No problem, thanks for reading!

There were a number of factors. First and foremost, I've loved programming since one of my younger brothers got a programmable calculator for university. Not long after, I bought one of the first VIC-20s. Programming and playing in a community band were my only hobbies.

My last programming job was with a great company that turned toxic when it got bought by an investment group. That pushed me to a state of depression and burnout, leading to our decision to move to our cabin before retirement, where I went back to a labour job. There was no internet or cell signal at home and my aging laptop just got stuffed in the back of a closet. I spent my hobby time fishing, rowing, hiking, swimming, and learning how to grow stuff.

Then a change of leadership turned that job into something I could no longer tolerate, so I switched to driving school bus. I realized that with the extra time, I could start early on retirement activities, one of which was (is) education for fun. I started hitting the library computer (singular!) between bus runs on the days it was open. Before I knew it, I was taking online programming courses, buying a new laptop, and getting Starlink at home.

I fully retired last June and am starting to ramp up my skills. I've got 3 programming projects in various states of planning and development, and recently decided which one to pour my energies into. (Keeping in mind that I'm also into building boats and furniture and into long-distance rowing and swimming. And fishing, hiking, growing and preserving fruits and vegetables ...).

Sorry, I've rambled on, but I'm just so excited and have so much energy and motivation now that all day, every day is mine to do with as I will.

I agree with everything you've said. One thing that would go a long way to securing accounts would be legislation requiring all government services, banks, and credit unions to implement authenticator-based 2FA. At a minimum.

Those institutions are already very heavily regulated (at least here in Canada), so one more regulation would be meaningless.

With that in place, it would be trivial for everyone else to follow suit, since they'd know that approximately everyone has a second factor and knows how to use it.

Good for you in adding to your testing template. Security is a journey, not a destination, so keeping things up to date is important.

Sort of. I was a "language of the month" hobbyist. Then Visual Basic and Access with VBA came along and I could actually be productive enough to ditch my labour jobs in favour of a small freelance operation that generated comparable income, but was way more fun and much easier on my back and joints.

Ok, that makes much more sense! I've done a tiny bit of genealogy, so I knew about the exponential numbers, but I misunderstood the sharing. Yes, I know the feature was described as "with relatives" but I was thinking of "with person". Yes, choosing to share with all relatives in one click would produce huge numbers.

As for where to place the blame, it's tough. The vast majority of people have no concept of how this stuff works. In effect, everything from mere typing into a document to logging in to and using network resources is treated quite literally as magic, even if nobody would actually use that word.

That puts a high burden on services to protect people from this magical thinking. Maybe it's an unreasonably high burden, but they have to at least make the attempt.

2FA (the real thing, not the SMS mess) is easy to set up on the server side. It's easy enough to set up on the client side that if that's too much for some fraction of your customer base, then you should probably treat that as a useful "filter" on your potential customers.

There are any number of "breached password" lists published by reputable companies and organizations. At least one of those companies (have I been pwned) makes their list available in machine readable formats. At this point, no reputable company who makes any claims to protection of privacy and security should be allowing passwords that show up on those lists. Account setup procedures have enough to do already that a client-side password check would be barely noticeable.

We know enough about human nature and human cognition to know that humans are horrifically bad at creating passwords on the fly. Some services, maybe most services, should prohibit users from ever setting their own passwords, using client-side scripting to generate random strings of characters. Those with password managers can simply log the assigned password. Those without can either write it in their address book or let their browser manage it. This has the added benefit of not needing to check a password against a published list of breached passwords.

My data will always be at risk of some kind of weak link that I have no control over. That makes it the responsibility of each online service to ensure that the weak links are as strong as possible. Rate limiting, enforcement of known good login policies and procedures, anomaly detection and blocking, etc should be standard practice.

Let's pretend that I had an account and that you used the internal social share to share your stuff with me.

I, being an idiot, used monkey123 as my password. As a result, the bad guys got into my account. Once in my account, they had access to everything in my account, including the stuff you shared with me.

Now to get from 14,000 to 7,000,000 would mean an average of 500 shares per account. That seems unreasonable, so there must have been something like your sharing with me gives me access not just to what you shared, but to everything that others shared with you in some kind of sharing chain. That, at a minimum, is exclusively on 23andMe. There is no way any sane and competent person would have deliberately constructed things like that.

Edit: I think I goofed. It seems to be sharing with relatives as a collection, not individuals. As was pointed out, you don't have to go very far back to find common ancestors with thousands of people, so that's a more likely explanation than mine.

15 years as a hobbyist, 20 years as a professional spending hobby time on other pursuits, 5 years where I never wanted to see a computer again, starting back into hobby in my retirement.

When I was working as a programmer, I had too many interests to justify pursuing hobby projects when I could be building a boat, playing in a community band, or whatever.

Background: about 15 years as a hobbyist, mostly as a language and OS junkie, while working a variety of trades and labour jobs. I tried take the computer science aspect seriously.

Early to mid-1990s I started getting work in the field while trying to get a "real" job that matched my background. I never did find that real job, because I was getting too much work helping people and small companies learn about computers and networks, then setting up and managing their systems. In fact, I gained enough of a reputation as a trainer that I actually worked as an instructor for an accredited vocational school for a few years.

Apart from a couple of "drive bys" that I was uniquely qualified for, no real company was ever silly enough to hire me as a programmer. There were, and probably still are, vast numbers of small companies who are badly underserved. That's where I spent my energies. No real programmer would ever think my code made sense, but without me a few small companies would still be using their computer systems as glorified typewriters and filing cabinets. And no real programmer would ever work for what those small companies could afford.

What I'm missing, and now trying to address in my retirement, is a better grasp on the theoretical underpinnings, algorithms, development processes, architecture, and maybe language design. But I can feel the draw back into relapsing as language and OS junkie, so who knows...

Thanks, that time frame sounds right.

Man, I loved that magazine. Also a kind of newsletter or mini-magazine called "Algorithm" (or Algorithms). I think that's where I first came across Metaphone, which I implemented in several different languages just for fun. I also tweaked it to take account of the relatively high proportion of Ukrainian names in the region, mostly because my mom was of Ukrainian descent.

Ok, enough reminiscing. I've taken us way off topic! :)

I was subscribed to an actual paper magazine called Dr Dobb's Journal. I think it was there that a language called D was being described as it was being developed. Is this D the continuation of that one? (I suppose it's possible that it was Byte magazine, not DDJ.)

Oh, I didn't know that Excel could do JS. I haven't touched it since I got out of the field a decade or so ago.

One of the things I did was quite a bit of Excel consulting and training. I remember the joy of trying to decode massive formula cells, especially when there were nested IF()s. My rule of thumb was that anything with more than three functions in one formula got converted to a custom function, even if it didn't have general utility.

I found that anyone who could construct and understand those massive formulas were generally capable of dealing with the equivalent VBA with a bit of training. Also, it was generally true that if they couldn't handle the relevant VBA, they were in no position to deal with massive formulas anyway.

Or anywhere for that matter. Have you got nested IF()s in Excel? For crying out loud, pop into VBA and write it up as a custom function like a human being.

I guess I'm out of the loop on this one. Why is RCS crap? A quick search didn't turn up anything obvious.

I'm pretty sure non-programmers share much of the blame. Here's what I imagine goes through the minds of most people, especially management types.

"Oh, a nerd. Great we need another nerd in here because things are not moving fast enough."

I've had job offers for everything from equipment maintenance and repair (because there was a PLC hooked up) to network administrator. It's all computers, right?

When trying to use some of the truly atrocious stuff that gets rolled out with a web interface, I get the distinct impression that random "nerds" are dropped into random slots. There is no consideration that maybe saying "nerd" is like saying "doctor". If that's all you look for, you might get an economist instead of a surgeon.

Excellent! I'm working on my own workbench. I'm still at the design and layout stage, because, like pretty much every client I've ever had, I've fooled myself into thinking I have special requirements that can't be met with an existing, proven design.

I always read a lot. 100+ books a year, plus magazines. Then I got a job in the boonies and got home only on weekends. All of a sudden I was reading a book a day. Even with the library and used book stores, that was financially ruinous for our young family. So I bought a VIC-20, a used b&w tv, and the programmer's reference manual to take out to the work camps.. The savings on books paid for the system in just a few months.

One thing led to another and a decade or so later I made the transition from hobby to career. Now I'm retired and looking to reboot as a hobbyist.

Thanks. Done and done.

I'm just getting back into programming as a retirement hobby after leaving the field due to burnout 15 years ago. That means I'm only just starting to figure out editors and such.

I don't know of any code editors that use tab stops the way a word processor does. A word processor uses tab stops specifically for alignment at defined positions rather than tab characters equivalent to specific number of spaces (or tab key to insert specific number of spaces). Without the ability to set positional tab stops, I don't know that proportional fonts will be all that great for most people.

I took a look at your link to almost proportional fonts. Thanks. I don't know how I missed that, given that iA Writer is one of the editors I've been playing with for general purpose writing. (I've become disillusioned with the state of modern word processors.)

I've long preferred proportional fonts and positional tab stops like what you find in a WYSIWYG word processor. Got a tab position wrong? Drag it as appropriate or, if necessary, add a new one. In fact, during a period where I was doing far more writing than programming, in the days before code completion, I preferred my WYSIWYG word processor to my code editor. I had appropriate scripts and macros for cleaning up imported text files and to always save both native format and a text file with spaces in place of tabs. I also had different templates for different languages so that I could have custom processing for different languages. (It helps that a big part of that job was teaching people how to use word processors as far more than just electronic typewriters.)

Now, of course, the programmer's editor is an advanced tool tailored to the job, making it lunacy to even consider a word processor as code editor. Which doesn't mean that there aren't word processing concepts that might be valuable.

Nick Gravgaard has some good writing on the subject and links to a variety of resources, including to at least one proportional font designed for programming.

Going freelance. All the stuff I learned in formal and informal study and from those around me pales in comparison to what I learned from having to craft useful, affordable solutions for a wide variety of customers in several different fields.

It's true that certain aspects of my technical knowledge took a hit, but creating line of business software solutions in direct collaboration with the actual end-users was a transformative experience.

One of the most important things I learned is that approximately nobody actually knows much about how to efficiently and effectively use a computer. About one third of my time was spent teaching people how to use computers.