The Weekly Dev - 202204

All the metal that makes the Cloud

Cloud-literacy is overcoming traditional competence about real information systems. From a consumer point of view, it can somewhat make sense. From a technical perspective, it is like the Middle Ages advancing: the Knowledge gets more and more segregated into remote cloisters. You might be fortunate enough and live into such a cloister, but maybe you don't want to, and the tech is taken out of your sight.

It's going to become less than technology, and more and more like magic.

We need to keep cultivating the competences related to load balancing tools, the real-world interaction between software protocols and physical devices. We need to keep tabs on how to implement, maintain and expose cryptographical systems, so that we won't be forced to give away our creations on the promise of better security from some usual Big Provider.

Here some readings recommendation for this week:

Link shorteners: the long and short of why you should not use them

A couple of myths about link-shorteners:

  • "I should shorten links before I publish them on social media to save on character count"
  • "My link shortening tool provides me with analytics"

and a number of actual risks:

  • You have no control over the link-shortening tools' privacy policies
  • Creating inaccessible social media content
  • Generic links don’t capitalise on brand trust
  • Undermining confidence in government sources

Source: gcs.civilservice.gov.uk

Multiple SSL Configurations in the Same IP/Port with HAProxy

"How we used some clever TCP routing to overcome the HAProxy limitations regarding SSL configuration."

Source: medium.com/trabe

WebSockets for Real-Time Web and IoT Applications

Websockets from the ground up, some theory + implementation, with an eye of regard to embedded applications.

Source: www.netburner.com

NMap – A Basic Security Audit of Exposed Ports and Services

A nice and detailed, easy to read tutorial about using Nmap for the automation of security audits.

Source: www.putorius.net

Let us build a Full-Text Search engine

An interesting writeup of a base implementation of a Full Text Search engine in Go.

Source: artem.krylysov.com



[security] [api] [privacy]