I’m an active user of Google Chrome. That’s why I’ve come up with this list of useful extensions that will help English learners to enhance writing, spelling, listening skills, and extend their vocabulary.

FreeRDP is an open-source implementation of the Remote Desktop Protocol (RDP), a proprietary protocol by Microsoft. The project supports multiple platforms, including Windows, Linux, macOS, and even iOS and Android. We chose it to be the first project analyzed with the static code analyzer PVS-Studio for a series of articles about the checks of RDP-clients.

Starting from .NET Core 2.0 and .NET Framework 4.5 we can use new data types: Span and Memory. To use them, you just need to install the System.Memory nuget package:

PM> Install-Package System.Memory

These data types are notable because the CLR team has done a great job to implement their special support inside the code of .NET Core 2.1+ JIT compiler by embedding these data types right into the core. What kind of data types are these and why are they worth a whole chapter?

If we talk about problems that made these types appear, I should name three of them. The first one is unmanaged code.

Both the language and the platform have existed for many years along with means to work with unmanaged code. So, why release another API to work with unmanaged code if the former basically existed for many years? To answer this question, we should understand what we lacked before.

This chapter was translated from Russian jointly by author and by professional translators. You can help us with translation from Russian or English into any other language, primarily into Chinese or German.

Also, if you want thank us, the best way you can do that is to give us a star on github or to fork repository github/sidristij/dotnetbook.

First of all let's remember a standart group policy precedence: Local — Site — Domain — Organisation Unit (LSDOU). From less specific level to more specific. It means that Local GPO settings will apply first, then Site-level, Domain-level etc. And the last applied (OU GPO) settings have the highest precedence on the resulting system. However, if a domain administrator didn't set some settings in the higher-level GPOs (e.g. Enable/Disable Windows Defender service) but the same settings have been configured on the Local-level GPO — the last ones will be apply. Yes, even the machine is a domain member.

The Local GPO files are located in %systemroot%\System32\GroupPolicy hidden folder and, of course, it has two scopes (located in subfolders): for User and for Computer. Any user (here I mean a «bad guy» of course), having access to this folder(s), can copy a Registry.pol file and check/change a Local GPO settings. An intruder can use a third-part apllication, such as a RegPol Viewer:

In 2013, while working at GFRANQ photo service, I participated in the development of an eponymous web service for publishing and processing photos. Filters and transformations were defined in the file with parameters, and all processing was carried out on the server. During service development, there was a need to support these transformations on the client side for the preview. According to Larry Wall, one of the virtues of a programmer is laziness. Therefore, as truly lazy programmers, we thought about the possibility of using the same code on both the server and client sides. The entire development was conducted in C#. After researching the libraries and a couple of attempts, we proudly concluded that this was possible and began to write the universal code.

Why is this article needed? Indeed, 6 years have passed since 2013, and many technologies have lost their relevance, for example, Script#. On the other hand, new ones have appeared. For example, Bridge.NET or Blazor based on the fancy WebAssembly.

Nevertheless, some ideas can still be used. In this article I tried to describe them as detailed as possible. I hope that the mention of Silverlight and Flash will cause a smile with a hint of nostalgia, and not a desire to criticize the old solutions. Anyway, they have contributed to the development of the web industry.

In the late 1930s, two Stanford students, William Hewlett and David Packard, were inspired by their professor’s plea to turn the Bay Area into the national capital of high tech. Operating out of the cheapest property they could find — a garage in suburban Palo Alto, they built their first commercial product, the HP200A oscillator. Now a private museum and a California Historic Landmark, this place is a living monument, commemorating the birth of the Silicon Valley startup culture.

This event preceded the similar and widely publicized success stories of Microsoft and Apple by more than 30 years. But it nonetheless perfectly defines the startup culture as we know it today. How come?

Here is a bit refreshed translation of my 2015 blog post. The post shows how to organize a personal academic library of unlimited size for free. This is a funny case of a self written manual which I came back to multiple times myself and many many more times referred my friends to it, even non-Russian speakers who had to use Google Translator and infer the rest from screenshots. Finally, I decided to translate it adding some basic information on how to use Zotero with rmarkdown.

A brief (and hopefully unnecessary for you) intro of bibliographic managers

Bibliographic manager is a life saver in everyday academic life. I suffer almost physical pain just thinking about colleagues who for some reason never started using one — all those excel spreadsheets with favorite citations, messy folders with PDFs, constant hours lost for the joy-killing task of manual reference list formatting. Once you start using a reference manager this all becomes a happily forgotten nightmare.

At my agency we work a lot with international candidates and German companies. So, I wanted to write a small essay about the visa issues because often they will influence your chances of landing a job heavily. Since I work mostly with German market, I will talk about the processes in Germany, the processes may and probably are different in other EU countries. Hopefully the information will be helpful and will give you some clarity.

As all of you know, nowadays there is a big demand for experienced IT professionals in almost all EU countries. When I say experienced I mean 3+ years of experience. Companies are adjusting their teams to accept English speaking colleagues from around the globe, coming up with different perks to smooth up the relocation process and in general the IT world is becoming predominantly English speaking. Germany government understanding the demand by the industry has made the process quite fast and straightforward. I expect even easier process to be implemented in the upcoming year or two.

Visa sponsorship

Companies in Germany do not sponsor visas like in other countries, there is no such a term here. Companies either hire non-EU candidates or not. The decision is strictly an internal decision and is not influenced by any quotas, permissions etc. If you get a job contract from a German company (be it a big conglomerate or a small startup) you have a right to apply for the work visa.

Do I need a university degree?

How often do you get to 404 pages? Usually, they are not styled and stay default. Recently I’ve found test.do.am which interactive character attracts attention and livens up the error page.

Probably, there was just a cat picture, then they thought up eyes movement and developer implemented the idea.Now user visits the page and checks out the effect. It’s cool and pleasant small feature, it catches, then user discusses it with colleagues or friends and even repeats the feature. It could be this easy, if not:

Previously we did code reviews of large mathematical packages, for example, Scilab and Octave, whereby calculators remained aloof as small utilities, in which it is difficult to make errors due to their small codebase. We were wrong that we haven't paid attention to them. The case with posting the source code of the Windows calculator showed that actually everyone was interested in discussing types of errors hiding in it. Moreover, the number of errors there was more than enough to write an article about that. My colleagues and I, we decided to explore the code of a number of popular calculators, and it turned out that the code of the Windows calculator was not that bad (spoiler).

What do you get when you cross an IT department, a faulty Sprint review, determination, and pizza? Greatness, that's what.

A completely routine tech support ticket has uncovered unexpected bans of IP addresses of Protonmail — a very useful service for people valuing their Internet freedoms — in several regions of Russia. I seriously didn’t want to sensationalize the headline, but the story is so strange and inexplicable I couldn’t resist.

TL;DR

Disclaimer: the situation is still developing. There might not be anything malicious, but most likely there is. I will update the post once new information comes through.

MTS and Rostelecom — two of the biggest Russian ISPs — started to block traffic to SMTP servers of the encrypted email service Protonmail according to an FSB request, with no regard for the official government registry of restricted websites. It seems like it’s been happening for a while, but no one paid special attention to it. Until now.

All involved parties have received relevant requests for information which they’re obligated to reply.

UPD: MTS has provided a scan of the FSB letter, which is the basis for restricting the access. Justification: the ongoing Universiade in Krasnoyarsk and “phone terrorism”. It’s supposed to prevent ProtonMail emails from going to emergency addresses of security services and schools.

UPD: Protonmail was surprised by “these strange Russians” and their methods for battling fraud abuse, as well as suggested a more effective way to do it — via abuse mailbox.

UPD: FSB’s justification doesn’t appear to be true: the bans broke ProtonMail’s incoming mail, rather than outgoing.

UPD: Protonmail shrugged and changed the IP addresses of their MXs taking them out of the blocking after that particular FSB letter. What will happen next is open ended question.

UPD: Apparently, such letter was not the only one and there is still a set of IP addresses of VOIP-services which are blocked without appropriate records in the official registry of restricted websites.

I am Shalitha Suranga from Sri Lanka. I started Neutralinojs project with other two members as our research project at university.

Cross-platform application development is extremely useful among software development organizations because a large end-user audience can be targeted. Earlier there were several approaches, such as writing multiple codebases per each platform, writing a single codebase using conditionals for platform selection, or using a programming language which has a cross-platform virtual machine at run-time. There were drawbacks of each like complexity of design, limited low-level accessibility and slow learning rate. Cross-platform application development with web technologies came [1] after. Electron and NW.js are most popular frameworks which allow developers to make cross-platform applications using Javascript. Basically, these popular frameworks combine embedded chromium browser and node run-time [2], [3].

These frameworks are being used to create numerous cross-platform applications. Whereas the community pointed out several unseen drawbacks of these frameworks. Large bundled application size, high memory consumption and long development workflow are the key things which were criticized through internet forums and websites [4], [5], [6], [7], [8]. Table 1.1 shows the advantages and disadvantages of Electron/NW.js.

Table 1.1: Advantages and Disadvantages of Electron/NW,js

Advantages of Electron and NW.js	Disadvantages of Electron and NW.js
Development is very easy since Javascript is used	Application bundle is considered as bloatware (High disk space usage)
Access native functions via node runtimeSingle codebase for all supported platforms Linux, Windows and macOS	High memory consumption and slowness
	Many Node modules need to be installed

When React.js 16.8 was released we got the opportunity to use React Hooks. Hooks make us able to write fully-functional components using functions. We can use all React.js features and do in in more convenient way.

A lot of people don't agree with Hooks conception. In this article I'd like to tell about some important advantages React Hooks give you and why we need to write with Hooks.

I will not talk about how to use hooks. It is not very important for the examples. If you want to read something on this topic, you can use official documentation. Also, if this topic will be interesting for you, I will write more about Hooks.

This is the second part of a post about the creation of a pipeline that can take a Sketch file and export all the icons included in the file, in different formats, for different platforms, with the possibility of AB testing each icon.

You can read the first part of the post here.



The Sketch files, with all the icons collected, styled and properly named, were ready. Now it was time to start writing the code.

Suffice to say, the process was very much a trial and error: after the important initial code core, developed by my team lead Nikhil Verma (who set the script foundations), I went through an incremental process that required at least three phases of refactoring and quite a few revisions. For this reason, I won’t go into too much detail on how the script was developed, but rather focus on how the script works today, in its final shape.

A few days ago, Microsoft made the source code of their Windows Calculator publicly available. Calculator is an application that has traditionally shipped with every Windows version. A number of Microsoft projects went open-source over the recent years, but this time the news was covered even by non-IT media on the very first day. Well, it's a popular yet tiny program in C++. Despite its size, we still managed to find a number of suspicious fragments in its code using the PVS-Studio static analyzer.

Blazor 0.9.0 is now available! This release updates Blazor with the Razor Components improvements in .NET Core 3.0 Preview 3.

New Razor Component improvements now available to Blazor apps:

• Improved event handling
• Forms & validation

In this article I will explain a texture splatting algorithm which allows you to create more natural terrain. This algorithm may be used in shaders of 3D games as well as in 2D games.

There are several ways to get a free license of the PVS-Studio static code analyzer, which is meant for searching for errors and potential vulnerabilities. Open source projects, small closed projects, public security specialists and owners of the Microsoft MVP status can use the license for free. The article briefly describes each of these options.

PVS-Studio is a tool designed to detect errors and potential vulnerabilities in the source code of programs, written in C, C++, C# and Java. It works in Windows, Linux and macOS environments.

This week, NSA (National Security Agency) all of a sudden made a gift to humanity, opening sources of their software reverse engineering framework. Community of the reverse engineers and security experts with great enthusiasm started to explore the new toy. According to the feedback, it’s really amazing tool, able to compete with existing solutions, such as IDA Pro, R2 and JEB. The tool is called Ghidra and professional resources are full of impressions from researchers. Actually, they had a good reason: not every day government organizations provide access to their internal tools. Myself as a professional reverse engineer and malware analyst couldn’t pass by as well. I decided to spend a weekend or two and get a first impression of the tool. I had played a bit with disassembly and decided to check extensibility of the tool. In this series of articles, I'll explain the development of Ghidra add-on, which loads custom format, used to solve CTF task. As it’s a large framework and I've chosen quite complicated task, I’ll break the article into several parts.

By the end of this part I hope to setup development environment and build minimal module, which will be able to recognize format of the WebAssembly file and will suggest the right disassembler to process it.