FBI 警告愈來愈多使用假身份與 Deepfake 技術應徵遠端工作的事件

Hacker News 上看到「FBI: Stolen PII and deepfakes used to apply for remote tech jobs (bleepingcomputer.com)」這個很「有趣」的文章,原報導在「FBI: Stolen PII and deepfakes used to apply for remote tech jobs」,另外 FBI 的公告在「Deepfakes and Stolen PII Utilized to Apply for Remote Work Positions」這邊。

The FBI Internet Crime Complaint Center (IC3) warns of an increase in complaints reporting the use of deepfakes and stolen Personally Identifiable Information (PII) to apply for a variety of remote work and work-at-home positions.

當 deepfake 的技術愈來愈成熟後,這個問題應該會愈來愈嚴重?


Brendan Gregg 離開 Netflix

Brendan Gregg 宣佈離開 Netflix:「Netflix End of Series 1」,Hacker News 上他也有跳出來回答一些問題:「Netflix End of Series 1 (brendangregg.com)」。


Off topic: I’m a bit surprised about Gregg’s desk (pre-pandemic). I imagine he’s getting a top level salary at Netflix but yet he’s got a small desk in what it looks to me a shared small office (or perhaps is that a mini open space office? Can’t tell).



A number of times people have asked about my desk over the years, and I'm curious as to why! I've visited other tech companies in the bay area, and the desks I see (including for 7-figure salary engineers) are the same as everyone else, in open office layouts. At Netflix it's been open office desks, and all engineers have the same desk.

Does some companies give bigger desks for certain staff, or offices, or is it a country thing (Europe?).


I'll still be posting here in my next job. More on that soon...

PostgreSQL 的 Job Queue、Application Lock 以及 Pub/Sub

Hacker News Daily 上看到一篇講 PostgreSQL 做 Job Queue、Application Lock 以及 Pub/Sub 的方法:「Do You Really Need Redis? How to Get Away with Just PostgreSQL」,對應的討論在「Do you really need Redis? How to get away with just PostgreSQL (atomicobject.com)」這邊可以翻到。

拿 PostgreSQL 跑這些東西的確有點浪費,不過如果是自己的專案,不想要把 infrastructure 搞的太複雜的話,倒是還不錯。

首先是 Job Queue 的部份,從他的範例看起來他是在做 async job queue (不用等回傳值的),這讓我想到很久前寫的 queue service (應該是 2007 年與 2012 年都寫過一次),不過我是用 MySQL 當作後端,要想辦法降低 InnoDB 的 lock 特性。

async job queue 設計起來其實很多奇怪的眉角,主要就是在怎麼處理失敗的狀態。大多數的需求可以放到兩個種類,最常見用的是 at-least-once,保證最少跑一次,大多數從設計上有設計成 idempotence 的都可以往這類丟,像是報表類的 (重複再跑一次昨天的報表是 OK 的),另外每天更新會員狀態也可以放在這邊。

另外少見一點的是 at-most-once 與 exactly-once,最多只跑一次與只跑一次,通常用在不是 idempotence 的操作上,像是扣款之類的,這邊的機制通常都會跟商業邏輯有關,反正不太好處理...

第二個是 Application Lock,跨機器時的 lock 機制,量沒有很大時拿 PostgreSQL 跑還行,再大就要另外想辦法了,馬上想到的是 ZooKeeper,但近年設計的系統應該更偏向用 etcdConsul 了...

最後提到的 Pub/Sub,一樣是在量大的時候拿 PostgreSQL 跑還行,更大的時候就要拿 Kafka 這種專門為了效能而設計出來的軟體出來用...

新創的 Stock Options 風險與價值

看到 TLDR Stock Options 這個站,印象中這個站已經存在一陣子了 (以前有看過的印象,但沒寫下來?),不知道後續資料有沒有更新...

這個站把輸入的資料大幅簡化 (只需要寫比重與現在在哪一輪),然後給兩個數字,一個是你可以預期公司成功 exit 的比率,另外一個是你預期會拿到的金錢。

這是大幅簡化的數字 (沒有區分領域與地域),不過如果對 stock options 沒有概念的話可以抓個感覺。

2018 年矽谷科技公司的薪資

不太意外的,排名起來加州這一區的科技公司的薪資還是最高的 (這邊包括了所有的所得,包括薪資、股票與分紅):「Top Paying Tech Companies of 2018」。

已經先整理出來的前五名分成「Entry-level / 1+ Yrs of Experience」、「Mid-level / 3+ Yrs of Experience」、「Been Around the Block / 5+ Yrs of Experience」三類,可以看到相對於年資的增加,薪資的調整也很快...



2015 的文章以及演講,最近冒出來看到的。GooglePeter Norvig 提到了用 ML 的方式分析,發現程式競賽的成績與工作品質的負面相關性:「Being good at programming competitions correlates negatively with being good on the job」。

換句話說,程式競賽的成績反而是是個負面指標 (對於 Google 內的情況分析出來的,所以是基於 Google hiring process 的前提過濾過的)。

In this talk, Peter talked about how Google did machine learning and at one point he mentioned that at Google they also applied machine learning to hiring. He said that one thing that was surprising to him was that being a winner at programming contests was a negative factor for performing well on the job.


Peter added that programming contest winners are used to cranking solutions out fast and that you performed better at the job if you were more reflective and went slowly and made sure things were right.

YouTube 的留言處也有一些猜測,像是:

What he's talking about is the fact that several extremely important parts of software engineering are not included in these contests, for example code reusability, maintainability, decomposition of the problem using the OO paradigm, etc. All of these make a good engineer, but are not necessarily needed in competitive programming contests.


最近在 The Workplace Stack Exchange 上還蠻火紅的一篇文章:「Is it unethical for me to not tell my employer I’ve automated my job?」。

作者的全職工作是從系統上抓資料出來,貼到 spreadsheet 上 (也許是 Excel?),這份工作的薪資還不錯,然後作者寫程式自動化掉後發現他每禮拜只需要做一兩個小時了:

There might be amendments to the spec and corresponding though email etc, but overall, I spend probably 1-2 hours per week on my job for which I am getting a full time wage.

然後在糾結要不要跟雇主講,跑上來發文 XDDD 有興趣的人可以去圍觀看一看下面的回應...

Amazon ECS 可以跑 cron job 了...

Amazon ECS 上面固定時間跑某些東西,以前得自己用 AWS Lambda 帶 (或是自己架,不過這樣就要自己考慮 High Availability 架構了),現在則是直接支援:「Amazon ECS Now Supports Time and Event-Based Task Scheduling」。

Previously, you could start and stop Amazon ECS tasks manually, but running tasks on a schedule required writing and integrating an external scheduler with the Amazon ECS API.

Now you can schedule tasks through the Amazon ECS console on fixed time intervals (e.g.: number of minutes, hours, or days). Additionally, you can now set Amazon ECS as a CloudWatch Events target, allowing you to launch tasks by using CloudWatch Events.


雖然利用談判技巧是可以避開 (在你有本錢談判的情況下),麻州直接立法禁止了,這對於求職者來說相當重要:「Illegal in Massachusetts: Asking Your Salary in a Job Interview」。

The new law will require hiring managers to state a compensation figure upfront — based on what an applicant’s worth is to the company, rather than on what he or she made in a previous position.

法案是「Bill S.2119」,可以看到「An Act to establish pay equity」的說明,應該是指目標之類的。


SECTION 7. This act shall take effect on January 1, 2018.


(3) seek the salary history of any prospective employee from any current or former employer; provided, however, that a prospective employee may provide written authorization to a prospective employer to confirm prior wages, including benefits or other compensation or salary history only after any offer of employment with compensation has been made to the prospective employee;



紐約時報報導 National Society of High School Scholars 問了一萬八千名美國年輕人 (15~29 歲) 理想的職業,也不少出乎意料的結果跑出來:「The New Dream Jobs」。

常見的網路公司在上面,但讓紐約時報感到意外的,FBICIANSA 也在上面:

When the National Society of High School Scholars asked 18,000 Americans, ages 15 to 29, to rank their ideal future employers, the results were curious. To nobody’s surprise, Google, Apple and Facebook appeared high on the list, but so did the Central Intelligence Agency, the Federal Bureau of Investigation and the National Security Agency.