A Cup Of Matcha 13
I had lots of fun last week starting to rebuild my big old metadata processing app using the new Smee libraries that were originally based on chunks of scrappy code copied from it. A few things don’t quite line up properly, a few features are missing, and one or two features need to be optional - other uses of Smee so far (like an MDQ app) assume slightly different data. But overall it’s working out nicely - the new app is simpler, faster and much more reliable.
Last week’s interesting identity management links first, as usual:
- kratos_plug Use the Kratos IdP from Elixir (as an SP)
- A long road up to Boruta History of the Boruta OpenIDC server project
- Have I Been Pwned Domain Searches: The Big 5 Announcements! Improvements to Domain Monitoring in HIBP
- What is OpenRoaming? and eduroam + OpenRoaming EduRoam is looking into linking EduRoam with OpenRoaming somehow
- Looking Back to REFEDS 46 in Tirana Blog post summarising a recent meeting of REFEDS community (slides)
- ADFSToolkit and How to consume SWAMID metadata with ADFS Toolkit It’s possible to sort of brute-force ADFS into behaving as an acceptable federated IdP?
- University multilateral federation solution design Well Microsoft aren’t keen and recommend proxying to or from a decent SAML IdP instead
- Secure Sign-in Trends Report It’s obviously marketing for Okta but still contains some useful info
- State of browser privacy evolution and Browser Changes and Federation A working group monitoring and responding to misplaced “improvments” to web browsers that may break secure federated authentication
- Venafi A big fancy commercial alternative to OpenStep
- Sumsub Another user identity verification service
- How to password protect a static HTML page with no JS Or use CSS to “encrypt” instead. Please don’t actually do this. Just look at this page with a horrified expression.
- Selection results of excellent proposals in the Hwangdang Regulation Contest South Korea allows people to vote on laws they want to be changed, and they voted to stop forced regular password resets for government accounts. I think.
Someone asked if IRM (Identity Relationship Management) was still a thing, I didn’t even know it was a thing, or what sort of thing it was. I can now confirm it is still a thing.
- Identity Knowledge Graph 2023 “A real-world data model of both person and non-person entities and the relationships between them”
- 3Edges Graphical authorisation policy builder that’s aware of entity relationships
- SGNL Also seems to use IRM principles
There’s now a number of different federated SSH projects across the world, with new plans to work together. I’ve been thinking about this problem for ages so I’m logging every link I’ve found:
- CryptPad The original presentation on this topic
- SSH with OIDC OpenID Connect Access Tokens Video for the KIT approach
- Demonstration service for using SSH via OpenID Connect KIT demo server and instructions
- PAM module for OAuth 2.0 Device flow STFC are using a PAM module and OAuth2
- PAM module for OAuth 2.0 Device Authorization Grant as is Masaryk University
- SSH certs in a federated world WAYF are going with a SSH certificate based approach
- PAM web login SURFNet are always doing something cool. PAM for them.
- pam-weblogin PSURFNet PAM code
- Web based SSH login DAASI have something that looks like what I was planning, but smoothly does it in one step
- Federated SSH login It supports more than one IdP, of course. This is a better user experience than mine, although mine needed no extra software on the server.
Project management and design
- My Approach to Building Large Technical Projects Someone describes what works for them
- The Asymmetry of Open Source Open Source has very complicated social aspects
- Crafting interfaces that empower users. UI design advice
- Classifying Event Driven Architecture Part of a series on Event Driven Architecture
- An Alerting strategy for the cloud Sounding the alarm for online service problems
- 11 years of hosting a SaaS Experiences running a Software As A Service, er, service
- 10 Tips to stay focused on your personal Projects I could honestly do with focusing on other things but this was helpful
Another week of failing to avoid “AI” and machine learning
- Why do ML on the Erlang VM? Machine learning is becoming one of Elixir’s strengths
- Scholar Various “traditional” ML tools for Elixir
- elixir-nx/axon Elixir Nx-powered Neural Networks
- Everyone on AI twitter 2023
A big list of general web and dev links
- Elixir for your next project — this is why It’s a great language I apparently can’t stop enthusing about here
- Ifconfig.me A more modern and detailed way to look up your public IP address, with an API
- temple A DSL-based HTML template language for Elixir, a lot like one that was popular for Rails a long time ago that I can’t remember the name of
- Lemmy A Mastodon-style open source clone of Reddit, especially important now that Reddit’s owners are Musking it.
- Arke I’m normally dismissive of “low code” or “no code” software development gimmicks but this has Elixir in so I’m going to be shameless and link to it. I don’t actually understand what it does.
- Atlos Software for researching real-world incidents using witness statements, photos, videos, etc. Useful if you’re going all Bellingcat on something.
- BEAM process memory usage A good, knowledgable and education response to a recent bad blog article attempting to benchmark threading in various languages
- Stack Overflow Developer Survey 2023 and Stack Overflow Developer Survey 2023 It’s that time of year again
- Interview with an Emacs Enthusiast in 2023 I can’t copy in Emacs either
- Ruby Adds Support for WebAssembly: What Does This Mean for Ruby Developers? Ruby WASM has great potential
- annotaterb A newer way to automatically annotate ActiveRecord models
- Fortify Rails A talk on security-hardening Rails apps
- What’s New in GraalVM Languages GraalVM is amazing but also by Oracle.
- Phoenix Liveview Error Pages Rather specific but I found it useful
- he many states of Elixir State in Elixir - lots of details, I learned a lot despite using it for years
- Prefixed base62 UUIDv7 Object IDs with Ecto UUIDv7, with prefixes - I’ve written a library for similar use cases, this is more generic
- Accessibility and i tags This was stumbled across at almost the same there was an discussion on a local Manchester tech forum on this very topic
- Scripting with Elixir Useful because I struggle with Elixir scripts
- Migrating Netflix to GraphQL safely Real world, large scale GraphQL
- I Don’t Need Your Query Language A very interesting and startling defense of good old SQL
- Replace a Dockerfile with Go (or Python, or Node.js) I’m in two minds on this - I’d like to automate container builds more but this looks awkward and ugly
Ending this week’s lists with a few odd things again:
- egos-2000 A tiny, 2000-lines ARM OS for teaching and learning
- Kera Desktop I assumed this was Yet Another Linux Desktop, and it is, but it’s also a Mac OS and Windows desktop
- Miniatua Puts the Micro in Microchip in a Series of Remarkably Precise Miniature Computers Tiny model computers including scenes from Wargames!
- London-Underground-Dot-Matrix-Typeface Strangely soothing UK public transport fonts
- CFexpress I hadn’t noticed a completely new Compact Flash format had appeared - these things are expensive and amazingly fast
- mop3 Use Mastodon over POP3, an old mail protocol. Read Mastodon on your Palm Pilot.
- New Study: Vegan Diets Can Provide Adequate Nutrition for Dogs Vegan dogs are a good idea - for you, the dog, and the planet.