katelynsills's comments

Yes, I know. You don't need to tell me that.

I suspect this is related to what Nikhil Rajpal was doing at NOAA. He was originally reported to be asking about Google sites. https://www.wired.com/story/doge-engineer-noaa-data-google-m...

@nikrdc, if this is you, why are you doing something so destructive and stupid?

Sorry, [1] should be https://github.com/tc39/proposal-realms

This is a really good question. You would want to ensure that the templating library cannot get access to the http request library unless the templating library is explicitly given a reference to it. So even though both libraries are imported, they can't access each other by default. Realms (the standards track proposal [1]) lets you do this, and Salesforce uses it right now as the security kernel that ensures that their third party apps can't view or mess with other apps [2].

The best way to enforce POLA, and especially this particular problem of not allowing libraries to have access to each other, is object capabilities (ocaps) [3]. An object capability combines designation with authority -- if you have access to a capability, you can use it. If you don't have access, you can't use it. You can think of this (very roughly) as a key to a car as opposed to your name being on a guest list for a party. I didn't really touch on ocaps in this piece, but it's a necessary component for being able to enforce POLA well.

[1] https://developers.google.com/caja/

[2] https://www.youtube.com/watch?v=3ME7oHHQbuM

[3] http://habitatchronicles.com/2017/05/what-are-capabilities/

Great list! I noticed Tastypie wasn't included. I've really liked it, but are there reasons I shouldn't be using it?

Thanks for the book recommendation! Just bought it. Agreed that smart contracts and technology in general could be used to reduce transaction costs.

I wasn't until this week, so apparently I'm projecting just the right amount of knowledge :D Thanks for the link! I've been looking for opportunities to learn more.

This is really interesting. I've lately become more curious about theories of transaction costs - how traditional firms might have an advantage because they don't have to bargain over every decision and have understood lines of decision-making. I'm wondering if decentralized organizations might have a transaction cost problem.

Thanks!

Very cool! Thanks!

Can you expand on your process for using TLA+ in web development?

What kinds of libraries did you use to build this? I see you have a webpack bundle.

I've been experimenting with turning a work application into a PWA, but ran into a problem - all the stuff that would be great to cache was behind an authentication wall. None of the PWA examples covered this. Also, the service worker examples all had "Don't use this in production" warnings. :D

I work for a mill that cleans and sorts grains and beans (taking the rocks out, stems out, etc.), and it's fascinating to see the parallel invention of something really similar! We have a bunch of different steps:

1) Air is blown through the product and any dust is taken out. 2) The product is run through a bunch of screens that take out anything too big or too small. 3) The product is put through a gravity separator to separate based on mass. 4) Finally, the product is put through an optical sorter (https://www.youtube.com/watch?v=O0gWUeqzk_o) which uses blasts of air to push out unwanted materials from a stream of falling product.

I'm sure you could use the same process for Legos. Not sure about how to distinguish between branded and unbranded Legos though.

The study showed that having more books was correlated with children being more successful, but that doesn't mean that having more books on shelves is actually the cause. It's more likely that the kind of parents that have high quality books have qualities that would make their kids successful, regardless of the books on the shelves.

"I really don’t like criticising colleagues, a tendency I’m guessing we all share in science."

This. This is everything that's wrong about modern science.

That's definitely a valid point, but there's two things that make me disagree. First, if you look at the game with the perspective of making the game enjoyable to women, you wouldn't put in mild sexism similar to that which already annoys them in real life, especially if it often comes from friendly characters that you can't trounce in response. :) Video games are supposed to be fun! So, from that I assume that Dragon Age Origins wasn't made with women in mind as the audience, or if it was, they didn't do it very enjoyably.

Secondly, I think attributing the mild sexism in the game to intentional world-building is a bit of a stretch, considering that the main religious figure in the game is a warrior woman prophet. I don't think women warriors would be such a surprise in that world! It's more likely that it's just something that came from our current society that got mapped onto the game because the creators didn't think about it. It's unfortunate, because with such an interesting mythology, you could do some really novel cultural things in that world.

Anyways, I've gotten off topic, but I do think there are characteristics that make it easier to blend into the programmer lifestyle (such as video games) and characteristics that make it harder (such as liking fashion) and all of those characteristics contribute to the person's choice of whether to become a programmer, especially since programming is more of an all-consuming occupation than most. And, these characteristics are not equally shared between men and women.

Sorry, I'm having a hard time figuring out what your question is getting at.

Are you saying that the stereotypical programming lifestyle is equally appealing to men and women? Just looking at video games, I don't think that's the case. For instance, I recently started playing Dragon Age Origins, and playing as a female Gray Warden, I kept getting repeated comments from NPCs saying "Really? A female Gray Warden. Wouldn't expect that", and so forth. Why would a woman choose to make a video game that is continuously surprised that she exists? I really enjoyed the game, but it's honestly the stuff like that that tells you in subtle ways that you're not welcome.

It sounds like you're saying, "Programming was offered to them, but they didn't take it, so apparently they didn't want it."

But what was "programming"? Was it a skill/profession, or a lifestyle that was being offered to the women? I think it's often seen as a lifestyle - i.e. programmers only eat pizza and wear hackathon t-shirts and spend their free time playing video games. Of course this is wildly inaccurate. Good programmers need to only have knowledge and an interest and ability to learn more - what you eat, wear, and enjoy as a hobby shouldn't matter. But if you go to someone and ask if she wants to give up her own lifestyle and own interests to become a "programmer", she's going to say no.

I suspect that so many people enjoy the stereotypical activities that they're unable to separate out the programming lifestyle from the actual skills necessary.

I thought this was extremely interesting but can't upvote this. Was it flagged for some reason?