|
API authentication vulnerability found in Snyk Kubernetes integration (CVE-2023-1065)
-
snyk.io
-
3 years ago
-
eng
CVE-2023-1065 is a medium severity vulnerability that does not expose the user of the integration to any direct security risk and no user data could be leaked, but it could have resulted in irrelevant data being posted to a Snyk organization — which could in turn obfuscate other, relevant, security issues.
|
|
monthly checkin - Review Running - Wanted to run 150km; and I ran a little over 150km ✅ Weight - I wanted to weigh 66 but I only got to 66.65 ❌ Lifting - I did Stronglifts as often as the app recommended and a trial session at a gym ✅ Reading -...
|
|
When reading the title you may think: “d’oh! that’s easy, with git log, of course!” And of course it’s done with git log . But what I didn’t know is that with git log -p path/to/file you can show the history of a file including its changes: > git log -p molecule/mysql_hardening/molecule.yml commit 47c771cc628c4a570552c4b76cba22a5aaa92660 Author: Martin Schurz
|
|
p-value distribution of the Mann–Whitney U test in the finite case
-
aakinshin.net
-
3 years ago
-
eng
When we work with null hypothesis significance testing and the null hypothesis is true, the distribution of observed p-value is asymptotically uniform. However, the distribution shape is not always uniform in the finite case. For example, when we work with rank-based tests like the Mann–Whitney U test, the distribution of the p-values is discrete with a limited set of possible values. This should be taken into account when we design a testi..
|
|
p-value distribution of the Mann–Whitney U test in the finite case
-
aakinshin.net
-
3 years ago
-
eng
When we work with null hypothesis significance testing and the null hypothesis is true, the distribution of observed p-value is asymptotically uniform. However, the distribution shape is not always uniform in the finite case. For example, when we work with rank-based tests like the Mann–Whitney U test, the distribution of the p-values is discrete with a limited set of possible values. This should be taken into account when we design a testi..
|
|
Reading Future Internet PKI schemes need to be bootstrapped through web PKI I was reminded by all the problems I’ve had with SSH (Secure SHell) PKI (Public Key Infrastructure). SSH host verification is trust-on-first-use (TOFU). So SSH is protected from man-in-the-middle (MITM) attacks unless the first connection falls prey to the attack.
|
|
Reading Future Internet PKI schemes need to be bootstrapped through web PKI I was reminded by all the problems I’ve had with SSH (Secure SHell) PKI (Public Key Infrastructure). SSH host verification is trust-on-first-use (TOFU). So SSH is protected from man-in-the-middle (MITM) attacks unless the first connection falls prey to the attack.
|
|
Reading Future Internet PKI schemes need to be bootstrapped through web PKI I was reminded by all the problems I’ve had with SSH (Secure SHell) PKI (Public Key Infrastructure). SSH host verification is trust-on-first-use (TOFU). So SSH is protected from man-in-the-middle (MITM) attacks unless the first connection falls prey to the attack.
|
|
Plenty of cheesy quotes often say that total security stands on the opposite of total freedom. Undeniably, in computers and operating systems this is a fact. This article will focus on the topic of access control on Unix-like systems. Sit back and relax as it transports you on a journey of discovery. We'll unfold the map, travel to different places, allowing to better understand this wide, often misunderstood, and messy territory. The goal ..
|
|
Making links recognizable in ways besides color is a basic accessibility requirement; in body text, underlining them makes their starting and ending locations obvious. I’ve recently decided to make a very personal exception: Wikipedia articles are full of interesting links. While this is great for letting me discover new topics, the links tend to let my ADHD take the wheel. Speaking strictly for myself: removing link underlines on Wikiped..
|
|
TIL you can inspect Docker-Container now with the docker-cli
-
www.zufallsheld.de
-
3 years ago
-
eng
When I wanted to inspect Docker-Container that existed in a remote Docker-registry, I normally used skopeo : skopeo inspect docker://ubuntu:latest { "Name": "docker.io/library/ubuntu", "Digest": "sha256:9a0bdde4188b896a372804be2384015e90e3f84906b750c1a53539b585fbbe7f", "RepoTags": [ "10.04", "12.04", "12.04.5", } This command show me all the information about the image that I needed to know - tags, architecture and other things. I....
|
|
In this article I’ll derive a trick used in FHE called sample extraction. In brief, it allows one to partially convert a ciphertext in the Ring Learning With Errors (RLWE) scheme to the Learning With Errors (LWE) scheme. Here are some other articles I’ve written about other FHE building blocks, though they are not prerequisites for this article. Modulus Switching in LWE Key Switching in LWE The Gadget Decomposition in FHE Negacyclic Polynom..
|
|
In this article I’ll derive a trick used in FHE called sample extraction. In brief, it allows one to partially convert a ciphertext in the Ring Learning With Errors (RLWE) scheme to the Learning With Errors (LWE) scheme. Here are some other articles I’ve written about other FHE building blocks, though they are not prerequisites for this article. Modulus Switching in LWE Key Switching in LWE The Gadget Decomposition in FHE Negacyclic Polynom..
|
|
In this article I’ll derive a trick used in FHE called sample extraction. In brief, it allows one to partially convert a ciphertext in the Ring Learning With Errors (RLWE) scheme to the Learning With Errors (LWE) scheme. Here are some other articles I’ve written about other FHE building blocks, though they are not prerequisites for this article. Modulus Switching in LWE Key Switching in LWE The Gadget Decomposition in FHE Negacyclic Polynom..
|
|
In this article, we'll look at the pitfalls of worker threads and how they differ from the multithreading implementations in other programming languages.
|
Another year - this time 5 years with a Pi-hole on my network. This time joining with PADD and a Grafana dashboard.
|
|
Check connectivity to your Node MCU. This video will make the onboard LED blink. There is no need for any connected pins. It is provided as a bare minimum example to check if everything is connected and installed correctly on your board.
|
|
Introduction In episode 4, Miki defined an enumerated type that satisfied Go’s fmt.Stringer interface. By implementing the fmt.Stringer interface, Miki can specify how his enumerators were printed within a formatted string and in this case, he expected the values to be displayed as a predetermined text value. Miki also pointed out how using the value of the method’s receiver within the Stringer method can result in a recursive loop.
|
|
The Importance of 99th Percentile Latency in System Performance
-
akashrajpurohit.com
-
3 years ago
-
eng
Latency is a crucial metric for measuring the performance of any system, and understanding the 99th percentile is crucial for determining real-world performance. In this article, we'll delve into what the 99th percentile means and how it is calculated, with examples to help you understand this essential metric.
|
|
SystemVerilog is a strange language. Students of computer science frequently struggle when they first encounter it, because if you squint and turn your head just so it looks like a programming language. However, the parts of the language commonly known as “the synthesizable subset” have very little to do with programming. SystemVerilog does exactly what it says on the tin, it’s a hardware description language . It describes a physical ..
|
|
Repository: @knadh/tg-archive GitHub release page: v1.1.0 What’s Changed README: add workaround for opaque failure mode of app creation page by @jcahill in https://github.com/knadh/tg-archive/pull/91 New Contributors @jcahill made their first contribution in https://github.com/knadh/tg-archive/pull/91 Full Changelog : https://github.com/knadh/tg-archive/compare/v1.0.0...v1.1.0
|
|
Repository: @knadh/tg-archive GitHub release page: v1.1.1 Full Changelog : https://github.com/knadh/tg-archive/compare/v1.1.0...v1.1.1
|
|
The Importance of 99th Percentile Latency in System Performance
-
akashrajpurohit.com
-
3 years ago
-
eng
Latency is a crucial metric for measuring the performance of any system, and understanding the 99th percentile is crucial for determining real-world performance. In this article, we'll delve into what the 99th percentile means and how it is calculated, with examples to help you understand this essential metric.
|
|
How I switched hosting my Go-based side projects from Amazon EC2 to Fly.io, significantly simplified deployment, and saved a bit of cash while I was at it.
|
Podľa Billa Gatesa a Svetového ekonomického fóra (WEF) hrozí, že pokračujúce globálne „otepľovanie“ zničí ľudstvo. A keďže hospodárske zvieratá grganím a prdením vytvárajú metán – predstavujú problém! Nemajte obavy, keď to nebude otepľovanie, bude to ochladzovanie za ktoré môže preľudnenie, poľnohospodárstvo, kravy a pod. – už to tu bolo. Našťastie, Bill Gates má riešenie, treba prestať chovať dobytok […]
|
A common task in S3-based Data Lakes is to repartition data, to optimize query patterns and speed. This article describes a serverless solution using DuckDB
|
|
A common task in S3-based Data Lakes is to repartition data, to optimize query patterns and speed. This article describes a serverless solution using DuckDB
|
|
Assumed Audience : Programmers, hackers, and their bosses. Discuss on Hacker News . Epistemic Status : Confident and willing to bet on it. Introduction When Reddit complains that a comment is too long, it’s time to write a blog post. The backstory is that I was having a discussion with someone over a previous post . That person, username Qweesdy, had a vision of what future programming languages should be like. This pers..
|
|
Assumed Audience : Programmers, hackers, and their bosses. Discuss on Hacker News . Epistemic Status : Confident and willing to bet on it. Introduction When Reddit complains that a comment is too long, it’s time to write a blog post. The backstory is that I was having a discussion with someone over a previous post . That person, username Qweesdy, had a vision of what future programming languages should be like. This pers..
|
|
Assumed Audience : Programmers, hackers, and their bosses. Discuss on Hacker News . Epistemic Status : Confident and willing to bet on it. Introduction When Reddit complains that a comment is too long, it’s time to write a blog post. The backstory is that I was having a discussion with someone over a previous post . That person, username Qweesdy, had a vision of what future programming languages should be like. This pers..
|
|
Assumed Audience : Programmers, hackers, and their bosses. Discuss on Hacker News . Epistemic Status : Confident and willing to bet on it. Introduction When Reddit complains that a comment is too long, it’s time to write a blog post. The backstory is that I was having a discussion with someone over a previous post . That person, username Qweesdy, had a vision of what future programming languages should be like. This pers..
|
|
Assumed Audience : Programmers, hackers, and their bosses. Discuss on Hacker News . Epistemic Status : Confident and willing to bet on it. Introduction When Reddit complains that a comment is too long, it’s time to write a blog post. The backstory is that I was having a discussion with someone over a previous post . That person, username Qweesdy, had a vision of what future programming languages should be like. This pers..
|
|
Assumed Audience : Programmers, hackers, and their bosses. Discuss on Hacker News . Epistemic Status : Confident and willing to bet on it. Introduction When Reddit complains that a comment is too long, it’s time to write a blog post. The backstory is that I was having a discussion with someone over a previous post . That person, username Qweesdy, had a vision of what future programming languages should be like. This pers..
|
|
Assumed Audience : Programmers, hackers, and their bosses. Discuss on Hacker News . Epistemic Status : Confident and willing to bet on it. Introduction When Reddit complains that a comment is too long, it’s time to write a blog post. The backstory is that I was having a discussion with someone over a previous post . That person, username Qweesdy, had a vision of what future programming languages should be like. This pers..
|
|
Assumed Audience : Programmers, hackers, and their bosses. Discuss on Hacker News . Epistemic Status : Confident and willing to bet on it. Introduction When Reddit complains that a comment is too long, it’s time to write a blog post. The backstory is that I was having a discussion with someone over a previous post . That person, username Qweesdy, had a vision of what future programming languages should be like. This pers..
|
|
I share my experience contributing to Rust's linter Clippy and the welcoming environment for new contributors.
|
|
Our test pack is configured dynamically from environment variables. Each scenario can be configured independently with different target VUs, duration or even executor. Let’s start from a file called main.js. It imports all our scenarios, each as a default function: export { default as cacheCreateAll } from './runners/cacheCreateAll.js'; export { default as cacheCreateUpdateRemove } from './runners/cacheCreateUpdateRemove.js'; export { defau..
|
|
No time like the project’s two year anniversary to drop this particular bomb… Marginalia’s gotten an NLNet grant. This means I’ll be able to work full time on this project at least a year. https://nlnet.nl/project/Marginalia/ This grant is essentially the best-case scenario for funding this project. It’ll be able to remain independent, open-source, and non-profit. I won’t start in earnest for a few months as I’ve got loose ends to..
|
|
I share my experience contributing to Rust's linter Clippy and the welcoming environment for new contributors.
|