Thoughts

What Happened? CrowdStrike is an EDR (Endpoint Detection and Response) vendor. The purpose of this type of software is to monitor computers for malicious activity and respond to those threats. Since cybersecurity is constantly evolving, new risks appear all the time. To maintain security, EDR vendors push updates to keep their features and threat intelligence up to date. CrowdStrike’s agent is what is known as a kernel module. The kernel itself is the core of the operating system, responsible for managing all aspects of the computer. Kernel modules are like add-ons to the OS that enable additional system functionality, but with this power comes risk. If something goes wrong with a kernel module, it’s treated as an operating system error. To avoid potential corruption, the system may crash as a safety measure. ...

At first glance, copying and pasting code from the internet appears innocuous and is a daily practice. It’s common to copy code from various online sources everyday without a second thought. But just like phishing emails exploit our habit of clicking links, malicious code can exploit our habit of pasting snippets straight into the terminal. This post will show you how. Every example here is safe to read but not safe to run. ...

Quick Background The system that went down provided “Notices to Air Missions” (NOTAMs), simple text updates about conditions at airports, such as construction, closed runways, landing obstructions, and more. NOTAMs are critical during flight route planning but are not required once an aircraft is airborne. NOTAM’s Approximate Uptime The NOTAM system began in 1993, and I could only find one system-wide outage, this one. Quotes from industry veterans show how rare this is: ...

The Internet of Things is here, light bulbs, thermostats, outlets, microwaves, fridges, dishwashers, meat thermometers, grills, and more are now “smart.” But here’s the problem: most devices add complexity to life instead of making life easier. My possessions should serve me. I should not serve them. - Adam Ragusea With many IoT devices, you end up serving them: Updating firmware on light bulbs … no thanks. “Smart” thermostat schedules … an analog schedule works just fine. Wi-Fi cooking thermometer … I can get up and check an analog one. Smart grill … see this Reddit gem about a Thanksgiving Traeger software update. In addition to the hassle factor, add the privacy and security concerns, and I generally avoid IoT devices. ...

“Continuous Delivery is the ability to get changes of all types – including new features, configuration changes, bug fixes, and experiments – into production, or into the hands of the users, safely, and quickly in a sustainable way.” — Jez Humble The most important word in Jez’s description of Continuous Delivery is sustainable. In my experience, many teams interpret this definition in the order it’s written: Make sure the code works Get code into production. Think about sustainability. This often leads to short-term wins at the cost of long-term pain. The real starting point should be sustainability. Then can you build a system that withstands the test of time instead of burning out under quick fixes and shortcuts. ...

A few weeks back, I was discussing security with former classmates over a few beers. We started talking about IP whitelisting to secure environments things like: Allowing access to a jump host from specific IP addresses Restricting a build server so it can only deploy to certain instances The conversation drifted to AWS, and specifically to how scary AWS Access Keys can be. Unlike the AWS Management Console, Access Keys don’t require MFA. ...

My last post was in August … 7 months ago. So, what have I been doing? Well … a lot. In August, my manager left, and I became the interim DevOps Manager. Around the same time, I bought a house. And because I apparently wasn’t busy enough, I decided to take on a new “pandemic hobby” over the winter: teaching introductory computer science courses at DePaul University. Teaching Runs in the Family I come from a family of educators my mother, father, aunts, and uncles covering everything from primary school to higher education. ...

The other day, I spoke with a former colleague about what makes a good engineer, beyond technical and communication skills. Our conversation centered on one thing: how people handle being wrong and making mistakes. As humans, we are inherently flawed. Accepting our mistakes is the best course of action. Each mistake is a chance to learn, to correct misunderstandings, and to prevent future issues. A good engineer, and a good person, acknowledges this and handles it with humility. ...

Fake it until you make it is a terrible saying. It implies that people who have “made it” were faking the whole time, diminishing their accomplishments, sacrifices, and discipline. Sure, there are exceptions, but in my experience, most people I’d call successful worked their tails off to get there. A better saying? Fake it until you become it. When learning a new skill, it’s normal to feel like an imposter. But if we imitate those who are already proficient, we slowly grow into the role we want. ...

I have been wanting to write a blog since I first started following tech blogs when I was a freshman in college. Over the years, I have started and stopped many times. I have: Created a WordPress website Purchased a domain Made a posting schedule Paid for hosting …but I never did any actual writing. Why I Avoid Writing Part of my issue is I see writing as a chore — I don’t like doing it. ...