Feuerfest

Photo by Christina Morillo: https://www.pexels.com/photo/white-dry-erase-board-with-red-diagram-1181311/

I have a VM in my LAN which servers as central admin host. There I wanted to create a systemd unit and timer to automatically update my Git-Repositories. The reason is that it happens too often that I push some changes from other machines but forget to pull the repos before I commit my changes done on the admin host.

Sure, stash the commit. Fix any conflicts. No big deal. But still annoying. Therefore: A systemd unit file with a timer that updates the repos every hour and be done with it.

Encountering the bug

While reading the systemd documentation I learned that you can list multiple ExecStart parameters if the service is of Type=oneshot. Then all commands will be executed in sequential order.

Unless Type= is oneshot, exactly one command must be given. When Type=oneshot is used, zero or more commands may be specified. [...] If more than one command is specified, the commands are invoked sequentially in the order they appear in the unit file. If one of the commands fails (and is not prefixed with "-"), other lines are not executed, and the unit is considered failed.

From: https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#ExecStart=

This seems to be the easiest way to achieve my goal. Just add one ExecStart= line for every Git-Repo, done. For testing I didn't write the timer file. Wanting to verify that the unit file works. And the following unit file works flawlessly.

user@lanadmin:~$ systemctl --user cat git-update
# /home/user/.config/systemd/user/git-update.service
[Unit]
Description=Update git-Repositories
After=network-online.target
Wants=network-online.target

[Service]
# Allows the execution of multiple ExecStart parameters in sequential order
Type=oneshot
# Show status "dead" after commands are executed (this is just commands being run)
RemainAfterExit=no
# git pull = git fetch + git merge
ExecStart=/usr/bin/git -C %h/git/github/chrlau/dotfiles pull
ExecStart=/usr/bin/git -C %h/git/github/chrlau/scripts pull

[Install]
WantedBy=default.target

However, while initially writing it and looking at the output of systemctl --user status git-update I noticed something.

user@lanadmin:~$ systemctl --user status git-update
○ git-update.service - Update git-Repositories
     Loaded: loaded (/home/user/.config/systemd/user/git-update.service; enabled; preset: enabled)
     Active: inactive (dead) since Fri 2024-04-26 22:16:21 CEST; 15s ago
    Process: 39510 ExecStart=/usr/bin/git -C /home/user/git/github/chrlau/dotfiles pull (code=exited, status=0/SUCCESS)
    Process: 39516 ExecStart=/usr/bin/git -C /home/user/git/github/chrlau/scripts pull (code=exited, status=0/SUCCESS)
   Main PID: 39516 (code=exited, status=0/SUCCESS)
        CPU: 40ms

Apr 26 22:16:18 lanadmin systemd[9234]: Starting git-update.service - Update git-Repositories...
Apr 26 22:16:21 lanadmin git[39521]: Already up to date.
Apr 26 22:16:21 lanadmin systemd[9234]: Finished git-update.service - Update git-Repositories.

There should be two log lines with git[pid]: Already up to date. After all we call git two times. But there is only one line. Why!?

At first I considered something like rate-limiting or the de-duplication of identical log messages. But I found nothing. Only an old RedHat Bugreports from 2013 & 2017 about how journalctl can't always catch the necessary process information (cgroup, etc.) from /proc before the process is gone (read: Bug 963620 - journald: we need a way to get audit, cgroup, ... information attached to log messages instead of asynchronously reading them in and Bug 1426152 - Journalctl miss to show logs from unit). Especially with short-running processes this occurred regularly. This can't be the reason, or?

I checked the journal for the unit file. Line still missing.

user@lanadmin:~$ journalctl --user -u git-update
Apr 26 22:16:18 lanadmin systemd[9234]: Starting git-update.service - Update git-Repositories...
Apr 26 22:16:21 lanadmin git[39521]: Already up to date.
Apr 26 22:16:21 lanadmin systemd[9234]: Finished git-update.service - Update git-Repositories.

Then I accidentally executed journalctl without any parameters and...

user@lanadmin:~$ journalctl
[...]
Apr 26 22:16:18 lanadmin systemd[9234]: Starting git-update.service - Update git-Repositories...
Apr 26 22:16:20 lanadmin git[39515]: Already up to date.
Apr 26 22:16:21 lanadmin git[39521]: Already up to date.
Apr 26 22:16:21 lanadmin systemd[9234]: Finished git-update.service - Update git-Repositories.
[...]

There it is. So why does a simple journalctl display both lines, while a systemctl --user status git-update doesn't?

Remembering the bug we just read? journalctl has a verbose mode. This displays all fields for every log line. This should tell us the difference between those to log messages.

At first we have the entry for the Starting git-update.service - Update git-Repositories message. Nothing suspicious here.

user@lanadmin:~$ journalctl -o verbose
Fri 2024-04-26 22:16:18.724396 CEST [s=78cb2a728dda4d579b41ba58b655d4c2;i=6a32;b=859f56a381394260854aeac3b77d87a3;m=1a58bdb7ae0;t=6170593979632;x=ed56438f3a913535]
    PRIORITY=6
    SYSLOG_FACILITY=3
    TID=9234
    SYSLOG_IDENTIFIER=systemd
    _TRANSPORT=journal
    _PID=9234
    _UID=1000
    _GID=1000
    _COMM=systemd
    _EXE=/usr/lib/systemd/systemd
    _CMDLINE=/lib/systemd/systemd --user
    _CAP_EFFECTIVE=0
    _SELINUX_CONTEXT=unconfined
    _AUDIT_SESSION=393
    _AUDIT_LOGINUID=1000
    _SYSTEMD_CGROUP=/user.slice/user-1000.slice/user@1000.service/init.scope
    _SYSTEMD_OWNER_UID=1000
    _SYSTEMD_UNIT=user@1000.service
    _SYSTEMD_USER_UNIT=init.scope
    _SYSTEMD_SLICE=user-1000.slice
    _SYSTEMD_USER_SLICE=-.slice
    _BOOT_ID=859f56a381394260854aeac3b77d87a3
    _MACHINE_ID=e83bb1062b594b79817a5c8a5605f9fd
    _HOSTNAME=lanadmin
    _RUNTIME_SCOPE=system
    CODE_FILE=src/core/job.c
    JOB_TYPE=start
    CODE_LINE=581
    CODE_FUNC=job_emit_start_message
    MESSAGE_ID=7d4958e842da4a758f6c1cdc7b36dcc5
    MESSAGE=Starting git-update.service - Update git-Repositories...
    JOB_ID=10
    USER_INVOCATION_ID=8f476f2ef43245ba89a9cb69a26f8577
    USER_UNIT=git-update.service
    _SOURCE_REALTIME_TIMESTAMP=1714162578724396

Then comes the entry for the first Already up to date. log message. And it's entry is way shorter than the previous log message. No fields regarding systemd are associated.

Fri 2024-04-26 22:16:20.137988 CEST [s=78cb2a728dda4d579b41ba58b655d4c2;i=6a33;b=859f56a381394260854aeac3b77d87a3;m=1a58bf10cb2;t=6170593ad2804;x=730951cbebf4e84a]
    PRIORITY=6
    SYSLOG_FACILITY=3
    _UID=1000
    _GID=1000
    _BOOT_ID=859f56a381394260854aeac3b77d87a3
    _MACHINE_ID=e83bb1062b594b79817a5c8a5605f9fd
    _HOSTNAME=lanadmin
    _RUNTIME_SCOPE=system
    _TRANSPORT=stdout
    _STREAM_ID=36f2542db1e249da8c5c5b1342d065e8
    SYSLOG_IDENTIFIER=git
    MESSAGE=Already up to date.
    _PID=39515
    _COMM=git

And yep, here is the second Already up to date. log message. It contains all fields and this is the message we see, when we display the journal-entries for our git-update.service unit.

Fri 2024-04-26 22:16:21.471040 CEST [s=78cb2a728dda4d579b41ba58b655d4c2;i=6a34;b=859f56a381394260854aeac3b77d87a3;m=1a58c0563ee;t=6170593c17f40;x=2574d8467f36d20]
    PRIORITY=6
    SYSLOG_FACILITY=3
    _UID=1000
    _GID=1000
    _CAP_EFFECTIVE=0
    _SELINUX_CONTEXT=unconfined
    _AUDIT_SESSION=393
    _AUDIT_LOGINUID=1000
    _SYSTEMD_OWNER_UID=1000
    _SYSTEMD_UNIT=user@1000.service
    _SYSTEMD_SLICE=user-1000.slice
    _BOOT_ID=859f56a381394260854aeac3b77d87a3
    _MACHINE_ID=e83bb1062b594b79817a5c8a5605f9fd
    _HOSTNAME=lanadmin
    _RUNTIME_SCOPE=system
    _TRANSPORT=stdout
    SYSLOG_IDENTIFIER=git
    MESSAGE=Already up to date.
    _COMM=git
    _STREAM_ID=cfc8932e3cf9431aa59873d163d624a8
    _PID=39521
    _SYSTEMD_CGROUP=/user.slice/user-1000.slice/user@1000.service/app.slice/git-update.service
    _SYSTEMD_USER_UNIT=git-update.service
    _SYSTEMD_USER_SLICE=app.slice
    _SYSTEMD_INVOCATION_ID=8f476f2ef43245ba89a9cb69a26f8577

Great. So how to fix this? Yeah, I can't. Unless I can make the git-process running longer there is no real solution. I tried adding ExecStart=/usr/bin/sleep 1 after each git command, but that of course didn't change anything. As sleep is a different process.

Now I'm left with the following situation: Sometimes both log entries are logged correctly with all fields. Sometimes just one (either the first or second one). And rarely none is logged at all. Then all I have are the standard Starting git-update.service - Update git-Repositories. and Finished git-update.service - Update git-Repositories... log messages which are sent via systemd when a unit file is started and when it finishes.

Beautiful. Just beautiful. I mean.. The syslog facility, identifier and priority is logged each time. So yeah, that's actually a reason for good old rsyslog.

A somewhat of a solution?

The best advise I can currently give is: If you have short lived processes started via systemd and it's important you can easily view all log messages:

1. Make sure ForwardToSyslog=yes is set in /etc/systemd/journald.conf. Note that the default values are usually listed as comments. So if the line #ForwardToSyslog=yes is present, you should be fine
2. Install rsyslog or any other traditional syslog service
3. Configure it to store your log messages in a separate logfile or let it go to /var/log/messages
4. Don't forget to configure logrotate (or some other sort of logfile rotating) for all logfiles created by rsyslog 😉

I just learned to always execute a plain journalctl during troubleshooting sessions just to make sure that I spot messages from short running processes.

And what about the timer?

This is the timer file I use. It runs once every hour.

user@lanadmin:~$ systemctl --user cat git-update.timer
# /home/user/.config/systemd/user/git-update.timer
[Unit]
Description=Update git-repositories every hour

[Timer]
# Documentation: https://www.freedesktop.org/software/systemd/man/latest/systemd.time.html#Calendar%20Events
OnCalendar=*-*-* *:00:00
Unit=git-update.service

[Install]
WantedBy=default.target

After creating the file you need to enable and start it.

user@lanadmin:~$ systemctl --user enable git-update.timer
Created symlink /home/user/.config/systemd/user/default.target.wants/git-update.timer → /home/user/.config/systemd/user/git-update.timer.

user@lanadmin:~$ systemctl --user start git-update.timer

Using systemctl --user list-timers we can verify that the timer is scheduled to run.

user@lanadmin:~$ systemctl --user list-timers
NEXT                         LEFT       LAST PASSED UNIT                   ACTIVATES
Sun 2024-04-28 16:00:00 CEST 49min left -    -      git-update.timer git-update.service

1 timers listed.
Pass --all to see loaded but inactive timers, too.

Photo by Markus Spiske: https://www.pexels.com/photo/green-and-yellow-printed-textile-330771/

I finally got around to update to the recent version of Bludit. And as I made two changes to files which will be overwritten, I made myself a small documentation.

Changing the default link target

Post with code example, here: https://admin.brennt.net/changing-the-default-link-target-in-bludits-tinymce

1. Open file bludit-folder/bl-plugins/tinymce/plugin.php file
2. Search for tinymce.init
3. Then we add the default_link_target: '_blank' parameter at the end of the list
4. Don't forget to add a semicolon behind the formerly last parameter

Keep the syntax highlighting

Original post: https://admin.brennt.net/bludit-and-syntax-highlighting

1. Open: bludit-folder/bl-plugins/tinymce/tinymce/plugins/codesample/plugin.min.js
2. Search for <pre and in the class property add line-numbers. It should now look like this: t.insertContent('<pre id="__new" class="language-'+a+' line-numbers">'+r+"</pre>")
3. A little after that pre you will also find t.dom.setAttrib(e,"class","language-"+a), add the line-numbers class in there too, it should look like this: t.dom.setAttrib(e,"class","line-numbers language-"+a)
4. Edit a random blogpost with code in it to verify that newly rendered pages get the line-numbers and syntax highlighting.

Enhancing Cookie security

Mozillas Observatory states that the Bludit Session Cookie is missing the samesite attribute and the Cookie name isn't prefixed with __Secure- or __Host-. I opened an issue for this on GitHub (Bludit issue #1582 Enhance cookie security by setting samesite attribute and adding __Secure- prefix to sessionname) but until this is integrated we can fix it in the following way:

1. Open bludit-folder/bl-kernel/helpers/session.class.php
2. Comment out the line containing: private static $sessionName = 'BLUDIT-KEY';
3. Copy & paste the following to change the Cookie name:

   • // Set the __Secure- prefix if site is called via HTTPS, preventing overwrites from insecure origins
     //   see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#cookie_prefixes
     //private static $sessionName = 'BLUDIT-KEY';
     private static $sessionName = '__Secure-BLUDIT-KEY';

4. Search for the function session_set_cookie_params
5. Add the following line to add the samesite attribute to the Cookie by adding the following line. Also add a comma at the end of the formerly last line.
   • 'samesite' => 'strict'
6. it should looks like this:

   • session_set_cookie_params([
         'lifetime' => $cookieParams["lifetime"],
         'path' => $path,
         'domain' => $cookieParams["domain"],
         'secure' => $secure,
         'httponly' => true,
         'samesite' => 'strict'
     ]);

Check is the RSS-Feed works

1. Access https://admin.brennt.net/rss.xml and verify there is content displayed.
   • If not: Check if the RSS-Plugin works and is activated

Apply / check CSS changes

I made some small changes to the Solen Theme CSS. These must be re-done when the theme is updated.

1. Open bl-themes/solen-1.0/css/style.css
2. Change link color:
   • Element: .plugin a, ul li a, .footer_entry a, .judul_artikel a, line 5
   • Change: color: #DE004A;
   • To: color: #F06525;
3. Change link color when hovering:
   • Element: .plugin a:hover, ul li a:hover, .footer_entry a:hover, .judul_artikel a:hover, line 10
   • Change: color: #F06525;
   • To: color: #C68449;
4. Fix position of the blockquote bar:
   • Element: blockquote::box-shadow, line 24
   • Change:  box-shadow: inset 5px 0 rgb(255, 165, 0);
   • To:  box-shadow: -5px 0px 0px 0px rgb(255, 165, 0);
5. Format code in posts:
   • Add the following element after line 37:

   • /* My custom stuff */
     code {
         font-size: 87.5%;
         color: #e83e8c;
         word-wrap: break-word;
         font-family: 'Roboto Mono', monospace;
     }

6. Same padding-bottom as padding-top for header:
   • Element .section_title, line 136
   • Change: padding-bottom: 0px;
   • To: padding-bottom: 0.6em;
7. Disable the white blur for the introduction texts:
   • Element: .pratinjau_artikel p:after, line 277
   • Change background: linear-gradient(to right, transparent, #ffffff 80%);
   • To: background: 0% 0%;

Solen-Theme changes

1. Make header smaller:
   • Open solen-1.2/php/mini-hero.php
   • Remove line 4: <h2 class="hero_welcome"><?php echo $L->get('welcome'); ?></h2>

Photo by Kaique Rocha: https://www.pexels.com/photo/people-walking-on-pedestrian-lane-during-daytime-109919/

Nowadays, it feels like everyone of us uses at least five different social networks. Mastodon, Twitter/X, Facebook, Instagram, TikTok, LinkedIn, etc. Even messaging apps like Whatsapp and Telegram try more and more to become social networks of their own. Allowing you to follow channels of your favorite brand, celebrity, topic, etc. And even technical sites like GitHub are slowly getting new social features. Following the age-old mantra, "User retention and engagement are key."

Unfortunately, I have a basic problem with all these social networks. See, a human being is not a single-interest individual. Each one of us has multiple interests. And those can vary widely. Additionally, they overlap in different parts of our lives. Sure, your kids are your most valued and precious interest, and you love sharing your experiences with them. What about professional or job-related experiences? Or your leisure time crafts like gardening or cooking? Do you fancy some videogaming to relax? Are you politically active? Help out in your community? All of these are good examples.

Unfortunately, I have a basic problem with all these social networks.

But.. What, and forgive me my ignorance, what if I'm only interested in your job-related experiences? Or your experiences as a developer of some open-source software I use, and I simply wish to be a little ahead on the information flow. And not rely on some IT news site but instead get it directly from the developer?

I don't know your kids. So why should I care? Surely some stories are nice and sweet. Alas I have the same limited time each day as everyone else. Therefore, for me, information reduction is key. I don't want to be constantly bombarded with bits of knowledge I don't want and don't need to know. Each single social network out there forces me to swallow every single drop that comes out of the "digital information water tap".

Each single social network out there forces me to swallow every single drop that comes out of the "digital information water tap".

Yes, you can unfollow. Or block people entirely. Maybe blacklist some channels. Click the "show me less of this" button. But again, these are partially incomplete features. What if I am interested in only some aspects of a person's life? Not their garden, not their kids, not their political views. How do I filter that? Or those "lovely contacts" that set up automatic content generation and spill 3-5 posts into your feed every single day. Do these features help in such a situation? No, they don't. And that is the problem I have with social networks in general.

Currently, I feel the only option offered to me is a rather ultimate one. Block, unfollow, unfriend, or mute. And while the unfollow feature is somewhat usable, it still doesn't solve my problem.

The solution, or: What Google+ did right

The main feature of Google+ was that the content creator was able to group his contacts into circles, for example, a circle called "family" for family members and a circle called "coworkers" for work-related postings. And then he or she could share content only with that circle (or both). Or decide to share publicly for everyone. The follower or friend, of course, was able to group his or her friend into different circles. But the key point was: It was possible to choose which content stream to display by clicking on the button for each circle on the left of Google+.

Yes, that leaves room for improvement. I can't control with which circle(s) the creator associated me. But for me, it was a step in the right direction. One, which sadly was shut down by Google.

One step further

How about a social network where each profile of a person has several feeds (or streams)? Several. Not just one. And of course, we are allowed to define, create, and delete as many feeds (or streams) as we like. And every follower can choose to just follow one stream (or none at all) or the whole profile with all feeds. Sounds a bit like (Hash-)Tags? Yes! Exactly! As hashtags in themselves are nothing different than key words. Each post can be linked to any number of feeds. Like a post about budgeting your new hobby can be shared in your streams labeled "Finance Tips" and "Gardening".

Then the burden of information sorting and reduction is shifted from the followers to the creators. Giving them the burden of choosing what to post where. But in return they should get users who are more engaged, as they are actually only consuming content they are interested in. Well, in theory. The whole psychology and market behavior regarding social networks is not my strong point. And I fear that most people just don't care. They just scroll past that content that is not interesting to them and never think about whether they should be forced to scroll that much, let alone how to fix that problem.

Google+ was social media for me. Forget every other network.

But I remember that Google+ was social media for me. Forget every other network. There, I engaged the most. I posted the most. I commented the most. And I actually learned more than in any other social network I've been or am still active in.

Yes, Twitter has lists, Mastodon too, and so on. But these networks weren't designed around that feature! It wasn't displayed prominently on the start page. Always hidden 2-3 layers deep in some sub-section of some rarely used menu.

I still miss Google+.
(Does this count as an "Old man yells at cloud"-post? 😅 )

Photo by Piet Bakker: https://www.pexels.com/photo/white-long-coat-lion-68421/

No productive change on Friday!

This expression was my first encounter with ITIL at all. Having just started fresh as Junior Linux sysadmin at a major German telecommunications provider. Strictly speaking, the rule was the following: "No standard changes to a production system if the next day isn't a normal workday." This was put in place to ensure that problems in production can be fixed in a timely manner, that all required resources and people are available. A plain, simple logical rule—and a very effective one.

But how do my wisdom teeth come into play? Well, as I am currently learning for my ITIL4 certification, I remembered a story from that time. I was visiting my dentist, and the whole appointment just felt strange. I knew I had some minor pain in one or two teeth a few weeks ago. Which was when I first visited them. But the dentist—a big clinic with several doctors—did not have enough time at that point and gave me a new appointment.

Naive as I was, I didn't note down what would be done at that appointment. Trusting that the doctor will document everything, right? Well.. He didn't. This time I got another doctor, and he did the one thing I remembered and then just left the room. I wasn't told the appointment was over. It didn't feel like it was over. So I just kept sitting in the chair, waiting.

Some 10 minutes later, a doctor's assistant comes into the room to prepare it and is surprised I am still there. I am told that I am free to go, and, well, I do. I had just put my jacket on when another assistant approached me. "Oh, good that I managed to catch you. You need to make an appointment for the removal of two of your wisdom teeth. The doctor spotted caries in them."

I was surprised. He didn't say anything about that. But, ah, well. Doctors can have a bad day too. So off to the reception I went to make an appointment for the removal. Only to learn that these removals are done by an external doctor who solely does wisdom teeth removal. Additionally, all of his appointments for the next 3 months are fully booked. The reason? He is only present on Fridays.

Immediately, the beloved ITIL phrase comes to mind. Realizing full well that if I should have any pain or bigger problems, I will be in minor trouble. Having to go to the emergency on-call dentist in my town for that weekend—or directly to the hospital. I wasn't really keen on that. So the receptionist and I agreed that I would call some days later to schedule an appointment when I had sufficient time to organize my calendars.

Only that.. Well, I never called back. I grew more and more suspicious over the days and said to myself, "Let's wait until I start to feel something in my teeth." The doctor's strange behavior didn't contribute to my inner well-being either.

I waited. And waited. And waited. And when it was time for my next regular dentist visit, I decided to get a second opinion. I asked some colleagues, checked a few "Rate your doctor" websites, and went to another dentist.

There, they did an X-ray of my whole jaw to get a complete overview. The doctor was nice. Explained what he was looking for. What he can and can't see, and I asked fairly simply if there is any caries in some of my wisdom teeth. He looked a bit stunned for a second and said, "No, not from what I see. If there is caries, usually black spots are visible. But there are none, as far as I can see. Do you feel any pain? Especially when they come into contact with something hot or cold?"

So, I explained the whole situation to him, and then he told me a few details (which I won't write down here for legal reasons), which made it obvious to me that changing my dentist was indeed a good decision.

And all of that, just because I followed ITIL procedures from my employer. Ha!

Photo by Miguel Á. Padriñán: https://www.pexels.com/photo/email-blocks-on-gray-surface-1591062/

Some rather fun stories revolve around my usage of mail addresses. Like many IT people, I like to use identifiable email addresses. In my case, it means I always use companyname-DDMMYYYY@my-domain.tld or website-domain-DDMMYYYY@my-domain.tld when I need to specify a mail address.

This has the advantage that I can verify if the sender matches the recipient address. Obviously, Paypal won't send mail to some-webshop05072024@my-domain.tld. And it is a good pointer when some customer database was leaked or if sites are selling customer data. I experienced it like 10 times already: the mail associated with a certain website or shop got spam right after I deleted my account there. Truly unsuspicious...

And in the few cases where a company's customer database was leaked several times, I can easily change the mail address and still track if the new address is being spammed or not.

The unexpected benefit of unique mail addresses

The first real surprise came to me some years ago when I bought new furniture for my new flat. When the furniture was being delivered and built up one of the people setting them up said to me: "Ah, I see we work at the same company."

I was confused and replied: "Uh, no. I'm not working for (that furniture company's name). Why do you think I do?"
"Well, according to the receipt you got the employee discount.", the man replied. I was dumbfounded. I definitely didn't lie, and when I was in the store and purchased the furniture the employee also said nothing regarding this topic.

Then it dawned on me: My mailaddress! It was companyname@my-domain.tld! But.. I thought in disbelief, "It's only in the local-part!" Well.. Looks like the employee doesn't understand the structure of mail addresses and that everyone is free to choose the part before the @-sign (the so-called local-part or username). And thought I do work for the company, and gave me the discount without saying a single word. Wow.

Basic IT-Security in the banking industry?

And today? The same happened. With my bank. I needed an appointment and called them. As I didn't provide a mail address to them in all these years they asked for one to set up the online calendar entry. I told the customer rep to use bankname2024@my-domain.tld. The representative immediately asked in surprise: "Oh! You work for one of our branches?"

Well.. I was a bit shocked as, until that point, I thought that bank employees were at least minimally trained to properly read mail. In order to detect at least the most obvious phishing attempts. It seems I was wrong.

I gave the rep a quick run-down on the structure of mail addresses and said that basically everything in front of the @ is irrelevant (or at least should be treated as such). And that was it. On to the next adventure with mail addresses!

Photo by Tara Winstead https://www.pexels.com/photo/motivational-phrases-for-mental-health-8378735/

Recently, I had a conversation with a recruiter on LinkedIn. It started pretty normal, but for some reason I mentioned I have ADD (Attention Deficit Disorder (Wikipedia)). The recruiter replied that this could be used as an advantage. "How so?" I asked.
And immediately after stating my question, the recruiter said something that made me angry in a rather rapid way.

The recruiter elaborated that I can be presented as way more productive due to my hyperfocus (Wikipedia), and that this has the potential to give my future employer a huge benefit.

I was speechless. I didn't reply for 2 minutes. Only thinking: "WHAT!?"
It certainly didn't help that the way in which my hyperfocus was portrayed reminded me of how slaves were marketed in human history. Pointing out the benefits of their bodily features for the profit of their future masters. Nope. Definitely not helping.
But the main reason for my anger stirred from the fact that my hyperfocus is not some kind of fancy addon. Not some kind of trait I voluntarily learned.
My brain works differently. The chemicals that my brain produces are produced in different amounts than in people without ADD. Science has proved this again and again. This is directly tied to different behavioral patterns. Which can cause problems with people who are not on the neurodiversity spectrum of brains.
Many of us ADD'ers only learn of this in our late 30s or even later. After decades of struggling. Trying to find out, "What is wrong with me? Why am I so different than anybody else?" After all, diagnosis was bad in the previous decades. Going even so far as: "ADD is only present in children. It will go away with time." That those children simply learned to hide their ADD and suffered silently as adults? That many adults with undiagnosed ADD develop a depression because of this? Yeah.. This is only understood since a mere decade or two.
I would happily trade my hyperfocus for a normal brain. Don't get me wrong. I don't hate myself for having ADD. It's just the way that I am. And since I got my diagnosis, I have learned more and more about myself and how to deal with all that accompanies ADD.
Fortunately, diagnosis, help, and treatment get better and better, especially for children. Well, at least here in Europe.
But if you are already an adult? It kind of sucks.

(TL;DR: Money. Here in Germany, doctors can send bills to healthcare providers if the ADD patient is a child. But NOT if the patient is already an adult. Yes, a flaw in the law. But an annoying one. This effectively means: Trainings, Coaches, behavioral therapy, medicaments.. All paid for if you are a child. As an adult? Here, take your pills with Methylphenidate (Wikipedia) (like: Elvanse, Medikinet, Ritalin, Concerta, etc.) and that's it. If you want more, search and pay for it yourself.)

But utilizing my hyperfocus in a way to improve my chances of getting hired?
That's NOT the way it's going to work. That's not the way it should be E-V-E-R. That's just a twisted and perverted way of exploiting oneself.
Personally, I have the following approach: If it kicks, it kicks. Sometimes I enjoy it. Using it to deep-dive fast into the topic and learn so much in so little time. Sometimes it's annoying as hell, as I know I can't give in to the hyperfocus as there are other pressing matters more relevant to me or the lives of others.
Most importantly: My hyperfocus is not something I can control.
Yes, there are situations/techniques, etc. that can help. And I've read my fair share of ADD'ers saying they are able to control it.
I always immediately question myself: "Can they, though? And, if they can, should they?"
While being hyperfocused, I feel great. Time feels stopped, yet I can see how rapidly I advance. Which is an awesome feeling for someone with ADD who, more often than not, feels things are too slow to be enjoyable.
But right after the rush of hyperfocus ends? Yeah, better spend some quality leisure time to recharge those internal batteries of yours. If not. Or you simply can't? Things tend to get messy. Missed appointments, forgotten tasks, household chores being left undone, and so on.
And now I imagine ADD'ers who constantly push themselves into that rush just to "prove their worth to their employer." After all, they were sold with that advantage, right?
Why not just hand out free cocaine to non-ADD employees then? Sounds stupid? Dangerous? Yep, now you understand my point.

Back to the recruiter. I told the person all this. That my hyperfocus is a part of me. And it's not a reliable one. Or rather: One on which I wouldn't rely on to get the job done. That I just want to be treated normally. And not be "our newest hyperfocus hire.".
The answer I got was: Well, sadly, not much at all. The recruiter got that I wasn't interested in a job. Well, I said so before. It's just that our conversation switched to this topic then. And therefore, the recruiter seemed to not bother answering any of the ethical questions I imposed.
I mean, I get it. What the recruiter said was, most likely, only meant to uplift me. To make me feel good. To give me the impression that I have good chances of being hired.

But still: I'm not owing you my hyperfocus!

Addendum

Some days have passed since I published this post and there is something which I want to add. It's about the whole topic: "Due to your hyperfocus you are more productive!"

Personally I think this is not true. All imponderabilities aside: You need to recover after a hyperfocus. You cannot be constantly in hyperfocus. Like you can't constantly be in a state of flow, something which everyone of us has experienced at one time or another. But hyperfocus, in my personal experience, is way more intense. And I can't say how long it will last.

Likewise I can't tell how long I need to properly recover, but here the logic comes in. Do I need longer to recover (and are maybe less productive during this period) and therefore eliminate the benefits of the time spent in hyperfocus? Or not?

Do hyperfocus and recovery-time always cancel themselves out? Or not? Or like in 70% of all cases? What is the right number here? Is there any at all?

I don't really want answers to these questions. They are simply not needed.

And is there a guarantee that someone in hyperfocus won't make mistakes? Of course not! My advise to employeers would be: "Be happy and thankful when an employee does way more work in a considerable short amount of time. But don't make it the new standard or take it for granted. That won't neither last nor help."