• 0 Posts
  • 37 Comments
Joined 1 year ago
cake
Cake day: June 2nd, 2023

help-circle
  • I’m so glad society has teams allocated to identifying these hard-hitting issues. It’s true - we don’t have enough consumer protections in place for space tourists. A poor innocent space tourist could “go to space” without fully understanding that “space can be dangerous”. Thankfully, these analysts discovered this issue before too many people were “at risk”. Future space tourists will have to sign a waver, or watch a presentation, or something.

    The interesting question here is who paid for this “study”, and who from the register accepted the bribes to get this dogshit published.




  • You’re out here solving impossible problems. You’re “The Fixer” from Pulp Fiction. Fools look at story points. Pros see an unsolvable story that languished for years until you came along and defeated it. A single point for you is an entire epic to other teams.

    Everything is a differentiator that can be spun to your advantage. The points aren’t accurate, and you’re the only one with enough guts to step up to the plate and finally work these neglected tickets; even if it won’t “look good” on some “dashboard” - that’s not what’s important; you’re here to help the organization succeed.

    If the system doesn’t make you look good, you have to make yourself look good. If you weren’t putting in the effort, it would be hard - but as you say, everyone who takes a deeper look clearly sees the odds stacked against you, and how hard you’re working / the progress you’re making; despite those odds.

    Don’t let some metrics dashboard decide your worth, king!




  • Vscode already supports linting yaml against a schema file. Once you start configuring your code with configuration-as-code, you’re just writing more code.

    If I need to “generate” some insane config with miles of boilerplate, I would use js to build my json, which can be ported to just about anything. This would replace js in that process.

    I’m not sold on the need for this.

    Even with something like k8s, I’d reach for pulumi before I put another layer on top of yaml.





  • Other comments here do a great job pointing to DH key exchange; I’d like to try explaining it with the paint analogy.

    You and Youtube need to agree on a “color of paint” (encryption key) without ever sending it over the network.

    You and Youtube agree on a common “yellow” in the clear, and you each pick a secret color. Youtube mixes yellow and their secret and sends it to you. This is okay, because un-mixing paint (factoring large prime numbers) is really hard. You add your secret to the mixture, and now you have yellow+Youtube’s secret+your secret.

    You mix yellow and your secret and send it to youtube. Youtube adds their secret; now they’ve got yellow+Youtube’s secret+your secret. You both have the final color!

    An eavesdropper can’t reconstruct this - everything sent over the network had yellow mixed in, and un-mixing paint can be really hard. Maybe you can guess that green minus yellow is probably blue, but you can’t get close enough to decrypt anything. And what if it’s brown? Is that blue + orange, or is it red + green?

    Cryptographers have worked very hard to make the communications secure. I would be more worried about the other end ratting you out - using a relay / proxy / vpn that you trust is a good idea :)




  • Hey! Best of luck, I’m actually going down the same road at the moment :)

    I would build it yourself - it’s more fun, and is cheaper than renting over a shorter-than-you-would-think time period.

    The first thing to know is whether or not you can port-forward / if your isp has you behind nat.

    Exposing virtual disks is relatively straightforward, or even just storage quotas on a single disk. I’m about to jump into the wide world of zfs; I need to glue together 4+ disks into a single storage array.

    If you want everyone to have a separate VM, you’ll need some kind of hypervisor underneath. Could you grant everyone a user account in a single system, and use docker for separation?

    It sounds like the others will be connecting remotely - make sure you use ssh keys (not passwords) and disable root over ssh. Once ssh is exposed to the internet, you’ll see a lot of failed login attempts