3741
nowsecure/owasp-password-strength-test: OWASP Password Strength Test for Node.js
OWASP Password Strength Test

owasp-password-strength-test is a password-strength tester based off of the OWASP Guidelines for enforcing secure passwords. It is lightweight, extensible, has no dependencies, and can be used on the server (nodejs) or in-browser.

owasp-password-strength-test is not an OWASP project - it is merely based off of OWASP research.
owasp  password  strength  npm  javascript  security 
22 hours ago
Twitter
RT : I think my real value as a software engineer is in knowing what NOT to do. Half the time I don’t know wha…
from twitter
4 days ago
Twitter
Every night for years now, when I put the kids to bed, I say, "Good night, hobbits." Tonight, they both responded,…
from twitter_favs
15 days ago
Twitter
Wow after 3 years of rust, I have to fix some C++ code again. This is like coming down from a really nice trip but…
from twitter_favs
20 days ago
Twitter
My brother just asked how it is that 93% of Kavanaugh’s judicial records can’t be found but he has no problem locat…
from twitter_favs
25 days ago
Twitter
Always carry a potato wrapped in foil to a party.

It's a conversation starter: "Ever seen a lion's egg?"

A conver…
from twitter_favs
25 days ago
Twitter
RT : If you use str::repeat, you should check your code: we have a security advisory for the standard library. Please sh…
from twitter
27 days ago
Software disenchantment @ tonsky.me
RT @datarelish: Software disenchantment. Great read by @nikitonsky #Android #Docker
software  programming  bloat  rant 
28 days ago
Twitter
When you see the following tools in use, you know the software development process is having a bad day:

* Wireshar…
from twitter_favs
4 weeks ago
168: An Escape Rope of Learning | The Bike Shed
Cool to hear the shout out on . (http4s mentions at 16:30 and 20:00.)
from twitter
5 weeks ago
Truck Hacking: An Experimental Analysis of the SAE J1939 Standard
Abstract
Consumer vehicles have been proven to be
insecure; the addition of electronics to monitor
and control vehicle functions have added complexity
resulting in safety critical vulnerabilities.
Heavy commercial vehicles have also begun
adding electronic control systems similar to consumer
vehicles. We show how the openness of the
SAE J1939 standard used across all US heavy
vehicle industries gives easy access for safetycritical
attacks and that these attacks aren’t limited
to one specific make, model, or industry.
We test our attacks on a 2006 Class-8 semi
tractor and 2001 school bus. With these two vehicles,
we demonstrate how simple it is to replicate
the kinds of attacks used on consumer vehicles
and that it is possible to use the same attack on
other vehicles that use the SAE J1939 standard.
We show safety critical attacks that include the
ability to accelerate a truck in motion, disable
the driver’s ability to accelerate, and disable the
vehicle’s engine brake. We conclude with a discussion
for possibilities of additional attacks and
potential remote attack vectors.
pdf  usenix  J1939  truck  hacking  umich.edu 
5 weeks ago
Twitter
RT : Why women live longer than men.
from twitter
5 weeks ago
WireMock - WireMock
WireMock
Mock your APIs for fast, robust and comprehensive testing

WireMock is a simulator for HTTP-based APIs. Some might consider it a service virtualization tool or a mock server.

It enables you to stay productive when an API you depend on doesn't exist or isn't complete. It supports testing of edge cases and failure modes that the real API won't reliably produce. And because it's fast it can reduce your build time from hours down to minutes.
api  rest  testing  mock  service  saas 
5 weeks ago
Twitter
RT : Data scientists just discovered anthropology

This is the greatest discovery since economists discovered psychology…
from twitter
6 weeks ago
Twitter
A major cause of product bloat is building things you know how to build but don't understand. If a customer wants i…
from twitter_favs
7 weeks ago
gruntwork-io/terragrunt: Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple Terraform modules.
Use cases

Terragrunt supports the following use cases:

Keep your Terraform code DRY
Keep your remote state configuration DRY
Keep your CLI flags DRY
Execute Terraform commands on multiple modules at once
Work with multiple AWS accounts

Keep your Terraform code DRY

Motivation
Remote Terraform configurations
How to use remote configurations
Achieve DRY Terraform code and immutable infrastructure
Working locally
Important gotcha: working with relative file paths
Using Terragrunt with private Git repos
terragrunt  terraform  add-on  DRY  devops 
7 weeks ago
Twitter
First, ran an article on “blowing out” an LED with a resistor and a microcontroller. Then sim…
from twitter_favs
7 weeks ago
Twitter
"I hope those who mourn my passing, and even those who don't, will celebrate as I celebrate a happy life lived in i…
from twitter_favs
7 weeks ago
Twitter
RT : This is the best advice from . True of learning R. True of learning anything.
from twitter
7 weeks ago
Twitter
Why Russian online disinformation works: because Americans are idiots, having lost all critical thinking skills, th…
from twitter_favs
7 weeks ago
Twitter
Where we learn again that what isn't protected against side channel analysis is vulnerable to side channel analysis.
from twitter_favs
8 weeks ago
Twitter
As a software developer, this pretty well sums up my attitude toward this latest election technology in my state.…
from twitter_favs
10 weeks ago
Twitter
RT : Please RT if you aren't new to tech but still get the "Imposter syndrome" amidst all your experience.

Having peopl…
from twitter
10 weeks ago
Twitter
Had a problem.

Googled.

Found a forum post where I had the exact problem and sorted it out in the forum post.…
from twitter_favs
10 weeks ago
Twitter
In fairness, it can be hard to spot here at times too.
from twitter_favs
10 weeks ago
Twitter
“So I know these ten things that I think make me clever, I will judge your grasp of the entire field of computer sc…
from twitter_favs
12 weeks ago
Twitter
When State TV hits a glitch.

This is beautiful to watch. I hope you'll consider sharing this; the anchors' confus…
from twitter_favs
12 weeks ago
Twitter
(THREAD) While I remain uninterested in the Trump/Nunes assault on law enforcement—and don't want to give it any mo…
from twitter_favs
12 weeks ago
Twitter
They’re called werewolves.
from twitter_favs
12 weeks ago
Twitter
e.g. something like this:
10.0 Hannity
9.9 Pence
9.2 Fox & Friends
8.8 Tucker Carlson
7.5 McConnell
7.0 Laura Ingra…
from twitter_favs
july 2018
Twitter
RT : DevOpsDays is coming to Indianapolis on July 23-24 at the Marriott Downtown! Come learn from professionals in devel…
from twitter
july 2018
Twitter
Deciding on a chat program to use with one or multiple parties is now like negotiating TLS cipher suites.

ME: I of…
from twitter_favs
july 2018
All about Moteino | LowPowerLab
Moteino began as a low power wireless Arduino compatible development platform based on the popular ATmega328p chip used in the Arduino-UNO. There are now several Moteino development boards including MoteinoMEGA based on the Atmega1284P and MoteinoM0 based on the SAMD21G18 Cortex M0+.

For programming you will need an external FTDI-Adapter to load sketches, the advantages being lower cost, smaller size. The MoteinoUSB and MoteinoMEGA-USB variant includes the USB-serial converter.

Moteinos are compatible and can communicated with any other Arduino or development platform that uses the popular HopeRF RFM69 or LoRa transceivers, or even the older RFM12B. Moteino also comes with an optional SPI flash memory chip for wireless programming, or data logging.
moteino  arduino  atmega328  electroncis  wireless  rf  hoperf 
july 2018
Twitter
Intern: I'm worried because I don't know why this isn't working.
Me: Worry about the non-working code you can't exp…
from twitter_favs
july 2018
Twitter
There are a million designers working on making website buttons have better gradients and none working on the cord…
from twitter_favs
july 2018
SAE J1708/J1587 Communications with the EUSART
INTRODUCTION
The Enhanced Universal Synchronous Asynchronous
Receiver Transmitter (EUSART) was developed to
address the demands created by higher clock speeds
and automotive low-speed networks. The EUSART is
found on many PIC® microcontrollers. PIC16F688 will
be used for the examples in this application note. This
document demonstrates the EUSART used to
communicate on an SAE J1708 data bus, such as
those found in a modern heavy truck.
FEATURES
The features of the EUSART are as follows:
• Selectable 16-bit Baud Rate Generator mode
• Interrupt on Sync Break character received
• 12-bit Break character transmit
• Auto-baud calibration on Sync character
• Clock polarity select for Synchronous mode
• Transmit polarity select for Asynchronous mode
• Receiver Idle flag
• Receive Shift register empty Status bit during
Sleep
Further Reading
Additional information can be found in the data sheet
for PIC16F688, the SAE J1708 and the SAE J1587
specification.
INTRODUCING J-1708
History
The J1708 serial communications link specification
was issued by SAE in 1986. It is intended to describe a
hardware
and
protocol
to
standardize
the
communications between modules in heavy-duty
vehicle applications. The objectives of the link are:
• Minimize hardware costs and overhead
• Provide flexibility for expansion and
advancements without impacting existing systems
• Utilize standard hardware
• Be electromagnetically compatible with the rest of
the vehicle
• Provide flexibility for suppliers to customize the
link for proprietary reasons
The J1708 link is a bidirectional communications link
which
links
electronic
modules
that
contain
microcomputers. The actual J1708 specification
defines hardware and the protocol requirements to
maintain the link. The actual data that is communicated
on the link is defined by a separate J1587 document.
Today, the J1708 data bus is alive and well in heavy
trucks. It is used to communicate general status
information between electronic modules. A federal
requirement for the trailer anti-lock braking system to
light a fault lamp in the tractor has led to the
development of a power line carrier version of the
J1708  J1587  embedded  CAN  datasheet  eusart  pid 
july 2018
Twitter
My mate has two tickets for the England vs Sweden game on Saturday. He didn't realise that it's going to be on the…
from twitter_favs
july 2018
Source for GeoJSON data for the US - Geographic Information Systems Stack Exchange
Does anyone know of any good sources for US data (counties, congressional districts, etc) in GeoJSON format? Has anyone converted public-domain shapefiles/sources to GeoJSON that they would be willing to share?
geojson  data  source  map  geospatial 
july 2018
Twitter
HISTORY: Carmel’s first parade squatter

CARMEL—On July 1, 1923, Olaf Aasen of the Current in Carmel reported “Enoc…
from twitter_favs
july 2018
GeoJSON and KML data for the United States
GeoJSON and KML data for the United States

I had a devil of a time finding simple GeoJSON and KML boundary files for US counties and states. Eventually I realized that I could get shapefiles from the United States Census Cartographic Boundary Files and convert them to GeoJSON and KML formats using the MyGeoData vector converter.

The result is the following set of boundary files. Since copyright protection is not available for any work of the United States Government, you should all be free to use for any purpose. The Census Bureau does request to be cited as a source.

These files are available in various resolutions and are all derived from the 2010 census. The 500k files are the most detailed, but also the largest. The 20m files are the smallest, but at the cost of some dramatic simplification. The 5m files fall somewhere between the other two.
Features 500k 5m 20m
US Outline SHP, KML, GeoJSON SHP, KML, GeoJSON SHP, KML, GeoJSON
US States SHP, KML, GeoJSON SHP, KML, GeoJSON SHP, KML, GeoJSON
US Counties SHP, KML, GeoJSON SHP, KML, GeoJSON SHP, KML, GeoJSON
US Congressional (see note) SHP, KML, GeoJSON SHP, KML, GeoJSON

If the files you need are not here, don’t be afraid of going to the source and converting them yourself!

You can also look at this example of how to use the files.
geojson  gis  kml  US 
june 2018
Twitter
I've been putting my sunglasses in there like a dipshit
from twitter_favs
june 2018
telemetry aggregation and shipping, last up the ladder
Cernan is a telemetry and logging aggregation server. It exposes multiple interfaces for ingestion and can emit to multiple aggregation sources while doing in-flight manipulation of data. Cernan has minimal CPU and memory requirements and is intended to service bursty telemetry without load shedding. Cernan aims to be reliable and convenient to use, both for application engineers and operations staff.

Why you might choose to use cernan:

You need to ingest telemetry from multiple protocols.
You need to multiplex telemetry over aggregation services.
You want to convert log lines into telemetry.
You want to convert telemetry into log lines.
You want to transform telemetry or log lines in-flight.
rustlang  metrics  telemetry  aggregation 
june 2018
Schema evolution in Avro, Protocol Buffers and Thrift
Published by Martin Kleppmann on 05 Dec 2012.

So you have some data that you want to store in a file or send over the network. You may find yourself going through several phases of evolution:

Using your programming language’s built-in serialization, such as Java serialization, Ruby’s marshal, or Python’s pickle. Or maybe you even invent your own format.
Then you realise that being locked into one programming language sucks, so you move to using a widely supported, language-agnostic format like JSON (or XML if you like to party like it’s 1999).
Then you decide that JSON is too verbose and too slow to parse, you’re annoyed that it doesn’t differentiate integers from floating point, and think that you’d quite like binary strings as well as Unicode strings. So you invent some sort of binary format that’s kinda like JSON, but binary (1, 2, 3, 4, 5, 6).
Then you find that people are stuffing all sorts of random fields into their objects, using inconsistent types, and you’d quite like a schema and some documentation, thank you very much. Perhaps you’re also using a statically typed programming language and want to generate model classes from a schema. Also you realize that your binary JSON-lookalike actually isn’t all that compact, because you’re still storing field names over and over again; hey, if you had a schema, you could avoid storing objects’ field names, and you could save some more bytes!

Once you get to the fourth stage, your options are typically Thrift, Protocol Buffers or Avro. All three provide efficient, cross-language serialization of data using a schema, and code generation for the Java folks.
avro  protobuf  thrift  schema  evoltion 
june 2018
Twitter
RT : Jeff Bezos Announces Customers Can Delete All Of Alexa’s Stored Audio By Rappelling Into Amazon HQ, Navigating Lase…
from twitter
june 2018
33: Just Put it in a Module, Man - Bike Shed podcast
Sean and Derek take some listener questions, and dig into DRY.

Including in unit tests.
ruby  testing  programming  unit  test  advice  podcast 
june 2018
Twitter
The most successful people I’ve met:

1. Eat and drink every day
2. Sleep sometimes
3. Are mostly human
4. Have reg…
from twitter_favs
june 2018
(429) https://twitter.com/i/web/status/1006593168459141121
New programmers are often uncertain if they will ever be good enough. As we grow more experienced, we learn to rela…
from twitter_favs
june 2018
Twitter
The most successful people I've met:

1. Read constantly
2. Workout daily
3. Are innately curious
4. Have laser foc…
from twitter_favs
june 2018
Twitter
RT : Help wanted: we're generalizing the middleware from HttpRoutes to parameterized Kleislis. It's not hard, and if you…
from twitter
may 2018
Twitter
At a time when journalists are being attacked constantly for doing our jobs, I appreciated this closing remark from…
from twitter_favs
may 2018
Twitter
Rosa Parks was not protesting the bus. Gandhi was not protesting the food. The colonists were not protesting tea. P…
from twitter_favs
may 2018
Twitter
In software engineering, there are two primary dimensions of benefit: what helps the business, and what helps the e…
from twitter_favs
may 2018
Twitter
This but for programming.
from twitter_favs
may 2018
Twitter
I thought you might like this visualization of the terms and conditions of the different apps
from twitter_favs
may 2018
Twitter
IC write-up is live! Next up is YouTube video...
from twitter_favs
april 2018
« earlier      
2011-01 4runner advice advocacy alternative amazon analytics android ansible api app archlinux arduino arm authentication automation aws axle backup bearing benchmark bicycle blazer blog bluetooth book bootloader browser bug build business carbon case cassandra cli client clojure clone code collectd comparison conference config configuration container cowork crosscompile css d3 dashboard data database debian debug deploy design dev development devops disk docker dockstar dotfiles dropwizard elasticsearch electronics email embedded error event example firetv firmware forum framework functional gist git github golang google grafana graph graphite hack hardware haskell howto html http image index indiana indianapolis indy indyscala integration irc java javascript jdbc jmx jquery json jvm kafka kernel kibana lenovo library linux log logging logstash lua maintenance management markdown maven metrics migration monitor monitoring nas network nginx nikon nodejs nosql nrf24l01 opennms opensource openwrt oss outback pallet parser pdf performance plugin port postgres power presentation privacy programming project proxy pyr python raspberrypi rear recipe reddit redis remote repair rest riemann root router ruby rustlang sbt scala scalatra script seal security sensor serial server service slides software spring sql square ssd ssh ssl statsd subaru sysadmin t440p tcp teensy temperature test testing thinkpad tls tool toyota tsdb tutorial twitter ubiquiti unifi usb vagrant video vim virtualbox visualization voip vulnerability web webdev wifi windows wireless xbee xda xmpp youtube zfs

Copy this bookmark:



description:


tags: