Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Analysis



  HeartBleed: Should C be blamed for the HeartBleed bug?

There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...

   C,HeartBleed,Analysis,Code review     2014-04-14 03:52:55

  Ensuring Go Interface Implementation: A Quick Guide

Introduction Go's simplicity and power shine in its interface system, offering a clean way to define contracts between types. However, when it comes to checking whether a struct satisfies an interface, Go's static typing philosophy means there isn't a direct runtime check. In this concise guide, we'll explore practical methods, including some lesser-known tricks, to verify whether a struct implements an interface. Method 1: Type Assertion and a Dummy Method package main import "fmt" type MyInt...

   INTERFACE,GOLANG,IMPLEMENTS     2023-11-25 21:36:01

  Secure Your Go Code With Vulnerability Check Tool

Security vulnerabilities exist in any language and any code, some are written by ourselves, but more are from the upstream dependencies, even the underlying Linux. We have discussed the security protection methods for Go and Kubernetes Image in Path to a Perfect Go Dockerfile and Image Vulnerability Scanning for Optimal Kubernetes Security, in which the security scanning was performed based on generic. As the Go community grows, more and more open-source packages have caused ...

   GOVULNCHECK,GOSEC,GOLANG     2022-10-29 23:43:20

  Why Dynamic Programming Languages Are Slow

In a statically typed language, the compiler knows the data-type of a variable and how to represent that. In a dynamically-typed language, it has to keep flag describing the actual type of the value of the variable, and the program has to perform a data-dependent branch on that value each time it manipulates a variable.  It also has to look up all methods and operators on it. The knock-on effect of this on branching and data locality is lethal to general purpose runtime performance. T...

   Dynamic language,Slow,Analysis     2012-03-26 15:33:11

  Here is what XcodeGhost author says

The first compiler malware in iOS was disclosed by Chinese iOS developers on Wednesday(Beijing time). The name of this malware is XcodeGhost as described by Alibaba researchers who released the analysis of this malware.  The malicious code is located in a Mach-O object file that was repackaged into some versions of Xcode installers. These malicious installers were then uploaded to Baidu’s cloud file sharing service for used by Chinese iOS/OS X developers. Xcode is Apple’s offic...

   IOS,SECURITY,XCODEGHOST,APP STORE,APPLE     2015-09-18 20:51:38

  Big file transfer in Linux

It's very common that we need to transfer files between two different hosts such as backups. It is also an very simple task, we can use scp or rsync to complete the task well. But what if the file is very big, it may take some time to transfer it. How can we transfer a big file with high speed? Here we propose one solution. Copy file If we copy one uncompressed file, then we should follow below steps: Compress data Send it to another host Uncompress the data Verify the data integrity This will...

   Linux, SCP,ZIP     2013-01-10 05:55:50

  Why Google+ Doesn’t Care If You Never Come Back

Ad targeting. Google+ is designed to power ad targeting, and for that it only needs you to sign up once. This lets it combine the biographical information you initially enter such as age, gender, education, employers, and places you’ve lived with your activity on Search, Gmail, Maps and all its other products to create an accurate identity profile. And this powers targeting of more relevant ads it can charge more for. So despite comScore showing that the average Google+ user only sp...

   Google+,Ads,comScore,Identity     2012-02-29 05:04:19

  How the Internet Is Ruining Everything

The ongoing argument about whether the Internet is a boon or a bust to civilization usually centers on the Web’s abundance. With so much data and so many voices, we each have knowledge formerly hard-won by decades of specialization. With some new fact or temptation perpetually beckoning, we may be the superficial avatars of an A.D.D. culture.David Weinberger, one of the earliest and most perceptive analysts of the Internet, thinks we are looking at the wrong thing. It is not the co...

   Internet,Everything,Market,Shape world     2011-12-06 09:08:27

  Why Outsourcing .Net Services is a Growing Trend?

IT companies are focusing more on .net for application development. This is because; the .net platform empowers developers with a wide range of tools and libraries to create diverse applications in an easy and efficient manner. The dot net framework allows users i.e. developers, to design and develop applications that can interact with web services and a range of online devices. .Net programming language is richer than others in many contexts. It has several objects oriented features like proper...

   dot net services, outsourcing, .net, framework     2014-10-23 22:30:43

  â€œExperience says it all”- Pentaho ETL Developers’ Comment on the Use of ETL Tools

Since months Pentaho ETL developers have been juggling with three distinct tools- Pentaho DI, SSIS, and PowerShell. Their experience has provided them new perspective on the cons and pros of every tool. In this post, they are sharing their experience with these tools and explain their significance. Before getting started, they first would like to explain ETL in brief and how the tools suits ETL landscape. ETL is Extract Transform Load. Informatica was the initial ETL tool introduced in the mid n...

   Pentaho BI ETL tools     2015-05-13 01:14:57