{"id":357,"date":"2014-10-31T08:31:03","date_gmt":"2014-10-31T07:31:02","guid":{"rendered":"http:\/\/www.dereckson.be\/blog\/?p=357"},"modified":"2014-11-09T03:43:10","modified_gmt":"2014-11-09T02:43:10","slug":"october-2014-links","status":"publish","type":"post","link":"https:\/\/www.dereckson.be\/blog\/2014\/10\/31\/october-2014-links\/","title":{"rendered":"October 2014 links"},"content":{"rendered":"<p><em>Some links of stuff I appreciated this month. <a title=\"Octobre 2014 en liens\" href=\"https:\/\/www.dereckson.be\/blog\/2014\/10\/31\/octobre-2014-en-liens\/\">Links to French content<\/a> are in a separate post.<br \/>\n<\/em><\/p>\n<h2>In the servers world<\/h2>\n<p><strong>SSL.<\/strong> October is the month we disabled SSLv3 protocol support from nginx following the <strong>POODLE<\/strong> attack. So this means we can look to <strong><a title=\"This POODLE bites: exploiting the SSL 3.0 fallback\" href=\"https:\/\/www.openssl.org\/~bodo\/ssl-poodle.pdf\">this paper<\/a><\/strong>, <a href=\"http:\/\/nginx.org\/en\/docs\/http\/ngx_http_ssl_module.html#ssl_protocols\">nginx configuration<\/a> and a <strong><a href=\"https:\/\/www.ssllabs.com\/ssltest\/analyze.html\">tool to check SSL configuration<\/a><\/strong>. The provider Linode has published a <a href=\"https:\/\/www.linode.com\/docs\/security\/security-patches\/disabling-sslv3-for-poodle\">comprehensive guide<\/a> to mitigate the attack.<\/p>\n<p><strong>FreeBSD.<\/strong> <a title=\"FreeBSD 10.1-RELEASE Release Notes\" href=\"https:\/\/www.freebsd.org\/releases\/10.1R\/relnotes.html\">FreeBSD 10.1-RELEASE<\/a> will <a title=\"FreeBSD 10.1 Release Process\" href=\"https:\/\/www.freebsd.org\/releases\/10.1R\/schedule.html\">soon<\/a> be available. The\u00a0virtual terminal console driver <a title=\"vt(4)\" href=\"https:\/\/www.freebsd.org\/cgi\/man.cgi?query=vt&amp;sektion=4\">vt<\/a> is improved. Oh, and you can now <a href=\"http:\/\/svnweb.freebsd.org\/base?view=revision&amp;revision=268932\">boot bhybe on ZFS<\/a>. Shell servers will have to deal with the fact login.conf settings will take precedence on .profile and other shell environment for variables like path, blocksize or umask.<\/p>\n<p><strong>Docker.<\/strong> To improve Docker workflow, nitrous.io has released <strong><a title=\"tug\" href=\"https:\/\/github.com\/nitrous-io\/tug\">tug<\/a><\/strong>, a set of scripts in Go to help common tasks.<\/p>\n<h2>Thus shall ye compile in JavaScript<\/h2>\n<p>Humble Bundle launches the <a title=\" Humble Mozilla Bundle\" href=\"https:\/\/www.humblebundle.com\/?asmjs_bundle\">Humble Mozilla Bundle<\/a>, games compiled in <a href=\"http:\/\/asmjs.org\/spec\/latest\/\">ASM.js<\/a> and so playable in the browser.<\/p>\n<p>Meanwhile, in the functionnal language world, <a title=\"High Performance Client-Side Web Programming with SPOC and Js of ocaml\" href=\"https:\/\/ocaml.org\/meetings\/ocaml\/2014\/ocaml2014_16.pdf\">a paper shows you can compile OCaml in JS<\/a>, an it&#8217;s sometimes quicker in the JS JIT than it its own JIT (but well&#8230; you can also compile OCaml in native, and OCaml JIT isn&#8217;t really well optimized).<\/p>\n<p>So if you want to respect this commandment, just compile your C code with clang: <a title=\"emscripten\" href=\"kripken.github.io\/emscripten-site\/\">emscripten<\/a> will then happily compile your LLVM bytecode in ASM.js.<\/p>\n<h2>Gamergate \/ NotYourShield<\/h2>\n<p>A <a title=\"Why #Gamergate won't die\" href=\"edition.cnn.com\/2014\/10\/19\/opinion\/weinberger-gamergate\/\">CNN journalist reads the gamergate<\/a> as the end of the narration controlled by journalists.<\/p>\n<p>When an Examiner journalist suggests #NotYourShield is 4chan white heterosexual users posing as women and PoC, his tweet is replied with a lot of photos from women and PoC. We so now have a picture of <a href=\"http:\/\/www.cinemablend.com\/images\/sections\/67172\/_1410162083.jpg\">the diversity in video games<\/a> (<a href=\"http:\/\/web.archive.org\/web\/20141016185436\/http:\/\/www.cinemablend.com\/images\/sections\/67172\/_1410162083.jpg\">permanent link<\/a>).<\/p>\n<p>On a related theme, <a title=\"I can toleate anything except the outgroup\" href=\"http:\/\/slatestarcodex.com\/2014\/09\/30\/i-can-tolerate-anything-except-the-outgroup\/\"><em>I Can Tolerate Anything Except The Outgroup<\/em><\/a> is interesting to read and heavily commented.<\/p>\n<p>Finally, a call for help:<\/p>\n<blockquote class=\"twitter-tweet\" lang=\"en\"><p>I have a new project, but I need your help. Looking for diverse female voices in STEM that could donate their time &amp; expertise.<\/p>\n<p>\u2014 Randi Actually (@freebsdgirl) <a href=\"https:\/\/twitter.com\/freebsdgirl\/status\/524325166130556928\">October 20, 2014<\/a><\/p><\/blockquote>\n<p><script src=\"\/\/platform.twitter.com\/widgets.js\" async=\"\" charset=\"utf-8\"><\/script><\/p>\n<h2>Curiosities<\/h2>\n<p>Some scientists push to a new definition of planet, to take in account exoplanets. In such a definition, Pluto would be again a planet. Harvard organized <a title=\"Is Pluto a Planet? The Votes Are In\" href=\"http:\/\/www.cfa.harvard.edu\/news\/2014-25\">a debate,<\/a> this position wins.<\/p>\n<p>At <a title=\"Databricks\" href=\"http:\/\/databricks.com\/\">Databricks<\/a>, they carved this pumpkin for halloween:<\/p>\n<blockquote class=\"twitter-tweet\" lang=\"en\"><p>\nCarved something scary into pumpkin cc\/ <a href=\"https:\/\/twitter.com\/jamesiry\">@jamesiry<\/a> <a href=\"https:\/\/twitter.com\/databricks\">@databricks<\/a> (office jackolantern) <a href=\"http:\/\/t.co\/sqiNaYGDQy\">pic.twitter.com\/sqiNaYGDQy<\/a><\/p>\n<p>\u2014 Heather Miller (@heathercmiller) <a href=\"https:\/\/twitter.com\/heathercmiller\/status\/526770571728531456\">October 27, 2014<\/a>\n<\/p><\/blockquote>\n<p><script src=\"\/\/platform.twitter.com\/widgets.js\" async=\"\" charset=\"utf-8\"><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Some links of stuff I appreciated this month. Links to French content are in a separate post. In the servers world SSL. October is the month we disabled SSLv3 protocol support from nginx following the POODLE attack. So this means we can look to this paper, nginx configuration and a tool to check SSL configuration. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[45,30],"tags":[209],"class_list":["post-357","post","type-post","status-publish","format-standard","hentry","category-misc","category-wikimedia","tag-bookmarks-en"],"_links":{"self":[{"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/posts\/357","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/comments?post=357"}],"version-history":[{"count":12,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/posts\/357\/revisions"}],"predecessor-version":[{"id":395,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/posts\/357\/revisions\/395"}],"wp:attachment":[{"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/media?parent=357"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/categories?post=357"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dereckson.be\/blog\/wp-json\/wp\/v2\/tags?post=357"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}