Can you imagine simply open a TXT file will leak your IP address, make network request to attacker server, send your file out? It’s all because the text editor try to be smart and render HTML. And to have some fun, Jeff Johnson of Lapcatsoftware build a PoC that Distributing unnotarized Mac apps in a text file

Is this yet another guide to OAuth 2.0? No. This document is based on hundreds of conversations and client implementations as well as their experience building FusionAuth, an OAuth server which has been downloaded over a million times. FusionAuth is a great OAuth solution which you can self hosted in this space now given that Okta has acquired Auth0. Give them a try. They’re great product too.

Deep dive into a few limitations of AWS NLB. Ably learned that anything over 200,000 connections per NLB begins to be a challenge. This is unfortunately substantially below the advertised understanding of what the load balancers can currently do.

What happens when you set “font_size”: 32 in your favorite editor? I would’ve told you anyway, but I’m glad that you asked. And do you know that 16 pt text on Windows is ⅓ larger than 16 pt text on macOS. Fun!

This is a JavaScript package but you should give it a read to be more carefully when parsing data that can be represent in different notation. Example, what would you think 0127.0.0.1? The ip actually is 87.0.0.1

When a worker thread that seems to hang and have no log to indicate, I usually do strace -p pid on it to see what call it stuck on. In this artcile, Julia Evans shares 9 problems that strace can help us identity/debug.

PostgreSQL uses a cost-based query optimizer that tries to turn your SQL queries into something efficient that executes in as little time as possible. For many people, the workings of the optimizer itself remain a mystery, so we have decided to give users some insight into what is really going on behind the scenes.

Like programming in C or driving a car, contemporary shellscript languages require some knowledge and discipline to use safely, but that’s not to say it can’t be done. This article is a part of the tool shellharden we linked to below the code to read section for Rust.

For language that compile to native code, The output of the compiler is a number of object files. Then a linker assembling all these object files into one big program and create the final executable files. But most of Linux code use dynamic linking, means its object files are absence. At run time, it will borrow the file. Sound magically? Let’s dig in. Make sure to check part 2 as well.

One way to improve shell workflows is finding patterns in the execution order of commands and extracting those into little scripts; this can often be helpful and is part of what makes working in a shell so powerful. Another way is to understand how the parameters are added and try to simplify this; that’s what I will focus mostly on in this blog post.