20190913

Learned

  • Certain kinds of environment variables can be initialized in groovy script before a pipeline definition in Jenkins. These vars can be used in the pipeline like params and things defined in the environment {} block. (Been spending a bit of time with Jenkins lately. 🙂
  • Maven is pretty cool. Starting with a generated project gets you lots of stuff for free … a file system layout, test and packaging strategies, dependency loading, hooks into various build lifecycle stages.

Read

  • Finished Data and Goliath. Excellent book! (What’s next. :))

Mongo

Logical backups

# Backup a specific mongodb
# This is generally slower than physical backups but good for grabbing
# very specific subsets of data from big db
mongodump --archive=a.gz --gzip --db <dbname>

# Restore
mongorestore --archive=a.gz --gzip 

Querying

# Find a document
db.a.findOne({ a: "1234" })

# Update a document
db.a.updateOne({ a: "1234" }, { $set: { a: true } })

20190910

Learned

  • Developer experience is so important. Getting this right feeds directly into velocity and happiness.
  • Not all secrets are equally important to keep hidden at the cost of user experience.
  • What’s the simplest thing I can do that will get me closer to my goal. Do that.

Links

  • https://thedailywtf.com/articles/The-Speedup-Loop
  • https://charity.wtf/2019/09/08/reasons-not-to-be-a-manager/

Data and Goliath

The state of surveillance. Imperfect awareness and controls allow for growth. People at the fringe of society come with new ideas. Possibilities. Perfect control can stifle thought.

Corporate and government. Different motivations. In some cases working together.

Privacy and freedom. Chilling effect. Behavioural adaptation. People don’t speak freely when they think they’re being listened to.

The security vs. privacy trade off. False. Do we want to build systems that are weakened for everyone or protect the people who use them? US Government has given intelligence agencies much leeway to do what they need to to protect. Usually happens around large events like Sept9/11.

Encryption. The one technical tool we have to really protect privacy. Available to good and bad alike to use. NSA and others don’t try to break it. Much easier to infect systems with malware, backdoors and collect / control that way.

Are we more secure for it? Bad things still happen all the time and we’re not able to intervene regardless of the amount of data collected on people. You have to be able to analyze it in a meaningful way. This is hard. Events we would care about are rare and don’t resemble each other in any meaningful way.

Legal framework needed. Oversight. Separation between collection and action. Trasparency in what intelligence community does. And strategic and tactical tools to make sure agencies are operating within bounds.

Whistle blower protection. Leakers + journalists need to be at least able to try to make the case that they were showing egregious disregard of laws around surveillance and eavesdropping. Right now there are no protections.

Suggests new behaviours for government, business, and us as individuals to change the direction we’re heading in. Favouring services that have good privacy practices, using encryption liberally, and engagement in the process for eg.

Ends by describing a challenge for our generation around figuring out how to balance group and individual privacy in our time when we’re clumsily rushing forward into dark places just because we have new toys and haven’t thought through moral implications largely. There are good uses of shared, community owned databases – he talks about a health / medical use case where we can learn about health + wellness as a good trade off towards group benefit. (Giving Google reams of data so that they may better advertise at us … not so much. :))

Great read. 🙂