There are lots of good think pieces on the rise of populism. This one has an interesting take on why the lying that Trump does is not a problem.

The rise of highly polished, professional politicians such as Tony Blair and Bill Clinton exacerbated the sense that politics is all about strategic concealment of the truth, something that the Iraq war seemed to confirm as much as anything. Trump or Farage may have a reputation for fabricating things, but they don’t (rightly or wrongly) have a reputation for concealing things, which grants them a form of credibility not available to technocrats or professional politicians.

It’s and interesting read:


One thing I often noticed in politics (as well as other environments where there’s classical management) is bikeshedding. You do a design for a report or for a landing page and suddenly everyone is a designer or a landing page optimiser professional. This is really well addressed by Seth Godin here:

you’d think that there’s a correlation between the last few hours of tweaking and the results that we get. […] For surface shine, 80% might be more than enough. After that, the tweaking is for us, not those we seek to serve. – Seth Godin

La CAQ au Québec

La CAQ viens de gagner les élections au Québec. Il sont de droite et je me demande si c’est juste de la chance ou si quand le fédérale est plus de gauche les provinces change plus a droite et vice versa.

En tout les cas je suis d’une manière soulagé de ne pu vivre au Québec par ce que je n’aurais pas été sur pour qui voter. Les Libéraux au Québec sont un peu plus a la droite que je l’aimerais mais l’autre option, Québec Solidaire,  avec lequel je partage quand même assez d’opinion est super souverainiste.

Ya aussi un échange en particulier qui m’aurais probablement faite voter Libéral et c’est celui-ci:

La chose intéressante c’est que tous les parti sauf les Libéraux sont en accord. Je trouve sa troublant….

Late Escaping in WordPress

Late escaping is often seen as unnecessary. I remember when I used to think this:

“Why should I late escape something that I know is safe?”

Let’s examine the various parts of that statement.  The “I” really means not just me — the developer currently writing the code — but me at this current moment in time. While debugging old code, how often have you asked yourself who the “genius” who thought up some “clever” solution was only to realize you were the one who’d written it 6 months ago?

Late escaping future-proofs your code by making it easy to spot escaping. Otherwise, to check the security of it, you’d probably need to re-read all of the code surrounding it, check which functions are called, where the inputs come from, etc. It’s easier and less time-consuming to rely on late escaping instead.

The second part of this statement I want to examine is the “is safe” part. Safe in this context really means, “is not currently known to be insecure” with currently being the key word. The statement “the code is safe” is probably accurate at the point in time when you originally commit it. The problem is, code has a tendency to change. The function you’re calling that returns the “currently safe” code might change in the future. Or, the inputs to that function will change and be from a source you didn’t initially anticipate. That change could introduce user-provided data in a way you didn’t expect and end up being insecure. It’s safest to rely on late-escaping because it’s more resilient to unanticipated changes in the future.

I sometimes hear from developers who are worried that late escaping will hurt the performance of their site. Escaping — even with functions traditionally thought of as slow such as wp_kses_post() — is a drop in the bucket compared to one additional MySQL query on a site. If you take a look at this great post by Zack Tollman on the performance of wp_kses, you can see that older versions of PHP were a bit slow on long content. However, running wp_kses on longer content in PHP 7 and above* shows performance improvements similar to those of HHVM.

So you can rest easy — adding late escaping won’t slow down your site, and it offers many benefits:

  1. It’s easier to scan the code using PHPCS
  2. It’s easier to read during peer code review
  3. It’s more resilient to changes in other parts of the codebase
  4. Removes ambiguity and adds clarity for future code maintainers (including yourself!)
  5. Negligible performance impact


*For reference, WordPress VIP runs PHP 7 at a minimum


The economy is overrated

Someone once told me they didn’t bring back the cart at the shopping center because it “helps create jobs”. It’s a bit like we have accepted that there needs to be Bullshit Jobs.

A speech I’ve always liked is this one by Robert Kennedy:

It demonstates so well how the GDP and so many other measures of “success” are faulty.

Even the way we measure the economy is all wrong. This NYT article does a very good job of showing why even with a low unemployment rate and a high GDP we have so much inequality and suffering.

It reminds me a bit of vanity metrics (A metric that makes you feel good without telling you anything about your business). We have started to optimize our government policy for those vanity metrics. Instead of going to the root causes of what makes a great society we have metrics that, while initially well intentioned, have distracted us from the real goal.

Leaving behind the old metrics in search of better ones would be a good start. (until we end up corrupting those…)

Self-delusion on a national scale


“This was a self-delusion so complete that I could not see where it began and ended, could not root it out, could not destroy it.”

I really enjoyed the way the author describes their realizations, the way they explain that “dread” of realizing that so much of what we believe to be true is a lie.