tls – When does it make sense to deploy an embedded firewall on my IoT device?

I mean doesn’t strong encryption and certificate based authentication ensure complete security to IoT device?

Not at all. (Properly used) TLS only protects the communication against sniffing and modification. Mutual authentication only authenticates the IoT device against the server. None of this protects against bugs in the implementation, improper use of TLS, bugs in the server side which can be used to hijack clients, services which are exposed on the network, backdoors in some firmware you got from a third party, compromising the device with physical access etc.

But, an embedded firewall does not protect against most of these other threads either. If it makes sense to use one in your specific case depends on what the device actually does, what the threats are, what the attack surface of the device is and if a specific firewall implementation reduces the attack surface – none of this is known here.

Does blockchain without currency make any sense?

I keep reading about private companies building blockchains for stuff like supply chain management, and about the billions of dollars that are going to be invested in blockchain over the next 5 years, but there is a gap in the logic here that I don’t get.

Distributed Ledger Technology is totally reliant on participation to establish the principle of Distributed Trust. If there are not enough independent actors in the network, you cannot rely on the immutability of the ledger.

In Bitcoin, the blockchain provides a way for participants to “profit”, thereby pulling independent participants into the network. Participants are attracted to Bitcoin as they view it as an alternative to another currency (fiat) they perceive to be weakening in value.

Private and Consortium blockchains make no sense to me, but let’s say some agency decided they wanted to seed a new public blockchain to do something like: verify that a particular coffee brand came from FairTrade sources.

How would they incentivise independent actors to verify transactions in this chain? Is it the case that they have to create a token reward, and hope over time that the token develops some minimal transactional value, and hope that early adopters make a return? Why would such actors not just participate in standard cryptocurrency blockchains?

It seems like a very hard sell, given the effort involved in running Internet connected hardware.

From where I’m sitting, its hard to see how a public blockchain can have any application beyond replacing fiat currency.

Is my understanding of this correct?

dnd 5e – Do monsters with telepathy automatically sense creatures in their telepathic radius?

No, telepathy doesn’t inherently grant knowledge of creatures

You don’t get any abilities that are not listed in the description. So if it does not say that you can sense creatures, then you can’t.

Think of it like yelling in a dark room. I don’t have to see you, know where you are, or even whether you are in the room in order for me to attempt to be heard by you. Where you are and whether you’re there only affects your ability to hear me, not my ability to yell.

An example of what you might see if a creature had both telepathy and such a detection ability (as suggested by guildsbounty in a comment) is the Intellect Devourer (p. 191 of the Monster Manual). It has telepathy (to a radius of 60 feet), and also has the separate ability to detect sentient minds (within 300 feet) using its Detect Sentience trait.

dnd 5e – Do monsters with the “Telepathy” language automatically sense creatures in their telepathic radius?

Some monsters possess the special “Telepathy” language.

Telepathy Telepathy is a magical ability that allows a monster to
communicate mentally with another creature within a specified range.
The contacted creature doesn’t need to share a language with the
monster to communicate in this way with it, but it must be able to
understand at least one language. A creature without telepathy can
receive and respond to telepathic messages but can’t initiate or
terminate a telepathic conversation.

A telepathic monster doesn’t need to see a contacted creature and can
end the telepathic contact at any time. The contact is broken as soon
as the two creatures are no longer within range of each other or if
the telepathic monster contacts a different creature within range. A
telepathic monster can initiate or terminate a telepathic conversation
without using an action, but while the monster is incapacitated, it
can’t initiate telepathic contact, and any current contact is
terminated. (MM p.9)

Does this ability allow them to sense the position of all creatures within the radius of their telepathy, given that “A telepathic monster doesn’t need to see a contacted creature”?

Does it make sense that hadoop sqooping would need to sqoop most of the same data all of the time?

I’m a DBA supporting a database that has a large volume of call center data. The team I actually support is the owner of the database, which just imports new data daily, and mostly on this db for archival purposes.

Another team I don’t support directly, is a big data team, who have access to this database via a hadoop sqooping process. Lately, they’ve been complaining about how long it takes for their process to run. Their sqooping query boils down to a select statement that looks for all records on a table that were imported since 2019. This is millions of complex records. I’m considering some covering indexes that might help them, but I’m also questioning why they need to transfer all of these records three times a day, when it would only be a difference of ~ 10k new records a day.

Does it make sense that hadoop needs a full transfer of all of the data each time it runs? Maybe it does and I’m just ignorant to how hadoop and big data works, or maybe they aren’t bothering to target or batch what they are transferring because it’s easier to just grab everything.

Does it makes sense to implement a REST API for every app?

No, its not mandatory to implement an API, let alone a REST style API.

Unless, you’ve agreed to provide one. Then yes, but you should push back and see if there isn’t a better solution. Perhaps the API needs to follow another style, perhaps you could provide data extracts on a schedule. Depends entirely on what is needed.

Unless, you are implementing this API to hide the consumed APIs. In which case your service is acting as a facade. Which adds little/zero value of its own, but does provide value in decoupling the front from the back. Agian it does not need to be a REST style API. Would another network communication style be more appropriate?

Unless, you are wanting to provide some form of external automation. Such as some shell scripts that on a schedule requests reports. But this could also be provided by programatic means, such as powershell loading .net dlls. Or by standard shell command means, by providing a command line app. It doesn’t have to be a HTTP/TCP/IP interface.

blogger: how are non-blog websites (WordPress) / Original content approved in advertising services like google ad sense?

I was interested in creating a website that contains image links to various articles / videos / other important websites related to a topic (eg cooking).

Websites that provide information on other websites / videos / songs / etc. compactly and links to various articles get ads from Google Ad Sense / Propeller or any other ad approval? How to monetize these websites?

Basically, are non-blogging websites simply summarizing the information and citing references appropriately approved by advertising agencies since the content is not original but many people might be interested?
Any article I saw on the net used Word Press on websites and people blogged to get ad approval.
How do non-blog websites get approved by ad services like google ad sense?

Website Design: Does it make any sense to design below the width of the 360 ​​pixel viewing window these days?

Are we still designing websites with a 320 px window width? I can't seem to find any remotely popular phones with this type of display anymore, the Samsung S8 S9 is 360 px and is now 4 years old. Does anyone know how large is this section of the world population that uses less than 360 px? Should we change to a minimum of 360 px?

BCoin bsock: listen to transactions and make sense

I am trying to configure bsock in my bcoin application, in order to listen to some transactions that are transmitted in the Bitcoin network. This would allow users of my application to have real-time information about (unconfirmed) payments to addresses that are relevant to them, without having to actively query my node at regular intervals.

The BCoin.io documentation is pretty good and I managed to establish a socket connection using bsock. I manage to subscribe to the mempool channel to listen to & # 39; tx & # 39 ;. I also configured the bloom filter with the appropriate rules.

The application correctly records the transactions in the mempool that match the filter. So far so good.

However, I am unable to get the addresses of the inputs and outputs of the transaction object being logged.

Each address property in the TX looks like this:

address: 

It goes without saying that this format doesn't allow me to do much with addresses …

What should I do to get the address string (in this case: & # 39; bc1qsgjma9uamep8k6eln4j9xeq6aqhrljmnwhtjdj & # 39;) in JS using the BCOIN library?

Thank you

Does it make sense to use nonsense named constants?

For example, does it make sense to refactor the following code:

a = a * 2;

as:

const int INT_TWO = 2;

// ...

a = a * INT_TWO;

My question depends on the fact that the new constant does not convey any additional meaning (instead of calling it, for example, FOOBAR_FACTOR).