Spreadsheets

I routinely come up with what I think are million dollar ideas. And I get euphoric about how successful it will be be, I’ll make so much money, and people will be happy. And then as the euphoria dies down, typically as I start designing it, I have some sober thoughts. Would I use my own product? Maybe. Would I pay for my product? Probably not. And the reason why this is invariably boils down to the fact that most of my ideas are just a way of storing and managing ideas in a tabular format. As in, a spreadsheet. ...

March 4, 2023 · 3 min · 503 words · Scott Brown

Static Websites

A person dear to me, who is new to the tech world, asked me a simple question: “What is a static website?” It was asked in response to me saaying that I have a static website–this website you are reading. Tech Jargon and Shibboleths Once again it dawns on me how often jargon slips into normal conversation and acts like a shibboleth. It’s hard to place one’s self squarely back into the shoes of someone that has no frame of reference. If you want to get a feeling for what this is like, try to remember that at some point in your life, you would not have understood the words on this page. Even worse, you wouldn’t even be learned enough determine what is a word and what is not. This is hard for you to remember because you don’t–or barely–remember being illiterate. If you want a sense of that, go look at a book written in a completely different language. For example, if your first language is English, go look at a book in Hindi. I always find it fascinating, scary and humbling that I cannot tell what is a word, what is punctuation, or anything when I look at a completely different language; these new languages appear to me as tally marks as I’m certain English appears this way to a North American child. ...

February 26, 2023 · 9 min · 1878 words · Scott Brown

Security Training is Hard

I recently had to go through the mandatory annual training around ethics, security, and handling sensitive data. Like many companies, this training comes in the form of pre-built SCORM courses. I received the following question from KnowBe4, specifically in handling sensitive data. I was going to answer this question by choosing “Find a location with greater privacy and communicate using encrypted messages on a secure connection”. I was so close to clicking the Submit button. Then at the last moment, I changed my mind and chose “Tell the office that for security concerns the call will have to wait until you get to your hotel room.” I clicked the Submit button and waited for the result. ...

February 7, 2023 · 5 min · 902 words · Scott Brown

ChatGPT Part 2

The previous part in this series introduced ChatGPT and explained my motivations for testing it out. One of the coolest features of the tool is that it will remember previous topics in the conversation and apply them in future prompts. So you don’t need to get it right the first try, you can rephrase and try again. Since I learn best when the knowledge is applied, I asked ChatGPT to help me with a problem I was struggling with for the past 4 days. I was trying to come up with an elegant solution to using AWS application load balancers to process HTTP requests with Lambda functions, and I wanted to use the Go programming language. However, doing HTTP path multiplexing is something that the standard Go muxer is not good or performant at. For instance, the default muxer can handle GET /blog perfectly, but it cannot handle GET /blog/:id because it doesn’t know how to parse path parameters. I could start parsing those path parameters with regex, but then I’d start having regex problems, and I’m certain it wouldn’t be performant or battle-tested. That’s where muxers like Gin or Chi or Gorilla come in. I wanted to write the Lambda function to pass the ALB request to a Gin backend and have it mux for me. The problem was that constructing an HTTP response struct by hand is not something people do, and I was struggling to write it properly. I tried using net/http/httptest/ResponseRecorder and it worked, but that struct is for unit testing and it felt wrong to adapt it for – what I would expect to be – production code. None of my solutions worked, so I asked ChatGPT to help me. ...

February 5, 2023 · 9 min · 1705 words · Scott Brown

ChatGPT Part 1

I love computer technology. All aspects of it. That’s why it has been my career choice my entire adult life, even though my jobs have changed over time (software developer, operations, systems administration, security, etc.). To an outsider, computer technology is akin to magic. But for those of us in the industry, it is our job to understand how that magic works. It is not a stretch to say that demystifying magic is a shibboleth within the tech industry. It’s also why there’s not a lot of new technology that feels magical, like it did when I was just starting in this industry. ...

January 29, 2023 · 4 min · 850 words · Scott Brown

How To Perform DNS Delegation

Use Case While building infrastructure, especially in The Cloud, you often come across the need to manage a subdomain. Perhaps you have something like staging.example.com that will be wholly managed within Route53 (Amazon Web Services’ DNS service). However, your company’s DNS zone (example.com) is hosted in another place, say, Namecheap (a domain registrar) or Dyn (a DNS management service). What can you do? The Answer The answer is that you need to delegate your DNS subdomain to Route53. This sounds a lot more difficult than it actually is. DNS delegation involves taking a subdomain and pointing it to another set of DNS records. You need permissions to modify both a Route53 hosted zone and your DNS zone in the other DNS service. ...

May 26, 2018 · 5 min · 936 words · Scott Brown

So Over SSO

One of the things that really irks me almost daily is the incessant use of SSO 1 services such as Facebook, Twitter, and Google by external services. These are services whereby they do not require you to setup your own account on their system and, instead, ask you to sign in with an existing account through Twitter or any of the other authentication providers. This in turn is supposed to keep your authentication details private from external services. ...

July 7, 2013 · 2 min · 389 words · Scott Brown