1
Everything you need to know about configuration and secret management in .NET (stenbrinke.nl)
submitted 1 year ago by nibblebit@programming.dev to c/csharp@programming.dev
1 comments fedilink
What do you think would be an actually good use of blockchain/smart contracts? What kind of problems (big or small) is it a good tool for? in c/programming@programming.dev
[-] nibblebit@programming.dev 3 points 1 year ago

This right here is really the spirit of the post. Yes there's many impractical applications. Much like there are many impractical applications for RDBMSs, but the tech has such a stank on it, it's important to remember it's just a tool that can be useful despite the hype cycle.

What do you think would be an actually good use of blockchain/smart contracts? What kind of problems (big or small) is it a good tool for? in c/programming@programming.dev
[-] nibblebit@programming.dev 2 points 1 year ago* (last edited 1 year ago)

Not every log needs that kind of security and a chain does not need to be public. You download blocks from peers and do your own accounting.

Nothing is preventing you from only giving access to your chain to a trusted circle of peers.

Something you could do is encrypt your logs and push them to a chain shared by a number of peers who do they same with their own keys. Now you have a pool of accountability buddies, because if someone tries to tamper with the logs, you all hang together.

If you're doing some spooky stuff and need to prove a high degree of integrity is you could push encrypted logs to a chain. The auditor then can appoint several independent parties whose only job it is to continuously prove the integrity of your logs. After that is proven you can release your keys to the auditor who can inspect your logs knowing that they have been complete and untampered during the audit period.

Again I understand it's not the most efficient system, but there are less efficient and less flexible systems out there in enterprise land haha

What do you think would be an actually good use of blockchain/smart contracts? What kind of problems (big or small) is it a good tool for? in c/programming@programming.dev
[-] nibblebit@programming.dev 3 points 1 year ago

Yeah you're not wrong, that would be more efficient. Again a blockchain is not an efficient way to do it. But it would be effective.

In practice audit logs are used by and for auditors. Non-technicals that need evidence that would hold up to argument. Yes you could send your logs to a third party. Now you have to prove that third parties trustworthiness twice a year to the standards of each legal entity you operate in. And lawyers are more expensive than blockchain devs haha :p

Having a private blockchain that you can share with several changing parties that can subscribe to it. Without having to update anything about your infrastructure is a benefit.

Even though I've lived through several iso 27001 certifications, I'm still walking on thin ice when I say that it would probably easier to explain the blockchain in practice than any other proof of completeness method. Because the public is more aware of it. On the other hand the public is also more skeptical of crypto so it could also backfire :p

What do you think would be an actually good use of blockchain/smart contracts? What kind of problems (big or small) is it a good tool for? in c/programming@programming.dev
[-] nibblebit@programming.dev 3 points 1 year ago

Yeah the problem isn't the veracity of the logs, it's providing a mechanism for third parties of proving that the sequence of events in your log hasn't been tampered with after the fact

What do you think would be an actually good use of blockchain/smart contracts? What kind of problems (big or small) is it a good tool for? in c/programming@programming.dev
[-] nibblebit@programming.dev 10 points 1 year ago* (last edited 1 year ago)

Audit logs and Access control paper trails.

Security event logging has to be:

  1. Broadly accessible
  2. Write-protected
  3. offering some proof of completeness.

These three requirements are tricky and often conflicting. Block-chain might be an inefficient way to achieve these, but the glove does fit quite neatly.

Logistical paperwork

  • Purchase Orders/Invoices and packing slips
  • Waybills/Bills of lading and CMR's

These kinds of documents require multiple stages of matching and approval by untrusted 3rd parties. There are dozens of ecosystems of interacting systems that support processing these documents, but most people still use paper. Paper is more reliable when you need to deliver a container full of diapers from Poland to North Sudan. It's more reliable but incredibly prone to fraud and forgery. Having all of these approvals and transactions tracked on a blockchain and letting different systems interact with the same chain, would make it possible without each ERP having a rest API to each other ERP.

Serverless Functions Post-Mortem in c/programming@programming.dev
[-] nibblebit@programming.dev 3 points 1 year ago

Man, I have to agree. Your write up reflect my experience with Azure Functions in a mid-large sized application way more than the post. Fantastic

What does a CTO actually do? in c/programming@programming.dev
[-] nibblebit@programming.dev 11 points 1 year ago* (last edited 1 year ago)

This is a bit of a narrow view of a very vague term. Having worked with many different sizes of organisations i can say that the responsibilities of whomever is labelled CTO are completely arbitrary. The only thing you can establish is that they are the person accountable for the technology decisions.

Sometimes that's a legacy developer, sometimes that's the first sys-admin.

Sometimes it's the VP of engineering.

Sometimes that's the person that maintains the best relationships with software vendors.

Sometimes it's the person that was hired externally to explain the tech to the CEO and let's them make informed executive decisions.

Sometimes it's just a public figure used to promote the org and maybe do DevRel.

Sometimes it's the Architect that designed the ecosystem.

Sometimes it's the ancient programmer that has kidnapped the entire codebase so that no-one else can sanely work on it.

Sometimes it's a six sigma type that setup the ticketing system, PRs and the release process.

At any size, the CTO is whatever the org needs him to be at that point.

How to Write Code Without Having to Read It in c/programming@programming.dev
[-] nibblebit@programming.dev 3 points 1 year ago

Explain to me how this isn't code golfing.

Trying to get release and testing in sync in c/experienced_devs@programming.dev
[-] nibblebit@programming.dev 3 points 1 year ago

It depends... The myriad of reasons to have a dedicated release day have often to do with synchronizing marketing, support and the other departments.

My question is what does QA mean for your org? Does it mean defect detection? Testing? Acceptance? Those are all different things. The teams i see that are able to release every day have a strict separation of Quality Control and Functional Acceptance. QC used to detect defects and regression and is handled by highly automated processes accounted for by engineering. Then acceptance is done by a dedicated product/quality team that figure out if the new functionality actually is built to spec and solves the customer problems. This also involves blogs, documentation, customer contact, release notes, tutorials and workshop for the support team etc... This second part is handled by feature flagging, so that the product teams can bèta test, run a limited release and track adoption.

It really depends on what kind of software youre running and what your relationship is towards the end user and the rest of the org. Something that is the same in all cases is that your requirements and acceptance criteria need to be very clear from the start and regression resting needs to be fully automated.

how to learn prolog? in c/programming@programming.dev
[-] nibblebit@programming.dev 3 points 1 year ago

The way I managed to get an intuition about the language is just building classic boardgames. Checkers, chess, diplomacy and go are great exercise to start working with lists and dimensions, declaring multiple predicates and have them interact with each other. Changing the state of the program and using the traces to branch out decisions. Remember to keep track of your interpreter. Different interpreters act in surprising ways. The order of operations of SWI is different than Tau.

After that, the honest truth is that Prolog isn't widely used enough to have a 'modern standard approach'. The best way is to treat it like any other embedded subsystem: light and concise scripts embedded in a grown-up language.

ADHD, finishing projects and being independent in c/learn_programming@programming.dev
[-] nibblebit@programming.dev 4 points 1 year ago
  1. You need as many environmental reminders that you are doing work as possible:
  • dedicated work place where you don't game or browse or do chores and taxes on.
  • dedicated work time where you are allowed to do work.
  • dedicated non-work time where you won't work and don't get to feel bad about not working on the project and avoiding negative emotions associated with the work.
  • I have a dedicated work shirt only worn while at work
  • figure out your attention sinks: music/podcasts/YouTube w/e and apply them strategically to signal that you are or are not working
  1. Plan. Identify as many tasks as possible ahead of time and figure out what is motivational an demotivational. Motivation takes a nosedive once the low hanging fruit runs out.
  • make sure to front-load the boring stuff and keep motivated by anticipating the fun stuff later. Please, Start out with the tests. TDD is a hack for ADD
  • Ration your creative sessions. Once you feel you are plateauing force yourself create some novelty in the project.

  1. Want and grit. At some point you'll have to grit it out. You have to make it clear to your brain that you want it. Make it personal. Want it not the way you want to have a cookie after dinner, want it the way you want to breathe. Don't even want the project, but want to prove to your brain that you are a rare capable human, able to start and finish a creative endeavour independently.

  2. Make work time scarce and urgent. Having a child has done wonders for my creative output. I used to splurge 6 hour sessions kinda working on something..now I get maybe 40 minutes a day. An hour if I'm creative about it. But heck, does that hour get applied like nobody's business.

Hope this helps, best of luck!

1
Starting out with robotics without hardware (programming.dev)
submitted 1 year ago by nibblebit@programming.dev to c/robotics@programming.dev
0 comments fedilink

Hi! I'm a software guy and would like to start out doing some robotics. Before I go out and get a bunch of hardware. I'd like to practice the fundamentals.

I'm most comfortable with C++ and C# and dotnet and am pretty comfortable with game engines like Unity Unreal and Godot.

I've started out modeling a three-joint articulated robot arm that i can control through signals to the individual joints, like controlling a stepper motor.

My goal is to figure out a system where I can declare the shape of a robot like this (armature size, number of joints, offsets etc) to create a virtual model of the robot. I want to be able to send target coordinates and a basis rotation to that model and receive a series of signals back that will move the head of the robot to that 3d coordinate and rotation.

Now, I'm sure there are systems and packages that do all the math for this already, so what tools/libraries do you guys use to do modeling like this?

I want to see if I can simulate it in a game engine, and if that works out maybe ill try it on a toy :D

Thanks!

Preventing and managing RSI and/or other injuries in c/programming@programming.dev
[-] nibblebit@programming.dev 5 points 1 year ago

I had been struggling with severe RSI for a few years and no one thing helped. I would try something out and the pain would return in a few weeks. What eventually completely solved my problem is variation. I have several working spots using different devices (traditional mouse, vertical mouse, thumb balls, trackballs, pen tables, touchscreens). I've made sure to just change posture and devices every few weeks. Ever since doing that, my problems have completely gone away. A mobile standing desk that you can adjust for squatting to slouching to sittin to standing and walking is great adds a ton of variation.

1
New name for Azure Active Directory - Microsoft Entra (learn.microsoft.com)
submitted 1 year ago by nibblebit@programming.dev to c/loud@programming.dev
0 comments fedilink
1
Dragon Ball Z: The Legacy of Goku II Developer Documentary : Internet Archive (archive.org)
submitted 1 year ago by nibblebit@programming.dev to c/gamedev@programming.dev
0 comments fedilink

The guys from NoClip dug up a bunch of old videogame archival footage and are slowly uploading them to archive.org.

One of them is this documentary for an GBA game that I found to be so heartwarming.

Hope you like!

1
Lemmy on native Azure? (raw.githubusercontent.com)
submitted 1 year ago* (last edited 1 year ago) by nibblebit@programming.dev to c/loud@programming.dev
0 comments fedilink

Hey! Last week I tried off and on to get Lemmy running on an Azure subscription, it's been tricky.

I still haven't gotten it working correctly. So far, I've tried to run the docker-compose on an ACI and Container app, but I've had the most success on a Web App for Containers of all things with the configs uploaded directly on the app service through FTP (yeah...).

I'm running the Postgres as a separate Flexible server instance (set it to v15, default is v13). And I'm running the pict-rs container as a separate ACI with a mounted storage account.

Right now the backend doesn't want to run db migrations fully, but I'm not sure why, otherwise the rest seems to work as intended and can scale independently. Running up to a projected $52/month with everything on the lowest possible SKU

I will publish a bicep once I get the whole thing to run reproducibly.

Have you guys tried it out? What other approaches have you tried or would you try?

1
Let's play a game... (programming.dev)
submitted 1 year ago by nibblebit@programming.dev to c/csharp@programming.dev
0 comments fedilink
1
Welcome to C#! (programming.dev)
submitted 1 year ago by nibblebit@programming.dev to c/csharp@programming.dev
0 comments fedilink

Hey there! 👋

Welcome to our C# community on Lemmy! We're a group of programmers, hobbyists, and learners all keen about C#. Whether you're a pro or just getting started, we're excited to have you here.

Our goal? To learn, share, and collaborate on everything C#. Got questions, projects, or resources to share? Or simply want to discuss a feature you love (or not) about C#? This is your space!

Here are a few ground rules:

  1. Be respectful and considerate: Remember, we're all at different stages in our C# journey.

  2. Stay on topic: Let's keep discussions C# focused.

  3. No spamming or self-promotion: Share your projects, but don't overdo the self-promotion.

  4. Use appropriate language: No offensive language. Let's keep it positive!

So, let's dotnet build and Nuget Unable to resolve dependency

Cheers!

1
State of the C/loud Survey 2023 (docs.google.com)
submitted 1 year ago by nibblebit@programming.dev to c/loud@programming.dev
0 comments fedilink

Hey Guys. I thought it would be fun to setup a public anonymous survey about our users. Just to see what kind of different cloud adopters we have around. Results are public and entry is anonymous. It's only to be used for the community.

For now it's as simple as taking a look at what you guys are using and what you are curious about, but in the future we can expand it to answer some interesting questions :)

1
/c/loud Reading List (programming.dev)
submitted 1 year ago by nibblebit@programming.dev to c/loud@programming.dev
0 comments fedilink

Hey everyone,

I thought it would be good to set up a repository of learning materials beneficial for both newcomers and seasoned professionals.

The aim is to curate content that ranges from beginner to advanced levels, either focused on specific cloud platforms like AWS, Google Cloud, Azure, IBM Cloud, etc., or general insights applicable across multiple platforms.

The three main categories for suggestions are:

  1. Books: What are some introductory and advanced-level books that have deepened your understanding of cloud computing? This could include architecture, best practices, security, scalability, serverless computing, cookbooks and others.

  2. Blogs: We'd love to know which blogs you trust and follow for the latest news, trends, and innovations in cloud computing. Technical blogs offering how-to guides, problem-solving techniques, project logs and tutorials, or sharing personal experiences in the field would also be great.

  3. Videos: Are there YouTube channels, online course platforms, or websites that have provided you with insightful video tutorials, webinars, or talks on cloud technology?

Cloud computing is a big field, so here are some suggestions for interesting topics:

  • IaaS, PaaS and SaaS offerings of different providers
  • comparisons and cross-platform mappings (eg. Azure for AWS engineers)
  • IAC solutions
  • Authentication, Security and Access control
  • Architecture
  • Big(ish) Data management
  • Governance, compliance and Monitoring
  • Fun personal projects

Thank you so much!

1
Azure Static Web Apps and Content-Security-Policy (www.yasendinkov.com)
submitted 1 year ago* (last edited 1 year ago) by nibblebit@programming.dev to c/loud@programming.dev
0 comments fedilink
1
Amazon Security Lake is now generally available | Amazon Web Services (aws.amazon.com)
submitted 1 year ago by nibblebit@programming.dev to c/loud@programming.dev
0 comments fedilink
1
Welcome to /c/loud - Your Home for All Things Cloud Computing! (programming.dev)
submitted 1 year ago by nibblebit@programming.dev to c/loud@programming.dev
0 comments fedilink

Hello and welcome to /c/loud, the community for everything cloud computing. We are a growing community of IT pros, developers, tech enthusiasts, and novices alike, all with a common interest - exploring and understanding the expansive world of cloud technology.

This community was created to foster meaningful discussions, insights, and knowledge sharing about cloud computing. Here, we delve into everything from the fundamentals of cloud architecture to advanced topics, such as implementing cloud-native applications and mastering different cloud services like AWS, Google Cloud, Azure, and many others.

What Can You Expect From /c/loud?

  1. Discussions: There's always a vibrant conversation happening here. You can ask questions, answer queries, engage in debates, or share your insights about various aspects of cloud computing.

  2. News: Stay up-to-date with the latest developments in the cloud computing world. From new service launches to policy changes, we discuss it all.

  3. Learning Resources: Whether you're just starting with cloud computing or are a seasoned professional looking to expand your skills, we regularly share resources to helThere's something for everyone, fromu. From online courses, tutorials, and webinars, to blog articles ething for everyone.

  4. Career Guidance: Interested in a cloud computing career but unsure where to start? This community can be an excellent resource. Share your career-related questions, get advice from industry veterans, and learn about job opportunities.

Rules

Remember, as with all communities, we have a few rules to ensure the conversations remain respectful and relevant. Before you post, please take a moment to go through our rules.

  1. Respect Each Other: Everyone has a right to their opinion. Please respect that right. Healthy debates are fine but do not resort to personal attacks or hate speech. We value a diverse community with different perspectives.

  2. Stay on Topic: This is a cloud computing community, all discussions and posts should be related to this subject. Please ensure that your posts are relevant.

  3. No Spam or Self-Promotion: This community is a place for discussion, not self-promotion or advertising. Posts that blatantly advertise a product, or service, or are used for self-promotion will be removed.

  4. Avoid Reposting: Before posting, please use the search bar to ensure the topic hasn't been covered recently. Repetitive posts can clutter the feed and might be removed.

  5. Professional Language: Use professional and (hekkin') polite language. Avoid using inappropriate or offensive content. Firefly profanity is allowed.

  6. Fact-Check Your Posts: Misinformation can be damaging and misleading. Please ensure that the information you are sharing is accurate to the best of your knowledge. This includes outdated articles or content regarding deprecated services.

  7. Respect Privacy: Do not share the personal information of others. This includes email addresses, phone numbers, physical addresses, etc.

  8. No Illegal Content: Any posts or comments sharing illegal content, or discussing activities that violate the terms of service of cloud computing platforms, will be removed.

  9. Cite Your Sources: If your post includes data or information sourced from somewhere else, please provide a link or citation to the original source.

Violation of any of these rules can result in post/comment removal. The mod team reserves the right to enforce these rules at their discretion. If you have any questions or concerns, please feel free to reach out to the moderators.

We look forward to a positive and engaging environment here in our community!

Enjoy!

Whether you're exploring cloud computing for the first time, or you're an experienced professional keen on staying abreast of the latest trends, /c/loud is the perfect place for you. Join us today and become a part of our thriving community!

view more: next ›

nibblebit

joined 1 year ago
MODERATOR OF
csharp
loud