Published on


Heidi Howard "It seems it’s never to early to start learning computer science, even at age three #codeapillar #STEMtoys"

Tools of the Trade

The new Firefox It is fast. It is pretty. It eats up less memory. It includes some ad blocking tech. It's a big milestone, and maybe time to switch default browser?


React Bits A compilation of React Patterns, techniques, tips and tricks.

Sam Walsh 🚨

I love how React uses dangerouslySetInnerHTML as the attribute name for raw InnerHTML, just to make sure you're aware that you're probably doing something stupid. #reactjs

Introducing security alerts on GitHub "With your dependency graph enabled, we’ll now notify you when we detect a vulnerability in one of your dependencies and suggest known fixes from the GitHub community."


Corey Quinn 😭

Apparently “mocking tests” doesn’t mean what I thought it did, and I owe QA a massive apology.


Service Workers Break the Browser’s Refresh Button by Default; Here’s Why Biggest problem with Service Workers (like appcache beforehand), is how quickly you go from "cool demo, app works offline!" to "broke in production, users are stuck, can't use site!":

By default, users have to close all tabs to a site in order to update a Service Worker. The Refresh button is not enough.

Service Workers break the Refresh button because they behave like “apps,” refusing to update while the app is still running, in order to maintain code consistency and client-side data consistency.


Advanced CSS-Only Form Styling Pseudo selectors to the rescue!

input:invalid {
  border-color: var(--color-error);
  background-image: url("data:image/svg+xml,…");

My web app died from performance bankruptcy When you're the dominant browser vendor, you can decide to break the web:

Breaking changes might happen pretty fast. Current version of Chrome is 62. Your code might being broken by the time Chrome 67 arrives. It almost certainly wouldn’t work in Chrome 100.

Lines of Code

hemanth/functional-programming-jargon Glossary of functional programming terms, with examples in ES2015, and translations in several languages.


The GraphQL stack: How everything fits together A look at caching, tracing, schema stitching, and GraphQL’s future from GraphQL Summit 2017.


Donald Knuth - The Patron Saint of Yak Shaves And once again, Weekend Reading on the subject of TeX:

Yak shave 1: Somewhere along the road, implement your own programming language…
Yak shave 4: Design a font
Yak shave 8: Implement a custom language for printable documents


Punishment Driven Development? Lessons from troubleshooting industrial monitoring systems:

Having a motivation to make your software better really helps, hence Punishment Driven Development

Juozas Kaziukėnas 🔥

If having a coffee in the morning doesn’t wake you up, try deleting a table in a production database instead.


Neuroscience Explains Why We Get Hacked So Easily TL;DR our attention is limited, and we easily get habituated, but look: colorful MRI scans you haven't seen before!

Testing showed that people using the interruption-sensitive version of Chrome ignored the message only about a third of the time, compared to about 80 percent of the time without it.

By breaking the usual rules of software design and having the security-related messages change in appearance slightly each time—for example, with different colors—it was possible to reduce the habituation effect.

Lazy Susan "The last things I'll scream from my death bed"


Locked Doors

Hackers Say They've Broken Face ID a Week After iPhone X Release The threat model here is somewhat different than a 10 year old unlocking their parent's phone:

"Potential targets shall not be regular users, but billionaires, leaders of major corporations, nation leaders, and agents like FBI need to understand the Face ID's issue," the Bkav researchers write.


Tech Topia

She Warned of ‘Peer-to-Peer Misinformation.’ Congress Listened. What if you were placed in an echo chamber and couldn't escape?

Through one account she created to monitor anti-vaccine groups on Facebook, she quickly realized she was being pushed toward other anti-vaccine accounts, creating an echo chamber in which it appeared that viewpoints like “vaccines cause autism” were the majority.

Ashamed to work in Silicon Valley: how techies became the new bankers I'm old enough to remember when people in SV complained "family/friends don't understand what I do for a living!" Now we'd rather they never find out:

“I would never say I worked at Facebook,” said one 30-year-old software engineer who left the company last year to pursue an alternative career. Instead, at dinner parties he would give purposefully vague responses and change the subject. “There’s this song and dance you learn to play because people are quick to judge.”

jennschiffer Turns out, it is about ethics in software development, after all!

i gotta say - if you're teaching coding workshops at conferences and not working ethics and the like into your curriculum, you're not using your platform correctly in this the year 2017. and if it "has nothing to do" with the code you're not designing curriculum correctly!

None of the Above

Mikko Hypponen "Forbes cover 10 years ago."


Matt Brian When we need to adjust to machines that can learn:

If you own an iPhone X and get your fair share of passcode prompts after a negative Face ID, make sure you enter your code instead of reframing. It’ll help your iPhone learn what you look like at different periods during the day.

Michael Newman "Could not have predicted 20 years ago that browsing in a bookstore in 2017, I’d see a vinyl LP soundtrack to a TV show about cassette tapes you can only watch using the internet."


Two Stars Slammed Into Each Other And Solved Half Of Astronomy’s Problems. What Comes Next? "The neutron-star merger event was like seeing and hearing at the same time, and with a dictionary to make sense of it all."




Colin J Carlson Thread:

in the face of insomnia i will attempt to assign letter grades to the weird foxes. please stand by and watch this space for weird fox letter grades,, thank you

Existential Comics "we must imagine Sisyphus happy and also as an otter"

Published on

Mia Harrison "And then we proceeded to waste half our day. #animojikaraoke #iphonex #queen #bohemianrapsody #carriedaway"

Design Objective

UI backwards compatibility Entirely agree, we need do better with breaking UI changes:

The case for the case for UI backwards compatibility is arguable weaker than the case for API backwards compatibility because API backwards compatibility has a lower cost – if some API is problematic, you can make a new API and then document the old API as something that shouldn’t be used (you’ll see lots of these if you look at Linux syscalls). This doesn’t really work with GUIs since UI elements compete with each other for a small amount of screen real-estate.

And also often overlooked:

An argument that I think is underrated is that changing UIs isn’t as great as most companies seem to think – very dated looking UIs that haven’t been refreshed to keep up with trends can be successful …

Tools of the Trade

Five Things I Wish I Knew Starting Out Many developers, well into their career, have yet to learn this lesson:

  1. today's trendy library often turns into tomorrow's technical debt: try to build projects as lightly as possible

What are the Most Disliked Programming Languages? As seen on Stack Overflow, high correlation of "least disliked tags tend to be fast-growing ones."


addyosmani/critical Extract & Inline Critical-path CSS in HTML pages.

Powerful Start in Sketch If you're starting with Sketch, these are the tools to get started with.

x0rz 🤔

Obfuscating IPv4 addresses is fun, try:
$ ping 0177.1
$ ping 134744072
$ ping 0x8080808
$ ping 010.0x0000008.00000010.8
$ ping 8.0x0000000000000080808

That works both on Linux and Windows 👌


I Watched All of the Chrome Dev Summit 2017 Videos So You Don’t Have To TL;DR Google wants you to build PWAs, reduce JavaScript file size, use Web Components, and configure autofill.

Sara Soueidan 🐦 TIL:

Combine viewport units with other units to unbreak zooming

e.g. font-size: calc(16px +2vw); will scale text while preserving zooming UX. 👍🏻

Wes Bos 🔥

Since :before and :after are first class CSS Grid items, this “lines on either side” design can easily be accomplished in ~10 lines of CSS


Jen Simmons | Writing Modes | CSS Day 2017 How CSS renders text left-to-right, right-to-left, and top-to-bottom … in both directions.

Corprew Reed 😭

technically, the committee is named unicode. the spec and character set is named "unicode's monster"

Lingua Scripta

The Most Clever Line of JavaScript How to, String.prototype.trim); like a pro.

ES Modules: Default imports are not namespace imports! The subtle, confusing difference between the single export (CommonJS), and "my name is default" (ES modules).

Kent C. Dodds code demo:

Today in things you'd never do with JavaScript but totally can...

Define a class that extends another which is defined inline... n times.

Lines of Code

Chris Fritz 👍

Code review tip: include at least one reviewer that wasn't involved in feature discussions. If they can't make sense of the code, it won't make sense to anyone a month from now.

Manisha Agarwal 💯

OH: I no longer tolerate complicated programming languages. My mental space is like Silicon Valley; rent is high and space is at a premium


Ryan Singer All other being equal, you do get there faster if you avoid building the wrong thing, keep your focus, etc:

Agile became synonymous with "speed" because of sprints, velocity, etc. But speed isn't the real problem. The real problems are doing the wrong thing, building to a spec, unfocused resource allocation, etc.

Locked Doors

He Perfected a Password-Hacking Tool — Then The Russians Came Calling How Mimikatz, a tool coded by a French government IT manager in his spare time, became the favorite password stealer of hackers worldwide.

@turtlekiosk 🕵️‍♀️

therapist: you're afraid of making connections because you don't want to get hurt
infosec person: it's called threat modeling

Brendan Seerup "Probably the best leaving present you can get somone in your security team on thier last day"


Electric Sheep

The Neural Net Tank Urban Legend TL;DR 50 year old urban legend, that gives a misleading indication of risks associated with deep learning:

A cautionary tale in artificial intelligence tells about researchers training an neural network (NN) to detect tanks in photographs, succeeding, only to realize the photographs had been collected under specific conditions for tanks/non-tanks and the NN had learned something useless like time of day.


Bitcoin Is a Bad Way to Do Something Necessary TL;DR Bitcoin is a "first mover advantage" currency, which favors very specific subset of the population. And also:

Deflationary money is reactionary. It rewards people for being first, not for being productive. It encourages people not to spend and not to invest in something other than money, which is bad for economies. Moderate inflation, contra-gold bugs and Austrians, is a good thing, as it devalues effort from the past. It’s great that you did something wonderful 40 years ago, but what you do today should matter more.

None of the Above

dead inside "I call this the “might make another sandwich might not”"


nicole boyce 💡

I NEVER restore all old tabs. If I lose them in a restart, they're gone. It is a blessing to be set free from a prison of my own creation

Phil Jones "Every time I passed this bike rack I thought it looked like a vending machine. So, I hand painted a giant chip bag to go inside it."


Emma 👓

Everyone raging about 280 characters, except the visually impaired among us who hope this will mean fewer text-filled images we can’t access

Stringdrive Cool tech. Bike chains are messy, so why not replace them with swing arms and elastic strings?


Patrick McKenzie Thread, applies to gig marketplaces in general:

Freelancer marketplaces are markets for lemons. You should not sell your labor through them.

I promise you: you CAN do better.

Tom "This looks like a mad sesh till you find out it’s a combine harvester in a cotton field"


Published on


Thomas Baekdal "I think we need to have a discussion about how Google's burger emoji is placing the cheese underneath the burger, while Apple puts it on top"

Design Objective

Getting Users Psych'd—User Psychology for Better Onboarding Designing great on-boarding user flows starts with this principle:

Keeping track of how much psych a user has at any given time will inform the way in which you nudge them along in a given user experience. If their psych is high, then they're in a position to take in more information. If their psych is low, then they need to be pointed to value, gaining immediate satisfaction from their engagement.


The iPhone X Manual Apple Forgot The iPhone X is down one button: one button can be touched, can be single, double and triple clicked, and used in combination with other buttons. To compensate, iOS 11 adds new swipe gestures: this chart shows six, add one for Reachability.


There’s No Fire Alarm for Artificial General Intelligence 🤔 interesting perspective:

What is the function of a fire alarm?

The fire alarm doesn’t tell us with certainty that a fire is there. In fact, I can’t recall one time in my life when, exiting a building on a fire alarm, there was an actual fire. Really, a fire alarm is weaker evidence of fire than smoke coming from under a door.

But the fire alarm tells us that it’s socially okay to react to the fire. It promises us with certainty that we won’t be embarrassed if we now proceed to exit in an orderly fashion.

Sketching Interfaces Envy warning: Airbnb uses machine learning to rapidly turn hand-drawn sketches into functional prototypes (video).

Tools of the Trade

Takes Notes on Everything 📓 When in doubt, write it down:

I'm not claiming taking notes is more important than writing actual code. But in my coding workflow, I'm seeing that my note-taking is part of an important balancing act. … It helps me better examine what I'm learning and not overlook important details. In the long run, it makes learning easier and helps me remember more. As a bonus, it may even help others who read them.

xnoɹǝʃ uɐıɹq This:

“Don’t write your own X” — authors of an X

(Go ahead and write your own frameworks and crypto folks. It’s a great way to learn.)

The method to epoll’s madness Explains the Linux API for handling non-blocking I/O (Nginx, Node, etc)

@anothercoyote If all else fails …



My approach to using z-index The logic behind this simple and effective rule:

Local: elements that need to render on top of a sibling or nearby element

  • Must be contained in a new stacking context
  • Will rarely have a z-index greater than 1

Global: elements that must render on top of elements elsewhere on the page

  • z-index values must be declared as global variables in a central location
  • There should generally be fewer than ten in a site

Safari service workers and other PWA good news stories PWA coming to Safari (mobile or just desktop?) and Microsoft Edge:

In fact, Microsoft has been working to enabled developers to publish PWAs in the Windows Store, side-by-side with regular apps.

HTML Template Instantiation That would be awesome: Web Components that use a standard template syntax, based on Mustache, with support for bidirectional binding.

Suz 🐢 vim witch 🕸 📣

I know we're all broken records but I'm going to say it again: the easiest way to improve the a11y of your app is use a <button> not a <div>

Lines of Code

Jeff Graham DRY doesn't mean terse:

I wish 'DRY' wasn't such a dogma in programming. Somethings would be better off repeated and explicitly stated. Intent can be more clear.

Lindsey Bieda But more importantly 🔨:

No design pattern or software design principle should ever be taken as a MUST. When you stop being thoughtful about what you are coding you stop being active in the process.

Enough With the Service Objects Already Speaking of pattern over-use:

An object that handles business logic but doesn’t have a well-defined business domain role is like one of these dangerously-located seedlings. Objects tend to grow and accumulate more responsibilities. As Corey Haines puts it, objects are attractors for functionality. And once they mature, objects with confused, ill-defined roles can be some of the hardest to refactor.

Why is Elm more popular than PureScript? This (via Alexis King):

I think a lot of devs aren't necessarily looking for expressive power in a language. They're looking for a way to stop making nightmare code bases.


Amy Renee Happened to me this week, and code base isn't even old:


Jonathan Matthews Worth every penny!

An infra consultancy service where I visit your startup and repeat "but ... why?" until you pay me.

vgill This is true, even if conference talks would have you believe otherwise:

Large-scale distributed systems are less about cool algorithms and more about the relentless hunting down of 6-sigma bugs.

What 108 Years Of Repaving Looks Like Under Indianapolis Motor Speedway's Asphalt Legacy code base, now under it's 8th maintainer in a decade:


Electric Sheep

Image upscaling supercharged Using machine learning to remove JPEG artifacts, and upscale image 4x. Check the before and after:


Fooling Neural Networks in the Physical World with 3D Adversarial Objects "Adversarial examples" that you can 3D print, and will fool a neural network. Nothing to worry about.

Yet, these same neural networks are particularly vulnerable to adversarial examples, carefully perturbed inputs that cause targeted misclassification. One example is the tabby cat below, which we perturbed to look like a guacamole to Google’s InceptionV3 image classifier.


Will Wilson 😭

"What's the difference between AI and ML?"

"It's AI when you're raising money, it's ML when you're trying to hire people."

Locked Doors

Michael Langford 🔥

To paraphrase @patio11: “Identity Theft” is the banks reframing their failure to verify to whom they are extending credit as your fault.


Kumail Nanjiani Thread:

Tech has the capacity to destroy us. We see the negative effect of social media. & no ethical considerations are going into dev of tech.

The Web Began Dying In 2014, Here's How Well, it's not like two companies control access to information …

GOOG and FB now have direct influence over 70%+ of internet traffic. Mobile internet traffic is now the majority of traffic worldwide and in Latin America alone, GOOG and FB services have had 60% of mobile traffic in 2015, growing to 70% by the end of 2016. The remaining 30% of traffic is shared among all other mobile apps and websites. Mobile devices are primarily used for accessing GOOG and FB networks.


A Russian Facebook page organized a protest in Texas. A different Russian page launched the counterprotest. Well, it's not like they make disinformation easy …

None of the Above

Fluff Society "best Halloween costume, don't even have to walk"


nixCraft 💾

To the person who stole my Office install disk. I will find you and I will destroy you.

You have my Word.

Jenan Moussa "can't stop laughing"


@mzbat Solid:

Don’t forget to periodically update your resume by adding new skills and removing all the dumb shit you don’t want to do anymore. 🙃

Bagel seeds 🤣


Published on


Joe Berkowitz "Glitches in the reality simulation are becoming more profound each day."

Design Objective

From boiling lead and black art: An essay on the history of mathematical typography An interesting read on typography, from Gutenberg through Knuth, especially as it relates to mathematic textbooks.


Luke Wroblewski From ChromeDevSummit:

pop-up fatigue.
90% of Chrome permission requests are ignored.

Tools of the Trade

Webpack Monitor "Webpack plugin that captures relevant statistics on your production builds, and an interactive analysis tool that helps developers better understand bundle composition and identify and prioritize optimization strategies."

Saying Goodbye to Firebug Before there were DevTools, there was Firebug: "When it came out in 2005, Firebug was the first tool to let programmers inspect, edit, and debug code right in the Firefox browser."

github/accessibilityjs Client side accessibility error scanner.

Rich Harris It is amazing anything works at all:

It took the whole day, but I finally got a simple Node app to work that requires you to log in with your Twitter account. So now, a rant:

🎃 💀Fillup Pain 💀 🎃 This thread:

Which is why I'm delivering a memory bank filled with 2MiB of Taylor Swift lyrics, most of which will go into space untouched.

Because I'm a serious engineer.

nixCraft "WiFi cable". Genius.



Netflix UI Engineers What goes around …

Removing client-side React.js (but keeping it on the server) resulted in a 50% performance improvement on our landing page

Chris Eppstein … or because CSS is too complicated?

There's an awful lot of JavaScript that exists solely because the developer didn't know CSS well enough.

Ilya Grigorik "new NetInfo attributes in Chrome M62: effective RTT, downlink, and connection type! Give 'em a try in Canary. Spec: Network Information API"


Lines of Code

Make Your Pseudocode Your Real Code That's my preferred coding style.

That pseudocode was pretty clear...what if our real code was that simple to parse and understand? How close can we get?

You'll come across all kinds of advice for how to break your code into reusable methods, DRYing up a section, or making sure that your methods only do one thing. If you try and write your algorithm so that it looks like pseudocode, these axioms naturally come about as a happy side effect.

ewencp True:

Human-readable != self-describing. Seems like people conflate human-readable w/ ease-of-use, but self-describing affects usability much more

Manisha Agarwal 🤣

OH: You can read code as a narrative in which a series of confusing and unpleasant things happen to data


Troy Magennis 💡

We often have great conversations whilst doing estimates. We then keep the estimates and throw away the conversation. Do the reverse.

Cognitive Biases in Programming What does it say about me, that I enjoy (and getting better at) assembling IKEA furniture?

The IKEA effect is a cognitive bias in which consumers place a disproportionately high value on products they partially created. We tend to overvalue our own solutions to a problem, and thus in contrast undervalue other solutions.

Rich Rogers 🤔

For 50+ years we have been building software that provides us with answers. We must now reverse engineer the rules from the data & answers.



What is DevOps? Is a good article, but seems to miss one critical point: in large companies, developers should/do specialize. Smaller shops don't have that luxury, so need to hire people of many hats:

Product focused developers won’t ever perform the role of Operations engineers. They might use platforms, tools and abstractions built for them by Infrastructure and Operations teams, but their primary responsibility will still be developing new features, even in an entirely (quixotic) serverless future.

Locked Doors

Today In Infosec "1995: Mudge published "How to Write Buffer Overflows", one of the first papers about buffer overflow exploitation."


Android getting “DNS over TLS” support to stop ISPs from knowing what websites you visit Fantastic.

Equifax Was Warned "Six months after the researcher first notified the company about the vulnerability, Equifax patched it—but only after the massive breach that made headlines had already taken place, according to Equifax's own timeline."

Attack of the week: DUHK 😆

To see how the X9.31 key is managed in real products, our team developed a sophisticated analytic technique called “making a graduate student read every FIPS document on the CMVP website”.

Annie Tsai "Phishing emails are taking cues from politics and gaslighting in footers"


None of the Above

Brett Taylor "Sometimes, God does pick a side."

heeeere's jomny sun Too real:

productivity tip!!!

  1. write down everything u want to do today
  2. only one of those will get done
  3. choose one item
  4. it wont be that one

aura pawmurr @FP "I can't caption this"


Neuroskeptic 🍒

People say cherry-picking is bad - but I can point to several examples where it was no big deal.

Eric Bailey "Stop sine."


meg 👏👏👏

I really feel like I’m not getting enough credit for holding shift down the whole time instead just pressing caps lock.

Malachy Browne Real world CSI:

1/ Here the steps we took and tools we used for our investigation mapping how the Las Vegas shooting unfolded


Fluff Society "Leave the internet and come play with me"

Published on


Aidin Vaziri "We now basically live on a planet from Star Wars."

Design Objective

Google is Really Good at Design They've done a remarkable job shifting away from feature-obsessed engineering, and towards user experience, aesthetics, and maybe someday even brand appeal?

As an aggressively engineer-led company, the Mountain View behemoth’s early efforts, particularly with its mobile software and devices, focused not on beauty, elegance, or simplicity, but rather concentrated on flexibility, iteration, and scale.


Distilling How We Think About Design Systems Argues that a design system is more like a product than a methodology:

The product is what users consume. The documentation (commonly called the styleguide), the UI kit, the code, etc. The product is the tangible parts.

What is a “serif” in Hebrew? "Every adaptation of a Latin system for non-Latin use is an interpretive measure, and has to be taken with a grain of salt."


Tools of the Trade

React-Sight Visualization tool for React, with support for Fiber, Router (v4), and Redux.


Keyboard latency 50ms latency is the time it takes for a TCP packet to cross the Atlantic and back!

But it turns out keyboard latency is significant! I was surprised to find that the median keyboard I tested has more latency than the entire end-to-end pipeline of the Apple 2. … keyboards are often more powerful than entire computers from the 70s and 80s! And yet, the median keyboard today adds as much latency as the entire end-to-end pipeline as a fast machine from the 70s.

The New MacBook Keyboard Is Ruining My Life Speaking of keyboards: "The path from “a piece of dust” to “$700 repair” is terrifyingly short."

mcc Metaphors are fun for a hot minute, and then they're just not:

Opinion: It would be better if this Homebrew error message explained to me what was happening instead of making confusing beer metaphors


Steve T-S Adobe passive-aggresively embracing web technologies:

Adobe keeps taking parts of Photoshop and porting them to HTML so they take multiple seconds to load instead of nanoseconds 🤷‍♂️

JorgeBucaran/classwrap "0.3 KB JavaScript utility for conditionally concatenating class names."

IPv6 Buddy "The essential tool for IPv6 engineers." No they didn't …



Mark Dalgleish This:

With single page apps, we broke the back button. Now, thanks to the power of service workers, we've broken the refresh button.

Building Browser Extensions At Scale Grammarly on their experience building browser extensions for all the major browsers.


Let There Be Peace on CSS Bringing peace to a world divided by it's love/hate for the cascades:

From that moment on, the web community was split in two by an intense debate between those who see CSS as an untouchable layer in the “separation of concerns” paradigm (content + presentation + behaviour, HTML + CSS + JS) and those who have simply ignored this golden rule and found different ways to style the UI, typically applying CSS styles via JavaScript.

Introducing PayPal’s open-source cross-domain javascript suite This is fantastic:

At PayPal we write a lot of javascript that ends up running on other websites and other domains. …
Last year, we decided to focus on putting together a really solid suite of tools to help avoid these pitfalls, and allow us to create great experiences without constantly having to worry about whether a message would get through, or whether an iframe would successfully render.

8 Key React Component Decisions Types, classes vs functions, state, styling, etc decisions all React projects have to make at some point.


Lingua Scripta

Maggie Pint 👍

We really should rename package.json to allTheThings.json. The name is misleading.

Lines of Code

Optimal pull request size TL;DR smaller === better:

Every team has an optimal pull request size, it’s likely much smaller than you think, and making your pull requests your optimal size will improve the performance of your team.


Gavin Joyce Or to put it another way:

Evolution iteratively produced an eye, you can split your massive pull request in two

Nick Lockwood 🙏

“May all your bugs be reproducible” - @nerdonica


Nicolò Pignatelli Your periodic reminder: "The original DRY principle. And it's about knowledge, not code."


Geoff Cant It's hip and fashionable:

Swagger is just WSDL you allow yourself to feel good about. Fight me.


A good API is not just easy to use but also hard to misuse.

☠️ 💀 👻Cody 👻 💀 ☠️ "How a mutex works"


e. hashman 😭

A primer:
Site Reliability Engineers = sysadmins with Go
DevOps Engineers = sysadmins with Ruby
Systems Administrators = sysadmins with Perl

Locked Doors

What to know about KRACK Attack Also KRACK attack is especially bad news for Android and Linux users TL;DR

  • If you're on a public Wifi, your threat model is still someone guessing or social engineering the router password, and will remain so
  • "Neither Windows nor iOS are believed to be vulnerable to the most severe attacks", and both Apple and Microsoft are issuing patches
  • "Linux and Android appear to be more susceptible" … however, Android patches coming some day, to some devices, maybe yours, maybe not
  • The issue originates in the WPA2 spec, which is "proven correct", except for that one edge case
  • It's been present for 13 years (!), the public only learning about it this week
  • Probably because the WPA2 spec is behind a paywall: an obstacle for public review, not for attackers with means

very earnest tweets "A lot to unpack here folks"


Jan Schaumann 🔥

Since ancient times, members of the #infosec tribe have adhered to a set of rigid Rules of Branded Vulnerabilities across the cybersphere.

An Undead Favorite "this spam email encoded an entire image thumbnail as an HTML table, using a table cell with a background color for each horizontal chunk of pixels"



One person’s history of Twitter, from beginning to end Mike Monteiro delivers some choice words:

Twitter was built at the tail end of that era. Their goal was giving everyone a voice. They were so obsessed with giving everyone a voice that they never stopped to wonder what would happen when everyone got one. And they never asked themselves what everyone meant. That’s Twitter’s original sin. Like Oppenheimer, Twitter was so obsessed with splitting the atom they never stopped to think what we’d do with it.

Caro 🤔

Me: I used to get joy from twitter but now it makes me upset.
Therapist: what if you just didn’t use it anymore?
Me: not sure I understand

None of the Above

Fluff Society "These mini cows. ♥️♥️♥️"


Edge Subtle and genius:

@KFC follows 11 people.
Those 11 people? 5 Spice Girls and 6 guys named Herb.
11 Herbs & Spices. I need time to process this.

Halloween Name Chris "Timberland not fucking about when it comes to capturing the millennial market."


Showerthoughts 🍽

It is amazing how many dirty dishes can hide from plain sight until after the dishwasher has been started.

ಠ_ಠ "best part about this weird La Croix CEO press release outburst is that it was published to a 1998-era geocities blog"


The impossible dream of USB-C TL;DR "Maybe next time, we’ll get it right. But probably not."

Jay Nordlinger "Sign after you get through security in the Milwaukee airport. My favorite sign in all of America."


Dark chocolate is now a health food. Here’s how that happened. TL;DR

They tend to focus on the health attributes of cocoa: its impact on cardiovascular health or cognitive function. But they don’t address the role the cocoa delivery mechanism — sugary chocolate — may play in obesity. Most Mars and Hershey chocolates also contain very small amounts of the cocoa that supposedly promotes heart health — along with lots of fat, sugar, and calories.

Farbod Saraf "Earth is 384,400 kilometers from the Moon —Nikon P900 optical zoom gives a closer look"