> Where I think we can legitimately say this is MAGA versus Republicans is in the reverse brain drain. America in the 1950s was a destination for top minds. Ameirca in the 2020s is not.
I do think it's counter-productive for America to make it harder for legal and talented immigrants, and we should fix that - but what's your evidence that America isn't still the world capital for the ambitious?
Statistically: The close competitors (e.g. Western Europe, Canada) are looking pretty dire economically compared to the US.
Anecdotally: I have friends from Estonia, Canada, the UK, and France that are all clamoring to be in America for the opportunity.
Historically: Post-WWII in the 1950s, 6.9% of the population was foreign-born. It's now 15.8%. So are we really more closed-off than we were then? Or is this just the response to the ever-increasing interest in immigrating because of the US being as compelling as it is?
> what's your evidence that America isn't still the world capital for the ambitious?
It's a loose hypothesis informed by e.g. this article.
I think America remains a net attractor. If you're smart and driven, you can become a multi-millionaire in America in a way that's harder almost anywhere else. But I'm saying harder. Decades prior, that was closer to impossible. Instead, we're now increasingly the economy where political connections dominate talent. (Again, we're still mostly not that. But we're shifting from the destination to one where talented people in India and China, for example, increasingly stay home.)
You're just asking for the opposite of what AI does.
90-99% of an engineer's work isn't entirely novel coding that has never existed before, so by succeeding at what "already exists", it can take us to 10x-100x productivity.
The automation of all that work is groundbreaking in and of itself.
I think that, for a while into the future at least, humans will be relegated to generating that groundbreaking work, and the AI will increasingly handle the rest.
If I compared HN today and Reddit 5 years ago, I'd agree, but I'm still extremely grateful for HN as I tried looking at Reddit this year and it actually made me feel like there's an extremely misinformed, radical, brainwashing happening there. I've never seen so much misinformation and negativity in one place aside from Truth Social or Threads.
HN today is equivalent to Reddit 5 years ago: not as great as it was when smaller 10 years ago, but still better than Reddit today.
1) Years ago for work, I went deep investigating these; some of the team actually flew to China to see it all first-hand and verify the data. This is not a bunk narrative.
2) I've never made this accusation on HN before and apologize if I'm wrong, but this is a new account with 3 comments, all on this post (one of the largest posts about Hong Kong I've seen in a while here), and it looks a lot like a paid actor for China. This makes me thankful for the green-name feature on HN, if the random string of numbers wasn't enough of a tell.
If I can ask on business model, as I have a friend with a similar predicament — what percent of the time do you find vulnerabilities in those audits? Do companies push back if you don't find vulnerabilities?
We have never issued a clean report in our ~5 years of operation.
Some firms have a reputation for issuing clean reports that look good to bosses and customers, but we prefer working with clients that want an honest assessment of attack surface and how motivated blackhats will end their business.
We also stick around on retainer for firms that want security engineering consulting after audits to close the gaps we find and re-architect as needed. Unused retainer hours go into producing a lot of open source software to accelerate fixing the problems we see most often. This really incentivizes us to produce comprehensive reports that take into account how the software is developed and used in the real world.
Under our published threat model few companies pass level one, and we have helped a couple get close to level 2 with post audit consulting.
Our industry has a very long way to go as current industry standard practices are wildly dangerous and make life easy for blackhats.
As someone in a related line of work: we find vulnerabilities so close to 100% of the time that it might as well be 100% of the time. Whether they're practically exploitable or surpass your risk appetite is the real question.
These companies almost always produce "vulnerabilities", but they're also almost always trash.
"Finding: This dependency is vulnerable to CVE-X, update it, severity S". And then of course that dependency is only used during development, the vulnerable code isn't called, and they didn't bother to dig into that.
"Finding: Server allows TLS version 1.1, while it's recommended to only support version 1.2+", yeah, sure, I'm sure that if someone has broken TLS 1.1, they're coming for me, not for the banks, google, governments, apple, etc, everyone else still using TLS 1.1
... So yeah, all the audits will have "findings", they'll mostly be total garbage, and they'll charge you for it. If you're competent, you aren't going to get an RCE or XSS out of a security audit since it simply will not be there.
At Distrust we do not comment on specific dependency CVEs unless they are likely exploitable, or there are a lot of them pointing at bigger problems in the overall approach to dependency management.
That said, a policy of blindly updating dependencies to patch irrelevant CVEs is itself, a very real security vulnerability, because pulling in millions of lines of code no one reviews from the internet regularly makes you an easy target for supply chain attacks.
We have pulled off supply chain attacks on our clients a few times who were not otherwise convinced they were a real threat.
(1) Are you saying it's bad if they're upping engineer pay to be more competitive, or you're just skeptical that they will?
(2) I'd actually like the American government to pay better wages for its engineers, and optimize for hiring the best, rather than those desiring a stable, low-paying bureaucracy — I don't think that attracts the best people.
(3) On talent and recruiting: This is being done by the National Design Studio, it says at the bottom. That's led by a cofounder of Airbnb - I know one person who works at the National Design Studio and he's a phenomenal engineer. The administration also has the involvement of David Sacks, who founded Craft Ventures and is pretty well-known in SV. I think this is probably the most tech-competent the government will have been in a long time. I'm not crediting Trump at all for that, to be clear - just pointing out that tech talent in government seems to be getting better, not worse.
#1: I am extremely skeptical they are paying that. I suspect this was put together by someone who has no understanding of federal pay systems. "$150,000 to $200,000" is already an erroneous number, federal salary is limited by federal law and cannot exceed $195200.
#2: Overwhelmingly I agree. Federal pay is very, very broken. They should reform it to align more with the private sector, and there are laws in place that do that, and every year the sitting president literally writes a letter stating it would be an economic emergency to pay federal employees equivalent wages and instead sets them low. You are still limited by federal law to that current $195k, so it means it's impossible for the federal government to hire technical experts and pay them a fair wage.
#3: I'm sure the federal government is paying those people some ridiculous amount of money to put this together, and they'll probably do a decent job because of it. It still doesn't change the fact that federal hiring is really broken, and has become significantly worse in this admin.
I didn't read it that way because Boom went through YC while Sam was president of YC. The connection makes a lot of sense, and dates back to pre-OpenAI days.
I would assume he's just telling the story as it happened.
> In NYC, billionaires are like supervillains. Nobody particularly likes them (outside of select finance bros), and people openly express disdain for them and their greed.
I think you may be confusing 'power' or 'impact' with wealth in this take.
Paul Graham wrote about this in a blog post [1].
In NYC, being rich is cool, even if you just inherited it all. Having lived 12 years in NYC, I agree wholeheartedly. It's what everyone aspires to have; the Tribeca loft and the Patek watch.
In SF, PG wrote that nobody cares that you inherited a bunch of wealth unless they're a real estate agent. I think this is true — flashy wealth isn't impressive in SV/SF. Impact and power and the scope of what you've built and created is what's impressive, for better or worse. (I just moved to SF for this reason).
Any time someone mention "fascism" or "communism" you can be sure people instantly lose 50 IQ point and come up with the most convoluted definitions of these terms
The US army have their own government owned supermarkets. And there are plenty of US states and other countries with public stores which are definitely not communist. Is the US army communist ?
The US army isn't communist by that definition, no. Any more than any employer who provides food to their employees isn't communist.
In Berlin you didn't realise that population increase is what enriches landlords and screws regular people, but you still vote for a lot of immigration. Population increase in a finite, well-settled country is what gives rise to landlords.
I would agree that government run stores falls into the communist playbook. Despite the communism boogie man, though, I don’t think supporting a couple of communist policies strictly makes a person a communist.
Trump sent a bunch of government checks to people during Covid and no one called him communist for this.
I do think it's counter-productive for America to make it harder for legal and talented immigrants, and we should fix that - but what's your evidence that America isn't still the world capital for the ambitious?
Statistically: The close competitors (e.g. Western Europe, Canada) are looking pretty dire economically compared to the US.
Anecdotally: I have friends from Estonia, Canada, the UK, and France that are all clamoring to be in America for the opportunity.
Historically: Post-WWII in the 1950s, 6.9% of the population was foreign-born. It's now 15.8%. So are we really more closed-off than we were then? Or is this just the response to the ever-increasing interest in immigrating because of the US being as compelling as it is?