CodeIsGo.com

For many years, microcontrollers have been a staple in various products, continuously revolutionizing their feature sets, reliability, and performance. Moore’s Law has brought 16- and 32-bit processing to even the smallest and most affordable consumer products. The presence of larger memory and CPU power has allowed the use of real-time operating systems (RTOS) where previously developers had to rely on “bare metal” coding. However, as products have evolved to become connected devices in the context of IoT, it has revealed fundamental shortcomings in the traditional methods of software development for microcontrollers. By Jonathan Williams.

The article then pays attention to:

• Consistent Device Reachability is Key in IoT Projects
• What is a Microvisor?
• Guaranteeing Device Availability for Firmware Updates

A microvisor is an IoT approach using hypervisors for microcontrollers, which enables reliable and secure remote operations, such as failsafe over-the-air firmware updates, on Internet-connected devices. Architecturally, a microvisor makes use of hardware separation within a microcontroller – such as the STM32U585 from ST – to divide it into two sections at boot time, e.g. by leveraging Arm® Trustzone®. Good read!

In this article, we are going write the function as a service (FaaS) — i.e., a serverless function that will interact with data via a database, to produce meaningful results. FaaS can also be very useful in A/B testing when you want to quickly release an independent function without going into actual implementation or release. By Mohit Sharma.

The article then explains following steps:

• Serverless function: Hello World!
• Installing the Azure plugin
• First Azure function
• Deploying and running
• Connecting the serverless function with MongoDB Atlas
• Adding the Azure function IP address in Atlas Network Config

With MongoDB Atlas on Microsoft Azure, developers receive access to the most comprehensive, secure, scalable, and cloud–based developer data platform on the market. Now, with the availability of Atlas on the Azure Marketplace, it’s never been easier for users to start building with Atlas while streamlining procurement and billing processes. Code examples and screenshots are also included. Nice one!

Along with the core SAP S/4HANA solution, a number of peripheral SAP cloud applications provide benefits to financial organizations. These applications are often in the scope of finance transformation projects, with finance and accounting serving as interested parties in the implementation of these tools. The tools highlighted in this section cover analytics, end-to-end procurement, time and expense management, contingent labor management, and human resources (HR) management. By SAP PRESS.

Tha article then compares:

• SAP Analytics Cloud
• SAP Ariba
• SAP Concur
• SAP Fieldglass
• SAP SuccessFactors

SAP Analytics Cloud provides a smooth end-to-end analytics experience that simplifies complex processes with one solution. It allows businesses to navigate easily from understanding the data to devising an appropriate plan to taking necessary action to achieve that plan. Also interesting is SAP Ariba - end-to-end, source-to-pay, software-as-a-service (SaaS) solution from SAP. In recent years, SAP Ariba has extended capabilities beyond traditional source-to-pay technologies and journeyed into enabling an intelligent digital enterprise utilizing the power of SAP Business Network.Interesting read!

HTTP Strict Transport Security (HSTS) is a web security policy mechanism that helps to protect websites against protocol downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should interact with it using only secure HTTPS connections, and never via the insecure HTTP protocol. This article will guide you on how to implement and optimize HSTS in Apache for improved web security. By Rahul.

The article then describes:

• Why use HSTS?
• Implementing HSTS in Apache
• Optimizing HSTS in Apache
• Potential pitfalls and how to avoid them
• Monitoring and maintaining HSTS

Implementing and optimizing HTTP Strict Transport Security (HSTS) on your Apache server is a crucial step towards securing your website and safeguarding user data. By enforcing HTTPS connections, preventing protocol downgrade attacks, and thwarting cookie hijacking attempts, HSTS provides a robust mechanism for enhancing web security. Interesting read!

Over the past decade, social media platforms have revolutionized social interactions for people looking to connect with friends, family, and like-minded individuals and communities. Since the dawn of MySpace and Facebook, social media has provided us with an unprecedented level of connectivity and has opened up a world of opportunities for businesses to connect with their customers. However, with the rise of Web3, traditional social media platforms are being forced to rethink their models in order to stay relevant in a rapidly evolving digital landscape. By chain.com.

One of the greatest advantages of Web3 is the ability to reward users for their contributions to online communities. Instead of relying on traditional advertising models to generate revenue, Web3 platforms use cryptocurrencies and tokens to incentivize user participation. This means that users can be rewarded for creating content, engaging with others, and contributing to the growth of the community.

The rise of Web3 has led to the emergence of a new generation of social media platforms that are built on blockchain technology. These platforms offer a range of new features and benefits that are not available on traditional social media platforms. They allow users to take ownership of their online identities and data, and provide them with greater control over their online presence. Some examples include:

• Brave Browser: The Brave Browser is an example of an open-source web browser that incentivizes users with Basic Attention Tokens (BAT) for watching ads
• Decentraland: Decentraland is a platform on the Ethereum network where users can purchase land parcels and build their own virtual reality experiences
• ySign: The decentralized app called ySign offers users a way to communicate securely online through real-time chats that use end-to-end encryption algorithms to safeguard their privacy
• Mirror: Mirror is a platform for publishing on Web3 that prioritizes user privacy and decentralization

In these decentralized models, there is no central authority that controls the platform. Instead, these social platforms are powered by a network of nodes that work together to verify transactions and maintain the platform. This proposes several implications for social media. Interesting read!

Packages published on npm can declare pre and post-install hooks, which are scripts that run, well, pre or post-install. That is to say, when the npm CLI installs a package, it also runs those scripts on your machine. By Gabi Dobocan.

It runs them silently, in the background. Sounds like a bad idea? It kinda is.

In practice, these scripts can be very useful for automating tasks that need to be done every time a package is installed or updated. They can help ensure that the package is installed correctly and that any necessary setup or configuration tasks are completed automatically.

The article then delves into:

• How can install scripts hurt you
• Packages can silently leak your private data
• Packages can remotely run scripts for full access to your machine and data
• Any npm install comes with a risk

While researching this article, it was easy to identify many packages that have declared malicious install scripts directly in their package.json manifest. However, that is a naive approach, and most malware does a much better job of hiding and obfuscating sensitive code. Around 700k package versions in the npm registry currently declare install scripts, and could thus execute code that compromises the security of your dev machine, or your CI build. More are added every day. Very interesting!

Redis is a widely-used in-memory data store that is known for its speed and flexibility, making it ideal for building high-performance applications. However, with its increasing popularity and the explosion of high-traffic applications, it becomes crucial to optimize Redis to keep up with the growing data demand. By Jatin Sharma.

Read on to learn how to optimize your Redis database for lightning-fast speed and excellent scalability. You will learn:

• How Redis Works?
• How to optimize your Redis application?
  • Use Redis data types wisely
  • Use pipelining
  • Use Redis cluster
  • Use a connection pool
  • Use Redis Sentinel
  • Use Redis TTL to expire keys
• Why you should perform these optimizations?
• Why do developers fall under the non-optimized path?

Redis is a highly performant and scalable in-memory database that can be a great choice for high-traffic applications. However, to achieve maximum performance, it’s important to properly tune Redis and optimize it for your use case.

Learn how to add a Software Bill of Materials (SBOM) to your containers with GitHub Actions in a few easy steps. An SBOM is an inventory of the components that make up a software application. It is a list of the components that make up a software application including the version of each component. The version is important because it can be cross-reference with a vulnerability database to determine if the component has any known vulnerabilities. By Alex Ellis.

In this article you will learn:

• What is a Software Bill of Materials (SBOM)?
• Check out an SBOM for yourself
• Checking for vulnerabilities
• Generate an SBOM from within GitHub Actions

In this article author looked at Anchore’s two open source tools: Syft and Grype, and how they can be used to generate an SBOM and scan for vulnerabilities. With the SBOM approach, the responsibility is rebalanced, with the supplier taking on an active role in security. The consumer can then use the supplier’s SBOMs, or run their own scanning infrastructure - or perhaps both. Nice one!

Although Google is by far the most popular search engine, it’s certainly not the only search engine. Different search engines have different audience demographics. And different pros and cons. By Vlado Pavlik.

In this article, author will explore those differences. Read on for a comprehensive list of these search engines and their most unique features:

• Google
• Bing
• DuckDuckGo
• Yahoo
• Baidu
• Yandex
• Brave Search
• Neeva
• You
• Startpage
• Ecosia
• Swisscows

Some of these engines focus on privacy. For example Brave is a privacy-focused web browser founded in 2015. It also has its own search engine—called Brave Search—that you can use within or outside the Brave browser. Brave Search offers a private and anonymous search. Unlike some other smaller search engines, Brave uses its own web index and algorithms. But you can also enable “Google fallback.” This means Brave will also check Google to provide more accurate results.

Ecosia however is a search engine that donates a portion of its ad revenue to tree-planting initiatives around the world. You will also find further interesting information (e.g. Top 5 most popular search engines, best privacy oriented, ones with own crawler etc.) and categorisaton on search engines in this article. Very interesting read!

An open-source implementation of a Data Lake with DuckDB and AWS Lambdas. In this post we will show how to build a simple end-to-end application in the cloud on a serverless infrastructure. The purpose is simple: we want to show that we can develop directly against the cloud while minimizing the cognitive overhead of designing and building infrastructure. By Ciro Greco.

DuckDB is an open-source in-process SQL OLAP database built specifically for analytical queries. It is somewhat still unclear how much DuckDB is actually used in production, but for us today the killer feature is the possibility of querying parquet files directly in S3 with SQL syntax. As data practitioners we want (and love) to build applications on top of our data as seamlessly as possible. Whether you work in BI, Data Science or ML all that matters is the final application and how fast you can see it working end-to-end. The infrastructure often gets in the way though.

This tutorial then describes:

• Architecture
• Your first query engine + data lake from spare parts
• (Almost) free analytics
• A few remarks on the “Reasonable Scale”

In this post, we showed that the combination of data-first storage formats, on-demand compute and in-memory OLAP processing opens up for new possibilities at Reasonable Scale. Repository with the relevant code and architecture explanation are also provided. Interesting read!