Suramya's Blog : Welcome to my crazy life…

March 7, 2023

What not to do when laying off people

Filed under: My Thoughts — Suramya @ 11:59 PM

Elon Musk drama seems to be almost impossible to avoid now since he has taken over Twitter, if it is not one thing it is another. Personally I feel that he has bought Twitter and can do whatever he wants with it whether the rest of us like it or not. He has been firing people pretty much since he took over, last week was the most recent batch where ~200 folks were laid off.

What is interesting and super unprofessional is that it looks like the folks who were laid off didn’t get an official notice that they have been terminated, instead their access just stopped working one day. Haraldur Thorleifsson, who was a senior director at Twitter was one of the folks impacted by this, so they reached out to HR at Twitter who didn’t (or maybe couldn’t) answer the simple question “Please confirm if I am an employee or not?”. After 9 days of getting nowhere, he posted a public thread on Twitter tagging Musk asking if he was laid off.

Dear @elonmusk

9 days ago the access to my work computer was cut, along with about 200 other Twitter employees.

However your head of HR is not able to confirm if I am an employee or not. You’ve not answered my emails.

Maybe if enough people retweet you’ll answer me here?

Elon was as ‘classy’ as ever and with jokes, silly emojies and then publicly mocked their disability, insinuated that they exaggerated their disability and saying they “did no actual work.”.

It is his right to fire people, but there is a right way and a wrong way to do it and this is definitely the latter. When Vinit was running his own company and had to lay off people because of funding issues, he did it in a fantastic way (See below) and I have seen other folks do the same thing.

Four years after he started Buildkar.com, a website for construction materials, Vinit Bhansali realised with horror that he had lay off eight employees. “It’s hard to tell your team you have to let them go. So, I reached out to everyone I knew — old friends from school, investors, acquaintances in the startup space — to find them jobs. Even VCs who had chosen not to invest in my company helped out and shared the resumes with startups in their portfolio,” he says. Eventually all eight were placed.

I have been part of companies that laid off employees and it was a painful experience even for those of us who weren’t laid off. All of us leveraged our connections to connect the folks impacted with teams that were hiring, a quick search on Mastodon/Twitter will get you links and posts from folks who don’t even know the folks impacted reaching out to help in anyway they can. That is humanity, that is how a person should behave.

This way of firing where a person doesn’t even know for sure they are fired or not is the worst way to fire someone, ghosting an employee is not a mature/professional way to do this. Imagine the stress an employee goes through if they are not able to log in even once due to a mistyped password or other technical issues. Then you have the uncertainty of not knowing if you are still employed and can afford to pay rent, buy groceries etc. For Musk its all a big joke because he never had to deal with not being able to afford food or have to worry about the rent being late but for most of the others people in his company they do have to worry about this along with a whole other set of responsibilities.


Have I been laid off?

The worst part is that a lot of people don’t see anything wrong with this. They still think he is the greatest thing to happen for mankind where in reality he is just another narcissistic billionaire who has gone back on pretty much every promise he ever made.

– Suramya

March 6, 2023

Twitter is down… Again!

Filed under: Computer Related,Humor — Suramya @ 11:07 PM

Twitter downtimes are becoming more and more common, and even though I don’t spend that much time on Twitter anymore (Mastodon is so much better and more fun) this was too good to ignore.
If you visit Twitter.com (or any url on twitter) right now instead of the content you get an API error message stating that “Your current API plan does not include access to this endpoint, please see https://developer.twitter.com/en/docs/twitter-api for more information”.


Current API plan does not include access to this endpoint

Looks like the team managed to nuke their own connections to the API while attempting to restricting some API calls to paid customers only. Although this is an error that should have been caught in UAT or QA testing. I mean that is the basic 1st thing to check to see if all services are working after a major change like this one. But it looks like it was pushed to prod directly without validation.

I guess firing a majority of your teams with almost no notice or Knowledge Transfer sessions is a bad move and makes it harder to keep your site up and running. Who knew?

– Suramya

Resolving Citrix error: “No active policy is found in Secondary authentication cascade” when connecting via Android client

Filed under: Computer Tips,Knowledgebase — Suramya @ 8:37 PM

I was try to connect to Citrix using an android device and after authentication, I got the following error message: “No active policy is found in Secondary authentication cascade. Please contact your administrator.”

I tried doing a search for the error message but none of the solutions were applicable in my case. I was accessing the log in page using Firefox mobile and on a hunch I switched the view to “Desktop Site” by clicking on the three dots on the top right corner of the browser (See screenshot below). Once I did that and resubmitted the page, things automatically started working without any errors.


Enable Desktop Site in Firefox

My guess is that the mobile view doesn’t allow the server to run secondary validation checks because of the limitations in the mobile view. Switching to Desktop mode removes the limitations so things start automagically working again.

– Suramya

March 3, 2023

Someone is now claiming that they can’t use Microsoft Windows for “Religious Reasons”

Filed under: Humor,News/Articles,Tech Related — Suramya @ 3:10 PM

The Operating System (OS) wars have been going on since we have had computers and the ferocity with which some OS users defend their preference at times borders on that of fundamentalist religions. The following incident just takes it to the logical conclusion, where a new joiner in a company doesn’t want to use windows on their office laptop because their religion does not allow use of Apple or Microsoft owned Operating Systems.


Employee claims that she can’t use Microsoft Windows for “Religious Reasons”

I wonder that their stance is about using other software/websites/services owned by Apple/Microsoft. Have they stopped using Github because it is owned by MS? What about LinkedIn? or Mojang, X-Box? or any of the thousands of companies they own or have stakes in. Do they use Beat headsets? Shazam? Akamai? Apple either owns or has stakes in them and a ton of other companies as well.

I personally use Linux as my primary OS and would always prefer to use it whenever possible. However, I have had to use Windows at work in most of the companies that I have worked in because that’s what the standard setup was over there. I did push for Linux in some of the orgs and we ended up replacing Windows with Linux for some of the developers in a few companies. That being said, refusing to work with an OS because you don’t want to is a bit over the top for me and calling it against their religion makes it even more out there…

Source: Whitney Merrill on Mastadon

– Suramya

March 2, 2023

Intel Releases SDK allowing C++ Developers to start writing code for Quantum Computers

Filed under: Quantum Computing,Tech Related — Suramya @ 8:26 PM

Intel has released a new software platform for Developers (SDK) who are looking to work on Quantum computers. They are not the first (Microsoft released an online course/setup back in 2019) and they certainly won’t be the last to do this.

Unfortunately, while they have released the platform it doesn’t actually run on a quantum computer but rather runs on a quantum computer simulator they have built. But the really interesting thing is that this SDK that they have released allows developers to use C++ to build quantum algorithms instead of having to learn a new programming language which immediately increases the no of people who can hit the ground running and start developing with the SDK.

The platform, called Intel Quantum SDK, would for now allow those algorithms to run on a simulated quantum computing system, said Anne Matsuura, Intel Labs’ head of quantum applications and architecture. Matsuura said developers can use the long-established programming language C++ to build quantum algorithms, making it more accessible for people without quantum computing expertise. “The Intel Quantum SDK helps programmers get ready for future large-scale commercial quantum computers,” Matsuura said in a statement. “It will also advance the industry by creating a community of developers that will accelerate the development of applications.”

Intel will be launching their own version of a Quantum computer in the near future. They are taking a slightly different approach than the others to make the computer, they are basically trying to build this computers using their existing chip-making technology by putting transistors very close to each other, running them at super low temperatures and then use single electrons in the circuit which makes the transistors act as qubits. This sounds like a promising approach but I feel that this is more of a stepping stone on the way to the fully quantum setup as it is a hybrid version of the existing computers and a quantum computer.

Source: Slashdot: Intel Releases Software Platform for Quantum Computing Developers

– Suramya

March 1, 2023

Don’t burn bridges by behaving unprofessionally when you leave a company

Filed under: My Thoughts — Suramya @ 4:47 PM

The message screenshot below was shared by a friend who is changing jobs. It is a perfect example for why you shouldn’t burn bridges when you leave a job because you never know who that person might be connected with and they just might end up sharing what you did when you quit ensuring that you don’t get that offer.

My new boss who was my ex boss is friends with my current boss and they are neighbours
My new boss who was my ex boss is friends with my current boss and they are neighbours 😬😄🙈

It is highly tempting to vent, curse or blast your manager/seniors/company when you leave or post nasty comments in public about it but you should please refrain. There was a case back in 2017 where a US flight attendant Steven Slater spectacularly quit his job aboard a JetBlue flight by grabbing a few beers, cursing out the airline on the AP and slipping down the plane’s emergency slide. This got him instant fame and spotlight and lots of people were applauding him on how he ‘had the guts’ to tell the truth and leave in an epic fashion. But this ‘epic’ resignation cost him his job, he was charged with criminal mischief, reckless endangerment and criminal trespass and had to pay a $10k fine. He can no longer work in the airline industry because no one wants to hire him and I don’t blame them. What is the guarantee that he wouldn’t pull a stunt like this again?

There was a case where a person was being interviewed for a job at one of my old companies and one of the hiring managers was talking about the candidate to a co-worker who had worked with the candidate before and commented that the person had behaved extremely unprofessionally with their boss on their last day because they were no longer reporting to him. The hiring manager discussed this with their manager and the decision was made to drop the candidate from consideration. It is a small world and you never know where you might cross paths with a person again down the line.

This is not to say that you shouldn’t respond to inappropriate behavior or actions. You can do that in a dignified/professional way like reporting to HR, putting in an official complaint etc. Or you can do it in an unprofessional way by cursing them out or posting a profanity ridden comment about them on their linkedIn page. See the difference? If you chose the first option, you might get asked about it during the interview and in the latter case you would just get dropped from consideration.

What do you think?

– Suramya

February 28, 2023

You shouldn’t spend money teaching folks how to survive in your toxic work culture, instead fix the Toxic culture

Filed under: My Thoughts — Suramya @ 5:39 PM

The following post showed up on my LinkedIn feed earlier today, it wants companies to put in time, effort & money to train employees on office politics so that they learn to survive and perform in a toxic work environment…


Personally, I would rather that the company spent all the effort to remove the toxicity from their work culture so that people don’t have to deal with it. This is like saying that we know that the water you drink is toxic, but we are not going to fix the root cause but will give you free chemo-therapy to mitigate your cancer.

If you run a company, and are hearing reports about toxic culture in the company then you need to address that immediately and not by giving people training on how to survive it, but rather by removing the toxic elements ruthlessly. Short term you might have to take a hit and might miss milestones or deliverables but long term your other employees who were just doing the bare minimum to get by would start engaging more, new talented folks would be happy to join your team/company because they wouldn’t get emails from friends telling them that it is a bad idea to join company X because of the toxic work environment.

What do you think?

– Suramya

February 27, 2023

It is now possible to put undetectable Backdoors in Machine Learning Models

Filed under: Computer Software,Emerging Tech,My Thoughts,Tech Related — Suramya @ 10:18 PM

Machine Learning (ML) has become the new go to buzzword in the Tech world in the last few years and everyone seems to be focusing on how they can include ML/AI in their products, regardless of whether it makes sense to include or not. One of the bigest dangers of this trend is that we are moving towards a future where an algorithm would have the power to make decisions that have real world impacts but due to the complexity it would be impossible to audit/check the system for errors/bugs, non-obvious biases or signs of manipulation etc. For example, we have had cases where the wrong person was identified as a fugitive and arrested because an AI/ML system claimed that they matched the suspect. Others have used ML to try to predict crimes with really low accuracy but people take it as gospel because the computer said so…

With ML models becoming more and more popular there is also more research on how these models are vulnerable to attacks. In December 2022 researchers (Shafi Goldwasser, Michael P. Kim, Vinod Vaikuntanathan and Or Zamir) from UC Berkely, MIT and Princeton published a paper titled “Planting Undetectable Backdoors in Machine Learning Models” in the IEEE 63rd Annual Symposium on Foundations of Computer Science (FOCS) where they discuss how it would be possible to train a model in a way that it allowed an attacker to manipulate the results without being detected by any computationally-bounded observer.

Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. Delegation of learning has clear benefits, and at the same time raises serious concerns of trust. This work studies possible abuses of power by untrusted learners.We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the appropriate “backdoor key,” the mechanism is hidden and cannot be detected by any computationally-bounded observer. We demonstrate two frameworks for planting undetectable backdoors, with incomparable guarantees.

First, we show how to plant a backdoor in any model, using digital signature schemes. The construction guarantees that given query access to the original model and the backdoored version, it is computationally infeasible to find even a single input where they differ. This property implies that the backdoored model has generalization error comparable with the original model. Moreover, even if the distinguisher can request backdoored inputs of its choice, they cannot backdoor a new input­a property we call non-replicability.

Second, we demonstrate how to insert undetectable backdoors in models trained using the Random Fourier Features (RFF) learning paradigm (Rahimi, Recht; NeurIPS 2007). In this construction, undetectability holds against powerful white-box distinguishers: given a complete description of the network and the training data, no efficient distinguisher can guess whether the model is “clean” or contains a backdoor. The backdooring algorithm executes the RFF algorithm faithfully on the given training data, tampering only with its random coins. We prove this strong guarantee under the hardness of the Continuous Learning With Errors problem (Bruna, Regev, Song, Tang; STOC 2021). We show a similar white-box undetectable backdoor for random ReLU networks based on the hardness of Sparse PCA (Berthet, Rigollet; COLT 2013).

Our construction of undetectable backdoors also sheds light on the related issue of robustness to adversarial examples. In particular, by constructing undetectable backdoor for an “adversarially-robust” learning algorithm, we can produce a classifier that is indistinguishable from a robust classifier, but where every input has an adversarial example! In this way, the existence of undetectable backdoors represent a significant theoretical roadblock to certifying adversarial robustness.

Basically they are talking about having a ML model that works correctly most of the time but allows the attacker to manipulate the results if they want. One example use case would be something like the following: A bank uses a ML model to decide if they should give out a loan to an applicant and because they don’t want to be accused of being discriminatory they give it to folks to test and validate and the model comes back clean. However, unknown to the testers the model has been backdoored using the techniques in the paper above so the bank can modify the output in certain cases to deny the loan application even though they would have qualified. Since the model was tested and ‘proven’ to be without bias they are in the clear as the backdoor is pretty much undetectable.

Another possible attack vector is that a nation state funds a company that trains ML models and has them insert a covert backdoor in the model, then they have the ability to manipulate the output from the model without any trace. Imagine if this model was used to predict if the nation state was going to attack or not. Even if they were going to attack they could use the backdoor to fool the target into thinking that all was well.

Having a black box making such decisions is what I would call a “Bad Idea”. At least with the old (non-ML) algorithms we could audit the code to see if there were issues with ML that is not really possible and thus this becomes a bigger threat. There are a million other such scenarios that could be played and if we put blind trust in an AI/ML system then we are setting ourselves up for a disaster that we would never see coming.

Source: Schneier on Security: Putting Undetectable Backdoors in Machine Learning Models

– Suramya

February 21, 2023

Fixing problems with nvidia-driver on Debian Unstable after latest upgrade

Filed under: Computer Software,Linux/Unix Related,Tech Related — Suramya @ 10:54 PM

Earlier today I ran my periodic update of my main desktop that is running Debian Unstable. The upgrade finished successfully and since a new kernel was released with this update I restarted the system to ensure that all files/services etc are running the same version. After the reboot the GUI refused to start and I thought the problem could be because of a NVIDIA kernel module issue so I tried to reboot to an older kernel but that didn’t work either. Then I tried running apt-get dist-upgrade again which gave me the following error:

root@StarKnight:~# apt-get dist-upgrade 
Reading package lists...
Building dependency tree...
Reading state information...
You might want to run 'apt --fix-broken install' to correct these.
The following packages have unmet dependencies:
 nvidia-driver : Depends: nvidia-kernel-dkms (= 525.85.12-1) but 515.86.01-1 is installed or
                          nvidia-kernel-525.85.12 or
                          nvidia-open-kernel-525.85.12 or
                          nvidia-open-kernel-525.85.12
E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).

So I ran the apt –fix-broken install command as recommended and that failed as well with another set of errors:

root@StarKnight:/var/log# apt --fix-broken install
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Correcting dependencies... Done
0 upgraded, 0 newly installed, 0 to remove and 13 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
dpkg: dependency problems prevent configuration of nvidia-driver:
 nvidia-driver depends on nvidia-kernel-dkms (= 525.85.12-1) | nvidia-kernel-525.85.12 | nvidia-open-kernel-525.85.12 | nvidia-open-kernel-525.85.12; however:
  Version of nvidia-kernel-dkms on system is 515.86.01-1.
  Package nvidia-kernel-525.85.12 is not installed.
  Package nvidia-open-kernel-525.85.12 is not installed.
  Package nvidia-open-kernel-525.85.12 is not installed.

dpkg: error processing package nvidia-driver (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 nvidia-driver
E: Sub-process /usr/bin/dpkg returned an error code (1)

Looking at the logs, I didn’t see any major errors but I did see the following message:

2023-02-21T19:48:27.668268+05:30 StarKnight kernel: [    3.379006] NVRM: loading NVIDIA UNIX x86_64 Kernel Module  515.86.01  Wed Oct 26 09:12:38 UTC 2022
2023-02-21T19:48:27.668286+05:30 StarKnight kernel: [    4.821755] NVRM: API mismatch: the client has the version 525.85.12, but
2023-02-21T19:48:27.668287+05:30 StarKnight kernel: [    4.821755] NVRM: this kernel module has the version 515.86.01.  Please
2023-02-21T19:48:27.668287+05:30 StarKnight kernel: [    4.821755] NVRM: make sure that this kernel module and all NVIDIA driver
2023-02-21T19:48:27.668288+05:30 StarKnight kernel: [    4.821755] NVRM: components have the same version.

Searching on the web didn’t give me a solution but since I am running the Debian Unstable branch it is expected that once in a while things might break and sometimes they break quite spectacularly… So I started experimenting and tried removing and reinstalling the nvidia-driver but that was failing as well because the package was expecting nvidia-kernel-dkms version 525.85.12 but we had 515.86.01-1 installed. 

root@StarKnight:~# apt-get install nvidia-driver
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  nvidia-driver
0 upgraded, 1 newly installed, 0 to remove and 14 not upgraded.
Need to get 0 B/494 kB of archives.
After this operation, 1,398 kB of additional disk space will be used.
Selecting previously unselected package nvidia-driver.
(Reading database ... 439287 files and directories currently installed.)
Preparing to unpack .../nvidia-driver_525.85.12-1_amd64.deb ...
Unpacking nvidia-driver (525.85.12-1) ...
dpkg: dependency problems prevent configuration of nvidia-driver:
 nvidia-driver depends on nvidia-kernel-dkms (= 525.85.12-1) | nvidia-kernel-525.85.12 | nvidia-open-kernel-525.85.12 | nvidia-open-kernel-525.85.12; however:
  Version of nvidia-kernel-dkms on system is 515.86.01-1.
  Package nvidia-kernel-525.85.12 is not installed.
  Package nvidia-open-kernel-525.85.12 is not installed.
  Package nvidia-open-kernel-525.85.12 is not installed.

Now I had a couple of options, first was to wait for a couple of days (if I am lucky) for someone to upload the correct versions of the packages to the channel. The second option was to remove the package and installed the Open Source version of the Nvidia driver. I didn’t want to do that because that package is a memory hog and doesn’t work that well either. The last option was to try to manually install the older version (525.85.12) of the nvidia-kernel-dkms package and this is what I decided to go with, a search on the Debian Packages site gave me the .deb file for nvidia-kernel-dkms and firmware-nvidia-gsp (a dependency for the dkms package). I downloaded both the packages and installed them using the following command:

root@StarKnight:/home/suramya/Media/Downloads# dpkg -i firmware-nvidia-gsp_525.85.12-1_amd64.deb 
root@StarKnight:/home/suramya/Media/Downloads# dpkg -i nvidia-kernel-dkms_525.85.12-1_amd64.deb

Once the packages were successfully downgraded I rebooted the system and the GUI came up without issues post the reboot.

Moral of the story is that you need to be prepared to have to troubleshoot your setup if you are running Debian Unstable or Debian Testing on your system. If you don’t want to do that then you should stick to Debian Stable which is rock solid or one of the other distributions such as Ubuntu or Linux Mint etc.

– Suramya

February 20, 2023

Fixing SSL error 61 on Citrix Workspace on Debian

Filed under: Computer Security,Computer Tips,Linux/Unix Related,Tech Related — Suramya @ 9:38 PM

Was trying to connect to a Citrix Workspace and kept getting the following error “You have not chosen to trust “Entrust Root Certification Authority – XX”, the issuer of the security certificate (SSL error 61)“. I have hit this error in the past and had fixed it but couldn’t find my notes from how I had fixed it back then, so I had to resort to searching on the web based on vague memories of how I had fixed. After a bit of effort I found two solutions that people had suggested:

Solution 1:

Create a symbolic link pointing the /opt/Citrix/ICAClient/keystore/cacerts directory to /usr/share/ca-certificates/mozilla/ , using the command below as root:

mv /opt/Citrix/ICAClient/keystore/cacerts /opt/Citrix/ICAClient/keystore/cacerts.bak
ln -s /usr/share/ca-certificates/mozilla/ /opt/Citrix/ICAClient/keystore/cacerts

Unfortunately, this didn’t resolve the problem for me.

Solution 2:

The second solution people recommended was to link /opt/Citrix/ICAClient/keystore/cacerts directory to the /etc/ssl/certs/ directory, using the command below as root:

mv /opt/Citrix/ICAClient/keystore/cacerts /opt/Citrix/ICAClient/keystore/cacerts.bak
ln -s /etc/ssl/certs/ /opt/Citrix/ICAClient/keystore/cacerts

After I linked the directory to /etc/ssl/certs things immediately started working without errors. This time I am blogging about it so that the next time I don’t waste time trying to find the solution.

– Suramya

« Newer PostsOlder Posts »

Powered by WordPress