Hey there, sunshine 🌞

It has been a long time since I last sent this newsletter and a lot has changed the past few months with too many layoffs in the tech sector.

I started full self-employment, back to hitting the gym again, reading a lot of books and articles, becoming more active for migrants rights and anti-racism in Germany and I passed my German B1 Telc exam then I became shocked at what’s written by German media about migrants as I started to understand them 😳

But it’s good to be back posting again bi-weekly summaries about interesting tech topics I have found to accelerate your growth as a software engineer!

So let’s get into it 🚀

This week’s News

• Thousands of GitHub repositories exposed via Microsoft Copilot

• Signal's CEO: Then We're Leaving Sweden

• EA just open sourced Command & Conquer, Red Alert, Renegade and Generals

• Anyone Can Push Updates to the DOGE.gov Website

• Here is NASA’s Contract with Clearview AI

This week’s Summaries

CommonJS Circular Dependency

This week I had an issue with Circular dependency. Basically I had the issue that Package A was importing Package B but Package B was also importing Package C and then importing Package D. But suddenly I found this last one was importing Package A.

So, it was like this: A -> B -> C -> D -> A

Of course, Webpack was importing A into D as an empty null and causing it to fail. The reason is not Webpack but rather CommonJs’s behaviour to avoid going into infinite loops in Circular Dependencies. It defines them as empty objects first and then adds the properties later. It works like this:

• It first Loads A

• It sees A requires B

• It goes to import B

• ….

• It then finds D needs A

• It sees it’s already there as an empty object

• It then returns to D an empty object

A solution would be to add the imports at the end of A so it exports first before importing it’s dependencies

Read more:

• Circular imports with webpack returning empty object

Evil maid attack

The attack happens by gaining physical access to the device and trying to install firmware or software that can intercept the data or the encryption keys (ex: key logger). This can happen especially in hotels or at airports or when arrested by law enforcement personnel.

To protect against this attack, you will need to monitor the devices physically and there is also the use of TPM to check the integrity of the device and the firmware.

Some ways to protect against this attack:

• Using glitter nail polish to seal the screws

• Using tamper-evident stickers on ports

• Using a secure boot process to check the integrity of the firmware

• Using Haven app to monitor the device using the phone sensors

Read more:

• Evil maid attack

• Evil Maid goes after TrueCrypt!

S.T.A.R. Method

The STAR method is a structured way to provide briefings, whether in job interviews, meetings or just talking with a potential client. It entails the following structure:

Situation: Give context before telling anything.

Task: What was the challenge.

Action: What was your own contribution. It can also be multiple actions.

Result: What was the outcome of each action.

Read more:

• STAR Interview method

Videos of the Week

The Chinese Century is here

10 Gmail Productivity Tips that Changed My Life!

How Sr Devs are *really* made