Assorted links for Tuesday, October 29:
Links
Assorted links for Monday, October 28:
- IPLS: Privacy-preserving storage for your WhatsApp contacts
- New discovery reveals how diatoms capture CO2 so effectively
- What Color is Your Function?
- Angular’s Approach to Partial Hydration
Rather than fully hydrate the application immediately, partial hydration allows developers to identify portions of their application — maybe a footer or something that a user will not immediately need to see — and rather than ship all of the JavaScript in the app, it “hydrates” only the parts that are needed immediately.
- AWS Welcomes the OpenSearch Software Foundation
OpenSearch, the popular open source, Apache 2.0-licensed, search and analytics suite, is celebrating a significant milestone - transferring OpenSearch to the OpenSearch Software Foundation, a community-driven initiative under the Linux Foundation.
Assorted links for Friday, October 25:
- How we build GitHub Copilot into Visual Studio
- Sampling with SQL
- Basecamp-maker 37Signals says its “cloud exit” will save it $10M over 5 years: The cloud is many things, but “cheap” is not one of them.
- Federal Trade Commission Announces Final Rule Banning Fake Reviews and Testimonials
- Debunking Hype: China Hasn’t Broken Military Encryption With Quantum
Assorted links for Thursday, October 24:
- Safer with Google: Advancing Memory Safety
- Announcing Rust 1.82.0
- AWS Makes ETL Disappear for Aurora PostgreSQL, DynamoDB
This week, Amazon Web Services introduced new integrations with its Amazon Aurora PostgreSQL and Amazon DynamoDB database management services that allow them to share data with the Amazon Redshift data warehouse services, without the need to set up ETL (Extract, Transform and Load) workflows between them.
- Federal Trade Commission Announces Final “Click-to-Cancel” Rule Making It Easier for Consumers to End Recurring Subscriptions and Memberships: Since Loper Bright Enterprises v. Raimondo overturned the Chevron doctrine, I expect this rule to be challenged immediately. Update 2024-10-29: Comcast, Charter Sue FTC Over Efforts To Make Canceling Services Easier
- The Architect’s Guide to Interoperability in the AI Data Stack
Assorted links for Wednesday, October 23:
- Startup can identify deepfake video in real time
- Announcing IBM Granite AI Models Now Available on Docker Hub
- Graph RAG: How To Squeeze More Value From AI
- Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug
Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will—the latest in a plague of web bugs that’s affected a dozen carmakers.
- OpenHCL: the new, open source paravisor
A paravisor executes within the confidential trust boundary and provides the virtualization and device services needed by a general-purpose operating system (OS), enabling existing VM workloads to execute securely without requiring continual service of the OS to take advantage of innovative advances in confidential computing technology. As confidential computing becomes available on more hardware platforms and evolves, the software stack can keep VMs running seamlessly thanks to the paravisor, in much the same way other advances in virtualization software enabled VMs to run seamlessly on ever evolving hardware.
Assorted links for Tuesday, October 22:
- What’s new in System.Text.Json in .NET 9
The 9.0 release of System.Text.Json includes many features, primarily with a focus on JSON schema and intelligent application support. It also includes highly requested enhancements such as nullable reference type support, customizing enum member names, out-of-order metadata deserialization and customizing serialization indentation.
- A quick introduction to return address protection technologies
- North Korean hackers use newly discovered Linux malware to raid ATMs
The malware, tracked under the name FASTCash, is a remote access tool that gets installed on payment switches inside compromised networks that handle payment card transactions.
The purpose of FASTCash is to compromise a key switch inside the complex networks that broker payment transactions among merchants and their banks on the one hand and, on the other, the payment card issuers who must approve a transaction… When a compromised card is used to make a fraudulent translation, FASTCash tampers with the messages the switch receives from issuers before relaying it back to the merchant bank. As a result, issuer messages denying the transaction are changed to approvals.
- Building Knowledge Graphs at Production Scale for GenAI
- Docker Best Practices: Using ARG and ENV in Your Dockerfiles
If you need to access a variable during the build process but not at runtime, use
ARG. If you need to access the variable both during the build and at runtime, or only at runtime, useENV.
Assorted links for Monday, October 21:
- Thousands of Linux systems infected by stealthy malware since 2021
- Invisible text that AI chatbots understand and humans can’t? Yep, it’s a thing.
The invisible characters, the result of a quirk in the Unicode text encoding standard, create an ideal covert channel that can make it easier for attackers to conceal malicious payloads fed into an LLM. The hidden text can similarly obfuscate the exfiltration of passwords, financial information, or other secrets out of the same AI-powered bots. Because the hidden text can be combined with normal text, users can unwittingly paste it into prompts.
- Investigation of a Workbench UI Latency Issue: Resolving a UI latency investigation requires from the UI all the way down to the Linux kernel.
- Web Browser Engineering by Pavel Panchekha & Chris Harrelson
- Drasi: Drasi is a data processing platform that simplifies detecting changes in data and taking immediate action. It is a comprehensive solution that provides built-in capabilities to track system logs and change feeds for specific events, evaluate them for relevance, and automatically initiate appropriate reactions.
Assorted links for Thursday, October 17:
- China Possibly Hacking US “Lawful Access” Backdoor
The Wall Street Journal is reporting that Chinese hackers (Salt Typhoon) penetrated the networks of US broadband providers, and might have accessed the backdoors that the federal government uses to execute court-authorized wiretap requests. Those backdoors have been mandated by law—CALEA—since 1994.
- The second half of software supply chain security on GitHub
- For the first time since 1882, UK will have no coal-fired power plants
- Introducing Netflix’s TimeSeries Data Abstraction Layer
- Two never-before-seen tools, from same group, infect air-gapped devices
Assorted links for Thursday, October 17:
- China Possibly Hacking US “Lawful Access” Backdoor
The Wall Street Journal is reporting that Chinese hackers (Salt Typhoon) penetrated the networks of US broadband providers, and might have accessed the backdoors that the federal government uses to execute court-authorized wiretap requests. Those backdoors have been mandated by law—CALEA—since 1994.
- The second half of software supply chain security on GitHub
- For the first time since 1882, UK will have no coal-fired power plants
- Introducing Netflix’s TimeSeries Data Abstraction Layer
- Two never-before-seen tools, from same group, infect air-gapped devices
Assorted links for Wednesday, October 16:
- Code referencing now generally available in GitHub Copilot and with Microsoft Azure AI
- Announcing the stable release of the Azure OpenAI library for .NET
- Microsoft Just Dropped a Bunch of New Copilot Features
- Faster Integer Programming: A new analysis proves that all integer programs theoretically could be solved much faster than previously guaranteed.
- Confidential Container Groups: Implementing confidential computing on Azure container instances.