Labnotes

Published on

Emergency Kittens "chubby but mathematically perfect"


Design Objective

Mastering the Power of Nothing How to use whitespace in user interface design.

How to Design a Form Wizard "Wizards are best employed for long and unfamiliar tasks that the user needs to complete once or rarely."

Design for iPhone X New screen size and notch, explained.

The Uncomfortable A collection of deliberately inconvenient everyday objects (thanks, drewish).

Dylan Beattie 🇪🇺 😂

"Yeah - there's already a user legend for that."
"A what?"
"A user legend. It's like a user story, but for stuff we know will never happen."


Tools of the Trade

Sublime Text 3.0 Hundreds of new improvements under the hood, including goto definition, new syntax highlighting engine, new UI, and expanded API.

Comlink Tiny RPC library that works on windows, iframes, WebWorkers and ServiceWorkers.

Understanding & Measuring HTTP Timings with Node.js TL;DR Node.js fires socket events for DNS lookup, TCP connection, and TLS handshake.

fastify A Node.js framework for building fast JSON APIs.

On React and WordPress WordPress is the latest to ditch React due to licensing issue.

iPhone X leaked benchmarks match MacBook speeds and destroy Android phones This pocket device will be faster than a MacBook Pro!

OSTIF Official Adding insult to injury:

Equifax uses open source software that it in no way contributes to, to protect $14B of data.

Equifax blames OSS for hack.

Don't be Equifax

The Coder's Coloring Book 🖍


Web-end

htmlreference.io HTML reference with code samples and live demos. Also check out cssreference.io.

The Ultimate Guide to CSS caniuse for HTML emails.

css-variables User Agent properties and variables #1693 Introduces safe-area-inset-top, safe-area-inset-right and friends, because we need new CSS properties to style around the iPhone X notch. Sigh.

Ben Schwarz 🇦🇺 The next big thing in server-side rendering:

A react plugin that pretenders your site to deliver a screenshot of the site with image map for links

SwiftOnSecurity Related:

When u realize it'd be faster for news websites to just send you a screenshot rather than download 8 megs of JavaScript and render the page


Lingua Scripta

Using ES modules natively in Node.js ES modules coming soon to a Node.js near you.

What's new in Node.js 8.5? ES modules, performance hooks, and file copy.

“Elements kinds” in V8 Avoid sparse arrays, reading beyond end of array, and polymorphism (= shape shifting is slow).


Architectural

Ruthless Prioritization This article is one gem after another. My favorite:

there is always a way to accomplish your goal faster than you currently plan to.

Akeem Adeniji Proud to be a member of this club:

first rule of software development club: don't promise shit. deliver, always deliver but don't promise anything!

Mikeal Rogers What happened to OpenStack also applies to Kubernetes:

Thread: Enterprise adoption w/o downmarket adoption signals a short lifecycle and quick death.

Yes, this is also true for kubernetes.

11 great quotes from The Tao of Programming Words to live by: "Though a program be but three lines long, someday it will have to be maintained."

Eustáquio Rangel Bespoke architectures:

Seems today instead of "make your blog in 15 minutes" the hype is "make your blog in 15 containers". What happened to the simple things?


Devoops

Sysadmin war story: “The network ate my font!” Caching meets "why is this setting not enabled by default?"


Peopleware

Russell Keith-Magee Phrasing:

OH: It's not "hard" skills vs "soft" skills - its "technical" vs "professional" skills.


Locked Doors

Face ID, Touch ID, No ID, PINs and Pragmatic Security Is the best writeup I've seen on Face ID and it's threat model:

Face ID: for 99.x% of people, their "threat actors" are people who steal their phone at a bar. For everyone else, don't use biometrics.

How a fish tank helped hack a casino What? "The hackers attempted to acquire data from a North American casino by using an Internet-connected fish tank."

Ayuda! (Help!) Equifax Has My Data! Remarkable attention to security:

The “list of users” page also featured a clickable button that anyone authenticated with the “admin/admin” username and password could use to add, modify or delete user accounts on the system.

Joseph Menn So true:

"You are already getting a free pen test, you just aren't getting the report," --@k8em0, #InternetSummit


Techtopia

facebook, you needy sonofabitch "They’ve gotten so brazen in their tactics to keep users engaged (ENGAGED!) I think it’s no longer possible to be a casual Facebook user."

Raj Sivaraman "DO NOT HELP GOOGLE FIND SARAH CONNER."


None of the Above

Kengarex "This Mural Was Painted Upside-Down To Reflect Off Of The Water"

Chimamanda Adichie 🙏

May Your CV reach the Right Hands.

That Delta Plane Flying Straight Through Hurricane Irma was NBD Amazing: "In fact, the real daredevil work happened before takeoff—and even before the plane landed in San Juan."

Ryan Teague Beckwith Government, 2017 edition:

Under the Constitution, the House tweets. If the Senate retweets, it goes to the President, who favs it into law.

Chris Chaten How the events of 9/11 led to the development of mobile check deposits.

Equifax’s Maddening Unaccountability This must change:

There are technical factors that explain why cybersecurity is so weak, but the underlying reason is political, and it’s pretty simple: Big corporations have poured large amounts of money into our political system, helping to create a regulatory environment in which consumers shoulder more and more of the risk, and companies less and less.

Channel 4 Confirmed:

BREAKING: The world's problems will not be solved by arguing with strangers on Twitter. We'll update you when we have more on this story.

Facebook Enabled Advertisers to Reach ‘Jew Haters’ It's a tiny category, but the fact that such categories even exist …

Autumn Williamson Always be creating:

Published on

Jaguar has restored this old E-type with an electric upgrade Classic styling and all new wirings.


Design Objective

Little UI Details The little details that make a big difference:

Adding a subtle shadow to white text when on a bright background not only makes it more legible but helps it 'pop' more.

Flat UI Elements Attract Less Attention and Cause Uncertainty Use strong signifiers, and declutter the UI:

The problem is not that users never see a weakly signified UI element. It’s that even when they do see the weak element, they don’t feel confident that it is what they want, so they keep looking around the page.

These findings also confirm that flat or flat-ish designs can work better in certain conditions than others. As we saw in this experiment, the potential negative consequences of weak signifiers are diminished when the site has a low information density, traditional or consistent layout, and places important interactive elements where they stand out from surrounding elements.

Floating Labels Are Problematic Highlights some problems with floating labels, a follow up to Placeholders are problematic.

Baz Scott "From the Apple chess engine code 🤣🤣🤣" (via eran)


Tools of the Trade

1Password command-line tool: Getting started You can now automate 1Password from the command line:

op get item WestJet | jq '.details.fields[] | select(.designation=="password").value'

fasttext-node Node wrapper for Facebook's text classifier FastText.


Web-end

Building Skeleton Screens with CSS Custom Properties Skeleton screens should have fast time to first meaningful paint, easy with a little bit of HTML and critical-path CSS.


Lingua Scripta

James Kyle Unfortunately, ESLint has the opposite rule:

Async-await footgun pointed out to me last night by @bassjacob: Always return await or if you wrap with try-catch it won't be caught


Architectural

Michael (Doc) Norton This:

The gap between "Here's what worked for us" and "Here's what you should do"
is often perceived as tiny but is usually absolutely massive.

David Andress "This is a very important general point: people are far too inclined to believe that a crisis averted was never a crisis at all."


Peopleware

A Sense Of Urgency On balancing the RAMPS forces:

a very common question: managers turn to me and say, "my team lacks a sense of urgency, how can i give them one?"
...
RAMPS -- Rhythm, Autonomy, Mastery, Purpose, and Safety. someone else said it better than me: make great software by making great teams.


Locked Doors

Equifax Breach Response Turns Dumpster Fire Yeah it's bad. They lost the identity data of about half the US population, sat on that information for over a month, while some executives sold shares in the company, and then had the audacity to opt people out of class action lawsuit.

Mel Tajon Bet you didn't see this coming:

Confirmed: I’m also able to unlock the Samsung Galaxy Note 8 with people’s Facebook profile pics and Instagram selfies from my iPhone…

A Simple Design Flaw Makes It Astoundingly Easy To Hack Siri And Alexa Apparently, voice assistants listen on frequencies that are not audible to humans, making this stealth attack possible:

The researchers didn’t just activate basic commands like “Hey Siri” or “Okay Google,” though. They could also tell an iPhone to “call 1234567890” or tell an iPad to FaceTime the number. They could force a Macbook or a Nexus 7 to open a malicious website. They could order an Amazon Echo to “open the backdoor” (a pin would also be required, an August spokesperson clarifies). Even an Audi Q3 could have its navigation system redirected to a new location.

KRANG T. NELSON 🛋

ME: and then there's this dumbass verification code thing. like, wtf

THERAPIST: this is $250/hr do u want to talk abt anything else

ME: no


None of the Above

Hervé Piton "Floppy disks have been gone for so long they've become almost mythical and people start to make up how they worked."

Patrick McKenzie Follow this thread for some tips on what to do when someone opens a credit card in your name.

It occurs to me that my hobby in writing letters about the Fair Credit Reporting Act is suddenly topical! So some quick opinionated advice:

Boston Red Sox Used Apple Watches to Steal Signs Against Yankees The snark just writes itself: another northeast sports team caught cheating, also, finds a practical use for the Apple Watch.

dontmakemechokeaginge.tumblr.com Collection of funny parent/child t-shirt pairings.

There are some crazy medical codes out there—here are the weirdest on record These are the ones that appear in insurance claims in the US:

Perhaps with all our eyeballs glued to phones and tablets these days, the oblivious walking accidents aren’t surprising. But barnyard animals have less of an excuse. In the last year, 1,700 people showed up with W5522: “struck by cow,” and 200 had W6132: “struck by chicken.”

zonohedonist 😹

cat: my human is broken
cat technical support: have u tried asking to be let outside, then asking to be let back in

Andy Jackson "Sign spotted in the depths of the @britishlibrary"

Published on

🌹PⒶVEL 🌹 "After you defeat all the other landscapers, you must face the final boss"


Design Objective

The One Question Great Designers Ask Hate the hyperbole, but agree strongly with the premise:

Not “How should it work?” But “How should it work?”

Ignore what everyone else is doing. Ignore what the engineers say is possible or easy to build. Start with a blank slate and then think through the ideal experience.

The Tiny Keyboard Problem: Do People Complete Forms on Their Phones? TL;DR "Users viewed forms at fairly similar rates between desktop and mobile, but were 81% more likely to submit on desktop."

Are app reviews worth reading? "Human beings are delightfully creative, and you never know how people might use a product out in the wild" and other insights from Dropbox reading their app reviews.

A quick beginner’s guide to drawing "The basic craft of drawing is about two things: you learn to control your hand and to see."

chen 🍄 🛌

my favorite design tool is sleep

Daniel Yount "head explodes"


Tools of the Trade

Rethinking drag and drop "Taking something basic and making it beautiful", but also responsive, accessible, fast, and properly tested. Check it out.

gmaster New Git client that goes above being a command line wrapper: side-by-side semantic diff, proper 3-way merge, and more. Currently for C#, C/C++, and Java.

Software development 450 words per minute What it's like to develop software using a screen reader. And here's what it sounds like going at 450 wpm:

farzher/fuzzysort Fast SublimeText-like fuzzy search for JavaScript.

Headless mode And Firefox just added headless browsing mode, and the WebDriver API, for all your testing/automating/scripting needs.

Developing from an iPad How to run bash, screen, Vim, and other 90's favorites on a modern day tablet.

Atmo A macOS/Windows app for mocking HTTP/S services, with logic in JavaScript, and single click deploy to Zeit's Now.

Meredith L Patterson

new sshd who dis


Lingua Scripta

Building a Maybe in JavaScript Easier than it sounds, but will this ever go popular/native:

const maybeOne = Maybe.just(5);
maybeOne.map(x => x + 1); // Maybe.just(6);

const maybeTwo = Maybe.nothing();
maybeTwo.map(x => x + 1) // Maybe.nothing();

mikeal/r2 The spiritual successor to the widely-used "request" HTTP client lib, based on the Fetch API, and designed for async/await (but why let and not const?)

let obj = {ok: true}

let resp = await r2.put('http://localhost/test.json', {json: obj}).json

Lines of Code

Merrick Christensen Alert fatigue is a real thing:

ProTip: Keep your console free of warnings and errors. Even if they are false alarms (mute/fix them). Getting used to errors will cost you.

Jeran Fox "Most Javadoc"


Architectural

Event Sourcing: What it is and why it's awesome Gentle introduction to the benefits of event sourcing (which in theory I really love, waiting for half decent tooling to arrive.)

Rob Mayoff Reminds me of some company I used to work for:

“Have you ever heard of ‘not-invented-here’ syndrome?”
“Yes, but we have our own term for it.”


Locked Doors

Obscurity is a Valid Security Layer When used correctly:

When the goal is to reduce the number of successful attacks, starting with solid, tested security and adding obscurity as a layer does yield an overall benefit to the security posture. Camouflage accomplishes this on the battlefield, and PK/SPA accomplish this when protecting hardened services.

What Being a Female Hacker Is Really Like Think I chose the wrong career path. When we're dealing with a major crisis, we get donuts delivered to the conference room:

On top of that, when there is a major cyber attack, you could be flown to the scene of the crime for crisis control, and, depending on the urgency of the investigation, you might even get upgraded to a private jet.

Inside an Epic Hotel Room Hacking Spree "A vulnerability in hotel keycard locks was a security disaster—and the opportunity of a lifetime for one burglar."


Techtopia

Using chatbots against voicespam: analyzing Lenny’s effectiveness If we could train chatbots to respond to voicespam, would it make voicespam too expensive and a thing of the past? (via @drewish)

social justice mage BART is trying to tell us something:


None of the Above

Emergency Kittens "i cannot believe "if it fits, i sits" transcends boundaries in this way"

Saron Know the stage:

I've spoken at a lot of tech confs over the years, and there are things that are normal now that really threw me off as a 1st-time speaker.

The Adorkable Misogyny of The Big Bang Theory "Adorkable Misogynists are male characters whose geeky version of masculinity is framed as comically pathetic … lets them off the hook for a wide range of creepy, entitled, and sexist behaviors."

Tara Mann Yes, please! "Quick mock for a really dumb app I wish existed.... CAN I PARK HERE OR NOT?"

Bryce Roberts 🏋

Free business idea- A crossfit gym that's actually just a farm or a construction site.

Microsoft is finally fixing a notorious Outlook emoji problem that's plagued users for seven years Well, that took a while J

There’s No Such Thing As a Free Watch "Special Investigative Report For the Museum of Capitalism"

Harvey Didn’t Come Out of the Blue The US is very good at not talking about ways to prevent/mitigate disasters.

Tom Hatfield "Every time I see news coverage of a protest I remember this image"

How the GDPR will disrupt Google and Facebook Brief analysis of how EU's General Data Protection Regulation could affect Facebook and Google. And your product, if it's used in the EU and collects user info.

See_u_in_SF_in_a.gif "OK... this is the most amazing gif I have ever seen."

Published on

Lowcostcosplay Epic!


Design Objective

Gojko Adzic 🤔

#1 reason for using post-its for user stories: if it's not done when the glue dries up so much to fall down from the wall, it's obsolete

Stop Using The Cup of Coffee vs. $0.99 App Analogy Please. It never was and never will be a good analogy:

I know I’ll like my cup of coffee. It will fully meet my expectations. … It’s an experience I can fully trust will be pretty much the same each time. There’s no gamble here.

Last week I bought a game for 99 cents and it was terrible. I played it once, for 15 seconds. I could be shoving $1 straight down the toilet again for all I know. Your app, good sir, is a total gamble.


Tools of the Trade

Caiyeon/goldfish A UI for HashiCorp Vault. And you can request policy change by Github commit.

jarulraj/sqlcheck A linter for SQL queries.

whitequark So what's UDP?

TCP is not a protocol, it's actually an elaborately designed honeypot that teaches humility to developers for over 35 years

On The Turing Completeness of PowerPoint Someone actually built a turning machine using PowerPoint and wow.

Cassidy Williams Been there, done that:

I'm:
⚪️ a man
⚪️ a woman
🔘 an aspiring vim user

and I'm looking for:
⚪️ a man
⚪️ a woman
🔘 how to exit


Web-end

Jen Simmons Spec work is hard and often under-appreciated:

Why does new CSS take so long to invent & ship? CSSWG has to figure out how everything misbehaves. Here, debating floats + initial letter.


Lines of Code

Tautology Tests How to find tautology tests in your code:

  1. Tests that get updated much more frequently than the code they’re testing when they fail.

  2. Test code that’s impossible to edit without looking at the implementation.

Ben Reilly "how haven’t I been fired for this kind of thing I mean honestly"


Architectural

Nathan Marz Not the only, but definitely my first choice:

1/ The only way to design abstractions is through the unification of concrete use cases. Anything else leads to disaster.

2/ The art is figuring out which use cases are related and share an underlying structure.

3/ This is why great programming is a process of discovery, not invention. Great abstractions wait to be found and use cases are your map.

Tom ✊🏼 Croucher This never gets old:

Modern computer science is just rediscovering which 50s, 60s or 70s paper describes the solution to what we are doing on the 2017 Internet.

Luke VanderHart Never thought about it that way:

Reminder: every time you design something so it will be "easy to change" you are making assumptions about what kind of change you expect.


Devoops

Alice Goldfuss 🖥

doesn't matter how big the company, someone in it is provisioning shit with bash scripts


Techtopia

Google's Anti-Bullying AI Mistakes Civility for Decency The problem with machine learning algorithms starts with the training:

The project, Perspective, is an API that was trained by asking people to rate online comments on a scale from "very toxic" to "very healthy," with "toxic" being defined as a "rude, disrespectful, or unreasonable comment that is likely to make you leave a discussion." It's part of a growing effort to sanitize conversations online, which is reflective of a certain culture within Silicon Valley and the United States as a whole: The culture of civility.

And so we get:

A number of other highly problematic phrases—from "men are biologically superior to women" to "genocide is good"—rank low on toxicity. Meanwhile, "fuck off" comes in at 100 percent.

VW engineer sentenced to 40-month prison term in diesel case Just a reminder that "blindly executed a misguided loyalty to his employer” doesn't hold as defense in court.

Have Smartphones Destroyed a Generation? Every technology has downsides, they're real, they could be affecting you, or your kids, so pay attention.

Lesley 🥞 2017, the year I stopped understanding how to use a dishwasher:


None of the Above

Miss Texas 1967 "I both can and can't believe it"

Federico Viticci Did not see that one coming:

Very nice: when sharing AMP pages to iMessage or Reading List, iOS 11 Safari automatically removes AMP’s crap from the URL. Go Apple 👍

Offline "You must go offline to view this page" 💯

Assaf "A/B testing"

Carolyn Wood "Don't feed the trolls" meets algorithmic timeline:

A reminder if you use FB. Algorithm makes most replied to, not most liked, rise to top. If you reply to trolls, they become most prominent.

I’ve seen a lot of videos going around of urban-dwelling critters coming to humans for help with various problems How do they learn that?

does it ever strike you how weird it is that we’ve got a whole collection of prey species whose basic problem-solving script ends with the step “if all else fails, go bother one of the local apex predators and maybe they’ll fix the problem for no reason”?

Lowcostcosplay And again, because I can't pick which of his many cosplays I like the most.

Things to Hang on Your Mental Mug Tree Interesting tidbit about advertising and context (via Julia Galef):

But, under communism, anything that was worthwhile or desirable was generally in short supply. Consumers inferred that the only possible reason that the government might be promoting something was that they'd accidentally managed to produce something of such unremitting crappiness that people weren't willing to queue for it. Advertising in that context told you what not to buy.

The Dodo "This dog stole the baby's toy — then apologized for it!"

Published on

Please and thank you.


Design Objective

Run The Joules The importance of diversity in tech:

I almost got fired from my last job due to a similar technical issue. It's important to consider life experiences that differ from yours

“As a user” needs to stop. Argues against cargo cult user stories:

The purpose of user stories is to create empathy. As a result, tiny implementation details do not need to be written in the form of user stories. The design and engineering teams can figure that out; that’s their job.

When user stories really shine, they tell a story about the person using your product. The person becomes the hero. You’re just there to create the conditions for her to achieve her real-life goals.

DesignBetter.Co InVision's site for designers, with in-depth books, podcasts, and more.


Tools of the Trade

Sarah Mei Thread:

The more I do software, & read the old papers & new blogs, the more I realize that our history is this series, repeated ad infinitum:

GoogleChrome/puppeteer Google's own API for using headless Chrome from Node (testing, automating, scraping, etc).

const browser = await puppeteer.launch();
const page = await browser.newPage();
await page.goto('https://example.com');
await page.screenshot({path: 'example.png'});

Crafties "Best practices" without context are just "practices".

Return well-formed error responses from your REST APIs Simple proposal for reporting errors with input fields.

[{ 
  "errorCode": "BAD_FORMAT", 
  "field": "email", 
  "originalValue": "suhas.chatekar", 
  "mesage": "{email} is not in correct format",
  "helpUrl": "/help/BAD_FORMAT#email" 
}]

The world in which IPv6 was a good design Or, why is IPv6 such a mess, and how did we get here?

At that point, all we'd have to do is eliminate all remaining UDP and TCP from the Internet, and then we would definitely not need layer 2 bridging anymore, for real this time, and then we could get rid of broadcasts and MAC addresses and SDN and DHCP and all that stuff.

And then the Internet would be elegant again.

{jqi} A simple graphical UI for jq.


Architectural

GonzoHacker 😭 "denial, anger, bargaining, depression, acceptance and mini-monolith"


Peopleware

Tech’s Damaging Myth of the Loner Genius Nerd Even the New York Times gets it:

There’s a joke in computer science that one of the hardest tasks is naming things in code. It’s funny because it’s a nontechnical task. But it involves something that can be even harder than technical work: communicating with other people and intuiting what they might need and understand.


Locked Doors

Kia For when you need to quickly disable Touch ID:

iOS 11 is a game-changer for Touch ID. Press power button rapidly 5 times and it opens the 2nd screen, but it also forces passphrase entry!

NIST Update: Passphrases In, Complex Passwords Out Finally, NIST advocating sane password policies, and walking away from harmful past practices (security questions, special characters, password change every X days, etc.)

Security Nerdette 👍

Replacing 'whitelist/blacklist' with 'safelist/blocklist' now on. Let's recognize and replace racism/sexism in everyday tech vocab! ❤️


None of the Above

Quincy Larson "Trying to code when chat's open"

Texting on the move turns your walk into an ungainly lollop Explains why it's difficult to pass people that are texting and walking:

The problem of text-walkers has become such a problem that cities such as Antwerp in Belgium, has introduced ‘text-walking lanes’ so that they do not irritate or endanger other pedestrians.

Why we fell for clean eating Post-truth diets:

Once we enter the territory where all authority and expertise are automatically suspect, you can start to claim almost anything – and many #eatclean authorities do.

yan "8 rabbits, aka 1 rabbyte"

What Brands Are Actually Behind Trader Joe’s Snacks? Spoiler alert.

Cutest Animals Ever "This dog...caught a fish...using croutons. Then walked off like Mufasa"