Admin

The photograph accompanying this article captures a moment I once witnessed on a beach in Silicon Valley, California. The endless waves of the Pacific Ocean stretch into the distance, fading and dissolving into the sand. All three states of matter are present here: the solid, unmoving sand; the liquid, flowing water; and the wind — invisible yet tangible chaos of air. This landscape seems to symbolize the transitions and boundaries between order and freedom, between stability and change.

This very scene inspired me to reflect on how DAOs, Decentralized Autonomous Organizations, transform into a "third state" for communities. They combine the chaotic freedom of scattered individuals and the structured order of centralized organizations, creating something new — fluid and adaptive.

Apache Kafka is a distributed event-streaming platform designed to handle real-time data feeds. It allows applications to publish, process, and subscribe to streams of data in a highly scalable, fault-tolerant manner.

Have you ever struggled to turn business ideas into a product? Or tried to understand the way another team works?

If you have, you know how exhausting it can be. Different ways of thinking –business, analysis, and engineering – don’t always fit together easily.

This article blends a simple story with engineering tools to show how creativity and structure can work together. Using characters like The King, The Troll, and The Prince, it explores how storytelling can help solve tough problems and make complex ideas clearer.

If you’ve ever faced a "troll" at work, this story might help you see things differently – and maybe even make the process a bit more fun.

Hello, friends

I decided to start this year with an article in the field of HIFI sound / audiophilia and this article is about sharing the results of my wireless earbud tests, which I’ve been conducting for several years since the emergence of TWS on the market. 
Sound testing is my hobby, which can be useful for others, because in everyone’s life are important bright pleasant emotions, relaxation and mental comfort, which is not always enough in the flow of turbulent events of life. And music is just the thing to bring it all in, if only for moments, or even hours, and choosing the right headphones is crucial to getting the right effect.

Testing sound is a hobby with benefits that extend beyond personal enjoyment, as its results can be valuable to others. After all, life is made brighter and more fulfilling by positive emotions, moments of relaxation, and peace of mind — things that often feel scarce in the whirlwind of modern life. Music is one of those rare things that can bring these experiences into our lives, even if just for a moment or hours at a time. Choosing the right headphones is essential to achieving that effect.

By the end of 2024, I completed testing the best wireless in-ear headphones (commonly referred to as “earbuds”) available on the market — or at least those I could find. “Best” here doesn’t necessarily mean the most expensive. It refers to the top performers in terms of sound quality. We’ve all encountered situations where lower-priced items turned out to be just as good, if not better, than their costly counterparts. That’s why my sound-quality ranking includes headphones from various price categories — from ultra-premium TWS models to more budget-friendly options.

In the fast-paced world of software development, ensuring the quality and reliability of applications is crucial. With the ever-increasing complexity of software systems, it becomes essential to adopt a comprehensive and structured approach to testing. One such approach can be encapsulated in the acronym "RABBIT," where each letter stands for a distinct branch of testing. This multifaceted strategy covers various testing methodologies that together create a robust framework for quality assurance. This article explores each branch of RABBIT testing in detail, providing insights into their significance, implementation, and appropriate use cases.

In today's digital world, where applications process increasing amounts of sensitive data, ensuring reliable user authentication is critical. Authentication is the process of verifying the identity of a user who is trying to access a system. A properly chosen authentication method protects data from unauthorized access, prevents fraud, and increases user confidence.

However, with the development of technology, new authentication methods are emerging, and choosing the optimal solution can be difficult. This article will help developers and business owners understand the variety of authentication approaches and make informed choices.

At Altenar, we often use RabbitMQ as an entry point for our products. How to protect the TCP load balancer with a ManagedSSL certificate is described further.

SSH (Secure Shell) is the backbone of remote system administration and secure remote access, serving millions of developers and system administrators daily. However, when SSH connections fail, the cryptographic nature of the protocol can make debugging challenging. The complex interplay between authentication mechanisms, encryption algorithms, and network layers often obscures the root cause of connection issues. This complexity is further compounded by the protocol's security-first design, where error messages are intentionally vague to prevent potential attackers from gathering system information. Whether we're dealing with key authentication failures, network connectivity issues, or configuration mismatches, understanding the underlying SSH architecture becomes critical for effective troubleshooting.

In today's interconnected development world, secure authentication is not just a luxury—it's a necessity. Whether you're a seasoned DevOps engineer or a junior developer just starting your journey, understanding SSH key pairs is crucial for your daily workflow. They're the unsung heroes that keep our git pushes secure, our server access protected, and our deployments safe from prying eyes.

But let's be honest: SSH keys canbe confusing. With terms like “public key infrastructure,” “cryptographic algorithms,” and “key fingerprints” floating around, it's easy to feel overwhelmed. This guide aims to demystify SSH key pairs, breaking down complex concepts into digestible pieces that will help you make informed decisions about your security setup.

Issues of cooperation in the field of regulation of computing power, joint insurance of AI products, and determining the social status and protection of persons with a hybrid nervous system (hybrid people) 

Dear Colleagues and Friends,

In furtherance of the discussion on the topic of "Key technology policy issues will be grappling with in 2025", let me outline some mullings at the intersection of the theory and practice of computer science, law, and neuroethics.

«Our society and thus each individual has the possibility to (help) decide how the world, in which we want to live with artificial intelligence in the future, should look. Philosophy, law, and technology play a central role in the discourse that has to be conducted for this purpose» (from Fraunhofer IAIS’s report «Trustworty use of AI»).

 Essential idea of that proposals - drawing from the deep technical expertise of the computing community, to provide to policy leaders and stakeholders nonpartisan theses on policy gaps in the field of neuroethics, development and implementation of ML/AI tools. It is preferable that this regulation be a harmonious symbiosis of legal norms both at the state level and at the level of socially responsible professional communities.

The approach mentioned in paragraph 6.2 of The CEN-CENELEC Focus Group Report: Road Map on Artificial Intelligence (AI) and, in fact, focused on autonomous self-regulation of AI tools (systems) seems inappropriate to current risks and treats: “An alternative approach is that the system itself ensures that modifications of its functionality due to self-learning have no negative impact on assessment topics like safety or fairness”.  Further, in the same place, the potential ineffectiveness of the certification system for AI tools is actually recognized: “For artificial intelligence systems that learn as they are used, the problem is that the behavior of the system changes continuously and will require a new conformity assessment each time.”

CAPTCHA is not just a single word that can be defined; it's an acronym consisting of nine words (and two prepositions): Completely Automated Public Turing Test To Tell Computers and Humans Apart. This mouthful was shortened to the concise CAPTCHA to avoid creating yet another hard-to-pronounce term. Translated into Russian, this abbreviation sounds like "Полностью автоматизированный публичный тест Тьюринга для различения компьютеров и людей" (Fully Automated Public Turing Test to Differentiate Computers and Humans).

Recently I have bought starfive visionfive-2 SoC for my own experiments, honestly speaking
I am striving to work with risc-v. After some time I decided to share my experience. Here my bulletpoints:

Small preparation USB-to-Serial connector Write image to microSD/SSD Set boot mode settings

Boot Update bootloader Build kernel Native build Pod build Cross-build on amd64: fast and handy

Chroot to risc-v system from amd64 and install packages

Bonus 1: run qemu with risc-v

Bonus 2: build deb packages for risc-v

Bonus 3: kernel build script

Conclusions

Kata Containers is actually now the main way to run containers in an isolated virtual machine for greater security. I tell you how to install them for use with Containerd and Docker while still being able to switch between release versions.

Secret Management and Why It’s Important

Hi! My name is Evgeny, and I work as a Lead DevOps at Exante. In this article, I will discuss the practical experience of setting up a high-availability HashiCorp Vault with a GCP storage backend and auto unseal in Kubernetes (K8s).

Our infrastructure used to consist of thousands of virtual and physical machines hosting our legacy services. Configuration files, including plain-text secrets, were distributed across these machines, both manually and with the help of Chef.

We decided to change the company’s strategy for several reasons: to accelerate code delivery processes, ensure continuous delivery, securely store secrets, and speed up the deployment of new applications and environments.

We decided to transition our product to a cloud-native model, which required us to change our approach to development and infrastructure. This involved refactoring our legacy services, adopting a microservices architecture, deploying services in cloud-based Kubernetes (K8s), and utilizing managed resources like Redis and PostgreSQL.

In our situation, everything needed to change—from applications and infrastructure to how we distribute configs and secrets. We chose Google as our cloud provider and HashiCorp Vault for secret storage. We've since made significant progress on this journey.

Why HashiCorp Vault?

There were several reasons:

A story about evolving our CI process for a monolithic Python repo with tests, challenges faced, and solutions. Discussing Docker, linters, Allure TestOps, and more.

Prerequisites:
1. Install Docker
2. Install VSCode

STEP BY STEP

1. Open VSCode that you previously installed and click on "Extensions" tab right on the menu bar, then type 'docker' to find proper extension and click "install":

Today, a significant portion of all content on the Internet is distributed with the use of CDNs (Content Delivery Networks). At the same time, there is no research on how various censors extend their influence on such networks. Scientists from the University of Massachusetts analyzed possible methods of blocking CDN content using the example of the practices of the Chinese authorities, and also developed a tool to bypass such blocks.

We (specialists from proxy service) have prepared an overview material with the main conclusions and results of this experiment (translate of this material).

In this tutorial, I’ll show you how to deploy a full-stack JavaScript web app into Firebase. We’ll deploy a Next.js application to Firebase hosting. I’ll show you a quick and efficient process that can be completed in 5 minutes. 

We are requesting 20,000,000 euro to place 900 orders on the exchange. What could go wrong?

Today, I will explain how to avoid losing billions in client money when executing large transactions on the exchange. This discussion focuses on an often overlooked and largely invisible problem that arises when handling large requests, particularly HTTP requests, which may not be fully executed. It's surprising how little attention is given to this issue and how few tools there are to address it.

Our task was to implement large-scale management of exchange orders, not just within a single exchange but globally, and to ensure it operates reliably. In this story, you'll encounter clients, servers, and cats. Stories are always more enjoyable with cats.

In the world of IT services, the idea that operations must run 24/7 is often taken for granted. However, for business-to-business (B2B) services, this assumption needs to be rethought. By reconsidering the need for around-the-clock processing services, companies can achieve significant benefits in efficiency, security, and sustainability.