• Apr 14, 2022

    Please don't teach your customers to trust unknown numbers

    Teaching customers to trust cold-calls from random mobile numbers is not something we should be doing these days….

  • Apr 11, 2022

    A Container Security Maturity Model

    Putting the CNCF Cloud Native Security Whitepaper into practice. An updated version of this post I published last month, now with the model in public Google Sheets instead of the repo as well as various edits.

  • Oct 31, 2021

    Image Vulnerability Scanners Compared, Pt1

    I’m looking at the capabilities and results from three container image vulnerability scanners - Trivy, Snyk & AWS ECR Scanning.

  • Nov 29, 2020

    Yamaha MT4X Multitrack Cassette Recorder: Disassembly & Service

    I’ve recently serviced a couple of Yamaha mt4x four track cassette recorders. Here I overview the process that I took and try to share info that I couldn’t easily find online myself.

  • Aug 6, 2020

    Mapping the 12 Factor App to Boehm's Quality Model

    I’ve recently been thinking about the methods of developing computer programs, and have been reading up on some work related to this.

  • Jun 16, 2020

    Python set comparisons

    Today a colleague posted the following code snippet:

  • Apr 15, 2020

    grep mutliple patterns

    We all have habits, and getting things done means that often we don’t look past them, or we’re not exposed to different ways of achieving something. Often I’ll sit back and think “actually let’s find another way of doing this”, or I see a cool trick and want to incororate it into my practice. Too often I don’t pass it on, or don’t practice it.

  • Mar 15, 2020

    Ansible Vault key retrieval from Bitwarden

    I use Bitwarden as my password manager, and I highly recommend it. I also use Ansible a whole lot, and make heavy use of Ansible Vault.

  • Mar 7, 2020

    nftables on Debian 10 with Docker and no iptables

    I run a Debian 10 system with no iptables, and some multi-container services via docker-compose. Dumping some notes here as it can be a real pain.

  • Nov 21, 2019

    Using Conftest to enforce Terraform allowed resources

    I’ve just been playing with conftest as a means to enforce a whitelist of allowed Terraform resources. Conftest “is a utility to help you write tests against structured configuration data” and uses the Open Policy Agent rego syntax.

  • Jul 5, 2019

    Nftables set with CIDR

    A few weeks back I decided to try running a system with nftables as it’s firewall, with no iptables, and with docker. This proved successful, but only after hunting through various blogs, man pages and wikis to put it together. The complete result of this I will publish at another time, but one of the issues I had, which I’ve just now come back to and solved was how to include CIDR notation into a named set.

  • Jul 4, 2019

    Bash alias: tmpnote

    I recently added the following alisa to my .bash_aliases file. Now if I want a temporary file to jot down some notes or dump some text, I just run tmpnote and then :q! once I’m done.