Just today Reddit had a post about securing your account that linked to a page where you could see recent ips associated with you. It's web only. Meanwhile if I go to any other Reddit page on my phone they're constantly hounding me to download or use the app.

I basically don't use reddit because I don't want to download their app.

For you suzzer... http://kevinkuchta.com/_site/2018/03...url-shortener/

Please someone tell me I'm not crazy. I had a design out where we had schema with one column that is a sha256 unique identifier and used that as a primary key.

My design had it stored as a VARBINAR(32) since it would take 32 bytes. Our junior engineer picked up the ticket and somewhere along the way the staff engineer told him to "store it as hexadecimal". I was not a part of the conversation at the time so this was relayed to me by the junior engineer later on.

I was really confused as to what he meant by that since you don't store things are hexadecimal, that means nothing. After talking to the junior engineer about it, he said that the staff engineer wanted to:

* Store it as a hexadecimal string in the database.
* For reasons of some kind of network integrity. Since bits or some **** would get flipped in transit.

I can see reasons for encoding the bytes if we were using HTTP, but if we are writing to mysql - this is not a problem. And we already do this for all our other blob datatypes so I'm really confused. Am I out of touch here?

They were even surprised that the string took doubled the size - 64 bytes. And the junior engineer was deciding to try and base64 encode it as the next option. I told him to stop working on it and that I would talk to the staff engineer since there are some huge misunderstanding on how computers work.

We are expecting to have 100+ million rows so doubling the size of the index when we expect nobody to ever look at it in hexadecimal form is kind of pointless.

I dmed the staff engineer to talk about this tomorrow. I had too much coffee in me today and I was in irritable mood so I bounced from work when I heard this. Going to talk to him tomorrow and hopefully can lay this straight.

Some thoughts:

1) On a meta-level, this doesn't seem like something multiple people should be involved in deciding - it seems like the type of thing where whoever is implementing should make the call. With that said, I could be missing some context that makes this more important than it appears.

2) Hexadecimal doesn't protect well against bit flips and if the consequence of bit flips can be catastrophic, this should be explicitly detected with checksums with a specific plan of action in case of mismatch. Using a rare, inconsequential scenario to advocate for something, then not even actually following through to ensure that this does help in that scenario is a telltale sign of a lazy mindset and a bad engineer. I've seen some bit flips in the wild, but it's extremely rare and usually inconsequential.

3) This in isolation doesn't seem like a big deal one way or another and you're probably more upset about this because of who this is coming from. Just pointing this out since how a lot of good people lose office politics is by losing sight of how isolated incidents appear to neutral third parties who aren't aware of the overall problematic patterns of behavior and the context in which these incidents occur.

Don't network protocols protect against bitflips? I don't understand.

That would help with bit flips that happen over the transport layer, but generally not with bit flips that happen, say, in DRAM.

bitflipping is going to be no less or more catastrophic to stored hex-as-string and binary data. And no, there is no ****ing reason to worry about that. Are you kidding? I have stored literally trillions of records without ever losing a single bit.

As to being surprised that hex strings take more space, uh, christ. It takes 8 bits to store a hex character, which represents 4 bits of data.

Does this "matter"? Maybe, but probably not that much. A doubling of data size is annoying from a elegance perspective but usually not any kind of performance killer.

Just store as a BLOB and call it a day I say.

Good ol' BLOBs.

One of my proudest programming moments early in my career was realizing I could save user-created front-end query definitions (in JS, but pre-JSON), and then reload those saved queries back into the front end - by just saving the string as a BLOB. Thus bypassing having to create a cumbersome, brittle Java object in the middle layer. Or maybe it was a CLOB - same concept.

The beginning of my eternal love affair with non-typed objects I guess.

Although now I'm wondering how I did it w/o JSON and if I had a big ugly, insecure eval statement in my code. Ah well.

databases have some protection against this, like storing checksums along with the data. Filesystems can do similar thing.

Not something you have to consider when choosing primary key in mysql!

I was asked to write a one pager on this implementation and I got sign off from everyone. What annoys me is that I'm tasked on coming up with this design and then someone wants to do some asinine thing.


Yes you are correct. I should have not treated this as a big deal. I'm way more upset than usual. Which is why I'm glad this was at the end of the day. I went to the gym afterwards and have a cooler head now. I just get real annoyed when people make decisions and don't back it up with any substance which is a common scenario with this individual.

I just need to be more of a "yes" man and cruise through this job until I quit.

This.

Hexadecimal is basically for display purposes in my view.

@Barrin6 - Try to sell the staff engineer on the idea of storing the hex value in Unicode to make it more Windows friendly. That would make the sha256 hash a 128 byte value.

reason 1 million why I hate scrum

so a card carries bc of various reasons. dependencies, and a design change. I wasnt even working on that portion. then I take it on the portion left over and finish it in a few days.

to go back, the back end was complete, then the front end needed finished. our team leader, who is proly one of the best programmers and leaders in the whole program suggests that I take on the front end. I had a few dumbass process tasks left on another card so our scrum master assigned this work to someone else who is just "not that good." I paired with her and tried to coach her along for a week and a half. during this time there was a design change and the sprint ended.

so next sprint, she goes on vacation and I take on the rest of the card and finish the work in about 2 days. but since its scrum and its been beaten into our heads that all that matters is that we make sprint deadlines, some process crap gets left til later. I couldnt really do it bc I wasnt familiar with the backend. nor was the backend guy familiar with my front end. so it was left to the lead and the QA. they took a week to finish some bs documentation but still made the next sprint deadline.

Victor, that is a valid question that was asked. It’s no slight against you. The whole point of that question is to get context so they can understand what to do better ie. Don’t change requirements so much.

I wouldn’t get too upset.

its a lousy question. I tell the truth and I am throwing 3 of my teammates under the buss. one wasnt skilled enough. the other 2 didnt fill out their tps report in time (even tho they did).

I try to deflect blame by saying it was a split card and I wasnt assigned it until the next sprint and my personal cycle time was only like 5 days it looks like I am making excuses.

this question, as asked, is very likely to create animosity. esp since this is the only card where something like this happened. now, if it happened all the time then I could see addressing it but there is still a better way to do it.

This isn't an issue with scrum. Scrum doesn't make assumptions about schedule. This is just classic managers wondering why things take longer than they do. Scrum is supposed to help protect against that but it never does.

It should have been covered in the standup when it was negotiated out of the current sprint or in sprint planning where it was carried over into the next sprint. No one involved in the sprint should be surprised at how long a story is taking.

I feel your pain, but scrum isn't the main problem, the real problem is how the company implements "agile"

The perfect agile team doesn't need managers nor scrum masters with stupid questions, because agile is based in putting the smarter people together, so they can find the best way to organize

But companies can't understand this and the result is a bad "agile"
with a manager trying to organize a team so they can be a "self-organized team" that is cursed with the "delivery trap" (deliver functionalities to meet a crappy planning)

Update - had a group discussion with him and the junior engineer. He said that in the past he had issues where persisting VARBINARY would close the connection with mysql since mysql would interpret the bytes wrong.

I had no energy to argue but eventually got him to agree to move forward with my implementation.

Interesting article and comments on using links instead of IDs (similar to hypermedia but apparently different) in REST APIs: https://news.ycombinator.com/item?id=19889775

Has anyone here ever tried to use hypermedia in APIs? I looked into it but it seemed way too cumbersome for our needs. Maybe it makes more sense for generic APIs that will be consumed by unknown clients.

Actually using that approach for our current project

Are you putting the links in HTTP headers as mentioned in the article, or in the response body which seems to be the HATEOAS method?

Can you post a generic example of a response with links?

One of the projects I work on does not have dedicated support except for people who are customers of our main product. So, the "support" email for plebs goes to me directly. I generally try to help people and usually I can. But about once a month someone has a request that is really beyond the pale and I try to let them down easy. Sometimes that goes ok.

But right now I have a couple guys bothering me and I'm not sure what the right play is. They seem to think I'm a support guy and that I should be bending over backwards to meet their every whim. No thanks. They keep asking me to loop in my "boss" or "experts in the subject matter" (I wrote every line of code in the project they're asking about, if there's a better expert I don't know one)

I am somewhere in between telling them to get ****ed and just never responding again.

Response body. I will post an example later.

Is this a paid product? Either offer them more support for a crazy amount of money or give then a final “what you are asking for isn’t supported in this version please check back later” email and stop responding.