Angelesen #45

Howdy y’all! Böse Zungen behaupten, dass ich zwischen August und November ziemlich schwer zu erreichen bin. Tja die #CrazyTime gibt es jedes Jahr. Nach meinem Aufenthalt in Wien ist die USA an der Reihe! Ich bin derzeit gerade in San Francisco, wo die Temperaturen mit 28°C sehr im Rahmen des erträglichen sind! Nachdem ich heute 15km rumgelaufen bin treffe ich noch einige Freunde bevor am Mittwoch das BadCamp beginnt.

The Depression Thing (zachholman.com)

Longread von Zach Homan zum Thema Depressionen.

Die ersten Anzeigen seit der Einführung des Verhüllungsverbots in Österreich (watson.ch)

fassungsloses Kopfschütteln auf das wir in der Schweiz solchen Unfug bachab schicken!

What I Learned From Reading Every Amazon Shareholders Letter (medium.com)

If you’re offered a seat on a rocket ship, don’t ask what seat. Just get on.
Jemand hat sich die Mühe gemacht, sämtliche Shareholder Letters durchzulesen, darunter hat es einige Trouvailen und clevere Schlussfolgerungen

Google is nerfing all Home Minis because mine spied on everything I said 24/7 (androidpolice.com)

What could have possibly gone wrong… uhm wait!

OnePlus OxygenOS built-in analytics (chrisdcmoore.co.uk)

from a development point of view, wanting to know about abnormal reboots seems legitimate – but the screen on/off and unlock activities feel excessive.

Ein Privacy WTF der Extraklasse!

What will programming look like in the future? (highscalability.com)

Right now, limited as we are by human programmers using methods that haven’t changed much in 30 years, software is just nibbling at the world. And that won’t scale. We need more software. A lot more software. And humans are the bottleneck.

Spannender Gedanke zur Zukunft von Software

Changing Lanes: Watch Median Movers & Cone Collectors Rapidly Modify Roads – 99% Invisible (99percentinvisible.org)

Persisting state between AWS EC2 spot instances (peteris.rocks)

Direkt aus der Abteilung für “Amazon AWS Spot Instance”-Hacks

No Justification for Spanish Internet Censorship During Catalonian Referendum (eff.org)

With an extremely narrow range of exceptions, government censorship of the Internet is prohibited by Article 19 of the Universal Declaration of Human Rights, and by Article 10 of the European Convention on Human Rights, both of which guarantee everyone’s right to receive and impart information and ideas regardless of frontiers. The Spanish government’s censorship of online speech during the Catalonian referendum period is so wildly disproportionate and overbroad, that its violation of these instruments seems almost beyond dispute.

Keine Regierung sollte ihren Bürgern jemals vorschreiben was sie im Internet anzusurfen haben. Geschweige denn Seiten in diesem Masse sperren – Basta!

HAProxy vs nginx: Why you should NEVER use nginx for load balancing! (thehftguy.com)

Conclusion: Avoid nginx at all costs

Talking about NGINX as Loadbalancer

GitLab raises $20M Series C round led by GV (techcrunch.com)

Way to go GitLab!

Bluetooth won’t replace the headphone jack (theverge.com)

To improve Bluetooth, platform vendors like Apple and Google are riffing on top of it, and that means they’re building custom solutions. And building custom solutions means they’re taking the opportunity to prioritize their own products, because that is a fair and rational thing for platform vendors to do.

Preach!

The playbook is simple: last year, Apple dropped the headphone jack and replaced it with its W1 system, which is basically a custom controller chip and software management layer for Bluetooth. The exemplary set of W1 headphones is, of course, AirPods, but Apple also owns Beats, and there are a few sets of W1 Beats headphones available as well. You can still use regular Bluetooth headphones with an iPhone, and you can use AirPods as regular Bluetooth headphones, but the combination iPhone / W1 experience is obviously superior to anything else on the market. No one else can make W1 headphones, and obviously no one else can modify iOS to support their own custom wireless Bluetooth riff. So your choices are the four W1 headphones, and then a large market of second-class citizens.

Nicht das Google das unglaublich viel offener Machen würde. Aber der Trend ist eine DRMifizierung von sämtlichen Datenwegen. Gefällt der Musikindustrie und den Premium-Hardware-Herstellern bestimmt ;)

Julian Assange Told Young Catalans What Chat Apps To Use To Avoid Spanish Authorities (buzzfeed.com)

Tracking police activity was one of the largest priorities for the Catalan activists on the day of the vote. A user-generated map quickly started getting shared around. “There was a map, a Google map, with points where the police had been and you could see different colors. I don’t know who made it,” Rosique said.

Crowd-gesourctes Riot Management, Mobilisierung über End-to-End verschlüsselte Dienste wie Whatsapp/Signal/Telegram. Wow!

And now everyone : Use Tor, Use Signal

Deutsche Bank makes its computer code publicly available for the first time – Newsroom (db.com)

Opensource FTW!

Band uses delay from Facebook Live to loop a song and it’s incredible (mashable.com)

Ein Video zur Abwechslung

Personal Power Plant projects (sunboxlabs.com)

sunboxlabs is a platform for sharing DIY solar projects. learn, share, build.

Zusammenfassung von verschiedenen Solarprojekten.

UK gives WhatsApp another spanking over e2e crypto (techcrunch.com)

So Rudd’s views on e2e crypto — and her apparent willingness to continue to misunderstand how technologies work — should worry us all.

Guter Artikel zur End-To-End Crypto Diskussion in den UK. Wetten, dass Natasha beim schreiben des Beitrags viel Spass hatte!

No Bitcoin-based protocol can handle more than 20M users per month (runeksvendsen.github.io)

Titel sagt alles ;)

DrupalCon Vienna – Stories and thoughts on Drupal Hosting — stories.amazee.io (stories.amazee.io)

In Eigener Sache : Ich habe drüben auf unserem Firmenblog über die DrupalCon geschrieben.

Angelesen #44

Da wären wir wieder :) Nachdem auch Karin wieder begonnen hat Ihre Sunday Dishes zu kuratieren, gibt mir das doch ein bisschen antrieb selbst in die Tasten zu hauen. Und so wie ich gehört habe schätzen einige meine Zusammenstellung.

Here we go again!

Aish Raj Dahal – Chaos management during a major incident (youtube.com)

No software system on the planet is today fully failure-resistant. Given this, it becomes crucial for software teams to be able to deal with major production incidents in a nimble way. However, just as complex systems fail, responding to a major system outage is a painful operational exercise that may at times require multiple stakeholders to work together. In this talk, Aish discusses how to efficiently deal with the human element, when complex systems fail.

Good talk on chaos management during an incident

The iPhone X is the Beginning of the End for Phones (thinkgrowth.org)

Do you want a black rectangle or a white one? A slightly bigger rectangle or a thinner rectangle? The rectangle with a camera bump or without it?

this is so true ;)

When was the last time you bought a new laptop? Chances are you’re reading this on something you bought four or five years ago. The same is happening to phones right now and the iPhone X is likely the last device that will matter in the category.

As “Phones” (read PocketDatacenters) become vastly powerful the need of getting a new one every year drops.

adafruit industries on Twitter: “looks like there is some news @adafruit about @RadioShack … photo by @CollinMel https://t.co/Z2WqsKyF73 https://t.co/GmdMnRI6LJ” (twitter.com)

Adafruit aquired Radioshack!

The Pixel’s missing headphone jack proves Apple was right (theverge.com)

Apple’s bet in removing the headphone jack was that we could stomach some short-term inconvenience for the longer-term benefits of freeing up valuable real estate inside the phone. It was a calculated risk, intended in part to also force the development of better wireless and digital gear by headphone makers.

Sadly Bluetooth microphone quality still sucks ;)

The Ridiculous Amount of Energy It Takes to Run Bitcoin (spectrum.ieee.org)

It uses an absolutely stunning amount of power. The ever-expanding racks of processors used by miners already consume as much electricity as a small city. It’s a problem that experts say is bad and getting worse.

My biggest point of criticism on bitcoin. The amount of energy burned for “nothing”

90,000 Guns But No Gun-Related Crimes (grapevine.is)

“My dad had guns and hunted. So guns were always around when I was a boy,” says gun owner and hunting enthusiast Árni Leósson. “When I got older I got really into fly-fishing and from there I got interested in hunting but to do that I had to get my own guns. It was just pragmatism and I think the reason gun crime is so alien in Iceland is the ‘gun culture.’ In Iceland guns are for practical things like hunting and not for protection. We have the police for that.”

Let’s talk about guns. Example: Iceland

How Microsoft become a destination for a new generation of open-source developers (geekwire.com)

The new developer advocate role at Microsoft appears to be less about forcing Microsoft technology down people’s throats and more about meeting them where they are, identifying promising open-source cloud projects and helping out in whatever capacity makes the most sense. Sure, the goal is to still convince them that Azure is the best place for their workloads, but more in the sense of understanding what cutting-edge developers want and working to provide those services in Azure.

Way to go Microsoft!

How to lose $8k worth of bitcoin in 15 minutes with Verizon and Coinbase.com (medium.com)

The main thing that struck me by the hack was the extraction speed possible in the current cryptocurrency ecosystem. $8,000 in 15 minutes is faster and more lucrative than robbing a suburban bank.

Ouch

Why working from home should be standard practice (ideas.ted.com)

One or two days a week is probably the ideal amount of time to work from home, suggests Bloom. “You don’t want to go much higher because you risk jeopardizing the cohesion of your team.” As companies compete to hire and retain the best employees, being able to offer the option to work from home can sweeten the deal. “The need to go into a workplace five days a week started because people had to go to a factory and make products,” he says. “But companies that still treat employees like that are increasingly finding themselves at a disadvantage.”

A good work from home read

Remote Work Doesn’t Scale … or Does It? (hackernoon.com)

Collaboration here looks like ad-hoc video conferences, pair programming, Google doc riffing, and 40,000 Slack messages a week for the 200 members in our Slack team.

Welcome to my world!

Even This Data Guru Is Creeped Out By What Anonymous Location Data Reveals About Us (fastcompany.com)

Stell dir vor, es ist Krieg und keiner merkts (dasmagazin.ch)

In einem Cyberkrieg geht es erst einmal nicht um Territorialgewinne oder Rohstoffe, sondern um die digitale Infrastruktur und die Deutungshoheit über Informationen. Man will das gegnerische Land nicht physisch angreifen, man will es destabilisieren. Es ist ein Angriff auf den Glauben der Bevölkerung an die eigene Regierung, auf alles, was ein Land am Laufen hält; ein Angriff auf die Möglichkeit, Fakten von Fiktionen zu unterscheiden.

Guter Artikel über den Informationskrieg.

Angelesen #43

Und wieder zurück nach Zürich. Nach einer Woche in Wien an der DrupalCon bin ich gerade mal für 2 Wochen zurück. Die kuratierten Links als Mischung zwischen Monitoring und Security :)

Alibaba is leading a $27M investment in open source database startup MariaDB | TechCrunch (techcrunch.com)

The Chinese e-commerce giant has agreed to lead a €22.9 million ($27 million) investment in MariaDB, the European company behind one of the web’s most popular open source database servers, according to a source with knowledge of negotiations. The deal has not closed yet, but it is imminent after MariaDB’s shareholders gave their approval this week.

Happy that others also see the value of MariaDB :) Way to go!

Microsoft Makes it Official: Becomes Sponsor of Open Source Initiative (opensource.org)

After years of increasing involvement and engagement in open source software projects and communities, Microsoft takes what may be their most dramatic step, joining the home of the open source software movement.

Ich hab es vor ein paar Tagen während einem Talk erwähnt. Microsoft ist unterdessen ein ziemlich grosser Player im OpenSource Markt.

High Sierra automatically checks EFI firmware each week (eclecticlight.co)

The new utility eficheck, located in /usr/libexec/firmwarecheckers/eficheck, runs automatically once a week. It checks that Mac’s firmware against Apple’s database of what is known to be good. If it passes, you will see nothing of this, but if there are discrepancies, you will be invited to send a report to Apple, with the following dialog.

Automatische Sicherheitsprüfung der Firmware. Tolle Sache!

201708 SRECon EMEA 2017- Monitoring Cloudflare’s planet-scale edge network with Prometheus.pdf (drive.google.com)

Monitoring #1 – Monitoring at Cloudflare with Prometheus

Practical Services Monitoring with Prometheus and Docker (airtame.engineering)

Monitoring #2 – Monitoring at Airtame with Prometheus and Docker

opencfp/opencfp (github.com)

Repo for OpenCFP project, a PHP-based conference talk submission system

Yes endlich was gefunden um anständige Call for Papers durchzuführen.

xkcd: USB Cables (m.xkcd.com)

Meine Beziehung zu USB Kabeln

The Future of HHVM (hhvm.com)

Our next LTS release, 3.24, will be cut about four months from now and will receive support for one year thereafter. It will also be the last HHVM release that commits to PHP5 support. This aligns with PHP’s own timeline of sunsetting PHP5 at the end of 2018.

Bye HHVM!

keraf/NoCoin: No coin is a tiny browser extension aiming to block coin miners such as Coinhive. (github.com)

No coin is a tiny browser extension aiming to block coin miners such as Coinhive.

Nach den In-Browser Coin Minern kommt die Block-Extension :)

The art of over-engineering your side projects (elsyms.com)

Mistake 1 – Project managing
Mistake 2 – Over-architecting infrastructure
Mistake 3 – Worrying about “tech stacks”
Mistake 4 – Creating custom frameworks
Mistake 5 – Continuously delivering nothing

Gute Anhaltspunkte für kleine Nebenprojektchen :)

The Web in 2050 (jacquesmattheij.com)

H/T to Habi!

Keep Calm and Carry On – Scaling Your Org with Microservices (bridgetkromhout.com)

Ask people about their experience rolling out microservices, and one theme dominates: engineering is the easy part, people are super hard! Everybody knows about Conway’s Law, everybody knows they need to make changes to their organization to support a different product model, but what are those changes? How do you know if you’re succeeding or failing, if people are struggling and miserable or just experiencing the discomfort of learning new skills? We’ll talk through real stories of pain and grief as people modernize their team and their stack.

Fantastic talk from two of my favourite speakers!

Wir zerstören die Erde und niemand unternimmt etwas dagegen. (sz-magazin.sueddeutsche.de)

Urlaub war uns wichtiger als eure Zukunft, sorry

Bam. Das kann man so einfach mal Sacken lassen.

When it comes to internet privacy, be very afraid, analyst suggests (news.harvard.edu)

SCHNEIER: Snowden’s revelations made people aware of what was happening, but little changed as a result. The USA Freedom Act resulted in some minor changes in one particular government data-collection program. The NSA’s data collection hasn’t changed; the laws limiting what the NSA can do haven’t changed; the technology that permits them to do it hasn’t changed. It’s pretty much the same.

Bruce Schneiers Aussagen sprechen Bände.

The Land of Many Captchas (github.com)

There are certain things I cannot do over Tor, either due to my mistrust in exit nodes or by being blocked by certain services. A VPN could be used to evade Tor bans, but those present other potential issues (and I still don’t trust them for extremely sensitive tasks).

If you can live with captchas, annoying as they are, 95% of the captcha’d world can be accessed. The 5% is to account for when sites place their CSS/JS assets behind CloudFlare without whitelisting Tor.

I think I’ll extend this experiment by one more week. Chances are, I’ll keep extending indefinitely.

Deckt sich etwa mit meinen TOR Erfahrungen.

Digital Security Tips for Protesters (eff.org)

  1. Enable full-disk encryption on your device
  2. Remove fingerprint unlock
  3. Take photos and videos without unlocking your device
  4. Install Signal
  5. Read our Surveillance Self Defense (SSD) guide for street-level protests
  6. Use a prepaid, disposable phone
  7. Back up your data
  8. Consider biking or walking to the protest
  9. Enable airplane mode
  10. Organizers: Consider alternatives to Facebook and Twitter

5 und 8 sind Amerikanismen

Den Rest kann ich uneingeschränkt auch für den Peter Muster und Petra Schweizer empfehlen. An Demos nimmt man jedoch am besten kein Mobiltelefon mit – Just sayin.

Angelesen #42

Da wären wir mal wieder. Nach einer Fahrt im Nachtzug von Zürich nach Wien gibt es mal wieder ein paar Links.

Large Pose 3D Face Reconstruction from a Single Image via Direct Volumetric CNN Regression (github.com)

mindblown.gif

H A R V E S T (julianoliver.com)

HARVEST is a work of critical engineering and computational climate art. It uses wind-energy to mine cryptocurrency, the earnings of which are used as a source of funding for climate-change research.

me likes!

Why you shouldn’t unlock your phone with your face (medium.freecodecamp.org)

Numeric Passcodes: hard to guess, easy to change, and legally protected

Gutes Stück über Biometric-Security.

Google Online Security Blog: Chrome’s Plan to Distrust Symantec Certificates (security.googleblog.com)

Und Google killt die Symantec Zertifikate!

Chrome will no longer autoplay content with sound in January 2018 (venturebeat.com)

Google today announced Chrome is going to war with autoplay. Starting next year, Chrome will only autoplay a given piece of content when the media won’t play sound or the user has indicated an interest in the media.

Finally! Nach dem Ad-Blocker Krieg kommt der Autoplay Krieg!

Troy Hunt: Face ID, Touch ID, No ID, PINs and Pragmatic Security (troyhunt.com)

There’s the risk of being physically compelled to unlock the phone, but of course Touch ID poses the same risk.

Biometric Security #1

An mir geht die AHV komplett vorbei (tagesanzeiger.ch)

Es fällt mir schon schwer, ein halbes Jahr in die Zukunft zu planen, das Jahr 2054 liegt für mich hinter dem Mond. Mich interessiert vor allem die Gegenwart. Das hat nichts mit Faulheit oder Ignoranz zu tun, sondern mit Dankbarkeit für das, was jetzt ist. Man kann fehlende Weitsicht monieren, aber vermutlich ist es wie mit den Augen: Kurzsichtige sehen dafür das Nahe scharf.

Interessantes Stück zum heutigen Abstimmungssonntag.

ZIPPELIN: An inflatable, one-of-a-kind travel bag by FREITAG lab (kickstarter.com)

Freitag goes Crowdfunding

mattiasgeniar/http-flooder (github.com)

An experiment using goroutines and channels to create a simple HTTP flooder. Mixes GET, POST, PUT, PATCH, … to one baseline URL.

Loadtesting #1

Goad (goad.io)

Goad is an AWS Lambda powered, highly distributed, load testing tool built in Go
Loadtesting #2