blog.dasrecht.net

With a min of max the opt!

Angelesen #43


Und wieder zurück nach Zürich. Nach einer Woche in Wien an der DrupalCon bin ich gerade mal für 2 Wochen zurück. Die kuratierten Links als Mischung zwischen Monitoring und Security 🙂

Alibaba is leading a $27M investment in open source database startup MariaDB | TechCrunch (techcrunch.com)

The Chinese e-commerce giant has agreed to lead a €22.9 million ($27 million) investment in MariaDB, the European company behind one of the web’s most popular open source database servers, according to a source with knowledge of negotiations. The deal has not closed yet, but it is imminent after MariaDB’s shareholders gave their approval this week.

Happy that others also see the value of MariaDB 🙂 Way to go!

Microsoft Makes it Official: Becomes Sponsor of Open Source Initiative (opensource.org)

After years of increasing involvement and engagement in open source software projects and communities, Microsoft takes what may be their most dramatic step, joining the home of the open source software movement.

Ich hab es vor ein paar Tagen während einem Talk erwähnt. Microsoft ist unterdessen ein ziemlich grosser Player im OpenSource Markt.

High Sierra automatically checks EFI firmware each week (eclecticlight.co)

The new utility eficheck, located in /usr/libexec/firmwarecheckers/eficheck, runs automatically once a week. It checks that Mac’s firmware against Apple’s database of what is known to be good. If it passes, you will see nothing of this, but if there are discrepancies, you will be invited to send a report to Apple, with the following dialog.

Automatische Sicherheitsprüfung der Firmware. Tolle Sache!

201708 SRECon EMEA 2017- Monitoring Cloudflare’s planet-scale edge network with Prometheus.pdf (drive.google.com)

Monitoring #1 – Monitoring at Cloudflare with Prometheus

Practical Services Monitoring with Prometheus and Docker (airtame.engineering)

Monitoring #2 – Monitoring at Airtame with Prometheus and Docker

opencfp/opencfp (github.com)

Repo for OpenCFP project, a PHP-based conference talk submission system

Yes endlich was gefunden um anständige Call for Papers durchzuführen.

xkcd: USB Cables (m.xkcd.com)

Meine Beziehung zu USB Kabeln

The Future of HHVM (hhvm.com)

Our next LTS release, 3.24, will be cut about four months from now and will receive support for one year thereafter. It will also be the last HHVM release that commits to PHP5 support. This aligns with PHP’s own timeline of sunsetting PHP5 at the end of 2018.

Bye HHVM!

keraf/NoCoin: No coin is a tiny browser extension aiming to block coin miners such as Coinhive. (github.com)

No coin is a tiny browser extension aiming to block coin miners such as Coinhive.

Nach den In-Browser Coin Minern kommt die Block-Extension 🙂

The art of over-engineering your side projects (elsyms.com)

Mistake 1 – Project managing
Mistake 2 – Over-architecting infrastructure
Mistake 3 – Worrying about “tech stacks”
Mistake 4 – Creating custom frameworks
Mistake 5 – Continuously delivering nothing

Gute Anhaltspunkte für kleine Nebenprojektchen 🙂

The Web in 2050 (jacquesmattheij.com)

H/T to Habi!

Keep Calm and Carry On – Scaling Your Org with Microservices (bridgetkromhout.com)

Ask people about their experience rolling out microservices, and one theme dominates: engineering is the easy part, people are super hard! Everybody knows about Conway’s Law, everybody knows they need to make changes to their organization to support a different product model, but what are those changes? How do you know if you’re succeeding or failing, if people are struggling and miserable or just experiencing the discomfort of learning new skills? We’ll talk through real stories of pain and grief as people modernize their team and their stack.

Fantastic talk from two of my favourite speakers!

Wir zerstören die Erde und niemand unternimmt etwas dagegen. (sz-magazin.sueddeutsche.de)

Urlaub war uns wichtiger als eure Zukunft, sorry

Bam. Das kann man so einfach mal Sacken lassen.

When it comes to internet privacy, be very afraid, analyst suggests (news.harvard.edu)

SCHNEIER: Snowden’s revelations made people aware of what was happening, but little changed as a result. The USA Freedom Act resulted in some minor changes in one particular government data-collection program. The NSA’s data collection hasn’t changed; the laws limiting what the NSA can do haven’t changed; the technology that permits them to do it hasn’t changed. It’s pretty much the same.

Bruce Schneiers Aussagen sprechen Bände.

The Land of Many Captchas (github.com)

There are certain things I cannot do over Tor, either due to my mistrust in exit nodes or by being blocked by certain services. A VPN could be used to evade Tor bans, but those present other potential issues (and I still don’t trust them for extremely sensitive tasks).

If you can live with captchas, annoying as they are, 95% of the captcha’d world can be accessed. The 5% is to account for when sites place their CSS/JS assets behind CloudFlare without whitelisting Tor.

I think I’ll extend this experiment by one more week. Chances are, I’ll keep extending indefinitely.

Deckt sich etwa mit meinen TOR Erfahrungen.

Digital Security Tips for Protesters (eff.org)

  1. Enable full-disk encryption on your device
  2. Remove fingerprint unlock
  3. Take photos and videos without unlocking your device
  4. Install Signal
  5. Read our Surveillance Self Defense (SSD) guide for street-level protests
  6. Use a prepaid, disposable phone
  7. Back up your data
  8. Consider biking or walking to the protest
  9. Enable airplane mode
  10. Organizers: Consider alternatives to Facebook and Twitter

5 und 8 sind Amerikanismen

Den Rest kann ich uneingeschränkt auch für den Peter Muster und Petra Schweizer empfehlen. An Demos nimmt man jedoch am besten kein Mobiltelefon mit – Just sayin.