May 2025 – Bobbie Conti

Ask any sewist or person who works with fabric what their feelings are about their seam ripper, and they will either tell you it’s complicated or that it’s their favorite. Most of us think it’s complicated.

A seam ripper is a little tool with a sharpish-hooked edge that you use to rip seams (“it’s that easy!”). “Ripping” sounds more violent than it is — it cuts through the threads that hold the seam together whilst (mostly) preserving the fabric on either side and is used for either letting you take something that wasn’t right for you and make it right for you, or for tearing out a mistake.

In knitting, if you have to do that it’s called “frogging” and it’s where you yank the yarn free of the needles and, row by row, disassemble the knit into an unwieldy pile of yarn.

For the most part, NO ONE is having a good time doing these things. At the very best, these are an impedance to actual progress, a necessary correction on the way to doing the thing you actually wanted to do. More often, they are an admission of error, and a painstaking reminder at that. By the time you are frogging or ripping seams, you are watching as you undo dozens, perhaps scores of hours of work. It hurts.

At the very least, though, you have control – you can choose to let the seams stay as-they-are, or you can choose to undo them and refashion them into something you want — but you choose. If you’re one of the thousands laid off last week — or millions over the last year — you didn’t get to choose (or likely didn’t). You have been forced into a Very Large and Very Painful change.

I’ve got some older posts on the practicalities of handling this situation but for the most part they do not address one of the more problematic aspects: what if you’re old?

I speak as someone who is “old”. At least, considered “old” in the workforce for technology: this year I will be 52. With the power of hair dye and wrinkle cream and soft focus and carefully applied makeup I may still be “looking” mid 40’s but the reality is I’ve been in the corporate workforce now for 32 years.

Mind you, “age” isn’t a problem for the person who has it. *I* think my brain works just fine, thank you (or at least as fine as it did some 10 or 20 years ago), but the perception on the exterior could be that I am not as “fresh” as someone younger in career, or as “raw”. (Why do we use phraseology for candidates that we would for produce?). Older folks who have been hit by the layoffs are going to have a harder time getting a new job, and that can mean a forced early retirement or a forced early cliff in finances, neither of which sound great.

The irony is, of course, that we need people to be working as long as possible to support the infrastructure our government uses to support the *really old* people. With the largest generation — Boomers — retiring, the more of us Gen X-ers that can be kept in play, the better off “the system” will be. Gen-X has more in common with Millenials in terms of why we stay at a role, and while I don’t necessarily agree with everything in this infographic, I do think that our generation’s skeptical approach to most things — rebranded as “critical thinking” by the time I got into the workforce properly — is and proves to be quite useful.

Which is not to say the pain is solely borne by us “semi-olds”. Millenials are still paying off student loans while trying to hold a mortgage and save for their kids’ college. Gen Z are coming in with student debt and skyrocketing housing expenses. Getting yoinked out of your job, and also your health insurance, with no notice, is catastrophic. Sure, the unemployment rate — even today — isn’t as bad as it has been (the Great Recession and COVID both created huge spikes), but that is cold comfort to the person evaluating their current situation in what is hopefully a “garden leave” period.

This could be a post that tells one impacted to “buck up”, refashion that resume, pound the pavement, work your network, etc. There are plenty of those posts. This post is to acknowledge it sucks, and for some in a specific stage and circumstance, even if eventually they do get something bigger and better, it sucks hard.

Usually I try to figure out a pithy title as a draw, but for the love of whichever entities you respect and/or follow, please do your software updates. Specifically do your platform updates: on your iPhones/Pads/Macs, on your Windows machines. Update your apps. When the little red notification comes on, do not ignore it, just do it.

How to Update

Updating on Apple (iPhone/iPad): https://support.apple.com/en-us/118575, and includes how to set this up to do it automatically.
Updating on a Mac: https://support.apple.com/en-us/108382
Updating on an Android phone: https://support.google.com/android/answer/7680439?hl=en
Updating on a Samsung Galaxy phone or tablet: https://www.samsung.com/us/support/answer/ANS10002027/
Updating a Windows device: https://support.microsoft.com/en-us/windows/install-windows-updates-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a

(If you have other devices/platforms just use your handy dandy search engine — I use Duck Duck Go — to identify how to get your updates in a timely fashion. Bonus points if you set it up to automatically do it.)

Why Update

There are some that believe the updates are for feature funsies: e.g., if I update my phone I will get the new AI this or the new UI that. This is true, for most “regular” updates there are some feature releases and you get to read all about those (and decide if you like that or not). There are also “bug fixes”. I feel like this does disservice to what those fixes are: if I think of a “bug” I think of “annoying thing that happens”, I do not think of “wide open gaping hole for bad actors to waltz in through”.

Your platform updates often include security patches. These patches are, for the most part, NOT because the engineers made a mistake when crafting the platform, rather, they relied on packaged convenience libraries to do some standardized work and *it is those libraries* that have problems. Think of it like this: the engineers baked the cake, but the problem was hidden in the flour they used, and would not have been visible when they baked the cake and someone found out the flour had something in it long after the cake has been baked.

This happens *all the time*. There are thousands, probably millions of little packed up conveniences in the software world, because writing something *from scratch* takes a very long time and it’s kind of silly if someone has already done it (and done it so well that All the Other Kids are Using It). When a vulnerability is discovered in a package, it is given a CVE number (Common Vulnerabilities and Exposures), and a detailed write up on what the vulnerability is, where it is, and oftentimes suggestions on how to fix it. Companies worldwide use MITRE’s CVE database to understand what and where those vulnerabilities are, and how to fix them, so they can iteratively update their software and further secure it. Vulnerabilities are discovered by engineers around the world, sometimes on their own time, and sometimes on their company time: they are written up and shared with package users to make sure they get fixed.

How Bad Can it Be?

A vulnerability or exposure has roughly four stages of severity: low, medium, high, and critical. YOU as the consumer don’t really know which basket of vulnerabilities is addressed in “bug fixes”, but the company you depend on does: high and critical vulnerabilities, and their address, are often why you get off-cycle security patches (ever had an update on your phone that seemed awfully soon after the last one?). These vulnerabilities are “publicly disclosed”, meaning, their existence and how they can be exploited is also disclosed. The analogy here is: there’s a catalogue of all barn doors that are unlocked in your area, and anyone who uses those barns should be aware of that, and the barn owners should be aware of that, so the barn owner can lock the door. This also means that bad actors (who, let’s face it, are probably serially trying all the barn doors through the area anyway) who are lazy and did not do their homework now have a legit directory of which barns are probably unlocked.

Hence the haste.

These vulnerabilities are discovered and there is a Very Short Window in which the companies that use them can get a heads up on fixing them and getting those fixes out before they show up in the public discourse. (Meaning, the CVE doesn’t show up formally in the MITRE database until which time as the organizations and libraries dependent on fixing it have at least had a *chance* to fix it). This means that the original discoverer(s) of the exploit know how to break in, but it isn’t available to everyone else to see: that happens after (theoretically) everything has been fixed.

“Everything has been fixed”, in this case, means that your software has been patched and updated, *or you have been asked to do an update*.

If you wait, and the longer you wait, the more exposed you are.

Modern convenience often comes with modern inconvenience: we have computers that are smaller than our hand that literally tether to all global knowledge, they help us stay in communication with others and they help us track our lives and livelihoods. They also are fragile and need care and feeding, and it can be easy to defer it in light of convenience (“oh, I won’t do the update now because it will take too long, I’ll wait until ‘later'”). Please. Don’t wait until “later”.

Month: May 2025

Do your updates.

How to Update

Why Update

How Bad Can it Be?