Hello again, hope you like what we have here.

Links of the week

Things they didn’t teach you about Software Engineering

“In university, they teach you how to write a 400-line program that solves a problem from A-Z. You have a blank canvas, and you need to show off your knowledge of some fancy algorithm to find a way to generate a maze. In the end, you have a nice solution to a straightforward problem.

It sounds like the real world, right? But it's not. In the real world, you have a codebase of several hundred thousand lines, and you're trying to figure out what your colleagues were smoking when they wrote this marvelous piece.“

The five laws of cloud native authorization

“In a microservices world, each service needs to verify that a subject (user or machine) has permission to perform an operation on a resource that the service manages. But in an agile environment where each team owns the implementation of their application or service, authorization models are quick to diverge. Since roles and permissions need to be enforced consistently across the organization’s services and applications, this divergence makes it hard to evolve the authorization model in a holistic way. Agility and security suffer.“

AI and the Big Five

“Google has long been a leader in using machine learning to make its search and other consumer-facing products better (and has offered that technology as a service through Google Cloud). Search, though, has always depended on humans as the ultimate arbiter: Google will provide links, but it is the user that decides which one is the correct one by clicking on it. This extended to ads: Google’s offering was revolutionary because instead of charging advertisers for impressions — the value of which was very difficult to ascertain, particularly 20 years ago — it charged for clicks; the very people the advertisers were trying to reach would decide whether their ads were good enough.“

An incomplete guide to stealth addresses

“Suppose that Alice wants to send Bob an asset. This could be some quantity of cryptocurrency (eg. 1 ETH, 500 RAI), or it could be an NFT. When Bob receives the asset, he does not want the entire world to know that it was he who got it. Hiding the fact that a transfer happened is impossible, especially if it's an NFT of which there is only one copy on-chain, but hiding who is the recipient may be much more viable. Alice and Bob are also lazy: they want a system where the payment workflow is exactly the same as it is today. Bob sends Alice (or registers on ENS) some kind of "address" encoding how someone can pay him, and that information alone is enough for Alice (or anyone else) to send him the asset.“

Extracting Training Data from Diffusion Models

“Image diffusion models such as DALL-E 2, Imagen, and Stable Diffusion have attracted significant attention due to their ability to generate high-quality synthetic images. In this work, we show that diffusion models memorize individual images from their training data and emit them at generation time. With a generate-and-filter pipeline, we extract over a thousand training examples from state-of-the-art models, ranging from photographs of individual people to trademarked company logos.“

Adding Python support to Wasm Language Runtimes

“We are happy to announce that we have a first build of Python for the wasm32-wasi target! It is based on the WASI support that is already available in CPython (the mainstream, C-based implementation of Python), augmented with additional libraries and usage examples to make it as easy to use as possible. Python joins PHP and Ruby in the list of supported languages.“

Book of the Week

Smart Business: What Alibaba's Success Reveals about the Future of Strategy

Do you have any more links our community should read? Feel free to post them on the comments.

Have a nice week. 😉

Have you read last week's post? Check the archive.