Angelesen #70

70 Posts already – Wouldn’t have thought that I make it that far. Ok the cadence is a bit slower than I initially thought but if there’s time there’s a release. Started to like the time series blogposts as my bookmarks also get sorted that way. So week-numbers all the way 🙂

Enjoy this weeks installment of random links from traffic simulators over FOSDEM organization topics to phone addiction and more!

Technical FAQ – aleph (docs.alephdata.org)

Can I run Aleph without using Docker?
Can Britain leave the European Union? Yes, it’s possible; but complicated and will probably not make your life better in the way that you’re expecting.

From the documentation of Aleph – Which is a great tool to get an overview over a big set of documents.

Microsimulation of Traffic Flow: Onramp (traffic-simulation.de)

HTML5 implementation of a Traffic simulation – Okay I might have spent a few minutes on this site last week.

Taking FOSDEM online via Matrix (matrix.org)

Firstly, FOSDEM will have its own dedicated Matrix server at fosdem.org (hosted by EMS along with a tonne of Jitsi’s) acting as the social backbone for the event. Matrix is particularly well suited for this, because:

  • We’re an open standard comms protocol with an open network run under a non-profit foundation with loads of open source implementations (including the reference ones): folks can jump on board and participate via their own servers, clients, bridges, bots etc.
  • We provide official bridges through to IRC and XMPP (and most other chat systems), giving as much openness and choice as possible – if folks want to participate via Freenode and XMPP they can!
  • We’re built with large virtual communities in mind (e.g. Mozilla, KDE, Matrix itself) – for instance, we’ve worked a lot on moderation recently.
  • We’ve spent a lot of time improving widgets recently: these give the ability to embed arbitrary webapps into chatrooms – letting you add livestreams, video conferences, schedules, Q&A dashboards etc, augmenting a plain old chatroom into a much richer virtual experience that can hopefully capture the semantics and requirements of an event like FOSDEM.

Looking forward to FOSDEM and how they do it!

hexops/dockerfile: Dockerfile best-practices for writing production-worthy Docker images. (github.com)

Writing production-worthy Dockerfiles is, unfortunately, not as simple as you would imagine

A lot of very good pointers on writing good docker container files.

How to overcome Phone Addiction [Solutions + Research] (cognitiontoday.com)

Let’s first understand what is phone addiction and what counts as excessive phone use. Phone addiction or compulsive phone use goes along-side internet addiction and social media addiction. Psychologists also call it “problematic phone use.” For this post, we will consider them together. Cell-phones are habit-forming – once you go down that rabbit hole, you use more and more.

Very good article with a few mechanisms that can help overcome phone overuse which feels like it gotten a bit a problem for me personally last year.

Protect domains that don’t send email – GOV.UK (gov.uk)

Make sure that domains that do not send email cannot be used for spoofing.

Wonderful guide on how to setup domains that aren’t used. And I’m sure a lot of people have a few of them.

Release Pinecil | Many Bug Fixes | Polish | New Repo Name · Ralim/IronOS (github.com)

New repository name of IronOS from TS100 as this has clearly grown larger than just the TS100

TS100 is now IronOS 🎉 looking forward to the new releases. Which reminds me that I need to update the Firmware of my soldering-iron.

My year in data (samplesize.one)

I wanted to see what happens with my time. I knew I was spending quite a lot of it on social media, but I wasn’t sure how much exactly. I also knew I was working quite a lot and wanted to quantify exactly how much (spoiler alert: not that much). I hoped that keeping track of what I do would help me to identify chunks of time that were being wasted and to turn them into quality time.

❤ was thinking about something like that for a while now. I love the simplicity of building it in just a spreadsheet.

Themed days, Timeboxing and why you should use them. (jamalx31.com)

Before I began using timeboxing, I learned about another technique called Themed days. I decided to combine both to maximize productivity. Themed days are strategically planned days in your calendar, which are entirely dedicated to one single thing or tasks from the same category. While timeboxing is to allocate a certain amount of time to a task in advance and then complete it within that time frame. The idea behind these two techniques is to eliminate context switching or minimize it.

A good approach – I’m currently trying to accomplish something similar. Blocking out meeting-free time to get a bit a better grip on my workweek.

How 30 Lines of Code Blew Up a 27-Ton Generator (wired.com)

At 11:33 am and 23 seconds, the protective relay observed that the generator was perfectly synced. But then its corrupted brain did the opposite of what it was meant to do: It opened a circuit breaker to disconnect the machine.

When the generator was detached from the larger circuit of Idaho National Laboratory’s electrical grid and relieved of the burden of sharing its energy with that vast system, it instantly began to accelerate, spinning faster, like a pack of horses that had been let loose from its carriage. As soon as the protective relay observed that the generator’s rotation had sped up to be fully out of sync with the rest of the grid, its maliciously flipped logic immediately reconnected it to the grid’s machinery.

The moment the diesel generator was again linked to the larger system, it was hit with the wrenching force of every other rotating generator on the grid. All of that equipment pulled the relatively small mass of the diesel generator’s own spinning components back to its original, slower speed to match its neighbors’ frequencies.

Includes a video which is watch worthy!

Angelesen #69

Hi 2021 – Here we go again.

Smartphone USB-C Hack (flipdot.org)

Lustig das ich dem Hacker auf dem RC3 über den Weg gelaufen bin 🙂 Sollte man öfters machen einfach Hardware upgraden 🙂

How AWS Added Apple Mac Mini Nodes to EC2 (servethehome.com)

This is what an x86/ 10GbE Apple Mac Mini looks like in an EC2 rack. One can see that the unit is placed in a sled. Around the Mac Mini are a surprising number of wires being routed through the chassis.

Many of these wires terminate at the front of the sled. Here, we have an AWS Nitro controller. Amazon is now on its fourth generation of Nitro controller after starting the journey years ago.

Interesting insight into the world of DPUs – Also interesting is the fact that the DPU component might be more expensive than the rest of the AWS infrastructure on the sled.

Open Source Stash (opensourcestash.com)

A growing stash of privacy-focused, powerful and secure open-source alternatives for makers, marketers, designers and others.

Europe’s night trains are on track for a resurgence (edition.cnn.com)

Spearheaded by Austria’s ÖBB, in conjunction with Germany’s Deutsche Bahn, France’s SNCF and Swiss Federal Railways, the collaboration will see four new "Nightjet" routes over the next four years. By December 2021, Vienna-Munich-Paris and Zurich-Cologne-Amsterdam will be up and running. Two years later, a Vienna/Berlin to Brussels/Paris will launch. And in December 2024, sleeper trains will start running between Zurich and Barcelona.

Looking forward to this!

Why Is Apple’s M1 Chip So Fast?. Real world experience with the new M1… (debugger.medium.com)

The second long read around the M1 Chip. The very interesting bit is here:

Why can’t Intel and AMD add more instruction decoders? This is where we finally see the revenge of RISC, and where the fact that the M1 Firestorm core has an ARM RISC architecture begins to matter. You see, an x86 instruction can be anywhere from 1–15 bytes long. RISC instructions have fixed length. Every ARM instruction is 4 bytes long. Why is that relevant in this case? Because splitting up a stream of bytes into instructions to feed into eight different decoders in parallel becomes trivial if every instruction has the same length. However, on an x86 CPU, the decoders have no clue where the next instruction starts. It has to actually analyze each instruction in order to see how long it is. The brute force way Intel and AMD deal with this is by simply attempting to decode instructions at every possible starting point. That means x86 chips have to deal with lots of wrong guesses and mistakes which has to be discarded. This creates such a convoluted and complicated decoder stage that it is really hard to add more decoders. But for Apple, it is trivial in comparison to keep adding more. In fact, adding more causes so many other problems that four decoders according to AMD itself is basically an upper limit for them. This is what allows the M1 Firestorm cores to essentially process twice as many instructions as AMD and Intel CPUs at the same clock frequency.

And when you are done with that article head over to this one: What Does RISC and CISC Mean in 2020?

sindresorhus/fast-cli: Test your download and upload speed using fast.com (github.com)

Test your download and upload speed using fast.com

An easy way to check the connection speed from your command line

Time to Say Goodbye to Google Fonts (wicki.io)

“Google Fonts resources will be redownloaded for every website, regardless it being cached on the CDN. Self-host your fonts for better performance. The old performance argument is not valid anymore.”

TIL! There’s no CDN benefit on webfonts anymore. Self-hosting fonts is anyways better 🙂

Amazon owns more than $2B worth of IPV4 addresses (dangoldin.com)

While listening to a podcast discussing BGP I heard the fact that AWS owns more than $2B worth of IP addresses. I knew AWS was massive but this came as a big shock so I decided to do some digging around. I came across a site that listed the market prices of IP addresses and the range looks to be anywhere from $20 to $30 per IP depending on the block size. Now it was time to figure out the IP addresses owned by Amazon. I figured this would be difficult but lucky for us AWS actually publishes their entire set of IP addresses as JSON.

All hoarders!

The Beirut Port Explosion (forensic-architecture.org)

Forensic Architecture was invited by Mada Masr to examine open source information including videos, photographs, and documents to provide a timeline and a precise 3D model to help investigate the events of that day.

Stitching together all videos and finding a common timeline of all videos that have been posted somewhere is nice to see. Also the fact that if all safety regulations would have been adhered to that there would have been no harm to people.

Ryuk in 5 Hours (thedfirreport.com)

The Ryuk threat actors went from a phishing email to domain wide ransomware in 5 hours. They escalated privileges using Zerologon (CVE-2020-1472), less than 2 hours after the initial phish. They used tools such as Cobalt Strike, AdFind, WMI, and PowerShell to accomplish their objective.

From Phish to Pwned in 5 hours … impressive

Get started with 2-minute rule (hoanhan.co)

Whenever you find it hard to get started on a task, consider scaling it down into a 2-minute version. For example,

  • Read a book → Read one page
  • Write an essay → Write one sentence
  • Run 10 miles → Wear my running shoes
  • Do 100 push-ups → Do 1 push up
  • Eat more vegetables → Eat an apple
  • Study for interview → Skim through my notes
  • Build a program → Code a function

A very good reminder on easy goal setting 🙂

A Guy Walks Into an Apple Store (birchtree.me)

Yes, removing the charging brick from each iPhone box will reduce waste, and it will allow Apple to ship more iPhones on fewer planes/trains/trucks. But if you expand your view just a bit, you can really see how none of their other marketing backs up this goal, and in fact runs counter to it. They’ve introduced a new charging method that is going to get lots of people to buy a new charging brick anyway, they’re pushing a wireless charging technology that wastes far more electricity than wired charging, and they have an iPhone Upgrade Program that encourages people to get a new iPhone every 12 months.

A good spin on the "we don’t ship a charger" and then basically forcing people anyways to get a new charger.

Warum die Fallzahlen trotz Masken so stark steigen (scilogs.spektrum.de)

Und zum anderen lässt sich das Problem, wenn denn meine Vermutung korrekt ist, leicht wieder korrigieren. Man beschränkt sich einfach wieder auf ein halbes Dutzend enge Kontakte und unterbindet damit das Superspreading. Das würde schon viel dazu beitragen, die Lage unter Kontrolle zu behalten.

Der Artikel ist zwar schon ein paar Monate alt, jedoch immer noch valide. Wobei Mensch sich derzeit eher auf 3-6 Kontakte halten sollte.

A Short Story for Engineers (userweb.cs.txstate.edu)

And last but not least: Enjoy a short story for engineers

Homeoffice in der Schweiz

Homeoffice ist in der Schweiz wieder stärker verbreitet. So arbeiteten im Dezember im Industriesektor 33 Prozent der Beschäftigten von zu Hause aus, im Dienstleistungssektor waren es 43 Prozent.

Quelle: SRF

¯\_(ツ)_/¯

Wie wir sehen, lernen wir nichts. Es waren “nur” 250 Unternehmen die befragt wurden aber die Situation ist schon ein bisschen Bedrückend wie zähflüssig Homeoffice erlaubt oder umgesetzt wird. Schweizer sind halt auch in der Krise stur.

rC3 recap

Ok the Chaos Communication Congress obviously didn’t happen in person but the remote Chaos experience (rC3) nearly sparked the same feelings. At least I completely lost track of time and days after a while. The 3D-world based on Workadventure, Jitsi and near endless worlds were fun to walk trough and there were so many talks on a lot of stages. Of course not everything went smoothly (or at least not so smooth like a physical event because those feel so frictionless). But if you are interested in the nitty gritty details best check out the Infrastructure Review Session. We even had a remote stage in Zurich at Bitwäscherei which will be reactivated later this year for the Winterkongress which will be an online event but produced locally (#termsandconditionsmayapply)

Following a few talks that I really enjoyed – some disappeared from the overview already sadly – I hope those talks will be back at some point.

Nach der Coronakrise ist mitten in der Klimakrise 🇩🇪

The Elephant In The Background: Empowering Users Against Browser Fingerprinting 🇺🇸🇬🇧

Spot the Surveillance 🇺🇸🇬🇧

Climate Tipping Points 🇺🇸🇬🇧

How to survive in spacecraft 🇺🇸🇬🇧

Very Pwnable Network (VPN) 🇺🇸🇬🇧

1UP – Analoge Rebellion 2.0 🇩🇪

CIA vs. Wikileaks 🇺🇸🇬🇧

Das Assange-Auslieferungsverfahren 🇩🇪

Auch hörenswert das Logbuch Netzpolitik LNP364 zum gleichen Thema

Der netzpolitische Wetterbericht 2020 🇩🇪

als gemeinschaft stark durch krisen 🇩🇪

Inside xHamster 🇩🇪

Über mutierte Viren, tödliche Impfungen und den täglichen Wahnsinn in der Notaufnahme 🇩🇪

Radikale Töchter – Macht kommt von Machen 🇩🇪