dee

dee, 15 days ago to Engineering

I'm hiring for strong software engineers who care deeply about reliability and performance, and who want to work on big distributed systems.

https://boards.greenhouse.io/grafanalabs/jobs/5140110004

Specifically if you're in Canada or the USA please do apply.

(I'll have other roles for European countries open soon)

#FediHire #sre #engineering

dee, 7 months ago to random

the HTTP2 rapid reset issue reveals that Go has it's own dependency hell... google.golang.org/grpc declares which version of golang.org/x/net it's using, and so it's not just "update golang.org/x/net" in your application and you're safe, it's also "update GRPC in your application"... and of course this is now "update every module that uses GRPC and refers to an older version" which is now a huge sprawling mess of modules.

it's all fine saying that Go is always backwards compatible and doesn't require older versions to have updated, etc... but the reality of it is that security issues kick you in the teeth hard and the cascade of dependencies require you to update virtually everything anyway. it would be better to embrace "update everything all the time" then to have an illusion of "you only need to update your thing and not worry about other things" as the latter means you have no muscle memory or build tooling ready when you actually need to update all the things.

I like Go a lot, but I don't find the dependency / updates / supportability philosophy that they've taken on to be internally consistent or truly viable long-term, I've always held that they're smarter than I and implicitly this means I'm probably wrong, but as time passes I'm not so sure I'm wrong (I am sure they're smarter than I am though).

0xabad1dea, 8 months ago to random

electricians of the internet: bathroom lightswitch in the hallway. why does it happen

dee, 9 months ago to grafana

Grafana Pyroscope just hit 1.0 https://github.com/grafana/pyroscope/releases/tag/v1.0.0

This is open source (AGPL) Continuous Profiling, the fourth pillar of observability. It is stable, performant, and capable of running at scale.

You can also try profiling on Grafana Cloud as we provide it as a SaaS if you don't want to run your own: https://grafana.com/products/cloud/profiles-for-continuous-profiling/ you can try it for free (and if usage is small it's free forever).

#grafana #pyroscope #profiling

robpike, 11 months ago to random

Does anyone have any technology that works? I am becoming despondent over the state of things. So much technological progress and yet everything seems to be broken (or must be updated, which amounts to the same thing in user experience) all the time.

Sorry.

dee, 11 months ago to random

What is the best "How to secure Windows 11 Pro" guide for engineers and those willing to take a bit of inconvenience to get security to a very high level?

Please boost and share.

What I'm looking for are one or more advanced guides, no BS, reasonings why, instructions.

For engineers in 2023 moving to Windows, how do you harden a dev laptop? (Without the snark "use Linux" or "run it Qubes" thanks, I'm hoping for constructive advice).

Example of one I rate highly is this: https://0ut3r.space/2022/03/06/windows-defender/ by @h03k

I'm looking for more like this... anyone on infosec.exchange you'd recommend @jerry ?