Wiki idea: what happens when you press Enter on your browser

Here is an idea that I had and that I don't have time to work on. I read somewhere about the following job interview question:

What happens after you write a URL in your browser and press Enter?

If you think about this for a moment, you might realize that what this question really means is "tells us everything you know about computers". I have yet to find a topic that wouldn't be involved in giving a full response. Off the top of my head, and in roughly chronological order, you would have to explain...

  • ... how your keyboard sends signals, including the difference between pressing and releasing a key. Also, how your computer display works.
  • ... how to turn a series of electric impulses into a character.
  • ... how to parse a URL, including the difference between Unicode and ASCII.
  • ... how the internet works: DNS, TCP/IP, IPv4 vs IPv6, routing, etc
  • ... how the browser and server negotiate the type of content they want. It might also include an introduction to the GZIP compression algorithm.
  • ... a primer on HTTPS, including cryptography and handling certificates.
  • ... what is a web server and how it works. Same for load balancers, proxies, and pretty much all modern server infrastructure.
  • ... how your operating system renders anything on screen.
  • ... how your web browser renders content.
  • ... the standards involved in receiving content: HTML, CSS, JavaScript, etc.

I imagine that this would be a great idea for a Wiki: the main page would simply present the general question, and you could go deeper and deeper until you reach your motherboard's buses, your microprocessor's cache, the specifics of BGP, or pretty much anything that was ever used in an internet-connected computer.

I was never asked this question, which is a bit of a missed opportunity: I don't know exactly how many hours I could waste on this question, but I'm willing to bet it would be more than what any reasonable interviewer is willing to spend. More realistically, I imagine the point of the question is both to check whether you know about computers and, more important, whether you know when to stop talking about computers.

Here we go again - encryption and the EU

The Council of the European Union has released this Draft in which they call for what is effectively a ban on End-to-End Encryption (E2EE). The document itself is unsurprisingly vague, but if you follow the parallel document about "Exceptional Access" you'll see a bunch of proposed solutions, all of which require the interception of your private communications. As it is to be expected, the documents pinky swears that this is the only way that terrorists and child predators will be stopped.

There are several reasons why this is a stupid idea. Today's post will briefly detail the main two.

First, this is technically impossible. The entire point of E2EE is that no one (not you, not me, not the NSA) can decrypt their content without the right key. And yet, the proposal that has been passed around in the last years is the idea of a "master key", a key that only authorities have and that would be "carefully" used by the authorities to legally decrypt content between two parties that they consider suspicious. So let's assume that WhatsApp implements this idea. They now have a single key that only the EU can access. Well, two keys - Australia has legally mandated backdoors, so they need their own. And China will need one too. The US wouldn't need one, simply because some of WhatsApp servers are in the USA and therefore the NSA can use a National Security Letter to force WhatsApp to reveal the other keys while forbidding everyone to talk about this. As you can see, the "one single key" idea is flawed from the very beginning.

And then there are the hackers: if it comes out that there is a secret key that breaks WhatsApp's encryption, it is now a race between WhatsApp's engineers to keep it safe against every single government in the world trying to break it.

The second main point is: if you ban secure communications, then only criminals will have access to secure communications. We already have unbreakable encryption and it is trivial for any criminal organization to deploy their own. So they are not the ones whose communications will get intercepted. The only wiretapped ones will be us, the law-abiding citizens. Instead of keeping us safe from criminals, the Council of the European Union is delivering us into the data collection efforts of the NSA and friends.

A call for action

Do you remember when the European Unions imposed sanctions against the NSA for their illegal data collection? Me neither, because that didn't happen. And I don't see why this time it would be any different. Well, there is that one time when Angela Merkel told Obama that she was angry he wiretapped her phone. I'm sure he felt really bad about that. But my point is: I wouldn't expect our politicians to stand up for our privacy, in particular when they are the ones creating the problem to begin with.

We have once again a proposal that will not stop any criminals, is technically impossible, and that is being written without asking anyone who knows what they are talking about. If you are in the EU I ask you to contact your representatives - I am not aware at the time of any movement against this, but I bet at least the Pirate Party will have something to say (edit Nov. 25: they do). The tech industry already lost the DRM fight (as exemplified by the ongoing youtube-dl saga) and the fight against Article 13. And there are lobbying efforts underway to bring software patents to Europe.

Don't let your privacy go away too.

Further reading

  • Whenever someone swears that they can keep the "master key" secret, remind them of that time the secret NSA luggage keys ended up in the Washington Post.
  • A Hacker News thread with more than 650+ comments discussing several other points with much more details.

Unpaid paid recommendations

In today's weekend posting, two recommendations about things that are not free (which is a first) and a rant (which is very much in brand for this blog).

Drawing faces with JLJ

On a previous blog entry I complained that it's very difficult to find a good drawing tutorial because many, many teachers will suggest something as useless as "do whatever comes natural". So imagine my surprise when I found a course on drawing faces that makes none of those mistakes.

The course in question is titled "How to draw a portrait" and is taught by an illustrator from Florida called Joshua L Johnson. The course guides you through the steps of framing your drawing, identifying the main features, refining the details and, finally, adding shadows. The course can be found on Skillshare following this link.

I like this course for a couple reasons. First, each step is actionable: when he wants you to draw an eye, he explains that a generic eye is composed of 7 segments and explains where to place each one. Second, the workflow itself is designed in a smart way, first delimiting "areas" of work and then refining them step by step. The course ends with a 40 minutes, real-time lesson on how to draw a specific face from beginning to end which I found really helpful. So if your faces are as bad as mine, you should consider taking a look.

Solutions and other problems

It is hard for me to express to you how ridiculously funny Allie Brosh is. Her blog Hyperbole and a half is the only website I can remember where I had to stop reading for minutes at a time because I couldn't stop laughing. Some of the most well-known entries are probably This is why I'll never be an adult which gave rise to the "all the things" meme, and the creation of the Alot. Unsurprisingly, her first book collecting some of these stories ended up being a New York Times best-seller.

Perhaps more well-known are her two posts on depression (part 1, part 2) where she manages to put in words the feelings of thousands of people. I have seen an actual therapist recommend these posts to people, and the almost 10K collective comments in those entries alone seem to agree.

And the reason I am bringing up these two sides of her blog is because I recently read her second book, and let me tell you, it is a roller coaster: it is funny, it is sad, and sometimes it's both at the same time. It is the best thing I read all year, and I think everyone should do the same. To say that I recommend it would be an understatement. It would be more accurate for you to imagine me grabbing you by your clothes while yelling "READ THIS BOOK".

Disclaim all of the things

I didn't want to leave this post as it is without complaining about how difficult it is to make an honest recommendation on the internet.

I have a subscription to Skillshare because I like the quality of their courses, but I am really, really annoyed at their marketing showing up everywhere. With so many youtubers doing paid promotions for courses they don't care about, I feel slightly dirty making a recommendation just like them, even if no one is paying me for doing it. I thought for a second about pointing you to a free mirror, but that would be unfair to the course's creator.

Similarly, someone on Allie Brosh's publishing team had the brilliant idea of creating fake Reddit accounts and using them to market the book. People like them make it impossible for me to recommend almost anything in good conscience. I have decided to make an exception for this specific book, but I don't see that happening again anytime soon.

I miss funny Dilbert

There was once an article about Jim Davis, creator of Garfield, in which he recognizes the recipe of his success. The trick, it seems, was to make Garfield as inoffensive as possible. No matter what you believe, no matter how delicate your sensitivities are, you can always read Garfield without feeling hurt or offended. Comedians might object that a lot of humor boils down to ridiculing something, so it's worth asking: if Garfield does not offend anyone, how does it manage to keep being funny? The answer should be obvious to Garfield's readers: it doesn't. Because Garfield is not funny.

The reasoning is pretty interesting: Jim Davis' goal was not to be the next greatest American cartoonist, nor to push the boundaries of comic strips as an art form (that would be Bill Watterson). His goal was to make money, and boy did he succeed at that. By being a recognizable, bland, perfectly formulaic icon, Garfield can be adopted by any company or product willing to pay for it. The key, said Davis in this interview, was to make the strip as plain and predictable as possible. "Oh, look,", says the reader, "Garfield is mad because it's Monday". Cue the sound of crickets.

The same, I'm afraid, has happened to Dilbert some time ago. And while it pained me to stop reading after so many years, I've read enough to understand that the Dilbert I liked is gone, replaced by that which he was intended to criticize. Including the archives, I read about 27 years worth of strips, so it was not a decision I took lightly. That was about 4 years ago, and I haven't regretted the decision.

For those who might feel like me, and as a service to the community, I give you the one and only strip you will ever need from now on. It is the culmination of years of Dilbert, and nothing you read in the actual strip will be better than this in the foreseeable future.

A boring fake strip, where the boss says "I'm going to say something stupid" and Dilbert replies "I'm going to insult you to your face"

Now, in all fairness, congratulations to Scott Adams: he has managed to secure Dilbert in the mind of the public, and he made a lot of money out of it. It was sad to see the old Dilbert go away, but then again, I don't have an animated series nor an (forever in production) upcoming movie to my credit. Having said that, I can only wonder how much more he could have produced if he hadn't rested on his laurels: his Wikipedia achievements have almost entirely peaked around 2010, and he seems to spend most of his time nowadays writing about what an amazing president Donald Trump is. While this is speculation on my part, I believe this might be why his blog is no longer featured on the Dilbert homepage.

I can see why he doesn't need to come with new ideas for Dilbert strips. After all, he has enough money to do whatever he wants. I just wish "make Dilbert funny again" was one of those things he cared about.