Adventures in IT

Image: Pixabay I've been somewhat of a Bitcoin sceptic for quite some time.  When it first became a thing I was worried that governments would legislate it out of existence. It has had a pretty bad rap of being associated with the dark web and it is definitely the choice of currency for malware authors. In its normal usage Bitcoin is more transparent than cash.  If I give you a cash note there is no permanent record of the transaction and the tax man can't get a sniff into our business. Governments hate transactions they can't tax or police and so in the beginning there was a concern that Bitcoin would be outlawed. In contrast to cash, if I transfer you Bitcoin then there is a record of the transaction that anybody in the world can inspect.  It's possible to trace the coins in your Bitcoin wallet back through the various people who owned them.  Anybody in the world can watch the contents of your wallet and see where you spend your money. This is exactly...

Image: https://boinc.berkeley.edu, fair use BOINC is a program curated by the University of Berkeley that allows people around the world to contribute to science projects.   It works by using spare cycles from your computer to perform calculations that help do things like folding proteins to find candidates for cancer treatment, mapping the milky way galaxy, searching for pulsar stars, and improving our understanding of climate change and its effects. It runs as a background process and is easily configured to only run in certain conditions - like when you haven't used your computer for 10 minutes for example. It comes with a nifty GUI manager and for most people using it on their desktop this post is not going to be at all relevant.  This post deals with the case where a person is running it on a server without the GUI manager. Anyway, the easiest solution I found to restarting BOINC on a headless server was to use supervisord .  It's pretty muc...

My Vagrant 1.7.2 machine bugged out and when I tried to `vagrant up` it spawned a new box instead of bringing up my existing machine. Naturally this was a problem because I had made some manual changes to the config that I hadn't had a chance to persist to my puppet config files yet. To fix the problem I found used the command ` VBoxManage list vms ` in the directory where my Vagrantfile is.  This provided me a list of the machine images it could find. I then went and edited the file at .vagrant/machines/default/virtualbox/id and replaced the UUID that was in there with the one that the VBoxManage command had output. Now when I run 'vagrant up' it spins up the correct VM.  Happy days.

Image: Pixabay Although I'm currently playing with Elixir and its HTTP servers like Cowboy at the moment Nginx is still my go-to server for production PHP. If you haven't already swapped your web-server from Apache then you really should consider installing Nginx on a test server and running some stress tests on it.  I wrote about stress testing in my book on scaling PHP . Redirecting non-www traffic to www in nginx is best accomplished by using the "return" verb.  You could use a rewrite but the Nginx manual suggests that a return is better in the section on " Taxing Rewrites ". Server blocks are cheap in Nginx and I find it's simplest to have two redirects for the person who arrives on the non-secure non-canonical form of my link.  I wouldn't expect many people to reach this link because obviously every link that I create will be properly formatted so being redirected twice will only affect a small minority of people. Anyway, here's...

Image: https://www.pexels.com Logging is such an important part of my approach to debugging that I sometimes struggle to understand how programmers avoid including logging in their applications. Having sufficiently detailed logs enables me to avoid having to make assumptions about variable values and program logic flow. For example, when a customer wants to know why their credit card was charged twice I want to be able to answer with certainty that we processed the transaction only once and be able to produce the data that I sent to the payment provider. I have three very simple rules for logging that I follow whenever I'm feeling like being nice to future me.  If I hate future me and want him to spend more time answering queries than is needed then I forget these rules: The first command in any function I write is a debug statement confirming entry into the function Any time that the script terminates with an error then the error condition is logged, along with the e...

Image: Pixabay CSRF attacks exploit the trust that a website has in a client like a web browser.  These attacks rely on the website trusting that a request from a client is actually the intention of the person using that client. An attacker will try to trick the web browser into issuing a request to the server.  The server will assume that the request is valid because it trusts the client. At its most simple a CSRF attack could involve making a malicious form on a webpage that causes the client to send a POST request to a url. As an example, imagine that a user called Alice is logged into Facebook in one tab and is browsing the internet on another tab.  A filthy pirate Bob creates a malicious form in a webpage that submits a POST request to Facebook that sends a person to a link of Rick Astley dancing.  Alice arrives on the page we made and Javascript submits the form to Facebook.  Facebook trusts Alice's web browser and there is a valid session for he...

This technique was developed in the Ruby community and is a great way to approach caching partial views. In Ruby rendering views is more expensive than PHP, but this technique is worth understanding as it could be applied to data models and not just views. In the Ruby world Russian Doll caching is synonymous with key-based expiration caching.  I think it's useful to rather view the approach as being the blend of two ideas.  That's why I introduce key-based expiration separately. Personally I think Russian Dolls are a bit of a counter-intuitive analogy.  Real life Russian Dolls each contain one additional doll, but the power of this technique rests on the fact that "dolls" can contain many other "dolls".  I find the easiest way to think about it is to say that if a child node is invalidated then its siblings and their children are not affected.  When the parent is regenerated those sibling nodes do not need to be rendered again. Cache Invalidation ...