Rails 7 FTW | WFH is SOP | 586M Passwords Dumped

you welcome in long vision—Where we look at the week’s news and strip it of the essentials. let’s work What is the real problem?.

This week: Ruby on Rails 7.0 is gone, work from home still strictness, and HIBP becomes much larger.

DHH excited

For the first time this week: Ruby on Rails version 7.0 is now in production. It promises less bloating, better security and more Developer Efficiency.

Analysis: Last Chance for Greatness

Talk to the developers about Ruby on Rails and you’ll hear a voice wide A range of opinions – all the way from an ‘obsolete memory pig’ to a ‘secret production weapon’. But it seems that the important promise is to encourage developers to use Better design patterns.

Paul Creel: Ruby on Rails 7 resets JavaScript support

Ruby on Rails 7, the latest version of the web application framework, is now available as a production version. … It gives developers a “no-Node” style of front-end development while still providing access to modern NPM and JavaScript packages.

Most Rails applications will not require Node.js, given the new default settings. …other improvements:

Encrypted attributes have been added to Active Record, allowing applications to provide on-the-job encryption in addition to traditional data while in sleep and in transit. … With asynchronous query loading, two unrelated queries can be run concurrently. …Spring’s preloader is no longer running by default, because faster computers have made this unnecessary.

Let’s hear from Rails creator David Heinemeier Hansson – AKA DHH:

Seven…the culmination of years of progress on five different fronts simultaneously. …the part that really excites me…is how close we are to the one-person framework model. A toolkit so powerful that it allows one person to create modern applications based on it [to] Building a competitive business.

It’s been over twenty years for me now, and a release as big as this still makes me dizzy. …what a great time to work in web development.

What What now? Here is bb_matt:

I’m not pretending… It’s a “great time to work in web development”, except for one important aspect:… Experienced programmers who come out of software development and start making modifications [with] Strong writing, strong CI/CD, focus on TDD, focus on domain modeling.

99% is still **** overall though – but then again, so is most software.

Work at home did not go away

A month ago, my long-suffering editor let me write, “WTH? We want WFH.” And poll after poll says tech workers work better at home. After the past 21 months, there is simply Don’t deny it.

Analysis: Genie out of the bottle – no return

If you’re under the misconception that DevOps are somewhat “special” and that your workers would be happy to come back – think again. Find a way to make it work, or you’ll go out of business – and your business will die.

Stephen J. Vaughan Nichols: How do you attract employees to return to the office? You can not. not now. cat.

Months have passed, and the great resignation continues to progress. …people don’t want to catch COVID-19 [but] Bosses still think they can force skilled workers back into offices. …that will not happen.

the problem? Many executives and owners haven’t gotten to the proof yet. [But] Any doubts you might have about people not doing well unless you were looking over their shoulder should be gone by now. … a monthly survey by academic WFH search.com found that six out of 10 workers reported being more productive working from home. … in the Dice State Report for Remote Work … 53% of technologists cited increased productivity as one of the main benefits.

It’s simple: it works best for them and your company. …anyone who was attentive…should agree. You can either keep up with the flow, or you can fight it and lose your employees first and then your company

So what do DevOps managers think? One of them is Kozykov:

The 100% remote control isn’t great either. …when there was a long period of 100% remote control during Covid, there were some issues. …we have developed a policy that Mondays are required, Wednesdays encouraged, and rest is working from home. … it was a joint decision of the team.

I think most people who are so against hybrid work just have to live in a miserable place like San Francisco. … It is unfortunate that there are so many software companies in the Gulf region.

But you can’t pay some people enough to come back – people like Anonymous Coward:

No way in hell would they be willing to pay me… to go back to the office. …no need to go out in bad weather, no fighting traffic and … dangerous drivers, plus I take back all that time it took to get back.

And you don’t have to put up with Linda cooking fish in the microwave.

Were you Pwned? There is a 38% higher chance

This week saw a huge spike in the size of Troy Hunt’s already massive database of stolen credentials. In case you haven’t seen it, HaveIBeenPwned.com is an amazing free service that allows apps to securely verify a user’s password that hasn’t already been used elsewhere on the Internet. hacked site.

Analysis: Build the API in the authentication flow ASAP

The UK equivalent of the FBI donated a huge set of credentials – after account cancellation, more than 225 million new passwords were added to the database. Honestly, if you still allow users to rely on any of the 847 million passwords in HIBP, it will be would be neglect.

Simon Sharwood: The National Crime Agency found 225 million passwords that had not been disclosed before

Announced yesterday by Troy Hunt, of Have I Been Pwned (HIBP) fame… NCA Post 585,570,857 [creds] With HIBP, Hunt said 225,665,425… he’s never seen before in the 613 million HIBP credentials already stored. [HIBP] It allows anyone to perform a secure stolen password search to check if their credentials have been exposed.

Hunt’s NCA statement did not reveal the source of the password trove [but said they] “I was able to identify a large amount of … passwords in a compromised cloud storage facility. … It became clear that these credentials were an accumulation of known and unknown compromised data sets.”

[The] It brings the total number of Pwned passwords to 847,223,402, an increase of 38 percent.

How relevant is this to DevOps? Troy Hunt explains:

In the past month, there have been 1,260,000,000 occasions where a service somewhere checked the password against… HIBP’s Pwned Password API. … There are all kinds of amazing password use cases out there. For example… checking their customers’ passwords at every registration, login, or password change to see if it has been compromised before.

The UK’s National Crime Agency has done some great work over the years to combat cybercrime. …today’s release is all about running a hose of new passwords and making them instantly available to everyone for free. The opening of this community, owned by the community and supported by the FBI and NCA, is a very satisfying outcome.

It’s time for a metaphorical thought experiment. LenKagetsu is committed to:

You were told by a reliable source that an unknown person… posted a high-resolution picture of… your house key… on the Internet. Do you want to change the locks?

The cues from the story: Never switch horses in the middle of the road

You have been reading long vision by Ritchie Jennings. You can contact him at Tweet embed or [email protected].

Photo: David Emrich (via Unsplash)

Leave a Comment