Angelesen #76

Here we go again, a week with a lot of Cookie-related fun (and games). It’s also good to check recommended Readings of Habi every once in a while (with many WhatsApp related articles) and obviously also Tobru, which releases his newsletter like clockwork! Anyways, enjoy the weekend!

Cookie Consent Speed.Run (cookieconsentspeed.run)

Since GDPR came into our lives, we’ve all had to struggle with obtaining our basic privacy rights. With each cookie banner we have all been honing our skills, learning to navigate ambiguous options and distrust obvious buttons.

This is great! I failed miserably!

H/T Dan

I don’t care about cookies 3.2.9 (i-dont-care-about-cookies.eu)

This browser extension removes cookie warnings from almost all websites and saves you thousands of unnecessary clicks!

Will give that a try for a few weeks and see how it works.

Signal on Twitter (twitter.com)

Signal registrations are through the roof; welcome everyone! Solidarity to the folks working on the WhatsApp outage. People outside of the tech industry will never understand how weird it sounds when someone says that they are "looking forward to some weekend downtime.

Use Signal, Use Tor.

Radikal für Delfine: Wie weit geht Sea Shepherd? (youtube.com)

30 Minuten die Mensch sich gönnen darf. Und gegebenenfalls auch kurz eine Spende bei Sea Shepperd lassen 🙂

Tinder will soon let you run a background check on a potential date through Garbo (theverge.com)

Somehow yes, but also a hard no on this.

Toronto swaps Google-backed, not-so-smart city plans for people-centred vision (theguardian.com)

Sidewalk Labs pledged to make Toronto one of the world’s first “smart” cities. But skeptics saw a darker side, which included thousands of cameras monitoring streets, storefronts and parks, and harvesting data on the smallest movements.

Now, Canada’s largest city is moving towards a new vision of the future, in which affordability, sustainability and environmentally friendly design are prioritized over the trappings of new and often untested technologies.

Glad to see that Toronto goes not all in "smart-city" as France did with their Safe City approach – see Technopolice: calling out so-called "Safe Cities"

What Remote Work Really Does To Your Engineering Productivity (okayhq.com)

Flexible hours can easily become an imposition. If you assume your engineers will set their own hours, employees with more seniority or status will implicitly dictate everyone else’s activities.

M.2 on a Raspberry Pi – the TOFU Compute Module 4 Carrier Board (jeffgeerling.com)

Now, a single x1 lane at gen 2 speeds tops out around 400 MiB/sec in real-world usage, so many NVMe drives are still underpowered connected to the Pi, but as you’ll see in a bit, a cheap KingSpec SSD was 3x faster for random IO than a similar SSD plugged in via USB 3.0.

Seeing the Compute Module 4 and all the work Jeff puts in to play around with it and find creative ways makes me wonder if the next iteration will be a compute module for my Infrastructure.

self-hosting git; or, how git servers actually work, and how to keep yours secure (gemini.nytpu.com)

Guiding principles for the forks of Elasticsearch and Kibana – Stepping up: Elasticsearch & Kibana Fork (discuss.opendistrocommunity.dev)

Open source like we mean it. We are invested in this being a successful open source project for the long term. It’s all Apache 2.0. There’s no Contributor License Agreement. Easy.

🎉 That’s what we’re talking about!

H/T Scott

System separation in the Continental Europe Synchronous Area on 8 January 2021 – 2nd update (entsoe.eu)

The system separation resulted in a deficit of power (approx. -6.3 GW) in the North-West Area and a surplus of power (approx. +6.3 GW) in the South-East Area, resulting in turn in a frequency decrease in the North-West Area and a frequency increase in the South-East Area.

A few gotchas from the article.

  • It’s amazing to see the level of fault tolerance the entire system has when it gets out of balance (and 6.3GW is a lot out of balance)
  • A very distributed system with so many companies leads to weeks and weeks of work to find out what exactly went wrong
  • This makes our post-mortem reports look tiny in comparison

The real reason Okta spent $6.5B on Auth0 (supertokens.io)

TL;DR: Increasing addressable market

Auth0 is developer-driven Okta is sales-driven

Getting the market from both sides makes sense for them.

Angelesen #75

Texas electricity firm files for bankruptcy citing $1.8 billion in claims from grid operator (reuters.com)

Brazos and others that committed to provide power to the grid – and could not – were required to buy replacement power at high rates and cover other firms’ unpaid fees.

The grid operator, the Electric Reliability Council of Texas (ERCOT), on Monday said that $2.46 billion in bills went unpaid, underscoring the financial stress on utilities and power marketers. ERCOT acts in part as a clearinghouse, collecting from power buyers and paying those who provide the electrons.

The market will regulate itself…

The Art of Reading More Effectively and Efficiently (aliabdaal.com)

Good approach to reading in general and the different levels of reading books can have.

5G: The outsourced elephant in the room (berthub.eu)

European service providers have however had reasons beyond balance-sheet gymnastics to outsource: we have traditionally not valued (telecommunication) engineering expertise. Instead for years service providers have glorified their marketing and finance departments.

Longread of the week on why it’s hard to achieve sovereignty over 5G infrastructure.

On-Boarding New Employees Remotely (vshn.ch)

Great summary on how to successfully get new employees on-board in an all-remote company.

How often should I rotate my ssh keys? (tailscale.com)

Anyway, back to our original question: how often should I rotate my ssh keys? More often than never! As often as you can. And make sure you retire old keys when you’re done with them.

Good reminder on rotating SSH Keys 🙂

Video shows NYPD’s new robotic dog in action in the Bronx (nypost.com)

They looked much cuter when they were dancing. But now they are cute and policing through the streets. And I can’t get around flashbacks of Black Mirror – Metalhead S4E5

IoTaWatt™ Open WiFi Electric Power Monitor (iotawatt.com)

As a residential whole-house monitor IoTaWatt measures mains, individual circuits, and solar. Any voltage or frequency, single phase or three-phase, with easy installation and configuration. As a standalone unit it saves and displays years of detailed data, while also capable of uploading real-time usage to any of several popular cloud services.

This looks super interesting and not too expensive to get it 🙂

IPO filing: Coinbase Global, Inc. (sec.gov)

IPO Filing: DigitalOcean Holdings, Inc. (sec.gov)

I paid for Spotify playlist placements so you don’t have to (najinsan.wordpress.com)

Paying for Spotify playlist promotion does not relate to an increase in followers. Do not use it if this is your goal.

A few interesting metrics for people in the spotify game.

Angelesen #74

Short and sweet this week with a healthy dose of OpenSource – Enjoy

Unsuccessful versus Successful COVID Strategies (necsi.edu)

I have been working on pandemic outbreaks for 15 years. There is a misunderstanding of the difference between the response in much of the West, versus successful countries (including New Zealand and Australia)

A few Bullet-points that you should read through and gauge where your country stands.

K-9 Mail is looking for funding (k9mail.app)

There is a lot of work that needs doing, both on the app and the project in general. Unfortunately, there are currently not many people around to do it. In the last two years cketti (coincidentally also the author of this post 👋) contributed the largest chunk of work. But there were also a lot of contributions by other people ❤️

Only a few developers working on the project in their spare time wasn’t enough to keep up with the pace of the Android platform. The latest stable K-9 Mail version (5.600) was released in 2018 and barely works on modern Android versions. It’s obvious that the project needs more developer time to be able to catch up.

K-9 is my go-to Mail Client on Android for years. I’ll also donate to the project.

H/T Tobru

Arq 7: Lots More Power – Arq Backup Blog (arqbackup.com)

Arq 7 is here with more power to give you more control over your backups than ever before!

Directly Upgraded to Arq 7 – Looks like the great UI back in Arq 5 with the under-the-hood changes of Arq 6 – And the speed for a full backup is super fast!

WhatsApp to move ahead with privacy update despite backlash (reuters.com)

WhatsApp then moved to delay the new policy launch to May from February and sought to clarify the update was focused on allowing users to message with businesses and would not affect personal conversations, which will continue to have end-to-end encryption.

Goodbye WhatsApp 👋

SimpleLogin | Open-source email alias solution (simplelogin.io)

With email aliases, you can finally create a different identity for each website. Defend against spams, phishing and data breach. Open-source. Made and hosted in EU 🇪🇺

Similar to AnonAddy further down below and also fully opensource.

Zsh Tricks to Blow your Mind (twilio.com)

I’ve switched to ZSH lately and finding my way around the new tools Is helpful 🙂

H/T Dan

Free, Open-source Anonymous Email Forwarding – AnonAddy (anonaddy.com)

I’ve always had email aliases setup to have a distinction between accounts. But AnonAddy lifts this to the next level 🙂

Opensource and also runs on K3s (and ARM) 🎉

leits/MeetingBar: Your next meeting always before your eyes in the macOS menu bar (github.com)

Joining the next Meeting via the menu bar in macOS is great – Also being able to just hit a shortcut to join those meetings 🎉 Half of our team started using it already 😀

H/T Michael

Bund bezahlt, Private kassieren – Blochers und Hayeks sahnen trotz Kurzarbeit und Entlassungen ab | Tages-Anzeiger (tagesanzeiger.ch)

Die Hayeks profitieren damit von einem Entscheid des Ständerats vom vergangenen Mai: Er lehnte ein vom Nationalrat beschlossenes Dividendenverbot für Unternehmen, die Kurzarbeit beanspruchen, ab.

Es wäre viel weniger Fraglich, wenn die Parteien nicht vor genau diesem Szenario gewarnt hätten vor etwa einem Jahr. Aber zum Glück stützt sich Dividende auf die Performance von vergangenen Jahren ab (Auch wenn die Performance dank Staatshilfen und Kurzarbeit erreicht wird).

jmdugan/blocklists: Shared lists of problem domains people may want to block with hosts files (github.com)

Protecting Against HSTS Abuse (webkit.org)

Well, the HSTS standard describes that web browsers should remember when redirected to a secure location, and to automatically make that conversion on behalf of the user if they attempt an insecure connection in the future. This creates information that can be stored on the user’s device and referenced later. And this can be used to create a “super cookie” that can be read by cross-site trackers.

This is already a bit dated but I’ve never thought about building a supercookie via HSTS headers.

reboot: Segmentation Fault

I have no idea how I ended up in that situation, but the entire system of my odroid locked up earlier this week. Not even rebooting was working. Most of the commands failed with a segfault or bus errors.

root@odroid:~# reboot -f -r now
Segmentation fault

After a quick search, I stumbled over the Unix&Linux Stackexchange where someone says – Try to reboot with the magic SysRq key. Wait what?

echo b > /proc/sysrq-trigger

The SysRq-trigger has a ton of use cases that are documented in the kernel documentation

the b flag triggers an immediate reboot of the system without syncing or unmounting your disks. And it worked like a charm. 🎉

Angelesen #73

I listened to a podcast with Seth Godin lately and found a very matching quote:

There’s no such thing as writer’s block – there’s just bad practice.

Seth Godin on Imposter Syndrome, Getting Unstuck and The Practice

And I feel I should get back into the habit of reading… like offline dead-trees-with letters on it reading. Worked so well in 2016 (shoot time flies!) so why not this year? Anyways back to the links of the week which may be a bit Kubernetes (k8s) heavy mainly due to my self-inflicted deep dive into the world of ARM64 computing (which is great and painful, but mostly great).

FRONTEX FILES (frontexfiles.eu)

»Frontex does not meet with lobbyists.« Since Frontex is not living up to its responsibilities as an EU agency, ZDF Magazin Royale is lending a hand. We hereby present the FRONTEX FILES, the first lobbying transparency register of Frontex, the European Border and Coast Guard Agency.

Great leak done via the FOIA / IFG! On this note: Abolish Frontex!

Starship | SN9 | High-Altitude Flight Test (youtube.com)

Reminder. This is a test flight. It’s the 2nd time starship flew in this configuration. We got a lot of data and the primary objective to demonstrate control of the vehicle and subsonic recently looked very good.

/me writes this down for the next post-mortem.

upptime/upptime: ⬆️ Uptime monitor and status page powered by GitHub Actions, Issues, and Pages (github.com)

Upptime (https://upptime.js.org) is the open-source uptime monitor and status page, powered entirely by GitHub Actions and Issues. It’s made with 💚 by your friends at Koj.

Tried this out a few weeks and quite like the uptime stats. Obviously, it’s nowhere near specialized monitoring solutions but it’s a really good start for simpler projects.

ineedtope/ineedtope (github.com)

I’m always fighting with OSM to find the right filters. Maybe I’ll pull the code down and render the map for Switzerland.

↬ Habi via stumbling around on the GitHub Startpage and looking at things my friends give stars to

Dir dumme Souhüng (nidi3.github.io)

Swearing in Swissgerman at it’s best!

kubermatic/kubermatic: Kubermatic Kubernetes Platform – the Central Kubernetes Management Platform For Any Infrastructure (github.com)

Kubermatic Kubernetes Platform is in an open source project to centrally manage the global automation of thousands of Kubernetes clusters across multicloud, on-prem and edge with unparalleled density and resilience.

This looks super promising – Will put that on my list of tools to look into when playing around with k8s

k8dash (k8dash.io)

A pretty promising k8s Dashboard.

Tuning application on GKE — Drupal with MySQL (medium.com)

Switch CloudSQL -> MySQL HA on GKE One of the biggest benefits of going into the cloud is having a database as a service. With Google offering MySQL with master-slave replication and quick failover, this is the first setup most of the companies will start with. Drupal applications are very ‘database-heavy’ and do a lot of reads and writes in single user page load. Even after removing SQLProxy sidecar and using a private database connection, we still had huge issues with latency. This was caused by the database as a service being located not on the same virtual machines as Kubernetes, so even a few ms latency multiplied by many calls is making a huge difference. We have decided to try a multi-master Galera setup on GKE. We also evaluated Vitess.io (database used by YouTube service), but we have decided to stay with the solution we know.

There’s much to discover when moving an application to the Cloud – Adding Galera in the Cluster sounds like a good idea at first but gets very complicated to handle at scale. This is why DIY is hard. But moving Applications to modern (read k8s) and distributed infrastructure always comes at a price of complexity and performance trade-offs.

aquasecurity/kube-hunter: Hunt for security weaknesses in Kubernetes clusters (github.com)

kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments.

Great tool for a quick spot check on your k8s clusters.

Otomi is like OSX for Kubernetes (otomi.io)

Otomi Container Platform offers an out-of-the-box enterprise container management platform (on top of Kubernetes) that increases developer efficiency and reduces complexity. It is a turnkey cloud native solution that integrates upstream Kubernetes with proven open source components. It is a single deployable package with curated industry proven applications and policies for better governance and security.

Otomi looks also interesting – This is also on my list to play around at some point 🙂

The latest Japanese full-frame cameras market share report from BCN Ranking (nikonrumors.com)

It’s insane to see how a big player like Nikon gets absolutely trashed by Sony.

Email from Jeff Bezos to employees (aboutamazon.com)

I intend to focus my energies and attention on new products and early initiatives.

That’s one way to make a commitment to OpenDistro 😉

Useful Tools for Better Kubernetes Development (yitaek.medium.com)

Such a long list of tools! Lens is a no-brainer for me. I use it almost daily to jump between a number of k8s clusters.

Most likely on my "things to look into list":

  • Goldilocks
  • Polaris
  • kube-ps1
  • kubectx + kubens (if you are not using those install them right now)
  • Oh my and Kubecost makes it on the top of my list due to obvious reasons!

↬ Vincenzo

SNB verdient mit GameStop-Aktien kurz mal 43 Mio. (insideparadeplatz.ch)

💎👐 all the way to the 🚀🌔

WhatsApp and the domestication of users (seirdy.one)

WhatsApp rose by trapping previously-free beings in their corral and changing their habits to create dependence on masters. Over time, this made it difficult or impossible to return to their previous lifestyle. That process should sound familiar: it’s eerily similar to the domestication of animals. I call this type of vendor lock-in user domestication: the removal of user autonomy to trap users into serving vendors.

Longread of the week on WhatsApp – Well Use Signal/Threema. Use Tor.