what I'm reading: holiday special

What better time than holidays with the family to hide in your room writing blog posts? I got my work-provided login to O’Reilly’s online learning portal to work on my iPad without SSO, so now I have a lot more technical books available to me when I travel!

Books

• Woman of Influence: 9 Steps to Build Your Brand, Establish Your Legacy, and Thrive by Jo Miller - This was neither as cloying as I feared nor as practical as I’d hoped, but I still may recommend it to our new women’s resource group. I liked how Miller is pragmatic about what is (and is not) within your control your career, however I found the exercises in each chapter a little vague.
• Moonwalking With Einstein by Joshua Foer (audiobook) - a biographical yarn about a pack of assholes (otherwise known as 25-year-old white men) that incidentally tells you how to memorize the order of a deck of playing cards. CW casual use of transphobic slurs. Do not recommend.
• The Raven Tower by Ann Leckie - Read this earlier this year and adored it, so picked up a copy for myself as part of my Christmas shopping. Realised that I do not actually care at all about Mawat’s story, so I mostly skipped that and instead read the bits where the Strength and Patience of the Hill describes its own experiences. I read those parts twice.
• Agile Application Security: Enabling Security in a Continuous Delivery Pipeline by Laura Bell, Jim Bird, Rich Smith, and Michael Brunton-Spall - Turns out I read this back in July? But logging into O’Reilly again I’m skimming everything on my lists and clearly I had forgotten huge chunks of this. I think I understand both CI/CD and security better than I did the first time I went through it. Look forward to bringing some of this into my work in the new year
• Systems Performance: Enterprise and the Cloud by Brendan Gregg - Only a few chapters in but this is already very helpful to me! I wish I’d known about this book a year or two ago when I wanted to performance test something but didn’t know where to start. I’m planning to read Gregg’s new BPF book but wanted to read this one for background first.

Articles

• A piece from Catalyst about actions men can take to create an inclusive workplace is getting added to the resource list for one of my current projects.
• I liked this post from Emily Nakashima about “sunset testing”, aka how to remind yourself to remove that gross temporary hack from your code.
• Victoria Tran of Kitfox Games wrote a great introvert’s guide to networking from the perspective of going to tech/gaming events for professional purposes.
• Nicky Wrightson has a fascinating post about what a principal engineer is and how to find such roles
• Stephanie Morillo has some good advice on content marketing for developers, if what you’re trying to do is build a brand as a developer advocate. I’m still not certain that’s where I’m trying to go, but I do prefer to communicate effectively.
• Vallery Lancey briefly outlines an interesting scenario which can cause autoscaling groups to cascade out of control and a couple high-level concepts for how to prevent this. I might want to diagram this to understand it better?
• Still looking for an opportunity to use Laura Klein’s framework for making better product decisions It seems deceptively simple, but I’m going to have to read this a few more times to see how to fit it into our slightly-different-than-described product cycle.
• Julia Evans explains how tracking pixels work with her characteristic clarity and enthusiasm!
• Chelsea Troy has some interesting opinions about how to review pull requests which indicate a vastly different code review dynamic than I have ever experienced, but one that intrigued me. After reading the linked post about how to include context in pull requests I am frankly dying to try to incorporate this type of collaboration in my workplace.
• A Slack group I’m in shared Anisha Sekar’s Startup Equity Basics as a list of things to ask about stock options before accepting an offer—absolutely none of which I knew when I accepted an offer at a startup, so I lucked out by getting any benefit at all.
• Chelsea Troy (again) has a rubric for evaluating team members on contributing to an inclusive culture, with some invaluable ideas on how to be more scientific about “is this human decent to work with”.
• This Signal blog post on secure value recovery takes a walk through cloud storage, techniques to prevent brute-forcing of cryptographic keys, and secure enclaves, before circling around to one of my favourite topics: distributed consensus. Joshua Lund then describes how they implemented the Raft protocol in Rust. Honestly I only understood about half of this but I look forward to coming back to it in a few months.

And a few more things since I started this post last night

Trying to dig through all the unread links in my reading list during any holiday downtime:

• I can’t remember where I saw the recommendation that all developers should read Richard I. Cook’s short paper How Complex Systems Fail but I concur.
• Thinking about the meaning of “beautiful code” after reading this small qualitative study about the role of aesthetics in code.
• The latest issue of ACM Queue has a piece by Pat Helland on the tradeoffs between read and write speeds in database architectures which sounded interesting, but no matter how many times I read the section on log-structured merge trees I still don’t grok how LSM merges work. Hoping the Database Internals book I have on my reading list will help me out.
• The Benefits of Mentorshop for Developers by Jay Phelps has some interesting tips on mentorship from a different perspective than the general, non-tech-focused mentorship advice I’ve seen elsewhere.
• Darius Kazemi, continuing to make me feel like a slacker who will never accomplish anything, spent 2019 reading and blogging about the first 365 RFCs ever written by ARPANET engineers, a project I just heard about today, when he completed it.
• Cindy Sridharan posted a cool framework for diagramming hyped tech trends that I now want to borrow for everything.
• I still haven’t learned enough about GraphQL to work with it, but this article on GraphQL batching attacks makes me want to read the whole series on security concerns for this API architecture.
• Ian Wilkes wrote a piece for the Honeycomb.io blog about how they sped up large queries without breaking the bank through a combination of AWS Lambda, efficient compression algorithms, and better garbage collection.