Raphael
@raphting.dev
Go developer, Sailor (after years of flying airplanes)
Software engineering culture is using unworldly sports analogies like “2 hour meeting marathon” and “3 week sprint”.
October 2, 2025 at 1:12 PM
Software engineering culture is using unworldly sports analogies like “2 hour meeting marathon” and “3 week sprint”.
The wind took 2 of my 4 solar panels and almost took my satellite dish.
To see it positively, I wanted to get more powerful solar panels anyway.
To see it positively, I wanted to get more powerful solar panels anyway.
December 8, 2024 at 3:19 PM
The wind took 2 of my 4 solar panels and almost took my satellite dish.
To see it positively, I wanted to get more powerful solar panels anyway.
To see it positively, I wanted to get more powerful solar panels anyway.
Go‘s error type conversion is a pretty complicated field.
Came across „errors.As()“ today which is not that big of a deal until I noticed it takes the pointer to a pointer of a struct which made me curious.
Came across „errors.As()“ today which is not that big of a deal until I noticed it takes the pointer to a pointer of a struct which made me curious.
December 3, 2024 at 9:18 PM
Go‘s error type conversion is a pretty complicated field.
Came across „errors.As()“ today which is not that big of a deal until I noticed it takes the pointer to a pointer of a struct which made me curious.
Came across „errors.As()“ today which is not that big of a deal until I noticed it takes the pointer to a pointer of a struct which made me curious.
Excited for Advent of Code this year.
Usually I participate for the first 7 days or so but then dropping out due to my own time constraints.
One year I wanna solve all days!
Usually I participate for the first 7 days or so but then dropping out due to my own time constraints.
One year I wanna solve all days!
November 29, 2024 at 9:03 AM
Excited for Advent of Code this year.
Usually I participate for the first 7 days or so but then dropping out due to my own time constraints.
One year I wanna solve all days!
Usually I participate for the first 7 days or so but then dropping out due to my own time constraints.
One year I wanna solve all days!
Infrastructure aspects in software you should not add as an afterthought:
* Security
* Monitoring and Logging
* Billing
* Security
* Monitoring and Logging
* Billing
November 28, 2024 at 8:00 PM
Infrastructure aspects in software you should not add as an afterthought:
* Security
* Monitoring and Logging
* Billing
* Security
* Monitoring and Logging
* Billing
After the german magazine Spiegel quoted Merkel with „MEN!“ a week later the newspaper TAZ answered with „WOMEN!“
November 27, 2024 at 2:19 PM
After the german magazine Spiegel quoted Merkel with „MEN!“ a week later the newspaper TAZ answered with „WOMEN!“
Interesting how „Can you help me to solve…“ leads to better solutions than „It is my right to…“
November 26, 2024 at 12:40 PM
Interesting how „Can you help me to solve…“ leads to better solutions than „It is my right to…“
Whenever I move houses, my mood oscillates between „I’ll never move again in my life“ and „I could offer professional house moving services“.
November 24, 2024 at 10:43 AM
Whenever I move houses, my mood oscillates between „I’ll never move again in my life“ and „I could offer professional house moving services“.
Are there more people thinking that pre-2020 media was better?
Documentaries really do this for me. They have a different sound. They tell stories differently.
Possibly I’m just getting old and don’t understand modernity anymore 🙃
Documentaries really do this for me. They have a different sound. They tell stories differently.
Possibly I’m just getting old and don’t understand modernity anymore 🙃
November 21, 2024 at 10:21 PM
Are there more people thinking that pre-2020 media was better?
Documentaries really do this for me. They have a different sound. They tell stories differently.
Possibly I’m just getting old and don’t understand modernity anymore 🙃
Documentaries really do this for me. They have a different sound. They tell stories differently.
Possibly I’m just getting old and don’t understand modernity anymore 🙃
I read „*Happy Helming!*“ already too often today.
When fixing pipelines, there’s not much happiness, except when it finally works because there was a quote missing somewhere in a YAML that’s actually multiple layers of template hierarchy.
When fixing pipelines, there’s not much happiness, except when it finally works because there was a quote missing somewhere in a YAML that’s actually multiple layers of template hierarchy.
November 21, 2024 at 10:21 AM
I read „*Happy Helming!*“ already too often today.
When fixing pipelines, there’s not much happiness, except when it finally works because there was a quote missing somewhere in a YAML that’s actually multiple layers of template hierarchy.
When fixing pipelines, there’s not much happiness, except when it finally works because there was a quote missing somewhere in a YAML that’s actually multiple layers of template hierarchy.
Sometimes I sit and look back at my first job, when I enthusiastically tweaked the company’s webproxy that morning, until my team lead looked over my shoulder and said „you know that everytime you reload the config, you interrupt all of the 6.000 employees‘ browsing?“
That still makes me giggle 🤭
That still makes me giggle 🤭
November 20, 2024 at 10:56 PM
Sometimes I sit and look back at my first job, when I enthusiastically tweaked the company’s webproxy that morning, until my team lead looked over my shoulder and said „you know that everytime you reload the config, you interrupt all of the 6.000 employees‘ browsing?“
That still makes me giggle 🤭
That still makes me giggle 🤭
Layering complexity makes it harder to spot obvious mistakes.
If you have one system that does input-processing-output, at least you have black-box observability.
If you have layered systems, the cognitive load to observe the system multiplies.
If you have one system that does input-processing-output, at least you have black-box observability.
If you have layered systems, the cognitive load to observe the system multiplies.
November 19, 2024 at 3:41 PM
Layering complexity makes it harder to spot obvious mistakes.
If you have one system that does input-processing-output, at least you have black-box observability.
If you have layered systems, the cognitive load to observe the system multiplies.
If you have one system that does input-processing-output, at least you have black-box observability.
If you have layered systems, the cognitive load to observe the system multiplies.
Reposted by Raphael
Oh, I never posted my gotofail story on here.
Early 2014, someone came to me about a catastrophic vulnerability in Apple's TLS implementation.
I shit you not, they'd overheard someone at a bar drunkenly bragging about how they were going to sell it to a FVEY intelligence agency for six figures.
Early 2014, someone came to me about a catastrophic vulnerability in Apple's TLS implementation.
I shit you not, they'd overheard someone at a bar drunkenly bragging about how they were going to sell it to a FVEY intelligence agency for six figures.
November 17, 2024 at 11:22 PM
Oh, I never posted my gotofail story on here.
Early 2014, someone came to me about a catastrophic vulnerability in Apple's TLS implementation.
I shit you not, they'd overheard someone at a bar drunkenly bragging about how they were going to sell it to a FVEY intelligence agency for six figures.
Early 2014, someone came to me about a catastrophic vulnerability in Apple's TLS implementation.
I shit you not, they'd overheard someone at a bar drunkenly bragging about how they were going to sell it to a FVEY intelligence agency for six figures.
I mean, just imagine a competitor would offer their service with a fraction of your price, so most of your business changes, except the core business logic.
What remains?
In most cases, the answer is not „Kubernetes“, and still k8s is often the focus of all efforts.
What remains?
In most cases, the answer is not „Kubernetes“, and still k8s is often the focus of all efforts.
November 18, 2024 at 12:44 PM
I mean, just imagine a competitor would offer their service with a fraction of your price, so most of your business changes, except the core business logic.
What remains?
In most cases, the answer is not „Kubernetes“, and still k8s is often the focus of all efforts.
What remains?
In most cases, the answer is not „Kubernetes“, and still k8s is often the focus of all efforts.
It’s easy to confuse adding layers with reducing complexity.
Conservation of complexity cannot be abstracted.
Make the necessary complexity the center of your architecture. Don’t try to push it to the edge.
Conservation of complexity cannot be abstracted.
Make the necessary complexity the center of your architecture. Don’t try to push it to the edge.
November 18, 2024 at 12:00 PM
It’s easy to confuse adding layers with reducing complexity.
Conservation of complexity cannot be abstracted.
Make the necessary complexity the center of your architecture. Don’t try to push it to the edge.
Conservation of complexity cannot be abstracted.
Make the necessary complexity the center of your architecture. Don’t try to push it to the edge.
Curious how a decentralized Bluesky will feel.
My experience with Mastodon was, after moving to my own instance, I involuntarily shadow-banned myself. Large instances are key for visibility, but expensive.
With Bluesky‘s different architecture, I am positive this will be a different experience.
My experience with Mastodon was, after moving to my own instance, I involuntarily shadow-banned myself. Large instances are key for visibility, but expensive.
With Bluesky‘s different architecture, I am positive this will be a different experience.
November 16, 2024 at 1:44 PM
Curious how a decentralized Bluesky will feel.
My experience with Mastodon was, after moving to my own instance, I involuntarily shadow-banned myself. Large instances are key for visibility, but expensive.
With Bluesky‘s different architecture, I am positive this will be a different experience.
My experience with Mastodon was, after moving to my own instance, I involuntarily shadow-banned myself. Large instances are key for visibility, but expensive.
With Bluesky‘s different architecture, I am positive this will be a different experience.
The new PyPI Attestation claims appear a little blurry.
Trusting machine identities (on first use!) is the same claim as downloading source code directly from a large provider, but with more complexity.
We need to be able to build trust relationships with developers in the first place.
Trusting machine identities (on first use!) is the same claim as downloading source code directly from a large provider, but with more complexity.
We need to be able to build trust relationships with developers in the first place.
November 16, 2024 at 9:40 AM
The new PyPI Attestation claims appear a little blurry.
Trusting machine identities (on first use!) is the same claim as downloading source code directly from a large provider, but with more complexity.
We need to be able to build trust relationships with developers in the first place.
Trusting machine identities (on first use!) is the same claim as downloading source code directly from a large provider, but with more complexity.
We need to be able to build trust relationships with developers in the first place.
Thinking about „making profit“ vs „maximizing profit“ recently.
I prefer the first.
I prefer the first.
November 15, 2024 at 9:44 PM
Thinking about „making profit“ vs „maximizing profit“ recently.
I prefer the first.
I prefer the first.
Reposted by Raphael
So tldr DO NOT treat signatures as message identifiers, they are not identifiers. If you specifically need that behavior, what you want is a different related primitive (VRF)
June 16, 2023 at 12:08 PM
So tldr DO NOT treat signatures as message identifiers, they are not identifiers. If you specifically need that behavior, what you want is a different related primitive (VRF)
Reposted by Raphael
Secure Logging in between Theory and Practice: Security Analysis of the Implementation of Forward Secure Log Sealing in Journald (Felix Dörre, Astrid Ottenhues) ia.cr/2023/867
June 12, 2023 at 7:24 AM
Secure Logging in between Theory and Practice: Security Analysis of the Implementation of Forward Secure Log Sealing in Journald (Felix Dörre, Astrid Ottenhues) ia.cr/2023/867
Reposted by Raphael
If a webpage presents one of these popups with proper rendering, it's 100% getting my system/FDE or iCloud password.
Maddening security design by Apple.
Maddening security design by Apple.
June 3, 2023 at 10:48 AM
If a webpage presents one of these popups with proper rendering, it's 100% getting my system/FDE or iCloud password.
Maddening security design by Apple.
Maddening security design by Apple.
Waiting for the Samsung Galaxy Vision Pro to be released!
June 9, 2023 at 10:24 PM
Waiting for the Samsung Galaxy Vision Pro to be released!