[Weekly Drip 041.1] ZOMG Processors, Cold Showers for the Hot New Thing, and Browser Security


alt text

It was a bad week for processors. Three teams independently discovered the Meltdown attack, and two teams discovered the Spectre attack. Google’s Project Zero has a great writeup on these major vulnerabilities with Intel, AMD, and ARM processors. Intel has responded to the security findings, which The Register has found will lead to as much as a 30% slowdown for older computers. Read more about the design flaw ‘at the heart of Intel CPUs’ or read Linus Torvalds’s thoughts on the situation. By the way, some people saw it coming. For an overview of the past couple days take a look at Peter Brights article on Ars Technica. For a chuckle, read some kernel code submitted by AMD in the aftermath.

Sometimes people get way too excited about things in software development. Check out Hillel Wayne’s new Awesome Cold Showers to point your friends to that are a little too excited about things like Scalability, Web Framework Benchmarks, and Agile Methods. I’m fascinated that there's no cold shower on distributed computation or blockchain. Let’s make that happen.

TIL that if you are using a browser-based password manager instead of something like lastpass or 1password, you should migrate off of it. tl;dr ad networks are identifying users based upon invisible form elements that are auto-filled by browser’s internal password managers (primarily usernames). There is no technical reason they couldn’t do the same thing to extract passwords.

Development Dregs

Blog Posts this week from DailyDrip

alt text



This post was written by the DailyDrip team and syndicated via Inside.com's network of email newsletters.