Tagged articles

2175 articles

Page 21 of 22

Sep 5, 2017 · Operations

Top 19 Linux & DevOps Interview Questions You Must Master

This article compiles a comprehensive set of 19 Linux, security, networking, and Python interview questions covering basic commands, file handling, process management, load balancing, HTTP headers, cookies vs sessions, TCP handshakes, and common security vulnerabilities, providing a solid study guide for system administrators and DevOps engineers.

Interview QuestionsLinuxPython

0 likes · 6 min read

Top 19 Linux & DevOps Interview Questions You Must Master

StarRing Big Data Open Lab

Sep 1, 2017 · Information Security

How Guardian 5.0 Reinvents Big Data Security with an Enhanced ARBAC Model

Guardian 5.0 introduces a comprehensive security solution for the TDH big‑data platform, featuring LDAP/Kerberos authentication, unified ARBAC authorization, quota management, and multi‑layer architecture, while enhancing data protection and simplifying operations across cloud‑based deployments.

ARBACAuthenticationAuthorization

0 likes · 9 min read

How Guardian 5.0 Reinvents Big Data Security with an Enhanced ARBAC Model

Hujiang Technology

Aug 30, 2017 · Information Security

Design Principles and Security Considerations for User Account Systems

This article shares practical insights on building robust user account systems, covering the shift from usernames to phone numbers as unique identifiers, the drawbacks of passwords, the limited value of periodic password changes, the pitfalls of security questions, and best practices for token management, SMS/voice verification, captcha usage, and multi‑layered future security strategies.

AuthenticationPasswordlessSMS Verification

0 likes · 14 min read

Design Principles and Security Considerations for User Account Systems

Tencent IMWeb Frontend Team

Aug 28, 2017 · Information Security

7 Surprising JavaScript Tricks to Bypass XSS Filters

This article reveals a collection of unconventional JavaScript techniques—including regex replacement, Unicode escapes, eval tricks, unusual operator combinations, custom getters/setters, and URL‑encoded payloads—that can evade common XSS filters and strengthen your understanding of web security.

BypassSecurityUnicode

0 likes · 10 min read

7 Surprising JavaScript Tricks to Bypass XSS Filters

Architecture Digest

Aug 28, 2017 · Backend Development

Key Considerations for Software Architecture: Functionality, Variability, Performance, Capacity, Ecosystem, Modularity, Buildability, Productization, and Security

The article outlines essential software architecture concerns—including functionality, variability, performance, capacity, ecosystem integration, modularity, buildability, productization, and security—while also discussing evaluation methods and scaling strategies for large‑scale systems such as MMOs.

Backend DevelopmentGame DevelopmentScalability

0 likes · 6 min read

Key Considerations for Software Architecture: Functionality, Variability, Performance, Capacity, Ecosystem, Modularity, Buildability, Productization, and Security

MaGe Linux Operations

Aug 21, 2017 · Information Security

Essential Linux Security Practices: Account Management, Network Hardening, and More

This article examines Linux security mechanisms—covering system account and password management, network protection, filesystem safeguards, log preservation, and kernel patching—using Red Hat Enterprise Linux 6.7 as a concrete example, and provides actionable strategies to mitigate common vulnerabilities.

LinuxPassword policyRed Hat

0 likes · 18 min read

Essential Linux Security Practices: Account Management, Network Hardening, and More

21CTO

Aug 17, 2017 · Backend Development

10 Proven PHP Best Practices Every Developer Should Follow

This article presents ten expert‑backed PHP best‑practice guidelines—from choosing the right use cases and scaling with multi‑table storage to security, caching, IDE tricks, filtering, framework choices, batch processing, and error reporting—to help developers write more efficient, maintainable, and secure code.

Best PracticesPHPSecurity

0 likes · 11 min read

10 Proven PHP Best Practices Every Developer Should Follow

Meituan Technology Team

Aug 17, 2017 · Mobile Development

Real‑time Android Studio Source Code Security Scanning with FindBugs Extension (Code Arbiter)

Code Arbiter extends the FindBugs plugin to provide real‑time Android Studio source‑code security scanning, implementing line‑by‑line API misuse detection, empty TrustManager checks, taint‑analysis of sources and sinks, and custom bytecode checks for unprotected Intent/Bundle reads, all packaged as a JAR for instant developer feedback.

AndroidCode ArbiterIDE plugin

0 likes · 20 min read

Real‑time Android Studio Source Code Security Scanning with FindBugs Extension (Code Arbiter)

MaGe Linux Operations

Aug 11, 2017 · Operations

Why Operations Matters: Beyond Automation to Real Business Value

In this reflective piece, Zhao Cheng (aka Qianyi) shares his experience managing the operations team at Mogujie, argues that operations value extends beyond automation to efficiency, stability, security, cost, and user experience, and offers practical guidance for shifting mindsets and aligning ops with business goals.

AutomationCost ManagementDevOps

0 likes · 12 min read

Why Operations Matters: Beyond Automation to Real Business Value

Tongcheng Travel Technology Center

Aug 9, 2017 · Information Security

Analyzing Chrome Extension Manifests and Detection Techniques

This article examines Chrome extension manifest structures, recent security‑related changes, and presents methods—including script onload/onerror probing and a web‑store spider—to detect and enumerate extensions, supplemented by sample code and data from large‑scale analysis.

Chrome extensionsDetectionJavaScript

0 likes · 7 min read

Analyzing Chrome Extension Manifests and Detection Techniques

Architecture Digest

Aug 5, 2017 · Fundamentals

Key Architectural Concerns for Large-Scale Websites: Performance, Availability, Scalability, Extensibility, and Security

The article explains the fundamental architectural factors of large‑scale web systems—performance, availability, scalability, extensibility, and security—detailing practical optimization techniques, measurement metrics, and design principles that guide robust software architecture decisions.

AvailabilityScalabilitySecurity

0 likes · 7 min read

Key Architectural Concerns for Large-Scale Websites: Performance, Availability, Scalability, Extensibility, and Security

Efficient Ops

Aug 2, 2017 · Operations

Essential Ops Playbook: 6 Key Practices to Prevent Disasters

Drawing from a year‑and‑a‑half of ops experience, this guide outlines six practical categories—online operation standards, data handling, security, daily monitoring, performance tuning, and mindset—to help engineers avoid costly mistakes and maintain stable, secure systems.

MonitoringOperationsPerformance tuning

0 likes · 12 min read

Essential Ops Playbook: 6 Key Practices to Prevent Disasters

Beike Product & Technology

Jul 28, 2017 · Backend Development

Design and Implementation of an E‑Commerce System: Business, Efficiency, Security, and Optimization Insights

This article shares the end‑to‑end design and development experience of a startup e‑commerce platform, covering business requirement analysis, efficient development practices, security measures, performance and architecture optimizations, as well as team‑building lessons learned.

Securitybackende-commerce

0 likes · 20 min read

Design and Implementation of an E‑Commerce System: Business, Efficiency, Security, and Optimization Insights

MaGe Linux Operations

Jul 22, 2017 · Information Security

8 Proven Ways to Harden Linux System Security

This article outlines eight practical techniques—including using shadow passwords, disabling unnecessary services, keeping the kernel up‑to‑date, enforcing strong login passwords, managing user privileges, limiting root access, employing SSH, and removing risky r‑commands—to significantly improve the security of a Linux system.

LinuxRoot AccessSecurity

0 likes · 11 min read

8 Proven Ways to Harden Linux System Security

MaGe Linux Operations

Jul 21, 2017 · Information Security

Detecting Python Injection Vulnerabilities with AST Analysis

This article explains how Python injection flaws—such as OS command, code, SQL, and arbitrary file download attacks—can be identified by analyzing abstract syntax trees, tracking controllable parameters, and implementing static checks to flag dangerous function calls.

ASTPythonSecurity

0 likes · 10 min read

Detecting Python Injection Vulnerabilities with AST Analysis

Efficient Ops

Jul 2, 2017 · Operations

How to Build a Multi‑Layered Security Defense: Practical Ops Strategies

This article outlines a comprehensive, multi‑layered security framework for operations teams, covering policy design, dual‑account permission separation, grid‑based vulnerability management, topology and network safeguards, OS and database hardening, common misconceptions, and actionable principles for maintaining robust protection.

Access ControlOperationsSecurity

0 likes · 31 min read

How to Build a Multi‑Layered Security Defense: Practical Ops Strategies

Efficient Ops

Jun 25, 2017 · Operations

Comprehensive Guide to Modern IT Operations: Roles, Responsibilities, and Evolution

This article outlines the service‑centric principles of internet operations, details the various categories of work such as system, application, database, and security operations, and traces the evolution of operational practices from manual management to automated, platform‑driven workflows.

OperationsSecuritySystem Administration

0 likes · 19 min read

Comprehensive Guide to Modern IT Operations: Roles, Responsibilities, and Evolution

ITPUB

Jun 7, 2017 · Information Security

10 Linux Commands That Can Wipe Your System – Why You Should Never Run Them

This article warns about ten extremely dangerous Linux commands that can irreversibly delete data or corrupt a system, explains how each works, and offers safety tips to prevent accidental execution, especially when using root privileges.

Securitydangerous-commands

0 likes · 8 min read

10 Linux Commands That Can Wipe Your System – Why You Should Never Run Them

Qunar Tech Salon

Jun 7, 2017 · Frontend Development

Cross‑Origin Communication Techniques: JSONP, window.name, document.domain, CORS, postMessage, and WebSocket with Code Samples

This article demonstrates several cross‑origin communication methods—including JSONP, window.name, document.domain, CORS, postMessage, and WebSocket—by providing step‑by‑step code examples, host file configuration, and instructions for testing each technique in a local environment development.

CORSCross-OriginFrontend

0 likes · 12 min read

Cross‑Origin Communication Techniques: JSONP, window.name, document.domain, CORS, postMessage, and WebSocket with Code Samples

Architecture Digest

Jun 2, 2017 · Backend Development

Evolution, Architecture, Performance, Scalability, and Security of Large-Scale Websites

This article provides a comprehensive overview of large‑scale website architecture, covering key metrics, evolutionary stages, core design patterns, performance testing, high‑availability strategies, scalability techniques, and security measures essential for building and operating robust web systems.

ScalabilitySecurityarchitecture

0 likes · 20 min read

Evolution, Architecture, Performance, Scalability, and Security of Large-Scale Websites

Tencent IMWeb Frontend Team

May 28, 2017 · Artificial Intelligence

This Week’s Tech Highlights: AlphaGo’s Farewell, AI Advances & Git Security

The weekly roundup covers AlphaGo’s retirement and release of self‑play games, Tencent’s surge as Asia’s top startup investor, Microsoft’s migration of Windows code to Git, WeChat mini‑program enhancements, Alibaba’s retail partnership, AI insights from Siri’s co‑founder and Facebook’s new NMT model, Xamarin Live Player’s impact, and Git 2.13 security improvements.

Machine LearningSecuritysoftware development

0 likes · 10 min read

This Week’s Tech Highlights: AlphaGo’s Farewell, AI Advances & Git Security

Node Underground

May 25, 2017 · Information Security

Live Demo: Exploiting Common Node.js Vulnerabilities and Securing Your Apps

At NodeConfBP, Snyk's Danny Grander demonstrated live attacks on a vulnerable Express 4.x app, exposing directory‑traversal, XSS, and remote memory leaks, then shared practical tips for building safer Node.js applications.

ExpressSecurityVulnerability

0 likes · 3 min read

Live Demo: Exploiting Common Node.js Vulnerabilities and Securing Your Apps

Efficient Ops

May 23, 2017 · Information Security

What’s New in Jumpserver? A Deep Dive into the Latest Open‑Source Bastion Host

This article introduces Jumpserver, an open‑source bastion host built with Python and Django, and details its major new version updates—including a full code refactor, component separation, Docker support, internationalization, RESTful APIs, and enhanced UI—highlighting how these changes improve security, extensibility, and deployment flexibility for enterprises.

Bastion HostDjangoDocker

0 likes · 7 min read

What’s New in Jumpserver? A Deep Dive into the Latest Open‑Source Bastion Host

MaGe Linux Operations

May 20, 2017 · Information Security

How to Install and Configure JumpServer 3.0 Bastion Host on CentOS

This step‑by‑step guide shows how to install JumpServer 3.0, an open‑source Python bastion host, on CentOS 6.5, configure its dependencies, database, web interface, user and asset management, and secure it with an Nginx reverse proxy.

Bastion HostCentOSInstallation

0 likes · 9 min read

How to Install and Configure JumpServer 3.0 Bastion Host on CentOS

MaGe Linux Operations

May 18, 2017 · Operations

Why Linux Really Boosts Programmer Productivity Beyond the Hype

While many claim Linux automatically makes developers more efficient, this article explains that true excellence comes from attitude and deep thinking, and outlines Linux’s concrete benefits such as open‑source nature, multi‑user support, stability, security features like SELinux, and performance advantages that together empower programmers.

Open SourceSecuritySystem Administration

0 likes · 5 min read

Why Linux Really Boosts Programmer Productivity Beyond the Hype

DevOps Coach

May 13, 2017 · Cloud Native

How to Tackle Cloud‑Native Security: Image Auditing, Micro‑Segmentation, and SPIFFE

This article explores cloud‑native security from container image auditing and CI/CD integration to microservice network protection, proposing micro‑segmentation and the SPIFFE identity framework as practical approaches to mitigate vulnerabilities in dynamic orchestration environments.

SPIFFESecurityci/cd

0 likes · 6 min read

How to Tackle Cloud‑Native Security: Image Auditing, Micro‑Segmentation, and SPIFFE

Architects' Tech Alliance

May 11, 2017 · Cloud Computing

Design and Implementation Principles for Private Cloud Architecture

This article explains the fundamental principles, security considerations, and cloud‑native design of private cloud infrastructure, covering stability, scalability, redundancy, storage options, network architecture, authentication, encryption, resource pooling, SLA management, and example OpenStack designs to guide practical implementation.

OpenStackSecuritycloud architecture

0 likes · 46 min read

Design and Implementation Principles for Private Cloud Architecture

Tencent Architect

May 5, 2017 · Operations

Automation and Operational Management for Large-Scale Infrastructure at the Architecture Platform

The article explains how the Architecture Platform team builds a comprehensive, automated operations system—including CMDB, cost budgeting, monitoring, permission management, self‑service tools, and mobile access—to safely and efficiently manage tens of thousands of servers and massive storage services.

AutomationCMDBInfrastructure

0 likes · 14 min read

Automation and Operational Management for Large-Scale Infrastructure at the Architecture Platform

21CTO

Apr 29, 2017 · Backend Development

Designing High‑Performance, Scalable Web Architecture: Key Principles

This article explains how to design a high‑traffic website architecture by layering the system, addressing performance, availability, scalability, extensibility, and security, and outlines metrics and testing methods for ensuring reliable, fast, and secure operation.

ScalabilitySecuritybackend

0 likes · 10 min read

Designing High‑Performance, Scalable Web Architecture: Key Principles

Tencent Music Tech Team

Apr 28, 2017 · Mobile Development

Analysis and Implementation of Android APK Signature Scheme v2

The article explains Android’s APK Signature Scheme v2—introduced in Android Studio 2.2—its performance and integrity benefits over v1, details the signing block structure and verification steps, and demonstrates how to embed and retrieve custom channel data within the v2 block while preserving successful verification.

APKAndroidGradle

0 likes · 14 min read

Analysis and Implementation of Android APK Signature Scheme v2

MaGe Linux Operations

Apr 24, 2017 · Information Security

How a Redis Server Got Hijacked and What You Can Do to Prevent It

This article recounts a Redis server hijacking incident, details the step‑by‑step investigation and remediation process, and offers practical security recommendations to protect Redis deployments on Linux environments.

Information SecurityIntrusionRedis

0 likes · 7 min read

How a Redis Server Got Hijacked and What You Can Do to Prevent It

ITPUB

Apr 24, 2017 · Information Security

Which Linux Commands Can Wipe Your System and How to Stay Safe

The article lists a series of Linux commands that can permanently delete files, format disks, or overload system resources, explains why they are dangerous, and provides practical tips such as avoiding root for daily work, verifying command purpose, using trusted sources, and regularly backing up data.

LinuxPreventionSecurity

0 likes · 7 min read

Which Linux Commands Can Wipe Your System and How to Stay Safe

Alibaba Cloud Developer

Apr 18, 2017 · Information Security

Mastering CDN HTTPS: Architecture, Optimization, and Best Practices

This article explains how modern websites rely on HTTPS and CDN, details SSL/TLS and HTTP/2 fundamentals, describes Alibaba Cloud's CDN HTTPS architecture, dynamic certificate management, key‑server solutions, optimization techniques, and practical guidance for deploying HTTPS end‑to‑end.

CDNHTTP/2HTTPS

0 likes · 13 min read

Mastering CDN HTTPS: Architecture, Optimization, and Best Practices

MaGe Linux Operations

Apr 15, 2017 · Information Security

Boost Your Linux Security: Essential Commands and Best Practices

This article provides a comprehensive, step‑by‑step guide to hardening a Linux system, covering console restrictions, password policies, sudo alerts, SSH tuning, Tripwire intrusion detection, firewalld and iptables management, compiler restrictions, immutable files, SELinux auditing with aureport, and the sealert tool.

HardeningSELinuxSSH

0 likes · 14 min read

Boost Your Linux Security: Essential Commands and Best Practices

Tongcheng Travel Technology Center

Apr 14, 2017 · Information Security

Implementing a Lightweight User Authentication Mechanism for Hadoop at Tongcheng Travel

This article describes the design, implementation, and deployment of a custom Hadoop security solution that introduces username‑password authentication via RPC, integrates a new protobuf protocol, modifies NameNode behavior, and provides rollout tools to secure a large‑scale shared Hadoop cluster without service interruption.

AuthenticationHadoopKerberos

0 likes · 9 min read

Implementing a Lightweight User Authentication Mechanism for Hadoop at Tongcheng Travel

MaGe Linux Operations

Apr 9, 2017 · Operations

Ansible vs SaltStack: Which Automation Tool Wins for Secure, Fast Ops?

An in‑depth comparison of Ansible and SaltStack evaluates response speed, security, maintenance overhead, and syntax readability, concluding that despite slower performance, Ansible’s superior security and simpler operations make it the preferred automation solution for large‑scale, especially financial, environments.

SaltStackSecurityansible

0 likes · 9 min read

Ansible vs SaltStack: Which Automation Tool Wins for Secure, Fast Ops?

Architecture Digest

Apr 5, 2017 · Backend Development

Design Patterns and Essential Elements of External Payment System Interfaces

The article reviews common payment channels such as Alipay, WeChat Pay, and point‑deduction models, analyzes their interface designs, security checks, and optional steps, and summarizes the mandatory API and security components required for robust payment system integration.

AlipayPayment IntegrationSecurity

0 likes · 7 min read

Design Patterns and Essential Elements of External Payment System Interfaces

MaGe Linux Operations

Apr 2, 2017 · Information Security

How to Harden Linux Servers: Disable Root, Use Private Users, and Secure SSH

This guide explains why absolute security is impossible, describes common attack vectors against SSH, and provides step‑by‑step techniques for disabling root logins, configuring sudo, creating private service users, tightening file permissions, and removing unused accounts to harden Linux servers.

$rootSSHSecurity

0 likes · 15 min read

How to Harden Linux Servers: Disable Root, Use Private Users, and Secure SSH

Architects Research Society

Mar 31, 2017 · Fundamentals

The State of IoT Standards: Challenges, Alliances, and Future Directions

The article examines the fragmented landscape of Internet of Things (IoT) standards, highlighting the lack of a universal protocol, the proliferation of competing alliances such as Thread, AllJoyn, IoTivity, the Industrial Internet Consortium, ITU‑T SG20, IEEE P2413, and Apple HomeKit, and discusses the security, interoperability, and market adoption challenges that determine which standards may survive.

InteroperabilityIoTProtocols

0 likes · 11 min read

The State of IoT Standards: Challenges, Alliances, and Future Directions

Efficient Ops

Mar 30, 2017 · Operations

Why Ops Engineers Are Always the Scapegoat—and How to Turn That Into Value

The article reflects on the challenges faced by operations engineers in small companies, illustrating why they often become scapegoats, and offers practical advice on learning, risk control, communication, and disaster‑recovery drills to increase their value and effectiveness.

OperationsSecuritylearning

0 likes · 18 min read

Why Ops Engineers Are Always the Scapegoat—and How to Turn That Into Value

MaGe Linux Operations

Mar 30, 2017 · Information Security

25 Essential Linux Hardening Tips to Boost System Security

Discover 25 practical Linux hardening techniques—from BIOS protection and minimal package installation to SELinux configuration, firewall rules, and user account management—that help system administrators strengthen security, prevent attacks, and maintain a resilient, well‑configured server environment.

HardeningPassword policySELinux

0 likes · 14 min read

25 Essential Linux Hardening Tips to Boost System Security

MaGe Linux Operations

Mar 27, 2017 · Information Security

Top 10 Enterprise Linux Server Security Practices You Must Implement

This guide outlines ten essential security measures for enterprise Linux servers, covering password management, network service restriction, user account controls, root privilege handling, logging, firewall and IDS integration, vulnerability tracking, and regular patch updates to strengthen system protection.

SecurityServerfirewall

0 likes · 14 min read

Top 10 Enterprise Linux Server Security Practices You Must Implement

360 Zhihui Cloud Developer

Mar 23, 2017 · Information Security

Secure Elasticsearch with Search Guard: Step‑by‑Step Installation & Configuration Guide

This article provides a comprehensive, step‑by‑step tutorial on installing and configuring Search Guard for Elasticsearch, covering feature overview, version compatibility, downloading required packages, local installation commands, SSL/TLS certificate generation, and detailed security settings to protect both transport and REST layers.

ElasticsearchInformation SecurityInstallation

0 likes · 11 min read

Secure Elasticsearch with Search Guard: Step‑by‑Step Installation & Configuration Guide

Baidu Intelligent Testing

Mar 15, 2017 · Information Security

Comprehensive Guide to Android Application Security Scanning and Reverse Engineering

This article provides a step‑by‑step tutorial on setting up the development environment, installing essential tools, and performing APK reverse engineering and security analysis on Android applications, covering JDK, SDK, NDK, Apktool, Dex2jar, JD‑GUI, IDA, WinHex, and Eclipse.

APKAPKToolAndroid

0 likes · 16 min read

Comprehensive Guide to Android Application Security Scanning and Reverse Engineering

DevOps Coach

Mar 11, 2017 · Cloud Native

Why Containers Power Cloud‑Native Success: Packaging, Efficiency, and Security

The article explains three core reasons why containers excite developers—packaging and portability, resource efficiency, and security boundaries—then expands on self‑service infrastructure, cluster benefits, and the evolving relationship between containers and virtual machines in cloud‑native environments.

ContainersDevOpsEfficiency

0 likes · 7 min read

Why Containers Power Cloud‑Native Success: Packaging, Efficiency, and Security

MaGe Linux Operations

Mar 6, 2017 · Information Security

How I Stopped a Massive Linux DDoS Attack and Eradicated Hidden Rootkits

A remote Ubuntu 12.04 server suffered a sudden 800 MB traffic surge caused by a hidden backdoor that sent continuous HTTP requests to malicious IPs; by analyzing logs, using iftop, netstat, lsof, and replacing compromised tools, the author identified and removed malicious processes, restored normal traffic, and outlined preventive security measures.

Network MonitoringSecurityiptables

0 likes · 9 min read

How I Stopped a Massive Linux DDoS Attack and Eradicated Hidden Rootkits

Tencent Cloud Developer

Mar 3, 2017 · Cloud Computing

Understanding VPC vs Classic Network in Public Cloud

After a mis‑configured security group in a classic network exposed a neighboring Alibaba Cloud user, developers highlighted the risks of shared internal networks and advocated moving to isolated Virtual Private Clouds, which offer customizable subnets, fine‑grained security, hybrid connectivity, and are now favored across major public‑cloud providers.

Cloud NetworkingNetwork MigrationSecurity

0 likes · 7 min read

Understanding VPC vs Classic Network in Public Cloud

Architecture Digest

Feb 24, 2017 · Backend Development

Designing a Flexible Backend Architecture on Alibaba Cloud for Early‑Stage Projects

This article outlines a cost‑effective, scalable backend architecture built on Alibaba Cloud services—including VPC, RDS, ECS, OSS, and security measures—to support the early stages of a mobile and web application and to enable gradual performance upgrades as traffic grows.

Alibaba CloudCloud ComputingRDS

0 likes · 9 min read

Designing a Flexible Backend Architecture on Alibaba Cloud for Early‑Stage Projects

Architecture Digest

Feb 14, 2017 · Frontend Development

Comprehensive Guide to Frontend Optimization: Efficiency, Performance, Stability, Responsiveness, Compatibility, SEO, and Accessibility

This article provides an extensive overview of frontend optimization techniques, covering work efficiency, speed performance, stability, responsive design, cross-browser compatibility, SEO best practices, and accessibility measures, offering practical tools, workflows, and strategies to improve web development productivity and user experience.

FrontendOptimizationSEO

0 likes · 27 min read

Comprehensive Guide to Frontend Optimization: Efficiency, Performance, Stability, Responsiveness, Compatibility, SEO, and Accessibility

Efficient Ops

Feb 9, 2017 · Cloud Computing

How Flow‑Based SDN Probes Transform Cloud Network Visibility and Security

This article explores how leveraging Flow technology and software‑defined probes can virtualize, visualize, and secure large‑scale cloud networks, addressing challenges such as scale, VTEP endpoints, traffic complexity, and enabling scalable, intelligent, and fast‑response network analysis.

Cloud NetworkingSDNSecurity

0 likes · 9 min read

How Flow‑Based SDN Probes Transform Cloud Network Visibility and Security

Architecture Digest

Feb 6, 2017 · Backend Development

Key Elements and Evolution of Large‑Scale Website Architecture

This article summarizes the evolution, patterns, and five core factors—performance, availability, scalability, extensibility, and security—of large‑scale website architecture, covering server tiers, caching, clustering, load balancing, data redundancy, and security measures.

CachingScalabilitySecurity

0 likes · 13 min read

Key Elements and Evolution of Large‑Scale Website Architecture

360 Zhihui Cloud Developer

Jan 24, 2017 · Information Security

How to Secure Elasticsearch: Practical Strategies and Free Alternatives to Shield

This article outlines practical Elasticsearch security measures—including network, OS, and server hardening, port obfuscation, and the open‑source Search Guard plugin—to protect clusters from recent hacker attacks that previously compromised MongoDB instances.

ElasticsearchOpen-sourceSearch Guard

0 likes · 7 min read

How to Secure Elasticsearch: Practical Strategies and Free Alternatives to Shield

MaGe Linux Operations

Jan 20, 2017 · Information Security

Master SSH: Install OpenSSH, Configure Clients & Servers, and Apply Best Practices

This guide explains how SSH secures data transfer, details OpenSSH installation on Linux, walks through client and server configuration, demonstrates file transfer with scp and sftp, and lists essential hardening practices for a robust SSH deployment.

Client ConfigurationLinuxOpenSSH

0 likes · 5 min read

Master SSH: Install OpenSSH, Configure Clients & Servers, and Apply Best Practices

Architecture Digest

Jan 12, 2017 · Blockchain

Blockchain Technology: Definitions, Applications, and Future Outlook – Interview with Expert Zou Jun

In this interview, blockchain specialist Zou Jun defines blockchain as an immutable, append‑only distributed ledger, explains its technical foundations, compares it with traditional databases, discusses public, consortium and private chain use cases, security concerns, and future prospects beyond finance.

BlockchainConsensusDecentralization

0 likes · 13 min read

Blockchain Technology: Definitions, Applications, and Future Outlook – Interview with Expert Zou Jun

Efficient Ops

Jan 8, 2017 · Databases

Why MongoDB Instances Get Hacked and How to Secure Them on the Cloud

This article explains the root causes of unauthenticated public‑IP MongoDB breaches, outlines UCloud's built‑in security safeguards, and provides step‑by‑step guidance for hardening self‑hosted MongoDB and smoothly migrating it to a cloud‑managed service.

AuthenticationMongoDBSecurity

0 likes · 8 min read

Why MongoDB Instances Get Hacked and How to Secure Them on the Cloud

MaGe Linux Operations

Jan 7, 2017 · Information Security

How to Build a Private CA and Manage SSL Certificates with OpenSSL

This step‑by‑step guide shows how to create a private Certificate Authority, generate self‑signed and server certificates, configure Apache for HTTPS, revoke certificates, update CRLs, and test the setup using OpenSSL and curl on Linux.

ApacheCertificate AuthorityLinux

0 likes · 5 min read

How to Build a Private CA and Manage SSL Certificates with OpenSSL

Node Underground

Jan 4, 2017 · Backend Development

Top Node.js Best Practices for 2017 to Boost Your Backend Skills

This article outlines the most important Node.js best practices for 2017, including adopting ES2015, using Promises, following coding standards, deploying with Docker, monitoring with Prometheus or Trace, enhancing security with checklists, learning micro‑services, attending conferences, semantic versioning, and using LTS releases.

Backend DevelopmentBest PracticesDocker

0 likes · 3 min read

Top Node.js Best Practices for 2017 to Boost Your Backend Skills

Architecture Digest

Jan 2, 2017 · Backend Development

API Design Guidelines for Mobile Applications

This article presents comprehensive API design standards for mobile apps, covering request/response conventions, naming rules, data type handling, security measures, compatibility, performance and user‑experience optimizations, and offers practical examples to help front‑end and back‑end engineers create robust, maintainable interfaces.

JSONRESTSecurity

0 likes · 19 min read

API Design Guidelines for Mobile Applications

Architecture Digest

Jan 1, 2017 · Fundamentals

Python 3.6 Release Highlights and New Features

The Python 3.6 release introduces numerous language enhancements such as f‑strings, variable annotations, underscore separators in numeric literals, async generators, and improved dictionary implementation, along with extensive standard‑library updates, security improvements, Windows encoding changes, performance optimizations, and new C‑API features.

PEPSecurityStandard Library

0 likes · 30 min read

Python 3.6 Release Highlights and New Features

Tencent Cloud Developer

Dec 22, 2016 · Mobile Development

Understanding iOS App Transport Security (ATS) and Deploying HTTPS with SSL Certificates

After Apple’s 2017 ATS enforcement requires all iOS apps to use HTTPS, developers must obtain an SSL certificate—such as a free Let’s Encrypt or Tencent Cloud‑issued GeoTrust certificate—install it on their web server (e.g., Nginx), optionally configure CDN encryption, and verify compliance with Apple’s security checks.

ATSHTTPSMobile Development

0 likes · 12 min read

Understanding iOS App Transport Security (ATS) and Deploying HTTPS with SSL Certificates

ITFLY8 Architecture Home

Dec 19, 2016 · Information Security

Mastering Single Sign-On (SSO): Architecture, Implementation, and Performance Insights

This comprehensive article explores the business need for Single Sign-On, explains its internal ticket‑based mechanisms, presents detailed Web‑SSO and desktop SSO implementations with full source code, analyzes security and performance risks, and offers step‑by‑step deployment guidance for Java/J2EE environments.

J2EESSOSecurity

0 likes · 21 min read

Mastering Single Sign-On (SSO): Architecture, Implementation, and Performance Insights

21CTO

Dec 18, 2016 · Backend Development

How to Design Clean, Stable, and User‑Friendly APIs: Best Practices

Effective API design requires shifting from a developer‑centric mindset to the user’s perspective, emphasizing clear documentation, stability, versioning, flexibility, security, and ease of use, while avoiding unnecessary complexity and ensuring consistent, well‑structured interfaces for diverse clients across web, mobile, and IoT platforms.

Best PracticesDocumentationSecurity

0 likes · 12 min read

How to Design Clean, Stable, and User‑Friendly APIs: Best Practices

ITFLY8 Architecture Home

Dec 17, 2016 · Information Security

How to Implement Robust Single Sign-On Across Multiple Domains

This article explores various single sign-on strategies—including shared Redis sessions, OpenID-based authentication, cookie-driven OpenID storage, and JSONP cross-domain solutions—detailing their architectures, limitations, and security considerations, and offers practical guidance for building scalable, secure SSO in multi-domain environments.

AuthenticationOpenIDSSO

0 likes · 9 min read

How to Implement Robust Single Sign-On Across Multiple Domains

WeChat Backend Team

Dec 12, 2016 · Information Security

Understanding TLS Handshake: Server Certificate, Key Exchange, and Client Authentication

This article explains the TLS handshake process, covering server certificate transmission, server key exchange details, certificate request handling, server hello done, client certificate usage, client key exchange mechanisms, RSA premaster secret encryption, Diffie‑Hellman and ECDH key exchanges, and the certificate verify step.

CertificateSecurityTLS

0 likes · 24 min read

Understanding TLS Handshake: Server Certificate, Key Exchange, and Client Authentication

DevOps

Dec 8, 2016 · Cloud Native

Anchore 2016 Container Technology Survey: Adoption, Security, CI/CD, Orchestration, and OS Trends

The 2016 Anchore survey reveals how organizations of various sizes adopt containers in production and development, highlights security concerns, shows CI/CD tool dominance, compares orchestration platforms, and analyzes host and image operating system preferences, providing a comprehensive view of the container ecosystem.

ContainersOrchestrationSecurity

0 likes · 7 min read

Anchore 2016 Container Technology Survey: Adoption, Security, CI/CD, Orchestration, and OS Trends

Node Underground

Dec 7, 2016 · Backend Development

7 Essential npm Tricks Every Developer Should Know

Discover seven practical npm tips—from listing globally installed packages and enabling command auto‑completion to checking security vulnerabilities, customizing per‑project configs, adjusting log levels, linking local dependencies, and enforcing engine strictness—each designed to streamline your Node.js workflow and boost productivity.

Securitycli tipsnpm

0 likes · 5 min read

7 Essential npm Tricks Every Developer Should Know

Efficient Ops

Nov 28, 2016 · Operations

Essential Ops Insights: Tool Choices, Automation, and Best Practices from a Senior Ops Expert

This article compiles expert Q&A on operations, covering tool selection, monitoring, Linux version choices, automation platforms, security, Docker, backup strategies, and career advice, offering practical guidance for modern infrastructure management.

AutomationLinuxMonitoring

0 likes · 19 min read

Essential Ops Insights: Tool Choices, Automation, and Best Practices from a Senior Ops Expert

Hujiang Technology

Nov 9, 2016 · Databases

Risks of Auto‑Increment IDs and Distributed ID Solutions

The article explains how exposing auto‑increment primary keys can leak business information, illustrates the danger with historical examples, and evaluates alternative ID generation strategies such as encoding, UUIDs, and Snowflake‑style distributed IDs, including performance comparisons in MySQL.

Database DesignSecurityauto_increment

0 likes · 9 min read

Risks of Auto‑Increment IDs and Distributed ID Solutions

Node Underground

Nov 3, 2016 · Backend Development

Top 10 Must‑Know Node.js v6 Features Over v4

Node.js v6 introduces a suite of powerful enhancements over v4, including integrated Chrome DevTools debugging, EventEmitter event introspection, revamped Buffer APIs, unhandled Promise rejection warnings, secure temporary directory creation, symlink preservation, process warning handling, timing-safe crypto, V8 profiling shortcuts, and detailed CPU usage reporting.

Node.jsSecurityperformance

0 likes · 6 min read

Top 10 Must‑Know Node.js v6 Features Over v4

ITPUB

Nov 2, 2016 · Operations

10 Creative Linux Commands to Generate Secure Random Passwords

This guide presents ten distinct Linux command‑line techniques—including SHA‑based hashing, OpenSSL, /dev/urandom filtering, dd, and custom Bash functions—to quickly produce strong, random passwords of configurable length, each illustrated with sample output.

BashLinuxSecurity

0 likes · 5 min read

10 Creative Linux Commands to Generate Secure Random Passwords

dbaplus Community

Nov 1, 2016 · Information Security

Exploiting Message Queue Injection to Hijack Distributed Nodes with Celery

The article explains how insecure serialization in message‑queue middleware, especially Python's pickle used by Celery, can be abused to inject malicious payloads that trigger remote code execution on distributed workers, and it demonstrates detection and exploitation techniques against vulnerable Redis and MongoDB brokers.

Message QueuePythonRedis

0 likes · 17 min read

Exploiting Message Queue Injection to Hijack Distributed Nodes with Celery

360 Zhihui Cloud Developer

Nov 1, 2016 · Databases

Master MongoDB Permission Management: Roles, Users, and Best Practices

This guide thoroughly explains MongoDB's permission system, covering key concepts, role creation, inheritance, privilege assignment, user management, and essential precautions to avoid common security pitfalls and simplify administration.

Database AdministrationMongoDBPermission management

0 likes · 9 min read

Master MongoDB Permission Management: Roles, Users, and Best Practices

Ctrip Technology

Nov 1, 2016 · Information Security

Understanding Serialization, Deserialization Vulnerabilities and Mitigation in Java

The article explains Java serialization and deserialization concepts, provides sample code for serializing a string to a file and restoring it, describes how insecure deserialization leads to remote code execution vulnerabilities illustrated by ActiveMQ, JBoss and Jenkins cases, and outlines mitigation techniques such as class whitelisting, encryption, and using transient fields.

DeserializationJavaSecurity

0 likes · 7 min read

Understanding Serialization, Deserialization Vulnerabilities and Mitigation in Java

ITPUB

Oct 31, 2016 · Information Security

Uncovering Linux Buffer Overflow Exploits: Stack Frames, Code Samples, and Defense

This article explains Linux process address space layout and stack‑frame structure, demonstrates a classic buffer‑overflow attack with full source code and compilation steps, analyzes how the exploit gains root privileges, and discusses why modern compilers and shells affect the attack's success.

Securitybuffer overflowexploit

0 likes · 15 min read

Uncovering Linux Buffer Overflow Exploits: Stack Frames, Code Samples, and Defense

Ctrip Technology

Oct 24, 2016 · Information Security

User Password Encryption and Cracking Techniques

This article explains common user password storage methods, compares their security characteristics, and details various cracking approaches—including hash collisions, rainbow tables, and advanced algorithms like PBKDF2, bcrypt, and scrypt—while emphasizing the importance of strong encryption to mitigate data breach risks.

HashingPBKDF2Security

0 likes · 8 min read

User Password Encryption and Cracking Techniques

ITPUB

Oct 23, 2016 · Information Security

10 Clever Linux Commands to Generate Strong Random Passwords

This guide walks through ten distinct Linux command‑line techniques—including date hashing, /dev/urandom filtering, OpenSSL, tr, strings, dd, and custom shell functions—to quickly produce secure, random passwords of configurable length for any environment.

Securitypasswordrandom

0 likes · 6 min read

10 Clever Linux Commands to Generate Strong Random Passwords

Nightwalker Tech

Oct 15, 2016 · Operations

Practical Insights and Best Practices for SMS Verification and Voice Code Delivery

This discussion compiles real‑world experiences, security concerns, delivery‑rate comparisons, and operational strategies for SMS and voice verification codes, highlighting multi‑provider setups, template handling, monitoring, and mitigation of spam filtering and abuse.

MonitoringSMS VerificationSecurity

0 likes · 8 min read

Practical Insights and Best Practices for SMS Verification and Voice Code Delivery

dbaplus Community

Oct 11, 2016 · Databases

Master MySQL: Installation, Configuration, Charset & Engine Guide

This comprehensive guide walks you through MySQL's features, table size limits, Linux installation methods, source compilation, post‑install security hardening, character‑set management, engine selection, essential commands, and password recovery techniques for robust database administration.

Character SetInstallationLinux

0 likes · 19 min read

Master MySQL: Installation, Configuration, Charset & Engine Guide

Architects Research Society

Oct 9, 2016 · Blockchain

Blockchain Technical Features, Business Benefits, and Adoption by Financial and Technology Companies

The article explains blockchain's core technical traits such as distributed fault tolerance, immutability and cryptographic privacy, outlines the resulting business advantages like trust, cost reduction and enhanced security, and lists major financial and tech firms that are already exploring or deploying the technology.

Cost ReductionFinancial ServicesSecurity

0 likes · 5 min read

Blockchain Technical Features, Business Benefits, and Adoption by Financial and Technology Companies

MaGe Linux Operations

Oct 8, 2016 · Information Security

Beware These 9 Dangerous Linux Commands That Can Wipe Your System

This article lists nine hazardous Linux commands—including a fork bomb, misuse of /dev/null, reckless rm -rf options, dangerous mkfs usage, tar bombs, dd mishaps, malicious scripts, and deceptive source code—explaining how each can destroy data or crash a system and how to avoid them.

LinuxSecurityShell Commands

0 likes · 7 min read

Beware These 9 Dangerous Linux Commands That Can Wipe Your System

ITPUB

Oct 5, 2016 · Information Security

9 Dangerous Linux Commands You Must Never Run

This guide lists nine hazardous Linux commands—including a fork bomb, risky rm options, disk‑formatting utilities, tar bombs, and deceptive scripts—explaining how they work, why they can destroy data or freeze systems, and what precautions to take to avoid catastrophic damage.

Data lossLinuxSecurity

0 likes · 7 min read

9 Dangerous Linux Commands You Must Never Run

ITPUB

Oct 4, 2016 · Operations

How to Build a Resilient High‑Traffic Website: A Complete Operations Guide

This guide outlines a step‑by‑step strategy for designing a highly available, secure, and scalable website architecture, covering domain acquisition, CDN deployment, image caching, data center selection, monitoring, DDoS mitigation, redundancy, server configuration, database replication, testing environments, and operational best practices.

OperationsSecurityhigh availability

0 likes · 14 min read

How to Build a Resilient High‑Traffic Website: A Complete Operations Guide

Baidu Intelligent Testing

Sep 30, 2016 · Information Security

Android Security Testing Checklist: Network Communication, Data Storage, and Packaging

This guide outlines essential Android security testing checkpoints, covering network communication risks, data storage protections, and packaging integrity measures to help developers identify and mitigate vulnerabilities before release.

AndroidDataStorageSecurity

0 likes · 5 min read

Android Security Testing Checklist: Network Communication, Data Storage, and Packaging

Node Underground

Sep 29, 2016 · Information Security

What Critical Security Fixes Did Node.js Release on Sep 28?

On September 28 Node.js issued four security updates—including maintenance releases 0.10.47 and 0.12.16, LTS 4.6.0 Argon, and stable 6.7.0—addressing multiple CVEs such as wildcard certificate validation, HTTP header validation, OCSP extension misuse, and the SWEET32 attack, and urging users to upgrade promptly.

CVEInformation SecurityNode.js

0 likes · 3 min read

What Critical Security Fixes Did Node.js Release on Sep 28?

Baidu Intelligent Testing

Sep 28, 2016 · Mobile Development

Security Checklist for Android Component Communication

This article outlines essential security checks for Android components—including Activity, WebView, BroadcastReceiver, Service, and ContentProvider—highlighting common vulnerabilities such as exported components, SSL handling, saved passwords, implicit intents, and unsafe broadcast APIs, and provides practical code examples and mitigation steps.

AndroidBroadcastReceiverComponent

0 likes · 7 min read

Security Checklist for Android Component Communication

Tencent TDS Service

Sep 22, 2016 · Fundamentals

How Android’s Linker Loads and Links Native .so Files (and What It Means for Packing)

This article explains Android's linker workflow for loading and linking native .so libraries, detailing the do_dlopen sequence, ELF parsing, memory mapping, soinfo allocation, relocation handling, and constructor calls, and concludes with a brief overview of common SO packing techniques.

AndroidELFLinker

0 likes · 19 min read

How Android’s Linker Loads and Links Native .so Files (and What It Means for Packing)

Architects Research Society

Sep 12, 2016 · Information Security

Intro to Computer and Network Security: Curated Learning Resources

This guide compiles essential papers, tools, virtual machines, datasets, and training sites to help learners deepen their understanding of computer and network security through both theoretical study and hands‑on practice.

ForensicsLearning ResourcesSecurity

0 likes · 6 min read

Intro to Computer and Network Security: Curated Learning Resources

Node Underground

Sep 10, 2016 · Information Security

Beware the 4 Evil Regex Patterns That Can Crash Your Node.js App

The article highlights four dangerous regular expression patterns that can cause severe performance degradation in Node.js, turning millisecond operations into minutes, potentially leading to timeouts, event‑loop blocking, and broader security risks, and points to additional encoding and cookie safety recommendations.

Securitydenial-of-serviceperformance

0 likes · 2 min read

Beware the 4 Evil Regex Patterns That Can Crash Your Node.js App

Node Underground

Aug 31, 2016 · Information Security

How Global Hook Injection Threatens Node.js Apps and How to Defend

Understanding the nature of security blind spots, this article explains how malicious modules can attach global hooks to inject arbitrary code into Node.js applications, highlighting the risks of module imports and offering insight into protecting against such injection attacks.

Code InjectionNode.jsSecurity

0 likes · 1 min read

How Global Hook Injection Threatens Node.js Apps and How to Defend

ITPUB

Aug 31, 2016 · Cloud Native

Master Decentralized Governance, Service Discovery, and Fault Tolerance in Cloud‑Native Microservices

This article explains how microservices adopt decentralized governance, outlines service registration and discovery mechanisms, details Docker and Kubernetes deployment strategies, describes security using OAuth2/OpenID, discusses transaction handling and fault‑tolerance patterns such as circuit breaking and timeouts, providing practical guidance for building robust cloud‑native systems.

Cloud NativeDockerGovernance

0 likes · 12 min read

Master Decentralized Governance, Service Discovery, and Fault Tolerance in Cloud‑Native Microservices

360 Quality & Efficiency

Aug 29, 2016 · Information Security

Android Security Testing Guide

This guide explains how to use APKTool to decompile Android apps, inspect the AndroidManifest.xml for exposed components, and employ the Drozer framework to enumerate packages, assess component exposure, detect content provider leaks, SQL injection, file traversal, and service vulnerabilities.

APKToolAndroidDrozer

0 likes · 5 min read

Qunar Tech Salon

Aug 13, 2016 · Information Security

Android App Security Risks and Protection Strategies Presented at Qunar Tech Carnival

The article outlines common Android security vulnerabilities such as unprotected resources, easily decompiled Java and native code, and proposes protection measures like resource obfuscation, code encryption, native code hardening, and introduces the Qotector platform for APK analysis and reinforcement.

APK analysisReverse EngineeringSecurity

0 likes · 7 min read

Android App Security Risks and Protection Strategies Presented at Qunar Tech Carnival

Qunar Tech Salon

Jul 21, 2016 · Information Security

Exploiting Premium Phone Numbers to Steal Money from Instagram, Google, and Microsoft

The article details how attackers exploit premium phone numbers in Instagram, Google, and Microsoft’s two‑factor authentication to generate automated voice calls, earn money per call, and how the vulnerabilities were reported, mitigated, and rewarded through bug‑bounty programs.

Bug BountyGoogleMicrosoft

0 likes · 13 min read

Exploiting Premium Phone Numbers to Steal Money from Instagram, Google, and Microsoft

High Availability Architecture

Jul 15, 2016 · Backend Development

High‑Availability Architecture for Weibo Paid Reading and Tipping Services

The article describes the high‑availability, high‑concurrency backend architecture of Weibo's paid reading and tipping platform, covering layered design, database sharding, asynchronous processing, monitoring, idempotency, distributed transaction handling, and security measures for a large‑scale internet‑finance system.

IdempotencyMonitoringSecurity

0 likes · 8 min read

High‑Availability Architecture for Weibo Paid Reading and Tipping Services

AI Cyberspace

Jul 8, 2016 · Information Security

How CVE‑2016‑4971 Lets Attackers Hijack wget to Install Rootkits

The CVE‑2016‑4971 vulnerability in older wget versions allows attackers to redirect HTTP downloads to malicious FTP resources, causing hidden .bash_profile files to be written and executed, which can grant full host compromise and rootkit installation.

CVE-2016-4971RootkitSecurity

0 likes · 5 min read

How CVE‑2016‑4971 Lets Attackers Hijack wget to Install Rootkits

Qunar Tech Salon

Jul 6, 2016 · Information Security

Thirteen Ways Containers Are More Secure Than Virtual Machines

The article explains why containers offer stronger security than virtual machines by detailing thirteen best‑practice features such as disabling SSH, limiting ports, short‑lived containers, immutable designs, automated patching, and comprehensive scanning and logging strategies.

ContainersDevOpsSecurity

0 likes · 5 min read

Thirteen Ways Containers Are More Secure Than Virtual Machines

Efficient Ops

Jul 4, 2016 · Operations

What the 5th Annual DevOps Report Reveals About ROI, Culture, and Performance

The fifth‑year DevOps report, based on surveys of over 4,600 global professionals, shows how high‑performing organizations achieve dramatically faster deployments, higher employee loyalty, better quality and security, and substantial cost savings, while highlighting the ROI of DevOps investments and cultural transformation.

DevOpsEmployee loyaltyIT performance

0 likes · 15 min read

What the 5th Annual DevOps Report Reveals About ROI, Culture, and Performance

AI Cyberspace

Jul 4, 2016 · Information Security

Master Linux Auditing: Essential Commands and Log Analysis Techniques

This guide explains essential Linux audit commands, log‑viewing techniques, user and process inspection methods, and additional checks such as file integrity, network monitoring, cron jobs, and backdoor detection, providing a comprehensive toolkit for system security and operations.

Securityauditlog analysis

0 likes · 9 min read

Master Linux Auditing: Essential Commands and Log Analysis Techniques

High Availability Architecture

Jun 24, 2016 · Information Security

Xiaomi's Internet Finance Risk Control Practices: Architecture, Rules Engine, and Machine Learning

The article details Xiaomi's evolution of internet‑finance risk control—from early limit and frequency rules that cut bad‑debt by a third, through adopting the Drools rules engine for rapid deployment and gray‑release, to leveraging random‑forest machine‑learning models and extensive user profiling that reduced fraud by roughly 40%, while addressing privacy and operational challenges.

DroolsMachine LearningRandom Forest

0 likes · 15 min read

Xiaomi's Internet Finance Risk Control Practices: Architecture, Rules Engine, and Machine Learning

Architecture Digest

Jun 12, 2016 · Mobile Development

Key Principles of Android App Architecture: Maintainability, Extensibility, Security, and Onboarding

This article shares practical insights on Android app architecture, covering maintainability, extensibility, security, onboarding friendliness, documentation, package organization, MVC vs MVP patterns, and guidelines for selecting and encapsulating frameworks to build robust mobile applications.

AndroidMVCMVP

0 likes · 13 min read

Key Principles of Android App Architecture: Maintainability, Extensibility, Security, and Onboarding