The best Hacker News stories from Show from the past day

from

All Show

from the past*

day week month

with these search terms:

Create follow Go back

Latest posts:

Show HN: I made a cloud security product that actually saves time

I have been a Cloud Security Consultant for over 13 years and all that experience I put into building ARGOS Cloud Security.<p>Probably the most common thing I've seen was teams spending loads of time manually investigating alerts from security products. Detecting security issues is not what it’s ever been about, but about the investigation of these detected issues. If you don’t have time to investigate everything, then what’s the point?<p>Organizations spend time and money on security consultants to help them investigate their environments, but these are often only point-in-time engagements, where, once done, nothing "reusable" is left behind. The cloud environment might be in slightly better shape, but maybe only for a short period, before the next contractor must come in to start the process all over again.<p>I, and many others I've worked with, always believed that the most difficult part of cloud security is distinguishing security issues from "just best practice violations". Using an "everything must be compliant" approach never really works and usually means things just don't get done. If everything is red, what do you do?<p>So, people spend immense amounts of time trying to figure out what cloud misconfigurations are actual security issues, what else is put at risk because of something that is misconfigured, and how it can be fixed. All that information is important to eventually prioritize and fix issues.<p>ARGOS investigates the things it finds, that's what it does. It's not about "finding more", it's about understanding what misconfiguration is exposing a cloud system to the internet and what else in your cloud environment is that misconfiguration indirectly putting at risk.<p>One awesome side-effect of this is that we even draw something like an architecture diagram of the environment "around the misconfigured resource". This specifically is something I know most past customers of mine lacked. Architecture diagrams were hard to come by, and never up to date.<p>It's easy to try out if you have access to a cloud environment like Azure or AWS, GCP is in a very early version right now. 20 minutes or less even is all it takes to get everything going, including a one-click Slack integration. First results should be in your dashboard minutes later and are continuously and automatically updated.<p>Really looking forward to people's feedback. Thanks all!

Show HN: I made a cloud security product that actually saves time

I have been a Cloud Security Consultant for over 13 years and all that experience I put into building ARGOS Cloud Security.<p>Probably the most common thing I've seen was teams spending loads of time manually investigating alerts from security products. Detecting security issues is not what it’s ever been about, but about the investigation of these detected issues. If you don’t have time to investigate everything, then what’s the point?<p>Organizations spend time and money on security consultants to help them investigate their environments, but these are often only point-in-time engagements, where, once done, nothing "reusable" is left behind. The cloud environment might be in slightly better shape, but maybe only for a short period, before the next contractor must come in to start the process all over again.<p>I, and many others I've worked with, always believed that the most difficult part of cloud security is distinguishing security issues from "just best practice violations". Using an "everything must be compliant" approach never really works and usually means things just don't get done. If everything is red, what do you do?<p>So, people spend immense amounts of time trying to figure out what cloud misconfigurations are actual security issues, what else is put at risk because of something that is misconfigured, and how it can be fixed. All that information is important to eventually prioritize and fix issues.<p>ARGOS investigates the things it finds, that's what it does. It's not about "finding more", it's about understanding what misconfiguration is exposing a cloud system to the internet and what else in your cloud environment is that misconfiguration indirectly putting at risk.<p>One awesome side-effect of this is that we even draw something like an architecture diagram of the environment "around the misconfigured resource". This specifically is something I know most past customers of mine lacked. Architecture diagrams were hard to come by, and never up to date.<p>It's easy to try out if you have access to a cloud environment like Azure or AWS, GCP is in a very early version right now. 20 minutes or less even is all it takes to get everything going, including a one-click Slack integration. First results should be in your dashboard minutes later and are continuously and automatically updated.<p>Really looking forward to people's feedback. Thanks all!

Show HN: DontBeEvil.rip: Search, for developers (API, expressions, CLI)

I'd like to invite everyone to try out DontBeEvil.rip, an experimental search engine for developers.<p>tl;dr<p>$ alias rip="curl -G -H 'Accept: text/plain' --url <a href="https://dontbeevil.rip/search" rel="nofollow">https://dontbeevil.rip/search</a> --data-urlencode "<p>$ rip 'q=Heartbleed bug'<p>DontBeEvil.rip is a year long experiment to see if a small team can build a developer-focused search engine that is self-sustaining on $10 monthly subscriptions.<p>It works by only indexing high-quality resources that are relevant to developers. You won't get useless listicles because we'll never crawl them. Relevant urls are harvested from HN, StackOverflow, programmer Reddit, and a few others. Page content comes mostly from the Common Crawl project.<p>The limited, but awesome, features in this first release are:<p>- Expressions! Experience the power of Elasticsearch’s Simple Query Strings.<p>- REST API. Just change 'text/plain' to `application/json` in the above alias.<p>- CLI. Just use curl in the terminal. Simple as.<p>HackerNews, StackOverflow, Arxiv abstracts, 2M Github repos, and programmer Reddit (up to 2020) are being indexed right now. There's much more to come in the next few months.<p>I'd love to hear your questions, comments and suggestions in the comments below.

Show HN: DontBeEvil.rip: Search, for developers (API, expressions, CLI)

I'd like to invite everyone to try out DontBeEvil.rip, an experimental search engine for developers.<p>tl;dr<p>$ alias rip="curl -G -H 'Accept: text/plain' --url <a href="https://dontbeevil.rip/search" rel="nofollow">https://dontbeevil.rip/search</a> --data-urlencode "<p>$ rip 'q=Heartbleed bug'<p>DontBeEvil.rip is a year long experiment to see if a small team can build a developer-focused search engine that is self-sustaining on $10 monthly subscriptions.<p>It works by only indexing high-quality resources that are relevant to developers. You won't get useless listicles because we'll never crawl them. Relevant urls are harvested from HN, StackOverflow, programmer Reddit, and a few others. Page content comes mostly from the Common Crawl project.<p>The limited, but awesome, features in this first release are:<p>- Expressions! Experience the power of Elasticsearch’s Simple Query Strings.<p>- REST API. Just change 'text/plain' to `application/json` in the above alias.<p>- CLI. Just use curl in the terminal. Simple as.<p>HackerNews, StackOverflow, Arxiv abstracts, 2M Github repos, and programmer Reddit (up to 2020) are being indexed right now. There's much more to come in the next few months.<p>I'd love to hear your questions, comments and suggestions in the comments below.

Show HN: DontBeEvil.rip: Search, for developers (API, expressions, CLI)

I'd like to invite everyone to try out DontBeEvil.rip, an experimental search engine for developers.<p>tl;dr<p>$ alias rip="curl -G -H 'Accept: text/plain' --url <a href="https://dontbeevil.rip/search" rel="nofollow">https://dontbeevil.rip/search</a> --data-urlencode "<p>$ rip 'q=Heartbleed bug'<p>DontBeEvil.rip is a year long experiment to see if a small team can build a developer-focused search engine that is self-sustaining on $10 monthly subscriptions.<p>It works by only indexing high-quality resources that are relevant to developers. You won't get useless listicles because we'll never crawl them. Relevant urls are harvested from HN, StackOverflow, programmer Reddit, and a few others. Page content comes mostly from the Common Crawl project.<p>The limited, but awesome, features in this first release are:<p>- Expressions! Experience the power of Elasticsearch’s Simple Query Strings.<p>- REST API. Just change 'text/plain' to `application/json` in the above alias.<p>- CLI. Just use curl in the terminal. Simple as.<p>HackerNews, StackOverflow, Arxiv abstracts, 2M Github repos, and programmer Reddit (up to 2020) are being indexed right now. There's much more to come in the next few months.<p>I'd love to hear your questions, comments and suggestions in the comments below.

Show HN: DontBeEvil.rip: Search, for developers (API, expressions, CLI)

I'd like to invite everyone to try out DontBeEvil.rip, an experimental search engine for developers.<p>tl;dr<p>$ alias rip="curl -G -H 'Accept: text/plain' --url <a href="https://dontbeevil.rip/search" rel="nofollow">https://dontbeevil.rip/search</a> --data-urlencode "<p>$ rip 'q=Heartbleed bug'<p>DontBeEvil.rip is a year long experiment to see if a small team can build a developer-focused search engine that is self-sustaining on $10 monthly subscriptions.<p>It works by only indexing high-quality resources that are relevant to developers. You won't get useless listicles because we'll never crawl them. Relevant urls are harvested from HN, StackOverflow, programmer Reddit, and a few others. Page content comes mostly from the Common Crawl project.<p>The limited, but awesome, features in this first release are:<p>- Expressions! Experience the power of Elasticsearch’s Simple Query Strings.<p>- REST API. Just change 'text/plain' to `application/json` in the above alias.<p>- CLI. Just use curl in the terminal. Simple as.<p>HackerNews, StackOverflow, Arxiv abstracts, 2M Github repos, and programmer Reddit (up to 2020) are being indexed right now. There's much more to come in the next few months.<p>I'd love to hear your questions, comments and suggestions in the comments below.

Show HN: I made a WebGL-based app that traces images using circles

I was fascinated by this [0] and this video [1]. After many struggles, I finally built this app that traces images using circles similar to what these videos had shown.<p>The most challenging part (to me) is to find a way to convert images to vector lines. I had tried Potrace, but its output is not suitable for my use case: too many small elements share the same border. Potrace's goal is to represent the original image faithfully using vector lines. But I want to trace the image edges.<p>After searching and trying some Potrace alternatives in vain, I finally found my keyword. Surprisingly (to me), it lies at the end of the wiki page of the very topic [2]. Then I found a paper [3] that has nice pseudocode and a C implementation. I rewrote the pseudocode in Rust because I wanted to experiment with rustwasm. Honestly, I didn't care much about the math behind it.<p>From then, I could continue to finish the app and show it to the world.<p>This app is also my chance to learn about rustwasm and WebGL.<p>FYI: this app is offline-only; your images never leave your browser<p>[0] <a href="https://www.youtube.com/watch?v=r6sGWTCMz2k" rel="nofollow">https://www.youtube.com/watch?v=r6sGWTCMz2k</a><p>[1] <a href="https://www.youtube.com/watch?v=-qgreAUpPwM" rel="nofollow">https://www.youtube.com/watch?v=-qgreAUpPwM</a><p>[2] <a href="https://en.wikipedia.org/wiki/Edge_detection#Subpixel" rel="nofollow">https://en.wikipedia.org/wiki/Edge_detection#Subpixel</a><p>[3] <a href="https://www.ipol.im/pub/art/2017/216/" rel="nofollow">https://www.ipol.im/pub/art/2017/216/</a>

Show HN: I made a WebGL-based app that traces images using circles

I was fascinated by this [0] and this video [1]. After many struggles, I finally built this app that traces images using circles similar to what these videos had shown.<p>The most challenging part (to me) is to find a way to convert images to vector lines. I had tried Potrace, but its output is not suitable for my use case: too many small elements share the same border. Potrace's goal is to represent the original image faithfully using vector lines. But I want to trace the image edges.<p>After searching and trying some Potrace alternatives in vain, I finally found my keyword. Surprisingly (to me), it lies at the end of the wiki page of the very topic [2]. Then I found a paper [3] that has nice pseudocode and a C implementation. I rewrote the pseudocode in Rust because I wanted to experiment with rustwasm. Honestly, I didn't care much about the math behind it.<p>From then, I could continue to finish the app and show it to the world.<p>This app is also my chance to learn about rustwasm and WebGL.<p>FYI: this app is offline-only; your images never leave your browser<p>[0] <a href="https://www.youtube.com/watch?v=r6sGWTCMz2k" rel="nofollow">https://www.youtube.com/watch?v=r6sGWTCMz2k</a><p>[1] <a href="https://www.youtube.com/watch?v=-qgreAUpPwM" rel="nofollow">https://www.youtube.com/watch?v=-qgreAUpPwM</a><p>[2] <a href="https://en.wikipedia.org/wiki/Edge_detection#Subpixel" rel="nofollow">https://en.wikipedia.org/wiki/Edge_detection#Subpixel</a><p>[3] <a href="https://www.ipol.im/pub/art/2017/216/" rel="nofollow">https://www.ipol.im/pub/art/2017/216/</a>

Show HN: My Book Bulletproof TLS and PKI (Second Edition) Is Out

Hello HN.<p>I am excited to share with you my new book, Bulletproof TLS and PKI. I've worked in this space since the very early days (think SSLv2), always frustrated with the fact that the field is vast but the documentation poor. That first led me to create SSL Labs (which ended up being very popular) and then the first edition of my book (in 2014), where I aimed to cover everything a curious person needed to know about SSL/TLS and PKI. Most importantly, it's a very practical book that you can use to just learn what you need at that moment. The second edition (just out) adds coverage of TLS 1.3. I publish two chapters as a separate (and free) OpenSSL Cookbook. There's another free sample chapter as well.<p>The best part of Bulletproof TLS and PKI is that it's a living book. There's nothing worse than obsolete documentation! Because none of the traditional publishers were interested in that sort of thing, we did everything ourselves. The manuscript is in DocBook, I write using OxygenXML, my copyeditor uses it as well, and there's a nightly build process that generates everything. We can even show exact differences across versions, for example you can see that here: <a href="https://blog.ivanristic.com/2022/02/bulletproof-tls-and-pki-is-out.html" rel="nofollow">https://blog.ivanristic.com/2022/02/bulletproof-tls-and-pki-...</a><p>I hope you'll enjoy the book.

Show HN: My Book Bulletproof TLS and PKI (Second Edition) Is Out

Hello HN.<p>I am excited to share with you my new book, Bulletproof TLS and PKI. I've worked in this space since the very early days (think SSLv2), always frustrated with the fact that the field is vast but the documentation poor. That first led me to create SSL Labs (which ended up being very popular) and then the first edition of my book (in 2014), where I aimed to cover everything a curious person needed to know about SSL/TLS and PKI. Most importantly, it's a very practical book that you can use to just learn what you need at that moment. The second edition (just out) adds coverage of TLS 1.3. I publish two chapters as a separate (and free) OpenSSL Cookbook. There's another free sample chapter as well.<p>The best part of Bulletproof TLS and PKI is that it's a living book. There's nothing worse than obsolete documentation! Because none of the traditional publishers were interested in that sort of thing, we did everything ourselves. The manuscript is in DocBook, I write using OxygenXML, my copyeditor uses it as well, and there's a nightly build process that generates everything. We can even show exact differences across versions, for example you can see that here: <a href="https://blog.ivanristic.com/2022/02/bulletproof-tls-and-pki-is-out.html" rel="nofollow">https://blog.ivanristic.com/2022/02/bulletproof-tls-and-pki-...</a><p>I hope you'll enjoy the book.

Show HN: My Book Bulletproof TLS and PKI (Second Edition) Is Out

Hello HN.<p>I am excited to share with you my new book, Bulletproof TLS and PKI. I've worked in this space since the very early days (think SSLv2), always frustrated with the fact that the field is vast but the documentation poor. That first led me to create SSL Labs (which ended up being very popular) and then the first edition of my book (in 2014), where I aimed to cover everything a curious person needed to know about SSL/TLS and PKI. Most importantly, it's a very practical book that you can use to just learn what you need at that moment. The second edition (just out) adds coverage of TLS 1.3. I publish two chapters as a separate (and free) OpenSSL Cookbook. There's another free sample chapter as well.<p>The best part of Bulletproof TLS and PKI is that it's a living book. There's nothing worse than obsolete documentation! Because none of the traditional publishers were interested in that sort of thing, we did everything ourselves. The manuscript is in DocBook, I write using OxygenXML, my copyeditor uses it as well, and there's a nightly build process that generates everything. We can even show exact differences across versions, for example you can see that here: <a href="https://blog.ivanristic.com/2022/02/bulletproof-tls-and-pki-is-out.html" rel="nofollow">https://blog.ivanristic.com/2022/02/bulletproof-tls-and-pki-...</a><p>I hope you'll enjoy the book.

Show HN: Miniboss, versatile local container management with Python

Show HN: Miniboss, versatile local container management with Python

Show HN: Miniboss, versatile local container management with Python

Show HN: WAPM – WebAssembly Package Manager

Hi HN!<p>I’m Syrus, from the Wasmer team. We just released the new version of WAPM that is an order of magnitude better than the previous one (that we also announced here in HN two years ago! [0]), enabling an incredible experience for using and publishing WebAssembly packages.<p>The tech stack that we are using includes:<p>* Python and Django (for the backend) with Graphene (for the open GraphQL API [1]) and Django Channels with websockets over GraphQL [2] for subscriptions<p>* Next.js [3] with React-Relay [4] and Tailwind.css [5] for the frontend<p>* WebAssembly and Wasmer [6] (for the online shell)<p>Vercel for serving the frontend and GCP for serving the backend.<p>Please let me know if you have any questions, I’d be very happy to answer them!

Show HN: WAPM – WebAssembly Package Manager

Hi HN!<p>I’m Syrus, from the Wasmer team. We just released the new version of WAPM that is an order of magnitude better than the previous one (that we also announced here in HN two years ago! [0]), enabling an incredible experience for using and publishing WebAssembly packages.<p>The tech stack that we are using includes:<p>* Python and Django (for the backend) with Graphene (for the open GraphQL API [1]) and Django Channels with websockets over GraphQL [2] for subscriptions<p>* Next.js [3] with React-Relay [4] and Tailwind.css [5] for the frontend<p>* WebAssembly and Wasmer [6] (for the online shell)<p>Vercel for serving the frontend and GCP for serving the backend.<p>Please let me know if you have any questions, I’d be very happy to answer them!

Show HN: WAPM – WebAssembly Package Manager

Hi HN!<p>I’m Syrus, from the Wasmer team. We just released the new version of WAPM that is an order of magnitude better than the previous one (that we also announced here in HN two years ago! [0]), enabling an incredible experience for using and publishing WebAssembly packages.<p>The tech stack that we are using includes:<p>* Python and Django (for the backend) with Graphene (for the open GraphQL API [1]) and Django Channels with websockets over GraphQL [2] for subscriptions<p>* Next.js [3] with React-Relay [4] and Tailwind.css [5] for the frontend<p>* WebAssembly and Wasmer [6] (for the online shell)<p>Vercel for serving the frontend and GCP for serving the backend.<p>Please let me know if you have any questions, I’d be very happy to answer them!

Show HN: WAPM – WebAssembly Package Manager

Hi HN!<p>I’m Syrus, from the Wasmer team. We just released the new version of WAPM that is an order of magnitude better than the previous one (that we also announced here in HN two years ago! [0]), enabling an incredible experience for using and publishing WebAssembly packages.<p>The tech stack that we are using includes:<p>* Python and Django (for the backend) with Graphene (for the open GraphQL API [1]) and Django Channels with websockets over GraphQL [2] for subscriptions<p>* Next.js [3] with React-Relay [4] and Tailwind.css [5] for the frontend<p>* WebAssembly and Wasmer [6] (for the online shell)<p>Vercel for serving the frontend and GCP for serving the backend.<p>Please let me know if you have any questions, I’d be very happy to answer them!

Show HN: Huemint – Machine learning for color design

Show HN: Huemint – Machine learning for color design