Quotations in Sep
Inevitably we got round to talking about async. As much of an unneeded complication as it is for so many day-to-day use-cases, it’s important for Python because, if and when you do need the high throughput handling of these io-bound use-cases, you don’t want to have to switch language. The same for Django: most of what you’re doing has no need of async but you don’t want to have to change web framework just because you need a sprinkling of non-blocking IO.
The Bias-for-Building Fallacy is most common in orgs that worship speed. That’s fine, but if you go speedily in the wrong direction, you will end up in the wrong place. That’s why teams should value velocity much more than speed: velocity being a combo of speed & direction.
One academic who interviewed attendees of a flat-earth convention found that, almost to a person, they’d discovered the subculture via YouTube recommendations.
A manager on Strategic Response mused to myself that most of the world outside the West was effectively the Wild West with myself as the part-time dictator – he meant the statement as a compliment, but it illustrated the immense pressures upon me.
Simply put, if you’re in a position of power at work, you’re unlikely to see workplace harassment in front of you. That’s because harassment and bullying are attempts to exert power over people with less of it. People who behave improperly don’t tend to do so with people they perceive as having power already.
Microservices are about scaling teams, not scaling tech
If you’re a little shy at conferences, speaking is The Best way to break the ice. Nobody talks to you before the talk. Everybody want’s to talk to you afterwards, largely because they have a way in. As such, public speaking is bizarrely good for introverts.
People are suffering. People are dying. Entire ecosystem are collapsing. We are in the beginning of a mass extinction, and all you can talk about is money and fairy tales of eternal economic growth. How dare you?
Anyone with solid knowledge of both SQL and genetic engineering want to write me an UPDATE query to turn me into a dinosaur?
When you’re pumping messages around the Internet between heterogeneous codebases built by people who don’t know each other, shit is gonna happen. That’s the whole basis of the Web: You can safely ignore an HTTP header or HTML tag you don’t understand, and nothing breaks. It’s great because it allows people to just try stuff out, and the useful stuff catches on while the bad ideas don’t break anything.
Content management remains an unsolved problem. Untold billions of dollars (and hours) have been spent building commercial, open source, and custom content management systems since the first Web page was pushed to a Web server using FTP, and yet they all still suck.
While I don’t expect Twitter to master its own destiny as far as the decentralization of the medium goes, I do support the idea, and I hope that Twitter as a business can coexist with the need for the world to have a free, open, reliable, and verifiable way for humans to instantly communicate in a one-to-many fashion.
Look at Sony, or Microsoft, or Google, or anyone. They still don’t get it. They’re still out there talking about chips, or features, or whatever. Or now they’re all hot for design. But they think design means making pretty objects. It doesn’t. It means making a system of pieces that all work together seamlessly. It’s not about calling attention to the technology. It’s about making the technology invisible.
Given the security issues with plugins in general and Google Chrome in particular, Google Chrome Frame running as a plugin has doubled the attach area for malware and malicious scripts. This is not a risk we would recommend our friends and families take.
Ask browser users, and they’ll tell you the overwhelming reason why they can’t upgrade to a more modern, standards-compliant browser is because their work won’t let them. Ask IT departments why this is the case and they’ll point to the six- to seven-figure costs of upgrading turn-of-the-century Intranets written to work in, and only in, Internet Explorer 6. Google have provided a way for websites to opt out of IE6 (and even IE7) support without requiring enterprise-wide, Intranet-breaking browser upgrades.
In the past, the Google Wave team has spent countless hours solely on improving the experience of running Google Wave in Internet Explorer. We could continue in this fashion, but using Google Chrome Frame instead lets us invest all that engineering time in more features for all our users, without leaving Internet Explorer users behind.
Years ago, Alex Russell told me that Django ought to be collecting CLAs. I said “yeah, whatever” and ignored him. And thus have spent more than a year gathering CLAs to get DSF’s paperwork in order. Sigh.
There was this clamour in the past to get companies to open source their products. This has stopped, because all the software that got open source sucked. It’s just not very interesting to have a closed source program get open sourced. It doesn’t help anyone, because the way closed source software is created in a very different way than open source software. The result is a software base that just does not engage people in a way to make it a valid piece of software for further development.
Developing for the iPhone at the moment is like picking up dimes in front of a bulldozer.
We experimented with different async DB approaches, but settled on synchronous at FriendFeed because generally if our DB queries were backlogging our requests, our backends couldn’t scale to the load anyway. Things that were slow enough were abstracted to separate backend services which we fetched asynchronously via the async HTTP module.
Thousands of people have come together to demand justice for Alan Turing and recognition of the appalling way he was treated. While Turing was dealt with under the law of the time and we can’t put the clock back, his treatment was of course utterly unfair and I am pleased to have the chance to say how deeply sorry I and we all are for what happened to him.
The only down side is everyone I’ve talked to at Freebase seems pretty solid on this being their proprietary secret sauce, because a good, fast scalable open source tuple store might actually jump start a real semantic (small-S) web after all these years.
We’ve found CSRF vulnerabilities in sites that have a huge incentive to do security correctly. If you’re in charge of a website and haven’t specifically protected against CSRF, chances are you’re vulnerable.
Yahoo could also have followed Gmail’s lead, and disabled the security-question mechanism unless no logged-in user had accessed the account for five days. This clever trick prevents password “recovery” when there is evidence that somebody who knows the password is actively using the account.
The Palin hack didn’t require any real skill. Instead, the hacker simply reset Palin’s password using her birthdate, ZIP code and information about where she met her spouse—the security question on her Yahoo account, which was answered (Wasilla High) by a simple Google search.
The greatest coup Microsoft pulled with Internet Explorer was putting the word “Internet” in its name. It sits there, on the desktop of every new Windows computer, and it says “Internet”. So you click it. [...] What better way to beat a browser with the word “Internet” in its name—a browser that seemingly can’t be beat no matter how hard we try—than the Internet Company itself making a browser?
Currently WebRunner applications share cookies with other WebRunner applications, but not with Firefox. WebRunner uses its own profile, not Firefox’s profile. There is a plan to allow WebRunner applications to create their own, private profiles as well.
Large codebases are the problem, not the language they’re written in. Find a way to break/decompose big codebases into little ones.
I have another technique [...] that I’ll be switching jQuery to. If you attempt to insert into the document.body before the document is fully loaded, an exception is thrown. I take advantage of that to determine when the document is fully loaded.