Labnotes

Weekend Reading — The Developer Walk of Shame

Published on

“The Developer Walk of Shame: a bug-fix update after a major new release” — Dark Sky changelog

Design Objective

Color vs Contrast: Which one brings more conversion? The contrast theory is worth exploring.

@madhava

Illustration of user-understanding being complicated: 2 reactions to a UI trying to require minimal info disclosure.


Thriving in Unpredictability

The only thing I control is my server environment. That’s it. Everything else is completely unpredictable.

So when I’m building something, and I want to make it robust—to make it resilient and give it the best chance it has to reach across this complicated mess full of unpredictability—I want to take advantage of the one thing I control by letting my server output something usable and as close to working as possible.

Password Requirements Shaming "What do you mean your password field has a max length?! I'm sorry, you want me to NOT use any special characters?"


Tools of the Trade

CSS Secrets: Better Solutions to Everyday Web Design Problems Lea Verou's new book available on Amazon, all the CSS you wanted to learn.

Scripts to Rule Them All We practice the same thing, with a combination of scripts (eg scripts/setup) and npm commands (npm test, npm publish, etc):

At GitHub, we have normalized on a set of script names for all of our projects that individual contributors will be familiar with the second after they clone a project. We call them "Scripts to Rule Them All".

How to Code A Live Dynamic Twitter Feed in HTML Email Interesting technique for adding dynamic content to HTML emails, using images and external stylseheets.

Company Logo API Clearbit introduces a Gravatar-like API for company logos.

AWS s2n: Open-source TLS Implementation in Less than 6,000 Lines Amazon's way of building a secure TLS library: drop uncommon options and features with a record of vulnerabilities, get your code down to a manageable 6K LoC, contrast with OpenSSL's 70K LoC.

Op-ed: Safari is the new Internet Explorer

It’s hard to get insight into why Apple is behaving this way. It never sends anyone to Web conferences, its Surfin’ Safari blog is a shadow of its former self, and nobody knows what the next version of Safari will contain until that year’s WWDC.

How do project contributors use pull requests on Github?

Finally, many problems are social. The most prominent one is responsiveness: more than 15% of the survey participants find that getting a timely feedback, if any, for their pull requests is hard and they mostly mention people-related causes.

@kev_nz

Lies, Damned Lies, and Perf "metrics"


Lingua Scripta

Important security upgrades for node.js and io.js Fix to an out-of-band write in the utf-8 decoder that could be exploited to cause a denial of service attack.

Tail call optimization in ECMAScript 6 Learn what is and isn't a tail call.

ES6 Feature Performance Microbenchmark various ES6 features using Babel, Traceur and es6.


Lines of Code

Small Modules: Tales from a Serial Module Author Is a one-line module the right size or too small?

People get way too easily caught up in the LOC (Lines Of Code) argument. LOC is pretty much irrelevant. It doesn't matter if the module is one line or hundreds. It's all about containing complexity. Think of node modules as lego blocks. You don't necessarily care about the details of how it's made. All you need to know is how to use the lego blocks to build your lego castle.

@SteveStreza

As noted in the SICP, the Linked List data structure is most commonly used when implementing obtuse job interview technical questions

@jasmineyctsai

Thanks UPS second day delivery that is now taking 4 days. You are just like an engineer.

@afreak

That moment when you write a function called “execute_children()"


Architectural

Moving Past the Scaling Myth This, a thousand times:

Despite the fact that we are surrounded by examples of structures that "don't scale." We want to believe that we can keep fundamentally the same process or architecture in place "as we scale." I think that we need to get used to the idea that scaling is different than what we may think it is. We should expect something analogous to phase transitions.

Microservice Trade-Offs Martin Fowler looks at the costs and benefits of microservices: strong module boundaries vs distribution, independent deployment vs eventual consistency, technology diversity vs operational complexity. Must read if you're considering going down the microservices path.

The Seven Deadly Sins of Microservices: Redux Some tips for doing microservices right.

@mhoye

FACT: most "big data" is actually two small datas standing on each other shoulders wearing a trenchcoat and sunglasses.


Devoops

With 61 Seconds in a Minute, Markets Brace for Trouble So the leap second didn't crash the market, still small change in time can spell big trouble, and the different ways to mitigate that.

@sadserver

According to Nagios you're only celebrating red.

No mention of white or blue


Peopleware

21 management things I learned at Imgur

It’s terribly difficult to manage unmotivated people. Make your job easier and don’t.

A Quick Puzzle to Test Your Problem Solving This one quick puzzle which explains why software developers find testing so difficult, why software security is broken, and where many software projects go wrong:

Often, people never even think about asking questions that would produce a negative answer when trying to solve a problem — like this one. They instead restrict the universe of possible questions to those that might potentially yield a “yes.”

Hey Silicon Valley, Give Your Nanny’s Children an Internship. Care about diversity? Why not offet an internship to the children of your nanny, gardner, office janitor, security guard, etc.


Locked Doors

VPNs are so insecure you might as well wear a KICK ME sign TL;DR "many of these [14] providers leak all, or a critical part of the user traffic in mildly adversarial environments"

CuttlePhish Phishing as a service, an interesting approach to educating employees about account theft.

Lloydsbank, IIoydsbank - researcher highlights the homographic phishing problem TL;DR "Maybe the best advice of all is to never click on links to financial websites if you receive them in an email or see them on a website."

@SwiftOnSecurity

The cheapest pentest you'll ever get is sticking $5k in Bitcoin on your Domain Controller.

@micahflee So that's easy:

Want to stop NSA analysts from reading your email? Just include the words "viagra" and "herbal supplement"


Techtopia

21 Years After AT&T Showed Us Their Vision of the Future, How Right Were They? Predicting the future is hard, but AT&T did manage a B-, even if they failed on the most critical prediction.

@harrymccracken

Your 2000 tech news update: Blockbuster signs 20-year deal with Enron to deliver VHS-quality video over DSL lines.


None of the Above

A Legoland Builder Turns Her Childhood Hobby Into an Adult Art Form Guernica in Logo. Wow.

Letter to ICANN, July 2015

We strongly oppose the Working Group’s proposal, which will physically endanger many domain owners and disproportionately impact those who come from marginalized communities. People perceived to be women, nonwhite, or LGBTQ are often targeted for harassment, and such harassment inflicts significant harm.

@POTUS

respect the nyt, but not buying peas in guac. onions, garlic, hot peppers. classic.

Get the Old Apple Music Interface Back (Sort Of) Two easy settings that make Apple Music more useful by removing the Connect, For You and New icons.

A Response To Zuck

We are the final authority on what our names are. Facebook has set itself up as a gatekeeper to determine our realness. … It’s also no surprise that users understand that reporting a name will get their friends kicked off, and so use it against people they’d like removed and not people on their friends list going by “Captain Pants”.

The Most and Least Diverse Cities in America "At the top of the chart, Oakland, California is the most diverse city in America, with an HHI of 0.232."

Cute Emergency