java – Naming conventions for classes that technically could/should have the same name

Sometimes such classes would be named as Base- or Core- to indicate that they are to be extended in other implementations, so you’d have CoreBoard and CorePiece.

Depending on the language you’re using, you could also use namespaces to distinguish between the two sets of classes. You could have a namespace for the Engine, and other namespaces for specific implementations. For example: for the Engine’s Board, and for your Chess board.

Personally, I prefer the second option, but that may be language-specific.

Question: Is it technically possible to find status of a domain outside of EPP?

Would be very grateful for any thoughts on this conundrum. For domains that are managed by a central registry using EPP (for example, .it), … | Read the rest of

product design – Best practices for technically executing AB testing on ecommerce site?

I am working on a site redesign for my company’s ecommerce site. We sell access to upcoming and recorded webinars. As a part of this redesign, I have recommended a new product strategy in which webinars can be bought from their product pages using an add to cart button. Currently, the product pages have 5 radio buttons indicating each different type of webinar access the customer can purchase (Longer webinar access, shorter webinar access, and CD-ROM copy to name a few).

My redesigned product page has just an add to cart button with the remaining “add-ons” displayed in the add to cart confirmation popup where they can be added to the webinar purchase.

I’m not sure if displaying the add-ons on the detail page is the way to go or if they should be presented in a add to cart pop-up (to reduce clutter and excess decision points at the point of ATC).

Now my question is, how would I work with an IT dept to deploy a test like this that depends on backend code to generate the different experiences and how would the test be executed with our testing platform, Adobe Target.

Our IT dept deploys site updates once a month. Has anyone executed something like this before? I so, how did you do it? Did you use Javascript to execute different scripts on the website in order to display the add-ons in either location? Wondering how I should give direction to IT to have them set this up so it can be easily tested with Adobe Target.

Thanks in advance. Happy to clarify any questions or comments.

learning – What’s a good resource to learn how [technically] bitcoin works?

There is a book called Bitcoin Internals that explains how Bitcoin works technically. It covers all the major topics like addresses, transaction processing, the blockchain, mining, pools, etc.

The Bitcoin wiki ( is a good reference for more specific details.

Satoshi Nakamoto’s whitepaper is also obligatory reading, but it is only a partial explanation of how Bitcoin works.

web browser – Which approach is technically more effective to hinder user tracking – fingerprint generalization or randomization?

Tor’s approach to countering fingerprinting is to make as many users “appear the same” as possible. Let us call this “generalization”. While Brave tries to randomize all fingerprints of each and every user in a unique way (for each new opened session).

A short quote from Brave to get the context:

“We’re adding subtle, non-human perceivable noise to the JS readable
outputs of the audio, canvas and WebGL APIs. The randomized end points
give you unlinkability across sessions for (for any fingerprinter who
consumes a randomized endpoint)”

Which of those two approaches
(randomize vs generalize fingerprints) is technically more effective
in making it more difficult to track/pinpoint
that a user across weeks of different browsing sessions is the same

This is about technical facts not opinions. I am not a expert, but I assume that this is a clear technical question and experts should be able to tell the difference of both approaches’ impact on user identification.

operating systems: is GRUB technically an operating system?

I was talking about simple and exotic operating systems with my friends
Then it occurred to me that GRUB has a shell, and you may even have graphic decorations too.
To think about it, everything is there.
Assuming that both the shell and the menu are modules, I started to wonder why it can't be an operating system.

Does GRUB1 / 2 qualify as SO?
If so, can they function as a general-purpose operating system with enough effort?
(Perhaps except for the GRUB2 limitation for writing to disk)

What happens technically when a RAID is expanded?

When a RAID (6 for example) expands by adding another drive, it goes through an "expansion phase", either offline or online. Once this is completed, the drive partition can be expanded in Windows to use the newly added space.

What exactly is happening during this phase of expansion? Is the unit being zeroed so that it does not affect the existing parity, so any new data begins to be written once the partition is extended? Does the new unit immediately start taking data from the other units in a kind of "rebalancing" and once the balance is completed, is the new unit available?

Does the process vary between manufacturers?

How does it technically represent a map generated by procedures in the scene?

I always wanted to create the type of map generator they use in kingdoms and castles. Basically, you provide a seed, and it generates land / water / trees / resources. Their maps are also completely flat (except that the water seems to be 1-2 positions down, which I suppose would make it easier.

enter the description of the image here

However, I don't know where to look for guidance for this type of system, I wonder if anyone can explain the logic of how that type of system works, or even better, point me to a tutorial that can help me get started.

While there are tutorials on perlin noise and the like, I never really understood how to connect it to a suitable mosaic, and what properties that mosaic should have, do you need colliders? Is each chip an object of play? If not, how do I create chips with trees / rocks that I can gather? and so.

Bug Bounty – How do I technically call this vulnerability?

There is a site that hosts coding contests for coding and locations.
They issue certificates to win the coding exam or at least enter the final round.

I did not participate in that competition, but my friend did.
He published the certificate on LinkedIn with its links.

I was on the same coding platform as a user, I clicked on the certificate link and was navigated to the certificate page, and BOOM I see my name on the certificate instead of that type.

Well, I quickly went to the browser's incognito mode and made a dummy fake account, copied and pasted that url and again BOOM, the certificate shows that name DUMMY.

Is it an error in that coding platform? With this can I be eligible for the reward?

What is the seriousness of this knowing that it is the coding and contracting platform?

How should I call this vulnerability in technical terms?

Note: When I leave my coding platform account and then click on that link, it tells me to log in to see the certificate. So clearly it is related to the session in the browser.

The website states the following about eligibility:

Some common security-related problems could include the following:

  • Counterfeit requests between sites (CSRF)
  • Cross-Site Scripting (XSS) (XSS stored / DOM XSS / XSS reflected affecting other users)
  • Code Executions
  • SQL injections
  • Fake server-side requests (SSRF)
  • Escalations of privileges
  • Authentication Bypass
  • File inclusions (local and remote)
  • Cancellations of the protection mechanism (CSRF cancellation, etc.)
  • Leakage of confidential data
  • Directory Tour
  • Payment Handling
  • Administration portals without authentication mechanism.
  • Open redirects that allow steal tokens / secrets

The following is listed as an example of ineligibility:

  • Application stack tracking (route disclosures, etc.)
  • Own type cross scripting
  • Cross-site scripts reflected that affect oneself
  • Denial of Service Attacks
  • CSRF problems in actions with minimal impact
  • Brute force attacks
  • Security practices (banner that reveals a software version, etc.)
  • Vulnerabilities in sites hosted by third parties unless they lead to a vulnerability on the main website.
  • Vulnerabilities subject to physical attacks, social engineering, spam, DDOS attack, etc.
    V> * ulnerabilities affecting outdated or patchy browsers / operating systems.
  • Vulnerabilities in third party applications.
  • Errors that have not been investigated and reported responsibly.
  • Errors already known to us or already reported by another person (the reward goes to the first reporter).
  • Problems that are not reproducible.
  • Problems that cannot reasonably be expected to do anything.

Am I eligible for the reward?

connection problems: are printer drivers technically possible?

It seems that printer manufacturers such as Canon provide a printing application for Android devices, from which you can print documents and images stored on your Android device, but not printer drivers. Therefore, you cannot simply print from any application, just as you can print from any program on a computer with printer drivers installed.

Is there a technical reason why there are no regular printer drivers for Android devices? Or is it just a choice made by manufacturers?