Readit News logoReadit News
pixelatedindex commented on Stripe Launches L1 Blockchain: Tempo   tempo.xyz... · Posted by u/_nvs
nivertech · a day ago
Somebody should start “Killed by Stripe - Stripe Graveyard”[1], because this project soon (several years max) will be featured there.

—-

1. https://killedbygoogle.com/

pixelatedindex · a day ago
Are there other products they have killed like Google? It’s not really a graveyard if it’s just this project, and we don’t yet know that it will be killed
pixelatedindex commented on Stripe Launches L1 Blockchain: Tempo   tempo.xyz... · Posted by u/_nvs
zeven7 · a day ago
The job listing[1] for Rust Engineer at Tempo says

> Attributes: High motor

What is meant by that?

[1] https://jobs.ashbyhq.com/tempo-xyz/aab97703-13e2-42e8-9fb9-9...

pixelatedindex · a day ago
“Workaholic” is how I read it. They want people who are “motivated go-getters” and sacrifice personal wellbeing for company goals.
pixelatedindex commented on Stripe Launches L1 Blockchain: Tempo   tempo.xyz... · Posted by u/_nvs
5F7bGnd6fWJ66xN · a day ago
when will stripe go public?
pixelatedindex · a day ago
They don’t have to go public if they don’t want to. Being a private company is totally fine.
pixelatedindex commented on Ask HN: Is your company still hiring junior engineers?    · Posted by u/wafflemaker
scarface_74 · 3 days ago
Probably one of the WITCH companies.
pixelatedindex · 3 days ago
TIL - Wipro, Infosys, TCS, Cognizant, HCL
pixelatedindex commented on Family of MSFT employee who died warn tech companies not to overwork workers   padailypost.com/2025/08/2... · Posted by u/christhecaribou
javierluraschi · 5 days ago
No you can’t, the system is setup to make you work that hard. Their compensation policy is based on rewarding disproportionally the top performers…

So if you can work 10% more than your peers, you get not 10% bonus but rather 30%-100% more. So it makes business sense to put the extra 10%, until everyone is working at 110% and then again, adding an extra 10% pays off, rinse release, death spiral.

The compensation model is pure evil.

pixelatedindex · 5 days ago
Or, you can just be happy getting the lower end of the bonus. It’s not like the pay and RSU is peanuts. Or work just enough to be in the middle of the bell curve. I put in the work to be in the top part earlier but it is absolutely not worth it, they will lay you off anyway.
pixelatedindex commented on Everything I know about good API design   seangoedecke.com/good-api... · Posted by u/ahamez
cyberax · 12 days ago
Yeah, but then there's not that much difference, is there? You can technically move the generation of the access tokens to a separate secure environment, but this drastically increases the complexity and introduces a lot of interesting failure scenarios.
pixelatedindex · 12 days ago
I mean… is adding an OAuth layer in 2025 adding that much complexity? If you’re scripting then there’s usually some package native to the language, if you’re using postman you’ll need to generate your authn URL (or do username/passwords for client ID/secret).

If you have sensitive resources they’ll be blocked behind some authz anyway. An exception I’ve seen is access to a sandbox env, those are easily generated at the press of a button.

pixelatedindex commented on Everything I know about good API design   seangoedecke.com/good-api... · Posted by u/ahamez
cyberax · 12 days ago
If you're using APIs from third parties, the most typical authentication method is a static key that you stick in the "Authorization" HTTP header.

OAuth flows are not at all common for server-to-server communications.

In my perfect world, I would replace API keys with certificates and use mutual TLS for authentication.

pixelatedindex · 12 days ago
IME, OAuth flows are pretty common in S2S communication. Usually these tend to be client credential based flows where you request a token exactly like you said (static key in Authorization), rather than authorized grant flows which requires a login action.
pixelatedindex commented on Everything I know about good API design   seangoedecke.com/good-api... · Posted by u/ahamez
smj-edison · 12 days ago
> Every integration with your API begins life as a simple script, and using an API key is the easiest way to get a simple script working. You want to make it as easy as possible for engineers to get started.

> ...You’re building it for a very wide cross-section of people, many of whom are not comfortable writing or reading code. If your API requires users to do anything difficult - like performing an OAuth handshake - many of those users will struggle.

Sounds like they're talking about onboarding specifically. I actually really like this idea, because I've certainly had my fair share of difficulty just trying to get the dang thing to work.

Security wise perhaps not the best, but mitigations like staging only or rate limiting seem sufficient to me.

pixelatedindex · 12 days ago
True, I have enjoyed using integrations where you can generate a token from the portal for your app to make the requests. One thing that’s difficult in this scenario is authorization - what resources does this token have access to can be kind of murky.
pixelatedindex commented on Everything I know about good API design   seangoedecke.com/good-api... · Posted by u/ahamez
cyberax · 12 days ago
> You should let people use your APIs with a long-lived API key.

Sigh... I wish this were not true. It's a shame that no alternatives have emerged so far.

pixelatedindex · 12 days ago
To add on, are they talking about access tokens or refresh tokens? It can’t be just one token, because then when it expires you have to update it manually from a portal or go through the same auth process, neither of which is good.

And what time frame is “long-lived”? IME access tokens almost always have a lifetime of one week and refresh tokens anywhere from 6 months to a year.

pixelatedindex commented on U.S. government takes 10% stake in Intel   cnbc.com/2025/08/22/intel... · Posted by u/givemeethekeys
miohtama · 14 days ago
There is only 1 winner and 1 loser: Intel.

It's the only chip manufacturer "left" in the US. The argument is national security: the US expects China to invade Taiwan and this will kill TSMC in the process.

Whether this will happen or not can be debated, but this is what the government expects.

pixelatedindex · 14 days ago
> the US expects China to invade Taiwan and this will kill TSMC in the process.

Would it though? The TSMC foundries are pretty much in every continent. Are they just going to stop operating if this happens? Because that seems akin to killing a golden goose.

Also what is up with Global Foundries? I don’t hear a peep about them.

p

u/pixelatedindex

KarmaCake day833August 11, 2015
About
[ my public key: https://keybase.io/munds; my proof: https://keybase.io/munds/sigs/Rbjdg7ALTMQxnTfLTVfYLk5lZRIZ7Ig_K8kh0SbGOqs ]
View Original