Joshua Wood Web Developer

Why Gold Bugs, Bond Bears and Amazon Skeptics Think Alike #Articles #Investing #The Wall Street Journal (WSJ) #Jason Zweig

These People Who Work From Home Have a Secret: They Have Two Jobs #Articles #The Wall Street Journal (WSJ) #Remote Work

Background reading/listening:

• The Internet Is Overrun With Images of Child Sexual Abuse. What Went Wrong? (NYT) #Links #Articles #Privacy #Encryption #Internet #Abuse

• Apple’s Announcement: Expanded Protections for Children #Links #Articles #Apple #Privacy #Encryption #Internet #Abuse

• Apple’s Child-Protection Features and the Question of Who Controls Our Smartphones (WSJ) #Links #Articles #The Wall Street Journal (WSJ) #Apple #Privacy #Encryption

• Apple’s Mistake on Stratechery #Links #Articles #Apple #Privacy #Encryption #Internet #Abuse

• Apple’s Assumption on Dithering #Links #Apple #Privacy #Encryption #Internet #Abuse

A few key points on image detection/reporting:

• Detection happens on your device, not in iCloud

• Cryptographic hashes of each images are compared with a database of known images only

• The metadata is uploaded with each photo, and that’s what Apple uses to report potential abuse

A few key points on new parental controls in Messages:

• Apple uses on-device machine learning to detect nudity

• The user/child is given the option not to look at and/or distribute the image first

• For accounts of children 12 and under, the parent can be notified if their child decides to proceed

This is one of those incredibly murky issues that do not have clear answers. It’s a tradeoff between protecting children and protecting privacy. Ignoring either enables terrible outcomes—on the one hand by sexual predators, on the other by abusive governments.

Ben Thompson of Stratechery thinks that Apple made a mistake in their approach because they violated the assumption that the user owns their device; a better tradeoff would be to scan in iCloud, similar to how Facebook scans images uploaded to their servers.

As far as I know, Facebook cannot scan images in Messenger when end-to-end encryption is enabled since the scanning happens in the cloud—not on the device.

Ben Thompson and John Gruber had a good conversation about Apple’s future privacy plans on a recent episode of Dithering (Podcast). They speculated that Apple’s decision to perform more work on-device (rather than in iCloud) could be laying the groundwork for enabling end-to-end encryption in iCloud in the future. Currently, iCloud backups are not encrypted, making them available to requests from law enforcement.

I’m glad that Apple is doing something, and that their solution doesn’t make it easy to get around the new protections by default—like Facebook’s encryption option. Ben Thompson makes a good point: maybe it would have been better not to compromise the device, and do the scanning in iCloud (which parents could choose to enable).

There were no rules at the start of the internet, but there were also few users, and the technology itself made it difficult for criminals to hide. It’s not the same place it once was. As in many societal debates, we need to find the right balance between safety and freedom.

From the kid’s perspective, I’m sure they’ll find creative ways to circumvent any censorship/controls their parents put in place. We don’t have to make it easy, though. Give them a challenge.

https://github.com/nodejs/node/pull/29564

https://nodejs.org/dist/latest-v14.x/docs/api/cli.html#cli_enable_source_maps

The stack traces were a bit wonky, though—the “->” prefix is not supported by most stack trace parsers (including Honeybadger).

>Error: oops, something went wrong
    at AppService.getHello (/Users/josh/tmp/test-node-app/dist/main.js:100:15)
        -> /Users/josh/tmp/test-node-app/dist/webpack:/test-node-app/src/app.service.ts:6:11
    at AppController.getHello (/Users/josh/tmp/test-node-app/dist/main.js:68:32)
        -> /Users/josh/tmp/test-node-app/dist/webpack:/test-node-app/src/app.controller.ts:10:28
    at /Users/josh/tmp/test-node-app/node_modules/@nestjs/core/router/router-execution-context.js:38:29
    at InterceptorsConsumer.intercept (/Users/josh/tmp/test-node-app/node_modules/@nestjs/core/interceptors/interceptors-consumer.js:11:20)
    at /Users/josh/tmp/test-node-app/node_modules/@nestjs/core/router/router-execution-context.js:46:60
    at /Users/josh/tmp/test-node-app/node_modules/@nestjs/core/router/router-proxy.js:9:23

That’s fixed in Node 14+, so the stack traces are supported everywhere.

>Error: oops, something went wrong
    at AppService.getHello (webpack://test-node-app/src/app.service.ts:6:11)
    at AppController.getHello (webpack://test-node-app/src/app.controller.ts:10:28)
    at /Users/josh/tmp/test-node-app/node_modules/@nestjs/core/router/router-execution-context.js:38:29
    at InterceptorsConsumer.intercept (/Users/josh/tmp/test-node-app/node_modules/@nestjs/core/interceptors/interceptors-consumer.js:11:20)
    at /Users/josh/tmp/test-node-app/node_modules/@nestjs/core/router/router-execution-context.js:46:60
    at /Users/josh/tmp/test-node-app/node_modules/@nestjs/core/router/router-proxy.js:9:23

Celebrate progress, and don’t be false. Happy 4th.

“What to the Slave Is the Fourth of July?”

They say entrepreneurs are often irrational optimists.

Here are some things I wish my outliner could do for an optimal blogging setup.

Custom block types

Live preview

Every block has a unique id

We don’t hire a lot of people full-time and our product development process isn’t great for mentorship. Open source is a different story, though. There are lots of small things to learn and do there, and it’s public, which helps build community.

My current plan is to bring juniors onto the team with few expectations. They can hang out to learn and contribute when they’re ready. We’ll see how it goes.

https://twitter.com/stympy/status/1408132330863038465

It’s almost a specification maybe. We’ll flesh it out w/ deeper content in the near future. It uses Ruby pseudocode but applicable to most environments, I think.

Would anyone like to take a look and tell me if they find the content useful? Or lacking? :)

A goal that you should hold us to: “within three years each vertical (e.g., operations, sales, development) inside Hint will consist of at least 50% under-represented groups.”

That’s not about hitting a target; we want the business to represent more than ourselves. Colleagues with diverse backgrounds make us and our clients better.

We also have some strong opinions about contracting and the industry. Too many companies burn out their employees. We want to do the opposite—create a culture centered around work/life balance.

If you want to work on fun and challenging projects at a sustainable pace with people who support you, we’re hiring developers (100% remote, of course).

https://twitter.com/stympy/status/1407490878898204672

https://twitter.com/MalaikaJabali/status/1406484721077526528

Dave is the original tools for thought leader, but he’s no rabbi 😂

Here are some resources he recommended to me:

• OPML checklist: a great overview of Dave’s outliner/OPML ecosystem for developers

• How Old School works

  • Old School is Dave’s blog generator. It converts OPML from an outliner (where he writes his blog) into the website at scripting.com. It supports some special attributes (via OPML) and markup/short codes (in the content) to control the display of various elements.

  • Little Outliner (LO2) is an outliner (web app) that uses OPML as its native format.

  • Dave’s blog is also backed up on GitHub

• Instant Outlines: subscribe to OPML over a WebSocket and receive live updates

Modern outliners like Roam and logseq need a common interchange format. OPML seems like the natural choice? For instance, Workflowy has supported OPML since 2013.

The local build would be < 10 seconds if I had direct access to an OPML or JSON feed. Maybe it’s time to reconsider Roam as a blog CMS.

Will Christian America Withstand the Pull of QAnon? #Religion #Politics #QAnon

https://twitter.com/GeoffRBennett/status/1406205619229454336 #Juneteenth

Portland police’s entire crowd control unit resigns after indictment of officer #Portland #Police #Protests

https://www.hookrelay.dev

We built Hook Relay to send webhooks to our own customers—we wanted better visibility into event deliveries, plus a robust backend for reliability and security concerns.

While our primary use case was outbound webhooks (great for SaaS companies who want to give their users limitless integration options), Hook Relay also does inbound! You can proxy your flaky 3rd-party services through Hook Relay to get instant retries, replay, and much more.

I know that’s rare, though. You never have errors.

I have since added this config to one of my other projects, honeybadger-io/honeybadger-webpack. In the process I replaced the markdown parsing code with the keepachangelog NPM package (which I hadn’t noticed before.) #

Much of the most spirited conversations have centered on a pre-launch project called BitClout, a social crypto-exchange where users can buy and sell tokens based on people’s reputations. The app, which launches out of private beta tomorrow morning, has already courted plenty of controversy inside the crypto community, but it’s also amassed quite a war chest as investors pump tens of millions into its proprietary currency.

Oh right, that was a social credit system. This is more like social capitalism, so much better.

Biden administration unveils plan to combat domestic extremism #Articles #Politics #January 6th, 2021

U.S. files conspiracy charge against Oath Keeper leader in alleged plot against the Capitol #Articles #Politics #January 6th, 2021

Devs watching QA test the product #Tweets #Humor #Developers

turbolinks-prefetch #NPM #Packages

Face the Bitter Truth #Articles #Politics

The left just got crushed #Articles #Politics

A Large Portion of the Electorate Chose the Sociopath #Articles #Politics

A Biden Victory Wouldn’t Defeat QAnon #Articles #Politics

Trump prepares to launch a second term early, even without winning #Articles #Politics

I routinely block Twitter and other social media while on vacation. It’s a great way to reset. Having just returned from two weeks off, my Twitter habit is under control, and thus I find myself getting work done.

Just a little bit ago, by impulse—while waiting for the tests to pass—I opened Twitter. 10 minutes later I’m reading some guy’s blog post about why he’s a Christian Trump voter.

Touché, Twitter.

U.S. officials: Iran and Russia aim to interfere in election #Articles #Disinformation

How should we think about Russian disinformation?

The Agenda-Setting Function of Mass Media

(In the process I fixed some issues with my articles feed—sorry if you got some duplicate updates.)

test && commit || revert (TCR) is a new programming workflow introduced by Kent Beck in 2018. In a normal TDD (Test-driven Development) workflow, the goal is to write a failing test before writing the code to make it pass. TCR flips the TDD paradigm upside down, with a twist:

Not only must your tests always pass (on every file save, no less), but if they don’t pass, your code is automatically reverted.

I must admit: when I learned about TCR, I hated the idea. Coming from a TDD background, it’s so counter-intuitive. It’s funny, though, the more I think about my initial reaction, the more I want to try it.

“I don’t know if I watch too much stand up comedy but this email was a fucking epic opener and I loved it. Bravo!” #Honeybadger #Quotes

As far as how it compares to Sentry, I have had a great experience with Honeybadger. The UI is much much easier to navigate than Sentry. It is less cluttered, and gives me the information I need right away, all in one place. The setup in Elixir was so much easier than Sentry too! I haven’t explored all the options in Honeybadger yet, but I’m excited about uptime tracking as I’ve been using Pingdom for that, but I’d rather consolidate as many tools as I can.

If I had to summarize my experience in one sentence, it would be: Honeybadger does more of what I need while keeping the interface simple enough that I don’t need a degree in error tracing just to use it. #Honeybadger #Quotes

Added permalinks on hover

Only H1 headings generate separate pages (instead of creating a page for every block). This is an alternate approach to a previous idea:

Added blockquote styles

Updated middleman

Matestack enables you to craft interactive web UIs without JavaScript in pure Ruby with minimum effort. UI code becomes a native and fun part of your Rails app.

There was an HN discussion about it late last year.

https://twitter.com/hnshah/status/1310692024945766402

Or what I like best

I like to keep my head down,

making progress on challenging problems.

Not passively engaging on Twitter

It’s bad when the water cooler is attached to your desk

Working with people, yes—

but towards meaningful goals

really helping them move forward

…not shouting empty advice

I don’t want to be a thought leader

I just want to make cool stuff

In Federalist 84, Hamilton argues against the inclusion of a Bill of Rights in the Constitution (and a few other misc. things).

In Federalist 85, Hamilton concludes The Federalist Papers with an argument for ratifying the Constitution now and amending it later.

The framers knew that the Constitution wasn’t perfect, and they anticipated that there would be unknowns as the nation grows and develops. That’s why there’s an amendment process.

This was a weird day to lose RBG. What a career. RIP.

Hey, it’s Constitution Day. How fitting. :)

A listing of companies that don’t desperately email and call you constantly saying “Remember us! Please use our tools! Check us out! Hey hey hey!

No lifecycle emails. No sales calls. No contact with you outside of the product itself.

Currently Middleman builds a page for every Roam block (including nested blocks) in the export.

Being able to link directly to blocks is really nice if I want to write a short blog post in Daily Notes, for example, but then link to it on its own page. I.e., here’s this post.

I will rarely want to link to more than one or two levels deep, however. I could add a setting for that, so that it only generates pages N-blocks deep.

I could also add an option to skip creating pages for blocks without children.

I sent an email to my newsletter today that used a (humorous) hacked Trump tweet as an example of a link hijacking vulnerability. I only got two angry replies (not bad), but the click rate is more telling… So far 2.4% compared to the normal 4-10%.

The content itself is really interesting, so I’m thinking people have Trump fatigue. Come to think of it, so do I. Lesson learned moving forward. 😂

Alex tweeted about todo lists: “I don’t like todo lists because I don’t like being told what to do, even by past me.”

My favorite todo lists are the ones that are easy to throw away. It’s why I prefer 3x5 cards.

I also like contextualizing todos, which is something most apps do poorly. For instance, I write my home maintenance todos on a whiteboard in my garage.

Marketing should not be manipulative. Good marketing should stand on its own, and the user should be better for it regardless of whether they end up buying today. That rules out much of advertising. We do some advertising at Honeybadger, but try to direct it towards providing legitimate value to the audience, not just our users.

Seth Godin’s This Is Marketing has helped me reconcile my thinking about ethical marketing.

An old->new mapping of renamed and merged pages in Roam’s JSON export schema

Information about list style (view as numbered list, view as document, etc.) in Roam’s JSON export schema

Netlify has been having issues for me lately; today, the fetch-roam script I use to export my database when building this website began timing out, even though I’ve had no issues with it locally.

Build times have also been a problem. I can build this site in around 25 seconds on my 16” MacBook Pro, including the database download. Netlify was routinely taking 3-5 minutes—Ruby in particular seems to be very slow on Netlify.

So I deployed the site to s3 instead, which actually seems to fit this project better:

Normally I’d miss some of the niceties that come with Netlify such as branch previews and functions, but in this case I think the tradeoff is worth it.

Stop claiming Antifa and the Proud Boys are starting fires.

“At least it’s not radioactive” pretty much sums up 2020 at this point. It’s true, though. At least it’s NOT radioactive.

That was a smooth onboarding flow, Derrick. 👌

*assuming DNS has propagated for you

Here’s the code: https://github.com/joshuap/notes

I never thought I would use the meyerweb CSS reset again.

The source of the data is Roam’s JSON export, which is what gatsby-digital-garden uses. There is some JavaScript in fetch-roamresearch that could be used to download the database when building in CI.

I can’t get past how much overhead Gatsby adds to a project.

19:38 Cool, I have a working project with all the basics (inbound/outbound linking, block references, etc.) That was easier than I thought.

Thank you, random internet strangers. <3

Reminds me of Scripting News

If you define the edges of the system, you can receive any typed data and sanitize it before allowing it to cross the boundary—from that point on you’re working with typed data.

Number of calling arguments in public methods should also be tested, since outside of TS it’s easy to introduce undefined values by omitting arguments.

https://twitter.com/JulioBarros/status/1303789351428521986

https://github.com/joshuap/garden

https://joshuawood-garden.netlify.app

For more on digital gardens, see Joel’s post.

A few notes on this project: