Labnotes

Published on

Please and thank you.


Design Objective

Run The Joules The importance of diversity in tech:

I almost got fired from my last job due to a similar technical issue. It's important to consider life experiences that differ from yours

“As a user” needs to stop. Argues against cargo cult user stories:

The purpose of user stories is to create empathy. As a result, tiny implementation details do not need to be written in the form of user stories. The design and engineering teams can figure that out; that’s their job.

When user stories really shine, they tell a story about the person using your product. The person becomes the hero. You’re just there to create the conditions for her to achieve her real-life goals.

DesignBetter.Co InVision's site for designers, with in-depth books, podcasts, and more.


Tools of the Trade

Sarah Mei Thread:

The more I do software, & read the old papers & new blogs, the more I realize that our history is this series, repeated ad infinitum:

GoogleChrome/puppeteer Google's own API for using headless Chrome from Node (testing, automating, scraping, etc).

const browser = await puppeteer.launch();
const page = await browser.newPage();
await page.goto('https://example.com');
await page.screenshot({path: 'example.png'});

Crafties "Best practices" without context are just "practices".

Return well-formed error responses from your REST APIs Simple proposal for reporting errors with input fields.

[{ 
  "errorCode": "BAD_FORMAT", 
  "field": "email", 
  "originalValue": "suhas.chatekar", 
  "mesage": "{email} is not in correct format",
  "helpUrl": "/help/BAD_FORMAT#email" 
}]

The world in which IPv6 was a good design Or, why is IPv6 such a mess, and how did we get here?

At that point, all we'd have to do is eliminate all remaining UDP and TCP from the Internet, and then we would definitely not need layer 2 bridging anymore, for real this time, and then we could get rid of broadcasts and MAC addresses and SDN and DHCP and all that stuff.

And then the Internet would be elegant again.

{jqi} A simple graphical UI for jq.


Architectural

GonzoHacker 😭 "denial, anger, bargaining, depression, acceptance and mini-monolith"


Peopleware

Tech’s Damaging Myth of the Loner Genius Nerd Even the New York Times gets it:

There’s a joke in computer science that one of the hardest tasks is naming things in code. It’s funny because it’s a nontechnical task. But it involves something that can be even harder than technical work: communicating with other people and intuiting what they might need and understand.


Locked Doors

Kia For when you need to quickly disable Touch ID:

iOS 11 is a game-changer for Touch ID. Press power button rapidly 5 times and it opens the 2nd screen, but it also forces passphrase entry!

NIST Update: Passphrases In, Complex Passwords Out Finally, NIST advocating sane password policies, and walking away from harmful past practices (security questions, special characters, password change every X days, etc.)

Security Nerdette 👍

Replacing 'whitelist/blacklist' with 'safelist/blocklist' now on. Let's recognize and replace racism/sexism in everyday tech vocab! ❤️


None of the Above

Quincy Larson "Trying to code when chat's open"

Texting on the move turns your walk into an ungainly lollop Explains why it's difficult to pass people that are texting and walking:

The problem of text-walkers has become such a problem that cities such as Antwerp in Belgium, has introduced ‘text-walking lanes’ so that they do not irritate or endanger other pedestrians.

Why we fell for clean eating Post-truth diets:

Once we enter the territory where all authority and expertise are automatically suspect, you can start to claim almost anything – and many #eatclean authorities do.

yan "8 rabbits, aka 1 rabbyte"

What Brands Are Actually Behind Trader Joe’s Snacks? Spoiler alert.

Cutest Animals Ever "This dog...caught a fish...using croutons. Then walked off like Mufasa"

Published on

Fluff Society "Dog: This is NOT funny"


Design Objective

How we designed Foursquare Swarm 5.0 Designs needs to be implemented:

Get engineers involved at the beginning. … Sometimes a tiny design decision can have a large technical impact. It’s on me to continue to get engineers involved earlier to figure it out.

Coherent, Not Consistent TL;DR

Coherence means making sure every part of your product feels like it belongs there, instead of trying to make them exactly the same.

Stopwords in the user interface Words that usually signal problems with the user interface, like "click here", "operation", "success!"


Tools of the Trade

Why I Still Use Vim As a Vim user, I had no idea Atom is such a resource hog!

Opening a 6 megabyte XML file in Vim consumes around 12 megabytes. Nano is pretty much neck-and-neck with Vim. Code needs 392 megabytes, and Atom needs a whopping 845 megabytes.

JPNG.svg JPEG compresses better than PNG, but doesn't have alpha transparency. This tool gets around it, by converting your PNG into an SVG-wrapped JPEG (see Using SVG to Shrink Your PNGs).

Surfacing Hidden Change to Pull Requests That's smart! From looking at the code, you can't always tell the side effects of a Pull Request, so why not have CI explain it to you:

In every CI build, we calculate interesting pieces of data like the binary size and method count (an important metric for Android apps) and write them to shared storage. When a CI build runs for a pull request, we figure out the difference of these values from the ancestor commit on master. The numbers are sent back to the pull request in the form of a comment to ensure the author and any reviewers are notified.

Linux Load Averages: Solving the Mystery Digs through the archive to find the original commit that changed how Linux calculates load averages, and explains how to interpret these numbers.

Kitze "Start."


Lingua Scripta

Node v8.3.0 (Current) "The V8 engine has been upgraded to version 6.0, which has a significantly changed performance profile."

Passing data between Promise callbacks For when you can't use async/await.

Anonymous Recursion in JavaScript Getting clever with function composition. Can you decipher this?

(
  (
    (f) => f(f)
  )
  (
    (f) =>
      (l) => {
        console.log(l)
        if (l.length) f(f)(l.slice(1))
        console.log(l)
      }
  )
)
(
  [1, 2, 3]
)

Lines of Code

What my bathroom window taught me about code quality Pragmatic always wins:

Usually, bad code is expensive. Bad code is hard to understand. Bad code is hard to debug. Bad code is hard to extend. Because of all of these reasons, bad code also decreases the value that can be delivered in the future.

But sometimes, just sometimes, you know you are writing code that will never again be read, and will never be modified. You know it will be used, maybe just once or twice, and then it will be thrown away. That is when bad code is cheap.


Architectural

Corey Quinn It gets easier with experience:

“We sell sweaters, why are we building a bespoke container orchestration system?” is sometimes the hard question to ask.

In response to Matt Olson:

What makes a sr dev to me is someone who says "that sounds hard, why are we doing it?" instead of "that sounds hard, I better get started!"

Subbu Allamaraju I think so too:

Serverless patterns are pulling the rug from underneath container cluster managers faster than the latter becoming industrial grade


Devoops

Josh Aas Every warning label has a story:

Internet people - do not email your private key to @LetsEncrypt. We never want it. Like, ever.

nixCraft 🚨

Three things are certain:

Death, taxes, and lost data.

Guess which has occurred.


Peopleware

A Brief History of Women in Computing TL;DR first they invented programming, and now people are debating whether women belong in the industry they helped create.

How the Imagined “Rationality” of Engineering Is Hurting Diversity — and Engineering For context, in case you missed the Google memo kerfuffle.

So, about this Googler’s manifesto 💯

Essentially, engineering is all about cooperation, collaboration, and empathy for both your colleagues and your customers. If someone told you that engineering was a field where you could get away with not dealing with people or feelings, then I’m very sorry to tell you that you have been lied to. Solitary work is something that only happens at the most junior levels, and even then it’s only possible because someone senior to you — most likely your manager — has been putting in long hours to build up the social structures in your group that let you focus on code.

Dr. NerdLove The Google memo doesn't affect all people equally, to some it's just a point they can afford to debate:

But hey. It’s easy to pretend everything is neutral when it doesn’t touch you AND you strip away all context and history AND consequence.

Phil 🍕 "Anyone who ever schedules meetings with developers, please burn this image into your brain, thanks"


Techtopia

How Silicon Valley rediscovered LSD Jury still out, whether LSD is better than SaaS:

Paul, a start-up founder in New York, says he and his employees are less stressed since they started microdosing. But he couldn’t be absolutely sure about the cause and effect: he thinks it may have also been the project-management app Asana, which they started using at the same time, to keep organised.

x0rz "1960's vs. now"


Locked Doors

Biohackers Encoded Malware In A Strand Of DNA How's that for cyberpunk?

a group of researchers from the University of Washington has shown for the first time that it’s possible to encode malicious software into physical strands of DNA, so that when a gene sequencer analyzes it the resulting data becomes a program that corrupts gene-sequencing software and takes control of the underlying computer.

CryptoAUSTRALIA "When you pick the wrong anti-malware product"

Shawn Wildermuth "Grocery Store SQL injection attack"


None of the Above

Ste.A "Just a rhino charging at traffic, while an Indian couple commentate with Hank Marvin on the radio. That's all."

And God Created Millennial Earth Genesi$ 1:

And there was evening, and there was morning. And God was like, for heaven’s sake! This place is cray, I’m OUTTTT! ✌🌎 And he requested an Uber, and it was so.

Computers vs Humans 🤔

Böb Speed King Jänke 🐴

A horse walks into a bar and the bartender says why the long face and he says it's so when I'm eating prairie grasses I can see predators

Laura J. Nelson "A summer Friday in California: The transit agencies for Los Angeles and San Francisco are having a limerick battle about weed."

Maybe We’ve Been Thinking About the Productivity Slump All Wrong Does low productivity cause slow growth, or does slow growth cause low productivity?

Fluff Society "Foxes are just cat software running on dog hardware."

Published on

Jon Ostrower "Boeing 004, a 787 from BFI-BFI, files a flight plan: Route? Airplane. We’re going to draw an airplane"


Design Objective

Designing interactive experiences The ‘what, when and how’ of interactive prototyping.

Mark Dalgleish My main beef with tools like Sketch and Photoshop is that they're divorced from the medium:

Designers shouldn't have to code—trouble is, code is the only design tool that doesn't outright ignore the physical properties of our medium

InVision Freehand InVision continues with their masterplan to dominate all our designs, just added a free-hand drawing and collaboration tool.

Supernova Studio Turn Sketch designs into native mobile apps in minutes.


Tools of the Trade

crossenv malware on the npm registry The package you were looking for, and a package that will steal all your passwords, are one typo away, as was the case with crossenv and cross-env (can you guess which of the two will steal all your environment variables?)

Running Selenium and Headless Chrome on AWS Lambda Is not that complicated, but do note the space constraints:

By going through the process above, I was able to get ChromeDriver and Headless Chrome running inside an AWS Lambda function — barely making it under the compressed 50mb size limit for functions (the Chrome binary is around 80% of this).

on: The Decline of the American Laundromat Apropos cloud, an apt analogy:

I live in a house with a washer and dryer.

After we had our first child there was a stretch where my wife and I were both sick for about 2 weeks and the laundry ended up building up significantly. We had probably 10 loads worth to catch up on and it was going to take all of at least one day, maybe two.

Threw it all in the car, went to the laundromat and had it done in 2 hours. Laundromat's are now how I explain "the cloud" to non-technical people.

Paul Ford Words to live by. Just click the link and read the thread, it's only 5 tweets:

A fable. There was a little bird that believed in a powerful super-bird that watched over all birds everywhere. 1/5


Web-end

The Critical Request Understanding how browsers prioritize network requests when loading assets, and tips for optimizing time to first meaningful paint.

Brian Ketelsen 😭

Child: THE INTERNET IS BROKEN

Me: Looks like code 423

Child: What's that?

Me: Failure to unload the dishwasher.


Line of Code

Why Composition is Harder with Classes I can think of better reasons to avoid inheritance than edge cases of instanceof. Quite often, classes are indeed an implementation detail that should be abstracted behind a factory:

Avoid exporting your class. Use class internally for performance gains, but export a factory that creates instances in order to discourage users from extending your class and avoid forcing callers to use new.

Sharon null "Why is this code here? We don't need this."

pug-fail


Architectural

Matt Olson This:

What makes a sr dev to me is someone who says "that sounds hard, why are we doing it?" instead of "that sounds hard, I better get started!"

Three stages of startups and how to chose tech-stack for each of them From "just build it" while you're searching for product/market fit, to multiple stacks, as you grow to address different customer segments.

Arnaud LEMAIRE "Single Responsibility Principle violation illustrated ;)"


Devoops

colonel panic "the stages of oncall"

(Picasso’s self-portrait at ages 18, 25, and 90.)


Peopleware

Soft Skills in UX Design Leadership Not just for UX design:

The ability to be patient with people who aren’t experts in our craft only becomes more important as our skills advance.


Techtopia

The Internet is for End Users An RFC I can stand behind: "This document requires that Internet Standards consider end users as their highest priority concern."

Millennials Unearth an Amazing Hack to Get Free TV: the Antenna What's alarming about this article, people no longer believe free TV could even exist:

Carlos Villalobos, 21, who was selling tube-shaped digital antennas at a swap meet in San Diego recently, says customers often ask if his $20 to $25 products are legal. “They don’t trust me when I say that these are actually free local channels,” he says.

Caroline O'Donovan The Internet of Don't You Dare Leave The City:

i used a new car share app to rent a car and took it to the country and now it won't turn on bc it doesn't have service and i am stranded


Locked Doors

How to use a single download to remotely steal proprietary files from MacOS TL;DR if you saved HTML pages from the web, do not open them with Safari.

Pwn All The Things As you'd expect:

Every single e-vote machine at @Defcon got hacked in < 2.5 days (some in minutes) to hackers without inside or domain-specific knowledge.

And, Kim Zetter:

One of the Express epollbooks at the Defcon voting machine hacking village had 600,000 voter reg records on it from Shelby County, TN

Assaf #infosec


None of the Above

Christoph Niemann "The Abstract-O-Meter." (more)

childish sadbino 💡

yall tired of boiling water every time you make pasta? boil a few gallons at the beginning of the week and freeze it for later.

Petcube bites For stay-at-home pets, an HD pet camera that monitors and flings treats.

ACLU Brief on Behalf of John Oliver So John Oliver got sued, ACLU filed amicus brief, and it's every bit as funny:

Showerthoughts 🐟👽

Humans are basically aliens to fish. We abduct them while fishing and some live to tell the tell while others go missing.

News site makes readers answer questions to prove they understand story before posting comments All news sites and social media should do that!

Business Insider Hand-held inkjet printer that can print on almost anything. Also, very satisfying to watch it in action.

Alastair 😹

To find out your cat name, pick any name at random and refuse to answer to it

If Everyone Ate Beans Instead of Beef Interesting proposition: "this one dietary change could achieve somewhere between 46 and 74 percent of the reductions needed to meet the target."

Internet of Shit Brings us this video of one pilot AirDopping photos to another airplane at 36,000 feet. Airplane mode indeed!

James Breakwell

7-year-old: Which of us is your favorite?

Me: I love all my kids equally.

7: Blink if it's me.

Laura Anthony You know house prices are out of control when …

It's the definition of "as is." Lafayette home teetering just above landslide has a red tag and a price tag of $830,000...or best offer.

I watched in bewilderment while a man tried to return butternut squash because he thought it was cheese Pet peeve — people like this.

Henry Fraser 👨✋🤜🐈

Published on

New Glassdoor survey reveals that the UK’s most annoying office buzzwords


Design Objective

Bobby Ghoshal 😱

Me: "Don't forget how far digital design has come since the nineties" --- NJ EZ-Pass: "Hold my beer." http://www.ezpassnj.com


Tools of the Trade

Chromeless Playground Is like JSBin but for automating Chrome. And you can use it to run tasks/tests locally, or distributed on AWS Lambda.

Announcing Ghost 1.0 My blog runs on Ghost, and I'm using 1.0 right now to write this up. Amazing milestone.

Vi & VIM Keyboard Covers for MacBook and iMac


Lingua Scripta

What you should know to really understand the Node.js Event Loop Breaks down the myths behind the V8 event loop, explains how it really works, and how to measure event loop latency.

Node.js Emerging as the Universal Development Framework for a Diversity of Applications Results from the Node.js developer survey:

  • Users span a broad mix of development focus, ways of using Node.js, and deployment locations.
  • There is a large mix of tools and technologies used with Node.js.
  • Experience with Node.js is also varied — although many have been using Node.js less than 2 years.
  • Node.js is a key part of the survey user’s toolkit, being used at least half of their development time.

Lines of Code

C J Silverio “Dependency injection, or as I like to call it, passing arguments to functions.”

Ben Halpern

I'm seriously disagreeing with my linter right now, but what do I know, I'm just a sentient human capable of actual feelings and emotions.


Architectural

Chris Eppstein 👍

^ How to level up: Treat every support request arising from "user error" as a bug in your error reporting and debugging infrastructure.

brianloveswords 🍷

Pouring one out for the hundreds of thousands of hours expended by devs building stuff that could have been done in 5min with a spreadsheet


Peopleware

Crack The WIP (Work In Progress) Why it's so hard for teams to limit WIP:

The reality is that low-drama “flow” doesn’t look like progress to most people. There aren’t the burnouts and the tantrums. Supporting casts have less to do, less to coordinate, and less to “unblock”. You run the terrible risk of having someone idle for a bit (god forbid the code editor is closed). Or of having to shuffle people around to tame the real blockers and bottlenecks (with all the politically intrigue that entails).

Sarah Withee 📣

Even just ONE person telling me I inspired them after my talk makes the HOURS of work worth it. So tell us when it does! #SpeakerConfessions

Emily Key 👩🏼‍💻 "Sounds about right."


Locked Doors

✨ 💖 Sparkle Ops 💖 ✨ "Oh dear."

lcamtuf "Your daily metaphor for the infosec industry."


None of the Above

Delightful Fibonacci sequence poem

I Don’t Know How To Explain To You That You Should Care About Other People How are we even divided on that?

32 bit Tiago "by this point it seems clear to me unsubscribing to a mailing list is the most computationally expensive process in computer science"

Helen Rosner "My dog looks like she was drawn by a Medieval monk who had never seen a dog before"

Kevin Beaumont "Airlines and the TSA are setting security policy over Twitter. It appears @united are being badly trolled."

Lyndsey Gallant 😭

Adult friendship = 2 people saying "I haven't seen you in forever! We should really hang out more" over and over again until one of you dies

Fred Rivett "If you ever post on Hacker News and get the "I could build that in a day" or "your business model sucks" posts, know that you're not alone."

Published on

@ joeheenan "Sometimes when I don't know what to do I'll get this out my pocket & pretend it knows the answer."


Design Objective

Empathy Prompts 💡 Ideas to help consider Inclusive Design principles when making things for others to use, e.g:

Use a projector

See how your company’s website looks on a cheap projector.

This prompt helps you understand what it’s like to have a visual condition like contrast loss.

Email Design Trends of 2017 (so far) Emails are getting visually better. Now, about the timing and contents …

Security Questions 😭


Tools of the Trade

cattsmall Just plain common sense and Slacktiquette:

Suggestion to everyone using real-time digital communication software: if you want to ask a question, combine it with your greeting message.

GitPoint New iOS app for Github. Not a lot of features, but clean and simple UI. Give it a try.

@gdead ✔︎

Just got an email that one of my lightbulbs isn't responding to queries. My house has better monitoring than some enterprises I've worked at


Web-end

What’s next for CSS? Comprehensive list of CSS features and their positions in the process of becoming implemented web standards.


Lingua Scripta

SaraSoueidan 📺

Idea: reality show titled "Keeping up with the JavaScripts"

Featuring lots of developers having identity crisis, flipping tables, etc


Lines of Code

@direlog Oh my, so true:

‘programming’ is a delightful pastime in which you debug for hours only to discover the real problem is: you can’t read, and you can’t count

@danielchooper 🤔

To design better: observe people using the design.

To program better: observe a CPU executing the code.


Architectural

Modular monoliths Simon Brown explains how to not microservice. But mostly, about architecture, testing, and naming things. Lots of learning in this 45 minute talk.

Testing or Monitoring? MTBF or MTTR? Make your choice! This article explains why monitoring and testing are both important, by looking at MTBF and MTTR, and how each affects reliability. It does have one flaw, though, confusing tests for "bug finding". Tests are also a helpful tool for writing code, and will help you lower both MTBF and MTTR.

@CompSciFact This quote has aged well:

'The idea that people knew a thing or two in the '70s is strange to a lot of young programmers.' -- Donald Knuth

@ rothgar "The new OSI model is much easier to understand"


Peopleware

@sarahmei More productive than a fidget spinner:

Long ago I knew a manager who had taught her entire dev team to knit, so they could pay attention at meetings. It worked😁

@ sarahmei Thread:

There's being "neurodiverse" and then there's being "an asshole." One is a condition; the other is a behavior.


Locked Doors

About the security content of iOS 10.3.3 Update as soon as you can:

CVE-2017-9417
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip

@x0rz "Emoji in URLs are probably a bad idea... probably"

A hacker stole $31M of Ether — how it happened, and what it means for Ethereum Another day, another coin heist. But this one is different because:

Having sounded the alarm bells, a group of benevolent white-hat hackers from the Ethereum community rapidly organized. They analyzed the attack and realized that there was no way to reverse the thefts, yet many more wallets were vulnerable. Time was of the essence, so they saw only one available option: hack the remaining wallets before the attacker did.

Underhanded Solidity Coding Contest Solidity is the programming language for Ethereum contracts. Ethereum is the next big financial technology since Bitcoin (great overview of Ethereum, Blockchain and friends). As I'm writing this, one Ethereum coin is worth $224 dollars. Anyway, back to Solidity:

There is no garbage collector. Dead allocations are never reclaimed, despite the scarcity of available memory space. There is also no manual memory management.

The compiler is riddled with mis-compilation bugs, many of them security critical. The documentation helpfully includes a list of these bugs .... in JSON.

In some situations, the optimizer replaces certain numbers in the code with routines that compute different numbers

For some types, the higher order bytes were not cleaned properly, which made it sometimes possible to overwrite a variable in storage when writing to another one.

@YrB1rd "All block cipher modes are beautiful"


Techtopia

@jacobrossi "Seems about right 😂"

@john_lam "Check out this stack trace on a FAUCET. I have now seen it all."

@lauraehall "I updated those internet-themed crayons for this the year of our lord 2017"


None of the Above

@WorldLatinStar Brilliant.

@enf Everything that's old is new again 🥑

SF Chronicle recipe for Avocado Toast, April 8, 1927

Why Are Clothes So Expensive? Perspective into how many people are involved in, and how much work goes into making a pair of pants.

Bay Area Rapid Transit Map - Mario Kart Style (h/t @SFBART)

@mizabitha 🛌

BRAIN: Hey

ME: It's the middle of the night, what is it

BRAIN: Remember all the mistakes you ever made?

ME: Yeah

BRAIN: Just checking

The New Porker Mashup of New Yorker and Overwatch.

@sciam "A tough but flexible robot unfurls like a plant using a pressurized plastic tube to inch through rugged environments."

@Anim8rJB "oh no, somebody spilled all of their puppies."