More and more people use ad blockers and more and more sites try detect them. Sites say that their visitors are stealing their content, by not “paying” by viewing ads, while visitors claim that sites do not comply with the law and blocking third party contents is the only way to protect their privacy when using the Internet. Nothing against ads I have nothing against ads, but the practices of the “ad tech” industry are appalling. The “ad tech” industry mainly consists of ad “brokers”. The most well-known player in that market is “Google ads”. Some of these brokers (if not all) allow their clients to run scripts on the sites the site owners request ads for. ...

The use of torrents is controversial, unless you download Linux (disk/install) images. I have recently been trying many Linux distributions (distros) related to the 16.04 release of Ubuntu. For downloading them I have used torrents and I’m proud that my ratio is above 1. This means that I have uploaded more than I downloaded. Below is a list of some of the best Linux distributions that I tried out and my first impression of them. This is my top 10: ...

Computerworld released 13 videos (interviews) of the Black Hat USA 2016 conference. The first one (featuring Dan Kaminsky) was so good that I posted the entire list of videos below: Developers need secure coding environments How to pick a lock Risk management: Picking the right tool for the job Black Hat 2016 wrap-up: Same stuff, different year? Why some risk assessments fail Social engineering tricks and why CEO fraud emails work How to wade through the flood of security buzzwords and hype The changing economics of cybercrime Threat actors: Who you should really worry about The advanced security techniques of criminal hackers How much do developers really care about security? Could this hacker’s tool slow down phishing? Why compliance is a necessary evil Blackhat USA 2016 conference in Las Vegas Black Hat is a yearly conference “built by and for the global InfoSec community” as they say on their website. The conference was held in Las Vegas on August 3 and 4. It was the 19th Blackhat USA conference. ...

Whenever I have to help somebody with Windows 10 I find myself making a bootable Windows 10 USB drive. If you are on Windows this is provided via a menu option, but on Ubuntu Linux this requires some commands. This post will explain in detail how to do this. GPT partition table with FAT32 partition Modern systems support UEFI booting and this differs from traditional BIOS in that it does not read the boot sector. Instead it will look in the /efi/ directory in a FAT32 partition of a drive with GPT partitioning. There are no partition flags (like ‘boot’) necessary either. ...

On August 3rd, 2016 the Document Foundation released LibreOffice 5.2, “a feature-rich major release of the best free office suite ever created” as they say on their website. I think they are very humble, because it is not only the best free office suite ever created. No commercial office suite (not even Microsoft Office) comes close to the UI consistency and speed of this office suite. 3 notable new features in LibrOffice 5.2: Google Drive’s Two-Factor Authentication (2FA) now supported. Pressing Shift + Return in the multi-line input will now insert a new line in Calc. Calc now has a set of forecasting functions that use triple and double exponential smoothing and handle seasonal effects. See: release notes ...

Lines of code shouldn’t be used to measure productivity, but it is a very good metric that tells you a lot about the state of the project. Especially when separated into testing and non-testing code and combined with number of features. I think that if you manage to add a requested/desired (!) feature without adding too many lines of code you are doing a good job. A project should also have a decent amount of code dedicated to automatic testing. Next to that active monitoring and automatic bug reporting are required to run a smooth web application. ...

You can’t start a discussion nowadays about high traffic web services or somebody will bring up NodeJS and it marvelous performance. Skeptic as I am I test these claims before I believe them. The following code runs pretty fast on my machine, but only uses one core of my CPU: const http = require("http"); http.createServer(function (req, res) { res.writeHead(200); res.end("hello world\n"); }).listen(8000); I ran the following Apache Bench command to test the performance: ab -n 200000 -c 100 http://localhost:8000/ It actually performs pretty good at 15k rps using one CPU core at 100%. This is half the rps compared to Go, mod_php or Jetty, but those all use multiple cores and for one core this measurement is pretty impressive. So much of the claim is true (on one core). ...

I strongly believe that active cache invalidation is an anti-pattern, a symptom of bad software architecture. In this post I will sum up the reasons people give for explicit cache purging and explain what’s wrong with them. It is not wrong to allow purging of the cache manually and by exception, but it is wrong when cache invalidating is part of the algorithm. The rule of thumb is: your software should not delete from the cache during normal operation. ...

When building high performance OLTP (online transaction processing) systems you need CPU and IOPS and preferably a whole lot of them. Alternatively you can build a distributed system in the cloud. This will not work (as well) and cloud providers will make you change to this losing strategy one or two magnitudes too fast. That is an awful lot of development time wasted at a moment you are still small and can’t afford to lose any. In this post I will bust the common myths about the cloud and high performance OLTP systems. ...

I have released version 3 of the Symfony Memcache Bundle which is now renamed from “LswMemcacheBundle” to “TqdMemcacheBundle”. I started the bundle to provide mature cache management to Symfony2. It now supports Anti-Dog-Pile, session locking, Doctrine query caching and other important features, such as server pooling support and Windows compatibility. Application level cache in PHP It can be important in a PHP based web application to apply aggressive application level caching. PHP is not a fast language and many web applications use the majority of the time to request, retrieve and transform data they receive from the database. The results of this process are very suitable to be cached in Memcache with a timeout that is specific to the data and it’s use. ...