Archives

#179 - jul 10th 2016

Look

Examples of UI/UX, graphic performance, web design and flashy things.
Oak Studios design
Elegant and simple.

Use

Web applications, resources and tools, available for making our life easier or funnier.
Ruby or Rails? rb
Let's check whether you remember where Ruby ends and Rails starts.
Definitely Typed js
The repository for high quality TypeScript type definitions.
Siteleaf tool
Static website as a Service.
Places to Work web
The biggest collection of 10,336 places to work worldwide with fast WiFi, power outlets, great coffee and ergonomic seating for digital nomads to work remotely.

Install

A selection of gems or applications updated during past week.
Jsonapi-utils rb
Build JSON APIs with ease.
Felony js
PGP keychain built with Electron, React, and Redux.
React-elm-components js
Write React components in Elm
Moeditor tool
Electron markdown editor.
TLS-observatory ops
An observatory for TLS configurations, X509 certificates, and more.

Read

From the blogosphere or news feeds ...
Parsing Binary Data Formats jul 5 rb
Use bindata gem and do some basic steganography.
Control the Physical World with Ruby and Artoo jul 5 rb
Control and interact with lots of different hardware platforms (e.g. the Sphero, the Arduino, etc.).
Securing Your IoT Devices and Services with JSON Web Tokens jul 5 web
IoT security is a hot-button issue in today’s world.
Setting up a Home VPN Server Using Your Raspberry Pi jul 5 ops
Turn a Raspberry Pi into a VPN to connect to a home network remotely.
Announcing AptWatcher jul 6 rb
Collect information about package updates from servers to Slack notifications channel.
Trying to match C-based Fast Blank with Crystal jul 6 cr
Some C experiments on Crystal.
Fixing data corruption and socket leak issues in Rails 5 jul 7 rb
During performance testing of the Rails 5.0.0 release we discovered two bugs in Rails.
A Recipe for mRuby Raspberry Pi? Just Add h2o! jul 7 rb
Use a RPi to make one of those visual doorbells that you can buy for $129.
The Bash For Loop, The First Step in Automation on Linux jul 7 ops
Mastering the for loop in Bash on Linux is one of the fundamentals for Linux sysadmins.
Why we use the Linux kernel's TCP stack jul 7 ops
Feedback from a Cloudflare engrineer.
How We Do Spikes jul 8 rb
How Acquisio solves rails assets pipeline problem using spikes discussion.
5 Tips for Writing a Legible Regexp jul 8 rb
Use %r with x option and single interpolation.
Integrating Content Security Policy into your Rails applications jul 8 rb
Prevent wide categories of attacks using CSP.
A Front End Developer is Aware jul 8 css3
Everybody involved in a web team ends up talking with the front end developers.
A checklist for Docker in the Enterprise jul 8 ops
Areas that may be important to an enterprise when considering developing a Docker infrastructure.
Using Hashicorp Vault as a PKI SSL/TLS CA jul 9 ops
Encrypting data is important, both in transit and at rest.
Links curated by mose (publisher), xenor, tysliu (editors), mose, hsatac, nauman, franzejr (contributors) .

Rant

The random rant of the week by mose.

The (in)culture of encryption

A couple weeks ago I had found out that a friend was keeping his passwords in a google sheets document. I was horrified. But he's a normal person. I mean, not more technical than the next guy, or just a little. He's using the web interface of gmail for his mail, like many people do (I even know very technical people doing it, which is still boggling me). I looked around and found mailvelope. So I hook him up on it and now he can use GPG.

In the past 20 years I have seen the timid evolution of personal encryption. Oh there are initiatives like Keybase, various simple tools like passowrdstore or Felony that I discovered this week. But it seems that encryption don't really stick to the usages, unless you have a specific thought about it. Fortunately there is some wise generalization of SSL for inter-server communication, with initiatives like lets encrypt. But inter-personal communication is still wide open.

More and more it is well-known that our data is food for various corporation, governmental agencies, and dark organizations. What will it take for getting the users to claim better privacy? Will it ever happen?

I mean, yes for sure people can use the tools. But it's cumbersome. Until encryption is embedded in our tools and services, it simply won't spread significantly enough. There are some projects like Caliopen that try to do so. On another hand, we have seen some services like Telegram which provide such service, and even some mainstream providers like Whatsapp jump into the full-encryption train. So maybe there is hope? I still wonder what's the part played by Facebook (which now owns Whatsapp) in that move.

The recent fight between Apple and US government was supposed to set some kind of precedent. Too bad it was aborted. But they would have complied at the end, this is my bet. Now that encryption is the only way for companies to legally keep their users safe from legal (and illegal) inquiries, maybe more will consider it?

If you have two onces of technical savyness, please stop running naked on the streets. Gear up and use encryption whenever possible.

Green Ruby News is a feed of fresh links of the week about ruby, javascript, webdev, devops, collected by mose, xenor and tysliu every sunday.

Subscribe
to the
Green Ruby Weekly Newsletter

Email distribution is powered by mailchimp.