CodeIsGo.com

Hybrid and work-from-home (WFH) arrangements take employees from the safety of the more secure and monitored environment of the office. These arrangements blur the division between enterprise and home networks while subsequently expanding the attack surface for both environments. How can these security gaps be bridged? By trendmicro.com.

This guide then walks you over:

• Threats facing remote work arrangements
• Phishing
• Home network threats
• File transfer risks and unsecure tools
• VPN vulnerabilities

Organizations and individual users alike should be privy to these threats since in hybrid and WFH setups their consequences can more easily traverse both home and office networks. Given that WFH and hybrid setups test the idea of cybersecurity as a shared responsibility, what can employees and organizations do to prevent threats and bridge the security gap between office and home networks?!

A good coding practice is to keep the view layer in an MVC structure as simple as possible and with no or minimal logic. A common practice to extract common logic that you might want to use in many places is to create an extension method that could be used across views. This moves to logic from the views into a C#-based method. By Linus Ekström.

The article discusses:

• An example of a non testable implentation
• Refactoring the code to allow for better testability
• Applying unit testing

With a rather simple refactoring we are now able to create unit tests and if wanted also applying TDD style coding for your extension methods. Another positive side effect of this is that you also get a better visability of the dependencies by lifting them out from the method that holds the actual implementation. Though the unit test class contains a bit of set up for the first test - adding new tests is really quick once this is done. Good read!

To better assist customers with product discovery, retailers are discovering and leveraging innovative ways like live streaming. Live streaming commerce is an interactive social commerce tool that combines video streaming and TV entertainment formats like talk shows and chat. By Shantala Raman.

All the big retailers in China, like Alibaba, Douyin/TikTok and JD.com use live streaming commerce. The Chinese live streaming market is the biggest and is expected to reach USD 480 billion in 2022, making up for 16.5 percent of total retail sales. The phenomenon is catching on in the West too, with Amazon launching Amazon live in 2019 and luxury players like Gucci and Burberry live streaming their fashion shows. Pinterest has recently come up with Pinterest TV and TV Studio.

Author recommends building a compelling live streaming commerce proposition with the help of the following five foundational pillars:

• Customer engagement
• Powerful influencer/KOL network and content
• Seamless integration of commerce
• High quality viewing experience
• Reliable and fast delivery

As you embark on the live streaming commerce journey, carve out your vision beyond the thin slice and MVP to determine the space you would like to operate in. You could choose to be the digital destination for live commerce in the markets you operate in – build the platform to connect your customers to influencers for live interactions. Nice one!

Today author is going to talk about why they made the unconventional decision to build thier logging system on top of Postgres, what worked well, what didn’t work well, and how they did it. By Pete Hunt.

The article captures:

• Framing the problem
• Don’t choose the right tool for the job
• Postgres as a message queue
• How we measured
• Scaling the database: archiving and rate limiting
• Dealing with failure
• Things that didn’t go well
• Future work

One of the big advantages of using a replicated, distributed message queue system like Kafka is its strong availability guarantees and ability to recover from failure. What we have found so far is that, because there are fewer moving parts than a large Kafka deployment, we likely have similar uptime with our single, rock-solid Postgres DB. Additionally, modern environments like AWS RDS allow for hot standbys and quick failovers to replicas, which means failures will often result in just a few seconds of downtime. Good read!

When building a web application with React, one of the challenges apart from implementing the main logic of the application is styling and choosing the appropriate styling solutions for your application. By Osah Peter.

CSS-in-JS solutions leverage javascript in styling applications. This has benefits as it improves maintainability, brings in modularity in styling, and introduces “Dynamic styling” to applications. There are various CSS-in-JS solutions. However, we will take a look at the two most popularly used solutions, which are Linaria and Styled-components. We will take a look at their features as well as make comparisons between them based on features, performance, and ecosystem.

Linaria is one of the most popular CSS-in-JS solutions. It has over 7.1K GitHub stars and 260 GitHub forks. Linaria is a Zero-Runtime CSS in JS which means that it converts the CSS-in-JS codes into a separate .css file while creating the build for production. This is similar to how most CSS preprocessors, like SASS and LESS, operate.

Styled-Components is one of the most popular CSS-in-JS solutions. It has over 37.2K GitHub stars and 2.3K GitHub forks. Styled-components enables you to write actual CSS code to style your components. It also creates a layer of abstraction between components and styles, thereby eliminating the direct mapping between them. Good read!

Natural Language Understanding (NLU) is a subtopic of Natural Language Processing. It focuses on “comprehension”. NLU deals with users’ intents and what they mean instead of what they say. Thus, some people refer to it as Intent Detection or Intent Detector. By picovoice.ai.

The main points in the article:

• How does NLU work?
• Five most commonly used NLU terms
  • Conversational AI
  • Corpus
  • Utterance
  • Intent
  • Entities

Understanding Intents is just one part of the problem. Extracting details and understanding choices are as vital as understanding intents. Entities are also known as Slots or Intent Details. Despite the same intent, the utterances “show me sneakers” and “I want to see running shoes” have different Entities: “sneakers” and “running shoes.” Nice intro to NLU!

Google Firestore is a document-oriented database that has some neat features for building modern apps as part of the Firebase offering. In most respects, I find it is conceptually similar to AWS Amplify on the surface. Having now worked with both, they feel very different in practice. By Charles Chen.

If you haven’t worked with Google Firebase before, it’s a suite of PaaS tools glued together under one branding and includes:

• An identity management service similar to AWS Cognito or Azure AD B2C
• A document database similar to AWS DocumentDB or Azure CosmosDB
• A real-time sync to the database similar to what’s possible with AWS AppSync and DynamoDB (except without the GraphQL)
• Integration with the Google Cloud Functions runtime
• Integration with Google Cloud Storage

The article then guides you through:

• Workspace setup
• Backend API in C#
• Front-end in Vue + TypeScript
• Adding authentication
• Back-end validation
• Real-time subscriptions

There’s a ton of old documentation and examples on the web with very few real examples of working with the emulator from end-to-end with a front-end and back-end API. This article provides you missing bits, it is well explained with all code provided, contains links to other resources and compares competitor resources to Firebase. Very exciting!

How a maverick genius at IBM helped to change the course of computing forever. The RISC idea has now been around for around fifty years and it’s been the subject of debate and a degree of controversy for much of that period. By Babbage.

But some of IBM’s engineers were convinced of the benefits of a simple yet powerful computer. So members of the project returned to IBM Research and started work to turn the ideas into a general-purpose computer.

The main sections in the article:

• Origins
• Enter Ericsson
• Work starts on the 801
• Instruction traces
• Building the RISC philosophy
• The 801 architecture
• The revised 801
• The 801 delivers

The term RISC came to be used first in the RISC-1 project led by David Patterson at U.C. Berkeley. Along with John Hennessy at Stanford University, Patterson and his students would pick up the RISC concept and build the first microprocessors using RISC principles. And that’s where our series goes next. Nice one!

Whether prices are up or down, for many investors in cryptocurrency, the real appeal is that there’s nobody in charge. But a new report finds that the decentralized system might not be working as well as many crypto enthusiasts assume.or a one-time activity like creating a cluster, but not for continuous tasks like app delivery and configuration management.

The report was commissioned by the Defense Advanced Research Projects Agency, or DARPA, and the work was done by the software security research company Trail of Bits.

“It’s been taken for granted that the blockchain is immutable and decentralized, because the community says so,” says Trail of Bits CEO Dan Guido.

But in practice, he says, these networks have evolved in ways that concentrate power in the hands of certain people or companies, including the large pools of “miners” whose computers earn virtual currency by maintaining the blockchains. Guido’s team calls these potential situations “unintended centralities” — situations in which someone gains leverage over the decentralized system, creating opportunities for tampering with the record of who owns what.

Another example in the report of this kind of concentration is the fact that 60% of Bitcoin traffic is handled by just three internet service providers.

“Let’s say somebody with great top-down control of the internet in their country starts to interfere with that network,” Guido says. By slowing down or stopping legitimate blockchain traffic, an attacker could become the “majority” voice in the consensus of what’s written to a blockchain at that moment. “They can rewrite history. They can censor transactions. They can make it so that you can’t spend your Bitcoin,” says Guido. “It’s definitely something people would want to do if they want to ‘grief’ the network.” To learn more follow the link to original article. Excellent read!

In this article, you will learn how to create a Kubernetes cluster with Terraform and then manage it with Argo CD. Terraform is very useful for automating infrastructure. On the other hand, Argo CD helps us implement GitOps and continuous delivery for our applications. It seems that we can successfully combine both these tools. Let’s consider how they can help us to work with Kubernetes in the GitOps style.

Here’s the list of things you are going to do in this tutorial:

• In the first step, we will create a local Kubernetes cluster using Terraform
• Then we will install OLM (Operator Lifecycle Manager) on the cluster. We need it to install Kafka with Strimzi (Step 5)
• We will use Terraform to install Argo CD from the Helm chart and create a single Argo CD Application responsible for the whole cluster configuration based on Git
• After that, Argo CD Application installs Strimzi Operator, creates Argo CD Project dedicated to Kafka installation and Argo CD Application that runs Kafka on Kubernetes
• Finally, the Argo CD Application automatically creates all the CRD objects required for running Kafka

Author wanted to define the whole cluster and store its configuration in Git. It was not possible to use only Argo CD to achieve it, because Argo CD must run on the existing Kubernetes cluster. That’s why a tool that is able to create a cluster and then install Argo CD there seems to be Terraform. It is perfect for a one-time activity like creating a cluster, but not for continuous tasks like app delivery and configuration management. Good read!