Skip to main content


Showing posts from 2022

Use AI to write your code

It's no secret that developers use code snippets a lot. Whether it's from StackOverflow, GitHub snippets, or random Google searches, whenever a junior developer is asked to do something they don't know how to do, they tend to browse the web and find an existing piece of code they can copy and paste into their text editor. We all do it. After all, most things have been solved with code already, so why should you spend an hour trying to find out how to connect to a Snowflake endpoint using Python and listing all databases, when it's something that thousands of coders have done before? The issue with code snippets however, is that they tend to be very bad from a security standpoint. They tend to focus on the problem at hand, and give you the simplest way to solve it, without thoughts about context. If you don't understand what the code does, you won't know the potential security issues with that code, and that's one of the biggest way the Internet ends up fille

Your cloud migration is not a cost center

Anyone who works in IT knows the struggles of their department being considered a "cost center" by most businesses. Maintaining servers, desktops, software upgrades, web sites and making sure the digital parts of the operation keep turning smoothly is not a glorious job, and usually not something anyone notices outside of the department. At least, not until something breaks, then people realize how important IT is in making sure business can still be done. But again, as soon as things go back to normal, management typically stops thinking about the tech and they go back to worrying about sales, finances and production. Seeing that this is a fact of life, trying to get a budget assigned for large projects can be a challenge. This challenge is a big part of why a lot of companies lag behind the industry standard when it comes to best practices, using the latest technologies or anything that involves spending a lot of money to get something that has no direct, immediate impact o

How the invasion of Ukraine is shaping OSINT

OSINT, or Open-Source Intelligence , is the collection and analysis of data available from open sources, typically done by regular people like you and me. This means it's mostly non-state actors being thrust into an intelligence role, bonafide Internet detectives, solely thanks to the massive amount of data available online through things like social media, blogs, video sharing sites, corporate offerings, and other ways. It's not a new discipline, in fact it's something that has been done for many years and has accomplished a lot of good throughout the world, from finding kidnapped victims to conducting cybersecurity exercises . But the domain of OSINT goes much further, and sometimes people can get carried away, such as the time an online group used open source data to figure out who the Boston bombing suspect was, only to point the finger at several innocent people . Yet regardless of the past successes and failures of OSINT, this year has seen the discipline expand to a

National Preparedness Month

We're in September, and this month is known as the preparedness month. In fact, the U.S. Government designed it as such at the national level to underscore the importance of being prepared. From the website itself: National Preparedness Month is an observance each September to raise awareness about the importance of preparing for disasters and emergencies that could happen at any time. This may seem to apply more to things like forest fires, economic collapses or war, and if you're an IT professional you may not see the link between the things you do and this definition, but in a world that's increasingly dependent on complex technologies, going over your IT preparedness is an incredibly important exercise. In this post, I'll go over a couple of items you may want to think about and give you some tips that will hopefully help you to improve your organization's posture when it comes to disaster preparedness. There are a number of potential issues that can impact you

Beware of NULL values

  Using common sense and critical thinking is crucial in our industry, especially once you reach a senior IT position. You want things to make sense, and when troubleshooting a problem, it usually helps to stay grounded in comparing how things are with how things should be. However, in some rare cases, you can come across things that don't quite make sense in the real world, even though they are normal in the tech sphere. This is an example of such a case, and why you need to be careful when using SQL without understanding all the special use cases that come with it. In our scenario, we had a database table that an application was querying. The table had a column called "sold" containing an integer value. That value could be 0 or 1, although technically since it's an integer, it could also contain any other numeric value as well. The application checked whether the value was equal to 1, or whether it was not. Here are the SQL queries in question along with the results

Use Case: Fixing a Java version conflict on a Linux host

Fixing version conflicts can be a very annoying process. On a computer, processes usually rely on libraries, and often on specific versions of those libraries. When new versions get released and you upgrade your system, applications that used to work may stop working. This is what became known in the late 1990s as "DLL hell". Since then, operating systems and vendors in general have become much better at limiting this type of conflict. We have containers that host all the required dependencies packaged as a neat little bundle, we have version tags for dynamic libraries, separate folder structures, and update systems that attempt to check compatibility before upgrading things. But even with all this in place, conflicts can still occur. In this post I will go over a recent issue I had to solve regarding a conflicting Java version. The software in this use case ran on a particular Amazon Linux instance and required a recent version of Java. It was running fine, and no update had

Dealing with Python module conflicts in your pipelines

Even if you're not in software development, dealing with development issues can be something you have to deal with. For example, most of the work I do falls within the DevOps sphere, but that often involves building and deploying code, which in turn means that I need to be able to address problems that can arise during those stages. One recent issue I've had to deal with is version conflicts, so I thought it might be a good idea to address this type of issue here. In particular, I'll talk about version conflicts with Python modules, how to fix the issue, and perhaps more importantly, how to ensure they don't happen again. Recently I had a Jenkins pipeline that started failing with a weird error message. The pipeline basically installed some Python modules, cloned some code from a Git repo, then built an image so it could be tested. One of those modules was the Snowflake connector, and what happened is that the module was updated on the public repository to a version tha

When not to use Docker containers

One of the major innovations to hit the IT landscape alongside the cloud, Infrastructure as Code and other DevOps techniques in the past couple of years is the popularity of containers. Docker containers evolved from an experiment to a core aspect of the corporate IT culture. These days we have entire environments running on top of Kubernetes deployments, with containers being provisioned and destroyed in real time as needed. The beauty of a setup like this is that it makes scaling very easy, with new containers being made available on demand, while maintenance is also much easier since containers can be recreated from scratch using a template. Fans of the concept may be forgiven to think every situation can be made to fit into a container, but is that really the case? Are there cases when containers shouldn't be used? First, containers can be adapted to most situations. With the freely available templates and images, it's probably the easiest way to build a simple Nginx web se

Use case: Synchronizing Active Directory users and groups with AWS

This series covers various use cases that I've had to implement throughout the various contracts I was a part of. Dendory Capital, my firm, offers all sorts of cloud and DevOps services to organizations from around the world, and sometimes we come up with unusual challenges. I document the challenges in these blog posts to show some of the solutions we came up with. This week, I'm going to describe a use case where a client wanted to synchronize their employee directory from on-premise to the AWS cloud and assign specific permissions to groups of users. A lot of companies use Active Directory as their source of truth for users and group membership. It's a popular system, and one that most organizations use. It makes sense that, if you're already setup with AD as your core directory, you don't want to start managing users and groups in all sorts of cloud apps on top of your own network. This is where single sign-on or SSO comes in. With SSO, you can easily link your

Why NFTs are more than pretty jpegs

NFTs, or non-fungible tokens, is a term that's been on the news a lot lately. If you're in finance, or interested in crypto currencies at all, you most likely heard about NFTs already. The point of an NFT is to have a digital asset which is uniquely identifiable and can be bought or sold with crypto currency. Most of them so far have been images, and some of them have been sold for ridiculous amounts, sometimes in the millions of dollars. For anyone not deeply embedded in the crypto movement, it can seem very weird and possibly even ridiculous that someone would spend $68 millions to buy what amounts to a JPG file, an image which can be copied and duplicated endlessly. In fact the saying that "NFTs are just pretty jpegs" is a common critique of NFTs, and not a completely unwarranted one. However, it would be short sighted to dismiss the entire movement just because of that. The first thing to understand is what makes an NFT different from a regular file on your comput

Automation pipelines for everything

When most developers or even DevOps engineers think of automation pipelines, the first thing that comes to mind is a traditional CI/CD pipeline, one that gets triggered by a code push, which builds a piece of software, and then deploys it in a test or production environment. It's perhaps the quintessential idea of the pipeline, and as a result most DevOps tools are built around that workflow. There's nothing wrong with that, and in fact that process is likely to remain the most popular type of pipeline to be used in any organization. But pipelines, and automation in general, is much more powerful than just a way to speed up software development. Someone once said that any task which needs to be done more than twice should be automated. In the analog world, there are ways to automate tedious processes, but these ways tend to be costly. You need motors, cameras, robots and so on. Thankfully, in the digital world you can automate almost any repetitive process. In this post I'l

New IT trends of 2022

As 2022 begins, it's normal to think about changes and trends. Technology moves fast, so change may seem inevitable. Gone are the days where your entire organization ran on a series of servers in a back room, with your entire IT department making changes directly in production. Now we have the cloud, CI/CD pipelines, red/green deployments, DevOps workflows, agile methods, SaaS services and all those new paradigms. Worse still, it seems like every few months there's new tools coming out to do each of these things in a slightly more efficient way, and of course your employees may be clamoring to get access to these latest tools. So what are the trends we'll see in 2022? What should you prepare for, and is there a good reason to embrace those trends? There's an old saying of "don't fix what isn't broken" which basically means not to embrace change for change sake. The first thing to keep in mind is that a new trend, a new paradigm or tool, doesn't nec