Ryan Barrett

The Great Supply Chain Security Paradox:

“every open source lib is getting owned! wait at least a week to patch, let other people find the supply chain breaches before you”

“AI is reversing all these patches, the window to exploit is down to just hours now, patch your shit immediately!”

… 🧐

(Credit to James Wilson and Brad Arkin. Threat intel feeds may be the answer, eg Sentinel One, Checkmarx, Socket, etc. Somehow we came full circle back around to antivirus!)

Uncategorized

Scott Werner: The Wizard With the Very Defensible Pond

There was once a wizard who lived beside a pond. It was a small pond. The sort of pond that probably gets called a “water feature” on a Zillow listing by a real estate agent who really knows their euphemisms…

Uncategorized

– Jessica Hagy, Indexed

Uncategorized

My Google account is heaven@gmail (long story), so I get a steady trickle of emails from people writing to God. Some of them are real winners.

Screenshot of an email

To: god, me
Subject: Arsenal

Dear God,

I know you got a lot of things to do but you need to stop what you are doing and help Arsenal beat West Ham. Pretty please 🙏

Regards
Your Best Human

Uncategorized

sometimes right, always confident

Uncategorized

Consider the world’s simplest database:

#!/bin/bash

db_set () {
  echo "$1,$2" >> database
}

db_get () {
  grep "^$1," database | sed -e "s/^$1,//" | tail -n 1
}

– Designing Data-Intensive Applications, 2nd edition, Martin Kleppmann and Chris Riccomini

Uncategorized

I’ve been a daily coffee drinker for decades, and I’m taking a break for a month right now. No real reason, just trying it.

Halfway through, not much to report. One mild headache early on. No noticeable difference in energy. (I’m pretty insensitive to caffeine.)

I definitely still miss it though!

Uncategorized

Fixed time, variable scope

Just like content development in any other medium, software development reduces to the elimination of entropy. Unlike other media, however, there is very little else to count. The problem is that you and/or your team can only eliminate a fixed-ish number of bits of entropy per unit time, and at the outset you don’t know how many bits there are in the problem to eliminate. So you say we’re gonna work this much, and whatever comes out the other end of that process is whatever you get. In the current theory, and sometimes in practice, this is how sprints are supposed to work, and the material that doesn’t fit is accumulated into some backlog or other.

– Dorian Taylor, Agile as Trauma

Uncategorized

A few challenge coins: Long Now, Google NetOps, and our family LLC.

Uncategorized

Ellis Island stories

Line art map of the world with the text: "keep ancient lands, your storied pomp! Cries she with silent lips. Give me your tired, your poor, your huddled masses yearning to breathe free..." The New Colossus by Emma Lazarus, 1883

We Came From Africa on ships too. But NOT by Choice. We are here too. Let's make the very most of it. We Are Here. KY