0xf00 @fmeden@toot.thoughtworks.com

TIL: https://docs.aws.amazon.com/security/ (via CyberWeekly newsletter)

"endopint" #typooftheday

#sumologic api:
```
"errors":[{"code":"moved","message":"The requested resource SHOULD be accessed through returned URI in Location Header."
```
but did not send any location header... 🤦‍♂️

this happened after rebuilding a docker image:
`/loadjar.sh: line 3: /usr/bin/java: No such file or directory`
I didn't change the base image. the path just changed arbitrarily. wtf.

#til: `tac` is the reverse of `cat`.
both literally and functionally.

we just broke atlassian bamboo builds with emojis in commit messages.

TIL this is a thing: https://monitor.firefox.com/

TIL: tls server offers different subsets of ciphers among those configured depending on key type (rsa/ecdsa)

I just delivered a sql injection to a graphql endpoint* and my mind is quite blown atm 🤯

(*on a pentesterlabs exercise, not a real service!)

#til: mysql driver has an option to create the db upon connection if doesn't exist already (as long as the user connecting has CREATE permissions), e.g.:
`jdbc:mysql://localhost:3306/someschema?createDatabaseIfNotExist=true`

https://superuser.com/questions/1187633/how-to-debug-systemd-networkd
fun

I wonder if it's easy to write a fargate backend for garden now...

only after going through the pain of setting up a concourse cluster in fargate I realise that actually, it could never work as concourse needs privileged mode and fargate doesn't allow it 😭

"with great security comes great usability" -- security spiderman's uncle

quantum typing: when the waveform of your typing skill collapses when observed by your pair

I just rolled out my own test framework for infra tests in bash and it took 5 minutes and I have working tests and I'm not ashamed