There has been some discussion recently about the bypassing of Little Snitch by the first datagram of a three-way TCP handshake. The facts: When a deny-rule for a domain is set in Little Snitch, and a TCP connection is made to that domain, a TCP SYN data packet is sent to the remote server. Although this packet does not carry any payload, it does include crucial information such as your IP address, as well as the sending and receiving port numbers.
Image processing plays a crucial role in numerous fields, ranging from computer vision and medical imaging to surveillance systems and photography. The implementation of image processing algorithms in programming languages like C has become increasingly important due to the need for efficient and optimized solutions especially on embedded devices where computing power is still limited.
Source: Modern Image Processing Algorithms Overview & Implementation in C/C++.
There’s been quite a lot of discussion lately about whether or not to use an ORM. As someone who’s been both proponent and opponent of the use of ORM’s over the years, I figured I’d write a blog post about my current opinion on the matter (which may change again a couple of times in the future ;-)).
Source: ORM - data model vs domain model, an article by Gert Goeman.
So I almost fell out of my seat yesterday when I caught wind of the announcement that CSS nesting has landed in actual browsers and if you want to play around with them then you can do that in the latest version of Safari Technology Preview. This means it’s half a step away from landing in real browsers very soon.
Source: CSS Nesting, an article by Robin Rendle.
This guide shares strategies and tactics for getting better results from GPTs. The methods described here can sometimes be deployed in combination for greater effect. We encourage experimentation to find the methods that work best for you.
Source: GPT best practices.
Telnet, the protocol and the command line tool, were how system administrators used to log into remote servers. However, due to the fact that there is no encryption all communication, including passwords, are sent in plaintext meant that Telnet was abandoned in favour of SSH almost as soon as SSH was created.
For the purposes of logging into a remote server, you should never, and probably have never considered it. This does not mean that the
telnetcommand is not a very useful tool when used for debugging remote connection problems.In this guide, we will explore using
telnetto answer the all too common question, “Why can’t I ###### connect‽”.
Source: Why You Should Still Love Telnet, an article by Elliot Cooper.
You might expect that implementing a VMM more or less requires use of a systems language such as C or Rust. Interestingly, this turns out not to be the case. In actuality, the KVM API turns out to be simple enough to use that it is entirely feasible to write a VMM for Linux in Python.
Source: Writing a KVM hypervisor VMM in Python, an article by Hugo Landau.
I want to introduce the new (soft) keyword
struct(the name was chosen by my wife, Andrea, as more understandable thandataonce you explainstructis short forstructureand how it's used in other programming languages). You would be able to follow the keyword with the name of the struct class. The parentheses after the name would contain the positional-or-keyword and/or keyword-only parameters the constructor would accept. Each parameter name would directly map to an attribute name for which the parameter would be saved to. Because of this mapping of parameter name to attribute name, no positional-only parameters are allowed (the only deviation from function declearation syntax).
Source: Proposing a struct syntax for Python, an article by Brett Cannon.
This PEP specifies an improved syntax for specifying type parameters within a generic class, function, or type alias. It also introduces a new statement for declaring type aliases.
Source: PEP 695 – Type Parameter Syntax, an article by Eric Traut.
At the beginning of the evening I finished Lords of Uncreation, The Final Architecture Book 3 by Adrian Tchaikovsky. An action packed page turner and a good conclusion to the Final Architecture trilogy.
After moving his family back to his hometown to be with his friends and their kids, Lenny finds out that between old bullies, new bullies, schizo bus drivers, drunk cops on skis, and four hundred costumed party crashers sometimes crazy follows you.
In the evening Esme and I watched Grown Ups 2. I liked the movie less than the previous one so I give it a 6 out of 10.
THE HUNT IS ON AND THE POLICE ARE RUNNING OUT OF TIME. Two young women are missing, their only connection a party they both attended, hosted by a notorious real-estate magnate. When one of the women is found murdered, the police discover an unusual signature left by the killer, giving them reason to suspect he will strike again.
THEY'RE FACING A KILLER UNLIKE ANY OTHER. And exposing him calls for a detective like no other. But the legendary Harry Hole is gone—fired from the force, drinking himself to oblivion in Los Angeles. It seems that nothing can entice him back to Oslo. Until the woman who saved Harry's life is put in grave danger, and he has no choice but to return to the city that haunts him and track down the murderer.
CATCHING HIM WILL PUSH HARRY TO THE LIMIT. He'll need to bring together a misfit team of former operatives to accomplish what he can't do alone: stop an unstoppable killer. But as the evidence mounts, it becomes clear that there is more to this case than meets the eye...
In the evening I started in Killing Moon, a Harry Hole Novel (13) by Jo Nesbø.
NixOS is a Linux distribution configured using Nix. It is declarative, meaning that the entire system state can be defined in a single
.nixfile; and reproducible, meaning you can have multiple computers set up identically.
Source: NixOS for the Impatient, an article by Fernando Borretti.
Once you ship your software, most of your end users will be better served by replacing the stack trace with some actionable error message in case of a crash.
Choosing good test cases for our Go programs can be a bit hit-and-miss. Sometimes we get lucky and find an input that causes incorrect behaviour, or even a crash, but in general, picking inputs at random isn’t a good way to find bugs.
Or is it? What if we leaned into that idea a little and used a lot of different inputs? Say, a million, or even a billion. With that many inputs, our chances of finding the one weird value that triggers a problem start to look pretty good.
Source: Random testing in Go, an article by John Arundel.
After their high school basketball coach passes away, five good friends and former teammates reunite for a Fourth of July holiday weekend.
In the evening Alice and I watched Grown Ups. I had seen the movie before. I liked it and give it a 7 out of 10.
The Rust team is happy to announce a new version of Rust, 1.70.0. Rust is a programming language empowering everyone to build reliable and efficient software.
Source: Announcing Rust 1.70.0.
The news today is that SQL:2023, the new version of the SQL standard, has been published by ISO.
Source: SQL:2023 is out, an article by Peter Eisentraut.
I was watching this amazing lightning talk by Karla Burnett and wanted to understand how
tracerouteworks in UNIX. Traceroute is a tool that shows the route of a network packet from your computer to another computer on the internet. It also tells you how long it takes for the packet to reach each stop along the way.
Source: Implementing a simple traceroute clone in Python, an article by Redowan Delowar.
Hey everyone, we are Ryan Lahfa and Martin Weinelt, the release managers for this stable release and we are very proud to announce the public availability of NixOS 23.05 “Stoat”.
Source: NixOS 23.05 released, an article by Ryan Lahfa and Martin Weinelt.
A lot of basic, important information about transformer language models can be computed quite simply. Unfortunately, the equations for this are not widely known in the NLP community. The purpose of this document is to collect these equations along with related knowledge about where they come from and why they matter.
Source: Transformer Math 101, an article by Quentin Anthony, Stella Biderman, and Hailey Schoelkopf.
With more than 9 billion gigabytes of information traveling the internet every day, researchers are constantly looking for new ways to compress data into smaller packages. Cutting-edge techniques focus on lossy approaches, which achieve compression by intentionally “losing” information from a transmission. Google, for instance, recently unveiled a lossy strategy where the sending computer drops details from an image and the receiving computer uses artificial intelligence to guess the missing parts. Even Netflix uses a lossy approach, downgrading video quality whenever the company detects that a user is watching on a low-resolution device.
Very little research, by contrast, is currently being pursued on lossless strategies, where transmissions are made smaller, but no substance is sacrificed. The reason? Lossless approaches are already remarkably efficient. They power everything from the PNG image standard to the ubiquitous software utility PKZip. And it’s all because of a graduate student who was simply looking for a way out of a tough final exam.
Source: How Lossless Data Compression Works, an article by Elliot Lichtman.
That gives me an idea: I can't change the hostname from a container because of limited capabilities. But I could totally launch a new process in the same namespace, and this new process would have no capability limits—so it could change the hostname. And that change would be shared with the container! Let's try it!
Source: Changing Docker hostnames—with namespaces!, an article by Dave Vasilevsky.
What I’ve since realized is that JavaScript reuses its full-power Objects for many non-OO purposes, most of which are much simpler. I’ve used JS objects for roughly 4 things:
- Grouping variables
- Namespacing
- Typed-ish data
- Actual full-power Objects
Source: I think I finally “get” JS objects, an article by Taylor Hunt.
You may have heard there are new, modern standards in Python packaging (
pyproject.toml!) that have been adopted over the last few years. There are now several popular and shiny modern tools for managing your packaging projects. (Poetry! Hatch! PDM!) However, the documentation is scattered and much of it is specific to these competing tools. What are the recommended best practices when creating a Python package? What is the minimal amount that you need to do in order to follow the best practices?
Source: The Basics of Python Packaging in Early 2023, an article by Jay Qi.
The tragic and controversial story of Cameron Todd Willingham, who was sentenced to death in Texas for killing his three children even after scientific evidence and expert testimony bolstered his claims of innocence.
In the evening I watched Trial by Fire. I liked the movie and give it a 7 out of 10.
Overall, there was agreement that the original motivations for a large, “batteries-included” standard library no longer held up to scrutiny. “In the good old days,” Ned Deily reminisced, “We said ‘batteries-included’ because we didn’t have a good story for third-party installation.” But in 2023, installing third-party packages from PyPI is much easier.
Source: The Python Language Summit 2023: What is the Standard Library for?, an article by Alex Waygood.
This blog post is about benchmarking Caddy against Nginx and their respective performance metrics as reverse proxies. Be forewarned: I was very thorough and there are tons of graphs and tables in here. I didn’t want to make any mistakes! Nobody is allowed to make mistakes on the Internet.
Source: 35 Million Hot Dogs: Benchmarking Caddy vs. Nginx, an article by Tyler Langlois.
In this blog post, I will guide you through the steps of adding security headers using Cloudflare, making the process much simpler and hassle-free, without even touching a single line of code on your web server.
Source: How to Add Security Headers Using Cloudflare, an article by Algustionesa Yoshi.
What I've come to realize, though, is that anyone can write code that seems complicated. The hard thing is solving complex problems with simple code. If you can develop that skill, nobody will ever doubt your abilities.
Source: Clever Code Considered Harmful, an article by Joshua Comeau.
Media queries are a CSS language feature which allow an author to conditionally apply CSS rules according to characteristics of the device or window in which an application is being viewed. Most commonly, these might be according to the viewport width allowing CSS authors to create components and layouts that are responsive to the size of the window or device that they are being viewed in. But this may also extend to whether a user prefers light or dark mode, or even a user's accessibility preferences, plus many more properties.
Source: Everything You Want To Know About Media Queries and Responsive Design, an article by Nathan Hardy.
Over the years, I've observed modern password hashing algorithms significantly reduce the effectiveness of brute-force password guessing. However, password stuffing attacks—where attackers use previously leaked credentials to gain unauthorized access—continue to be a persistent threat. On the other hand, the advent of multi-factor authentication (MFA) has shifted the focus to protecting user accounts through additional layers of verification, making passwords less critical to security.
Source: Bcrypt at 25: A Retrospective on Password Security, an article by Niels Provos.
CSS mix blend modes provide an easy, yet powerful way to create visually interesting designs.
Source: Mastering CSS Blend Modes.
We’ve just uploaded mypy 1.3 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes.
Source: Mypy 1.3 Released an article by Wesley Collin Wright.
I don’t like Bash. It’s just too confusing. Do I need to use double brackets for this? Do I need to quote this? Am I still writing Bash or am I sprinkling in some bits of sh? I can never remember.
Source: Writing shell scripts in Nushell, an article by Jiri Pospisil.
Emacs 29 introduces tree-sitter support, a powerful parsing library that enhances its understanding of source code. With this integration, Emacs gains features like precise syntax highlighting, accurate indentation and easier extensibility. Here's how you install and configure Emacs with tree-sitter support.
Source: How to Get Started with Tree-Sitter, an article by Mickey Petersen.
On our way to the shopping mall in Naaldwijk I spotted a duck. When I walked into the duck's direction I noticed that she had six small ducklings, so I took the photo below.
I like using Makefiles. They work great both as simple task runners as well as build systems for medium-size projects.
Source: Makefile tricks for Python projects, an article by Ricardo Ander-Egg Aguilar.
This is a story about the journey we’ve been on at HUMAN Security to find the best project structure for Go, what decisions we’ve made based on our exploration, and the conclusions we’ve drawn. We’ve created an open-source template repository for the final structure, and a branch containing a tiny example project alongside. To use this template, fork the repository or use it as a template.
Source: Finding The Best Go Project Structure - Part 1, an article by Aviv Carmi.
John Wick uncovers a path to defeating The High Table. But before he can earn his freedom, Wick must face off against a new enemy with powerful alliances across the globe and forces that turn old friends into foes.
In the evening I watched John Wick: Chapter 4. At first, Esme was watching as well. But she was very tired so she fell asleep a few times during the movie. Alice was making "Hello, Kitty" cookies and also watched parts.
The movie was a lot, and I mean a lot, of killing. At times it looked (probably on purpose) like a computer game. I didn't like the movie much and give it a 6 out of 10. Of the recent carnage movies I liked Sisu more.
Like M. Fielder's and M. Hunter's 1986 book, one can find many instances in books, on the World Wide Web, in tutorials, and even on manual pages, of abusing su for dropping superuser privileges and running programs with ordinary user privileges — in
cronjobs,/etc/rcscripts,init.dscripts, and even from/etc/inittab. They are all wrong.Don't abuse
sufor this purpose. It has never in fact been the function ofsu, and for the past two decades people have been triggering errors with this abusage. Over the past decade or so, as of 2014, this error has gradually become more and more blatant, going from a few ignorable warning messages in obscure log files to systems that fail to function, but it has in fact been there all of this time.
Source: Don't abuse su for dropping user privileges, an article by Jonathan de Boyne Pollard.
In March, IPinfo began offering a free, file-based country-level dataset download for IPv4 and IPv6 addresses. This file is the result of over 900 TB of data on BigQuery being synthesized down into a file a few MB in size. The downloads are refreshed daily so changes in IPv4 locations and ownership can be seen with 24-hour granularity.
In this blog post, I'll walk through downloading this dataset as well as looking at some interesting IP address space analysis that it can be used for.
Source: IPinfo's Free IP Address Location Database, an article by Mark Litwintschik.
Today, as part of that long term effort to secure the Python ecosystem, we are announcing that every account that maintains any project or organization on PyPI will be required to enable 2FA on their account by the end of 2023.
Source: Securing PyPI accounts via Two-Factor Authentication, an article by Donald Stufft.
Renfield, Dracula's henchman and inmate at the lunatic asylum for decades, longs for a life away from the Count, his various demands, and all of the bloodshed that comes with them.
In the evening Alice, Adam, and I watched Renfield. I liked the movie and give it a 7 out of 10.
I previously wrote about starting a Go project in 2018. A lot has changed since I wrote that and I had been wanting to write an updated version. What follows should be enough for anyone new to Go to get started and ideally start them being productive.
Source: How to start a Go project in 2023, an article by Ben E. C. Boyter.
In this article, you will learn how to add a backdoor to the SSH Public Key. The backdoor will execute whenever the user logs in. The backdoor hides as an unreadable long hex-string inside
~/.ssh/authorized_keysor~/.ssh/id_*.pub.
Popovers are everywhere on the web. You can see them in menus, toggletips, and dialogs, which could manifest as account settings, disclosure widgets, and product card previews. Despite how prevalent these components are, building them in browsers is still surprisingly cumbersome. You need to add scripting to manage focus, open and close states, accessible hooks into the components, keyboard bindings to enter and exit the experience, and that’s all even before you start building the useful, unique, core functionality of your popover.
To resolve this, a new set of declarative HTML APIs for building popovers is coming to browsers, starting with the
popoverAPI in Chromium 114.
Source: Introducing the popover API, an article by Una Kravets.
In the evening I found out that when saving an encrypted text file
from Aquamacs that the program became unresponsive until I pressed
C-g. After some Googling I learned that downgrading GNU Privacy
Guard to version 2.4.0 fixed this issue. I wrote about how to do
this with Mac Ports.
A month ago I blogged about ways to reduce strenuous key presses in my Emacs use. I analyzed my runs of chords in Emacs, then speculated on the merits of exclusive vs mixed editing. Since then I wrote an Emacs mode called god-mode. It’s a mode that you toggle in and out of, and when you’re in it, all keys are implicitly prefixed with
C-(among other helpful shortcuts). Over all, it’s been a resounding success. A couple other people, including the author of multiple mark mode, contributed some patches. I’ve been using it for a month and have been very satisfied.
Source: God-mode for Emacs, an article by Chris Done.
Then Brad Westfall reminded me of a Sass feature that, while small, is probably the one I miss the most every single time I write vanilla CSS: single line
//comments.
Source: Single Line Comments in CSS, an article by Jim Nielsen.
Before you can process your data with Pandas, you need to load it (from disk or remote storage). There are plenty of data formats supported by Pandas, from CSV, to JSON, to Parquet, and many others as well.
Which should you use?
- You don’t want loading the data to be slow, or use lots of memory: that’s pure overhead. Ideally you’d want a file format that’s fast, efficient, small, and broadly supported.
- You also want to make sure the loaded data has all the right types: numeric types, datetimes, and so on. Some data formats do a better job at this than others.
While there is no one true answer that works for everyone, this article will try to help you narrow down the field and make an informed decision.
Source: Choosing a good file format for Pandas, an article by Itamar Turner-Trauring.