Thought Flow

Technology and other things

Author: David

  • Post-Truth

    Day 15 #Truth
    Day 15 #Truth by mishey_mouse (CC-BY-NC)

    Word Of The Year is without a doubt “Post-Truth” 1. In my interpretation, it perfectly captures two observations about the current world:

    1. Truth largely does not matter anymore. We have moved beyond truth, we are post truth.
    2. Truth can be created after (post) a statement is made — it does not have to be true originally.

    Post-truth has come up a lot lately. It is often mentioned in association with Brexit and Donald Trump’s election as president, but I do not have anything significant to add to these specific debates on this blog.

    But I will say this: Post-truth is dangerous… It is dangerous, because it deceives. It is dangerous, because it is used to incite hatred and create injustice. It is dangerous, because it challenges the fundamentals of civil discourse: Honesty, respect and integrity.

    This year, we have mostly seen post-truth in public politics. However, I fear that it is not a temporary phenomenon, but a symptom of a larger disease, slowly infecting our society. On a large scale, the alt-right movement is gaining traction, fueled by fake news and hatred. On a smaller scale, it has become trendy to not be politically correct.

    The result of post-truth is quite dark: Thumbs up for telling lies, they will become true eventually. Thumbs up for ignoring real facts, they can be created.

    I am not sure that we can reverse the rising trend of post-truth. That ship has sailed, and we have to get used to the era of post-truth. However, I do think that being aware of the problem enables us to do something as individuals, even on a small scale.

    On my part, I will try to be more critical towards my news sources and politicians, I will try to be respectful and honest in my discourse, and I will be politically correct to counter-balance those that are not. This is the best I can do, and I know that I am not alone. That is a comforting thought.

  • Golly Gosh Moments

    You know that time you realized that you have been doing something the wrong way for a very long time and then finally realize the wrongness. For the sake of the low profanity rating of this blog, let’s call these golly gosh moments, although the Millennials might better understand #FML. Homer just says do’h.

    So it’s just a normal day at the office, and I want to see if I can make an IP address lookup to get the approximate geo-location of a website visitor. I find an IP and it starts with 10 and turns out to be part of a private IP range. The next IP is the same. And the next.

    To make a long story short, it turned out that we have been saving Heroku IP addresses in our logs instead of the user IP address for all our widget tracking for all of time. Heroku is a proxy, so the actual IP address is in an X-Forwarded-For header. For educational purposes here is how to make an express.js app behave better with a trusted proxy:

    // App is an express.js app
app.enable('trust proxy');

// req.ip now contains the correct
// IP address during requests.

    A one-liner made a world of difference for the logging. Golly Gosh.

  • Dear LinkedIn Recruiter

    Rules for contacting people that you want to hire, from my perspective:

    • Tell me what company you are recruiting for. I don’t care that you think the company is exciting.
    • Include my name at the top or your email. And when you do, please stop for a second and think to yourself: “Is their first name really David Volquartz or just David”.
    • If someone actually recommended my profile to you, let me know who it is so I can thank them for thinking about me.
    • Please look at my work history. I haven’t worked professionally with your technology for ten years so my knowledge is outdated.

    As a sidenote, I probably get less recruiter mail than many developers. Probably about once per week. And I actually write full answers to all recruiters that figure out my name is just David.

  • It starts with a dot

    * <-- this is a dot

    We don’t know what the dot is yet, but it’s an exciting beginning.

    Later, we get two more dots. We now have three dots:

    * * *

    The dots are still just asterisks in a blog post. But did you know that “asterisk” comes from Latin and means “little star”?

    Stars look pretty:

    ★ ★ ★

    Perhaps we can look at the stars from a different angle and rearrange them slightly:

    ★
 ★
  ★

    Considering that we started with just one dot, this is an interesting result. Although we had to add two more dots before we saw the stars, in the end they turned out to look very nice on a diagonal.

    This is data science.

  • Corporate Bullying

    A few days ago, we received some reports from users that all went something like this: “Norton is blocking access to your site. It says the site has a security risk.”

    First reaction: Panic! Did our site get taken over by hackers? Not quite… When reading the security report, it turns out that Norton had incorrectly classified a link from one of our receipt emails as a phishing attack. To be clear, the link does nothing else than redirect to the user’s website, i.e. there is no phishing going on, neither on our site nor the user’s site.

    We immediately issued a dispute and request for re-evaluation with Norton’s website. And then… nothing really happened. After five days, it seemed that the red warning disappeared, but for the site dispute, the re-evaluation is still “in progress”.

    Now, this would not be so bad if it was not for Norton’s massive userbase and the trust that they have. Besides the users that were blocked from using our app, a slightly more serious consequence was the 1-star review on the Shopify app store that popped up on Friday morning with just the text: “My Norton Antivirus software shows this site to have an identity threat.”

    Needless to say, being wrongly flagged by Norton can have real consequences for a business.

    And that is the main problem here. This whole ordeal reminds of me of some of the many things I hate about big corporations: Stepping on smaller businesses, misusing power and slow processes. I would go so far as to call it Corporate Bullying. Norton makes millions of dollars by tricking people into thinking that they need an expensive security solution (when they probably don’t). They can easily afford to make a few false positives when flagging sites because it has no consequences for them, only for the businesses in the receiving end. And when confronted with the problem, Norton does not care about us and our wrong security rating, nor do they take immediate action to rectify the problem.

    The only thing missing here to make the bully analogy complete is if Norton came back to us and said that we need to pay them some “administrative fee” to remove the bad rating. Then they would truly have stolen our lunch money. I would not be surprised if that happened, but I hope that the story ends here.