By Riley Major, 2018-04-04.
NDC has been “inspiring software developers since 2008”. Based in Norway, they host large conferences in Oslo, London, Sydney and for the first time this year, Minnesota. To introduce the Twin Cities to their conferences, they hosted a “micro” conference at the Saint Paul RiverCentre on Thursday evening, March 29, 2018.
Three speakers were selected from the 68 slated for the May 7-10 conference to present 30-minute sessions to showcase what sort of content attendees could expect at the full conference. I think these short talks are nearly as useful as longer presentation. As I’ve said before, shorter is often better with conference slots. The idea is to give you a taste of a concept; you can’t learn in depth in 60-75 minutes.
Todd Garner, a founder of TrackJS and organizer of PubConf, has been involved with the NDC group for a few years and lobbied for them to host a conference in Minnesota. He provided some introductory remarks at this event and encouraged attendees to attend the PubConf event planned for after the May conference. The featured speakers covered documentation, security, and TypeScript. Their talks are summarized here.
Fear of the Bus, Heidi Waterhouse (@wiredferret) — If there’s one person in your group you simply can’t lose (be they hit by a bus, or, less morbidly, lottery winners), then you have a critical fragility you should remedy by requiring more collaboration and documentation. No one should be irreplaceable. Ideally, eliminate the need to document processes by automating them. Short of that, provide templates to prompt recording key info; everyone loves Mad Libs. Don’t waste time on making it pretty—a simple text file is a good start—just make sure it’s discoverable and current. “Anything you aren’t current updating is getting wronger and wronger by the day.” You might not even need to write anything new; just gather and publish the notes everyone is already making locally.
“Anything you aren’t currently updating is getting wronger and wronger by the day.” @wiredferret #NDCMinnesota
— Riley Major (@RileyMajor) March 30, 2018
Ship of Fools, Ian Coldwater (@IanColdwater) — “Learning how to hack things has made me think differently. It’s made me a better defender.” Attackers think about connections, about how to break out of one system and into the next, escalating their privileges and scope with each hop. Practice defense in depth; don’t put all your defenses on your perimeter. Practice the principle of least privilege, granting only those permissions necessary for the user or task to complete their work. Make sure you are monitoring so you can detect a breach. Don’t blindly trust other’s code pulled into your system; review the source and/or code. Consult OWASP and consider reading The Tangled Web. Don’t leak your credentials on GitHub; once they’re public, change them, because you can never really erase them. Patch everything. Don’t let your production environment lag because you fear the disruption an update could cause. Consider establishing resource quotas; if your process doesn’t need much CPU, lock it down, so if it’s compromised, it can’t run up a giant bill from cryptomining.
“Often what happens in production stays in production.” @IanColdwater at #NDCMinnesota about how production environments lag in updates and fixes due to fear of disruptions. pic.twitter.com/jYPmLLbAmK
— Riley Major (@RileyMajor) March 30, 2018
Demystifying Typescript, Kamran Ayub (@kamranayub)– TypeScript is a superset of ECMAScript (aka JavaScript) which compiles to “vanilla” JavaScript (and can target the different versions which exist in older browsers). Therefore, any valid ECMAScript is valid TypeScript. It allows a programmer to enforce static typing. It’s widely supported in various IDEs including VS Code and Atom which run on most platforms (e.g. Windows, Linux, and OSX). They can detect errors and use declaration files to provide tooltips. TypeScript is designed to currently support what is likely to be future native ECMAScript features and styles.
“A read-only codebase isn’t good. You shouldn’t be scared of your codebase. You should be able to refactor it.” @kamranayub at #NDCMinnesota on the benefits of type checking in TypeScript. pic.twitter.com/KZ0nqFFZbl
— Riley Major (@RileyMajor) March 30, 2018
I optimistically used “2018” in the title as I hope they have a successful main event and return year after year. International attention supports the growth of our local technical community. Plus, I’m encouraged by the diversity of professionals NDC chose for this conference preview. Our industry is still hostile to underrepresented voices. It’s critically important for potential future technologists to see people like them succeeding in the field. Representation matters:
My teenage daughter posted this today and I’m having so many women in tech feels.
Representation matters. pic.twitter.com/sXcjJa2rIW
— Ian Coldwater (@IanColdwater) March 30, 2018
Thank you NDC for giving these voices a platform. And thank you Ian Coldwater, Heidi Waterhouse, and Kamran Ayub for sharing your expertise with us.