Notes

Months later, marketing and management requests have continued non-stop and (of course) you’ve had no time to lace everything up. You think back to that fateful decision to implement a quick fix, not anticipating that the organization would utilize it on a daily basis, requiring constant updates for every unique sales avenue. In your haste, you built a system that is functionally not operable within the rest of the ecosystem—and you are now subject to that decision. As the requests take longer and longer to work, questions start to arise: “Is our developer losing his touch? Why is this taking so long when it used to take minutes?”

I feel this on a deep spiritual level. All too often we are asked to get features out the door as soon as possible to meet an immediate business need and are not always given the time later to clean the code up to make the system better.

Tech debt is real, and eventually comes for us all.

If you need to change a line of code, simply ask yourself two questions:

• Where did I get the inputs?
• Who relies on the outputs?

Answering these questions might not be simple; but, considering the code in this light removes the air of mystery and reduces the problem down to a set of quantifiable values.

Capability makes your life simpler. Tolerance, skills, knowledge, and health are always with you, wherever you go. They are assets but they take up no space. They are stored in your body.

Some lack capability through no fault of their own, but anyone can increase their capability. It’s an investment that pays dividends every day.

I listen to my music and no calls can interrupt me. No notifications can interrupt me. No in-the-moment actions can pause my music. I can take an earbud out and there's no algorithm that pauses or unpauses my music. I can't ask Siri about a song.

This is calm.

I definitely understand where Tom is coming from. While there is definitely some awesomeness to AirPods and the like, there’s still something awesome about the old school iPod.

This is why "give us your email address for 30% discount" popups and account signup forms are suddenly everywhere. Email addresses are stable, long-lived reidentifiers. Overt mechanisms like this are already replacing third-party cookies. Make no mistake: post-removal, tracking will continue for long as reidentification has perceived positive economic value. The only way to change that equation is legislation; anything else is a band-aid.

I’m kind of curious as to how much email aliases can help with this, and I don’t mean the ‘+’ in the email trick. I use FastMail for my email and can create truly unique emails for services I sign up for. Granted they all share the same domain, but they’re still different. It’s obviously not a panacea, but maybe something?

Not to diminish the harm that can come from layoffs—they can absolutely be traumatic and devastating, and we desperately need better safety nets. But I also want to name the sense of relief and opportunity that often emerges after a big rupture, the generative combination of fuck it and what’s possible now? energy that leads people in directions they had long considered impractical but which now seem ripe for exploration. I see this experience a bit like what happens after an intense fire burns a stretch of forest down to ash: seeds that were dormant and waiting for just that moment suddenly germinate and stretch up to the clear, bright sun.

A secret I share about these transitions is that big changes only make sense in hindsight. Some day, years from now most likely, you’ll look back and tell a beautiful story of getting laid off or fired or whathaveyou, and how from that dark and terrible moment came a new beginning. But when you are in the thick of it, when you don’t yet have the gift of a rearview mirror, it won’t feel anything like providence. You’ll feel like you’re flailing about and you’ll want to scream or cry or both at the same time. Your boots will stick in the mud and your ropes will fray and you’ll lose your flint on the coldest night. It will be chaos. But it was chaos that birthed the universe. It is from chaos that many great stories begin. You’ll tell yours in time. First, you have to live it.

Just a thought about tough times...

It looks like everyone's favourite FIDO token provider might have an unpatchable vulnerability! Much Sturm und Drang from the usual sources. But how bad is it really? Not so bad - but it does expose some weaknesses in the very idea of having physical tokens.

It also looks like the attacker will need:

• Physical access to key
• Username & password tied to account protected by key
• $11,000 worth of equipment

So yes, it doesn’t seem to be an “easy” attack, but geez…it’s always something.

Samsung and Google provide Android OS updates and security updates for seven years. Apple halts servicing products seven years after they stop selling them.

That might not cut it in the auto world, where the average age of cars on US roads is only going up. A recent report found that cars and trucks just reached a new record average age of 12.6 years, up two months from 2023. That means the car software hitting the road today needs to work—and maybe even improve—beyond 2036. The average length of smartphone ownership is just 2.8 years.

It’s not something that you might think about, but with all the technology in cars, how long will the tech be supported? Cars can last a long time if well maintained. Tech seems to be somewhat expendable.

My Honda Civic is now 10 years old and I don’t plan on getting rid of it anytime soon. The only “tech” I have in my car is the standard entertainment system, but newer cars have a whole lot more between cellular connectivity and much more.

Is it all going to be maintained and supported? Are security updates going to continue for the life of the car? What will GM, Ford, Honda and others consider the “life of the car”?

Chances are, the things you don’t like about CSS are the things you haven’t bothered to understand about it.

I will say, I did have gripes with CSS early in my career. The more I’ve used it though, the more I’ve grown to understand it. It can take some time to wrap your head around it. Dismissing it out of hand is not the answer.

My brothers and sisters in Christ I want you to know that I care about your souls enough to share these truths with you:

• You don’t need JavaScript to make a web page.
• You don’t need JavaScript to write styles.
• You don’t need JavaScript to make an animation
• You don’t need JavaScript just to show content.

I take pride in that my site limits its use of JavaScript. JS certainly has its place and I do use it, but boy do some developers rely on it for tasks that just don’t need it.

You don’t need a framework to render static content to the end user. Stop creating complex solutions to simple problems

Amen.

Every piece of code is a potential vulnerability, really. Not just dependencies.

But code that you don’t own, that’s outside your control, is particularly vulnerable.

One of the big myths of using frameworks and libraries and cloud services is that you no longer have the “own” that piece of the code. You’re benefiting from someone else having already solved it.

We deal with this a lot at my job and I think it's important to take note of. We thankfully have dependency checkers to catch known vulnerabilities in the packages we reference so issues are hopefully caught and identified sooner rather than later. But the fact remains that we can be at the mercy of the frameworks and libraries to fix them.

Third party developers could abandon their libraries or they only fix it in a version that has breaking changes compared with the version you're using. Either way, it means that you're now in a bind with your website or app.

This is not to say don't use third party libraries or frameworks. Most developers are fantastic and are legitimately doing their best to write good software. But it should cause you to do at least two things. First, be mindful of what dependencies you use. Second, do what you can to make sure you, and/or your company support the open source developers who make the tools you use.

I try not to delve too much into politics here, but I heard this and thought it matters.

Here’s what she says in this tweet yesterday: “Trump brought up the idea” to that GOP meeting of “‘an all tariff policy’ that would lead to getting rid of the income tax, per sources in the room.” So, this. This frustrates me so deeply. Number one, because it’s just idiotic and economically illiterate, which I’ll explain in a moment. But number two, it is an example of the, I don’t want to say chasing our tails, but the knocking down of idiocy that the economic and financial media is going to have to do if the former president wins because facts matter. So, super quickly. I looked up these numbers. We generate $2.2 trillion in revenue from the income tax every single year. We import about $3.8 trillion worth of stuff into this economy every single year. So, in order to get $2.2 trillion to replace the income tax from a tariff on $3.8 trillion worth of income, you’d have to have a tariff of nearly 60% across the board, just to start, right? But what happens when you tax things? That is to say when you put tariffs on them, because tariffs aren’t taxed on imported goods that consumers pay so. When you tax things, people buy less of them, so our imports will go down, but we’ll have to still make that $2.2 trillion nut. So, our tariff rates are going to have to increase. As the tariff rates increase, the amount of stuff we’re going to buy is going to go down because when you tax stuff more, the amount of stuff you buy that is taxed goes down. And so on and so forth, until you get to a tariff rate of infinity. It’s just stupid. I can’t tell you how annoying this is to me, that we’re going to have to chase our tails on idiotic stuff like this because it’s being bandied about by a guy who, this isn’t me, this is Janet Yellen, does not understand the economy. It just. I can’t tell you how absolutely fried my brain gets when I think about this. That’s it. That’s all I’ve got.

I can’t add any more to Kai Ryssdal’s rant here. In the lead up to the election this November, do your best to stay informed.

I love this. Ever since the death of X/Twitter I’ve been much more focused on making sure that I control the data and content I post that means the most to me.

Own your data. Your content, your metadata, your identity.

Use and publish visible data. For humans first, machines second.

Above all, have fun. When the web took off in the 90’s people began designing personal sites with tools such as GeoCities. These spaces had Java applets, garish green background and seventeen animated GIFs. It may have been ugly and badly coded but it was fun. Keep the web weird and interesting.