Article Roundup - March 22, 2019

Article Roundup

Cloud Programming Simplified: A Berkeley View on Serverless Computing
I haven’t read the paper referenced here, but it is something I very much intend to read. In 2009 authors from UC Berkley weighed in on cloud computing. This time they weighed in on serverless computing. I look forward to seeing what they have to say.

Google has quietly added DuckDuckGo as a search engine option for Chrome users in ~60 markets
The default list of search engines included in Chromium, and thus Chrome, has been updated with new options. In the US and many other markets DuckDuckGo is one of the options. DuckDuckGo is a privacy-focused search engine and works very well. I’ve been using it full time for more than a year now, possibly multiple years. They don’t have near the adoption that Google goes, but as privacy awareness grows so does their market share.

Prototype pollution attack in NodeJS application
If you look at the security alerts for JavaScript libraries you’ll see that prototype pollution is fairly common. This link is for a paper written about prototype pollution, how it can be detected, and how it can be fixed. The paper also includes a real-world example of an exploit in the Ghost CMS (which has been fixed). If you want to know if any libraries you use are affected by any security warnings you can use the npm audit command, Snyk, or a feature on GitHub.