Michael Sheldon @shatteredgears@mastodon.technology
Software Dev, C/SQL, DNS
Greyhound adoption advocate
Joined Apr 2017
Michael Sheldon
boosted
Oh Mikey boy, the beers, the beers are calling... π»
Today:
Manager: All of our servers are alerting! It says the check values are missing on all of our servers.
Me, to self: yeah, the monitor system is rock-solid, and hasn't even twitched in over 5 years, I wonder what my teammates were doing? Looks.
Me: All of the monitoring data has been deleted from the databases, did someone run something this morning?
Manager: Well, we ran a script to clean up old data that does not map to live names.
Me: π€¦ββοΈ aaaand, the script ignored the "system" flag, and ignored the reserved ID range set aside for things like this?
π¦π¦π¦
So, me, spending a couple hours manually re-entering all of the setups for the monitors.
Today:
Manager: All of our servers are alerting! It says the check values are missing on all of our servers.
Me, to self: yeah, the monitor system is rock-solid, and hasn't even twitched in over 5 years, I wonder what my teammates were doing? Looks.
Me: All of the monitoring data has been deleted from the databases, did someone run something this morning?
Manager: Well, we ran a script to clean up old data that does not map to live names.
Me: π€¦ββοΈ aaaand, the script ignored the "system" flag, and ignored the reserved ID range set aside for things like this?
π¦π¦π¦
So, me, spending a couple hours manually re-entering all of the setups for the monitors.
Michael Sheldon
boosted
I love it when a system intended to monitor a server, suddenly decides to DoS it instead. π
When you are doing regression testing with a release candidate, and you realize there's a bug in the old version that does not exist in the new one.
And you didn't know about the bug in the old release, and don't know how it got there. And therefore, you have no idea what happened to fix it in the new release.
π€¦ββοΈ
Michael Sheldon
boosted
DNSSec is not being used by the Financial Industry
Do you trust your bank's online security?
You probably shouldn't.
Nobody would trust the security of a website that did not use SSL certificates to secure their data in transit. But what if someone hijacks your connection *before* you get to the bank's web servers?
In a random check of major banks and online trading services, I only found TWO that were using DNSSec to protect their DNS. Only one bank and one online broker thought enough of their customers to prevent them from being directed to a malicious site.
DNSSec is not a new technology, it's been in production use for over nine years, and is well-proven. There's really no excuse for a financial institution to not be using it, except that they just don't actually care about their customer's security. While SSL protects the Bank, and also you, DNSSec mostly protects just YOU. If you get hijacked before you get to the bank's servers? "Oh well, sorry, not OUR fault."
The two I found:
usaa.com
schwab.com
You probably shouldn't.
Nobody would trust the security of a website that did not use SSL certificates to secure their data in transit. But what if someone hijacks your connection *before* you get to the bank's web servers?
In a random check of major banks and online trading services, I only found TWO that were using DNSSec to protect their DNS. Only one bank and one online broker thought enough of their customers to prevent them from being directed to a malicious site.
DNSSec is not a new technology, it's been in production use for over nine years, and is well-proven. There's really no excuse for a financial institution to not be using it, except that they just don't actually care about their customer's security. While SSL protects the Bank, and also you, DNSSec mostly protects just YOU. If you get hijacked before you get to the bank's servers? "Oh well, sorry, not OUR fault."
The two I found:
usaa.com
schwab.com
Michael Sheldon
boosted
I see this idiotic article on ZD Net "What if Microsoft had Invented Android?" and all I can think of now is "what if Capybaras had invented airplanes?"
Michael Sheldon
boosted
Happiness is being deep in code while rocking out.
Now Playing: White Lily, Lyriel
Now Playing: White Lily, Lyriel
Michael Sheldon
boosted
Both my wife and my (work) boss are going to be away next week.
There's really no end to the amount of trouble I could get into.
To infinity, and beyond!!!
ππ
There's really no end to the amount of trouble I could get into.
To infinity, and beyond!!!
ππ
Someone needs to make a smart watch with a small taser on the back.
I have a tendency to not notice calendar/reminder notifications, Zapping me on the wrist might actually get my attention. π€π―
Michael Sheldon
boosted
My life, as a recursive loop
1. "Hey, I left my notebook downstairs"
2. Goes downstairs
3. "A cup of tea would be nice"
4. Make tea, clean up kitchen
5. Take tea upstairs
6. "Hey, I left my notebook downstairs"
...
π
1. "Hey, I left my notebook downstairs"
2. Goes downstairs
3. "A cup of tea would be nice"
4. Make tea, clean up kitchen
5. Take tea upstairs
6. "Hey, I left my notebook downstairs"
...
π
Assisting another division in the company is no different than any other tech support.
"Thanks for helping out with all these files. We just have one more for you to process, plus these two others."
π€¦ββοΈ
That would be three files then?
I feel like I'm dealing with Baldrick in a Blackadder episode.
Tired: Have you tried turning it off and back on again?
Wired: Have you tried setting it on fire?
So, Microsoft's Azure outage was caused by a failure of a third-party's DNS (CenturyLink), which resulted in the automated deletion of customer data....
WTF?
This isn't a failure of a system, this is complete, total failure of any common sense. Also a complete failure to do any real design work at all.
Remember folks, you can't spell "fragile" without "agile"
https://nakedsecurity.sophos.com/2019/02/01/dns-outage-turns-tables-on-azure-database-users/
Trying out Whalebird on my chromebook.
First impressions:
Pro
The "slack-like" interface is more efficient than the many columns of Subway Tooter for multiple accounts.
Multiple themes.
Con
The New Toot window does not follow theme, and is not resizable.
It's slow. Like really, really, annoyingly slow. I'm guessing it's an electron thing. I've never had an app lag so badly on this device.
I would really love to try out Mastalab. It has a lot of features I like, including some not available in Subway Tooter.
Problem is, I almost exlusively use tablets and a chromebook, and Mastalab does not support either, can't even install it.
What is it about Android app devs that they intentionally exclude tablets and other larger screen devices?
I'm in unit test hell.
I very strongly believe in the value of automated unit tests and functional tests.
But I do so very much HATE writing them. π€¬
Michael Sheldon
boosted
π
---
RT @MIT_CSAIL@twitter.com
The third highest-rated professor at Harvard is "Stack Overflow." http://bit.ly/2ES1Zmi (v/@reddit)
https://twitter.com/MIT_CSAIL/status/1080876446204084224
How you know you're having too much fun:
$ git status
...
# Untracked files:
# (use "git add <file>..." to include in what will be committed)
#
# core.13563
# core.20678
Michael Sheldon
boosted
I wish all products had "Explained in 1 buzz-word or less" pages for people with low tolerance for bullshit. #dreaming
When you've got a couple more hours to work, but you're so wonky from lack of sleep that actually doing any work would be a horrific mistake.
Michael Sheldon
boosted
I truly despise the whole "agile" software development theory. It's become an excuse for managers to force devs to write bad code quickly, with no written requirements or specs.
For purposes of software development always remember:
agile == fragile
For purposes of software development always remember:
agile == fragile
Software Dev, C/SQL, DNS
Greyhound adoption advocate
Joined Apr 2017
