The New Internet
WireGuard is a registered trademark of Jason A. Donenfeld. Avery Pennarun is the CEO and co-founder of Tailscale. A version of this post was originally presented at a company all-hands. We don’t talk a lot in public about the big vision for Tailscale, why we’re really here. Usually I prefer to focus on what exists right now, and what we’re going to do in the next few months. The future can be dist
はじめに 近年、顧客情報漏洩やランサムウェア被害などのセキュリティ関連ニュースが頻繁に報道されています。 情報システムを侵害する行為は「クラッキング」、加害者は「クラッカー」と呼ばれます。 さて、AWS、Azure、Google Cloudは、3大クラウドサービスとして広く利用されていますが、これらのサービスはリージョンごとに利用可能なIPアドレスを公開していることをご存知でしょうか? AWS:https://ip-ranges.amazonaws.com/ip-ranges.json Azure:https://www.microsoft.com/en-us/download/details.aspx?id=56519 Google Cloud:https://www.gstatic.com/ipranges/cloud.json 上記のように、リージョンごとのIPアドレスが公開され
前編の振りかえり 前編ではOSSのハニーポットであるT-PotをAWS、Azure、Google Cloudの3大クラウドサービスの日米両リージョンにデプロイしました。後編となる本記事ではT-Potを24時間程動かした結果をご紹介していきます。 T-Potの実行結果について 各クラウドサービスの日米両リージョンで収集したデータをT-Potのダッシュボードに表示した様子のスクリーンショットを以下に掲載します。なお表示期間はデータ収集を行った2024年6月12日17時から翌日の2024年6月13日17時までの24時間に揃えています。 24時間という比較的短時間かつ各リージョンで1インスタンスのみでしかデータ収集していないため統計学的な考察というよりは一参考情報としてお読み頂けますと幸いです。 図1 AWS東京リージョン(ap-northeast-1) 図2 AWS米国東部リージョン(us-ea
My team at Alderon Games, working on the multiplayer dinosaur survival game Path of Titans, has been encountering significant problems with Intel CPU stability. These issues, including crashes, instability, and memory corruption, are confined to the 13th and 14th generation processors. Despite all released microcode, BIOS, and firmware updates, the problem remains unresolved. We have identified fa
Today we wanted to share some important updates with the Mbed community: The Mbed platform and OS will reach end of life in July 2026, when the Mbed website will be archived and it will no longer be possible to build projects in our online tools The device software - Mbed OS - is open source and will remain publicly available, but is no longer actively maintained by Arm The Mbed TLS project is una
A Git story: Not so fun this time | Brachiosoft Blog
Linus Torvalds once wrote in a book that he created Linux just for fun, but it ended up sparking a revolution. Git, his second major creation, also an accidental revolution. It’s now a standard tool for software engineers, but its origin story wasn’t so much fun this time, at least for Linus. Linus doesn’t scale 1998 was a big year for Linux. Major companies like Sun, IBM, and Oracle started getti
DuckDB Community Extensions
DuckDB Extensions Design Philosophy One of the main design goals of DuckDB is simplicity, which – to us – implies that the system should be rather nimble, very light on dependencies, and generally small enough to run on constrained platforms like WebAssembly. This goal is in direct conflict with very reasonable user requests to support advanced features like spatial data analysis, vector indexes,
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack - Socket
Security News Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China. More than 110K websites using the Polyfill.io service have been impacted by a supply chain attack after a Chinese company bought the service earlier this year. The C
Since May 26, 2024, Phylum has been monitoring a persistent supply chain attacker involving a trojanized version of jQuery. We initially discovered the malicious variant on npm, where we saw the compromised version published in dozens of packages over a month. After investigating, we found instances of the trojanized jQuery on other platforms, such as GitHub, and even as a CDN-hosted resource on j
Using S3 as a container registry a.k.a. Waiter, there's a whale in my bucket! 03 Jul, 2024 For the last four months I’ve been developing a custom container image builder, collaborating with Outerbounds1. The technical details of the builder itself might be the topic of a future article, but there’s something surprising I wanted to share already: you can use S3 as a container registry! You heard it
Healthchecks.io launched in July 2015, which means this year we turn 9. Time flies! Previous status updates: In 2018, My One-person SaaS Side Project Celebrates its Third Birthday In 2021, Healthchecks Turns 6, Status Update Money Healthchecks.io currently has 652 paying customers, and the monthly recurring revenue is 14043 USD. MRR graph: Side note: to minimize the number of data sub-processors,
生成 AI や Gemini の基本について学べる Generative AI Study Jam 開催のお知らせ
.app 1 .dev 1 #11WeeksOfAndroid 13 #11WeeksOfAndroid Android TV 1 #Android11 3 #DevFest16 1 #DevFest17 1 #DevFest18 1 #DevFest19 1 #DevFest20 1 #DevFest21 1 #DevFest22 1 #DevFest23 1 #hack4jp 3 11 weeks of Android 2 A MESSAGE FROM OUR CEO 1 A/B Testing 1 A4A 4 Accelerator 6 Accessibility 1 accuracy 1 Actions on Google 16 Activation Atlas 1 address validation API 1 Addy Osmani 1 ADK 2 AdMob 32 Ads
Highlights from Git 2.46
The open source Git project just released Git 2.46 with features and bug fixes from over 96 contributors, 31 of them new. We last caught up with you on the latest in Git back when 2.45 was released. Before we get into the details of this latest release, we wanted to remind you that Git Merge, the conference for Git users and developers is back this year on September 19-20, in Berlin. GitHub and Gi
Rails Scales!
About This Title Pages: 250 Published: September 2025 ISBN: 9798888651025 In Beta Rails Scales! Practical Techniques for Performance and Growth by Cristian Planas Rails doesn’t scale. So say the naysayers. They’re wrong. Ruby on Rails runs some of the biggest sites in the world, impacting the lives of millions of users while efficiently crunching petabytes of data. This book reveals how they do it
Announcing wcurl: a curl wrapper to download files | Samuel Henrique (samueloph)
tl;dr Whenever you need to download files through the terminal and don't feel like using wget: wcurl example.com/filename.txt Manpage: https://manpages.debian.org/unstable/curl/wcurl.1.en.html Availability (comes installed with the curl package): Debian unstable - Since 2024-07-02 Debian testing - Coming up between the second and third week of July 2024. Debian 12/bookworm backports - As soon as t
Supply chain threats are growing. Most concerningly, it seems more and more like we’re dealing with nation level threats taking over small unmaintained open source projects. Once again, I’ve got to start by talking about Tidelift being the only company focusing on the real problem here - helping companies treat maintainers like the contractors/vendors they are. If maintainers had any financial ben
RADIUS/UDP vulnerable to improved MD5 collision attack
RADIUS/UDP vulnerable to improved MD5 collision attack07/09/2024 The MD5 cryptographic hash function was first broken in 2004, when researchers demonstrated the first MD5 collision, namely two different messages X1 and X2 where MD5(X1) = MD5 (X2). Over the years, attacks on MD5 have only continued to improve, getting faster and more effective against real protocols. But despite continuous advancem
SPAのダウンタイムなしリリース
経緯 なぜダウンタイム無し目指すのか 一つ大事な要因として、toBのアプリケーションなので、停止リリースするにはお客様の利用時間を避ける必要があり、それは通常深夜または早朝になりがちです。さらにお客様が増えると、この深夜早朝に仮に利用するお客様がいると、リリースするタイミングすら見つからなくなる恐れがあります。 アプリケーションのリリースからまださほど経っていないので、早いうちでダウンタイム無しでリリースを達成しないと、今後の開発サイクルに大きな支障が出るかねません。バックエンドのアプリケーションのリリースは、以前紹介した CloudRun Service + Jobsのコンビネーション で達成できていますが、今回はフロントエンドのアプリケーションをダウンタイムなしにリリースするのが目的です。 現象 SPAでユーザー影響ないリリース、いわばゼロダウンタイムのリリース(厳密には100%一致す
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
3大クラウド×日米両リージョンでハニーポットを動かしてみる【前編】 | gihyo.jp
3大クラウド×日米両リージョンでハニーポットを動かしてみる【後編】 | gihyo.jp
Intel is selling defective CPUs - Alderon Games
Important update on Mbed - End of Life
Persistent npm Campaign Shipping Trojanized jQuery
Using S3 as a container registry
Running One-man SaaS, 9 Years In
Understanding the Polyfill Attack (Polykill)