Brandt's Tumblr

This is a tumbling log of things and thoughts that pass my way.

If you got here by accident, you may want to visit instead.

April 17, 2014 at 10:27am
0 notes

Living in the future.

When I was in college, if while reading a book I found an interesting reference to a primary source, I would write down the reference in my notebook. Then at a later date I would drive an hour to the nearest university library, where I would search through their archives to find a printed copy of the original, which I would photocopy to bring home with me.

Last night I was reading an ebook in bed on my phone, and came across a reference to an interesting paper. This morning I opened the same ebook on my computer, copied the reference and pasted it into a search engine, and seconds later I’m reading the original paper on screen.

I cannot fathom why so many people are still attached to hardcopy books and library stacks. I freaking love living in the future, where tracking down a reference doesn’t cost me hours of time, reams of paper, and gallons of gasoline.

April 15, 2014 at 1:23pm
0 notes
I imagine a multi-volume book, one that is to the art of computer programming as The Art Of Computer Programming is to the mechanics of executing algorithms on a machine.

— Structure and Interpretation of Computer Programmers : Preparing for Computing’s Big One-Oh-Oh

12:07pm
0 notes
That should make us optimistic about the future, right? I mean, all that stands in our way is prejudice, ignorance, and vested interests. Oh, wait. Paul Krugman: Rising Sun - NYTimes.com

That should make us optimistic about the future, right? I mean, all that stands in our way is prejudice, ignorance, and vested interests. Oh, wait.
Paul Krugman: Rising Sun - NYTimes.com

April 14, 2014 at 11:22pm
0 notes
Most of what people imagine as “Big Ag” or “Industrial Farming” actually involves rotated crops on family farms.

— Applied Mythology: “Monoculture” May Not Mean What You Think It Means

April 11, 2014 at 4:25pm
0 notes

Professor Matthew Green of Johns Hopkins University recently commented that he’s been running around telling the world for some time that OpenSSL is Critical Infrastructure. He’s right. He really is. The conclusion is resisted strongly, because you cannot imagine the regulatory hassles normally involved with traditionally being deemed Critical Infrastructure. A world where SSL stacks have to be audited and operated against such standards is a world that doesn’t run SSL stacks at all.

And so, finally, we end up with what to learn from Heartbleed. First, we need a new model of Critical Infrastructure protection, one that dedicates real financial resources to the safety and stability of the code our global economy depends on – without attempting to regulate that code to death. And second, we need to actually identify that code.

— Be Still My Breaking Heart | Dan Kaminsky’s Blog

2:49pm
0 notes
I must apologize to my wife, because this is exactly what shopping with me is like. All day.

I must apologize to my wife, because this is exactly what shopping with me is like. All day.

April 10, 2014 at 9:08pm
0 notes

How Toxic Is It? →

Charts like this annoy me because they depict active ingredients using pictures of the whole product, i.e. for acetic acid they show vinegar (which is only about 5% acetic acid), and for caffeine they show coffee beans (which are only about 1% caffeine by weight). That said, it still effectively demonstrates the relative (non-)toxicity of various pesticides and common household items.

3:08pm
0 notes
That’s quite a lot of vomit.

— What the Tamiflu saga tells us about drug trials and big pharma | The Guardian. Worth reading in it’s entirety, the conclusion is perfect.

12:59pm
0 notes
Building exploit mitigations isn’t easy. It’s difficult because the attackers are relentlessly clever. And it’s aggravating because there’s so much shitty software that doesn’t run properly even when it’s not under attack, meaning that many mitigations cannot be fully enabled. But it’s absolutely infuriating when developers of security sensitive software are actively thwarting those efforts by using the world’s most exploitable allocation policy and then not even testing that one can disable it.

— analysis of openssl freelist reuse. Damning analysis of the heartbleed bug.

April 9, 2014 at 11:07am
0 notes
First off, Google is introducing the “srcset” attribute to let Web developers provide multiple resources in varying resolutions for a single image, in the hopes of speeding up page load times, reducing wasted bandwidth, and ending improperly formatted content. In short, support for responsive images means the browser picks the resource that matches the device’s capabilities, whether it’s a desktop, laptop, tablet, phone, or a TV.

— Google Chrome 34 is Out: Responsive Images, Supervised Users. Yes!!!

10:02am
0 notes
In a world permeated by fear, where everyone is bombarded by more information than they can filter, we’ve created a society where people are hyper-skeptical, to the point of irrationality, about conventional medicine, but credulous, to the point of irrationality, about the latest hipster trend in snake oil.

— Simons: Irrationality is the most dangerous infection of all

April 8, 2014 at 9:08pm
0 notes
We need a web design museum.

— Vogel. / Airbag Intl.

1:54pm
0 notes
Internet Explorer 8 is also no longer supported

— Windows XP support has ended - Microsoft. Wow, Microsoft, that must feel nice. Meanwhile, it looks like the rest of us are stuck supporting it for at least another couple of years. Thanks for that.

1:38pm
0 notes
All of my conversations over the past year with Android developers, 3rd party dev shops, more mature startups developing on both platforms and investors confirm a simple hard reality: building and releasing on Android costs 2-3x more than iOS.

— Why Android First is a Myth | steve cheney – technology, business & strategy

April 7, 2014 at 9:03pm
0 notes
The only sane ethical po­si­tion is to op­er­ate in a mode that is pri­vate by default, be­cause the consequences of a pos­i­tive fail­ure (the us­er didn’t really need privacy but got it anyhow) are im­mense­ly less dam­ag­ing than the consequences of a negative failure (the us­er re­al­ly need­ed pri­va­cy but didn’t get it).

— Ethical Privacy Choices. I find myself in violent agreement with Tim Bray on this one.