what i'm reading: September 6

Oh no friends, I found a huge cache of unread links in my inbox. On average I spend four to eight hours putting together these posts, much of it reading articles that I’ve collected throughout the week. Time to be ruthless about what I consider interesting enough to give my attention to!

Hoping to resume streaming code on Twitch soon. Sundays seems like a likely time slot, so long as I can reign in my article reading to something manageable.

Books

• Instead of reading tech stuff I read four historical romances by Jeannie Lin last Tuesday. I often have trouble with romances outside of Regencies, which I imprinted on as a teen, but one of my favourite historical romance authors Courtney Milan was promoting Lin’s Lotus Palace mysteries, a wuxia-inspired series set in Tang-dynasty China. It has all the delicious clothing details and elaborate etiquette rituals I want in a lighthearted read, and murder mysteries to boot. Sometimes a little thin, but fun!

Papers?

• Bringing the Web Up to Speed with WebAssembly is an introduction to Wasm that is maybe not quite a technical paper, but definitely not easy reading either. I’m glad I got through it, because I keep hearing about WebAssembly and wanting to know more about it, but I didn’t understand pretty much anything in section 3, and now I need a nap.

Articles

• Jessie Frazelle’s column on the history of storage media contained a lot of factoids I didn’t know, including the existence of hand-woven rope memory in space?!

Performance engineering

• Nikhil Thomas had a great blog post about how high performance coding often conflicts with other coding best practices. Still thinking about his disparagement of “functional-lite” JS, since I have been trying to learn this functional-ish JS style despite my intuition that it’s inefficient.

• Malte Skarupke’s extremely performance-wonky post about how mix-max heaps beat binary heaps on modern hardware contained an refreshingly clear explanation of what a heap even is and how different types are implemented, along with a proof of his titular assertion.

Career moves

• Jen Hamilton provides an excellent starter list of questions for candidates to ask in interviews along with guidance for creating your own list.

• An interesting thought experiment by Aaron Randall and Amy Phillips about how to build the perfect tech team which starts by making really, really sure that you need to hire people at all.

• Daniel Miessler’s post on how to initiate contact with a mentor has some interesting and useful tips, though the final example of “offer an improvement to something they’ve made” has a catastrophic failure mode of “badly explain an expert’s work back to them”, and I would tend to avoid that.

System architecture

• Matt Klein’s introduction to modern network load balancing and proxying is absolute magic, and now I maybe have an inkling of what “service mesh” means. Interested to know what new developments have happened since 2017.

• Paulo Merson’s principles for microservice design provides an acronym (IDEALS) to remember architecture principles for microservices, and helpfully includes examples too.

Tools for developers

• Katie Sylor-Miller wrote a piece about Bullet Journalling for software engineers which is very close to my own experience with BuJo. I will fall off it for weeks or months at a time, but find it easier to pick back up again than any other organizational system. When I’m on top of my BuJo I get so much more done!

• Monica Powell has a quick explanation of how to add sparkle typing effects to VS Code using the Power Mode extension, which I had been craving but hadn’t taken the time to look up how to add custom animations. Now my code is 90% sparklier!

Short technical dives

• This intro to resuming TLS sessions by Dann McCreary gives a clear explanation of the different session persistence mechanisms in TLS 1.2 with an eye specifically on IoT implementations.

• Alison Quaglia reveals some odd details about variable hoisting in Javascript and the Temporal Dead Zone. Features many references to You Don’t Know JS, which I should really finish reading one of these days.

• I still don’t know what Glauber Costa’s article on C++ vs Rust async bugs has to do with thread-per-core, but I learned a little bit more about working with the Rust borrow checker.

• The Trail of Bits post about checking if a mutex is locked in Go I don’t think spends enough time emphasizing that this solution is only good for test assertions, not live code, but it is a potentially handy and concise trick.

Leading engineers

• Andreas Klinger has a compelling post about managing code to improve your codebase.

• I hesitated on including Sean J. Taylor’s piece on designing and evaluating metrics because I found it a little dense and the Simpsons gifs off-putting, but I think there’s valuable ideas here on properties of metrics worth evaluating before you try to use them to measure your organization.

• Mario Fernandez has practical advice about how and why to implement a “dev huddle” meeting with your team that is making me think about my current meetings.

• Ross Pettit’s post on legacy modernization points out that the biggest hurdle of migrating legacy software is identifying a good enough value proposition to even start.

Security

• The other day I did a short tech talk about GraphQL (which was terrible but I’ll talk about that another time), and one of the questions was how authorization is handled. I didn’t have a ready answer but it seems to be…up to whoever’s writing the server? Dominic Couture’s post about how to enumerate paths to validate authorization logic indicates that this is a running security concern with GraphQL implementations.

• I pretty much never feel like watching talks, so I’m definitely missing context by reading the slides from Stefan Edwards and Bobby Tonic’s presentation on vulnerabilities in Go but I still learned some tips! Mostly that I don’t understand anything about defer.