Software Development & Design
Automated IDOR Discovery through Stateful Swagger Fuzzing
Yelp has released their tool for automated IDOR (Insecure Direct Object Reference) testing of your services. Always check if API user is authorized to access particular resource, and don’t use easily enumerable IDs.
Some Useful Probability Facts for Systems Programming
Simon describes intuition around couple probabilities which we encounter quite frequently when working on large systems.
-
Todd provides introduction into Raft consensus algorithm. Main body of the presentation is about Aeron, which provides efficient reliable UDP unicast, UDP multicast, and IPC message transport.
Elixir
Periodic jobs in Elixir with Periodic
Saša Jurić doesn’t need any introduction for the Elixir community. Article provides background and introduction to his library for running periodic jobs in Elixir called
periodic
.
Machine Learning / Data Science
-
Deep dive into problematic of taking samples from large dataset with reservoir sampling. Reservoir sampling is a group of algorithms for choosing a random sample from dataset of unknown size (and bigger then available memory).
Anomaly Detection with Autoencoder in TensorFlow 2.0
Easy to follow introduction into using Autoencoder for anomaly detection.
Infrastructure
What is a Good Control Plane to Operate a Large Number of Kubernetes Clusters?
Overview of how Valterra manages thousands of small Kubernetes clusters. Related article from their Jakub Pavlik is also quite interesting read.
-
Overview of different tools and projects to simplify your day-to-day interaction with Kubernetes clusters. Some are open-source / free, some are commercial, but article clearly states it for every project.
Powering Pinterest ads analytics with Apache Druid
Pinterest sharing some lessons learned from their production deployment of Druid.
KRAKsat Satellite Mission - Lessons Learned
KRAKsat Satellite Mission unfortunately failed, but they have published an extensive post-mortem. Couple good learnings for system design, even if you are not into satellites.
-
A set of Ansible playbooks to build and maintain your own private cloud: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.