-
Please don't teach your customers to trust unknown numbers
Teaching customers to trust cold-calls from random mobile numbers is not something we should be doing these days….
-
A Container Security Maturity Model
Putting the CNCF Cloud Native Security Whitepaper into practice. An updated version of this post I published last month, now with the model in public Google Sheets instead of the repo as well as various edits.
-
Image Vulnerability Scanners Compared, Pt1
I’m looking at the capabilities and results from three container image vulnerability scanners - Trivy, Snyk & AWS ECR Scanning.
-
Yamaha MT4X Multitrack Cassette Recorder: Disassembly & Service
I’ve recently serviced a couple of Yamaha mt4x four track cassette recorders. Here I overview the process that I took and try to share info that I couldn’t easily find online myself.
-
Mapping the 12 Factor App to Boehm's Quality Model
I’ve recently been thinking about the methods of developing computer programs, and have been reading up on some work related to this.
-
Python set comparisons
Today a colleague posted the following code snippet:
-
grep mutliple patterns
We all have habits, and getting things done means that often we don’t look past them, or we’re not exposed to different ways of achieving something. Often I’ll sit back and think “actually let’s find another way of doing this”, or I see a cool trick and want to incororate it into my practice. Too often I don’t pass it on, or don’t practice it.
-
Ansible Vault key retrieval from Bitwarden
I use Bitwarden as my password manager, and I highly recommend it. I also use Ansible a whole lot, and make heavy use of Ansible Vault.
-
nftables on Debian 10 with Docker and no iptables
I run a Debian 10 system with no iptables, and some multi-container services via docker-compose. Dumping some notes here as it can be a real pain.
-
Using Conftest to enforce Terraform allowed resources
I’ve just been playing with conftest as a means to enforce a whitelist of allowed Terraform resources. Conftest “is a utility to help you write tests against structured configuration data” and uses the Open Policy Agent rego syntax.
-
Nftables set with CIDR
A few weeks back I decided to try running a system with nftables as it’s firewall, with no iptables, and with docker. This proved successful, but only after hunting through various blogs, man pages and wikis to put it together. The complete result of this I will publish at another time, but one of the issues I had, which I’ve just now come back to and solved was how to include CIDR notation into a named set.
-
Bash alias: tmpnote
I recently added the following alisa to my .bash_aliases file. Now if I want a temporary file to jot down some notes or dump some text, I just run
tmpnote
and then :q! once I’m done.