No matter what you think of a computer language, you ought to respect its idioms for the same reason one has to know idioms in a human language—they facilitate communication, which is the true purpose of all languages, programming or otherwise.
— George V. Neville-Neil
George also explains that “a single cache miss is more expensive than many instructions, so optimizing away a few instructions is not really going to win your software any speed tests”.
LWN covers the new W3C spec for HTML subresource integrity (SRI):
SRI is designed to combat injection attacks that come through third-party content. The originating site can include cryptographic hashes of third-party script and image files, enabling the user’s browser to hash the corresponding files it receives from the third-party servers and verify that the hashes match.
Most browsers already support SRI, including Firefox, Chrome and Opera.
If you’re designing a service that requires passwords for authentication, store them using the Argon2 or bcrypt password hashing functions. Don’t use MD5, SHA-1, SHA-2 or SHA-3 — they’re not designed to keep passwords secure against attackers that gain access to your password database.
Reference article: How LinkedIn’s password sloppiness hurts us all by Jeremi M. Gosney
If [online services] aren’t using something like bcrypt or Argon2 for password storage, then they’re doing things very, very wrong. But slow hashing is no longer as effective of a solution as it could have once been had it only been adopted sooner.
When you suspect a password database has been compromised, even just in part, you cash in on that insurance policy [of using forced password resets] immediately by activating your incident response team and your public relations team.
What is Argon2? It’s the winning algorithm from the Password Hashing Competition. Argon2 has been added to recent versions of libsodium.
I’ve been following the Ars coverage of the Oracle v Google trial regarding whether Google’s use of Java APIs is “fair use”. I didn’t think Google would win, but was pleasantly surprised when the jury decided in their favor. Hurrah!
However, just because Google won, doesn’t mean that companies can indiscriminately copy APIs and have it fall within “fair use”. It seems safest to me to make use of APIs that fall under an open source license. That way, the code individuals and companies write can more easily be run against competitive API implementations without being held hostage by the owners of the original API.
Ars has an interesting article showing how the internet works with regard to the underseas cables that tie the continents together. I had no idea there were repeaters to help the signal propagation, or how broken cables were repaired.
It’s useful to shorten long URLs, especially when sending them in tweets and in text messages. An LWN.net article helped me learn that they can be a security risk:
URL shorteners such as bit.ly and goo.gl perform a straightforward task: they turn long URLs into short ones, consisting of a domain name followed by a 5-, 6-, or 7-character token. This simple convenience feature turns out to have an unintended consequence. The tokens are so short that the entire set of URLs can be scanned by brute force. The actual, long URLs are thus effectively public and can be discovered by anyone with a little patience and a few machines at her disposal.
Around 7% of the OneDrive folders discovered in this fashion allow writing. This means that anyone who randomly scans bit.ly URLs will find thousands of unlocked OneDrive folders and can modify existing files in them or upload arbitrary content
— VITALY SHMATIKOV
I ran across pictures by Albert Dros, displaying the beauty of the Netherlands. I lived there for two years as a missionary for the LDS Church. I spent much of my time on a bicycle, riding through wind and rain, and enjoying sunsets and the verdant landscape. I had the opportunity to visit Keukenhof and Kinderdijk, both beautiful places, and both featured in Dros’ photos.
Encrypting sensitive data-at-rest (i.e. in a database) is a good idea, but how does one manage the encryption keys, and rotate keys or start using a new algorithm down the road without orphaning or migrating the old data? Use KeyCzar
Cryptography is easy to get wrong. Developers can choose improper
cipher modes, use obsolete algorithms, compose primitives in an unsafe
manner, or fail to anticipate the need for key rotation. Keyczar
abstracts some of these details by choosing safe defaults,
automatically tagging outputs with key version information, and
providing a simple programming interface.
Keyczar is designed to be open, extensible, and cross-platform
compatible. It is not intended to replace existing cryptographic
libraries like OpenSSL, PyCrypto, or the Java JCE, and in fact is
built on these libraries.
Or learn from what Google did with KeyCzar, and implement the same ideas (key rotation and key version info) using a more modern encryption library, like libsodium.
I came across this recently, and I think it’s worth sharing. It outlines gotchas of commonly used commandline tools and arguments such as when ‘rm -rf’ doesn’t remove a directory, and how to get around it, or when ‘wc -l’ fails to count the last line in a file.
What happens when you have hundreds of services connected to RabbitMQ and memcache, and those services have a bug that causes them to keep their previous socket connections open, and repeatedly reconnect to RabbitMQ and memcache?
It occurred to me that one can prevent too many connections using iptables on the RabbitMQ and memcache machines. Here’s how:
The corollary is that setting the per-ip connection limit too low can also cause problems.
I’d guess that more commonly public-facing servers like NGINX and Apache don’t have the problem of crashing. Hopefully, they degrade gracefully, and refuse additional connections while continuing to service the connections they already have open.