Twitter: @ewenmcneill -- August 2022

Mon Aug 01 01:43:20 +0000 2022 (#)

Replying to @__fincham and @raggi

FWIW you can wake Lambdas on other events too, not just HTTP/REST API gateway calls. Including via “cron” (timed events) and message queue events.

If “always” running is “daytime hours when you want to use it” maybe a scheduled start/keep alive is enough?

Mon Aug 01 01:45:14 +0000 2022 (#)

Replying to @__fincham and @raggi

Also FWIW I have a Lambda which “rewakes itself” by sending itself a delayed message via a queue (needed as work around for very slow polled third party API, that often takes 30-60 seconds to have a result).

In short timeframes you normally get the same instance.

Mon Aug 01 01:47:46 +0000 2022 (#)

Replying to @__fincham and @raggi

From memory there’s a fairly high free tier invocation count on Lambdas, and then it’s CPU-seconds after that (which is why I do “message to self” to sleep 20-30 seconds).

Also FWIW, having a HTTP API “knock” that sent a wake up message to the other Lambda might work for you? 🤔

Mon Aug 01 01:56:29 +0000 2022 (#)

Replying to @raggi and @__fincham

Also FWIW you can start an EC2 instance under API control, which similarly could be a HTTP request to a Lambda.

Combined with “shutdown 10 minutes after no connections” the run cost of a small EC2 instance could be quite small in practice, if seldom used.

Mon Aug 01 01:58:05 +0000 2022 (#)

Replying to @raggi and @__fincham

And with an EC2 instance started “on demand” (ie “knock” to Lambda), you’re no longer fighting against the Lambda runtime limits (fairly small, but you do get “same instance kept warm” for requests soon after).

Mon Aug 01 02:01:52 +0000 2022 (#)

Replying to @__fincham and @raggi

Build an AMI that just runs the proxy and nothing else, with no persistent disk? Then “maintain” is just “build new AMI periodically”, same as building a new Lambda version would be.

(Tailscale proxy seems well suited to being read only minimal VM appliance AFAICT.)

Mon Aug 01 07:06:17 +0000 2022 (#)

RT @AsahiLinux: Linux 5.19 is out, and Linus Torvalds released it from an M2 MacBook Air running the Asahi Linux kernel! 🎉…

Mon Aug 01 07:42:05 +0000 2022 (#)

RT @ToshiAkima: 7. Bottom line: do not wear surgical masks for respiratory virus protection because #COVIDisAirborne. They were not designe…

Mon Aug 01 09:24:09 +0000 2022 (#)

Another fascinating talk from VCF East 2022 — Al Charpentier (designer of VIC I and VIC II video chips, and much of the C64) and Bil Herd (designer of the C128) talking about early chip design, and video generation in the NTSC days (1h30).

Tue Aug 02 01:03:23 +0000 2022 (#)

TIL that while both Python and JavaScript have both “match” and “search” for regular expressions, only in Python is “match” implicitly anchored at the start/end of the candidate.

This is why we cannot have nice things 😔

Tue Aug 02 01:09:14 +0000 2022 (#)

Replying to @ewenmcneill

In related news, in JavaScript, the word “Installation” “match”es the regex:


Which means the “guess which fields are lat/lon” GeoJSON tool we were using went wildly astray.

(JS “match” returns matched groups; “search” just returns booleans.)

Tue Aug 02 01:12:41 +0000 2022 (#)

Replying to @ewenmcneill

Apparently in JS the “g” suffix means “global search”, ie find all matches. Not “must match whole string”.

In the context I found it the author could have used search not match as they only test for presence; and “g”(local) was pointless. So clearly they were confused too :-/

Wed Aug 03 06:28:52 +0000 2022 (#)

RT @abaranov: This is brilliant and not what you may think at first.

Hacking a process.

Fri Aug 05 01:22:23 +0000 2022 (#)

Replying to @slyall

I’ve definitely been assuming there was no LCA2023. PyConAU 2022 got skipped, and discussion in January for LCA was “in person or skipped”; various teams seemed pretty over organising/running online conferences.

(Typical year LCA CFP would have closed about now.)

Fri Aug 05 02:12:59 +0000 2022 (#)

Replying to @slyall

2021 online LCA was a very rushed organisation process and stressed a lot of people (especially AV). So hopefully that compressed timeline doesn’t happen again.

I too think LCA2023 should be skipped at this point, or at least delayed. Core people need a break, not a big rush.

Fri Aug 05 02:15:26 +0000 2022 (#)

Replying to @slyall

Having now read the June / July / August linux-aus discussion I wonder if they’re trying to receive LCA 2021 in Canberra (which was I initially postponed to 2022).

But even with just “rebook all venues” it feels very rushed for January 2023. And likely lower attendance too.

Fri Aug 05 05:22:24 +0000 2022 (#)

Replying to @BR3NDA

From that ship date I’d guess they were out of stock of something when you ordered (or when they packed).

Several Auckland based online pharmacies seem to have poor “in stock” tracking and hold orders waiting stock. Another held an order 2 weeks before shipping what they had.

Fri Aug 05 22:45:25 +0000 2022 (#)

Replying to @ExcitedLeigh

… maybe one of them doesn’t know they’re the girl yet? 🤔

Sat Aug 06 09:03:25 +0000 2022 (#)

“Magnetic Tape Data Recovery in Software”: what if you fed the amplified tape head signal into a 16 channel A to D converter and then decoded everything from there in software? 50GB of A to D output per mag tape 😮

(2020 VCF talk, about 23m long)

Sun Aug 07 01:46:57 +0000 2022 (#)

RT @hacks4pancakes: No, unfortunately the legacy stuff that has not been updated in years is exceedingly likely to be running really crucia…

Mon Aug 08 01:30:37 +0000 2022 (#)

Replying to @aurynn

Fantasy: my code worked the first time.

Reality: my test code is broken, or incomplete.

And thus karma is balanced.

Mon Aug 08 06:24:22 +0000 2022 (#)

Replying to @__fincham

Wow, that’s quite the slip. From memory of that area (downhill from VUW lower fields), it’s a fairly old retaining wall. And the narrowest bit of The Terrace too.

Mon Aug 08 06:26:04 +0000 2022 (#)

Replying to @hroethgar


Looks like the original cable anchor was just into a narrow board, despite there being an anchor board mounted just below 🤔

Hope you can get it sorted out without too much hassle.

Mon Aug 08 22:22:22 +0000 2022 (#)

Places I would like to have FIDO/WebAuthN/hardware token based logins:

  1. My bank

Places I cannot use FIDO/WebAuthN/hardware token login:

  1. My bank


(Feeling this strongly this morning after waking up to password reset attempt I did not initiate.)

Mon Aug 08 22:24:54 +0000 2022 (#)

Replying to @ewenmcneill

Fortunately as best I can find out they made only one reset attempt on one banking account and got discouraged by the “it’s not really 2FA, but it’s better than nothing I guess” additional reset requirements.

My bank phone staff confirmed there’s nothing better available now 😔

Mon Aug 08 23:18:17 +0000 2022 (#)

Replying to @igor_2_ and @xssfox

They are about 600km from the nearest Internet / 3G / 4G service so the current trip photos are uploaded over HF radio. The images are extremely compressed to make the HF image upload take only “minutes” instead of hours.

Tue Aug 09 03:41:15 +0000 2022 (#)

Replying to @aurynn

There are online communities of people with Chronic Fatigue (from various diagnosis). Based on info from people I know in them, “how to function” is one of the main topics discussed. Looking/asking there may provide some hints.

(Medical diagnosis may or may not provide hints.)

Tue Aug 09 23:16:12 +0000 2022 (#)

TIL that BackerKit (a common KickStarter “after funding” platform) thinks it’s a good idea to build a database of thousands (per campaign) of credit card numbers/expiry/CVC, which they keep for months. So they can “charge actual shipping costs when it is known”, “without delay”.

Tue Aug 09 23:19:24 +0000 2022 (#)

Replying to @ewenmcneill

Charging actual shipping costs when known seems like the only sensible option in these pandemic times.

Storing full credit card details in a database for months… not so much.

(I’m unclear how this meets PCI-DSS; presumably they have an exception for some special reason.)

Wed Aug 10 07:20:17 +0000 2022 (#)

Replying to @xleem

Yes, pre-auth + later part charge would be a sensible way to handle it.

There’s a time box on pre-auth though (60 days? 90 days?), which doesn’t match very well with crowdfunding “we’ll announce shipping costs once we have final weights/locations” — which could take 3-6 months.

Wed Aug 10 07:23:22 +0000 2022 (#)

Replying to @hroethgar

Yeah, I’m surprised too.

My best “acceptable” guess is they’re using the Stripe “store card proxy ID for recurring charges” functionality. But nothing actually says that. And the form insists on card number / expiry / CVC to finish (maybe they validate and discard CVC?).

Fri Aug 12 01:57:12 +0000 2022 (#)

RT @RealSexyCyborg: Best Aranet4 CO2 Meter Alternatives Under $100?

Please RT! 🙏

Fri Aug 12 01:59:17 +0000 2022 (#)

RT @Erstejahre: This is why apples decision to force passkeys to be synced (and thus bound to an apple id) baffles me. Bust the apple id, g…

Fri Aug 12 09:13:09 +0000 2022 (#)

RT @nickzoic: Just a phenomenal, spine-tingling piece of work on engine audio simulation:

Sat Aug 13 06:57:16 +0000 2022 (#)

Interesting talk on running Wikipedia infrastructure in the public eye (from Hope Conference, July 2022; 47m)

Among other things discusses finding HTTP/2 uploads can be slow on a higher latency link (referencing Cloudflare blog).

Sun Aug 14 22:23:57 +0000 2022 (#)

Apparently the threshold for “rates increase above average” is “property value increased above 52%” in 3 years (rating value) 😮

The average property increase in 3 years in Wellington was 52%?!

(Leaving aside 8% increase is “barely matching inflation”.)

Mon Aug 15 01:47:04 +0000 2022 (#)

Replying to @tveastman

In case you’re not aware, you can “encourage” the PostgreSQL query planner not to consider certain types of scans (including full table seqscans and index scans). Which can be useful for testing “do you find the alternative I want then?”.

Mon Aug 15 01:49:44 +0000 2022 (#)

Replying to @tveastman

There’s also a whole bunch of tuning costs, including sequential / random lines page fetch costs. The defaults look pretty “magnetic spinning disk” biased (random 4x sequential), which is probably misleading for fast SSDs.

(But tweak with great care in production!)

Mon Aug 15 09:53:29 +0000 2022 (#)

Replying to @__fincham

Is to maybe the same as the Transtronics (Xtronics) parallel programmer?

(Intronics and Transtronics are from the same US state, and I’ve seen crossover references to the two brands; maybe they merged?)

Mon Aug 15 10:07:27 +0000 2022 (#)

Replying to @__fincham

FWIW Intronics and xtronics do seem to be the same, eg repair address on this page. And page is copyright Transtronics/linked from Transtronics site.

(But yes software downloads seem to be for the 2A parallel hardware and yours looks older.)

Mon Aug 15 23:26:59 +0000 2022 (#)

Replying to @__fincham and @oddynz

Next week: new drawer “weird tools, 2000s edition”.

(The world has produced a lot of weird tools!)

(Also FWIW, the old school EPROM programming algorithms were pretty simple: asset programming voltage + write pins, then strobe in data from parallel pins IIRC.)

Tue Aug 16 08:56:58 +0000 2022 (#)

“[W]e didn’t monitor the protest” — Dir Gen NZ Security Intelligence Service (at 39m28s in Stuff “Fire and Fury” documentary, about events leading up to parliamentary occupation)


(Whole thing worth seeing; CW protest/riot violence especially near end)

Tue Aug 16 22:12:28 +0000 2022 (#)

RT @impraxical: I just published a new low-level blog post:

"From Oscilloscope to Wireshark - A UDP Story"

It starts with voltage data me…

Tue Aug 16 22:17:26 +0000 2022 (#)

Replying to @LostAngelNZ

I agree there were a variety of beliefs involved in the parliamentary occupation, only somewhat matching local right wing media talking points.

I’m just rather surprised the intelligence services decided not to at least keep an eye on what happened, just down the road from them.

Wed Aug 17 07:46:11 +0000 2022 (#)

Replying to @__fincham

Good, Fast, Cheap, Simple


(If you stare enough everything becomes an optimisation problem filled with undesirable tradeoffs.)

Thu Aug 18 06:57:57 +0000 2022 (#)

Replying to @__fincham

Yes, it’s clearly better to have software with unknown CVEs in it 😃

(Good NDAs fix the problem of “known CVEs”, right?! 🤔)

Thu Aug 18 07:27:20 +0000 2022 (#)

RT @mjg59: This provides amazingly perverse incentives for workers who object to their employers selling to the DoD

Fri Aug 19 06:19:06 +0000 2022 (#)

The #KiwiPyCon “Flask Beginner Lab” was a gentle introducing to Flask routes and Jinja templating.

Although it took a sudden “now draw the rest of the owl” turn when introducing databases: a mostly accurate ER diagram and a note to “make this database quickly” and upload it.

Fri Aug 19 06:28:09 +0000 2022 (#)

Replying to @ewenmcneill

FTR it turned out the way for students to continue the tutorial was to download the model solution database from the replit site (account required and “fork project” first; clicking on it without an account only shows a corrupt “text” rendering which SQLite rejects). #KiwiPyCon

Fri Aug 19 07:43:45 +0000 2022 (#)

RT @furrtek: Decap: easy mode

Fri Aug 19 22:27:14 +0000 2022 (#)

Amazing keynote by @chrisjrn at #KiwiPyCon. As predicted it was very good, and I loved the way the “mostly technical” talk finished (which I won’t spoil here).

If you missed it, the talk was recorded and will be published for (re)viewing “soon”.

Fri Aug 19 22:49:55 +0000 2022 (#)

Replying to @ewenmcneill

And if you can’t wait for the video to come out, or reading live tweets is more your thing, there’s an entire thread of (most of) Chris’s #KiwiPyCon keynote.

(* not all of the keynote in tweets, because there was more talk content than typing time 😃)

Sat Aug 20 04:52:00 +0000 2022 (#)

qiling: a binary emulation framework, for exploring executables (emulates both CPU architecture and OS environment AFAICT). GPLv2+, written in Python.

Sat Aug 20 09:21:27 +0000 2022 (#)

RT @textfiles: The They Might Be Giants documentary GIGANTIC is now on YouTube!

Sun Aug 21 01:21:53 +0000 2022 (#)

“The arc of the universe only bends because people are pushing it that way.” — @asteracode at #KiwiPyCon

(Fantastic lightning talk, on a very tough topic: see CW in QT. Sad that it “needs to be said”. But it did need to be said 😢

Yes, they are recorded, video up “soon”. )

Sun Aug 21 02:07:15 +0000 2022 (#)

TIL South Australians pronounce “dance” the same way as Kiwis (much of Australia does not).

And further (thanks micolous at #KiwiPyCon) that this is part of what linguists call the Trap-Bath split in English pronounciation.–bath_split

Sun Aug 21 04:24:12 +0000 2022 (#)

RT @anitsirk: Do you want to get more of the @kiwipycon goodness or didn't attend this year but saw all the cool things been talked about?…

Mon Aug 22 05:47:50 +0000 2022 (#)

RT @SwiftOnSecurity: "Y2K was a false panic, nothing even happened!" Via JerWah on TikTok

Mon Aug 22 07:28:14 +0000 2022 (#)

Replying to @yaakov_h

0.01 kWh over 8 hours is 0.00125 kW on average, aka 1.25W.

Feels low enough I could see that rounding down to 0W, and especially 0A (1.25W / 230V is about 5mA).

But I’d have to say that feels… very low for anything that isn’t just standby leakage current 🤔

Mon Aug 22 10:19:58 +0000 2022 (#)

Replying to @yaakov_h


On the plus side your Elgato Key Light standby mode seems to be genuinely low power.

(Sorry about having to Repeat The Experiment though.)

Wed Aug 24 04:41:08 +0000 2022 (#)

RT @LI_politico: Air purifiers are not that expensive in the business context and I’m kinda surprised that they are not standard in restaur…

Wed Aug 24 07:20:30 +0000 2022 (#)

Replying to @ewenmcneill

Video of Chris’s keynote at #KiwiPyCon if you missed it (or want to watch again):

Wed Aug 24 07:28:08 +0000 2022 (#)

Replying to @__fincham

imagines unicycle cross-breeding program selecting for the traits you want 🤔😃

Thu Aug 25 06:44:30 +0000 2022 (#)

RT @FinchTH: Engineers and scientists: “listen an air purifier is just a fan that pulls air through a filter. It’s really simple. Just put…

Thu Aug 25 22:02:03 +0000 2022 (#)

Replying to @hops_and_smoke and @asteracode

KiwiPyCon lightning talks video just posted. From memory @asteracode’s talk was about the third talk (~5 minute talks, with about 3-5 minutes intro at start of the video).

Thu Aug 25 22:18:53 +0000 2022 (#)

RT @MalwareJake: If you are running a bank and cold call a customer from a number that is not attributable to the bank, claiming to be from…

Fri Aug 26 09:12:44 +0000 2022 (#)

RT @davidcsimon: It was raining, but the sun was shining, and I saw a Crimson Rosella poised to fly down into our garden so I got ready to…

Sat Aug 27 09:32:56 +0000 2022 (#)

RT @emfcamp: "London Underground open data: much more than you ever wanted to know" by @eeeeeta9

Sat Aug 27 10:16:48 +0000 2022 (#)

This talk covers about 140 years of railway signaling, introducing various new types of signaling motivated by accidents they aim to prevent reoccurring.

TIL all signaling types from 1880 through 2000s still in use in parts of the UK.

(Also trains with 256 axels not allowed!)

Mon Aug 29 05:40:17 +0000 2022 (#)

Replying to @asteracode

So the “national” energy market covers about 1/3rd of the land mass of Australia? 🤔

(But I guess about 93% of the population. And including most of the land with more than 1 person / square kilometre on average.)

Wed Aug 31 07:22:09 +0000 2022 (#)

Replying to @minxdragon

“The unread books are winning”

So starts a dystopian tale of humanity versus The Books (tm) 😬

(Much the same here: the unread books are winning, if only dilute to buying them as a “must remember to read this” reminder…)