We’re joined by Simon Eskildsen, Principal Engineer at Shopify, talking about how he uses a concept called napkin math where you use first-principle thinking to estimate systems without writing any code. By the end of the show we were estimating pretty much everything using napkin math.
News and podcasts for developers
Subscribe to get the latest news and podcasts for developers in your inbox, every week.
We make it super easy to keep up with developer news that matters.
Already a member? Sign in
The panelists discuss their thoughts on career progression while sharing some of their own history. They also talk about important considerations to think about when deciding where to go next, and share useful resources.
In the information security field, we have developed lots of thoughts that can’t be discussed (or rarely discussed):
- Never roll your own crypto
- Always use TLS
- Security by obscurity is bad
I certainly learned these in my Infosec classes in college. Back then I didn’t really question it much, because what did I know? But I definitely remember thinking, “Okay security by obscurity is bad, but maybe why not do it anyway? Defense in depth, right?” Back to Utku:
Most of them are very generally correct. However, I started to think that people are telling those because everyone is telling them. And, most of the people are actually not thinking about exceptional cases. In this post, I will raise my objection against the idea of “Security by obscurity is bad”.
If you haven’t given the new
gh a look since they announced the beta earlier this year, a lot has changed:
Since we released the beta, users have created over 250,000 pull requests, performed over 350,000 merges, and created over 20,000 issues with GitHub CLI.
It’s available for all major operating systems and if your development workflow goes through GitHub you will undoubtedly save some time and typing by adopting it.
Python is familiar to most developers as a high-level scripting language that’s popular in scientific communities. But some of its main benefits include the data processing ecosystem that’s been built around it. In particular, the machine learning communities, coupled with its lightweight asynchronous frameworks, have brought a new interest in how Python works with massive datasets.
J.T. Wolohan, the author of “Mastering Large Datasets with Python,” joined Greg Nokes, Master Technical Architect at Heroku, to talk about the application of Python and massive datasets.
Bonus — they share a 40% discount code for J.T.’s book!
Here’s a fun rabbit hole to go down if you have some free time to spend.
After a fellow named Zikubi beat the speedrun record for Super Mario Bros 3 by about 8 minutes with a time of just over three minutes, speedrun analyst Bismuth made the video above to explain how he did it…by changing the game with the gameplay itself.
The first couple minutes go exactly as you’d expect, but the speedrun takes a weird turn when, instead of using the second warp whistle to go to level 8, he uses it to go to level 7. And once in level 7, Mario races around randomly, letting opportunity slip away like a blindfolded birthday boy unwittingly steering himself away from the piñata. It’s only later, during the explanation of how he got from level 7 to the final screen so quickly, that you realize Mario’s panicky idiot behavior is actually the player actively reprogramming the game to open up a wormhole to the ending.
Mat Ryer makes the case for passive user preferences, which is where you store their last used setting for them without asking and then set it as the default the next time they interact with that part of your app. He then goes on to describe how they accomplish this with Svelte. Good stuff!
An in-progress series by the Ars Technica team looking at all the implications, limitations, and current realities of the much-hyped next generation in cellular networking. There are 3 articles thus far:
A community Q&A special. You asked the questions, and we discussed them live on air. A few example questions include “When is it okay to use init?”, “When should we use constructors?”, and “How should Go code be structured?”
The idea here is you put your real SSH server on a different port and let Endlessh lock up the script kiddies for hours and even days.
Since the tarpit is in the banner before any cryptographic exchange occurs, this program doesn’t depend on any cryptographic libraries. It’s a simple, single-threaded, standalone C program. It uses
poll()to trap multiple clients at a time.
I’m not sure if this is actually a good idea or just fun to put into practice like those people who dedicate their precious free time scambaiting.
Linode Kubernetes Engine (LKE) is a fully-managed container orchestration engine for deploying and managing containerized applications and workloads. LKE combines Linode’s ease of use and simple pricing with the infrastructure efficiency of Kubernetes. You can now get your infrastructure and workloads up and running in minutes instead of days.
If you’ve been following along with the Changelog infrastructure, you’ll be pleased to know we’re rolling out LKE as we speak. We love what we’ve seen so far! Oh and be sure to use the code
changelog2020 (whichever works) to get our special pricing.
When you lack clarity or have uncertainty for a direction or goal, it’s going to be difficult to succeed in your actions. Today Mireille and Adam discuss the topic of clear communication and expectation, two of the most important ingredients of success. How do we create better clarity? Like so many things — clarity begins with awareness, and awareness of yourself. You have to know what you want and what you value in life. We must assume 100% responsibility for creating our own clarity in our lives. After all, “if you don’t have clarity, you are operating from assumption.”
Add classes like
sepia-10 to your
<img> and let this tiny library handle the rest.
Steven Fuchs loves his Sonos, but…
While it is the radio of the future, our most common usage is as the radio of the past. We tend to tune it to one station and leave it there. By far, our most common interactions with the system are changing the volume and pausing/playing the music, often creating scrambles to find a phone to turn down the volume in order to answer a different phone. What we needed was an analog interface to this digital system that was always at arms reach.
Hackers gonna hack. Steven reached for Elixir and scratched his own itch with this very cool little hardware project. Here’s a demo video of it in action.
Written in Go. The code that implements the game logic can be found right here.
This is a dizzyingly thorough road map to learning all things Data Science. I like how the repo owner includes checkboxes alongside each linked entry to track their progress. That means you can easily fork the repo and track your own progress as you go. 👌
In a recent episode of JS Party we were told that you can program in CSS. But you can do some less complicated things with bigger payoffs. You can use CSS to track users that have JS disabled. Not sure how to feel about that. This post covers the rough idea of it and wants your thoughts on the practice.
Open source software shows its resiliency once again:
youtube-dlc is a fork of youtube-dl with the intention of getting features tested by the community merged in the tool faster, since youtube-dl’s development seems to be slowing down.
If you’re unaware of youtube-dl, it’s like a Swiss Army Knife for downloading videos from the web. It’s a great tool and I’m happy to see the community rally around its maintenance.
So, you trained a great AI model and deployed it in your app? It’s smooth sailing from there right? Well, not in most people’s experience. Sometimes things goes wrong, and you need to know how to respond to a real life AI incident. In this episode, Andrew and Patrick from BNH.ai join us to discuss an AI incident response plan along with some general discussion of debugging models, discrimination, privacy, and security.
A Native Implemented Function is implemented in C (or Rust when using Rustler) and can be called from Elixir or Erlang just like any other function. It’s the simplest and fastest way to run native code from Erlang but it does come with a caveat: a crash in a NIF can bring down the whole BEAM. This makes Rust a safer option than C for implementing NIFs as its type system and ownership model guarantee memory and thread-safety.
Daniel Moch shared his thoughts on semantic versioning and how he treats external libraries that violate its inherent contract with developers.
So as not to bury the lede, I’ll get to my point: Semantic Versioning is a meta-API, and maintainers who are cavalier about violating it can’t be trusted to created stable contracts. I’ve lost patience for breaking changes making their way to my code bases without the maintainers incrementing the major version of their projects, especially in language ecosystems where Semantic Versioning is expected, and in such cases I’m going to begin exploring alternative options so I can ban such libraries from my projects—personal and professional—altogether.
If you work in a language ecosystem where Semantic Versioning is the de facto norm, where violating it can wreak havoc downstream, then please play nice and follow its dictates. Instead of viewing it as a straight jacket, try to see it as an algorithm to determine what your next release number should be. We should all like algorithms!
There is the classic saying that “Practice makes Perfect”. This is partly true because it’s also that “Practice also makes you Permanent”.
Now usually comes the part saying that we need to do Deliberate Practice consistently for many years. The thing is that there is a multitude of ways to practice deliberately. There is no one size fits all formula applicable to all domains. And of course - people are different.
I’d like this article to focus on a single deliberate practice side - I call it the “Train Your Own Neural Technique” technique.
This is a neat little trick from Vitor Paladini:
clamp()is a CSS feature that helps you write less of it. It is a rather new feature in CSS so a lot of developers might not be aware of how useful it is.