Published
Weekend Reading — Inner Galactic Lovers
This week we learn about the delayed effects of system design failures; multi-person authentication; we talk about comparison signs and code reviews; impossible errors that do happen; using lottery for better security; creating music from unrelated YouTube videos.
Design Objective
Design Trumps Training "Delayed effects of system design failures". Exactly.
User error is a folk term. It colloquially expresses our natural tendency to attribute results to human actors. In contrast, use error is a specific term used by designers and human factors engineers to describe failures resulting from a mismatch between a device and its user.
...
Use error emphasizes that “the active errors of stressed [users] are, in large part, the delayed effects of system design failures.”
Futures of text Surveying the current state of conversational UI:
What's more, messaging AI benefits from an obvious feedback loop: The more we interact with bots and messaging UI's, the better it'll get. That's perhaps true for GUI as well, but to a far lesser degree. Messaging AI may get better at a rate we've never seen in the GUI world. Hold on tight.
How to build and care for your own sassy, quirky, funny interface robot To all the people who think web design is about pixels, time to start practicing your content skills.
FourZeroFour Creative 404 pages.
How to make email confirmation a little easier for your users Show them a button labeled “Open in Gmail”, that links to the Gmail search for the confirmation email. Works with other web-based emails as well.
Every website these days... #UX
Tools of the Trade
santinic/how2 Like man, but gets answers from StackOverflow.
zzarcon/psaux pa aux as a promise-based Node library.
Delivering Fast and Light Applications with Save-Data Using the Save-Data header to deliver lighter resources to users that opted in to data saving mode.
CloudFlare Registrar Prevent domain hijacking using multi-person authentication:
All changes to domain ownership or nameserver information is verified and executed manually.
...
The goal is to ensure that any change to your nameservers or registration data is approved by your organization as a whole
The Fab Four technique to create Responsive Emails without Media Queries Cool technique that uses calc(), width, min-width and max-width to deliver responsive emails.
brew cleanupfor the (9.6G) win!
@climagic There needs to be a term for this:
Nullaphobia - The fear of what might be happening after you start to run a command and don't see output immediately. ie.
rm -fr *
Lines of Code
Giving better code reviews Everyone on your team should be practicing their code review skills:
Trust no one. Question everything (kindly). Assume that the author has made mistakes that you need to catch. Save your users from those bugs.
Don't use the greater than sign in programming What happened if we only had one way to test if X < Y?
This is such a nice way to express numbers I wonder why programming languages allow for the greater than sign ( > ) at all.
The Wrong Abstraction Like naming things, this feels like a constant struggle to get right:
The moral of this story? Don't get trapped by the sunk cost fallacy. If you find yourself passing parameters and adding conditional paths through shared code, the abstraction is incorrect. It may have been right to begin with, but that day has passed.
People run into trouble with DRY because it doesn't tell you *what* not to repeat. People assume syntax, but it's actually concepts.
Architectural
Linux kernel bug delivers corrupt TCP/IP data to Mesos, Kubernetes, Docker containers You know how some errors should never happen? Well, funny story:
Each affected application showed “impossible” errors, like weird characters appearing in strings, or missing required fields. ... Exacerbating this problem: in any distributed system, data, once corrupted, can cause errors long after the original corruption (they are stored in caches, written to disks in logs, etc.).
Secure Code is Hard, Let’s Make it Harder! The biggest problem with software security is the large - unnecessarily large - attack surface:
I had not looked at sudo in depth for probably 20 years, and I’m shocked to discover that it has a -e option to invoke an editor, a -p option to process format string bugs, and a -a to allow the invoker to select authentication type(?!?!)
@tveastman "This product is a perfect physical metaphor for all of modern software architecture."
WiFi ResetPlug - A smart plug to monitor your WiFi router/modem and reset power if WiFi fails.
Locked Doors
Dan Kaminsky is an expert on DNS security – and he's saying: Patch right God damn now
The glibc bug meets the a hard problem in computer science:
The key thing here is cache traversal: Kaminsky believes it's possible for malicious payloads to linger in caches, which (say) JavaScript running in browsers could exploit, firing off thousands of requests a second, until the payload hits its target.
Million Dollar Curve A cryptographically secure elliptic curve whose randomness was produced in February 2016 from national lotteries.
Cops are asking Ancestry.com and 23andMe for their customers’ DNA From the #sawthiscoming department.
Techtopia
A 19-year-old made a free robot lawyer that has appealed $3 million in parking tickets Speaking of conversational UI, DoNotPay helps you fight parking tickets (UK only for now).
Observers have noted that many of these new devices are in their “awkward adolescence.” That is because they are in their gestation phase. Like PCs in the 70s, the internet in the 80s, and smartphones in the early 2000s, we are seeing pieces of a future that isn’t quite here.
At the source of every error blamed on the computer, there are at least two human errors, including the error of blaming it on the computer
None of the Above
Cyclists please watch out for gaffer tape on bike racks covering up that they're cut straight through
We are living in the golden age of animated gifs, or as I like to call it, the second silent era of film.
@benicus_rex "When you post a selfie but no one favs it"
My advice for my students: The "I don't know what I'm doing" feeling never goes away. You just learn the "but I can figure it out" part.
The Brain: A neural network built entirely in Quartz Composer Wow.
If your org creates a "Center of Excellence", they blew it.
Thru You Too "A music album composed of unrelated YouTube videos". Also check out Inner Galactic Lovers, a mix of Fiverr artists.