|
I am Tugdual Grall, most of the people call me Tug. I am Technical Evangelist at Couchbase. I live close to Nantes in France. When I am not traveling I am working from home or from a local co-working space.... As a Couchbase Technical Evangelist, I do many different things with a very simple goal: be sure that developers understand the benefits of NoSQL databases (Couchbase in particular) and help them to use it in their project. We talk to Tugdual Grall, a developer and evangelist working on the Couchbase NoSQL database team.
|
|
|
|
|
SQL injection is a particularly interesting risk for a few different reasons... It remains number one on the OWASP Top 10 for a very good reason – it’s common, it’s very easy to exploit and the impact of doing so is severe. One little injection risk in one little feature is often all it takes to disclose every piece of data in the whole system – and I’m going to show you how to do this yourself using a raft of different techniques. We need reminders like this because there's still way too much SQL injection happening.
|
|
|
|
|
Terrence Dorsey wrote: We need reminders like this because there's still way too much SQL injection happening
Sadly, many people who need to be "reminded" are not the types who read industry news.
|
|
|
|
|
AspDotNetDev wrote: Sadly, many most people who need to be "reminded" are not the types who read industry
news.
FTFY
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
Bad luck. I wanted to test that with the "famous" Alcatraz trips website (https://www.alcatraztrips.com/Confirmation.asp?order=1234[^]), but it looks like they updated it a little (you can still query information on any order without login, but all attempts showed "Bad order number" or a simple 500 page without information).
|
|
|
|
|
Ever wanted an excuse to learn Arduino, but don’t want to learn C/C++? Don’t worry. I’ve got you covered. I’ve published three articles on the Safari Books Online blog that show you how to take your existing JavaScript skillz and turn them in to a powerful force of hardware and blinking LED lights … and you’ll build yourself a #BBQDuino, too! And, I might be writing a book, too (skip to the end for more info on that)! 3 Arduino programming tutorials... and maybe an ebook if you like what you see here.
|
|
|
|
|
Sometimes it’s overkill to use a web framework if you only need to develop a very simple REST API. It turns out that Nginx can be used to develop a full fledged REST API and PostgreSQL can easily be used for persistence. In this blog post I’m going to show you how to create a simple CRUD API for articles. (Almost) no programming required.
|
|
|
|
|
What the hell is fifth normal form and why do we want it? Well, it deals with cases where we can avoid redundancy when information can be reconstructed from smaller bits of information and ... and ... and ... OK, so that's not helping. In fact, the vast majority of explanations on the Web aren't helping, so I'll explain how to fake database normalization. I'll even avoid big words. For those of you who know nothing about databases, this will help you tremendously. For those of you who know databases, try not to throw your coffee mug at the screen. Your database is not an Excel spreadsheet and other lessons in data table design.
|
|
|
|
|
So, this weekend I've started working on a simple, Arduino-based Inertial Navigation System. Using accelerometers and gyroscopes it is possible to calculate the traveled distance and the direction, from a known startpoint. The main problem of this method is that to get these distances, you have to perform integrations of the accelerations. Integration means that also every little error in measurement will be integrated, so they add up over time and the accuracy gets worse and worse. Therefore you need very good sensors and smart algorithms, being the reason why professional systems are expensive. And yet, we went to the moon with even less sophisticated technology.
|
|
|
|
|
When Intel and Apple released Thunderbolt, hallelujahs from the Apple choir were heard. Since very little in any of Apple’s hardware lineup is upgradeable, an external video card is the best of all possible world. Unfortunately, Intel doesn’t seem to be taking kindly to the idea of external GPUs. That hasn’t stopped a few creative people like Larry Gadea from figuring it out on their own. Right now he’s running a GTX 570 through the Thunderbolt port of his MacBook Air, and displaying everything on the internal LCD. A dream come true. For our next trick: using an entire PC as a peripheral for my phone. Oh, wait...
|
|
|
|
|
The huge popularity of the British-designed Raspberry Pi has caught Chipzilla's attention, and so you can now buy a similar bare-bones x86 PC named Minnowboard with a similar caseless design running an Angstrom Linux build... While Intel's foray into open source computing is to be welcomed, this hack doubts somehow that Minnowboard will have quite the appeal of its Raspberry rival. Although the board is powerful, it's certainly not cheap – but then, that's a perennial problem with Intel. Atom-ic bomb or the Minnow that grows into great things?
|
|
|
|
|
Lately there’s been a spate of articles about breakthroughs in battery technology. Better batteries are important, for any of a number of reasons: electric cars, smoothing out variations in the power grid, cell phones, and laptops that don’t need to be recharged daily. All of these nascent technologies are important, but some of them leave me cold, and in a way that seems important. It’s relatively easy to invent new technology, but a lot harder to bring it to market. I’m starting to understand why. The problem isn’t just commercializing a new technology — it’s everything that surrounds that new technology. Now tie off the kites and hurry down as fast as you can!
|
|
|
|
|
He does have to some excellent points. He even misses a few, like how much current can be provided by the cables going to a house (I think houses are normally wired for arround 200Amp). There is also the problems with energy spikes that the Electric Company will have to deal with from all this fast recharging. That will mean that cables all over the country will have upgraded. This probably will not happen. The Power Companies will also probably demand a large surcharge for any quick charging cars stations due to the transient demand that these will cause. Handling these heavy transient charges are expensive for the power companies.
|
|
|
|
|
Tomorrow at the Black Hat security conference in Las Vegas, the Pwnie Express will officially unleash Pwn Plug R2, the next generation in its arsenal of penetration testing and hacking hardware.... The new Pwn Plug looks less like a DC power supply plug—the form factor of its predecessor—and more like a small Wi-Fi access point or router. But inside, it's really a Linux-powered NSA-in-a-box, providing white hat hackers and corporate network security professionals a "drop box" system that can be remotely controlled over a covert Internet channel or a cellular data connection. Pwn Plug phones home, by any means necessary.
|
|
|
|
|
There were two high points for me at Def Con 1. First was the appearance of Dan Farmer, then head of data security for Sun Microsystems. Dressed all in black leather with flaming shoulder-length red hair and a groupie on each arm, Dan sat literally making-out in the back row until it was time for his presentation. But that presentation was far more entertaining than the smooching. In a series of rapid-fire slides Farmer showed dozens of ways in which crackers had attacked Sun’s network. Rooting the casino's minicomputer, partying with a U. S. Attorney and other hacker hijinx.
|
|
|
|
|
Today, I’m excited to announce that Windows 8.1 Enterprise Preview is now available for download for customers to start testing the operating system in their environments. Windows 8.1 Enterprise Preview builds on the Window 8.1 Preview which is currently available, adding premium features designed to address mobility, security, management and virtualization needs of today’s enterprise. AKA Windows 8.1 No Minesweeper And No You Can't Reinstall It Edition.
|
|
|
|
|
Still no start menu? Fail.
.-.
|o,o|
,| _\=/_ .-""-.
||/_/_\_\ /[] _ _\
|_/|(_)|\\ _|_o_LII|_
\._. |\_/|"` |_| ==== |_|
|_|_| ||" || ||
|-|-| ||LI o ||
|_|_| ||'----'||
/_/ \_\ /__| |__\
|
|
|
|
|
Interesting lessons can come from unexpected places! I was pleasantly surprised at how something as “simple” as reversing bits in a byte could lead me on an unexpectedly deep exploration: operation vs instruction count, memory access patterns and cache behavior, and low-level CPU instructions. It’s often very easy to make assumptions about the performance of code that we write, and I hope that this article serves as a reminder that the map is never the territory, and that the only way to understand what’s happening inside your code is by observing and measuring it. Studying the Stanford bit hacks and a little cheating.
|
|
|
|
|
The second perpetual myth is that Haskell cannot be used for “real world applications”. Normally real world is usually left undefined in such a discussion, but can often be taken to mean that Haskell is not suited for database and web development work. Haskell has a rich library ecosystem and is well-suited for these tasks but I concede that there might be a systemic lack of introductory material for many domain specific tasks. Something that many projects and companies are trying to remedy. Do I still need a graduate degree in category theory to write to a file?
|
|
|
|
|
We at Erlang Solutions have had the pleasure of coming into contact with shiny Parallella board prototype and over the past few weeks we have been exploring how to utilise it as part of our experiments in the multicore domain. In this blog post Edward Tate, our resident OpenCL hacker, introduces the reasons we have been interested in making use of the Parallela: Data Parallelism and OpenCL. Watch this blog for more details on supercomputing programming for Parallela.
|
|
|
|
|
Ten months ago, the chipmaker Adapteva unveiled a bold quest—to create a Raspberry Pi-sized computer that can perform the same types of tasks typically reserved for supercomputers. And... they wanted to sell it for only $99. A successful Kickstarter project raised nearly $900,000 for the so-called "Parallella," and the company got to work with a goal of shipping the first devices by February 2013 and the rest by May 2013. As so often happens, the deadlines slipped, but Adapteva has done what it set out to do. The people's supercomputer?
|
|
|
|
|
Attending technical events, from the local after-hours meetups to the high-caliber and well-known conferences, becomes the usual part of a developer’s life. Generally, those events are packed with 45-minute talks, often also to the full one hour. I argue that there are more benefits of limiting such tech talks to a shorter duration, say 20 minutes (or even 18 minutes, in the style of TED talks). The most important is that it will lead to a more thoughtful, lean, and balanced content. Anyone know what this is? Class? Anyone? Anyone?
|
|
|
|
|
Terrence Dorsey wrote: Anyone know what this is? Smart.
If your actions inspire others to dream more, learn more, do more and become more, you are a leader.-John Q. Adams You must accept one of two basic premises: Either we are alone in the universe, or we are not alone in the universe. And either way, the implications are staggering.-Wernher von Braun Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.-Albert Einstein
|
|
|
|
|
Most of the technical conferences that I attend (non-IT) allow 20 minutes for a presentation and 10 minutes for questions. There are moderators that keep things on schedule.
CQ de W5ALT
Walt Fair, Jr., P. E.
Comport Computing
Specializing in Technical Engineering Software
|
|
|
|
|
Terrence Dorsey wrote: Anyone know what this is? Someone with a extremely short attention span. If you can't focus for an hour, IT is not for you.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|