIk - Christopher Domas The future of RE Dynamic Binary Visualization
(very interesting presentation)
Looks like there's even been a recently open sourced plugin for Ghidra released by Battelle:
A friend and I have been building our own solution[2] for monitoring these wear-leveling attributes on NVMe and SATA drives, with the focus being on tracking and visualizing trends over time. We both have a large collection of drives in various servers and laptops and found that SMART metrics can be reported somewhat inconsistently from vendor to vendor so what started as a simple shell script to scrape `smartctl` output has now turned into a lightweight desktop agent that attempts to normalize all these inconsistencies and let us focus on the actual signals while also allowing us to define alerts/notify us of anomalies via email - maybe something HN users will find useful.
Fun fact: did you know that most drives maintain a pool of spare sectors/cells that are used by the firmware to replace blocks that have failed? It's one of the many metrics we like to track and visualize in Sentinowl [2]!
[0] https://github.com/gamestailer94/farm-check/tree/main
[1] https://www.heise.de/en/news/Fraud-with-Seagate-hard-disks-D...
[2] https://sentinowl.com/