Hi everyone, Welcome to issue #164. This week we got some hard lession from Capital One Breach that results in $80 million fine. We include some links to the tools that might help to prevent that.
FusionAuth provides authentication, authorization, and user management for any app: deploy anywhere, integrate with anything, in minutes. Download and install FusionAuth today and we’ll send you a FREE t-shirt!
Security engineering is the discipline of building secure systems. Its lessons are not just applicable to computer security. In fact, in this repo, I aim to document a process for securing anything, whether it’s a medieval castle, an art museum, or a computer network
It’s Twitter thread so a bit hard to read but worth it. The cause is due to an AWS IAM policy s3:GetObject to * resource. IAM is trial and error, you run your app, see if it works and need what permission and grant it. Sometime you feel frustrated and just quickly do a * and there we go. $80 million fine. What can we do about it? This thread give some tips and guide line to improve security when working with IAM. Some tools such as police sentry to review IAM, or Netflix’s repokid to automatically revoking unused IAM permission.
quay.io is a docker registry and went down on May 19th. The root cause is a storm of tens of thousands of database connection that locking MySQL instance. Reading these post motern help level up your debugging skill because it’s the hard lesson from these teams.
This link is a PDF on dropbox so it can be a bit hard to read online or on mobile. It outlines how facebook leverage the end-to-end networking infrastructure to prevent or mask any disruptions in face of releases.
This project won first place in JS1024. It made use of Web Audio API to make a piano all in 1024 bytes. We will go over every single line of code together with tips and tricks to achieve that.
It’s very important to get this right now in Node 14. here are now two kinds of scripts: there are old-style CommonJS (CJS) scripts and new-style ESM scripts (aka MJS). CJS scripts use require() and exports; ESM scripts use import and export. ESM and CJS are completely different animals.
Imagine assigning some value to a variable, reading it back immediately after, and finding out that somehow the write had no effect at all - madness! Whether an update becomes visible sooner rather than later depends on the guarantees offered by the database.
Title says it all. COVID-19 increase demand for video chat system. And video streaming require bandwidth and cpu/gpu to decode data from camera stream.
Compare two tables in great way to verify something like ETL job, backup, replication. The normal method is table1 - table2 union table2 - table1 but that fetch each tables 2 times? How can we do that with a single fetch per table?
Have feel frustrated because you have a SSH session that disconnect/timeout somehow when returning to your laptop? Most of the time I ended up just close my terminal. But it has a way to do that properly. Basically, to force terminate a frozen SSH session, press ~ then .. Note that when press ~ nothing will show up on terminal though.
A Library to Make Elements Easier to Manipulate: drag, drop, resize, pinch, roundable etc.
JavaScripta gem that allows the records of a Ruby on Rails ActiveRecord model to be organised as a tree structure (or hierarchy)
RubyA cool project where it implement MySQL protocol and syntax so we can use it to parse SQL and executes queries on your own data sources. A simple in-memory database and table impelemtation are provided. If you works with thing like SphinxSearch, you know you can leverage these kind of library to basically avoid writing client since you can just use the normal mysql client.
A talk between Gitlab CEO and Kelsey Hightower of K8S legendary to discuss about Kubernetes, Serverless and computing.
an open-source container runtime (aka runc), originally developed by Nestybox, that enables Docker containers to act as virtual servers capable of running software such as Systemd, Docker, and Kubernetes in them, easily and with proper isolation
IAM Least Privilege Policy Generator.
an AWS IAM linting library. It reviews policies looking for problems such as: malformed json, bad polici patterns
Set up your script and run it and the tool determines the minimum set of permissions needed for future runs. You lock that permission set in for future runs. Netflix has a companion post
Icon that you can use however you want, without attribution
A simple terminal UI for both docker and docker-compose, written in Go with the gocui library.
Daemon for monitoring and adaptive tuning of system devices.
a tool for exploring and publishing data. It helps people take data of any shape or size and publish that as an interactive, explorable website and accompanying API.
BetterDev Link
Every Monday