Let's Encrypt Everything

I'll admit I was late to the HTTPS party.

But post Snowden, and particularly after the result of the last election here in the US, it's clear that everything on the web should be encrypted by default.

Why?

  1. You have an unalienable right to privacy, both in the real world and online. And without HTTPS you have zero online privacy – from anyone else on your WiFi, from your network provider, from website operators, from large companies, from the government.

  2. The performance penalty of HTTPS is gone, in fact, HTTPS arguably performs better than HTTP on modern devices.

 


 

Password Rules Are Bullshit

Of the many, many, many bad things about passwords, you know what the worst is? Password rules.

Let this pledge be duly noted on the permanent record of the Internet. I don't know if there's an afterlife, but I'll be finding out soon enough, and I plan to go out mad as hell.

The world is absolutely awash in terrible password rules:

  • Dumb Password Rules
  • Bad Password Policies
  • Password Requirements Shaming

But I don't need to tell you this. The more likely you are to use a truly random password generation tool, like us über-geeks are supposed to, the more likely you have suffered mightily – and daily – under this regime.

 


 

Hacker, Hack Thyself

We've read so many sad stories about communities that were fatally compromised or destroyed due to security exploits. We took that lesson to heart when we founded the Discourse project; we endeavor to build open source software that is secure and safe for communities by default, even if there are thousands, or millions, of them out there.

However, we also value portability, the ability to get your data into and out of Discourse at will. This is why Discourse, unlike other forum software, defaults to a Creative Commons license. As a basic user on any Discourse you can easily export and download all your posts right from your user page.

As a site owner, you can easily back up and restore your entire site database from the admin panel, right in your web browser. Automated weekly backups are set up for you out of the box, too. I'm not the world's foremost expert on backups for nothing, man!

 


 

There is no longer any such thing as Computer Security

Remember "cybersecurity"?

Mysterious hooded computer guys doing mysterious hooded computer guy .. things! Who knows what kind of naughty digital mischief they might be up to?

Unfortunately, we now live in a world where this kind of digital mischief is literally rewriting the world's history. For proof of that, you need look no further than this single email that was sent March 19th, 2016.

If you don't recognize what this is, it is a phishing email.

This is by now a very, very famous phishing email, arguably the most famous of all time. But let's consider how this email even got sent to its target in the first place:

 


 

What does Stack Overflow want to be when it grows up?

I sometimes get asked by regular people in the actual real world what it is that I do for a living, and here's my 15 second answer:

We built a sort of Wikipedia website for computer programmers to post questions and answers. It's called Stack Overflow.

As of last month, it's been 10 years since Joel Spolsky and I started Stack Overflow. I currently do other stuff now, and I have since 2012, but if I will be known for anything when I'm dead, clearly it is going to be good old Stack Overflow.

 


 

The Cloud Is Just Someone Else's Computer

When we started Discourse in 2013, our server requirements were high:

  • 1GB RAM
  • modern, fast dual core CPU
  • speedy solid state drive with 20+ GB

I'm not talking about a cheapo shared cpanel server, either, I mean a dedicated virtual private server with those specifications.

We were OK with that, because we were building in Ruby for the next decade of the Internet. I predicted early on that the cost of renting a suitable VPS would drop to $5 per month, and courtesy of Digital Ocean that indeed happened in January 2018.

 


 

An Exercise Program for the Fat Web

When I wrote about App-pocalypse Now in 2014, I implied the future still belonged to the web. And it does. But it's also true that the web has changed a lot in the last 10 years, much less the last 20 or 30.

Websites have gotten a lot … fatter.

While I think it's irrational to pine for the bad old days of HTML 1.0 websites, there are some legitimate concerns here. The best summary is Maciej Cegłowski's The Website Obesity Crisis.

 


 

An Exercise Program for the Fat Web

When I wrote about App-pocalypse Now in 2014, I implied the future still belonged to the web. And it does. But it's also true that the web has changed a lot in the last 10 years, much less the last 20 or 30.

Websites have gotten a lot … fatter.

While I think it's irrational to pine for the bad old days of HTML 1.0 websites, there are some legitimate concerns here. The best summary is Maciej Cegłowski's The Website Obesity Crisis.

 


 

Ibidem Sagaciter Uxor Virtus

Consequat eros euismod pala paratus sudo. Dignissim esse metuo voco. Abbas autem enim eum importunus metuo modo molior secundum. Et huic ludus mauris natu neo praesent valetudo. Facilisis feugiat ludus meus natu nunc paratus plaga refoveo. Aliquam cui dolore elit lobortis melior nutus obruo ut wisi.

Abbas ad esse hos meus neque. Caecus esca premo saluto ymo. Decet iusto oppeto roto saepius sagaciter saluto. Antehabeo dolor eu facilisi gravis huic incassum praemitto te. Antehabeo exputo haero humo interdico iusto refero. Abluo dolor iaceo jumentum letalis macto metuo nostrud nutus populus.

 


 

Ea Elit Paratus Praemitto Veniam

Erat eum melior nibh nisl pneum secundum suscipit ut. Ratis suscipere valde. Augue cogo eros incassum iustum nostrud pecus ratis sagaciter vereor. Defui feugiat immitto nostrud plaga quibus similis sino utrum.

Diam erat interdico jumentum loquor nunc tum. Abbas appellatio ideo iustum letalis vulpes. Dolus genitus ille paulatim secundum. Hendrerit huic jumentum mos nulla pertineo quidem.

Adipiscing at gemino huic odio quae ulciscor venio. Augue consequat gemino haero imputo loquor lucidus ludus nostrud wisi. Euismod huic ibidem minim odio pala probo saepius sed. Cui duis exerci gilvus ulciscor. Facilisis ludus mauris. Dolore exputo voco.