Tags: uri

249

sparkline

Wednesday, October 6th, 2021

Measuring design on the Clearleft podcast

A new episode of the Clearleft podcast just dropped and I have to say, this is one of my favourites so far. It’s all about measuring design.

There was a bit of a theme running through UX Fest earlier this year. On the one hand, there was all the talk of designers learning to speak the language of business (to get that coveted seat at the table), which means talking in numbers. But on the other hand, isn’t there a real danger in reducing user experience to numbers in a spreadsheet?

For this episode I put the narrative together using lots of snippets from different talks, not just from UX Fest but from previous Clearleft events too. I also got some good hot takes from my colleagues Chris, Andy, and Maite. Oh, and it opens with former US Secretary of Defense, Robert McNamara. If you know, you know.

This episode comes in at 22 and a half minutes and I think it’s well worth your time. Have a listen.

This is the penultimate episode of season three. Just one more to go!

Thursday, September 2nd, 2021

Airport time

I went and spoke at an actual real live conference. As expected, it felt good …and weird. All at the same time.

It felt strange to be inside a building with other humans sharing an experience. At times it felt uncomfortable. The speaker’s dinner the night before the conference was lovely …and anxiety-inducing. Not just because it was my first time socialising in ages, but also just because it was indoors. I’ve been avoid indoor dining.

But the travel to Zürich all went smoothly. The airport wasn’t too busy. And on the airplane, everyone was dutifully masked up.

There’s definitely more paperwork and logistics involved in travelling overseas now. Jessica and I had to fill in our passenger locator forms for Switzerland and the UK. We also needed to pre-book a Covid test for two days after we got back. And we had to get a Covid test while we were in Switzerland so that we could show a negative result on returning to England. It doesn’t matter if you’re double-vaccinated; these tests are mandatory, which is totally fair.

Fortunately the conference organisers took care of booking those tests, which was great. On the first day of the conference I ducked out during the first break to go to the clinic next door and have a swab shoved up my nose. Ten minutes later I was handed a test result—negative!—complete with an official-looking stamp on it.

Two days later, after the conference was over, we had time to explore Zürich before heading to the airport to catch our evening flight. We had a very relaxing day which included a lovely boat trip out on the lake.

It was when we got to the airport that the relaxation ended.

We showed up at the airport in loads of time. I subscribe to the Craig Mod school of travel anyway, but given The Situation, I wanted to make sure we accounted for any extra time needed.

We went through security just fine and waited around for our gate to come up on the screen of gates and flights. Once we had a gate, we made our way there. We had to go through passport control but that didn’t take too long.

At the gate, there was a queue so—being residents of England—we immediately got in line. The airline was checking everyone’s paperwork.

When we got to the front of the line, we showed all our documents. Passport? Check. Boarding pass? Check. Passenger locator form? Check. Negative Covid result? Che …wait a minute, said the member of staff, this is in German. According to gov.uk, the test result needs to be in English, French, or Spanish.

I looked at the result. Apart from the heading at the top, all of the actual information was international: names, dates, and the test result itself said “neg.”

Not good enough.

My heart sank. “Call or email the clinic where you got the result. Get them to send you an English or French version” said the airline representative. Okay. We went off to the side and started doing that.

At this point there was still a good 40 or 50 minutes ’till the flight took off. We could sort this out.

I phoned the clinic. It was late Saturday afternoon and the clinic was closed. Shit!

Jessica and I went back to the gate agent we were dealing with and began pleading our case (in German …maybe that would help). She was very sympathetic but her hands were tied. Then she proposed a long shot. There was a Covid-testing centre in the airport. She would call them and tell them we were coming. But at this point it was 35 minutes until the flight left. We’d really have to leg it.

She scribbled down vague directions for where we had to go, and we immediately pelted off.

At this point I feel I should confess. I did not exhibit grace under pressure. I was, to put it mildy, freaking out.

Perhaps because I was the one selfishly indulging in panic, Jessica kept her head. She reminded me that we weren’t travelling to a conference—there wasn’t anywhere we had to be. Worst case scenario, we’d have to spend an extra night in Zürich and get a different flight tomorrow. She was right. I needed to hear that.

I was still freaking out though. We were running around like headless chickens trying to find where we needed to go. The instructions had left out the crucial bit of information that we actually needed to exit through passport control (temporarily re-entering Swiss territory) in order to get to the testing centre. Until we figured that out, we were just running hither and tither in a panic while the clock continued to count down.

It was a nightmare. I don’t mean that figuratively. I mean, I’m pretty sure I’ve had this exact nightmare. I’m in a building with a layout I don’t know and I need to get somewhere urgently but I don’t know how to get there.

Even the reason for this panicked situation felt like it had a dream logic to it. You know when you wake up from a bad dream and you examine the dream in retrospect and you realise it doesn’t actually make any sense? Well, that’s how this felt. You’ve got a negative test result but it needs it to be in one of these three languages …I mean, that sounds like the kind of nonsensical reasoning that should dissolve upon awakening.

Time was slipping away. Our flight leaves in twenty minutes.

Finally we realise that we need to go back through passport control. On the other side we run around some more until we spot the location that matches the vague description we’ve been given. There’s a sign! Covid testing centre!

We burst in through the doors. The gate agent had called ahead so we were expected. The young doctor on duty was cool as a cucumber. He must have to deal with this situation all day long. He calmly got us both to start filling in the appropriate online forms to pay for the tests, but instead of waiting for us to finish doing that, he started the testing straight away. Smart!

This felt like another nightmare I’ve had. I don’t mean having a swab shoved up my nose until it tickles my brain—that was probably the least uncomfortable part of this whole ordeal. I mean I need to fill out this web form accurately. On a touch screen device. And do it as quickly as possible!

Well, we did it. Filled in the forms, got the swabs. But now it was less than fifteen minutes until our flight time and we knew we still had to get back through passport control where there were lines of people.

“You’ll have the test results by email in ten minutes,” said the doctor. “Go!”

We sprinted out of there and went straight for the passport lines. Swallowing my pride, I went to the people at the end of a line. “Our flight leaves in ten minutes! Can we please cut in front!?”

“No.”

Right, next line. “Our flight leaves in…”

“Yes, yes! Go!”

“Thank you! Thank you so much!”

We repeated this craven begging until we got to the front of the line and gave our passports to the same guy who had orginally stamped them first time we came through. He was unfazed.

Then we ran back to the gate. Almost everyone had boarded by this point, but the gate was still open. Maybe we could actually make it!

But we still needed our test results. We both stood at the gate with our phones in hand, the email app open, frantically pulling to refresh.

The minutes were ticking by. At this point the flight departure time had arrived, but the gate agent said there was a slight delay. They could wait one or two minutes more.

Pull, refresh. Pull, refresh.

“I’ve got mine!” shouted Jessica. Half a minute later, mine showed up.

We showed the gate agent the results. She stamped whatever needed to be stamped and we were through.

I couldn’t believe it! Just 15 minutes ago I had been thinking we might as well give up—there was absolutely no way we were going to make it.

But here we were boarding the plane.

We got to our seats and strapped in. We were both quite sweaty and probably looked infectious …but we also had fresh proof that neither of had the ’rona.

We just sat there smiling, looking at each other, and shaking our heads. I just couldn’t believe we had actually made it.

The captain made an announcement. They were having a little technical difficulty with the plane’s system—no doubt the cause of the slight delay, luckily for us. They were going to reboot the system in the time-honoured fashion of turning it off and again.

The lights briefly went out and then came back on as the captain executed this manouvre.

Meanwhile Jessica and I were coming down from our adrenaline rush. Our breathing was beginning to finally slow down.

The captain’s voice came on again. That attempt at fixing the glitch hadn’t worked. So to play it safe, we were going to switch planes. The new plane would take off in an hour and a half from a different gate.

As the other passengers tutted and muttered noises of disapproval, Jessica and I just laughed. A delay? No problem!

But oh, the Alanis Morissette levels of irony! After all that stress at the mercy of the ticking clock, it turned out that time was in plentiful supply after all.

Everything after that proceeded without incident. We got on the replacement plane. We flew back to England. We breezed across the border and made our way home.

It felt good to be home.

Tuesday, August 24th, 2021

Travel

I’m speaking at a conference this week. But unlike all the conference talks I’ve done for the past year and a half, this one won’t be online. I’m going to Zürich.

I have to admit, when I was first contacted about speaking at a real, honest-to-goodness in-person event, I assumed that things would be in a better state by the end of August 2021. The delta variant has somewhat scuppered the predicted trajectory of The Situation.

Still, this isn’t quite like going to speak at an event in 2020. I’m double-vaccinated for one thing. And although this event will be held indoors, the numbers are going to be halved and every attendee will need to show proof of vaccination along with their conference ticket. That helps to put my mind at ease.

But as the event draws nearer, I must admit to feeling uneasy. There’ll be airports and airplanes. I’m not looking forward to dealing with those. But I am looking forward to seeing some lovely people on the other end.

Monday, August 16th, 2021

Upgrade paths

After I jotted down some quick thoughts last week on the disastrous way that Google Chrome rolled out a breaking change, others have posted more measured and incisive takes:

In fairness to Google, the Chrome team is receiving the brunt of the criticism because they were the first movers. Mozilla and Apple are on baord with making the same breaking change, but Google is taking the lead on this.

As I said in my piece, my issue was less to do with whether confirm(), prompt(), and alert() should be deprecated but more to do with how it was done, and the woeful lack of communication.

Thinking about it some more, I realised that what bothered me was the lack of an upgrade path. Considering that dialog is nowhere near ready for use, it seems awfully cart-before-horse-putting to first remove a feature and then figure out a replacement.

I was chatting to Amber recently and realised that there was a very different example of a feature being deprecated in web browsers…

We were talking about the KeyboardEvent.keycode property. Did you get the memo that it’s deprecated?

But fear not! You can use the KeyboardEvent.code property instead. It’s much nicer to use too. You don’t need to look up a table of numbers to figure out how to refer to a specific key on the keyboard—you use its actual value instead.

So the way that change was communicated was:

Hey, you really shouldn’t use the keycode property. Here’s a better alternative.

But with the more recently change, the communication was more like:

Hey, you really shouldn’t use confirm(), prompt(), or alert(). So go fuck yourself.

Tuesday, August 10th, 2021

Stay alert - DEV Community 👩‍💻👨‍💻

It’s not just a story about unloved APIs, it’s a story about power, standards design, and who owns the platform — and it makes me afraid for the future of the web.

A thoughtful, considered post by Rich Harris on the whole ballyhoo with alert and its ilk:

For all its flaws, the web is generally agreed to be a stable platform, where investments made today will stand the test of time. A world in which websites are treated as inherently transient objects, where APIs we commonly rely on today could be cast aside as unwanted baggage by tomorrow’s spec wranglers, is a world in which the web has already lost.

Monday, August 9th, 2021

Choice Words about the Upcoming Deprecation of JavaScript Dialogs | CSS-Tricks

Believe it or not, I generally am a fan of Google and think they do a good job of pushing the web forward. I also think it’s appropriate to waggle fingers when I see problems and request they do better. “Better” here means way more developer and user outreach to spell out the situation, way more conversation about the potential implications and transition ideas, and way more openness to bending the course ahead.

Google vs. the web | Go Make Things

With any changes to the platform, but especially breaking ones, communication and feedback on how this will impact people who actually build things with the web is super important, and that was not done here.

Chris has written a thoughtful reflection on last week’s brouhaha around confirm, prompt, and alert being deprecated in Chrome. The way that the “developer relations” folks at Google handled feedback was less than ideal.

I reached out to one of the Google Chrome developer advocates I know to see if I could learn more. It did not go well.

Sunday, August 8th, 2021

Chromium Blog: Increasing HTTPS adoption

At some point, you won’t be able to visit the first web page ever published without first clicking through a full-page warning injected by your web browser:

Chrome will offer HTTPS-First Mode, which will attempt to upgrade all page loads to HTTPS and display a full-page warning before loading sites that don’t support it. Based on ecosystem feedback, we’ll explore making HTTPS-First mode the default for all users in the future.

Friday, August 6th, 2021

Foundations

There was quite a kerfuffle recently about a feature being removed from Google Chrome. To be honest, the details don’t really matter for the point I want to make, but for the record, this was about removing alert and confirm dialogs from cross-origin iframes (and eventually everywhere else too).

It’s always tricky to remove a long-established feature from web browsers, but in this case there were significant security and performance reasons. The problem was how the change was communicated. It kind of wasn’t. So the first that people found out about it about was when things suddenly stopped working (like CodePen embeds).

The Chrome team responded quickly and the change has now been pushed back to next year. Hopefully there will be significant communication before that to let site owners know about the upcoming breakage.

So all’s well that ends well and we’ve all learned a valuable lesson about the importance of communication.

Or have we?

While this was going on, Emily Stark tweeted a more general point about breakage on the web:

Breaking changes happen often on the web, and as a developer it’s good practice to test against early release channels of major browsers to learn about any compatibility issues upfront.

Yikes! To me, this appears wrong on almost every level.

First of all, breaking changes don’t happen often on the web. They are—and should be—rare. If that were to change, the web would suffer massively in terms of predictability.

Secondly, the onus is not on web developers to keep track of older features in danger of being deprecated. That’s on the browser makers. I sincerely hope we’re not expected to consult a site called canistilluse.com.

I wasn’t the only one surprised by this message.

Simon says:

No, no, no, no! One of the best things about developing for the web is that, as a rule, browsers don’t break old code. Expecting every website and application to have an active team of developers maintaining it at all times is not how the web should work!

Edward Faulkner:

Most organizations and individuals do not have the resources to properly test and debug their website against Chrome canary every six weeks. Anybody who published a spec-compliant website should be able to trust that it will keep working.

Evan You:

This statement seriously undermines my trust in Google as steward for the web platform. When did we go from “never break the web” to “yes we will break the web often and you should be prepared for it”?!

It’s worth pointing out that the original tweet was not an official Google announcement. As Emily says right there on her Twitter account:

Opinions are my own.

Still, I was shaken to see such a cavalier attitude towards breaking changes on the World Wide Web. I know that removing dangerous old features is inevitable, but it should also be exceptional. It should not be taken lightly, and it should certainly not be expected to be an everyday part of web development.

It’s almost miraculous that I can visit the first web page ever published in a modern web browser and it still works. Let’s not become desensitised to how magical that is. I know it’s hard work to push the web forward, constantly add new features, while also maintaining backward compatibility, but it sure is worth it! We have collectively banked three decades worth of trust in the web as a stable place to build a home. Let’s not blow it.

If you published a website ten or twenty years ago, and you didn’t use any proprietary technology but only stuck to web standards, you should rightly expect that site to still work today …and still work ten and twenty years from now.

There was something else that bothered me about that tweet and it’s not something that I saw mentioned in the responses. There was an unspoken assumption that the web is built by professional web developers. That gave me a cold chill.

The web has made great strides in providing more and more powerful features that can be wielded in learnable, declarative, forgiving languages like HTML and CSS. With a bit of learning, anyone can make web pages complete with form validation, lazily-loaded responsive images, and beautiful grids that kick in on larger screens. The barrier to entry for all of those features has lowered over time—they used to require JavaScript or complex hacks. And with free(!) services like Netlify, you could literally drag a folder of web pages from your computer into a browser window and boom!, you’ve published to the entire world.

But the common narrative in the web development community—and amongst browser makers too apparently—is that web development has become more complex; so complex, in fact, that only an elite priesthood are capable of making websites today.

Absolute bollocks.

You can choose to make it really complicated. Convince yourself that “the modern web” is inherently complex and convoluted. But then look at what makes it complex and convoluted: toolchains, build tools, pipelines, frameworks, libraries, and abstractions. Please try to remember that none of those things are required to make a website.

This is for everyone. Not just for everyone to consume, but for everyone to make.

Tuesday, August 3rd, 2021

Facebook Container for Firefox

Firefox has a nifty extension—made by Mozilla—called Facebook Container. It does two things.

First of all, it sandboxes any of your activity while you’re on the facebook.com domain. The tab you’re in is isolated from all others.

Secondly, when you visit a site that loads a tracker from Facebook, the extension alerts you to its presence. For example, if a page has a share widget that would post to Facebook, a little fence icon appears over the widget warning you that Facebook will be able to track that activity.

It’s a nifty extension that I’ve been using for quite a while. Except now it’s gone completely haywire. That little fence icon is appearing all over the web wherever there’s a form with an email input. See, for example, the newsletter sign-up form in the footer of the Clearleft site. It’s happening on forms over on The Session too despite the rigourous-bordering-on-paranoid security restrictions in place there.

Hovering over the fence icon displays this text:

If you use your real email address here, Facebook may be able to track you.

That is, of course, false. It’s also really damaging. One of the worst things that you can do in the security space is to cry wolf. If a concerned user is told that they can ignore that warning, you’re lessening the impact of all warnings, even serious legitimate ones.

Sometimes false positives are an acceptable price to pay for overall increased security, but in this case, the rate of false positives can only decrease trust.

I tried to find out how to submit a bug report about this but I couldn’t work it out (and I certainly don’t want to file a bug report in a review) so I’m writing this in the hopes that somebody at Mozilla sees it.

What’s really worrying is that this might not be considered a bug. The release notes for the version of the extension that came out last week say:

Email fields will now show a prompt, alerting users about how Facebook can track users by their email address.

Like …all email fields? That’s ridiculous!

I thought the issue might’ve been fixed in the latest release that came out yesterday. The release notes say:

This release addresses fixes a issue from our last release – the email field prompt now only displays on sites where Facebook resources have been blocked.

But the behaviour is unfortunately still there, even on sites like The Session or Clearleft that wouldn’t touch Facebook resources with a barge pole. The fence icon continues to pop up all over the web.

I hope this gets sorted soon. I like the Facebook Container extension and I’d like to be able to recommend it to other people. Right now I’d recommed the opposite—don’t install this extension while it’s behaving so overzealously. If the current behaviour continues, I’ll be uninstalling this extension myself.

Update: It looks like a fix is being rolled out. Fingers crossed!

Tuesday, June 29th, 2021

Safari 15

If you download Safari Technology Preview you can test drive features that are on their way in Safari 15. One of those features, announced at Apple’s World Wide Developer Conference, is coloured browser chrome via support for the meta value of “theme-color.” Chrome on Android has supported this for a while but I believe Safari is the first desktop browser to add support. They’ve also added support for the media attribute on that meta element to handle “prefers-color-scheme.”

This is all very welcome, although it does remind me a bit of when Internet Explorer came out with the ability to make coloured scrollbars. I mean, they’re nice features’n’all, but maybe not the most pressing? Safari is still refusing to acknowledge progressive web apps.

That’s not quite true. In her WWDC video Jen demonstrates how you can add a progressive web app like Resilient Web Design to your home screen. I’m chuffed that my little web book made an appearance, but when you see how you add a site to your home screen in iOS, it’s somewhat depressing.

The steps to add a website to your home screen are:

  1. Tap the “share” icon. It’s not labelled “share.” It’s a square with an arrow coming out of the top of it.
  2. A drawer pops up. The option to “add to home screen” is nowhere to be seen. You have to pull the drawer up further to see the hidden options.
  3. Now you must find “add to home screen” in the list
  • Copy
  • Add to Reading List
  • Add Bookmark
  • Add to Favourites
  • Find on Page
  • Add to Home Screen
  • Markup
  • Print

It reminds of this exchange in The Hitchhiker’s Guide To The Galaxy:

“You hadn’t exactly gone out of your way to call attention to them had you? I mean like actually telling anyone or anything.”

“But the plans were on display…”

“On display? I eventually had to go down to the cellar to find them.”

“That’s the display department.”

“With a torch.”

“Ah, well the lights had probably gone.”

“So had the stairs.”

“But look you found the notice didn’t you?”

“Yes,” said Arthur, “yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of The Leopard.’”

Safari’s current “support” for adding progressive web apps to the home screen feels like the minimum possible …just enough to use it as a legal argument if you happen to be litigated against for having a monopoly on app distribution. “Hey, you can always make a web app!” It’s true in theory. In practice it’s …suboptimal, to put it mildly.

Still, those coloured tab bars are very nice.

It’s a little bit weird that this stylistic information is handled by HTML rather than CSS. It’s similar to the meta viewport value in that sense. I always that the plan was to migrate that to CSS at some point, but here we are a decade later and it’s still very much part of our boilerplate markup.

Some people have remarked that the coloured browser chrome can make the URL bar look like part of the site so people might expect it to operate like a site-specific search.

I also wonder if it might blur “the line of death”; that point in the UI where the browser chrome ends and the website begins. Does the unified colour make it easier to spoof browser UI?

Probably not. You can already kind of spoof browser UI by using the right shade of grey. Although the removal any kind of actual line in Safari does give me pause for thought.

I tend not to think of security implications like this by default. My first thought tends to be more about how I can use the feature. It’s only after a while that I think about how bad actors might abuse the same feature. I should probably try to narrow the gap between those thoughts.

Monday, June 21st, 2021

Talking about sci-fi

I gave my sci-fi talk last week at Marc’s Stay Curious event. I really like the format of these evening events: two talks followed by joint discussion, interspersed with music from Tobi. This particular evening was especially enjoyable, with some great discussion points being raised.

Steph and I had already colluded ahead of time on how we were going to split up the talks. She would go narrow and dive into one specific subgenre, solarpunk. I would go broad and give a big picture overview of science fiction literature.

Obviously I couldn’t possibly squeeze the entire subject of sci-fi into one short talk, so all I could really do was give my own personal subjective account. Hence, the talk is called Sci-fi and Me. I’ve published the transcript, uploaded the slides and the audio, and Marc has published the video on YouTube and Vimeo. Kudos to Tina Pham for going above and beyond to deliver a supremely accurate transcript with a super-fast turnaround.

I divided the talk into three sections. The first is my own personal story of growing up in small-town Ireland and reading every sci-fi book I could get my hands on from the local library. The second part was a quick history of sci-fi publishing covering the last two hundred years. The third and final part was a run-down of ten topics that sci-fi deals with. For each topic, I gave a brief explanation, mentioned a few books and then chose one that best represents that particular topic. That was hard.

  1. Planetary romance. I mentioned the John Carter books of Edgar Rice Burroughs, the Helliconia trilogy by Brian Aldiss, and the Riverworld saga by Philip José Farmer. I chose Dune by Frank Herbert.
  2. Space opera. I mentioned the Skylark and Lensman books by E.E. ‘Doc’ Smith, the Revelation Space series by Alastair Reynolds, and the Machineries of Empire books by Yoon Ha Lee. I chose Ancillary Justice by Ann Leckie.
  3. Generation starships. I mentioned Non-Stop by Brian Aldiss. I chose Aurora by Kim Stanley Robinson.
  4. Utopia. I mentioned the Culture novels by Iain M. Banks. I chose The Dispossessed by Ursula Le Guin
  5. Dystopia. I mentioned The Handmaid’s Tale by Margaret Atwood and Fahrenheit 451 by Ray Bradbury. I chose 1984 by George Orwell.
  6. Post-apocalypse. I mentioned The Drought and The Drowned World by J.G. Ballard, Day Of The Triffids by John Wyndham, The Road by Cormac McCarthy, and Oryx and Crake by Margaret Atwood. I chose Station Eleven by Emily St. John Mandel.
  7. Artificial intelligence. I mentioned Machines Like Me by Ian McEwan and Klara And The Sun by Kazuo Ishiguro. I chose I, Robot by Isaac Asimov.
  8. First contact. I mentioned The War Of The Worlds by H.G. Wells, Childhood’s End and Rendezvous With Rama by Arthur C. Clarke, Solaris by Stanislaw Lem, and Contact by Carl Sagan. I chose Stories Of Your Life And Others by Ted Chiang.
  9. Time travel. I mentioned The Time Machine by H.G. Wells, The Shining Girls by Lauren Beukes, and The Peripheral by William Gibson. I chose Kindred by Octavia Butler.
  10. Alternative history. I mentioned A Transatlantic Tunnel, Hurrah! by Harry Harrison. I chose The Man In The High Castle by Philip K. Dick.
  11. Cyberpunk. I mentioned Snowcrash by Neal Stephenson. I chose Neuromancer by William Gibson.

Okay, that’s eleven, not ten, but that last one is a bit of a cheat—it’s a subgenre rather than a topic. But it allowed me to segue nicely into Steph’s talk.

Here’s a list of those eleven books. I can recommend each and every one of them. Still, the problem with going with this topic-based approach was that some of my favourite sci-fi books of all time fall outside of any kind of classification system. Where would I put The Demolished Man by Alfred Bester, one of my all-time favourites? How could I classify Philip K. Dick books like Ubik, The Three Stigmata Of Palmer Eldritch, or A Scanner Darkly? And where would I even begin to describe the books of Christopher Priest?

But despite the inevitable gaps, I’m really pleased with how the overall talk turned out. I had a lot of fun preparing it and even more fun presenting it. It made a nice change from the usual topics I talk about. Incidentally, if you’ve got a conference or a podcast and you ever want me to talk about something other than the web, I’m always happy to blather on about sci-fi.

Here’s the talk. I hope you like it.

Saturday, June 19th, 2021

Sci-fi and Me

A talk about my personal relationship with science fiction literature, delivered at Beyond Tellerrand’s Stay Curious series in June 2021.

I’m going to talk about sci-fi, in general. Of course, there isn’t enough time to cover everything, so I’ve got to restrict myself.

First of all, I’m just going to talk about science fiction literature. I’m not going to go into film, television, games, or anything like that. But of course, in the discussion, I’m more than happy to talk about sci-fi films, television, and all that stuff. But for brevity’s sake, I thought I’ll just stick to books here.

Also, I can’t possibly give an authoritative account of all of science fiction literature, so it’s going to be very subjective. I thought what I can talk about is myself. In fact, it’s one of my favourite subjects.

So, that’s what I’m going to do. I’m going to talk about sci-fi and me.

So, let me tell you about my childhood. I grew up in a small town on the south coast of Ireland called Cobh. Here it is. It’s very picturesque when you’re looking at it from a distance. But I have to say, growing up there (in the 1970s and 1980s), there really wasn’t a whole lot to do.

There was no World Wide Web at this point. It was, frankly, a bit boring.

But there was one building in town that saved me, and that was this building here in the town square. This is the library. It was inside the library (amongst the shelves of books) that I was able to pass the time and find an escape.

It was here that I started reading the work, for example, of Isaac Asimov, a science fiction writer. He’s also a science writer. He wrote a lot of books. I think it might have even been a science book that got me into Isaac Asimov.

I was a nerdy kid into science, and I remember there was a book in the library that was essays and short stories. There’d be an essay about science followed by a short story that was science fiction, and it would keep going like that. It was by Isaac Asimov. I enjoyed those science fiction stories as much as the science, so I started reading more of his books, books about galactic empires, books about intelligent robots, detective stories but set on other planets.

There was a real underpinning of science to these books, hard science, in Isaac Asimov’s work. I enjoyed it, so I started reading other science fiction books in the library. I found these books by Arthur C. Clarke, which were very similar in some ways to Isaac Asimov in the sense that they’re very grounded in science, in the hard science.

In fact, the two authors used to get mistaken for one another in terms of their work. They formed an agreement. Isaac Asimov would graciously accept a compliment about 2001: A Space Odyssey and Arthur C. Clarke would graciously accept a compliment about the Foundation series.

Anyway, so these books, hard science fiction books, I loved them. I was really getting into them. There were plenty of them in the local library.

The other author that seemed to have plenty of books in the local library was Ray Bradbury. This tended to be more short stories than full-length novels and also, it was different to the Isaac Asimov and Arthur C. Clarke in the sense that it wasn’t so much grounded in the science. You got the impression he didn’t really care that much about how the science worked. It was more about atmosphere, stories, and characters.

These were kind of three big names in my formative years of reading sci-fi. I kind of went through the library reading all of the books by Isaac Asimov, Arthur C. Clarke, and Ray Bradbury.

Once I had done that, I started to investigate other books that were science fiction (in the library). I distinctly remember these books being in the library by Ursula K. Le Guin, The Left Hand of Darkness, and The Dispossessed. I read them and I really enjoyed them. They are terrific books.

These, again, are different to the hard science fiction of something like Isaac Asimov and Arthur C. Clarke. There were questions of politics and gender starting to enter into the stories.

Also, I remember there were two books by Alfred Bester, these two books, The Demolished Man and Tiger! Tiger! (also called The Stars My Destination). These were just wild. These were almost psychedelic.

I mean they were action-packed, but also, the writing style was action-packed. It was kind of like reading the Hunter S. Thompson of science fiction. It was fear and loathing in outer space.

These were opening my mind to other kinds of science fiction, and I also had my mind opened (and maybe warped) by reading the Philip K. Dick books that were in the library. Again, you got the impression he didn’t really care that much about the technology or the science. It was all about the stuff happening inside people’s heads, questioning what reality is.

At this point in my life, I hadn’t yet done any drugs. But reading Philip K. Dick kind of gave me a taste, I think, of what it would be like to do drugs.

These were also names that loomed large in my early science fiction readings: Ursula K. Le Guin, Alfred Bester, and Philip K. Dick.

Then there were the one-offs in the library. I remember coming across this book by Frank Herbert called Dune, reading it, and really enjoying it. It was spaceships and sandworms, but also kind of mysticism and environmentalism, even.

I remember having my tiny little mind blown by reading this book of short stories by Fredric Brown. They’re kind of like typical Twilight Zone short stories with a twist in the tale. I just love that.

I think a lot of science fiction short stories can almost be the natural home for it because there is one idea explored fairly quickly. Short stories are really good for that.

I remember reading stories about the future. What would the world be like in the year 1999? Like in Harry Harrison’s Make Room! Make Room! A tale of overpopulation that we all had to look forward to.

I remember this book by Walter M. Miller, A Canticle for Leibowitz, which was kind of a book about the long now (civilisations rising and falling). Again, it blew my little mind as a youngster and maybe started an interest I have to this day in thinking long-term.

So, this is kind of the spread of the science fiction books I read as a youngster, and I kept reading books after this. Throughout my life, I’ve read science fiction.

I don’t think it’s that unusual to read science fiction. In fact, I think just about anybody who reads has probably read science fiction because everyone has probably read one of these books. Maybe they’ve read Brave New World or 1984, some Kurt Vonnegut like Slaughterhouse 5 or The Sirens of Titan, the Margaret Atwood books like The Handmaid’s Tale, or Kazuo Ishiguro books.

Now, a lot of the time the authors of these books who are mainstream authors maybe wouldn’t be happy about having their works classified as sci-fi or science fiction. The term maybe was a little downmarket, so sometimes people will try to argue that these books are not science fiction even though clearly the premise of every one of these books is science fictional. But it’s almost like these books are too good to be science fiction. There’s a little bit of snobbishness.

Brian Aldiss has a wonderful little poem, a little couplet to describe this attitude. He said:

“SF is no good,” they cry until we’re deaf.
“But this is good.”
“Well, then it’s not SF!”

Recently, I found out that there’s a term for these books by mainstream authors that cross over into science fiction, and these are called slipstream books. I think everyone at some point has read a slipstream science fiction book that maybe has got them interested in diving further into science fiction.

What is sci-fi?

Now, the question I’m really skirting around here is, what is sci-fi? I’m not sure I can answer that question.

Isaac Asimov had a definition. He said it’s that branch of literature which deals with the reaction of human beings to changes in science and technology. I think that’s a pretty good description of his books and the hard science fiction books of Arthur C. Clarke. But I don’t think that that necessarily describes some of the other authors I’ve mentioned, so it feels a little narrow to me.

Pamela Sargent famously said that science fiction is the literature of ideas. There is something to that, like when I was talking about how short stories feel like a natural home for sci-fi because you’ve got one idea, you explore it in a short story, and you’re done.

But I also feel like that way of phrasing science fiction as the literature of ideas almost leaves something unsaid, like, it’s the literature of ideas as opposed to plot, characterisation, and all this other kind of stuff that happens in literature. I always think, why not both? You know. Why can’t we have ideas, plot, characters, and all the other good stuff?

Also, ideas aren’t unique to sci-fi. Every form of literature has to have some idea or there’s no point writing the book. Every crime novel has to have an idea behind it. So, I’m not sure if that’s a great definition either.

Maybe the best definition came from Damon Knight who said sci-fi is what we point to when we say it. It’s kind of, “I know it when I see it,” kind of thing. I think there’s something to that.

Any time you come up with a definition of sci-fi, it’s always hard to drive hard lines between sci-fi and other adjacent genres like fantasy. They’re often spoke about together, sci-fi and fantasy. I think I can tell the difference between sci-fi and fantasy, but I can’t describe the difference. I don’t think there is a hard line.

Science fiction feels like it’s looking towards the future, even when it isn’t. Maybe the sci-fi story isn’t actually set in the future. But it feels like it’s looking to the future and asking, “What if?” whereas fantasy feels like it’s looking to the past and asking, “What if?” But again, fantasy isn’t necessarily set in the past, and science fiction isn’t necessarily set in the future.

You could say, “Oh, well, science fiction is based on science, and fantasy is based on magic,” but any sci-fi book that features faster than light travel is effectively talking about magic, not science. So, again, I don’t think you can draw those hard lines.

There are other genres that are very adjacent and cross over with sci-fi and fantasy, like horror. You get sci-fi horror, fantasy horror. What about any mainstream book that has magical realism to it? You could say that’s a form of fantasy or science fiction.

Ultimately, I think this question, “What is sci-fi?” is a really interesting question if you’re a publisher. It’s probably important for you to answer this question if you are a publisher. But if you are a reader, honestly, I don’t think it’s that important a question.

What is sci-fi for?

There’s another question that comes on from this, which is, “What is sci-fi for? What’s its purpose?” Is it propaganda for science, almost like the way Isaac Asimov is describing it?

Sometimes, it has been used that way. In the 1950s and ’60s, it was almost like a way of getting people into science. Reading science fiction certainly influenced future careers in science, but that feels like a very limiting way to describe a whole field of literature.

Is sci-fi for predicting the future? Most sci-fi authors would say, “No, no, no.” Ray Bradbury said, “I write science fiction not to predict the future, but to prevent it.” But there is always this element of trying to ask what if and play out the variables into the future.

Frederik Pohl said, “A good science fiction story should be able to predict not the automobile but the traffic jam,” which is kind of a nice way of looking at how it’s not just prediction.

Maybe thinking about sci-fi as literature of the future would obscure the fact that actually, most science fiction tends to really be about today or the time it’s published. It might be set in the future but, often, it’s dealing with issues of the day.

Ultimately, it’s about the human condition. Really, so is every form of literature. So, I don’t think there’s a good answer for this either. I don’t think there’s an answer for the question, “What is sci-fi for?” that you could put all science fiction into.

Sci-fi history

Okay, so we’re going to avoid the philosophical questions. Let’s get down to something a bit more straightforward. Let’s have a history of science fiction and science fiction literature.

Caveats again: this is going to be very subjective, just as, like, my history. It’s also going to be a very Western view because I grew up in Ireland, a Western country.

Where would I begin the history of science fiction? I could start with the myths and legends and religions of most cultures, which have some kind of science fiction or fantasy element to them. You know, the Bible, a work of fantasy.

1818

But if I wanted to start with what I would think is the modern birth of the sci-fi novel, I think Mary Wollstonecraft Shelley’s Frankenstein or The Modern Prometheus could be said to be the first sci-fi novel and invents a whole bunch of tropes that we still use to this day: the mad scientist meddling with powers beyond their control.

It’s dealing with electricity, and I talked about how sci-fi is often about topics of the day, and this is when electricity is just coming on the scenes. There are all sorts of questions about the impact of electricity and science fiction is a way of exploring this.

Talking about reanimating the dead, also kind of talking about artificial intelligence. It set the scene for a lot of what was to come.

1860s, 1880s

Later, in the 19th Century, in the 1860s, and then the 1890s, we have these two giants of early science fiction. In France, we have Jules Verne, and he’s writing books like 20,000 Leagues Under the Sea, From Earth to the Moon, and Journey to the Centre of the Earth, these adventure stories with technology often at the Centre of them.

Then in England, we have H.G. Wells, and he’s creating entire genres from scratch. He writes The Time Machine, War of the Worlds, The Invisible Man, The Island of Doctor Moreau.

Over in America, you’ve got Edgar Allan Poe mostly doing horror, but there’s definitely sci-fi or fantasy aspects to what he’s doing.

1920s, 1930s

Now, as we get into the 20th Century, where sci-fi really starts to boom – even though the term doesn’t exist yet – is with the pulp fiction in the 1920s, 1930s. This is literally pulp paper that cheap books are written on. They were cheap to print. They were cheap for the authors, too. As in, the authors did not get paid much. People were just churning out these stories. There were pulp paperbacks and also magazines.

Hugo Gernsback, here in the 1920s, he was the editor of Amazing Stories, and he talked about scientification stories. That was kind of his agenda.

Then later, in the 1930s, John W. Campbell became the editor of Astounding Stories. In 1937, he changed the name of it from Astounding Stories to Astounding Science Fiction. This is when the term really comes to prominence.

He does have an agenda. He wants stories grounded in plausible science. He wants that hard kind of science.

What you have here, effectively, is yes the genre is getting this huge boost, but also you’ve got gatekeepers. You’ve got two old, white dude gatekeepers kind of deciding what gets published and what doesn’t. It’s setting the direction.

1940s, 1950s

What happens next, though, is that a lot of science fiction does get published. A lot of good science fiction gets published in what’s known as the Golden Age of Science Fiction in the 1940s and 1950s. This, it turns out, is when authors like Isaac Asimov, Ray Bradbury, and Heinlein are publishing those early books I was reading in the library. I didn’t realise it at the time, but they were books from the Golden Age of Science Fiction.

This tended to be the hard science fiction. It’s grounded in technology. It’s grounded in science. There tend to be scientific explanations for everything in the books.

1960s, 1970s

It’s all good stuff. It’s all enjoyable. But there’s an interesting swing of the pendulum in the 1960s and ’70s. This swing kind of comes from Europe, from the UK. This is known as the New Wave. That term was coined by Michael Moorcock in New Worlds magazine that he was the editor of.

It’s led by these authors like Brian Aldiss and J.G. Ballard where they’re less concerned with outer space and they’re more concerned with inner space: the mind, language, drugs, the inner world. It’s some exciting stuff, quite different to the hard science that’s come before.

Like I say, it started in Europe, but then there was also this wave of it in America, broadening the scope of what sci-fi could be. You got less gatekeeping and you got more new voices. You got Ursula K. Le Guin and Samuel R. Delaney expanding what sci-fi could be.

1980s

That trend continued into the 1980s when you began to see the rise of authors like Octavia Butler who, to this day, has a huge influence on Afrofuturism. You’re getting more and more voices. You’re getting a wider scope of what science fiction could be.

I think the last big widening of sci-fi happened in the 1980s with William Gibson. He practically invented (from scratch) the genre of cyberpunk. If Mary Shelley was concerned with electricity then, by the 1980s, we were all concerned with computers, digital networks, and technology.

The difference with cyberpunk is where the Asimov story or Clarke story might be talking about someone in a position of power (a captain or an astronaut) and how technology impacts them, cyberpunk is kind of looking at technology at the street level when the street finds its own uses for things. That was expanded into other things as well.

After the 1980s, we start to get the new weird. We get people like Jeff Noon, China Mieville, and Jeff VanderMeer writing stuff. Is it sci-fi? Is it fantasy? Who knows?

Today

Which brings us up to today. Today, we have, I think, a fantastic range of writers writing a fantastic range of science fiction, like Ann Leckie with her Imperial Radch stories, N.K. Jemisin with the fantastic Broken Earth trilogy, Yoon Ha Lee writing Machineries of Empire, and Ted Chiang with terrific short stories and his collections like Exhalation. I wouldn’t be surprised if, in the future, we look back on now as a true Golden Age of Science Fiction where it is wider, there are more voices and, frankly, more interesting stories.

Sci-fi subjects

Okay, so on the home stretch, I want to talk about the subjects of science fiction, the topics that sci-fi tends to cover. I’m going to go through ten topics of science fiction, list off what the topic is, name a few books, and then choose one book to represent that topic. It’s going to be a little tricky, but here we go.

Planetary Romance

Okay, so planetary romance is a sci-fi story that’s basically set on a single planet where the planet is almost like a character: the environment of the planet, the ecosystem of the planet. This goes back a long way. The Edgar Rice Burroughs stories of John Carter of Mars were kind of early planetary romance and even spawned a little sub-genre of Sword and Planet*.

Brian Aldiss did a terrific trilogy called Helliconia, a series where the orbits of a star system are kind of the driving force behind the stories that take place over generations.

Philip Jose Farmer did this fantastic series (the Riverworld series). Everyone in history is reincarnated on this one planet with a giant river spanning it.

If I had to pick one planetary romance to represent the genre, I am going to go with a classic. I’m going to go with Dune by Frank Herbert. It really is a terrific piece of work.

All right.

Space Opera

Space opera, the term was intended to denigrate it but, actually, it’s quite fitting. Space opera is what you think of when you think of sci-fi. It’s intergalactic empires, space battles, and good rip-roaring yarns. You can trace it back to these early works by E.E. ’Doc’ Smith. It’s the good ol’ stuff.

Space opera has kind of fell out of favour for a while there, but it started coming back in the last few decades. It got some really great, hard sci-fi space opera by Alastair Reynolds and, more recently, Yoon Ha Lee with Ninefox Gambit – all good stuff.

But if I had to pick one space opera book to represent the genre, I’m going to go with Ancillary Justice by Ann Leckie. It is terrific. It’s like taking Asimov, Clarke, Ursula K. Le Guin, and the best of all of them, and putting them all into one series – great stuff.

Generation starships

Now, in space opera, generally, they come up with some way of being able to travel around the galaxy in a faster than light, warp speed, or something like that, which makes it kind of a fantasy, really.

If you accept that you can’t travel faster than light, then maybe you’re going to write about generation starships. This is where you accept that you can’t zip around the galaxy, so you have to take your time getting from star system to star system, which means it’s multiple generations.

Brian Aldiss’s first book was a generation starship book called Non-Stop. But there’s one book that I think has the last word on generation starships, and it’s by Kim Stanley Robinson. It is Aurora. I love this book, a really great book. Definitely the best generation starship book there is.

Utopia

All right. What about writing about utopias? Funnily enough, not as many utopias as there are the counterpart. Maybe the most famous utopias in recent sci-fi is from Ian M. Banks with his Culture series. The Culture is a socialist utopia in space post-scarcity. They’re great space opera galaxy-spanning stuff.

What’s interesting, though, is most of the stories are not about living in a utopia because living in a post-scarcity utopia is, frankly, super boring. All the stories are about the edge cases. All the stories are literally called special circumstances.

All good fun, but the last word on utopian science fiction must go to Ursula Le Guin with The Dispossessed. It’s an anarcho-syndicalist utopia – or is it? It depends on how you read it.

I definitely have some friends who read this like it was a manual and other friends who read it like it was a warning. I think, inside every utopia, there’s a touch of dystopia, and dystopias are definitely the more common topic for science fiction. Maybe it’s easier to ask, “What’s the worst that can happen?” than to ask, “What’s the best that can happen?”

Dystopia

A lot of the slipstream books would be based on dystopias like Margaret Atwood’s terrific The Handmaid’s Tale. I remember being young and reading (in that library) Fahrenheit 541 by Ray Bradbury, a book about burning books – terrific stuff.

But I’m going to choose one. If I’m going to choose one dystopia, I think I have to go with a classic. It’s never been beat. George Orwell’s 1984, the last word on dystopias. It’s a fantastic work, fantastic piece of literature.

I think George Orwell’s 1984 is what got a lot of people into reading sci-fi. With me, it almost went the opposite. I was already reading sci-fi. But after reading 1984, I ended up going to read everything ever written by George Orwell, which I can highly recommend. There’s no sci-fi, but a terrific writer.

Post-apocalypse

All right. Here’s another topic: a post-apocalypse story. You also get pre-apocalypse stories like, you know, there’s a big asteroid coming or there’s a black hole in the Centre of the Earth or something, and how we live out our last days. But, generally, authors tend to prefer post-apocalyptic settings, whether that’s post-nuclear war, post environmental catastrophe, post-plague. Choose your disaster and then have a story set afterward.

J. G. Ballard, he writes stories about not enough water, too much water, and I think it’s basically he wants to find a reason to put his characters in large, empty spaces because that’s what he enjoys writing about.

Very different, you’d have the post-apocalyptic stories of someone like John Wyndham, somewhat derided by Brian Aldiss’s cozy catastrophes. Yes, the world is ending, but we’ll make it back home in time for tea.

At the complete other extreme from that, you would have something like Cormac McCarthy’s The Road, which is relentlessly grim tale of post-apocalypse.

I almost picked Margaret Atwood’s Oryx and Crake trilogy for the ultimate post-apocalyptic story, and it’s really great stuff post-plague, genetically engineered plague – very timely.

But actually, even more timely – and a book that’s really stayed with me – is Station Eleven by Emily St. John Mandell. Not just because the writing is terrific and it is a plague book, so, yes, timely, but it also tackles questions like: What is art for? What is the human condition all about?

Artificial intelligence

All right. Another topic that’s very popular amongst the techies, artificial intelligence, actual artificial intelligence, not what we in the tech world called artificial intelligence, which is a bunch of if/else statements.

Stories of artificial intelligence are also very popular in slipstream books from mainstream authors like recently we had a book from Ian McEwan. We had a new book from Kazuo Ishiguro tackling this topic.

But again, I’m going to go back to the classic, right back to my childhood, and I’ll pick I, Robot, a collection of short stories by Isaac Asimov, where he first raises this idea of three laws of robotics – a word he coined, by the way, robotics from the Czech word for robot.

These three laws are almost like design principles for artificial intelligence. All the subsequent works in this genre kind of push at those design principles. It’s good stuff. Not to be confused with the movie with the same name.

First contact

Here’s another topic: first contact with an alien species. Well, sometimes the first contact doesn’t go well and the original book on this is H.G. Wells The War of the Worlds. Every other alien invasion book since then has kind of just been a reworking of The War of the Worlds. It’s terrific stuff.

For more positive views on first contact stories, Arthur C. Clarke dives into books like Childhood’s End. In Rendezvous with Rama, what’s interesting is we don’t actually contact the alien civilisation but we have an artifact that we must decode and get information from. It’s good stuff.

More realistically, though, Solaris by Stanislaw Lem is frustrating because it’s realistic in the sense that we couldn’t possibly understand an alien intelligence. In the book – spoiler alert – we don’t.

For realism set in the world of today, Carl Sagan’s book Contact is terrific. Well worth a read. It really tries to answer what would a first contact situation look like today.

But I’ve got to pick one first contact story, and I’m actually going to go with a short story, and it’s Stories of Your Life by Ted Chaing. I recommend getting the whole book and reading every short story in it because it’s terrific.

This is the short story that the film Arrival was based on, which is an amazing piece of work because I remember reading this fantastic short story and distinctly thinking, “This is unfilmable. This could only exist in literature.” Yet, they did a great job with the movie, which bodes well for the movie of Dune, which is also being directed by Denis Villeneuve.

Time travel

All right. Time travel as a topic. I have to say I think that time travel is sometimes better handled in media like TV and movies than it is in literature. That said, you’ve got the original time travel story. Again, H.G. Wells just made this stuff from scratch, and it really holds up. It’s a good book. I mean it’s really more about class warfare than it is about time travel, but it’s solid.

Actually, I highly recommend reading a nonfiction book called Time Travel by James Gleick where he looks at the history of time travel as a concept in both fiction and in physics.

You’ve got some interesting concepts like Lauren Beukes’s The Shining Girls, which, as is the premise, time-traveling serial killer, which is a really interesting mashup of genres. You’ve got evidence showing up out of chronological sequence.

By the way, this is being turned into a TV show as we speak, as is The Peripheral by William Gibson, a recent book by him. It’s terrific.

What I love about this, it’s a time travel story where the only thing that travels in time is information. But that’s enough with today’s technology, so it’s like a time travel for remote workers. Again, very timely, as all of William Gibson’s stuff tends to be.

But if I’ve got to choose one, I’m going to choose Kindred by Octavia Butler because it’s just such as a terrific book. To be honest, the time travel aspect isn’t the Centre of the story but it’s absolutely worth reading as just a terrific, terrific piece of literature.

Alternative history

Now, in time travel, you’ve generally got two kinds of time travel. You’ve got the closed-loop time travel, which is kind of like a Greek tragedy. You try and change the past but, in trying to change it, you probably bring about the very thing you were trying to change. The Shining Girls were something like that.

Or you have the multiverse version of time travel where going back in time forks the universe, and that’s what The Peripheral is about. That multiverse idea is explored in another subgenre, which is alternative history, which kind of asks, “What if something different had happened in history?” and then plays out the what-if from there. Counterfactuals, they’re also known as.

I remember growing up and going through the shelves of that library in Cobh, coming across this book, A Transatlantic Tunnel. Hurrah! by Harry Harrison. It’s set in a world where the American War of Independence failed and now it’s the modern-day. The disgraced descendant of George Washington is in charge of building a transatlantic tunnel for the British Empire.

That tends to be the kind of premise that gets explored in alternative history is what if another side had won the war. There’s a whole series of books set in a world where the South won the Civil War in the United States.

For my recommendation, though, I’m going to go with The Man in the High Castle, which is asking what if the other side won the war. In this case, it’s WWII. It’s by Philip K. Dick. I mean it’s not my favourite Philip K. Dick book, but my favourite Philip K. Dick books are so unclassifiable, I wouldn’t be able to put them under any one topic, and I have to get at least one Philip K. Dick book in here.

Cyberpunk

A final topic and, ooh, this is a bit of a cheat because it’s not really a topic – it’s a subgenre – cyberpunk. But as I said, cyberpunk deals with the topic of computers or networked computers more specifically, and there’s some good stuff like Neal Stephenson’s Snow Crash. Really ahead of its time. It definitely influenced a lot of people in tech.

Everyone I know that used to work in Linden Lab, the people who were making Second Life, when you joined, you’re basically handled Snow Crash on your first day and told, “This is what we’re trying to build here.”

But if I’ve got to pick one cyberpunk book, you can’t beat the original Neuromancer by William Gibson. Just terrific stuff.

What’s interesting about cyberpunk is, yes, it’s dealing with the technology of computers and networks, but it’s also got this atmosphere, a kind of noir atmosphere that William Gibson basically created from scratch. Then a whole bunch of other genres spun off from that asking, “Well, what if we could have a different atmosphere?” and explore stories like steampunk. It’s kind of like, “Well, what if the Victorians had computers and technology? What would that be like?”

Basically, if there’s a time in history that you like the aesthetic of, there’s probably a subgenre ending in the word “punk” that describes that aesthetic. You can go to conventions, and you can have your anime and your manga and your books and your games set in these kind of subgenres. They are generally, like I say, about aesthetics with the possible exception of solarpunk, which is what Steph is going to talk about.

Living in the future

I am going to finish with these books as my recommendations for a broad range of topics of science fiction from 50 years of reading science fiction. I think about if I could go back and talk to my younger self in that town in the south coast of Ireland about the world of today. I’m sure it would sound like a science fictional world.

By the way, I wouldn’t go back in time to talk to my younger self because I’ve read enough time travel stories to know that that never ends well. But still, here we are living in the future. I mean this past year with a global pandemic, that is literally straight out of a bunch of science fiction books.

But also, just the discoveries and advancements we’ve made are science fictional. Like when I was growing up and reading science books in that library, we didn’t know if there were any planets outside our own solar system. We didn’t know if exoplanets even existed.

Now, we know that most solar systems have their own planets. We’re discovering them every day. It’s become commonplace.

We have sequenced the human genome, which is a remarkable achievement for a species.

And we have the World Wide Web, this world-spanning network of information that you can access with computers in your pockets. Amazing stuff.

But of all of these advancements by our species, if I had to pick the one that I think is in some ways the most science-fictional, the most far-fetched idea, I would pick the library. If libraries didn’t exist and you tried to make them today, I don’t think you could succeed. You’d be laughed out of the venture capital room, like, “How is that supposed to work?” It sounds absolutely ridiculous, a place where people can go and read books and take those books home with them without paying for them. It sounds almost too altruistic to exist.

But Ray Bradbury, for example, I know he grew up in the library. He said, “I discovered me in the library. I went to find me in the library.” He was a big fan of libraries. He said, “Reading is at the Centre of our lives. The library is our brain. Without the library, you have no civilisation.” He said, “Without libraries, what have we? Have no past and no future.”

So, to end this, I’m not going to end with a call to read lots of sci-fi. I’m just going to end with a call to read – full stop. Read fiction, not just non-fiction. Read fiction. It’s a way of expanding your empathy.

And defend your local library. Use your local library. Don’t let your local library get closed down.

We are living in the future by having libraries. Libraries are science fictional.

With that, thank you.

Sci-Fi & Me – Jeremy Keith – Stay Curious Café by beyond tellerrand - YouTube

Here’s the video of the talk I gave on Wednesday evening all about my relationship with reading science fiction. There are handy chapter markers if you want to jump around.

Sci-Fi & Me – Jeremy Keith – Stay Curious Café by beyond tellerrand

Saturday, April 3rd, 2021

National Security Agency (NSA) security/motivational posters from the 1950s and 1960s [PDF]

This responds to your Freedom of Information Act (FOIA) request, which was received by this office on 5 February 2016 for “A digital/electronic copy of the NSA old security posters from the 1950s and 1960s.”

The graphic design is …um, mixed.

Monday, March 29th, 2021

Chromium Blog: A safer default for navigation: HTTPS

Just over a year ago, I pondered some default browser behaviours and how they might be updated.

The first one is happening: Chrome is going to assume https before checking for http.

Now what about the other default behaviour that’s almost 15 years old now? When might a viewport width value of device-width become the default?

Tuesday, February 23rd, 2021

Introducing State Partitioning - Mozilla Hacks - the Web developer blog

This is a terrific approach to tackling cross-site surveillance. I’d love it to be implemented in all browsers. I can imagine Safari implementing this. Chrome …we’ll see.

Friday, February 12th, 2021

supercookie • workwise

Favicons are snitches.

Wednesday, February 3rd, 2021

Authentication

Two-factor authentication is generally considered A Good Thing™️ when you’re logging in to some online service.

The word “factor” here basically means “kind” so you’re doing two kinds of authentication. Typical factors are:

  • Something you know (like a password),
  • Something you have (like a phone or a USB key),
  • Something you are (biometric Black Mirror shit).

Asking for a password and an email address isn’t two-factor authentication. They’re two pieces of identification, but they’re the same kind (something you know). Same goes for supplying your fingerprint and your face: two pieces of information, but of the same kind (something you are).

None of these kinds of authentication are foolproof. All of them can change. All of them can be spoofed. But when you combine factors, it gets a lot harder for an attacker to breach both kinds of authentication.

The most common kind of authentication on the web is password-based (something you know). When a second factor is added, it’s often connected to your phone (something you have).

Every security bod I’ve talked to recommends using an authenticator app for this if that option is available. Otherwise there’s SMS—short message service, or text message to most folks—but SMS has a weakness. Because it’s tied to a phone number, technically you’re only proving that you have access to a SIM (subscriber identity module), not a specific phone. In the US in particular, it’s all too easy for an attacker to use social engineering to get a number transferred to a different SIM card.

Still, authenticating with SMS is an option as a second factor of authentication. When you first sign up to a service, as well as providing the first-factor details (a password and a username or email address), you also verify your phone number. Then when you subsequently attempt to log in, you input your password and on the next screen you’re told to input a string that’s been sent by text message to your phone number (I say “string” but it’s usually a string of numbers).

There’s an inevitable friction for the user here. But then, there’s a fundamental tension between security and user experience.

In the world of security, vigilance is the watchword. Users need to be aware of their surroundings. Is this web page being served from the right domain? Is this email coming from the right address? Friction is an ally.

But in the world of user experience, the opposite is true. “Don’t make me think” is the rallying cry. Friction is an enemy.

With SMS authentication, the user has to manually copy the numbers from the text message (received in a messaging app) into a form on a website (in a different app—a web browser). But if the messaging app and the browser are on the same device, it’s possible to improve the user experience without sacrificing security.

If you’re building a form that accepts a passcode sent via SMS, you can use the autocomplete attribute with a value of “one-time-code”. For a six-digit passcode, your input element might look something like this:

<input type="text" maxlength="6" inputmode="numeric" autocomplete="one-time-code">

With one small addition to one HTML element, you’ve saved users some tedious drudgery.

There’s one more thing you can do to improve security, but it’s not something you add to the HTML. It’s something you add to the text message itself.

Let’s say your website is example.com and the text message you send reads:

Your one-time passcode is 123456.

Add this to the end of the text message:

@example.com #123456

So the full message reads:

Your one-time passcode is 123456.

@example.com #123456

The first line is for humans. The second line is for machines. Using the @ symbol, you’re telling the device to only pre-fill the passcode for URLs on the domain example.com. Using the # symbol, you’re telling the device the value of the passcode. Combine this with autocomplete="one-time-code" in your form and the user shouldn’t have to lift a finger.

I’m fascinated by these kind of emergent conventions in text messages. Remember that the @ symbol and # symbol in Twitter messages weren’t ideas from Twitter—they were conventions that users started and the service then adopted.

It’s a bit different with the one-time code convention as there is a specification brewing from representatives of both Google and Apple.

Tess is leading from the Apple side and she’s got another iron in the fire to make security and user experience play nicely together using the convention of the /.well-known directory on web servers.

You can add a URL for /.well-known/change-password which redirects to the form a user would use to update their password. Browsers and password managers can then use this information if they need to prompt a user to update their password after a breach. I’ve added this to The Session.

Oh, and on that page where users can update their password, the autocomplete attribute is your friend again:

<input type="password" autocomplete="new-password">

If you want them to enter their current password first, use this:

<input type="password" autocomplete="current-password">

All of the things I’ve mentioned—the autocomplete attribute, origin-bound one-time codes in text messages, and a well-known URL for changing passwords—have good browser support. But even if they were only supported in one browser, they’d still be worth adding. These additions do absolutely no harm to browsers that don’t yet support them. That’s progressive enhancement.

Wednesday, January 20th, 2021

Get safe

The verbs of the web are GET and POST. In theory there’s also PUT, DELETE, and PATCH but in practice POST often does those jobs.

I’m always surprised when front-end developers don’t think about these verbs (or request methods, to use the technical term). Knowing when to use GET and when to use POST is crucial to having a solid foundation for whatever you’re building on the web.

Luckily it’s not hard to know when to use each one. If the user is requesting something, use GET. If the user is changing something, use POST.

That’s why links are GET requests by default. A link “gets” a resource and delivers it to the user.

<a href="/items/id">

Most forms use the POST method becuase they’re changing something—creating, editing, deleting, updating.

<form method="post" action="/items/id/edit">

But not all forms should use POST. A search form should use GET.

<form method="get" action="/search">
<input type="search" name="term">

When a user performs a search, they’re still requesting a resource (a page of search results). It’s just that they need to provide some specific details for the GET request. Those details get translated into a query string appended to the URL specified in the action attribute.

/search?term=value

I sometimes see the GET method used incorrectly:

  • “Log out” links that should be forms with a “log out” button—you can always style it to look like a link if you want.
  • “Unsubscribe” links in emails that immediately trigger the action of unsubscribing instead of going to a form where the POST method does the unsubscribing. I realise that this turns unsubscribing into a two-step process, which is a bit annoying from a usability point of view, but a destructive action should never be baked into a GET request.

When the it was first created, the World Wide Web was stateless by design. If you requested one web page, and then subsequently requested another web page, the server had no way of knowing that the same user was making both requests. After serving up a page in response to a GET request, the server promptly forgot all about it.

That’s how web browsing should still work. In fact, it’s one of the Web Platform Design Principles: It should be safe to visit a web page:

The Web is named for its hyperlinked structure. In order for the web to remain vibrant, users need to be able to expect that merely visiting any given link won’t have implications for the security of their computer, or for any essential aspects of their privacy.

The expectation of safe stateless browsing has been eroded over time. Every time you click on a search result in Google, or you tap on a recommended video in YouTube, or—heaven help us—you actually click on an advertisement, you just know that you’re adding to a dossier of your online profile. That’s not how the web is supposed to work.

Don’t get me wrong: building a profile of someone based on their actions isn’t inherently wrong. If a user taps on “like” or “favourite” or “bookmark”, they are actively telling the server to perform an update (and so those actions should be POST requests). But do you see the difference in where the power lies? With POST actions—fave, rate, save—the user is in charge. With GET requests, no one is supposed to be in charge—it’s meant to be a neutral transaction. Alas, the reality of today’s web is that many GET requests give more power to the dossier-building servers at the expense of the user’s agency.

The very first of the Web Platform Design Principles is Put user needs first :

If a trade-off needs to be made, always put user needs above all.

The current abuse of GET requests is damage that the web needs to route around.

Browsers are helping to a certain extent. Most browsers have the concept of private browsing, allowing you some level of statelessness, or at least time-limited statefulness. But it’s kind of messed up that private browsing is the exception, while surveillance is the default. It should be the other way around.

Firefox and Safari are taking steps to reduce tracking and fingerprinting. Rejecting third-party coookies by default is a good move. I’d love it if third-party JavaScript were also rejected by default:

In retrospect, it seems unbelievable that third-party JavaScript is even possible. I mean, putting arbitrary code—that can then inject even more arbitrary code—onto your website? That seems like a security nightmare!

I imagine if JavaScript were being specced today, it would almost certainly be restricted to the same origin by default.

Chrome has different priorities, which is understandable given that it comes from a company with a business model that is currently tied to tracking and surveillance (though it needn’t remain that way). With anti-trust proceedings rumbling in the background, there’s talk of breaking up Google to avoid monopolistic abuses of power. I honestly think it would be the best thing that could happen to Chrome if it were an independent browser that could fully focus on user needs without having to consider the surveillance needs of an advertising broker.

But we needn’t wait for the browsers to make the web a safer place for users.

Developers write the code that updates those dossiers. Developers add those oh-so-harmless-looking third-party scripts to page templates.

What if we refused?

Front-end developers in particular should be the last line of defence for users. The entire field of front-end devlopment is supposed to be predicated on the prioritisation of user needs.

And if the moral argument isn’t enough, perhaps the technical argument can get through. Tracking users based on their GET requests violates the very bedrock of the web’s architecture. Stop doing that.