Be sure to listen to our latest episode, featuring updates on HOPE video uploads, Youtube vs fair use, EAS vulnerabilities, and more!
Bonus content: https://www.youtube.com/watch?v=qCyVdPSm2bo
Quick #Copywriting tip for software devs:
Most of the time when devs write up their "sales" pages they put a list of features.
This is extremely common but there's a better way:
List the benefits of the features.
"End to end encrypted" is a feature.
"Your communications are secure -- not even the developers can read your messages!" is a benefit.
Reply with some of your software's features and I'll do my best to write them into benefits for you :)
(I normally charge a lot for this service)
Software will always have as many bugs as users will tolerate before switching to something else. Therefore, the higher the cost to users of switching, the more bugs the software will have. This is why companies tend to devote significantly more resources to maximixing the cost to users of switching than they do to software quality.
When we started a podcast about movies we didn't really anticipate that we would do a Very Special Episode prompted by the news, but here we are.
Content warnings: US politics, reproductive health and decisions, religious fanaticism, addiction
Palo Alto Networks: New PAN-OS DDoS flaw exploited in attacks
FBI Raid Indicates One Thing: Trump & Trump Supporters Must Be Deleted. Only Uni Party Members Have Exclusive Right To Rule.
I’m confident that, “We the people,” can still take them. They’re panicked, weak and they’re really nothing like us.
Hackaday Prize 2022: Solar-Harvesting ESP32 Camera Is Waterproof, Repeatable https://hackaday.com/2022/08/14/hackaday-prize-2022-solar-harvesting-esp32-camera-is-waterproof-repeatable/
Original tweet : https://twitter.com/hackaday/status/1558861128100347904
As we get older, our sensitivity toward the higher frequencies decreases. This phenomenon is called age-related hearing loss or presbycusis. Some theories state that we can re-train the ear by listening to these missing frequencies. A recent experiment on myNoise aimed at verifying that theory, with a natural sound generator that plays near ultra-sonic frequencies, mainly cicadas and bats. Some users reported that they started to hear frequencies they didn't hear when[…]"
Ok, I did all of the meme software-based web performance hacks I know. I’ve run out. I know this is overkill but it’s way too fun to stop now; I need something more to optimize.
What I’ve done:
Static Brotli compression
Static Efficient-Compression-Tool (ECT) Zopfli-based compression
ECT compression and palette-reduction of all PNGs
next gen image formats (WebP, AVIF, and ready for JPEG-XL when it rolls out)
Optimizing AVIFs with Butteraugli tuning (from libjxl)
Using zlib-ng instead of zlib for dynamic compression
Link rel=preload HTTP header for my avatar (only useful for really slow connections)
HTTPS/SVCB DNS records for HTTP/2 and HTTP/3 APLN, with ipv4 and ipv6 hints
TLS 1.3 with 0-RTT (all requests are idempotent; everything except webmentions and search is static content)
session ticket keys with auto rotation for ticket-based resumption
nginx-quic patched with HPACK and dynamic TLS record sizing support
Compiling nginx and all its libs with -fomg-optimize
OCSP Must-Staple (HSTS Expect-Staple is a WIP)
Re-ordering some <head> elements and CSS rules so that they compress better
Making everything first-party (can re-use a single connection for the full load)
formatting my HTTP headers to match HPACK/QPACK dictionaries, or removing whitespace from them
Cache-busing assets so I can give them long + immutable Cache-Control headers
Inlining my stylesheet (my CSS is about 5kb before compression and it only increases page size by ~1kb after inlining + compressing; I use a CSP hash to allow it)
No JS or blocking assets
Aggressively using CSS containment on everything, and using content-visibility whenever possible
Async image decoding
All images well under 10kb so I don’t need lazy loading or progressive rendering
Tuning TCP Fast Open settings to improve my benchmarks
Ensuring enough free memory is reserved for Linux to cache the necessary files
Optimizations I’ve rejected:
Kernel-based TLS offload with OpenSSL (quictls fork) + Nginx kTLS. My benchmarks showed that this actually made things slower than Nginx + BoringSSL with TLS running in user-space. Things will likely improve in Linux 5.20.
Using a CDN
Speculatively preloading pages ahead-of-time
Minifying my markup (I want it to be readable)
Early Hints (basically useless with a fast back-end)
fetchpriority: browers are good enough at this already.
Lazy loading: I want the page to finish loading once; the user should be able to then disconnect and finish reading.
Removing unused inline CSS per page: I allow CSS with a CSP hash and set the header in my server configs. Having a unique stylesheet per page would cause this header to change, complicating my server workflow and offsetting size reductions by reducing HPACK and QPACK gains.
What’s left to do? I don’t care if it’s not worth the effort; it’s just fun to do.
#DEFCON Group in New Jersey. We meet at Sub Culture, Jersey City once a month to work on hardware/software projects! CFP: info (at) defcon201 [dot] org
This service is offered by alarig.
Beer, privacy and free software lovers. Join us!