13 - CQRS in Go, Netflix reliability, BtcTurk hack, Vulnerability in Ollama, SSI, Gemma 2
programming
Go evolves in the wrong direction: Aliaksandr Valialkin criticizes the evolution of the Go programming language, arguing that it is moving towards increased complexity and implicit code execution. He expresses concern that these changes compromise Go's original simplicity and explicitness, potentially leading to more difficult and error-prone development processes.
The many faces of undefined in JavaScript: JavaScript has multiple ways to represent unknown values, leading to confusion and potential defects in code. The primary cases include null for optional but unspecified values and undefined for values that don't exist or are not initialized. Additional complexities arise from undefined being treated both as a missing value and as an explicit value, sparse arrays, and TypeScript's void type.
How to use basic CQRS in Go: CQRS (Command Query Responsibility Segregation) in Go to address issues of unmaintainable models and limited parallel feature work without resorting to microservices. CQRS separates read and write operations into distinct models, improving decoupling and code clarity. The author explains how to implement basic CQRS in Go.
web
How LinkedIn moved its Kubernetes APIs to a different API group: LinkedIn moved its Kubernetes APIs to a different API group to address limitations in the Kubernetes API versioning machinery. This transition aimed to streamline operations, improve API management, and enhance overall system functionality. The author explains the motivations behind this move and the challenges encountered during the process.
Enhancing Netflix Reliability with Service-Level Prioritized Load Shedding: Netflix has implemented service-level prioritized load shedding to enhance system reliability. This approach prioritizes critical services during high traffic or partial outages, ensuring they remain operational by shedding less critical loads. By applying Quality of Service techniques at the application level, Netflix can maintain a stable user experience even under adverse conditions.
tool of the week: Add ReadySet to your Postgres or MySQL database and serve millions of requests per second at sub-millisecond latencies.
The Demise of the Mildly Dynamic Website: The article discusses the decline of "mildly dynamic" websites, which used technologies like PHP to add simple dynamic features (e.g., random quotes, style selectors) to primarily static sites. It argues that while PHP enabled casual tinkering and prototyping without complex frameworks, modern web development trends have moved towards static site generators and heavy frameworks, leaving little room for such minor dynamic functionalities.
cyber security
Turkey’s biggest crypto exchange BtcTurk hacked: Cryptocurrency use in Turkey surged post-2020 due to the lira's devaluation. BtcTurk, Turkey's largest crypto exchange, reported a hack on June 22, 2024, resulting in nearly 51 million euros stolen from hot wallets, though cold wallets remained secure. The exchange assured users that their assets are safe and unaffected by the attack, and they have paused deposits and withdrawals during their investigation.
Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool: A critical remote code execution (RCE) vulnerability, CVE-2024-37032, has been discovered in the open-source AI platform Ollama. This flaw, named Probllama, involves insufficient input validation leading to a path traversal flaw, allowing attackers to overwrite arbitrary files and achieve remote code execution by sen ding crafted HTTP requests to the API server. The vulnerability, particularly severe in Docker installations where the server runs with root privileges, was patched in version 0.1.34.
TEMU sued for being “dangerous malware” by Arkansas Attorney General: The Arkansas Attorney General, Tim Griffin, has filed a lawsuit against the Chinese online shopping platform Temu, alleging that its mobile app functions as dangerous malware. The lawsuit claims that Temu's app can secretly access and control a user's phone, including the camera, location, contacts, text messages, and documents, and even recompile itself to evade detection. Temu has denied these allegations, stating that they are based on misinformation and are unfounded.
artificial intelligence
Meet Figma AI: Empowering designers with intelligent tools: Figma has introduced Figma AI, a set of intelligent features designed to enhance efficiency and creativity for designers. These tools include capabilities like generating UI layouts and transforming static designs into interactive prototypes, helping users overcome creative blocks and streamline their workflow. Figma AI aims to empower designers with advanced, AI-driven functionalities to boost productivity and innovation.
OpenAI’s former chief scientist is starting a new AI company: Ilya Sutskever, former chief scientist and co-founder of OpenAI, is launching a new AI company called Safe Superintelligence Inc. (SSI). The company aims to develop AI systems with a strong focus on safety and ethical considerations. Sutskever's goal is to mitigate the risks associated with superintelligent AI by prioritizing safety in its development.
Gemma 2 is now available to researchers and developers: Google has announced the release of Gemma 2, a more powerful version of its AI model, designed for easier integration into developer and researcher workflows. Gemma 2 is accessible under a commercially-friendly license, compatible with major AI frameworks like Hugging Face Transformers, JAX, PyTorch, and TensorFlow. It also offers effortless deployment on Google Cloud's Vertex AI.