BayesianDice's comments

Thank you for the comment. The site already has RSS, and I'd agree there are good technical grounds for preferring it, but I get the impression that its use among users is declining, which is why I was considering other mechanisms. I find it an interesting point of view to consider a feature which alternatively allows users to opt-in to email notifications - but which doesn't disadvantage them at all if they don't - as "user-hostile". (But of course I've seen sites which want to coerce visitors to hand over an email address to be able to access the content they were expecting, and depending on context, I can see cases where that could be considered aggressive.)

I agree with comments saying that a key point is producing content. I'd spent a couple of years of considering starting a blog (with no commercial/monetisation, but somewhere to post thoughts on technology / games / books I find interesting) and trying out various platforms/solutions and producing very little. Then I finally got started with a simple Hugo/Github/Netlify setup, with the plan of adding more technology bells and whistles if readership or my inspiration to continue producing content justifies it.

A question on which I'd be interested in views: how important or otherwise do people consider the ability to sign up for a mailing list / newsletter to be informed of new content? I dislike the in-your-face modal pop-ups etc. - but am wondering if readers, if they like existing articles on a site, would appreciate a low-key, unobtrusive option of signing up for an email notification.

There's lots of speculation here on what the Bank of England means by a central bank digital currency (CBDC) - people may be interested in the more concrete indications of what the Bank is / has been considering in a discussion paper which they published in March 2020: https://www.bankofengland.co.uk/-/media/boe/files/paper/2020...

The chapter on Technology Design states "Although CBDC is often associated with Distributed Ledger Technology (DLT — see Box 5), we do not presume CBDC must be built using DLT. Most existing payment systems are run on centralised technology stacks, and there is no reason CBDC could not also be built this way. However, DLT includes a number of potentially highly useful innovations, which can potentially be adopted independently of each other, allowing us to use the specific features of DLT which are most relevant and appropriate, without using DLT in its entirety."

The paper also discusses the risk-free nature of the currency (compared to deposits held in a commercial bank where consumers in principle face credit risk if the bank defaults), resilience, and innovation. And it notes the interesting related questions of whether the CBDC would be interest-bearing, and to what extent consumers switching from commercial bank deposits to the CBDC would impact the commercial banking model (using deposits to fund lending).

An alternative to storing the pw in plain text is to ask the user to provide their current password at the same time as the new password. The password change routine can then check the current password is correct (which protects against the threat of an attacker coming across an unlocked terminal with a logged-in session and changing the password) and provides the current password against which the new password can be compared.

"Arcadia" is great, but "The Hard Problem" (2015) may also be of interest - on consciouness and philosophy of mind. I'd coincidentally read Daniel Dennett's "Intuition Pumps and other tools for thinking" shortly before seeing the play and there was a hefty overlap in themes.

To clarify this - as far as I've seen, so far, 3 of the 45 Oxford colleges/PPHs (Worcester, Wadham, and St Edmund Hall) are accepting all offer-holders regardless of results.

(Oxford, along with Cambridge but unlike many universities, has the results of interviews and, for many subjects, admissions tests to assess to whom to offer a place. They make offers expecting that the vast majority of them will be met, rather than over-offering and expecting A-level results to prune the numbers significantly. In previous incarnations of the admissions system, candidates who passed the entrance exam and interview routinely got an offer of two Es, i.e. a formality. So, providing places to all offer-holders would not seem an unreasonable course of action in the circumstances.)

Thanks for that - I certainly agree that's simpler than Lambda@Edge, and option well worth considering.

I looked at that approach at the time but didn't go down that route because, as far as I understood (unless I missed something), that would involve having the S3 bucket directly publicly accessible over HTTP (not HTTPS) with the S3-style URLs, including public access. And my main motivation for adding CloudFront to the mix was to support/enforce TLS - I certainly didn't have traffic levels requiring it!

(But, pragmatically, the key risks of someone going to the effort of finding and using the unpublished S3 URL would seem to be be that (a) the site could stop working if I change the hosting and (b) they, through their own choice, aren't using TLS - which, for a static, low-traffic, personal blog, could be considered pretty low.)

Thanks, that makes sense - I've not used ReactJS, but guessed that your site only needed the top-level index.html, so that was handy.

I did find one catch with the S3/CloudFront approach, relating to default document, when I was looking at hosting a static Hugo site a few months ago. With S3 web hosting, you can specify a default object which also works for subdirectories (e.g. so http://www.example.com returns http://www.example.com/index.html and http://www.example.com/foo returns http://www.example.com/foo/index.html). With Cloudfront, the default document doesn't apply to subdirectories, which would have broken my site.

(For the author of this article, it looks like the combination of CLoudFront's default document and custom error handling did the job for their site - just flagging this as something to look out for in cases where it doesn't work :-) )

AWS suggest a workaround using Lambda@Edge (https://aws.amazon.com/blogs/compute/implementing-default-di...) to rewrite the requests at the CloudFront layer - but at that point I decided that actually getting the site published was more important than adding more to the technology stack, so it's now happily hosted on Netlify's free tier.

^W denotes Ctrl-W, the shortcut to delete the previous word for example originally in Berkley (thanks Wikipedia!) Unix-style terminals (and ^H denotes the control code for backspace, deleting the previous letter). The Jargon File's example shows how these are used for humorous effect: '"Be nice to this fool^H^H^H^Hgentleman, he's visiting from corporate HQ." reads roughly as “Be nice to this fool, er, gentleman...”, with irony emphasized.' (http://www.catb.org/~esr/jargon/html/writing-style.html)