🐝 Hive Five 224 - Happiest Country on Earth

Hi friends,

Greetings from the hive!

Most tech tends to isolate us, but let’s not forget how crucial real-world experiences are.

I just got back from a three-day work offsite, and it was absolutely incredible. Met amazing people and Seattle never disappoints.

One of my favorite moments is always looking out the window during the train ride from the airport to downtown.

Let's take this week by swarm!

🐝 The Bee's Knees

• Security for High Velocity Engineering: Strategy and Tactics for Protecting and Enabling Modern Software Organization. MORE

• Code Like a Journalist. Nael Shiab, a computational journalist, created a free course teaching data analysis and visualization using TypeScript. It's designed for beginners and helps you learn to code like a journalist. MORE

• In this episode, Scott and Mark discuss the topic of feedback, prompted by Scott's recent experience of receiving harsh feedback on a TED talk he's preparing. They delve into how to build emotional resilience to receive feedback, differentiating between valid, actionable feedback and mere opinions. MORE

• Jasmin Landry (JR0ch17) discusses his journey to becoming a full-time bug bounty hunter, emphasizing continuous learning, a hacker mindset, and focusing on high-impact vulnerabilities. He also values work-life balance and shares insights on various bug classes and testing methodologies. MORE

• ThinkstScapes Q1 '25 is a quarterly roundup that summarizes key information security research. It covers a variety of topics, like AI security and new attack methods, to keep you informed about the latest trends. MORE

Interested in sponsoring the Hive Five? Secure your spot.

📰 Updates

✅ Changelog

• Burp Suite Pro got a bunch of cool updates this year. They made it faster, smarter, and even added AI to help you find tricky vulnerabilities. MORE

• ReconFTW v3.1.0 is out with fixes. This release updates install scripts, fixes Nuclei severity filters, and replaces broken tools like metafinder. MORE

• Knoxnl v4.13 improves PoC handling, fixes API timeout errors, and enhances Discord notification reliability. The update also optimizes performance with ThreadPoolExecutor and provides clearer error messages. MORE

• Raycast v1.98.0 introduces the Model Context Protocol (MCP) for integrating local servers into Quick AI and AI Chat! You can now install servers and access their tools by @-mentioning them, similar to AI Extensions. MORE

💼 Work

💰 Career

• AMA with immigration attorney Robert, who does work for YC and startups. MORE

• The startup world is obsessed with "disrupt-o-mania" and becoming the next unicorn, but it's ok to build something useful without aiming for world domination. Consider building a company that makes a difference without sacrificing work-life balance. MORE

🚀 Productivity

• Stanford Creativity Expert: AI should be treated as a teammate to augment creativity, emphasizing feedback and unique inputs for exceptional outputs. Shifting from tool to teammate unlocks collaborative potential and pushes beyond "good enough" ideas. MORE

• FullFocusPhone turns a basic phone into a tool by minimizing distractions. It uses custom software on a DuoQin F22 Pro to help you stay focused on what matters. MORE

• Raycast's "Search menu items" feature is a hidden gem that helps users quickly find functions in applications like Affinity Designer. MORE

• How to make a Link Aggregator in Obsidian. MORE

• Bookmarklet for clearing cookies for the current page. MORE

• Dive into a complex calendar and task management setup using Morgen. The presenter showcases how they manage projects, goals, and tasks across various calendars for work, home, and volunteering. MORE

🌎 Community

🎉 Celebrate

• Steph Smith is returning to her "growth" roots, joining Groq to lead their growth initiatives. Groq offers fast and cheap AI inference, so developers should check it out. MORE

• Tae'lur, a security analyst, is living her best life in Southeast Asia! She's been exploring new countries and cultures, all while learning more about herself. MORE

• Gabe embraces putting himself out there, even if it's cringey, to talk about moving to SF, his insecurities, and building his startup, Bex. He plans to share how he booked 30 sales calls in a month. MORE

⚡️ Zeitgeist

• Ali, a backend engineer with experience in Go and Python and a MIT grad, is seeking a new role in NYC. They're eager to tackle complex projects and can start ASAP. MORE

• Pieter visited OpenAI's impressive, rapidly growing office and met Edwin, who previously worked at Stripe. He reflects on Silicon Valley's unique abundance compared to the rest of the world and how SF is cleaning up. MORE

• The annual curl and libcurl user survey is live. Share your experiences and help shape the future of this ubiquitous tool by answering questions about usage, features, and desired improvements. MORE

🍄 Level up

📰 Read

• AI Is Not Your Friend. How the "opinionated" chatbots destroyed AI’s potential, and how we can fix it. MORE

• The cryptography behind passkeys. When most people think of cryptography, the first thing they typically think of is encryption: keeping information confidential. But just as important (if not more) is authenticity: ensuring that information is really coming from an authentic source. MORE

• It wasn’t the idea that failed: it was the execution. Step into 1995: when the web got images, JavaScript, and visual dev tools. This is how it all began, where it went wrong, and how it's still going wrong today. MORE

• Commit Stomping is a technique inspired by timestomping, a well-known method used in offensive operations where file metadata is manipulated to hide the true timing of actions. MORE

• Drag and Pwnd: Leverage ASCII characters to exploit VS Code. MORE

💡 Tips

• Learn how to evaluate app privacy on the Apple App Store by checking data collection practices and privacy policies. MORE

• The MKBHD team shares their essential daily carry items, from bags and wallets to headphones and cameras. See what gadgets and tools they can't live without in their tech-filled lives. MORE

• Create cool presentation slides with Simon Willison's Annotated Presentation Creator. Upload slides, add alt text (or "skip"), and generate HTML using a template. MORE

• Want to keep hackers interested in your bug bounty program? This article shares 10 tips, like respecting their time and offering good rewards, to make your program stand out. MORE

• Lorne Michaels (SNL) says, ""The show doesn't go on because it's ready, it goes on because it's 11:30" Amanda admits she's never ready, but creates deadlines and tells people her goals to make things happen. It's all about prioritizing and faking it 'til you make it'! MORE

🧠 Wisdom

• it's never just that simple. Avoid the urge to say "just" when offering solutions to developers; it dismisses their expertise and the complex realities they face. Instead, ask, listen, and respect the problem's intricacies to foster better communication. MORE

• Creativity loves constraints! Dr. Seuss wrote his best-selling book with only 50 words, and Spielberg made "Jaws" a hit by hiding the shark. Think inside the box to unleash your best work. MORE

• An engineer shares how they used to think great products didn't need marketing, but realized that even amazing things need promotion to reach people. They learned the importance of packaging and excitement, and that marketing is just sales at scale. MORE

• Roger Bacon's "Grand Encyclopedia of Eponymous Laws" compiles humorous observations about the internet, computers, and life. It's a fun collection of cynical wisdom—like Murphy's Law, but for the digital age. MORE

• Dr. Kruse, a top ADHD doctor, was on the Huberman podcast and revealed that ADHD can lower life expectancy by 10 years! He also shared that ADHD brains are interest-driven, needing the right balance of external structure and the "Four Pillars" for management. MORE

📚 Resources

• Deep Dork is an advanced Google dorking tool that helps you find sensitive info on the web. Use it to discover vulnerabilities, exposed files, and other security risks. MORE

• GitHub repo with system prompts, tools & AI models from big names like Devin and Cursor. MORE

• The Ultimate Guide to JWT Vulnerabilities and Attacks (with Exploitation Examples). MORE

• ChatGPT Codex: The Missing Manual. OpenAI just dropped the first cloud hosted Autonomous Software Engineer. Power users should adopt an abundance mindset and use it for every little idea. MORE

• Explore how giving AI models more "thinking time" boosts their performance, like humans pondering complex problems. It covers techniques like chain-of-thought prompting and reinforcement learning that enhance AI reasoning. MORE

The Member Edition