Learning diary › Year 2025 › August, 2025 › 2025-08-01 [2025-08-01]

✍️source

- #agent
    - 6 Weeks of Claude Code (on HN) (on lobste.rs)
        - "a list of things which I have completed, solo, ..., they are years of “tech debt” / “tech innovation” backlog for me"
        - Individual Contributor Ladder
    - AI is a floor raiser, not a ceiling raiser
        - on HN
            - AI is "automated ladder pulling technology"
            - "AI does all those lower level jobs, puts the people who need those jobs for experience on the street, and robs us of future experts."
            - 'A black hole': New graduates discover a dismal job market
    - Vibe code is legacy code
        - "We already have a phrase for code that nobody understands: legacy code"
    - A Hitchhiker's Guide to the AI Bubble
        - "The fact there is real value in the technology does not contradict in any way that we are in a bubble."
    - Trying out Qwen3 Coder Flash using LM Studio and Open WebUI and LLM
        - "A neat feature of Open WebUI is that it includes an automatic preview panel, which kicks in for fenced code blocks that include SVG or HTML"
- #sec
    - How to Secure a Linux Server (on HN)
        - however, it's pointed out on HN that one should not follow this
            - "This guide ignores many sane defaults in favor of a patchwork..., added over time by random people with no thought for threat modeling, that may even result in an increased attack surface."
            - "This guide contains (at least) inaccurate statements. It's oversimplifying and omitting important things while putting emphasis on some exotic details where defaults would be sane enough."
        - better alternatives suggested, both authored by `a13xp0p0v`
            - Linux Kernel Defence Map - Security Hardening Concepts (on HN)
            - Linux Kernel Hardening Checker (on HN)
        - ComplianceAsCode/content: Security automation content in SCAP, Bash, Ansible, and other formats is also suggested
            - it facilitates security policy content authoring
            - along with ansible playbook/bash scripts to check or fix compliance
    - When Flatpak’s Sandbox Cracks: Real‑Life Security Issues Beyond the Ideal | Linux Journal
- Hyrum's Law
    - "With a sufficient number of users of an API, it does not matter what you promise in the contract: all observable behaviors of your system will be depended on by somebody"
    - "corollary: even if you explicitly deny a guarantee of a certain behavior in your contract, if you usually deliver that behavior, most of your customers will depend on it."
- Long Term Support for SQLite
    - admirable efforts to support SQLite through the year 2050
- Live coding sucks | Mustapha Hadid
    - "Live coding interviews measure stress, not coding skills"
    - Comment by lapcat
        - "something about strangers standing over my shoulder judging me, determining my financial future by providing or withholding a job, like the sword of Damocles, turns my stomach inside out"
        - "A lot of commenters causally speak of "false negatives" as if they were random, but some people, myself included, are always the false negative."
- #tmux
    - Replacing tmux in my dev workflow (on HN) (on lobste.rs)
        - shpool + autossh(1)
    - Customizing tmux
        - lots of potentially useful comments on on HN