Software Development
Pawel Wal

Codest’s weekly report of best tech articles. ZombieLoad and GitHub PackageRegistry (6)

Biggest story of the week in all of tech is easily the ZombieLoad vulnerability, but the scope definitely doesn’t end there. Let’s see what else caught the staff’s attention this week. We invite you to Codest’s weekly report of best tech articles.

ZombieLoad: Cross Privilege-Boundary Data Leakage

By Jacek Galowicz, Thomas Prescher, Julian Stecklina

We’re still reeling from the implications of vulnerabilities such as RowHammer, Meltdown and Spectre - and here’s another one. What’s known as a side-channel attack, ZombieLoad can cause memory to leak between processes - that’s the skinny, for a deep dive click below.

GitHub Package Registry

By GitHub

Ever thought how nice it would be to have your own gem source or a private NPM? Never satisfied with the performance and maintainability of solutions like geminabox? Ache no more and check this out. (Elixir enthusiast’s note: custom Hex hosting next, please!)

Git ransom campaign incident report

By Atlassian Bitbucket, GitHub, GitLab

With a recent spate of “git ransom” repository kidnappings rumors ran wild. We’ve probably all checked our 2FAs, pruned SSH keys and generally battened down the hatches (which is a good thing, but still). Read this collaborative incident report from three major hosted git providers.

Weird Ruby: Positive and Negative Strings

By Bozhidar Batsov

From the one and only bbatsov, here’s some really weird Ruby strings. At the risk of sounding like clickbait, this will genuinely surprise most Rubyists.

HTTP headers for the responsible developer

By Stefan Judis

Whether front-end or back-end, there’s never a better time to brush up on your HTTP security than right now. Great refresher for the pros, eye-opening resource for beginners.

Bonus! Want more still? How about some surprising Bash variables?

Read also: