(galerij)
The AI hype is collapsing faster than the bouncy house after a kid’s birthday. Nothing has turned out the way it was supposed to.
For a start, take a look at Microsoft—which made the biggest bet on AI. They were convinced that AI would enable the company’s Bing search engine to surpass Google.
They spent $10 billion dollars to make this happen.
And now we have numbers to measure the results. Guess what? Bing’s market share hasn’t grown at all. Bing’s share of search It’s still stuck at a lousy 3%.
In fact, it has dropped slightly since the beginning of the year.
What’s wrong? Everybody was supposed to prefer AI over conventional search. And it turns out that nobody cares.
the power plant is home to the World’s Southernmost Flush Toilet!
(galerij)
Validating SNS message in NodeJS, promisified
If you want to subscribe to an SNS topic, it's a good idea to validate if the received request is an actual valid SNS message. AWS has a (rather old) NPM package for validation. To prevent callback hell, I've created a convenience function that validates the message using the provided signature.
The function uses the sns-validator package under the hood, which:
- Gets the provided certificates, after validating the domain hosting the certificates is AWS
- Hashes the relevant fields, and compares the signature to the provided signature
After this validation, you can be sure that:
- The message wasn't tampered with
- Was provided by AWS SNS
You still don't know if it was provided by the topic you're actually subscribed to/wanting to subscribe to. I'd strongly recommend at least checking the topic ARN against an allowlist before doing something with the payload.
The function expects an SNS message delivered via http, formatted like this:
{
"Type" : "Notification",
"MessageId" : "da41e39f-ea4d-435a-b922-c6aae3915ebe",
"TopicArn" : "arn:aws:sns:us-west-2:123456789012:MyTopic",
"Subject" : "test",
"Message" : "test message",
"Timestamp" : "2012-04-25T21:49:25.719Z",
"SignatureVersion" : "1",
"Signature" : "EXAMPLElDMXvB8r9R83tGoNn0ecwd5UjllzsvSvbItzfaMpN2nk5HVSw7XnOn/49IkxDKz8YrlH2qJXj2iZB0Zo2O71c4qQk1fMUDi3LGpij7RCW7AW9vYYsSqIKRnFS94ilu7NFhUzLiieYr4BKHpdTmdD6c0esKEYBpabxDSc=",
"SigningCertURL" : "https://sns.us-west-2.amazonaws.com/SimpleNotificationService-f3ecfb7224c7233fe7bb5f59f96de52f.pem",
"UnsubscribeURL" : "https://sns.us-west-2.amazonaws.com/?Action=Unsubscribe&SubscriptionArn=arn:aws:sns:us-west-2:123456789012:MyTopic:2bcfbf39-05c3-41de-beaa-fcfcc21c8f55"
}Besides validating if the message is valid, the function will subscribe to the topic if the provided message is a 'SubscriptionConfirmation' type notification. In all other cases it just returns the original message.
import * as https from 'https';
import MessageValidator from 'sns-validator';
async function validateMessage(message: any): Promise<any> {
const validator = new MessageValidator();
return new Promise((resolve, reject) => {
validator.validate(message, (err, aMessage) => {
if (err) {
return reject(err);
}
if (aMessage?.Type === 'SubscriptionConfirmation' && aMessage.SubscribeURL) {
https.get(aMessage.SubscribeURL, function (_res) {
// You have confirmed your endpoint subscription
});
}
resolve(aMessage);
});
});
}
(galerij)
Een bonte verzameling mensen in allerlei vormen en maten, tot levende vliegende treinen aan toe, probeert een planeet te terraformen, te ontkomen aan het bedrijf dat ze tot en als slaaf gemaakt heeft, en een manier van samenleven te vinden.
Heel anders dan haar 'Murderbot'-serie. Er wordt zonder dat het vervelend wordt een uitgebreide wereld geschetst, waarin het verhaal geen moment verveeld.