Is it a major security risk if your client_secret gets displayed for about 30 min – 1 hour before you notice it showing and you can remove it?

Did something stupid, and asked a question on stackoverflow posted a little too much info without realizing it.

Is it a major security risk if your client_secret gets displayed for about 30 min – 1 hour on stack overflow before you notice it showing and you can remove it?

How to handle major changes (cross-cutting concerns) in REST API?

Let’s say we have a REST API application A consumed by other 30 applications. Application “A” uses a cross-cutting security implementation using a Security NuGet package 1.0. All minor/major changes are properly versioned and backwards compatible (e.g. not breaking existing consumers with new changes).

The problem is, what happens if you need to upgrade your Security NuGet package to 2.0 and do major changes to your security across application A. Technically, the API contract between source and consumers don’t change but you may need a thorough regression testing to make sure app A with Security 2.0 is not breaking any existing functionality in any of the 30 consumers

Should you:

  1. Create a new source code base for Security 2.0 version of the app and Deploy and maintain old and new versions of the app? Then move the 30 consumers gradually to the new API? or
  2. Migrate app A to Security 2.0 and do thorough regression testing from all 30 consumers

What is the recommended approach to handle these type of changes that span across applications and cannot be handled through endpoint versioning? E.g. wide cross-cutting security implementation? In theory your source API (app A) should be agnostic of consumers as long as it’s not breaking them).

As this article points out, this is not a versioning problem but a change management problem: https://www.ben-morris.com/rest-apis-dont-need-a-versioning-strategy-they-need-a-change-strategy/

Row and column major order for matrix multiplication in C

I wrote a program for matrix multiplication in C language, but there is no way to check the data stored type of matrix A and B.

I hope to have matrix A with Row-major order and matrix B with Column-major order, and I would appreciate if you could teach me the following two things:

  • whether matrix A and matrix B are already Row-major order and Column-major order or not
  • if not, how can I define Row-major order and Column-major order in C language

On the current code, I have not written any notation for the data holding, so I would appreciate if you let me know how I should change my code as well.

I have executed the code below and got the result. My working environment is macOS Mojave ver. 10.14.5.

#include<stdio.h>  #define N 2 int  main(int argc, char *argv[]) {     double A[N][N] = {         {1.0, 3.0},         {3.0, 1.0}     };      double B[N][N] = {         {1.0, 1.0},         {6.0, 1.0}     };      double C[N][N] = {         {0.0, 0.0},         {0.0, 0.0}     };     int i, j, k;      for(i=0; i<N; i++)         for(j=0; j<N; j++)             for(k=0; k<N; k++)                 C[i][j] += A[i][k]*B[k][j];      for(i=0; i<N; i++)         for(j=0; j<N; j++)             printf("C[%d][%d] = %f\n", i, j, C[i][j]); } 
$   ./sample C[0][0] = 19.000000 C[0][1] = 4.000000 C[1][0] = 9.000000 C[1][1] = 4.000000 

Does this paragraph about the Wand of Orcus in Out of the Abyss add to or replace this part of its DMG description? [Major Spoilers]

This question contains spoilers for Out of the Abyss, hence why this question’s title is quite ambiguous as well. If you do not want this adventure spoiled, avoid this question.

So, the Wand of Orcus has this to say about attuning to it (DMG, pg. 227):

Any creature besides Orcus that tries to attune to the wand must make a DC 17 Constitution saving throw. On a successful save, the creature takes 10d6 necrotic damage. On a failed save, the creature dies and rises as a zombie.

And in Out of the Abyss, it says this about the Wand of Orcus (pg. 219):

My question is this:

Would the quote from the DMG still apply? If the Wand of Orcus wants to be attuned to someone (because it wants to aid whoever is going to fight Demogorgon), would it still try to kill whoever it attempts to attune to?

Or at the very least would the person attuning to it automatically succeed the Constitution saving throw so that they just take some damage rather than being killed outright, since “the Wand of Orcus tries to attune itself”, implying it doesn’t try to resist, which is presumably what the failed save represents?

I know it doesn’t explicitly say this anywhere, but it seem against the intention of the plot that the wand is trying to attune to someone to help them in the fight if it just kills them and thus aids Demogorgon by doing so…

Or is this simply one of those cases where, as the DM, I could choose to just waive the negative effects of attuning to the wand or have the PC succeed the saving throw automatically or whatever else I choose?

iPad power button stopped working for a while after water splash, is there a major risk for mainboard corrosion?

I have a waterproof backpack but I must have not zip it completely in a hurry and I was caught by heavy rain.

Upper part of my iPad got slightly wet (about 5cm from the top, based on trace left on protective case). It was not submerged in the water, it appears to be a splash type effect.

I haven’t even noticed that after arriving in my office, I was working on it as usual and suddenly noticed the power button is not working and then suddenly noticed the water stain on the protective cover.

As emergency solution I enabled the accessibility feature as replacement for it.

Few hours later the button started to act like pressing itself, just few times, randomly.

Few more hours later it started to work back as usual.

After hours I went to nearest electronic repair shop which is trusted by couple of my friends. I requested them to open up my iPad and clean up the area around the power button using isopropyl alcohol to prevent corossion.

They refused to do it, they said it’s just water and my iPad is going to be fine. Honestly, it sounds to me like they just didn’t wanted to do it and gave me a bad advice.

Some research

As explained in this reference, the rain water is not pure, it contains contaminants from the atmosphere and even after dried out, can cause corrosion and oxidation.

http://www.circuitnet.com/experts/80616.html

I also reviewed all the water damage related questions on this Stack and extracted relevant ones.

Answers that recommend cleaning at third party repair shops. However in case of those questions, device was submerged or there was large spill making most of the liquid enter insides of the device, not just splashed.

How to deal with phone dropped in water MacBook Pro mid-2010- water damaged – but it still plays the chime?

Those answer recommend drying, ventilation and just using it as long as possible, however here there was a serious spill and most of liquid ended up inside of the device, in my case probably only a little bit, there is not much cavity to let water through on top of iPad case.

Spilled water on Macbook Pro 13 inch, early 2015 No sound (speakers/jack) + microphone's dead after spilling water

This one in addition seems very optimistic if amounts of water are small.

A few drops of water on my Macbook Pro

The answer here recommends ultrasonic cleaner, however I suppose it also requires opening up the device so doesn’t make the repair less risky.

iPhone 4S fell into water and blacked out, with only CPU and mainboard burning. Is it possible to export the data from two years ago?

Questions

Potential damage could be worse than just power button replacement?

Given the fact the device was not submerged, only partially exposed to stream of water and visibly affected only the power button

If potential corrosion occurs, would it require only power button replacement or entire iPad mainboard?

Better to find another repair shop and insist for cleaning?

Cleaning the motherboard is a complicated repair, my iPad is 12,9″ version, screen is easy to break, I don’t feel confident doing it myself. I head iPads are designed to be splash resistant, I’m wondering if it is worth taking the risk and just not do anything or is it sure corrosion might get it and I absolutely need to search for new repair shop that will take the challenge and clean up the motherboard?

What if they offer this ultrasonic cleaning instead of isopropyl approach? Should I go for it?

Is the Balance of Harmony magic item considered a major or minor magic item?

The Balance of Harmony is an uncommon wondrous item from the Hidden Shrine of Tamoachan module in Tales from the Yawning Portal (p. 228). It allows one to cast the spell Detect Evil and Good as a ritual.

For loot distribution purposes, I am trying to determine if it is a minor or major item. It can be used an unlimited number of times, which pushes it toward being a major item, but its specialized purpose and other restrictions make me think that it should be classified as a minor item like the Helm of Comprehending Languages.