Feed aggregator
Book Review: "Tidy First?" By Kent Beck
Article URL: https://www.pathsensitive.com/2024/04/book-review-tidy-first.html
Comments URL: https://news.ycombinator.com/item?id=39897594
Points: 7
# Comments: 0
Ask HN: Why would you ever use C++ for a new project over Rust?
Was having this debate with a coworker recently who’s a Rust fanatic and prior C++ eng; he said the tooling and support has gotten so good you would just be shooting yourself in the foot if you ever started something new on C++. I wasn’t convinced but is this really the case? Like if you had equal skill in both, is there ever a case for doing a project in C++ (outside of being forced by the platform you’re working on or anything outside your control)?
Comments URL: https://news.ycombinator.com/item?id=39897592
Points: 1
# Comments: 1
Shares in Trump's media company fall 23%
Article URL: https://www.reuters.com/markets/us/trumps-media-company-falls-after-raising-going-concern-doubts-2024-04-01/
Comments URL: https://news.ycombinator.com/item?id=39897580
Points: 3
# Comments: 1
Dropbox Fax: Send and receive faxes without a fax machine
Article URL: https://sign.dropbox.com/products/dropbox-fax
Comments URL: https://news.ycombinator.com/item?id=39897573
Points: 4
# Comments: 0
The ancient world before computers had stacks or heaps
Article URL: https://devblogs.microsoft.com/oldnewthing/20240401-00/?p=109599
Comments URL: https://news.ycombinator.com/item?id=39897565
Points: 1
# Comments: 0
Google to destroy browsing data to settle consumer privacy lawsuit
Article URL: https://www.reuters.com/technology/google-destroy-browsing-data-settle-consumer-privacy-lawsuit-2024-04-01/
Comments URL: https://news.ycombinator.com/item?id=39897561
Points: 2
# Comments: 0
Scientist Who Gene-edited Babies Back in Lab and 'Proud' of Past Work Despite Jailing
Free VPN apps turn Android phones into criminal proxies
Researchers at HUMAN’s Satori Threat Intelligence have discovered a disturbing number of VPN apps that turn users’ devices into proxies for cybercriminals without their knowledge, as part of a camapign called PROXYLIB.
Cybercriminals and state actors like to send their traffic through other people’s devices, known as proxies. This allows them to use somebody else’s resources to get their work done, it masks the origin of their attacks so they are less likely to get blocked, and it makes it easy for them to keep operating if one of their proxies is blocked.
An entire underground market of proxy networks exists to service this desire, offering cybercriminals flexible, scalable platfroms from which to launch activities like advertising fraud, password spraying, and credential stuffing attacks.
The researchers at HUMAN found 28 apps on Google Play that turned unsuspecting Android devices into proxies for criminals. 17 of the apps were free VPNs. All of them have now been removed from Google Play.
The operation was dubbed PROXYLIB after a code library shared by all the apps that was responsible for enrolling devices into the ciminal network.
HUMAN also found hundreds of apps in third-party repositories that appeared to use the LumiApps toolkit, a Software Development Kit (SDK) which can be used to load PROXYLIB. They also tied PROXYLIB to another platform that specializes in selling access to proxy nodes, called Asocks.
Protection and removalAndroid users are now automatically protected from the PROXYLIB attack by Google Play Protect, which is on by default on Android devices with Google Play Services.
The affected apps can be uninstalled using a mobile device’s uninstall functionality. However, apps like these may be made available under different names in future, which is where apps like Malwarebytes for Android can help.
Recommendations to stay clear of PROXYLIB are:
- Do not install apps from third-party websites.
- Do not install free VPNs.
- Use Malwarebytes for Android.
Victims of novel attacks like PROXYLIB might notice slow traffic, because their bandwidth is in use for other purposes. And at some point their IP address may be blocked by websites and other services.
The researchers included a list of applications they uncovered as part of PROXYLIB. If you installed any of the apps on the list before they were removed from Google Play you will need to uninstall them.
We don’t just report on privacy—we offer you the option to use it.
Privacy risks should never spread beyond a headline. Keep your online privacy yours by using Malwarebytes Privacy VPN.
Show HN: Joystick – A Full-Stack JavaScript Framework
Howdy folks. My name is Ryan. I've been building Joystick for the last three years. A few weeks back, I shipped the RC1 release.
tl;dr Joystick is a full-stack JavaScript framework. It combines a component framework with a batteries-included Node.js back-end into one wholistic system. It also has a built-in testing framework so you can do TDD out of the box. It supports MacOS, Windows, and Linux (please file bug reports on Github so I can get them sorted).
My goal is to get a final 1.0 out by the Fall/Winter. After that, the core APIs will be frozen with only new features being added so you don't have to worry about wasting time on surprise refactors (i.e., I won’t be changing how you build your app—just under the hood performance/security stuff).
---
Joystick has been a ~3 year labor (following ~2 years of research/prototyping). I started work on it because I was using the Meteor JavaScript framework as the foundation for apps I was building with students and for clients as part of my old company, Clever Beagle (before that, I wrote tutorials for Meteor as The Meteor Chef).
When Meteor started to fall out of favor/got sold off, I was looking around for something comparable but nothing took. The next closest option was...Next, but it was missing a lot of what drew me to Meteor. Dissatisfied, I started to ask "could I build my own framework?"
Fast-forward a couple of years and the answer was yes. I initially planned on shipping with support for React, Vue, etc., but I noticed a trend toward their APIs becoming more, not less, complicated (simple on the surface, complex once you get into implementation details). I sketched out a component API akin to React 1.0 (h/t Jordan Walke), adding in some missing features that I constantly had to reinvent the wheel to implement on each app (e.g., URL access, data-fetching, etc). Once I had a working prototype: I didn't look back.
As the idea took shape, I started to think about the idea of building an end-to-end stack for shipping apps with JavaScript (a proper response to Ruby on Rails for JavaScript). There were others that had tried, but again, their APIs were lacking that sweet spot I was looking for.
Once I had a solid back-end to front-end combo, I moved on to deployments. Having been burned relentlessly by deployments in the past (culminating in my K8S cluster being decimated by a forced cluster upgrade at DigitalOcean), I decided to go back to basics and see what old tech was available. I was able to get a working deployment using a combo of HAProxy and systemd scripts (which was and continues to be remarkably stable). Instead of using Docker, I do vanilla bootstrapping on the box and have deployments set up to go out to three providers: DigitalOcean, Vultr, or Linode. That service is called Push [1] and is currently in private beta.
Next in my sights is CSS. I'm technically a UI designer (I only started doing JS development because I was tired of building static mockups) and have wanted to build a CSS framework for years. I love the style of Tailwind but the utility class stuff gives me nightmares (both from a maintenance perspective and the thought of future developers being clueless about how to actually write/maintain CSS). That framework will be called Mod [2] and is dropping this summer. It will be responsive, component-based, and feature a vanilla CSS/JS option as well as components built as Joystick components.
---
That's all for now. Drop questions below (see the FAQ first) and I will answer over the next couple of days. If you want to send something privately (e.g., hate mail), just email business@cheatcode.co.
Ryan
[1] https://cheatcode.co/push [2] https://cheatcode.co/mod
Comments URL: https://news.ycombinator.com/item?id=39896946
Points: 1
# Comments: 0
43 Years of Actors: A Taxonomy of Actor Models and Their Key Properties [pdf]
Article URL: http://soft.vub.ac.be/Publications/2016/vub-soft-tr-16-11.pdf
Comments URL: https://news.ycombinator.com/item?id=39896927
Points: 1
# Comments: 0
RAGFlow is an open-source RAG engine based on deep document understanding
Article URL: https://github.com/infiniflow/ragflow
Comments URL: https://news.ycombinator.com/item?id=39896923
Points: 1
# Comments: 0
Save $181 Off This Self-Propelled Battery-Powered Lawn Mower, But Be Quick - CNET
Economists now think Japan is back
Article URL: https://fortune.com/asia/2024/04/01/negative-interest-rates-30-year-slump-economists-optimistic-japan-back-data/
Comments URL: https://news.ycombinator.com/item?id=39896889
Points: 1
# Comments: 1
Detroit went all in on big, expensive EVs nobody wants
Article URL: https://www.businessinsider.com/ev-shoppers-dont-want-detroits-pickup-trucks-they-want-this-2024-3
Comments URL: https://news.ycombinator.com/item?id=39896880
Points: 1
# Comments: 0
Reducing late-night alcohol sales curbed all violent crimes by 23% in Baltimore
Article URL: https://jamanetwork.com/journals/jamainternalmedicine/article-abstract/2817044
Comments URL: https://news.ycombinator.com/item?id=39896868
Points: 1
# Comments: 0
RFC 9564 – Faster Than Light Speed Protocol (Flip)
Article URL: https://www.rfc-editor.org/rfc/rfc9564.html
Comments URL: https://news.ycombinator.com/item?id=39896866
Points: 1
# Comments: 0
Product Engineering with IfC
Article URL: https://poetryincode.dev/product-engineering-with-ifc
Comments URL: https://news.ycombinator.com/item?id=39896846
Points: 1
# Comments: 0
Practical Nix flake anatomy: a guided tour of flake.nix
Article URL: https://vtimofeenko.com/posts/practical-nix-flake-anatomy-a-guided-tour-of-flake.nix/
Comments URL: https://news.ycombinator.com/item?id=39896835
Points: 1
# Comments: 0
Fixing Duplicate API Requests
Article URL: https://blog.frankel.ch/fix-duplicate-api-requests/
Comments URL: https://news.ycombinator.com/item?id=39896810
Points: 1
# Comments: 0
Rare – Last REV.5 Commodore C65 / DX64 / C90 Prototype Working SN#71
Article URL: https://www.ebay.co.uk/itm/134989142856
Comments URL: https://news.ycombinator.com/item?id=39896792
Points: 1
# Comments: 0