Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)C

chaospatterns

@ chaospatterns @lemmy.world

Posts
81
Comments
256
Joined
3 yr. ago

  • Google flags Immich sites as dangerous

    Jump

  • It is for pull requests. A user makes a change to the documentation, they want to be able to see the changes on a web page.

    If you don't have them on the open web, developers and pull request authors can't see the previews.

    The issue they had was being marked as phishing, not the SSL certificate warning page.

  • Why do so many put their resources in AWS us-east-1 when that's the only one (that I'm aware of) that has ever gone down?

    Jump

  • Some people are asking why other regions seem to be affected when us-east-1 goes down. Why aren't they separated out? I used to work in AWS, but will speak generally.

    First, it's important to understand the concept of a control plane vs a data plane. Amazon and other big scale companies often talk in terms of control plane/data plane separation because those two concepts have wildly different scale and requirements.

    A control plane is the side of your service that handles the administrative functions of a service. For example, AWS S3 service would separate out bucket creation and deletion work from the file create/edit. In Route 53, this would be creating and editing zones. In IAM, it's the creation of AWS access keys for IAM users. IAM Roles, IIRC, work differently and can function more in the data plane.

    A data plane is the side of the service that handles the main meat and potatoes of a service. For example, AWS S3 any object key creates, edits, deletes would all be part of the data plane. In Route 53, these would be any DNS record query. I don't know if updating a record was considered a data plane call or not.

    These are separated out because data plane generally massively dwarf the number of calls for administrative APIs. It's also done because control plane calls often times have some extra complexities. Like in Route 53, to create a zone means you need to go find n different name servers that can handle a given domain name without overlapping with another customer, you need to tell them that they should now handle calls, you need to get the records to those servers running all over the world.

    The fact is Route 53 is globally replicated and they need to have a source of truth and engineering culture pushes Amazon towards a pull based approach. If a user creates a zone in eu-west-1, they still expect it to be on servers all over the world, so how do you get it there? Well, AWS takes the approach that certain services can have a single region dependency for their control plane in the case that it's infeasible technically or to the business to avoid one, however the data plane of the service can't have that dependency.

  • Why do so many put their resources in AWS us-east-1 when that's the only one (that I'm aware of) that has ever gone down?

    Jump

  • N. California as a region can't grow and it's priced accordingly. Instead, compare US East (Ohio) or US West (Oregon) for a region that's price competitive. A lot of Amazon internal stuff was starting to move to US East (Ohio) because it was geographically close, but a lot less problematic.

  • Why do so many put their resources in AWS us-east-1 when that's the only one (that I'm aware of) that has ever gone down?

    Jump

  • This is a little misleading. It does not mean that every single region depends on us-east-1 to authenticate every API calls. That would be insane and obviously mean that every region has a dependency on us-east-1.

    Instead, us-east-1 is what's called a partition leader. It holds the secret key material for everything in the commercial partition and regularly it distributes that to other regions. So if it's down for an extended period of time, other regions IAM can be impacted, but then there's some other complexity with STS endpoints. You can actually see the by product of this if you look at how the SigV4 signing algorithm works. Each HMAC layer is expanding the key scope.

    Anyway, this part of IAM is pretty battle tested and from I saw not the cause of today's outage.

  • Why don't Americans impeach Trump?

    Jump

  • Small correction. He was impeached by the House. The Senate then decides whether to convict, not whether to impeach.

  • Nabu Casa - Ending production of Home Assistant Yellow

    Jump

  • The MinisForum B550 is what I use for my own setup and it works pretty well.

  • Nabu Casa - Ending production of Home Assistant Yellow

    Jump

  • I was surprised to see this. I encouraged friends to get the Yellow because of the PoE support that the Green didn't have IIRC.

  • When you screw up git

    Jump

  • Rebase still means you have to resolve conflicts, but it can be worse because you may have to resolve conflicts across multiple commits that you're rebasing on top of a conflict.

  • Linux Seeing First LED Driver Written In Rust

    Jump

  • Linux Now Disabling TPM Bus Encryption By Default For Performance Reasons

    Jump

  • That probably makes sense. Most people don't have the risk of a malicious actor sniffing their TPM bus and those that do can opt in. Everybody else can still benefit from a TPM

  • Remove "Time Changed" from Activity

    Jump

  • That's a safe assumption given the post is about entries in the logbook and that depends on the recorder.

  • Remove "Time Changed" from Activity

    Jump

  • This only hides the entries from the logbook, but they're still being saved to database taking up disk space.

    I would go further and exclude them from the recorder.

  • Starbucks closes both Reserve locations in Seattle

    Jump

  • I'm no Starbucks drinker but it's a bit disheartening walking around town seeing tons of closed businesses.

  • Just Let Me Select Text

    Jump

  • That would appear to be intentional. If you go to any other page user select works fine

  • What do you think: should all government software be open source?

    Jump

  • Even if an external company makes it, they can add an open source mandate if they want. The US DoD is starting to mandate the usage of open standards for their contractors to increase inter compatibility and ability to extend those systems.

    Open source software has some value like making it easier for analysts to find security issues and the act of open sourcing software usually leads organisations to raise the quality because they don't want to be ashamed of the code. Plus imagine the clout gained by a dev who got a bug fix merged in that millions of citizens get to use.

  • These days, systemd can be a cause of restrictions on daemons

    Jump

  • systemd-analyze security {service} gives you a nice print out of what flags are able to be set. Note it doesn't actually check what flags are compatible. I use it as a starting point of what to try.

  • Steam Will End Windows 32-bit OS Support Next Year - Hopefully Linux Follows

    Jump

  • I'd prefer if the Steam app uses the 64 bit libraries so I don't have to install a bunch of 32 bit dependencies too.

  • Open-WebUI v0.6.29 release

    Jump

  • A newer release, v0.6.30 is already released to fix an issue with OneDrive integration.

    Looks like they finally finally made their slim image tag smaller than the main image:

     
        
ghcr.io/open-webui/open-webui:v0.6.30-slim    7c61b17433e8   46 hours ago    4.3GB
ghcr.io/open-webui/open-webui:v0.6.30         c1ac444c0471   46 hours ago    4.82GB

    Though only saving .5GB of space is not very slim. I use OpenWebUI in my home lab, but this issue just made me question the quality of the project a tiny bit.

  • Health Connect will soon track your steps without needing another app

    Jump

  • Its just part of Google's plan to continuously move logic between their apps. They'll slowly move Google Fit logic into Health Connect, then a few laters back out into G Fit.

    I don't know if it's good or bad. Health Connect just needs an easier entry point.

  • Programming @programming.dev
    chaospatterns @lemmy.world

    AWS Lambda now charges for INIT Phase

    aws.amazon.com /blogs/compute/aws-lambda-standardizes-billing-for-init-phase/
  • Seattle @lemmy.world
    chaospatterns @lemmy.world

    Molly Moon's is coming to the Seattle Waterfront

    seattle.eater.com /2025/3/27/24395324/molly-moons-is-coming-to-the-seattle-waterfront
  • Games @lemmy.world
    chaospatterns @lemmy.world

    Cozy video games can quell stress and anxiety

    www.reuters.com /graphics/VIDEO-GAMES/MENTAL-HEALTH/akpeewkqgpr/
  • Programming @programming.dev
    chaospatterns @lemmy.world

    The case of the UI thread that hung in a kernel call

    devblogs.microsoft.com /oldnewthing/20250411-00/
  • Seattle @lemmy.world
    chaospatterns @lemmy.world

    Trump administration orders half of national forests open for logging

    www.washingtonpost.com /climate-environment/2025/04/05/trump-administration-orders-half-national-forests-open-logging/
  • Programming @programming.dev
    chaospatterns @lemmy.world

    The manager I hated and the lesson he taught me

    www.blog4ems.com /p/the-manager-i-hated
  • Seattle @lemmy.world
    chaospatterns @lemmy.world

    Car ownership keeps dropping in Seattle

    www.seattlebikeblog.com /2025/03/14/balk-car-ownership-keeps-dropping-in-seattle/
  • Programming @programming.dev
    chaospatterns @lemmy.world

    Popular GitHub Action tj-actions/changed-files is compromised with a payload that appears to attempt to dump secrets

    semgrep.dev /blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/
  • Programming @programming.dev
    chaospatterns @lemmy.world

    The power of interning: making a time series database 2000x smaller in Rust

    gendignoux.com /blog/2025/03/03/rust-interning-2000x.html
  • Programming @programming.dev
    chaospatterns @lemmy.world

    Is abstraction killing civilization?

    datagubbe.se /endofciv/
  • Technology @lemmy.ml
    chaospatterns @lemmy.world

    Losing a 5-year-long Illinois FOIA lawsuit for database schemas

    mchap.io /losing-a-5yr-long-illinois-foia-lawsuit-for-database-schemas.html
  • Programming @programming.dev
    chaospatterns @lemmy.world

    How do modern compilers choose which variables to put in registers?

    langdev.stackexchange.com /questions/4325/how-do-modern-compilers-choose-which-variables-to-put-in-registers
  • Home Automation @lemmy.world
    chaospatterns @lemmy.world

    UniFi just created a new smart home protocol - "SuperLink"

  • Programming @programming.dev
    chaospatterns @lemmy.world

    Falsehoods programmers believe about null pointers

    purplesyringa.moe /blog/falsehoods-programmers-believe-about-null-pointers/
  • Seattle @lemmy.world
    chaospatterns @lemmy.world

    Amazon Clarifies Climate Pledge was Just Pledge to Change Climate, Not Improve It

    theneedling.com /2024/11/25/amazon-clarifies-climate-pledge-was-just-pledge-to-change-climate-not-improve-it/
  • Seattle @lemmy.world
    chaospatterns @lemmy.world

    Judge in Seattle blocks Trump order on birthright citizenship nationwide

    www.seattletimes.com /seattle-news/politics/judge-in-seattle-blocks-trump-order-on-birthright-citizenship-nationwide/
  • Home Automation @lemmy.world
    chaospatterns @lemmy.world

    Sonos CEO Patrick Spence steps down after app update debacle

    www.reuters.com /business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/
  • Programming @programming.dev
    chaospatterns @lemmy.world

    Burnout ≠ Working Too Much

    terriblesoftware.org /2024/12/20/burnout-%e2%89%a0-working-too-much/
  • Seattle @lemmy.world
    chaospatterns @lemmy.world

    Lawmakers announce high-speed rail to link Portland, Seattle, Vancouver, BC

    www.kptv.com /2024/12/18/oregon-lawmakers-announce-high-speed-rail-link-portland-seattle-vancouver/
  • Programming @programming.dev
    chaospatterns @lemmy.world

    Dear OAuth Providers

    pilcrowonpaper.com /blog/dear-oauth-providers/