skip to content
CloudDruid

Things That Caught My Eye

  1. Kode Vicious & AI
  2. xzbot
  3. Music & AI
  4. Copilot Produces Antisemitic Imagery
  5. Ditching K8s for AI, Acorn’s Story
  6. Copyright Infrigement by OpenTofu
  7. Faster Nix Indexing/Searching
  8. Skopeo Gets a Spotlight
  9. K8s Cloud Trends
  10. Site Performance
  11. Codesmells
  12. K8s Ingress Rundown
  13. K8s Sidecar Configuration
  14. Debugging with Git
  15. Email Misconfigurations
  16. John Stewart & Apple
  17. CISA Upskilling & Volunteering
  18. PCIE Gen 7
  19. fx
  20. Observability & Cloudspend
  21. Workloads & Reliability
  22. K8s Gateway API Today
  23. Google LLMs and Bash
  24. Security Tool Audit
  25. Self-hosted Everything
  26. Community-Led NixOS Wiki

✨ Mental Bookmarks

Kode Vicious & AI

Kode Vicious shares prudent insights regarding automation, AI, tech hype cycles, and how it relates to engineering roles writ large.

🤖 xzbot

There have been a great deal of breakdowns, but this was the first demo I have seen that attempts to make the exploit accessible to script kiddies. The repo’s description speaks for itself:

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

Music & AI

Given that authors and artists have seemingly already lost this fight, I am curious if a block of wealthy musicians will be able to combat AI training on their music. Time will tell I suppose…

Copilot Predisposed to Antisemitic Imagery

AI, but more specifically Copilot this time, continues to show the world that it is trained on some of the ugliest corners of the internet, trolls, and racists behind keyboards.

Acorn Ditches K8s

Acorn Labs has ditched K8s and adopted it’s own homebrewed tool GPTScript, full stop. GPTScript is open source and automates interactions with LLMs (i.e. OpenAI). FossForce describes how Acorn Labs, led by CEO Sheng Liang, whose tenure includes co-founder and CEO of Rancher and President of Engineering at Suse, used to be a Kubernetes-based SaaS offering, but now has made a 180 degree turn towards interfacing with OpenAI. OpenAI runs on Kubernetes and Acorn Labs has strong Kubernetes ties, but abstracting away the details appears to be the primary goal.

OpenTofu’s Questionable Forking

OpenTofu was potentially caught copy-pasting Terraform code and changing the license.

Replit’s Nix CLI Utility: Faster Indexing & Searching

Replit announced the development of a cli utility, rippkgs that speeds up indexing and searching Nix expressions and is written in Rust 🦀.

Skopeo in the Spotlight

Skopeo has been around for a while but was recently highlighted in my newsfeed. It is a tool from the Containers project, famous for tools like Podman. The shout-out highlighted features such as being daemonless, not needing root access, and positioning itself as being container platform agnostic.

K8s legend Kelsey Hightower and Alex Saroyan review emerging trends they see in the ever-evolving cloud space.

Site Performance

Engineer Alex Xu is always trending, rightfully so, for their relatable and digestible graphics, and recently a post on website performance began to surge in popularity. This immediately made me think of tools like Google’s Pagespeed which strongly mirrors this graphics performance metrics.

Codesmells

A useful guide by Maximiliano Contieri covering a variety of code smells with detailed examples in comprehensible snippets.

K8s Ingress Rundown

I came across this deep dive on a variety of aspects regarding Ingress configuration and usage. I am especially curious to check this out given that I will be sitting for the CKA exam soon 🎊.

SideCars are GA 🚀

With SideCars being a built-in part of Kubernetes now, it feels more important than ever to understand proper configuration.

Debugging with Git

This review of tips and tricks with Git looks especially interesting, with topics around grep, blame, log, and bisect.

Email is the Bane of Many Orgs

David Strom reviews how researchers discovered that they could bypass cloud email filtering for a whopping 80% of major domains due to misconfiguration.

John Stewart and Apple

John Stewart shared how he could not interview FTC leaders because of Apple. The move strikes as an incredibly monopolistic power-play to prevent consumers from understanding Apple’s legal battles with the government.

CISA Upskilling & Volunteering

CISA recently shared a number of upskilling resources, a high level overview, and volunteering opportunities to help bolster our nation’s cyber security posture.

PCIe Gen 7

PCIe Gen 7 is on track to be released in 2025, which simultaneously made me think of my long-neglected PC Building Simulator video game on Steam… I need to have more fun and play my games 😂.

fx: More JSON Viewing

fx reminds me of jnv, a tool I learned about recently written in rust. fx is written in Go and seems to have decent interfacing options.

Observability & Cloudspend

On my to-read list: “Why is Observability so Expensive?”

Workloads & Reliability

Fairwinds engineer, Joe Pelletier, recently reviewed latest trends in workload reliability and was highlighted by CNCF.

K8s Gateway API Today

A walk down memory lane regarding the evolution of K8s Gateway API.

Google LLMs and Bash

A bash cli tool as an interface with Google LLMs.

Tiger’s Resurrection

A Unix security audit and intrusion detection tool has risen back into prominence as a powerful security option, Linux Magazine’s take looks like a worthwhile read.

Self-hosted Everything

A compendium of self-hosted resources caught my eye.

Community-Led NixOS Wiki

Last but certainly not least, I am eager to see how recently released NixOS’s wiki project develops, as NixOS is notorious for sometimes cryptic and incomplete documentation.