Twitter: @ewenmcneill -- May 2019

Tue Apr 30 23:51:29 +0000 2019 (#)

Replying to @attacus_au

Almost all conference swag (and other prize / freebies) seems to be giving away things for the sake of people having “more stuff”. I have lots of “stuff” already, too much actually. Ideal conference swag is: None. (I even decline T-Shirts, for last 7+ years.)

Tue Apr 30 23:56:03 +0000 2019 (#)

Replying to @aurynn and @attacus_au

Agreed: if there must be swag (and apparently for some conf there must, because reasons) it should be both small and useful.

Also T-shirts: just say no. It’s worth it for the look of confusion at the rego desk alone 😃

Wed May 01 06:52:55 +0000 2019 (#)

Replying to @aurynn

This is the kind of swag I can get behind!

The cute dress is definitely good swag 👍

(Maybe the stickers could be optional.)

Wed May 01 07:21:16 +0000 2019 (#)

Replying to @BR3NDA

I routinely list 3-5 items to avoid. Sometimes fewer if I know what’s being made and that FOO is never in it.

Space permitting I suggest what to serve me, to avoid the “what do you eat” panic.

Also I only let people cater lunch / dinner for me; I bring my own breakfast/snacks.

Wed May 01 07:30:21 +0000 2019 (#)

Replying to @deepwebdesign and @BR3NDA

It’s much simpler if one doesn’t insist on putting common allergens into everything by default! There’s like half a dozen common ones, and avoiding those solves many people’s problems, with no extra effort.

I’ve been meaning to write a blog post about this catering hot tip.

Wed May 01 21:16:14 +0000 2019 (#)

Replying to @BR3NDA and @deepwebdesign

I gave up on cafes for anything other than tea/coffee a very long time ago! (And drink just tea/water, without anything else.)

But yes, it’d be nice to be able to eat without planning in advance sometimes…

PS: I pretty much always have snacks with me “just in case”.

Wed May 01 21:22:25 +0000 2019 (#)

Replying to @BR3NDA and @deepwebdesign

Also in case it helps, my usual restaurant survival skill is knowing what is plausibly put in something (with strategic googling) and asking for something that’s made to order and can easily have thing X not put in. Eg, salads with “no cheese” and “oil/vinegar” dressing.

Wed May 01 21:25:10 +0000 2019 (#)

Replying to @BR3NDA

Sadly doesn’t work in cafes where everything is pre made 😟 Hence just tea/coffee in cafes, and snacks I brought with me later if required.

Thu May 02 00:28:06 +0000 2019 (#)

@nicegear are you planning on stocking the GreatFET One from Great Scott Gadgets? I understand production hardware out soon.

Thu May 02 06:17:17 +0000 2019 (#)

Replying to @mattcen

I decided on storing them in a separate KeePass file from everything else, with its own strong auth. I use a phone app for normal use. But it’s nice to know there’s a another option if that’s not working (eg, power drained, or app update breaks something).

Thu May 02 23:46:19 +0000 2019 (#)

This Network Collective podcast on the “History of Networking — Cisco CLI” explains a lot about how the Cisco IOS “conf term” interface ended up that way. Very organic growth in CLI, ad hoc design. Worth listening if you’ve configured IOS gear.

Fri May 03 07:15:50 +0000 2019 (#)

Excel as Turing Complete Functional Programming Language. I think the talk referenced in the thread is something like

Sat May 04 02:26:12 +0000 2019 (#)

Well that was an alarming thing for Firefox to suddenly do — disable the Cookie AutoDelete extension and claim it is corrupt. (Checksums look good so maybe RSA signing issue, but I can’t find right Mozilla AddOns CA cert to check.)

Sat May 04 02:49:36 +0000 2019 (#)

Replying to @ewenmcneill

It looks like one of the signing certificates in the Firefox addons signing chain expired a couple of hours ago :-(

“Not After : May 4 00:09:46 2019 GMT”

Sat May 04 03:34:16 +0000 2019 (#)

Replying to @Veritastar_

Thanks! My Firefox big report just got marked as a dupe of 1548973 so that’s probably the one to follow. (Unfortunately that bug didn’t have useful keywords like expired/addons/corrupt.)

Sat May 04 04:04:25 +0000 2019 (#)

Replying to @ewenmcneill

Looks like main announcement channel is Mozilla’s Discourse. Seems like first reports were 6:10pm Friday PST. HugOps to Mozilla Team working on this.

Sat May 04 20:27:29 +0000 2019 (#)

Tabletop Scenario: a feature in your software, that many of your users rely on, turns out to have a built in expiry date, which just expired. How quickly can you get a new release, to re-enable the feature, through your CI/CD pipeline?

Sat May 04 20:31:50 +0000 2019 (#)

Replying to @ewenmcneill

For Firefox it seems like the answer is “many hours”, hence reusing a testing hook for hot patching, and still advising users it might take 6 hours. Even then it is only released for some production builds (not Firefox ESR, not Linux distro releases, etc).

Sat May 04 20:36:55 +0000 2019 (#)

Replying to @isomer

3-4 hours seems pretty good to me. Particularly if not all users notice / experience the problem at the same time.

Sat May 04 20:39:48 +0000 2019 (#)

Replying to @ewenmcneill

FTR, FIrefox in progress update including list of versions not fixable with their hotfix.

Sat May 04 20:41:43 +0000 2019 (#)

Replying to @isomer

Yes, I was assuming existing automated CI/CD. It’d be a really bad day without that pre-setup. But some CI runs I’ve seen take a substantial fraction of a day to cycle…

Sat May 04 21:23:40 +0000 2019 (#)

Replying to @ewenmcneill

Seems like the hot fixes that are (starting to) come out are adding (an updated version of) the expired intermediate certificate directly to the trust store directly. via

Sat May 04 21:31:04 +0000 2019 (#)

Replying to @schrierc and @isomer

Definitely seems like the overlap window in a rolling release could eat up much of that 3-4 hour budget :-)

Sat May 04 21:34:59 +0000 2019 (#)

Replying to @ewenmcneill

I’m intrigued by the choice to push new intermediate into the software cert store, via an ad hoc mechanism. Rather than do automated bulk re-sign of extensions (picking up new intermediate into bundle) and tell users “(re)install latest version of your extension”.

Sat May 04 22:00:51 +0000 2019 (#)

Replying to @ewenmcneill

It also looks like a signature verification issue has broken the Firefox build, at least for some platforms. Ouch. More HugOps to the Mozilla Team.

Sat May 04 22:13:18 +0000 2019 (#)

Replying to @thatcks and @isomer

Yes, it’d be painful for users. But so is “enable Studies, wait up to 6 hours for magic update”. My feeling is user manual install would be at least as quick (wall clock time) for the user. And they’d feel they were in control of fixing it.

Sat May 04 22:16:37 +0000 2019 (#)

Replying to @thatcks and @isomer

Definitely it’s non trivial to bulk re-sign everything if you don’t have bulk re-sign automated already :-)

But re-signing top 20-50 extensions in descending order of downloads (most used first) would fix many users in the first handful of re-signs.

Sun May 05 00:14:38 +0000 2019 (#)

BSides Knoxville 2019 (a few days ago) included a couple of technical talks I’ve enjoyed. Only livestream seems available so far.

@travisgoodspeed on small radios starting about 5h00m in, and @brandonlwilson on TI graphing calc starting about 6h03m.

Sun May 05 04:17:33 +0000 2019 (#)

Replying to @thatcks

I like acmetool too. Much easier to automate than the official tool, and self contained. I wonder if it makes sense to create a community soft fork of acmetool with ACMEv2 added? Presumably new API endpoints and some small protocol tweaks.

Sun May 05 05:17:48 +0000 2019 (#)

Replying to @thatcks

Thanks. Good to know there’s a start on it. I’m much the same: I’d love to see a community solution but I’m not sure I’m able to work on it (much).

Sun May 05 05:23:41 +0000 2019 (#)

Replying to @ewenmcneill

In theory there’s now a “studies” (Normandy) hotfix for Firefox 60 ESR, so I’ve turned on the “phone home” features. Guess I’ll know in 6 hours if it finds the right thing (no studies found immediately on switch on; nor for Ubuntu 16.04 Firefox build).

Sun May 05 06:31:11 +0000 2019 (#)

Replying to @ewenmcneill

Both affected systems got the hotfix after about an hour. The Ubuntu Firefox 66 build got pushed 3 studies (two for xpi signing and one dom.push.alwaysConnect) which is unwanted opt in. But 60 ESR only got the important hotfix. Cookie AutoDelete works again after reinstalling it.

Sun May 05 07:43:23 +0000 2019 (#)

RT @unexpectedmaker: Watching @esden ’s talk on “From idea to production” - What a legend and inspiring engineer! What a great watch! http…

Sun May 05 09:12:52 +0000 2019 (#)

Replying to @borland and @isomer

I think you get to assume someone senior expediting approval in this case (eg, end user visible breakage, in the press 😃).

10 minutes is a really good test/deploy rate. Even an hour I think is good (in the “saved the day” range). Senior expediting might help iOS approval too.

Sun May 05 09:31:52 +0000 2019 (#)

Replying to @__psn, @schrierc and @isomer

Definitely worth considering what might cause time based breakage. Expiring certs are only one way that might happen. But “gaming” how to get out of tight corners helps when surprises happen.

Hopefully there will be a detailed Mozilla postmortem later with many lessons learned.

Sun May 05 09:47:35 +0000 2019 (#)

Replying to @isomer, @__psn and @schrierc

Deprecating features properly is hard. Probably requires multiple release based or time based stages: warn in docs, warn at run time, error but can override, etc. And weeks/months at each stage in most cases.

“Didn’t tell anyone” is a recipe for a bad day later :-(

Sun May 05 22:07:44 +0000 2019 (#)

@fsmgnz One of my REANNZ connected clients is having trouble resolving internally (v4) since late last week. It seems like maybe DNSSEC validation challenges. Did you roll DNSSEC keys recently?

Sun May 05 22:18:26 +0000 2019 (#)

Replying to @isomer

That’s skipping from the first step of a good deprecation plan to the last step, missing all the important communication steps :-(

I’m guessing “lessons were learnt” when that blew up!

Sun May 05 22:42:57 +0000 2019 (#)

Replying to @isomer and @fsmgnz

It does indeed, I was just about to reply having found that myself. Also I’m unsure if the SHA1 length key with algorithm 8 (RSASHS256) is valid in a DS record (possibly cause of unhappiness?): “DS=7594/SHA-1 has algorithm RSASHA256”

Sun May 05 23:11:13 +0000 2019 (#)

Replying to @ewenmcneill

Looks like RSASHA256 with SHA1 digest is legal (first is hash algorithm used, second is digest used). But people want to discourage use of it, eg expired algorithms draft from late 2018. Still if it’s in the DS records then it needs to be in RRSIGs too.

Mon May 06 00:07:12 +0000 2019 (#)

Replying to @fsmgnz

Thanks! Looks like it is resolving properly again at my client, so they can get their Ubuntu updates :-) Thanks for the quick resolution.

Mon May 06 04:09:19 +0000 2019 (#)

Replying to @ewenmcneill

Someone reverse engineered the Firefox fix to get it to apply on earlier Firefox versions. It’s literally just putting the new intermediate into the Firefox CA trust store, and rerunning the extensions validation. (And I did find new cert in trust store.)

Mon May 06 04:21:09 +0000 2019 (#)

Replying to @ewenmcneill

Looks like the replacement “intermediate” certificate expires 2025-04-04 00:00:00 GMT. Which seems to be a Friday… so that could be another fun day.

Mon May 06 10:39:21 +0000 2019 (#)

Replying to @bitsavers

Someone reverse engineered the fix for older Firefox. It just adds a newer version of the AddOns CA intermediate into the browser store and rechecks plugin validity. There’s a link to the work around in my quoted tweet.

Mon May 06 22:35:04 +0000 2019 (#)

Replying to @bitsavers

There’s also a Mozilla plan to ship a legacy add on that applied the same fix for older Firefox (at least back to 52). Which might help in a bit if you don’t want to do the manual install steps in link in previous tweet.

Tue May 07 01:57:30 +0000 2019 (#)

TFW the manufacturer stops making your favourite healthy snack item and you can’t buy any more. My stocks are running low :-(

(Yes I’ve emailed them to ask them to start again. Not holding out much hope.)

Tue May 07 02:08:16 +0000 2019 (#)

Replying to @tveastman

If it’s the only option, definitely. Just dealt with a network switch (serial) console that changed terminal to dark grey text on black background :-(

(Dark mode themes as an option seems okay, if a bit late 1990s reskinning of random apps. But let me have contrast too.)

Tue May 07 06:16:38 +0000 2019 (#)

Replying to @oe1cxw

Ubuntu 16.04 with Bison 3.0.4 and GCC 5.4.0 (plan upgrade to Ubuntu 18.04 in next few months).

Also: Raspbian 9 with Bison 3.0.4 and GCC 6.3.0 Debian 9 with Bison 3.0.4 and GCC 6.3.0 (etc; I have many computers! Those ones are the most relevant to your question.)

Tue May 07 07:02:31 +0000 2019 (#)

Amazing talk on reverse engineering custom 1970s video game ASICs and emulating them. Even more surprising, Cole is still in high school. His blog has more details on progress.

Tue May 07 09:03:10 +0000 2019 (#)

Replying to @ewenmcneill

Python developer, embroiderer, and Emoji fan @glasnt combines them all together into a solution to her own problem with proprietary Windows embroidery tools.

Great talk, you should watch it ❤️🦋💜

Wed May 08 04:18:20 +0000 2019 (#)

TFW when the only store I went to in my suburb closes, with minimal notice 😢

By my count that’s both the restaurants in Wellington I most liked and my favourite nearby shop all closed in the last 12 months.

Wed May 08 05:29:09 +0000 2019 (#)

Replying to @hroethgar


Fortunately the store is just closing in my suburb. Still 3 other locations in “driving distance” from me. But the convenience of shopping nearby is gone again :-(

Thu May 09 09:53:20 +0000 2019 (#)

Replying to @brouhaha and @whitequark

As best I can remember (from the time & looking last year) all 3.5” media was specified for a single RPM, both DD and HD. As you said down thread 5.25” media was specified with different RPM for DD and HD, but later drives ran at HD RPM for both, and adjusted DD timings to match.

Thu May 09 10:00:10 +0000 2019 (#)

Replying to @brouhaha and @whitequark

My recollection is all early 5.25” HD drives changed RPM for HD vs DD, most cheap later 5.25” drives ran one RPM and adjusted timings, and better later 5.25” drives had jumper option to do real DD RPM or stay at HD RPM and adjust timings. (Jumper gave more compatibility options.)

Thu May 09 19:02:34 +0000 2019 (#)

Replying to @tlsinspector

Ah, that’s why the Apple App Store insists there’s an update available, but says “This item is no longer available” and “App Not Available”/“This app is currently not available in your country or region” if I try to install it. Hopefully the new new version is approved soon :-)

Thu May 09 21:14:57 +0000 2019 (#)

RT @sundhaug92: @futureidentity @GeorgeWHerbert @tforcworc @mattblaze Kelvin, the unit of measure for when you always want to stay positive

Fri May 10 02:53:04 +0000 2019 (#)

TIL if you used those new fangled VLAN things, your LACP (802.3ad) “Layer 3 and 4” link aggregation (LAG) will fall back to just hashing MAC addresses.

Fri May 10 03:00:30 +0000 2019 (#)

Replying to @ewenmcneill

For Linux you want “encap3+4” to live in the future where VLANs are common.

For Xtreme it appears you want “algorithm port-based” and to send someone to the data centre to rearrange cables so “in_port_idx % num_ports_in_LAG” mirrors the link usage Linux picked 🤦

Fri May 10 03:08:26 +0000 2019 (#)

Replying to @ewenmcneill

Yes, I literally sent someone to the data centre to swap cables so each server had an odd port number and an even port number. Then I could get 19.8Gbps sustained over 2*10Gbps LAG, with VLAN tags, (layer 4 port hash willing).

802.3ad and 802.1Q are both about 20 years old.

Fri May 10 06:20:20 +0000 2019 (#)

Replying to @aenertia

Enterprise server cluster infrastructure isn’t big on routing things between servers 1U apart. But they do like redundant paths. I like to actually use all available bandwidth rather than have half of it sitting there “just in case” :-)

Fri May 10 07:29:29 +0000 2019 (#)

Replying to @nnja

brings hardware, Python, and sparkles together in her Pycon 2019 keynote. Featuring @adafruit Circuit Python and a Circuit Python Express. Complete with audience code along, as many got a suitable board in their swag bag!

Fri May 10 07:37:16 +0000 2019 (#)

Replying to @aenertia

Unfortunately ECMP can reorder frames, which makes TCP sad. I’m fine with one flow pinned to one path, I just don’t want all flows pinned to one path and the other paths empty.

But yes, enterprise software could live in the network future rather than the network past too 😃

Fri May 10 07:42:05 +0000 2019 (#)

Replying to @ewenmcneill

Follow #PythonHardware to see what’s been inspired by .@nnja’s keynote at PyCon 2019.

It’s great to see more people being inspired to play with hardware. And MicroPython / CircuitPython make it easy to get started.

Fri May 10 10:09:27 +0000 2019 (#)

Replying to @isomer

That definitely sounds like a useful hash combination! Sadly I’ve never come across anything that supports hashing on even half of those values :-(

Way too many devices seem to have ASIC hash on a few sets of “relevant in 1990s” header combinations, only at fix bit offsets.

Fri May 10 10:09:36 +0000 2019 (#)

RT @isomer: @ewenmcneill @aenertia For L2 and L3 multipath you want to hash on a configurable seed, 5 tuple, vlanid, Macs, ToS/802.1p and p…

Fri May 10 22:30:47 +0000 2019 (#)

Replying to @isomer

Many modern network ASICs can match on those things (if only to claim SDN/OpenFlow), but I’m surprised to learn they can also feed them into a decision hash and software above them doesn’t expose that. (Xtreme have a “custom” hash, but it’s a tiny subset.)

Fri May 10 22:36:27 +0000 2019 (#)

Replying to @femtoduino

There’s not enough context in your tweets to tell what you’re doing and why you’re having a problem. I’m guessing you’re maybe using litex-buildenv.

If you’re using a Xilinx series 7 based FPGA you need to install Vivado manually. See details in

Fri May 10 22:40:05 +0000 2019 (#)

Replying to @femtoduino

If you’re not using a Xilinx FPGA, and you’re using litex-buildenv then you need to set the environment variables for the board you’re using. Eg for iCE40 boards (which can be used with just OS tools) see

Fri May 10 22:45:59 +0000 2019 (#)

Replying to @femtoduino

If you tell litex-buildenv you’re using a board with a Xilinx FPGA, it’s going to expect you have already installed the proprietary Xilinx tools.

Full Open Source support for Xilinx FPGAs is being worked on, but not ready yet.

Fri May 10 23:41:14 +0000 2019 (#)

Replying to @femtoduino

The TinyFPGA is an iCE40 board. So you want this tutorial (from earlier tweet), and setting environment variables to tell build scripts the right board/tools to expect (see tutorial). You don’t need anything from Xilinx (your board has a Lattice FPGA).

Fri May 10 23:52:19 +0000 2019 (#)

Replying to @mithro and @femtoduino

Possibly we should change the default board to an iCE40 one now? The yak shaving is much shorter that way even if it’s the wrong board, and there’s lots of iCE40 boards now.

(Untagged many people; Xilinx / Digilent / MicroPython won’t be able to help here 😃)

Sat May 11 00:06:44 +0000 2019 (#)

Replying to @enjoy_digital and @rdwrt

Is this the Versa ECP5 board that’s known to work? Seems to be US$200 (US$100 price seems to be old promo price). But I might still get one if it’s known to work.

If there’s a cheaper Versa ECP5 still available I’d love a link!

Sat May 11 00:18:12 +0000 2019 (#)

Replying to @mithro

:-) I’ve made an issue so we don’t forget. Will try to find time to look at it next week.

Sat May 11 09:13:15 +0000 2019 (#)

Replying to @enjoy_digital and @rdwrt

Thanks. The one I linked to isn’t ECP5 5G, just LFE5UM based board (3.2G SerDes). The LFE5UM5G (5G SerDes) boards are US$250 at Lattice / DigiKey / Mouser (links below).

I’m guessing only second hand ECP5 5G are US$100 now :-(

Sat May 11 09:19:52 +0000 2019 (#)

Replying to @rdwrt

Thanks. I do have an Arty already. I’m particular interested in an ECP5 based board because it has open source tooling and is big enough to run Linux. (The iCE 40 boards do have OS tools, but are size limited 😃 )

Sat May 11 09:22:04 +0000 2019 (#)

Replying to @rdwrt

Thanks. I’ll add that to my list to watch for a wider release (I’m already watching the TinyFPGA EX progress for the same reason).

Sat May 11 09:27:34 +0000 2019 (#)

Replying to @rdwrt

Looks like the US$105 miniSpartan6 (with XC6LX25) is the only big enough board. I might think about that one as it’s bigger than my Mimas V2 boards which are my only other Spartan 6 boards.

The $105 miniSpartan6 is out of stock though…

Sat May 11 09:32:38 +0000 2019 (#)

Replying to @rdwrt

Yes, the Xilinx FPGA boards require Xilinx tools at present. There’s work in progress for open source tools for Xilinx series 7 (eg, Artix 7 on the Arty). But not finished. Of the Xilinx boards Arty is most modern/usable for Linux.

Sat May 11 09:43:34 +0000 2019 (#)

Replying to @rdwrt

There’s a list of tested boards in the linux on litex repo. I’ve had Linux running on my Arty (last year, OR1K soft CPU).

Looks like 25K LUTs, 32MB RAM, is bare minimum that might work. Ideally more of both. (Arty is 35K LUTs, 256M RAM.)

Sat May 11 09:52:40 +0000 2019 (#)

Replying to @rdwrt

For clarity: the “zero dollars” Xilinx Vivado Webpack license for the Xilinx tools is sufficient to work with Arty. So Arty is usable now for just cost of board.

But it’s 25GB+ install of Xilinx stuff to get at tools needed, so working OS support tools would be great 😃

Sat May 11 21:59:58 +0000 2019 (#)

Really interesting talk on making prototype PCBs to test components / circuits, by milling FR1 copper clad (and the PCB design rules that make that practical).

Sat May 11 22:08:02 +0000 2019 (#)

Replying to @dolu1990 and @rdwrt

I was just guessing from the table of boards known to work. It’d certainly be smaller worked too.

Last year we’d concluded XC6SLX9 (9K LUTS, eg Mimas v2) was too small for Linux, as are iCE40s (5K/8K LUTs max).

Typically only step between 9K and 25K LUTs is about 15K LUTs.

Sat May 11 22:12:09 +0000 2019 (#)

Replying to @uojjided, @enjoy_digital and @rdwrt

Do you have a currently active link? Or part number? I can find US$99 price as 2015 promo. But the only DigiKey links I can find now are US$200 / US$250 for ECP5 / ECP5-5G Dev kits.

At US$99 available now I’d order one immediately 😃 But I can’t find that pricing now 😟

Sat May 11 22:16:56 +0000 2019 (#)

Replying to @dolu1990 and @rdwrt

Sounds like there’s a chance 9K-15K LUT boards with good amount of RAM and other useful features might work with cut down VexRisc and Linux.

But often available boards jump from “too small” to “plenty big” for Linux!

Sat May 11 22:31:51 +0000 2019 (#)

Replying to @uojjided, @enjoy_digital and @rdwrt

This is what I find now. The ECP5 5G board is out of stock (due early/mid June) and US$268. (Bare ECP5/5-5G chips are under $80, but that doesn’t help me 😃)

Sat May 11 23:48:35 +0000 2019 (#)

Replying to @uojjided, @enjoy_digital and @rdwrt

Thanks for the link. That is LFE5UM5G-85F-EVN, at $99.

Unfortunately it looks like a prototyping breakout board, without RAM or Ethernet. Rather than the Versa ECP5 dev boards known to boot Linux.

Great to have cleared that mystery up!

Mon May 13 06:02:39 +0000 2019 (#)

Replying to @dolu1990

That’s an interesting idea: the iCE40UP5K does have a multiply unit and maybe that’d be enough to make it fit, even in 5K LUTs. (The iCE40 non-UP doesn’t have a multiply unit from memory.)

Not sure if there’s any existing iCE40UP5K boards with lots of RAM though.

Tue May 14 08:12:54 +0000 2019 (#)

Excellent post mortem writeup from the Matrix Jenkins break in. Well worth reading if you do anything systems security related. My biggest take away was that allowing SSH agent forwarding was biggest factor in escalating the scope of the breach.

Tue May 14 08:17:38 +0000 2019 (#)

As someone from the “do you wait for frame fly back or let the video tear” days, the interesting thing to me in this (2017) John Carmack talk was just how many layers had added “buffering” and “smoothing”, adding up to many frames of latency where 80s games had 1-2 frame latency.

Tue May 14 09:01:53 +0000 2019 (#)

Fascinating 2019 interview of Ken Thompson, by someone who was there at the time & knows what to ask. Interview starts at about 8 min.

Lots of details I hadn’t heard, even having read/seen a lot of Unix history. If you know who Ken Thompson is, you should watch this interview.

Tue May 14 21:31:44 +0000 2019 (#)

Replying to @RohitK_Singh and @dolu1990

I’m surprised! But excited surprised: that opens up a bunch of possibilities. Thanks for the details.

Tue May 14 21:39:01 +0000 2019 (#)

Replying to @enjoy_digital and @dolu1990

That’s a useful size cross reference! Perhaps you could put it somewhere with a more permanent URL? Looks like 4.5-5.5K LUTs used by the Soft SoC on most boards. De0 Nano (Cyclone 4) usage is higher (77% used).

Thu May 16 07:53:16 +0000 2019 (#)

The whole channel is great, but this Apollo DSKY glass panel interface re-creation is amazing. (If the techniques used interest you, look back in the channel for more detailed videos on individual build methods.)

Thu May 16 07:56:58 +0000 2019 (#)

Replying to @ico_TC

2 lines of latency is very impressive! I’m assuming they were racing the beam and had fast input latency too (modern input buses can eat several ms by themselves!).

Is there any writeup on how they got 2 lines latency end to end? That’d be interesting to read more about.

Fri May 17 06:19:51 +0000 2019 (#)

Replying to @TProphet

Electronic payments in New Zealand generally settle within hours if made during the bank day, even interbank. Otherwise overnight/by next bank day. From memory electronic payments settling by the next bank day has been the norm here for the last 10-15 years. (Same day is newer.)

Fri May 17 07:45:37 +0000 2019 (#)

Replying to @BR3NDA

I’d try pretty hard not to log in. Less likely people will freak out later.

Historically I’d email postmaster@DOMAIN, abuse@DOMAIN, and all contacts in domain Whois record. And when those bounce (common, sigh) search website / Internet for other contacts and email those.

Fri May 17 07:50:42 +0000 2019 (#)

Replying to @BR3NDA

Also invoking HIPPA (USA), Privacy Act (NZ), etc and reporting to relevant in state monitoring organisation would probably get attention.

A couple of misdirected emails is careless, but forgivable. 26 over many weeks is negligent to the point of “fines” IMHO.

Fri May 17 08:07:38 +0000 2019 (#)

Replying to @cr1901

With enough squinting (linear) memory is just a big array, and memory addresses are just indexes into that array. Historically that memory even started at offset 0 and had small int indexes for addresses 😃

With a slab style allocator, indexes and addresses are interchangeable.

Fri May 17 08:09:46 +0000 2019 (#)

Replying to @cr1901

Sorry to hear that :-( Hope it’s at least feeling less bad soon.

Fri May 17 21:59:48 +0000 2019 (#)

Hey @github, I’d like a way to track issues in projects I use (but do not normally develop on) that’d I’d work on if I had some free time. A more specific list than “subscribed”, but weaker commitment than “assigned”. Is this a thing? Could it be a thing?

Fri May 17 23:44:26 +0000 2019 (#)

Replying to @ewenmcneill

FTR, no reply at all to my email asking if they’d bring them back. I guess that’s “definitely not” and I have to find/make an alternative.

I have 4 left, and they won’t last forever: best by mid 2019, let alone the small number left 😢

Fri May 17 23:55:54 +0000 2019 (#)

Replying to @ewenmcneill

For future reference, Mozilla blog post and technical writeup on the cert expiry. A full post mortem hasn’t come yet, but I’m still hopeful there’ll eventually be a detailed public post mortem. (They’re still fixing loose ends!)

Sat May 18 01:56:52 +0000 2019 (#)

If you’re finding the large x86 instruction set too complex, the M/o/Vfuscator lets you write macro assembly, BF, BASIC, and C that are implemented via just the x86 “mov” instruction. It’s still complex though 😂 (& some code bloat!) Great fun DerbyCon 2015 talk by @xoreaxeaxeax.

Sun May 19 20:28:59 +0000 2019 (#)

Replying to @BR3NDA

The Internet Archive. Add lots of metadata, including links to/copies of OS context.

They have a python upload library. And from memory they’re still offering BitTorrent seeding as one of the download options.

Sun May 19 20:32:33 +0000 2019 (#)

Kawaiicon, the “not Kiwicon/not BSides Wellington” security conference in Wellington wants your talks! CFP open now.

Wed May 22 07:32:03 +0000 2019 (#)

Kiwi PyCon (in Wellington, 23-25 August 2019), is now accepting speaker proposals (until 2019-06-23). Your chance to speak awaits!

Wed May 22 07:43:37 +0000 2019 (#)

Replying to @minxdragon

I’m honestly quite hopeful for “they” as a neutral/default English third person singular pronoun. After 25-30 years of watching neutral singular pronoun attempts, it’s the first to get wider acceptance.

The future is here now, it’s just unevenly distributed 🦋🌈

Wed May 22 07:50:28 +0000 2019 (#)

Replying to @minxdragon

It feels like we’re about 5 years into a “generation shift” transformation (ie 20 years) on the use of “they” as singular.

Unfortunately language has many layers of “we reflect common usage” to get past, which takes time.

(I’m glad “he includes she” is well on the way out.)

Thu May 23 07:33:51 +0000 2019 (#)

RT @lindamciver: I get that it's hard to cater for allergies. But try HAVING them.

Thu May 23 07:39:26 +0000 2019 (#)

Replying to @minxdragon

I’m all for a tick list option providing I can tick several, and there’s an “other, please explain” too. It’s tiring to try to fit my needs into 1x40 chars (visible, or char limit). And I know “free text” answers are hard to analyze, so reserve that for less common combinations.

Thu May 23 07:59:00 +0000 2019 (#)

Replying to @Manawyrm and @alexbloor

Well it makes for a consistent/memorable naming scheme I guess!

I’ve received a couple of the TrustFire ones with some project kits, and even that name made me wary… 😃

Thu May 23 08:07:11 +0000 2019 (#)

Replying to @minxdragon

At the “long email” stage I’m usually well into “could I just bring/provide my own food” and “do I really want to go to that event”. (Multi-day events at locations where there’s no other food options is the only case I do long emails / contact caterers directly.)

Thu May 23 08:26:07 +0000 2019 (#)

Replying to @BR3NDA

“I found a FAQ like your question, here’s the answer.”

I generally interpret those kinds of answers as “I don’t understand”/“I don’t know” and try to find an alternative/alternative way to find out.

Some places have allergy cross check lists; if not I default to “it’s no good”.

Fri May 24 07:57:56 +0000 2019 (#)

A very pretty use of corn syrup, and R/G/B colours, to demonstrate reversible laminar flow. It’s well worth watching the video to see the effect from both the side and above: from above is both pretty and illustrates how it is reversible.

Sat May 25 03:42:25 +0000 2019 (#)

It appears @ANZ_NZ would like their smaller / lower transaction business customers to go away 🙁

Their 2019-06-01 fee changes triple my business’s effective bank account fees, with about two weeks notice.

“Free” transactions are not free if you have to pay for them anyway.

Sat May 25 04:16:52 +0000 2019 (#)

Replying to @ewenmcneill

Looks like they’re forcing everyone onto a slightly cheaper ($8.50 vs $10) version of their SmartPlan. And inexplicably encouraging manual (cheque/teller) transactions more than they used to (will be “free”, was $0.55 to $0.65 each) — an unusual choice.

Sat May 25 05:48:58 +0000 2019 (#)

Replying to @loltimo and @textfiles

Turns out someone uploaded the two video excerpts to YouTube back in 2013, for easier modern viewing. Only a few minutes though.

Looks like the full video upload never happened. But I’ve downloaded audio to listen to later.

Sat May 25 06:04:35 +0000 2019 (#)

Replying to @textfiles and @loltimo

If you do find the drive in your backlog, it’d be great if you could upload the video version too (to the Archive and/or YouTube). 👍

Sat May 25 06:09:13 +0000 2019 (#)

RT @cr1901: OMG! TIL that MiniScribe the hard drive manufacturer would ship bricks to oem customers' warehouses whi…

Mon May 27 23:49:08 +0000 2019 (#)

RT @BarristerNZ: It is very difficult to see how the demand for details about this book, including its title, could possibly be a legitimat…

Tue May 28 22:00:12 +0000 2019 (#)

Dear @Avis, perhaps you could ask your web developers to provide a hint of the “slight problem” with the address, instead of leaving your customers to blindly guess?

(I got the address accepted on the third try because I’m good at IT mystery puzzles.)

Wed May 29 07:26:24 +0000 2019 (#)

Replying to @minxdragon

Speaking as someone who has worked in IT for decades, including lots of software development, teaching a computer to do something always requires learning it (again) oneself. (With relevant background it’s a quicker refresh than learn from scratch, which saves some time.)

Wed May 29 07:33:00 +0000 2019 (#)

Replying to @minxdragon

I took “Maths with Calculus” in High School, and Calculus In first year University.

But (a) I’ve barely used the Calculus since, and (b) would need a good re-read if I ever did need to use that math theory again.

OTOH, book keeping I’ve used weekly, and had to teach myself….

Thu May 30 07:17:50 +0000 2019 (#)

Replying to @tveastman


It is possible to configure certbot to work when Apache is running. I’ve no idea why it’s not the default (other than that certbot generally has sub optimal UX all around).

I too have heard good things about dehydrated, and might use it to replace acmetool (v1 only).

Thu May 30 08:35:55 +0000 2019 (#)

Really interesting talk by @whatnick about the realities of manufacturing electronics in a country that doesn’t really have electronics manufacturing supply chains, or government policy to make importing parts cost effective. (Spoiler: it’s not just Kenya with these challenges.)

Thu May 30 19:17:17 +0000 2019 (#)

Replying to @tveastman

“I see you don’t have a webserver on port 80, let me fix that for you” :-)

(From memory there’s a certbot and nginx metapackage that pulls in nginx instead. But still, it’s very “tripped over its own shoe laces”….)

Fri May 31 10:03:05 +0000 2019 (#)

Today in a tweet: woke 04:00. Drove 120km. Flew 1200km. One funeral, no weddings. Was mistaken for a (very) distant relative that shares my name. Drove past a street that shares my name (unrelated AFAIK). 13.5 hours door to door, including many airport delays. Tired now 💤