0x0

joined 1 year ago
sorted by: new top controversial old
Why do so many people use NGINX? in c/selfhosted
[–] [email protected] 21 points 15 hours ago

When NGINX showed up it beat the then dominant apache on resource utilzation hands-down.

It's also very configurable and has a lot of modules, both in-house and third party.

The only downside for me: as of late the whole commercial part of the project has been gobbling up everything to shove the non-free version to the point where it's hard to find info on the free version, e.g., the wiki page that lists all the third-party modules. The nginxtutorials site seems to be a good resource.

Btw one of the main devs forked it into freenginx:

Dounin writes in his announcement that "new non-technical management" at F5 "recently decided that they know better how to run open source projects. In particular, they decided to interfere with security policy nginx uses for years, ignoring both the policy and developers' position." While it was "quite understandable," given their ownership, Dounin wrote that it means he was "no longer able to control which changes are made in nginx," hence his departure and fork.

Also, fun fact: this is probably the only instance of russian software muricans don't cry Commie! all the time (maybe because the parent company was acquired).

-1
Data Wallets Using the Solid Protocol (www.schneier.com)
 

a digital wallet is a repository for personal data and documents. Right now, there are hundreds of different wallets, but no standard.

Retro series: 2024 Yamaha XSR700 in c/motorcycles
We finally know what caused the global tech outage - and how much it cost in c/technology
[–] [email protected] 2 points 1 day ago (1 children)

I.meant couldn't they test for a NULL pointer.

Disney+ proíbe a partilha de contas e incluirá anúncios em todos os seus planos in c/[email protected]
[–] [email protected] 8 points 1 day ago (1 children)

🏴‍☠️

2024 Stack Overflow Developer Survey (Page Technology) in c/[email protected]
[–] [email protected] 3 points 1 day ago

Most “popular” programming language should probably be “most used”. Whether people like it is a different metric

They do have an admired/desired category.

2024 Stack Overflow Developer Survey (Page Technology) in c/[email protected]
[–] [email protected] 2 points 1 day ago

I wonder why Ada is at the bottom of the pay table?

How ordinary failure could have a seismic effect on an industrial giant in c/technology
[–] [email protected] 28 points 1 day ago (10 children)

Calling "missing bolts" on a aircraft an "ordinary failure" is the understatement of the year.

We finally know what caused the global tech outage - and how much it cost in c/technology
[–] [email protected] 42 points 2 days ago* (last edited 2 days ago) (10 children)

On Wednesday, CrowdStrike released a report outlining the initial results of its investigation into the incident, which involved a file that helps CrowdStrike’s security platform look for signs of malicious hacking on customer devices.

The company routinely tests its software updates before pushing them out to customers, CrowdStrike said in the report. But on July 19, a bug in CrowdStrike’s cloud-based testing system — specifically, the part that runs validation checks on new updates prior to release — ended up allowing the software to be pushed out “despite containing problematic content data.”

...

When Windows devices using CrowdStrike’s cybersecurity tools tried to access the flawed file, it caused an “out-of-bounds memory read” that “could not be gracefully handled, resulting in a Windows operating system crash,” CrowdStrike said.

Couldn't it, though? 🤔

And CrowdStrike said it also plans to move to a staggered approach to releasing content updates so that not everyone receives the same update at once, and to give customers more fine-grained control over when the updates are installed.

I thought they were already supposed to be doing this?

Proton Now Has a Bitcoin Wallet in c/technology
[–] [email protected] 7 points 2 days ago (4 children)

Why Bitcoin? Monero makes more sense.

Suggestion for buying drive in c/selfhosted
[–] [email protected] 5 points 3 days ago* (last edited 3 days ago) (1 children)

I've been happy with Crucial's MX500 SSDs.

Is there any other way (except for buying a PCIe to SATA card) to add more drives in the motherboard?

The site does say "1 x M.2".

Microsoft says EU to blame for the world's worst IT outage | Euronews in c/technology
[–] [email protected] 41 points 3 days ago

I'm still to see the doc where MS is forced to give ring-0, certified, boot-start to everyone.

FAMF: Files As Metadata Format in c/[email protected]
[–] [email protected] 14 points 3 days ago (10 children)

Why waste the inodes?

17
Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks (krebsonsecurity.com)
 

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

10
The NSA Has a Long-Lost Lecture by Adm. Grace Hopper (www.schneier.com)
 

cross-posted from: https://programming.dev/post/16750896

The NSA has a video recording of a 1982 lecture by Adm. Grace Hopper titled “Future Possibilities: Data, Hardware, Software, and People.” The agency is (so far) refusing to release it.

Basically, the recording is in an obscure video format. People at the NSA can’t easily watch it, so they can’t redact it. So they won’t do anything.

147
The NSA Has a Long-Lost Lecture by Adm. Grace Hopper (www.schneier.com)
 

The NSA has a video recording of a 1982 lecture by Adm. Grace Hopper titled “Future Possibilities: Data, Hardware, Software, and People.” The agency is (so far) refusing to release it.

Basically, the recording is in an obscure video format. People at the NSA can’t easily watch it, so they can’t redact it. So they won’t do anything.

10
10 Reasons to Fight Cashless Contagion (www.asomo.co)
6
The Stark Truth Behind the Resurgence of Russia’s Fin7 (krebsonsecurity.com)
48
The 20 best open-source alternatives to popular software on Windows (www.xda-developers.com)
 

Of course if Microsoft undermines standards' interoperability...

14
Japan's government finally moves on from floppy disks (www.xda-developers.com)
31
CVE-2024-6387: RCE in OpenSSH's server, on glibc-based Linux systems (seclists.org)
 

Regression in signal handler.

This vulnerability is exploitable remotely on glibc-based Linux systems, where syslog() itself calls async-signal-unsafe functions (for example, malloc() and free()): an unauthenticated remote code execution as root, because it affects sshd's privileged code, which is not sandboxed and runs with full privileges.

34
This prototype turns your car’s windshield into a giant AR display (www.theverge.com)
 

Ooooh... car BSOD vibes...

14
Why Hondas Run Great - JIT Manufacturing, 5S Methodology and Kaizen (www.youtube.com)
 

Another great Fortnine video just came out, this time about Honda.

Didn't quite explore the supply shortage impact on JIT as seen during the pandemic, though.

-16
Kaspersky products are now banned in the US (www.xda-developers.com)
 

If it ain't 'murican we ban 'em!

Guess all foreign cars should be next, what with all the telemetry and all...

view more: next ›