Hi everyone! 👋
Welcome to cron.weekly issue #157.
Hope you’re all having a solid week! I’m not, if I’m totally honest, and as a result I’m going to take a bit of break with the weekly newsletter. This’ll be the last one for a while, so I can recharge.
The reasons, looking back, are exactly the same as the break I needed 2 years ago.
Since I won’t be speaking writing to you for some time, I’d like to request a favor: if you’re ever on the lookout for website monitoring and your immediate reaction is “pingdom” or “uptimerobot”, give Oh Dear a try. That’s what Freek & I are building. We might surprise you with the feature set!
Check our blog next week for some Black Friday specials, too. We’ve got a pretty cool idea lined up, and this time we’re not doubling our prices because we’re twice as valuable. 😉
But let’s go out with a bang! Lots of good stuff to share here again, grab that ☕️ and enjoy!
News & general 🗞
The Internet Archive is now preserving Flash games and animations
And what’s pretty cool about this, is that they’re using a Rust-based open-source Flash emulator called Ruffle.
Leap second hiatus
There likely won’t be a new leap-second for a few years, and this post goes into depth to explain why. But this conclusion stands out to me:
[…] in theory mean we might need a negative leap second. There has never been a negative leap second, and if there is one, everyone who deals with NTP or kernel timekeeping code expects that it will be an appalling shitshow.
I’ve seen plenty of applications crash/hang with a forward leap second, a negative one will probably be - as the other so eloquently puts it - a complete and utter shitshow.
Linux Core Scheduling Patches So Only Trusted Tasks Share A Core
Core Scheduling has been a popular topic since vulnerabilities like MDS and L1TF have come to light. Core Scheduling aims to make Hyper Threading safer and by only letting trusted tasks share a CPU core is a reasonable safeguard for still leaving Hyper Threading active on servers rather than disabling it in the name of security.
This makes a good deal of sense, actually. Fingers crossed this A) works as intended and B) can make its way to the mainline kernel.
Forensic Architecture
This animation blew my mind: this is a complete simulation of the horrible Beirut explosion, based entirely on social media images/videos to reconstruct the entire event. This kind of “open source intelligence” (OSINT) was previously a thing that you’d need to be the NSA/FBI for to use, but with today’s technology & tooling, it’s available to so many more people.
All the models and data used in this analysis is open-sourced on Github.
Chrome to introduce more aggressive Tab Throttling
The latest Chrome release will get much faster startup/battery life, but it does so by more aggressively throttling background tabs. It massively helps in saving CPU cycles, but this may have consequences for web developers.
Non-focussed tabs (aka: sleeping/inactive tabs in your browser) will now only wake up once every minute, to run their JavaScript timers. Anything more frequent than that will - I guess - just not run? Skip the loop? Print a console message? Who knows. This may impact quite a few of us.
Firefox 83 introduces HTTPS-Only Mode
Meanwhile, the other important browser has introduced a cool new feature: HTTPS-Only does as the name implies, and it’ll fire a prompt/confirmation before being taken to a non-HTTPS version of a website. Instant activation for me!
Git is simply too hard
This post makes some excellent observations about the distributed nature of git and why a question like “how can I delete this branch?" is so much more complicated under the hood than it sounds.
Standing up for developers: youtube-dl is back
Github/Microsoft are taking a stand for developers and have reinstated the youtube-dl repo.
Section 1201 of the DMCA is broken and needs to be fixed. Developers should have the freedom to tinker. That’s how you get great tools like youtube-dl.
Thanks to work being done by the EFF, there’s now a good chance of fighting back against some of the more questionable sections of the DMCA.
No, “Open Source” does not mean “Includes Free Support”
Free as in freedom, not free as a in free beer.
I guess this post resonates with many open-source developers. Reminds me of Marak’s plea to start getting paid for your work.
Tools & Projects 🛠
Dev Fonts
A set of free fonts with a focus on readability in code, it gives you a very quick preview so you can easily see what style of font you like.
Smallstep - Single Sign On SSH. Zero key mgmt
Smallstep SSH delivers an end-to-end workflow that marries modern identity providers with short-lived SSH certificates. Eliminate TOFU warnings and drop complex key approval & distribution processes. Extend single sign-on to SSH and make SSH keys ephemeral.
Give it a try, it’s free. Sponsored
Electron 11
Electron 11.0.0 has been released! It includes upgrades to Chromium 87, V8 8.7, and Node.js 12.18.3 with added support for Apple silicon, and general improvements.
Tailwind CSS v2.0
This is the CSS framework that allows me, as a sysadmin/dev, to design things that actually look good! The new major version adds support for new @apply rules, plenty of new colors, dark mode, typography improvements & such more. Look forward to playing with this one!
Cutter
Cutter is a free and open-source Reverse Engineering (RE) platform powered by radare2.
Kubernetes security ebook - tips & tricks
Download this ebook, from StackRox, to learn how to (1) build secure images and prevent untrusted/vulnerable code, (2) configure K8s RBAC, network policies, and runtime privileges, (3) detect unauthorized runtime activity, and (4) secure your K8s control plane and node components such as the API server.
You can download this ebook now! Sponsored
Screenity
Screenity is a feature-packed screen and camera recorder for Chrome. Annotate your screen to give feedback, emphasize your clicks, edit your recording, and much more.
upptime
I may have ulterior motives when it comes to uptime monitoring tools, but this is actually quite brilliant: upptime uses Github Actions to monitor a site and generate live status pages for them! Seriously, impressive.
FioSynth
FioSynth is a benchmark tool used to automate the execution of storage workload suites and to parse results. It contains a base set of block level storage workloads, synthesized from production I/O traces, that simulate a diverse range of production services.
binenv
binenv will help you download, install and manage the binaries programs (a.k.a. distributions) you need in you everyday DevOps life (e.g. kubectl, helm, …).
Guides & Tutorials 🎓
Transitioning from Docker to Podman
Podman is an alternative to Docker containers when you need increased security, unique identifier (UID) separation using namespaces, and integration with systemd.
I love the first step in the guide:
$ alias docker=podman
Full CLI compatibility sure helps. :-)
Even faster bash startup
This post shares a lot of good tricks for getting a faster Bash execution/startup, including some nifty benchmarking ways I didn’t know about yet.
An Introduction to ZFS A Place to Start
A very user-friendly guide on using ZFS, with clear examples/analogies to explain concepts like RAID, pools, virtual devices, …
Chaos Engineering tools comparison
This post contains a good overview of some of the most popular open source Chaos Engineering tools available in the community.
Overview of real-world container usage
A massive report from DataDog on container usage, based on billions of metrics. Kubernetes is the obvious winner, with most containers being run through some kind of orchestration tooling.
psql command line tutorial and cheat sheet
This post contains all of the basics you’ll need to use the psql CLI tool. A very good starting guide if you’re new to PostgreSQL administration!