I develop as a pure amateur and there are areas I would never get into without libraries.

First are dates, it is a world of pain. Arrow is the answer (in Python)

Then HTML, another world of pain perfectly described in a Stack Overflow answer. Beautifulsoup.

HTTP is arguably easier but requests! :)

At some point there is a risk assessment to do and one should make decisions based on that. Kudos for having gone that way yourself!

Since the beginning I could not stand the medieval system where there is a deference towards senior staff only found elsewhere in North Korea and religion. This did not end well, with some exchanges such as the one from an emeritus professor, when learning that I will be doing simulations and neural networks in physics said "yes, this is for the weaker students, the ones that do not understand physics", to what I replied "you are right, professor, to do what we do requires a minimum of intelligence that some do not have and are blissfully unaware of that". This set the tone.

I also had a theoretical physics prof that was super cold and hard with us, showing how much we don't know. We hated him with all our heart. At some point he told me "the more intelligent students have found out by now that at year 4 you can call me by my first name". To what I replied "ah, I was not aware of that, professor". I thought the final, very hard oral exam would be a disaster. I got 5 questions, 4 of which I went though easily, and the last one was incredibly hard. I thought "ok, so he got me". After the exam he said "well, the last question was for the best students I am afraid. I can only give you 20/20 and not 25/20 if you had it right...". This is where I discovered that assholeness and fairness live in two independent quantum states :) A few years later I told him "you know, we will never be friends but I will never forget how fair and professional you were during the exam. You set for me a model I will be proud to follow".

My thesis director was an angel. He was very senior in the university (vice-rector at some point) and helped me to navigate the muddy waters of academia. He was glad that someone was shaking the status quo and was cleaning up after me and smoothing things out. I wanted to add him as a co-author on my best paper, in a very prestigious journal and he said "I have all the prestige I need, do not dilute your work". He was quite stressed with my 45 pages PhD thesis but said "well, you will be the one belly dancing et the defense". He was really something, I miss him a lot.

I left academia for the industry, another medieval system but at least I was much better paid and could build my own teams to go ahead. But I miss teaching a lot.

I wrote my 45 pages PhD thesis (physics) in a more conversational tone, using "I" and skipping the introduction (half a page to say that if you need an introduction it is better to read this and that, instead of poorly copied pasted text here).

I got a 5:2 acceptance from the jury (which is extremely rare, normally this is 7:0), with the two saying that the content is very good, but I am desacralizing science... I told them that I am proud of these two rejections there and my wonderful thesis director (truly a fantastic person) jumped in to avoid some brawl :)

I have a dashboard at home that is predictible: linear, it starts at 8 in the morning, gives the weather every 3 hours until 22, then again at 8 the next day, with two data points across the day. Hours that are gone dissapear, but their slit stays.

The rationale is that weather estimation is vague and I need a general trend across that day (I take the mean around these 3 hour slots). I fon't care about the night. I loosely care about the general status for tomorrow.

The fact that the general timeline is static means that one can develop memory muscle to know what happens when.

I am always looking for ways to improve the visual but did not find do far better than this linear (visually), non-linear (time) representation

He signed, sent both copies, got his bank signed copy back

Went yo the bank, the bank sued him, he won (the judge told the bank that when you play dirty games you sometimes loose) and they ultimately settled.

I moved on completely, switching to industry but I sometimes think about my time there.

I attended Charpak's festive dinner in 1993, and generally food was excellent :)

This is really a two-layered approach: you need to have a mechanism to manage your processes, and a real-life risk assessment. This last part is usually what fails most because there are not many people who can build a comprehensive risk analysis.

The problem with risk analysis is that you either have consultants who read books about risk but never operationally managed cybersecurity (and they provide "high level" risks which as useless without the "low level" part), or tech people who understand their part very well and see it as the most important. Having a very good CISO is what helps.

This CISO should also have politico-socialo-whatever leverage to make things happen. Put them in a position where their words are not the words of god and you fail immediately.

A large company is absolutely not homogeneous - as opposed to what reports will state. There is usually a core that is well known, and then 10 or 100 tentacles of semi-controlled systems where bad things happen. This blindness to the reality of the company is what hits the hardest.

How to manage a complex system is not for a HN comment, this requires time, resources and know-how. And leverage.

At least in cybersecurity, there are no certifications that "certify" that you are secure. There are plenty of them that will assess your processes, their execution, etc., but the reality of the risk is next door. This is typically the case for ISO 27001, which has ISO 27002 (the ex British Standard from the 90s) that theoretically governs the controls you should have in place. But it simply does not work.

When you have a major leak, this is usually a company with half a page of certifications, but, hey, mistakes happen. The key problem that these mistakes come from is a fundamentally wrong approach to cybersecurity, but nobody cares.

The company may be legally in troble if the planets are aligned but that's all.

I dated many foreign girls and it was always fun to discover the cultural differences.

There are similar faux-pas in France but, really, nobody with an ounce of common sense cares. You like your red wine cold as I do? Someone will maybe mention that you will be loosing some aroma znd that's all. You add sugar and ice? This is probably not a drink for you and you will get some laughs but that's all.

I eat my starters after the main meal in the company restaurant, nobody cares.

You are there to have pleasure, this is not West Point

Being treated as a toddler by an organization that is itself completely disfunctional is mzking me angry.

Being treated as a toddler by an organization that is itself completely disfunctional is mzking me angry.

For two people with the same "work quality" let's say, one in France and one in the US and both wanted to work in a high-paced industry or startup -- the US is much, much better. From the perspective of the US person, hiring someone in France is a road of problems not because they are not good enough, but because they will be a bureaucratic burden.

For both US and France, hiring someone in India will be problematic because of major cultural differences, and given the size of the country, quality of work. There are very good Indian engineers, they are just much more difficult to find.

There is of course a lot of historical bias too, not to mention racism.

If you are in France today, it is economically better to hire someone from India, but the major differences in basically everything make it difficult. Hiring someone in Poland does not have this problem. The language would be the barrier, mostly (they would need to speak English, and our Frenglish is pitiful). So we hire for economic reasons, but the gap is closing quickly, especially for the top jobs (for the very top ones it is actually more interesting in Poland).

We could hire someone in the US but the salary structure is completely broken, and effectively we have people emigrating to the US (and sometimes coming back to France when they have a problem expecting that they will be taken care of, but that's another problem)

So yes, there are gaps between countries -- but not all countries.