VirtualTam's bookmarks

1. OpenGFW - A flexible, easy-to-use, open source implementation of GFW (Great Firewall of China) on Linux 2024-03-31

   tags: linux, network/firewall, network/ipv4, network/ipv6, programming/go, reverse-engineering, wireshark

   [ permalink ]

   • USENIX Security Symposium 2023 - How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic
2. oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise 2024-03-31

   tags: compression/lzma, compression/xz, linux, programming/c, programming/shell/bash, security, security/backdoor

   [ permalink ]

   • XZ Utils backdoor
   • xz/liblzma: Bash-stage Obfuscation Explained
   • /r/Linux - XZ Utils backdoor
   • Debian Bug report logs - #1068024 revert to version that does not contain changes by bad actor
   • FAQ on the xz-utils backdoor
   • LWN - A backdoor in xz
   • Everything I Know About the Xz Backdoor
3. Grumpy Website 2023-10-29

   tags: internet/browser, programming/html, user-experience, user-interface, web

   [ permalink ]

   Grumpy Website is a world-leading media conglomerate of renowned experts in UIs, UX and TVs.

   We’ve been reporting on infinite scrolls, cookie banners and unnecessary modal dialogs since 2017.

4. RedPanda | Data Streaming Platform 2022-09-04

   tags: message-broker/kafka, message-queue, programming/c++, programming/go

   [ permalink ]

   • https://redpanda.com/blog/validating-consistency
   • https://redpanda.com/blog/kafka-redpanda-availability
   • https://redpanda.com/blog/redpanda-official-jepsen-report-and-analysis
   • https://github.com/redpanda-data/redpanda/
   • https://news.ycombinator.com/item?id=25075739
5. Mexican Government Report Text Analysis 2019-09-24

   tags: natural-language-processing, programming/python, programming/python/numpy, text, visualization, visualization/matplotlib

   [ permalink ]
6. reporter: Service that generates a PDF report from a Grafana dashboard 2019-04-05

   tags: observability, observability/grafana, pdf

   [ permalink ]

   • https://hub.docker.com/r/izakmarais/grafana-reporter/
7. FusionAuth - Identity management - Authentication, authorization, user management, reporting, analytics 2019-03-13

   tags: programming/api, security/authentication, security/authorization, security/password, security/token, web

   [ permalink ]
8. [Osmf-talk] Membership Working Group report on unusual signups before OSMF election 2019-01-27

   tags: community, data-mining, hack, openstreetmap, visualization

   [ permalink ]

   • https://openstreetmap.lu/MWGGlobalLogicReport20181226.pdf
9. Searching for Emoji Characters / Unicode - Elasticsearch - Discuss the Elastic Stack 2018-03-15

   tags: observability/elastic, observability/elastic/elasticsearch, text/unicode

   [ permalink ]

   • Unicode text segmentation - https://unicode.org/reports/tr29/
   • Unicode emoji - https://unicode.org/reports/tr51/#Searching
   • https://jolicode.com/blog/search-for-emoji-with-elasticsearch
10. DMARC How-tos / FAQ 2017-12-21

    tags: email, email/dkim, email/dmarc, email/spam, email/spf, network/dns, record, trust

    [ permalink ]

    • https://blog.returnpath.com/how-to-explain-dmarc-in-plain-english/

    • https://blog.returnpath.com/infographic-how-to-prevent-email-fraud-with-dmarc/

    • https://blog.returnpath.com/build-your-dmarc-record-in-15-minutes-v2/

    • https://blog.returnpath.com/demystifying-the-dmarc-record/

    • https://blog.returnpath.com/how-to-read-your-first-dmarc-reports-part-1/

    • https://blog.returnpath.com/how-to-read-your-first-dmarc-reports-part-2/

    • https://webmasters.stackexchange.com/questions/102509/dmarc-understanding-aggregate-reports

    • https://webmasters.stackexchange.com/questions/90326/dmarc-spf-fail-dkim-pass-source-ip-not-mine

    • https://www.endpoint.com/blog/2014/04/15/spf-dkim-and-dmarc-brief-explanation

    • https://stackoverflow.com/questions/30342550/why-do-i-receive-a-dmarc-report-everyday

    • https://dmarc.org/wiki/FAQ

11. DMARC reports analysis tools 2017-12-21

    tags: email, email/dmarc, email/spam, network/dns, record, spoof, trust, visualization

    [ permalink ]

    • https://dmarc.org/resources/code-and-libraries/
    • https://blog.returnpath.com/how-to-read-your-first-dmarc-reports-part-1/
    • https://domainaware.github.io/checkdmarc/
    • https://github.com/domainaware/checkdmarc
    • https://github.com/domainaware/parsedmarc
    • https://github.com/trailofbits/dmarc
    • https://github.com/beckspaced/Dmarc-Report-Viewer-Extended
    • https://github.com/linkedin/lafayette/
    • https://github.com/thinkingserious/sendgrid-python-dmarc-parser
    • https://github.com/prbinu/dmarc-report-processor
    • https://github.com/alan-hicks/django-dmarc
    • https://github.com/martinhoefling/go-dmarc-report
    • https://github.com/cheatas/DMARCate
12. How Sentry Receives 20 Billion Events Per Month While Preparing to Handle Twice That 2017-11-09

    tags: crash, data, error, observability, programming/python, report

    [ permalink ]

    • https://news.ycombinator.com/item?id=15655135
      • https://news.ycombinator.com/item?id=15660707
      • https://news.ycombinator.com/item?id=15656474
    • https://sentry.io/welcome/
13. Chaos Engineering - O'Reilly Media 2017-08-22

    tags: chaos, cloud, distributed, infrastructure, linux, netflix, network, sysadmin

    [ permalink ]

    With so many interacting components, the number of things that can go wrong in a distributed system is enormous. You’ll never be able to prevent all possible failure modes, but you can identify many of the weaknesses in your system before they’re triggered by these events. This report introduces you to Chaos Engineering, a method of experimenting on infrastructure that lets you expose weaknesses before they become a real problem.

14. UK Government - Digital Service Standard 2016-08-16

    tags: continuous-integration, dependency, development, digital, open, qa, quality, software, source

    [ permalink ]

    1. Understand user needs
    2. Do ongoing user research
    3. Have a multidisciplinary team
    4. Use agile methods
    5. Iterate and improve frequently
    6. Evaluate tools and systems
    7. Understand security and privacy issues
    8. Make all new source code open
    9. Use open standards and common platforms
    10. Test the end-to-end service
    11. Make a plan for being offline
    12. Make sure users succeed first time
    13. Make the user experience consistent with GOV.UK
    14. Encourage everyone to use the digital service
    15. Collect performance data
    16. Identify performance indicators
    17. Report performance data on the Performance Platform
    18. Test with the minister
15. Ça marche pas ! | CommitStrip 2016-03-21

    tags: bitch, bug, debugging, development, pebcak, report, user

    [ permalink ]
16. Python unit testing frameworks: Nose, Pytest 2015-02-13

    tags: code, coverage, feature, nose, programming/python, programming/python/pytest, programming/testing, quality, unit

    [ permalink ]

    Python's built-in unittest module is quite cool, but a bit limited and way too verbose (read: it's quite not easy to incite developers to write unit tests)

    I'm currently looking for more dev-friendly solutions, the key points being:

    • writing test code should be easy and straight-forward -keep the focus on "what to test" instead of "how to transcribe a process to a test"
    • parallelization! -we, spoiled developers, should make good use of our way-too-many-cores build machines...
    • complete feature set!
      • we don't want to just run tests...
      • coverage reports (find dead/weak/untested code sections)
      • output formatting (JUnit-XML seems to be quite a common format out there)

    There seem to be 3 solutions in Python:

    • stock unittest + project-dependent customizations / test helpers
    • nosetests
    • py.test

    And 2 ways of gettings things done:

    • keeping things stock: no external dependency, project-specific implementation...
    • using a test framework: one more module in your (test) virtualenv, more concise tests, more features (// run, code coverage, etc.)

    Some links:

    • http://stackoverflow.com/questions/22856638/nose-vs-pytest-what-are-the-subjective-differences-that-should-make-me-pick
    • http://helixyte.org/2014/04/unit-testing-adventures-moving-from-nose-to-pytest/
    • http://lists.idyll.org/pipermail/testing-in-python/2013-August/005624.html
17. Quake on an oscilloscope: A technical report 2014-12-31

    tags: electronics, game, hack, oscilloscope, quake, video

    [ permalink ]
18. Shining - Goretex Weather Report (EKF) 2014-12-20

    tags: blackjazz, free, fusion, jazz, metal, shining

    [ permalink ]
19. Jaco Pastorius & K. Watanabe - Havona (live in Tokyo) 2014-12-17

    tags: free, fusion, jazz, live, pastorius, report, tokyo, watanabe, weather

    [ permalink ]
20. Continuous integration in Python 2014-11-27

    tags: automation, continuous-integration, continuous-integration/travis, development, programming/python, programming/python/pytest, programming/testing, source-code-management/git, unit

    [ permalink ]

    http://ilovesymposia.com/2014/10/01/continuous-integration-0-automated-tests-with-pytest/ http://ilovesymposia.com/2014/10/02/continuous-integration-1-test-coverage/ http://ilovesymposia.com/2014/10/13/continuous-integration-in-python-3-set-up-your-test-configuration-files/ http://ilovesymposia.com/2014/10/15/continuous-integration-in-python-4-set-up-travis-ci/ http://ilovesymposia.com/2014/10/15/continuous-integration-in-python-5-report-test-coverage-using-coveralls/ http://ilovesymposia.com/2014/10/17/continuous-integration-in-python-6-show-off-your-work/ http://ilovesymposia.com/2014/10/27/continuous-integration-in-python-7-some-helper-tools-and-final-thoughts/