Philip Silva
@silva.ph
Freelance Software Engineer based in Berlin
Working with Web, Go, Linux (also interested in OpenBSD, Plan 9)
silva.ph
Working with Web, Go, Linux (also interested in OpenBSD, Plan 9)
silva.ph
2FA reset phishing seems to be quite a thing right now
September 17, 2025 at 7:02 PM
2FA reset phishing seems to be quite a thing right now
Reposted by Philip Silva
I’ve been diving deeper into the WebAssembly Component Model lately, and I finally sat down to write up a hands-on example in Rust.
It’s a small example, but for me it really clarified how the component model makes composition and reuse feel natural.
👉 m99.io/articles/cre...
#wasm #rust
It’s a small example, but for me it really clarified how the component model makes composition and reuse feel natural.
👉 m99.io/articles/cre...
#wasm #rust
Create and Compose WebAssembly Components: A Hands-On Example with Rust
Learn how to build and compose WebAssembly components in Rust using the WebAssembly Component Model. This step-by-step guide walks through creating a reusable library component, wiring it into a comma...
m99.io
August 29, 2025 at 9:01 AM
I’ve been diving deeper into the WebAssembly Component Model lately, and I finally sat down to write up a hands-on example in Rust.
It’s a small example, but for me it really clarified how the component model makes composition and reuse feel natural.
👉 m99.io/articles/cre...
#wasm #rust
It’s a small example, but for me it really clarified how the component model makes composition and reuse feel natural.
👉 m99.io/articles/cre...
#wasm #rust
I didn't have brew cleanup on the radar yet. It freed almost 80 GB of unused packages
August 25, 2025 at 8:47 AM
I didn't have brew cleanup on the radar yet. It freed almost 80 GB of unused packages
Reposted by Philip Silva
Redmine is so much more practical than Jira. Especially for issue tracking and it even allows cascading subtasks. The only major downside I see is the Wiki because editing is not in-place. Also post-configuring the Postgres tables was needed for me (utf8mb4) to allow Emojis in issue texts
July 9, 2025 at 1:26 PM
Redmine is so much more practical than Jira. Especially for issue tracking and it even allows cascading subtasks. The only major downside I see is the Wiki because editing is not in-place. Also post-configuring the Postgres tables was needed for me (utf8mb4) to allow Emojis in issue texts
Now that Let's Encrypt stopped their notification mails I just swapped nginx for Caddy which automagically handles certificates
June 30, 2025 at 12:31 PM
Now that Let's Encrypt stopped their notification mails I just swapped nginx for Caddy which automagically handles certificates
IMHO the best tool to organize source installations on Linux: GNU Stow (unless using an immutable distribution like NixOS...)
May 7, 2025 at 8:39 AM
IMHO the best tool to organize source installations on Linux: GNU Stow (unless using an immutable distribution like NixOS...)
Running nginx with HTTP/3 is quite adventurous. I appreciate though that (the required) compiling from source allows me to use LibreSSL
May 7, 2025 at 8:29 AM
Running nginx with HTTP/3 is quite adventurous. I appreciate though that (the required) compiling from source allows me to use LibreSSL
Vulnerability websites with logos seem to have fully superseded CVE numbers by now
April 16, 2025 at 4:26 PM
Vulnerability websites with logos seem to have fully superseded CVE numbers by now
I don't like the clunkiness of Dependency Injection but every time I'm surprised how test coverage increases almost by itself
March 28, 2025 at 8:37 AM
I don't like the clunkiness of Dependency Injection but every time I'm surprised how test coverage increases almost by itself
Underrated file system protocol: WebDAV
March 18, 2025 at 7:03 AM
Underrated file system protocol: WebDAV
Self-hosting E-Mail has come a long way. That's my second attempt now, this time with Mox. A few months aren't really enough data points but at this point it's already more reliable than Protonmail
March 4, 2025 at 2:16 PM
Self-hosting E-Mail has come a long way. That's my second attempt now, this time with Mox. A few months aren't really enough data points but at this point it's already more reliable than Protonmail
To create a systemd user service:
• service definition in /home/username/.config/systemd/user/
• using target default (multi-user won't work on boot)
• loginctl enable-linger username
• systemctl --user enable my.service
(Optionally systemctl --user daemon-reload with XDG_RUNTIME_DIR set)
• service definition in /home/username/.config/systemd/user/
• using target default (multi-user won't work on boot)
• loginctl enable-linger username
• systemctl --user enable my.service
(Optionally systemctl --user daemon-reload with XDG_RUNTIME_DIR set)
February 17, 2025 at 5:12 PM
To create a systemd user service:
• service definition in /home/username/.config/systemd/user/
• using target default (multi-user won't work on boot)
• loginctl enable-linger username
• systemctl --user enable my.service
(Optionally systemctl --user daemon-reload with XDG_RUNTIME_DIR set)
• service definition in /home/username/.config/systemd/user/
• using target default (multi-user won't work on boot)
• loginctl enable-linger username
• systemctl --user enable my.service
(Optionally systemctl --user daemon-reload with XDG_RUNTIME_DIR set)
I tried the Vault Secrets Operator recently and once the setup is done, it's really practical. Also automated secret rotation is quite something. #kubernetes #vault
February 11, 2025 at 4:28 PM
I tried the Vault Secrets Operator recently and once the setup is done, it's really practical. Also automated secret rotation is quite something. #kubernetes #vault
Current versions of WebPageTest are quite practical. Apart from the usual performance insights it also has now carbon control and an accessibility check.
January 28, 2025 at 10:51 AM
Current versions of WebPageTest are quite practical. Apart from the usual performance insights it also has now carbon control and an accessibility check.
Google enforcing JS enabled browsers reminds me of a discussion I had 11 years ago on the PhantomJS mailing list asking whether it adheres to robots.txt.
The answer was no, also with the argument that it's not a bot and scriptable like a Browser.
I still find it quite an interesting perspective.
The answer was no, also with the argument that it's not a bot and scriptable like a Browser.
I still find it quite an interesting perspective.
January 19, 2025 at 5:09 PM
Google enforcing JS enabled browsers reminds me of a discussion I had 11 years ago on the PhantomJS mailing list asking whether it adheres to robots.txt.
The answer was no, also with the argument that it's not a bot and scriptable like a Browser.
I still find it quite an interesting perspective.
The answer was no, also with the argument that it's not a bot and scriptable like a Browser.
I still find it quite an interesting perspective.
I cannot believe the Linux Standard Base has been abandoned. (Paradoxically Linux on the Desktop is as popular as never before.) #linux
Linux Standard Base - Wikipedia
en.wikipedia.org
January 13, 2025 at 7:07 PM
I cannot believe the Linux Standard Base has been abandoned. (Paradoxically Linux on the Desktop is as popular as never before.) #linux
How important is Rowhammer in the real world? Seems it'll be a bit more certain next year #38c3 flippyr.am
FLIPPYR.AM
flippyr.am
December 31, 2024 at 1:25 PM
How important is Rowhammer in the real world? Seems it'll be a bit more certain next year #38c3 flippyr.am
govulncheck also has a binary mode to increase coverage for reflect based call chains #devsecops #golang
![Go example that imports a library with a vulnerable accept header parser function from 2020. It uses the reflect package to call it. Running govulncheck in binary mode results in finding 2 vulnerabilities.
Source code:
```
$ cat main.go
package main
import (
"golang.org/x/text/language" // v0.3.4 (2020)
"reflect"
)
func Main() {
language.ParseAcceptLanguage("00-t-0o")
}
func main() {
reflect.ValueOf(Main).Call([]reflect.Value{})
}
```](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:qazna4xgil7x3nedsqrjd7b7/bafkreich5bzlowxndlqbtebn5bl6riidon726usef4sjg7ykzgo7ddks2e@jpeg)
December 18, 2024 at 4:26 PM
govulncheck also has a binary mode to increase coverage for reflect based call chains #devsecops #golang
Logging in nginx without IP and User-Agent when feasible
December 13, 2024 at 7:46 AM
Logging in nginx without IP and User-Agent when feasible
Keeping dependency count low and sticking to high quality dependencies at the beginning of a project has multiplier effects. Upgrading to recent versions is feasible when done consistently. Thus keeping security in check and preventing package archeology during migrations #devsecops #shiftleft
December 6, 2024 at 10:32 AM
Keeping dependency count low and sticking to high quality dependencies at the beginning of a project has multiplier effects. Upgrading to recent versions is feasible when done consistently. Thus keeping security in check and preventing package archeology during migrations #devsecops #shiftleft
My favorite hosters are actually Hetzner and Scaleway. For instance Scaleway feels very round and I'm impressed that they use resource efficient adiabatic cooling in PAR2 which reduces water usage
December 2, 2024 at 9:21 AM
My favorite hosters are actually Hetzner and Scaleway. For instance Scaleway feels very round and I'm impressed that they use resource efficient adiabatic cooling in PAR2 which reduces water usage