Smashing Magazine Icon Smashing Magazine

Improve your JavaScript knowledge by reading source code

One of the most amazing things about Open Source is how much it enables you to learn from the best. Just open up the source for your favorite library or framework and you can start learning from the best in the business. But that can feel intimidating. This article breaks down some approaches you can use to make it easier. As author Carl Mungazi says: Reading source code is difficult at first but as with anything, it becomes easier with time. The goal is not to understand everything but to come away with a different perspective and new knowledge. The key is to be deliberate about the entire process and intensely curious about everything.

read more

Practical AI Practical AI #51

AI code that facilitates good science

We’re talking with Joel Grus, author of Data Science from Scratch, 2nd Edition, senior research engineer at the Allen Institute for AI (AI2), and maintainer of AllenNLP. We discussed Joel’s book, which has become a personal favorite of the hosts, and why he decided to approach data science and AI “from scratch.” Joel also gives us a glimpse into AI2, an introduction to AllenNLP, and some tips for writing good research code. This episode is packed full of reproducible AI goodness!

read more

Rachel Andrew Smashing Magazine

Everything you need to know about CSS margins

Margins in CSS seem simple enough at first glance. Applied to an element it forms a space around the element, pushing other elements away. However, there is more to a margin than you might think. No kidding! Margin collapsing has got to be one of the hardest things about CSS for new developers, and this article not only goes into it and how to avoid it, but explains the “why” behind it.

read more

project Icon github.com

Source code for the command and lunar modules of Apollo 11 🌔

Original Apollo 11 guidance computer (AGC) source code for Command Module (Comanche055) and Lunar Module (Luminary099). Digitized by the folks at Virtual AGC and MIT Museum. The goal is to be a repo for the original Apollo 11 source code. As such, PRs are welcome for any issues identified between the transcriptions in this repository and the original source scans for Luminary 099 and Comanche 055, as well as any files I may have missed. A nice bit of history to peruse in honor of the flight’s recent 50th anniversary. 100% Assembly tho 😱

read more

Opensource.com Icon Opensource.com

What is POSIX? Richard Stallman explains

It’s great to read RMS and other GNU developer’s perspective on how we got past the UNIX days. I’m particularly interested in a conversation around this statement from the author: Open source discourse typically encourages certain practices for the sake of practical advantages, not as a moral imperative. I’m fascinated by the different perspectives. There’s one where F/OSS is a human right, and another where it’s a business opportunity. They’re not mutually exclusive, but which is more prevalent these days? My thought is that we wouldn’t be where we are today if the former didn’t dominate in the ‘90s, but we’re significantly more capitalistic with our OSS these days. What’s your take on it?

read more

Tierney Cyren 1x.engineer

What is a 1x Engineer?

Fun little site poking fun at the 10x engineer meme. Here’s a sampler of things a 1x engineer does: Writes code that &emdash; gasp &emdash; has bugs. Writes code that others can read. Is a team player that goes to the same meetings their co-workers are required to go to. If you’re wondering whether the &emdash;es are intentional… yes and no. Bonus points for NES.css 👌

read more

Thoughtbot Icon Thoughtbot

Profiling Vim

Chris Thorn writing for Thoughtbot: Lately, I’ve noticed that opening Markdown files in Vim is slow. I don’t know exactly how slow, but slow enough that I notice a pause after opening the file before I can edit it. I’m not sure why or when it started, but it’s painful enough that I want to track down and alleviate it. I, too, have felt this pain, which is one of the reasons I no longer use Vim as my full-time coding editor. I still use it enough for its sluggishness to bug me, but not quite enough to go chasing down why it’s sluggish. This article might change my calculus on that decision.

read more

The Changelog The Changelog #353

The war for the soul of open source

Adam Jacob (co-founder and board member of Chef) joins the show to talk about the keynote he’s giving at OSCON this week. The keynote is titled “The war for the soul of open source.” We talked about what made open source great in the first place, what went wrong, the pitfalls of open core models, licensing, and more. By the way, we’re at OSCON this week so if you make your way to the expo hall, make sure you come by our booth and say hi.

read more

Jonathan Leitschuh Medium

Zoom's zero day bug bounty write-up

By now you’ve probably heard about Zoom’s zero day bug that exposed 4+ million webcams to the bidding of nefarious hackers. Security researcher Jonathan Leitschuh shared the full background and details on InfoSec Write-ups: This vulnerability was originally responsibly disclosed on March 26, 2019. This initial report included a proposed description of a ‘quick fix’ Zoom could have implemented by simply changing their server logic. It took Zoom 10 days to confirm the vulnerability. The first actual meeting about how the vulnerability would be patched occurred on June 11th, 2019, only 18 days before the end of the 90-day public disclosure deadline. During this meeting, the details of the vulnerability were confirmed and Zoom’s planned solution was discussed. However… If you use Zoom or if you’ve EVER installed Zoom, read Jonathan’s write-up and take appropriate action to update Zoom or to remove the lingering web server it leaves behind. Confirm if the server is present by running lsof -i :19421 in Terminal.

read more

Forbes Icon Forbes

Developers don't understand CORS

Fascinating look at the underpinnings of the big Zoom vulnerability announced last week, including an excellent discussion of how a lack of understanding may have led to this huge fiasco. Author Chris Foster: What this says to me is that Zoom may have needed to get this feature out and did not understand CORS. They couldn’t make the AJAX requests without the browser disallowing the attempt. Instead, they built this image hack to work around CORS. By doing this, they opened Zoom up to a big vulnerability because not only can the Zoom website trigger operations in the native client and access the response, but every other website on the internet can too.

read more

0:00 / 0:00