Technology Short Take 156
Published on 24 Jun 2022 · Filed in Information · 833 words (estimated 4 minutes to read)Welcome to Technology Short Take #156! It’s been about a month since the last Technology Short Take, and in that time I’ve been gathering links that I wanted to share with my readers. (I still have quite the backlog of links to read!) Hopefully something I share here will prove useful to someone. Enjoy the links below, and enjoy your weekend!
Networking
- I’d never heard of Pipy before seeing it in this article, but it look like it could be quite useful for a number of use cases.
- William Morgan, one of the creators of Linkerd, has a lengthy treatise on eBPF, sidecars, and the future of the service mesh. As a (relative) layperson—meaning I’m not an eBPF expert—I don’t know if I should believe the eBPF cheerleaders (some of whom I know personally and are familiar with their technical expertise) or folks like William who have clearly “been there, done that” with service mesh. I certainly think there’s a place for eBPF in service meshes, but I’m not yet on board with sidecar-less service meshes (or per-node proxy models).
Security
- BPFDoor, as it is known, is a passive backdoor that allows threat actors to remotely connect to a Linux shell. Check out this write-up. Yikes!
- Think PDF files are safe? Think again.
- Tetragon is Isovalent’s newly open-sourced security framework. Read more about it on the Isovalent blog.
- 9to5Mac outlines some details on the so-called PACMAN attack against Apple’s M1 chips. I think the headline (“defeats ’the last line of security’”) is a bit sensationalist, but I guess that’s the world we live in.
- What I’ve seen of the new Hertzbleed attack, on the other hand, perhaps isn’t sensationalist enough. Ugh.
- Tzah Pahima shares additional details on the so-called Azure “SynLapse” security vulnerability.
- Akamai has a post describing Panchan (in their words, “a peer-to-peer botnet and SSH worm”).
Cloud Computing/Cloud Management
- Rob Salmond has a good article on Prometheus service discovery, Istio, and mTLS.
- Scott Rosenberg has a piece on how to learn Tanzu. He didn’t mention me in his section on Cluster API, but I’ve been known to write a thing or two about Cluster API (insert smiley emoji here).
- If you’re interested in what’s happening in the Knative space, you may find this site (that I recently discovered) useful.
- I also recently discovered Anaïs Urlichs’ weekly-but-not-so-weekly Seven-Day DevOps newsletter, which—like the rest of her site—has some great information.
- Kim Wuestkamp discusses a change in Kubernetes 1.24 regarding ServiceAccounts and their Secrets.
- Mike Roberts shares his view of the good, the bad, and the scary regarding the AWS CDK. While his post specifically addresses the AWS CDK, I think that some of his conclusions could also be applicable to other “infrastructure-as-actual-code” tools like Pulumi. That doesn’t mean these tools aren’t worth exploring (I definitely believe they are), but you should go into it fully aware of the potential concerns.
Operating Systems/Applications
- I recently learned that you can modify macOS’ PAM configuration to use Touch ID for
sudo
. That’s handy. Read Dan Moren’s article for details.
Programming
- Thierry De Pauw lays out the arguments against the use of feature branches in software development.
- It’s beyond my current skill level in programming, but I did read Tim Bray’s recent article on making code faster in an effort to pick up some “tips and tricks.” The key takeaway for me: premature optimization is the root of all evil. At my current skill level, I think that’s going to be a mantra I need to live by.
- Here are some nice “advanced beginner” notes on WASM.
- Paul Swail shares why he switched from AWS CodePipeline to GitHub Actions.
Storage
- Although it isn’t technically specific to storage, there are significant storage themes in this article on what might happen if you lock yourself out of your digital life. Scary stuff!
Virtualization
- Here’s Chris Evans’ take on the Broadcom acquisition of VMware.
- Colin shares a critical learning item on using Terraform with VMware ESXi.
- Apple’s Worldwide Developer Conference (WWDC) recently happened, and some virtualization-related information emerged on how Apple is allowing ARM-based Linux VMs (virtualized using the hypervisor present in macOS) to leverage Rosetta 2 to run Intel binaries. Ars Technica has more information here. (Personally, I think this is pretty cool, even if the setup process to make it work is like jumping through hoops.)
Career/Soft Skills
- I liked this brief article on the true nature of remote work (hint: it’s about working asynchronously.)
- Julien Simon’s treatise on technical evangelism from the trenches was also a good read, with a number of tips that I’ll be attempting to assimilate into my thinking and work.
That’s all for now! I love hearing from readers, so if you feel like getting in touch with me there are a variety of ways to do that. I’m on Twitter, in a variety of Slack channels, and you can even e-mail me (my e-mail address isn’t too hard to find, just poke around on this site for a bit). Thanks for reading!