BC TECH
Saved by @jacobhtml

A long time ago I coded up a feature for SocialCoder which converts a link - any link - to a short URL. I use it all the time for sharing links to volunteer profiles and to volunteer opportunity listings.

 The feature doesn't care what the link contains, it just hashes the URL, including any query params, and returns a shortened code.
More recently, around Christmas time, I added another feature where I can click a button to send a template notification to a charity that their new listing has been reviewed and published. I call it a next-steps email.
For the past few weeks, its all been working well. Its nice to keep automating things that previously were done by hand.
Fast forward to today.

A new opportunity listing is posted by a charity.

I review and publish it, tweet about it, then click a button to send the charity an emailed notification of next steps.
All very much business as usual, except that I normally tweet about it *after* sending that next-steps email to the charity. I don't know why I deviated from my normal routine, not that its a big deviation, nor should it matter.
But, oh, what a difference that slight deviation from my normal workflow did make.
Turns out I accidentally tweeted out a shortened link that results in the site sending a next-steps email to the charity. Anyone following that link will result in another email being sent.
Almost immediately my inbox gets spammed with flying in as people click on that link, also spamming the poor charity, and proper flustering me I can tell you.
At this point I had no idea what was going on.

Could it be a mail provider problem? Unlikely.

Maybe a bug, an infinite loop or recursion in my code? More likely.
I restarted the site, but the emails kept coming.

I changed the notification email address so that it would only spam me, and not the charity.
And still the emails came.

But now that it was just me being spammed, and not the charity rep, I was able to calm down enough to see what had happened.
A relatively easy fix, and a forehead-slapping moment.

You could say it was a learning moment. So what did I learn?
Lesson 1.

Don't use HTTP GET when a POST is more appropriate. If the request parameters were in the body of the request, and not in the URL, the link would have been fine to share.
Lesson 2.

The feature that sends email should not have been available to anonymous users.

In coding terms, the controller action was missing an [Authorize] attribute. yeah ...oops.
Lesson 3.

Although the consequences of this mistake were relatively minor, affecting only me and the charity rep's Inbox, I still needed to calm down before I could see the problem clearly enough to effectively trouble-shoot. Maybe I'm drinking too much coffee. Maybe.
Lesson 4.

Being able to code a fix, run unit tests, and deploy that fix, all within within minutes is such a valuable thing.

Thank you to the @Azure team who made this so easy.
- end for now -

More from Tech

Caleb Porzio
Caleb Porzio
@calebporzio
🎉🎉 PHP 7.3 is here!

Here are the things I'm excited about.

🚂 Trailing commas in function/method calls!

This will certainly be a required styling choice for me. Same delightful benefits of trailing comma in multi-line PHP arrays, and JavaScript objects.


🧵 Less disgusting heredoc syntax!

Inlining heredoc strings in any way right now is grrrosssss. Now we get sensible capabilities. Everything that was wrong with it is now fixed!

(Ignore the bad syntax highlighting)


☠️ Finally, not-so-silent json_decode error detection!

This really sucked before, now it just sucks a bit less (who wants to pass a 4th param and pass 2 default params first? (helper function anybody?)


📜 Not horrible functions for getting the first and last item (or key) from an array!

Before you either strung a bunch of functions together or messed with internal array pointers. This is a much-needed improvement.
TECH
Yoel Roth
Yoel Roth
@yoyoel
We’ve recently seen research about so-called “bots” and misinformation on Twitter and wanted to share our perspective on why findings that might seem remarkable at first are likely inaccurate. We’re working on a more detailed explanation, but some comments for now.

We continue to be excited by the research opportunities that Twitter data provides. Our service is the largest source of real-time social media data, and we make this data available to the public for free through our public API. No other major service does this.

Many researchers, academics, and journalists use our public API — a set of tools for programmatically accessing information on Twitter. We make all public Twitter content available via our APIs. You can learn more about them here:

The basic issue with much of the research based on our public APIs is simple: The APIs don't provide insight into our defensive actions to protect Twitter from manipulation, including bots.

Because of this, API-based research can't distinguish between accounts we've already identified as bad (and hidden or removed) and real, authentic ones.
TECH
Advertisement
Mrkhtake2
Mrkhtake2
@mrkhtake2
Today we’re going to talk statistics and semantics. I’m going to do so via the medium of one of Twitter’s favourite stats 1.7% (aka “intersex is as common as red heads.”). The statistic comes from Fausto-Sterling’s work, which you can see a review of

To understand the statistic, we have to drill down into what the meaning of the word intersex is. Most people think of hermaphrodites. Let’s stress at the beginning there has been no example ever of a human being with both sets of working reproductive organs.

There is a very tiny percentage of people who are born with both testicular and ovarian tissue (what Fausto-Sterling calls “true hermaphrodites”). And when I say tiny, we’re talking intersex tiny, as in 0.0117/1,000 live births, or one in 1,000,000. These are very complex cases.

So, how do we arrive at 1.7%? What Fausto-Sterling does is apply a wider scope. Instead, she argues that intersex is anything that doesn’t fit into a platonic ideal. The platonic ideal, in this case, being a phenotypically perfect XX female and a phenotypically perfect XY male.

This means that intersex, used in the context of the 1.7% statistic, includes people for whom there is no sexual ambiguity. Take for example Klinefelter syndrome (XXY males). As Fausto-Sterling acknowledges, many males can go their whole life and not realise they are XXY.
TECH
(((E. Glen Weyl)))
(((E. Glen Weyl)))
@glenweyl
I am grateful to @slatestarcodex for taking the time to respond to my critique of technocracy. There is a lot there to respond to and in general I think the exchange speaks for itself. However, I think there are few points where clarification is important for the exchange to be

productive, which I'll briefly address here. I suspect many fellow travelers (e.g. @audreyt @dsallentess @JohnnieM @MichelleRempel @VitalikButerin @mds49) will find the exchange fairly ironic/revealing. I'll post this as a response on this blog as well.

1. Let me start with concessions. There are many points where @slatestarcodex correctly highlights various areas where my grasp of beliefs and facts are limited or wrong, especially in the depth of my grasp of the views of the rationalist community.

I freely admit that there are serious limits to how much I've been able to research the views of people in this community and I certainly hope they are not as I characterized them, though as I will point out below many elements of @slatestarcodex's response confirm my concerns.

2. Given the last point, I fully acknowledge the danger of throwing stones lest I shatter my own glass house. However, leaving aside any blame, I think to make sense of my piece and @slatestarcodex's response requires a bit of context that clearly he lacked. First, outside
TECH
Lea Kissner
Lea Kissner
@LeaKissner
Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.


But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework


We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law

But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
TECH , TEACH

You May Also Like

UN Watch
UN Watch
@UNWatch
The UN just voted to condemn Israel 9 times, and the rest of the world 0.

View the resolutions and voting results here:

The resolution titled "The occupied Syrian Golan," which condemns Israel for "repressive measures" against Syrian citizens in the Golan Heights, was adopted by a vote of 151 - 2 - 14.

Israel and the U.S. voted 'No' https://t.co/HoO7oz0dwr


The resolution titled "Israeli practices affecting the human rights of the Palestinian people..." was adopted by a vote of 153 - 6 - 9.

Australia, Canada, Israel, Marshall Islands, Micronesia, and the U.S. voted 'No' https://t.co/1Ntpi7Vqab


The resolution titled "Israeli settlements in the Occupied Palestinian Territory, including East Jerusalem, and the occupied Syrian Golan" was adopted by a vote of 153 – 5 – 10.

Canada, Israel, Marshall Islands, Micronesia, and the U.S. voted 'No'
https://t.co/REumYgyRuF


The resolution titled "Applicability of the Geneva Convention... to the
Occupied Palestinian Territory..." was adopted by a vote of 154 - 5 - 8.

Canada, Israel, Marshall Islands, Micronesia, and the U.S. voted 'No'
https://t.co/xDAeS9K1kW
SOCIETY
Will Buxton
Will Buxton
@wbuxtonofficial
The Haas / Force India argument is fascinating, and the decision of the stewards may still have consequences. The first key finding is that the stewards ruled Racing Point Force India to be a valid constructor. That means that it builds its own cars.

Haas had argued that the cars had been designed by Force India, but as Haas knows only too well, "outsourcing" is legal. The stewards decided that "there is no regulatory support for the argument that Outsourcing of Listed Parts cannot come from a former or excluded team."

In determining this, the stewards also came to the following conclusion: "In relation to the submission by the Racing Point Force India F1 Team that it is not a new team, the Stewards decide that the Racing Point Force India F1 Team is indeed a new team."

This will have a big knock on effect for Haas in its continued arguments over the rights of RPFI as relates to its eligibility and rights under the complex payments structure. Haas has argued all along that RPFI should be treated as a new team and tread the same path that it did.

TLDR? Haas lost the fight but may have won the war. In having its argument that Racing Point hadn't designed their own car thrown out, they gained clarification that RPFI was a new team.
SPORT
Advertisement
Sumit Grrg
Sumit Grrg
@sumitgrrg
These 10 threads will teach you more than reading 100 books

Five billionaires share their top lessons on startups, life and entrepreneurship (1/10)


10 competitive advantages that will trump talent (2/10)


Some harsh truths you probably don’t want to hear (3/10)


10 significant lies you’re told about the world (4/10)
ALL , MOTIVATION , BOOKS
Andrew Chen
Andrew Chen
@andrewchen
1/ new essay: What's next for marketplace startups? Reinventing the $10 trillion service economy, that's what. Co-authored with @ljin18 https://t.co/fgKbrHTnH5. A short thread 👇

2/ Marketplace startups have done incredibly well over the first few decades of the internet, reinventing the way we shop for goods, but have been less successful services. It's bc services are complex, subjective, fragmented, and often in real life. Makes it hard

3/ There's been 4 major eras at making the service economy work online. The Listings Era, the unbundled Craiglist era, the Uber for X era, and the Managed Marketplace era


4/ Each era has added more value than the last, and utilized technology innovations, from internet to social / "read/write web" to mobile. The "Unbundling Craigslist" era was particularly epic at generating startup ideas


5/ The problem is, all the low-hanging fruit has been picked off. The techniques that got us to here won't get us to the next phase. So we have to do some pretty different things. That's why "Managed Marketplaces" have been a big deal - hire folks as W-2s, certify quality, etc.
STARTUPS
Suhas S. Hardutt
Suhas S. Hardutt
@HarduttSuhas
Marvels of Medical Science in Ancient India

ACHARYA SUSHRUTA and SUSHRUTA SAMHITA

Ancient Indians were pioneers in diverse fields of study and their genius was centuries ahead of their times. Feel the glory, basking in pride of their unparalleled achievements.

(Thread)


Sushruta (circa 7th or 6th century BC) was a surgeon who in present times is known as the “father of Indian medicine” and “father of plastic surgery” for inventing and developing surgical procedures. He lived in Kashi on the banks of river Ganga.(1)

His work documented in the Sushruta Samhita (compendium) is one of the oldest texts in the world on plastic surgery and regarded as one of the trilogies of Ayurveda. The other 2 being the Charaka Samhita and Astanga Hridaya.(2)

Sushruta compiled the Sushruta Samhita as an instruction manual for physicians to treat patients.(3)

The Samhita caters to surgical techniques listing over 300 surgical procedures and 120 surgical instruments. Additionally to 1,120 diseases, injuries and their treatments with over 700 medicinal herbs and their application.(4)
RELIGION