Secure Hashing Algorithm Explained

A cryptographic hashing function or CHF is a one-way mathematical function that allows you to ensure that it’s not possible to get back to the original value that was put in but also that it should have a very low probability of producing the same output for two different values. Secure Hashing Algorithm is one of the most popular CHFs; the first version was created by the NSA back when they were cool. This blog post will explain how it works and why it works that way.

Read More »
Author's profile picture Eva Lacy on Technology Comments

RSA by example

It’s weirdly easy to create an RSA key without relying on a crypto library, you shouldn’t do that for any actual production use case but here are all the pieces you need to achieve it.

Read More »
Author's profile picture Eva Lacy on Technology Comments

Pressure Stall Information in Linux

Pressure Stall Information (PSI) is a feature of the Linux kernel that allows a user to measure the total amount of time that user threads spent waiting on system resources. When enabled it allows you to determine how long threads have been waiting on CPU cores, IO bandwidth available, Memory to be allocated and interrupts. You can also have it send you a notification when it crosses a threshold. Please keep in mind this is the amount of time waiting not the amount of time working.

Read More »
Author's profile picture Eva Lacy on Technology Comments

Why we shed load

The ability for an application to shed load when it is overloaded is critical for resilience but it’s so often not fully understood. In this post I’ll explain why it’s important, when to shed load and how to shed it.

Read More »
Author's profile picture Eva Lacy on Technology Comments

Our relationship with security

Security is a compromise between power and protection. The operating system you use should empower you to do things that your ancestors could only dream of while at the same time protecting your privacy and consent. If the operating system tries to protect you by reducing your power then the risk is that you will remove protections to allow yourself more power. The danger is that you cannot provide informed consent if you are not informed of the risk, you can never be fully informed of even most risks without devoting a significant amount of time to the study of security and so the operating system must try and sell you the power while subtly enforcing its protection.

Read More »
Author's profile picture Eva Lacy on Technology Comments

Securing my home network with PFSense

I decided I wanted to secure my home network so I decided to go as extreme as possible without the major inconvenience and while it was frustrating at times it was also a lot of fun. Here is a description of my setup warts and all, and some of the things I couldn’t get working.

Read More »
Author's profile picture Eva Lacy on Technology Comments

DNS over TLS and VPNs

I keep seeing ads for various VPN providers claiming they can protect me on the internet and it sort of makes sense in a way. I’m going to break down how DNS over TLS may be a better option.

Read More »
Author's profile picture Eva Lacy on Technology Comments

Some thoughts on the Simulation Hypothesis

Sabine Hossenfelder, who is now my favourite science educator made a video about the simulation hypothesis which prompted me to make a post about some of the flaws in the way we think about the simulation hypothesis. I’m going to conclude the same thing she said but with different words. Simulation in my view implies that reality is not the way you perceive reality to be and the reality you perceive was intentionally created with a purpose in mind.

Given that no one can perceive all reality, because then you would run into problems with Gödel’s completeness theorem, the way that we perceive reality will always be “wrong” or incomplete, so the first part of my definition is true. The second part is where we are going to run into problems because how can you prove that there is anything intentional about reality? This is where I think we need to skip straight to first contact!

Read More »
Author's profile picture Eva Lacy on Philosophy Comments

S3 Sync and Cloudfront Invalidation

An annoying feature of cloudfront invalidations is that if you use /* as the invalidation path it only invalidates the root directory, not any sub directories. Also it’s rather frustrating that I have to invalidate the entire cache just to update a few files, particularly if it’s invalidating less frequently cached items. So I wrote a script to automate this.

Read More »
Author's profile picture Eva Lacy on Technology Comments

Securing a VLAN with mac addresses

It’s very easy to fake a mac address, however that doesn’t mean that mac address filtering is useless. We can still add security through mac filtering but we do it by considering the mac address as a username rather than a password, the ability to use a given mac address on your network should be secured especially if you have different firewall rules for different IP addresses within the same VLAN. This post explains how that works.

Read More »
Author's profile picture Eva Lacy on Technology Comments

Diagnosing Overload

As we create more microservices, maintaining resilience becomes more about quickly diagnosing overload. The ability to do so can save companies millions of dollars a year in hardware costs for services that would otherwise have to be overscaled to ensure availability. As someone who has been involved in diagnosing complicated overload scenarios, this is how I think about overload. All of my opinions are my own, not anyone else’s.

Read More »
Author's profile picture Eva Lacy on Technology Comments

Helm apiVersion Fix

In Kubernetes 1.16 deployment is no longer available in extensions/v1beta1, apps/v1beta1, and apps/v1beta2, if you are using a helm chart written for an earlier version there is a very simple fix to make it work for Kubernetes 1.16.

Read More »
Author's profile picture Eva Lacy on Technology Comments

How to be weird

Conformity is important for humanity, we need to learn to communicate in ways that seem less threatening to each other if we hope to maintain our fight against violence, however it’s also important that our individual differences stil get a chance to shine especially as our society becomes more hyper specialised. This post is about my struggles with being weird and how I’ve learned to fit in to a degree.

Read More »
Author's profile picture Eva Lacy on Politics Comments

Facing Violence

Violence is a sensitive subject, to face it, to focus on it is to focus on some of the most uncomfortable flaws of our own humanity. It’s worth addressing these flaws, it’s worth fixing them. You might feel powerless but I hope to relieve you of that sensation by the time you’ve read the blog post.

Read More »
Author's profile picture Eva Lacy on Politics Comments

How to get quality into your software

As a software developer, the bane of my life is bugs, I hate them, I feel so stressed by them. Every time I see a bug in my work before someone else does I have to stop myself from wanting to hide it completely. It’s so natural to want to hide or avoid the problem, but we as developers need to tackle it head on.

Code Reviews

Quality needs to start in code reviews, anything you change in your team starts with code reviews. It’s where you educate everyone on your team on what each part of the software does and where you communicate the standards that need to be followed.

Read More »
Author's profile picture Eva Lacy on Technology Comments