General Programming Q&A thread! Ask any questions about programming, answer the questions of other users, or post suggestions for future threads.

Don't forget to format your code using the triple backticks or tildes:

Here is my schema:

```sql
CREATE TABLE article_to_warehouse (
  article_id   INTEGER
, warehouse_id INTEGER
)
;
```

How do I add a `UNIQUE` constraint?

This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?

I have a Xiaomi Redmi 4X device with 2GB RAM and 16GB on-device storage.

Yesterday, I setup PostmarketOS on it, and it works well enough. WiFi and display work well, although no 3D acceleration and no telephony at all. As such, now it is just another device on my home network, except that I can ssh into it to do some basic stuff. Right now it is setup as a Syncthing node to backup my Keepass db and personal knowledge base written in org-mode, but I would like to use it further, and looking for ideas.

Two things to consider, though. First, I don't want it to overcharge and bust the battery. Before when it was on LineageOS, I had a magisk module acc so it would charge only 40-80%, and is largely the reason why the battery holds up pretty well after 5+ years without swelling. I will take further look into it over coming weekend and try to make something like it for the alpine kernel included in PmOS. Second, while on charging the phone keeps vibrating repeatedly. I have no idea how to fix that one, but would like to strat given pointers. (I have never done kernel dev in my life)

So, any ideas on what I can use this extra computer in my metaphorical basement welcome. Thanks in advance.

This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?

General Programming Q&A thread! Ask any questions about programming, answer the questions of other users, or post suggestions for future threads.

Don't forget to format your code using the triple backticks or tildes:

Here is my schema:

```sql
CREATE TABLE article_to_warehouse (
  article_id   INTEGER
, warehouse_id INTEGER
)
;
```

How do I add a `UNIQUE` constraint?

It is late... and I am pretty much finished with migrating to a new VPS provider. I got rate limited with two domains, but I'm running everything through Cloudflare. Do I need to bother with LetsEncrypt on the VPS itself? When I check the domains, the certs from CF are working nicely.

This is my first time using CF.

Quick edit while I pretend I can sleep.

I’m thinking that CF will cover me for 443 and route all traffic there. I’ve got wildcards set for domains with services that require other ports — which is working. All CF is doing is caching my sites, right?

This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?

General Programming Q&A thread! Ask any questions about programming, answer the questions of other users, or post suggestions for future threads.

Don't forget to format your code using the triple backticks or tildes:

Here is my schema:

```sql
CREATE TABLE article_to_warehouse (
  article_id   INTEGER
, warehouse_id INTEGER
)
;
```

How do I add a `UNIQUE` constraint?

Non-comp person here; is there a record for longest period of time a DDOS attack occurred on a website? Would it be possible to forcibly keep a site offline for an extended length of time with a continuous DDOS attack?

This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?

I'm currently developing a minimal userscript manager who's main goal is to be fully auditable by any user in only ten minutes or so - my prototype uses less than 300 lines of javascript, and I'm trying to keep it that way.

To get the codebase this small, however, I have to be very picky with what features I implement - most notably, the code editor has to be very barebones. Are there any features that I'd be shooting myself in the foot by not including?

For example:

• syntax highlighting
• cloud sync
• regex url matching
• fullscreen editor (currently, it's just a browser popup - the intention is that you write code elsewhere and paste it in)

Any feedback is greatly appreciated!

This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?

This is a recurring post to discuss programming or other technical projects that we've been working on. Tell us about one of your recent projects, either at work or personal projects. What's interesting about it? Are you having trouble with anything?

I've been learning a bit more Python, going through a Udemy course to expand my skills a little. One of the programs the course guides you to make is a little dictionary, but it currently only runs once and then quits.
I'd like to adapt it to use a nice TUI that keeps itself open until the user specifies they want to quit, using something along the lines of npyscreen. However, this library uses classes, and that's not something I'm yet familiar with. I'd rather have an understanding of what classes are, how they work, and why to use them before I take the plunge and start fiddling around with npyscreen (although I'd be interested to hear if you think that I should Just Do It instead).
Can anyone give or point me towards a good explanation of the what, how, and why of Python classes? Or better yet, a tutorial that will give me something to write and play with to figure out how it all fits together?
Thanks!

Friday Security Briefing

Hello there! I hope you're all looking forward to something this weekend. Today's briefing will cover a captivating tale of scheming against financial centers, woes of virtual networking, and the possibility of Russia behaving quite unnecessarily.

"Listen, or your tongue will make you deaf." ~ Unattributed proverb

Wall Street targeted by new Capital Call investment email scammers

The tactic of exploiting enterprise email systems remains a successful and active attack vector for bad actors. The emerging development is the use of "capital call" style scam, wherein scammers pretend to have investor or insurance business with the business.

"In an example shared by the researchers, the scam email attached a Capital Call Notice for US $970,357.00 to be deposited into a bank account under the fraudsters’ control."

"If the targeted investor was duped into wiring the funds, then it is likely that money would be quickly moved into other accounts and withdrawn by mules to prevent the payment from being returned to the victim."

The flexibility that cryptocurrencies provide to discreetly rearrange money may actually be disadvantageous for banks in certain situations.

Source: Tripwire, Wall Street targeted by new Capital Call investment email scammers

High severity Linux network security holes found, fixed

(CVE-2021-26708) Alexander Popov of London has discovered five security holes in the Linux kernel's virtual socket implementation. This is concerning, my personal use of virtual networking systems could be a lot more thought out. I do tend to keep my use of libvirt to a minimum but ideally I would be running my virtualization workstation on a separate box optimized for safe practices.

"These holes entered Linux when virtual socket multi-transport support was added. This networking transport facilitates communication between virtual machines (VM) and their host. It's commonly used by guest agents and hypervisor services that need a communications channel that is independent of the VM network configuration. As such, people who are running VMs on the cloud, which is pretty much everyone these days, are especially vulnerable."

Source: ZDNet, High severity Linux network security holes found, fixed

Ukraine: DDoS attacks on govt sites originated from Russia

Ukraine is proposing that information on the threat actors responsible for a DDoS on Ukrainian government websites originated from Russian domains.

However, they did not claim that the threat actors were affiliated with the Russian state.

I am curious about the motivations if this was sanctioned by Russia. Are they testing their capabilities against a softer target in order to learn from the European and American Cyber-Defense response? Perhaps this was a way for Russia to demonstrate it's competency at cyber warfare.

"The National Coordination Center for Cybersecurity (NCCC) at the NSDC states that these DDoS attacks have been massive and have targeted government websites in the defense and security sector."

Possible retaliation?

"Last week, news leaked that Ukrainian law enforcement, in cooperation with the US and French police, arrested alleged Egregor ransomware operation members.

Three days later, the Security Service of Ukraine (SBU) issued a press release about the Egregor arrests and seizing the ransomware group's equipment."

Source: Bleeping Computer, Ukraine: DDoS attacks on govt sites originated from Russia