Weekend Reading — Low Budget Reboot
Craig Pearson "I'd watch this low budget Firefly reboot"
Tools of the Trade
Unfortunately, we were affected by cognitive bias: old code is bad code. But the truth can be the opposite. The old code is battle-tested by thousands of users in hundreds of different projects. Most of the critical bugs have been fixed, the documentation is complete, there are tons of questions and answers on StackOverflow and Quora.
Fontjoy Uses machine learning to generate font pairings.
OptimalBits/redbird Reverse proxy that supports HTTP/2, Let's Encrypt, Node.js cluster, Docker and more.
veltman/flubber Using best-guess methods to smoothly interpolate between 2-D shapes.
r/ProgrammerDadJokes/ There's a Reddit for programmer dad jokes, and it's exactly what you would imagine.
not many people know this but stonehenge was mankind’s first attempt at css triangles with box shadows. we still have no idea how to do it.
Lines of Code
How is GNU
yes so fast? Not everything that can be optimized should be optimized, but if you must insist, a 100x speedup is quite the win.
programming lesson for today: always always always make sure a test fails first, and fails for the right reason, before trusting it to pass
What I learned from my biggest mistake as an F1 engineer Always be learning:
In both of those occasions, it was important for us to understand whether everything that had occurred because of those mistakes was negative. Good engineering prompts you to ask whether there was anything we could learn from it – you need to embrace the unexpected nature of those accidents rather than simply explain them away.
Working Hard is Not the Same as Working Smart When 21st century work gets measured by 20th century standards.
Gathering weak npm credentials When you find out all your Node.js production apps are a quick hack away from being compromised:
In total, I found 15568 valid credentials for 15495 accounts since this May.
The total number of directly affected packages was 66876 — 13% of the ecosystem.
I got publish access to … cheerio, browserify, koa, mongoose, modernizr, react, tape, winston, … 1819 packages in total were accessible through more than one user, 38 of those with more than 1 millon downloads/month, 7 — with more than 10 million downloads/month.
Credentials resets As consequence of the above:
In this case, however, passwords for a number of users were available online, accessible via Google search. These passwords were made public through security breaches of other sites, and, unfortunately, the owners of some hacked accounts re-used the passwords for their npm accounts.
None of the Above
Assaf "Me. Cooking. Every time."
Little Alchemy "Explore what you can create by mixing simple elements." The simple premise behind this addictive game.
The tragedy of FireWire How Apple and Sony made FireWire and then drove the market towards USB.
Sven Henrich "SPOTTED: Your moment of Zen"
This is why infrastructure is so expensive And never completes on time:
Once a government commits to a project, they are committing to an open checkbook. That check will be written in a system where nearly everyone involved will be compensated more the longer the project takes and the more expensive it becomes.
Emergency Kittens "at first i tought it was catpuccino"