hi65435

joined 1 year ago
sorted by: new top controversial old
Web app that makes Lemmy look like old.reddit in c/lemmytips@discuss.tchncs.de
[–] hi65435@discuss.tchncs.de 1 points 1 year ago

A js-free version is nice though

1
How to make a coding challenge to hire a new engineer? (discuss.tchncs.de)
submitted 1 year ago* (last edited 1 year ago) by hi65435@discuss.tchncs.de to c/experienced_devs@programming.dev
0 comments fedilink
 

We're a very small team with little experience in hiring but got approval for a new engineer. Basically HR will look for people through the usual channels and I think we have a reasonably good job description. Unfortunately the coding challenge (a 30h+ take home) is atrociously difficult and doesn't really reflect what we do. On the other hand I think the false positive rate would be low. FWIW it's a Linux application and it might be difficult to only count on experience from the CV.

Any ideas how to build a good challenge from scratch and what time constraints are reasonable?

PSA: Zwei große Kritikpunkte an der UX von Lemmy werden bald behoben sein in c/dach@feddit.de
[–] hi65435@discuss.tchncs.de 0 points 1 year ago (1 children)

Das mit den unterschiedlichen Instanzen ist riesig

The truth about VPNs? in c/piracy@lemmy.dbzer0.com
[–] hi65435@discuss.tchncs.de 0 points 1 year ago* (last edited 1 year ago) (1 children)

I think this is not how it works. It's like saying: I'll connect a physical lock to my laptop and I'm more secure. (Many PC laptops have on the side a standardized connector for physical locks which is often used in electronics stores)

Better to go a step back and to consider your Threat Model. What are you doing? What are things that could likely happen right now? Is adding to your security/backing up your Threat Model or is it making things worse because it's adding stuff that you don't need, making workflows so complicated you're likely to misconfigure?

To give a more practical example, there have been a lot of conspiracy theories about Antivirus software. In some sense the nay sayers are right and it actually adds possible holes since they tend to run with elevated privileges. On the other hand, does it really matter for your use case? If you download random stuff online, you should probably install one. (Probably also for your fellow humans so your computer doesn't end up being a botnet host) But if everything on your computer is hand-picked (TM), you might be actually right and they decrease security.