Yesterday, someone in our org deleted an entire production k8s cluster. Not a single container or deployment, not a server or node…just the entire cluster, poof, gone.
After we rebuilt everything, we held a post mortem where we dug into what he did, why he thought it was safe, and how we got to where we are. And yet, with 5 pages of notes on things we could change or improve, one thing was clearly not present in our list… 🧵
Really odd to see all the energy spent on QT discussion on Mastodon which is basically just link previews for Mastodon links (nice to have) when functionality like finding people to follow is extremely cumbersome from search (duplicate profiles) to browsing people’s follow lists (can’t do that if you aren’t on same server).
It’s a “what color to paint the bike shed?”discussion.
Exactly 14 years ago , Satoshi Nakamoto designed the most pathetic / inefficient system ever invented by humankind : the blockchain.
Today, it weights 60 000 tons, wastes constantly 10 gigawatts .. to process less than 7 transactions per second :
Less than a 33 bps modem from 1990.
This could be joke if it didn't have such gigantic environmental impact, wasn't enabling billion dolllars ransomware industry and was not crushing thousands of lives in the process.
This discussion of website security plugins in South Korea is pretty fascinating. Apparently there are a dozen of these things needed to access online banking services, and they install local web servers. https://palant.info/2023/01/02/south-koreas-online-security-dead-end/
One of the website UI modalities that I just *despise* are sites that block copy/paste (either via mouse clicks and sometimes also keyboard shortcuts) for filling important fields, out of some sort of misguided belief that this somehow enhances security. Actually it easily makes it worse in most cases. This is similar to sites that have crazy password rules (that they often can't even implement properly) that also tend to make security worse, not better. E.g., "Your password must contain between 10 and 22 characters, include no less than 3 characters between G and Q, at least two special characters, and a lowercase m and p. Thank you."
Bitcoin core developer claims his wallets were compromised, more than 216 BTC (~$3.6 million) stolen
January 1, 2023
https://web3isgoinggreat.com/?id=bitcoin-core-developer-claims-wallets-were-compromised
"Cars are routinely tokens of virility and status for men, and the image accompanying his tweet of him pumping gas into one of his vehicles, coupled with his claims about their 'enormous emissions', had unsolicited dick pic energy."
https://www.theguardian.com/commentisfree/2022/dec/31/greta-thunberg-andrew-tate-tweet
@carnage4life A good employer will celebrate its employees choosing better for themselves. And hopefully learn to value their teams, and improve benefits for them 👍🏽
Employers are finding people are more likely to take PTO and not work on weekends. They are labeling this behavior less ambitious. This is quiet quitting redux.
COVID taught us there’s more to life than working hard for companies that don’t care about us.
https://www.wsj.com/articles/your-coworkers-are-less-ambitious-bosses-adjust-to-the-new-order-11672441067
Worse, even if you get an email from your mastodon instance (or ANY web service), an authorized SMTP system could have been hijacked and the link directed to a phishing page, potentially even hosted on a hijacked subdomain.
Layers and layers of caution are required whenever you are prompted to take an unusual action.
https://mstdn.social/@stux/109603992325592066
@_notDaniel I keep a little collection here: https://daniel.haxx.se/blog/2021/05/20/i-could-rewrite-curl/
Software Engineer @ Udemy Ankara, Türkiye