Web Development Reading List #180: DNS Over HTTPS, HAProxy Performance, And Decentralized AI

About The Author

Anselm is a freelance front-end developer who cares about sustainable front-end experiences and ethical choices in life. He writes the WDRL, and is co-founder … More about Anselm ↬

Email Newsletter

Weekly tips on front-end & UX.
Trusted by 200,000+ folks.

What’s going on in the industry? What new techniques have emerged recently? What insights, tools, tips and tricks is the web design community talking about? Anselm Hannemann is collecting everything that popped up over the last week in his web development reading list so that you don’t miss out on anything. The result is a carefully curated list of articles and resources that are worth taking a closer look at.

We all have fears and doubts. It’s not different for you than for me. Over the last weeks, “well-known” people on Twitter started to share mistakes they made in life or their careers. I think it’s very helpful to read that we all make mistakes.

We all have to learn and improve, and people who are on a stage at an event for the 100th time are still known to be extremely nervous. Let’s realign our views, our expectations and, instead of being afraid of making mistakes, try to improve our knowledge and let others learn from the things that didn’t go as expected.

Concept & Design

React-Sketchapp
Using React to write Sketch files? React-sketchapp makes it possible. (Image credit)

Tools & Workflows

  • Caddy, an HTTP/2 server that has automatic HTTPS built in, was released in version 0.10 and brings man-in-the-middle (MITM) attack detection and HTTP/2 Server Push.
  • Kenneth Auchenberg published a new tool called “Remote Debug iOS WebKit Adapter.” It lets you debug Safari and other WebViews remotely on iOS via Developer Tools in Chrome, Firefox, and even in Microsoft’s VS Code.
  • secureoperator is a proxy for DNS that uses Google’s DNS over HTTPS technology. A nice experiment that brings security to a still weak bridge. And while technologies to add security to the DNS do already exist (DANE and DNSSEC, for example), they’re not as widespread and not free of weak points. However, using DNS via Google also means trusting a third party that could intercept the requests at any time. One thing is for certain, according to their privacy policy, they do store logs with your IP address and other information.
  • Due to its improvements over MySQL and independence from Oracle, MariaDB is getting lots of traction at the moment. However, there are certain differences in how MariaDB/MySQL and PostgreSQL handle data. If you take a closer look, you’ll notice that running into weird miscalculations or errors is much more likely with MariaDB/MySQL while PostgreSQL will return a strict fail if a value doesn’t match a field type.

Security

  • Clémentine Maurice and other researchers found a way to steal data from the CPU cache shared by two Virtual Machines. This was demonstrated on Amazon Web Services but affects all Virtual Machine-based environments. Clear evidence that we still have little idea of how secure or insecure cloud environments actually are.

Privacy

  • Amazon announced “Echo Look”, an improved Alexa device that does not only listen to a room’s activity but also has a camera to see what’s happening. The purpose? To give you a style check. And as you would expect from Amazon, they say they store the captured data for an indefinite amount of time in their cloud. I bet that a lot of people will buy this device despite of this, even those who claim to care about their privacy.

Web Performance

HTML & SVG

Booking.com font choices
Booking.com provides valuable insights into how they reconsidered their long-established font choices to improve readability. (Image credit: Cătălin Bridinel)

JavaScript

Going Beyond…

  • Jonathan Taplin wrote an essay about the tech moguls dominating the free market today and why it’s important that we as consumers are aware of the huge influence monopolies have not only on our lives but on politics, too.
  • The outdoor clothing manufacturer Patagonia started to sell used clothing for little money. An unusual move for such a company as it undermines its traditional business model of selling new clothes.
  • Iterating on their already existing, centralized AI technology, Google researchers shared their vision of federated machine learning. This basically means that every Google device will contribute to the training data by locally processing the information — a much more efficient and less costly approach for Google. The technology is already being tested on Android via Google’s software keyboard. Let’s see how this will work out when it comes to dealing with fake news, spam content or violence promotion in Google’s search results.
  • Mastodon is a relatively new social microblogging network, aiming to replace Twitter. It uses a federated approach, which means everyone can create an instance that shares data with other instances. But it’s not as easy as one would initially think. By providing an instance, you suddenly become responsible for the content of other people, which can be a pretty nasty experience as this story shows.

And with that, I’ll close for this week. If you like what I write each week, please support me with a donation or share this resource with other people. You can learn more about the costs of the project here. It’s available via email, RSS and online.

— Anselm

Further Reading

Smashing Editorial (mrn)