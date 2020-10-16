Programming Leftovers
-
If you've written code, you know it takes practice to get good at it. Whether it takes months or years, there's inevitably a moment of epiphany.
We wanted to hear about that time, so we asked our community to share about that time they sat down and wrote code that truly made them proud.
-
We are pleased to announce the launch of the new erlang.org website!
The design and content are roughly the same as the old website. The most notable changes are: [...]
-
Software tools are an essential part of the HPC ecosystem, for both scientists and all potential HPC users. While there are a huge number of different categories of tools available to the HPC community, the exascale projects in the US and Europe are focused on the development of open source software, or software that can facilitate the use of a wide range of resources.
-
The shift from building applications in a monolithic architecture hosted on a server you could go and touch, to breaking them down into multiple microservices, packaged up into containers, orchestrated with Kubernetes, and hosted in a distributed cloud environment, marks a clear jump in the level of complexity of our software. Add to that expectations of feature-rich, consumer-grade experiences, which are secure and resilient by design, and never has more been asked of developers.
-
In this blog, we will see how we can use the python csv writer to write the list data to csv.
-
So I couldn't sleep the other night, and my brain wanted to think about odd problems…
Ever had a script that's compatible with both, Python 2 and 3, but you didn't want to bother the user to know which interpreter to call? Maybe because the script is often used in environments where only one Python is available and users just expect things to work? And it's only that one script file, no package, no additional wrapper script, nothing.
Yes, this is a rather odd scenario. And yes, using Python doesn't make it easier, but trust me, you wouldn't want to implement the same in bash.
Nothing that you will read from here on should ever be actually implemented, it will summon dragons and kill kittens. But it was a fun midnight thought, and I like to share nightmares!
The nice thing about Python is it supports docstrings, essentially strings you can put inside your code which are kind of comments, but without being hidden inside commnent blocks. These are often used for documentation that you can reach using Python's help() function. (Did I mention I love help()?)
-
When it comes to storing related and non-complex information in a program, arrays always come up. Arrays are a collection of an ordered list of items. Using arrays, you can store related values in a single variable, making your code efficient and easy to manage. In Ruby, arrays contain lots of built-in methods, making working with list data much more effortless.
This article describes various methods you can use to add items to an array in Ruby.
-
The UNIX timestamp value is calculated from 1st January 1970. The strtotime() is a built-in PHP function to convert human-readable date and time values into UNIX timestamp values. The way to use this function in PHP for different purposes has shown in this tutorial with examples.
-
The sprint() function of PHP works like the printf() function. Both functions generate the formatted output, but one difference between these functions is that the output of the sprinf() function is stored into a variable, and the output of the printf() function is displayed in the browser. How sprint() function works and the uses of this function is shown in this tutorial.
-
Sometimes we need to divide the string data based on the particular separator for programming purposes. Many ways exist in PHP to do this task. Three built-in functions of PHP that can be used to split string data are explode(), str_split(), and preg_split(). These functions create an array by dividing the string value based on the particular delimiter or pattern. How these functions work and the uses of these functions to split PHP strings have shown in this tutorial.
-
The conditional statement is used to execute the block of statements based on the particular condition. The ‘If..else’ statement is one type of condition statement that works with the particular condition(s). Different types of ‘if..else’ statements can be used in PHP for implementing conditional statements. These are mentioned below.
-
Mainly two types of the array can be created in any programming language. One is a numeric array and another is an associative array. Each value of an array is accessible by the index of that value. The index value is not required to define for numeric array and the sorted numeric index is generated automatically for this array if no index is defined. If it is required to create a particular string value for each index of the array, then the associative array is used to do the task.
PHP associative array can contain a number or both number and string in the index value. The user-defined index is used in an associative array. The ‘=>’ is used to assign the key-value pair of the associative array in PHP. The way to define and use associative array in PHP was shown in this tutorial.
-
Then, one part of the article caught my eye:
I assume each and every message could itself be malicious. I treat inspecting the log files with care. If any system was compromised, an attacker could theoretically pivot to other systems via carefully crafted malicious syslog messages. Would anyone do this? I doubt it.
Brace yourselves, for what follows is a recount of a case I've helped solve where the initial attack was performed via a carefully crafted syslog message and a tiny bit of social engineering.
Before I go into details, I have to mention that I am not at liberty to disclose the exact details, I cannot go into deeper specifics. So read what follows with that in mind. If something isn't clear, that's probably because I cannot clear it up without breaching confidentiality.
With that out of the way, lets set the stage!
Videos/Shows: Freedom, Arch, and GNU World Order
-
I think everyone that has ever used Microsoft Windows has eventually discovered things that they just were not allowed to do in Windows. Why would an operating system restrict the user? Linux doesn't do that!
-
There's a bunch of kernels available in the standard repos and the AUR for arch linux but what do they all do and which one should you use.
-
How to deliver Python packages with **setuptools**.
Security Leftovers
-
U.S. officials believe that a DJI Mavic 2, a small quadcopter-type drone, with a thick copper wire attached underneath it via nylon cords was likely at the center of an attempted attack on a power substation in Pennsylvania last year. An internal U.S. government report issued last month says this is the first time such an incident has been officially assessed as a possible drone attack on energy infrastructure in the United States, but that this is likely to become more commonplace as time goes on. This is a reality The War Zone has sounded the alarm about in the past, including when we were first to report on a still-unexplained series of drone flights near the Palo Verde nuclear powerplant in Arizona in 2019.
-
A new release of the compact cryptographic library is wolfSSL 5.0.0 now available IoT , optimized for use on embedded devices with limited processor and memory resources, such as devices, smart home systems, automotive information systems, routers and mobile phones. The code is written in C and is distributed under the GPLv2 license.
The library provides high-performance implementations of modern cryptoalgorithms, including ChaCha20, Curve25519, NTRU, RSA, Blake2b, TLS 1.0-1.3 and DTLS 1.2, which, according to the developers, are 20 times smaller than the OpenSSL implementations. Both its simplified API and a layer for compatibility with the OpenSSL API are provided. There is support for OCSP (Online Certificate Status Protocol) and CRL (Certificate Revocation List) for checking certificate revocation.
-
This whole process is called “keyless” signature or ambient credentials via workload identities. The word keyless can be a little bit misleading. It does and does not refer to the existence of a cryptographic key. Implementation-wise, there is a key. Otherwise, the whole private/public procedure would not work. But, on the same time you do not have to provide a secret for generating this key. The process is secretless; at least on the first look. On the second look you will realize that your Identity has become the secret.
[...]
Next, we will use the public sigstore instance to generate a new signature via our OpenID and upload it to a public rekor instance. This feature is still experimental. I hope they will release it soon. During the process your browser will pop-up, forward you to the public sigstore instance and ask you for a login. If you login, cosign will use your OpenID to sign the file.
-
The Linux Foundation has enhanced its free LFX Security vulnerability detection toolkit so open-source projects can secure their code and reduce non-inclusive language.
On Tuesday, the foundation said the LFX Security module now includes automatic scanning for secrets-in-code and non-inclusive language, adding to its existing comprehensive automated vulnerability detection capabilities.
Intel's Habana Labs Continues Improving Their AI Accelerator Driver Stack With Linux 5.16
The "char/misc" changes have landed in Linux 5.16 as the catch-all area for code not fitting more appropriately within another subsystem or being a portion of the kernel that's too small for submitting pull requests directly to Linus Torvalds. For Linux 5.16, the IIO code has moved from being part of the staging area also maintained by Greg Kroah-Hartman to now being under the char/misc umbrella. Additionally, another big item is the Intel Habana Labs driver updates.
The Habana Labs kernel driver for supporting their Goya and Gaudi AI hardware continues to be part of the char/misc area with not yet having a formal "accelerator" subsystem short of the GPU/DRM area for the growing number of AI inference/training accelerators coming to market.
