Labnotes

Weekend Reading — Accidental Renaissance

Published on

/r/AccidentalRenaissance Of course there's a Reddit for that.

This week we struggle with the website obesity crisis; we guesstimate like a pro; React is the back-door that teaches front-end developers about functional programming; more insights from young CTOs; a case study for defense in depth; let's shake a tree, maybe a drone will fall out.


Design Objective

The Website Obesity Crisis Why websites are getting fat and worse for it, how to apply The Taft Test, and yes, there is hope with this two-step program:

  1. Make sure that the most important elements of the page download and render first.
  2. Stop there.

You don't need all that other crap. Have courage in your minimalism.

Why the 90-9-1 Rule No Longer Exists I think it's the reverse: new UIs lowered barriers to participation, some UIs are as easy to use as text messaging.

People are “writing” more than ever because of the rise of messaging products, which are increasingly replacing phone conversations. These messaging products are essentially serving as training for creating content on other services.

Conceptual Debt is Worse than Technical Debt "Model twice, code once"

It can be hard to undo conceptual debt. First you need to realize you have chosen the wrong concepts, or that your concepts are outdated. Then you are embarking on a substantial redesign. …

@charliesome

Hey, if you're making a website and want to override scroll with your own custom behaviour, have you considered not doing that?


Tools of the Trade

guesstimate-app "Guesstimate is a tool for performing estimates using monte carlo experiments." Think of it as spreadsheet for calculating with uncertainties. Brilliant. You can try it out here.

@JoeSondow Haha.

"In real life you won't always have a calculator with you." — math teachers in the 80s

igrigorik/videospeed HTML5 video speed controller for Google Chrome. I find it easier to focus on tech talks when watching/listening at x1.5.

WebSockets, caution required! Does your app needs to use WebSockets?

For realtime web applications we need simple APIs to broadcast information reliably and quickly to clients. We do not need new mechanisms for shipping information to the server.

FGRibreau/match-when Pattern matching for modern JavaScript.

awslabs/aws-shell An integrated shell for working with the AWS CLI.

How we organize GitHub issues: A simple styleguide for tagging Interesting idea.


Lines of Code

Jessica Kerr - Functional Principles In React If you're a front-end developer, watch out, React has a hidden agenda to get you hooked on functional programming.

@manisha72617183

There is nothing as destructive as indifference towards code quality; it makes your code rot and it will get harder and harder to maintain.

@BobRossGameDev

If you’ve been struggling with a tough ol’ programming problem all day, maybe go for a walk. Talk to a tree. Trust me, it helps. 🌲


Architectural

@chromatic_x So true.

Star Wars is an extended riff on the need for redundant failure recovery systems.


Peopleware

What Leaders in Tech Wish They’d Been Told It's all about the team:

You have to find people who are dying to work with you to make that thing come into life. You want those people to be real owners. They will always be the ones who step up and take ownership over something, take responsibility for it. They will tell you when they think something is broken and needs to get fixed or they’ll just go fix it themselves. And you want to surround yourself with owners.

Shields Down The moment at which an employee is ready to resign from their job:

Still, seeing it isn’t the moment of resignation. The moment happened the instant you decided, “What the hell? I haven’t seen Don in months and it’d be good to see him.”

Your shields are officially down.

What Are the Key Skills to Being a CTO? Another good one from the Codeship interview series:

Understanding second- and third-order effects is really important. …
Just assume that those two or three metrics are immediately going to be gamed, because that’s how people work. Then that’s the first-order effect. That metric’s going to be gamed. So, what is the second-order effect of that? Hopefully, you can get to the third-order effect. How is this going to affect the product? How is this going to affect culture? That’s a really important thing.


Locked Doors

SummitRoute/osxlockdown Disables/enables OS X features to reduce attack surface (e.g kill AirDrop and iCloud sync, enable FileVault and GateKeeper). For OS X 10.11 (El Capitan).

"Instagram's Million Dollar Bug": Case study for defense A great case study on this vulnerability, how it was discovered, and how to prevent this from happening in your network.

  1. Internal server exposed to the Internet
  2. Reliance on third-party authentication
  3. Unaudited code resulting in unchanged secret token
  4. Unfettered access once the attacker gained RCE on the server
  5. Poor secret management
  6. Privilege escalation by finding more credentials

None of the Above

@mikko "15 years ago."

@anildash

I'm really enjoying Facebook sending 46-year anniversary notices today for every undated relationship on the site. UNIX epoch never fails!

@TheMichaelRock

Wife: Where are the kids?

Me turns off router

[from down the hallway]

HEYYYYYYY!!!!

Me: They're in their rooms.

Rands Management Glossary

All-Hands — A company-wide meeting, usually run by the CEO. If you’re a manager and there are lots of surprises at these meetings, you might be out of touch. Humans often posture during these events by supplying inane questions and status updates along with really dumb questions. An all-hands meeting without an announced subject implies layoffs or other disasters.

@januszeal

If you didn't get that #drone you wanted for #Christmas, tomorrow go to your nearest public park and shake a tree.

@SpaceCatPics "The littlest nope ever."