17 Dec

Weekly Update 132: Look how far we've come!

This is a copy of our weekly newsletter for developers which you can subscribe to here.

Hello contributors,

Now that we've been working for a while on the Programming Mission with many, many great contributions, it's a good time to look at what that means for end users. At a high level, some of the improvements are:

  • Many more Instant Answers, both informative and interactive
  • Improved and broader triggering
  • Better layout and display, including template tweaks and syntax highlighting
  • Bug fixes and data corrections

People are noticing. I've seen many tweets and messages from users who are surprised and delighted that their programming questions are answered so quickly, and we've put a few of their comments on DuckDuckHack. Therefore the next thing is to make sure you, the people that create the Instant Answers, are getting the most out of them. I invite you to take a look at all the programming Instant Answers we have and perhaps discover something new. Try them out, see what can make your work easier, and of course tell the world if you think others could benefit.

And don't forget that every Instant Answer has an info box — just click the small "i" icon to discover who contributed to it, and you can even find links to the pull requests if you'd like to leave the developer a note of thanks.

Looking forward, we still have issues open to improve IAs even more, for example...

Weekend Warriors

5-minute-ish Fixes

More open tasks here...

Quick Tip

Whatever language you code in, being aware of cryptographic concepts is not only useful, it could save you from a lot of trouble. As hard as it is to predict the future, I think we can agree that digital and online security is only going to get more important. It's not just about passwords either — storing or transferring any kind of personal data is a potential privacy risk.

Therefore I recommend having a basic understanding of cryptography and this guide is a great place to start:

You Wouldn't Base64 a Password! Cryptography Terms and Concepts for Developers by Scott Arciszewski

A few highlights are:

  • The First Rule of Cryptography: Don't Implement it Yourself
    If you only remember one thing, make it this.
  • There is no single "best" algorithm
    There are many depending on the intended use, requiring varying number of keys.
  • Encoding and compressing are not cryptographic
    They transform data but don't hide or protect it in any way.
  • Don't encrypt passwords
    Hash them with a password hashing algorithm, but read the guide thoroughly first.
  • Secret-key encryption without message authentication is insecure
    Encrypted-only data is vulnerable to attacks and tampering.

The guide goes into much more detail but in an understandable way, so whether these concepts are new to your or not, I highly recommend going through it to avoid making unintentional security mistakes in your projects. One final reminder: If your projects involve cryptographic algorithms, don't implement them yourself!

That's all for now — enjoy your weekend!

- The DuckDuckGo Staff

0 Tweet

This blog has been archived

Thank you for reading and contributing lively discussion to our blog! Read more posts about online privacy on our new blog at spreadprivacy.com.