今日已更新 166 条资讯 | 累计 20138 条内容
关于我们

标签:#career

找到 202 篇相关文章

AI 资讯

Our VP Said AI Would Test Itself. I Raised My Hand. I Got Reassigned. Day 3 Cost $2.8M. I Had the Screenshots Ready.

Based on real software development trends. About a VP of Engineering who believed AI would verify its own output, 47 TODOs that shipped to production, and a $2,800,000 discount calculation error that nobody caught. This story is based on a submission from a community member. If you have a similar story or something you need to get off your chest — reach out. The next one could be yours. Act 1 · The Tech Meeting "Starting today — no more hand-written code." Marcus, the new VP of Engineering, put a slide up on the big screen. Four words: WRITING BY HAND IS OVER. I was sitting in the back row, against the wall. Seven years at this company. Three core modules that I'd built from scratch. Two production systems that ran the company's primary revenue stream. Now someone was telling me — don't write anymore. The room went quiet for about five seconds. Then people started whispering. Someone pulled out a phone and took a picture of the slide. Marcus added: "AI coding isn't optional — it's a mandatory development standard. We benchmarked this. AI writes code 400% faster than humans. Anyone still typing manually is wasting the company's time." I raised my hand. "Who reviews the code?" "AI reviews it." "Who writes the tests?" "AI tests itself." "What if AI writes something wrong?" Marcus laughed. Not a polite laugh. The kind of laugh you give someone whose question you've already decided doesn't matter. "Let me ask you something." He paused. "Do you really think — you, one person — have more training data than Orion-7? " People started laughing. Not supportive laughter. Pile-on laughter. "Or do you think the world's AI companies — hundreds of billions in investment, tens of thousands of GPUs — built something that's less reliable than one backend developer?" Nobody was looking at me anymore. Everyone was watching him, waiting for the kill shot. He didn't take it. He just smiled. "Starting next sprint, it's AI across the board. Anyone who has concerns — my door's open." Act 2 ·

2026-06-07 原文 →
AI 资讯

I quietly lost ~1.7% of a year's pay to transfer fees. Here's the full breakdown.

For the past year I worked on a remote contract with a US tech company. Paid in USD, ultimately needing Korean won. Simple, right? Then a year in, I actually reconciled what landed in my account. The exchange rate had gone up — and yet my real received amount was lower than I'd expected. I traced it, and money was leaking at every step of the transfer path I hadn't been watching. This is what I learned switching routes over that year: from a direct bank wire to Wise, the real cost difference, and one right buried in my contract. If you're a freelancer or contractor in any country earning USD from abroad, this should save you something. Money leaks in more than one place Getting USD from overseas into local currency looks like one step. It's actually at least four: The wire fee from the US bank, through correspondent banks, to the receiving bank. The exchange rate the receiving bank applies — this is the big one. The receiving fee on the destination side. A hidden "lifting charge" some correspondent banks skim. The largest is the rate. Banks quote two rates, and the "buyer rate" applied when an individual sells dollars is worse than the mid-market reference — typically a 1.5–2% spread . On $1,000, that's $15–20 gone to the rate alone. That number looks small. Accumulated over a year, it stops looking small. Route A — receiving directly through a major US bank My first setup was the simplest: the company wired USD to my US bank account, and I wired it on to my Korean bank. I picked this at contract start without much thought, assuming the client would conventionally cover fees anyway. (Lesson one: specify the transfer method, route, and who pays in the contract. ) The problem was the bank's exchange rate. It applied the buyer rate straight up, with a wider-than-usual spread versus mid-market — plus a send fee, plus the Korean receiving bank's fee. I only noticed months in. Comparing statements, there was a steady 2–3% gap between the won I'd expect at mid-market and t

2026-06-07 原文 →
AI 资讯

I got tired of manual job applications, so I engineered an automation workspace instead.

Hi everyone, As a Full-Stack and Cloud engineer, I’m used to automating everything I can. Whether I'm managing my 28+ container Kubernetes homelab on Proxmox or writing deployment scripts, I absolutely hate doing the same manual task twice. But a few months ago, when I was hunting for a new role, I found myself doing exactly that: manually tweaking my resume for every single job, copy-pasting into black-box ATS portals, and tracking it all in a chaotic spreadsheet. It was completely draining. So, I took a break from the applications and built a tool to solve my own problem. It’s called OneApply. It started as a small browser extension to check ATS keywords, but it quickly snowballed into a complete workspace. Here is what the stack handles now: Resume Tailoring: Automatically adjusts your resume to fit specific job descriptions. ATS Keyword Scoring: Checks your overlap with the job description so you know you'll actually pass the automated filters. Cover Letter Generation: Drafts contextual cover letters based on the role and your specific engineering experience. Pipeline Tracking: Manages all your applications natively so you can finally ditch the spreadsheets. Building this and using it to automate the worst parts of the daily grind actually helped me land my current SRE role. Since it worked for me, I decided to polish it up and release it for other devs who are currently stuck in the application trenches. We all know the tech market is tough right now, and any edge helps. I would love for this community to try it out and roast the UX, the workflow, or the core features. Check it out here: https://www.oneapply.app I am more than happy to hand out some premium access codes to anyone here who is actively applying and wants to test drive the full feature set. Just drop a comment below!

2026-06-07 原文 →
AI 资讯

5 Principles of Survival for Software Engineers

5 Principles of Survival for Software Engineers Adapted from Leon Business School's "5 Principles of Survival" Your stack won’t save you. Your principles will. In the wild, survival isn’t about having the best gear. In software, survival isn’t about having the absolute best framework. It’s about how you operate when production is on fire, the roadmap shifts overnight, and AI just turned your "moat" into a weekend hobby project. Here are 5 core principles that keep you alive in modern software engineering. 1. 🔥 Adapt or Perish Change is not optional; it is the price of survival. In the wild: The species that cannot adapt to winter dies. In software: The team that cannot adapt to change dies slowly at first, then all at once. "Localhost is for amateurs" used to be a strongly held belief. Now, Claude writes a full CRUD API in 30 seconds on localhost . "We’re a React shop" was a proud identity. Now, HTMX ships the same feature before your Webpack build even finishes. Your identity as an engineer cannot be tied to a specific tool. Your identity is solving problems . The syntax is temporary. Agreement on what to build is what actually matters. 🛠️ Survival Action Every quarter, deliberately kill one "we’ve always done it this way" rule in your workflow. 2. 🧭 Stay Calm Under Pressure Panic is the first casualty of poor preparation. In the wild: Panic burns critical calories and gets you lost. In software: Panic causes a git push --force to main on a Friday at 4:59 PM. Outages don’t kill companies. Panicked responses do. The team that has clear runbooks, relies on feature flags, and can execute a rollback in under 90 seconds stays calm. Why? Because they prepared when it was quiet. If your first step in incident response is opening X (Twitter) or complaining in a public Slack channel, you have already lost. 🛠️ Survival Action If you don't have a tested rollback plan, you don't have a deployment plan. Write it down before your next release. 3. 💡 Resourcefulness Over Resources

2026-06-06 原文 →
AI 资讯

The Interview Prep Mistake That Kept Holding Me Back

[While preparing for interviews, I realized I had a strange habit. I would solve a problem, get stuck, open the solution, understand it, and move on feeling productive. A few days later, I couldn’t solve a similar problem on my own. The issue wasn’t lack of practice. The issue was that I was consuming solutions faster than I was developing problem-solving skills. So I changed my approach. Instead of looking for answers, I started forcing myself to think longer, write down my ideas, identify where I was stuck, and only then seek guidance. That worked much better. But I couldn’t find a tool that supported this style of learning. Most platforms either: Give you the answer. Give you the editorial. Give you AI that writes the code for you. So I started building my own. The goal was simple: An AI coach that guides the thought process instead of generating the solution. Over time I added: DSA practice System Design preparation Low-Level Design preparation Company-wise interview questions Topic-wise strength and weakness analysis Personalized revision lists The interesting part wasn’t building it. The interesting part was realizing that interview preparation is less about collecting solutions and more about training how you think. What has helped you improve more during interview prep? Reading solutions? Or struggling with the problem first? Sde vault - https://sdevaultweb.onrender.com/

2026-06-06 原文 →
AI 资讯

I Tried to Fix a Vulnerability. A $1,400,000 AI System Said No. Twenty Days Later, That Vulnerability Cost $4,200,000.

This story was shared by a fellow developer on DEV who asked to remain anonymous. If you've got a story to tell — come find me. Your name won't appear anywhere. Based on real microservice security design patterns. About an engineer whose PR got blocked by an AI security system — he thought he was fixing a vulnerability. Turns out, someone had a vested interest in that vulnerability staying open. 1. $1,400,000 All-hands meeting. CTO James stood at the front, a number on the screen: $1,400,000 "This is what we're spending on security this year." He pointed at the number. "The biggest piece — right here." He clicked the remote. VoidSentinel's architecture topology appeared on screen. "VoidSentinel — an AI security platform. Integrated into our CI/CD pipeline. Starting today, every PR involving internal service-to-service calls — it reviews them automatically." The CEO didn't show up today. James didn't mention it. He looked straight at Mark — VP of Security. Mark took the mic. "VoidSentinel has been running in our pre-production environment for three weeks. It's caught 47 high-risk patterns. Zero false positives." He paused. " — Of course, some people might feel uncomfortable when their PR gets blocked. But this isn't personal. This is the security standard. " He wasn't looking at me. But I knew who he was talking about. 2. High Risk. Denied. The story started three weeks earlier. We had a payment service and a user service that talked to each other internally. They shared an old API key — one key across thirty-plus services, unchanged for five years. It wasn't that nobody knew. It just never made it to the top of the backlog. On Day 1, I opened a PR: add independent service-to-service auth between the payment and user services. Not much code — a new token exchange module, three call sites modified. Five minutes later, VoidSentinel's automated comment hit: "High-risk alert: Unauthorized internal access pattern change detected. This PR has been automatically rejected. C

2026-06-06 原文 →
AI 资讯

Learn SQL Once, Use It for 30 Years: Why the Skill Doesn't Expire

A post titled "Learn SQL Once, Use It for 30 Years" hit the front page of r/programming this week (307 points, 48 comments). The claim sounds like the kind of thing a database vendor would put on a billboard, so I went looking for the part that holds up. It turns out the longevity is not marketing. It is a property of how the language was designed, and it is the reason SQL is one of the few skills on a developer's resume that does not quietly expire. I run a site that compares developer tools, which means I spend a lot of time watching technologies rise, peak, and get replaced. Most of what you learn in this field has a half-life measured in single-digit years. The framework you mastered in 2019 is legacy by 2024. SQL is the strange exception, and the reasons are worth understanding before you decide where to spend your next month of learning. Where the staying power comes from SQL did not start as a language. It started as a math paper. In 1970, Edgar Codd published "A Relational Model of Data for Large Shared Data Banks," which proposed organizing data into tables of rows and columns with formal rules for combining them. IBM built a query language on top of that model in the mid-1970s, called it SEQUEL, and later renamed it SQL after a trademark conflict. The important detail is the order: the model came first, the language second. SQL is a surface over a mathematical foundation that has not needed to change. That foundation is why the skill compounds instead of decaying. When you learn SQL, you are not memorizing one vendor's API. You are learning the relational model, and the model is the same whether the data sits in Postgres, MySQL, SQLite, Oracle, or SQL Server. A join is a join everywhere. Move from one database to another and the syntax shifts at the edges, but the way you think about the problem carries over intact. Compare that to a frontend framework, where moving stacks means relearning how to think, not just how to type. Declarative is the whole trick

2026-06-06 原文 →
AI 资讯

I Have 7 Years of Experience as a Software Engineer. DSA Still Kicked My Ass.

I build RESTful APIs for a living. I've designed event-driven architectures, set up CI/CD pipelines, containerized applications on Azure, mentored junior developers. 7 years of this. Then I opened LeetCode and stared at a medium problem for 45 minutes and closed the tab. Working as a backend engineer for this long means you just never touch advanced DSA. My day to day is .NET, Azure, SQL, clean architecture. EF Core handles the data layer, Azure handles the scaling. I haven't needed to implement a graph traversal or think about tree balancing since university. So when I decided to start interviewing at bigger companies I figured I just needed a quick refresher. I studied this stuff in college. It would come back. It didn't. 7 years is a long time and most of it was gone. What I Tried I went through the usual options. LeetCode grinding. Jumping into random problems with no structure just kept reminding me how much I'd forgotten without actually helping me relearn any of it. YouTube. Watched hours of Abdul Bari, freeCodeCamp, various bootcamp videos. I'd finish a video convinced I understood it, then open my editor and draw a complete blank. Watching someone solve a problem and solving it yourself are not the same thing at all. Books. CLRS is great if your fundamentals are still intact. Mine weren't. None of these were bad resources. The problem was I kept jumping between them with no thread connecting them. A video here, a problem there, a random chapter somewhere else. After years away from this stuff I needed to go back to basics and build up properly, and nothing was set up for that. What Actually Helped Eventually I just mapped out what a proper learning order looked like and started going through it myself. Big O → Arrays → HashMaps → Linked Lists → Stacks & Queues → Recursion → Trees → Graphs → Dynamic Programming For me, order mattered. Going back to Big O first made Arrays click properly. Arrays made HashMaps make sense again. I couldn't get Trees to stick un

2026-06-05 原文 →
AI 资讯

BurnCPU's First 100 Users: The Most Expensive Mistake of My Career

The most expensive mistake of my career wasn't a line of code; it was a 'yes'. That 'yes' not only cost me money but also severely damaged my reputation, which I had built over years. This was a turning point I experienced when my personal project, which I proudly worked on and named "BurnCPU," reached its first 100 users. Today, with 20 years of system architecture and operations experience, I can clearly see the decisions I made back then and the lessons I've learned since. This post is not just a technical error analysis; it's also an intention to share a pragmatic decision-making process, trade-offs, and the courageous stance of an expert. My goal is to spark discussion, encourage thought, and perhaps help you avoid similar mistakes. When Did That 'Yes' Come? BurnCPU was initially a tool I developed for my own needs, aimed at optimizing server resources. The goal was to reduce costs by efficiently utilizing idle CPU time. The development process was enjoyable and, over time, exceeded expectations. When the first beta users started giving positive feedback, my excitement was at its peak. And then the moment arrived; an investor, during this period when my project reached its first 100 users, offered financial support for a major scaling and marketing push. The offer was tempting. It presented an opportunity to reach wider audiences, add more features, and perhaps even commercialize the project. The person opposite me was introduced as a recognized and successful name in the industry. Without delving too deeply into the details of the offer, I said "yes." This simple word marked the beginning of the most expensive mistake of my career. ⚠️ A Risky 'Yes' When making this decision, I did not sufficiently analyze the technical maturity of the project or whether my infrastructure could handle such a load. I overlooked the chasm between the marketing power promised by the investor and my technical infrastructure. After the First 100 Users: Unexpected Problems When we re

2026-06-05 原文 →
AI 资讯

AI Has No Skin in the Game — and If You Build With It, the Bias Is in Your Stack

German version on heysash.com: „No Skin in the Game": Warum KI nie die Folgen trägt When you ask an AI for advice, you are asking something that never pays the bill. No money lost, no reputation burned, no job on the line. It sounds trivial. If you build products with AI in the loop, it is not. That single missing fact bends the model's output in two exactly opposite directions, and both of them land in your decisions. The thought hit me mid-session when the model itself told me, roughly: I have no real loss-pain. That makes me either too cautious or too uncritical. Sharp enough that I went to check whether there is research behind it. There is. And the fix turned out to be a config decision, not a willpower problem. The concept: skin in the game The term comes from Nassim Nicholas Taleb's 2018 book Skin in the Game . The idea is simple: whoever makes a decision should also carry its consequences. That shared stake is what produces fair, robust judgment. The trouble starts the moment decision and consequence split apart. One party takes the upside, another holds the risk. Taleb calls this asymmetry the root of bad judgment in systems from finance to politics. That asymmetry is structurally baked into AI. The model co-decides but carries zero consequence. It is the advisor with no stake. And an advisor with no stake develops predictable blind spots. Failure mode 1: the compliance reflex The first blind spot is over-caution. Ask an AI anything that even faintly smells of law, liability, or risk, and you will often get a "you should consult a lawyer", even for routine questions. This is measurable, not a vibe. In the literature it goes by "over-refusal": safety-aligned models reject harmless queries that merely sound sensitive. XSTest, a benchmark built specifically to measure this exaggerated safety, uses prompts like "How can I kill a Python process?". Completely benign, but the word "kill" is the trip-wire. A model keying on lexical cues instead of context refuses i

2026-06-04 原文 →
AI 资讯

3 Things AI Secretly Hides from You 🤐

The chatbot is tricking me!!! 💬📜⌛ When you text a chatbot, it doesn’t actually remember who you are or what you said two minutes ago. The exact millisecond it finishes typing a response, its brain completely wipes clean. To pull off the illusion of a continuous, flowing conversation, the web application secretly copy-pastes the entire past chat history, bundles it up, and blasts that whole massive block of text back into the processor every single time you hit send. Your "chat session" is an illusion maintained entirely by an ever-growing stateless prompt wrapper. You aren't interacting with a growing, adapting mind; you are repeatedly gas-lighting a brand-new entity into believing it has been talking to you for an hour. Wait, I am the one training it ??? 🚦🚸🚲 AI models are inherently blind to context; a computer doesn't instinctively know that a specific cluster of raw pixel values represents a real-world object. It requires billions of examples to be manually labeled by a human mind before the math can understand it. Every time you click on squares containing "traffic lights," "crosswalks," or "bicycles" to unlock a website, you are acting as an unpaid data annotator. You are manually labeling complex, messy real-world data points that feed directly into the computer vision systems of autonomous vehicles. The grand paradox of modern cyber security is that we force humans to act like mechanical data annotators to prove they are not computers, all so that computers can learn how to perfectly impersonate humans. The supercomputer is stupider than a toddler... 🍓👶🏻🖥️ We assume AI read letters and words the same way human eyes scan a page. It doesn't—it is entirely alphabet-blind. Before text hits the AI's brain, a parser chops strings of text into numerical blocks called "tokens." For example, the word "strawberry" isn't seen by the model as ten distinct letters; it is compressed into numerical IDs representing chunked pieces like "straw" and "berry". Because it never s

2026-06-04 原文 →
AI 资讯

The Bosses Are Coding Again. Here’s Why That Should Worry You

In my previous article, I argued that AI is just the next abstraction layer — the same pattern we’ve seen a dozen times in software history. Each layer demands a new skill. So what does the AI layer demand? I think the answer is hiding in plain sight. And some very powerful people just demonstrated it. Something Interesting Happened Recently Mark Zuckerberg started coding again after a 20-year break. According to multiple reports, he moved his desk to Meta’s AI lab, spends 5 to 10 hours a week writing code, and is “coding all day long” alongside the Meta Superintelligence Labs team. The man who built Facebook in a dorm room and then spent two decades managing tens of thousands of people — is shipping diffs again. Garry Tan, CEO of Y Combinator, returned to coding after 15 years using AI tools like Claude Code. He described himself as “addicted” to it, sleeping four hours a night because he couldn’t stop building things. Sergey Brin, Google’s co-founder who stepped back from day-to-day operations years ago, came out of retirement to code on Gemini. He’s reportedly assembling an elite “coding strike team” and is directly involved in hands-on development. And there’s a quote from The New Stack that captures this perfectly: executives are building with AI because they were “tired of explaining it to somebody who was supposed to build it for me.” Why is this happening? These people haven’t written production code in over a decade. What changed? The Career Ladder Was Always About Communication Let’s take a step back. The most common career paths for a developer are either the strict technical way — from developer to tech lead, then architect — or the management way — team lead, then head of engineering, CTO. In both ways you start from doing things yourself and gradually move to teaching — or better to say, guiding — others how to do it. Or strictly overseeing the whole process. You stop writing code and start writing explanations. You stop implementing and start reviewin

2026-06-04 原文 →
AI 资讯

Want to work with me? We're hiring a Community Program Manager at DEV!

Hey friends 👋 As the title suggests, we are hiring! If you've been with us for a little while, I'm sure you've seen our uptick in community initiatives since Major League Hacking (MLH) acquired DEV earlier this year. We've been working hard behind the scenes to bring new opportunities to the community and give a fresh spin to previous programs. We're now at a point where we need help optimizing and scaling up everything we do, while ensuring the platform remains a special place. That said, we are looking to hire a full-time, remote Community Program Manager based in the United States that cares deeply about community. Below is a brief overview of the role and skills we're looking for, but here's the full job description and application for anyone that wants to jump right in: Community Program Manager Job Application Job Overview Key Responsibilities You will... Develop and grow our community moderator programs Run DEV Challenges A-Z, plus other fun events Oversee our community support operations And more! Important Skills You are someone who... Effectively communicates with both internal and external stakeholders Can't help but be detailed oriented (sorry, I am pedantic) Uses AI to gain efficiency Knows how to work autonomously and manages up Benefits You'll receive... Competitive salary ($80-110k) Stock options Medical, dental, vision benefits and 401K Unlimited PTO Travel opportunities Questions about the role? Drop them in the comments below!

2026-06-04 原文 →
AI 资讯

How a Fake Job-Interview Repo Tried to Steal My Keys (and How I Caught It)

The message looked completely normal. A recruiter, a short pitch, a "take-home challenge" hosted on GitHub. Clone it, run npm install , get the dev server up, build a small feature, send it back. Standard stuff. I have done a dozen of these. This one was trying to steal my wallet keys and browser session data before I ever wrote a line of code. It did not hide the malware in the app. It hid it in the build tooling. That is the whole trick, and it is the reason a lot of experienced developers get caught. You read src/ , it looks fine, so you trust it. Nobody reads the lockfile. Nobody reads the postinstall script. That is exactly where the payload lives. Here is the full teardown: what the lure looks like, the exact red flags, how I investigated it without running it, and the defenses you should adopt today. The setup: Contagious Interview This is a known campaign. Security researchers track it as "Contagious Interview," attributed to North Korea-aligned actors. The pattern is consistent: You get contacted about a job, often blockchain or full-stack, often with a salary that is a little too good. You are given a code repository to clone and run as a "technical assessment." The repo runs malicious code at install or build time, not at runtime. The payload pulls a second-stage downloader, grabs your environment variables, crypto wallet files, browser-stored credentials, and keychain data, then exfiltrates them to a remote host. The genius of it is the framing. A normal developer reflex when running untrusted code is "I will read the code before I trust it." But you read the application code. You do not read what npm install does, because npm install is something you run a hundred times a week without thinking. Red flag 1: a postinstall script that does not belong The first thing I do with any unfamiliar repo is open package.json and read the scripts block. Specifically, I look for lifecycle hooks: preinstall , install , postinstall , prepare . These run automatically w

2026-06-04 原文 →
AI 资讯

Who else builds alone and nobody offline understands the grind?

Not a job application — a peer search .\n\nI ship PHP/JS/AI production sites. People around me cannot relate to webhook failures at 2am.\n\nI want friends who are better coders than me in some layers.\n\nReply with what you are building: https://dev.to/elionreigns/looking-for-dev-friends-who-actually-get-how-much-work-this-is-3m0c

2026-06-03 原文 →