#261 — April 8, 2020

Read on the Web

This issue is curiously story heavy, but you're up for that, right? Whether it's recovering money from encrypted zip files, slipping into Slack's network, or why Unix packages have the names they have, we've got something for you this week 😄

StatusCode Weekly
Covering the week's news in software development, ops, platforms, and tooling.

Winddown: A VS Code Extension That Encourages You to Take a Break — After 25 minutes of use, this extension slowly fades out your syntax highlight colors, making things just annoying enough to encourage you to take a quick break.

schneefux

WhyTheName: Why is That Unix Package Called That? — I love both etymology and computing history, so this is good fun. Why is apt called apt? Why is Hadoop called Hadoop? Lots of neat explanations here.

Debian Wiki

Top GitHub Best Practices for Developers - Expanded Guide — Implementing these best practices could save you time, improve code maintainability, and prevent security risks.

Datree.io sponsor

Cloudflare Stops Using Google reCAPTCHA, Here's Why — If you access a Cloudflare-powered site from an ‘unusual’ connection (such as over Tor) you’ll often encounter a CAPTCHA to solve. Cloudflare has switched to hCaptcha from Google’s reCAPTCHA which may seem a privacy win in some ways, but is also allegedly saving Cloudflare $10m+ per year that it’d cost to keep using reCAPTCHA.

Martin Müller on Twitter

Ask HN: What Are Your Favorite Low-Coding Developer Apps and Tools? — A valuable (and busy!) Hacker News thread where people shared what services and tools they use to make the development process easier (mostly SaaS services, ‘no-code’ tools, etc.)

Hacker News

▶  On 'Good Enough' Architecture — A 40 minute talk on software architecture looking at situations where architecture was too elaborate or too simple and how we can learn to hit the ‘sweet spot’ for our own projects. As one commenter says: “One of the best talks I heard about the important balance between centralization and autonomy in the age of DevOps and microservices.”

Stefan Tilkov

A Tale of Recovering $300K of Bitcoin — A fun story because it starts out talking about how Microsoft Word 97 and PKZIP encrypted things before showing how this knowledge helped recover a significant amount of Bitcoin accessed by keys stored in an encrypted .zip file.

Mike Stay

Quick bytes:

💻 Jobs

Find a Job Through Vettery — Vettery specializes in tech roles and is completely free for job seekers. Create a profile to get started.

Vettery

DevOps Engineer at X-Team (Remote) — Join X-Team and work on projects for companies like Riot Games, FOX, Coinbase, and more. Work from anywhere.

X-Team

▶ Get ready for your next role: Pluralsight is free for the entire month of April. Stay Home. Skill Up. #FreeApril — SPONSORED

📖 Tutorials

Code is Engineering, Types are Science — You can divide reasoning into three complementary processes: deduction, abduction and induction. This post shows how each relates to software.

Juan Raphael Diaz Simões

10 Things You Can Do Today to Reduce AWS Costs — Corey Quinn has also done such a branding number on me over the years that I feel compelled to recommend following him too if you want to cut your AWS bills 😂

Shankar Ramachandran (AWS)

📊Guide to Grafana: Building (Awesome) VisualizationsJoin us April 22 as we demo building Grafana visualizations for any dataset. Get inspiration, pro tips (like when to use filters and gauges), and more.

Timescale sponsor

How to Flash an LED: Writing ARM Assembly for an STM32 Microcontroller — Something about the aesthetic here compelled me to read on. Neat introduction to a topic.

lochsh

Ask HN: What Are Some Best Practices for Ethical Web Scraping?

Hacker News

Google's Technical Writing Courses — A basic and intermediate course on technical writing aimed at software developers specifically.

Google Developers

How to Increase AWS EKS Availability with EC2 Spot — Running workloads on EKS using spot instances with on-demand instances fallback.

Nir Forer

Implementing a Forth in Assembly — If you’re stuck in your house with nothing to do, this is something you could do(!)

Richard W.M. Jones

📕 Stories and Opinions

How We Reduced Our Google Maps API Cost By 94% — A service that shows accurate arrival times of buses came up with a clever and hugely more efficient way to use Google’s Advanced Directions API.

Sudhanshu Mishra

One of My Favourite Diffs — Story time! Angrily removing all examples of switch fallthrough can feel so good.

Josh Watzman

How We Abused Slack's TURN Servers to Gain Access to Internal Services — It’s good to see Slack’s security team were so proactive in working with this report.

Enable Security GmbH

MUST, SHOULD, DON'T CARE: TCP Conformance in the Wild — If you’ve ever read an RFC, you’ll be familiar that standards govern what terms like SHOULD and MUST mean when implementing protocols or clients for them. The authors of this academic paper decided to see just how well Internet hosts and paths conform to the essential MUST requirements outlined in major protocol RFCs.

Kosek, Blöcher, Rüth, et al.

The Security Engineer’s First 90 Days Checklist

Sqreen sponsor

A Funny Bit About MicroservicesWarning: This is humor! A quick 3 minute look behind the scenes of a meeting about microservices that might seem like humor or a documentary, depending on how your own company works.

KRAZAM

How GOV.UK Notify Reliably Sends Text Messages to Users — The folks behind the UK government’s Internet presence send between 100-200k text messages a day to notify users of various things or for 2FA codes. This doesn’t go into a lot of detail, but explains how they keep things balanced.

David McDonald

The State of Microservices 2020 Report

The Software House

6 Things Markdown Got Wrong

Shawn 'swyx' Wang

Choosing Between Rust or Go? — Damien Stanton has worked with both Go and Rust and presented on the subject. As with all of these discussions, there is no final choice but the insights are interesting.

Hatchpad

🛠 Code and Tools

Codeberg.org: A Free, Non-Commercial GitHub Alternative — It’s built on top of Gitea, a Go-powered self-hosted Git service.

Codeberg.org

Introducing Krustlet, the WebAssembly Kubelet“We want to make it easy to deploy WebAssembly workloads on Kubernetes.”

Deis Labs

oneinfra: A 'Kubernetes as a Service' Platform — Provide or consume Kubernetes clusters at scale, on any platform or service provider.

oneinfra

libcsp: A High Performance, CSP-Inspired Concurrency Library for C — It’s interesting to see the main comparison is being drawn with Go’s concurrency approach here. GitHub repo.

Lime Shiyanhui

Iced: A Cross-Platform GUI Library for Rust, Inspired by Elm

Héctor Ramón

Valtan: A Common Lisp to JavaScript Compiler

cxxxr