Tooling github.com

youtube-dlc is the new youtube-dl

Open source software shows its resiliency once again:

youtube-dlc is a fork of youtube-dl with the intention of getting features tested by the community merged in the tool faster, since youtube-dl’s development seems to be slowing down.

If you’re unaware of youtube-dl, it’s like a Swiss Army Knife for downloading videos from the web. It’s a great tool and I’m happy to see the community rally around its maintenance.

Utku Sen utkusen.com

Security by obscurity is underrated

Utku Sen:

In the information security field, we have developed lots of thoughts that can’t be discussed (or rarely discussed):

  • Never roll your own crypto
  • Always use TLS
  • Security by obscurity is bad

I certainly learned these in my Infosec classes in college. Back then I didn’t really question it much, because what did I know? But I definitely remember thinking, “Okay security by obscurity is bad, but maybe why not do it anyway? Defense in depth, right?” Back to Utku:

Most of them are very generally correct. However, I started to think that people are telling those because everyone is telling them. And, most of the people are actually not thinking about exceptional cases. In this post, I will raise my objection against the idea of “Security by obscurity is bad”.

Security github.com

Endlessh – an SSH tarpit that slowly sends an endless banner

The idea here is you put your real SSH server on a different port and let Endlessh lock up the script kiddies for hours and even days.

Since the tarpit is in the banner before any cryptographic exchange occurs, this program doesn’t depend on any cryptographic libraries. It’s a simple, single-threaded, standalone C program. It uses poll() to trap multiple clients at a time.

I’m not sure if this is actually a good idea or just fun to put into practice like those people who dedicate their precious free time scambaiting.

Kottke Icon Kottke

Reprogramming a game by playing it (an unbelievable Super Mario 3 speedrun)

Here’s a fun rabbit hole to go down if you have some free time to spend.

After a fellow named Zikubi beat the speedrun record for Super Mario Bros 3 by about 8 minutes with a time of just over three minutes, speedrun analyst Bismuth made the video above to explain how he did it…by changing the game with the gameplay itself.

The first couple minutes go exactly as you’d expect, but the speedrun takes a weird turn when, instead of using the second warp whistle to go to level 8, he uses it to go to level 7. And once in level 7, Mario races around randomly, letting opportunity slip away like a blindfolded birthday boy unwittingly steering himself away from the piñata. It’s only later, during the explanation of how he got from level 7 to the final screen so quickly, that you realize Mario’s panicky idiot behavior is actually the player actively reprogramming the game to open up a wormhole to the ending.

Geoff Stevens software.com

Discover your most productive music for coding

Music Time brings the power of the Spotify player to your code editor. Control your music, view and create playlists, favorite and repeat songs, and discover new music without context switching to the Spotify web or desktop app.

Music Time is free and works with VS Code, Atom, and JetBrains IDEs. Some of its features require Spotify premium, but the personalized song recommendations work with the free version of Spotify as well. It even has a cool vizualizer so you can see your most productive songs.

Discover your most productive music for coding

DigitalOcean Icon DigitalOcean – Sponsored

How to build a minimal, production-ready infrastructure on DigitalOcean

logged by @logbot permalink

Cloud infrastructure can be complex, making figuring out which products and services – often from a list of unfamiliar terms – a daunting task. Join Developer Advocate Mason Egger as he walks you through how to build a minimal, production-ready architecture that pieces together many of DigitalOcean’s products.

Mason uses Terraform to build a production-ready infrastructure for your project or business in real time. Follow along or spin up your own. The code is hosted on GitHub.

Watch this talk to learn How to integrate DigitalOcean Droplet, DBaaS, LBaaS, VPC, Firewall, and DNS into a production-ready infrastructure. The importance of VPCs and how they benefit your infrastructure. How to use Terraform to stand up your infrastructure with a few commands.

GitHub github.blog

The GitHub CLI goes 1.0

If you haven’t given the new gh a look since they announced the beta earlier this year, a lot has changed:

Since we released the beta, users have created over 250,000 pull requests, performed over 350,000 merges, and created over 20,000 issues with GitHub CLI.

It’s available for all major operating systems and if your development workflow goes through GitHub you will undoubtedly save some time and typing by adopting it.

Elixir dockyard.com

Creating a Sonos volume knob with Elixir and LiveView

Steven Fuchs loves his Sonos, but…

While it is the radio of the future, our most common usage is as the radio of the past. We tend to tune it to one station and leave it there. By far, our most common interactions with the system are changing the volume and pausing/playing the music, often creating scrambles to find a phone to turn down the volume in order to answer a different phone. What we needed was an analog interface to this digital system that was always at arms reach.

Hackers gonna hack. Steven reached for Elixir and scratched his own itch with this very cool little hardware project. Here’s a demo video of it in action.

Mat Ryer pace.dev

Passive user preferences with persisted stores in Svelte

Mat Ryer makes the case for passive user preferences, which is where you store their last used setting for them without asking and then set it as the default the next time they interact with that part of your app. He then goes on to describe how they accomplish this with Svelte. Good stuff!

If you want to hear more about how they’re using Svelte and Go to build Pace, we did a pair of podcasts on the topic earlier this year.

Ars Technica Icon Ars Technica

What can we expect from 5G?

An in-progress series by the Ars Technica team looking at all the implications, limitations, and current realities of the much-hyped next generation in cellular networking. There are 3 articles thus far:

  1. 5G in rural areas bridges a gap that 4G doesn’t, especially low- and mid-band
  2. Taking 5G to work, in offices, and on the factory floor—will it help?
  3. What the advent of 5G—mmWave and otherwise—will mean for online gaming

Ned Batchelder nedbatchelder.com

How to be helpful online

Ned Batchelder:

Helping people online is difficult. We expect technical questions and discussions, but everyone involved are just people, so it doesn’t always go smoothly. There’s no way to guarantee a good outcome, but there are things we as helpers can do to improve the interactions.

Ned shares a dozen ways we can work to be more helpful online. Excellent stuff. 👌

David Bryant discourse.mozilla.org

Mozilla WebThings ~> WebThings

David Bryant shared the details and transition plans for WebThings as it’s being spun out of Mozilla as an independent open source project. Mozilla is “transitioning control and responsibility to the community,” and the project’s new home will be webthings.io.

Governance of the project will be passed to the community using a module ownership system independent of the Mozilla Corporation’s organisational structure, like the one used by the core Mozilla project 11. … The WebThings project will no longer be directly affiliated with the Mozilla Corporation so will stop using Mozilla trademarks and will instead operate under its own WebThings brand.

0:00 / 0:00