-
11 votes
-
Overthewire: Learn Hacking By Playing Games
9 votes -
Elasticsearch and Kibana are now business risks
7 votes -
I made a thing: Ode, an open source, self-hosted collaborative document editor
13 votes -
What programming/technical projects have you been working on?
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's...
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?
8 votes -
Does reformatting an ext4 partition fix bad sectors, and what are they anyway?
My Linux desktop is having a bit of difficulty with bad sectors. Lately I've had to boot into recovery and run an fsck a few times to try to fix a problem where the OS drops into read-only mode at...
My Linux desktop is having a bit of difficulty with bad sectors. Lately I've had to boot into recovery and run an fsck a few times to try to fix a problem where the OS drops into read-only mode at the drop of a hat. Today I tried copying some files from one directory to another and got the following error message:
cp: error reading "foo/bar": Input/output error
I've just booted into a live USB and run
fsck /dev/sda1 -c
and it fixed a load of bad sectors, but the above error message is still happening.A bit of googling tells me that this is down to bad sectors on the SSD, and I'm not really sure what that means. Is anybody able to enlighten me? And as a follow-up question, would reformatting the hard drive resolve the problem, or are there any other things I can try to fix it?
9 votes -
Working off-grid efficiently
8 votes -
Mount physical linux drives in wsl
4 votes -
Steam's login method is kinda interesting
27 votes -
NixOS Configuration for a VPS
Since I took so long to reply to Tips to use NixOS on a server? by @simao, I decided to create a new topic to share my configs. Hopefully this is informative for anyone looking to do similar...
Since I took so long to reply to Tips to use NixOS on a server? by @simao, I decided to create a new topic to share my configs. Hopefully this is informative for anyone looking to do similar things - I'll also gladly take critiques, since my setup is probably not perfect.
First, I will share the output of 'lsblk' on my VPS:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT vda 253:0 0 180G 0 disk ├─vda1 253:1 0 512M 0 part /boot └─vda2 253:2 0 179.5G 0 part └─crypt 254:0 0 179.5G 0 crypt
That is, I use an unencrypted
/boot
partition,vda1
, with GRUB 2 to prompt for a passphrase during boot, to unlock the LUKS encryptedvda2
. I prefer to use ZFS as my file system for the encrypted drive, and LUKS rather than ZFS encryption. This is an MBR drive, since that's what my VPS provider uses, though UEFI would look the same. The particular way I do this also requires access through the provider's tools, and not ssh or similar. Thehardware-configuration.nix
file reflects this:Click to view the hardware configuration file
# Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. { config, lib, pkgs, modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot.initrd.availableKernelModules = [ "aes_x86_64" "ata_piix" "cryptd" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; fileSystems."/" = { device = "rpool/root/nixos"; fsType = "zfs"; }; fileSystems."/home" = { device = "rpool/home"; fsType = "zfs"; }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/294de4f1-72e2-4377-b565-b3d4eaaa37b6"; fsType = "ext4"; }; swapDevices = [ ]; }
Click to view the configuration file
# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, lib, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Hardware stuff # add the following to hardware-configuration.nix - speeds up encryption #boot.initrd.availableKernelModules ++ [ "aes_x86_64" "cryptd" ]; boot.initrd.luks.devices.crypt = { # Change this if moving to another machine! device = "/dev/disk/by-uuid/86090289-1c1f-4935-abce-a1aeee1b6125"; }; boot.kernelParams = [ "zfs.zfs_arc_max=536870912" ]; # sets zfs arc cache max target in bytes boot.supportedFilesystems = [ "zfs" ]; nix.maxJobs = lib.mkDefault 6; # number of cpu cores # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; # boot.loader.grub.efiSupport = true; # boot.loader.grub.efiInstallAsRemovable = true; # boot.loader.efi.efiSysMountPoint = "/boot/efi"; # Define on which hard drive you want to install Grub. boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only boot.loader.grub.enableCryptodisk = true; boot.loader.grub.zfsSupport = true; networking.hostName = "m"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config # replicates the default behaviour. networking.useDHCP = false; networking.interfaces.ens3.useDHCP = true; networking.hostId = "aoeu"; # set this to the first eight characters of /etc/machine-id for zfs networking.nat = { enable = true; externalInterface = "ens3"; # this may not be the interface name internalInterfaces = [ "wg0" ]; }; networking.firewall = { enable = true; allowedTCPPorts = [ 53 25565 ]; # open 53 for DNS and 25565 for Minecraft allowedUDPPorts = [ 53 51820 ]; # open 53 for DNS and 51820 for Wireguard - change the Wireguard port }; networking.wg-quick.interfaces = { wg0 = { address = [ "10.0.0.1/24" "fdc9:281f:04d7:9ee9::1/64" ]; listenPort = 51820; privateKeyFile = "/root/wireguard-keys/privatekey"; # fill this file with the server's private key and make it so only root has read/write access postUp = '' ${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.0.0.1/24 -o ens3 -j MASQUERADE ${pkgs.iptables}/bin/ip6tables -A FORWARD -i wg0 -j ACCEPT ${pkgs.iptables}/bin/ip6tables -t nat -A POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o ens3 -j MASQUERADE ''; preDown = '' ${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -j ACCEPT ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.0.0.1/24 -o ens3 -j MASQUERADE ${pkgs.iptables}/bin/ip6tables -D FORWARD -i wg0 -j ACCEPT ${pkgs.iptables}/bin/ip6tables -t nat -D POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o ens3 -j MASQUERADE ''; peers = [ { # peer0 publicKey = "{client public key}"; # replace this with the client's public key presharedKeyFile = "/root/wireguard-keys/preshared_from_peer0_key"; # fill this file with the preshared key and make it so only root has read/write access allowedIPs = [ "10.0.0.2/32" "fdc9:281f:04d7:9ee9::2/128" ]; } ]; }; }; # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; nixpkgs.config = { allowUnfree = true; # don't set this if you want to ensure only free software }; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; keyMap = "us"; }; # Set your time zone. time.timeZone = "America/New_York"; # set this to the same timezone your server is located in # List packages installed in system profile. To search, run: # $ nix search wget environment = { systemPackages = with pkgs; let nvimcust = neovim.override { # lazy minimal neovim config viAlias = true; vimAlias = true; withPython = true; configure = { packages.myPlugins = with pkgs.vimPlugins; { start = [ deoplete-nvim ]; opt = []; }; customRC = '' if filereadable($HOME . "/.config/nvim/init.vim") source ~/.config/nvim/init.vim endif set number set expandtab filetype plugin on syntax on let g:deoplete#enable_at_startup = 1 ''; }; }; in [ jdk8 nvimcust p7zip wget wireguard ]; }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # pinentryFlavor = "gnome3"; # }; # List services that you want to enable: # Enable the OpenSSH daemon. services = { dnsmasq = { enable = true; # this allows DNS requests from wg0 to be forwarded to the DNS server on this machine extraConfig = '' interface=wg0 ''; }; fail2ban = { enable = true; }; openssh = { enable = true; permitRootLogin = "no"; }; zfs = { autoScrub = { enable = true; interval = "monthly"; }; }; }; # Set sudo to request root password for all users # this should be changed for a multi-user server security.sudo.extraConfig = '' Defaults rootpw ''; # Define a user account. Don't forget to set a password with ‘passwd’. users.users = { vpsadmin = { # admin account that has a password isNormalUser = true; home = "/home/vpsadmin"; extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. shell = pkgs.zsh; }; mcserver = { # passwordless user to run a service - in this instance minecraft isNormalUser = true; home = "/home/mcserver"; extraGroups = []; shell = pkgs.zsh; }; }; systemd = { services = { mcserverrun = { # this service runs a systemd sandboxed modded minecraft server as user mcserver enable = true; description = "Start and keep minecraft server running"; wants = [ "network.target" ]; after = [ "network.target" ]; serviceConfig = { User = "mcserver"; NoNewPrivileges = true; PrivateTmp = true; ProtectSystem = "strict"; PrivateDevices = true; ReadWritePaths = "/home/mcserver/Eternal_current"; WorkingDirectory = "/home/mcserver/Eternal_current"; ExecStart = "${pkgs.jdk8}/bin/java -Xms11520M -Xmx11520M -server -XX:+AggressiveOpts -XX:ParallelGCThreads=3 -XX:+UseConcMarkSweepGC -XX:+UnlockExperimentalVMOptions -XX:+UseParNewGC -XX:+ExplicitGCInvokesConcurrent -XX:MaxGCPauseMillis=10 -XX:GCPauseIntervalMillis=50 -XX:+UseFastAccessorMethods -XX:+OptimizeStringConcat -XX:NewSize=84m -XX:+UseAdaptiveGCBoundary -XX:NewRatio=3 -jar forge-1.12.2-14.23.5.2847-universal.jar nogui"; Restart = "always"; RestartSec = 12; }; wantedBy = [ "multi-user.target" ]; }; mcserverscheduledrestart = { # this service restarts the minecraft server on a schedule enable = true; description = "restart mcserverrun service"; serviceConfig = { Type = "oneshot"; ExecStart = "${pkgs.systemd}/bin/systemctl try-restart mcserverrun.service"; }; }; }; timers = { mcserverscheduledrestart = { # this timer triggers the service of the same name enable = true; description = "restart mcserverrun service daily"; timerConfig = { OnCalendar = "*-*-* 6:00:00"; }; wantedBy = [ "timers.target" ]; }; }; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "20.09"; # Did you read the comment? }
Edit: Also, the provider I use is ExtraVM, who has been excellent.
6 votes -
Full-stack developers starting a software agency?
Hey guys, I have been flip-flopping back and forth on this idea for a while, and would love some feedback on whether peeps would find this valuable. Although I still call my self a "software...
Hey guys,
I have been flip-flopping back and forth on this idea for a while, and would love some feedback on whether peeps would find this valuable.
Although I still call my self a "software developer" (and try to code daily), for the last 8 years I have ran a small 5-person agency that I started from the ground up, so my role was really CEO/CTO/CFO/Everything-O. My company focused on delivering high-quality custom software. Not brochure websites, and not Wordpress - our niche was internal business software (or as I like to call it "boring software for boring businesses") - and for a client service company we got very high margins of return.
Last year my business was acquired by a larger company which was an amazing result after the time and effort I had poured into it. I have realised I now want to help other developers who want to start their own software agency, or maybe they already have and are looking for hints or advice on certain topics.
So I have started Dev to Agency - a part blog part guidebook for how a full-stack developer can start and successfully run a software development agency, the things to pay attention too (and the things to ignore), and the key-values that I feel helped my business go from nothing, to 7 figures per year, and then to being acquired (if that is a path people would want to take).
I have just published my first couple of posts, About Dev To Agency that is a rundown of what I hope to achieve with this, then a post about My small custom software development agency - which gives an overview of what I built and where I think my articles will add value, and lastly You are the gold standard which covers how I feel an owner/maker should set the businesses standards and practises based of their personal values.
I have never written a blog before (or really done any writing before), so it would be fantastic to get some feedback from the community, and if there are any developers that this could interest then please subscribe on the website.
Cheers,
Chris.
15 votes -
What programming/technical projects have you been working on?
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's...
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?
10 votes -
Fortnightly Programming Q&A Thread
General Programming Q&A thread! Ask any questions about programming, answer the questions of other users, or post suggestions for future threads. Don't forget to format your code using the triple...
General Programming Q&A thread! Ask any questions about programming, answer the questions of other users, or post suggestions for future threads.
Don't forget to format your code using the triple backticks or tildes:
Here is my schema: ```sql CREATE TABLE article_to_warehouse ( article_id INTEGER , warehouse_id INTEGER ) ; ``` How do I add a `UNIQUE` constraint?
4 votes -
Tips to use NixOS on a server?
I see some people using NixOs on their servers. I would like to try it out to self host some services and learn about NixOs. I use hetzner and they have an NixOs iso available so I can just use...
I see some people using NixOs on their servers. I would like to try it out to self host some services and learn about NixOs.
I use hetzner and they have an NixOs iso available so I can just use that to install NixOs. But how do people manage remote instances of NixOs? They would just use ansible or something like it, to run nix on the host, or is there a better way?
Thanks
11 votes -
Sunday Security Brief
Sunday Security Brief This brief covered a unique attack vector, information on a broad campaign using DNS attacks, a case relating to technology law, and a few advisories that either stuck me as...
Sunday Security Brief
This brief covered a unique attack vector, information on a broad campaign using DNS attacks, a case relating to technology law, and a few advisories that either stuck me as important or curious.
What happened last night can happen again ~ fortune
Topics:
- IDN Homograph Attack
- A Deep Dive on DNS Hijacking Attacks
- Law enforcement has seized the domains and infrastructure of three VPN services being used for cybercrime
- Advisories
IDN Homograph Attack
This particular exploit is interesting. It takes advantage of the fact that many different characters look alike to mislead people from their desired domain to a malicious one. I wonder what practices could help avoid this issue. The obvious step is to be concious of limiting the links that you click on from websites like Tildes, Hacker News, Reddit, or where anywhere can share a link with you via text. For example, if you see a Reddit thread about PayPal where someone includes a link to the PayPal Customer Service Center... Don't click it, just Google "PayPal Customer Service". This will be far safer in ensuring that you're going to the domain that you meant to!
Another thing to note is the importance of realizing how your trust online and how that changes your behavior. I know that I have a general sense of trust for people here that removes a lot of doubt when it comes to clicking random stuff you all share here. That trust could potentially work against you.
"The internationalized domain name (IDN) homograph attack is a way a malicious party may deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike"
"The registration of homographic domain names is akin to typosquatting ~ Wikipedia, in that both forms of attacks use a similar-looking name to a more established domain to fool a user. The major difference is that in typosquatting the perpetrator attracts victims by relying on natural typographical errors commonly made when manually entering a URL, while in homograph spoofing the perpetrator deceives the victims by presenting visually indistinguishable hyperlinks."
IDN homograph attack ~ Wikipedia
A Deep Dive on DNS Hijacking Attacks
The article covered is a few months old, but still relavant as ever. The U.S. government alongside private security personnel issued information of a complex system that allowed suspected Iranian hackers to obtain a huge amount of email credentials, sensitive government and corporate information. The specifics of how this attack occured are not publicly available but Cisco's Talos research has a write up of how DNS Attacks work, the relavant snippets are below.
"Talos said the perpetrators of DNSpionage were able to steal email and other login credentials from a number of government and private sector entities in Lebanon and the United Arab Emirates by hijacking the DNS servers for these targets, so that all email and virtual private networking (VPN) traffic was redirected to an Internet address controlled by the attackers."
"Talos reported that these DNS hijacks also paved the way for the attackers to obtain SSL encryption certificates for the targeted domains (e.g. webmail.finance.gov.lb), which allowed them to decrypt the intercepted email and VPN credentials and view them in plain text."
"A Deep Dive on the Recent Widespread DNS Hijacking Attacks" ~ Krebs on Security
Law enforcement has seized the domains and infrastructure of three VPN services being used for cybercrime
The balance between allowing autonomy and protecting our collective interests comes to my mind. This seems like a worthy example of when stopping people from victimizing others overshadows the benefits of free action.
"Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims."
"... described the three as "bulletproof hosting services," a term typically used to describe web companies that don't take down criminal content, despite repeated requests."
"According to the US Department of Justice and Europol, the three companies' servers were often used to mask the real identities of ransomware gangs, web skimmer (Magecart) groups, online phishers, and hackers involved in account takeovers, allowing them to operate from behind a proxy network up to five layers deep."
Law enforcement take down three bulletproof VPN providers ~ Zdnet
Advisories
-
Debian, DSA-4824-1 chromium security update. Source
-
Arch, CVE-2020-25637 libvirt. Source
-
CentOS, CESA-2020-5437, Important CentOS 7 kernel. Source
-
RedHat, RHSA-2020:5665, Important: mariadb:10.3 security, bug fix, and enhancement update. Source
-
Windows, If you know of a good tracker for Windows securities advisories, please let me know. I was considering just drawing from the Microsoft Security Response Center Blog.
11 votes -
Saturday Security Brief
Saturday Security Brief Topics: Attack Surface Management, Active iMessage exploit targetting journalists, Academic research on unique EM attack vectors for air-gapped systems. Any feedback or...
Saturday Security Brief
Topics: Attack Surface Management, Active iMessage exploit targetting journalists, Academic research on unique EM attack vectors for air-gapped systems.
Any feedback or thoughts on the experience of receiving and discussing news through this brief or in general are welcome. I'm curious about this form of staying informed so I want to experiment. (Thanks again for the suggestion to post the topics as comments.)
Attack Surface Management
This concept is about ensuring that your network is equipped to handle the many issues that arise from accommodating various "Servers, IoT devices, old VPSs, forgotten environments, misconfigured services and unknown exposed assets" with an enterprise environment. Some of the wisdom here can be applied better think about protecting our personal networks as well. Outdated phones, computers, wifi extenders, and more can be a foothold for outside attackers to retain persistant access. Consider taking steps to migigate and avoid potential harm from untamed devices.
Consider putting certain devices on the guest network if your router supports doing so and has extra rules for devices on that network so they can't cause damage to your other devices directly.
"A report from 2016 predicted that 30% of all data breaches by 2020 will be the result of shadow IT resources: systems, devices, software, apps and services that aren’t approved, and in use without the organization’s security team’s knowledge. But shadow IT isn’t the only area where security and IT teams face issues with tracking and visibility."
Attack Surface Management: You Can’t Secure What You Can’t See ~ Security Trails
Multiple Journalists Hacked with ‘Zero-Click’ iMessage Exploit
Mobile spyware is continuing to evolve and tend towards professional solutions. Recently this technology has been abused to conduct espionage on journalists of major networks. Where once these exploits typically required some mistaken click from the user, new developments are allowing their activities without any trace or requiring interaction from the target.
"NSO Group’s Pegasus spyware is a mobile phone surveillance solution that enables customers to remotely exploit and monitor devices. The company is a prolific seller of surveillance technology to governments around the world, and its products have been regularly linked to surveillance abuses."
"In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked."
"The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, and one operator SNEAKY KESTREL that we attribute to the United Arab Emirates."
"More recently, NSO Group is shifting towards zero-click exploits and network-based attacks that allow its government clients to break into phones without any interaction from the target, and without leaving any visible traces."
Security researchers exfiltrate data from air-gapped systems by measuring the vibrations made by PC fans.
Besides this potential exploit the article mentions past research done by Guri and his team which is worth checking out, like:
-
LED-it-Go - exfiltrate data from air-gapped systems via an HDD's activity LED
-
AirHopper - use the local GPU card to emit electromagnetic signals to a nearby mobile phone, also used to steal data
-
MAGNETO & ODINI - steal data from Faraday cage-protected systems
-
PowerHammer - steal data from air-gapped systems using power lines
-
BRIGHTNESS - steal data from air-gapped systems using screen brightness variations
"Academics from an Israeli university have proven the feasibility of using fans installed inside a computer to create controlled vibrations that can be used to steal data from air-gapped systems."
Academics steal data from air-gapped systems using PC fan vibrations ~ Zdnet
Good Practices
"Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident."
16 votes -
-
WakaTime 2020 Programming Stats
4 votes -
Friday Security Brief
Friday Security Brief This release is trial for a weekly security brief compiled from trusted sources that encourage a general awareness of cyber security issues. I'm still not sure about how to...
Friday Security Brief
This release is trial for a weekly security brief compiled from trusted sources that encourage a general awareness of cyber security issues. I'm still not sure about how to do this so any thoughts or feedback will be appreciated.
Brexit deal mandates a limit to security standards
"In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA:"
Brexit Deal Mandates Old Insecure Crypto Algorithms ~ Schneier on Security
FBI Warns of Hijacked Security Devices being exploited for Swatting
"Stolen email passwords are being used to hijack smart home security systems to “swat” unsuspecting users, the Federal Bureau of Investigation warned this week. The announcement comes after concerned device manufacturers alerted law enforcement about the issue."
FBI Warn Hackers are Using Hijacked Home Security Devices for Swatting ~ Threatpost
A look back at some email attacks of 2020
"In 2020, our spam folders bulged with malware-laced emails, phishing lures linking to ransomware schemes, impersonation attacks, spoofed brand and fake domain missives, and dubious requests from legit-sounding companies. So, what defined 2020 in spam?"
Inbox Attacks: The Miserable Year (2020) That Was ~ Threatpost
SolarWinds hackers accessed Microsoft source code
"The hackers behind the SolarWinds supply chain attack managed to escalate access inside Microsoft's internal network and gain access to a small number of internal accounts, which they used to access Microsoft source code repositories, the company said on Thursday."
SolarWinds hackers accessed Microsoft source code ~ Zdnet
CISA updates SolarWinds guidance
"The US Cybersecurity and Infrastructure Security Agency has updated its official guidance for dealing with the fallout from the SolarWinds supply chain attack.
In an update posted late last night, CISA said that all US government agencies that still run SolarWinds Orion platforms must update to the latest 2020.2.1HF2 version by the end of the year."
CISA updates SolarWinds guidance, tells US govt agencies to update right away
24 votes -
Is Firefox still a good (enough) browser for privacy?
Someone posted this on the privacy subreddit. I also ended up finding this and this after doing a bit of searching. As someone who isn’t in the CS/IT spheres (chemical engineering is my...
Someone posted this on the privacy subreddit. I also ended up finding this and this after doing a bit of searching. As someone who isn’t in the CS/IT spheres (chemical engineering is my background), Firefox has been my go-to browser for awhile, although I’m being made aware of the flaws of Firefox (most of which go over my head) and behavior of Mozilla. What can be done to fix this, especially considering that Firefox is the only FOSS browser with a significant user base?
22 votes -
Day 19: Monster Messages
Today's problem description: https://adventofcode.com/2020/day/19 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/19
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
10 votes -
How we built the GitHub globe
3 votes -
Day 18: Operation Order
Today's problem description: https://adventofcode.com/2020/day/18 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/18
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
11 votes -
Guide to advanced CSS selectors
4 votes -
What programming/technical projects have you been working on?
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's...
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?
9 votes -
Day 24: Lobby Layout
Today's problem description: https://adventofcode.com/2020/day/24 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/24
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
8 votes -
Fortnightly Programming Q&A Thread
General Programming Q&A thread! Ask any questions about programming, answer the questions of other users, or post suggestions for future threads. Don't forget to format your code using the triple...
General Programming Q&A thread! Ask any questions about programming, answer the questions of other users, or post suggestions for future threads.
Don't forget to format your code using the triple backticks or tildes:
Here is my schema: ```sql CREATE TABLE article_to_warehouse ( article_id INTEGER , warehouse_id INTEGER ) ; ``` How do I add a `UNIQUE` constraint?
10 votes -
Let's build a computer in Conway's Game of Life ⠠⠵
4 votes -
How police are “breaking phone encryption”
21 votes -
The Matrix Holiday Special (2020 Edition)
14 votes -
Day 25: Combo Breaker
Today's problem description: https://adventofcode.com/2020/day/25 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/25
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
8 votes -
In-depth walkthroughs of Rust solutions for Advent of Code 2020 by Amos Wenger (fasterthanlime)
I always enjoy Amos' writing, he does a great job of walking through topics in depth and explaining each step of the way. It looks like he's starting a new series to work through all of this...
I always enjoy Amos' writing, he does a great job of walking through topics in depth and explaining each step of the way. It looks like he's starting a new series to work through all of this year's Advent of Code problems, which will probably be a good read for people interested in Rust (whether you already have experience with it or not).
Only the first day is up so far, but the overall series page is here, and individual links:
I'll update this post with new links as the new parts come out, and possibly bump it occasionally.
9 votes -
What’s the point of pointfree programming?
6 votes -
Day 17: Conway Cubes
Today's problem description: https://adventofcode.com/2020/day/17 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/17
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
9 votes -
Ask Tildes: How do you organize the files on your computer?
I thought it'd be fun to see how some of you keep your computer organized. Do you follow some general scheme, keep it arbitrary, throw everything on the Desktop or in Downloads or just abuse the...
I thought it'd be fun to see how some of you keep your computer organized. Do you follow some general scheme, keep it arbitrary, throw everything on the Desktop or in Downloads or just abuse the search bar?
Feel free to go as general or as in-depth as you want.
23 votes -
Day 23: Crab Cups
Today's problem description: https://adventofcode.com/2020/day/23 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/23
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
8 votes -
The Beautiful Machine
5 votes -
Day 21: Allergen Assessment
Today's problem description: https://adventofcode.com/2020/day/21 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/21
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
10 votes -
Day 20: Jurassic Jigsaw
Today's problem description: https://adventofcode.com/2020/day/20 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/20
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
10 votes -
On the graying of GNOME
14 votes -
Day 22: Crab Combat
Today's problem description: https://adventofcode.com/2020/day/22 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/22
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
8 votes -
Day 16: Ticket Translation
Today's problem description: https://adventofcode.com/2020/day/16 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/16
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
11 votes -
What programming/technical projects have you been working on?
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's...
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?
16 votes -
What programming/technical projects have you been working on?
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's...
This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?
7 votes -
Day 12: Rain Risk
Today's problem description: https://adventofcode.com/2020/day/12 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/12
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
12 votes -
Why nullable types in Dart?
11 votes -
Commits in Git are snapshots, not diffs
4 votes -
Day 11: Seating System
Today's problem description: https://adventofcode.com/2020/day/11 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/11
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
13 votes -
How and why to use Lynx – the faster web browser
11 votes -
The 2020 MDN Web Developer Needs Assessment report is now available
7 votes -
Day 15: Rambunctious Recitation
Today's problem description: https://adventofcode.com/2020/day/15 Join the Tildes private leaderboard! You can do that on this page, by entering join code 730956-de85ce0c. Please post your...
Today's problem description: https://adventofcode.com/2020/day/15
Join the Tildes private leaderboard! You can do that on this page, by entering join code
730956-de85ce0c
.Please post your solutions in your own top-level comment. Here's a template you can copy-paste into your comment to format it nicely, with the code collapsed by default inside an expandable section with syntax highlighting (you can replace
python
with any of the "short names" listed in this page of supported languages):<details> <summary>Part 1</summary> ```python Your code here. ``` </details>
11 votes