We do it similarly and it's pretty easy to tell if someone knows their stuff, especially as the assignment is just a platform to dig deeper in the face to face interview.
However, the coding assignment was a really good filter and allowed us to dismiss the majority of candidates before committing to a labour-intensive face to face.
I haven't interviewed anyone since AI took off, but I am assuming that from now on the majority of candidates that would usually send us crap code will send us AI code instead; thereby wasting our time when they finally appear for the face to face.
Yes, but we had that problem before when somebody would farm out coding assignments to a friend. I couldn’t say yet how it’s impacted the coding assignment’s effectiveness as a filter yet. We still do get crap code just sometimes it’s obviously AI generated.
So this sounds just like PayID in Australia or what was payM in the UK (which got shut down a couple of years ago due to lack of use), minus the QR code generation part.
It's used between private people to make it easier to send money to one another without having to type in bank account details, but never really used to pay businesses (except under the table).
How come this is so popular in Brasil for paying businesses vs using a card or your phone to tap and pay (which seems more convenient)?
Brazil has massive amounts of fraud so credit cards are very inconvenient, card cloning and websites leaking credit card numbers is a huge problem. Banks are super aggressive about blocking cards if they see suspicious transactions. Tap and pay is popular in Brazil as well, but only for physical transactions. For online small purchases PIX is definitely the best option.
PIX (and similar systems like Sweden's Swish/BankID), don't have fraud protection, once you send the money it is gone with no contest possible. But when you send a payment with PIX there is 0 risk your account's money will get highjacked, at most you lose your one transaction.
But PIX is also accepted in many physical places because it has smaller fees, with some stores and informal commerce not accepting cards. I used to work at an IT service provider in Brazil around 2012 and one of the projects my company did was monitoring of those card machines. They actually kept GPS information of the machines and blocked them if they were moved around. Those card machines are surprisingly expensive in Brazil (or at least they used to be).
> once you send the money it is gone with no contest possible
That's not true; PIX requires your bank to provide a way (called "MED"[1]) for you to request a reversal up to 80 (!) days after a transaction. It can only be used in case of fraud, and it may take up to 7 days for the bank to analyze the situation and deny/allow your request. If it's allowed, you'll get the money back in up to 4 days.
If the bank denies the request (i.e., if they conclude there was no fraud) you can always sue the transaction recipient; you'll have access to all necessary information since they must be registered with some financial institution to be able to receive a PIX transaction.
So it's not as easy as a credit card, but I think it's fair for a free payment service.
Oh I didn't know that, the Swedish system doesn't have anything like that as far as I am aware. But credit card fraud reimbursements are relatively straightforward. The PIX one seems more complicated, but the chance of being defrauded on PIX transactions is much smaller as well.
as in you can't get your card cloned and then a bunch of transactions show up.
The pix revolution is for very small business: food stalls, mom and pop shops, seasonal sellers, street vendors, independent and informal professionals (plumbers, electricians, etc).
Brazil adopted banking cards very fast and I remember using them virtually everywhere in debit or credit mode as early as my first card in 2008, I never had to carry money around. But they require two things that are a problem in a Brazil sized country with a Brazil density and infra structure: cell coverage and equipment. So small towns, small shops, independent professionals, etc would not have them or even be able to use them sometimes. Even today there are lots of places with internet but not cell coverage (radio, fiberglass or other infra but no cell tower).
This was changing on its own recently, many companies launched new machines that are cheaper and allow more small vendors to accept cards (+ working over the internet). This is still worse than the free approach of pix (for normal people) and a potentially lower fee for companies. Plus it allows people to buy with something they will have on them way more than their wallet, their phones.
I was in Brazil last week and I had to use pix only a few times to pay: parking (beach lot), tire fix (very small shop on the road) and thats it, everywhere else I used my credit card. Even though they accept pix, its not that huge of a difference for traditional business as far as I can tell, the payment terminal will also facilite pix transactions.
I remember most banks having it when it first came out, I used it a couple of times to pay friends but few people knew about it.
It was pretty simple and worked well, especially compared to having to give bank account details.
That being said, I am in Australia now which has a similar system and I'd say 95% of my friends just give me the bank details instead of saying 'just use PayId with my phone number'.
Air France, Lufthansa and BA all have carry-on included in the fare.
If by "any European airline" you specifically mean Ryanair, then yes. We can expect people to pay if they did not print their boarding pass themselves.
The majority of airlines operating in Europe and the majority of flights taken are on low cost carriers where this is the norm. It’s not just RyanAir there’s dozens of them.
While the above is true, I'd say the majority of what passes as journalism these days has none of the above and the writing is below what an AI writer could produce :(
It's actually surprising how many articles on 'respected' news websites have typos. You'd think there would be automated spellcheckers and at least one 'peer review' (probably too much to ask an actual editor to review the article these days...).
Mainstream news today is written for an 8th grade reading ability. Many adults would lose interest otherwise, and the generation that grew up reading little more than social media posts will be even worse.
AI can handle that sort of writing just fine, readers won't care about the formulaic writing style.
But I think there's a difference between someone who 'teaches' you and someone who is at a high enough level to discuss ideas or issues with you.
For example, in my first job I 'learned' the most not from the senior engineers around me but from another new grad who was just as curious as me.
We would discuss issues we're having, brainstorm solutions etc.
It was not so much that I learned from him, but that I had another brain of similar competence that I could fling ideas at.
Not having such a person makes your job more difficult (as you might find yourself in a rabbit hole and desperately need someone else's perspective) and much less enjoyable.
Imagine not having a competent dev in your team to review your code.
As someone who has driven in many different developed countries in the world (and been a passenger in many developing countries), California highways often feel like those in developing countries but it's combined with a much higher travelling speed.
I think the only other country where I regularly got jolted up (nearly hitting my head on the ceiling of the car) was India.
> I've seen the inexperienced ones giving super low estimates and the experienced people giving larger estimates
I have the same anecdotal experience with a possible explanation:
Inexperienced engineers often don't see the greater picture or the kind of edge cases that will probably need to be handled ahead of time.
I've often had the following type of conversation:
Engineer: "I think that would be a day's work"
Me: "This will need to interact with team X's package. Have you accounted for time spent interacting with them?"
Engineer: "Oh no, I guess two days then"
Me: "Will this account for edge case 1 and 2?"
Engineer: "Ah yes, I guess it would be three days then"
Me: "Testing?"
Engineer: "Maybe let's say a week?"
On the other hand experienced devs might have their judgement clouded by past events:
"Last time we did something with X it blew out by 3 months" - Ignoring the fact that X is now a solved issue
> "Last time we did something with X it blew out by 3 months" - Ignoring the fact that X is now a solved issue
This is software though, if X has actually been done before then it doesn't need to be done again. It is already done.
Task X clearly had the potential to blow out by 3 months, and they are now working on task Y that is similar to X. It is a reasonable position to assume that there are other as-yet-unknown issues that might cause it to blow out by 3 months until someone has demonstrated that all the unknown unknowns are also resolved by doing it quickly. That is just basic evidence based planning.
Another good one is for the phone to stay on hold for you. That one has been extremely valuable to me as Qantas would regularly keep me on hold for over 5 hours when I tried to get my money back for a cancelled flight.
The operator would sometimes be a bit confused when I pick up, but it usually worked well and certainly beats listening to hold music for hours.
I see no difference in someone being unresponsive by not being at their home desk hours (days??) at a time than not being at their in-office desk.
If it's an actual persistent issue with the employee and they are not on a pip, then that's a management issue.
The amount of times that I have had to go to the numerous different kitchen areas only to find out the employee left the building to get coffee or run an errand is just as high if not higher than someone being 'away' on Teams when I need them.
Only at home I just set an alert for when they're back online instead of attempting a wild goose chase.
I recently moved to a 'cheap' ISP because I could get double the speed for half the price. They use CG-NAT and it's been awful.
I don't need to forward any ports but seemingly because I share an IP with a billion people I get Captchas everywhere (Google, Cloudflare etc.). I was even blocked from accessing Reddit without an account at some point.
I've been using Starlink since early 2021 with IPv6 only internally. Starlink User Terminal hands out a /56 prefix (via DHCPv6) and mine has not changed in all that time so I wouldn't call it dynamic.
The User Terminal issues a router advertisement (RA) and my gateway gives itself an address in that /64 via SLAAC in addition to assigning itself an address from the /56 prefix.
If not using prefix delegation each host's address is dependent on their SLAAC policy - if not preferring stable addresses (e.g: EUI64) then of course the public address will vary (be dynamic) when using temporary "privacy" addresses.
My gateway delegates /60 sub-prefixes of the /56 and bare-metal hosts then either delegates /62 or advertises /64s from the /60 to VMs, containers, network namespaces and so forth.
As someone else described, I have my gateway also delegate ULA prefixes by changing just the first two octets of the public delegated prefix to fddc (fd = ULA, dc = "data center :) but otherwise identical and likewise on the bare-metal hosts, etc.
ULA is used for internal services; ISP delegated prefix for anything that needs public access.
Multicast-DNS takes care of internal hostnames; everything is ${hostname}.local
There's a separate VLAN for legacy IPv4-only devices that does NAT64 using a ULA prefix.
DNS64/NAT64 for the laggards like github.com that can't grok 128 bit addresses :)
The only time I have problems with web services is when their DNS advertises an AAAA resource record but their firewall/load-balancers/servers are not configured to allow/listen on it.
As for static addresses, it says "a reservation system retains the ... IPv6 prefix even when the system is off or rebooted. However, relocating the Starlink or software updates may change these addresses."
I suspect in practice the IPv6 address will only change if you get moved to a different POP ground station. Some customers never get moved. I've been moved several times because I'm in NorCal and they keep switching me between Seattle and Los Angeles.
Yes, I use direct IPv6 peer-to-peer connections both outbound and inbound using the delegated prefix.
Even for a changing prefix, if operating a DNS authoritative server for a domain, any changes to the prefix can be quickly and automatically updated in both forward (AAAA) and reverse (PTR) resource records provided the TTL for those records is appropriately short, and thus allow almost seamless inbound via FQDNs. I do this with a bind9 (hidden) master locally that notifies external slave servers operated by a highly available, anycast, DNS service.
Why do dynamic address allocations matter? Most IPv4 consumer WAN addresses are also dynamic.
I’m asking, because I’m an advocate of having your gateway advertise a separate, stable ULA /64 in conjunction with the globally-routable dynamic /64.
This gives you a stable set of addressable LAN IPs, and you can usually ignore the dynamic globally routable IPs.
Granted this won’t work for everyone, but if dynamic global addresses are an issue, you should be requesting a plan that supports a static delegation from your ISP anyway.
It matters, because when the prefix changes, it changes IP addresses of every single device in your network.
As you wrote, internally, you can use ULA. But you cannot open access from outside, because your firewall rules will become invalid with prefix change. With classic IPv4 NAT, your internal addresses don't change, so your port forwarding works, even if the WAN address changes.
Together, with a single /64 -- which means no subnets for you -- you are getting worse deal than with IPv4. You shouldn't have to contact your ISP for a plan (for a premium, obviously), that allows you to segment your network or open access to specific devices. What's the use of direct connections -- the IPv6 promise -- when you cannot use them anyway?
In short, with limitations like these, you are getting a bad deal.
I don’t know what router you use, but openwrt lets you set firewall rules that only match the last 64 bits. This should solve your problem, provided you configure your router to hand out static IPv6 leases to devices.
There are wildly different solutions for different routers.
I'm using Mikrotik, which doesn't allow prefix-less addresses in firewall, but allows you to put hostnames into your rules (so it will ask DNS what the address is and once the ttl expires, it will ask again).
On some CPEs (I don't remember which), it allowed to enter mac addresses, so the forwarding would always work for specific device, with any GUA address.
But we have to remember, that all these solution are optional and brand-specific; there's a wide range of devices that do not have anything to solve this problem.
> It matters, because when the prefix changes, it changes IP addresses of every single device in your network.
My solution for my home network was to write a script that periodically checks my IPv6 prefix and updates the firewall rules and DNS if it ever changes. It doesn't feel like a great way to do it but it seems to work.
SLAAC requires the bottom 64 bits to be part of the host portion of the address. A network prefix larger than /64 limits SLAAC to providing link-local addresses only, which means another mechanism needs to provide routable addresses, such as DHCPv6. That, in turn, prevents the use of privacy addresses.
DHCPv6 is also optional, clients do not have to support it; some do not support it intentionally. So for example, any Android device won't be up and running on SLAAC-less network.
I think the OC was arguing that if your global /64 changes, the firewall rules would change as well for any hosted services.
I proposed that you might be able to route the external router’s WAN to a ULA via NAT to save in complexity when the PD changes, but I agree that a static delegation would by far be the easiest. Us home hosters aren’t used to that even though it is technically against the license agreement more often than not.
I'd imagine that to be short lived. IPv6 having such a huge address spaces means the IP reputations are even more worthless than IPv4 so eventually the bots would use it too, and if the ratio of bots to real users become too high sites may refuse IPv6 traffic altogether.
It’s a little different though in that rather than an IP having a bad reputation, it’s usually a /64. That’s how I have seen IPv6 reputation managed since it’s a common network slice & NAT is not really used anymore.
Ooof that's an ugly thought. But I think "refuse IPv6 traffic altogether" is not possible for any consumer site. Per the article, there's 40% adoption of IPv6 now and it's only growing. Major parts of the world rely on IPv6 working right. I guess sites could go IPv4-only but given how many other problems there are with IP reputations, that'd be awfully dumb.
CAPTCHAs are the main reason I turned IPv6 on. No idea if it will actually help in practice, it's hard to measure.
The other Starlink hassle is the geocoding for user IPv4 addresses is wildly wrong. I'm in Grass Valley, CA near Sacramento but sites all think my IP is either in Seattle or Los Angeles, depending on the week. This makes streaming services a huge PITA, I have to jump through hoops to convince them I'm in the Sacramento TV market about once a month. IPv6 could help with this too, Starlink could give out more precisely geolocated addresses. Not sure they're doing it though, all I see are IPv4 addresses in the geocoding feed: https://geoip.starlinkisp.net/feed.csv
Or, as an alternative, we try to convince people that geoIP lookups are at best uncertain and at worst actively misleading -- and perhaps shouldn't be taken at face value. I personally think this would be a great thing. For paid services that allegedly need to know where you are geographically located, use your billing address. For advertisers it's one less bit of useful information...
I was on a cruise ship in the Caribbean for a week just last month and I purchased the starlink powered internet package. Looking at my IP data, location info showed that I was actually in Dallas, Texas. Very sad!
However, the coding assignment was a really good filter and allowed us to dismiss the majority of candidates before committing to a labour-intensive face to face.
I haven't interviewed anyone since AI took off, but I am assuming that from now on the majority of candidates that would usually send us crap code will send us AI code instead; thereby wasting our time when they finally appear for the face to face.
Have you encountered that yet?
reply