recentpopularlog in

teffalump : design   232

« earlier  
GRAIL Text Recognizer
revisiting old but clever way to recognize handwriting; very interesting; also great active essay!
algorithm  design  history 
5 weeks ago by teffalump
Internet protocols are changing
interesting - performance + encryption seem big changes
protocol  standards  design  encryption  internet 
december 2017 by teffalump
Dynamic Users with systemd
Clever way around a thorny problem: "The way container managers protect the container images from the host (and from each other to some level) is by placing the container trees below a boundary directory, with very restrictive access modes and ownership (0700 and root:root or so). A host user hence cannot take advantage of the files/directories of a container user of the same UID inside of a local container tree, simply because the boundary directory makes it impossible to even reference files in it. After all on UNIX, in order to get access to a specific path you need access to every single component of it.

How is that applied to dynamic user services? Let's say StateDirectory=foobar is set for a service that has DynamicUser= turned off. The instant the service is started, /var/lib/foobar is created as state directory, owned by the service's user and remains in existence when the service is stopped. If the same service now is run with DynamicUser= turned on, the implementation is slightly altered. Instead of a directory /var/lib/foobar a symbolic link by the same path is created (owned by root), pointing to /var/lib/private/foobar (the latter being owned by the service's dynamic user). The /var/lib/private directory is created as boundary directory: it's owned by root:root, and has a restrictive access mode of 0700. Both the symlink and the service's state directory will survive the service's life-cycle, but the state directory will remain, and continues to be owned by the now disposed dynamic UID — however it is protected from other host users (and other services which might get the same dynamic UID assigned due to UID recycling) by the boundary directory."
systemd  design 
november 2017 by teffalump
The Absurdly Underestimated Dangers of CSV Injection
wow! didn't know this about csv - can execute formula, make external requests, etc.
injection  security  standards  vulnerability  hacking  design 
november 2017 by teffalump
Competitive Self-Play
cool: "We've found that self-play allows simulated AIs to discover physical skills like tackling, ducking, faking, kicking, catching, and diving for the ball, without explicitly designing an environment with these skills in mind. Self-play ensures that the environment is always the right difficulty for an AI to improve. Taken alongside our Dota 2 self-play results, we have increasing confidence that self-play will be a core part of powerful AI systems in the future."
ai  games  design 
october 2017 by teffalump
Phishing with Unicode Domains
wow, fascinating! "Punycode makes it possible to register domains with foreign characters. It works by converting individual domain label to an alternative format using only ASCII characters. For example, the domain "xn--s7y.co" is equivalent to "短.co"."
dns  security  vulnerability  hacking  design 
may 2017 by teffalump
Promises on Point
yeah, hardware so hard to get right, so many obstacles - great piece on the difficulties
design  hardware  money  business 
may 2017 by teffalump
Eve
just so interesting, i gotta try this sometime
language  programming  design 
january 2017 by teffalump
Pythonic code review - Red Hat Customer Portal
lots of good advice.... still have unreadable code for myself, lol
code  python  design  reference  howto  style  programming 
january 2017 by teffalump
Peer review post-mortem: how a flawed aging study was published in Nature
some of the work seems to the same in development and testing... like, every paper should be easily reviewable, etc.
science  research  publishing  money  business  design 
december 2016 by teffalump
Figs | Datalegreya
"Datalegreya is a typeface which can interweave data curves with text. It is designed by Figs, on the basis of open source font Alegreya Sans SC Thin by type designer Juan Pablo Del Peral." WOW!
data  font  text  typography  design 
december 2016 by teffalump
kdeldycke/awesome-falsehood: Curated list of falsehoods programmers believe in.
the worst i have run into is postal addresses - but phone numbers, names, etc.
programming  data  design  standards  cool  code  project 
october 2016 by teffalump
SMART – Security | Hay on FHIR
problem is patient access now, which fhir doesn't help all that much with defining well
fhir  security  design 
august 2016 by teffalump
Google's Nest closing smart-home company Revolv, bricking devices
this is a strong reason for open source code - if a company does fold/acqui-hired, at least the possibility of future support
money  business  open  access  source  hardware  design  iot 
april 2016 by teffalump
Open Whisper Systems >> Blog >> Reproducible Signal builds for Android
HAHAH!: "Just to head off the inevitable deluge of GPG encrypted emails with dramatic subject lines, we are not doing this in response to any kind of legal threat or presssure. This is just a weekend hack, please don't make us regret it."
software  security  privacy  compiler  design 
april 2016 by teffalump
The Trouble with CloudFlare
And tor's rebuttal. This seems to be a strong point: "A report by CloudFlare competitor Akamai found that the percentage of legitimate e-commerce traffic originating from Tor IP addresses is nearly identical to that originating from the Internet at large. (Specifically, Akamai found that the "conversion rate" of Tor IP addresses clicking on ads and performing commercial activity was "virtually equal" to that of non-Tor IP addresses)."
security  tor  internet  culture  infrastructure  privacy  design  anonymity 
april 2016 by teffalump
The Trouble with Tor
cloudflare isn't in my good graces, but here are their points
anonymity  tor  captcha  internet  culture  infrastructure  design  security  privacy 
april 2016 by teffalump
How Google’s Web Crawler Bypasses Paywalls
user-agent and referrer; hmm... porous paywalls seem to be ok, good enough, so to speak but it is unfair (?) to allow search engines to bypass them and display them... somewhat misleading
google  security  money  business  design 
march 2016 by teffalump
Fellowship
Looks awesome! "Think the world doesn’t need another selfie app? We agree. Our intensive summer Fellowship is designed to help top talent attack big problems in new ways. By taking a customer-centric approach and pushing our teams to iterate quickly and cheaply, we aim to build products that can really make a difference.

We’ve built our summer program to provide everything a team of early-stage social entrepreneurs might need: thousands of dollars in resources, an amazing peer group, unparalleled access to a pool of community collaborators for research and testing, and much more. "
inequality  culture  society  design  research 
march 2016 by teffalump
GCC 6: -Wmisleading-indentation vs “goto fail;”
a lot of great work being done on better warnings/catching for common mistakes like this
design  compiler  bug  vulnerability  software  programming 
march 2016 by teffalump
Flash-Free Video in 2016 - The New York Times
no more flash for nyt in 2016 - flash needs to go away and it generally is, yay
advertising  business  flash  html5  html  design  software 
february 2016 by teffalump
Compilers as Assistants
yes! so cool: elm is looking really cool
compilers  programming  design  software  debug 
february 2016 by teffalump
Troy Hunt: It’s 2016 already, how are websites still screwing up these user experiences?!
yeah, big issues still - but very little pressure, it seems, well gaining pressure now
advertising  design  development  web 
january 2016 by teffalump
The Free Universal Construction Kit
wow: "Announcing the Free Universal Construction Kit: a set of adapters for complete interoperability between 10 popular construction toys." Between Legos, Lincoln Logs, etc. In .STL format. Awesome!
3d  design  toys  open  source  access  interoperability  coo  project 
january 2016 by teffalump
Much faster incremental apt updates
cool how to look for improvements... and get them.
performance  design  source  diving  software 
january 2016 by teffalump
Two ATC agencies 'blacklist' 787 over position-data flaw
how not?: "Although it denies the software defect creates a safety hazard, Boeing says a service bulletin with instructions for operators to correct the position reporting error will be released “imminently”." What a joke
money  business  regulation  software  design  development 
december 2015 by teffalump
lvc/abi-tracker
"A tool to visualize ABI changes timeline of a C/C++ software library" -- these meta tools can be very powerful =-)
cool  code  project  programming  language  software  development  design 
december 2015 by teffalump
Why Static Website Generators Are The Next Big Thing
good point: "With the maturation of browsers, many features that used to require dynamic code running on a server can be moved entirely to the client. Want comments on your website? Add Disqus, Isso or Facebook comments. Want social integration? Add Twitter or Facebook’s JavaScript widget to your website. Want real-time data updating live on your website? Add a squirt of Firebase. Want search? Add Swiftype. Want to add live chat support? Olark is there. Heck, you can even add an entire store to a static website with Snipcart."
software  design  web 
december 2015 by teffalump
« earlier      
per page:    204080120160

Copy this bookmark:





to read