Google recently published a new blog post on Kyber. Let's try getting ML-KEM / Kyber working in Google Chrome 131 and Firefox Nightly 133.
OpenSSL 3+ exposes an API for SSL-providers that allows us to only compile the provider instead of having to recompile the application itself.
liboqs is …
Disclaimer: This post doesn't aim to be a serious evaluation of the Amazon principles. Seattle-based IT companies are generally allergic to questioning of their social status and philosophy, so might as well start with a disclaimer. To think is to write: You cannot do real thinking without writing. Occassionally …
Here's a fun little thing that happens between a more ops oriented system administrator and developers. Considering the crap colleges produce every year, there's more and more people with fancy degrees that don't mean anything who manage to wrestle the permissions to publish releases from the Ops crowd. Of …
This blog post uses Fedora 40 and the 6.10 kernel. The focus is to get the technology working on a 'real' system via a series of experiments. Serial experiments help build-up the knowledge, experience, tooling etc. to handle real-world use-cases.
In this part we'll try using the Fedora-native …
The Dune books have some interesting psychological research embedded into them that (finally) after 50 years might be discussed and used (like Frank Herbert predicted). However it is also likely that the perversion that is the Dune movies (which are visually stunning, but in many ways lacking story-wise) will …
Warning: Contains spoilers to the Harry Potter series.
One of the most notable parts of the Harry Potter series is that Harry might have ended up dead at the end of book 7, as Snape notes in his conversation with Dumbledore. Dumbledore kept Harry alive "to be sacrificed at …
TL;DR If you are evaluating everyone using the same framework (even if you are adjusting for income) it's unlikely that your less-payed will ever be competitive. This is not because they do not produce good work: It's social and psychological effects that have an enormous and compounding effect …
This awesome paper https://web.mit.edu/nelsonr/www/Repenning=Sterman_CMR_su01_.pdf indicates that for the chemical industry, there was a need to create a game scenario for participants to understand how the optimal strategy behaves over longer periods of time. The paper is awesome, however, the lessons are …
KeyDB sounds like a viable redis alternative in 2024, however there are issues with how active-active
replication works. It mostly boils down to issues with reconciling data when writes arrive
at both instances. https://en.wikipedia.org/wiki/Conflict-free_replicated_data_type is
a good introductory read.
The relevant …
There was a lot of coverage around the titan submarine but most of it wasn't very useful. The only useful newspaper article I have found is: https://www.vanityfair.com/news/2023/08/titan-submersible-implosion-warnings
I highly recommend reading it in full.
This blog post uses Fedora 40 and the 6.10 kernel. The focus is to get the technology working on a 'real' system via a series of experiments. Serial experiments help build-up the knowledge, experience, tooling etc. to handle real-world use-cases.
Kernel livepatching is a nice technology that doesn't …
Smart people sabotage their competition in ways that most common people find hard to follow or comprehend. Even other smart people might find it hard to follow the ways they are being sabotaged. Hence, raising awareness of these matters levels the playing field.
Most DEI initiatives seem to miss …
The feud between Rick Prime and c137 Rick is the central conflict of the Rick and Morty series. What's not obvious is why Rick Prime decided to hurt c137 Rick.
Once Rick Prime realized that c137 Rick couldn't be controlled, the only way he could stay "on …
This is an example of how to unpack an image and access the files from an img file. The problem is that depending on the actual file, different procedures (and tools) need to be used.
A ubuntu 22.04 cloud image from https://cloud-images.ubuntu.com/jammy/current …
One of the more fun things in 2024 is evaluating software for use as part of a CI/CD pipeline. I think that kicking off a CI/CD pipeline should involve some kind of human intervention in the form of a person with a gpg smartcard, or a HSM-powered …
This is an unfun thing to write, but I need to be able to also remind myself about the objective criteria for failure and success and not the bullshit peddled by the current ruling class. When failures happen so rarely, it is tempting to cover them up, which is …
There might be a time when you'll need to purge a yubikey without access to your gpg stubs (or if you want to avoid importing them). In this case the below method works, even though googling won't reveal at first glance. In short, the procedure involves entering a pin …
Core dumps are extremely useful for debugging purposes. However, it is often non-trivial to enable them as many production systems require twiddling with some configuration options to get core dumps working (most notably, the kernel.core_pattern sysctl, and the core file size setable with ulimit -c \<some value …
RHEL7 doesn't support signing RPM packages with GPG subkeys. The tooling will however allow you to shoot yourself in the foot, allowing you to sign a package with a subkey no problemo.
It is only when you attempt to install the package on a RHEL7 system that the …
For my private infrastructure it doesn't make sense to create full-blown ansible roles unless I'm showing off. Therefore I use a set of simple, ansible playbooks that do one thing and cover the most common tasks. These playbooks are mostly intended to make the new …
All views expressed on this sitre are my own and do not represent the opinions of any entity whatsoever with which I have been, am now, or will be affiliated.
The author is not to be held responsible for your use of the information contained in or linked from …
There are books about the workplace (and articles) that I really like. Disclaimer: I do not endorse that these be applied blindly in any workplace, nor should any of them be used to bash people over the head with. Life is more complicated than books, and management is tough. However …
Since I always forget to write down all the dependencies and make options, here are my scribbly notes on how to compile HAProxy on Fedora 29/Fedora 30.
The GitHub URL is a mirror of the main repository and doesn't contain the other branches …
The official definition for Ansible is the following:
Ansible is a radically simple IT automation engine that automates
cloud provisioning, configuration management, application deployment,
intra-service orchestration, and many other IT needs.
Or explained simply, ansible is ssh on steroids wrapped in python+yaml bubblewrap to prevent sysadmins from …