This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2019-05-15
Channels
- # announcements (2)
- # aws (52)
- # beginners (326)
- # cider (24)
- # clara (7)
- # clj-kondo (14)
- # cljs-dev (175)
- # clojure (183)
- # clojure-ecuador (2)
- # clojure-europe (4)
- # clojure-italy (11)
- # clojure-nl (1)
- # clojure-norway (1)
- # clojure-spec (5)
- # clojure-sweden (5)
- # clojure-uk (103)
- # clojurescript (49)
- # cursive (29)
- # data-science (9)
- # datascript (17)
- # datomic (23)
- # emacs (6)
- # events (4)
- # fulcro (19)
- # graalvm (8)
- # graphql (2)
- # hoplon (36)
- # jobs (1)
- # jobs-discuss (92)
- # juxt (3)
- # luminus (10)
- # off-topic (4)
- # pedestal (8)
- # planck (1)
- # re-frame (59)
- # reagent (1)
- # reitit (22)
- # rewrite-clj (8)
- # ring-swagger (3)
- # shadow-cljs (101)
- # spacemacs (15)
- # tools-deps (36)
- # vim (68)
Morning. Does anyone have an account with ft? I don't, but I'd really like to know what this article says about the protocol used in the WhatsApp vulnerability and if it says anything positive/negative about the Signal app which uses the same protocol as WhatsApp https://www.ft.com/content/4da1117e-756c-11e9-be7d-6d846537acab
@mccraigmccraig @dominicm +1 for west country fudge. Creamier
morning
I believe it was a buffer overflow on voip messages, not specifically about the encryption protocol
Yeah I read similar on a Verge article I think. Curious to find out if this is something specifically related to WhatsApp or whether it's some generic about VOIP that other apps like Signal would be subject to
>A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number
All seems a bit vague as to whether this is purely a WhatsApp issue or not đ¤ˇ
reckons it is purely a WhatsApp bug albeit a cross platform one
>After all, why bother cracking WhatsApp's strong end-to-end encryption when you can overflow a buffer and hack the code itself?
Cool, thanks @ben.hammond đ
@dominicm - Which is why I tell everyone that will listen that they should use Signal instead, but do they listen..?
> that will listen > but do they listen is this a symbol/signifier postmodernist thing?
https://twitter.com/quincognito_/status/991065771848617984 but still relevant
hahaha
I once f***ed up a uni essay on postmodernism by using postmodernist critique on the question, and concluding that there was nothing I could say that could be marked as relatively more valid or less valid than any other answer (and thus, is it even an exam question if it cannot be objectively assessed?)
that⌠did not go down well
And down the Mandelbrot we goâŚ
sorry, niche joke
my humanities degree is showingâŚ
@maleghast It got to the point that I had two friends on my contacts who were using Signal, everyone else was on Messenger or WhatsApp. And those two friends on Signal I didnât talk to much anywayâŚâŚ May have well renamed it Tumbleweed.
@maleghast I talk to my partner on there, which is 99% of my personal communication
I may install the app on my mum's phone and set it as the sms app, so she'll use it to talk to me without trying
@jasonbell @dominicm - I use Signal to talk to my parents and a couple of paranoid friends... đ
on topic question: I have some code which may terminate early, currently it's returning {::skipped true}
which I don't love. This is a process that will be retried later (it's a retryable failure)
None of the anomalies quite fit except maybe :busy
, which isn't quite right either. It's usually going to be "dependency unresolved".
I love
đ
may be available in the future
being the important thing
doesn't quite work does it
404 is nice, except you're not technically supposed to return a body for that, except I might do. If you do this:
(def atom 0)
(inc (dependency-failure (swap! some-atom inc)))
I want to return
{:xxx true
:??? (inc (dependency-failure 1))}
well you're actually retturning http are you? its more a sort of paradigm inspiration thing?
so I guess I'm suggesting :not-found
as the anomaly
I suppose the fact you had to explicitly mention that "may be available in the future" should indicate that it's not entirely clear đ
yeah maybe thats right
:retry-later
?
Although, one could argue that in my case it isn't a retryable thing at all. You are literally saying "You have not given me all that I need in order to continue".
:tell-me-more-or-i'll-start-making-stuff-up
The fact that my calling process loops over everything over and over again (so will eventually get there) is irrelevant, another implementation might examine the map to find out what dependency is missing and jump straight to it (depth first search vs restarting process)
:dependency-not-available
I may switch to something like that tbh. I'm trying to figure remember if there's any other use-cases I had in mind which may need to defer.
(defer is a good word to consider for this state and pairs nicely as :defer
and :deferred
for the new deferred value)
:retryable-failure
if itâs a generic api and the internals are raising the error â then it should be in the domain of the api i.e. generic⌠if itâs an application/domain level thing and not a reusable api then name it in domain terms. It seems youâre undecided which level itâs at.
:just-now
== :now-now
too
and when you try again :shut-yer-puss
⌠and again :glesga-kiss
đĽ
hmm the Scotts dialect wikipedia translation is crying out to have HTTP status codes translated đ https://sco.wikipedia.org/wiki/Main_Page
:now-now
as opposed to :real-now
haha showing your roots there Andy
well, part of my roots. It was pretty comical when I still used those terms after moving back here and getting my first job đ
Anyone in here played with Fission -> https://fission.io/ <- with Clojure..?
why fission > kubeless?
I saw RedHat demoing Kafka/ML/Kubeless a couple of weeks ago, very good it was too.
if I was running k8s clusters and didnât mind the faff, Iâd be p into it
tbh tho, happy to pay AWS on the whole
i quite like the sound of it because ops on k8s is easier and (a lot) more portable than ops on AWS
I guess the big thing is deploying the artifacts is easier
because you donât need to faff with cloudformation or terraform
buttttt
you could use Serverless (the framework) which is easier than either (as long as your entire service is lambdas)
if thereâs an impedance mismatch between your code and runtime env then k8s will help as youâre able to run and test in the same containers youâll deploy - which is p much how you test AWS lambdas - i.e. using containers
OK, so no one has any direct experience, but âleaving it to AWS Lambdaâ seems to be the consensusâŚ
I do have another Kubernetes related question to put to the room, however⌠Does anyone have any experience with either Rancher or Heptio as a gateway to K8s usage, a simplifying force, shall we say..?
Sorry @maleghast Iâve not been completely keeping up with the convo, what is it youâre trying to achieve?
I am looking for a tool or environment to help me with managing K8s and deploying workloads into K8s environments
I donât like the look of OpenShift, so the other options that look âof interestâ to me are Rancher and Heptio
My knee-jerk reaction is to prefer Rancher because itâs more open source AND not owned by VMWare
Iâd still get comfy with the command line first in all honesty. Tools are all very well but there are days you just need to command line.
Seemed to work well for what I was, a service mesh to handling the ingress and egress