Tweet ghim
CanBeSolved
36 posts

CanBeSolved
@thecanbesolved
Building systems and tools to solve complex problems. From deep R&D to reliable solutions. R&D / Automation Engineer / Toolmaker / Lifestyle Researcher
Earth Tham gia Mart 2026
6 Đang theo dõi2 Người theo dõi

FFmpeg's native AAC encoder has just been rewritten, and now beats both fdkaac and qAAC according to current metrics and listening tests.
This is not a small change. @X and @OBSProject use it, as well as many others. It's been a critical piece of the internet, and is now the best
English

@Etched 🎂Awesome. Will wait for thermal tests and benchmarks.
English

Infinity Scheduler Aims To Be A Better Linux Scheduler
phoronix.com/news/Infinity-…
English

🤖 Ready to get started with Agentic Development in @code?
We've put together 3 free courses covering everything from building your first AI agent to customizing and extending agent workflows.
A quick breakdown 🧵👇

English

API Security Best Practices
Most API breaches happen because of broken authorization, leaked secrets, or missing rate limits. Let's look at some of the basics.
- Use Modern OAuth/OIDC + MFA: PKCE for public clients, short-lived tokens, and step-up MFA for anything sensitive. Implicit and password grants should be dead by now.
- Enforce Fine-Grained Authorization: Check object, function, and field-level permissions on every request. BOLA is still the top API vulnerability.
- Minimize Scopes and Data: Give each client the smallest token scope and the least data it needs. Only return the fields the caller actually needs.
- Encrypt Every Hop: TLS for external traffic and mTLS between services. If it crosses a network boundary, encrypt it.
- Protect Secrets and Keys: Store signing keys in HSM-backed vaults. Rotate them.
- Validate Requests with Schemas: Reject unknown fields, oversized payloads, and suspicious URLs at the gateway. Don't let bad input reach your business logic.
- Rate Limit and Cap Resources: Quotas per user, payload size caps, and execution timeouts. Without these, one misbehaving client takes down your entire system.
- Defend Sensitive Business Flows: Protect login, checkout, and OTP with anti-bot, idempotency keys, and step-up auth.
- Control Outbound and Third-Party Calls: Allowlist where your API can call out to and block internal metadata endpoints. Your security is only as strong as your weakest integration.
- Harden Config and Error Handling: Deny by default on CORS, methods, and debug endpoints. Return generic errors, never stack traces.
- Inventory APIs and Versions: Track every endpoint, version, and shadow API. You can't secure what you don't know exists.
- Log, Detect, and Respond: Push auth decisions and anomalies to a SIEM. Alert on 401 spikes before they become incidents.
Over to you: Which of these best practices is the hardest to enforce across your services?

English

The world’s first sub‑1 nanometer node chip is here.
Delivering 70% greater energy efficiency, this breakthrough powers a new era of computing that’s more capable while using less energy.
Dig into this next-gen tech: ibm.co/6016EOHpM

English

🤔Did you know that most IDE themes use blue tones, even though the cones in the human eye responsible for detecting blue light make up only about 7% of the total?
I am developing an innovative color theme based on eye biomechanics and scientific data.
Which color palette or theme do you prefer?
English













