Text-based formats are useful because they afford version-control, and therefore allow changes to tracked and diffed, even when many are contributing.

When I'm thinking about responsibilities and collaborations within or among systems, I often find myself thinking in terms of some sort of directed graph. Often, it's a simple model of how data flows through the components of the system. Paper and whiteboards are often the most readily available sources, but when the diagram will evolve and be refined over weeks, I seek a more malleable format.

Continue reading...

A colleague asked me if I had a good reading list for API design, since that's part of my job these days. I did quite a bit of reading before I dug into doing design work, but never collected the best resources in one place. Until now! So, here are texts I've read that I would recommend familiarity with before setting out to design an HTTP API.

Continue reading...

This post is designed for those that have decided RSS is something to look into, but aren't sure where to start. I'll outline a couple of steps to get you started, some recommendations about various feed readers and who might find them useful, along with some usability tips.

Continue reading...

RSS is a simple, easy technology that allows you to stop opening 30 tabs in your browser to check the news sites you care about. RSS unclogs your inbox of all the newsletters you subscribe to. RSS puts you in control. RSS is simple, distributed, ubiquitous, and free. You should be using it. But what is it?

RSS is way for computers to read websites.

Consider: much of the web is designed only for humans to read. Layout, formatting, fonts, responsive design,'s all about designing web pages for one scenario: a reader visiting the site with a browser. It's all about the all-powerful User Experience. But in focusing so much on a user's experience on a single site, we've completely neglected the user experience of the web as whole. That's where RSS comes in.

Continue reading...

In 2011, Canonical made Unity the default desktop environment for its market-leading distro Ubuntu. Unity has been in development since 2009, but remains the least sophisticated desktop environment available for Linux, and not only fails to innovate in any meaningful way, but represents a regression in the quality of software on Linux with respect to stability and configurability. As a result of Canonical's insistence on using Unity (which was developed in-house at Canonical), entire Ubuntu spinoffs have been created with a goal of allowing users to easily avoid using Unity. Distros such as Kubuntu, Lubuntu, Xubuntu differ from Ubuntu only as much as necessary to provide a different default desktop experience from that provided by stock Ubuntu. Even the more distantly-related Linux Mint has taken it upon itself to move away from Unity, creating not one, but two alternative desktop environments, MATE and Cinnamon, based on Gnome 2 and Gnome 3, respectively. This has not deterred Canonical in it's mission to push Unity as the de facto desktop interface in an effort to unify the user interface for Linux across desktops, laptops, netbooks, tablets, and phones.

Continue reading...

Back in 2012, when I joined the startup scene in San Francisco, I was surprised to learn that so many took Klout seriously. They tracked their Klout rating over time, comparing it with others, and even had playful competitions to see who could increase their Klout score the most over a couple of months.

When I first learned of Klout shortly after it came out, I didn't think too much about it. It basically seemed like a one-number metric to determine your influence online. As the years have passed since Klout was launched, I see it more as an example of a how a deeply flawed model of the internet has been popularized.

Continue reading...

Back in February 2005, SHA-1 was broken. The core of what "broken" means in this context is described very well by Bruce Schneier in his post announcing the attack:

If you hashed 280 random messages, you'd find one pair that hashed to the same value. That's the "brute force" way of finding collisions, and it depends solely on the length of the hash value. "Breaking" the hash function means being able to find collisions faster than that. And that's what the Chinese did. They can find collisions in SHA-1 in 269 calculations, about 2,000 times faster than brute force.

This was a major concern to me. It turns out that it's best to avoid SHA-1 in a variety of contexts, including cryptographic keys. Nevertheless, a bunch of systems that rely on cryptographic security use SHA-1, including checksums for Git objects and OpenPGP key fingerprints.

Even prior to the 2005 attack, Schneier pointed out that "It's time for us all to migrate away from SHA-1." It was on this basis that I almost switched to using SHA224 in my latest software. Almost.

To understand why I stuck with SHA-1, let's take a look at how cryptographic hashes can be attacked.

Continue reading...

BusinessInsider posted an article a couple of days ago entitled GOOGLE'S DIRTY SECRET: Android Phones Are Basically Used As Dumbphones. I'll ignore the linkbait title and just address the content (though I won't be linking to the article). There is really one fact that forms the gist of the article. Here it is, in my words:

As much as 80% of the smartphone market is Android-based, but roughly 80% of the purchasing on smartphones is from iOS devices.

BusinessInsider simply says "It doesn't make any sense.", followed shortly with "What the heck is wrong with Android users?"

The piece goes on to compare the smartphone market with an island, 20% of which is occupied by Apple's "gleaming steel and glass tower", while the 80% Android controls is "undeveloped countryside".

The article concludes with this gem:

But in the short-run, it seems like the users on the majority of the island aren't interested in modern life.

Continue reading...

As 2012 draws to a close, I think its worth taking a look at retro gaming. Near the dawn of virtual reality and well into the teens for globally shared MMOs, it's popular to be playing and making "retro" games. What I've noticed, though, is that this is only true so long as the games aren't too retro.

Continue reading...

According to Wikipedia, Alan Kay introduced the desktop metaphor in 1970 when he was working at Xerox PARC. I think it has served us well because it has allowed novice computer users to approach computers in ways that were familiar to them using old tools: trash cans, file folders, filing cabinets, and pieces of paper. Programs themselves occupied the screen real estate in the same way a piece of paper occupied the space on a desk; programs appeared in windows that could be moved around and could overlap, just as their tree-based counterparts. Although we've all worked in offices that had all those things, I'd venture a guess that no one under 40 today has ever worked in an office without a computer. I assert that it's time to retire the desktop metaphor in modern computing.

Continue reading...