The Weekly Dev - 202245
Technology in the Fog
Ownership in tech has become a bit of an argument.
Everyone got used to websites that are mostly eye candy. But the price of the eye candy is huge: developers are forced to depend on huge number of external libraries, which - to be completely honest - cannot be really controlled or fully assessed.
In spite of the rampant supply-chain vulnerabilities that are disclosed each and every day, we still see websites built as tarballs of hundreds of second-parties components.
This is really not sustainable, not for the development, nor for the user that keeps getting bigger and bigger downloads.
I am partly happy that legal concerns are bringing attention to third-parties, because they are a thing.
I long dismissed Google Fonts, longer before they came to the attention of lawyers and DPOs.
I bashed away javascript for social buttons and other 'utilities' whose sole purpose - I came to realize - is to stealthily mine user data.
All it took me was looking into some plugin that told me that my very own static handcrafted page was making crazy calls to a number of unknown domains: who wants that ?
Also Google Analytics is nuts: if you want to learn about your users, just look into your logs, most User Agents are pretty unique nowadays.
I bet you can recognize a returning user, and that is fair enough, without having to include stasi.js as a dependency.
Why on earth would you want to gift Google with your customers data?
Boring Security
Overcoming Security Risks in a Cloud-Based World
Source: hackernoon.tech
Networking
How to Perform a Live Backup on your KVM Virtual Machines
Source: virtkick.com
How to Properly Authenticate Your Emails
Source: hackernoon.tech
Strangers in Goland
Serving static files and web apps in Go
Source: eli.thegreenplace.net
[security] [java]