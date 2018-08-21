today's leftovers Swap Detector: Open source tool for detecting API usage errors GrammaTech has released Swap Detector, an open source tool that enables developers and DevOps teams to identify errors due to swapped function arguments, which can also be present in deployed code. [...] Modern software development involves the use of third-party APIs, libraries, and/or frameworks that are complex, rapidly evolving, and sometimes poorly documented. According to industry estimates, open source components can represent up to 90% of the code in the average application. Meanwhile, API usage errors are a common source of security and reliability vulnerabilities. “Traditional static-analysis techniques do not take advantage of the vast wealth of information on what represents error-free coding practices available in the open-source domain,” says Alexey Loginov, VP of Research at GrammaTech. “With Swap Detector we applied Big Data analysis techniques, what we call Big Code analysis, to the Fedora RPM open-source repository to baseline correct API usage. This allowed us to develop error-detection capabilities that far exceed the scalability and accuracy of conventional approaches to program analysis.”

Challenges, priorities, and progress in anti-censorship technology at Tor This blog post seeks to bring clarity to the modus operandi of the Tor Project in the anti-censorship space by providing a summary of the challenges we face, the priorities we focus on, and the progress we have made so far related to our circumvention technology. Censorship circumvention is a complex and ever evolving problem, and this blog post summarizes our approach in tackling it. Please feel free to ask any related question in the comments. Thanks to hanneloresx's translation, you can find a Chinese version of this blog post below. [...] Some Internet Service Providers (ISP) block the domain www.torproject.org, making it difficult for their users to download a copy of Tor Browser. Our service GetTor can help these users get Tor Browser despite this: simply send an email to gettor@torproject.org, which will automatically respond with alternative download links for Tor Browser. These download links point to GitHub, GitLab, the Internet Archive, and Google Drive. At least one of these hosting providers should be accessible to each of our users. For example, users from China can download Tor Browser from our GitHub mirror. Once you have your copy of Tor Browser, you are ready to connect to the Tor network. Unfortunately, some ISPs interfere yet again, aided by technology that either blocks the IP addresses of Tor relays and/or detects the Tor protocol dynamically, by inspecting network traffic that passes the ISP's perimeter—so-called deep packet inspection (DPI). If you are unable to directly connect to the Tor network, you need to use bridges. Bridges are unlisted Tor relays and, depending on the bridge type, can obfuscate network traffic in a way that's more difficult for ISPs to detect. The simplest method of censorship circumvention in Tor Browser is to use our default bridges—a set of a dozen bridges that are part of Tor Browser. These bridges are essentially public, which is why more effective censorship systems such as China's Great Firewall (GFW) block them, but they are still effective in many places like Iran. Take a look at our Tor Browser manual to learn how to enable default bridges.

Apple Forces WordPress App to Sell Wordpress.com Plans

Finland’s Covid-19 trace app published as open source On Tuesday, Finland’s Koronavilkku Covid-19 track and trace application was published as an open source solution under the European Union Public Licence (EUPL). The Koronavilkku software is being developed by the Finnish Institute for Health and Welfare (Terveyden ja hyvinvoinnin laitos, or THL), together with a handful of the country’s software development firms.

Why NUKEMAP isn’t on Google Maps anymore But most of all: today there are perfectly viable alternatives. Which is why I don’t understand their pricing model change, except in terms of, “they’ve decided to abandon small developers completely.” After a little scouting around, I decided that MapBox completely fit the bill (and whose rates are more like what Google used to charge), and that Leaflet, an open-source Javascript library, could make for a very easy conversion. It took a little work to make the conversion, because Leaflet out of the box doesn’t support the drawing of great circles, but I wrote a plugin that does it.

Linux users are having problem accessing HBO Max from their phones. This problem is for generic Linux PC and not for the dedicated Linux based streaming hardware as many of the users said that HBO is working fine on Roku. Many of the users reported that the app suddenly stops working a couple of weeks ago and it is not accessible on any browsing platform. They are getting the error message we are trouble playing this video please try again later when they tried to play a video on this streaming platform. Protecting HBO’s content HBO Max said that the root cause is the Widevine DRM which is attempting to protect the content on HBO. HBO said that its movies and series are being pirated and they did not want it to happen again.

[Old] Unbricking a $2,000 Bike With a $10 Raspberry Pi The rest of the post is a walk-through of my experience writing some code that enables the Flywheel Home Bike to work with Zwift and other training apps. It likely also works for the LifeFitness IC5 and support for other bikes should be easy to add. The finished program is called Gymnasticon and the code is open-source on GitHub.

Microsoft to remove insecure TLS support on its Linux Software Repository [Ed: As if Microsoft gives a damn about security; it literally gives the NSA back door access into everything] Microsoft is discontinuing support for the insecure TLS 1.0 and TLS 1.1 protocols on its Linux Software Repository starting with September 24, 2020. TLS is a secure protocol used for encrypting the communication channels between sits and web browsers, with the original TLS 1.0 specification and its TLS 1.1 successor having been in use for roughly the last 20 years. Microsoft's Linux Software Repository hosts a wide range of software products for Linux systems built and supported by the company. These products are available for download from packages.microsoft.com via standard YUM and APT package repositories.

Audiocasts/Shows: Mike Dominick, LHS, Python Shows and More Interview from Episode #34 of The Mike Dominick Show (Audio Only) I had a chance to sit down and chat with Mike Dominick recently, on August 25th 2020. We spoke about some of my current projects, and our views on some of the recent happenings in the industry lately. Topics include writing, the industry's move to ARM, the Linux community in general, and more.

LHS Episode #364: The Weekender LV It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

The Real Python Podcast – Episode #24: Options for Packaging Your Python Application: Wheels, Docker, and More Have you wondered, how should I package my Python code? You've written the application, but now you need to distribute it to the machines it's intended to run on. It depends on what the code is, the libraries it depends on, and with whom do you want to share it. This week on the show we have Itamar Turner-Trauring, creator of the website pythonspeed.com. We discuss his article "Options for Packaging Your Python Code: Wheels, Conda, Docker, and More," covering the how of sharing your code.

Python Bytes: #196 Version your SQL schemas with git + automatically migrate them

Are My Linux Videos Too Long? They Might Be A lot of the videos I make are Linux software showcases but I've had a few people mention that some of my videos might be a bit too long so I thought I'd explain why my videos end up being as long as they are and how I'm slowly stripping down the videos as I improve upon my style.