Labnotes

Weekend Reading — CSS can kill you

Published on

@old_sound "CSS can kill you"

This week we learn to tell stories with data; we time travel and npm install linux; greet our new Node 4.0 overlords; click-bait with commit messages; SoundCloud teaches us to microservice the right way; we crack some Ashley Madison passwords; ad-blocker blockers are all the rage; and finally, we learn how to give a brilliant talk without saying a single word.


Design Objective

Designing Data-Driven Interfaces Using visualizations to tell stories with data:


Tools of the Trade

FieldKit Real-time, text field formatting as users type. Supports credit cards, dates, phone numbers, and more.

Time Traveling in Node.js Notebooks Tonic has magical time traveling technology that can even rewind changes to the filesystem and spawned processes! The secret: CRIU can snapshot and restore Docker containers.

The Myth of Descriptive Module Names

The problem with descriptive names and the reason people like them is they make life easier. It’s the lazy way out. You search for “websocket”, you find the websocket module. Done. Of course, the fact someone claimed the name has absolutely nothing to do with that module being the best one.

Amazon Web Services in Plain English Wonder what AppStream, Cognito, and Kinesis actually do?

OptiKey Assistive on-screen keyboard that works with eye-tracking devices.

HyperCore Linux npm install linux on OS X.

Will there be a Distributed HTTP? TL;DR no.


Lingua Scripta

Node v4.0.0 (Stable) A minor upgrade from io.js 3.3.x, and a major bump from Node 0.12.x. Now with block scoping, classes, generators, promises, template literals, arrow functions, and more.

Constantly Confusing ‘const’ The biggest myth about const is that it annotates the expression (RHS of assignment), when in fact it annotates the variable immediately to its right (LHS):

Don’t use const to make constant (immutable) values; use it to make non-reassignable variables. If you want to make an immutable array/object, use Object.freeze(..).

Security and npm Packages Analysis from the Node Security Project finds 1 in 5 npm packages in the registry are using unpatched dependencies. For example, 34% of all packages that depend on Express, use an old version with known vulnerabilities. So patch. Now.

npm-check Will help you find and upgrade old dependencies:


Lines of Code

Computer Science Courses that Don't Exist, But Should

CSCI 2100: Unlearning Object-Oriented Programming

Discover how to create and use variables that aren't inside of an object hierarchy. Learn about "functions," which are like methods but more generally useful. Prerequisite: Any course that used the term "abstract base class."

@recordtronic

10 things your unit test isn't telling you about your code. #clickbaitCommitMessages

@gembarrett

This Code Contains 3 Methods Of Parsing JSON That'll Blow Your Mind! #clickbaitCommitMessages


Architectural

How we ended up with micro services SoundCloud's journey from monoliths to services:

As of today, SoundCloud still has the monolith code live, but its importance decreases every day. It is still in the critical path for many features, but due to a system of stranglers it’s not even Internet-facing anymore. I am not sure it will ever go away, some features it provides are so small and stable it may be cheaper to keep them there forever, but I give it one year until the monolith isn’t on any critical path anymore.

@deadprogram

The dependency of my dependency is not my friend #code

@rlazarus

Would you like to learn more about Bloom filters?

[ ] no

[ ] probably


Locked Doors

Once seen as bulletproof, 11 million+ Ashley Madison passwords already cracked TL;DR The smart people at Ashley Madison chose bcrypt to store user passwords. Uncrackable. Then they created tokens from MD5 hashes of the passwords, and saved those to the database.

How Debian Is Trying to Shut Down the CIA and Make Software Trustworthy Again Reproducible builds:

"You need two compilers," Lunar explained, "with one that you somehow trust. Then you build the compiler under test twice, once with each compiler, and then you use the compilers that you just built to build the compiler under test again.

"If the output is the same, then no backdoors," he added.

@TheColonial

"A sophisticated attack that compromised our device's default credentials".


Techtopia

Google Chrome reportedly bypassing Adblock, forces users to watch full-length video ads Turns out this was an incidental, to be fixed in the next Chrome release. But the war on ad-blockers is a thing: After selling his company to Google, this man now wants to block ad-blockers

Google and Twitter Team Up to Offer Their Own ‘Instant Articles’ — With a Twist So, like HTML and CSS with more display: none?

We Lost: The emoji taco for iOS is here, and it’s bullshit Sad news for Taco and Burrito aficionados:

If the iOS taco is the Titanic of emoji designs, the burrito is the Hindenburg. This “burrito” will live in infamy, as it resembles nothing more than a shitty vegan wrap from a New York City deli.

@shutupmikeginn

i respect Texas Instruments because they're like "Nah, we nailed graphing calculators in 1998 no need to change em. Also they cost the same"

@StartupLJackson

Which will come first, driverless cars or driverless printers?

@ETgroupca

Happy Friday Collaborators! When on a video call, make sure your background is clean and professional.


Peopleware

@ValaAfshar

Here's a checklist of what you need to build a strong company:

  1. Great people

@DocOnDev

We simply ask that you be innovative without mistakes while working as a team to achieve individual performance goals.


None of the Above

A Hypocrite’s Guide to Public Speaking This is the best presentation I've seen about … giving presentations. An entire talk without saying a single word. Brilliant.

So, What's The Big Deal With Starting A Sentence With 'So'? So, why don't you go read this article yourself?

Refugees Welcome Helping refugees find a place to stay by pairing them with roommates.

Other Space Turns out Yahoo (Screens) does original content, and Other Space is a fantastic space comedy, a cross of The Office with Red Dwarf.

U.S. Drops Charges That Professor Shared Technology With China Shameful:

Faced with sworn statements from leading scientists, including an inventor of the pocket heater, the Justice Department on Friday afternoon dropped all charges against Dr. Xi, an American citizen.

@50NerdsofGrey

He was very careful during bondage sessions. He always used a safe word that contained upper and lower case letters and at least one number.

Court orders restitution, fines in first-ever victory against a delayed Kickstarter This could set an important precedent:

The judgment, filed July 22 in Washington state, sets a precedent there that companies and individuals who accept money through crowdfunding are beholden to deliver on their promises.

@Mannyslaysall "This is amazing."