|
Teatutor is a Golang CLI leveraging the Bubbletea Terminal User Interface (TUI) library from Charm.sh. It can be served over an SSH connection.
|
|
In Autumn, as days get shorter and colder, men have always tended to be more… sensitive. And long nights are the perfect time for (spooky) storytelling! Many myths and traditions, in fact, take place during the first of November and in the Winter solstice. Today, we can mostly feel the reminiscence of the past Halloween lore. But where does it come from? This is a complicated question and surely it will cover several articles in this blog....
|
|
A very brief note to announce reaching a long term goal and major milestone for marginalia search. The search engine now indexes 106,857,244 documents! The previous record was a bit south of seventy million. A hundred million has been a pie-in-the-sky goal for a very long time. It’s seemed borderline impossible to index a that many documents on a PC. Turns out it’s not. It’s more than possible. Twice this may even be technically doabl..
|
|
In Autumn, as days get shorter and colder, men have always tended to be more… sensitive. And long nights are the perfect time for (spooky) storytelling! Many myths and traditions, in fact, take place during the first of November and in the Winter solstice. Today, we can mostly feel the reminiscence of the past Halloween lore. But where does it come from? This is a complicated question and surely it will cover several articles in this blog....
|
|
Here is how I propose browsers address web bloat: Stop adding features unrelated to accessibility, security, privacy, and internationalization. Adopt a default document policy that restricts oversized assets and download size . Make JIT-compilation a per-site opt-in permission. That should rein in over-reliance on JS. This should mostly contain the bloat problem without significantly inconveniencing most users, which is..
|
|
In this article, you’ll learn more about mock API servers, the tools you can use to create mock APIs, how you can use them to speed up your development and testing, and how to set up a simple mock server.
|
|
Assumed Audience : Everyone, but especially software developers and other tech-savvy people. However, don’t post this to Hacker News (I’ve already said this stuff on comments there) nor on lobste.rs. Epistemic Status : Confident. Introduction A couple days ago, there was a story on Hacker News about a programmer who saw GitHub’s Copilot spitting out his code with no regards to its license, the LGPL . Naturally, there was a lo..
|
|
Assumed Audience : Everyone, but especially software developers and other tech-savvy people. However, don’t post this to Hacker News (I’ve already said this stuff on comments there) nor on lobste.rs. Epistemic Status : Confident. Introduction A couple days ago, there was a story on Hacker News about a programmer who saw GitHub’s Copilot spitting out his code with no regards to its license, the LGPL . Naturally, there was a lo..
|
|
Assumed Audience : Everyone, but especially software developers and other tech-savvy people. However, don’t post this to Hacker News (I’ve already said this stuff on comments there) nor on lobste.rs. Epistemic Status : Confident. Introduction A couple days ago, there was a story on Hacker News about a programmer who saw GitHub’s Copilot spitting out his code with no regards to its license, the LGPL . Naturally, there was a lo..
|
|
Assumed Audience : Everyone, but especially software developers and other tech-savvy people. However, don’t post this to Hacker News (I’ve already said this stuff on comments there) nor on lobste.rs. Epistemic Status : Confident. Introduction A couple days ago, there was a story on Hacker News about a programmer who saw GitHub’s Copilot spitting out his code with no regards to its license, the LGPL . Naturally, there was a lo..
|
|
Assumed Audience : Everyone, but especially software developers and other tech-savvy people. However, don’t post this to Hacker News (I’ve already said this stuff on comments there) nor on lobste.rs. Epistemic Status : Confident. Introduction A couple days ago, there was a story on Hacker News about a programmer who saw GitHub’s Copilot spitting out his code with no regards to its license, the LGPL . Naturally, there was a lo..
|
|
Assumed Audience : Everyone, but especially software developers and other tech-savvy people. However, don’t post this to Hacker News (I’ve already said this stuff on comments there) nor on lobste.rs. Epistemic Status : Confident. Introduction A couple days ago, there was a story on Hacker News about a programmer who saw GitHub’s Copilot spitting out his code with no regards to its license, the LGPL . Naturally, there was a lo..
|
|
Assumed Audience : Everyone, but especially software developers and other tech-savvy people. However, don’t post this to Hacker News (I’ve already said this stuff on comments there) nor on lobste.rs. Epistemic Status : Confident. Introduction A couple days ago, there was a story on Hacker News about a programmer who saw GitHub’s Copilot spitting out his code with no regards to its license, the LGPL . Naturally, there was a lo..
|
|
Assumed Audience : Everyone, but especially software developers and other tech-savvy people. However, don’t post this to Hacker News (I’ve already said this stuff on comments there) nor on lobste.rs. Epistemic Status : Confident. Introduction A couple days ago, there was a story on Hacker News about a programmer who saw GitHub’s Copilot spitting out his code with no regards to its license, the LGPL . Naturally, there was a lo..
|
|
What thinketh ye all? Should polling places be located at churches, civic centers, fire departments, somewhere else? Why? What does the location make you think while you’re casting your vote?
|
|
Key management guides should also cover key distribution. Secure distribution happens over at least two bands with two different sources of trust. Having my own domain name lets me combine DANE (trust the DNS trust anchors) and Web Key Directory (trust the WebPKI and CA system). Clients can fetch keys both ways and ensure they match. Prospective senders may also request public keys over modern encrypted messengers. This guide covers the..
|
|
Oh, joy. After many years with an iPhone, today I learned how to stop spam calls with a single, not-really-super-secret move. Settings > Phone > Silence Unknown Callers That’s it. Unknown callers now go straight to my recent calls list for me to (eventually) review. Most importantly, the phone doesn’t ring. I initially had True Caller installed and enabled, which worked for a while. Spammers use throw-away numbers anyway, so it’s super..
|
|
Talking about improving sustainability of open source with some incredible open source community members. We highly recommend checking out their profiles to see the cool projects they’re working on!
|
|
Repository: @knadh/koanf GitHub release page: v1.4.4 What’s Changed Fixup comments in providers by @neelayu in https://github.com/knadh/koanf/pull/172 New Contributors @neelayu made their first contribution in https://github.com/knadh/koanf/pull/172 Full Changelog : https://github.com/knadh/koanf/compare/v1.4.3...v1.4.4
|
|
I know of two Intel ME rootkits that didn’t involve Intel AMT; the latter can be enabled/disabled on “ vPro ” chips. One rootkit was from 2009 and seems less relevant now; the more recent of the two was by Mark Ermolov and Maxim Goryachy at Black Hat Europe 2017: How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine ( application/pdf ) . Without AMT, they required physical access. Mo..
|
|
In this post, Snyk Ambassador Keith McDuffee will lead us through a discussion on how site reliability engineers (SREs) bring order to the chaos of development.
|
|
This was a talk I gave at the Software You Can Love 2022 conference. You can find the slides right here (PDF) . Today I want to tell you a story about the time I ported the Zig compiler to SerenityOS. I’m going to tell you a bit about what my motivation was to do this. Then I’ll explain the steps I took and the various challenges I faced (there were a lot of those!). We’re going to go into the details of some of the problems that I ..
|
Near the end of each year I note down a summary of the best apps I’ve enjoyed using throughout the year, here’s 2022.
|
|
This was a talk I gave at the Software You Can Love 2022 conference. You can find the slides right here (PDF) . Today I want to tell you a story about the time I ported the Zig compiler to SerenityOS. I’m going to tell you a bit about what my motivation was to do this. Then I’ll explain the steps I took and the various challenges I faced (there were a lot of those!). We’re going to go into the details of some of the problems that I ..
|
|
Near the end of each year I note down a summary of the best apps I’ve enjoyed using throughout the year, here’s 2022.
|
|
Yesterday I was at WPC 2022 , “the most important Italian conference on Microsoft technologies”, where I presented a one-hour session titled “Reliable end-to-end testing for modern web apps with Microsoft Playwright.” Attendance was great and there was a lot of excitement up in the air; it was evident that people were happy to meet and interact in person again. After the forced two years hiatus, it was great to be back at a big on-site c..
|
|
Music great, lighting great, encore fantastic. Loads of audience participation, singing and dancing throughout. Fun! I don’t particularly like the Commodore Ballroom, as a venue. It’s OK , but it’s a bit of an echoey box. The sound for Loviet, the warm-up band, was a bit echoey and too loud, lyrics indistinct. They pulled it together though and the sound for Morcheeba was great . I was about four people from the front, great view & ....
|
|
Hello World! This is the first post on this website. It uses static pages generated by Hugo and hosted in S3. To reduce latency, it uses CloudFront in front of S3 as a CDN. There’s also a Lambda@Edge function that routes requests within the S3 bucket that contains all the static files. The site uses AWS Certificate Manager to manage its SSL/TLS certificate. I run deployments using Hugo’s built-in S3 bucket deployment feature, which has t..
|
Here I illustrate how Clojurists (including Yours Truly) like to solve problems and model things using hammocks, pure functions, and the "it's just data" ideology. Also, while the *problem* focuses on "design in the small" of application logic, many ideas in the *solution* can—and do—scale all the way to "design in the large" of whole systems.
|
|
Reviewing CVE-2022-42889: The arbitrary code execution vulnerability in Apache Commons Text
-
snyk.io
-
3 years ago
-
eng
In this post we’ll review CVE-2022-42889, the recent Arbitrary Code Execution Vulnerability in Apache Commons Text, including what it is, how to remediate it, and why it’s not the new Log4Shell.
|
|
2022 Snyk Customer Value Study highlights: The impact of developer-first security
-
snyk.io
-
3 years ago
-
eng
Learn about the 2022 Snyk Customer Value Study. The goal of this study was to understand our customers’ most important value drivers, discover how they think about their return on investment and find out how much quantifiable benefit they’ve realized by leveraging the Snyk platform.
|
|
Implement our list of 8 best practices to improve your overall AWS Security posture. Secure your AWS deployments to prevent data breaches.
|
|
My book Handbook for Defensive Cyberspace Operations contains an extensive chapter on tools and resources for cybersecurity analysts. As a closed project, however, this knowledge has had little impact outside of my niche community. This post contains a version of that chapter suitable for distribution to the public. Permalink.
|