today's howtos

• My pragmatic sysadmin view on subdomains and DNS zones

  This question is interesting to me because I had a completely different view of it than Julia Evans did. For me, NS and SOA DNS records are secondary things when thinking about subdomains, down at the level of the mechanical plumbing that you sometimes need. This may surprise people, so let me provide a quite vivid local example of why I say that.

• An Exploration of JSON Interoperability Vulnerabilities

  JSON is the backbone of web application communications. The simplicity of JSON is often taken for granted. We don't usually consider JSON parsing as part of our threat model. However, in our modern, multi-language, microservice architectures, our applications often rely on several separate JSON parsing implementations, each of which has its own quirks.

  As we've seen through attacks like HTTP request smuggling, discrepancies across parsers combined with multi-stage request processing can introduce serious vulnerabilities. In this research, I conducted a survey of 49 JSON parsers, cataloged their quirks, and present a variety of attack scenarios and Docker Compose labs to highlight their risks. Through our payment processing and user management examples, we will explore how JSON parsing inconsistencies can mask serious business logic vulnerabilities in otherwise benign code.

• Hardware RAID on the Raspberry Pi CM4

  After a long and arduous journey involving multiple driver revisions and UART debugging on the card, I was able to bring up multiple hardware RAID arrays on the Pi.

• The Tao of Continuous Integration

  It is a truism in modern software development that a robust continuous integration (CI) system is necessary. But many projects suffer from CI that feels brittle, frustrates developers, and actively impedes development velocity. Why is this? What can you do to avoid the common CI pitfalls?

• Install Kali Linux on Chromebook: Tips and Tutorials

  If you need more system privileges on your Chromebook, Kali Linux might be right for you, especially since Linux is free and open-source. But remember that this operating system is mainly for penetration testing and not very convenient for daily work.

• How to install the Foxit reader on Linux

  The Foxit Reader is free PDF software for Linux, Mac, and Windows. It is open-source software. With it, users can create as well as annotate and collaborate with PDF files. Here’s how to install it on Linux.

• How To Install Git on Manjaro 20 - idroot

  In this tutorial, we will show you how to install Git on Manjaro 20. For those of you who didn’t know, Git is a distributed version control system. Git is a free software designed to handle everything from small to very large projects with speed and efficiency. It can be easy to learn and used for tracking changes in source code during software development. Git has the features of data integrity, non-linear workflows, and fast performance. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Git on a Manjaro 20 (Nibia).

• How to manage Flatpak permissions graphicly?

  Finding difficulties to manage Flatpak permissions using command lines? Maybe you should give Flatseal a try. The main purpose of Flatpak is to provide a centralized service for distributing applications. But while Penguin users enjoy the taste of updated and secured Linux apps, they have hard time managing Flatpak permissions for the lack of graphical front-end which helps them do so. Here the important of the Flatsealutility, which developed by the enthusiast engineer Martin Abente Lahaye, appears.

Why India Needs To Fuss Over FOSS

Did you know that over 85% of India’s Internet runs on FOSS, or Free an Open Source Software that strikes at the heart of software patents?

If your answer is ‘No’, you may be pleasantly surprised to know that India now ranks 3rd in the world in terms of FOSS usage, according to GitHub. In fact, some of India’s largest government projects, many technology startups, and some of India’s largest software services companies extensively us FOSS, according to a recently-released report titled ‘The State of FOSS in India’ by CivicData Lab.

FOSS communities in India, according to the report supported by Omidyar Network India, have also organized themselves to solve India’s challenges like digital inclusion by creating Indian language fonts, dictionaries and other essential tools that are widely used across the country.

Android Leftovers

• Imagining what 'Material NEXT' could bring for Google's apps - 9to5Google

• Android 12: Developer Preview - the delight is in the little details - Ausdroid

• Realme GT 5G’s Geekbench listing reveals 12GB RAM, Android 11

• Best New Android Games This Week: Inked, Warhammer: Odyssey, Greedy Cats, and More - Droid Gamers

• The 5 Best PDF Reader Apps for Android

• How To Download Minecraft Game For Minecraft Android And iPhone 2021

• How to clear browser cache and app cache on Android smartphone - Pricebaba.com Daily

• OPPO Find X2 Pro update breaks Android Auto - Ausdroid

• Google reveals six exciting new features coming to your Android phone | Express.co.uk

• 21 million Android users warned that their personal details have been leaked online | Express.co.uk

Ubuntu 21.04 (Hirsute Hippo) Enters Feature Freeze, Beta Expected on April 1st

The Feature Freeze stage means that no major new features will be implemented in Ubuntu 21.04 until the final release hits the streets in late April 2021. Developers will no focus their efforts on fixing important blockers that won’t delay the final release. Dubbed as the “Hirsute Hippo,” Ubuntu 21.04 has been in development since late October 2020, shortly after the release of Ubuntu 20.10 (Groovy Gorilla). As its customary, the Feature Freeze stage will be followed shortly by an optional “Ubuntu Testing Week,” which will take place between March 4-11 and intended for those who want to help with the testing.