Stephan @TheTraveller@sw-development-is.social

How are we past the autumn equinox already we haven't had enough summer I'm not ready for this yet I'm not equipped for any of this I want sun and light and warmth can someone please do something?!

Ruby's performance has improved dramatically (and will continue to improve in Ruby 3.3), please update your mental models.

https://railsatscale.com/2023-09-18-ruby-3-3-s-yjit-runs-shopify-s-production-code-15-faster/

We’re evolving. Be part of that direction. Tell us how we can be a stronger, better, forward-looking source of tech know-how and learning. We look forward to your feedback. Contact improve@pragprog.com

By devs, for devs, the friend at your shoulder.

https://pragdave.me/thoughts/active/2023-09-19-pragprog-2.0.html

This is a terrifying and sobering write-up by Retool on so many levels. It's about about a recent spear-phishing via SMS attack on employees, followed by voice phishing attack that deepfaked an employee's voice.

Retool said just one of its employees fell for it, which is of course all it takes. Here's the scary part:

"The voice was familiar with the floor plan of the office, coworkers, and internal processes of the company. Throughout the conversation, the employee grew more and more suspicious, but unfortunately did provide the attacker one additional multi-factor authentication (MFA) code.

The additional OTP token shared over the call was critical, because it allowed the attacker to add their own personal device to the employee’s Okta account, which allowed them to produce their own Okta MFA from that point forward. This enabled them to have an active GSuite session on that device. Google recently released the Google Authenticator synchronization feature that syncs MFA codes to the cloud. As Hacker News noted, this is highly insecure, since if your Google account is compromised, so now are your MFA codes.

Unfortunately Google employs dark patterns to convince you to sync your MFA codes to the cloud, and our employee had indeed activated this “feature”. If you install Google Authenticator from the app store directly, and follow the suggested instructions, your MFA codes are by default saved to the cloud. If you want to disable it, there isn’t a clear way to “disable syncing to the cloud”, instead there is just a “unlink Google account” option. In our corporate Google account, there is also no way for an administrator to centrally disable Google Authenticator’s sync “feature”. We will get more into this later."

https://retool.com/blog/mfa-isnt-mfa/

Jetzt ist die Nachricht auch in deutscher Sprache erhältlich: Das #ActivityPub Plugin für #WordPress von @pfefferle@mastodon.social hat die Version 1.0.0 erreicht und wird nun auch von der Firma hinter WordPress, #Automattic, stark promotet. Das bedeutet: 43% aller Websites weltweit haben damit einen potentiellen Anschluss ans #Fediverse.
https://www.heise.de/news/Von-WordPress-direkt-zu-Mastodon-Co-ActivityPub-Plugin-erreicht-Version-1-0-9306195.html

ruby-3.3.0-preview2 has been added to ruby-versions for ruby-install users.

$ ruby-install ruby-3.3.0-preview2

https://www.ruby-lang.org/en/news/2023/09/14/ruby-3-3-0-preview2-released/
#ruby #ruby_install

Ruby 3.3.0-preview2 Released

https://www.ruby-lang.org/en/news/2023/09/14/ruby-3-3-0-preview2-released/

Discussions: https://discu.eu/q/https://www.ruby-lang.org/en/news/2023/09/14/ruby-3-3-0-preview2-released/

#programming #release #ruby

PSA: a party without cake is just a meeting

Happy to run the #Book fair at the @AgileTDZone #AgileTestingDays 2023 with @the_qa_guy .

Looking forward to host some awesome folks again, like @janetgregoryca , @lisacrispin , Craig Risi, Anne Kramer, Jan Jaap Cannegieter, Ash Winter, Ben Linders, Andrea Jensen, Laveena Ramchandani, Vera Baum, @emna__ayadi, Eveline Moolenaars, @TheTraveller.

@robpike Ever seen this? https://simonsapin.github.io/wtf-8/#motivation

Goodbent Lodge & Moor. Taken this morning as "Storm Betty" blew past. #PeakDistrict #photography #weather #LandscapePhotography

Scientists Witnessed The Birth Of A New Accent In Antarctica | IFLScience

https://www.iflscience.com/scientists-witnessed-the-birth-of-a-new-accent-in-antarctica-70287

@TheTraveller of course!! Thanks for checking and for the proper naming!!

From now on I will be addressed by my proper name, Ram-square root-bigger than or equal to-n