Hello everyone, Yesterday I had the opportunity to exchange with students from the Simplon school. We talked about programming, infosec, entrepreneurship, and async work. Here are some links we shared during the meeting and some additional to deepen the topics we discussed. Async life The next frontier after remote work is async Why you should be working asynchronously Why I’m unreachable and you should be too Security Black Hat Rust: My book with a coupon to save 30€!

A lot of people want to learn Rust but are afraid that the language or the ecosystem is not production-ready yet, or that they may not find a job. Be reassured, Rust is already used in production, from small shops to the largest companies in the world, serving billions of transactions daily, if not hourly. Whether it be for its reliability, productivity, speed, or safety, Rust is a language of choice, today.

Building minimal Docker images to deploy Rust brings up a lot of benefits: it’s not only good for security (reduced attack surface) but also to improve deployment times, reduce costs (less bandwidth and storage), and reduce the risk of dependency conflicts. Table of contents Code FROM scratch (15.9MB) FROM alpine (21.6MB) FROM buster-slim (79.4MB) Conclusion Code Our “app” is rather simple: we are going to build a simple command-line utility that calls https://api.

Executing code from memory in Rust is very dependant of the platform as all modern Operating Systems implement security measures to avoid it. The following applies to Linux. There are at least 3 ways to execute raw instructions from memory: By embedding the shellcode in the .text section of our program by using a special attribute. By using the mmap crate and setting a memory-mapped area as executable. A third alternative not covered in this post is to use Linux’s mprotect function.

Its fast-paced development cycles. For more data points, please go here, search for ‘Compatibility Notes’ and ‘Language’. I love Rust. I can build web servers, create web apps with WebAssembly, use it for embedded development, craft shellcodes, and above all, it reduced the number of bugs in my programs by an order of magnitude. As an indie developer, it means that I can sleep far better without the fear of my servers burning (I mean, not literally).

Sending emails in Rust can be achieved in two ways: either by using an SMTP server or by using a third-party service with an API such as AWS SES or Sendgrid. SMTP SMTP is the standard protocol for sending emails. Thus, it’s the most portable way to send emails as every provider accepts it. Cargo.toml [dependencies] tokio = { version = "1", features = ["full"] } lettre = "0.10.0-beta.2" main.rs

I started developing web services (JSON APIs) in Rust a little bit more than 2 years ago, so I thought it was time to shake the preconceived ideas and share what I’ve learned. I’m writing a book (available in early access) about Rust where I share everything I’ve learned and more. Here is a coupon to save 10€ on the book. -- The prejudices Rust code is ugly: Rust is explicit.

From the Linux kernel to Firefox and Wordpress, Open Source is changing the world for the better. But how to achieve financial sustainability when you produce something that can legally be copied, by design, at zero cost? I’m writing a book (available in early access) about Rust where I share everything I’ve learned and more. Here is a coupon to save 10€ on the book. -- Revenue models for Open Source A lot has been written about achieving profitability for open source projects, still it’s not a solved problem.

Projects RudderStack RudderStack is a platform for collecting, storing and routing customer event data to dozens of tools. It can run in your cloud environment (AWS, GCP, Azure or even your data-centre) and provides a powerful transformation framework to process your event data on the fly. Scuttlebot: Peer-to-peer database, identity provider, and messaging system Scuttlebot is an open source peer-to-peer log store used as a database, identity provider, and messaging system.

I spent the past two days rebuilding my website from scratch, ditching Bootstrap, JQuery and custom fonts (you’ll be horrified to learn how much traffic custom fonts are accountable for) in order to improve its performance, readability and computing resources usage. I’m pretty satisfied with the effort: now, any page reliably loads in less than 1 second worldwide without a CDN (yeah, even in Australia) and the theme overhead is approximately 10 KB.

Hello everyone 👋 This week we are going to talk about Linux and especially which flavor of Linux to choose. I know this is a rather controversial topic but as I’m often asked, I felt it was time to write it down. Dear esteemed reader, please don’t feel offended if I don’t talk about your favorite one 🙏 Did you know According to lwn.net there are between 500 and 600 different Linux distributions.

Hi everyone 👋 As you may have noticed I have updated the website (from opensourceweekly.org to kerkour.com) because it was too much of a burden for me to maintain 2 websites. If you use an RSS reader, please update your feed to: https://kerkour.com/feed.xml Otherwise Open Source Weekly will continue as before, if not with better quality :) Did you know What is the Fediverse? The Fediverse (a portmanteau of “federation” and “universe”) is a network of platforms whose principal purpose is publishing and sharing content.

Hello everyone, I hope you are doing well 🙏 I’m about to release the new version of my open source project Bloom (encrypted Notes, Calendar, Contacts, Files…) which will feature end-to-end encryption. Before that I’m looking for feedback on the cryptographic design, so if you are a cryptography / security enthusiast you are welcome to join the discussion on Reddit: https://www.reddit.com/r/crypto/… on Stack Exchange: https://crypto.stackexchange.com/questions/80186/… on Hacker New: https://news.ycombinator.com/item?id=22945405

Great news for CLI lovers: starting today, all the weekly emails will be sent with both a HTML and a Text version 🎉 We all know that the world shifted from a material-based economy to one based on the capacity of human attention. Yet, because these social networks and apps made us believe that they are essential to our lives, we (I?) are still relentlessly giving them our limited attention.

Today we are going to talk about high performance. Not the standard distributed cloud blahblah but high performance on a single core on a single machine. Please welcome SIMD instructions. Did you know? What are SIMD instructions? SIMD (for Single Instruction, Multiple Data) are special instructions on CPUs and GPUs that allow them to perform an operation on multiple bytes with only one instruction. It is often called vectorization because operations are applied to a vector of data with a single instruction.

Faster than expected. The past few weeks taught us that when sh*t is knocking at the door, it’s already too late. Unfortunately, there are a lot of other subjects where serious people are warning us that our current trajectory is not good. You get it, today we are going to talk about ecology 🌱 I don’t expect politics to understand negative externalities overnight so it’s our responsibility to build a sustainable future.

Welcome for your weekly dose of inspiring open source projects! Open source is more than ever relevant in these tough times and the world is slowly discovering that centralization and closed ecosystems literally kill people 😷 Projects Drop-in Minimal CSS This is THE revelation of the week. We can code websites without using HTML classes by simply styling native HTML elements like nav, footer, main… This is really great because then we can completely change the theme of websites by simply changing the stylesheet.

You are certainly asking yourself what to do with this sudden amount of free time now we are all in quarantine and no longer have to commute every day. The answer is obvious: VIDEO GAMES!!!! Welcome for a special edition of OpenSourceWeekly.org dedicated to gaming 🕹️ Gaming on Linux You no longer need windows for gaming, really (Nabil 👋). Thanks to a joint effort between the community and some companies like Valve (which have great interest not to rely on Microsoft Windows, which is trying to eat their game distribution market).

Projects https://github.com/therecipe/qt (LGPL v3.0) Qt is a cross platform, generalist C++ framework well-known for it’s Graphical User Interface (GUI) parts. These automatically generated bindings are high quality and allow you to create cross platform apps (desktop, mobile, IoT) in Go rather than C++. It’s a huge step forward regarding both security and ease of development. https://github.com/kickscondor/fraidycat (Blue Oak Model License v1.0) Fraidycat is a browser extension for Firefox or Chrome - or an Electron app - that can be used to follow folks on a variety of platforms.

Thank you everyone for your positive feedback! It’s really encouraging 🤗 To the enthusiastic person who emailed me about the PinePhone but never received a response, sorry, I inadvertently deleted your email before replying 🙃 Projects Podman (Apache 2.0) This is THE discovery of the week. I was more and more irritated by Docker’s ecosystem, which is becoming more closed day after day (need to create an account to download, and so on…).