Dan Q

Year: 2017

Against DNSSEC

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

All secure crypto on the Internet assumes that the DNS lookup from names to IP addresses are insecure. Securing those DNS lookups therefore enables no meaningful security. DNSSEC does make some attacks against insecure sites harder. But it doesn’t make those attacks infeasible, so sites still need to adopt secure transports like TLS. With TLS properly configured, DNSSEC adds nothing…

Repost posted at UTC on .

No comments

Troy Hunt: HTTPS adoption has reached the tipping point

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

That’s it – I’m calling it – HTTPS adoption has now reached the moment of critical mass where it’s gathering enough momentum that it will very shortly become “the norm” rather than the exception it so frequently was in the past. In just the last few months, there’s been some really significant things happen that have caused me to make this call, here’s why I think we’re now at that tipping point…

Repost posted at UTC on .

No comments

Extremely Positive People Aren’t as Good at Empathy | Big Think

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

People with extremely sunny attitudes find it difficult to empathize with people who are recounting a negative experience, according to a study recently published at PLOS ONE. Ironically, positive people also reported being better at empathizing than did people who labelled themselves as slightly less than bubbly…

Repost posted at UTC on .

No comments

How do you make programmers work 60-80 hours per week?

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Original question from Quora:

Programmers in our startup usually put 8 hours and go home. I keep reading stories about 80+ hour weeks. How do you make them work longer hours? Do we have to pay overtime? We gave few of them some equity, but it doesn’t seem to work.

My Answer:

I’m going to tell you a secret, so please listen closely.

No programmers really work 60-80 hours a week, especially in a 5 day span. That is a 12-16 hour day, 5 days a week.

I promise you that any company that has programmers “working” that many hours is really only getting 2-4 hours of real work out of them each day. The rest of the time will be filled with pointless meetings, a fair amount of web browsing, and then a whole lot of looking busy…

Repost posted at UTC on .

No comments

Adactio: Journal—Code (p)reviews

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

I’m not a big fan of job titles. I’ve always had trouble defining what I do as a noun—I much prefer verbs (“I make websites” sounds fine, but “website maker” sounds kind of weird).

Mind you, the real issue is not finding the right words to describe what I do, but rather figuring out just what the heck it is that I actually do in the first place…

Repost posted at UTC on .

No comments

The Long Tail of an Abusive Relationship

I am a survivor of an abusive relationship, and parts of that experience affect the way that I engage in romantic relationships… but I have difficulty quantifying exactly how much. Insert obvious (minor) trigger warning here, and scroll past the kitten if you want to read more.

An adorable long-haired calico kitten. Instant eyebleach.
Mew.

I’m fine, by the way. It took… a long, long time, like in the region of a decade, to be completely fine about it, and I appreciate that compared to many people, I got lucky. Like many victims (and especially among men), my recovery was hampered by the fact that I found it difficult to see the relationship as having been abusive in the first place: that first step took many years all by itself. I’m not kidding when I say I’m fine, by the way: no, I don’t need to talk about it (with many of my circles of friends made up of current and former helpline volunteers of various types, I feel the need to make that doubly-clear: sometimes, one just can’t escape from people who care about you so much that they’ll offer you a cup of tea even if they’ve only got saltwater to make it with, if you catch the drift of my needless in-joke).

But I wanted to share with you something that I’ve gradually realised about how I was changed as a result of that relationship. Something that still affects me today and, for all I know, probably always will: a facet of my personality whose origins I eventually traced back to that dreadful relationship.

A man investigating the inside of his own (mechanical) brain.
Earlier this year, I finally got around to reading the (brilliant) Stories of Your Life and Others by Ted Chiang. As somebody who loves to take apart his own brain to see how it works, I loved the story of an automaton who more-literally does exactly that.

A major factor in my attraction to people, for the last decade and a half, has been whether or not they demonstrate being attracted to me. I’m sure that’s the case for everybody, at least to some extent – there’s a necessary reciprocity for a relationship to work, of course – but in my case there’ve been times in my past when the entirety of my attraction to somebody could be described in terms of their attraction to me… and that’s a level that definitely isn’t healthy! It stems from a lack of belief in my own worth as relationship material, which had grown to such an extent that feeling as if I were even-remotely attractive in somebody else’s eyes has, regardless of whether or not I’d be interested in them under other circumstances, made me feel as though I ought to “give them a shot”. Again: not healthy.

This, in turn, comes from a desperation of considering myself fundamentally unattractive, undateable, and generally unworthy of the attention of anybody else in any relationship capacity… which is highly tied-up in the fact that I had a relationship in which my partner repeatedly and methodically taught me exactly that: that I was lucky to be in a relationship with them or indeed with anybody, etc.

Given enough time, persuasion, and coercive tactics, this is the kind of shit that sinks in and, apparently, sticks.

Dalmatian wrapped in barbed wire.
If this picture makes you sad… then you shouldn’t have scrolled past the kitten, should you?

I don’t mind that I’m a product of my environment. But it bugs me a little that I’m still, to a small (and easily managable, nowadays) extent the product of somebody else’s deliberate and manipulative efforts to control me, a decade and a half after the fact.

Now I’ll stress once again that I’m fine now: I’ve recovered by as much as I need (or at least expect) to. Some years ago, I finally got to the point that if you let me know that you’re attracted to me then that isn’t by itself something that makes me completely infatuated with you. Nowadays, I’m capable of actually engaging my brain and thinking “Hmm: would I be interested in this person if it weren’t for the fact that they’d just validated my worth in some way?” But I’m still aware of the sensation – that nagging feeling that I’m acting according to a manipulative bit of programming – even though I’m pretty confident that it doesn’t influence how I behave any more.

It’s funny how our brains work. At the end of the relationship, I made a reasonably-rapid bounceback/recovery in terms of my general self-worth, but it took far, far longer to get control over this one specific thing. I guess we all react to particular stresses in different ways. For me, somebody who’d spent his childhood and teen years with perhaps, if anything, a little much self-worth, it might have been inevitable that I’d be unable to rebuild the part of that self-image that was most-effectively demolished by somebody else: the bit that is dependent upon somebody else’s validation.

But who knows… as I said, I have difficulty quantifying how much that abusive relationship impacted me. Because it is, of course, true to say that every single thing I’ve ever experienced will have affected me in some way or another – made me the person I subsequently became. How can I justify blaming a single relationship? I know that I wasn’t “like this” back when I first started my dating life, but I can’t conclusively prove that it was the result of any one particular relationship: for all I can claim, perhaps it was something else? Maybe this was always who I’d become? Or maybe, of course, this entire paragraph is simply the result of the fact that my brain still has difficulty with the term “abusive relationship” and is more-than-happy to keep trying to reach for whatever alternative explanations it can find.

Once again though, I’ll stress that I’m okay now and I have been for many years. I just wanted to share with you an observation I’d made about my own psychology… and the long tail that even the “tamest” of abusive relationships can leave.

× ×

Article posted at UTC on .

4 comments

Digest for April 2017

Summary

This month, I experimented with web technologies to which I’d been introduced at Render Conf, developed a websockets-and-orientation-sensor controlled game called Steer!, and looked back on the ways that I’m still affected by an abusive relationship that ended a decade and a half prior. I shared an XKCD comic.

All posts

Posts marked by an asterisk (*) are referenced by the summary above.

Articles

Checkins

Reposts

Reposts marked with a dagger (†) include my comments or interpretation.

Collection posted at UTC on .

No comments

Steer! An Experimental Canvas/Websocket Game

As you may know, I’ve lately found an excuse to play with some new web technologies, and I’ve also taken the opportunity to try to gain a deeper understanding of some less bleeding-edge technologies that I think have some interesting potential. And so it was that, while I was staffing the Three Rings stall at last week’s NCVO conference, I made use of the time that the conference delegates were all off listening to a presentation to throw together a tech demo I call Steer!

Animated GIF from a video, showing a player using their mobile phone to steer a car on a desktop computer screen, all using the web browsers on both devices.
A player uses their mobile phone to steer a car on a desktop computer, using nothing more than a web browser.

As you can see from the GIF above, Steer! is a driving game. The track and your car are displayed in a web browser on a large screen, for example a desktop or laptop computer, television, or tablet, and your mobile phone is used to steer the car by tilting it to swerve around a gradually-narrowing weaving road. It’s pretty fun, but what really makes it interesting to me is the combination of moderately-new technologies I’ve woven together to make it possible, specifically:

  • The Device Orientation API, which enables a web application to detect the angle at which you’re holding your mobile phone
  • Websockets as a mechanism to send that data in near-real-time from the phone to the browser, via a web server: for the fastest, laziest possible development, I used Firebase for this, but I’m aware that I could probably get better performance by running a local server on the LAN shared by both devices
  • The Canvas API to draw the output to the screen

Infographic showing how Steer! works. Phone accelerometer determines orientation, pushes to Firebase (up to 60 times/sec), which pushes to browser (via Websocket), which updates screen.

The desktop browser does all of the real work: it takes the orientation of the device and uses that, and the car’s current speed, to determine how it’s position changes over the time that’s elapsed since the screen was last refreshed: we’re aiming for 60 frames a second, of course, but we don’t want the car to travel slower when the game is played on a slower computer, so we use requestAnimationFrame to get the fastest rate possible and calculate the time between renderings to work out how much of a change has occurred this ‘tick’. We leave the car’s sprite close to the bottom of the screen at all times but change how much it rotates from side to side, and we use it’s rotated to decide how much of its motion is lateral versus the amount that’s “along the track”. The latter value determines how much track we move down the screen “behind” it.

The track is generated very simply by the addition of three sine waves of different offset and frequency – a form of very basic procedural generation. Despite the predictability of mathematical curves, this results in a moderately organic-feeling road because the player only sees a fraction of the resulting curve at any given time: the illustration below shows how these three curves combine to make the resulting road. The difficulty is ramped up the further the player has travelled by increasing the amplitude of the resulting wave (i.e. making the curves gradually more-agressive) and by making the road itself gradually narrower. The same mathematics are used to determine whether the car is mostly on the tarmac or mostly on the grass and adjust its maximum speed accordingly.

Sum of sine waves as used to generate the track for Steer!

In order to help provide a visual sense of the player’s speed, I added dashed lines down the road (dividing it into three lanes to begin with and two later on) which zip past the car and provide a sense of acceleration, deceleration, overall speed, and the impact of turning ‘sideways’ (which of course reduces the forward momentum to nothing).

This isn’t meant to be a finished game: it’s an experimental prototype to help explore some technologies that I’d not had time to look seriously at before now. However, you’re welcome to take a copy – it’s all open source – and adapt or expand it. Particular ways in which it’d be fun to improve it might include:

  • Allowing the player more control, e.g. over their accelerator and brakes
  • Adding hazards (trees, lamp posts, and others cars) which must be avoided
  • Adding bonuses like speed boosts
  • Making it challenging, e.g. giving time limits to get through checkpoints
  • Day and night cycles (with headlights!)
  • Multiplayer capability, like a real race?
  • Smarter handling of multiple simultaneous users: right now they’d share control of the car (which is the major reason I haven’t given you a live online version to play with and you have to download it yourself!), but it’d be better if they could “queue” until it was their turn, or else each play in their own split-screen view or something
  • Improving the graphics with textures
  • Increasing the entropy of the curves used to generate the road, and perhaps adding pre-scripted scenery or points of interest on a mathematically-different procedural generation algorithm
  • Switching to a local LAN websocket server, allowing better performance than the dog-leg via Firebase
  • Greater compatibility: I haven’t tried it on an iPhone, but I gather than iOS devices report their orientation differently from Android ones… and I’ve done nothing to try to make Steer! handle more-unusual screen sizes and shapes
  • Anything else? (Don’t expect me to have time to enhance it, though: but if you do so, I’d love to hear about it!)

Article posted at UTC on .

No comments