Category: Reference

Handling errors in nodejs and express

Many people surely know all this by now. Still, here are some things I’ve recently learned about notifying clients (browsers, API clients) about errors. Delivering errors from route handlers to clients This is remarkably easy, once you figure it out. Just use the http-errors package. (Beware, not the http-error package; it does something different. Call next() with an object made… Read more →

Net Promoter Score survey from a regulated monopoly? WTF?

I just got an email survey from our local monopoly internet service provider. Will you recommend Comcast to a friend? Yes=10  No=1 This betrays a profound misunderstanding of the usefulness of that kind of survey, called the Net Promoter Score (NPS) survey. Why is “will you recommend our lightly regulated monopoly to your friends” a stupid question?  Well, my friends… Read more →

Plant UML

Software designers sometimes need to present UML sequence diagrams like this one. This kind of thing is absurdly fiddly to draw with most graphics packages. But there’s a language called PlantUML that allows us to write them as text and render them in various software tools, including WordPress with the plugin called PlantUML Renderer. The text for this example is… Read more →

Jupyter on Raspberry pi

Jupyter is an excellent free open source package for literate programming, especially in Python. It’s nice because it keeps a good record of what you try in experimental programming. And it’s easy to tidy up your work when you figure out what you’ve done, and store or publish it. It’s also sweet because it’s a web app. You can program… Read more →

Super simple Javascript Queue class

It’s tempting, when in a hurry, to create a queue object in Javascript with an array. To enqueue something, push() it onto the array. To dequeue it, shift() it off. It works. But it’s slow, because shift() takes O(n) time where n is the length of the queue. Kate Morely cooked up an almost-as-simple but much faster queue implementation. She… Read more →

Yubico FIDO U2F key quick review

A few days ago I ordered some Yubico FIDO U2F security keys, after reading that they are a useful way to help secure various online accounts and keep intruders out. These used to cost US$20 each singly and $18  each in bulk.  The current (Dec 2020) product costs $24.50. They arrived, packaged inconspicously, promptly after I placed my order. They’re… Read more →

Should I encrypt columns in my web application’s database?

Somebody asked whether it’s a good idea to encrypt database columns in a web application. My answer: “It probably won’t help much.” Why? Figure out your threat model Best practice: figure out your threat model before you spend time and money securing your system. If you build complex security measures without a clear idea of your threat model, you’ll trick… Read more →

Cybercrooks stole my data from Equifax! What now? Credit freezes.

On September 7th, 2017, the credit bureau Equifax announced that cybercriminals broke in to its company servers sometime in mid-May 2017 and stole copies of information like Social Security Numbers, driver’s license numbers, birth dates, and home addresses for as many as 143 million residents of the US. The total population is about 329 million, counting children, so there’s a… Read more →