Web Development Reading List #180: DNS Over HTTPS, HAProxy Performance, And Decentralized AI

We all have fears and doubts. It’s not different for you than for me. Over the last weeks, “well-known” people on Twitter started to share mistakes they made in life or their careers. I think it’s very helpful to read that we all make mistakes.

We all have to learn and improve, and people who are on a stage at an event for the 100th time are still known to be extremely nervous. Let’s realign our views, our expectations and, instead of being afraid of making mistakes, try to improve our knowledge and let others learn from the things that didn’t go as expected.

Further Reading on SmashingMag: Link

• Why You Should Consider React Native For Your Mobile App¹
• How To Choose The Right Face For A Beautiful Body²
• Algorithm-Driven Design: How Artificial Intelligence Is Changing Design³
• Moving From Photoshop And Illustrator To Sketch: A Few Tips For UI Designers⁴

Concept & Design Link

• The Airbnb Design team published a new tool called react-sketchapp⁵. It’s a library that allows you to write React components that render to Sketch documents⁶, providing a super useful data exchange between developers and designers.

⁷

Tools & Workflows Link

• Caddy, an HTTP/2 server that has automatic HTTPS built in, was released in version 0.10¹⁰ and brings man-in-the-middle (MITM) attack detection and HTTP/2 Server Push.
• Kenneth Auchenberg published a new tool called “Remote Debug iOS WebKit Adapter¹¹.” It lets you debug Safari and other WebViews remotely¹² on iOS via Developer Tools in Chrome, Firefox, and even in Microsoft’s VS Code.
• secureoperator¹³ is a proxy for DNS that uses Google’s DNS over HTTPS¹⁴ technology. A nice experiment that brings security to a still weak bridge. And while technologies to add security to the DNS do already exist (DANE and DNSSEC, for example), they’re not as widespread and not free of weak points. However, using DNS via Google also means trusting a third party that could intercept the requests at any time. One thing is for certain, according to their privacy policy¹⁵, they do store logs with your IP address and other information.
• Due to its improvements over MySQL and independence from Oracle, MariaDB is getting lots of traction at the moment. However, there are certain differences in how MariaDB/MySQL and PostgreSQL handle data¹⁶. If you take a closer look, you’ll notice that running into weird miscalculations or errors is much more likely with MariaDB/MySQL while PostgreSQL will return a strict fail if a value doesn’t match a field type.

Security Link

• Clémentine Maurice and other researchers found a way to steal data from the CPU cache shared by two Virtual Machines¹⁷. This was demonstrated on Amazon Web Services but affects all Virtual Machine-based environments. Clear evidence that we still have little idea of how secure or insecure cloud environments actually are.

Privacy Link

• Amazon announced “Echo Look”, an improved Alexa device that does not only listen to a room’s activity but also has a camera¹⁸ to see what’s happening. The purpose? To give you a style check. And as you would expect from Amazon, they say they store the captured data for an indefinite amount of time in their cloud. I bet that a lot of people will buy this device despite of this, even those who claim to care about their privacy.

Web Performance Link

• Sachin Malhotra shares how they fine tuned HAProxy to achieve 2 million concurrent SSL connections¹⁹ at ‘Hike’.

HTML & SVG Link

• Stuart Frisby from Booking.com shares what they learned from using system fonts²⁰ and the improvements they made to a default stack which many of us are using.

²¹

JavaScript Link

• J. Renée Beach shares how to manage focus and blur in a composite widget made in React²⁴.

Going Beyond… Link

• Jonathan Taplin wrote an essay about the tech moguls dominating the free market today²⁵ and why it’s important that we as consumers are aware of the huge influence monopolies have not only on our lives but on politics, too.
• The outdoor clothing manufacturer Patagonia started to sell used clothing for little money²⁶. An unusual move for such a company as it undermines its traditional business model of selling new clothes.
• Iterating on their already existing, centralized AI technology, Google researchers shared their vision of federated machine learning²⁷. This basically means that every Google device will contribute to the training data by locally processing the information — a much more efficient and less costly approach for Google. The technology is already being tested on Android via Google’s software keyboard. Let’s see how this will work out when it comes to dealing with fake news, spam content or violence promotion in Google’s search results.
• Mastodon is a relatively new social microblogging network, aiming to replace Twitter. It uses a federated approach, which means everyone can create an instance that shares data with other instances. But it’s not as easy as one would initially think. By providing an instance, you suddenly become responsible for the content of other people, which can be a pretty nasty experience as this story shows²⁸.

And with that, I’ll close for this week. If you like what I write each week, please support me with a donation²⁹ or share this resource with other people. You can learn more about the costs of the project here³⁰. It’s available via email, RSS and online.

— Anselm

Footnotes Link

1. 1 https://www.smashingmagazine.com/2016/04/consider-react-native-mobile-app/
2. 2 https://www.smashingmagazine.com/2012/05/how-to-choose-the-right-face-for-a-beautiful-body/
3. 3 https://www.smashingmagazine.com/2017/01/algorithm-driven-design-how-artificial-intelligence-changing-design/
4. 4 https://www.smashingmagazine.com/2017/04/photoshop-illustrator-sketch-ui/
5. 5 https://github.com/airbnb/react-sketchapp
6. 6 http://airbnb.design/painting-with-code/
7. 7 https://github.com/airbnb/react-sketchapp
8. 8 https://github.com/airbnb/react-sketchapp
9. 9 https://github.com/airbnb/react-sketchapp
10. 10 https://caddyserver.com/blog/caddy-0_10-released
11. 11 https://github.com/RemoteDebug/remotedebug-ios-webkit-adapter
12. 12 https://medium.com/@auchenberg/hello-remotedebug-ios-webkit-adapter-debug-safari-and-ios-webviews-from-anywhere-2a8553df7465
13. 13 https://github.com/fardog/secureoperator
14. 14 https://developers.google.com/speed/public-dns/docs/dns-over-https
15. 15 https://developers.google.com/speed/public-dns/privacy
16. 16 http://www.cybertec.at/why-favor-postgresql-over-mariadb-mysql/
17. 17 https://www.theregister.co.uk/2017/03/31/researchers_steal_data_from_shared_cache_of_two_cloud_vms/
18. 18 https://motherboard.vice.com/en_us/article/amazon-echo-look-bedroom-camera
19. 19 https://medium.freecodecamp.com/how-we-fine-tuned-haproxy-to-achieve-2-000-000-concurrent-ssl-connections-d017e61a4d27
20. 20 https://booking.design/implementing-system-fonts-on-booking-com-a-lesson-learned-bdc984df627f
21. 21 https://booking.design/implementing-system-fonts-on-booking-com-a-lesson-learned-bdc984df627f
22. 22 https://booking.design/implementing-system-fonts-on-booking-com-a-lesson-learned-bdc984df627f
23. 23 https://booking.design/implementing-system-fonts-on-booking-com-a-lesson-learned-bdc984df627f
24. 24 https://medium.com/@jessebeach/dealing-with-focus-and-blur-in-a-composite-widget-in-react-90d3c3b49a9b
25. 25 https://www.nytimes.com/2017/04/22/opinion/sunday/is-it-time-to-break-up-google.html?_r=0
26. 26 https://python.sh/2017/4/patagonia-begins-selling-used-clothing
27. 27 https://research.googleblog.com/2017/04/federated-learning-collaborative.html
28. 28 https://cherubini.casa/why-i-shut-down-wizards-town-and-left-mastodon-6d4e631346b3
29. 29 https://wdrl.info/donate
30. 30 https://wdrl.info/costs/

↑ Back to topTweet itShare on Facebook