home tags events about login

tommy rss

Half geek, half human. Author of cybsec.network and gopher://secdiary.com | https://secdiary.com.

tommy honked 20 Sep 2020 22:35 +0200
convoy: data:,electrichonkytonk-86Yk798D3521vgnj2n

Holy Tamagotchi, timestamps and the web is a mess. What were people thinking when designing these things?

Major online media are publishing articles with invalid timestamps in their RSS feed and in their URLs (which is a reach anyways). Servers are lacking "Last Modified" fields.

And good luck to me if I go down the route parsing the content of the websites themselves.

This is surely a thing Google is very good at interpreting.

#timestamps #webmess

tommy honked 20 Sep 2020 12:00 +0200
convoy: data:,electrichonkytonk-2SdW3GJ1Sp1114r69t

"This is how the U.S Divided By Digital Warfare" (in Norwegian), by the Norwegian Broadcasting Corporation (NRK) is something. The visual storytelling is awesome work.

I'm not convinced about it being a more effective means of communicating their message, but it surely is cool (compared to a more static style).

https://www.nrk.no/urix/xl/digital-krigforing-1.15069569

#nrk #article #visual #storytelling #usa #warfare #design #elections

262Ls433tsX6SX4dhm.png

tommy honked 20 Sep 2020 10:43 +0200
convoy: data:,electrichonkytonk-SDmgt7ll2Qk381lSyr

Fooled for several days by a 100% CPU utilization and frustrated over a performance drop with Janusgraph passing about 100k nodes and 100k edges. It dropped to nearly zero.

I was about to go full metal and buy a 6 node mATX cluster with 48 AMD-cores and 96GB of memory.

However, double-checking my config I noticed that it had reverted from being Cassandra and Elasticsearch-backed to an in-memory config. We all know how that goes with a standard Java configuration.

I guess my 2014 Mac mini will get to live a little longer.

#macmini #ftw #config #janusgraph #memory

tommy bonked 19 Sep 2020 21:42 +0200
original: solene@bsd.network
convoy: tag:bsd.network,2020-09-19:objectId=13307979:objectType=Conversation

@yuki_is_bored you feel the kernel giant lock for i/o.
On SSD, as they are fast the giant lock isn't held for a long time, but on hard drives it's a huge pain.

Using noatime may help, but also using 30% of the outer area of the disk can help performance (in the outer disk area, in 1ms they are more data that can be seek than in the inner area).

tommy honked 19 Sep 2020 20:12 +0200
convoy: data:,electrichonkytonk-89jD88T7SmhJhDFXtd

Why don’t we think holistically about identity management in corporations? Why is the corporate identity tied to the organization and not to the individual?

National entities and perhaps the United Nations have some work to do here. Shouldn’t just be limited to passports.

Trust and impartiality is key, though.

#identity #identitymanagement #iam

tommy honked 19 Sep 2020 11:06 +0200
convoy: data:,electrichonkytonk-dW22nKJZ685BDJZzbm

Controversial idea.

Today, technology and outdated understanding about security, hinders both efficiency and the security. These are new restrictions, that didn't exist before the technology was introduced.

What if people were to buy their own gear, and have the responsibility of its security (system ownership). If technology is used in work, knowledge about it should also be a requirement during the employment process. Most of the people I know, are both interested and reflected about these things when they get the opportunity to have the insight and take the responsibility.

I believe IT staff have gotten to dictate technology choices for security reasons, when the real reason is that less equipment variety means less overhead to them. That translates to less creativity, personal freedom and passifying the individual. Interestingly most modern companies relies on what technology is a basis for: the knowledge worker.

After all, your equipment is something else today than it was 10 years ago. It is an extended part of your person. It is your hammer, so to speak.

"BYOD" as a technology concept has been practiced for many years already, but this concept also evolves around not locking everything into containers. Rather, the next "BYOD" iteration should evolve around culture (people and processes).

In this case, security staff would serve as advisors and enablers, not enforcers. Going on a trip abroad? This is the situation, this is how we recommend you go about it. After all, most companies and individuals have common interests. But, when it comes to technology most are left starved for insight and impact on technology.

As for the current situation, I do not really see the difference between the conventional model where you are provisioned everything and where the company restricts your movement, and the more recent one where most people gets an iPhone anyways.

Regarding infrastructure. Technologically this also means that organisations needs to start moving towards a post-perimeter world, not just talk about it.

#culture #technology #concept #responsibility #change

tommy honked 19 Sep 2020 10:31 +0200
convoy: data:,electrichonkytonk-X68X3lhbhH1CJX2XG3

I decided to retire my twtxt-feed. It was a nice concept, but I didn't get around to use it, and to be honest I mostly ended up using honk for messages such as these anyways.

#twtxt #killedbytommy

tommy honked 18 Sep 2020 22:33 +0200
convoy: data:,electrichonkytonk-5N6d46F12LXC8s9CQ4

I have some issues with the status quo of the Apple eco-system, but one thing that Apple mostly gets right is the balance between usability and design. This is an inspiring philosophy and why I cannot seem to be able to move over to other systems, such as OpenBSD, purely.

Apple seems to be able to abstract the backend technology stack into something that just works for normal people. Presenting the results of technology, without being about the technology.

When reviewing some of these things, I have often been struck by what seems to be their starting point: this is a problem for a lot of people, forget the established solutions, let's solve the problem one step at a time without compromise on principles.

I imagine this must be a rewarding way to work.

#apple #design #philosophy #problems

tommy honked 18 Sep 2020 08:48 +0200
convoy: data:,electrichonkytonk-bZl7gnYQP4ZCW6SM5w

Testing the Nitrokey USB-A against Yubikey 4C PGP via SSH logon shows a remarkable performance difference.

For the operation, the Yubikey actually has double the speed of the Nitrokey (2 seconds vs 4 seconds).

This isn't necessarily a problem when performing one operation, but when a script repeatedly uses the key for SSH it becomes a significant improvement.

My only problem with this for now is that the X395 only has one USB-C port. I would also have preferred an open source solution instead.

#nitrokey #yubikey #performance

tommy honked 17 Sep 2020 13:31 +0200
convoy: data:,electrichonkytonk-g4PzKP5f174qQn7Rnl

Currently doing some Golang dev for a graph-based news aggregator.

The recent evolution of Janusgraph (3.4.8) is smooth. Easy to setup, embedded Cassandra and Elasticsearch for testing/standalone mode, and good defaults in the config.

The schema in Janusgraph now works for me. I've never gotten a handle about it previously, but it is good for applying constraints on a kv-store.

Most importantly and perhaps the reason I now have it working, is that the documentation have gotten decent.

With a fork and some minor adjustments to get the edge querying working with the latest version of Gremlin/Tinkerpop, The Northwestern Mutual Grammes client works well: https://github.com/northwesternmutual/grammes

https://docs.janusgraph.org

#graph #network #distributed #development