Good luck! I agree it’s not perfect, it definitely has warts, but it’s very mature software that’s not going away anytime soon. It will die about the time the C language dies, which won’t be in my lifetime.

Other build software, it’s anyone’s guess how long it will be maintained.

Excellent point. I finished watching the BSDCan video (from the lobsters discussion) , but haven’t dug into playing with it yet.

Is there anything preventing another (or another ten) free CAs from existing? Let’s Encrypt just showed everyone how, and their protocol isn’t a secret.

Luckily they are a non-profit

Linux Foundation is a 501(c)(6) organization, a business league that is not organized for profit and no part of the net earnings goes to the benefit of any private shareholder or individual.
The fact all shareholders benefit from its work without a direct economical gain, doesn’t means it has the public good at heart. Even less the public good of the whole world.

It sound a lot like another attempt to centralize the Internet, always around the same center.

It’s awesome that we have easy, free TLS certs, but there shouldn’t be a single provider for such things.

And such certificates protect people from a lot of relatively cheap attacks. That’s why I’m in doubt.

Probably, issuing TLS certificates should be a public service free for each citizen of a state.

Hashicorp Vault has many ways to authenticate and get a token, you can tie to EC2, or you can auth against LDAP/Github, AppRole(where you can tie it to specific machine(s)/applications, etc. But it is definitely a turtles all the way down approach. The goal of Vault is to only have to worry about deploying the token and vault will then handle ALL of your secret/sensitive information for you, with transit, DB and the other backends. So at least the problem becomes “manageable” since it’s only the 1 token you have to get out there.

I’ve heard rumblings about Zulip being a decent option too. I haven’t used it myself though.

We’ve used mattermost for a few years now, it’s pretty easy to setup and maintain, you basically just replace the go binary every 30 days with the new version. We just recently moved to the integrated version with Gitlab, and now Gitlab handles it for us, even easier now, since Gitlab is just a system package you upgrade.

A lot of people have said Mattermost, might be a good drop-in replacement. According to the orange site they’re considering dropping a “welcome from Hipchat” introductory offer, which is probably a smart move.

IIRC mattermost is open core. I’ve heard good things about zulip. Personally, I like matrix, which federates and bridges

There were languages like Opa that tried to address what happened on web app side. They got ignored just like people ignore safety in C. Apathy is the greatest enemy of security. It’s another reason we’re pushing the memory-safe, higher-level languages, though, with libraries for stuff likely to be security-critical. The apathetic programmers do less damage on average that way. Things that were code injections become denial of service. That’s an improvement.

I would like to use TLS 1.3 for an existing product. It’s in C and Lua. The current system is network driven using select() (or poll() or epoll() depending upon the platform). The trouble I’m having is finding a library that is easy, or even a bit complicated but sane to use. The evented nature means I an notified when data comes in, and I want to feed this to the TLS library instead of having the TLS library manage the sockets for me. But the documentation is dense, the tutorials only cover blocking calls, and that’s when they’re readable! Couple this with the whole “don’t you even #$@#$# think of implementing crypto” that is screamed from the roof tops and no wonder software engineers steer away from this crap.

I want a crypto library that just handles the crypto stuff. Don’t do the network, I already have a framework for that. I just need a way to feed data into it, and get data out of it, and tell me if the certificate is good or not. That’s all I’m looking for.

Yes it is, but no - that’s not what I meant. I mean that I expect every VCS to be able to rewrite history since the data files are under control of the admin. git can do it, svn can do it. You can edit RCS files by hand if you want to (unsure if there is tooling to do it).

i.e. linus can rewrite his git history. It will be out of sync with other people, but that is then a social issue, not a technical one (I admit this is a fine point).

The only time you can’t rewrite history is in the “public immutable” world of blockchain - since the data files aren’t under your control. I don’t know if someone has built a vcs like that and my comment was really just a side swipe at blockchain hype.

It only authenticates keys, and it makes key management YOUR problem. see https://github.com/oxy-secure/oxy/blob/master/protocol.txt for more details.

I.e. you have to copy over keys from the server to the client before the client can connect(and possibly the other way from the client to the server, depending on where you generate them).

I’ve always wondered why AWS doesn’t provide a spending limit feature… it can’t be due to a technical reason, right? I know their service is supposed to be more complex, but even the cheapest VPS provider gives you this option, often enabled by default. I can only conclude they decided they don’t want that kind of customer.

I also worried about the risk of “DDoS causing unexpexted cost” when I was looking for a place to host my private DNS zones. To me it appeared that the free Cloudflare plan (https://www.cloudflare.com/plans/) was the best fit (basically free unmetered service).

Would using that same free plan be a safer choice than Cloudfront from a cost perspective?

In hurricane architecture, they used Nginx (dynamic caching) -> Varnish (static caching) -> HAProxy (crypto) -> optional Cloudfare for acceleration/DDOS. Looked like a nice default for something that needed a balance of flexibility, security, and performance. Depending on one’s needs, Nginx might get swapped for a simpler server but it gets lots of security review.

I’ll also note for OP both this list of web servers.

Yeah, I also like this similar list, but neither provide value judgements about e.g. whether it’s sane to leave such things exposed to the Internet unattended for many years (except for OS security updates).

If you go in uBlock Origin preferences → Filter lists, under “Annoyances” there’s “Fanboy’s Cookiemonster List” which hides “we use cookies” banners (and apparently will also hide GDPR banners).

Not the specifics, but the over-arching ideas pretty much hold up I’d say.

• Open Systems: Sure Oracle hasn’t died yet, but even MS is even getting on the Open bandwagon to some degree.
• Software Distribution Channels: well OK the Internet ate the CDROM up, but retail software in a store is 99% dead, he called that.
• Kernel/base source code explosion: Drivers def. take up way too much room in the kernel :)
• Multiprocessor: def. true
• Networking: well OK 3 directions, Internet/WAN, Wireless(LAN) and high-speed LAN(fiber and friends)
• Java: pretty much true, minus the systems programming part.
• Nomadic devices: smartphones totally made this true.

A pity the signing / marshalling algorithm is such a PITA to implement (the signature must be the last key/value pair in the JSON document, and it signs the bytes of the document up to that point).

Having alternate clients is a good start, but is it still true that there’s only one server implementation?

I don’t know your specific use-case, but at the very least you could easily get, “send someone out to collect more information” out of an SMS. Also, if you encode data, you can pack a fair bit of data into an SMS, given the constraints. But iridium and other satellite communications providers are not limited to SMS, the spot I showed is just the consumer level version of this, but if you are large enough you can reach out to the providers themselves and possibly work out some deal with them.

Cool on the gossip protocol. The upside to doing something like SSB(scuttlebutt) is you get use-cases outside of just your domain, so the chances of people, such as transportation drivers, wanting to use it much higher. The more people you can get running a gossip protocol the faster you can sync your data across large swaths of unconnected/sporadically connected populations.

Anyways, good luck!

Make isn’t that weird, but, it’s not well understood, sadly. But I do agree with your $PREV_JOB, that all of your tests should be runnable , pretty much anywhere. That’s certainly our philosophy.

I’ve been playing with tmuxp using tmux, and running dependencies for testing that way, so that it can all be interactive very easily. Not sure it works out very well for very complex testing scenarios, but it seems to work out for low to medium complexity so far.

Yes, Load balancing is your problem. Nomad is ONLY a task scheduler across a cluster of machines. Which is why it’s not rocket science.

You say I need X cpu and X memory and I need these files out on disk(or this docker image) and run this command.

It will enforce your task gets exactly X memory, X cpu and X disk, so you can’t over-provision at the task level.

It handles batch(i.e. cron) and spark workloads, system jobs(run on every node) and services (any long-running task). For instance with nomad batch jobs you can almost entirely replace Celery and other distributed task queues, in a platform and language agnostic way!

I’m not sure I’d say the use-case is much more restricted, since you can do load balancing and all the other things k8s does, but you use specialized tools for these things:

• For HTTPS traffic you can use Fabio, Traefik, HAProxy, Nginx, etc.
• For TCP traffic you can use Fabio, Relayd, etc.

These are outside of Nomad’s scope, except that you can run those jobs inside of Nomad just fine.

edit: and it’s all declarative, a total win.

This is true, there are ways around it, if you work a little, since it is OSS. However, there are a few 3rd party tools, 2 of which are server implementations: bitwarden-go(https://github.com/VictorNine/bitwarden-go) and bitwarden-ruby(https://github.com/jcs/bitwarden-ruby).

There is also a CLI tool (https://fossil.birl.ca/bitwarden-cli/doc/trunk/docs/build/html/index.html)

If it’s not encrypted, they see your secrets. If it is encrypted, they’re in control of your secrets. In self-hosted setup, you are in control of your secrets. If encrypted, you might loose them. If sync’d to third party (preferably multiple), you still might loose key. If on scattered paper copies, each in safe place, you probably won’t. For some failures, write-once (i.e. CD-R) or append-only storage can help where a clean copy can be reproduced from the pieces.

That’s pretty much my style of doing this. It’s not as easy as 1Password or something, though. There’s the real tradeoff.

Now consider that there are organization that deploy OpenStack on a hypervisor, then kubernetes on that openstack :)