Nat’s 2022 Technical Link Pile: Random

December 30, 2022 – 7:18 pm
See the Intro for context. [20221231] 36 Things I Learned in 2022 -- #1 blew my mind: For the first time in history in 2020, the weight of things produced by humans (concrete, metals, plastic) was greater than the weight of the global living biomass. [20221224] Reported Sleep Duration Reveals Segmentation of the Adult Life-course into Three Phases -- early adulthood (19-33yrs), mid-adulthood (34-53yrs), and late adulthood (54+yrs). They appear stable across culture, gender, education and other demographics.  [20221223] Adobe Enhance -- free tool to clean up recorded voices. [20221223] Process Reparenting in Windows -- fascinating technical discussion that roams through undocumented APIs and OS data structures to be able to explain how Windows fires up a new process and sometimes leaves very worrying kernel traces. [20221221] Public Domain Day 2023 -- I’m so happy I’ve lived to a time when the material entering the public domain is good! AA Milne, Conan Doyle, Hemingway, Agatha Christie, Kafka, ...

Nat’s 2022 Technical Link Pile: Interesting Software

December 30, 2022 – 7:17 pm
See the Intro for context. [20221231] EndBasic -- BASIC with cloud, DOS-like GUI. Actively developed. [20221231] pbproxy -- send your clipboard anywhere you can ssh. [20221231] LCARS -- open source web implementation of the Star Trek UI. [20221231] VAP -- video animation player. Particle effects and transparency on a webpage. [20221223] mdBook -- create books with Markdown. [20221126] Semantic Code Search -- ask it things like 'Where are API requests authenticated?' [20221126] wasmer -- an embeddable WASM runtime.  [20221126] d2 -- diagram language and open source diagram generator from it. There a VSCode plugin. [20221126] hurl -- commandline HTTP tool that uses plain text for request and testing. [20221126] rhasspy -- open source voice assistant. [20221119] Using ss and tcpflow to trace HTTP requests -- two very cool commandline tools for understanding what’s speaking HTTP and then looking into the requests and responses. [20221107] permify -- easily structure your authorization model, store authorization data in your own servers securely, and interact with Permify ...

Nat’s 2022 Technical Link Pile: GPT-3

December 30, 2022 – 7:16 pm
See the Intro for context. (Also, this was a late addition and I'm focused in my interest, so this is thin) [20221231] Reverse Engineering Notion's Prompts -- in Hacker News discussion there’s skepticism you’re getting the actual prompts, vs GPT-3 being its usual stylistically faithful yet factually inaccurate creative self. Someone from Notion confirmed this. [20221231] Some Short-term Predictions -- the age of AI, if you don’t own the query interface, you’re just assembling training data for those who do. (The behaviour of the social media tech powers mean I do not trust successful AI companies to use their powers wisely) [20221221] On Meaning, Form, and Understanding in the Age of Data -- In this position paper, we argue that a system trained only on form has a priori no way to learn meaning. [20221221] On the Dangers of Stochastic Parrots: Can Language Models Be Too Big? -- In this paper, we take a step back ...

Nat’s 2022 Technical Link Pile: Management

December 30, 2022 – 7:15 pm
See the Intro for context. [20221231] Four Day Work Week Going Well -- 97% of the 495 respondents want to stay with a four-day workweek and so do the 27 companies that responded. [20221223] 20 Great Open Questions -- for coaching and more. [20221221] Engineering in a Hybrid World -- At the time of this report, over 50% of respondents had no definitive plan to return to the office. As companies scale, more time is spent on improving existing products whereas earlier stage companies can afford to spend more time on building. In the last year, time spent on building new capabilities declined from 61% to 56% of total elective investments. More engineering organizations are starting to track developer productivity, with the top metrics reported on being number of bugs, % of committed software, working software, and PR to release time. [20221221] Andy Grove's High Leverage Activities -- Task-Relevant Maturity (people are good at some things ...

Nat’s 2022 Technical Link Pile: Product

December 30, 2022 – 7:14 pm
See the Intro for context. [20220203] Tree/Loop Prompts Our ability to ________ is a function of our ability to ________________ has a number of contributing factors, including ________When ________ [increases/decreases] we would expect to see __________ [increase/decrease]To [increase/decrease] ___________, we have a number of options including ____________To [increase/decrease] ___________, we have a number of options including attempting to [increase/decrease] ___________.________ can be broken down into the following subtopics: ________________ is an output of the following inputs: ________________ will help us ________ which will help us __________To positively impact ________ we might try ________ , ideally without ________ .Our assumption (or hypothesis) that __________ can be broken down into multiple sub-assumptions (or hypotheses), including ________ [20220131] Designing WhatsApp -- sample breakdown of requirements, architecture, etc. [20220131] Plan for Tradeoffs -- different quality attributes of software are rivalrous, so you should decide what your priorities are [20220201] When MVPs hurt [20220201] Feature release plans [20220201] You can't buy integration (abstract ...

Nat’s 2022 Technical Link Pile: Dev, Architecture, APIs

December 30, 2022 – 7:13 pm
See the Intro for context. [20221231] Temporal.io -- With Temporal, you write your various complex, potentially long-running actions as normal, synchronous code, which Temporal "magically" turns into distributed, asynchronous, automatically retried, idempotent jobs. The design is really elegant, and removes all of the hard work from writing code that must keep things in sync and handle failures through queueing and retrying. (as described in this Hacker News comment) Also: Temporal jobs/tasks are called workflows because the code is effectively translated into workflow steps—i.e. code progress is made by workers, and each step is persisted so that if the worker dies, you don't lose anything—another worker picks up in the exact same place in the code, with all local variables and threads intact. It also provides helpful built-in features like retries and timeouts of anything that might fail, like network requests, and the ability to "sleep" for arbitrary periods without consuming threads/resources (other ...

Nat’s 2022 Technical Link Pile: Security

December 30, 2022 – 7:11 pm
See the Intro for context. [20221223] PEACH Framework for Cloud Security -- risks associated with customer-facing interfaces and determines: the complexity of the interface as a predictor of vulnerability; whether the interface is shared or duplicated per tenant; what type of security boundaries are in place (e.g. hardware virtualization); how strongly these boundaries have been implemented. In order to gauge how strongly the security boundaries have been implemented (4), we propose using the following five parameters (P.E.A.C.H.): Privilege hardening, Encryption hardening, Authentication hardening, Connectivity hardening, Hygiene. [20221223] The Decoupling Principle -- to ensure privacy, information should be divided architecturally and institutionally such that each entity has only the information they need to perform their relevant function. Architectural decoupling entails splitting functionality for different fundamental actions in a system, such as decoupling authentication (proving who is allowed to use the network) from connectivity (establishing session state for communicating). Institutional decoupling entails splitting what ...

Nat’s 2022 Technical Link Pile: SQL Server/Databases

December 30, 2022 – 7:09 pm
See the Intro for context. [20221231] Job Drain Pattern -- we make heavy use of this internally. Cf In-Memory Outbox:  an easy-to-use, reliable solution to perform atomic operations that update a database and send/publish messages, and it works for any database updates that are sent as commands (delivered by durable message queues). [20221231] Make Your Database Tables Smaller -- an argument against a Deleted column (namely, it permits partial deleting in a dependency tree, thus breaking foreign keys; and it makes every query more complex because you’re saying AND Deleted IS NOT NULL). Alternate proposal is to stash deleted rows as JSON in a “deleted rows” table. Different use case than us, though, because we need historic data to be consistent whereas author is only ever caring about current state. [20221224] Recommended Approach to Encryption in SQL Server – he’s serialising a book chapter from the looks. [20221224] ERD Intro – very basic, good ...

Nat’s 2022 Technical Link Pile: Front End/Flutter/Dart/UI

December 30, 2022 – 7:08 pm
See the Intro for context. [20221231] React Admin -- claims of a full-featured data grid, which is 50-80% of many of our apps. (As well as roles & permissions and validations) [20221224] Death to the Line of Death -- the idea that an application should separate trustworthy UI from untrusted content. The typical example is in a web browser, where untrustworthy web content appears below the browser toolbar UI. Trustworthy content provided by the web browser must appear either in the browser toolbar, or anchored to it or overlapping it. If this separation is maintained, then untrusted content can’t spoof the trustworthy browser UI to trick or attack the user. [20221224] FlexGrid – cross-platform grid for MAUI apps. [20221210] PeriText – a CRDT implementation that supports primarily offline use – ometimes people prefer a more asynchronous collaboration style, where they can work on a private copy of a document for a while and ...

Nat’s 2022 Technical Link Pile: C# and .NET

December 30, 2022 – 7:07 pm
See the Intro for context. (We're hiring WinForms seniors! Mail me: nat@ontempo.co.nz) [20221224] How to Structure Your .NET Solutions: Architecture and Trade-Offs – what it says on the box. [20221224] DocFx – generate static documentation site from embedded XML documentation. [20221224] .NET Advent Calendar – most are interesting, though they’re so diverse it’s the rare person who’d be interested in all. [20221210] ComputeSharp – run C# on the GPU. [20221210] NLua – .NET Lua interpreter. [20220719] Lambdas in C# – quick overview of syntax. [20220525] Winforms UI Refactoring: A Case Study – brief, just about using their dependency mapping tool to figure out coupling. [20220525] Moving Your Xamarin Library to MAUI – rewrite/refactor/bifurcate; understand your dependencies; upgrade CSPROJ; implement single-project multitargeting; fix problems caused by dependencies or .NET version shifts; keep same filenames to ease merging. [20220519] Life Cycle Events in MAUI – Running, Not Running, Deactivated, Stopped are the states, and there are events you can receive when ...