Hi everyone, Welcome to issue #151.
This week sponsor is programmingdigest.net, they are a weekly newsletter just like BetterDev but emphasizing on delivering five links per week. Check them out. Sponsor helps to keep this newsletter going. Thanks to ProgrammingDigest.
No need to introduce about OWASP. They are all about Web Security. They also have a PDF version, available on Github which you can download and read on your kindle.
Cloud providers generally do not disclose to customers how much energy their services consume. To make up for this lack of data, Etsy created a set of conversion factors called Cloud Jewels to help us roughly convert our cloud usage information (like Google Cloud usage data) into approximate energy used.
for database administrators and system developers. Learn about Write Ahead Log, VACUUM processing, and Point In Time Recovery.
This document describes best current security practice for OAuth 2.0. It updates and extends the OAuth 2.0 Security Threat Model to incorporate practical experiences gathered since OAuth 2.0 was published and covers new threats relevant due to the broader application of OAuth 2.0.
This repository consisted of learning the concepts required to write scene descriptions for POV-Ray, and writing a new scene each day for 25 day. Very useful if you want to know about how thing are rendered in game engine etc
and the crucial role it plays in modern operating systems.
Why 0.1 * 3 is 0.30000000000000004. We understand that this is due to the fact that floating point numbers, stored with only 64 bits of precision, cannot represent the entire real number line. The moral of the story is, never use a floating point number to represent money.
An SQL injection bug in an ORDER BY clause came up in a recent engagement, which lead to an interesting rabbit hole regarding exploiting SQLi against a PostgreSQL database. This post details some of that adventure. We’ll look at some useful Postgres functions to make exploiting SQLi easier, some interesting file read/write primitives and a path to command execution as the DB user. I’ve included some sample vulnerable code for those of you that want to try this stuff out first hand.
A books about technical aspect of DOOM. All the way from hardware to software, 2D/3D renderer, memory management, file system, sound etc. An amazing books I would say, about the history, game, technoligies.
Normal stack: Nginx, fluentd, apache flune to process log. Yet, once upgrading from k8s 1.14.4 to 1.64.4, fluentd cannot process log fast enough and buffering the log. They used BPF tools from BCC project: BCC CPU Profiler generate kernel stack trace, they compare and see different and was able to figured out a bug in k8s issue with repeated ebtables rule.
Ever wondered how performance scales with number of disks? RAID1, RAID5, RAID6,… Read on, friend.
You run a script? You edit some line of it? And suprise the new change you just save somehow got run as well.
A blazing fast 100% spec compliant, self-hosted javascript parser written in Typescript
TypeScriptJavaScriptA web-based SVG animation tool using real-time TF.js models Takes a 2D vector illustration and animates its containing curves in real-time based on the recognition result from PoseNet and FaceMesh.
JavaScriptMachine LearningA Facebook AI Research’s next generation software system that implements state-of-the-art object detection algorithms. It is a ground-up rewrite of the previous version
PythonA virtual filesystem for speeding up the performance of source control checkouts by Facebook. It has 3 components: cli, server and EdenFS(A virtual file system). Code is Python, Rust, C++, C. Oh my. You gotta read this code
PythonRustC++CReed-Solomon Erasure Coding in Go, with speeds exceeding 1GB/s/cpu core implemented in pure Go.
GoModern encryption for Rails. Useful if you want to learn more about AES-GCM, and padding
RubyFunctional programming tools for the shell
Free Desktop book-keeping software for small-businesses and freelancers.
💎 Web debugging proxy with one-click on Windows/macOS
a PostgreSQL log analyzer built for speed with fully detailed reports and professional rendering. It outperform any other PostgreSQL log analyzer.
Favicon service written in Go. Basically give you an API to find favicon of any website.
a seamless ssh-agent for YubiKeys
a bare metal provisioning engine. It’s built and maintained by the team at Packet. It has: DHCP and iPXE Server, Meta Data Service, Workflow Engine, In-Memory Environment.
an open-source database schema migration tool that converts a schema definition into migration scripts that can be applied in any environment.
BetterDev Link
Every Monday