portrait picture

TIMO ZIMMERMANN

balancing software engineering & infosec

Reading list 2021-11-21

posted on Nov. 21, 2021, 5:58 p.m. in news

Dell XPS13 RAM Upgrade (7390) - noticing your laptop does not have enough memory is a bit of a problem in 2021. Most of the time memory is soldered to the board so upgrading is not an option. Except when you got the time, skills and equipment to replace the chips.

Improve your PinePhone eMMC speed - the PinePhone is an interesting device but clearly build for people who want to tinker with their device. And as you can always take it a step further why not double the speed of your phones storage with a small hardware hack?

Backdooring Rust crates for fun and profit - Supply chain attacks are one of the things hard to explain to people despite more than enough recent examples. Especially as mitigation strategies involve work, money and more often than not a few inconveniences. Most of the techniques mentioned in the article will work for other languages and stacks as well.

Selecting a programming language can be a form of premature optimization - in the spirit of "make it work, make it stable, make it fast". We all know the story of rewrites doubling performance of a system. What is usually not mentioned is the fact that the code was optimised during the rewrite and the language and runtime is not always the only reason for performance gains.

Yes, PHP is Worth Learning/Using in $CURRENT_YEAR - PHP got some nice language features over the past few years and it is still the easiest to deploy language. While I am not suggesting that people should learn PHP or that it is worth switching from another stack, it should not be simply dismissed because of its shortcomings in the past.