今日已更新 287 条资讯 | 累计 20259 条内容
关于我们

标签:#programming

找到 1340 篇相关文章

AI 资讯

Aesecnryption demo site

I rebuilt aesencryption.net so text AES (128/192/256) runs fully in the browser - the key and plaintext never leave the page. The hard part is staying byte-compatible with common server-side AES libraries (mode, IV, padding, base64 output), so I ship copy-paste equivalents in PHP, Java, Python, Go, Rust, Kotlin and JS. Live tool (mine, free): https://aesencryption.net - feedback on the crypto choices welcome. My own site.

2026-07-08 原文 →
AI 资讯

Rootless container checkpoint/restore in CRIU without CAP_SYS_ADMIN

I've been working on rootless container checkpoint/restore in CRIU and wrote up some notes on the prototype, major failures, and the path toward the current implementation. Would appreciate any feedback, criticism, and corrections, especially from people familiar with CRIU, Podman, or container runtimes. submitted by /u/Ok-Job3177 [link] [留言]

2026-07-08 原文 →
AI 资讯

The Next DEV Weekend Challenge Launches on July 9 - 13. Mark Your Calendar!

We're back with another installment of the DEV Weekend Challenge ! If you missed the earlier editions, these are short-form, high-energy challenges designed to fit right into your weekend. We're giving you the heads-up now so you can clear your schedule! How It Works Our challenge prompt will be revealed at launch. Follow #weekendchallenge for updates. You can also keep an eye on the DEV Weekend Challenge page or look out for the official announcement post from the DEV Team . From there, you'll have the entire weekend to build, document, and submit your project. That's all there is to it! Because our community spans every timezone on the planet, we've set the window so that everyone around the world gets at least a full weekend to participate. Important Dates Launch Time: July 10 at 2:00 AM UTC Submissions Due: July 13 at 6:59 AM UTC Here's what that looks like across a few timezones: Timezone Launch Time (Local) Submissions Due (Local) PDT Thursday, Jul 9 at 7:00 PM Sunday, Jul 12 at 11:59 PM EDT Thursday, Jul 9 at 10:00 PM Monday, Jul 13 at 2:59 AM GMT Friday, Jul 10 at 2:00 AM Monday, Jul 13 at 6:59 AM CEST Friday, Jul 10 at 4:00 AM Monday, Jul 13 at 8:59 AM IST Friday, Jul 10 at 7:30 AM Monday, Jul 13 at 12:29 PM JST Friday, Jul 10 at 11:00 AM Monday, Jul 13 at 3:59 PM AEST Friday, Jul 10 at 12:00 PM Monday, Jul 13 at 4:59 PM While the window technically spans more than 48 hours, our goal is to ensure everyone has a full, uninterrupted weekend to work on their project regardless of where they live. What else is happening? Mark your calendars for the upcoming Summer Bug Smash . Bug Smash - Register Now We can't wait to see what you build!

2026-07-07 原文 →
AI 资讯

Can ChatGPT Really Predict the Stock Market? I Took Apart How It Actually Thinks to Find Out

Nephew saw a YouTube ad. Someone was selling a "secret prompt" for ₹199, claiming ChatGPT and Claude can analyze the stock market and place trades with 90% accuracy — no technical analysis, no fundamentals, just paste this prompt. He brings it straight to Uncle. The Ad 👦 Nephew: Uncle, I saw an ad on YouTube. Some guy was saying, "Use ChatGPT and Claude AI for stock market analysis, take trades with 90% accuracy. You don't even need to know technical analysis or fundamentals — just use this prompt and you'll get all the results." Is that actually possible? 👨‍🦳 Uncle: (laughs) Ah, here we go. This is exactly how a lot of scams happen — and honestly, it's rarely because of some clever new invention. It's because of a lack of understanding, and people treating these models as a magic black box. 👦 Nephew: So are they scamming us? Or genuinely fooling themselves too? 👨‍🦳 Uncle: Not exactly a straightforward scam, and not exactly genuine either. Here's the honest split: they're maybe 30% correct, and 70% wrong. 👦 Nephew: What does that even mean? 👨‍🦳 Uncle: I'll accept this much — there genuinely are AI models out there that can do a solid job predicting stock trends or running fundamental analysis, because that kind of prediction is heavily mathematical, numerical work. But — and this is the important part — ChatGPT, Claude, and Gemini are not that kind of model. 👦 Nephew: Why not? It can literally write code. It can do math inside code. Why can't it just... do math for stock prediction too? I genuinely don't get it. 👨‍🦳 Uncle: Come, sit. This needs a proper, from-scratch conversation. We're going to dig all the way down to what these models actually are , and by the end, you'll understand exactly why ChatGPT, Claude, and Gemini are the wrong tool for this specific job — not a scam exactly, but sold by people who never actually opened the box themselves. Part 1: What Is an LLM, Really — In One Honest Sentence 👨‍🦳 Uncle: Before anything else, one sentence, and hold onto i

2026-07-07 原文 →
AI 资讯

How do you dedupe support tickets that don't share any words? Here's our messy attempt.

We build an internal helpdesk, and I want to talk through a problem we only partly solved — because I suspect a lot of you have hit it too, and I'd genuinely like to hear how you handled it. The most requested thing from our users was never "better ticket forms." It was "please make the duplicates stop." Here's the shape of it. A deploy goes slightly wrong at a 40-person company. Within ten minutes you have: a handful of chat messages : "login is broken", "can't get into dashboard???", "deploy looks weird" several error-tracker events (whatever you run — Sentry, Rollbar, an APM): TokenExpiredError ×2, a 401 spike on /api/auth , a 5xx spike on auth-svc a couple of emails to IT : "access token expired", "need login reset" Nine items across three channels. One root cause: token rotation broke in that deploy. Whoever's on rotation spends the morning proving that, instead of fixing anything. We wanted to automate the recognition step — "these are the same thing" — not the fixing step. This is the honest version: what we tried, the small thing we actually shipped, and the parts we haven't cracked. If you've built something similar, I'd love to be told what we got wrong. Attempt 1: rules and keywords (broke immediately) The obvious first cut: normalize ticket text, match on keywords and categories, merge on high overlap. It fails on the example above, and it fails structurally: "login is broken" and TokenExpiredError share zero tokens. The human on rotation isn't string-matching — they know a deploy just happened, they know what auth-svc does, they've seen this failure shape before. Rules encode none of that. Rule systems also rot. Every incident teaches you a new synonym for "it's down," and six months in you own a regex museum nobody wants to touch. Maybe you've kept one of these healthy long-term — if so I'd honestly like to know how. Attempt 2: embed everything, cluster by similarity (the one we didn't ship) The tempting next move: embed ticket text, cluster on cosine

2026-07-07 原文 →
AI 资讯

P Watched an AI That Only Looked One Way. The 99.97% Was Real. It Just Missed Everything That Mattered.

"Show nothing, hold everything." — The Thirty-Six Stratagems, Create Something Out of Nothing Previously on this series: #4: P Walked Into an AI Monitoring POC. P Didn't Run a Single Test. — P found an ACL business card in an abandoned POC archive. P didn't tell anyone. P just pocketed it. White walls. Fluorescent hum. A FortDefender quarterly report sat open on the table, the cover printed in bold: Zero missed detections. 99.97% detection rate. The CTO slid it across. "The day the leak happened," he said quietly, "this system said everything was fine." "Which client?" " MedTech . Medical data breach. Their internal AI monitoring didn't catch it either. The quarterly report called it 'client-side issue.' I don't buy it." P didn't look at the report first. P looked at the CTO's eyes first. "You didn't bring me here to validate his numbers." The CTO didn't deny it. " FortDefender won't give you production access," he said. "Read-only logs. Sandbox. Public docs. You signed the NDA." "What do you want me to do?" "Find what's hiding inside 'everything was fine.'" P nodded. P didn't ask "what if I find it" — P knew the answer. "One condition: full internal penetration test access. No advance notice to anyone." The CTO was quiet for three seconds. "Done." P stood up. The CTO added one more thing as P turned: "I've heard about the FirmCore thing. That's why I called you." P didn't look back. Week One FortDefender 's public documentation was beautiful. Architecture diagrams. Whitelist rules. Alert thresholds. Response times. All in a technical whitepaper so polished you'd think it was written to raise funding. P spent three days reading every page. In the sandbox, P ran three rounds of tests. FortDefender 's detection system hit every single one. The 99.97% wasn't a lie — at least not inside the sandbox. But P noticed something. FortDefender 's whitelist rules were too complete. They covered everything — down to "penetration tests with valid internal certificates" being pre-

2026-07-07 原文 →
AI 资讯

The Troubles of Working with a Database at a Hackathon (AidStream Story)

When people talk about hackathons, they talk about the demo. The pitch, the UI, the "aha" moment on stage. Nobody really talks about the person who spent the whole weekend making sure the data didn't fall apart. That was me on AidStream, a blockchain-based aid distribution platform we built in a weekend and trust me it wasnt that easy as it seems. At a normal project, you can revisit your data model whenever.But during a hackathon you cant since when teamamtes start working on top of your tables it means both codes may start breaking . Serverless Postgres was the right choice for a hackathon: no local DB setup, no "wait, whose laptop has Postgres installed" problem. Everyone could connect to the same instance immediately. The gotcha was connection limits — with multiple people hitting the same database while testing features simultaneously, we ran into connection issues at the worst possible time (an hour before demo). So next time you watch a hackathon demo go off without a hitch, remember — someone probably spent the whole weekend quietly making sure the database didn't have a say in it. If you're the one holding the schema together at 2am, know this — it's not the flashy role, but it's the one that decides whether anyone else's code even runs.

2026-07-07 原文 →
AI 资讯

Meet HTTP QUERY: The New HTTP Method You've Probably Been Waiting For

For years, developers have faced the same dilemma when implementing complex search APIs: GET is the correct semantic choice for read-only operations, but query parameters can become extremely long and difficult to manage. POST allows sending a request body, but it's intended for operations that may change server state, making it a poor semantic fit for searches. To bridge this gap, the IETF has introduced a new HTTP method: QUERY (RFC 10008). Why was QUERY introduced? Modern APIs often require complex filtering: nested JSON filters GraphQL-like requests advanced search criteria large lists of IDs geospatial or analytical queries Encoding all of this into a URL is cumbersome and can exceed practical URI length limits. Developers have traditionally worked around this by using "POST" for read-only searches. The problem is that "POST" doesn't express the intent of the request very well. The new QUERY method solves this by allowing clients to send a request body while keeping the operation explicitly safe and idempotent. Key benefits ✅ Request body support Unlike "GET", "QUERY" allows sending structured request data in the message body, making complex searches much easier to model. ✅ Safe by design Like "GET", a "QUERY" request must not modify server state. It clearly communicates that the request is read-only. ✅ Idempotent Repeating the same "QUERY" request produces the same result without additional side effects, allowing clients and intermediaries to safely retry requests after transient failures. ✅ Cache-friendly Unlike the common "POST"-for-search pattern, "QUERY" is designed to work with HTTP caching, enabling better performance and more efficient network usage. ✅ Better API semantics Instead of overloading "POST" for read operations, APIs can now express their intent more accurately: "GET" → simple resource retrieval "QUERY" → complex read operations with a request body "POST" → operations that create or modify state Example Instead of forcing everything into a lo

2026-07-07 原文 →