VirtualTam's bookmarks

1. Crowdsec - Curated Threat Intelligence Powered by the Crowd 2024-05-29

   tags: bsd, linux/iptables, network/firewall, observability/logging, programming/go

   [ permalink ]

   • crowdsecurity/crowdsec
   • Documentation
     • Docker / Podman Deployment
     • Data Sources
     • Parsers
     • Configuration
     • Observability / Prometheus
     • OpenAPI Specification
   • Blog
     • Building a Network for Small Businesses Part 1: Hardware
     • Building a Network for Small Businesses Part 2: Running Configurations
     • Building a Network for Small Businesses Part 3: Attack Scenarios
   • Discussion on HN (2020)
2. elastic-integration-corpus-generator-tool - Generate an event corpus given a specific integration 2024-05-15

   tags: observability/elastic/elasticsearch, observability/logging, programming/go, programming/json

   [ permalink ]

   • quickwit-oss/benchmarks/tree/main/scripts/create-generated-log-dataset
3. GTP2 - Specification of the Go Text Protocol 2024-05-02

   tags: game/board-game, game/go, network/protocol

   [ permalink ]

   • GNU Go
4. Effective Rust - 35 Specific Ways to Improve Your Rust Code 2024-03-31

   tags: book, course, programming/rust

   [ permalink ]
5. The Sunlight Certificate Transparency Log 2024-03-16

   tags: cryptography/certificate, cryptography/certificate-authority, data-structure/tree, data-structure/tree/merkle-tree, letsencrypt, programming/go

   [ permalink ]

   • Introducing Sunlight, a CT implementation built for scalability, ease of operation, and reduced cost
   • Transparent Logs for Skeptical Clients
   • C2SP/C2SP - Community Cryptography Specification Project
   • FiloSottile/sunlight
   • transparency-dev/serverless-log
6. Standard Webhooks - Open source tools and guidelines to send webhooks easily, securely and reliably 2024-02-28

   tags: network/http, programming/json

   [ permalink ]

   • standard-webhooks/standard-webhooks
   • Specification
7. Subclassing in Python Redux 2023-06-11

   tags: programming/design-pattern, programming/go, programming/object-oriented-programming, programming/python, programming/ruby

   [ permalink ]

   The conflict between subclassing and composition is as old as object-oriented programming. The latest crop of languages like Go or Rust prove that you don’t need subclassing to successfully write code. But what’s a pragmatic approach to subclassing in Python, specifically?

   • Structure and Interpretation of Computer Programmers - Why inheritance never made any sense
   • The Composition Over Inheritance Principle
   • PyCon US 2013 - The End Of Object Inheritance & The Beginning Of A New Modularity
   • RailsConf 2015 - Nothing is Something
8. WebAuthn - An API for accessing Public Key Credentials 2023-06-11

   tags: cryptography/public-key-infrastructure, internet/browser, security/authentication

   [ permalink ]

   The Web Authentication API (also known as WebAuthn) is a specification written by the W3C and FIDO, with the participation of Google, Mozilla, Microsoft, Yubico, and others. The API allows servers to register and authenticate users using public key cryptography instead of a password.

   • Guide to Web Authentication
   • Asynchronous Remote Key Generation: An Analysis of Yubico’s Proposal for W3C WebAuthn [PDF]
   • Issue 664630: Web Authentication API for Chrome
   • Bugzilla - [meta] Update WebAuthn JS API to the L1-REC spec
   • keepassxc#1870 - Feature Request: Integration with the Web Authentication API
9. Postfix, iPhone, Apple Mail and the reject_unknown_helo_hostname parameter 2023-01-28

   tags: email/postfix, mobile/ios, network/dns

   [ permalink ]

   I'd get a better behaved mail client. — Hu on Gentoo Forums

   • http://www.postfix.org/postconf.5.html#reject_invalid_helo_hostname
   • https://serverfault.com/questions/575539/postfix-helo-command-rejected-host-not-found
   • https://serverfault.com/questions/527541/postfix-whitelist-host-for-specific-sender
   • https://serverfault.com/questions/922935/why-does-postfix-say-helo-command-rejected-host-not-found-when-dig-finds-the
   • https://discussions.apple.com/thread/3120175
   • https://forums.gentoo.org/viewtopic-p-8604630.html?sid=a666f84af3d663d43b4c72a5b82115c4
10. cross: “Zero setup” cross compilation and “cross testing” of Rust crates 2022-11-24

    tags: linux, programming/rust

    [ permalink ]

    • https://stackoverflow.com/questions/63724484/build-and-bind-against-older-libc-version
    • https://doc.rust-lang.org/rustc/platform-support.html
    • https://www.reddit.com/r/rust/comments/n6udyk/building_rust_binaries_in_ci_that_work_with_older/
    • https://users.rust-lang.org/t/how-to-compile-rust-with-a-specific-glibc-version-for-gnueabihf-architecture/6680
    • https://kobzol.github.io/rust/ci/2021/05/07/building-rust-binaries-in-ci-that-work-with-older-glibc.html
11. Finding the “Second Bug” in glibc’s Condition Variable 2022-09-20

    tags: concurrency/threading, formal-specification/tla+, programming/c, programming/ocaml

    [ permalink ]
12. Learn TLA+ - Temporal Logic of Actions 2022-07-04

    tags: book, formal-specification/tla+

    [ permalink ]

    • https://www.hillelwayne.com/post/learntla/
13. Fixing a MongoDB Replication Protocol Bug with TLA+ - William Schultz 2022-05-31

    tags: database/mongodb, distributed, distributed-system/cluster, formal-specification/tla+, protocol

    [ permalink ]

    • https://www.youtube.com/watch?v=x9zSynTfLDE
14. Generating Go client/server code from an OpenAPI specification 2021-05-18

    tags: documentation, programming/api, programming/code-generation, programming/go, programming/java

    [ permalink ]

    Generate code from specification:

    • https://github.com/swagger-api/swagger-codegen
    • https://github.com/go-swagger/go-swagger
    • https://github.com/deepmap/oapi-codegen

    Generate specification from code:

    • https://github.com/swaggo/swag
15. Storing hashes: bcrypt, pbkdf2, sha256-crypt, sha512-crypt 2021-01-03

    tags: cryptography, cryptography/hash, cryptography/hash/bcrypt, cryptography/hash/pbkdf2, cryptography/hash/sha, security/password

    [ permalink ]

    • https://security.stackexchange.com/questions/4781/do-any-security-experts-recommend-bcrypt-for-password-storage
    • https://security.stackexchange.com/questions/17421/how-to-store-salt
    • https://codahale.com/how-to-safely-store-a-password/
    • https://security.stackexchange.com/questions/133239/what-is-the-specific-reason-to-prefer-bcrypt-or-pbkdf2-over-sha256-crypt-in-pass
    • https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords/31846
16. Is there a way to force Discord to open on a specific monitor? /r/discordapp 2020-12-29

    tags: discord, instant-messaging, microsoft/windows

    [ permalink ]
17. Who-T: User-specific XKB configuration - part 1 2020-08-15

    tags: keyboard, linux, user-interface, x11

    [ permalink ]

    • https://who-t.blogspot.com/2020/07/user-specific-xkb-configuration-part-2.html
    • https://gitlab.freedesktop.org/xkeyboard-config/xkeyboard-config
    • https://lists.freedesktop.org/archives/wayland-devel/2020-January/041133.html
    • https://github.com/xkbcommon/libxkbcommon/pull/108
18. pidcat: Colored logcat script which only shows log entries for a specific application package. 2019-05-10

    tags: command-line, development, logcat, mobile, mobile/android, observability/logging

    [ permalink ]
19. OpenAPI Initiative 2018-11-21

    tags: client, documentation, network/http, programming/api, server, web

    [ permalink ]

    • https://github.com/OAI/OpenAPI-Specification
    • https://github.com/pyopenapi
20. CommonMark - a strongly defined, highly compatible specification of Markdown 2018-10-21

    tags: documentation, programming/markdown

    [ permalink ]