Show & Tell
Andulka
Lint Roller? I Barely Know Her
TVSTRANGERTHINGS
todays bird
let's talk about Bridgerton tea, my ask is open
❣ Chile in a Photography ❣
Aqua Utopia|海の底で記憶を紡ぐ
Sade Olutola
will byers stan first human second
Alisa U Zemlji Chuda
trying on a metaphor
Monterey Bay Aquarium
Janaina Medeiros
No title available
PUT YOUR BEARD IN MY MOUTH
Cosmic Funnies
No title available
@theartofmadeline
No title available
seen from United States
seen from Malaysia
seen from United States
seen from United Kingdom
seen from United States
seen from United States
seen from United States
seen from United States
seen from United States
seen from China
seen from United States
seen from Türkiye
seen from Malaysia
seen from United States
seen from United States
seen from Indonesia
seen from United States
seen from United States
seen from United States
seen from United Kingdom
@bagwanpankaj
Version bump for Humongous: A MongoDB Browser
I have fixed some of the issues in Humongous: A MongoDB Browser. Listing those here
Explicit Login
Provided explicit login for people who need to change their connection to some other/remote database.
Authenticate Machines not Users
I have been dealing with servers, deployments and system security since long time. One practice that I see and looks much evil to me is using password authentication while deploying to server and/or using password directly into you deployment script.
Firstly putting password into deployment script is strict NO-NO, since it compromises with server security. So one should always avoid giving server access to deployment script.
Risks that this approach posses:
1.) Compromise to system/server security. Whoever have access to deployment script have access to system/server.
2.) Password need to be changed every time, there is a need to revoke rights of any user. Since system/server password should be complicate enough to give brute-force a hard time, makes it very difficult to memorize.
3.) Server can be accessed from any system around the world having internet connectivity.
Secondly; even though one is not putting its password in deployment script, but distributed among developer/administrator who handles deployment.
Risk that this approach posses are:
1.) Password need to be changed every time, there is a need to revoke rights of any user. Since system/server password should be complicate enough to give brute-force a hard time, makes it very difficult to memorize.
2.) Server can be accessed from any system around the world having internet connectivity.
Solution
Now to solve these possible security compromises, there are multiple and easy mechanism in place out there. One of them is authenticating developer machine instead of user. Unix system provide a very nice solution known as ssh keys.
How this works:
1.) Ask developer/administrator to generate and provide ssh public keys stamped by there email or system name(default).
SSH keypairs can be generated by issuing following command to unix system
ssh-keygen -t <key-type-default-is-rsa> -C <email-or-system-name>
developer/admin can wish to add more security by providing passphrase to ssh keypairs. Public key can be found under ~/.ssh folder named as in generator. if name was rsa then public key would be
~/.ssh/id_rsa.pub
2.) Add there public key in file named as authorized_keys. Can be found under home ssh folder
~/.ssh/
3.) Now every ssh connection from that particular machine would automatically be authenticated without providing password. It can be made highly secured by using password of machine user's wish.
What not to write in Robots.txt
Robots.txt is a vital part of most of the website. It feeds the robots from different search engine e.g. Google, Bing etc.
Instructions in this file instruct robots to what to crawl(eat), what not to crawl (eat) by blacklisting or whitelisting urls. The thumb rule that is followed to pick either of the approach are:
1.) Use Whitelisting public urls if one wish to block crawler to eat up newly added url (without entry being written for same in robots.txt). We whitelist url's by writing
Allow: /users Allow: /*/tests
in the robots.txt
2.) Use Blacklisting urls if one wish to allow crawler to eat up everything else. We blacklist url's by writing
Disallow: /users Disallow: /*/tests
in robots.txt
Now this is okay as far as one is only blocking public urls from being content aggregated. But this may pose security threats to web application if one is blacklisting secret urls, by making them public (unknowingly), since robots.txt is publicly available and in human readable format.
Disallow: /secret.html Disallow: /*/password.xml
So by blacklisting secret urls, one make them prone to attack. Instead of blacklisting secret urls. One should whitelist other urls
Allow: /public Allow: /public/*
Big Data Part 1 - NoSQL, MongoDB and BigData
I was exploring DataScienece and Machine Learning stuffs, (new interest that I got into) lately. I am still a newbie into it but these things started getting amazing.
For big data one will start looking from hadoop, but I thought "lets first have a look at what I have in my hands", and that is MongoDB
Here I am sharing BigData and MongoDB, have a look:
An Introduction to Big Data, NoSQL and MongoDB from William LaForest
Risk In System design
On the artificial adoption of open source process and communication in software development organizations.
Sequencing the Startup DNA
All Consultants are Evil
GIT TIP#1 Using stash effectively
everyone who uses GIT, knows about stash, here are some quick tip about using stash effectively 1.) name those bastards (that are to be used in future) with git stash save 2.) just stash (if not to be used in future) git stash 3.) pop, dont apply (if not to be used in future)(saves stash list from littering) git stash pop
Learning is like rowing upstream; not to advance is to drop back
Humongous: A Ruby MongoDB Browser
Humongous: A Ruby way to browse and maintain MongoDB instances, using HTML5. ### Installation #### Command Line Utility Install the gem by running: gem install humongous --pre and run on terminal/console humongous And you are good to go it will open this in a browser or you can navigate it on port [9000](http://example.com/ "Title"). to stop it run: humongous -K here are options and values they take. -K or --kill #kill the running process and exit -S, —status #display the current running PID and URL then quit -s, —server SERVER #serve using SERVER (thin/mongrel/webrick) -o, —host HOST #listen on HOST (default: 0.0.0.0) -p, —port PORT #use PORT (default: 9000) -x, —no-proxy #ignore env proxy settings (e.g. http_proxy) -F, —foreground #don’t daemonize, run in the foreground -L, —no-launch #don’t launch the browser -d, —debug #raise the log level to :debug (default: :info) —app-dir APP_DIR #set the app dir where files are stored(“~/.humongous”) -h, —help #Show this message
QuickTips Ruby1.9 [Part 3] Default and Splat arguments
Ruby 1.9 has changed the way it used to deal with default arguments. The good news is it supports defaults arguments to be at beginning of methods. See gist below for example: You can continue to use default arguments at the end of method arguments as you were used to in 1.8.x, See example below But do note that you can not use both style of defining default arguments. Try it and you would get a syntax error raised. #### Splat arguments Ruby 1.9 also gives you free hand for defining splat argument anywhere in arguments list you can also define splat argument as last argument as you used to. Happy Coding :)
QuickTips Ruby1.9 [Part 2] Basic
Base Object is now BasicObject not Object in Ruby 1.9 #Ruby1.9 String.superclass #=> Object String.superclass.superclass #=> BasicObject String.superclass.superclass.superclass #=> nil and here is what it was in Ruby 1.8 #Ruby1.8 String.superclass #=> Object String.superclass.superclass #=> nil
QuickTips Ruby1.9 [Part 1] Hash
Changes in Hash
In Ruby19 hash becomes ordered, don’t believe it see it yourself. Keys will be in order they are inserted.
Again hash can be written in ruby like other languages(e.g. javascript)
Magic of default_proc in hash
We already know that how to set default value of hash Now tendorlove twitted about infinite hash [here](http://twitter.com/#!/tenderlove/status/5687291469107200)
Monkey Patching done in a right way (Have some mercy on legacy Ruby)
Classes in Ruby are open; right. That means you can do anything with them, monkey patching around it. But stop doing it before you run into any trouble. I myself used to do it.
Reopening a class to redefine a method that’s been inherited. But it’s wrong as in future you or your colleague might end up asking question to yourself/himself “Why this method is behaving like this”. Because at that time you might or might not aware about that overriding.
Here I am trying to show how we can make it safer.
str.method says it’s coming from MyString; so you might think this method is overridden, But you may not want it. So you try to undefine this method from MyString,
but it does also undefine method inherited from String. That is dangerous. But we would have overcome from this situation if we had did it differently rather rightly.
str.method :empty? points you that this method is coming from a included module MonkeyPatch::MonkeyString. So we go ahead and remove this method from module MonkeyPatch::MonkeyString.
and our good'ol buddy empty? is back again in action.
Have a Happy coding.
JSDB - (A JIT interpreter for JavaScript)
JSDB – JavaScript for Database.
Frankly I used to be frightened from working with JavaScript but since I started working with Core JavaScript(in Titanium) my interest grew for this language. I started hacking around the stuff in JavaScript, but being a Ruby developer from heart I do not want to leave command line and to test the code I have written, I needed some sort of compiler or interpreter like Ruby’s IRB. So as usual I hit the Google but for my misery I found nothing.
I searched more but no help. Yesterday I bumped into JSDB (stands for JavaScript for Database) it’s a basically JIT (Just In Time) compiler that uses SpiderMonkey JavaScript Engine. It works just like Ruby’s IRB.
So here is how to get up with it on Mac OSX
Instruction to Setup
Grab the Source from JSDB.Org
Unzip it.
CD to dir.
change mode of jsdb file (chmod +x jsdb)
fire up ./jsdb
And here we GO.