• Week 2018-W45 in reading

    Privacy, security

    Inspired by Wolf480pl’s post, I’ve started searching for some more information. I’ve read So you want to build a Javascript based network scanner and decided that it was a very good idea to install NoScript Security Suite… There’s also an interesting discussion on reddit.

    As I’m preparing to write a longer post on privacy, I’ve started collecting info about that. The article on PC World is particularly well written and informative.


    A friend of mine wrote a review of the book “Surrounded by Idiots” by Thomas Erikson. Apparently it’s worth reading if you work with other people…


    I’ve been involved in a prestudy for a certain project. Among other things, I’ve stumbled upon SEDA. It reminded me of the approach used by LMAX Disruptor, but with queues connecting processing agents instead of all of them sharing the same circular queue (as in disruptor).

    I’ve also read the chapter on Audacity in the The Architecture of Open-Source Applications. Its explanations of the technical details (like file organisation), UX aspects and software lifecycle are definitely worth reading.

  • The Use of Lateral Thinking

    Two or three weeks ago something reminded me of the Oblique Strategies card deck that Brian Eno and Peter Schmidt created. Reading its Wikipedia page I’ve spotted a reference to lateral thinking, which was new to me and I thought I’d look that up as well. Eventually it turned out that lateral thinking is quite a new concept and has been coined in the 1960’s by Edward de Bono. I’ve ordered a used copy of his book and started reading a few days ago – this is my overview (or review) of the book.

    First of all, this book is very well written. It’s thorough yet easy to understand, which I think is quite rare nowadays. It is also very short (140 pages, pocket-sized), which is very encouraging – it took me about a week to read it and I did not have much time recently.

    My key takeaways from this book are:

    • Awareness of the different approaches to problem solving.
    • Understanding of the differences between “vertical” and “lateral” thinking and when each of them is applicable.
    • A bunch of techniques to be used when approaching problems. Among them there are:
      • identification of the dominant idea / approach,
      • searching for inspiration outside of the problem domain,
      • playing around with things.
    • Understanding of how patterns and relations between them lead to their compositions being complex.

    The last point is quite interesting because it’s more related to human perception and complexity, not to lateral thinking itself. It boils down to the following observation:

    1. When we explain (or reason about, or design) a complex concept, we can break it into several smaller pieces that are easier to understand.
    2. If the pieces are too simple, relations between them will probably be quite complex. When those pieces are complex, relations between them will be less complex.

    This and the fact that lateral thinking is the opposite of being fixed on a single approach, reminded me of the DDD book by Eric Evans, where he states that the ubiquitous language should not be frozen: it should develop in parallel to the model and the software. It is obviously a good fit, since polishing our understanding of the domain of our software sometimes requires looking at things from different angles.

    I have already started using some of the techniques mentioned in this book and I’m very fond of these new tools. I think I’ll be practicing more in the nearest future to develop my “lateral muscles”.

    This is the second book about thinking I have read this year and I think both of them should be mandatory reading for everybody as they help us use the most powerful tool each of us has got: our minds.

  • On the challenges of minimalism

    I think the hardest challenge I’m facing while trying to follow minimalism principles is not doing things. For instance: not buying stuff.

    Every now and then I visit a bookstore and stumble upon a book on minimalism. Generally I’m attracted to such books because I find the vision of having less and feeling more appealing and each book presents this vision in a different way, refreshing the sensasion. But having one more book, regardless of the subject, means having more stuff. Minimalism is not about having more books about minimalism.

    So I always refrain from buying such books, which is not always easy. I just re-read Leo Babauta’s book based on his blog and get on with the urge to get something new.

    Another thing is buying clothes. I’ve got enough of them - so why buy more? Yet I do get ideas about shopping and getting more stuff, just like I do with books. But while having more books is fine, having more clothes is materialistic. So I always avoid buying clothes as much as I can. I have also come up with the idea that the next time I need a new T-shirt or book, I’ll buy used one. This is exactly the approach I’ve taken recently when looking for Edward de Bono’s book on lateral thinking.

    Getting rid of stuff I don’t use is even harder

  • Week 2018-W41 in reading

    I’ve recently decided that I’d start a new series of weekly posts about interesting arcicles I’ve read. This is the first post in this series.

    For each interesting position from my reading list, I’ll provide a short summary. Please note that those summaries are not meant to be comprehensive. They are here only to give an idea of the topics covered.

    What Are Capabilities?

    Although I’ve started reading it last week, I’d like to include it in my summary as it’s been a very good read. The title says it all: it is an overview (an introduction?) to the capability paradigm.

    The idea behind capabilities is that instead of exposing complex, multiple-purpose interfaces that can be used to perform many different operations and procuring an equally complex access-control system separate from those operations, it is better to expose a limited interface that only allows to perform the operations we wish their user could perform. In this context, the interface is the capability because when handed over to a user, it gives them the capability to perfrom operations on resources of some kind.

    The article refers to a useful example: operating systems usually specify files as paths represented as character strings, without limiting their use. To actually limit accessibility of files to different users, access control system based on users and groups is provided.

    In such environment, a path can be passed to system routines, such as open or unlink. Should the software used by the user be replaced by an evil adversary, it could harm user’s files. However, if the operating system passed files as objects with only a limited set of operations available, it would be much harder for the program to misbehave. It could also keep the user from misusing their own files.

    6 Dumbest Ideas in Computer Security

    A very entertaining read about two fundamentally different approaches to computer security: designing secure systems and extinguishing fires. Concepts like white and black lists are compared, exposing challenges of doing the latter right.

    Personal observations on the reliability of the Shuttle

    Recommended by the above text by Marcus J. Ranum, it is an in-depth analysis of decay of reliability of space shuttles. It also underlines the importance of the choice between bottom-up and top-down design approaches and the importance of careful design that doesn’t skip any important detail.

  • K-9 mail

    Some time ago I’ve decided I want to give up using Gmail (user interface and the service). But first I had to choose something I could rely on.

    Having reviewed capabilities of several mail user agents available on Google Play, I’ve decided to go with K-9 mail as it was said to have a number of advanced features:

    1. IMAP folder classes to configure how folders are synchronized and displayed.
    2. Email encryption – it supports autocrypt and integrates with OpenKeychain.
    3. Handles several accounts simultaneously.
    4. It’s got a virtual inbox composed of any number of IMAP folders and the user decides, which folders should be aggregated in it. (This feature is particularly useful with more than one mailbox / account.)
    5. It lets the user archive their mail by moving it to another folder (and the user can configure the archive folder). This is very useful if you do GTD.

    It is very flexible too. For instance, it lets you define additional identities for each account. This works like a charm if you’ve got several aliases defined for your account.

    Finally, it’s got bulk operations (delete, mark/flag, move, mark as read/unread, etc.) and two display themes: bright and dark. It also lets the user decide whether they want to compose their mail in plain text or in HTML.

    All this makes K-9 a great mail user agent. I have even disabled Gmail on my phone and replaced it with this great app. Now I’ve got one app to handle all my mailboxes and it works great!