If you must program in C, here are a few references I’ve collected from the twitterverse. It should keep you busy for the next few… years. And even then this only covers the basics. You’ll need to do more research on concurrency, signals, testing and some other topics in security.
Everyone is familiar with SQLi and XSS. To make things more interesting, here are five more unusual injection attacks that have appeared recently.
How do Open Source product companies make money? As a consumer, user and producer of OSS, I looked at a number of venture capital-backed, open source software product (OSSP) companies to help understand what their motivations are and where they might be going.
One simple trick that can prevent you from distributing malware or aiding a DDoS attack from your CDN.
The size of a fresh Linux install on EC2 is a rough proxy for it’s complexity, how big the attack surface is and how frequently it will need updates. Less is definitely more. In 2015, I compared the number of packages on default install on AWS EC2. Let’s see how things changed or not. This time, in addition to the number of packages installed, I also checked on-disk image size. Corrections and additions welcome.
In an ideal world, your application wouldn’t need a configuration file. Perhaps everything can be passed in using flags or environment variables. Perhaps it can pull down configuration over the network. But assuming you do need a configuration file, that can be read and written by humans, what format should it be in?
TLDR: Use TOML, and still looking for an even simpler format.
Most configuration files are processed using ‘object unmarshaling’ (or deserialization) into internal data structures. While this is easy and fast, it’s not very flexible for configuration. In most cases a “single value” and an element with a single value are treated differently.
How do various Linux distributions implement a operating system for use in virtualized or cloud environments? One proxy for size and complexity is the number of packages installed. While not a perfect comparison, in general, less is more. In Amazon’s US-WEST-1 region, I fired up the a number of Linux distributions and counted the number of packages installed.