Free, Libre, and Open Source Software Leftovers

posted by Roy Schestowitz on Jul 21, 2025

• SaaS/Back End/Databases

  • PostgreSQL ☛ Isok -- a PostgreSQL extension for query based data integrity management

    Isok is PostgreSQL extension for query based data integrity management. It is now available for public testing.

• Programming/Development

  • Nicolas Fränkel ☛ Pattern-matching across different languages

    Pattern matching is a major feature in software development. While pattern matching applies in several locations, its current usage is limited to switch case blocks. I want to compare the power of pattern matching across a couple of programming languages I’m familiar with in this post.

  • Golang

    • Anton Zhiyanov ☛ Gist of Go: Signaling

      The main way goroutines communicate in Go is through channels. But channels aren't the only way for goroutines to signal each other. Let's try a different approach!

• Standards/Consortia

  • マリウス ☛ Giving Up on Element & Matrix.org

    Matrix.org began just over a decade ago as a federated messaging protocol. Its primary goal was to make real-time communication seamless across different providers, similar to how SMTP enables cross-provider email.

    “Wait, isn’t that exactly what XMPP has done since forever?”, you might ask. And you’d be right. Matrix.org essentially reinvented the wheel, swapping out XML for JSON and incorporating technologies like WebRTC and, at some point, end-to-end encryption (E2EE) as built-in rather than an extension, although from a practical standpoint it doesn’t make much difference as long as metadata is still unencrypted.

• Windows TCO / Windows Bot Nets

  • SANS ☛ Critical Sharepoint 0-Day Vulnerablity Exploited CVE-2025-53770 (ToolShell), (Sun, Jul 20th) [Ed: How Not to Report News About Microsoft ]

    Microsoft announced yesterday that a newly discovered critical remote code execution vulnerability in SharePoint is being exploited. There is no patch available. As a workaround, Abusive Monopolist Microsoft suggests using Abusive Monopolist Microsoft Defender to detect any attacks. To use Defender, you must first configure the AMSI integration to give Defender visibility into SharePoint. Recent versions of SharePoint have the AMSI integration enabled by default.

  • Security Week ☛ SharePoint Under Attack: Abusive Monopolist Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available

    Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.

  • Silicon Angle ☛ Active attacks target Abusive Monopolist Microsoft SharePoint zero-day affecting on-premises servers

    A zero-day vulnerability in Abusive Monopolist Microsoft Corp.’s SharePoint with no known patch is being exploited in the wild as security researchers warn that attackers are actively compromising servers across multiple sectors. The vulnerability, tracked as CVE-2025-53770 and dubbed “ToolShell,” affects on-premises versions of SharePoint Server 2016, 2019 and the Subscription Edition.