Eric Meyer

It’s time to get static

Eric Meyer says…

If you are in charge of a web site that provides even slightly important information, or important services, it’s time to get static.

…too many sites are already crashing because their CMSes can’t keep up with the traffic surges. And too many sites are using dynamic frameworks that drain mobile batteries and shut out people with older browsers. That’s annoying and counter-productive in the best of times, but right now, it’s unacceptable.

Thomas Smith Medium

Clearview AI has a profile on me and 'it freaked me out'

Have you ever posted an image on the public internet and thought, “What if someone used this for something?” Thomas Smith did and what he discovered about Clearview AI is disturbing…

Someone really has been monitoring nearly everything you post to the public internet. And they genuinely are doing “something” with it.

The someone is Clearview AI. And the something is this: building a detailed profile about you from the photos you post online, making it searchable using only your face, and then selling it to government agencies and police departments who use it to help track you, identify your face in a crowd, and investigate you — even if you’ve been accused of no crime.

I realize that this sounds like a bunch of conspiracy theory baloney. But it’s not. Clearview AI’s tech is very real, and it’s already in use.

How do I know? Because Clearview has a profile on me. And today I got my hands on it.


Cultivate the skill of undivided attention, or “deep work”

Dear New Developer,

You know that there’s a chasm between your skill level and that of the mythical “senior software developer”.

If you build a list of topics you encounter on your job that, if learned to a deep enough level, would put you on the same level as a senior developer, you’ll end up even more demoralized than before compiling that list.

No need to assemble this list yourself! I’ve done it for you.

I’ve heard many people recommend Deep Work over the years. Add this one to the list.

(I like this style of writing where you imagine a hypothetical new developer –knowing full well they real thing is out there– and tell them things you wish you’d known when starting your career as a dev.)

Gus Luxton

How to SSH properly

There are many ways to SSH. Some have more security “risks” than others. Yet, we SSH everyday…but could you improve the security of your SSH infrastructure? Maybe. Let’s find out.

Most people can agree that using public key authentication for SSH is generally better than using passwords. Nobody ever types in a private key, so it can’t be keylogged or observed over your shoulder. SSH keys have their own issues, however, some of which we’ve covered in a previous post about SSH key management.

The next level up from SSH keys is SSH certificates. … With SSH certificates, you generate a certificate authority (CA) and then use this to issue and cryptographically sign certificates which can authenticate users to hosts, or hosts to users….


Declaratively configure your Gmail filters

If you use (and abuse) Gmail’s filters in order to wrangle your inbox, this tool might help you keep your sanity as you maintain them over time.

This utility helps you generate and maintain Gmail filters in a declarative way. It has a Jsonnet configuration file that aims to be simpler to write and maintain than using the Gmail web interface, to categorize, label, archive and manage your inbox automatically.

José Valim

An upcoming authentication solution for Phoenix

José Valim, writing on the Dashbit blog:

I have thought about launching “Devise for Phoenix” probably hundreds of times. I had long conversations with Chris McCord (creator of Phoenix) and co-workers about this. Helping Phoenix users get past the burden of setting up authentication can be a great boost to adoption. At the same time, I never found a proper way to approach the problem.

You can probably guess what’s coming next…

About 2 months ago I decided to handwrite a simple and secure authentication solution on top of a Phoenix application.

Cool stuff. Click through to learn the details of what he came up with (and what’s happening next).

Micah Lee

Zoom meetings aren’t end-to-end encrypted

I’m pretty sure that, given the state of the world and the focus on Zoom right now, they will rectify this, but until then…“the only feature of Zoom that does appear to be end-to-end encrypted is in-meeting text chat.”

“They’re a little bit fuzzy about what’s end-to-end encrypted,” Green said of Zoom. “I think they’re doing this in a slightly dishonest way. It would be nice if they just came clean.”

Without end-to-end encryption, Zoom has the technical ability to spy on private video meetings and could be compelled to hand over recordings of meetings to governments or law enforcement in response to legal requests.

Brent Simmons

Maybe the iOS and Mac markets are the same size(ish)

Brent Simmons did some analysis on download numbers for NetNewsWire on iOS and Mac.

Based on the above, and knowing that way more people use iOS than macOS, you’d expect the iOS app to be way more popular. But it’s not. It’s a little more popular.

I find this super-fascinating, because it’s some data — admittedly just one app — that confirms what I’ve thought for a long time, which is that, for some types of apps, a Mac app would do as well as an iOS app.

Jerod Santo YouTube

Using Phoenix LiveView to build a collaborative scratch paper like Google Docs

Jam session! I sat down (metaphorically) with Phoenix’s new LiveView feature to see if I can integrate it into our admin to provide a Google Docs-esque experience for podcast co-hosts.

This is my first long-form video where I work toward a goal with no clue how to actually get there. Please let me know if you dig this style in general and/or if you have any advice on the particulars.

0:00 / 0:00