- proving churned customer data was deleted completely and within the agreed-on period of time

  - - not enough to have a record

  - - auditors will ask you to prove the data is not laying around

- proving branch rules are set to require PRs and prohibit changing history on release/trunk branches

  - - auditors will ask you to show live that you can’t approve your own changes

  - - some auditors might ask you for an audit log to prove no unexpected branch rule changes occurred —- depending on the observation period, you might have to build your own audit log capture to prove this

- proving you performed a disaster recovery test in production with the frequency you claim (e.g. annually)

  - - running a DR test might be more than a few hours depending on your data size and level of infra automation

  - - this is often something that startups are ready to execute, but don’t invest a lot of time automating

  - - this is automated with MDM but a startup might not be running an MDM yet

  - - automated reports are available for some credentials, e.g. AWS keys, but takes more work for smaller vendors

  - - even with AWS, you might discover you forgot to rotate something, and it might be because it’s non-trivial to execute

  - - some systems are more difficult/time consuming to inspect against your employee and permissions list

  - - ideally this is automated, but often times at a startup, you might not have fully automated authorization and access control, such that when employees change teams or leave the company, that you get notified and don’t miss it

  - - auditors will ask you to show live some examples of past alerts and that someone handled it

  - - auditors will often ask you to show live that these alerts are consistently configured for all your production system —- startups might not have the alerting and PagerDuty-like setup be fully automated (e.g. with Terraform)

You can install XCode CLI dev tools without an Apple account, which comes with clang and swift for example. With this, you can build most Mac software, but I don’t think you can run Swift tests without a full XCode.

As the sibling comment notes, you can install GCC/llvm and whatever other open source tools and build Mac software without full XCode.

You can also install Apple container support without an Apple account.

Some Mazdas put the metal-cased engine computer in a plastic air box that feeds cold air from the front, to help ensure the engine computer stays cool enough.

In general, I believe the cooling airflow from the frontal air and the cooling fans keeps engine bay in check.

For example, this is the board that’s used in Mazda CX-5 2017+ engine computers (mfr Denso), it lists max temperature range of +150C: https://www.renesas.com/en/document/mah/rh850e1l-users-manua...

Because harm does not guarantee control.

When it becomes compulsive, it’s not a simple cost-benefit choice anymore. People can know it’s hurting them and still feel driven to keep doing it.

The dopamine rush of gambling means the brain can get stuck chasing relief, hope, or reward, despite also knowing that it is destructive.

> If gambling orgs do something that you know causes harm, why isn't the a legal sense of responsibility?

Because it’s not that easy to prove responsibility in the face of powerful money lobbying and victim-blaming. Shame and stigma around addiction means people don’t come forward. Freedom argument comes in that not everyone who gambles is an addict, so restricting it takes freedom away. The same argument is used to push the personal responsibility angle.

Ultimately I think the way the gambling orgs cover their ass is by advertising gambling addiction helplines and adding small disclaimers to call those lines if you have a problem: “that’s it, legislators, we are clearly giving them the tools to help themselves, and that shows us exercising responsibility. Bombarding gamblers with offers is simply marketing and creating engagement for our business, you can’t make that illegal.”

Do they have moral responsibility to not exploit addicted gamblers? I would argue, yes, they do. But unless you prohibit all gambling marketing, how would you accomplish this moral responsibility even if the gambling company agreed it had it? It’s not like addicts identify themselves or that you can filter your marketing easily to people without problems. This is why the solutions have been on outlawing the whole thing, because it’s really hard to operate as a business without the societal cost.

Maybe the poster is running a local LLM.. you’d think that a SOTA model would have surmised that an overnight MacOS upgrade can only be a minor version.

Here’s a GitHub comment showing someone on MacOS 26 with a `.test` domain, which you claim is broken: https://github.com/apple/container/issues/856#issuecomment-3... —- maybe you are configuring it incorrectly.

Terraform is a ticking time bomb. All it takes is for a new field to show up in AWS or a new state in an existing field, and now your resource is not modified, but is destroyed and re-created.

I will never trust any process, AI or a CD pipeline, execute `terraform apply` automatically on anything production. Maybe if you examine the plan for a very narrow set of changes and then execute apply from that plan only, maybe then you can automate it. I think it’s much rarer for Terraform to deviate from a plan.

Regardless, you must always turn on Delete Protection on all your important resources. It is wild to me that AWS didn’t ship EKS with delete protection out of the gate—-they only added this feature in August 2025! Not long before that, I’ve witnessed a production database get deleted because Terraform decided that an AWS EKS cluster could not be modified, so it decided to delete it and re-create it, while the team was trying to upgrade the version of EKS. The same exact pipeline worked fine in the staging environment. Turns out production had a slight difference due to AWS API changes, and Terraform decided it could not modify.

The use of a state file with Terraform is a constant source of trouble and footguns:

- you must never use a local Terraform state file for production that’s not committed to source control - you must use a remote S3 state file with Terraform for any production system that’s worth anything - ideally, the only state file in source control is for a separate Terraform stack to bootstrap the S3 bucket for all other Terraform stacks

If you’re running only on AWS, and are using agents to write your IaaC anyway, use AWS CloudFormation, because it doesn’t use state files, and you don’t need your IaaC code to be readable or comprehensible.

And I’m not running a critical piece of productivity software on a nightlies channel!

You see the desktop picture when you walk up to the Mac to unlock it, or immediately after you lock it before walking away. Or momentarily when you use Exposé or move windows out of the way to access files on the desktop.

Or if you are running multiple monitors, it’s common to clear out a side monitor or half of one for a new window/different app.

And I have more windows open than a Microsoft test lab.

About to switch to native Terminal.app since it now supports truecolor. Or back to iTerm2.

Firstly, a Wagoneer is never on pizza cutters. You can't put a 4500lb car on pizza cutters even in 1990! It came with 235/75R15 tires. They are big sidewall donuts, but no pizza cutters.

The Escalade runs 285/40R24 tires, that's wide and low-profile.

Widening a tire increases ground pressure, because low-profile tires have massive amount of reinforcement to prevent that wheel from cracking. This stiffness adds to the pressure the road feels.

Tire contact patch is a function of weight and tire pressure. A 205mm width tire has the same contact patch as a 285mm tire, given same weight and pressure. The only thing that changes is the shape of the contact patch, which becomes wide and short instead of narrow and long.

The 6000lb Escalade runs its 285/40R24's on 35 psi, the Wagoneer runs its 235's at 30 psi.

So assuming even weight distribution, the contact patch per tire is 6000lbs/4/35psi=42.8in^2 inches for the Escalade, and 4500lbs/4/30psi=37.5in^2. So the contact patch is only 14% larger on the Escalade, yet it carries 33% more weight!

If you look at the road wear formula, it's entirely a function of weight. So the width of the tires only impacts surface-level abrasion. And with the power law, that's still 3.16x of Wagoneer's wear (or 216% increase).

So the wider tires do virtually nothing to protect the road from the extra 1500 lbs weight.

In fact, the dynamic load when hitting potholes is greatly exacerbated by the 285/40R24 low profile tires, because instead of of absorbing the bumps within the tire, the stiff sidewall low-profile tires absorb way less.

The spring rate of the Wagoneer tires is ~1200-1500 lbs/in, the spring rate of the Escalade tires is ~2500-3500 lbs/in, so that's a 2x stiffer tire! As a result, it transmits twice as much force when hitting the same bump.

So as a result, an Escalade accelerates road cracking considerably worse than the Wagoneer, not even in the same league.

Yes, the heavy trucks wear the road outsizely, incomparably to the SUVs we are discussing. However, we have roads that do not allow trucks (parkways) or see little heavy truck traffic.

Often times virtual functions are implemented in C to provide an interface (such as filesystem code in the Linux kernel) via function pointers—-just like C++ vtable lookups, these cannot be inlined at compile time.

What I wonder is whether code generated in C can be JIT-optimized by WASM runtimes with similar automatic inlining.