Eva Lacy

Security is a compromise between power and protection. The operating system you use should empower you to do things that your ancestors could only dream of while at the same time protecting your privacy and consent. If the operating system tries to protect you by reducing your power then the risk is that you will remove protections to allow yourself more power. The danger is that you cannot provide informed consent if you are not informed of the risk, you can never be fully informed of even most risks without devoting a significant amount of time to the study of security and so the operating system must try and sell you the power while subtly enforcing its protection.

I decided I wanted to secure my home network so I decided to go as extreme as possible without the major inconvenience and while it was frustrating at times it was also a lot of fun. Here is a description of my setup warts and all, and some of the things I couldn’t get working.

I keep seeing ads for various VPN providers claiming they can protect me on the internet and it sort of makes sense in a way. I’m going to break down how DNS over TLS may be a better option.

Sabine Hossenfelder, who is now my favourite science educator made a video about the simulation hypothesis which prompted me to make a post about some of the flaws in the way we think about the simulation hypothesis. I’m going to conclude the same thing she said but with different words. Simulation in my view implies that reality is not the way you perceive reality to be and the reality you perceive was intentionally created with a purpose in mind.

Given that no one can perceive all reality, because then you would run into problems with Gödel’s completeness theorem, the way that we perceive reality will always be “wrong” or incomplete, so the first part of my definition is true. The second part is where we are going to run into problems because how can you prove that there is anything intentional about reality? This is where I think we need to skip straight to first contact!

An annoying feature of cloudfront invalidations is that if you use /* as the invalidation path it only invalidates the root directory, not any sub directories. Also it’s rather frustrating that I have to invalidate the entire cache just to update a few files, particularly if it’s invalidating less frequently cached items. So I wrote a script to automate this.

It’s very easy to fake a mac address, however that doesn’t mean that mac address filtering is useless. We can still add security through mac filtering but we do it by considering the mac address as a username rather than a password, the ability to use a given mac address on your network should be secured especially if you have different firewall rules for different IP addresses within the same VLAN. This post explains how that works.

As we create more microservices, maintaining resilience becomes more about quickly diagnosing overload. The ability to do so can save companies millions of dollars a year in hardware costs for services that would otherwise have to be overscaled to ensure availability. As someone who has been involved in diagnosing complicated overload scenarios, this is how I think about overload. All of my opinions are my own, not anyone else’s.

In Kubernetes 1.16 deployment is no longer available in extensions/v1beta1, apps/v1beta1, and apps/v1beta2, if you are using a helm chart written for an earlier version there is a very simple fix to make it work for Kubernetes 1.16.

Conformity is important for humanity, we need to learn to communicate in ways that seem less threatening to each other if we hope to maintain our fight against violence, however it’s also important that our individual differences stil get a chance to shine especially as our society becomes more hyper specialised. This post is about my struggles with being weird and how I’ve learned to fit in to a degree.

Violence is a sensitive subject, to face it, to focus on it is to focus on some of the most uncomfortable flaws of our own humanity. It’s worth addressing these flaws, it’s worth fixing them. You might feel powerless but I hope to relieve you of that sensation by the time you’ve read the blog post.

As a software developer, the bane of my life is bugs, I hate them, I feel so stressed by them. Every time I see a bug in my work before someone else does I have to stop myself from wanting to hide it completely. It’s so natural to want to hide or avoid the problem, but we as developers need to tackle it head on.

Code Reviews

Quality needs to start in code reviews, anything you change in your team starts with code reviews. It’s where you educate everyone on your team on what each part of the software does and where you communicate the standards that need to be followed.

Why is it that connecting to a WIFI involves sharing a key to aid synchronous encryption, often printed on a piece of paper which is put on display in public view?

What are the threat models when it comes with wireless networking and how does this solution rate when we look at the dangers associated with communication?

I’ve been building a completely serverless application in AWS over the past while and I thought I’d share some of the things I learned.

This is going to be written from the perspective of a for-profit business

A friend of mine put me onto docker a few weeks ago and since then I’ve become rather obsessed with all things docker. I’ve gone from tinkering around with containers to recommending my company look into a strategy that will fully containerize our asp.net application.

Let me wind back a bit and explain why.

Public health is a barrier to economic growth, so it is an essential part of a successful strategy for a nation. When we look internationally we can all see the disparity between how capable different nations are at handling this global challenge. It’s something worth thinking about.