Since joining the hiring team at Automattic in the fall of 2019, I’ve noticed different patterns and preferences on text-based interviews. Some of these are also general interviewing tips.
Send shorter messages
Avoid Threads if possible
Show your thought process
Don’t bother name dropping
Tell the story
It’s not that different
Fellow Automattician Jerry Jones, whose work on accessibility was very useful in spearheading some research by my team, earlier this year, has written a great post about interviewing at Automattic or, indeed, any company that’s opted for text-based interviews. My favourite hosting company uses these too, and I’ve written about my experience of interviewing at Automattic, but Jerry’s post – which goes into much more detail than just the six highlight points above, is well worth a look if you ever expect to be on either side of a text-based interview.
Max has produced a list of “naughty strings”: things you might try injecting into your systems along with any fuzz testing you’re doing to check for common errors in escaping, processing, casting, interpreting, parsing, etc. The copy above is heavily truncated: the list is long!
It’s got a lot of the things in it that you’d expect to find: reserved keywords and filenames, unusual or invalid unicode codepoints, tests for the Scunthorpe Problem, and so on. But perhaps my favourite entry is this one, a test for “human injection”:
# Human injection
# Strings which may cause human to reinterpret worldview
If you're reading this, you've been in a coma for almost 20 years now. We're trying a new technique. We don't know where this message will end up in your dream, but we hope it works. Please wake up, we miss you.
This is a basic Python shell (really, it’s a fancy wrapper over the system shell) that takes a task and asks OpenAI for what Linux bash command to run based on your description. For safety reasons, you can look at the command and cancel before actually running it.
Of all the stupid uses of OpenAI’s GPT-3, this might be the most-amusing. It’s really interesting to see how close – sometimes spot-on – the algorithm comes to writing the right command when you “say what you mean”. Also, how terribly, terribly ill-advised it would be to actually use this for real.
Wix, the website builder company you may remember from stealing WordPress code and lying about it, has now decided the best way to gain relevance is attacking the open source WordPress community in a bizarre set of ads. They can’t even come up with original concepts for attack ads, and have tried to rip-off of Apple’s Mac vs PC ads, but tastelessly personify the WordPress community as an absent, drunken father in a therapy session.
I have a lot of empathy for whoever was forced to work on these ads, including the actors, it must have felt bad working on something that’s like Encyclopedia Britannica attacking Wikipedia. WordPress is a global movement of hundreds of thousands of volunteers and community members, coming together to make the web a better place. The code, and everything you put into it, belongs to you, and its open source license ensures that you’re in complete control, now and forever. WordPress is free, and also gives you freedom.
For those that haven’t been following the relevant bits of tech social media this last week, here’s the insanity you’ve missed:
Wix’s Twitter and YouTube responses suddenly swing from their usual “why is your customer service so slow to respond to me?” level of negative to outright hostile. LOL.
I don’t normally watch videos of other people playing video games. I’m even less inclined to watch “walkthroughs”.
This, though, isn’t a walkthrough. It’s basically the opposite of a walkthrough: this is somebody (slowly, painstakingly) playing through Skyrim: Special Edition without using any of the movement controls (WASD/left stick) whatsoever. Wait, what? How is such a thing possible?
That’s what makes the video so compelling. The creator used so many bizarre quirks and exploits to even make this crazy stupid idea work at all. Like (among many, many more):
Dragging a bucket towards yourself to “push” yourself backwards (although not upstairs unless you do some very careful pushing “under” your feet).
Doing an unarmed heavy attack to “stumble” forward a little at a time, avoiding the stamina loss by eating vegetable soup or by cancelling the attack (e.g. by switching quickselected arrows), which apparently works better if you’re overencumbered.
Mid-stumble, consuming a reagent that paralyses yourself to glitch through thin doors. Exploit a bug in dropping gear for your companion near an area-change doorway to get all of the reagent you’ll ever need.
Rush-grinding your way to the Whirlwind Sprint shout and Vampire Lord “Bats” ability so you’ve got a way to move forward quickly, then pairing them with paralysis to catapult yourself across the map.
When things get desperate, exploiting the fact that you can glitch-teleport yourself places by commanding your companion to go somewhere, quicksaving before they get there, then quickloading to appear there yourself.
This video’s just beautiful: the cumulation of what must be hundreds or thousands of person-hours of probing the “edges” of Skyrim‘s engine to discover all of the potentially exploitable bugs that make it possible.
Dr. Doe’s latest Sexplanations vlog is on polyamorous language, and despite being – or, perhaps, because I’m – a bit of a long-toothed polyamorist these days, fully a quarter or more of the terms she introduced were new to me! Fascinating!
While I was traipsing off around the countryside to commemorate the anniversary of the death of my dad, one of his former colleagues uploaded to YouTube a video that he originally produced for the UK Bus Awards Presentation Ceremony 2012.
As his son, it felt a little weird for me to be marking the occasion on what: the ninth anniversary of his death? It’s not even a nice round number. But clearly I’m not the only one whose mind drifted to my father on 19 February.
Fun fact: this photo – extracted from the video – was originally taken by me:
Maybe I should be asking for royalties! Or at least, using the video as an excuse to springboard my career as a professional photographer.
A slightly tongue-in-cheek (see the “serial monogamy” chain and some of the subtitles!) but moderately-complete diagram of popular varieties of relationship structure. Obviously there’s gaps – relationships are as diverse as their participants – and lots of room for refinement, but the joy of an infographic is making visible the breadth of a field, not in providing encyclopaedic comprehension of that field. I especially like the attention to detail in “connecting” often-related concepts.
The basilisk collection (also known as the basilisk file or basilisk.txt) is a collection of over 125 million partial hash inversions of the SHA-256cryptographic hash function. Assuming state-of-the art methods were used to compute the inversions, the entries in the collection collectively represent a proof-of-work far exceeding the computational capacity of the human race. The collection was released in parts through BitTorrent beginning in June 2018, although it was not widely reported or discussed until early 2019. On August 4th, 2019 the complete collection of 125,552,089 known hash inversions was compiled and published by CryTor, the cybersecurity lab of the University of Toronto.
The existence of the basilisk collection has had wide reaching consequences in the field of cryptography, and has been blamed for catalyzing the January 2019 Bitcoin crash.
Presented in the style of an alternate-reality Wikipedia article, this piece of what the author calls “unfiction” describes the narratively believable-but-spooky (if theoretically unlikely from a technical standpoint) 2018 disclosure of evidence for a new presumed mathematical weakness in the SHA-2 hash function set. (And if that doesn’t sound like a good premise for a story to you, I don’t know what’s wrong with you! 😂)
Cryptographic weaknesses that make feasible attacks on hashing algorithms are a demonstrably real thing. But even with the benefit of the known vulnerabilities in SHA-2 (meet-in-the-middle attacks that involve up-to-halving the search space by solving from “both ends”, plus deterministic weaknesses that make it easier to find two inputs that produce the same hash so long as you choose the inputs carefully) the “article” correctly states that to produce a long list of hash inversions of the kinds described, that follow a predictable sequence, might be expected to require more computer processing power than humans have ever applied to any problem, ever.
As a piece of alternate history science fiction, this piece not only provides a technically-accurate explanation of its premises… it also does a good job of speculating what the impact on the world would have been of such an event. But my single favourite part of the piece is that it includes what superficially look like genuine examples of what a hypothetical basilisk.txt would contain. To do this, the author wrote a brute force hash finder and ran it for over a year. That’s some serious dedication. For those that were fooled by this seemingly-convincing evidence of the realism of the piece, here’s the actual results of the hash alongside the claimed ones (let this be a reminder to you that it’s not sufficient to skim-read your hash comparisons, people!):
Coca-Cola is to test a paper bottle as part of a longer-term bid to eliminate plastic from its packaging entirely.
The prototype is made by a Danish company from an extra-strong paper shell that still contains a thin plastic liner.
But the goal is to create a 100% recyclable, plastic-free bottle capable of preventing gas escaping from carbonated drinks.
The barrier must also ensure no fibres flake off into the liquid.
If only somebody could invent a bottle suitable for containing Coca-Cola but 100% recyclable, plastic-free, and food safe.
Oh wait… for the vast majority of its history, all Coca-Cola bottles have met this description!The original Coke bottles, back in 1899, were made of glass with a metal top. Glass is infinitely-recyclable (it’s also suitable for pressure-washing and reusing, saving even more energy, as those who receive doorstep milk deliveries already know) and we already have a recycling infrastructure for it in place. Even where new glass needs to be made from scratch, its raw ingredient is silica, one of the most abundant natural resources on the planet!
Bottle caps can be made of steel or aluminium and can be made in screw-off varieties in case you don’t have a bottle opener handy. Both steel and aluminium are highly-recyclable, and again with infrastructure already widespread. Many modern “metal” caps contain a plastic liner to ensure a good airtight fit (especially if it’s a screw cap, which are otherwise less-tight), but there are environmentally-friendly alternatives: bioplastics or cork, for example.
The worst things about glass are its fragility – which is a small price to pay – and its weight (making distribution more expensive and potentially more-polluting). But that latter can easily be overcome by distributing bottling: a network of bottling plants around the country (each bottling a variety of products, and probably locally-connected to reclamation and recycling schemes) would allow fluids to be transported in bulk – potentially even in concentrate form, further improving transport efficiency… and that’s if it isn’t just more ecologically-sound to produce Coke more-locally rather than transporting it over vast distances: it’s not like the recipe is particularly complicated.
In short: this is the stupidest environmental initiative I’ve seen yet this year.
This is cool. Twist the outside dial to transpose the tonal centre of your key. Twist the inner dial to shift the mode of the scale. Turn on- or off- individual tones to shift into more-exotic modes. Use triangles to illustrate the triads of your major, minor, and sustained chords, or add the sixth or seventh with the help of a trapezoid.
The amateur music theorist in me continually struggles to visualise what and why a key is what it is. This kind of thing helps. Plus, what a cool software toy!
This folktale comes from The Big Book of Myths of Shropshire by Sir Colin Ogden. In 1701, a big cat died of “collick”, contracted from a dead fish.
This folktale is spoken of in North Yorkshire. In 1520, a witch named Nana Clayton received a bejewelled stool, said to have the power to see right from wrong, from a virgin in the inn, The Five Horses.
I might start using this widget to generate random background detail for fantasy roleplaying games.
I’ve been changing my relationship to being online.
Some of it is keeping in touch with friends who are fascinated by the same sorts of hybrid creations I am. Friends who build things. Friends in different professional communities. Paying attention when they mention some new discovery or avenue of interest.
Some of it is using an RSS reader to change the cadence and depth of my consumption—pulling away from the quick-hit likes of social media in favor of a space where I can run my thoughts to their logical conclusion (and then sit on them long enough to consider whether or not they’re true).
I wish I could get more people to see the value in the “slow Web”. The participatory Web. The creative Web. The personalised Web.
When you use an app to browse a “stream” in most social media, you’re seeing a list of posts curated to keep you watching, keep you seeing adverts, keep you on the app so that as much personal data as possible can be leeched from your behaviour. If it feels satisfying and especially if it feels addictive, the social network has done its job, but don’t be fooled: its job is not to improve social connections – it’s job is to keep you from doing anything else.
You don’t have to use the Web this way. You can subscribe to the content creators and topics that actually interest you. You can get that content on basically any device or medium you like, or across a mixture: want notifications by email? Slack? IRC? Discord? In a browser? In an app? As-it-happens or digests? You can filter for what interests you most at any given moment, save content for later, and resharing is supported thanks to an old-school invention called a “URL“. And you’ll see fewer ads and experience less misuse of your behavioural data.
Sure, there’s a learning curve. But it’s worth it. I wish I could get more people to see that.