hannes @hannesm@mastodon.social
hacker #OCaml #MirageOS #unikernel #FreeBSD #cycling #network #infrastructure #privacy #anarchism https://hannes.nqsb.io
Joined Apr 2017
then I gave up, booted QubesOS and used WoeUSB (https://github.com/slacka/WoeUSB) -- highly recommended, works out of the box
preparing a windows 10 boot stick on FreeBSD:
- learn that `dd if=iso of=/dev/da0` does not work
- learn that newfs_msdos can create a FAT32, but windows 10 installation has files > 4GB
- learn that mount_udf does not work with windows 10 iso -> but 7z e iso does
- sysutils/exfat-utils and fusefs-exfat are my friends now (I learned about exfat only today)
*fingers crossed*
@raichoo huch, das smart deli ist mittlerweile nicht mehr nur-vegan, sondern hat auch fisch und fleisch. ich bin ein bisschen verwundert, aber freue mich, da eben gegessen zu haben, tofu teriyaki, sooo lecker
hannes
boosted
What the internet was like in the old days for a #developer.
Also important to understand where the #git "pull requests" comes from ;)
now with a blogpost and a repository https://hannes.nqsb.io/Posts/Traceroute
ok, that was fun... developing a traceroute as MirageOS unikernel, and preserving the ttl and timestamp of sent packet inside the UDP header (well, 2 * 16 bit ports is enough for everyone, no) -- https://gist.github.com/hannesm/10ae02dbfd42568b24518fddcb39060f #MirageOS #traceroute
next: figure control flow to properly terminate :)
DNS, a protocol that keeps on giving... any hints when "dig -k <my-key>" completes a zone transfer over multiple messages, and reports "WARNING -- Some TSIG could not be validated"? there are TSIG on each DNS message (and according to other software they validate) using the very same key provided to dig (if there's only a single message for the AXFR, dig validates and does not print the WARNING) -- help
woop, from the #MirageOS land:
- qubes-mirage-firewall supporting dynamic rules was released yesterday https://groups.google.com/forum/#!topic/qubes-users/Xzplmkjwa5Y
- TLS 1.3 is released, and live at https://mirage.io/blog/tls-1-3-mirageos
- no clue what will be announced tomorrow ;)
hannes
boosted
Nice Interview with @hannesm on #MirageOS and #OCaml:
> #Functional #programming is about better #code maintenance and program understanding
https://evrone.com/hannes-mehnert-interview
> #Functional #programming is about better #code maintenance and program understanding
https://evrone.com/hannes-mehnert-interview
for those in #berlin, get your ass out on the street today to fight against nazis https://akkberlin.blackblogs.org/2020/05/15/folienkartoffeln-und-nazis-zu-brei-stampfen-aktionskarte-16-05-2020/
hannes
boosted
No theory, no ready-made system, no book that has ever been written will save the world. I cleave to no system. I am a true seeker.
-- Mikhail Bakunin
on linux you also don't get bswap32/bswap64 from endian.h (and need some defines to get BYTE_ORDER), but there's then a byteswap.h where you can get bswap_32 from. I find the lack of standardisation disturbing in this area; and am happy that on the C compiler front its gcc and clang who need to agree on something to have it widely usable ;)
I usually avoid writing C code, but if I do it should be cross-platform (Linux, BSD, macOS). Today's riddle was "byte swap" and "hto{le,be}{32,64}" functions, i.e. what normally is in endian.h (Linux) sys/endian.h (BSD) libkern/OSByteOrder.h (macOS).
After hours, I discovered __BYTE_ORDER__ and __builtin_bswapYY provided by the C compiler. They work great, no lengthly #ifdef chains anymore.
Anything that speaks against them? Anyone uses a C compiler without them ("cc -dM -E - < /dev/null")?
TIL -sigopt rsa_pss_saltlen:digest
diesen wetter podcast vom hr2 fand ich sehr interessant.. hilft alles nichts (corona), wir werden massiv umdenken muessen (wegen klima/wetter, wassermangel), um weiterhin soviel nahrung zu produzieren https://www.hr2.de/podcasts/der-tag/das-wetter-sonnig-und-trocken-im-abgang-bitter,podcast-episode-68222.html
from RFC 5246 (TLS 1.2) -- no, I've no clue why they did not just use PKCS5/PKCS7 padding. instead (please count the number of "06" occurences in the last block):
> the padding would be 6 bytes, each containing the value 6. Thus, the last 8 octets of the GenericBlockCipher before block encryption would be xx 06 06 06 06 06 06 06, where xx is the last octet of the MAC.
the implicit development are researching infrastructure FOSS projects, and joined our #MirageOS retreat last year - and wrote about their experience https://implicit-development.org/2020/04/08/mirageos-retreat/ -- thanks to everyone involved, especially @runabout -- you should read their other posts as well :)
while reading through OCaml PRs, I came across "Quake III inverse square root approximation" - https://medium.com/hard-mode/the-legendary-fast-inverse-square-root-e51fee3b49d9 - wow - here's the OCaml PR doing sth similar - https://github.com/ocaml/ocaml/pull/9466
today I developed a #MirageOS unikernel which serves the contents of a git remote via HTTP(S), including let's encrypt certificate provisioning. A test instance is setup at https://test.nqsb.io -- code is at https://github.com/hannesm/unipi (includes various protocols: git, ssh, tls, http, acme). it is < 300 lines of application code :D and even provides HTTP cache headers (last-modified / etag) :D A webhook is available that fetches the git remote (to update the contents) :D
hacker #OCaml #MirageOS #unikernel #FreeBSD #cycling #network #infrastructure #privacy #anarchism https://hannes.nqsb.io
Joined Apr 2017
Server run by the main developers of the project 
It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!