Nicholas Bering @nbering@mastodon.xyz
Software Developer at https://medstack.co. Open Source contributor.
Hundreds of OONI Probe network measurements suggest Egyptian ISPs have blocked sites that use Cloudflare by interfering with SSL encrypted traffic between the Cloudflare CDN and the website backend. https://blog.torproject.org/egypt-internet-censorship #Egypt #censorship #humanrights https://twitter.com/torproject/status/1013812060793262080/photo/1 source: https://twitter.com/torproject/status/1013812060793262080
@nbering This seemed relevant to the conversation:
There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult.
–Tony Hoare, 1980
"Chuck Norris doesn't do Burn Down charts, he does Smack Down charts."
One of the main reasons our internet security is so shitty, is because no one wants to pay for security... however, everyone will pay for convenience. Making an application convenient is hard, but making it secure is even harder. But its easier to justify to investors who salivate over "convenience" and "efficiency" and such.
Also, as a father of children... don’t get me started on public facilities where the only change tables is the the ladies room. That is just upsetting.
This was a while ago, but I stumbled across the photos I took and had the share.
This is a perfect example of poor washroom design. This is a _family_ washroom, separate from the big public washrooms with stalls. And the change table is installed behind the door.
The paper towel dispenser got the place where the change table should have been. And even at that... with the sink being to the right of the change table, the paper towels would have been better there.
There is no excuse for this.
One of this collections on this database is 1.8 GB on disk. Even on my macbook pro it took 30 minutes to restore the index on that collection.
Took the time to test-restore the backup for a Mongo database I manage.
Now I have the peace of mind that I actually have real backups that work.
You know a technical book can be trusted as a resource when they reference XKCD comics in the footnotes.
The "Site Reliability Engineering" (multiple authors from Google) book is so full of interesting insights that I want to highlight every other paragraph. I want to finish it fast, but every page is leaving me deep in thought about ways I want to improve our processes at work.
Just found a half-eaten Banana on top of the Xbox. At 4 and 5, for now my daughters will just get a talking to about food in the living room.
As they get older, this may escalate to robots programmed to protect other electronic devices.
Ethics be damned, they will learn not to set mushy Bananas on machines.
First strawberries of the year! Hope I can get some of them before the birds and squirrels do.
I guess the average person gets to learn why "Security Misconfiguration" is #6 in the OWASP Top 10.
https://www.wired.com/story/facebook-bug-14-million-users-posts-public
I haven't done in meet-up talk since March 2017. Looking forward to this one.
Right now, I'm also taking notes and trying to figure out whether to cut something from my outline for time.
I might just stick it all in the slides and structure them so that I can skip sections if I'm behind pace. I know I can do "side tracks" in reveal.js... I wonder if Keynote supports that.
If anyone has good suggestions for things to include that I can't fit in 20 minutes, I can probably fit it in the follow-up blog post I have planned.
I'm working this weekend on a talk for our local developer meetup, DevTricks, titled "Lock Smithing for Web Servers".
The plan is to introduce people in lightning fashion public key crypto, x509 certificates, what's in a key file, and some quick tips on preparing certificates for use by different applications.
Does anyone have suggestions of formats I don't want to miss?
Planned so far: BER/DER, PEM (bundled and individual), PKCS#12, and maybe Java KeyStore.
20 minute talk.
Spent some time this weekend working to automate the billing for any freelance clients I'm handling AWS charges for. Programatic access to AWS billing and usage data is... complicated... to put it mildly.
Concourse CI was flooding my syslog with a ton of traffic, and it doesn't seem to have an option to turn off syslog output.
Redirecting the output to it's own log file makes the situation much more tolerable.
TIL: You can write rules to redirect a program's syslog entries to a more specific log file.
That split I'm talking about from one side of the house to the other is influenced by the fact that our house and the one to the west were built by siblings. So there are windows pointing at each other, and a walkway down the middle with no fences between.
The house on the other side has an almost "back-to-back" layout, where the houses are close together and have few windows on that side. We both have back decks - theirs is sheltered from view by a piece that juts out for their back entrance.
