BetterDev #254 - Garbage Collection for Systems Programmers and How radio work
Better Dev #254 Apr 1, 2024
Hi all,
We come back to my second week :). If you like BetterDev, please help spead word out by refer to your friends. Buy Me a coffee would be great too
In previous email, I said about a new self hosted section. Due to a bug the sefl hosted doesn’t appear in email, you can go back to re-read the previous issue for awesome tool that you can run on your own hardware.
Onward to our news issue today.
First thing, there is a suppy chain attack on xz, it has assigned CVE-2024-3094, If you had install xz 5.6.x, that version is affected. If it’s a server, better to destroy and rebuild a new server with xz 5.4.
If you’re using mac, you can check which xz version you had installed
brew info xz
If it return 5.6, perform an brew upgrade xz
and it will rollback to 5.4.
Continue on this story, no one know the real identity of the attacker so far. He has spend 2 years contribute code in a legitimate way. 2 years of works. Had he implement the backdoor correctly and not causing slowness, probably no one has notice. Someone shared a similar story on mastodon.
Another dance in open source community is the Redis license change, rest assured that if you’re just using Redis as an end-user theree is nothign change, you will be continue to use it. On top of that, Linux foundation has already launch Valkey , which is a fork of Redis right before the license change. In Redis codebase, top changeset contributions by employe is Tencent, not even Redis Lab. Alibaba comes in third place, then Huawei. So I think there will be definetely a path to the official Redis, similar to the IO.js story back in the old day, where everyone switch to the community fork. So no action require as an end-user, in the meantime, exploring the new ValKey project.
Let’s talk about one of the most performance-sensitive programs you run every day: your operating system. Since every speedup gives you more computer to compute with, an OS is never fast enough, so you can always find kernel and driver developers optimizing the bejesus out of their code.
A brief introduction to antennas, superheterodyne receivers, and signal modulation schemes.
Due to its easi of use, and its forgiven model, promise remain an unclear? should I use return Promise<Value>
or, return Promise.Resolve(value). all of that. Let look deeper to understand their execution model.
In the process of improving Knock performance, Knock engineers found ourselves in the weeds hacking our Postgres driver, and we wanted to share some fun learnings we’ve gathered so far.
Many applications that run on Raspberry Pis and similar single-board computers — for example, environmental data loggers that report to a central database server — don’t really need to store any state locally on the Pi’s SD card. This means you can run the Pi with a read-only root filesystem, which will dramatically increase the SD card’s lifetime. Also good discussion on Hacker News for alternative method
Pretty much any home computers are behind a NAT, mean multiple computer share a same public ip. In the TCP/UDP packet, there is a port, the pair ip:port can be used to track which host and send the packet back. But ping operate with ICMP, and ICMP packet doesnt have a port field. So how does NAT work for ICMP packets?
When a website ask you to hold down a key, what can happen? What is User Gesture? How to defend.
Anytime you start to implement HIPAA, SOC, NIST PCE-DSS, the file integrity monitoring come up? who changed this file? when? what is changed? In this articule, we look into that with Tetragon. Not just for security, say you have a config file, such as an env file that is source before application run, tracking changes to this file can help spot and solve problem in an outage too.
What is the process of this? what tooling, what setup, what is a step by step guide in layman term.
Apple Pay is great, but I think there is some misunderstanding out there about the details of how it works.
A useful article to go over commont leaks in Go, method to find them.
Code to read
Faster utf8.Valid using multi-byte processing without SIMD. Up to 50% faster than the standard library. Can be a useful tool to deal with email parser for example where we want to filter out non utf8 character
GoParse simple SQL statements into an abstract syntax tree (AST) with the visited tableList and convert it back to SQL
JavaScriptScalable, Low-latency and Hybrid-enabled Vector Search in Postgres. Revolutionize Vector Search, not Database.
Rusta gem that allows your application to send notifications of varying types, over various mediums, to various recipients. Be it a Slack notification to your own team when some internal event occurs or a notification to your user, sent as a text message, email, and real-time UI element in the browser, Noticed supports all of the above (at the same time)!
RubyTools
Lightweight Postgres packaged as WASM into a TypeScript library for the browser, Node.js, Bun and Deno. Use case is you may run an interactive embeded postgres in browser for a playground postgres application.
owerful real-time, eBPF-based Security Observability and Runtime Enforcement such as monitoring file changes, block operation to file etc.
A pure Go minimal operating system. Based on Linux and K8S. It runs on a fleet of bare metal or cloud machines and provides users with a hardened, production ready Kubernetes, without the overhead of traditional Linux distributions or configuration management systems.
Goa performance focused drag and drop library that can be used to power any drag and drop experience on any tech stack. Pragmatic drag and drop makes working with the browsers powerful and flexible built in drag and drop functionality safe and easy.
Self Hosted
a SQL engine and CLI tool that lets you manage your data transformation projects with ease. use Quary to transform their raw data tables into actionable and trustworthy insights. Teams do so by layering well documented and tested transformations into useful insights ready for consumptio
A bundle of many app into a single web ui provide you with: app store, vpn , auth server, reverse proxy server, cron job and more.
an advanced open-source desktop environment in the browser, designed to be feature-rich, exceptionally fast, and highly extensible. It can be used to build remote desktop environments or serve as an interface for cloud storage services, remote servers, web hosting platforms, and more
You can view this issue in web browser.
If you have any suggestion/feedback, do tell me by replying to this email. I read them all.
No longer want to receive these emails? Unsubscribe
Older messages
BetterDev #253 - Fifty Things you can do with a Software Defined Radio
Monday, March 25, 2024
Better Dev #253 Mar 24, 2023 Hi everyone, I've returned this week and hope to make this newsletter a more regular occurrence. I apologize if my absence and lack of updates have disappointed any of
BetterDev #251 - Writing a Debugger From Scratch
Monday, October 2, 2023
Better Dev #251 Oct 2, 2023 Last week, the famous Insomnia rugpull us and require an account to use the software. In process, many has lost their project data when the migration happen from local to
BetterDev #250 - What's the toughest bug you ever found and fixed
Monday, September 25, 2023
Better Dev #250 Sep 25, 2023 Hi everyone, This week, many resorts in Las Vegas got hack and have to shutdown their system. That means many operation is handled by paper and pen. The hack appears to be
BetterDev #249 - Running my own LLM
Tuesday, September 19, 2023
Better Dev #249 Sep 19, 2023 Happy tuesday everyone. We're back for other issue. Lot of exiciting article. Hope you like this issue. This issue is a bit short and lack the summary but hope you
BetterDev #248 - Putting the “You” in CPU
Monday, August 14, 2023
Better Dev #248 Aug 14, 2023 Hi all, I'm really sorry for sending out no issue in last few months. Works get in but I'm finally manage to spend time again on this newsletter. I missed it so
You Might Also Like
⚠️ Avoiding AI Scams on Social Media — An Open Source Google Photos Alternative
Sunday, May 5, 2024
Also: Reviewing the Customizable Drop Mechanical Keyboard, and More! How-To Geek Logo May 5, 2024 📩 Get expert reviews, the hottest deals, how-to's, breaking news, and more delivered directly to
Daily Coding Problem: Problem #1432 [Medium]
Sunday, May 5, 2024
Daily Coding Problem Good morning! Here's your coding interview problem for today. This question was asked by Snapchat. Given the head to a singly linked list, where each node also has a “random”
PD#572 Good Ideas in Computer Science
Sunday, May 5, 2024
Ideas every programmer likes and why Garbage Collection and Object Oriented Programming don't count
RD#454 API Layer & Fetch Functions
Sunday, May 5, 2024
ixing API and UI code quickly leads to messy and unmaintainable code
The Shiny Toy Syndrome & Tiny macOS utility apps I love
Sunday, May 5, 2024
Lex launching its redesign, Raycast shares another monthly update packed with AI updates, prompts should be designed not engineered, and a lot more in this week's issue of Creativerly. Creativerly
Hyundai antes up $1B for AV startup Motional and Elon unplugs the Tesla Supercharger team
Sunday, May 5, 2024
Plus, layoffs come for Luminar, Fisker and Ola View this email online in your browser By Kirsten Korosec Sunday, May 5, 2024 Image Credits: Motional Welcome back to TechCrunch Mobility — your central
C#504 Adventures serializing absolutely everything in C#
Sunday, May 5, 2024
A fantastic journey porting Newtonsoft.Json to System.Text.Json
Sunday Digest | Featuring 'Which City Has the Most Billionaires in 2024?' 📊
Sunday, May 5, 2024
Every visualization published this week, in one place. Visual Capitalist Sunday Digest logo May 5, 2024 | View Online | Subscribe | VC+ The Best of This Week's Visuals Presented by Voronoi: The
The dark side of startup accelerators
Sunday, May 5, 2024
Plus: No easy solution to AI hallucinations View this email online in your browser By Anthony Ha Sunday, May 5, 2024 Image Credits: Bryce Durbin This Week, TechCrunch dug into the struggles at two
Android Weekly #621
Sunday, May 5, 2024
View in web browser 621 May 5th, 2024 Articles & Tutorials Sponsored Genius Scan SDK: a document scanner in your app Embed a reliable document scanner with OCR in your app, enabling your customers