week 29, 2022

Is keeping dates in UTC really the best solution?

In many projects, the approach to dates is quite nonchalant. People do as they want. When on-premise systems were king, the common problem was that it was hard to know precisely when something happened. The consistency of the configuration depended on how meticulous ops people were. It wasn’t shocking to find out that the server had a different time zone, the application had a different one, and the user had a different time zone. At one point, the development community found a compromise that “maybe we would use the same time zone everywhere, for instance UTC.

Source: Is keeping dates in UTC really the best solution?, an article by Oskar Dudycz.

Hardening SSH

In 2019, Netcraft found 74.2% of web-facing machines run Linux. During an IPv4-wide census in 2016, an OpenSSH banner was detected 75% of the time when there was a response on TCP port 22. It's safe to say OpenSSH is probably the world's most popular software for connecting to servers remotely. It's also one of the most prized attack vectors given the functionality offered to anyone able to connect.

Hardening the security aspects of an OpenSSH configuration is very challenging. It's even worse for teams that aren't focused on network security and can't justify the budget for consultants setting up bespoke systems.

Source: Hardening SSH, an article by Mark Litwintschik.

Unit-aware data frames with composite, dimensional and ixset-typed

n this post we’re going to see how we can stitch together a few libraries to make a unit-aware queryable data frame from a CSV using extensible records. By the end of this text, we’ll be able to parse a CSV of data from the periodic table, complete with the correct units, and able to quickly ask questions about our data set using the generated indices.

Source: Unit-aware data frames with composite, dimensional and ixset-typed., an article by Dan Firth.

Why Would Git Push a Larger than Necessary Pack

In my time pretending to be an engineer and working with git at Twitter, I’ve seen an interesting behavior pop up intermittently. People start complaining about git-push being slow. This particular issue becomes hard to diagnose, especially since the pandemic because we can’t be certain of the quality of connection being used, and optimizations to git-push has always taken a back seat to all the other changes we’ve done to git internally. But it has persisted long enough that it needed some deeper diving into, and the intermittent nature always fascinated me. Let’s talk about the problem a little more.

Source: Why Would Git Push a Larger than Necessary Pack, an article by Kiran Paul.

A freshly molted Chromatopelma cyaneopubescens

Yesterday, in the early evening, I noticed that the Chromatopelma cyaneopubescens I keep had molted. And today, because I could guide it carefully in a different position, I took a few photos.

Freshly molted Chromatopelma cyaneopubescens
Freshly molted Chromatopelma cyaneopubescens.

In the photo above you can see why this tarantula has the common name green bottle blue tarantula or GBB for short.

Typing your way into safety

I've been working with Python typing annotation in the last few years as part of our main product at Flare Systems. I've found it to be a wonderful tool to support refactoring and make the code more readable. Lately, I explored how we can make API safer with the uses of types. I will specifically look about how we can use Python typing annotation to make os.system foolproof.

Source: Typing your way into safety, an article by Israël Hallé.

DNS Response Size

Pop quiz: What is the maximum number of A records in a DNS round robin? Or the largest number of bytes in a TXT record? Maybe it's all the same, and we should ask what is the maximum size of a DNS response? Is it...

  • 512 bytes
  • 1232 bytes
  • 65536 bytes
  • "It depends."

Let's find out. The answer is, as all things involving the DNS, entertaining.

Source: DNS Response Size, an article by Jan Schaumann.

Announcing Pyston-lite: our Python JIT as an extension module

Today we’re very excited to announce Pyston-lite, a JIT for Python that is easily installable as an extension module. We’ve taken the core technology of Pyston and repackaged it so that you can install it through your existing Python package manager, making it dramatically easier to use. Pyston-lite doesn’t contain all of the optimizations of regular Pyston, but it is roughly 10-25% faster than stock Python 3.8 depending on the workload and we are not done optimizing it.

Source: Announcing Pyston-lite: our Python JIT as an extension module, an article by Kevin Modzelewski.

How Rust manages memory using ownership and borrowing

One of the major selling points of the Rust programming language is its low-level expressiveness and memory safety. Unlike programming languages that use garbage collectors like Haskell, Ruby, and Python, Rust provides express functionality for developers to use and manage memory as efficiently as they please in a unique fashion.

Rust achieves memory management by managing memory using the borrow checker, and concepts known as ownership and borrowing to manage and ensure memory safety across the stack and the heap.

This article discusses the Rust borrow checker, Rust’s memory management in comparison to other languages like Go and C, and the drawbacks of the Rust borrow checker.

Source: How Rust manages memory using ownership and borrowing, an article by Ukeje Chukwuemeriwo Goodness.