Reading List
Happy New Year! As usual, my Reading List is sponsored by the lovely people at Wix Engineering who give me money to look at interesting shit, and when I find some I put it here.
- Mitigations landing for new class of timing attack – Mozilla shows that the new(-ish) ‘every chip since Morrissey was any good’ security vulnerability can exploited from JS. (And patches Firefox).
- Actions Required to Mitigate Speculative Side-Channel Attack Techniques – what web developers should do to mitigate the ‘every chip since Morrissey was any good’ vulnerability
- What’s behind the Intel design flaw forcing numerous patches? that clever Peter Bright explains it in a way even I can understand.
- Google says CPU patches cause ”˜negligible impact on performance’ with new technique – “We won’t let Spectre / be a slowdown vector” – Larry Page and William Shakespeare
- A Sliding Nightmare: Understanding the Range Input – Ana Tudor investigates styling this one simple form element. I wonder how much JS could be removed from the web, and how much more accessibility we’d get for free if browsers agreed a way to make form elements easily styleable.
- ::part and ::theme, an ::explainer – by Monica Dinculescu
- Screen Reader User Survey #7 Results – from those lovely people at WebAIM
- AccessNow – “We use crowdsourcing to pin-point the accessibility status of locations on an interactive map.” (Android/ iOS)
- Introducing Web Payments: Easier Online Purchases With The Payment Request API by Peter O’Shaughnessy
- LastPass’ Authenticator app is not secure -(Can’t confirm it myself as I don’t use LastPass)
- No boundaries for user identities: Web trackers exploit browser login managers – “a long-known vulnerability in browsers’ built-in password managers is abused by third-party scripts for tracking on more than a thousand sites.”
- Build Your Own React”Š”””ŠA Step By Step Guide – understand how React works by implementing your own virtual DOM, by Ofir Dagan of Wix Engineering
- React’s Accessibility Code Linter
- React.Fragment and Semantic HTML – do what James tells you.
- JavaScript Has Already Won. So here’s a guide to writing Robust Client-Side JavaScript.
- Meet Datally, a new way to understand, control and save mobile data – from Google’s Next Billion Users initiative. Seems like a good replacement for Opera Max, which was “sunsetted”.
- Rated zero – in which Ethan Marcotte looks at the FCC chair Ajit Pai’s assertion that Google AMP is against net neutrality, and whether that justifies the recent FCC decision.
- How the Russian Internet Censor Banned Itself – “More proof that censoring the internet is as difficult as it is futile”
- 8 Medieval Demons that look like Steve Bannon
Buy "Calling For The Moon", my debut album of songs I wrote while living in Thailand, India, Turkey. (Only £2, on Bandcamp.)