Thanksgiving 2023 security incident →

Even though we believed, and later confirmed, the attacker had limited access, we undertook a comprehensive effort to rotate every production credential (more than 5,000 individual credentials), physically segment test and staging systems, performed forensic triages on 4,893 systems, reimaged and rebooted every machine in our global network including all the systems the threat actor accessed and all Atlassian products (Jira, Confluence, and Bitbucket).

This should be considered the gold standard for the response to and write-up on a security incident.

OpenAI collapses media reality with Sora, a photorealistic AI video generator →

On Thursday, OpenAI announced Sora, a text-to-video AI model that can generate 60-second-long photorealistic HD video from written descriptions. While it's only a research preview that we have not tested, it reportedly creates synthetic video (but not audio yet) at a fidelity and consistency greater than any text-to-video model available at the moment.

Uncertainty, as mantra →

“If you can’t understand, predict, and control, what is there to do?” muses system theorist Donella Meadows. Her answer: dance.

Strong Opinions Loosely Held Might be the Worst Idea in Tech →

The idea of strong opinions, loosely held is that you can make bombastic statements, and everyone should implicitly assume that you’ll happily change your mind in a heartbeat if new data suggests you are wrong. It is supposed to lead to a collegial, competitive environment in which ideas get a vigorous defense, the best of them survive, and no-one gets their feelings hurt in the process.

On a certain kind of team […] this can work well.

[…]

Unfortunately, that ideal is seldom achieved.

A great suggestion to make this culture work well is to temper your statement with a degree of uncertainty in order to make it safer to change your own mind and invite discussion.

Russian hackers were inside Ukraine telecoms giant for months →

The attack wiped "almost everything", including thousands of virtual servers and PCs, [Illia Vitiuk, head of the Security Service of Ukraine's (SBU) cybersecurity department] said, describing it as probably the first example of a destructive cyberattack that "completely destroyed the core of a telecoms operator."

Kyivstar and the SBU believe the Russian military intelligence cyberwarfare unit known as Sandworm lingered in Kyivstar’s network since May 2023.

Death by a thousand microservices →

There is no standard tooling for microservices-based development - there is no common framework. Working on distributed systems has gotten only marginally easier in 2020s. The Dockers and the Kuberneteses of the world did not magically take away the inherent complexity of a distributed setup.

Lots of good points in this “maybe you don’t need microservices” article, but this one in particular resonated with me. As we’ve migrated our stack to k8s, we’ve largely just containerized our snowflake microservices and their patterns.

The Ambiguous Zone →

Because [the] "right" thing is really hard to figure out. It requires understanding the business context, priorities, and time constraints. It requires understanding the needs, preferences, and behaviors of the users. And it requires understanding the existing implementation and the scope and impact of what is to be built. All of this must be hashed through to get it "right", and this "hashing through" process is what happens in the Ambiguous Zone.

Icelandic Has the Best Words for Technology →

When the University of Iceland got its first computer in 1964, Icelandic did not have a word for “computer.” So the guardians of the language invented one: tölva—a fusion of tala (number) and völva (prophetess) that adds up to the wonderfully poetic “prophetess of numbers.”

Delightful.

What Is ChatGPT Doing … and Why Does It Work? →

That ChatGPT can automatically generate something that reads even superficially like human-written text is remarkable, and unexpected. But how does it do it? And why does it work?

Best thing I read last year on how large language models actually work.