|
IMO: the main benefit of DNS-over-HTTPS (DoH) is that it’s a stepping stone to Oblivious DNS over HTTPS (RFC 9230) . i distrust how much more this encourages centralization I don’t see how it’s more centralized than DNS-over-TLS (DoT). On the client side, QUIC is already present on just about every Android phone. On the server side: I don’t think this update forces you to use any given provider, nor does it remove DoT. The defaul..
|
|
Imagine asking a team of human auditors and disabled users to list all the accessibility issues they notice on a site. These people may list some WCAG failures, but might also list unique accessibility issues that aren’t documented anywhere. They may phrase a single issue in a way that could cover a number of more specific issues (e.g. “this font makes my head hurt”). Then, run an automated scan on the same site. Combine the valid automat..
|
|
If you succeed, you will fail. Something said at a client engagement I was at some time ago. I figure enough time has passed that it is worth sharing this story. One of the early engagements was to deliver for a very large company an iOS Application powered by a RESTful API. This was problematic due to what is common for every large organisation, a collection of older legacy backends. Some with their own API’s, and bizzare authenticat..
|
|
In this hot summer I can’t survive without “doing nothing”, so since my parents are on vacation for one month, I started a new easy project to give my parents a better home network without spending nothing. Since I have already at home all the hardware: a Netgear R7000 router and a RPi Zero W. Goal The goal is to achieve a stable network, with some basic privacy features, and blocking the ads/requests via DNS. Plus obtaining an optimized ..
|
|
In this hot summer I can’t survive without “doing nothing”, so since my parents are on vacation for one month, I started a new easy project to give my parents a better home network without spending nothing. Since I have already at home all the hardware: a Netgear R7000 router and a RPi Zero W. Goal The goal is to achieve a stable network, with some basic privacy features, and blocking the ads/requests via DNS. Plus obtaining an optimized ..
|
|
Addressing cybersecurity challenges in open source software with the Linux Foundation
-
snyk.io
-
3 years ago
-
eng
Snyk recently partnered with the Linux Foundation to produce a report focusing on the state of security in the OSS space. Following the report’s publication, experts from Snyk held a webinar with the Linux Foundation to discuss some of the key insights, read on for a recap.
|
|
I think h-feed and h-entry should be implemented manually by Hugo theme and/or site authors. Microformats add class names to a page, but someone still has to design a page. There’s way more diversity in h-feed design than RSS, Atom, or JSON-feed design because h-feeds are webpages meant for humans first, machines second. Providing built-in h-feed templates would be akin to providing a default incomplete theme. That being said, I could ima..
|
|
They are like workers that are hired. Laws around “works for hire” come with their own copyright baggage that assumes workers are actual people; for instance, these laws include mechanisms by which workers can claim copyright themselves. I’m not opposed to the general principle of training a model on copyrighted works potentially being fair use; however, the generated works would need to be sufficiently novel or seemingly “creative” b..
|
|
Rails Tip : When You Are Testing Model Files without a Database Table Delete Fixtures File
-
fuzzyblog.io
-
3 years ago
-
eng
I generate a lot of models without ActiveRecord backing. The reason for this is I try and follow a fairly functional style of Ruby coding where I use class methods. The reason I use models for this: I don't know what to call them other than a model The models directly is auto loaded so I can refresh it with reload! in Rails console My normal process for this: rails g foo Delete the migration Delete the "< …" at the top i.e. the inhe....
|
|
Maybe I can Stay in NuShell -or- Living in a Diverse Land of Shells
-
fuzzyblog.io
-
3 years ago
-
eng
I really, really like NuShell. The realization that maybe I had to leave was, I'll admit, mildly crushing . And then I just had the realization that maybe I don't have to leave NuShell and slink back to the dirty, byte infested corners of Bash and Zsh. Here's what just happened: /Users/sjohnson/Sync/coding/flow_analytics/open_source〉rails new pool_api --api Rails is not currently installed on this system. To get the latest version, ....
|
|
How to update Gatsby dependencies through major version upgrades
-
www.attejuvonen.fi
-
3 years ago
-
eng
I recently went through the pain of updating my Gatsby starters (including this blog) from Gatsby v2 to v4, which didn’t turn out to be as…
|
|
Today I figured out how to add a tab-bar to Emacs. I didn’t like having it in the mode-line: it gets duplicated for every window and my mode-line space is precious. In contrast, the right side of the tab-bar was always blank. I’ve just been using my OS’s clock, but I started using non-native fullscreen with Emacs, so I wanted a view of the clock again. Add this to your early-init.el or the like: ( add-to-list 'tab-bar-format 'tab-....
|
|
If you don’t use the Safari built in Reading List, you can move forward, or read it if you want to find a quick way to save web links from every app. I love the Safari Reading List, because it’s a simply and quick way to save a webpage, an app, an Amazon item, etc… and have it synced across all you Apple devices, to read later on bigger screen, or with more relax when there’s time. Indeed it’s my first item in the share sheet!
|
|
If you don’t use the Safari built in Reading List, you can move forward, or read it if you want to find a quick way to save web links from every app. I love the Safari Reading List, because it’s a simply and quick way to save a webpage, an app, an Amazon item, etc… and have it synced across all you Apple devices, to read later on bigger screen, or with more relax when there’s time. Indeed it’s my first item in the share sheet!
|
|
Today I figured out how to add a tab-bar to Emacs. I didn’t like having it in the mode-line: it gets duplicated for every window and my mode-line space is precious. In contrast, the right side of the tab-bar was always blank. I’ve just been using my OS’s clock, but I started using non-native fullscreen with Emacs, so I wanted a view of the clock again. Add this to your early-init.el or the like: ( add-to-list 'tab-bar-format 'tab-....
|
|
C++ has become a pivotal part of the modern day tech industry. As with any widely adopted or user based development, it’s important to ensure that elements of security have been integrated throughout the application. So, let’s look at some security tips to keep in mind when building with C++.
|
|
Snyk’s Chief Architect, Josh Stella, recently hosted a webinar about cloud security. During this talk, he discussed the missing story in every cloud breach: the tale of how, when, and where attackers operate in the cloud. He also revealed a methodology for securing cloud resources against modern cloud attacks.
|
|
How finishing what you start makes teams more productive and predictable
-
lucasfcosta.com
-
3 years ago
-
eng
Let's be honest. When you read this post's title, you thought it was obvious. Yet, most people don't follow this simple piece of advice. You know that too, and that's probably what led you here. Wha...
|
|
How finishing what you start makes teams more productive and predictable
-
lucasfcosta.com
-
3 years ago
-
eng
Let's be honest. When you read this post's title, you thought it was obvious. Yet, most people don't follow this simple piece of advice. You know that too, and that's probably what led you here. Wha...
|
|
The tears came uncontrollably after reading the last few pages of this heart-rending account of Paul Kalanithi’s life and legacy.…
|
|
A follow-up to the question whether we do REST wrong that provides examples of what constitutes a fully RESTful service.
|
|
And here I thought I knew full well what RESTful APIs had to look like. The constraint in my head was that individual resources (e.g. items in a database) should have their own URL and you used the HTTP verbs (GET, POST, DELETE, etc.) correctly. What was missing from that is the Hypermedia aspect, where each response defines the appropriate URLs for the possible next steps.
|
|
Discover essential strategies for securing your container images and infrastructure. This best practices guide explains why container security matters and outlines five key steps to increase developer security
|
|
Change point detection is a popular task in various disciplines. There are many algorithms that solve this problem. For example, in [[truong2020]], the authors presented a classification of different approaches and discussed 35 algorithms. However, not all the algorithms fit all the situations. In this post, we consider the problem of change point detection in time series based on software performance measurements obtained from a continu..
|
|
Change point detection is a popular task in various disciplines. There are many algorithms that solve this problem. For example, in [[truong2020]], the authors presented a classification of different approaches and discussed 35 algorithms. However, not all the algorithms fit all the situations. In this post, we consider the problem of change point detection in time series based on software performance measurements obtained from a continu..
|
|
Running Multiple Rails Apps Concurrently with Foreman and Procfile.dev
-
fuzzyblog.io
-
3 years ago
-
eng
Pizza courtesy of Pizza for Ukraine! Donate Now to Pizza for Ukraine As I've said, I build a lot of side projects and I really, really like the model of having: ALL MY APPS RUNNING CONCURRENTLY I may be a scattered, distracted developer trying to do too damn much but that's my damn right. And I have 64 gigs of RAM so why shouldn't I be this way. What I want is to be able to switch from app to app and make changes. This is ....
|
|
We’ve created this checklist of React security best practices to help you and your team find and fix security issues in your React applications.
|
|
Last week, I got a mail from PyPI, the Python package index. They informed me that one of my open source projects had been designated as ‘critical,’ and I was therefore required to enable two-factor authentication. If I didn’t oblige, I would soon lose the ability to add new releases or modify the project. The project in question was Cerberus . The ‘critical’ designation happens when a project has been in the top 1% of downloads over the..
|
|
I always like having at least two ways to visually express meaning: Code blocks should have a change in font, and have a border. Description lists should have a hanging indent, and have bold described-terms. Hyperlinks should have color, and an underline. For sentences: punctuation, and capitalization. It also makes initialisms less likely to be confused with the end of a sentence, e.g. this one.
|
|
Email shouldn't feel like a dark art, but to a lot of people it does. Everyone should have DMARC setup by this point, but they don't. Here's the first piece of a 3 part guide covering why it works and how to set it up.Since writing about how to reverse account takeovers last week I've decided to write a security series covering all the weird things I encountered back in 2012, when I accidentally ended up combating phishing and fraud for a y..
|
|
Over the last couple of months, I’ve been posting a series of videos about early PC gaming and programming on my YouTube Channel . It’s been quite a fun journey and I thought I might write a few words about it. I have a lot of nostalgia for early games, which makes sense since it was how I spent most of my free time in the 80’s and 90’s. Times were boring before the Internet :)
|
|
I’ve been messing with Git a little more recently, and a question about rebasing popped into my head:
|
|
Pizza courtesy of Pizza for Ukraine! Donate Now to Pizza for Ukraine As I've written, I'm acutely interested in using software written in Rust as my daily drivers. What I've seen so far is that programs written in Rust, based on an admittedly tiny sample, seem to be higher quality than programs not written in Rust. In this blog post, I'm going to talk about what I had to do to make NuShell be usable for myself under OSX Monterey. ....
|
I've thought for a while now that the Github contributions heatmap is a particularly uninteresting page. This thought popped into my head once more after reading a fantastic ebook on the fundamentals of Git , so armed with new confidence and knowledge of Git commits, I decided to fake
|