I’m hiring two senior system engineers and we’re hiring senior software engineers at NationBuilder.

Not sure if you all missed it, but that article is over three years old. It was published on 10/16/2014.

It’s an interesting question, but I’m not sure I agree the issue raised is going to be the real issue for any online version control system or open source repository.

And I’d be highly skeptical of anyones opinion of GDPR unless they’re actually working to implement it or preparing to enforce it (I’m in the process of implementing).

In this case GitHub would be both a controller and processor. Github would need to get consent from anyone with an account. But consider that an IP address is considered personal data and I can grab the URL for a repo and clone it locally without being logged in. Would GitHub need to put up a “Consent Wall” anytime someone looks at a repo while not being logged in and record consent? Or will we start needing this anytime you request something over the command line via ssh, sftp, scp, wget, or curl? What about cryptocurrencies or torrents?

The owner of any repository hosted on Github would be the controller. Any consent given would need to be recorded for the controller. GitHub and any other services (CI/CD, static analysis, etc) that has been given access to it would be a processor. The owner of any repository who grants access to these other services is on the hook to verify that service meets GDPR and get consent if these new processors are using the personal data in new ways. I’m not even sure how I would handle consent for a git repo for something like this.

And the reference to this applying to only people with EU citizenship is incorrect. GDPR is not about your citizenship, but rather where you’re at when your data was requested. As a US citizen if I’m in an EU country (business or school) anytime anyone asks for my personal data GDPR should apply.

The question about the impact of someone writing a blog or book would likely be allowed under by Art. 85 GDPR Processing and freedom of expression and information and Recital 153 Processing of personal data solely for journalistic purposes or for the purposes of academic, artistic or literary expression.

Sort of feels like we’ve gone back to the code is art/literature debate.

What do you consider small? Right now I’m at a company with 25-ish engineers and around 125-ish employees.

About a dozen products (mostly Ruby on Rails, a couple in Go, and one in Clojure). Puppet to make sure dependencies are installed and updated. Except for gems, which are updated during a deploy.

Terraform to provision and configure AWS specific products (RDS, ECS, etc), Puppet to configure instances, internal CI/CD tool as well as Jenkins.

We do have a number fo smaller products and services deployed as artifacts (containers) on a k8s stack.

All of engineering is responsible for the deployment tools and my team (systems engineering) owns the provisioning tools. We expect the rest of engineering to start picking up ownership of Terraform for new products they add.

I do have automation setup for any updates from USN, NVD, and a few other sources to create cards to stay on top of secutiy updates and vulnerabiities announcements.

edit: we also have Rundeck available along with some chatops with cog.

Boyd: The Fighter Pilot Who Changed the Art of War

A Place of My Own: The Architecture of Daydreams

Nimitz biography on Fleet Admiral Chester Nimitz.

Normal Accidents: Living with High-Risk Technologies

The Human Factor - long-form article from vanity fair on how airplanes mostly fly themselves and the crash of Air France Flight 447.

24/7: Late Capitalism and the Ends of Sleep

Lean Out: The Struggle for Gender Equality in Tech and Start-Up Culture

Mathematics, Form and Function

It’s been a pleasure orchestrating this hand-off with both of you, @pushcx and @jcs.

If any of your experience performance degradation or see any error messages please feel free to reach out. I expect we’ll do some performance tuning as we subject the server to it’s normal load. For reporting slowness, I would also be helped to see a traceroute from your location.

Thanks for the feedback and reading it again after a nights sleep I agree with you. I wanted to build on the comparison with other fields (one of which I worked in) to build up on the idea of applying the CRM training and some type independent review to start calling out trends.

Obviously I hit git push too soon and I’ll rework the second half.

In addition to using headphones I just try and protect my attention from distractions and interruptions. This includes my own personal habits, calendar, other people, and events.

I start my day off before work focusing on my own stuff (reading, writing, coding). I try to no surf and just focus on one thing for about an hour.

Once I start working I’ll catch up on my feed reader, a few sites and then dig into more reactive stuff. Any emails, slack notifications, or cards that need my attention… I knock those out and I time box this to one hour.

Then I have a few chunks of time blocked off in my calendar throughout the week to create some uninterrupted time to focus on whatever I’m working on. That gives me momentum on my stuff while leaving time to be available for anyone else.

The other thing is I keep a running text file where I write out the important or urgent things for the day. I’ll also add notes when something interrupts me. When I used to write this out on paper I used this sheet from Dave Seah called The Emergent Task Timer.