Profile cover photo
Profile photo
Julio Merino
441 followers
441 followers
About
Communities and Collections
View all
Posts

Post has attachment
Maintaining your own pkgsrc binary packages has never been easier. Meet pkg_comp 2.0, especially on macOS with the standalone self-installer.
Add a comment...

Got a Raspberry Pi 3 as a gift this week and had a chance now to try to boot it up. BSD doesn't seem to be supported easily so, in a rush, I tried Windows 10 IoT... "just because".

Quite impressed by how easy it is to set the thing up and control the device remotely. Wondering now how developing for it via Visual Studio, which I have never used, would be.
Add a comment...

Post has attachment
Finally got a chance to clean up my "notes" on how I converted my old Blogger-based site to Jekyll. (More than notes, these are code, but still—you might find it useful!)
Add a comment...

Post has attachment
So very cool. I'm late to the party, I know, as the video is from 2012 apparently.
Add a comment...

Post has attachment
Moving off of Blogger
Hello everyone! As you may have guessed from the trend set by the latest couple of posts in The Julipedia, I am moving off of the Blogger platform — and not to Medium as originally implied, but to my own hand-crafted site . My "new" personal site (which was...
Add a comment...

Post has attachment
Took a month of effort, but the third iteration of my personal site is finally up. Had to learn quite a bit about Jekyll, Liquid, CSS, and Bootstrap to make this happen.

... and it's quite a "coincidence" that this happens exactly one year after the first iteration went live.
Add a comment...

Post has attachment
Maybe everything is not lost after all for my stays in Korea... Looks like I've found a decent beer in the supermarket, finally!
Photo
Add a comment...

Post has attachment
Add a comment...

Post has attachment

Post has shared content
Been an SRE for 6 years and I can attest to this. Mind you, I'm a SWE now and I've lost access to pretty much anything!
After being asked personally a few times and reading claims by others a few more, I thought I'd set the record straight....

Working at Google does not give you access to the data of users!

It's an easy assumption to make.  After all, most companies don't put internal access controls on data making it easy for every employee to access everything inside the firewall.  Google does not work that way.

Though there are many groups at Google, we'll simplify it into Software Engineering ("SWE") and Site Reliability Engineering ("SRE").  I was the latter for 5 years and I've been the former for 3.

SWE, in general, has access to nothing.  They run their code on their own workstations and sometimes test clusters with test data.  A few get access to anonymized user data for their service -- more on that later.

SRE is the group that owns the keys to the kingdom.  They're the group (actually many small groups) responsible for running Google services "in production".  They almost always have access to anonymized user data for their service and the ability to access "raw" logs if necessary, again for only their service.  The kicker is that, since around 2011, this latter access comes through a specific interface where you must explain with each request why you're doing this.  All those actions are logged and those logs are audited.  Misuse of the access will get you fired.

What is "misuse"?  I can't even look up my own queries.  I could be on-call for my service, have you on the phone fixing a problem with you saying, "go ahead" , and I still couldn't do it.  In five years, I only used raw logs twice, both on myself during training just so we'd know how.

So, for any given service, there may be somewhere between 10 and 100 people worldwide who could potentially access Personally Identifiable Information ("PII") of a user, but doing so without a good reason would be the end of them at the company.  And should that abusive employee somehow cause "material damage" to the company...  I don't even want to speculate.

On top of that, any attempt to track a single user, whether the user can be identified personally or not, will also get you fired.  Every user with any form of logs access has signed a paper (real paper, even) stating that they understand all this and the consequences.

This is serious stuff.  My own team would turn me in without a second thought if I did any of this.  And I'd do the same to them.

What are "anonymized" logs?  They're the requests that have had all PII stripped.  No IP address.  No account identifier.  No geo-locating finer than the city, etc.

Disclaimer:  I work for Google (obviously).  These thoughts are mine and mine alone.  Mine, I tell you!  Mine!!!
Photo
Add a comment...
Wait while more posts are being loaded