Seach content in collapsible sections.

That's great!

we’re going from running 177 Cassandra nodes to just 72 ScyllaDB nodes. Each ScyllaDB node has 9 TB of disk space, up from the average of 4 TB per Cassandra node.

They migrated away from CassandraDB to ScyllaDB with a rust-based data service

News from https://www.scmp.com/news/china/science/article/3325161/ai-could-cut-submarines-survival-chance-5-chinese-defence-scientists

and the paper about it: https://interestingengineering.com/military/next-gen-ai-end-invisible-submarines.

Meanwhile they increase their detection: https://thequantuminsider.com/2025/04/27/china-tests-drone-mounted-quantum-sensor-that-could-reshape-submarine-detection/. Note this work only under stable and controlled conditions.

The #USA are also building something able to detect submarines at 6km https://thequantuminsider.com/2025/04/27/china-tests-drone-mounted-quantum-sensor-that-could-reshape-submarine-detection/

Auto-complétion d'adresses? Oui

Avec une image docker de https://photon.komoot.io/: https://github.com/rtuszik/photon-docker

Pourtant, un malaise s’est installé peu à peu chez lui. Si, avec l’âge, il a pris conscience des enjeux écologiques, il constate que ses créateurs de contenus préférés — qu’il suit aussi sur d’autres plateformes, comme Instagram et X — sont loin d’engager une quelconque réflexion à ce sujet.

Yep

(via https://sebsauvage.net/links/?V_U4DA)

Wow

dagger.js is a zero‑build · zero‑API · zero third‑party dependencies · runtime‑only, lightweight, (MIT‑licensed) web front‑end framework that provides an intuitive and efficient all‑in‑one solution for building web applications.

The menu is made with the liquid-glass style

Libxml2 maintainer steps down. He is thanklessly maintaining the thing since 1999. Literally the XKCD comic about "a project some random person in Nebraska has been thanklessly maintaining since 2003". All browsers vendors and companies are using it under the hood.

Postgres in web browsers ?!

C’est parce que certains services privés touchent tout le monde que c’est devenu un gros problème : des entreprises siphonnent nos données, étudient nos comportements, suivent nos déplacements, et pour la plupart nous continuons comme si de rien n’était.

Toutes ces données amassées sur vous ne disparaîtront pas du jour au lendemain. Si des régimes politiques déviants s’installent, et ils ont toutes les chances de le faire quand les options sont manipulées à grande échelle, vos anciennes opinions et pratiques pourront être retournées contre vous.

La suite dans les commentaires sur https://mamot.fr/@tcrouzet/115179829173868768

Note de Khaled Gaiji: Je ne pense pas qu’on lutte tou-tes avec le même capital culturel et la conscience de ça. Je pense que les gens luttent avec ce qu’iels connaissent et avec "l’éducation" qu’iels ont eu . Ça demande une démarche très active d’aller vers d’autres formes de pensées et nous ne partons pas toutes et tous du même point de départ.

Facebook est déjà compliqué comme outil en fait. Une alternative libre reste déjà plus dans l'intérêt de l'utilisateur.

Mais attention si les messageries instantanées aident à s’organiser, elles ne sont généralement pas un vecteur de viralité. La priorité : quitter les réseaux sociaux algorithmiques, ceux qui vont monter d’odieuses mayonnaises.

It's absolutely possible to beat even the best sort implementations with domain specific knowledge, careful benchmarking and an understanding of CPU micro-architectures. At the same time, assumptions will become invalid, mistakes can creep in silently and good sort implementations can be surprisingly fast even without prior domain knowledge. If you have access to a high-quality sort implementation, think twice about replacing it with something home-grown.

Une critique des publicités en ligne, de leur impact sur l'utilisateur, les ressources consommées, les données collectées

D'où l'initiative https://bloquelapub.net/, et une liste d'alternatives

Ideas for creative projects. Lean and have fun.

“What I cannot create, I do not understand”

One ting to consider: KISS. The program can crash or panic for a lot of code path. Implement only the necessary!

Bids and buy custom omg.lol domains.

That's a way to run a business.

The problem is annoying and difficult. Also secrets can be easy to rotate, can not rotate or ones that attackers use.

You could be doing so many good data security practices, like secure-by-design frameworks, database and field-level encryption, zero-touch production, access control… but logging bypasses all of that… and ultimately degrades trust, in your systems and in your company.

It happens to companies of all sizes: X, Google Cloud, Facebook

Causes:

1. Direct logging
2. Kitchen sinks: objects that contain or hold secrets, often in opaque or unexpected ways. Errors of requests are examples.
3. Configuration changes: turning logging level to debug.
4. Embedded secrets: a token shared by URL
5. Telemetry: error monitoring and analytics are logs. They often provide the local variable context.
6. User Input: the user provides wrong but PII data in a wrong field for example.

Fixes:

1. Data architecture:part of the solution is reducing the number of data flows and shrinking the problem space so you simply have less things to worry about and protect. One logging utility!
2. Data transformation: minimization, redaction, tokenization (and the trolls: hashing, encryption, masking)
3. Domain primitives: “combines secure constructs and value objects to define the smallest building block of a domain”. new Secret("..."). They provide security invariants and guarantees that basic string primitives simply cannot.
4. Compile-time: a logging function that never accepts secrets (TS branded types helps!)
5. Run-time classes (extends String): it identifies the secrets. Overwrite the toString() method in JS to return [redacted] but an explicit unwrap() method for example.
6. Read-once objects: they throw an error or [redacted] in case of second read.
7. Taint checking: the general idea here is that you add taint to various sources (like database objects), and yell loudly if the data flows into certain sinks (like logs). Demo: https://semgrep.dev/playground/s/4bq5L It's awesome and not awesome as the same time.
8. Log formatters: redact known dangerous property names
9. Unit tests
10. Sensitive data scanner
11. Sampling (every cases instead of proportions)
12. Log pre-processors such as Vector
13. People

Strategy:

1. Lay the foundation: Developing expectations, culture, and support is a must-have. Define what a secret is. Use structured logs to allow operations on them.
2. Understand the data flow: with the foundation laid, the next best thing to do is to understand and chart out how secrets flow through your system.
3. Protect at chokepoints: CI/CD and App code first, before relying on the loggging library and other operation services.
4. Apply defense-in-depth: data transformation, read-once objects, log formatters in the library, log pre-processors, sensitive scanners, people
5. Plan for response and recovery

(via https://sebsauvage.net/links/?LscYqg)