Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy!
News and Articles
Google Pixel phones take a proactive approach to security whilst the ad tracking of Firefox causes controversy. Sir Tim Berners-Lee closes the World Wide Web foundation to concentrate fully on Solid. The Switch Emulator Ryujinx shuts down after being contacted by Nintendo. You can learn to reason with LLMs, LLMS and search engines can co-exist and you don't need AI to scrape the web but you can use only your web brower. The sparkles icon has become synonymous with AI and that is becoming a problem. You can follow some great Offline UX patterns to deliver resilient apps and there is a splendid reminder that the goal is not to write less code.
Let's talk about some security topics. Some weeks ago Kia had a security issue that allowed for remote control of cars using a license plate and Charlie Gerard shows how you can hack cars with JavaScript. Snyk has great info on how to prevent log injection vulnerabilities. Someone spent $20 to achieve RCE and accidently became the admin of the .MOBI domain. Sextortion scams telling people they have been filmed doing naughty things now also include photos of their home extracted from their IP location. There was a year long campaign of malicious NPM packages targeting Roblox users. Police officers are using AI to write crime reports and delivery robots offer promo codes after running over pedestrians. Frederik Braun has a prompt injection demo and there is a "complete guide" to hacking misconfigured S3 buckets. Passwords have a lot of problems, but passkeys have more and you can secure your Node.js apps by analysing real world command injection examples.
Code and Tools
Structured Fields is a new RFC and there is already a JavaScript package to work with them. Bramus has some insights on benchmarking the performance of CSS @property, there are lots of new things in Svelte in October and OneJS brings JavaScript to Unity without the need of a browser or web view. You can learn more in this video. If you like to do things the hard way, here are some recipes for writing SVG by hand and instructions how to submit an Electron App to the Mac App store. C++ is having a comeback with the Safe C++ blueprint, there are some nifty CSS properties for trimming whitespace and a painful write-up on the hardest bug investigation and the bonkers code that caused it.
Some tools for you:
- Make music using the free-to-use audio and video
- Confectionary - a minimalist browser
- Ente - is a Google Photo alternative
- Mitata - JS/C++ benchmark tooling on the CLI with ASCII charts
- Syncthing - continuous file synchronization
- Automated and continuous pentesting for Conversational AI
Cool code demos
Talks and Videos
Check out an interesting Fireside Chat with Eric Demuth, CEO of Bitpanda on the past, present and future of the digital currencies and trading space.
Other videos and talk write-ups of note:
- Francesco Ciulla - Rust and Docker: Let's build an AI-powered app! (26m)
- Eli Holderness - A Brief History of Data Storage (27m)
- Panel - The Impact of Technology on Democracy (31m)
Learn New Skills
Get hands-on with generative AI learning: Dive into new gen AI learning paths from Google Cloud. Learn how to build and modernise gen AI applications, bring gen AI into your data workflow, manage and deploy gen AI models, and generate smarter gen AI outputs.
Work and Jobs
Return to office is still a discussion point and Microsoft told folks they can work from home unless productivity drops. Question now is that even if that happens, how could you pin it on home office alone? Open Source is still debated, with some calling it not a business model and others pointing out that it needs to financially symbiotic. It seems that fewer people build in public, but if you are then there is a great Open Source Project Maintainer's guide.
Events
As we gear up for the WeAreDevelopers World Congress 2025, we're thrilled to announce that our official Call for Speakers is open!
Whether you want to share insights about programming, coding trends, emerging technologies, tools, or the challenges of tomorrow in software development, we want to hear from you! Submit your talk now!
