Article Roundup - August 17, 2018

Removing Babel’s Stage Presets · Babel
Babel has been making a lot of changes recently with v7. One of the newer changes is removing the ES stage presets i.e. preset-stage-0…preset-stage-3. There are multiple reasons for it but it seems like this will ultimately be a great help to the maintainers and the developers that use the plugins for different proposed ES features.

We’re under attack! 23 Node.js security best practices
This article runs through some of the top OWASP threats and how what should be done about them in Node applications.

TLS 1.3
TLS 1.3 has been released and includes efficiency gains, additional security, and removal of compromised hashing algorithms. TLS 1.2 is still valid and secure though care does need to be taken with configuration.

Protecting Our Customers through the Lifecycle of Security Threats | Intel Newsroom
Intel has released that a new security issue has been identified. This one involves the L1 cache and if exploited on a shared cloud environment could allow one VM to read memory from another, though there is no way to target a specific VM or specific memory.

Pseudo Localization @ Netflix
A string of text in one language isn’t usually the same length when translated to another language. For example “nurse” translates to “krankenschwester” in German. Netflix plans for these oddities, prior to translations occurring, by using what they call pseudo-localization. They generate strings that will be longer and taller than the original English to help them plan and adjust their UI accordingly.

Netflix Cloud Security: Detecting Credential Compromise in AWS
Netflix has developed a way to detect promised credentials in AWS. To really understand this you need a pretty good understanding of AWS IAM, but it’s an interesting read.