This week on The Changelog we’re talking with Gregory Kurtzer about Rocky Linux. Greg is the founder of the CentOS project, which recently shifted its strategy and has the Linux community scrambling. Rocky Linux aims to continue where the CentOS project left off — to provide a free and open source community-driven enterprise grade Linux operating system. We discuss the history of the CentOS project, how it fell under Red Hat’s control, the recent shift in Red Hat’s strategy with CentOS, and how Rocky Linux is designed to be 100% bug-for-bug compatible with Red Hat Enterprise Linux.
News and podcasts for developers
Subscribe to get the latest news and podcasts for developers in your inbox, every week.
We make it super easy to keep up with developer news that matters.
Already a member? Sign in
supercookies can be used in place of ordinary cookies to store user identifiers, but they are much more difficult to delete and block. This makes it nearly impossible for users to protect their privacy as they browse the web. Over the years, trackers have been found storing user identifiers as supercookies in increasingly obscure parts of the browser, including in Flash storage, ETags, and HSTS flags.
To hell with these trackers and the tech they rode in on.
In Firefox 85, we’re introducing a fundamental change in the browser’s network architecture to make all of our users safer: we now partition network connections and caches by the website being visited. Trackers can abuse caches to create supercookies and can use connection identifiers to track users. But by isolating caches and network connections to the website they were created on, we make them useless for cross-site tracking.
You gotta love it 🍻
Daniel and Chris sniff out the secret ingredients for collecting, displaying, and analyzing odor data with Terri Jordan and Yanis Caritu of Aryballe. It certainly smells like a good time, so join them for this scent-illating episode!
I dig this effort to decouple web documentation from a “single vendor or organization.” 👏
Open Web Docs was created to ensure the long-term health of web platform documentation on de facto standard resources like MDN Web Docs, independently of any single vendor or organization. Through full-time staff, community management, and our network of partner organizations, we enable these resources to better maintain and sustain documentation of core web platform technologies. Rather than create new documentation sites, Open Web Docs is committed to improving existing platforms through our contributions.
Wanna get involved? Check out the high-level goals they have laid out.
What’s worse than an unsafe private key? An unsafe public key.
The “secure” in secure shell comes from the combination of hashing, symmetric encryption, and asymmetric encryption. Together, SSH uses cryptographic primitives to safely connect clients and servers. In the 25 years since its founding, computing power and speeds in accordance with Moore’s Law have necessitated increasingly complicated low-level algorithms.
As of 2020, the most widely adopted asymmetric crypto algorithms in the PKI world are RSA, DSA, ECDSA, and EdDSA. So which one is best? Well, it depends.
We’ve scaled Kubernetes clusters to 7,500 nodes, producing a scalable infrastructure for large models like GPT-3, CLIP, and DALL·E, but also for rapid small-scale iterative research such as Scaling Laws for Neural Language Models. Scaling a single Kubernetes cluster to this size is rarely done and requires some special care, but the upside is a simple infrastructure that allows our machine learning research teams to move faster and scale up without changing their code.
Remember Patrick DeVivo’s super cool AskGit project where you can query your git repo’s history with SQL? Well, now you can kick the tires without installing a thing by using AskGit’s new web interface!
Here’s an example query where we learn that I do most of my coding (or committing, at least) on Mondays and Tuesdays while Adam and Gerhard lean towards Friday.
Joe Sweeney built Podrain to scratch his own podcast-listening itch. Here’s what he had to say about it in our community chat:
Hi there! Huge fan of Changelog. I actually built a podcast client for the web as a Vue PWA, as a proof-of-concept towards building a web-first future away from app stores. Works fully offline with downloaded audio, as in, works in Airplane mode (but on Android only). Interface is rough but it’s pretty stable and improving over time!
Try Podrain yourself by pointing your favorite web browser right here.
This piece by Mark Saroufim on the state of ML starts pretty salty:
Graduate Student Descent is one of the most reliable ways of getting state of the art performance in Machine Learning today and it’s also a fully parallelizable over as many graduate students or employees your lab has. Armed with Graduate Student Descent you are more likely to get published or promoted than if you took on uncertain projects.
BERT engineer is now a full time job. Qualifications include:
- Some bash scripting
- Deep knowledge of pip (starting a new environment is the suckier version of practicing scales)
- Waiting for new HuggingFace models to be released
- Watching Yannic Kilcher’s new Transformer paper the day it comes out
- Repeating what Yannic said at your team reading group
It’s kind of like Dev-ops but you get paid more.
But if you survive through (or maybe even enjoy) the lamentations and ranting, you’ll find some hope and optimism around specific projects that the author believes are pushing the industry through its Great Stagnation.
I learned a few things. Maybe you will too.
This is Josh Comeau’s personal suite of “best practices.”
If you work with styled-components, or a similar tool like Emotion, my hope is that this article will help you get the most out of it. I’ve distilled years of experimentation and practice into a few practical tips and techniques. If you apply these ideas, I genuinely believe you’ll be a happier CSS developer ✨
Regardless of your cloud computing migration approach, your cloud provider should have your back every step of the way, from analysis and planning to testing and production deployment. Each cloud computing migration option addresses a different set of needs. Take a closer look at three migration options so that you can make the best choice for your move to the alternative cloud. This ebook breaks everything down for you and is available as an instant download with no email registration required.
Superset can query data from any SQL-speaking datastore or data engine (e.g. Presto or Athena) that has a Python DB-API driver and a SQLAlchemy dialect.
This has been around long enough to be picked up by the Apache Foundation, but somehow it’s avoided my radar until today. The visualizations you can achieve with it are impressive, to say the least.
Shekhar Gulati does a quick retro after his first year as CTO. Their lessons include:
- Schedule time for yourself
- Getting things done without doing them
- You will not have all the answers
- Pick your battle wisely
And a few more.
Kamran Ahmed, creator of Developer Roadmaps, joins Jerod to talk through his 2021 roadmaps to becoming a web developer.
We cover why Kamran created these resources, who they’re for, how to interpret them, and then take a stroll down the paths to becoming a frontend and backend developer.
Which path are you on in 2021?
Ever since AWS took Elasticsearch and decided to sell a managed version of it there has been controversy around AWS and Elasticsearch. Now that the software created by Elastic is being switched to the Server-Side Public License
(SSPL), which is not a very permissive license, AWS is going ahead and forking the projects.
The debate rages around this. Few people feel sympathy with the behemoth that is AWS, but they don’t seem to be in violation of any licenses. Elastic have definitely worked hard on Elasticsearch and arguably deserves an opportunity to profit from their work. This new license raises significant concern though.
I don’t think we’ll see this settle anytime soon, just like the issue of open source sustainability is neither easy nor straightforward.
On this episode we learn how to Configure, Unify, and Execute things. What’s CUE all about? Well, it’s an open source language with a rich set of APIs and tooling for defining, generating, and validating all kinds of data: configuration, APIs, database schemas, code, … you name it.
Now that we’ve copy/pasted the project’s description… let’s dig in and learn how we can use CUE to make our Go programs better!
I’m not gonna lie, it does sound like a fantastic startup idea. But there are so many things that can go wrong when trying to start something new and Tom Cleveland does a super job of telling that story in this brutally honest post:
Things are going great. My friends and family all tell me they love the site. Even some strangers on the internet love it. “I know right,” I tell them. “So how much would you pay for this?”
“Hahahahahahah,” they say in unison. “Good one!”
Stick around to the end for lessons learned. Where did he go wrong?
Works with 20+ meeting services, including all the usual suspects.
One of the main problems a database storage engine has to solve is how to deal with data in disk that is bigger than the available memory. A way databases solve this issue is through memory-mapped files and a system call called mmap. Discover what mmap is and how you can make use of it in Go.
Deskreen is an
electron.jsbased application that uses
WebRTCto make a live stream of your desktop to a web browser on any device. It is built on top of Electron React Boilerplate For better security mechanism, end-to-end encryption is implemented, which is inspired bydarkwire.io , the difference is, that it is rewritten in
Typescriptand transformed to use
Brave CTO Brian Bondy:
IPFS is an exciting technology that can help content creators distribute content without high bandwidth costs, while taking advantage of data deduplication and data replication. There are performance advantages for loading content over IPFS by leveraging its geographically distributed swarm network. IPFS is important for blockchain and for self described data integrity. Previously viewed content can even be accessed offline with IPFS! The IPFS network gives access to content even if it has been censored by corporations and nation-states, such as for example, parts of Wikipedia.
This is a small-but-important step towards decentralizing the web, which is becoming more and more important to more and more people every day.
SMTP should be blocked on public networks.
Email technology offers no effective means to stop phishing, so it’s been a runaway success for the attackers, and a disaster for millions of victims.
Sunsetting SMTP is clearly necessary and feasible. So, I’ve drafted a protocol called TMTP and I’d like to tell you about it.