Wed 17 April 2019 | -- (permalink)

Well, OK, that's an oversimplification. Threading with shared state as most programs use it is a bad idea, and in effect postpones hard problems so that don't bite you until after you've shipped the code.

Explaining this would take quite a bit of text. Fortunately, somebody else already wrote a …

Tue 02 April 2019 | -- (permalink)

Somewhat common situation: your $DAYJOB has a lab, that lab is behind a firewall, there's some internal web service in that lab you need to get to, your normal work environment is a laptop thousands of kilometers away from that lab, the company's preferred VPN software is a piece of …

Mon 11 February 2019 | -- (permalink)

So there's this vendor-supplied toolkit that I needed to get running in a Docker-ized build environment. Toolkit is a bit of a pig, but that's not the problem. The problem is that, while the core tools in the kit run as command line programs (and, indeed, pretty much have to …

Mon 12 November 2018 | -- (permalink)

Hit a wall while upgrading a pair of FreeBSD 10.4 VMs to 11.2. All went well until upgrade tried to boot from the new kernel, at which point I hit:

FreeBSD 11.2-RELEASE-p4 #0: Thu Sep 27 08:16:24 UTC 2018
root@amd64-builder.daemonology …

Fri 26 October 2018 | -- (permalink)

There's this web site I'm responsible for maintaining, and it has this problem: it depends on an old piece of third party software for which no good replacement exists, and that software does not deal at all well with being walked by web spiders. So of course it has a …

Wed 13 June 2018 | -- (permalink)

Blogofile served well enough for an initial experiment with this kind of statically-compiled blogging software, but it's a bit inflexible, and, more to the point, I found the way it typeset things like code samples fairly hard to read. So I went looking for blogofile themes that could fix the …

Mon 11 June 2018 | -- (permalink)

While it's no longer fashionable among the cool kids, some of us still use PGP, generally in its modern incarnation, GPG. I'm not going to defend that here, just observe that PGP is used in a number of bits of critical network infrastructure, so it still matters.

GPG, like many …

Sun 18 March 2018 | -- (permalink)

Roy Arends gave a talk at today's IEPG meeting about a DNSSEC outage caused by an attempt to combine a DS hash algorithm roll with a type of key roll called a "KSK Double-DS" roll. Roy analyzed the problem that occurred in some detail, I'll post a link here when …

Sun 18 March 2018 | -- (permalink)

Jeff Haas gave a talk at today's IEPG meeting which, oversimplified, boiled down to "TCP AO still looks like the best match for solving a whole bunch of security problems related to routing protocols, but nobody uses it because nobody has implemented it because nobody uses it." This got me …

Thu 28 September 2017 | -- (permalink)

I mostly try to avoid programming with POSIX signals, in part because I was spoiled in my youth: even after decades of incremental improvements, POSIX signals have not really caught up to what ITS had back in the 1970s. But sometimes they're, if not the right tool, the least bad …