Die wunderbare Welt von Isotopp

Getting rid of phishing training mails

Just like your work computer is being infested with corporate malware as to prevent it from being taken over from other people’s malware, your account is also being spammed with corporate malware spam as to prevent it from being taken over by other malware spam. And just like corporate malware increases your machine’s attack surface , because it is badly written and running with privileges, corporate spam is a useless nuisance that doesn’t do what it is supposed to do .
50 years in filesystems: towards 2004 – LFS

This is part 5 of a series.
“1974 ” on the traditional Unix Filesystem. “1984 ” on the BSD Fast File System. “1994 ” on SGI XFS. “Vnodes ” on how to have multiple filesystems in Unix. Progress is sometimes hard to see, especially when you have been part of it or otherwise lived through it. Often, it is easier to see by comparing modern educational material and the problems discussed with older material.
50 years in filesystems: A detour on vnodes

This is part 4 of a series.
“1974 ” on the traditional Unix Filesystem. “1984 ” on the BSD Fast File System. “1994 ” on SGI XFS. Progress is sometimes hard to see, especially when you have been part of it or otherwise lived through it. Often, it is easier to see by comparing modern educational material and the problems discussed with older material. Or look for the research papers and sources that fueled the change.
50 years in filesystems: 1994

This is part 3 of a series. The first part is “1974 ”. The second part is “1984 ”.
Progress is sometimes hard to see, especially when you have been part of it or otherwise lived through it. Often, it is easier to see if you compare modern educational material, and the problems discussed with older material. And then look for the research papers and sources that fueled the change.
City of Amsterdam and Combustion Engines

Electrive.net had an article about Copenhagen banning combustion engines in the city, starting 2030: (Article in German ). So I had to check what is the current state in Amsterdam.
Current state The Netherlands has a central register for license plates. It is public, and anyone can check. There are many places that allow you to do that for car, not owner data. For example .
The city of Amsterdam also allows you to check if a given license plate is allowed to enter the cities milieuzone.
It's a Modulith

“Computers are simple” is what I am telling people I train. “There are only Zeroes and Ones, and it is not getting much more complicated.”
“But computers are hard”, they respond.
“That is correct. In computer systems, complexity is almost never in the individual layers, but it comes from the width and breadth of the stack. It’s in the interactions of the components that we are putting together.”
When you start with how a CPU is being built, and then put the layers of the stack on top of each other until you end up with a classical single-process application, in some object-oriented language, with a GUI – that’s around two to three dozen layers of abstractions piled on top of each other.
50 years in filesystems: 1984

This is part 2 of a series. The first part is “1974 ”.
Progress is sometimes hard to see, especially when you have been part of it or otherwise lived through it. Often, it is easier to see if you compare modern educational material, and the problems discussed with older material. And then look for the research papers and sources that fueled the change.
In Linux (and Unix in general), this is easy.
50 years in filesystems: 1974

Progress is sometimes hard to see, especially when you have been part of it or otherwise lived through it. Often, it is easier to see if you compare modern educational material, and the problems discussed with older material. And then look for the research papers and sources that fueled the change.
In Linux (and Unix in general), this is easy.
1974 - Unix V7 File System We find the Unix Version 7 Research Release in Diomidis Spinellis unix-history-repo .
MySQL: SeveralNines Podcast with Kris

Back in October last year I have been speaking to a few very old friends at SeveralNines, for a podcast. The recording is now out, and you can listen to it at this location or in the Podcast Player of your choice.
Booking.com, Part 1 - Running data infrastructure at an Enterprise scale Booking.com, Part 2 - How Booking.com built their own Sovereign DBaaS at scale
Tracing Python

Based on a discussion on IRC and Mastodon: “How can I get access to the return values of my (Python-) programs functions?” And more generally, how can I trace function execution in Python, showing function parameters and return values?
PyCharm builtin method Of course, you can always simply turn on this in the PyCharm debugger:
PyCharm, Debug Window, Gear Icon, “Show Return Values”
Do it yourself: sys.settrace() (via Peterkelly ): Python has a built-in API for tracing: sys.
MySQL: Selecting random rows

Given a table named tbl with one million entries, we want to select a random row from this table, fast. Our table definition looks like this:
create table tbl ( id INTEGER NOT NULL, d VARCHAR(200) NOT NULL, INDEX(id) ); Dense id space We can generate some test data using a recursive CTE:
mysql> set cte_max_recursion_depth = 100000; mysql> insert into tbl -> with recursive c(n, u) as ( -> select 1, uuid() -> union all -> select n+1, uuid() from c where n < 100000 -> ) select * from c ; The Recursive CTE will generate 100k pairs of (number, uuid()).
Rotating Accounts or Passwords?

Some applications allow you to have multiple passwords. For example, in MySQL, since 8.0.14 you can dual passwords for an account . Also, Redis 6 allows you to have multiple passwords on an account ACL .
Personal Accounts and Machine Accounts. When running services in a production system, the services sometimes have personal accounts (PAs) that allow humans to login and perform actions on the service. Often, these accounts are very limited in number (in production), and privileged.
This is not a Drill, this is just Tuesday

Master of Disaster With a previous employer there was the requirement to implement business continuity management and patch management. Specifically, there was a requirement to be able to lose a region completely without loss of business. The other requirement was to be able to have all systems CVE-free within 30 days (in emergencies: 3 days), and to be able to blackstart them.
That was of course impossible to implement.
Minecraft: unable to create native thread

A minecraft server has problems creating threads. The error message reads:
java.lang.OutOfMemoryError: unable to create native thread: possibly out of memory or process/resource limits reached at java.lang.Thread.start0(Native Method) ~[?:?] at java.lang.Thread.start(Thread.java:802) ~[?:?] at java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:945) ~[?:?] at java.util.concurrent.ThreadPoolExecutor.execute(ThreadPoolExecutor.java:1353) ~[?:?] at java.util.concurrent.Executors$DelegatedExecutorService.execute(Executors.java:721) ~[?:?] at org.bukkit.craftbukkit.v1_19_R2.scheduler.CraftAsyncScheduler.mainThreadHeartbeat(CraftAsyncScheduler.java:73) The server in question has 32 GB of memory (6 GB used), 8 cores, and processes threads running. It is mostly idle. There is no reason at all why this machine should be out of resources.
Service Directories, and what they are good for

At a previous job we had a home-grown application “Service Directory”, which allowed a team to declare a service or deployed application. The record for a service not only declared the application with pointers to the source code repository, artifacts and documentation.
It also pointed to the operational facts, such as criticality, the owning teams, the SLO, the alerts, and the collected stats and dashboards. And, most importantly, you had to declare dependencies – which other services you depend on.
Mastodon Interaction Counters

In this post , SirSquid@toot.io asks:
Can someone explain to me why seeing retoots and likes is wildly different across Mastodon servers?
From toot.io, a toot from @gamingonlinux@mastodon.social shows hardly anything. But when viewing it on mastodon.social, it has tons of both.
This is one thing I would love to see properly cleaned up on Masto.
Mastodon is using ActivityPub, a federated protocol. Nodes exchange articles, and each node caches articles.
I don't hate Let's Encrypt anymore

So, Rachel is in a bad mood: Why I still have an old-school cert on my https site and I feel her. Like her, for my own sites I have always been running Apache. There was never much need to upgrade, the software was available, stable, and fast enough.
At some point in time, I needed TLS and started to use Let’s Encrypt .
That was messy: Running dehydrated , a bunch of haphazard shell scripts trying to get certificates authenticated and installed, through a wild chain of callbacks and sourced scripts all over the system, driven by Cron, and with bad alerting.
MySQL: Ways to run mysqldump

This text exists mainly so that I paste the URL into the #mysql channel in Libera IRC.
The mysqldump tools allows you to convert a MySQL database server or individual schemas back to SQL. You are left with a script that is supposed to be loadable into a target server and gives you back the full database, including all objects in it.
You can read that SQL as a script into an empty server to create a new instance, or process it with different tools for different purposes.
Was mein Kind in der Schule so macht

Die Niederlande sind ja ein Land, das mit WhatsApp funktioniert. “Ik stuur je snel een appie” und wenn WhatsApp mal down ist, wird das Land vorübergehend geschlossen.
Damit kann man einverstanden sein oder nicht, aber Metcalfe’s Law ist mächtig und wenn man das Land nicht in Hard Mode spielen will, dann legt man sich besser ein WhatsApp zu.
An ungefähr jedem zweiten Wohngebiet findet man ein solches Schild an der Einfahrtstraße.
Chromebooks in der Schule

In Mein Sohn sitzt vor dem Computer und in Schulen digitalisieren ging es schon einmal um den Einsatz von Computern in der Schule, in Deutschland und in den Niederlanden.
VWO Jetzt stand bei uns letzten Sommer nach dem Ende der 8. Grundschulklasse (der deutschen 6. Grundschulklasse) der Schulwechsel auf die VWO an. VWO steht für “Voorbereidend wetenschappelijk onderwijs”, studienvorbereitender Unterricht, und entspricht noch am ehesten einem deutschen Gymnasium. So wie es in Deutschland Gymnasien mit unterschiedlicher Ausrichtung gibt, gibt es das auch in den Niederlanden und der Name “Gymnasium” steht für eine VWO mit altsprachlicher Ausrichtung, der Name “Atheneum” für VWO mit einer technisch-naturwissenschaftlichen Ausrichtung, und es gibt noch ein paar weitere Geschmacksrichtungen.