Angehefteter Tweet
CanBeSolved
36 posts

CanBeSolved
@thecanbesolved
Building systems and tools to solve complex problems. From deep R&D to reliable solutions. R&D / Automation Engineer / Toolmaker / Lifestyle Researcher
Earth Beigetreten Mart 2026
6 Folgt2 Follower

FFmpeg's native AAC encoder has just been rewritten, and now beats both fdkaac and qAAC according to current metrics and listening tests.
This is not a small change. @X and @OBSProject use it, as well as many others. It's been a critical piece of the internet, and is now the best
English

@Etched 🎂Awesome. Will wait for thermal tests and benchmarks.
English

Infinity Scheduler Aims To Be A Better Linux Scheduler
phoronix.com/news/Infinity-…
English

🤖 Ready to get started with Agentic Development in @code?
We've put together 3 free courses covering everything from building your first AI agent to customizing and extending agent workflows.
A quick breakdown 🧵👇

English

API Security Best Practices
Most API breaches happen because of broken authorization, leaked secrets, or missing rate limits. Let's look at some of the basics.
- Use Modern OAuth/OIDC + MFA: PKCE for public clients, short-lived tokens, and step-up MFA for anything sensitive. Implicit and password grants should be dead by now.
- Enforce Fine-Grained Authorization: Check object, function, and field-level permissions on every request. BOLA is still the top API vulnerability.
- Minimize Scopes and Data: Give each client the smallest token scope and the least data it needs. Only return the fields the caller actually needs.
- Encrypt Every Hop: TLS for external traffic and mTLS between services. If it crosses a network boundary, encrypt it.
- Protect Secrets and Keys: Store signing keys in HSM-backed vaults. Rotate them.
- Validate Requests with Schemas: Reject unknown fields, oversized payloads, and suspicious URLs at the gateway. Don't let bad input reach your business logic.
- Rate Limit and Cap Resources: Quotas per user, payload size caps, and execution timeouts. Without these, one misbehaving client takes down your entire system.
- Defend Sensitive Business Flows: Protect login, checkout, and OTP with anti-bot, idempotency keys, and step-up auth.
- Control Outbound and Third-Party Calls: Allowlist where your API can call out to and block internal metadata endpoints. Your security is only as strong as your weakest integration.
- Harden Config and Error Handling: Deny by default on CORS, methods, and debug endpoints. Return generic errors, never stack traces.
- Inventory APIs and Versions: Track every endpoint, version, and shadow API. You can't secure what you don't know exists.
- Log, Detect, and Respond: Push auth decisions and anomalies to a SIEM. Alert on 401 spikes before they become incidents.
Over to you: Which of these best practices is the hardest to enforce across your services?

English

The world’s first sub‑1 nanometer node chip is here.
Delivering 70% greater energy efficiency, this breakthrough powers a new era of computing that’s more capable while using less energy.
Dig into this next-gen tech: ibm.co/6016EOHpM

English

🤔Did you know that most IDE themes use blue tones, even though the cones in the human eye responsible for detecting blue light make up only about 7% of the total?
I am developing an innovative color theme based on eye biomechanics and scientific data.
Which color palette or theme do you prefer?
English













