Kenneth Falck
@kennu.net
Principal Architect, Founder of webcat.fi & clouden.net, Writer at Tivi. I write about cloud, IoT, Web3 and random stuff. FI/EN
Anybody found a good way for dependency cooldown in npm package upgrades, so that it would fallback to the next-latest version if latest version is still too young? Seems ncu -c 7 will just ignore all available updates, if anything has been released during the last 7 days.
November 25, 2025 at 1:14 PM
Anybody found a good way for dependency cooldown in npm package upgrades, so that it would fallback to the next-latest version if latest version is still too young? Seems ncu -c 7 will just ignore all available updates, if anything has been released during the last 7 days.
I wish there was an official Debian package repository for latest Go. Feels a bit dirty to use an unofficial PPA, and tired of always downloading and unpacking Go manually.
November 21, 2025 at 1:52 PM
I wish there was an official Debian package repository for latest Go. Feels a bit dirty to use an unofficial PPA, and tired of always downloading and unpacking Go manually.
Ubuntu 25.10 seems to have issues with smartcard login, when the smartcard (Yubikey) is always connected. I have to remove the USB key and reinsert it to get PIN entry.
November 8, 2025 at 1:52 PM
Ubuntu 25.10 seems to have issues with smartcard login, when the smartcard (Yubikey) is always connected. I have to remove the USB key and reinsert it to get PIN entry.
Just noticed Cursor 2.0 is now installable as a Debian .deb package! A very welcome update, having dealt with AppImages with broken desktop integration for too long now. cursor.com/download
Download
cursor.com
November 5, 2025 at 7:36 PM
Just noticed Cursor 2.0 is now installable as a Debian .deb package! A very welcome update, having dealt with AppImages with broken desktop integration for too long now. cursor.com/download
Still getting AWS CloudFormation rollback failed errors when trying to deploy Lambda functions, after today's AWS outage. It's going to be a huge mess to clean up all these broken stacks afterwards.
October 20, 2025 at 7:44 PM
Still getting AWS CloudFormation rollback failed errors when trying to deploy Lambda functions, after today's AWS outage. It's going to be a huge mess to clean up all these broken stacks afterwards.
TIL the private 100.x address space used by Tailscale was allocated quite recently in 2012, as an addition to the older 10.x, 192.x and 172.x spaces that were allocated back in 1994.
October 9, 2025 at 6:36 PM
TIL the private 100.x address space used by Tailscale was allocated quite recently in 2012, as an addition to the older 10.x, 192.x and 172.x spaces that were allocated back in 1994.
For endless fun, try asking ChatGPT: Is there a seahorse emoji?
October 6, 2025 at 2:27 PM
For endless fun, try asking ChatGPT: Is there a seahorse emoji?
I think that the classic vt220/xterm emulation should be enhanced with a standard feature for expandable visual objects, so that you could expand/collapse e.g. JSON data and verbose log segments afterwards, when they were already written to stdout.
September 30, 2025 at 5:53 PM
I think that the classic vt220/xterm emulation should be enhanced with a standard feature for expandable visual objects, so that you could expand/collapse e.g. JSON data and verbose log segments afterwards, when they were already written to stdout.
Reposted by Kenneth Falck
Eilisessä A-studiossa yksi keskustelijoista viittasi CSIS:n tutkimukseen todisteena vasemmistolaisen väkivallan kasvusta Yhdysvalloissa. Kuvio tutkimuksesta kontekstoi populistisen tilastosiivutuksen. Oikeisto punaisella, vasemmisto sinisellä. Vasemmistolaisia iskuja heinäkuun alkuun mennessä 5...
September 26, 2025 at 4:45 AM
Eilisessä A-studiossa yksi keskustelijoista viittasi CSIS:n tutkimukseen todisteena vasemmistolaisen väkivallan kasvusta Yhdysvalloissa. Kuvio tutkimuksesta kontekstoi populistisen tilastosiivutuksen. Oikeisto punaisella, vasemmisto sinisellä. Vasemmistolaisia iskuja heinäkuun alkuun mennessä 5...
WebAssembly 3.0: Garbage collection, exceptions, 64-bit memory and all kinds of other stuff. webassembly.org/news/2025-09...
Wasm 3.0 Completed - WebAssembly
WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable compilation target for programming languages, enabling deployment on the...
webassembly.org
September 19, 2025 at 5:36 PM
WebAssembly 3.0: Garbage collection, exceptions, 64-bit memory and all kinds of other stuff. webassembly.org/news/2025-09...
I've been using Record<string,T> in TypeScript quite a lot and only today realized that it means an infinitely large object where all keys are defined. That's why you should actually use Partial<Record<string,T>> to get proper undefined warnings about potentially non-existing keys in your code.
September 11, 2025 at 10:37 AM
I've been using Record<string,T> in TypeScript quite a lot and only today realized that it means an infinitely large object where all keys are defined. That's why you should actually use Partial<Record<string,T>> to get proper undefined warnings about potentially non-existing keys in your code.
LLMs are lossy encyclopedias. simonwillison.net/2025/Aug/29/...
Lossy encyclopedia
Since I love collecting questionable analogies for LLMs, here's a new one I just came up with: an LLM is a lossy encyclopedia. They have a huge array of facts …
simonwillison.net
August 29, 2025 at 10:40 AM
LLMs are lossy encyclopedias. simonwillison.net/2025/Aug/29/...
Unsnapified my Ubuntu by adding the mozillateam PPA, so that Firefox and Thunderbird are installed as regular .deb packages.
August 19, 2025 at 6:25 PM
Unsnapified my Ubuntu by adding the mozillateam PPA, so that Firefox and Thunderbird are installed as regular .deb packages.
Upgraded to Ubuntu 25.04 to get NVIDIA working with Wayland. Now Remmina RDP doesn't work any more. So I guess stick to Ubuntu TLS releases whenever possible.
August 12, 2025 at 9:20 AM
Upgraded to Ubuntu 25.04 to get NVIDIA working with Wayland. Now Remmina RDP doesn't work any more. So I guess stick to Ubuntu TLS releases whenever possible.
TIL you can use Tang and Clevis to implement very simple automatic disk encryption in Linux. The computer boots and uses public/private key encryption over LAN to get the disk encryption key, which works as an alternative to the manually entered password.
August 11, 2025 at 9:24 AM
TIL you can use Tang and Clevis to implement very simple automatic disk encryption in Linux. The computer boots and uses public/private key encryption over LAN to get the disk encryption key, which works as an alternative to the manually entered password.
Why not? hackaday.com/2025/08/07/a...
A PC That Uses Hot Coffee As Coolant
Modern computers generate a great deal of heat when under load, thus we cool them with fans and sometimes even water cooling systems. [Doug MacDowell] figured that water was alright, but why not us…
hackaday.com
August 7, 2025 at 3:01 PM
Why not? hackaday.com/2025/08/07/a...
Here's a thought: The purpose of comments in code is to reduce the cognitive load needed to understand what's happening. You can always figure things out with enough cognitive investment, but a good comment can reduce the investment to nearly zero and make you feel good.
August 5, 2025 at 1:09 PM
Here's a thought: The purpose of comments in code is to reduce the cognitive load needed to understand what's happening. You can always figure things out with enough cognitive investment, but a good comment can reduce the investment to nearly zero and make you feel good.
Maybe there should be a limit for maximum depth of nested dependencies allowed in npm packages. The node_modules folder is always full of weird crap nobody knows where it came from. www.bleepingcomputer.com/news/securit...
npm 'accidentally' removes Stylus package, breaks builds and pipelines
npm has taken down all versions of the Stylus library and replaced them with a "security holding" page, breaking pipelines and builds worldwide that rely on the package.
www.bleepingcomputer.com
July 26, 2025 at 10:44 AM
Maybe there should be a limit for maximum depth of nested dependencies allowed in npm packages. The node_modules folder is always full of weird crap nobody knows where it came from. www.bleepingcomputer.com/news/securit...
I like this fallback plan. Keep a compressed copy of all human knowledge in the form of a LLM on a USB stick, just in case everything goes wrong and we have to start over again. simonwillison.net/2025/Jul/18/...
How to run an LLM on your laptop
I talked to Grace Huckins for this piece from MIT Technology Review on running local models. Apparently she enjoyed my dystopian backup plan! Simon Willison has a plan for the …
simonwillison.net
July 18, 2025 at 6:30 PM
I like this fallback plan. Keep a compressed copy of all human knowledge in the form of a LLM on a USB stick, just in case everything goes wrong and we have to start over again. simonwillison.net/2025/Jul/18/...
TruffleHog has proven to be a pretty good tool to keep running regularly as a cronjob. It will notify you about any unencrypted secrets like API keys and other credentials left lying around in some folder.
July 6, 2025 at 9:43 AM
TruffleHog has proven to be a pretty good tool to keep running regularly as a cronjob. It will notify you about any unencrypted secrets like API keys and other credentials left lying around in some folder.
I'm impressed by CDK-Terraform. The whole HCL mess disappears and you can define the application with TypeScript, allowing multiple stacks, clearly defined constructs and simple multi-stage configuration that doesn't repeat every property a billion times. Benefits of AWS CDK but without needing AWS.
June 27, 2025 at 7:23 PM
I'm impressed by CDK-Terraform. The whole HCL mess disappears and you can define the application with TypeScript, allowing multiple stacks, clearly defined constructs and simple multi-stage configuration that doesn't repeat every property a billion times. Benefits of AWS CDK but without needing AWS.
This seems useful if you need to use TLS certificates outside AWS services, valid for 395 days, at $15/fqdn or $149/wildcard. I assume this is fully API-programmable but haven't tried it yet. aws.amazon.com/blogs/aws/aw...
AWS Certificate Manager introduces exportable public SSL/TLS certificates to use anywhere | Amazon Web Services
You can now use AWS Certificate Manager to issue exportable public certificates for your AWS, hybrid, or multicloud workloads that require secure TLS traffic termination.
aws.amazon.com
June 17, 2025 at 3:01 PM
This seems useful if you need to use TLS certificates outside AWS services, valid for 395 days, at $15/fqdn or $149/wildcard. I assume this is fully API-programmable but haven't tried it yet. aws.amazon.com/blogs/aws/aw...
This reminds me why I prefer using AWS CloudWatch to hosting my own Grafana instance on Kubernetes. It's so much work just to keep up with all the updates of all your running software. www.bleepingcomputer.com/news/securit...
Over 46,000 Grafana instances exposed to account takeover bug
More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover.
www.bleepingcomputer.com
June 16, 2025 at 12:26 PM
This reminds me why I prefer using AWS CloudWatch to hosting my own Grafana instance on Kubernetes. It's so much work just to keep up with all the updates of all your running software. www.bleepingcomputer.com/news/securit...
I wish Git could autosync the working directory to GitHub, so that I wouldn't need to commit everything or create temporary branches when moving from one computer to another to continue working. #backyard
June 15, 2025 at 11:52 AM
I wish Git could autosync the working directory to GitHub, so that I wouldn't need to commit everything or create temporary branches when moving from one computer to another to continue working. #backyard
"We need to push back against age verification mandates. Not because child safety is not a concern – it is. But because age verification mandates risk undermining crucial access to digital services, eroding privacy and data protection, and limiting freedom of expression." www.eff.org/deeplinks/20...
Age Verification in the European Union: The Commission's Age Verification App
This is the second part of a three-part series about age verification in the European Union. In this blog post, we take a deep dive into the age verification app solicited by the European Commission, ...
www.eff.org
June 4, 2025 at 12:46 PM
"We need to push back against age verification mandates. Not because child safety is not a concern – it is. But because age verification mandates risk undermining crucial access to digital services, eroding privacy and data protection, and limiting freedom of expression." www.eff.org/deeplinks/20...