I recently ran into a problem that seems to be present in a wide range of WebAuthn tutorials, but I don’t know where it originated.

Reading Future Internet PKI schemes need to be bootstrapped through web PKI I was reminded by all the problems I’ve had with SSH (Secure SHell) PKI (Public Key Infrastructure). SSH host verification is trust-on-first-use (TOFU). So SSH is protected from man-in-the-middle (MITM) attacks unless the first connection falls prey to the attack.

The Jargon File defines Molly Guard as: A shield to prevent tripping of some Big Red Switch by clumsy or ignorant hands. Originally used of the plexiglass covers improvised for the BRS on an IBM 4341 after a programmer’s toddler daughter (named Molly) frobbed it twice in one day. Later generalized to covers over stop/reset switches on disk drives and networking equipment. In hardware catalogues, you’ll see the much less interesting description “guarded button”.

I’m a huge fan of Matrix. A lot of the user value of modern chat platforms like Slack, Matrix and Discord (even IRC) comes from integrations to other services via bots. I had high hopes for MSC3006: Bot Interactions, but unfortunately it isn’t currently being pushed further. However, there exists an implementation of MSC3381: Polls.

While I’ve been switching from Ansible to Nix lately, I still use Ansible and have written a fair share of Ansible YAML. A common trick I’ve used is to only run a specific Ansible role instead of the whole playbook. That can be achieved by using tags, but usually I haven’t tagged everything before I have the need.

With Go 1.13 error wrapping was standardised with an interface in the standard library. When properly handling errors, you end up dealing with it a lot. The blog post suggests the following: var e *QueryError if errors.As(err, &e) { // err is a *QueryError, and e is set to the error's value }

I’ve been writing a decent amount of Go during the past 8 years. While I like many things about Go, some of the design choices result in repetitive or longer than necessary code.

Why does everything have to be so hard on arm64? Well, maybe not directly hard, but a lot more work. And the reason is simple, we live almost in a amd64 monoculture. Mobile phones are changing that, as is Apple M1, but also arm64 servers.

We have a Roborock S6 Pure robotic vacuum cleaner. It’s very nice having a device that more or less cleans the floors by itself. When it works. Ours stopped working a week ago, after working well for months.

I own a reMarkable 2 (referral link) eInk tablet. It’s pretty nice (except lately the manufacturer has tacked on a subscription service). And it can send documents as PDFs via email. But unlike the Kindle, you cannot send documents to the tablet via email. Well, there exists a third party service. I saw someone post on reddit that they wrote a Telegram bot that can be used to upload documents to their reMarkable. That sounded interesting, but I’m partial to Matrix.