a blog by Sara Farquharson

what I'm reading: holiday special

What better time than holidays with the family to hide in your room writing blog posts? I got my work-provided login to O’Reilly’s online learning portal to work on my iPad without SSO, so now I have a lot more technical books available to me when I travel!


  • Woman of Influence: 9 Steps to Build Your Brand, Establish Your Legacy, and Thrive by Jo Miller - This was neither as cloying as I feared nor as practical as I’d hoped, but I still may recommend it to our new women’s resource group. I liked how Miller is pragmatic about what is (and is not) within your control your career, however I found the exercises in each chapter a little vague.
  • Moonwalking With Einstein by Joshua Foer (audiobook) - a biographical yarn about a pack of assholes (otherwise known as 25-year-old white men) that incidentally tells you how to memorize the order of a deck of playing cards. CW casual use of transphobic slurs. Do not recommend.
  • The Raven Tower by Ann Leckie - Read this earlier this year and adored it, so picked up a copy for myself as part of my Christmas shopping. Realised that I do not actually care at all about Mawat’s story, so I mostly skipped that and instead read the bits where the Strength and Patience of the Hill describes its own experiences. I read those parts twice.
  • Agile Application Security: Enabling Security in a Continuous Delivery Pipeline by Laura Bell, Jim Bird, Rich Smith, and Michael Brunton-Spall - Turns out I read this back in July? But logging into O’Reilly again I’m skimming everything on my lists and clearly I had forgotten huge chunks of this. I think I understand both CI/CD and security better than I did the first time I went through it. Look forward to bringing some of this into my work in the new year
  • Systems Performance: Enterprise and the Cloud by Brendan Gregg - Only a few chapters in but this is already very helpful to me! I wish I’d known about this book a year or two ago when I wanted to performance test something but didn’t know where to start. I’m planning to read Gregg’s new BPF book but wanted to read this one for background first.


  • A piece from Catalyst about actions men can take to create an inclusive workplace is getting added to the resource list for one of my current projects.
  • I liked this post from Emily Nakashima about “sunset testing”, aka how to remind yourself to remove that gross temporary hack from your code.
  • Victoria Tran of Kitfox Games wrote a great introvert’s guide to networking from the perspective of going to tech/gaming events for professional purposes.
  • Nicky Wrightson has a fascinating post about what a principal engineer is and how to find such roles
  • Stephanie Morillo has some good advice on content marketing for developers, if what you’re trying to do is build a brand as a developer advocate. I’m still not certain that’s where I’m trying to go, but I do prefer to communicate effectively.
  • Vallery Lancey briefly outlines an interesting scenario which can cause autoscaling groups to cascade out of control and a couple high-level concepts for how to prevent this. I might want to diagram this to understand it better?
  • Still looking for an opportunity to use Laura Klein’s framework for making better product decisions It seems deceptively simple, but I’m going to have to read this a few more times to see how to fit it into our slightly-different-than-described product cycle.
  • Julia Evans explains how tracking pixels work with her characteristic clarity and enthusiasm!
  • Chelsea Troy has some interesting opinions about how to review pull requests which indicate a vastly different code review dynamic than I have ever experienced, but one that intrigued me. After reading the linked post about how to include context in pull requests I am frankly dying to try to incorporate this type of collaboration in my workplace.
  • A Slack group I’m in shared Anisha Sekar’s Startup Equity Basics as a list of things to ask about stock options before accepting an offer—absolutely none of which I knew when I accepted an offer at a startup, so I lucked out by getting any benefit at all.
  • Chelsea Troy (again) has a rubric for evaluating team members on contributing to an inclusive culture, with some invaluable ideas on how to be more scientific about “is this human decent to work with”.
  • This Signal blog post on secure value recovery takes a walk through cloud storage, techniques to prevent brute-forcing of cryptographic keys, and secure enclaves, before circling around to one of my favourite topics: distributed consensus. Joshua Lund then describes how they implemented the Raft protocol in Rust. Honestly I only understood about half of this but I look forward to coming back to it in a few months.

And a few more things since I started this post last night

Trying to dig through all the unread links in my reading list during any holiday downtime: