Calishat

#food #cooking #sustainability #BestPractices

'The project encompasses a series of activities and outcomes aimed at building knowledge and hands-on skills necessary for the preparation and use of sustainable vegetarian and vegan ingredients and dishes, incl. the design, development, and piloting of four thematic Workbooks.'

vum.bg/culsus-project/

CulSus project - vum.bg

CulSus stands for Culinary Competences for Sustainable…

vum.bg - Varna University of Management
Calishat

#privacy #activism #metadata #BestPractices

'In the following blog post, I will attempt to cover the concept of “metadata” and privacy in a manner accessible to audiences interested in the topic without assuming any prior familiarity with the subject from the reader. I end with several educational resources and privacy/safety suggestions. '

postmachina.blog/2025/04/22/we

Weaponizing Metadata Pt 1 : Digital Self Defense 101

In a contemporary social milieu riddled with technical…

Post-Machina
ResearchBuzz: Firehose

KQED: A Treasure Trove of Education Reports and Studies is Under Threat. “Initially, ERIC was spared from the department’s mass contract cancellations in February. But according to Erin Pollard Young, the sole Education Department employee who managed ERIC until her job was eliminated in March, the Department of Government Efficiency or DOGE has since refused to approve disbursement of […]

https://rbfirehose.com/2025/04/22/kqed-a-treasure-trove-of-education-reports-and-studies-is-under-threat/

Habr

Безопасность подов: взгляд пользователя K8s

Про информационную безопасность Kubernetes-кластеров много пишут с позиции специалистов ИБ. Но полезно взглянуть на эту тему глазами обычных пользователей K8s — инженеров и разработчиков. Тех, кто много работает со своими приложениями в подах, но не управляет служебными частями кластера. Большинство стандартов безопасности описывает лучшие практики настройки управляющих компонентов — control plane. Нечасто встречаются рекомендации по грамотной настройке рабочих единиц — подов. В статье попробуем восполнить этот пробел. Выполним обзор источников, рассмотрим хорошие практики работы с образами. Изучим, как ограничить привилегии контейнера и почему это важно. Поговорим о инструментах автоматической проверки манифестов и разберем примеры GItlab CI пайпланов.

habr.com/ru/companies/raiffeis

#kubernetes #linter #validator #testing #bestpractices #information_security #quality_assurance #devops #devsecops #cicd

Безопасность подов: взгляд пользователя K8s

Про информационную безопасность Kubernetes-кластеров…

Хабр
Calishat

#protesting #activism #BestPractices

'This WIRED guide to safe protesting was originally written in 2020 during the nationwide outcry over police brutality, which overwhelmingly targets Black people like George Floyd, Breonna Taylor, and Tony McDade. We’ve now updated this guide to include advice specific to mass action, your rights and protections as a US citizen, protesting in or around government property, and laws around defacing property (like, say, a Tesla).'

wired.com/story/how-to-protest

Habr

Тонкости работы с логгированием в Python: краткий гайд для разработчиков

Логирование является одним из ключевых и важнейших элементов разработки и эксплуатации приложений. Умение правильно вести журнал логов — ключ к эффективной отладке и мониторингу приложений. Оно дает ценную информацию всей цепочке заинтересованных лиц: от разработчиков и системных администраторов до руководителей бизнеса. В статье рассмотрен де-факто стандарт логирования — модуль logging в Python. Я дам общие рекомендации по его настройке и опишу практики применения модуля, подходящие для большинства случаев.

habr.com/ru/articles/899244/

#python #logging #логирование #bestpractices #best_practices #best_practice #журналирование #советы_начинающим #советы

Calishat

#legal #WebScraping #EU #BestPractices

'At The Markup, some of our data journalists recently had questions about the legal risks involved in scraping websites hosted in the European Union. We conducted our own research to answer this question, and offer a summary of what we learned below. Our goal is to help other journalists, researchers, and advocates come up with a low-risk strategy for scraping in the EU.'

hackernoon.com/a-guide-on-how-

A Guide on How to Legally Web Scrape EU Data | HackerNoon

Scraping has long existed in a legally gray area, so…

hackernoon.com
ResearchBuzz: Firehose

The Markup: A Guide on How to Legally Web Scrape EU Data. “At The Markup, some of our data journalists recently had questions about the legal risks involved in scraping websites hosted in the European Union. We conducted our own research to answer this question, and offer a summary of what we learned below. Our goal is to help other journalists, researchers, and advocates come up with a […]

https://rbfirehose.com/2025/04/06/the-markup-a-guide-on-how-to-legally-web-scrape-eu-data/

Gigi 🍄🟫

My god, I just realized one of the simplest opsec things you can do (something I've been doing for years and don't even think about anymore) is set your browsers to open links in private/secure instances AS A DEFAULT.

If it needs to be opened in a window that you want to keep open or bookmark, you can always manually copy and paste it.

It makes no sense to be using a secure shared tool like cryptpad, if you're just gonna open it where you're logged in as you.

Remember the #SocialEngineering motto:
If there are people, there are security holes.

#ActivistResouces #OPSEC #BestPractices

gervais_b

📚 Check out this recent article on best practices for file uploads.

Popular approaches:
1. Uploading a file by itself, like adding an avatar.
2. Uploading a file with metadata, like a video with a title and description.
3. Importing a file from a URL, like an avatar from Facebook.

Best practices:
+ Check Content-Type and Content-Length
+ Secure file uploads

Read the full article: apisyouwonthate.com/blog/api-d

#API #Development #BestPractices #FileUploads

By @Philsturgeon

API Design Basics: File Uploads

How does a REST API handle uploading images or spreadsheets…

APIs You Won't Hate
WetHat💦

Over-engineering takeaways:
➡️ Misjudging future requirements can lead to inappropriate abstractions.
➡️ Avoiding over-engineering can be as impactful as achieving technical brilliance.
➡️Simplicity is key to maintainability.
➡️Avoid predicting needs that aren't certain.
➡️Create abstractions that align with current and reasonable future requirements.

16elt.com/2024/09/07/future-pr

#Programming #SoftwareDesign #BestPractices #OverEngineering #Refactoring

Emory

surely one of you #infosec peers has a guide or article on why #VPN services aren't the privacy silver bullet they often advertise themselves to be. something that mentions you're paying co-conspirators to #mitm your own traffic in addition to lowering the reputation to that of your new address space?

#opsec #bestPractices