tansly @tansly@qoto.org

I operate under the watchful eye

Yesterday, someone in our org deleted an entire production k8s cluster. Not a single container or deployment, not a server or node…just the entire cluster, poof, gone.

After we rebuilt everything, we held a post mortem where we dug into what he did, why he thought it was safe, and how we got to where we are. And yet, with 5 pages of notes on things we could change or improve, one thing was clearly not present in our list… 🧵

#IT #culture #BlamelessCulture #K8s #kubernetes

me 5 minutes after buying something on the internet

Really odd to see all the energy spent on QT discussion on Mastodon which is basically just link previews for Mastodon links (nice to have) when functionality like finding people to follow is extremely cumbersome from search (duplicate profiles) to browsing people’s follow lists (can’t do that if you aren’t on same server).

It’s a “what color to paint the bike shed?”discussion.

Exactly 14 years ago , Satoshi Nakamoto designed the most pathetic / inefficient system ever invented by humankind : the blockchain.

Today, it weights 60 000 tons, wastes constantly 10 gigawatts .. to process less than 7 transactions per second :

Less than a 33 bps modem from 1990.

This could be joke if it didn't have such gigantic environmental impact, wasn't enabling billion dolllars ransomware industry and was not crushing thousands of lives in the process.

This discussion of website security plugins in South Korea is pretty fascinating. Apparently there are a dozen of these things needed to access online banking services, and they install local web servers. https://palant.info/2023/01/02/south-koreas-online-security-dead-end/

People who say "not everyone can ride a bicycle" don't seem to care all that much when you say "not everyone can drive a car."

One of the website UI modalities that I just *despise* are sites that block copy/paste (either via mouse clicks and sometimes also keyboard shortcuts) for filling important fields, out of some sort of misguided belief that this somehow enhances security. Actually it easily makes it worse in most cases. This is similar to sites that have crazy password rules (that they often can't even implement properly) that also tend to make security worse, not better. E.g., "Your password must contain between 10 and 22 characters, include no less than 3 characters between G and Q, at least two special characters, and a lowercase m and p. Thank you."

Bitcoin core developer claims his wallets were compromised, more than 216 BTC (~$3.6 million) stolen

January 1, 2023
https://web3isgoinggreat.com/?id=bitcoin-core-developer-claims-wallets-were-compromised

Watch the birdie!

As a technologist, it’s good to separate web3 & crypto.

Web3, the idea that crypto had something to contribute to building consumer or B2B software, was a scam.

Crypto, a toy financial system dominated by pyramid schemes & grifts, will continue to attract gamblers of all sorts.

The contrast between 8 different colors all at once of this Lilac-breasted roller

Sick of people calling everything in crypto a Ponzi scheme. Some crypto projects are Pump-and-Dump schemes, while others are Pyramid schemes. Others are just middlemen skimming off the top. Others are just standard-issue fraud.

Stop glossing over the diversity in the industry.

"Cars are routinely tokens of virility and status for men, and the image accompanying his tweet of him pumping gas into one of his vehicles, coupled with his claims about their 'enormous emissions', had unsolicited dick pic energy."

https://www.theguardian.com/commentisfree/2022/dec/31/greta-thunberg-andrew-tate-tweet

#gretathumberg #greta #cars

@carnage4life A good employer will celebrate its employees choosing better for themselves. And hopefully learn to value their teams, and improve benefits for them 👍🏽

Employers are finding people are more likely to take PTO and not work on weekends. They are labeling this behavior less ambitious. This is quiet quitting redux.

COVID taught us there’s more to life than working hard for companies that don’t care about us.
https://www.wsj.com/articles/your-coworkers-are-less-ambitious-bosses-adjust-to-the-new-order-11672441067

Worse, even if you get an email from your mastodon instance (or ANY web service), an authorized SMTP system could have been hijacked and the link directed to a phishing page, potentially even hosted on a hijacked subdomain.
Layers and layers of caution are required whenever you are prompted to take an unusual action.
https://mstdn.social/@stux/109603992325592066

@_notDaniel I keep a little collection here: https://daniel.haxx.se/blog/2021/05/20/i-could-rewrite-curl/