Probably one of the WITCH companies.
TIL - Wipro, Infosys, TCS, Cognizant, HCL
Readit Newspixelatedindex commented on Ask HN: Is your company still hiring junior engineers? · Posted by u/wafflemaker
No you can’t, the system is setup to make you work that hard. Their compensation policy is based on rewarding disproportionally the top performers…
So if you can work 10% more than your peers, you get not 10% bonus but rather 30%-100% more. So it makes business sense to put the extra 10%, until everyone is working at 110% and then again, adding an extra 10% pays off, rinse release, death spiral.
The compensation model is pure evil.
Or, you can just be happy getting the lower end of the bonus. It’s not like the pay and RSU is peanuts. Or work just enough to be in the middle of the bell curve. I put in the work to be in the top part earlier but it is absolutely not worth it, they will lay you off anyway.
pixelatedindex commented on Everything I know about good API design seangoedecke.com/good-api... · Posted by u/ahamez
Yeah, but then there's not that much difference, is there? You can technically move the generation of the access tokens to a separate secure environment, but this drastically increases the complexity and introduces a lot of interesting failure scenarios.
I mean… is adding an OAuth layer in 2025 adding that much complexity? If you’re scripting then there’s usually some package native to the language, if you’re using postman you’ll need to generate your authn URL (or do username/passwords for client ID/secret).
If you have sensitive resources they’ll be blocked behind some authz anyway. An exception I’ve seen is access to a sandbox env, those are easily generated at the press of a button.
pixelatedindex commented on Everything I know about good API design seangoedecke.com/good-api... · Posted by u/ahamez
If you're using APIs from third parties, the most typical authentication method is a static key that you stick in the "Authorization" HTTP header.
OAuth flows are not at all common for server-to-server communications.
In my perfect world, I would replace API keys with certificates and use mutual TLS for authentication.
IME, OAuth flows are pretty common in S2S communication. Usually these tend to be client credential based flows where you request a token exactly like you said (static key in Authorization), rather than authorized grant flows which requires a login action.
pixelatedindex commented on Everything I know about good API design seangoedecke.com/good-api... · Posted by u/ahamez
> Every integration with your API begins life as a simple script, and using an API key is the easiest way to get a simple script working. You want to make it as easy as possible for engineers to get started.
> ...You’re building it for a very wide cross-section of people, many of whom are not comfortable writing or reading code. If your API requires users to do anything difficult - like performing an OAuth handshake - many of those users will struggle.
Sounds like they're talking about onboarding specifically. I actually really like this idea, because I've certainly had my fair share of difficulty just trying to get the dang thing to work.
Security wise perhaps not the best, but mitigations like staging only or rate limiting seem sufficient to me.
True, I have enjoyed using integrations where you can generate a token from the portal for your app to make the requests. One thing that’s difficult in this scenario is authorization - what resources does this token have access to can be kind of murky.
pixelatedindex commented on Everything I know about good API design seangoedecke.com/good-api... · Posted by u/ahamez
> You should let people use your APIs with a long-lived API key.
Sigh... I wish this were not true. It's a shame that no alternatives have emerged so far.
To add on, are they talking about access tokens or refresh tokens? It can’t be just one token, because then when it expires you have to update it manually from a portal or go through the same auth process, neither of which is good.
And what time frame is “long-lived”? IME access tokens almost always have a lifetime of one week and refresh tokens anywhere from 6 months to a year.
pixelatedindex commented on U.S. government takes 10% stake in Intel cnbc.com/2025/08/22/intel... · Posted by u/givemeethekeys
There is only 1 winner and 1 loser: Intel.
It's the only chip manufacturer "left" in the US. The argument is national security: the US expects China to invade Taiwan and this will kill TSMC in the process.
Whether this will happen or not can be debated, but this is what the government expects.
> the US expects China to invade Taiwan and this will kill TSMC in the process.
Would it though? The TSMC foundries are pretty much in every continent. Are they just going to stop operating if this happens? Because that seems akin to killing a golden goose.
Also what is up with Global Foundries? I don’t hear a peep about them.
When I was young we lived just as spread out. We just biked/skateboarded to places. We stashed our surf boards at the closest house to the beach. We made third spaces happen.
Why has that stopped being an option? Is it because people's parents are too scared to let them do it when they are young (we were taking public busses to downtown Santa Cruz in junior high but we were latch key 80s/90s kids with zero oversite) and so they don't realize it's an option when they are older or?
I think it’s because at that time if you wanted to socialize you didn’t have an option. Kids these days have phones and tablets and finding another person to engage with online has substituted the going out part.
pixelatedindex commented on EPA Moves to Cancel $7B in Grants for Solar Energy nytimes.com/2025/08/05/cl... · Posted by u/Jimmc414
Why would canceling contracts require bribes? Bribes are something you do to get government contracts. I wouldn't bribe you to not give me money
I can bribe you to cancel a contract so you can enter a contract with me
pixelatedindex commented on Rising young worker despair in the United States nber.org/papers/w34071... · Posted by u/johntfella
> Young people are freaking out about the job market, the house market, and the dating market.
If we're going to discuss this problem honestly we need to admit the elephant in the room: it is much, much worse for young men than young women.
In jobs, from FT[0]:
"The unemployment rate for recent male graduates has risen steeply from less than 5 per cent to 7 per cent over the past 12 months. For young female graduates in the US, joblessness is unchanged over the same period, if not falling slightly."
"Most striking of all, recently graduated young men are now unemployed at the same rate as their non-graduate counterparts, completely erasing the college employability premium."
In dating, despite being much more selective, women match with around 40% of men they like, while for men it's more like 2%. Anecdotally I know many women in metropolitan areas can receive hundreds or thousands of likes in a week, while even a hundred is more than many (pretty average) men will receive in a lifetime. The number is zero, very often.
In housing it's more equal, but of course safety nets for young women exist through dating. Living in a HCOL metro area it's not uncommon for younger women to move in with their partners, and not have to pay much or any rent. That option is much, much rarer for young men, so if you don't have parents to save you, no one's coming.
> If we're going to discuss this problem honestly we need to admit the elephant in the room: it is much, much worse for young men than young women.
I empathize with my fellow young men, and sadly I don’t think most of my fellow progressives care about young men. It’s certainly not a platform that will get you votes if you run for office.
If I were born post-2005 I doubt that I have been given any major advantage over women yet the messaging is all about how bad it is for the other side. At the same time it’s hard to argue otherwise because the GOP is actively eroding women’s rights.
Young men are stuck between a rock and a hard place.