Categories
programming

PostgreSQL on ARM-based AWS EC2 Instances: Is It Any Good? – Percona Database Performance Blog

ARM-based Graviton2 consistently outperforms Intel x86-based processors in PostgreSQL test by Percona, and it’s 25% cheaper. If your workload is not x86-specific there’s no reason not to switch.

The rise of ARM-based processor is gaining momentum and it seems like Intel is seriously playing catch-up here.

With the second gen of Graviton2 instances announced, we decided to take a look at the price/performance from the standpoint of running PostgreSQL.

Source: PostgreSQL on ARM-based AWS EC2 Instances: Is It Any Good? – Percona Database Performance Blog

Categories
internet programming

Troy Hunt: Promiscuous Cookies and Their Impending Death via the SameSite Policy

Yet another potentially breaking change on the web. This time round it involves cookie handling (in the upcoming Chrome 80). The objective is to close off a class of attacks known as CSRF (cross-site request forgery). Expect other browsers to follow suit.

… any websites you’re responsible for that are passing cookies around cross domain by POST request and don’t already have a SameSite policy are going to start misbehaving pretty quickly

Source: Troy Hunt: Promiscuous Cookies and Their Impending Death via the SameSite Policy

Categories
programming

How to Build Good Software

A break from the usual articles on cybersecurity. This is a good article that talks about the problems of software development and some strategies for mitigating them:

  • starting simple
  • focussing on the problem
  • iteration
  • spending time between expanding features and reducing complexity

Software has characteristics that make it hard to build with traditional management techniques; effective development requires a different, more exploratory and iterative approach.

Source: How to Build Good Software

Categories
internet programming security

unCaptcha: A Low-Resource Defeat of reCaptcha’s Audio Challenge

CAPTCHA is almost ubiquitous in today’s web applications and an extremely popular CAPTCHA implementation is Google’s, namely reCaptcha. reCaptcha provides an audio version for visually-impaired users. Researchers manage to make use of free speech-to-text services to defeat audio reCaptcha.

unCaptcha: Talk is cheap in defeating reCaptcha

Source: unCaptcha: A Low-Resource Defeat of reCaptcha’s Audio Challenge

Categories
bug programming

24-core CPU and I can’t type an email (part one)

When software doesn’t behave as expected, it can be really difficult to find out why. In this case, someone experienced an odd hanging problem while using GMail on his powerful computer and decides to investigate. Read on for all the gory details.

…I was just engaging in that most mundane of 21st century tasks, writing an email at 10:30 am. And suddenly gmail hung. I kept typing but for several seconds but no characters were appearing on screen. Then, suddenly gmail caught up and I resumed my very important email. Then it happened again, only this time gmail went unresponsive for even longer.

Source: 24-core CPU and I can’t type an email (part one)

Categories
programming

Nibble Stew – a gathering of development thoughts: “A simple makefile” is a unicorn

Unicorn as in the mythical creature, not what VC’s think about.

Like every sentence that has the word “just”, this is at best horribly simplistic but mostly plain wrong. Let’s dive in more detail into this. If you look up simple Makefiles on the Internet, you might find something like this page. It starts with a very simple (but useless) Makefile and eventually improves it to this:

Source: Nibble Stew – a gathering of development thoughts: “A simple makefile” is a unicorn

Categories
programming

Turning Design Mockups Into Code With Deep Learning

At the current stage it could help front-end developers in some of the grunt work in converting design templates into code. Some would go further to think that it will eliminate web development jobs. That is certainly not the case, as modern websites are not static “pages” but more like applications. Someone will still need to design the behaviour and logic.

In this post, we’ll teach a neural network how to code a basic a HTML and CSS website based on a picture of a design mockup. Here’s a quick overview of the process:

Turning Design Mockups Into Code With Deep Learning

Categories
3D programming

[github] kosua20/herebedragons

Someone implemented the same 3D scene using different API/frameworks. Interesting from a learning point of view. But as someone commented in HN, some implementations could be made to look the same given enough effort.

This repository contains multiple implementations of the same 3D scene, using different APIs and frameworks on various platforms. The goal is to provide a comparison between multiple rendering methods. This is inherently biased due to the variety of algorithms used and available CPU/GPU configurations, but can hopefully still provide interesting insights on 3D rendering.

[github] kosua20/herebedragons

Categories
programming

Starbucks should really make their APIs public. – Tendigi

See how closed API reverse engineering typically happens.

Now that I was able to sign and fingerprint my login requests, I combined everything into a small Node.js module that allows some basic Starbucks API functions. The good news is that it’s (mostly) hosted here on GitHub!

Voilà! Programmatic coffee.

Source: Starbucks should really make their APIs public. – Tendigi

Categories
programming sysadmin

AWS and Azure in Plain English

If you are not an architect-level user of AWS you will probably be lost in the ever growing list of AWS services. The non-obvious names (Cognito, Athena, anyone?) for the services doesn’t help. Now someone is attempting to provide a – sometimes tongue-in-cheek – explanation of those services. Well, it’s not exactly plain english, but good attempt anyway. An Azure version is also available.

  1. AWS in Plain English
  2. Azure in Plain English