Five Links

Subscribe
Archives
August 7, 2025

Five Links #59

Five Links is back from a hiatus...

Hello,

It’s been a while.

A lot has happened since my last email. For personal reasons, I archived most of my side projects in 2023, and Five Links took an unplanned hiatus around the same time.

In the meantime, I’ve been writing periodically on my blog. Here’s a quick catch up:

  • In this day and age, running a business without any social media presence is unusual – I wrote about how that works for me
  • I penned some notes on the thought process behind my studio redesign
  • In an effort to be as transparent as possible, I’ve published the lengths/durations of all my recent projects
  • I’m making a conscious effort to relentlessly give credit
  • I’ve started documenting and sharing my experience of various design courses
  • I outlined the benefits I’ve found in charging on a time and materials basis

One of the things I’ve missed about this newsletter is hearing back from people: links they’ve found interesting, projects they’ve been involved with, etc. If you have a link to share or a project to tell me about, I’ve love to hear from you – just hit reply.

Thanks for sticking with this extended intro. Next week’s edition will be back to the normal short form.

Links below 👇

(Not interested? No problem: unsubscribe here)


Absorbing

Five links for your inbox from this week.

1. Vibe coding meets hallucinated dependencies meets bad actors

Bad actors are slop-squatting hallucinated dependencies to carry out supply chain attacks.

Even worse, when you Google one of these slop-squatted package names, you’ll often get an AI-generated summary from Google itself confidently praising the package, saying it’s useful, stable, well-maintained.

2. That's Not How A SIM Swap Attack Works

Here's how a SIM swap works.

  1. Attacker convinces your phone company to reassign your telephone number to a new SIM.
  2. Attacker goes to a website where you have an account, and initiates a password reset.
  3. Website sends a verification code to your phone number, which is now in the hands of the attacker.
  4. Attacker supplies verification code and gets into your account.

3. Falsehoods programmers believe about fonts

Some of my favourites from this list:

  • Fonts render the same everywhere
  • Fonts should render the same everywhere
  • Someone else will check the font license
  • I can share the font with everyone on my project
  • Fonts are a great way to deliver icons
  • You're allowed to subset any font
  • It's good practice to set an explicit font size regardless of user preferences

4. Measuring the impact of early-2025 AI on experienced open-source developer productivity

Emphasis my own:

When developers are allowed to use AI tools, they take 19% longer to complete issues—a significant slowdown that goes against developer beliefs and expert forecasts. This gap between perception and reality is striking: developers expected AI to speed them up by 24%, and even after experiencing the slowdown, they still believed AI had sped them up by 20%.

5. The moral dilemma of platform choice

As someone who isn’t a major influencer or content creator, it’s easy to think our platform choices don’t matter. “I’m too small to make a difference,” we might tell ourselves. But perhaps that’s exactly why these choices matter more than ever. When enough small voices make ethical choices, it creates a collective impact.


What am I up to?

  • Unoffice Hours run on a fortnightly schedule. The next available slot is 20 August.
  • I’m offering design consultations to give feedback on design work without the commitment of a larger project. These are running at a discounted rate until the end of September.
  • I’m currently booking projects from October/November onwards.

If you enjoy discovering the links in the emails, please tell other people about it: give it a share or forward it to someone you think might like it. If you were forwarded this email, you can subscribe here.

If you come across a link/app you think might be of interest to other people on this list, hit reply and let me know.

Until next time,

Dave

This email doesn’t track you.


You’re receiving this email because you subscribed at davesmyth.com. If you would prefer not to receive these emails, you can unsubscribe.

Don't miss what's next. Subscribe to Five Links:
Studio Personal
Powered by Buttondown, the easiest way to start and grow your newsletter.