Published on

Design Objective

When to Use a Switch or Checkbox What I love about this post is, once you spend a few minutes thinking about it, it's pretty obvious and easy to remember:

You should only use switches on settings that need to take effect instantaneously. If a setting requires a button press before it can take effect, you should use a checkbox instead.

What I’ve learnt interviewing 10 badass product managers Drops of wisdom.

Jeffrey Veen Truth:

Every product team ever: "Love the style guide. Big fans of consistency. We need to make these 17 exceptions."

Reginald Braithwaite "When people suggest that bolting on new features makes your product better, not worse"

Tools of the Trade

Imposter Handbook A book to help you catch up on Computer Science. We need something like this, hope this is it:

That book is The Imposter's Handbook: a compendium of my year-long quest to fill the holes in my CS knowledge. Not a replacement for a degree, not an authoritative source for any of the concepts presented. Just a concise summary of the things you should know.

Brad Stulberg 💯

One of the most effective productivity/performance enhancers is pausing, even if only for a second, to ask "why?" before doing something.

RafalWilinski/express-status-monitor Realtime monitoring for Express.js apps, inspired by

The Practical Dev

And in the master branch, they gathered for the release
They test it with their CI suite, but they just can't deploy the beast

Lingua Scripta

Test262 is a JavaScript Sideshow You think you know JavaScript? I bet JavaScript has a few surprise tricks up its sleeve. Check out some of these edge cases.

"fs" unpublished and restored You've got to be kidding me.

@wesbos TIL you can use ES6 spread to see what an emoji is made up of:

Lines of Code

The hardest problem in computer science This week's top link and for a good reason. Whenever you're stuck trying to name something, take comfort: our industry couldn't even agree on naming the most basic concepts:

Someone who got started with JavaScript would have a very different idea of what a “class” is than someone who got started with Ruby. People come to Python or JavaScript and exclaim that they “don’t have real closures” because of a quirk of name binding.

Paul Ford

Rubies are red,
Some threads are green,
But only Java has AbstractSingletonProxyFactoryBean

Leisa Reichelt

You can tell a lot about a car company that thinks having 100 million lines of code is something to brag about...


30K Page Views for $0.21: A Serverless Story Using AWS Lambda to batch update web content. This is what microservices (Lambda functions) are good for, a simple and effective architecture. And because Lambda pricing is so low, the whole thing costs practically nothing.

Paul Borrill on Time clocks and the reordering of events Let that be your Computer Science/Physics lecture of the week. (YouTube, starts at 33:50)

Closed Doors

Sophisticated, persistent mobile attack against high-value targets on iOS Upgrade your iOS device to 9.3.5 immediately. This exploit is too damn easy and you wouldn't even know your phone has been hacked.

Hackers Could Make a Killing After Finding Vulnerability in Medical Device Tech Maybe this is the shakeup we need, so businesses start taking security seriously:

After finding serious security vulnerabilities in St. Jude Medical’s pacemakers and defibrillators, cybersecurity and research company MedSec decided to take that information to a short-seller (Carson Block of the investment firm Muddy Waters) which then bet against the company in the stock market.

MedSec’s CEO Justine Bone says that her company didn’t disclose to St. Jude because it was unconvinced the medical device maker would actually fix the problem. Rather than have the problem ignored (and potentially put patient’s lives at risk), MedSec decided to not just shame St. Jude, but make it pay.

None of the Above

Shen Ye "an oddly specific number"

How the Clinton campaign is foiling the Kremlin I'll save you a click. Staffers are now required to use Signal whenever the conversation involves Trump. It wouldn't surprise me if the business sector follows soon.

Reducing Racial Profiling on Nextdoor Kudos Nextdoor for taking the issue seriously, and designing for it:

We are proud to report that the most effective combination of forms reduced posts containing racial profiling by 75% in our test markets.

Me, on Twitter Whenever I drive behind a truck, that's exactly what goes through my mind:

Published on

Design Objective

UX for Engineers Yes, engineers can do UX, because UX is not about things like “shared aesthetic vocabulary” — UX is about making something that works. Or as Assaf (not me) summarizes it:

Think of the user as the final integration in the application stack.

Great Products Don’t Happen By Accident Using playbooks for designing and building products:

Thinking in terms of a play book allows you to to embrace continual improvement since you can always remove old plays that no longer work and continuously add new ones as they are created. Playbooks only require teams to use the plays that work for them in their situation.

Is this my interface or yours? When should the UI use "My", and when to use "Your", a piece about perspective.

Things I've Learned About Responsive Email Design

If you don’t have the time, resources or patience then stick to emails that have 1 column and are fluid. It will make life much easier for you.

Designing actionable emails

These little touches create a more than superficial bond with your customers and are worth investing your time in.

Tools of the Trade

the 15 min rule Such a simple, yet effective, trick:

when you're stuck on something ... you have to try to solve the problem all by yourself for 15 min, but then when the 15 minutes are up you have to ask for help. Failure to do the former wastes people's time, failure to ask for help wastes your time.

Do’s and Don’ts of AWS Lambda All good advice, specifically this AWS Lambda beginner mistake:

People often ask me how to test Lambda functions locally, my answer to that is don’t! Write and test libraries, integration with Lambda should come after you have an initial suite of libraries containing your application logic.

stdlib Such a cool idea: serverless functions that are easy to write and deploy, and so are also easy to share with the world and reuse. (AWS Lambda, even with tooling, has a long way to go before it hits easy territory)

Using Feature Queries in CSS What is @supports and how to use it effectively, even though not all browsers (you know who) support it yet.

tomnomnom/gron gron transforms JSON into discrete assignments to make it easier to grep.


git checkout - takes you to the last branch you were on. You’re welcome.

surbhioberoi/github-widget A widget showing your github details that you can embed in any website.


<input name="name" type="text" class="name" id="name" placeholder="Name" title="Enter Your Name"><label for="name">Name</label> <!--name-->

@BigZaphod "Nah, I expected it."

Lingua Scripta

Building A Server-Side Application With Async Functions and Koa 2 Koa 2.0 is coming out once async/await lands in Node, but you can use it today with Babel or another transpiler.

How to keep his npm dependencies up-to-date A quick look at npm-check-update, updtr, next-update and Greenkeeper.

Lines of Code

Forget Technical Debt — Here's How to Build Technical Wealth This article you must read in full, do not miss it out. Here's one truth:

Legacy code has nothing to do with the age of the software ... It’s all about how difficult that software is to improve.

And here's one to hang on your office wall, by the coffee maker, wherever:

The most important artifact? Well organized, intention-revealing, clean code.

On Writing Less Damn Code This, so much this:

My favorite thing about aiming to have less stuff is this: you finish up with only the stuff you really need — only the stuff your user actually wants.

Do Code Smells Hamper Novice Programming? Yes.

The results of the experiment show that code smell indeed influence performance: subjects working on the program exhibiting code smells perform significantly worse, but the smells did not affect the time subjects needed. Investigating different types of tasks in more detail, we find that Long Method mainly decreases system understanding, while Duplication decreases the ease with which subjects modify Scratch programs.

@tottinge 100:

"A good programmer should be able to read difficult code. You all just need to be better programmers"

"Or you can write readable code"


Best Practices for Building a Microservice Architecture If microservices you must, then at least start here:

A microservice architecture shifts around complexity. Instead of a single complex system, you have a bunch of simple services with complex interactions. Our goal is to keep the complexity in check.

The rise of functional programming & the decline of Angular 2.0 Makes the point that the larger JavaScript ecosystem is shifting away from OOP and towards FP, which will bode well for React/Redux, not so much for Angular.

Engineering Antifragile Systems: A Change In Design Philosophy ☆ Tell me more!

To solve these problems, NASA is working to infuse concepts from Complexity Science into the engineering process. ... Instead of designing systems to meet known requirements that will always lead to fragile systems at some degree, systems should be designed wherever possible to be antifragile: designing cognitive cyber-physical systems that can learn from their experience, adapt to unforeseen events they face in their environment, and grow stronger in the face of adversity.

@moonpolysoft "found the cover image for my book on microservices"


This Management Hack Eliminates Employee Burnout It really is that simple:

To keep your motivated employees from burning out, all you need to do is make it perfectly clear that work emails need only be answered during work hours.

How do you decide what to work on? There is no one right answer, and it's important we all acknowlege that:

I feel weird admitting that I really struggle with this, but I really struggle with this. I do not always have good ideas about what to build. Sometimes I have ideas that I think are good and I do them and they’re great, and sometimes I have ideas and I do them and they’re… really not great. Sometimes I have standards for my work that I cannot figure out how to meet and that’s really frustrating.


me: why do i feel terrible
brain: coffee is not a food group
brain: eat a vegetable
brain: sleep
me: guess we'll never know
brain: oh my god

Locked Doors

Security Training with JumpCloud CTO Topher Marie Things that every employee needs to know and look out for. (YouTube)

Powerful NSA hacking tools have been revealed online To what extent did the NSA leave US targets vulnerable to attack?

Is Apple's Cloud Key Vault a crypto backdoor? No. But, if you're curious how it works, and what Apple is doing to lock themselves out, read this.


Coworker's unattended Mac:

crontab -e */30 * * * * say -v whisper "I am watching you"

You're welcome.



Today in San Francisco a friend told me she was looking for "a full-stack boyfriend" and I will never be the same

Access, Accountability Reporting and Silicon Valley With the lines between media firms and tech firms blurring, coverage of the tech sector presents one of the most profound accountability challenges in modern journalism.

@paulca (I'm still green as they come …)

The true mark of experience is, quite literally, not installing the latest beta on your work machine.

None of the Above

Why Not to Trust Statistics

Fractured Lands: How The Arab World Came Apart Amazing piece by the NY Times about one of the most significant event in modern history.

@TechnicallyRon Pretty much:

Being an adult is pretty easy, you just feel tired all the time and tell people about how tired you are and they tell you how tired they are

98 personal data points that Facebook uses to target ads to you That's fantastic news … if you're an advertiser:

When combined with the information you’ve already given Facebook, through your profile and your clicks, you end up with what is arguably the most complete consumer profile on earth: a snapshot not only of your Facebook activity, but your behaviors elsewhere in the online (and offline!) worlds.

@AllThingsLing Whenever you learn a new "untranslatable" word from a foreign language, remember this:

English has a specific verb for tricking people into listening to Rick Astley's "Never Gonna Give You Up"

“A Honeypot For Assholes”: Inside Twitter’s 10-Year Failure To Stop Harassment Makes the strong case that "For nearly its entire existence, Twitter has not just tolerated abuse and hate speech, it’s virtually been optimized to accommodate it."

You’re Holding Your Coffee Mug Wrong, According to Scientists An imporant scientific discovery: "By measuring the frequency of oscillations in coffee mugs, Han was able to detect a significant difference in spillage between using the handle and the claw model."

Instagram photos reveal predictive markers of depression "Using Instagram data from 166 individuals, we applied machine learning tools to successfully identify markers of depression ... Resulting models outperformed general practitioners’ average diagnostic success rate for depression." (PDF)

@jcfitz "Is this the kind of messaging we want on axes?"

Published on

Design Objective

Hypothesis driven UX design This, so much this:

  1. Take your assumptions and state them as explicit hypotheses
  2. Let your team buy into stated hypotheses
  3. Force yourself to design according to your hypotheses
  4. Force yourself to test against your hypotheses
  5. Create a culture of learning by showing stakeholders the benefits of validated customer hypotheses

The environment disables the people, not the other way around Can't stress this enough. Disability is caused by the environment, by how we design and build tools/technologies that only serve select people, and then label anyone who's excluded from using these tools/technologies as "disabled":

And so with digital products that assume certain abilities, like the ability to coordinate mouse pointing and clicking on small hit targets, for example. Or designing a typography with low contrast between text and background — the doors-only-the-second-floor of web design.

Tools of the Trade

High Performance SVGs How to ensure stellar performance for SVGs and get web pages to load and render faster.

noidontdig/gitdown Don't commit when you're drunk: a script that uses an Arduino-based breathalyzer to moderate your git commits based on your blood alcohol content.

@_ericelliott To anyone building an API:

Try not to use usernames or emails as keys in your app -- it could make it difficult for users to change them later.

@ageitgey Spot on:

As I painstakingly manage my captured pokemon, I suddenly realize that Pokemon Go is just an animated version of Jira backlog grooming

Lingua Scripta

I Peeked Into My Node_Modules Directory And You Won’t Believe What Happened Next So this post scared quite a few people who took it literally. Then again, it is believable and not far from the truth. Node has a serious bloat issue. What are you doing about bloat in your own projects?

Lines of Code

drbrain More experienced team members can do this too:

A less-experienced team-member gave feedback on my variable name choice. I examined and found I could make the code better by changing them.

@dadamsTweets Is something I've seen happen over and over:

My boss said today: "It is interesting that you don't need to read a user story to implement but you need to read the user story to test".

@perhammer Making the unit tests pass.


Large Diffs Are Hurting Your Ability To Ship Break large pieces of work into smaller pull requests (diffs), which are easier to work with:

  • Large diffs won’t get reviewed
  • It’s hard to spot bugs in large diffs
  • Reverting large diffs is hard
  • Reverting large diffs is hard

@schmonz First, add feedback:

In software development, efficiency comes from doing fewer wrong things for less time. To optimize for efficiency, optimize for feedback.

@can_test Architecture is no exception:

Dear software/system architects: if you create architecture diagrams that DON'T include testing/feedback systems, you're doing it wrong.



It's not DNS
There's no way it's DNS
It was DNS

Locked Doors

Bungling Microsoft singlehandedly proves that golden backdoor keys are a terrible idea Thank you Microsoft for this proof of concept, showing us why golden backdoor keys are a terrible idea:

What's more, it is believed it will be impossible for Microsoft to fully revoke the leaked keys.

And perhaps most importantly: it is a reminder that demands by politicians and crimefighters for special keys, which can be used by investigators to unlock devices in criminal cases, will inevitably jeopardize the security of everyone.


How a single conversation with my boss changed my view on delegation and failure This will strike a chord with anyone transitioning from tech lead to management:

“Listen, if there isn’t something going off the rails on your team, then I know you are micro-managing them. You are really good at what you do, and if you stay in the weeds on everything, you’ll keep things going perfectly, for a while. But eventually two things will happen. One, you will burn out. And two, you will eventually start to seriously piss off your team. So I better see some things going sideways, on a fairly regular basis.”

@jmccartie Related:

“The moment you feel the need to tightly manage someone, you’ve made a hiring mistake.” ― James C. Collins

Resumes suck. Here’s the data. Always be skeptical of posts that share selected data. For example, this post discusses how they grade resumes, but fails to dissect how they grade "strong candidate" or high performers. So ignore the part where they attempt to correlate performance with resume attributes.

But do look at the striking difference between agency recruiters, in-house recruiters, hiring managers and fellow engineers. These four groups all evaluate the same resumes and reach different, incompatible conclusions. Which makes the strong case that resumes are not objective measures of anything. Can we do better?


The rise and fall of Gopher 25 years ago there was Gopher and it arrived earlier and started off better and grew more popular than the Web. Until it wasn't.

Death of the Industrial Advertising Complex TL;DR for large brands, advertising has a negative ROI, the more they spend on it the worse off they are (see Gillette vs Dollar Shave Club). What would happen when brands finally catch up to reality, specifically for advertising platforms like Facebook and Google?


God grant me the serenity
to delete the emails I can't answer
courage to reply to what I can;
and wisdom to know the difference.

None of the Above

@sydlol "Edgar Allen Poe? haven't heard that name in years"

This Is Why There Are So Many Ties In Swimming Because pools are made of concrete.

We were wrong: Ending stop and frisk did not end stopping crime Time we realized heavy-handed policing doesn't reduce crime:

Post stop-and-frisk, the facts are clear: New York is safer while friction between the NYPD and the city’s minority communities has eased.

The Unsexy Truth About Millennials: They’re Poor Next time you stumble upon a think piece about Millennials, keep this in mind: "lower wages and poverty can account for so many of the things that older generations find so mystifying about millennials."

Party of Two Fantastic read about the complex and nuanced world of politics.

@MrMikeClarke "From the book Creative Mischief (by @davetrott) - this is brilliant. Evil, but brilliant!"

Published on

Design Objective

Design Better Data Tables How to display tabular data:

Tables might be boring, but they are such a major element of any data-rich document that they’re worth every ounce of design thinking we can apply to them.

Making a case for letter case

Just as title case looks more formal and serious, sentence case looks more casual and friendly.

I beg to differ. In the age of conversational UI, casual and friendly is expressed in all lower case. Sentence case is for formal and serious. Also, bots.

Introducing BuzzFeed’s Design Process Combining design phases with feedback loops and iterations:

It’s not uncommon for inexperienced designers to jump to solutions before they’ve fully unpacked and understood a problem, or to fold in all feedback they’ve received because “my peers are smart” without practicing the skill of filtering out input that’s distracting or not inline with the goals of a project.

Peek Inside a Facebook Design Critique "By showing how design critiques at Facebook typically go, we wanted to highlight what makes for a good critique and what can often get in the way."

Hidden Expectations The hardest parts of the Web are the invisible parts: accessibility, security, performance, and empathy.

The Headless Web Makes the strong case for a future of the web, which is not exclusive to web browsers:

If we can provide a world where content and utility on that content are available headlessly then I think we are in a good position.

Tools of the Trade

This Image is Also an HTML Webpage Cool trick.

The performance benefits of rel=noopener In addition to the privacy benefits.

attic-labs/noms A decentralized database based on ideas from Git. If you ever wanted a database that can do versioning, forking and merging, quick reverts.

Haka Software defined security:

The scope of Haka language is twofold. First of all, it allows to write security rules in order to filter/alter/drop unwanted packets and log and report malicious activities. Second, Haka features a grammar enabling to specify network protocols and their underlying state machine.


2004: rake -T  
2009: bundle exec rake -T  
2014: foreman run bundle exec rake -T  
2016: docker run -d -p 3000:3000 --nafuuu ... (╯°□°)╯︵ ┻━┻  


Friend: Do dates make you nervous?

Me: omg yes especially when doing math across timezone boundaries

@jessicard "web dev is fucking brutal"

Lingua Scripta

ECMAScript proposal updates @ 2016-07 All the stuff that's destined for ES2017. Glad to see async/await made the cut.

TIL JavaScript has a special 'long arrow' syntax to iterate over a range of numbers

let i = 10;  
while (i --> 0) {  

Huge number of files generated for every AngularJS 2 project First step is admitting you have a problem:

Lines of Code

How To Write Unmaintainable Code A classic.




OH: "Can you give me an estimate on how long it will take you to fix this bug?"

"That's like asking how long it will take to find my keys."


Programming is like

  • Get 68 people to write a book
  • Simultaneously
  • End is sort of vague
  • Change the topic twice
  • Pedantic people
  • Lots of Coffee


Notes on concurrency bugs Through the eyes of academic literature on non-deterministic bugs:

97% of examined deadlock bugs were caused by two threads waiting for at most two resources

Moreover, 22% of examined deadlock bugs were caused by a thread acquiring a resource held by the thread itself.


"by simply dropping two pizzas into any organisation, teams will form around them, and then you have devops" - @phillip_webb #s1p @pivotal

@assaf "WontFix: feature delivered exactly as specced"



We assume that everything we have once written is visible to every newcomer. Nope. Repeating the best practices should be a best practice.

Locked Doors


In a snakeoil presentation I heard: "you should use foxit, everyone has an Adobe Reader 0day", so I tried to find a bug in foxit,it was easy

New attack steals SSNs, e-mail addresses, and more from HTTPS pages Sky not falling, but this is a very interesting technique:

To determine the size of an HTTPS-protected response, the attacker uses an oracle technique that returns what amounts to a yes-or-no response to each guess. When a request containing "value=" results in the same data size, the attacker knows that string is inside the encrypted response and then tries to modify the guess to include the next character, say "value=0".

Sensible Privacy: How We Can Protect Domestic Violence Survivors Without Facilitating Misuse When the main potential attackers are the survivor's partner.

So I accidentally broke a Skype messaging bot..

None of the Above

Instagram for Win95

The Oppressive Gospel of ‘Minimalism’

Today’s minimalism, by contrast, is visually oppressive; it comes with an inherent pressure to conform to its precepts. ... It is anxiety-inducing in a manner indistinguishable from other forms of consumerism, not revolutionary at all. Do I own the right things? Have I jettisoned enough of the wrong ones?

Dogs Are Being Used To Explain Body Positivity To Children, And It’s Pretty Great

IBM creates world’s first artificial phase-change neurons "They behave like biological neurons, including low power usage and dense scaling."

Specialized fires up color-changing, heat-sensitive paint for Olympians "The Torch paint transitions from a deep red to bright yellow as the temperature rises above 71ºF (22ºC)" Want!

I Replaced The Word ‘Millennials’ With ‘43-Year-Old White Men’ Haha.

Primitive Technology: Forge Blower Using sticks and clay to build a forge blower to make iron:

Published on

Design Objective

4 ways I’ve fucked up as a designer Solid takeaways, like this one:

Don’t skip process. User flows? User scenarios? User stories? User jokes? User lollipops and user flashlights and user sinuses? Yes please, give it all to me. I don’t care if it exists or not, I’ll learn it and I’ll find a way to apply it. Because these processes exist for a reason.

Tools of the Trade

FallibleInc/security-guide-for-developers To start with, a security checklist, and stats about vulnerabilities.

Accessible UI Components For The Web If a custom UI component must you build:

Custom UI components (with the exception of components that extend native elements like <button>) do not have any built-in functionality, including accessibility, so this needs to be provided by you. ... The following is a list of questions you can ask yourself when attempting to make your UI components more accessible.

vfaronov/httpolice Lint for HTTP.


tfw you spend an hour banging your head against something because the way you configure it is a double negative

Lingua Scripta

Why object literals in JavaScript are cool Goes into all the things ES6 object literals that were not possible with ES5.

Lines of Code

Message Obsession

I’ve noticed a “code smell” in object-oriented code that I call “Message Obsession”. I find Message Obsession causes similar difficulties to Primitive Obsession. However, Message Obsession appears to be the complete opposite of Primitive Obsession. Refactoring to address the difficulties caused by either Primitive Obsession or Message Obsession leads to the same design


“So you spent all day writing this tiny amount of code?”

“No I spent all day thinking about *how* to write this tiny amount of code.”


I think the biggest takeaway from my 16 years of programming is just 5 simple words:

Don’t try to be clever.


it("Should do that thing we talked about")


The Churn What really happens when developers are constantly chasing the next big thing:

I understand. But that's because we got used to all that early rapid growth. Those were heady days; and we want them back again. But they're gone; and we have to face the fact that we are wasting time and effort on a massive scale trying to recreate them.

Why Uber engineering switched from Postgres To MySql Churn? Just guessing, because of this presentation by the same author, two years earlier, titled "Migrating Uber from MySQL to PostgreSQL".

Goodbye, Object Oriented Programming Highlights the false promises OOP made that didn't live up to the hype. But you can also read this as "things OOP doesn't do right, ignore those and only use the less clever OOP features."



only two more days until Monday

Locked Doors

Pregnancy-tracking app was riddled with vulnerabilities, exposing extremely sensitive personal information The "fix it later" security culture at startups:

The companies backed by data-hungry VCs will perforce design their products to extract as much data as possible from their users ...

every dollar they spend on security engineering is a dollar they can't spend keeping the lights on while they try to raise another round, or attain profitability, or sell the company ...

If they do manage to survive their six-month timeline, they can fix it then (or maybe fob the problem off on some googleish giant that's acquired them).

NIST declares the age of SMS-based 2-factor authentication over It's about time. The second factor should be something you have. SMS is not something you have, it's something the carriers let you use.

New attack bypasses HTTPS protection on Macs, Windows, and Linux Always VPN on networks you do not control:

The attack can be carried out by operators of just about any type of network, including public Wi-Fi networks, which arguably are the places where Web surfers need HTTPS the most. It works by abusing a feature known as WPAD—short for Web Proxy Autodisovery—in a way that exposes certain browser requests to attacker-controlled code.

Delilah, the first Trojan to recruit Insiders Infosec has a new problem on its hands: a malware that extorts victims into stealing insider data.


Twas the week before DefCon, when all through the IRCs, red teamers were buying burner phones as if someone would blow a $1m iOS vuln on 'em

None of the Above

Taxonomy of the Occlupanida A taxonomy of plastic bread closures (Occlu=to close, pan= bread).


you may not think your brain is a supervillain. but 1) its called Brain and 2) it lives in a skull fortress


This race must be familiar for many women: she’s overqualified for the promotion, he’s unqualified, and yet it’s still a contest.

On a technicality Pretty much:

So I concluded that, for a smaller community, the people who need the rules are likely to be people who you don’t want around in the first place. And “don’t be a dick” covers that just as well.

Did Wes Anderson design North Korea? You decide