I installed a plugin for this site to limit login attempts and lock out attackers, and it has been reporting to me several times a day for the last few days. Disappointed, but not surprised.

September 10,000, 1993

Mark Hughes, writing on his blog on 16th January:

math (+1 to count the 1st)

So, checks out. 10,000 days of the September That Never Ended.

The world since is like a movie showing a few people coughing before the credits, wipe fade, zombie hordes tearing down barricades to eat the brains of the last few people. Someone’s shivering in the corner with a gun, for the zombies or self, you can’t tell. Freeze frame. “I bet you’re asking how we got here…”

Note: I, uh, kinda infodumped here. Estimated reading time: 19 minutes.

It’s a long read, and Mark doesn’t mince his words. Brutal, but I’d say pretty fair assessment.

Final Rating: The Internet

★★½☆☆ — I keep watching this shitshow, but it’s no damn good. Log off and save yourself.

All Quiet on the WordPress Front

Well, I’m pleased to report that my WordPress site remains operational after the hassles I went through yesterday. I’m pretty sure that it was a combination of the WordFence plugin firing up a site scan at the same time as the Broken Link Checker doing its periodic check-up that caused the resource usage spike, which in turn caused my web hosting to slam on the limiter for a few hours.

In hindsight, I can see now that WordFence was literally overkill for my site. While it provided some peace of mind, its utility was outweighed by its sluggishness. And since I keep this site up-to-date, and don’t have many plugins installed, the attack surface is greatly reduced.

I will reinstall the Broken Link Checker today, as that is something that does help me. But I’m going to change its settings so it goes at a more leisurely pace.

Moving this site to a static site generator is still something I’m looking into, but for now I’m just happy that everything is working again.

WordPress Woes

I’m not sure what happened, but I’ve spent a couple of hours this afternoon battling to get the back-end of this site to a responsive state. Something was hogging a lot of resources!

I’ve jettisoned several plugins, including two that I suspect were the culprits, but that only brought partial stability. In the end, I had to reinstall WordPress to restore order.

My patience has been severely tested today! I’d had to switch over my primary desktop browser from Firefox to Vivaldi this morning, after the former started hanging as soon as it accessed the browsing history. I’ve migrated over the bookmarks and other data to Vivaldi, and done a full uninstall of Firefox. At some point I will reinstall it and sync back all my settings from my Mozilla account, but I’m sorely tempted to stick with Vivaldi for now, for reasons which I’ll explain in a future post.

Meanwhile, I’m faced with a decision: do I soldier on with a minimal WordPress environment and hope for the best, or give up and join the Cool Club by migrating over to a static site generator? I’ll probably do the first option for now, but I’m also going to create a local test environment and try some static site generators.

Oh, and I’ve turned off comments and pingbacks on this site for the time being. Sorry about that, but it means one less thing to deal with.

The War on Browser Extensions

Jason Snell, over at Six Colors, asks “Safari 14 added WebExtensions support. So where are the extensions?” To which the answer appears to be ‘road-blocked’. Or, as Dan Moren puts it:

Apple’s approaching this in an unsurprisingly Apple-like fashion. If you want to distribute a web extension, it’s got to be wrapped in a native Mac application designed in Xcode. Installing the app from the app store will also install the web extension.

That is one big road-block! While I can sorta-kinda see Apple’s rationale for this — they can vet browser extensions using the review systems they already have in place — it falls apart when you consider a) the cost of becoming an Apple developer, particularly if you don’t already own a Mac, and b) the App Store’s spotty record on both developer relations and weeding out malicious apps.

On the other hand, at least the pros and cons of Apple’s App Store are known, and they are somewhat responsive to criticism. And when it comes to letting dodgy apps slip through the nets, Apple’s failings pale in comparison to those of Google.

And, while Google Chrome may be the market leader, its relationship with browser extension developers is contingent, it seems, on how big a threat said extension poses to Google’s advertising business.

Of the other browsers, the vast majority are based on Chromium and most use the Chrome Web Store to install extensions. The one exception is Mozilla Firefox, which I’m currently using as my default browser on the Mac. (I also use the iOS version of Firefox, but that runs on the Safari browser engine.) But given Mozilla’s tiny market share plus their reliance on Google for most of their funding, I’m not confident of their ability to withstand pushes to restrict browser extensions in the name of security, or their long-term survival for that matter. 🙁

Browser extensions have always been a double-edged sword, from the very beginnings. They have traditionally been able to manipulate the browser in all kinds of ways, but that power can (and has) been abused, as well as causing performance and stability issues.

Perhaps, rather than trying to fight for a seat inside the browser, developers should focus their energy on placing their apps where they can do the most good. For simple tasks, or temporary fixes, smaller extensions or even bookmarklets would be more appropriate, while for control at the network level, utility apps operating outside the browser could intercept traffic and scrub data as required. And if the operating system makers won’t allow that, then it’s time to move to the local network itself, either as hardware appliances or replacement routers.

Autism is a spectrum, not a binary

Hailie Pentleton:

Autism, as is so often stated, is a spectrum. Often, however, this notion is used to support a false binary. There is a common misconception that if you are autistic you belong in one of two categories: “high functioning” or “low functioning”. If you’re considered “high functioning” you likely speak, attend mainstream school, and mask (i.e. hide) your traits well enough to function in a social setting. Typically, “low functioning” is used in reference to non-speaking autistic people, particularly those with a co-occurring learning or intellectual disability. Human beings tend to slot things into neat little categories with neat little labels. The problem with functioning labels, is that they just don’t cut it; they are both redundant and offensive. So often “high functioning” is used as a synonym for “savant” or a euphemism for “not really autistic” — either way, it is often used to justify ignoring a person’s support requirements. 

Conversely, “low functioning” is used to peddle the notion that speaking is the superior mode of communication, and that autistic people with a particular set of consistently high support needs are incapable of autonomy. The idea of autism as a spectrum is supposed to illustrate that being autistic affects no two people in the same way; our difficulties can vary depending on time, place, or context. To assign such rigid labels entirely misrepresents the experiences of autistic people all over the spectrum, a great illustration of this can be found at Art Of Autism. 

I’m still on the waiting list for a formal diagnosis, but from the research I’ve done myself, the results have almost all declared me to be ‘high functioning’. But like the author of this article, there are days when I don’t feel remotely like I’m functioning highly.

I suspect that the desire to place autistic people into various brackets is driven by the motivation of those doing the grading, which in turn is driven by the perception of autism as meaning either ‘genius’ or ‘retarded’. The former may be supported, though not necessarily tolerated, while the latter will most likely have to fight for any support at all.

Fear Of A Notifications Badge

I’ve probably mentioned this a few times before on the blog, but one of the best decisions I took in recent years was to turn off notification badges on all the apps I use, on all devices.

For some people, this might seem counter-productive — “When will you know when someone has sent you a message or response?”

The answer, of course, is when I next open the application in question.

(I do allow some notifications to go to my lock screen or notification centre, but I only see those when I choose to look.)

Be in no doubt, those innocuous little badges can sap your attention and focus if you let them, and instil dread in your heart. They are perhaps the most well-intentioned yet pernicious inventions of the last few decades.