SShortSingh.
Back to feed

Developer builds offline IP-reputation tool designed to admit uncertainty

0
·2 views

A software developer created KiloCheck, a lightweight offline IP-reputation tool written in Rust, to help evaluate suspicious links without relying on external APIs. The tool runs a four-stage pipeline that ingests signed threat data, compiles a local index, and checks IP addresses against it — entirely without network calls during lookup. The developer was prompted to test it after receiving a suspicious recruiter email featuring a tracking URL and an implausible multi-role sender signature. When the tool returned a verdict of 'NOT_OBSERVED' with zero confidence, the developer considered it a design success, arguing that admitting uncertainty is more reliable than a false positive or negative. KiloCheck is available as an open-source binary of roughly 12MB and is installable via a shell script from its GitHub repository.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingHacker News ·

Climate.gov taken offline, but open data efforts help preserve its content

The U.S. government climate information website Climate.gov was shut down, removing public access to years of climate data and resources. Open data advocates and archivists stepped in to preserve and restore much of the site's content before it was lost permanently. The incident highlights the vulnerability of publicly funded scientific resources when government priorities shift. It also underscores the importance of open data practices, which made recovery efforts possible in this case.

0
ProgrammingDEV Community ·

Green CI checks can mask untested release pipeline steps, developer warns

A developer discovered that two consecutive green CI runs on a release pipeline were misleading — both passed because the tool, python-semantic-release, correctly detected no release was needed and exited early without executing the critical push step. Since the triggering commits were of types like 'docs:' and 'ci:', which do not warrant a version bump, the pipeline short-circuited before ever testing the protected-branch push or the release token. A separate bug also revealed that build artifacts were not automatically staged for commit, meaning they were silently absent from releases despite all job steps exiting with code 0. The author argues that a zero exit code only confirms a command ran without error, not that it performed the intended work. The key takeaway is that engineers should verify actual pipeline effects — such as whether a tag was created or artifacts were staged — rather than relying solely on a passing status badge.

0
ProgrammingDEV Community ·

Engram Launches Developer Learning Tool Using Spaced Repetition and First Principles

Engram is a newly launched educational tool designed specifically for developers, combining first-principles curricula, free-recall verification, and FSRS-based spaced repetition to improve knowledge retention. The platform also features 'explorable artifacts,' which let users interact with complex technical concepts in a hands-on, visual manner. Since its launch, Engram has attracted 775 GitHub stars, signalling early interest from the developer community. It positions itself as a more evidence-based alternative to established platforms like Codecademy and Coursera, which it argues lack scientific rigor in their learning frameworks. The tool aims to address the growing demand for personalized, flexible learning strategies among developers managing multiple skill sets.