Web Development Reading List #180: DNS Over HTTPS, HAProxy Performance, And Decentralized AI
We all have fears and doubts. It’s not different for you than for me. Over the last weeks, “well-known” people on Twitter started to share mistakes they made in life or their careers. I think it’s very helpful to read that we all make mistakes.
We all have to learn and improve, and people who are on a stage at an event for the 100th time are still known to be extremely nervous. Let’s realign our views, our expectations and, instead of being afraid of making mistakes, try to improve our knowledge and let others learn from the things that didn’t go as expected.
Concept & Design
- The Airbnb Design team published a new tool called react-sketchapp. It’s a library that allows you to write React components that render to Sketch documents, providing a super useful data exchange between developers and designers.
Tools & Workflows
- Caddy, an HTTP/2 server that has automatic HTTPS built in, was released in version 0.10 and brings man-in-the-middle (MITM) attack detection and HTTP/2 Server Push.
- Kenneth Auchenberg published a new tool called “Remote Debug iOS WebKit Adapter.” It lets you debug Safari and other WebViews remotely on iOS via Developer Tools in Chrome, Firefox, and even in Microsoft’s VS Code.
- secureoperator is a proxy for DNS that uses Google’s DNS over HTTPS technology. A nice experiment that brings security to a still weak bridge. And while technologies to add security to the DNS do already exist (DANE and DNSSEC, for example), they’re not as widespread and not free of weak points. However, using DNS via Google also means trusting a third party that could intercept the requests at any time. One thing is for certain, according to their privacy policy, they do store logs with your IP address and other information.
- Due to its improvements over MySQL and independence from Oracle, MariaDB is getting lots of traction at the moment. However, there are certain differences in how MariaDB/MySQL and PostgreSQL handle data. If you take a closer look, you’ll notice that running into weird miscalculations or errors is much more likely with MariaDB/MySQL while PostgreSQL will return a strict fail if a value doesn’t match a field type.
Security
- Clémentine Maurice and other researchers found a way to steal data from the CPU cache shared by two Virtual Machines. This was demonstrated on Amazon Web Services but affects all Virtual Machine-based environments. Clear evidence that we still have little idea of how secure or insecure cloud environments actually are.
Privacy
- Amazon announced “Echo Look”, an improved Alexa device that does not only listen to a room’s activity but also has a camera to see what’s happening. The purpose? To give you a style check. And as you would expect from Amazon, they say they store the captured data for an indefinite amount of time in their cloud. I bet that a lot of people will buy this device despite of this, even those who claim to care about their privacy.
Web Performance
- Sachin Malhotra shares how they fine tuned HAProxy to achieve 2 million concurrent SSL connections at ‘Hike’.
HTML & SVG
- Stuart Frisby from Booking.com shares what they learned from using system fonts and the improvements they made to a default stack which many of us are using.
JavaScript
- J. Renée Beach shares how to manage focus and blur in a composite widget made in React.
Going Beyond…
- Jonathan Taplin wrote an essay about the tech moguls dominating the free market today and why it’s important that we as consumers are aware of the huge influence monopolies have not only on our lives but on politics, too.
- The outdoor clothing manufacturer Patagonia started to sell used clothing for little money. An unusual move for such a company as it undermines its traditional business model of selling new clothes.
- Iterating on their already existing, centralized AI technology, Google researchers shared their vision of federated machine learning. This basically means that every Google device will contribute to the training data by locally processing the information — a much more efficient and less costly approach for Google. The technology is already being tested on Android via Google’s software keyboard. Let’s see how this will work out when it comes to dealing with fake news, spam content or violence promotion in Google’s search results.
- Mastodon is a relatively new social microblogging network, aiming to replace Twitter. It uses a federated approach, which means everyone can create an instance that shares data with other instances. But it’s not as easy as one would initially think. By providing an instance, you suddenly become responsible for the content of other people, which can be a pretty nasty experience as this story shows.
And with that, I’ll close for this week. If you like what I write each week, please support me with a donation or share this resource with other people. You can learn more about the costs of the project here. It’s available via email, RSS and online.
— Anselm
Further Reading
- Why You Should Consider React Native For Your Mobile App
- How To Choose The Right Face For A Beautiful Body
- Algorithm-Driven Design: How Artificial Intelligence Is Changing Design
- Moving From Photoshop And Illustrator To Sketch: A Few Tips For UI Designers