lukeheath

Resolving a critical Firefox vulnerability using Fleet's new automation features

When Mozilla announced a critical vulnerability in Firefox (CVE-2024-115), organizations were faced with the urgent need to update to version 132.0 to protect against arbitrary code execution. At Fleet, we were able to respond to this threat quickly and effectively using some of our latest features. Here’s how we leveraged Fleet’s new policy-based software installation and GitOps integration to resolve the issue across our macOS fleet seamlessly and without disruption.

Understanding the threat

The vulnerability, as detailed in a CISecurity advisory, could allow attackers to execute arbitrary code on devices run

sharadhr

$HOME, Not So Sweet $HOME

• Preface
• 1 What is $HOME to you?
• 2 Setup
  • 2.1 Linux
    • 2.1.1 $HOME
    • 2.1.2 Dot-files and dot-directories
    • 2.1.3 XDG Base Directories
• 2.1.4 xdg-user-dirs

FeepingCreature

You are doing JSON APIs wrong.

When you use JSON to call an API - not a REST API, but something like JSON-RPC - you will usually want to encode one of several possible messages.

Your request body looks like this:

{
 "type": "MessageWithA",

AHaydar

provider "aws" {
  profile = "default"
  region  = "ap-southeast-2"
}

module "company_table" {
  source = "terraform-aws-modules/dynamodb-table/aws"

  name = "company"

Widdershin

In the olden days, HTML was prepared by the server, and JavaScript was little more than a garnish, considered by some to have a soapy taste.

After a fashion, it was decided that sometimes our HTML is best rendered by JavaScript, running in a user's browser. While some would decry this new-found intimacy, the age of interactivity had begun.

But all was not right in the world. Somewhere along the way, we had slipped. Our pages went uncrawled by Bing, time to first meaningful paint grew faster than npm, and it became clear: something must be done.

And so it was decided that the applications first forged for the browser would also run on the server. We would render our HTML using the same logic on the server and the browser, and reap the advantages of both worlds. In a confusing series of events a name for this approach was agreed upon: Server-side rendering. What could go wrong?

In dark rooms, in hushed tones, we speak of colours.

sergeyzenchenko

Help Ukraine by attacking Russian web sites. Good load testing training.

Tools:

• https://k6.io
• https://locust.io
• https://github.com/tsenart/vegeta
• https://github.com/wg/wrk

ashish-mj

import logging
import yaml
import os
from kafka import KafkaProducer
from datetime import datetime

class fileTransfer:
    
    def __init__(self):
        

russomi

from argparse import ArgumentParser

cli = ArgumentParser()
subparsers = cli.add_subparsers(dest="subcommand")


def argument(*name_or_flags, **kwargs):
    """Convenience function to properly format arguments to pass to the
    subcommand decorator.

shawwn

This was a response to a Hacker News comment asking me what I've been up to since 2010. I'm posting it here since HN rejects it with "that comment is too long." I suppose that's fair, since this ended up being something of an autobiography.

--

What happened after 2010?

russomi

Event Driven Microservices

• Java 8
• Spring Boot 2
• JUnit
• Cucumber
• Kafka
• Camunda
• ElasticSearch
• Cassandra