6203
Inter UI font family
Inter UI is a typeface specially designed for user interfaces with focus on high legibility of small-to-medium sized text on computer screens.

The family features a tall x-height to aid in readability of mixed-case and lower-case text. Several OpenType features are provided as well, like contextual alternates that adjusts punctuation depending on the shape of surrounding glyphs, slashed zero for when you need to disambiguate "0" from "o", tabular numbers, etc.
typography  font  design  ui 
2 days ago
Tweet on Slack being bad for technical decisions
There's nothing quite as nefarious as a technical decision made via Slack: stakeholders miss it if they're not around, points are poorly stated as they're strung across 50 half-baked thoughts, context exists across pages of jumbled noise, *and* it's time consuming.

I miss email.
team  management  communication  email  chat  slack  quote  is:tweet  via:andrewsardone 
4 days ago
Atomic Properties in Swift
Provides a nice quick overview of synchronization tools available in Swift.
synchronization  concurrency  swiftlang  mutex  locking 
5 days ago
sharkdp/bat: A cat(1) clone with wings.
A cat(1) clone with syntax highlighting and Git integration.
cat  cli  tool  is:repo 
8 days ago
exa · a modern replacement for ls
exa is an improved file lister with more features and better defaults. It uses colours to distinguish file types and metadata. It knows about symlinks, extended attributes, and Git. And it’s small, fast, and just one single binary.
cli  tool  ls 
8 days ago
Intel and the Danger of Integration – Stratechery by Ben Thompson
It is perhaps simpler to say that Intel, like Microsoft, has been disrupted. The company’s integrated model resulted in incredible margins for years, and every time there was the possibility of a change in approach Intel’s executives chose to keep those margins. In fact, Intel has followed the script of the disrupted even more than Microsoft: while the decline of the PC finally led to The End of Windows, Intel has spent the last several years propping up its earnings by focusing more and more on the high-end, selling Xeon processors to cloud providers. That approach was certainly good for quarterly earnings, but it meant the company was only deepening the hole it was in with regards to basically everything else. And now, most distressingly of all, the company looks to be on the verge of losing its performance advantage even in high-end applications.

This is all certainly on Krzanich, and his predecessor Paul Otellini. Then again, perhaps neither had a choice: what makes disruption so devastating is the fact that, absent a crisis, it is almost impossible to avoid. Managers are paid to leverage their advantages, not destroy them; to increase margins, not obliterate them. Culture more broadly is an organization’s greatest asset right up until it becomes a curse. To demand that Intel apologize for its integrated model is satisfying in 2018, but all too dismissive of the 35 years of success and profits that preceded it.

So it goes.
intel  business  management  disruption 
18 days ago
Greg Parker on Twitter: "@olebegemann 1. Write an event-handling loop: it waits for events—user input, timers, etc—and calls the handlers registered for those events. 2. Put the loop in an opaque box. That's a run loop object. I imagine it as a jack-i
1. Write an event-handling loop: it waits for events—user input, timers, etc—and calls the handlers registered for those events.

2. Put the loop in an opaque box. That's a run loop object.

I imagine it as a jack-in-the-box. You turn the crank and calls to event handlers pop out.

Greg Parker
@gparker

Modes, and observers, and re-entrancy, and the integration between the main run loop and dispatch queues. But that's mostly straightforward elaboration once you get the concept. (Except the dispatch queue stuff: that is in fact incomprehensible.)
NSRunLoop  runloop  CFRunLoop  is:tweet 
18 days ago
dxa4481/truffleHog: Searches through git repositories for high entropy strings and secrets, digging deep into commit history

Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
git  security  tool  is:repo 
28 days ago
Michael Tsai - Blog - WebView and UIWebView Deprecated in Favor of WKWebView
agreed:
The separate process architecture is nice, but this is going to be a rough transition. It looks like WKWebView is still missing tons of features from WebView (Web archives, DOM, customized loading and display, probably more that I haven’t discovered yet). The limitations are so severe that I bet a lot of apps haven’t even looked much into switching. Other features will be possible to port, but the API is very different, and in many cases you’ll need to switch from Swift/Objective-C to JavaScript. I was expecting to see massive improvements to WKWebView before WebView was deprecated, but that doesn’t seem to be happening.
uiwebview  wkwebview 
28 days ago
2018 Flat Pedal Roundup (Part-II) – GRAVELBIKE
Doesn't cover my favorite flat pedal, the VP-Vice
pedals  cycling 
29 days ago
Handles are the better pointers
The gist is:

• move all memory management into centralized systems (like rendering, physics, animation, …), with the systems being the sole owner of their memory allocations

• group items of the same type into arrays, and treat the array base pointer as system-private
when creating an item, only return an ‘index-handle’ to the outside world, not a pointer to the item
• in the index-handles, only use as many bits as needed for the array index, and use the remaining bits for additional memory safety checks
• only convert a handle to a pointer when absolutely needed, and don’t store the pointer anywhere
memorymanagement  pointers 
29 days ago
BQ 64 Preview: Our Biggest Adventure Yet | Off The Beaten Path
The Summer 2018 Bicycle Quarterly caps our 15th anniversary year, and so we’ve put together a very special issue. In our most epic adventure yet, we headed south to the incredible Copper Canyons of Mexico.


w/ Al from Q+M
cycling  friends 
4 weeks ago
Pitch on Twitter: "new lacroix flavors! -transported in a truck near bananas -hint of hint of lime -single skittle dissolved in water -shy watermelon -imagine like, a strawberry but with low battery"
new lacroix flavors!
-transported in a truck near bananas
-hint of hint of lime
-single skittle dissolved in water
-shy watermelon
-imagine like, a strawberry but with low battery
is:tweet  humor  lacroix 
4 weeks ago
Michael Tsai - Blog - I Can Be Apple, and So Can You
Dan Goodin:

For almost 11 years, hackers have had an easy way to get macOS malware past the scrutiny of a host of third-party security tools by tricking them into believing the malicious wares were signed by Apple, researchers said Tuesday.

[…]

The technique worked using a binary format, alternatively known as a Fat or Universal file, that contained several files that were written for different CPUs used in Macs over the years, such as i386, x86_64, or PPC. Only the first so-called Mach-O file in the bundle had to be signed by Apple. At least eight third-party tools would show other non-signed executable code included in the same bundle as being signed by Apple, too. Affected third-party tools included VirusTotal, Google Santa, Facebook OSQuery, the Little Snitch Firewall, Yelp, OSXCollector, Carbon Black’s db Response, and several tools from Objective-See. Many companies and individuals rely on some of the tools to help implement whitelisting processes that permit only approved applications to be installed on a computer, while forbidding all others.

Mitchel Broussard:

Developer Patrick Wardle spoke on the topic, explaining that the bypass was due to ambiguous documentation and comments provided by Apple regarding the use of publicly available programming interfaces that make digital signature checks function: “To be clear, this is not a vulnerability or bug in Apple’s code… basically just unclear/confusing documentation that led to people using their API incorrectly.” It’s also not an issue exclusive to Apple and macOS third-party security tools, as Wardle pointed out: “If a hacker wants to bypass your tool and targets it directly, they will win.”

For its part, Apple was said to have stated on March 20 that it did not see the bypass as a security issue that needed to be directly addressed. On March 29, the company updated its documentation to be more clear on the matter, stating that “third-party developers will need to do additional work to verify that all of the identities in a universal binary are the same if they want to present a meaningful result.”

Josh Pitts:

Without passing the proper SecRequirementRef and SecCSFlags, the code signing API (SecCodeCheckValidity) will check the first binary in the Fat/Universal file for who signed the executable (e.g. Apple) and verify no tampering via the cryptographic signature; then the API will check each of the following binaries in the Fat/Universal file to ensure the Team Identifiers match and verify no tampering via containing cryptographic signature but without checking the CA root of trust. The reason the malicious code, or “unsigned” code, must be i386, is that the code signing API has a preference for the native CPU architecture (x86_64) for code signing checks and will default to checking the unsigned code if it is x86_64.

[…]

However, to properly check for this type of abuse you need to add an anchor certificate requirement via the following commands:

codesign -vv -R=’anchor apple’ ./some_application_or_mach-o # for Apple signed code
codesign -vv -R=’anchor apple generic’ ./some_application_or_mach-o # for Apple signed code and Apple developer signed code

[…]

Typically, a developer would check the a Mach-O binary or Fat/Universal binary with the following APIs SecStaticCodeCheckValidityWithErrors() or SecStaticCodeCheckValidity() with the following flags:

kSecCSStrictValidate
KSecCSCheckAllArchitectures

These flags are supposed to ensure that all the code in a Mach-O or Fat/Universal file that is loaded into memory is cryptographically signed. However, these APIs fall short by default, and third party developers will need to carve out and verify each architecture in the Fat/Universal file and verify that the identities match and are cryptographically sound.
apple  osx  security  codesigning 
5 weeks ago
Myth 11: Rear tires should run at higher pressure | Off The Beaten Path
During hard braking, the entire weight of the rider is on the front wheel. Now the front tire carries three times as much weight as it usually does. If this isn’t factored into the tire pressure, then the tire can collapse during hard braking: Suddenly, the sidewall no longer holds up the tire. The tire loses the ability to transmit the forces from the road to the bike – braking and steering are seriously impaired. It’s like riding with a flat tire.

In recent years, the potential for trouble has increased as we now run supple tires at lower pressures. Back in 2010, when we published the chart, we inflated our 23 mm tires to 120 psi. Running the fronts at 80 psi was fine, since the stiff sidewalls of the tires most of us rode helped with holding up the bike.

These days, many of us are on supple 42 mm tires inflated to 35 psi. Dropping the front to 23 psi is fine when rolling along, but during hard braking, the sidewall will collapse.

The solution is simple: Use Frank Berto’s chart (above) to calculate the optimum tire pressure for your rear wheel, based on the weight distribution of your bike. But for the front, use 90% of the rear wheel’s pressure. In our experience, that works really well.
cycling  tires 
5 weeks ago
nullpointerexception - Which @NotNull Java annotation should I use? - Stack Overflow
My ideal annotation would be the java.annotation syntax with the Checker Framework implementation.

If you don't intend to use the Checker Framework the javax.annotation (JSR-305) is still your best bet for the time being.

If you are willing to buy into the Checker Framework just use their org.checkerframework.checker.nullness.qual.
java  javax  null  nullability  annotations  bestpractices 
5 weeks ago
Mothers Ruin Software | Suspicious Package
An Application for Inspecting macOS Installer Packages

Do you know what files that macOS Installer package actually installs?

Do you know what scripts it runs during installation, and what they do?

Do you know who the package really came from?

With Suspicious Package, you can answer these questions and more. Maybe you're quite literally suspicious of a package you've downloaded. Or perhaps you're just curious about what some package does. Or maybe you want to find out after the fact exactly what files a package scattered across your computer. Whatever the reason, Suspicious Package allows you to see inside an installer package. (And it's completely free.)
mac  osx  quicklook  security  tool 
5 weeks ago
Why does Java have transient fields? - Stack Overflow
The transient keyword in Java is used to indicate that a field should not be serialized.
java  serialization  transient 
5 weeks ago
Why long-distance cycling is like Tinder without sex and nine other things I’ve learned in 55 Audax rides – Cycling Intelligence
One of the best pieces of advice I ever got in term of long distance cycling was this one: “No matter how bad you are feeling, always remember that it will get better if you carry on.”
cycling  randonneuring 
6 weeks ago
tonyarnold/Differ: Swift library to generate differences and patches between collections.
Swift library to generate differences and patches between collections.

There's a lot more to calculating diffs than performing table view animations easily!

Wherever you have code that propagates added/removed/moved callbacks from your model to your user interface, you should consider using a library that can calculate differences. Animating small batches of changes is usually going to be faster and provide a more responsive experience than reloading all of your data.

Calculating and acting on differences should also aid you in making a clear separation between data and user interface, and hopefully provide a more declarative approach: your model performs state transition, then your UI code performs appropriate actions based on the calculated differences to that state.
lang:swift  collections  diffs  algorithms  is:repo 
6 weeks ago
UTC is Enough for Everyone, Right?
Programming time, dates, timezones, recurring events, leap seconds... everything is pretty terrible.
The common refrain in the industry is Just use UTC! Just use UTC! And that's correct... sort of. But if you're stuck building software that deals with time, there's so much more to consider.

It's time... to talk about time.
time  dates  timezones  programming 
7 weeks ago
The North Maple Cycle Track | samfirke.com
By building a protected cycle path along North Maple Road between Jackson and Miller, Ann Arbor will fill a glaring gap in its transportation infrastructure and significantly improve the quality of life for its west side residents.
annarbor  infrastructure  cycling 
7 weeks ago
proselint
proselint places the world’s greatest writers and editors by your side, where they whisper suggestions on how to improve your prose. You’ll be guided by advice inspired by Bryan Garner, David Foster Wallace, Chuck Palahniuk, Steve Pinker, Mary Norris, Mark Twain, Elmore Leonard, George Orwell, Matthew Butterick, William Strunk, E.B. White, Philip Corbett, Ernest Gowers, and the editorial staff of the world’s finest literary magazines and newspapers, among others. Our goal is to aggregate knowledge about best practices in writing and to make that knowledge immediately accessible to all authors in the form of a linter for prose.
writing  english  tool  lint 
7 weeks ago
Running at startup: when to use a Login Item or a LaunchAgent/LaunchDaemon – The Eclectic Light Company
There are two popular ways of getting software to run whenever your Mac starts up: it can be installed as a Login Item, or as a LaunchAgent or LaunchDaemon. This article looks at the differences between these mechanisms, so that you can decide which to use in each case, understand what can go wrong with them, and how to fix them.
osx  macos  launchd 
8 weeks ago
Pipenv: Python Dev Workflow for Humans — pipenv 2018.05.18 documentation
Pipenv — the tool for managing application dependencies from PyPA, free (as in freedom).

Pipenv is a tool that aims to bring the best of all packaging worlds (bundler, composer, npm, cargo, yarn, etc.) to the Python world. Windows is a first-class citizen, in our world.

It automatically creates and manages a virtualenv for your projects, as well as adds/removes packages from your Pipfile as you install/uninstall packages. It also generates the ever-important Pipfile.lock, which is used to produce deterministic builds.

Pipenv is primarily meant to provide users and developers of applications with an easy method to setup a working environment. For the distinction between libraries and applications and the usage of setup.py vs Pipfile to define dependencies, see ☤ Pipfile vs setup.py.
python  pip  pipenv  dependency_management  tool 
8 weeks ago
Advanced Usage of Pipenv — pipenv 2018.05.18 documentation
Pipfile vs setup.py
There is a subtle but very important distinction to be made between applications and libraries. This is a very common source of confusion in the Python community.

Libraries provide reusable functionality to other libraries and applications (let’s use the umbrella term projects here). They are required to work alongside other libraries, all with their own set of subdependencies. They define abstract dependencies. To avoid version conflicts in subdependencies of different libraries within a project, libraries should never ever pin dependency versions. Although they may specify lower or (less frequently) upper bounds, if they rely on some specific feature/fix/bug. Library dependencies are specified via install_requires in setup.py.

Libraries are ultimately meant to be used in some application. Applications are different in that they usually are not depended on by other projects. They are meant to be deployed into some specific environment and only then should the exact versions of all their dependencies and subdependencies be made concrete. To make this process easier is currently the main goal of Pipenv.
python  pip  pipenv  dependency_management 
8 weeks ago
How to constructively review a research paper
Any piece of research can be evaluated on three axes:

• Correctness/validity — are the claims justified by evidence?
• Impact/significance — how will the findings affect the research field (and the world)?
• Novelty/originality — how big a leap are the ideas, especially the methods, compared to what was already known?

There are additional considerations such as the clarity of the presentation and appropriate citations of prior work, but in this post I’ll focus on the three primary criteria above. How should reviewers weigh these three components relative to each other? There’s no single right answer, but I’ll lay out some suggestions.
research 
9 weeks ago
Is IPv6 only for the Rich?
measuring IPv6 deployment globally and analyzing possible driving factors
ip  ipv6  filetype:pdf 
9 weeks ago
Response: The Laws of Core Data | Cocoa Is My Girlfriend
I agree with this post, though my advice is “don’t use Core Data” and I hope never to have to work with it again in my entire life.

Also, *thank you:*
An NSManagedObject is an NSObject that has additional functionality added. It should absolutely be treated as if it is an NSObject because it is an NSObject.
coredata  bestpractices  liskov 
9 weeks ago
The Laws of Core Data | Dave DeLong
*sigh*

I’m too tired to write a full critique of this article. There is some good advice in it, especially if you plan to use Core Data, but there’s also some bad advice, and a lot of it boils down to “you’re holding it wrong,” because **Core Data is not good**.

I have to call this out, though, as terrible advice:
Use an abstraction layer

Do not pretend that your code is not using Core Data, and do not for a second think that you’ll ever be able to swap Core Data out for something else without rewriting everything that touches this abstraction kayer.
coredata  bestpractices 
9 weeks ago
« earlier      
373proj a2council accessibility affordability algorithms america android animation annarbor api apple applewatch appstore art async autolayout aviation bash bestpractices business c c++ charting ci clang cli clips clojure cocoa cocoa_touch cocoapods coffee color complexity concurrency coreanimation coredata cryptography cs css culture cycling d3 data debugging dependency-injection design designpatterns detroit development diversity diy dmx512 documentation economics elecdiy electronics embedded encryption engineering english enum error_handling extensions facebook filetype:pdf finance flying foia font friends functionalprogramming game gcd generics gif git github golang graphics health history housing html html5 http humor icons inspiration internet interop ios ios10 ios7 ios8 ios9 is:gist is:repo is:tweet is:video java javascript journalism jquery json kvo lang:swift layout life lighting linux management markdown matlab media:document memorymanagement michigan mocking music mvvm networking newspapers nginx notifications nsa nsurlsession nyc nytimes nytnow objective-c oop option_type osx parser performance photog photography politics privacy productivity programming protocol_extensions protocols python quote radio reactivecocoa reactiveprogramming reactjs reactnative refactoring reference resources rest ruby rust_lang rx safety search security simplicity society software software_architecture solid ssl startups strings swiftlang sysadmin taxes tdd testing tls tool tools transit travel tutorial twitter types ui uicollectionview uiimage uikit uitableview uiviewcontroller umich unicode unix urban_development urbanplanning ux via:andrewsardone via:androidweekly via:cdzombak via:iosdevweekly via:mattb visualization watchkit water weather web_dev windows wordpress work xcode xctest zoning

Copy this bookmark:



description:


tags: