I'm a security engineer and I still almost got scammed | Robert Heaton I was in the park with my son and his best friend. I saw 2 missed calls from a number I didn’t recognise. I Googled it - it was my bank. I told the other adults that I should call back in case it was important.
ADVICE to my younger self as a Software Developer What advice would I give a software developer? Software development, design, and architecture can feel overwhelming. Especially when you're just trying to
Handling concurrency attacks in laravel A harsh truth many developers do not realize early is that for every application you move to production, there are people who only seek ways to exploit your product for their own benefit.This consciousness is one that is required in building truly se...
🚫 Top 10 mistakes selling to SMB owners like me I own ~50 restaurants, have sat through hundreds of pitches, and have spent millions on new software and hardware solutions. Here are the biggest mistakes I see over and over again.
Time safety is more important than memory safety published: Sunday 25 August 2019 modified: Thursday 13 February 2020 author: Hales markup: textile
CVE-2022-21449: Psychic Signatures in Java The long-running BBC sci-fi show Doctor Who has a recurring plot device where the Doctor manages to get out of trouble by showing an identity card which is actually completely blank. Of course, thi…
Projects - Josh Pigford I've worked on an absurd number of things in the past. This is a database of all 62 of those things!
On Removing Let and Let Mut We're going to commit a cardinal sin today and talk about syntax design! 0
The Ethereum Merge Since a few years, the Ethereum Foundation and Community are working on a massive upgrade of the Ethereum protocol, that will switch Proof of Work consensus to Proof of Stake and introduce Sharding to scale the Ethereum chain. One of the step of this upgr...
The Cliffs of Inanity A year or so ago I was asked to debug a crash in the Firefox devtools. Crashes are easy! I fired up gdb and reproduced the crash… which turned out to be in some code JITted by SpiderMonkey. I was immediately lost; even a simple bt did not work. Someon...
Changing std::sort at Google’s Scale and Beyond TL;DR; We are changing std::sort in LLVM’s libcxx. That’s a long story of what it took us to get there and all possible consequences, bugs you might encounter with examples from open so…
Rust YJIT by XrXr · Pull Request #5826 · ruby/ruby In December 2021, we opened an issue to solicit feedback regarding the porting of the YJIT codebase from C99 to Rust. There were some reservations, but this project was given the go ahead by Ruby c...
Azure Container Apps Microsoft recently announced Azure Container Apps in Preview – a new serverless container platform. The idea behind this offering is to run your microservices style applications without needing to focus on the infrastructure and is built on top of industr...
Add MapGroup by halter73 · Pull Request #41265 · dotnet/aspnetcore This PR add a new MapGroup() extension method to IEndpointRouteBuilder. This returns a new builder for defining groups of endpoints with a common prefix that implements both the IEndpointRouteBuild...
How to build remote teams properly - Founders Guide Series So I've been thinking about this topic quite a lot these past few months and ended up writing the thoughts down. These are basically my highly opinionated notes on #remote #teams.
The Catch Block #102 - Microsoft Preview-palooza! Microsoft releases a bunch of previews! Plus: ASP.NET Core interview questions and answers, an AutoMapper programming horror, and is there a good computer job?
Introducing a New Way to Search Your Code and Visual Studio Features All developers search within their code, in one way or another. Some might use code search to explore their code and understand how some components work; others might use code search to get to a very specific location they have in mind.
Production postmortem: Misleading security and other production snafus A typical production postmortem story is a tale of daring dives deep into the guts of your system. It is a journey into the intricacies of dependencies betwe...
SPAs in ASP.NET Core - Another Attempt After discussing this topic with a client, I realized that my old method of hosting SPAs in ASP.NET Core didn't handle resources correctly, so I dug in and came up with **yet another** technique. This one is the simpliest and the least intrusive and work...
JSON Deserialization to a POCO Class in C# - Code Maze In this article, we will learn how to execute JSON deserialization to a POCO class in C# with two different libraries.
Planting Undetectable Backdoors in Machine Learning Models Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier. On the sur...
The absurd complexity of server-side rendering The absurd complexity of server-side rendering. GitHub Gist: instantly share code, notes, and snippets.
WebAssembly Core Specification This section describes the status of this document at the time of its publication. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w...
After 5 years, I'm out of the serverless compute cult I have been using serverless computing and storage for nearly five years and I'm finally tired of it....
Implement Azure AD Continuous Access Evaluation in an ASP.NET Core Razor Page app using a Web API This article shows how Azure AD continuous access evaluation (CAE) can be used in an ASP.NET Core UI application to force MFA when using an administrator API from a separate ASP.NET Core applicatio…
Police Interrogations: Last Week Tonight with John Oliver (HBO) John Oliver discusses the tactics that can make police interrogations so damaging, particularly for the innocent, and why he’s more of a Lorelai than a Rory....
Monsters Weekly 247 - HTML Template Element We don’t always need a framework like React/Vue/Angular to add interactive behaviour to our web pages. The browser provides some handy features that can make it easy to add simple interactions. One ex
ASP.NET Core Interview Questions and Answers A set of hypothetical questions to ask during an ASP.NET Core developer position
Modeling Relationships in a DDD Way Let’s talk about modeling of relationships, including the dreaded many-to-many relationships, in a DDD way.
A Simple CORS Example with a .NET 6 Web API Application and a .NET 6 Web Application | no dogma blog Every couple of years I have to solve a CORS error with some API I've written, each time I have to figure it all out again. This is a blog to my future self with the answers.
The List monad Lists, collections, deterministic Iterators form a monad. An article for object-oriented programmers.
Emacs Configuration Generator Some people claim that Emacs is difficult to start with. The main problem is probably the chicken-and-egg situation: To make the most use of Emacs, you probably need to understand Emacs (Lisp), but to grok Emacs Lisp you pretty much neeed to understand t...
Simulate your Financial Future. Plan for Financial Independence. Plan, model and simulate your personal finances with ProjectionLab. Free planning and projection tools that will never ask to link your financial accounts. Define and prioritize goals, compare outcomes between plans, and chart your own course towards towa...
Netlify Edge Functions: Serverless Compute Powered by Deno Build fast, personalized web experiences with Netlify Edge Functions: a serverless runtime built for on Deno, and compatible with your favorite JavaScript frameworks.
Step-by-step guide to modern, secure and Open-source CI setup Step-by-step guide how to easily setup modern, secure, open-source based build pipeline using Woodpecker CI, Drone, Cloudflare
GitHub - FrameworkComputer/Mainboard: Documentation for the Mainboard in the Framework Laptop Documentation for the Mainboard in the Framework Laptop - GitHub - FrameworkComputer/Mainboard: Documentation for the Mainboard in the Framework Laptop
AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation We identified severe security issues within AWS Log4Shell hot patch solutions. We provide a root cause analysis and overview of fixes and mitigations.
What CTOs Say vs. What Their Developers Hear w/ DataStax’s Shankar Ramaswamy Anyone who’s been in a rapidly scaling company with an ever-expanding engineering team knows that communication is never as simple as it…