/ Recent content on Georg Pauer Hugo -- gohugo.io en-us Tue, 11 Mar 2025 00:00:00 +0000 /posts/calculator-app/ Tue, 11 Mar 2025 00:00:00 +0000 /posts/calculator-app/ While I had my fair experience with IEEE754 floating point arithmetic, I lack experience with exact calculation (aside some bignum). In theory one can calculate symbolic, but this is often resource intensive and an overkill. I liked Chad Nauseams calculator app write-up about Hans-J. Boehms approach for a calculator which is (numerical) correct and provides feedback if there is an exact or approximate result, most of the time. /posts/phishing-and-countermeasure/ Tue, 11 Mar 2025 00:00:00 +0000 /posts/phishing-and-countermeasure/ Watching the phishing and phishing panels talk of Karl Lovink shows a few interesting aspects: behaviour patterns are trained: If there is a process where a second verification is required (but will usually find nothing suspicious), then attention will suffer and “obvious” mistakes are passed on. Negotiating with Violent Criminal Groups (2021) provided me with a more holistic overview about the “why”. (For the “how” there is other literature.) Especial the different roles and how they interact with each other. /posts/learning-git-2/ Thu, 30 Jan 2025 00:00:00 +0000 /posts/learning-git-2/ As a follow up to resources for learning git : I totally missed, that oh my git has its own second level domain and a talk at FosDem 2021. For the more seasoned user Oh Shit, Git!?! lists some quite common mishaps. A bit similar to this for GoLang. /posts/on-reliability-of-services/ Sun, 19 Jan 2025 00:00:00 +0000 /posts/on-reliability-of-services/ In order to be able to handle certain SLO, the architecture needs to support this. I quite liked Addy Osmanis short write up about the Service Reliability Mathematics. Also the obvious highlight: reliability engineering requires observability. Don’t forget to check out Nyquist–Shannon. /posts/outdated-infrastructure-references/ Mon, 13 Jan 2025 00:00:00 +0000 /posts/outdated-infrastructure-references/ While a lot of internet infrastructure is build on HTTP, things change occasional even a 301 leads to an 404. If there is at least some DNS entry and a server answering. A few NXDOMAIN later this led me to the rabbit hole of systematic approaches about abandoned infrastructure. While domain sniping is so common there is even a Wikipedia entry and is (as far as I observed) often used to farm the traffic for advertisements. /posts/remote-desktop-to-linux/ Wed, 20 Nov 2024 00:00:00 +0000 /posts/remote-desktop-to-linux/ While connecting remotely to a Linux machine is not much of an issue in general, some notes from setups in the past: ssh obvious for CLI ✅ for X11 there is this nice stackexchange - but notice the dates! Also xpra for Wayland wprs via RDP (Remote Desktop Protocol) don’t forget to install xrdp on the machine you wish to login to (if X11) if you have an compatible network setup, you can use this even to access local VMs (👋 Hyper-V) (This post might be updated in the future. /posts/argocd-ingress-processing/ Thu, 14 Nov 2024 00:00:00 +0000 /posts/argocd-ingress-processing/ I usually enjoy ArgoCD and deployments via Helm charts. Just sometimes an unexpected behaviour pops up. In my case the ingress deployed via a helm run by ArgoCD were stuck in status progressing. Meanwhile the ingress where there, from k8s perspective (kubectl get ing was all fine). Ingress in progressing causes the ArgoCD application to stay in status progressing. This tends to mask other errors. Let’s deep dive into the issue… /posts/golang-common-mistakes/ Sat, 07 Sep 2024 00:00:00 +0000 /posts/golang-common-mistakes/ Thanks to Julia Evans post about Go features you might or might not be aware of, I found 100 Go Mistakes and How to Avoid Them. I am far from having them internalized all - but now I have another reference to check if my mental model an the reality of Golang match. /posts/minimal-perfect-hashing/ Thu, 05 Sep 2024 00:00:00 +0000 /posts/minimal-perfect-hashing/ As a follow up to probabilistic database lookup hashes: minimal perfect hashing from Vaibhav Sagar. /posts/k8s-stalk/ Wed, 14 Aug 2024 00:00:00 +0000 /posts/k8s-stalk/ Today I learned about stalk, a CLI tool to watch a set of Kubernetes resources. Was quite handy to figure out a race condition where two operators overwrote the same resource. (This should never have happened, but this is another story.) stalk GitHub link /posts/ab-testing-intro/ Sun, 11 Aug 2024 00:00:00 +0000 /posts/ab-testing-intro/ I quite liked the storytelling of A/B testing - An interactive look at Thompson sampling from everyday-data-science. Not sure how long this link will work. For reference: significance check multi-armed bandits Bernoulli distribution beta distribution Thompson sampling /posts/k8s-security-learning2/ Fri, 26 Jul 2024 00:00:00 +0000 /posts/k8s-security-learning2/ More resources to have fun with kubernetes from a security point of view and for learning: challenges If you had fun with the Damn Vulnerable Web Application (DVWA), there is something equivalent for Kubernetes from Madhu Akula: Kubernetes Goat. You can also deploy your own playground. K8S lan party seems also quite promising. (from Wiz) tooling offensive Peirates is a bit alike a (still lightweight) Metasploit (payload) for k8s. One “batteries included” binary. /posts/binary-fuse-filters/ Wed, 03 Jul 2024 00:00:00 +0000 /posts/binary-fuse-filters/ Assuming a database DB is slow to query for x. It reduces pressure on the DB if you can avoid a query. But how to know the DB will find nothing for x without a query to the database? Add a preprocessing step, to handle at least the majority of queries which will not get a match in the database. the oracle Aside from syntax and domain specific checks (don’t forget them! /posts/k8s-deleting-stuck-namespaces/ Tue, 25 Jun 2024 00:00:00 +0000 /posts/k8s-deleting-stuck-namespaces/ When you create and delete resources and according objects in a namespace in your kubernetes cluster, you might just want to delete your namespace after your tests: kubectl delete ns test stuck namespace When namespace deletion seems stuck in a Terminating status, check if there are any object left over in your namespace: kubectl get all -n test for CRD you need to check for each type: kubectl api-resources --verbs=list --namespaced -o name | xargs -n 1 kubectl get --show-kind --ignore-not-found -n <terminating-namespace> (I found this snipped and also hints for the API calls here) If all is clean, but the namespace is stuck in Terminating, check (kubectl get ns test -o yaml) for Finalizers. /posts/random-points-in-geometry/ Thu, 02 May 2024 00:00:00 +0000 /posts/random-points-in-geometry/ If you are into the computing about randomness and statistics, then Dr Martin Roberts blog extreme learning might be interesting. I was trying to improve the performance of a Monte Carlo method over a sphere. Since I didn’t want to correct for a uneven distribution: I did a small deep dive how to uniformly sample from (high-dimensional) spheres. Then I found the How to generate uniformly random points on n-spheres and in n-balls article and from there the blog. /posts/k8s-network-policies/ Sat, 27 Apr 2024 00:00:00 +0000 /posts/k8s-network-policies/ What a shame that I was writing my Kubernetes Network Policies mostly by hand until now. There is this handy graphic interactive editor available. To bad it doesn’t support reading a netpol as input. Sometimes a visualization helps debugging. Network policies won’t provide the visibility you can achieve with a mesh network (e.g. Istio/linkerd/Consul ) regarding attempted policy violations. But sometimes all you want is the separation. This provides it the easy way. /posts/ssh-usage-hints/ Sun, 10 Mar 2024 00:00:00 +0000 /posts/ssh-usage-hints/ After some ssh -fNT -L 6443:10.0.6.2:6443 bastion & again, it is probably time to refer to some SSH hints. Yes, everything is referenced in the man ssh page. But sometimes I am lazy, too. (And for now I blissfully ignore, that there are multiple ssh implementations and focus just on the using ssh part) ProxyJump is probably my most used ssh config for ssh (just after User and having a nice alias). /posts/tls-notes/ Sat, 09 Mar 2024 00:00:00 +0000 /posts/tls-notes/ Sometimes you need to debug a generated TLS certificate. I always forget CLI arguments, thus as a reminder for myself: Let’s create a dummy RSA certificate for testing with openssl, quick and dirty openssl genpkey -algorithm RSA -out privatekey.pem -pkeyopt rsa_keygen_bits:4096 create an RSA based key openssl req -new -key privatekey.pem -out certrequest.csr interactive generate the cert request. You can review it later with openssl req -text -noout -in certrequest.csr. /posts/being-glue/ Wed, 29 Nov 2023 00:00:00 +0000 /posts/being-glue/ being glue - how “non-tech” work is necessary in order to ship “tech” goals. Including quotable reference about certain dynamics you should at least be aware of and how to mitigate as one who is affected by them. /posts/posix-text-command/ Wed, 29 Nov 2023 00:00:00 +0000 /posts/posix-text-command/ Have you ever wondered, how evaluation of statements work in the shell? I found the test bracket article from Julio Merino. It provides a nice overview about the [ and test POSIX command and the shell extension (as [[ for bash). /posts/data-visualization-pitchfalls/ Mon, 20 Nov 2023 00:00:00 +0000 /posts/data-visualization-pitchfalls/ I quite liked the “opinionated essay about good and bad practices in data visualization” friends don’t let friends from Chenxin Li. UX for data communication. /posts/digital-logic/ Sun, 19 Nov 2023 00:00:00 +0000 /posts/digital-logic/ If you want to refresh your electronics and technical informatics knowledge, the Digital Logic Notes might be interesting. The basics you should be aware of, before touching Verilog for your toy project. /posts/signal-expenses-2023/ Sun, 19 Nov 2023 00:00:00 +0000 /posts/signal-expenses-2023/ From time to time I like to run the numbers. Getting a feeling how expensive it is to provide some infrastructure. The Privacy is Priceless, but Signal is Expensive blog post provides quite some details. Probably easier to get the semantics than from just the balance sheet. Bonus: the linked Twilio documentation about fraud by SMS pumping /posts/aspell-and-markdown/ Wed, 01 Nov 2023 00:00:00 +0000 /posts/aspell-and-markdown/ I mistype all the time. So it was time to catch at least the most obvious ones with aspell. (I know it is apparently no longer under active development, unlike hunspell. But it worked better with my typos. My test corpus was this blog as of today.) For this blog (written in markdown) it was the one liner for i in $(ls *.md); do aspell check --mode=markdown --lang=en $i ; done /posts/emoji-and-grapheme-clusters/ Tue, 31 Oct 2023 00:00:00 +0000 /posts/emoji-and-grapheme-clusters/ Niki wrote Emoji under the hood, where he explains how emoji work. the intro to Unicode and the encoding UTF-8 / UTF-16. how representation works for emoji fonts when glyphs are bitmaps and not vector shapes the unexpected results of font fallbacks the VARIATION SELECTOR-16 U+FE0F to point for the right font when a codepoint is implemented in multiple fonts that you should never ever try to string split grapheme clusters same holds for U+200D, the ZERO-WIDTH JOINER (ZWJ) which is used to compose emoji flags are two-letter ligatures Or: you should always use the ICU library for string operations. /posts/layerform-dev/ Tue, 31 Oct 2023 00:00:00 +0000 /posts/layerform-dev/ For writing infrastructure as code, Terraform is a quite useful tool. Especially if you want to abstract different providers and orchestrate. But what if you want to create stages on demand? All while still operating in GitOps mode. layerform (currently under GPLv3) is a tool, which aims to allow each engineer to provision their own “staging” environment. Adding layers in the .tfstate of Terraform, a bit alike handling state files as layers of an OCI image and being able to do branching. /posts/platform-engineering-liz-gotocph/ Tue, 31 Oct 2023 00:00:00 +0000 /posts/platform-engineering-liz-gotocph/ I just went through Liz Fong-Jones’s (@lizthegrey) slides about Modern Platform Engineering from goto Copenhagen. She is naming nine patterns of generative teams reproducible deploys - if it’s not in git, it isn’t base images + tooling + gitOps fast CI/CD measure your pipeline + divide and conquer observability - socio-technical ability expect unexpected failure modes make it easy to form hypotheses and validate them on any stage include your known issues using feature flagging - controlling the blast radius Do you really want to roll your own crypto flagging system? /posts/embedded-bare-git-repositories/ Sun, 29 Oct 2023 00:00:00 +0000 /posts/embedded-bare-git-repositories/ Have you ever wondered, why your IDE asks you, if you “trust” the code you checked out via git? While the risks of embedded bare repositories is well described (more details here), I suspect that it will stay exploitable for quite some time. There is an opt-in mitigation in setting safe.bareRepository to explicit with git 2.38.0. Also a proof of concept is available. Just don’t forget the even more obvious risk with . /posts/donut-in-c/ Sat, 28 Oct 2023 00:00:00 +0000 /posts/donut-in-c/ Andy Sloane has written a nice explanation how to write the donut.c without the math library. In short he does it by using a fixed rotation matrix for each iteration step with normalization between. i,j,k,x,y,o,N; main(){float z[1760],a #define R(t,x,y) f=x;x-=t*y\ ;y+=t*f;f=(3-x*x-y*y)/2;x*=f;y*=f; =0,e=1,c=1,d=0,f,g,h,G,H,A,t,D;char b[1760];for(;;){memset(b,32,1760);g=0, h=1;memset(z,0,7040);for(j=0;j<90;j++){ G=0,H=1;for(i=0;i<314;i++){A=h+2,D=1/(G* A*a+g*e+5);t=G*A *e-g*a;x=40+30*D *(H*A*d-t*c);y= 12+15*D*(H*A*c+ t*d);o=x+80*y;N =8*((g*a-G*h*e) *d-G*h*a-g*e-H*h *c);if(22>y&&y> 0&&x>0&&80>x&&D>z[o]){z[o]=D;b[o]=(N>0 ?N:0)[".,-~:;=!*#$@"];}R(.02,H,G);}R( .07,h,g);}for(k=0;1761>k;k++)putchar (k%80?b[k]:10);R(.04,e,a);R(.02,d, c);usleep(15000);printf('\n'+( " donut.c! \x1b[23A"));}} /*no math lib needed .@a1k0n 2021.*/ I strongly suggest to also check out the original donut. /posts/introduction-to-golang/ Thu, 19 Oct 2023 00:00:00 +0000 /posts/introduction-to-golang/ I collected a few resources I would have enjoyed when starting with go. So just another curated list of GoLang 101: the Go Tour by Manfred Dreese and Andreas Grohmann they reference the official Tour of Go quite some times the play with go series the official GoLang learning journeys if you have some coding experience: Go by example helped me a lot to get of the ground. This was my point of entry. /posts/cache-strategy-from-http-to-db/ Wed, 11 Oct 2023 00:00:00 +0000 /posts/cache-strategy-from-http-to-db/ found some more articles on caching: reducing the network load for HTTP by caching without ever shipping deprecated data The Cache Headers Could Probably be More Aggressive article points out, why for many general use cases, the Cache-Control header with public, max-age=0, must-revalidate are a reasonable choice: after the initial transmission, a 304 in HTTP is much smaller than a 200 response still it ensures, that the client is always served the latest content But if the asset is immutable anyway (think of a JavaScript library of a certain version), then max-age=0 → max-age=31560000 (1 year) and must-revalidate → immutable is more reasonable and saves HTTP requests which would return 304 anyway. /posts/cloud-native-software-engineering/ Fri, 11 Aug 2023 00:00:00 +0000 /posts/cloud-native-software-engineering/ The Cloud Native Software Engineering paper provides a good 101 overview over the current state of the art. Also quite a bit history and is covering important topics alike automation & IaC observability dynamic scaling the fine balance between cost, availability and performance edge computing … A good 9 pages read and nice references. /posts/thread-modeling-101-german/ Thu, 10 Aug 2023 00:00:00 +0000 /posts/thread-modeling-101-german/ I really like the Threat Modeling 101 – Wie fange ich eigentlich an? blogpost from Kevin Peters at CodeCentric for a nice, still high level overview: following the OWASP thread modeling four question framework: What are we working on? What can go wrong? What are we going to do about it? Did we do a good job? OWASP Threat Dragon as modelling tool including data flow, data transforming processes and external services with the different focus asset orientated - what do we even want to protect? /posts/observability-cloudland-2023/ Wed, 09 Aug 2023 00:00:00 +0000 /posts/observability-cloudland-2023/ Cloudland this year was quite some time ago, but better late then never: Michael Friedrich spoke about Observability for Efficient DevSecOps Pipelines. While there is (obviously) some GitLab promotion, some issues to me seem common with other pipelines: slow pipelines unnecessary blocking/sequentiality missing cache for common transferred static data container registry, blobs, external artefacts observability principles need to be applied to CI/CD pipelines, too. telemetry! Don’t try to do everything in one step. /posts/iger2023/ Fri, 21 Jul 2023 00:00:00 +0000 /posts/iger2023/ The IGER is running 🎉 quite some art 😊 inspiring “how to data fusion” discussion at the hackcenter presented Schlanke OCI Container (GER) (recording) and a lightning-talk about Marp WOC 💛 forging!! also: visiting this heritage site update: the Hands-Free Coding in 2023 talk was very good. /posts/crdt/ Wed, 05 Jul 2023 00:00:00 +0000 /posts/crdt/ Conflict-free Replicated Data Type (CRDT) - a data structure for distributed data storage systems and multi-user applications with consistency (not necessary respecting global constrains). Might be useful for distributed and (partial) offline workloads /posts/voronoi-diagram/ Tue, 27 Jun 2023 00:00:00 +0000 /posts/voronoi-diagram/ voronoi diagrams and sweep line algorithms can be quite useful for some graph problems /posts/wireguard/ Mon, 19 Jun 2023 00:00:00 +0000 /posts/wireguard/ WireGuard talk and Noise Protocoll Framework /posts/gpn21/ Thu, 15 Jun 2023 00:00:00 +0000 /posts/gpn21/ recordings from GPN21 are online. (Already enjoyed From 0 to Kubernetes, Modern Observability .. LGTM Stack, buffer overflow, Seitenkanalanalyse der SHAKE-Funktion in CRYSTALS-Dilithium, mit Mathematik API übernehmen - more to follow 😀 ) O-Auth intro /posts/crypto-near-miss/ Tue, 16 May 2023 00:00:00 +0000 /posts/crypto-near-miss/ A write up/post-mortem: “A Cryptographic Near Miss” about a vulnerability in Go crypto/elliptic /posts/multimodal-neurons/ Wed, 03 May 2023 00:00:00 +0000 /posts/multimodal-neurons/ from OpenAI: Multimodal Neurons in Artificial Neural Networks /posts/programming-playground/ Mon, 24 Apr 2023 00:00:00 +0000 /posts/programming-playground/ If you want to get your hands on a new programming language, maybe look at this list for a quick start playground /posts/loadbalancing-visual/ Wed, 19 Apr 2023 00:00:00 +0000 /posts/loadbalancing-visual/ nice visualization of load balancing /posts/calculus-exercice/ Mon, 17 Apr 2023 00:00:00 +0000 /posts/calculus-exercice/ $$\int_0^{2000} e^{x/2 - ⌊x/2⌋} , dx$$ 🙂 From this blog - probably everyone should pick one of the IMO problems from time to time /posts/ebpf-intro/ Mon, 17 Apr 2023 00:00:00 +0000 /posts/ebpf-intro/ In order to get on track with eBPF maybe check out the book by Liz Rice. /posts/clustering-heuristic-k-mean/ Thu, 06 Apr 2023 00:00:00 +0000 /posts/clustering-heuristic-k-mean/ heuristic k-Medoids Clustering (arbitrary distance function): BanditPAM (paper) /posts/haskell-rust-binding/ Wed, 05 Apr 2023 00:00:00 +0000 /posts/haskell-rust-binding/ binding Haskell to Rust and vice versa: learn by example /posts/awk-technotes/ Thu, 30 Mar 2023 00:00:00 +0000 /posts/awk-technotes/ interesting write up, why awk behaves in certain ways and how this is related to syntax and GB /posts/style-extraction-prevention/ Mon, 20 Mar 2023 00:00:00 +0000 /posts/style-extraction-prevention/ AI vs AI: Glaze as a tool to prevent style extraction from images. Now we have $technology trying to prevent usage of data by $technology. Anyway curious, if it is a good additional discriminator, too. update: after a skim of the preprint of the paper: probably not so much /posts/regexp-parsing/ Mon, 06 Mar 2023 00:00:00 +0000 /posts/regexp-parsing/ How to parse RegEx in an efficient way: Appendix: About Regular Expression Backtracking (appendix to a post-mortem for cascading errors ins filters of Cloudflare DNS) /posts/spell-correcting/ Wed, 01 Mar 2023 00:00:00 +0000 /posts/spell-correcting/ how to write a (surprising efficient) spell-corrector /posts/lpi-devops-certification/ Mon, 27 Feb 2023 00:00:00 +0000 /posts/lpi-devops-certification/ official linked preparation for the LPI DevOps Tools Engineer Certification, covering software engineering, machine deployment, container & configuration management and service operations /posts/llm-chatgpt-wolfram-alpha/ Tue, 21 Feb 2023 00:00:00 +0000 /posts/llm-chatgpt-wolfram-alpha/ Wolfram Alpha Blog about ChatGPT /posts/fosdem2023/ Fri, 10 Feb 2023 00:00:00 +0000 /posts/fosdem2023/ FOSDEM 2023 recordings are out ✨ 📺 /about/about/ Sat, 28 Jan 2023 03:36:45 +0100 /about/about/ Hi, here is Georg studied math. enjoys big stages. technology magic by trade. predominantly IT stuff, always curious parallelisation distributed systems platform engineering algorithmic proofs high performance computing fun with graphs communication bound algorithms real-time constraints GPU, mostly CUDA embedded devices quite some POSIX to much yaml ERP and CRM as SaaS plattform functional programming reverse engineering data analytics and verification OWASP all the time some pentest stuff sensor fusion photochemistry … 😃 contact: 8633 AB43 7B3D 7605 ECFD B054 D53C 870B F096 3C7F 1 /disclaimer/disclaimer/ Sat, 28 Jan 2023 03:36:45 +0100 /disclaimer/disclaimer/ content This website is created with care and the hope to provide some usefull information. Be aware, that mistakes happen. Some information might be outdated, incomplete or even wrong. Think and evaluate yourself. links Here are some links to other parts of the web and whatever is there might become anything without notice. No guarantee for anything - corrections are still very welcome. /posts/migration-to-hugo/ Sat, 28 Jan 2023 00:00:00 +0000 /posts/migration-to-hugo/ infrastructure I migrated from my old buggy handcrafted static site generator to hugo. content There will be some content… ~~later ~~ /posts/mainless-cpp/ Tue, 24 Jan 2023 00:00:00 +0000 /posts/mainless-cpp/ in case you like to work with C++ from time to time: mainless from rachelbythebay. /posts/bangbangcon/ Thu, 19 Jan 2023 00:00:00 +0000 /posts/bangbangcon/ From !!Con: All recordings as a big stream (containing e.g. La-la-Lambda calculus, code readability and stenography with python in audio ) /posts/learning-git/ Mon, 09 Jan 2023 00:00:00 +0000 /posts/learning-git/ When someone wants to play a bit more with git: learngitbranching. If you afterwards want to rewrite history, watch the lets fck up history talk. update I found the beautiful Oh my Git from bleeptrack and blinry, where you can try all that (low level) git operations in a Linux VM in your browser. /posts/text2speech/ Mon, 09 Jan 2023 00:00:00 +0000 /posts/text2speech/ If you lost your voice but still can type, give pyttsx3 a try. /posts/devops-roadmap/ Wed, 30 Nov 2022 00:00:00 +0000 /posts/devops-roadmap/ self paced learning progress hints: DevOps roadmap (also available in flavor of multiple front- & backend topics - check the roadmaps & guides!) /posts/k8s-security-learning/ Fri, 04 Nov 2022 00:00:00 +0000 /posts/k8s-security-learning/ on hackingkubernetes you can get the first half of the ORlly book “Hacking Kubernetes”, so the pod & runtime specific part, as well as supply chain related: controlplaneio/simulator - simulator setup for creating environments, where you can try attacking and debugging k8s (a bit AWS specific) /posts/yubikey/ Mon, 19 Sep 2022 00:00:00 +0000 /posts/yubikey/ hints for ssh & yubikey /posts/writing-network-services/ Fri, 09 Sep 2022 00:00:00 +0000 /posts/writing-network-services/ fun writing network services /posts/froscon2022-pullrequests/ Tue, 30 Aug 2022 00:00:00 +0000 /posts/froscon2022-pullrequests/ FrosCon2022: How to work with Pull Requests (German) /posts/cache-aware-computing/ Fri, 22 Jul 2022 00:00:00 +0000 /posts/cache-aware-computing/ Cache-Oblivious Algorithms and Data Structures (Erik D. Demaine) /posts/quantum-computing-introduction/ Wed, 29 Jun 2022 00:00:00 +0000 /posts/quantum-computing-introduction/ Introduction to quantum computing (based on course notes) /posts/gpn20-alerting/ Mon, 30 May 2022 00:00:00 +0000 /posts/gpn20-alerting/ from GPN20: Understanding Alerting - How to come up with a good enough alerting strategy - esp. for the post mortem discussion in the Q&A /posts/selinuxgame/ Wed, 27 Apr 2022 00:00:00 +0000 /posts/selinuxgame/ SELinuxGame might be worth some time (e.g. CTF preparation) /posts/sorting-algorithms-quicksort/ Thu, 21 Apr 2022 00:00:00 +0000 /posts/sorting-algorithms-quicksort/ Sorting algorithms are still an interesting topic with new developments - Pattern-defeating Quicksort /posts/evil-compiler/ Tue, 19 Apr 2022 00:00:00 +0000 /posts/evil-compiler/ In 1984 was a nice idea at turing award acceptance speech how an evil compiler can do a supply chain attack. Here is a proof of concept /posts/master-git-on-cli/ Tue, 19 Apr 2022 00:00:00 +0000 /posts/master-git-on-cli/ Five reasons to master git on the CLI /posts/bash-pipe-failures/ Wed, 13 Apr 2022 00:00:00 +0000 /posts/bash-pipe-failures/ Bash Pipes and how failures do (not) cascade: rachelbythebay - and remember set -o pipefail (and of cause -eu, too). But be aware, that this is not bullet prove. /posts/escaping-containers-with-cve-2022-0492/ Tue, 08 Mar 2022 00:00:00 +0000 /posts/escaping-containers-with-cve-2022-0492/ Escaping privileged containers for fun with CVE-2022-0492 /posts/cache-and-what-to-know-about-them/ Mon, 21 Feb 2022 00:00:00 +0000 /posts/cache-and-what-to-know-about-them/ a quite useful list of what can go wrong with caches, migrations and lessons learned by danluu - and why it is important for components form systems of scale to handle backpressure correct. A more easy to read alternative with focus on queues /posts/terraform-and-side-effects/ Thu, 17 Feb 2022 00:00:00 +0000 /posts/terraform-and-side-effects/ unexpected side effects are explained at HashiTalks2022 at the talk “Engineering the Ability to Destroy Non-Production with Terraform” and how to handle them with Gitflow and GitOps (recording will be released soon (tm)) /posts/average-of-integers/ Tue, 08 Feb 2022 00:00:00 +0000 /posts/average-of-integers/ On finding the average of two unsigned integers without overflow on Microsoft DevBlogs Update: “Endlich Bug-Frei mit formaler Verifikation” talk at Chemnitzer Linux Tage 2022 /posts/fosdem2022/ Mon, 07 Feb 2022 00:00:00 +0000 /posts/fosdem2022/ artifacts from FosDem: Software Engineering at Google (not: programming, system design) design pattern for container-based distributed systems /posts/systemd-by-example/ Wed, 26 Jan 2022 00:00:00 +0000 /posts/systemd-by-example/ Systemd by example /posts/jsoniq/ Thu, 20 Jan 2022 00:00:00 +0000 /posts/jsoniq/ interesting json tooling: jsoniq.org /posts/shell-dotfiles/ Thu, 20 Jan 2022 00:00:00 +0000 /posts/shell-dotfiles/ which parameters in which dotfile? /posts/rc3-nowhere-suggestions/ Sun, 09 Jan 2022 00:00:00 +0000 /posts/rc3-nowhere-suggestions/ from rC3 nowhere: Kubernetes security (more recordings at media.ccc.de: algebra in “Math for Hackers”, some more security relevant stuff, social, infrastructure and so much more) /posts/performance-monitoring/ Thu, 16 Dec 2021 00:00:00 +0000 /posts/performance-monitoring/ pitfalls in performance monitoring (with plots!) /posts/explainshell/ Fri, 10 Dec 2021 00:00:00 +0000 /posts/explainshell/ nice tool: explainshell.com 👍 /posts/packagingcon/ Thu, 25 Nov 2021 00:00:00 +0000 /posts/packagingcon/ PackagingCon videos are released 🎉 - my suggestions are How Helm, The Package Manager For Kubernetes, Works and An Invitation to Order-Theoretic Models of Package Dependencies /posts/ocaml-real-world/ Mon, 08 Nov 2021 00:00:00 +0000 /posts/ocaml-real-world/ The second edition of Real World OCaml will be released soon. (online version) /posts/code-injection-by-unicode-formating/ Mon, 01 Nov 2021 00:00:00 +0000 /posts/code-injection-by-unicode-formating/ code injection by unicode formating: paper and short web version /posts/arm-only-buffer-overflows/ Tue, 26 Oct 2021 00:00:00 +0000 /posts/arm-only-buffer-overflows/ ARM only BufferOverflows + exploit write up /posts/functional-basics/ Thu, 21 Oct 2021 00:00:00 +0000 /posts/functional-basics/ functors, applicatives and monades described in pictures. As follow up: writer, reader & state monade as pictures /posts/hpc101/ Wed, 13 Oct 2021 00:00:00 +0000 /posts/hpc101/ University of Texas: HighPerformanceComputing 101 /posts/how-to-bash-script/ Tue, 05 Oct 2021 00:00:00 +0000 /posts/how-to-bash-script/ From the OSAD (Open Source Automation Days): how to script bash in 2021 (error checking, speedup, data types, fake namespaces,..) /posts/serialization-of-algebraic-types/ Fri, 30 Jul 2021 00:00:00 +0000 /posts/serialization-of-algebraic-types/ tooling for serialization of algebraic data types - useful for algorithmic proves with category theory (apparently a bit inactive) related: talk about categorical semantics for bounded petri nets from the Applied Category Theory conference /posts/writeup-from-stolen-laptop-to-inside-the-company-network/ Thu, 29 Jul 2021 00:00:00 +0000 /posts/writeup-from-stolen-laptop-to-inside-the-company-network/ Why ISMS is worried about hardware theft: from stolen laptop to inside the company network. /posts/karlsruher-entwicklertag-2021/ Fri, 02 Jul 2021 00:00:00 +0000 /posts/karlsruher-entwicklertag-2021/ Playlist from Karlsruher Entwicklertag ‘21 (Java, Python, DB, distributed Systems, test frameworks, Quanten, PM, business value) /posts/distributed-systems-reading-list/ Wed, 23 Jun 2021 00:00:00 +0000 /posts/distributed-systems-reading-list/ A distributed systems reading list (scaling, consistency, latency, p2p, consensus,…) /posts/memory-leak-with-c++-runtime/ Wed, 23 Jun 2021 00:00:00 +0000 /posts/memory-leak-with-c++-runtime/ A nice example how to memory leak with the C++ runtime. /posts/homomorpic-encryption/ Wed, 16 Jun 2021 00:00:00 +0000 /posts/homomorpic-encryption/ Google has some source code for homomorphic encryption (an FEH compiler for C++). /posts/cli-secrets/ Mon, 14 Jun 2021 00:00:00 +0000 /posts/cli-secrets/ Watch out to not accidental leak credentials in the shell/bash. /posts/kubeinvaders/ Mon, 07 Jun 2021 00:00:00 +0000 /posts/kubeinvaders/ for everyone who want´s to play around with k8s, chaos engineering in a gamified way /posts/large-scale-systemdesign-primer/ Fri, 04 Jun 2021 00:00:00 +0000 /posts/large-scale-systemdesign-primer/ for the weekend: large scale systemdesign 🙂 /posts/implicit-differenciation101/ Thu, 03 Jun 2021 00:00:00 +0000 /posts/implicit-differenciation101/ implicit differenciation, without checking if it is differentiable link /posts/dynamic-side-effect-free-programming/ Wed, 19 May 2021 00:00:00 +0000 /posts/dynamic-side-effect-free-programming/ For who is interested in a refresher for dynamic, side effect free programming for the example of Fibonacci numbers: matrix product optimizing for special structures. separate integer powers in 2 to the power of n. combined! /talks/talks/ Mon, 01 Jan 0001 00:00:00 +0000 /talks/talks/ date topic where misc 2022/05/18 Secrets in der CLI MD-DevDays 2022 how common mistakes make the shell leak secrets 2023/05/09 schlanke Container - Genau was wir brauchen, nur bitte nicht mehr MD-DevDays 2023 (was more “how to” than the IGER talk) 2023/07/21 Schlanke OCI Container IGER 2023 (recording) 2023/09/03 Lessons learned: Sicherheit in die Breite tragen MRMCD 2023 2023/10/23 Ein Jahr Konferenz Chaos Netz39 2024/03/17 How to Slides CLT 2024 short WYSIWYM with Pandoc, LaTeX, Marp, Revealjs, Typst and HedgeDoc 2024/03/30 Wir bauen unsere eigene Cloud mit OpenStack easterhegg 2024 2024/05/15 Big Data Pipelines - und was bei ihrer Migration kaputt gehen kann MD-DevDays 2024 2024/10/04 Kubernetes ohne Internet MRMCD 2024 recording 2025/04/18 Nestbau mit TalOS k8s 🐇 - Kann ja nicht so schwer sein, ein bisschen Kubernetes, Ceph & Co EH22 recording of the easter themed k8s talk 2025/05/14 policy as code - Was es gibt und warum du es (nicht) willst MD-DevDays 2025 Ein Überblick in Policy as Code mit einem Schwerpunkt auf Kubernetes.