Das sollte nicht ĂŒberraschend kommen. /votez gibt es schon sehr lange auf meiner Seite, jedoch erhĂ€lt es jetzt ein bisschen mehr Prominenz. Hier lege ich meine persönlichen Voten offen. Dies tue ich punktuell, wenn ich auf das Wahlgeheimnis verzichten will.
Pandemic Code of Conduct
Und zu guter Letzt – der Pandemic Code of Conduct. Ăhnlich wie bei den Interessen ist es unterdessen dummerweise sehr wichtig, den Umgang mit der Pandemie zu regeln. Dies, um einfach meine GrundsĂ€tze festzuhalten. Fragen einfach behandeln zu können, wenn ich spontan absagen wĂŒrde oder ohne grosse umschweife eine Veranstaltung verlasse, wenn ich merke, dass kein Konsens herrscht ĂŒber die GrundsĂ€tze; weil sorge tragen zueinander ist toll und gegenseitig. đ
Der Code of Conduct ist unter Creative Commons veröffentlicht – Mensch möge sich bedienen đ
Also der COP26 war ja eher weniger ĂŒberzeugend, das schlĂ€gt sich hier auch in einigen Artikeln nieder. Nebst Corona-Themen die zwischen Zertifiakts-Infrastruktur und Impfungen hin und her springen, geht es noch um Chip Fabriken und heftigen DDoS Attacken ĂŒber ungepatchte GitLab instanzen. Enjoy.
Rhetorische AbrĂŒstung ist dringend nötig. Der Impfentscheid ist kein Akt des Widerstands â und auch keiner der grossen SolidaritĂ€t. Er sollte eine rationale Aushandlung sein. Ich selbst habe mich impfen lassen, um mich und meine Familie zu schĂŒtzen. Und um mich möglichst uneingeschrĂ€nkt bewegen zu können. Das ist letztlich genauso egoistisch wie der Entscheid, auf eine Impfung zu verzichten. Weshalb es albern ist, wenn Leute die Impfung vor sich hertragen wie ein Ehrenabzeichen.
Mensch ich bin so mĂŒde. MĂŒde die n-te Pro- oder Kontra-Argumentarium mit ĂŒberhöhten Worten zu hören. Zu hören wie wir in einer Diktatur leben sollen und mit wie viel Endzeitstimmung der Ăberwachungsstaat eingelĂ€utet wird. Keine Sorge wir haben das PMT und verschiedene Ăberwachungsgesetze schon. Und vor allem wie einige Bekannte in alle möglichen Richtungen abdriften. Zuzusehen wie reflektierte Menschen plötzlich sich Bekriegen ĂŒber ein zugegeben schwieriges Thema und da total die Bodenhaftung verlieren. Das ist hart. Vor den Abstimmungen gönne ich mir eine Medien und KommunikationsdiĂ€t. Ist gut fĂŒr die persönliche Befindlichkeit. Ich nehme mich das selbst an der Nase, ich war auch die Tage "hĂ€ssig" und habe meiner Meinung Raum gegeben. Jedoch immer basiert auf Tatsachen und Statistik.
Das ist angesichts der Situation in den Zentren und des Klimawandels völlig legitim. Aber in den Siebzigerjahren waren die UmstĂ€nde anders. Die Begeisterung der Boomer fĂŒrs Auto war damals ebenfalls legitim und das sollte die jĂŒngere Generation ihnen auch zugestehen.
Letztlich habe ich das Thema mit einer Freundin von mir zertiskutiert. Das es nun auch in einem Interview aufgegriffen ist ist toll, denn es widerspiegelt viele LebensrealitÀten rund ums Kultobjekt: Dem Auto.
Maestral is a lightweight Dropbox client for macOS and Linux. It provides powerful command line tools, supports gitignore patterns to exclude local files from syncing and allows syncing multiple Dropbox accounts.
Which is why Intel, under Gelsinger, is doing something now that it historically has shunned. âWe are now a foundry,â Gelsinger said at the Arizona groundbreaking. In the coming years, he said, Intel will âopen the doors of our fab wide for the community at large to serve the foundry needs of our customersâmany of them US companies that are dependent on solely having foreign supply sources today.â
All in all not bad seeing not just the big 4 foundries TSMC, Samsung, UMC and GlobalFoundries on the market
Und nun nach dem COP23 gewisse Zahlen zu sehen was die Politik kollektiv auf die Beine stellt… Das Kohle-Ende wird erst kommen wenn es HaftungsmĂ€ssig nicht mehr tragbar ist fĂŒr die Konzerne. siehe Angelesen #61
WĂ€hrend die Grossen natĂŒrlich deutlich mehr zahlen â Gertsch hat von gut ausgebildeten Google-Mitarbeitenden gehört, die 350â000 Franken im Jahr verdienen â könne ein Start-Up wie seines mit einer familiĂ€ren AtmosphĂ€re punkten sowie der Aussicht, im Unternehmen langfristig Verantwortung zu ĂŒbernehmen: «Ich vermute mal, dass man bei Facebook, Google und so weiter stĂ€rker in seiner Rolle steckt.»
Threat actors are exploiting a security flaw in GitLab self-hosted servers to assemble botnets and launch gigantic distributed denial of service (DDoS) attacks, with some in excess of 1 terabit per second (Tbps).
That was a fun weeekend when someone found the unsecured Infrastructure of a DGCA Web Panel and just was great enough to create a name people will totally show around. Which then after a while lead to a full revoke of the North Macedonian Key. So technology is working after all?
The great theory around this is that the default docker-compose settings were blamed partially for this issue. WELL IF YOU RUN YOUR CERTIFICATE INFRASTRUCTURE ON A VM BY JUST RUNNING docker-compose up -d AND WALK AWAY I DONT HAVE MORE CAPSLOCK FOR YOU.
This twitter thread discusses the theory but I really hope it’s just a hot take.
We engineered a wearable microphone jammer that is capable of disabling microphones in its userâs surroundings, including hidden microphones. Our device is based on a recent exploit that leverages the fact that when exposed to ultrasonic noise, commodity microphones will leak the noise into the audible range.
And here we are again đ enjoy some short and long-reads. I’m working towards a new schedule for this format, as Sunday-Sunday seems to lead to a lot of off-by-one errors on my end. Let’s see – For now just enjoy a few links from the archive.
It is baffling on many levels to me. First, I am not an application developer and never have been. I enjoy writing code, mostly scripting in Python, as a way to reliably solve problems in my own field. I have very little context on what your application may even do, as I deal with many application demands every week. I’m not in your retros or part of your sprint planning. I likely don’t even know what "working" means in the context of your app.
A long read, but a really good one. I fully understand a lot of the pull and push factors with those roles involved. But somehow on the way there, we lost the DevOps it seems. Or basically, a lot of stacks got very complex within just a few short years that people won’t master things anymore and just expect things to work. And then things get passed off to Operations "because they know". The bandwidth on things operations is expce
Of the many fears during the pandemic, one has been particularly pernicious: governmentsâ fear of their people. Former US president Donald Trump admitted to playing down the risks of the coronavirus to âreduce panicâ. Jair Bolsonaro, president of Brazil, blamed the press for causing âhysteriaâ. The UK government delayed its lockdown, fearing the British population would rapidly become fatigued by restrictions. And, in my home country of Denmark, the authorities tried not to draw public attention to pandemic preparations in early 2020, to avoid âunnecessary fearâ.
But Denmark pivoted to a strategy of trusting its citizens with hard truths. The buy-in that ensued led to low death rates and laid the groundwork for a vaccination rate of 95% for everyone aged above 50 (and 75% for the population in general). In September 2021, my country announced that COVID-19 is no longer classified as a âcritical threatâ.
Well that aged somehow. But the general strategy seems not to have been the worst one.
When people decide not to use something at one point in time, the item can start to feel more special. And as it feels more special, they want to protect it and are less likely to want to use it in the future. This accrual of specialness can be one explanation for how possessions accumulate and turn into unused clutter.
That’s good knowledge. I fall for this sometimes too. That something simple like a notebook is too special to use. So just go with it and use it. It’s meant to be used.
I think I’m talking about Supply Chain issues since early June and the situation has not gotten better. And It is something that most likely will stay for a bit. This article on Bloomberg is sadly behind paywall now but it’s also a good one.
That report acknowledged that exposure levels might rise over time. âBut, of course, that would be another generationâs problem,â she writes. Those early actions set a precedent that was hard to undo: it wouldnât be until the mid-1970s that a growing body of evidence about the dangers of leaded gasoline lead the EPA to enter into a years-long legal struggle with gasoline-makers over phasing out leaded gasoline.
An industry not to be trusted for so many reasons…
Testing IP Address Based Access Rules
Testing Internally-Hosted Services From an External Perspective
Making Reliable External DNS Lookups When Operating in a Split-Horizon DNS Environment
Didn’t think about using tor to test those scenarios because I’ve access to enough jump hosts across many networks. But it’s a good reminder that tor can also be used for this đ
For many teams responsible for supporting this always-on world, âfirefightingâ has become the typical mode of operation. But this digital shift is here to stay, and the workload is not going to reduce. Over the next few blogs, weâre going to dig further into the findings from our platform data and explore how the growing volume of real-time work is increasingly burdening technical teams. In this first blog, weâll share how this firefighting affects burnout levels, how to classify and quantify interruptions, and what teams can do to avoid attrition.
Seeing this article from Pagerduty made me realize how much shifted around in the past 2 Years. Day to day changes were easy to see but I still see many teams fighting day to day. Luckily a few patterns outlined in the article (24/7) availability is something we’re able to handle via different timezones in our team, this alone makes 24/7 more doable.
Die Ersparnis pro Jahr rechne ich mal der einfachheit halber in 47 Wochen wegen der 5 Wochen Ferien je Mitarbeiter. Damit kommen wir auf eingesparte 35â626 Km und 4â117 kg CO2 Emissionen. Und das ist sehr passend, denn der durchschnittliche CO2 Ausstoss pro Kopf in der Schweiz betrĂ€gt 4â120 kg. In Deutschland zum Vergleich ist der Ausstoss doppelt so hoch. Durch unser Homeoffice-Credo mit 320 Stellenprozent sparen wir also so viel CO2 wie ein Mensch in der Schweiz im Schnitt verursacht. BittegĂ€rngscheh.
Gute Zusammenfassung wie viel CO2 im Homeoffice eingespart werden kann.
The total repair costs (excluding complete laptop replacements), which has thankfully all been covered by AppleCare Protection Plan, are roughly 4,000 USD. More than the initial cost of the laptop itself. Factoring in the cost of the complete replacements, it would be closer to 10,000 USD!
Been there too:
2 top case replacements on my old device due to popped speakers
Graphics Card Damage when it just got out of warranty
However, a new data investigation by The Verge finds that the powerful podcasterâs influence has waned since he went behind Spotifyâs wall. His show has declined as a hype vehicle for guests, and Roganâs presence as a mainstay in the news has plummeted.
Surprised Much? The team around Joe had the Youtube Game pretty much figured out. Being constrained to a walled garden won’t help build more reach.
The aim of the technology is to mitigate against the creation of secondary markets linked to the sale of illegal goods, both in South Africa and beyond its borders. This technology is already pre-loaded on all Samsung TV products.
digital arm-breakers… Didn’t post that one in an earlier installment but here we go : The zombie economy and digital arm-breakers. Not saying stealing is bad, but the piece of technology is in your TV no matter what.
When I’ve set up my Odroid Server earlier this year, I’ve wondered if it was a good idea to run a public-facing DNS resolver based on Pi-Hole. Against all the voices telling me no, I decided nonetheless to try it and see what happens. In the end, the traffic will be limited at some point by the CPU power available, and the Operations Team at CommunityRack.org will give me a hearty slap on the wrist saying, “you broke it, you’ll fix it”, and they will make me buy some Pizza and/or Doughnuts for the next time we meet in person. So the experiment began towards mid-February.
You can see the traffic I was making most of the time until around May. Primary clients connected to the VPN using the DNS Resolver following mostly standard day/night/weekend traffic patterns.
There’s a noticeable bump in July, a considerable Spike towards august, and then in October, the floodgates opened entirely with a couple of million DNS queries per day. My theory is that at some point in July, the resolver got on some well known DNS list and started to gain “trust” as it was always online.
A few observations:
First, there was only my traffic, but soon after, someone or a small group of people discovered the resolver and started using it.
Discovery — I was confused why and how people found the resolver, but they seemed to use it steadily.
Service-Thoughts — But you can’t get in touch with someone like that, so I’ve set up a small landing page on the IP and added an email address for anyone to reach out if they plan to use the service for an extended time, so I could give them at least a heads up in case the service needs to shut down. If you ever debug a failing DNS server, you would know why – Nobody deserves this.
Privacy — It was when I noticed that I’d need to shred the log files at some point and started lowering the data logged to disk. The less I know, the better. At this point, I only cared for the raw numbers.
Trust? — And last and the most concerning one for me personally is that people seem to blindly trust a random IP on the internet that gives them DNS responses. (I kind of pride myself that I was able to run a DNS resolver with seemingly good uptime and minimal maintenance).
So how long?
The answer is 7 months and 3 days (15th March till 18th October).
Sorry to the people that have a broken DNS resolver now. And sorry if my resolver has been part of some sort of a DNS Amplification Attack (based on the traffic it should not have, but that’s hard to say).
The experiment has ended; thanks for participating. I’ve just shredded all logs.
Well, Evernotes past year or so was a bummer as a customer. Don’t take it from me; just have a look at the Evernote Reddit, and it echoes exactly what I saw for quite some time:
The new Android App was much slower than before – scans of documents suddenly were barely usable – it took around a minute to snap a picture of a document and scan it, and the app sometimes crashed in the process.
Mac App also got terribly slow and memory hungry; the old app was fast.
New Pricing model – I mean… why…
As my renewal would have come around soon, I’ve started looking into all sorts of alternatives, and the most promising one seems to be the open-source note-taking app Joplin.
As I rarely need the online Sync for note-taking exporting from Evernote and importing everything into Joplin was easy, just two or three notes that had issues, but that was an easy fix — or better said a cleanup as those notes were ancient and not needed anymore. And OMG, the web clipper of Joplin is so fast and has a few features I like a lot.
My workflow for Document scans currently runs through Dropbox, something I’ll look into when I got more time. But for now, that’s enough, and the Dropbox App gives me a nice PDF that I can Import and File where it’s needed. Also, having documents in the Note-taking app is something I stopped a while ago, so the PDFs live in a separate file structure that works for me.
The really cool thing about Joplin is that there are tons of Plugins available to tweak the app to your needs. And suppose I ever need Joplin to sync my data to secondary devices. In that case, there are several ways of getting this done, as it supports Dropbox, Nextcloud and Joplin Server – which is just another Container to run somewhere.
So far, I’m happy having liberated my notes into a System that works better and provides a lot of flexibility.
