social.uhoreg.ca

July 1, 2017

personal
07:52 -0400
Hubert Chathi: Happy 150th birthday!
0 Comments



An alternate transport for the Matrix Client-Server API

technical, matrix
00:00 -0400

Matrix is an open communications protocol that has many great features. However, one flaw that it has is that the baseline specification is based on long-polling HTTP requests, which is not very efficient. In order to address this deficiency, I've created a spec that presents an alternative transport for the Matrix Client-Server API that uses a protocol that was designed for real-time communications instead of using HTTP.

0 Comments

The latest additions to my init.el

technical, emacs
11:00 -0400

Inspired by xkcd (but using Alt-mousewheel):

(global-set-key (kbd "<M-mouse-5>") 'undo)
(global-set-key (kbd "<M-mouse-4>") 'redo)

And, since I sometimes need to paste from an HTTP request into a buffer:

(defun insert-from-url (url)
(interactive "MURL: ")
(let ((url-request-method "GET")
(dest (current-buffer))
(src (url-retrieve-synchronously url)))
(set-buffer src)
(goto-char (point-min))
(search-forward "\n\n")
(set-buffer dest)
(insert-buffer-substring src (match-end 0))))

0 Comments

March 9, 2017

technical
23:00 -0500
Hubert Chathi: First, @google.com combines Google Talk with Hangouts, and now they are separating the conferencing and chat functionality again
Link:https://www.blog.google/products/g-suite/meet-the-new-enterprise-focused-hangouts/
0 Comments


February 27, 2017

technical
20:11 -0500
Hubert Chathi: Congratulations to all the organizations accepted to GSoC
Link:https://summerofcode.withgoogle.com/organizations/
0 Comments


February 23, 2017

technical, security
22:12 -0500
Hubert Chathi: Anyone proxied by @cloudflare.com or using sites proxied by them: your private data may have been leaked #security
Link:https://bugs.chromium.org/p/project-zero/issues/detail?id=1139
Via:Hacker News
0 Comments

February 23, 2017

technical, security
11:18 -0500
Hubert Chathi: SHA-1 is officially broken #security
Link:https://shattered.io/
Via:Hacker News
0 Comments


February 11, 2017

personal, politics
10:00 -0500
Hubert Chathi: Sign the petition to ask the government to honour their promise to fix our electoral system #politics
Link:https://petitions.parl.gc.ca/en/Petition/Details?Petition=e-616
0 Comments

January 31, 2017

personal
08:54 -0500
Hubert Chathi: Got our free Parks Canada Discovery Pass yesterday. Get yours at http://www.parksorders.ca/
0 Comments

On transparency

technical
21:01 -0500

I've written briefly before about the value of companies being open and transparent. Back then, I wrote that the way that companies react when things go wrong is a good way to differentiate between them. No matter what company you deal with, things will go wrong at one point or another. Some companies try to avoid responsibility, or only tell you that something has happened if you ask them. Others companies are much more open about what happened.

Matrix.org (and the associated Riot.im) is an example of a team that falls into the latter category. And last night's incident is a good example. Their post-mortem blog post is a great example for others to follow. It gives a detailed timeline of what happened and why the outage occurred. And it finishes off with steps that they will take to prevent future incidents.

Kudos to the Matrix.org team for their transparency.

0 Comments

December 25, 2016

personal
09:30 -0500
Hubert Chathi: Merry Christmas
0 Comments

Let's Encrypt for Kubernetes

technical, work, kubernetes, security, docker. haproxy
21:08 -0500

A while ago, I blogged aboutautomatic Let's Encrypt certificate renewal with nginx. Since then, I've also set up renewal in our Kubernetes cluster.

Like with nginx, I'm using acme-tiny to do the renewals. For Kubernetes, I created a Docker image. It reads the Let's Encrypt secret key from /etc/acme-tiny/secrets/account.key, and CSR files from /etc/acme-tiny/csrs/{name}.csr. In Kubernetes, these can be set up by mounting a Secrets store and a ConfigMap, respectively. It also reads the current certificates from /etc/acme-tiny/certs/{name}, which should also be set up by mounting a ConfigMap (called certificates), since that is where the container will put the new certificates.

Starting an acme-tiny pod will start an nginx server to store the .well-known... show more


November 8, 2016

personal
08:09 -0500
Hubert Chathi: Americans: hold your nose and vote today. And may the lesser of two evils win.
0 Comments

November 3, 2016

technical
16:34 -0400
Hubert Chathi: My solution to people not changing passwords on their devices: set the default password to "IAmAnIdiotForNotChangingThePassword"
0 Comments
newer older