Skip to content

Instantly share code, notes, and snippets.

View allingeek's full-sized avatar
💭
:hurtrealbad: Anyone try to show you a raw bitmap lately?

Jeff Nickoloff allingeek

💭
:hurtrealbad: Anyone try to show you a raw bitmap lately?
160 followers · 16 following
View GitHub Profile
@allingeek
allingeek / dev-env.md
Last active May 24, 2021 17:40
Overview of my developer tools and related kits.

dev-env @allingeek style

1. Hands on Keyboard

1.1 Hardware

1.1.1 Compute

  1. Mid-2014 13" MBP - i7 @ 16GB
  2. Mid-2017 12" Macbook - i5 @ 16GB
@allingeek
allingeek / session-vs-seccookie.md
Last active August 2, 2019 00:10
Key points in choosing session vs secure cookie for authorization token.

Authorization with Session vs Secure Cookies

Facts

  1. A secure cookie is encrypted and signed trusted material. A session ID cookie is uniquely random ID for server-side state.
  2. Both can be stolen and abused.
  3. Scalability: Secure cookies eliminate serverside state. They promote scalable patterns. Session IDs are less scalable, but we've been doing them for so long that they are basically a standard practice anyway. We've gotten pretty good at running sessions.
  4. Safety: Secure cookies are encrypted and signed. However if a weak key is discovered then the scope of impact is huge. An attacker would be able to become any user of the system. Cracking a secure cookie is a clientside operation. Impact of guessing a single session ID is to a random single user. Guessing requires a roundtrip to the server which would be a trivial attack to discover and mitigate.
  5. User experience: Secure cookies work across browser tabs, windows, and sessions. They last until the cookie expires. Certain browsers may ev
@allingeek
allingeek / keybase.md
Created May 11, 2017 23:59

Keybase proof

I hereby claim:

  • I am allingeek on github.
  • I am allingeek (https://keybase.io/allingeek) on keybase.
  • I have a public key ASDkVpE12c69eSj3AgAkIT4x-a88Za7OHQ86ZwPPC7uTygo

To claim this, I am signing this object:

@allingeek
allingeek / Service-Application Telemetry Instrumentation.md
Last active May 11, 2017 02:22

Application Telemetry in Go Services

Philosophy

The only way to understand the code you've written and its impact on business value is to measure the usage and performance of that code. Please take a few minutes and read Coda Hale’s slides from "Metrics, Metrics Everywhere".

Application metrics come in these basic flavors:

  • Histograms
  • some value sampled, counted, and stats
@allingeek
allingeek / gist:c2cc64d6fc1031e14823
Created October 22, 2015 18:54
Verifying that +allingeek is my blockchain ID. https://onename.com/allingeek
@allingeek
allingeek / gist:4b06cd95c811a6e61101
Created June 10, 2015 19:58
Wondering about the order or purpose of redundant blob digests in the fsLayers property of a registry manifest.
docker run --rm -u 1000:1000 --net host curly -s http://localhost:5000/v2/distribution/manifests/2 | docker run -i --rm -u 1000:1000 allingeek/jq --slurp .[].fsLayers[].blobSum
"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
"sha256:a1ad7a41df8de40e0678891b7907f448e861e35726b576adc3cff43f957f1e4c"
"sha256:a84c6f99a0d573fc078e65ac47a7aa4bd375e064a3b046fa9672800d25a4f110"
"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"