OpenBSD aims to be a secure operating system. In the past few months there were quite a few security errata, however. That’s not too unusual, but some of the recent ones were a bit special. One might even say bad. The OpenBSD approach to security has a few aspects, two of which might be avoiding errors and minimizing the risk of mistakes. Other people have other ideas about how to build secure systems. I think it’s worth examining whether the OpenBSD approach works, or if this is evidence that it’s doomed to failure.

more...

I built a Ryzen system and setup an Epyc server. But something was missing. What could it be? Let’s build a new gaming PC to find out.

more...

Real World Crypto 2020 was last week. It’s a conference I like because the talks are usually pretty interesting. The crypto talks have real world applications and the real world application talks have crypto. Afterwards, there’s usually not just something to be learned, but something to be done. I didn’t actually attend every talk, but here’s some notes.

more...

I have an old server, but it’s about ten years old, and I’ve been a really good boy this year, so I demanded Santa replace it. Actually, I built a Ryzen desktop and it was kinda cool, so I figured I need an Epyc server to match. Just a question of which one and what to put in it. For background, the current server is an old ebay sourced 8x Xeon with 8GB RAM Dell. It’s actually pretty adequate, but OS upgrades require I put shoes on and walk across town to the data center. I’ve been thinking about a virtualized base to make that easier and faster.

more...

I had some code which did some repeated regexp.Replace operations. This is not the best way to do things, but it worked. It wasn’t noticeably slow, but just from inspection there’s some inefficiencies. It’s possible to speed to things up without rewriting it substantially, at some cost to clarity.

more...

I like my computers fast and light, and thus the preference for Thinkpad X1 models and the like. But recently I’ve been playing more with my Samsung ultrabook and it’s definitely a step back in the performance department. But then I thought, what if we get a really fast desktop and remote into it? The classic solving a problem by turning it into two problems.

more...

Four years ago I determined the Sony MDREX15LP were the best cheap earbuds. Since then I’ve gone through many pairs. I continued to use one pair after another (they don’t really wear out, usually I lose a pair somehow) with a lightning to headphone adapter, but that’s starting to fray after some hard living.

more...

Starting with go 1.13, the go.mod proxy server is enabled by default. Part of, or adjacent to, the proxy is also a checksum database. It caches things, and in particular it caches negative results, which may be surprising or frustrating. One option is to avoid it entirely, but should you use the proxy, it has some caveats.

more...

The Samsung ATIV Book 9 (note: no Plus) is a slightly older laptop from 2015, but I happened to find one on the cheap. In essence, it is the PC version of the 12 inch retina macbook. I thought it would make a good alternative travel laptop, but the usual selling price is a bit steep unless you find a good bargain. I did, so here I am and here it is.

more...

Every software project has a backlog of enhancement requests, unimplemented features. It may be explicitly tracked in a database, or perhaps just a sort of informal consensus among developers. Whether officially acknowledged or not, it exists.

more...