Of geek interest: UUIDs have been around for a long time and they work well and interoperate fine, but the specification space is a mess. So the IETF just shipped RFC9562; it has a fine consideration of the history and the trade-offs involved in all the different flavors of UUIDs, and is well-written and I think, as of now, the place to start looking if something UUID-flavored is puzzling you. Strong work! https://www.rfc-editor.org/rfc/rfc9562.html
@timbray
“UUID should be represented by the "hex-and-dash" string format consisting of multiple groups of uppercase or lowercase alphanumeric hexadecimal characters “
Every time I’m handling uuids in code I need to remember to think about case. I have seen resource IDs in azure recently consisting of multiple uuids in the one resource ID string. where some UUIDs are in caps and others are lower case. In the same ID string. But if you were building that resource ID string to use in an azure SDK you would have to respect which UUIDs are in caps and which are lc otherwise it will not be useable. It’s an absolute nightmare.
because the standard allows both and some library code has not implemented the standard correctly, we get issues with case. #Azure#UUID
Learning #Azure would be a lot easier if the documentation was up to date and things on the portal didn’t just hang or stop working at random intervals. Ffffuu
🤡 At Microsoft, years of security debt come crashing down
「 For many critics of Microsoft, the events of the past nine months are the logical conclusion of a company that has ridden the wave of market dominance for decades and ignored years of warnings that its product security and practices failed to meet the most basic standards.
“In a healthy marketplace, these would be fireable offenses,” 」
I've started documenting various issues\problems that I face in my #sysadmin role when working in #Azure.
My first technical post is all about the challenges faced when securing #Microsoft#SQL in a multi-tenancy environment. I will write more as and when I come across other interesting issues!
"Ich will nichts mehr von zwanzigstelligen Passwörtern, freiwilligen Cyber-Sicherheitssiegeln und BSI-Grundschutz hören, bis das BSI die skandalösen Sicherheitsvorfälle bei #Microsoft offen anspricht und auch endlich konkrete Maßnahmen ergreift, die geeignet sind, diese Gefahr für unsere Infrastruktur zu verstehen und zumindest einzugrenzen. DHS und CISA haben gezeigt, dass das geht."
Sehr schade - ich fand ihr Interview mit #jungundnaiv wirklich vielversprechend und mit ehrlichem Drang für mehr Sicherheit getrieben. Es scheint politisch nicht opportun zu sein, Sicherheit über die enge Microsoft-Kundenbeziehung zu priorisieren.
Great keynote by Ross Gardler at #OSSummit sharing #Microsoft’s open source evolution, and the innovation engine project that’s driving improvements in docs and #Azure Copilot. #OSSNA2024
The past 2 weeks have been spent learning how to migrate #GitHubActions to Azure, using a well formed and functional GitHub Action yaml file. A mountain of learning, but slowly getting there. Linux builds were surprisingly simple to migrate. Hey, windows should be easy since Microsoft owns it all right? Windows builds have been anything but simple to get going on Azure.
Any #Azure#DevOps folks, happy to pay for some time to learn how to build azure-pipeline.yml files for Windows builds.
Part 6 of "A Guide to Implementing ActivityPub in a Static Site (or Any Website)" is now out.
Sorry about the delay, this is the part that not many people will like, I assume. I try to explain how to implement the inbox, which by nature is dynamic non-static.
"Gesundheitswesen überlastet, #Microsoft will mit #Cloud und KI helfen"
"Microsoft wirbt stark für den Einsatz seiner Dienste im Gesundheitswesen. Die Cloud-Infrastruktur #Azure sei dabei sehr sicher, verspricht das Unternehmen."
Es kann sich dabei wohl nur um einen Scherz handeln, oder? Nachdem die Kronjuwelen von Azure seit mehreren Jahre nachweislich infiltriert sind und kürzlich Millionen öffentliche interne Dateien aufgetaucht sind ... 🤦♂️
Day 211. #Azure App Service per default exposes an IIS management port for Web Apps. You don't want your Web App to come with this open port? Easy, simply redeploy it until you land on an underlying server where that port has been deactivated.
🔐 Vendor lock-in hurts UK govt ability to negotiate spending | The Register
「 "UK government's current approach to cloud adoption and management across its departments faces several challenges" which combined result "in risk concentration and vendor lock-in that inhibit UK government's negotiating power over the cloud vendors." 」
Helping a colleague troubleshoot an #azure oddity - trying to get the details of a Key Vault using the #azurecli with az keyvault show --name X but it errors out saying that an unrelated resource group could not be found. (Apparently the resource group did exist at one point, but has been deleted)
az keyvault list is empty, as is list-deleted, but the vault definitely exists.