Blogs

Web Review, Week 2023-40

Oct 6, 2023 | 4 minutes read

Tags: web-review, productivity, ai, organization, complexity, safety, frontend, http, tech, uuid, tools, encodings, communication, performance, surveillance, cloud, 3d, gpt, business, multithreading, politics, cost, programming, command-line, unicode, python, developer-experience, architecture, fediverse, dependencies, microsoft, css, funny, optimization, machine-learning, google, management, coaching, databases, web, copyright, debugging, bias, gpu, rust, security, codereview, law, computation

Let’s go for my web review for the week 2023-40.

BBC Gives Up On Threads (By Instagram), Sticks With Mastodon — Darnell (Seize The Day)

Tags: tech, fediverse

This is an interesting move from the BBC. We can only theorize on the reasons but that’s a positive example of a successful fediverse presence so far.

https://darnell.day/bbc-gives-up-on-threads-by-instagram-sticks-with-mastodon

AI from a legal perspective [LWN.net]

Tags: tech, ai, machine-learning, gpt, law, copyright

Looks like it was a very interesting talk. Situation still needs to be monitored in any case, it’s uncertain how those cases will be ruled.

https://lwn.net/SubscriberLink/945504/ee1f1db87dae56b1/

Predictive Policing Software Terrible At Predicting Crimes – The Markup

Tags: tech, politics, bias

A bad solution in search of a problem basically. Let’s look at the alternatives and fund proper solutions to why people are victimized, shall we?

https://themarkup.org/prediction-bias/2023/10/02/predictive-policing-software-terrible-at-predicting-crimes

Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company

Tags: tech, security

Very refined attack including the social engineering side of things. Catching developers with coding challenges, it’s definitely cunning.

https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case-spanish-aerospace-company/

Google Doc injects tracking redirects in documents

Tags: tech, google, surveillance

Why you can’t trust this kind of proprietary software…

https://fosstodon.org/@Joe_0237/111145684757912952

Compromised Microsoft Key: More Impactful Than We Thought | Wiz Blog

Tags: tech, microsoft, cloud, security

Totally missed this over the summer… this is a huge breach. It will have a long lasting impact. The scope might be larger than we expect.

https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr

Microsoft comes under blistering criticism for “grossly irresponsible” security | Ars Technica

Tags: tech, microsoft, cloud, security

Really a bad summer for Microsoft security wise. Trust should be low among Azure customers now. Who was paying attention though?

https://arstechnica.com/security/2023/08/microsoft-cloud-security-blasted-for-its-culture-of-toxic-obfuscation/

The Marvin Attack

Tags: tech, security

An attack which doesn’t want to die. Time to retire RSA use with TLS, this is really overdue.

https://people.redhat.com/~hkario/marvin/

Python 3.12: what didn’t make the headlines - Bite code!

Tags: tech, python, programming

A few good things went unnoticed. The performances are still not there.

https://www.bitecode.dev/p/python-312-what-didnt-make-the-headlines

Open Sourcing Ferrocene - Ferrous Systems

Tags: tech, rust, safety

This is a big deal for the places where Rust could shine.

https://ferrous-systems.com/blog/ferrocene-open-source/

The Absolute Minimum Every Software Developer Must Know About Unicode in 2023 (Still No Excuses!) @ tonsky.me

Tags: tech, unicode, encodings

Very nice primer on how Unicode works. Definitely a must read and a good starting point. Definitely highlights properly some of the difficulties we need to deal with now and talks about the normalization forms.

https://tonsky.me/blog/unicode/

Lessons From Debugging

Tags: tech, programming, debugging

List of strategies to keep in mind when debugging.

https://matt-rickard.com/lessons-from-debugging

Concurrency Freaks: 50 years later, is Two-Phase Locking the best we can do?

Tags: tech, multithreading, databases

Good way to understand two phase locking better, its tradeoffs, variants and how it’s been improved.

https://concurrencyfreaks.blogspot.com/2023/09/50-years-later-is-two-phase-locking.html?m=1

Database Migrations

Tags: tech, architecture, databases

Interesting primer of the intricacies of database migrations. It can get complex fairly quickly.

https://vadimkravcenko.com/shorts/database-migrations/

Goodbye to sequential integers, hello UUIDv7!

Tags: tech, uuid, databases

Interesting property of the newer UUIDv7 spec.

https://buildkite.com/blog/goodbye-integers-hello-uuids

mimic.css

Tags: tech, web, css, frontend, funny

Nice and fun little demo of what can be done with CSS animations.

https://erictreacy.github.io/mimic.css/

Flexbox Froggy - A game for learning CSS flexbox

Tags: tech, web, css, frontend, funny

Fun way to understand better the CSS layouting using flexboxes.

https://flexboxfroggy.com/

OCuLink as an eGPU and cheap PCIe connectivity solution for laptops and mobile devices

Tags: tech, 3d, gpu

Interesting connector, I didn’t know about this one.

https://rkblog.dev/posts/pc-hardware/gpd-win-max2/oculink-as-egpu-solution/

Optimization Techniques for GPU Programming - 3570638.pdf

Tags: tech, gpu, computation, performance, optimization

Very thorough paper on optimization techniques when dealing with GPUs. Can be a useful reference or starting point to then dig deeper. Should also help to pick the right technique for your particular problem.

https://dl.acm.org/doi/pdf/10.¹¹⁴⁵⁄_3570638

Diora Devlog

Tags: tech, 3d

Very clever tricks for a performant little engine.

https://dioragame.com/devlog/?log=3

pkgx — Run Anything

Tags: tech, command-line, tools, developer-experience

Looks like an interesting tool to manage developer environments.

https://pkgx.sh/

bruno

Tags: tech, http, tools

Looks like an interesting alternative to things like postman or insomnia. To test when I get the chance.

https://www.usebruno.com/

Dependency Whac-A-Mole

Tags: tech, architecture, dependencies, complexity

Mind how you pick your dependencies and how they fare over time. You might need to reevaluate and let go some of them.

https://blog.ploeh.dk/2023/10/02/dependency-whac-a-mole/

Cloud Costs Every Programmer Should Know

Tags: tech, cloud, business, cost

Interesting approximations to get a feel of how much a cloud project will cost.

https://www.vantage.sh/blog/cloud-costs-every-programmer-should-know

Conventional Comments

Tags: tech, codereview, communication

We see this kind of comments in some reviews, this would benefit from being more widespread.

https://conventionalcomments.org/

What Predicts Software Developers’ Productivity?

Tags: tech, management, organization, productivity

Interestingly (or maybe unsurprisingly) most of the factors this research found impactful are not technical. So mind the social constructs of your organization.

https://newsletter.getdx.com/p/factors-of-developer-productivity

Seniority and self-management: you don’t have to do this alone - Jacob Kaplan-Moss

Tags: tech, coaching, management

Definitely this, I too often see people trying to just power through. Being responsible of something doesn’t mean you do it all alone, on the contrary. If you’re struggling with it look for help, it can take many forms including coaching.

https://jacobian.org/2023/oct/4/seniority-and-self-management/

Bye for now!