In aviation, progress requires finding the right balance. Safety depends on a careful mix of innovation and tradition.
Focusing too much on new ideas can harm the industry’s excellent safety record. At the same time, sticking only to old
methods is also risky because it means missing out on important improvements. This idea offers important lessons for
software development, where two major trends—generative AI and the Scrum framework—risk upsetting this balance.
It was a surprise for me to see people submitting hundreds of domains to get monitored only a few days after launch. This number has since
stagnated, and because it was a fun little experiment, I am fine with this.
I want to move the service from its current domain (scrutineer.tech) to a subdomain of this blog (monitor.raphting.dev). I am
not certain if anyone relies on this service for something important, but I want to make the transition as smooth as
possible.
In 2019 I received my Pilot License. I was (and still am) enthusiastic about flying and I wanted to dive deeper into the
structures of the airspace. I worked a couple of years for German Air Traffic Control (DFS Deutsche Flugsicherung) and
picked up a few things about airspace there too. I wanted to build an App for Aviation that visualizes airspace in 3D.
As you remember, early 2020 was a time in which we all learned about the existence of a new virus, and with its spread
around the world, aviation came to a halt almost entirely.
TL;DR: I published an Apple Watch App on the App Store link
If you are an attentive blog reader, you noticed that the last RSS post was a bit off-context. It didn’t appear in the
HTML version though.
I published an Apple Watch App on the App Store, and one of the requirements is to have a support page. I host it on a
“hidden” page of this blog. Due to a configuration issue, the page ended up in the RSS feed.
The UX is clunky. Users have to hand-type the URL pattern. There are no queries for customization.
And still, more than 500 domains were added over the course of a few days. About half of them are monitored frequently
via RSS.
I got a lot of constructive feedback and friendly comments on Hacker News and Lobsters.
This showed me again what a great community we have in software development.
The expiration of TLS certificates is usually monitored with established monitoring solutions.
Sometimes monitoring happens via services that send e-mails when the expiration date comes closer.
Often times, these services require a sign-up.
I created an entirely free service that monitors the expiry of TLS certificates via RSS without any sign-up.
How it works
With your RSS Feed Reader of choice, you subscribe to
https://scrutineer.tech/monitor/cert/{domain}.rss
Example for scrutineer.tech: https://scrutineer.tech/monitor/cert/scrutineer.tech.rss
Some background info
This is a free service without sign-up
Notifications are generated 30 days, 7 days and 1 day in advance
No guarantees are given, for nothing 🙃
There are no checks for the trustworthiness of certificates. Only the “Not After” field is checked
When I joined a large software project for a supermarket, I noticed an inexplicable part in the code that was about a
CarController. I was curious about how this was related to our project since I was not aware of requirements related to
shopping carts. My team lead at the time told me “The main supplier of these software components worked for a German car
brand before. The CarController must be copypasta from that project”.
Phone numbers are weird. They are not secret in their nature, and they grant everyone public write access to my phone
(which is surprisingly intrusive with all the noises and vibrations the phone can make).
In the old days, when telephones had numbered buttons, I think phone usage was a bit more self-regulatory due to the few
pennies a call cost. That’s not anymore.
I receive a couple of cold calls every week from Dutch numbers, even though the Dutch law forbids cold calls.
I don’t know why the law is not effective. This reminds me of the CAN-SPAM Act 2003 which forbids sending
non-solicited marketing e-mails a.k.a. Spam, which, apparently, was not effective either.
In Part 1 and Part 2 of this series,
I explained why goproxy and gosumdb exist. In this last part of this series, I
introduce an auditing tool for gosumdb that I published, Gosumd Audit.
Goproxy was built with auditability in mind. In my research, I could not find a publicly available audit of the goproxy
and the supporting gosumdb, so I built one.
Two parts of the Merkle Tree need auditing: The Merkle Tree itself and the logical integrity of the records stored in
the Tree.
In Part 1 of this series, I explained why Go offers a module proxy and that it
is secured by the
gosumdb. In this part, I explain how gosumdb secures the Go proxy.
If you want to trust the authorship of code, you would need a direct trust relationship with the code author. In a
highly dynamic module ecosystem like Go, this would be infeasible. The
assumption that gosumdb makes is, if everyone looks at the same code, it must be the right code.
My feed reader is the main source of online articles I read.
I can tune how text is represented in terms of color, font size, font type, and other parameters.
This is based on the content source from RSS (and Atom). There is usually
no JavaScript-CSS-whatever trickery going on in these feed formats.
Just text and media content, and I can consume it in my style.
In contrast there is the world wild web. I designed this blog. I tried my best to provide good typography
but I am a typography-enthusiast backend developer.
Please don’t ask me for much more than what is already here to see.
There are many people like me, enjoying creating content on the web, enjoying self-hosting, but with
little knowledge or skills to create the best reading experience.
What I usually do when I come across a rather un-readable website
(harsh colors, monospaced fonts, mini-fonts, paragraphs as wide as my screen,
no clear visual boundaries - a lot can go wrong), I click on the “Reader View” icon in my browser and, like in
my feed reader, I am able to tune my reading experience.
In 2009 I created a Twitter account. That was about 1 year after I started blogging with Wordpress.
About 10 years later I created a Mastodon account on the instance chaos.social. The instance grew tremendously since I
joined, accelerated by things Elon Musk did with or said about Twitter. With so many new users, the vibe changed a bit.
Some new people expected things to work more or less like on Twitter. New rules were introduced to make less of a chaos
on chaos.social. Instance owners have every right to setup new rules and to enforce them. It is their piece of metal.
If you follow me on thisblog
or the Fediverse,
you know that I advocate thinking about team organization. Leslie Lamport phrased the term
Thinking above the Code,
which I borrow here to think above the team I worked with.
Over the past 6 months, I was part of a self-organized, autonomous team building infrastructure for a sub-section of
the Dutch Government. Overall, we run a successful team. We had several deadlines throughout the period, and we
delivered every time +/- 1 day.
With a friend of mine I talked about this article you just started reading. After I told him
my arguments, he said Queues are like Singletons. Here is why:
Queues come under a few different names, mostly based on the context they are used in. They run under log, PubSub or
messaging queue. They offer a client to publish messages to a topic. They also offer clients to subscribe to topics and
read the posted messages. (hence the name PubSub).
There’s a multitude of dotfile manager helpers out there. For clarification: A dotfile is a configuration file typically
used in UNIX operating systems to configure various software applications. They are prefixed with a dot “.” so that they
are hidden by default.
Gnu Stow, a tool to manage dotfiles, has a history dating back to the year 1993.
What it does
Stow is technically a file link manager. Many file systems offer to link a filename to the contents of another file.
Stow by default works with the parent directory. Wherever you store your stow folder, by default stow will create file
links in the parent directory.
Is it not magical that an airplane crew that has possibly never worked together in this constellation can flawlessly
execute a flight on an extremely complex airplane? A few key ingredients make that possible. Can Software Engineers
learn from it?
Disclaimer: I am a licensed pilot, but I never worked with a Crew. I was lucky enough to have excellent instructors who
work(ed) as Fighter Jet Pilot, KLM Boeing 747 Captain and Lufthansa Airbus A320 Captain. What I write about airplane
crews comes from what I learned from them.
Der digitale Impfpass kommt. Die Bundesregierung hat IBM den Zuschlag zur Koordination des Projekts gegeben. Eine Firma
namens Ubirch aus Köln liefert das entsprechende Protokoll zur Ausstellung und Verifizierung von Impfdaten. Ich möchte
nicht über die Nützlichkeit oder die gesellschaftlichen Aspekte des digitalen Impfpasses schreiben. Mir geht es vor
allem um die technische Umsetzung in Bezug auf Datensparsamkeit. Ich kritisiere zunächst drei Punkte der
Implementierung, wie sie zur Zeit ersichtlich ist. Die Daten, die ich online finde, sind allerdings spärlich.
Abschließend erläutere ich einen Ansatz, der mir praktikabler erscheint und auf den Datenschutz und das Voranschreiten
der Wissenschaft Rücksicht nimmt.
Some systems have higher security requirements for auto-updates than others. Think about cars, airplanes and wherever
physical harm can result. For updates, secure or not, there is a common pattern:
Check a remote endpoint for available updates
Retrieve the update
Apply the update
Number 3 is environment and application specific, so it won’t be covered in this text. If you think, infrastructure will
never be compromised, then this text is not for you. The approach here is: “Trust the people, don’t trust the
infrastructure”. The following paragraphs are written under the assumption that update hosts could be compromised.
I write as long as I know how to use a text editor. It started early, I think when I was eight years old and my mum
brought home a used computer. She worked at an IT company at that time, otherwise I don’t think my family would have
gotten a computer that early.
My stories were about kids running through forests (the stuff I usually did as a kid), becoming witness of mystical
situations (the stuff I wished as a kid to happen).
