A readable explanation of SRI.
Link Archive
This document defines a "problem detail" as a way to carry machine- readable details of errors in a HTTP response to avoid the need to define new error response formats for HTTP APIs.
What she later came to realize (and explain to others) was that the black triangle was a pioneer. It wasn’t just that we’d managed to get a triangle onto the screen. That could be done in about a day. It was the journey the triangle had taken to get up on the screen. It had passed through our new modeling tools, through two different intermediate converter programs, had been loaded up as a complete database, and been rendered through a fairly complex scene hierarchy, fully textured and lit (though there were no lights, so the triangle came out looking black). The black triangle demonstrated that the foundation was finally complete the core of a fairly complex system was completed, and we were now ready to put it to work doing cool stuff. By the end of the day, we had complete models on the screen, manipulating them with the controllers. Within a week, we had an environment to move the model through.
A few months ago, British Airways' customers had their credit card details stolen. How was this possible? The best guess goes something like this: BA had 3rd party JS on its payment page The 3rd party's site was hacked, and the JS was changed. BA's customers ran the script, which then harvested their credit card details as they were typed in.
Subresource Integrity (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from a CDN) are delivered without unexpected manipulation. It works by allowing you to provide a cryptographic hash that a fetched resource must match.
Another security protocol to learn.
tonal is a small (20kb minified, 6kb gzipped) javascript modular music theory library. It provides functions to manipulate tonal elements of music (pitches, chords, scales, keys). It deals with abstractions (not actual music).
Ooh this could be fun.
Tone.js is a framework for creating interactive music in the browser. It provides advanced scheduling capabilities, synths and effects, and intuitive musical abstractions built on top of the Web Audio API.
Could do some fun weekend programming with this.
The lack of bad outcomes can reinforce the ‘rightness’ of trusting past practices instead of objectively assessing the risk, resulting in a cultural drift in which circumstances classified as ‘not okay’ slowly come to be reclassified as ‘okay’. Diane Vaughan coined the term ‘normalisation of deviance’ and defines it as ‘the gradual process through which unacceptable practice or standards become acceptable. As the deviant behaviour is repeated without catastrophic results, it becomes the social norm for the organisation.’
How many ways are there of writing some natural number $n$ as the sum of two squares?
$?=?^2+?^2$
I don’t want an answer for some particular $n$ . I don’t even want a general formula. I just want to know… on average.
To commemorate Pi Day on March 14th, we have put together this Virtual Special Issue of articles on the topic of Pi, from the Mathematical Association of America’s four publications.
People have been figuring ways to compute π for ages, and most of them were very very tedious and time-consuming. Archimedes figured it out to 3 decimal places. 750 years later, we managed to get 4 digits. Another 900 years passed, and we got to 16. In the late 1800s, hapless William Shanks busted his buns for 15 years to compute π to 707 places using John Machin's formula (seen in the app, above). In a stroke of bad luck, however, he blew it 527 digits in, so the remainder of the estimate is incorrect. [Nooooooo...!] Fortunately, no one was willing to spend the time to double-check his work, and he died in the blissful happiness of a job well-done.
Installation of mkcert on CentOS and Fedora is similar to Ubuntu/Debian installation. You only need to install nss-tools tools first.
The web is moving to HTTPS, preventing network attackers from observing or injecting page contents. But HTTPS needs TLS certificates, and while deployment is increasingly a solved issue thanks to the ACME protocol and Let's Encrypt, development still mostly ends up happening over HTTP because no one can get an universally valid certificate for localhost.
The world's first linear algebra book with fully interactive figures.
I'm not sure of the claim, but it is an impressive teaching resource.
These pages are a collection of facts (identities, approximations, inequalities, relations, ...) about matrices and matters relating to them.It is collected in this form for the convenience of anyone who wants a quick desktop reference.
As for her mom's signature dumpling recipe, for which the animated short is named? Shi says that her family likes to keep it old-school. "She won't use a food processor or a meat grinder for the pork filling," Shi says. "She'll use an old-school cleaver and just chop everything, throw in chives and garlic, mince everything together, and chop for ten minutes."
Having a file structure full of various file types you want to sync only files of one type into a new location.
rsync -rv --include '*/' --include '*.js' --exclude '*' --prune-empty-dirs Source/ Target/This will generate the same structure found in Source into Target but only including the JavaScript(.js) files.
I'm tired of looking this up.
${var%Pattern}
Remove from \$var the shortest part of \$Pattern that matches the back end of \$var.
I need to look this up far too often.
This page explains the design and implementation of operations on big (modular) integers, used for RSA and generic elliptic curve computations.
I love these numerical algorithms.
This article walks through the components of a modern LZ compressor. It's amazing how rich and deep the compression field is. If you enjoy algorithms and data structures, there are not too many better places to play. I hope you enjoy reading it as much as I enjoyed writing it!
By the end, we will have a compressor that can beat gzip while decompressing at almost the same speed — in less than 1000 lines. You can find the source for the article at https://github.com/glinscott/linzip2.
Deep dive into an incredible algorithm.
The Apollo Guidance Computer (AGC) provided guidance, navigation and control onboard the Apollo flights to the Moon. This historic computer was one of the first to use integrated circuits, containing just two types of ICs: a 3-input NOR gate for the logic circuitry and a sense amplifier IC for the memory. It also used numerous analog circuits built from discrete components using unusual cordwood construction.
Incredible details on an absolutely mind-blowing piece of hardware. Magnetic memory!
magine that you have attached a pencil to a pendulum so that it brushes across a piece of paper as the pendulum swings back and forth. When the pendulum finishes swinging you will end up with a single straight line drawn on your paper – very dull indeed! Now imagine further that you somehow manage to connect a second pendulum to your pencil which oscillates at right angles to the first. The resulting drawing might look something like the image below. If your imagination fails you (or if my explanation isn’t up to the job) then you can see a video of the set up I am trying to describe by clicking here.
Strange Attractors are plots of relatively simple formulas. They are created by repeating (or iterating) a formula over and over again and using the results at each iteration to plot a point. The result of each iteration is fed back into the equation. After millions of points have been plotted fractal structures appear. The repeated points fall within a basin of attraction (they are attracted to the points that make up these shapes).