|
We recently added a pair of high-severity XML External Entities (XXE) vulnerabilities found in the Nokogiri library to our vulnerability database. This post explains how the vulnerability works and discusses how to fix the exploit in your application.
|
|
It was a bright, sunny morning. There were no signs of trouble. I came to work, opened Slack, and received many messages from my coworkers about failed tests. After a few hours of investigation, the situation became clear: I’m responsible for the unit tests subsystem in Rider , and only tests from this subsystem were failing. I didn’t commit anything to the subsystem for a week because I worked with a local branch. Other developer....
|
|
It was a bright, sunny morning. There were no signs of trouble. I came to work, opened Slack, and received many messages from my coworkers about failed tests. After a few hours of investigation, the situation became clear: I’m responsible for the unit tests subsystem in Rider , and only tests from this subsystem were failing. I didn’t commit anything to the subsystem for a week because I worked with a local branch. Other developer....
|
|
When you write some multithreading magic on .NET, you can use a cool synchronization primitive called Mutex : var mutex = new Mutex ( false , "Global\\MyNamedMutex" ); You also can make it named (and share the mutex between processes) which works perfectly on Windows: However, today the .NET Framework is cross-platform, so this code should work on any operation system. What will happen if you use named mute..
|
|
When you write some multithreading magic on .NET, you can use a cool synchronization primitive called Mutex : var mutex = new Mutex ( false , "Global\\MyNamedMutex" ); You also can make it named (and share the mutex between processes) which works perfectly on Windows: However, today the .NET Framework is cross-platform, so this code should work on any operation system. What will happen if you use named mute..
|
|
Setup up ConcourseCI 2.6.0 behind Nginx with Self Signed Certificates on Ubuntu 16.04
-
boyter.org
-
9 years ago
-
eng
Concourse CI][1] is a very nice continuous integration server. However for installs there are a few gotcha’s you need to keep in mind. Mostly these relate to how TLS/SSL works. The first is that while it is possible to run concourse inside Docker I found this to cause a lot of issues with workers dying and not recovering. I would suggest installing the binarys on bare machines. When I moved from a docker cluser using Amazon’s ECS to a s..
|
This page contains info on a 15-minute talk I gave at the SaaStr conference called “De-Risking Your Startup.”
|
|
Sometimes you just want to make a dynamic call. There is no equivalent for in so I guess we'll have to roll our own. In this post I'll go…
|
|
Each financial post I do brings at least a few questions about my plan or different investment strategies. Before we get to it, I’ll start with my usual disclaimer that I have no background in finance or financial planning, and taking financial advice exclusively from the guy living in a box truck probably isn’t a sound strategy. With that out of the way, let’s get to the questions. Do you invest in bitcoins?
|
|
Each financial post I do brings at least a few questions about my plan or different investment strategies. Before we get to it, I’ll start with my usual disclaimer that I have no background in finance or financial planning, and taking financial advice exclusively from the guy living in a box truck probably isn’t a sound strategy. With that out of the way, let’s get to the questions. Do you invest in bitcoins?
|
|
Comment on Java Vs Python for a Start-Up: Help us Decide. by VCAP certified
-
honestmusings.wordpress.com
-
9 years ago
-
eng
VMware Certified Advanced Professional 6 (Desktop and Mobility Deployment) - The industry-recognized VCAP6-DTM Deploy certification validates that you know how to deploy and optimize VMware Horizon 6 (with View) environments. It proves that you have the knowledge and skills essential to leverage best practices to provide a scalable and reliable Business Mobility platform for your business. Some of the subjects include: Configuring and manag....
|
|
Back in 2013 I was working exclusively on an Android tablet . Then with the NoFlo Kickstarter I needed a device with a desktop browser. What followed were brief periods working on a Chromebook, on a 12” MacBook, and even an iPad Pro. But from April 2016 onwards I’ve been again working with an Android device. Some people have asked me about my setup, and so here is an update. Why work on a tablet? When I started on this path in 2....
|
|
Consider the following program: public static void Main ( string [] args ) { try { Process . GetProcesses (); } catch ( Exception e ) { Console . WriteLine ( e ); } } It seems that all exceptions should be caught. However, sometimes , I had the following exception on Linux with dotnet cli-1.0.0-preview2: $ dotnet run Syste....
|
|
Consider the following program: public static void Main ( string [] args ) { try { Process . GetProcesses (); } catch ( Exception e ) { Console . WriteLine ( e ); } } It seems that all exceptions should be caught. However, sometimes , I had the following exception on Linux with dotnet cli-1.0.0-preview2: $ dotnet run Syste....
|
|
Back in 2013 I was working exclusively on an Android tablet . Then with the NoFlo Kickstarter I needed a device with a desktop browser. What followed were brief periods working on a Chromebook, on a 12” MacBook, and even an iPad Pro. But from April 2016 onwards I’ve been again working with an Android device. Some people have asked me about my setup, and so here is an update. Why work on a tablet? When I started on this path in 2....
|
|
Back in 2013 I was working exclusively on an Android tablet . Then with the NoFlo Kickstarter I needed a device with a desktop browser. What followed were brief periods working on a Chromebook, on a 12” MacBook, and even an iPad Pro. But from April 2016 onwards I’ve been again working with an Android device. Some people have asked me about my setup, and so here is an update. Why work on a tablet? When I started on this path in 2....
|
|
Back in 2013 I was working exclusively on an Android tablet . Then with the NoFlo Kickstarter I needed a device with a desktop browser. What followed were brief periods working on a Chromebook, on a 12” MacBook, and even an iPad Pro. But from April 2016 onwards I’ve been again working with an Android device. Some people have asked me about my setup, and so here is an update. Why work on a tablet? When I started on this path in 2....
|
|
Today I’m releasing the first public beta release of my new project: Checkbot for Chrome! Checkbot is a Chrome extension that crawls the pages on your site to suggest SEO, web speed and web security improvements. Checkbot aims to be a comprehensive website testing tool that gives you everything you need to identify, understand and fix website issues. Checkbot guides you in following web best practices by helping you fix problems such as bro..
|
|
Back in November, I created a Twitter account and a Facebook page for a specific niche - puppies , or really, dogs in general. This week I created a website to go with those pages. Presenting: the Puppy Snuggles webpage !
|
How to style and customize Google Custom Search Engine to match your site design using CSS overrides and JavaScript workarounds
|
|
How to style and customize Google Custom Search Engine to match your site design using CSS overrides and JavaScript workarounds
|
|
How to style and customize Google Custom Search Engine to match your site design using CSS overrides and JavaScript workarounds
|
|
I don’t think it rained once when I interned in the Bay in 2014. The summer of 2014, to be specific. Doing a bit of overzealous extrapolation, I came to the incorrect conclusion that it never rains in the Bay, which sounded just splendid to me. Before I moved out here to start a full-time job in 2015, I donated my boots, raincoat, and any umbrellas I had. When I actually got here and bought the truck, I didn’t even bother checking for l..
|
|
I don’t think it rained once when I interned in the Bay in 2014. The summer of 2014, to be specific. Doing a bit of overzealous extrapolation, I came to the incorrect conclusion that it never rains in the Bay, which sounded just splendid to me. Before I moved out here to start a full-time job in 2015, I donated my boots, raincoat, and any umbrellas I had. When I actually got here and bought the truck, I didn’t even bother checking for l..
|
|
I’m the guy who develops the NuGet manager in Rider . It’s not ready yet, there are some bugs here and there, but it already works pretty well. The feature which I am most proud of is smart and fast search: Today I want to share with you some technical details about how it was implemented.
|
|
I’m starting a series on essays on gambling and taking risks. The premise of the essays is that there are cases where it is optimal to take risks, and even to gamble, even if the odds are bad, and maybe even if the system is rigged. I’ll start with a simple example, maybe even too simple, and progressively introduce mathematical concepts, and talk about the optimal betting strategies, depending on the odds and the goals. Lets first con....
|
|
Handle errors gracefully by offering *idempotent* APIs
-
www.databasesandlife.com
-
9 years ago
-
eng
In the REST specification, there is no way to group individual requests together into a transaction (in the way that it's possible to group multiple modifications to a database into a database transaction, or in a distributed J2EE system use a distributed transaction). Making all APIs idempotent goes some way to compensating for this shortcoming. Motivation A client may well want to access more than one REST API to carry out an action on..
|
|
I’m the guy who develops the NuGet manager in Rider . It’s not ready yet, there are some bugs here and there, but it already works pretty well. The feature which I am most proud of is smart and fast search: Today I want to share with you some technical details about how it was implemented.
|
Hi, everyone! As you may have noticed I'm really interested into Go and since I fell in love with this language I'd like to write about it more frequently. If you don't know Go yet I really think...
|
|
Hi, everyone! As you may have noticed I'm really interested into Go and since I fell in love with this language I'd like to write about it more frequently. If you don't know Go yet I really think...
|
|
Elixir and Go have both grown significantly in popularity over the past few years, and both are often reached for by developers looking for high concurrency solutions. The two languages follow many similar principles, but both have made some core tradeoffs that affect their potential use cases. Let’s compare the two by taking a look at their backgrounds, their programming styles, and how they deal with concurrency.
|
For a project I am working on I had to find a way to build some lightpad on the cheap. Lightpad or Tracing lights – and I found these 3 different ways to go at it. Walmart-style DIY lightpad Not much building-welding-connecting involved. Just buy 20 euros of office supplies and you are done. I might go with that one. Thanks Makerspace-style lightbox From Instructables, I found this interesting under 30 dollars version.
|
|
Updated on February 10th, 2017 Prelude This post is part of a series of posts designed to make you think about your own design philosophy on different topics. If you haven’t read this post yet, please do so first: Develop Your Design Philosophy Introduction I want to share with you my design philosophy around the word Integrity and what it means to me from a Go perspective. Integrity is much more than just a buzzword, it is a drivi..
|
|
For a project I am working on I had to find a way to build some lightpad on the cheap. Lightpad or Tracing lights – and I found these 3 different ways to go at it. Walmart-style DIY lightpad Not much building-welding-connecting involved. Just buy 20 euros of office supplies and you are done. I might go with that one. Thanks Makerspace-style lightbox From Instructables, I found this interesting under 30 dollars version.
|