I've made some experiments with compressing individual URLs, and I describe my initial observations (while comparing to standard compression algorithms).| notes.volution.ro
My personal experience in finding affordable EU-based cloud providers for a small personal project. And my pessimistic assessment of the competitiveness in this segment with their USA-based competitors.| notes.volution.ro
Questions (without definitive answers) about how to securely manage secrets in scripts and development environments?| Volution Notes
Questions (without definitive answers) about memorable password schemes and patterns.| Volution Notes
A few Firefox addons I use on a daily basis.| Volution Notes
About the many types of hash functions, their use-cases, dos and don'ts, with suggestions for currently accepted algorithms.| Volution Notes
About the hidden costs of forced automatic initialization of dependencies. And a plea for library developers (in any language) to think about their global state initialization requirements.| notes.volution.ro
Notes on various subjects, mostly regarding IT technology and security.| notes.volution.ro
When it comes to static sites, there are a myriad of solutions for authoring and compiling, but talk about hosting these static sites, and we are still in the early 2000s. I discuss the challenges one faces when hosting, and even make a proposal to solve some of these.| notes.volution.ro
About how another instance of "the scientific progress justifies the means", or perhaps "how a corporation milks profits from other people's work", triggers an arms race that piece by piece dismantles the open web, and turns it into walled gardens.| notes.volution.ro
Experimenting with Linux policy based routing, i.e. `man ip-rule(8)`, as a stateless firewall substitute.| Volution Notes
Demystifying the UEFI boot process with a focus on Linux, simplicity, reliability, and security.| Volution Notes
Updating the Infineon TPM firmware on an HP t620 thin client, which is vulnerable to the ROCA attack (that allows an attacker to recover the RSA private key).| Volution Notes
How about splitting the usage and storage of sensitive documents and data? Plus a few ideas on how to implement a small custom "secure" computer for the storage part.| Volution Notes
Experimenting with password-based authentication implemented directly in Postgres, all sprinkled with a few twists.| Volution Notes
A subtle, but surprising, realization about password-based key-derivation functions when using long byte sequences as passwords.| Volution Notes
Documenting various open-source tools and projects that I've found while experimenting with the Linux container technology.| Volution Notes
`sh` is not a programming language! Write application launchers in proper languages!| Volution Notes
Immutable OSs are just a minor step towards reliable OS installations. However, for a complete solution we also need reproducible and thus deterministic installations, which implies cleaning-up and modernizing our package managers.| Volution Notes
A rant about the complexity of modern Linux distributions, which places them on par with the opaqueness of Windows and OSX.| Volution Notes
A live document providing learning resources and pointers for those that want to experiment with applied cryptography.| Volution Notes
I reflect on my preferences when it comes to choosing open-source tools I need to rely upon.| Volution Notes
Experimenting with OpenSSH authorization keys resolution; from skeleton-key providing emergency access, to simple centralized key management.| Volution Notes
Trying to make the case for permanent irrevocable digital identities, which unfortunately today, by de-facto, are email addresses.| Volution Notes
A few words about one of my latest open-source projects, `z-tokens`, that among other thinks, also tries to tackle this problem but providing more added value compared to existing solutions.| Volution Notes
Although many software engineers know about the topic, especially through their exposure to Base64, there are however many issues and missed opportunities not tackled by the broad community.| Volution Notes
A few words of caution about storage-free deterministic password managers.| Volution Notes
An interesting take on containerized deployments, contrasted with other similar trajectories in the software engineering history.| Volution Notes
| Volution Notes
| Volution Notes
In support of software packages that come in the form of a single binary executable (statically linked or portable), that one can just copy anywhere in `${PATH}` and execute, without needing `sudo`, or downloading half the distribution's packages as dependencies.| Volution Notes
Articles and tools I've found interesting in the last few days.| Volution Notes
About how the largest romanian bank tries to give its clients a "warm-fuzzy-feeling" of security, that is actually zero in real security terms.| Volution Notes
Articles and tools I've found interesting in the last few days.| Volution Notes
About the fatal perils and traps of many modern tools that handle "shell commands" as passed through `system(3)` or `sh -c`. Or, how by the end of 2020, we still haven't given up on shell's equivalent "SQL building", or how shell's equivalent "SQL injection" still thrives in our engineering world... Plus a `glibc` bug, then a Linux man pages bug, then a POSIX specification bug...| notes.volution.ro
Trying to identify which compression tool and level yields the "best" outcome for "textual" archival purposes. (Spoiler: "it depends...")| Volution Notes
How to compact and clean Git repositories of "dangling" commits and objects.| Volution Notes
How to properly sort a list of FQDNs in Bash, first by TLD, then by domain, then by sub-domain and so on.| Volution Notes
A visual history of `microsoft.com` (thanks to the Internet Archive and its Wayback Machine).| Volution Notes
A visual history of `google.com` (thanks to the Internet Archive and its Wayback Machine).| Volution Notes
Articles and tools I've found interesting in the last few days.| Volution Notes
A visual comparison between HTTP/1.1 and HTTP/2 in the context of many small resources and with real-world latency.| Volution Notes
About obtaining Go current goroutine ID, and why sometimes we should trust the developer to do the right thing... Else the developer is forced to embark on a journey that looks more like a mission impossible data exfiltration movie, than a day-to-day job...| Volution Notes
About the "DevOps culture" plus related technologies, less about containers, but all about our professional careers as software developers or operators.| Volution Notes
About choosing the "right" RAID5 chunk size on Linux systems, and related benchmarks. This part provides the raw data from the CDNjs benchmark.| Volution Notes
About choosing the "right" RAID5 chunk size on Linux systems, and related benchmarks. This part summarizes previous work published by others on the internet.| Volution Notes
About an high level overview of the application development security at the end of 2018.| Volution Notes
About choosing the "right" RAID5 chunk size on Linux systems, and related benchmarks. This first part presents a few benchmarks at the "block-device" level (i.e. without an actual file-system).| Volution Notes
About the "sanity" of developing sites that "just work" on mobile devices.| Volution Notes
Prototyping an encryption tool that allows combining multiple encryption factors, from PIN's, passwords, to X25519 pairs, and beyond.| notes.volution.ro
Experimenting with various real-world instantiations of cryptographic random oracles, with applicability from multi-factor encryption, to database record encryption.| notes.volution.ro
Articles and tools I've found interesting in the last few days; and about the start of a new "column".| notes.volution.ro
Questions (without definitive answers) about password strength (i.e. entropy bits) for offline storage.| notes.volution.ro
Given a simple enough HTTP server, and by employing seccomp, one could easily achieve a quite secure(er) server, with a small enough attack surface that the potential attacker might want to look elsewhere in the stack for vulnerabilities.| notes.volution.ro