I went down the acme/HiCA/RCE rabbit hole a year or so ago and, while I don't remember the specifics, my feeling was that the RCE was not that dangerous and was put into place by greedy scammers thwarting the rules of cert (re)selling and not by shadowy actors trying to infiltrate sensitive infra ...
Is there new information ? Was my impression wrong ?
In my book this is an incompetent PM who doesn’t test anything by himself. If he would have to sit through the JSON parsing a few times every day it would have been fixed in a matter of days.
Possibly “(ver)änderbar” (changeable) to have a distinct keyword. “Mutierbar” would also work fine in German, but it was probably changed with the same reasoning that fn was to fk.
> I've never met an engineering team that used Riak
I was part of a recent cloud migration. Part of on-prem (though unfortunately not migrated by my team) were this very first Riak Cluster I saw in production.
The engineering team used it as "kind of S3" for images, with 3 to 5 PHP scripts providing an interface to Riak and imageMagic. It seemed to me like a good abstraction and I think the migration to S3 was mostly painless.
Other than that I only had contact with Riak at university around 15 years ago, when we tested cluster setups of several NoSQL databases and tried to manually introduce faults to see if they could heal. Riak passed our test at that time, MongoDB didn't.
I've talked to some people who use Riak as an S3 and reported that their reasoning for sticking to it is 2 to 4 orders of magnitude faster than S3. This blew my mind, but then they showed me 20ms response times from their Riak cluster and 2-second response times from S3. Now, I think these aren't standard, and in my experience, I'd say Riak is more like a single order of magnitude faster.
> a common feeling is that might be making us more judgmental and more picky in our partners. This isn't necessarily a bad thing. I love perfection as much as the next person and knowing what's out there helps you narrow down the ideal human being you want to spend your life with.
I kind of disagree with this. I‘m pretty sure love is something where the 80/20 rule applies as much as everywhere else. Looking for perfection doesn’t make much sense to me, when you can be 80% happy for 20% of the invested time. Try to find someone you can argue with and talk it out without being so angry that one of you walks away forever. Searching for the perfect partner who’s not in a relationship with someone else sounds like a nightmare to me.
And I’m with the same person for > 20 years, non-married, with a 12yo daughter.
It is basically Scapy with 200 lines of code to make it easier to start. That means tshark is alot better as a cli/DSL. Interactiveness is not what Scapy is good at, it is marvelous when you need to e.g. send events to other services based on custom packet event.
EDIT: I wonder if there is some nice TUI debugger interface/IDE that one could reuse for this. Handling traces Live like this has always been a special skill so I guess specialized tools is a must.. But one would think that all the tooling around KUtrace/ebpf/tcpdump could be generalized in some way.
Writing "layout next" in GDB gives you a TUI: Text user interface, like midnight commander. There are so many good debuggers in graphical environments I just wondered if there were any better ones for text.
Edit: I really like this simple Scapy wrapper though! Works like a charm.
I just tried tshark, it outputs just raw packet info without any formatting. My code frmats the packets and gives more usefull insights only when prompted
DoS attacks attempt to overwhelm your system or your system's connection by sheer amount of packets. And here you are capturing those packets and keeping them in memory - this just makes your system fall over faster.
For linux, there is faketime, which will set a specific date and time for all child processes. This enables you to test software you don't even compile for time-based problems, e.g. logic around Feb 29th or daylight saving time.
Since go don’t use the libc related time functions on linux, but rather makes syscalls directly, faketime will not work for any programs written in Go.
It's not the only other option! It's not less yucky, but you can creatively stomp on the vDSO functions which back the time-related functions (gettimeofday, clock_gettime, time); I've written about it at [0] and have a "library" (more like a proof of concept) at [1].
https://github.com/acmesh-official/acme.sh/blob/42bbd1b44af4...