投稿時間:2023-05-15 00:13:19 RSSフィード2023-05-15 00:00 分まとめ(18件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
IT	気になる、記になる…	M3チップを搭載した最初のMacは今年末から来年初めにかけて登場へ	https://taisy0.com/2023/05/14/171796.html	apple	2023-05-14 14:00:35
js	JavaScriptタグが付けられた新着投稿 - Qiita	【JavaScript】演算子攻略	https://qiita.com/muuuumiin3/items/24e526f2ad86d4ddeebc	javascript	2023-05-14 23:08:48
Docker	dockerタグが付けられた新着投稿 - Qiita	Symfony handson lesson-2	https://qiita.com/muro5866/items/a1783d669556df675a29	doctrine	2023-05-14 23:04:52
海外TECH	MakeUseOf	7 Tips to Optimize Your Smart Home	https://www.makeuseof.com/smart-home-optimization-tips/	great	2023-05-14 14:45:18
海外TECH	MakeUseOf	8 Key Factors to Consider When Choosing a Single-Board Computer	https://www.makeuseof.com/choosing-sbc-single-board-computer-key-factors/	aspects	2023-05-14 14:30:17
海外TECH	MakeUseOf	Top Advice for Moving Into a Pre-Installed Smart Home	https://www.makeuseof.com/top-advice-moving-into-pre-installed-smart-home/	doesn	2023-05-14 14:15:16
海外TECH	MakeUseOf	5 Fun Tricks You Can Do in Command Prompt	https://www.makeuseof.com/command-prompt-fun-things/	tricks	2023-05-14 14:15:16
海外TECH	DEV Community	How to implement Countries List API in your project	https://dev.to/karim_abdallah/how-to-implement-countries-list-in-your-project-2fi	How to implement Countries List API in your project Hello in this article we will learn how to implement Countries List inside your project website android app etc here s an example of android app first we will use CountriesList library from Github github com kimoandroid CountriesListWhy this libraryEasy to use anywhere You can add unlimited translation for the same file without editing the main function or use Hardcoded You can use country code key to use it in your sytem for calling codes you can display country name with it s flag easily You can easily use the ready api directly by using this link api parameters lang ar OR lang enapi response JSON Encode JSON response example code US calling code flag name United States You can use this api directly and call this link from your project and get the JSON response Or you can create your api from zero at your own server amp use your own link First Download The Library Files That I Mentioned Before From Github github com kimoandroid CountriesListThis Library is very flexable and easy to use amp edit Inside Localization folder you will find the translation of the countries name you can add new translation file by creating file called country lang symbol php such as spanish you will create a file named country sp php and after that copy all content that inside default strings php file this is the translation schema now if anyone called the api url and put this parameter lang sp the api will return the countries list with spanish That s all Follow For More	2023-05-14 14:21:16
海外TECH	DEV Community	What's the problem with my API?	https://dev.to/jmau111/whats-the-problem-with-my-api-ja7	What x s the problem with my API Whether you maintain RESTful APIs or a GraphQL endpoint there are known vulnerabilities and common misconfigurations attackers can exploit As a developer you have constraints time budget limited knowledge Why bother with security The from scratch approach is not necessarily evil Experienced devs know how to build robust APIs In doubt or to save some time there are frameworks and standardized solutions like API platform This bundle is incredible and can even enable additional security layers using the Security Component of Symfony As I ve mentioned in this post the problem is that it s quite often skipped probably because the top priority is to deliver the fabulous feature Whether you rely on existing resources e g open source proprietary solutions or you build everything on your own your endpoints will be put to the test sooner or later Because of the current state of the web APIs contain ever more sensitive data sometimes leading to massive leaks Flawed APIs can literally kill the business and even expose web agencies and developers to law suits in the worst case scenario I ve read about a similar case recently where a company sued its supplier web agency for a flawed API that led to serious damages The supplier did not get paid and was held responsible for the attacks What could possibly go wrong In short data leaks exfiltrationvarious kinds of malicious injections e g XSS SSTI broken access controlbroken authentication e g stolen credentials like API keys broken authorizationbroken validationpath traversalsdata losses e g massive delete private endpoints exposureDoS DDoS attacksAnd many more What tools attackers can use For example simple but powerful OSINT e g Google Shodan dorks but not only Discovery tools like the legendary NmapThe legendary BurpSuite and its proxyAll kinds of fuzzing techniques and wordlists e g SecLists Maybe graphql voyagerMaybe swagger txtSome race conditions against specific URLs for motivated adversariesFuzzing tools and wordlists allow automating many attacks There are indeed plenty of free automated tools to hack APIs While these are hacking tools it s still possible to only use legitimate dev tools Postman and similar clientsDebug tools in browser e g the network tab Most common pathsAPIs URLs are very predictable especially RESTful APIs That s pretty much the point The following paths may look like those found in basic examples and other hello world but are actually quite often used in production api graphql v v rest swagger api loginModifying default paths may look like security by obscurity to you and it is but you may still avoid lots of basic massive automated scans What can you do to secure your APIs never ever rely on default rules and settings regardless of the tool used to expose your endpointsCheck the top API security by OWASPdisable swagger documentation on productionset CORS rules carefullyprovide visibility and granularity to your users registered devices FA recent account activity ability to renew revoke credentials etc LOG everythingthrottle and rate limit ban spammers test your own endpoints pen tests vulnerability scans if you use API Platform take the time to learn and enable the security mechanisms you need the Symfony Security Component Wrap upAPIs are a common security concern as more and more sensitive data get exposed In most cases user accounts are protected by several security layers like login password FA two factor authentication MFA multi factor authentication cryptographic keysHowever simple API keys can still grant advanced capabilities and privileged access to sensitive data An API key is only one layer FA	2023-05-14 14:20:21
海外TECH	DEV Community	Unleashing the Power of Async() and Await: Revolutionizing Asynchronous JavaScript	https://dev.to/obere4u/unleashing-the-power-of-async-and-await-revolutionizing-asynchronous-javascript-1d8m	Unleashing the Power of Async and Await Revolutionizing Asynchronous JavaScript Introduction Welcome JavaScript enthusiasts Prepare to embark on a thrilling journey into the realm of asynchronous code where we unravel the secrets of the captivating duo async and await In this exhilarating primer we will explore how these powerful keywords transform the way we write asynchronous JavaScript making our code more elegant readable and efficient So fasten your seatbelts and get ready to unlock the true potential of async and await Section Decoding the Enigma Understanding async and awaitIn the vast realm of JavaScript asynchronous code reigns supreme But fear not for async and await are here to rescue us from the complexities of callbacks and Promises These ingenious keywords allow us to create asynchronous functions that seamlessly handle background operations without blocking the main thread The result A smoother and more responsive user experience Let s dive deeper into the magical world of async and await Section The Dynamic Duo async and awaitEnter the async keyword our gateway to the asynchronous world By using async before a function declaration we signal that it will execute asynchronously allowing it to return a Promise This clever addition sets the stage for the show s true star await await holds the power to halt the execution of an async function until a Promise is resolved Picture a conductor pausing a symphony allowing other musicians to catch up With await we gracefully synchronize our code making it read like a symphony of logic Gone are the days of convoluted promise chains and callback pyramids Let s see async and await in action Section Elevating Asynchronous Operations A Practical ExampleImagine fetching a list of users from the GitHub API Traditionally we would wrestle with promises and a complex syntax But fear not for async and await come to the rescue async function getUsers const response await fetch const users await response json return users const users await getUsers Behold the elegance In just a few lines of code we fetch data from the API gracefully handle the promise resolution and return an array of users The power of async and await lies in their ability to simplify complex asynchronous operations into digestible readable code Section Unleash the Potential Embrace async and awaitWith the advent of async and await writing asynchronous JavaScript has become an art form It empowers developers to create clean concise and maintainable code paving the way for enhanced collaboration and accelerated development If you haven t explored the realm of async and await yet now is the time Unleash the potential of your code and revolutionize your asynchronous JavaScript Conclusion As we bid farewell to the land of callbacks and bidirectional promises we embrace the power of async and await These remarkable keywords have ushered in a new era of asynchronous JavaScript transforming complex code into an elegant symphony of efficiency So dear developers immerse yourself in the world of async and await and let your code dance to the rhythm of simplicity and readability Share your experiences and insights in the comments below let s build a vibrant community of async aficionados Happy Coding	2023-05-14 14:13:47
海外TECH	DEV Community	🔥 600+ 🌟 and 140+ Forks to J.A.R.V.I.S 🚀, Added Dynamic Face Recognition to J.A.R.V.I.S 🤖	https://dev.to/gauravsingh9356/600-and-140-forks-to-jarvis-added-dynamic-face-recognition-to-jarvis-lo6	and Forks to J A R V I S Added Dynamic Face Recognition to J A R V I S J A R V I S Just A Rather Very Intelligent System New Feature Dynamic Face RecognitionWhat it does Dynamic Authentication using Optical Face Recognition Send emails Dynamic News Reporting at any time with api integration Todo list generator Yes it remembers all Open any website with just a voice command Plays Music Tells time Wikipedia powered AI Dictionary with Intelligent Sensing i e auto checking if spell mistake Weather Report such as temp wind speed humidity weather description Latitude and longitude YouTube searching Google Map searching YouTube Downloader download any youtube video by just putting url of video Now Master can switch b w J A R V I S and F R I D A Y switch to female voice assistant GitHub Code Future Plans Sky is limit There are immense possibilities in this project Will be integrating some very powerful commands soon Contribution Thank you for your interest in contributing to our Repo Pull requests are welcome For adding new feature or improving structure or fixing typos please make a PR with your fixes We are happy for every contribution A lot can be done with this project Core AI chatbot like functionality can be added More python scripts can be associated Pull requests for any such changes are accepted Feel free to fork this project and make your own changes too	2023-05-14 14:07:26
Apple	AppleInsider - Frontpage News	Daily Deals: $25 AirTags, $85 Apple Pencil Gen 2, $35 off Kodak Digital Picture Frame, more	https://appleinsider.com/articles/23/05/14/daily-deals-25-airtags-85-apple-pencil-gen-2-35-off-kodak-digital-picture-frame-more?utm_medium=rss	Daily Deals AirTags Apple Pencil Gen off Kodak Digital Picture Frame moreToday s top bargains include a Apple W USB C Power Adapter a M Mac mini off Definitive Technology Demand D Floorstanding Speakers and more Get an AirTag for just The AppleInsider team searches the web for amazing deals at online stores to develop a list of can t miss discounts on popular tech items including discounts on Apple products TVs accessories and other gadgets We share the top deals daily to help you save money Read more	2023-05-14 14:05:39
海外TECH	Engadget	Hitting the Books: The abrupt and ignoble downfall of Sam Bankman-Fried	https://www.engadget.com/hitting-the-books-sbf-brady-dale-wiley-ftx-143033761.html?src=rss	Hitting the Books The abrupt and ignoble downfall of Sam Bankman FriedSeemingly overnight Sam Bankman Fried the founder of FTX went from cryptocurrency wunderkind to wanted for questioning by the FBI After years of unfettered success the walls of SBF s blockchain empire came crumbling down around him as his tricky financial feats failed and his generalized lack of accounting brought increasing scrutiny by regulators In SBF How the FTX Bankruptcy Unwound Crypto s Very Bad Good Guy veteran crypto reporter Brady Dale provides a scintillating and clarifying narrative of the entire FTX Alameda Ventures saga In the excerpt below we glimpse in at the immediate aftermath of FTX s sudden insolvency nbsp nbsp WileyExcerpted with permission from the publisher Wiley from SBF How the FTX Bankruptcy Unwound Crypto s Very Bad Good Guy nbsp by Brady Dale Copyright by John Wiley amp Sons Inc All rights reserved This book is available wherever books and eBooks are sold A Flood of Pure SBFWhen I wrote in Chapter “I am drowning in Sam I was here at this point in the story I was then I still am but the tide is going out I m not back on land yet but I know if I rest and I don t fight it the land will find me I don t need to find the land Unlike SBF after CoinDesk s Ian Allison released his post about Alameda s balance sheet I can see the shore from where I am In late November and early December SBF would not leave the public eye He was in magazines He was in the New York Times He was doing interviews on YouTube He was on Twitter Spaces YouTube gadfly Coffeezilla was chasing him NFT influencers were chasing him TV reporters were chasing him A goofy token shill I will not dignify by naming chased him Everyone thought if they could just get one more interview from him it would make sense They were all playing into Sam s hands Many who felt betrayed believed that his media tour was working to his benefit that he might actually get away with losing billion or was it billion in customer money They saw large media companies as complicit in helping to burnish his image But then he was arrested and as I write this he s sitting in the sick bay of an overcrowded prison in the island nation his company had recently made his home Looking back on it there is not a lot of value to say about all these many appearances We were all just tea bags soaking in the flavors of a collective stew we had boiled up together a swirling potion of shifting sadness outrage intrigue schadenfreude and mockery SBF appeared in many places but to my mind these were the key media appearances Axios interview on Nov A few pieces were published with different parts of the interview Where he first said he was down to The first recording from Tiffany Fong s phone call with SBF released on YouTube Nov The New York Times Dealbook Summit Nov Good Morning America Dec New York Magazine interview on its Intelligencer site Dec The Scoop podcast Dec There were others People really like the grilling scam vigilante Coffeezilla gave him too Eventually though listening to these things was like watching one of those YouTube videos of skateboarding accidents it was a lot of the same thing over and over He was sorry there was an accounting artifact he should have had better risk management he shouldn t have given up his company etc etc etc Were anyone to go through the above accounts and more from that month in a two day marathon session like I did I think they would eventually discern a strategy What appeared to be a series of open conversations had become to my ears talking points I wrote the same for Axios at the time but I don t actually think the talking points are all that interesting anymore now that he s been arrested At the end of December he would be back in his family home under house arrest his passport taken and wearing an ankle monitor Once those handcuffs went on the public relations campaign became irrelevant because it was something designed to prepare himself if his lawyers succeeded in keeping him out of jail As I wrote in the beginning as new facts and circumstances arise the set of possible explanations and futures shrink Before the handcuffs it seemed almost likely he might get away with the company s failure Once he went to jail it s hard to imagine how we ever even saw that possibility Because they failed to keep him out of jail the talking points matter very little Except one point which I think is worth highlighting The fact that Alameda was drawing customer funds from FTX to cover losses on investments hasn t been verified by a court yet but it has been alleged in multiple accounts by different government organizations who seem to have had a look at the books That cash in cryptocurrency form had moved from FTX to Alameda to meet margin calls make loans make investments and even to make political donations This is in my estimation considerably more nefarious than the way SBF described the hole s origins in his media tour In all of his appearances he described Alameda as having an excessive margin position For example in New York Mag he said A client on FTX put on a very large margin position FTX fucked up in allowing that position to be put on and in underestimating in fact the size of the position itself That margin position blew out during the extreme events over the last few weeks I feel really bad about that And it was a large fuckup of risk analysis and risk attention and you know it was with an account that was given too much trust and not enough skepticism In other words FTX let Alameda s bets on FTX get too big We were to imagine Alameda was I don t know X long million on bitcoin and X long million in ether or something All secured by the ftt token And ftt went bad and now they were out a bunch of money When FTX first fell apart I went into Slack and explained my understanding of the whole debacle to one of my coworkers this way Step Launch a trading desk Make piles Step Decide you want to make more piles so open an exchange that prints money off retail trades and use that money to lend to trading desk Step Lend retail money to trading desk in hopes of quadrupling all gains Step Trading desk loses borrowed money Step Surprised face emoji But SBF was trying to spin it as if it had all stayed inside the house It was just big bets but funds hadn t left FTX This is still bad but more negligent less outright theft Jason Choi had been with Spartan Capital when FTX was raising money and he d declined to invest because he didn t like the Alameda FTX relationship He explained all this on Twitter after the exchange collapsed We spoke before complaints had been made against SBF and I asked him whether he thought it mattered if Alameda had an outsized margin position or had taken customer funds out of the exchange “I think functionally they are the same he said “It implies that Alameda is able to run things into seriously negative positions In other words in terms of what people have lost each outcome arrives at the same place But it does matter in terms of how to understand the decisions made If funds were taken out and handed to Alameda to use elsewhere people had to green light those moves knowing that they were against the terms of service and against the many assurances that the company had made to the public and their users It s not negligent It s willful Legality aside it just feels different ethically However for what it s worth when SBF and I last spoke he stuck by this explanation the hole in FTX s balance sheet was from a margin position Alameda took out It had failed to adequately hedge and it had gotten much too long on the wrong collateral Before he was arrested that s how he described the problem That s still how he describes it He agreed when we spoke that it would be different if FTX had been sending actual customer assets to Alameda to use in other ways but he says that wasn t happening The government is claiming that it did happen and to do so it s drawing attention to loans made to SBF and other cofounders loans they used to make venture investments to buy stock in Robinhood political donations and to purchase real estate This points to a part of the story that I didn t really understand until the complaints started coming out When it s said that someone is a “billionaire that doesn t mean that they have billions of dollars in cash It doesn t mean necessarily that they can even spend that much money That doesn t even mean that they can access billions of dollars in cash or even many millions If someone s billionaire status is tied up in a stake in a private company it can be very difficult to turn that value into spendable money If their status is tied up largely in thinly traded extremely new crypto tokens it might be even harder In the complaints by the SEC and the CFTC and the DoJ they allege loans from the Samglomerate using customer funds to enable investments property purchases political donations and more All of these things take actual cash SBF and his cadre had very high net worth but it hadn t occurred to me that they wouldn t really have access to that much cash until those complaints came out Of course SBF Wang Singh and others could borrow money somewhere and maybe more sophisticated readers than me presumed it was borrowed from banks Or maybe it was borrowed from some of the new crypto lenders many of which fell into dire straits But these various agencies allege something else the funds were borrowed from FTX customers And the customers didn t know Further they had no upside Only downside And the downside is here now “I thought at the time and still do think that the size of those loans was substantially less than the profit than like the liquid trading profit that Alameda had made he told me in December In other words he denies that the loans were made using FTX user funds The whole story of what happened is confusing and dripping in finance jargon and involves a level of mathematics few of us have contemplated recently It may be that SBF s story here has been a bet that he was smart enough to cast a spell and convince us all that all the mistakes were only made inside the casino And if he had done that well enough the sting of the error might fade and if he evaded an arrest and conviction he might be able to rehabilitate himself in the public eye and apply his considerable gifts once again He might still have won but then he was arrested So in that case these appearances might really have just been about enjoying that last moment in the spotlight For some it s better to be hated than ignored But it s also worth noting that he hasn t given up on this story As I wrote in the prologue he doesn t believe the evidence of crimes is there He seems as eager to reopen the books at FTX and Alameda He wants everyone to get from percent of the story to or percent And maybe we will And maybe the fact that he seems to want that as much as anyone will prove to be a sign that he was right But trust me if you haven t seen the many media appearances of November and December you don t need to This chapter gives more than you need to know about what he had to say before they put him in a Bahamas jail Sources Referenced“Exclusive Sam Bankman Fried says he s down to Shen Lucinda Axios Nov “Sam Bankman Fried Interviewed Live About the Collapse of FTX New York Times Events YouTube Nov “FTX founder Sam Bankman Fried denies improper use of customer funds Stephanopoulos George Good Morning America Dec “Sam Bankman Fried s First Interview After FTX Collapse Fong Tiffany YouTube posted Nov “What Does Sam Bankman Fried Have to Say for Himself An interview with the disgraced CEO Wieczner Jen New York Magazine Dec “ hour sit down with Sam Bankman Fried on the FTX scandal Quinton Davis and Frank Chaparro The Scoop podcast The Block Dec Jason Choi interview mobile Dec “The SBF media blitz s key messages Dale Brady Axios Dec Interview Sam Bankman Fried phone call with spokesperson Dec This article originally appeared on Engadget at	2023-05-14 14:30:33
ニュース	BBC News - Home	Cyclone Mocha: Deadly storm hits Bangladesh and Myanmar coast	https://www.bbc.co.uk/news/world-asia-65587321?at_medium=RSS&at_campaign=KARANGA	bengal	2023-05-14 14:51:51
ニュース	BBC News - Home	Bafta TV Awards: Rob Beckett and Romesh Ranganathan prepare to host ceremony	https://www.bbc.co.uk/news/entertainment-arts-65390943?at_medium=RSS&at_campaign=KARANGA	ceremony	2023-05-14 14:23:26
ニュース	BBC News - Home	Rob Burrow carried over marathon finish by Kevin Sinfield	https://www.bbc.co.uk/news/uk-65588946?at_medium=RSS&at_campaign=KARANGA	leeds	2023-05-14 14:22:14
ニュース	BBC News - Home	Labour considers extending voting rights to EU citizens	https://www.bbc.co.uk/news/uk-politics-65590121?at_medium=RSS&at_campaign=KARANGA	decisions	2023-05-14 14:38:48
ニュース	BBC News - Home	Coventry held by Middlesbrough in play-off first leg	https://www.bbc.co.uk/sport/football/65528372?at_medium=RSS&at_campaign=KARANGA	middlesbrough	2023-05-14 14:13:57