Angelesen #54

Also irgendwie brauchte ich einen Moment, um nach den upgrade zu WordPress 5 wieder einen Workflow hinzubiegen, der mir Markdown erlaubte. Nun läuft das Ganze aber wieder. Aber der neue Gutenberg Editor in WordPress macht halt irgendwie schon ganz ordentlich Spass, wenn man sich mal daran gewöhnt hat.

Dunedan/mbp-2016-linux: State of Linux on the MacBook Pro 2016 & 2017 (github.com)

State of Linux on the MacBook Pro 2016 & 2017

Back to the 90ies… nachdem ich vor dem 35C3 versucht habe "nur mal eben kurz" mein zweit Notebook mit Linux zu bestücken und schlussendlich nicht mal die Tastatur funktionierte habe ich im Januar nochmal eine Stunde in die Problematik versenkt… Als dann mein uralter Wifi Dongle besser schlussendlich funktionierte als das verbaute WifiModul habe ich kurz einen Ragequit gemacht. -_-

Make a web frame with Raspberry Pi in 30 minutes (balena.io)

interesting 🙂

Privacy-Handbuch (privacy-handbuch.de)

Spannende Lektüre zum spurenarmen Surfen.

Ne0nd0g/merlin: Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. (github.com)

jessebye/awser: A cool little tool to SSH to EC2 instances using their names (github.com)

Neat! EC2 instance autocompletion!

New malware pulls its instructions from code hidden in memes posted to Twitter (techcrunch.com)

Trend Micro said in a blog post that the malware listens for commands from a Twitter account run by the malware operator. The researchers found two tweets that used steganography to hide “/print” commands in the meme images, which told the malware to take a screenshot of an infected computer. The malware then separately obtains the address where its command and control server is located from a Pastebin post, which directs the malware where to send the screenshots — 10/10 points for creativity, that’s for sure.

Next level things!

Bridget Kromhout | tl;dr: your talk is accepted (bridgetkromhout.com)

Bridget schreibt über die Speaker Infomails die sie für die DevOpsDays verschickt. Sehr genial!

We all <3 Terminals. – Terminals Are Sexy (terminalsare.sexy)

A curated list of Terminal frameworks, plugins & resources for CLI lovers.

Und noch ein Video das ich gemocht habe:

Angelesen #53

And here we are again. The past few months were pretty intense but interesting – A few conferences, side projects and yes a TEDxBern went smoothly by. Oh yes and I spent quite some times in the mountains thats why it was quite silent here (if you’re with me since a while you know this happens every once in a while.)

On Cash (tbray.org)

Rout­ing ev­ery­thing through my cred­it card is feed­ing the glob­al pay­ments cartel, who ex­tract a tar­iff mea­sured in freak­ing dol­lars for al­most ev­ery rou­tine trans­ac­tion. I’ve seen so many great busi­ness plans go beg­ging be­cause they could have done some­thing won­der­ful in the world if you could on­ly do mi­cro­pay­ments, which you can’t, did I men­tion that car­tel that ba­si­cal­ly has it locked up and tied down?

Goodread on cash 🙂

4G Mobiltelefon – MP02 (punkt.ch)

Wenn es Zeit ist, online zu gehen, kann die 4G LTE-Verbindung des MP 02 mit einem Tablet/Laptop geteilt werden – das bedeutet eine leichtere Eingabe als beim Smartphone und einen größeren Bildschirm. Dieser Zwei-Geräte-Ansatz bedeutet, dass das Internet etwas ist, in das Sie eintauchen, und nicht umgekehrt.

Finally! A Dumbphone with 4G wifi capability.

IRL Glasses Block All the Screens Around You (wired.com)

Originally, they prototyped the glasses using the Casper film stuck onto regular lenses. But they later realized that any polarized lens rotated 90 degrees and flattened could produce the same screen-blocking effect. Right now, their lenses can block light emitted from LCD and LED screens, but not OLED screens. That means they tune out most televisions and some computers, but not the newer crop of smartphones like the OLED-packing iPhones.

Love the idea!

Balancing Engineering and Support (stories.amazee.io)

The schedule we currently operate on is two weeks of support and two weeks of engineering. It’s not a completely pure system, of course, you might get pulled into support when you are on an engineering sprint but there is an expectation that you can and should have time to build, to innovate, and to unplug if necessary to do it.

A few insights from Tyler how we handle engineering and support at amazee.io

12 Factor CLI Apps (medium.com)

At Heroku, we’ve come up with a methodology called the 12 factor app. It’s a set of principles designed to make great web applications that are easy to maintain. In that spirit, here are 12 CLI factors to keep in mind when building your next CLI application. Following these principles will offer CLI UX that users will love.

We’ve also built a CLI framework called oclif that is designed to follow these principles to build great CLIs in Node.

Interesting approaches for people building CLI apps.

Delaying Further Symantec TLS Certificate Distrust (blog.mozilla.org)

Unfortunately, because so many sites have not yet taken action, moving this change from Firefox 63 Nightly into Beta would impact a significant number of our users. It is unfortunate that so many website operators have waited to update their certificates, especially given that DigiCert is providing replacements for free.

We prioritize the safety of our users and recognize the additional risk caused by a delay in the implementation of the distrust plan. However, given the current situation, we believe that delaying the release of this change until later this year when more sites have replaced their Symantec TLS certificates is in the overall best interest of our users. This change will remain enabled in Nightly, and we plan to enable it in Firefox 64 Beta when it ships in mid-October.

Change takes time… an awful lot of it

Schweizer Steuer-App speicherte alle Daten öffentlich in der Cloud (heise.de)

Zwar schon älter aber der Facepalm hallt nach. 🤦

How Will Climate Change Affect Politics? (theatlantic.com)

Day Zero is still hypothetical, but Cape Town’s reality will soon impact many global cities, where water will become a constant concern, and democracy will become contingent upon the taps.

A good read on climate change and how it will affect politics.

Build a better Bookshelf (huytd.github.io)

Step 1: Install any document scanning app on your phone
Step 2: Scan all the index pages and table of contents in all of your books
Step 3: Send it to whatever software you’re using that has OCR feature
Step 4: Now you can search your books digitally

Great Idea!

CLI: improved (remysharp.com)

Remy has a few nice changes he implemented on his shell.. 🙂

I fell for prettyping

GovCMS coming of age (lilengine.co)

The Lagoon product does push us to the very limits of what can be realistically open sourced and free of vendor lock-in. So what would it take a government organisation to run/roll their own Lagoon?

<3 I love feedback like this on our open source project!

Drupal HackCamp 🇷🇴 How open source helps you prevent the next Drupalgeddon

When Adrian from Softescu reached out to me it was the first time i heard about the Drupal HackCamp. A whole camp focused on security – SURE!

I’ll write more about the camp later. Let’s start with my slides here first!

Slides

Conclusions

  • Web Application Firewalls buy you time till you update your site
  • Update your core and modules regularly (at least the critical Modules)
  • Automate your processes! Sometimes you only have a couple of hours till attacks roll in.
  • Have several layers of security – It will pay out in the long run
  • It’s not humans that exploit your site – It’s bots
  • We should come up with a better naming than shouting Drupalgeddon 😉

Resources

There are many many resources linked directly in the talk but I’ll highlight a few here:

Angelesen #52 – GDPR, remote work and wireguard

After a slightly longer weekend (bank holidays are a fabulous thing) – Back in action! This week is fueled by a few GDPR/DSGVO articles.

fridge 0.1 (joeyh.name)

How about a fridge powered entirely by solar panels without the powerwall? Zero battery use, and yet it still preserves your food.

That’s much cooler, because batteries, even hyped ones like the powerwall, are expensive and innefficient and have limited cycles. Solar panels are cheap and efficient now. With enough solar panels that the fridge has power to cool down most days (even cloudy days), and a smart enough control system, the fridge itself becomes the battery — a cold battery.

Interesting experiment with Solarpower and a Fridge!

The Amish understand a life-changing truth about technology the rest of us don’t (qz.com)

The reason the Amish rejected television is because it is a one-way conduit to bring another society into their living rooms. And they want to maintain the society as they have created it. And the automobile as well. As soon as you have a car, your ability to leave your local community becomes significantly easier.

Good (Anti)Technology Longread

DSGVO – häufig gestellte Fragen, häufig verbreitete Mythen › Jan Philipp Albrecht (janalbrecht.eu)

GDPR #0: DSGVO-Panik

A 2-Year Stanford Study Shows the Astonishing Productivity Boost of Working From Home (thriveglobal.com)

I feel I’m consistently at the most productive I’ve ever been in my entire life. My morning commute is a seven-second walk to my study and I actually start working far earlier than I did in the corporate world.

While I make it a point to not work any later than I did at a corporate office, I’m working more deeply with far fewer breaks in concentration. I quite often “get on a roll” that lasts four-plus hours at a time. I can’t remember the last such streak working in an office.

Surprised, much?

Kubernetes Gardener (gardener.cloud)

Many Open Source tools exist which help in creating and updating single Kubernetes clusters. However, the more clusters you need the harder it becomes to operate, monitor, manage and keep all of them alive and up-to-date. And that is exactly what project Gardener focuses on.

Looks interesting

Intel Shows Xeon Scalable Gold 6138P with Integrated FPGA, Shipping to Vendors (anandtech.com)

A CPU partnered with an FPGA. Hello Future!

We Made a Tool So You Can Hear Both Yanny and Laurel (nytimes.com)

We built a tool to gradually accentuate different frequencies in the original audio clip. Which word or name do you hear, and how far do you have to move the slider to hear the other? (The slider’s center point represents the original recording.)

I’m still left confused hearing two things at the same time…

John Byrd’s answer to What is the most sophisticated piece of software/code ever written? (quora.com)

You would never expect that all those problems were caused by a computer worm, the most devious and intelligent computer worm in history, written by some incredibly secret team with unlimited money and unlimited resources, designed with exactly one purpose in mind: to sneak past every known digital defense, and to destroy your country’s nuclear bomb program, all without getting caught.

A good writeup on Stuxnet 🙂

WordPress 4.9.6 Privacy and Maintenance Release (wordpress.org)

GDPR #1 – WordPress comes with new features!

  • Data Export
  • Data Erasure

Introducing Git protocol version 2 (opensource.googleblog.com)

We recently rolled out support for protocol version 2 at Google and have seen a performance improvement of 3x for no-op fetches of a single branch on repositories containing 500k references. Protocol v2 has also enabled a reduction of 8x of the overhead bytes (non-packfile) sent from googlesource.com servers. A majority of this improvement is due to filtering references advertised by the server to the refs the client has expressed interest in.

New stuff comes to git!

There Will Be WireGuard (latacora.singles)

TL;DR

[NEW] WireGuard for macOS
You can install wg-quick, wg, and wireguard-go using Homebrew. Then you should
be able to run wg-quick up whatever and familiar commands as you’re used to.
If you’re setting up a network manually, you can run wireguard-go utun3 in
place of the usual Linux command ip link add utun3 dev wireguard. Install
with the Homebrew command:
$ brew install wireguard-tools

Completely Silent Computer (tp69.wordpress.com)

I’ve been trying to make my computers quieter for nearly three decades. Custom liquid cooling loops, magnetically-stabilised fluid-dynamic bearings, acoustic dampeners, silicone shock absorbers, you name it. Well, last week I finally managed to build a completely silent computer

Nice! Back when i had those towered confusers at home i tried (and often failed) to make them dead silent. But atleast they were silent enough to sleep next to them (25-30 dBA)

🎥 Iron Man Becoming Real (youtube.com)

Intersting talk on a Jetengine driven suit 😀

A Dark Time for Data: WHOIS Blackout Period Likely Starting in May (cooley.com)

ICANN plans to settle on a final model by the GDPR enforcement date of May 25, at which point it will likely place all of the currently available WHOIS data behind a wall where it will no longer be accessible by the public. This “WHOIS blackout” period will last at least six months until ICANN likely implements its accreditation mechanism to allow third parties to access this “walled” data.

GDBR #2 – Whois!

The headers we don’t want (fastly.com)

At the same time, there are lots of headers that are hugely popular but aren’t new and aren’t actually all that useful

Good Article on the importance and un-importance of some headers that are blasted trough the net.

Mein erster DSGVO Rant – Zu viele Mythen und gefährliches Halbwissen zum neuen europäischen Datenschutzrecht (rechtzweinull.de)

GDPR #3 – Take whatever

Charlotte Roche: Verlasst die Städte! (sz-magazin.sueddeutsche.de)

Im Wald triffst du keine anderen Menschen, die dir voll auf den Sack gehen, und bist nicht gezwungen, Plakate zu lesen, Werbung in deinen Kopf zu lassen und anschließend bei Amazon einzukaufen. Die Natur will dir nichts verkaufen. Du sollst nur sein, im Hier und Jetzt. Glücklich.

Anti-Tech Beitrag #2 😉