Cage of Souls by Adrian Tchaikovsky

The author did a fantastic job of "world building" a bizarre far-flung future setting as the last remnants of humanity struggle to survive despite their descent into murderous barbarism.  I am disappointed in the magic system because the silly telekinesis & telepathy stuff is not needed for the story. The book is very long (600+ pages) with great subplots and characters in each section of the main character's adventures.  4/5 Stars.

Raymond Chandler Books as Radio Dramas by the BBC

The BBC did a great job in transferring these Philip Marlow stories by Raymond Chandler into fun radio plays.  Included in the collection are:

• The Big Sleep
• The Lady in the Lake
• Farewell my Lovely
• Playback
• The Long Goodbye
• The High Window
• The Little Sister
• Poodle Springs

During the long airplane trips I took recently these stories were a great distraction.  I never read these "Noir" detective stories but I did watch some of the Bogart movies, so the stories were mostly new.  Chandler uses very similar plot tropes across his books but he also occasionally drops some fantastic philosophical aphorisms and high literature writing.  I am glad I got this collection on Audible. 4/5 Stars.

Das Kind von Sebastian Fitzek

Dieses Buch ist sehr vulgär; die Geschichte ist gut geschrieben; aber die Ereignisse sind schrecklich und deprimierend. Ich wollte nichts über die Themen wissen, die in diesem Buch behandelt werden. 1/5 Sterne.

Giants by Peter Watts

Fun short story; I am glad I finally had time to read it. 5/5 Stars.

Two Parsecs from the Goldilocks Zone by Peter Watts

I finally had time to read this novella and it is fantastic, 4/5 Stars.  Aside:  My friend, who is a professional astrophysicist, told me the earth is at the inside border of our sun's "Goldilocks Zone," and the iron core, 24-hour day spin, van Allen belts, that deflect the cosmic rays, solar wind, etc. are needed for us to exist.  I think I had known that before, but it is a great reminder of why we have low coefficients in the Drake equation, partial explanations of the Fermi Paradox, etc.

Efficient training of deep networks with unitary matrices

Yann Lecun has given a few informal talks and published a couple of monographs about why "big data" is frequently not necessarily a good approach to solving difficult classification problems.  He cites his own failures at writing models that view radiological pictures (X-rays) to answer Yes / No questions about a patient. Almost all skilled radiologists solve these problems easily but ML models cannot.  The spectacular failures of IBM Watson in other medical fields is another example.  Lecun is looking for methods of using "good data" instead of "big data" for solving several narrow problems and then generalizing the approach to overcome bigger problems with bigger data.

Two of the major problems in recurrent neural net (RNN) deep learning when it is applied to large data sequences are setting the initial conditions and stabilizing the learning process. Learning normally consists of iterating a process of applying linear transformations and then a pointwise nonlinearity to the state data.   Sometimes the gradient disappears or becomes infinite, so the learning fails completely.

Bobak Kiani and a few other co-authors, including Yann Lecun have published a cool trick of using unitary matrices whose eigenvalues never go above or below a magnitude of one and therefore prevent these failures.  Not only will it always complete, but it will also run in O(kN^2) time.  The authors claim their new algorithm is faster in all cases and that even with k=1 it is nearly as accurate.

Security through Simplicity: there is no attack surface like NO ATTACK SURFACE

Another day, another major security vulnerability is uncovered in some complex system.  Amazon Web Service (AWS) provides a convenient Relational Database Service (RDS) service that hooks up to many AWS-hosted database systems like PostgreSQL.  AWS added support for some advanced features of PostgreSQL in a somewhat sloppy manner (including all keys & credentials in clear text in local files) that created a few severe security vulnerabilities. 

Gafnit Amiga uncovered these vulnerabilities and dutifully reported them to AWS, who fixed them quickly.  Her writeup is very easy to follow and quite entertaining.

Her conclusion emphasises my strong belief that simplicity is the most-important principle in software design; more specifically, there is no information security (InfoSec) attack surface as good as no attack surface.

Das Unmoralische Testament

Die Charaktere in dieser Geschichte sind primitive, dunkle Menschen, die alle Kriminelle sind. Ich habe keine Empathie für einen von ihnen. Interessant waren jedoch die Handlung, das Rätsel und seine Lösung. 2/5 Sterne.

The Seven Percent Solution by Nicholas Meyer & David Case

I remember watching the fun movie version of this book in 1976 when it premiered, but I was not interested in the book at the time. Earlier this year, I read Nicholas Meyer's second Sherlock Holmes book and added this first book to my queue. The film is, fortunately or unfortunately, a very good rendition of all of the events in the book, so I knew what would happen; but the writing is enjoyable.  If you have not seen the film and like Sir Arthur Conan Doyle's books, I recommend this book. 3/5 Stars.  There are very many books, films, tv series, fan fiction, short stories, etc. that are based on Conan Doyle's Sherlock Holmes character.  I think my favorite series is by Laurie King where she chronicled the adventures of Mary Russel & Sherlock Holmes.

Number Needed to Treat (NNT)

Sebastian Rushworth, a medical doctor in Sweden, takes us on an interesting tour of the medications we take for our health through the lens of two thought experiments,  the NNT measurement, and the "number needed to harm" (NNH) measurement.  15% of adults in Western countries take Selective serotonin reuptake inhibitor (SSRI)  medications despite their 14% effectiveness (NNT = 7) and 25% chance  of seriously harmful side effects (NNH=4).  Worse, a quarter (25%) of adults over 40 take a high dose of a statin every day despite their 2% effectiveness (NNT = 40) and NNH = 2.4, i.e. 42% of these adults suffer a significant, harmful side-effect.  A few years ago, I went to my physician because of my ancestors' heart disease issues. He told me to go running more and eat better instead of taking harmful medications.

Developer Control Plane & other neo-phrase coinage

In addition to "quiet" containers that flag fewer false positives in security scans, social media has recently started coining (minting?) a flurry of new terminology:

1. DevSecOps makes coders more responsible for the security of their code; InfoSec tools embedded in the integrated development environment (IDE) code editors shifts InfoSec "left" to identify issues as the coder types them in. DevSecOps includes other efforts such as red teaming that evolves efforts out of "checklists" and scanners because of recent catastrophic failures of this approach.
2. Developer Control Plane describes how developers are taking more control of their deployment pipelines, observability, and operations (devops).  In particular, the gitops style popularized by gitlabs and embraced by github actions is sweeping our industry because of its elegance and simplicity.
3. Developer Platform Engineering is a synonym and expansion of the configuration management policies, continuous integration pipelines, & deployment pipelines. 

Everything that is old is new again!  Tasking individual coders with more, different specialized disciplines is not always the best approach and does not scale as well.  But the zeitgeist and "fashion" currently is increasing the breadth of a coder's assignments and responsibilities.

Arkship trilogy 2, The Captain's Daughter by Peter F Hamilton

An audible exclusive.  I am very disappointed in the characters, plot, science, and writing. I don't care about the characters.  The conflict is embarrassingly poorly conceived.  1/5 Stars.  I shall likely not read or listen to the last one.

Eight good principles & associated patterns for service reliability and targeted observability

Jason Smale at Zendesk has a nice write-up of his team's eight principles they distilled from the evolution of their reliability journey.  The first principle is another repetition of Charity Major's  "the nines don't matter if your customers can't use your service."  

Read the whole thing.

Nova by Samuel R Delany (1968)

I saw a reference to this book and got the ebook version.  3 pages in, I realized I had read it in 1969 (when it won the Hugo award) and I remembered all the details and the entire story.  I skimmed through the rest of the ebook in a few minutes and noticed the new edition had added  a few paragraphs the author had originally written containing a rant by the antagonist to make him more evil.  I think the original is a little better.  Despite the outdated physics and odd occult mumbo jumbo, the book still holds up, 3/5 Stars.

Deutschland 2050: Wie der Klimawandel unser Leben verändern wird von Nick Reimer und Toralf Staud

Dieses Buch ist ziemlich lang – 400 Seiten. Jeder Abschnitt erklärt sein Thema ausführlich. Die Autoren gehen jedoch implizit davon aus, dass sich unsere Technologie nicht ändern wird. Eine weitere implizite Annahme ist, dass keine Bemühungen zur Abwendung der Klimakatastrophe Wirkung zeigen werden. Diese zweite Annahme ist wahrscheinlich wahr, aber die erste Annahme ist mit ziemlicher Sicherheit nicht wahr. Das Buch ist sehr informativ und erklärt unser Verständnis besser als das Buch von Bill Gates. Allerdings fand ich es an manchen Stellen langweilig. 3/5 Sterne.

Wayard Galaxy 3 by Jason Anspach & J. N. Chaney

The authors have said in an interview that they enjoy writing in this branch of their metaverse because of the "Brody" character.  Brody's dialog and rants make this entire book worth reading. I thought Brody was a little over-the-top and silly in the first two books, but he/it has grown on me. 4/5 Stars.

The Sins of our Fathers by James S A Corey

When a professional writer is confused or blocked because she has not developed her character deeply enough in her own mind to write about how her character will react or behave in specific plot situations, she will sometimes write little vignette stories from her character's past to help her develop the character in her own mind.  And, other elements of a book such as B-plot side actions that flesh out a timeline are cut by the editor so fans never get to enjoy them. Both of these unpublished materials are sometimes expanded and completed after a book becomes popular into a complete short story or novella.  The novellas and short stories of Daniel Abraham and Ty Franck (pen name "James S. A. Corey") appear to me to be from that slush pile of cut material.  This novella centers on Naomi Nagata's son Filip and takes place after the end of the series.  The societal, ethical, and sociological themes are well-written. 5/5 Stars.

The Kaiju preservation society

I love all of Scalzi's books, especially the cynical, over-the-top sarcastic comedies.  The tropes in this one were a little too predictable and melodramatic, but the dialog was fantastic, 4/5 Stars.

One Data Engineering Team's Observability journey

Here is an interesting story that is near-and-dear to my heart:  A small data engineering team crafted their systems for modest scale and then suddenly had to deal with hypergrowth.  Glossing over their early miscues, Ricardo  Souza has a good write-up of the elegant methods they are using now.

Again: There is no attack surface as good as NO attack surface

Here is another reminder about why simple base images are more secure.  The new word for smaller, simpler, more secure base images is "quiet" because they flag fewer false positives in security scanners, are easier to maintain, and typically contain fewer security flaws.

In software & information security, as in software design, simplicity is paramount.  Whenever I read criticisms of microkernels or minimal docker images that do not separate kernel from user space with enough security layers or "security issues" in tiny distros that don't do enough to assure UID 0 separation from unprivileged UIDs, I shake my head.  If your docker container has a remote execution exploit such that bad actors can use all of its resources to access and launch further attacks, none of these "security vulnerabilities" matters.  Even the workhorse 106KB small 300+ commands BusyBox that I personally use frequently can be secured.  In real estate your top three priorities are "Location, location, location." In software design and in software security, the top three priorities are: "Simplify, simplify, simplify."

Better Outline of New Hire Documentation for Developers

Wow!  This "Reverse Onboarding" (as my buddy called it) list of 20 questions a developer should ask when she joins a new team is a fantastic outline for new-hire onboarding and a great, prioritized checklist for getting settled into a new team.