Hi everyone! π
Welcome to cron.weekly issue #117. There’s a bit of follow-up from last week’s issue regarding ZFS, some cool new tools and practical tutorials.
There’s some more web development news than usual this time, lots of things happening in the browser space lately that might affect you (or your co-working devs).
Oh, and you’ll find some discount codes for SCALE 18x and DevOps Day LA at the very bottom.
Enjoy reading!
Podcast: Intel vs. AMD vs. ARM π
Last week I recorded a new episode of syscast, the podcast I sometimes do (and want to get back to more frequently). This issue is a complete step out of my comfort zone, as we discuss the differences in Intel and AMD CPUs and the rise of ARM.
I learned a ton about the history of CPUs and how to better compare them. My goal was to get a better understanding of modern CPUs to make better server purchasing decisions. If you decide to listen, I’d love to hear feedback!
Have a listen! π
News & general π
Intent to Deprecate and Freeze: The User-Agent string
The Chrome team is looking to freeze & unify the User-Agent in its browser. Right now, it includes a very detailed version string that allows for passive fingerprinting. The goal is to move to User-Agent client hints instead.
Take this User-Agent string, for example. It’s from my browser.
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
What’s that Mozilla/5.0 even still doing in there? And why is it exposing my OS & exact version numbers? I think it’s a good move to gradually phase out the detailed User-Agent.
Building a more private web: A path towards making third party cookies obsolete
The Chrome team plans to phase out support for third-party cookies. These are cookies that get embedded by things like ads, Facebook’s tracking pixels etc.
Linus Torvalds says “Donβt use ZFS” - but doesnβt seem to understand it
This is a solid response post to Linus’ earlier claims that you shouldn’t be using ZFS. In this article, the author looks at the controversial kernel change that prompted Linus’ response as well as the benefits of the ZFS filesystem.
Fedora 31 has decided to allow (and have) giant process IDs (PIDs)
Every new process and thread on Linux gets a new PID (short for process ID). PIDs are normally assigned sequentially until they hit some maximum value and rollover. As of Fedora 31, giant process IDs have been enabled so you might see PIDs that exceed the 1.000.000 number (and that’ll mess up the output of ps, top, …). You can change this behaviour with the kernel.pid_max setting in sysctl.
Is SMS 2FA Secure?
tl;dr: no, it isn’t. Lots of information on that site to persuade anyone higher up the corporate food chain to replace SMS with something more secure as 2FA.
Multipath TCP Support Is Working Its Upstream - First Bits Landing With Linux 5.6
The prerequisites have been merged to allow for Multipath TCP (MPTCP) in the Linux 5.6 kernel.
Tools & Projects π
DNS Spy: paranoid about your DNS sponsored
DNS Spy is a tool that’ll monitor all your DNS records for wanted and unwanted changes. If you’ve ever been burned by DNS (either by yourself or a coworker), DNS Spy can give you the confidence that a DNS change has the desired outcome. Stop blaming DNS, start monitoring it.
aws-gate
aws-gate allows you to connect to EC2 instances without the need to maintain any bastion host, VPN service or manage SSH keys.
rogerwelin/cassowary
Cassowary is a modern HTTP/S, intuitive & cross-platform load testing tool built-in Go for developers, testers and sysadmins. Cassowary draws inspiration from awesome projects like k6, ab & httpstat.
Nebula Graph
A distributed, fast open-source graph database featuring horizontal scalability and high availability.
cantools
A set of CAN BUS tools written in Python 3.
GoatCounter
GoatCounter is a web analytics platform, roughly similar to Google Analytics or Matomo.
gter
Gter is a terminal for GUI apps. The video best describes it. It allows you to run your GUI applications (like Firefox, calc, …) in your terminal window.
parsr
Parsr, is a minimal-footprint document (image, pdf) cleaning, parsing and extraction toolchain which generates readily available, organized and usable data for data scientists and developers.
k3c
k3c is a local container engine designed to fill the same gap Docker does in the Kubernetes ecosystem. Specifically, k3c focuses on developing and running local containers, basically docker run/build.
Open DMARC Analyzer
Open DMARC Analyzer is an Open Source DMARC Report Analyzer to be used with DMARC reports that have been parsed by the rrdmarc script or techsneeze’s dmarcts-report-parser.
sandy
A tiny sandbox to run untrusted code: sandy uses Ptrace to hook into READ syscalls, giving you the option to accept or deny syscalls before they are executed.
tuptime
Tuptime is a tool to report the historical and statistical data in real-time of the system, keeping it between restarts. Like uptime command but with more interesting output.
DTail
DTail (a distributed tail program) is a DevOps tool for engineers programmed in Go for following (tailing), catting and grepping (including gzip and zstd decompression support) log files on many machines concurrently.
Guides & Tutorials π
MySQL Challenge: 100k Connections
This post explores a way to establish 100,000 connections to MySQL. Not just idle connections, but executing queries. 100,000 connections. It includes some kernel parameter tuning using sysctl, tweaks to the systemd unit file & MySQL configs.
systemd service sandboxing and security hardening 101
Systemd enable services to run with a whole suite of hardening and sandboxing features from the Linux kernel. Hereβs how to get a quick security review of the services running on your system and how to go about hardening their security.
How to Make a Raspberry Pi VPN Server
The Raspberry Pi has a ton of different uses. This post has step-by-step instructions on how to build a VPN (virtual private network) server on it.
Making Python Programs Blazingly Fast
An in-depth post on profiling python applications to find why and where they’re slow and optimize them.
Auto-restart a crashed service in systemd
Systemd allows you to configure a service so that it automatically restarts in case itβs crashed.
Deploy your side-projects at scale for basically nothing
This post gives a detailed description on how to run your code (in any language) on Google Cloud Run, keeping costs down and not having to worry about servers.
The difference between Bash’s $* and $@
In Bash, there are two closely related “special parameters” for accessing how the current script was invoked: $* and $@. For both variables, the behavior is affected by whether or not the variable is enclosed in double-quotes.
Running Commands on Multiple Linux Hosts Using PSSH
I’ve always loved pssh to easily execute commands across a variety of servers. This post shows you to use it.
Events π
SCALE 18x
- Date: March 5-8, 2020
- Venue: Pasadena Convention Center
SCaLE 18x is the 18th annual Southern California Linux Expo. SCaLE is the largest community-run open-source and free software conference in North America. It expects to host 120 exhibitors this year, along with over 200 sessions, tutorials and special events. From kernels to containers, beginner installs to advanced security, HAMs to clouds.
You can use code CRON for a 30% discount.
DevOpsDay LA
- Date: March 6, 2020
- Venue: Pasadena Convention Center
DevOpsDay LA is a technical conference covering topics of software development, IT infrastructure operations, and the intersection between them.
You can use code CRON for a 30% discount.