Asynchronous Zsh prompt with Git status

Zsh ships vcs_info, a function fetching information about the VCS state for the current directory and populating a variable that can be used in a shell prompt. It supports several VCS, including Git and SVN. Here is an example of configuration:

autoload -Uz vcs_info
zstyle ':vcs_info:*' enable git

() {
    local formats="${PRCH[branch]} %b%c%u"
    local actionformats="${formats}%{${fg[default]}%} ${PRCH[sep]} %{${fg[green]}%}%a"
    zstyle ':vcs_info:*:*' formats           $formats
    zstyle ':vcs_info:*:*' actionformats     $actionformats
    zstyle ':vcs_info:*:*' stagedstr         "%{${fg[green]}%}${PRCH[circle]}"
    zstyle ':vcs_info:*:*' unstagedstr       "%{${fg[yellow]}%}${PRCH[circle]}"
    zstyle ':vcs_info:*:*' check-for-changes true
}

add-zsh-hook precmd vcs_info

You can use ${vcs_info_msg_0_} in your prompt to display the current branch, the presence of staged and unstaged changes, as well as the ongoing action.¹ Have a look at the documentation for more details.

On large repositories, some information are expensive to fetch. While vcs_info queries Git, interactions with Zsh are stuck. A possible solution is to execute vcs_info asynchronously with zsh-async.

Continue reading

Operators Dish on Edge Computing Strategies at MEF 2019

TCP MD5

TCP_MD5 (RFC 2385) is something that doesn’t come up often. There’s a couple of reasons for that, good and bad.

I used it with tlssh, but back then (2010) it was not practical due to the limitations in the API on Linux and OpenBSD.

This is an updated post, written after I discovered TCP_MD5SIG_EXT.

What it is

In short it’s a TCP option that adds an MD5-based signature to every TCP packet. It signs the source and destination IP addresses, ports, and the payload. That way the data is both authenticated and integrity protected.

When an endpoint enables TCP MD5, all unsigned packets (including SYN packets) are silently dropped. For a signed connection it’s not even possible for an eavesdropper to reset the connection, since the RST would need to be signed.

Because it’s on a TCP level instead of part of the protocol on top of TCP, it’s the only thing that can protect a TCP connection against RST attacks.

It’s used by the BGP protocol to set a password on the connection, instead of sending the password in the handshake. If the password doesn’t match the TCP connection doesn’t even establish.

But outside of BGP it’s essentially Continue reading

Talking System Architecture With AMD CTO Mark Papermaster

It is funny to think that in a certain light, AMD has Big Blue to thank for its resurgence in the datacenter. …

Talking System Architecture With AMD CTO Mark Papermaster was written by Timothy Prickett Morgan at The Next Platform.

BiB083 – Forescout – Visibility For Segmentation

BiB083 – Forescout – Visibility For Segmentation

I'm talking about Forescout after receiving a briefing during Tech Field Day 20.

The post BiB083 – Forescout – Visibility For Segmentation appeared first on Packet Pushers.

Technology Short Take 120

Welcome to Technology Short Take #120! Wow…hard to believe it’s been almost two months since the last Tech Short Take. Sorry about that! Hopefully something I share here in this Tech Short Take is useful or helpful to readers. On to the content!

Networking

• In the event you are seeking more information on NAT hole punching, here you go. You’re welcome. (I found this link in the serverless mullet architectures post, see the “Operating Systems/Applications” section below.)
• Mohamad Alhussein shares how to filter the transit subnets from being redistributed from NSX-T to upstream physical routers (by transit subnets Alhussein is referring to the NSX-managed subnets used to connect logical routers together).
• Ahmet Alp Balkan shows how to use mitmproxy to inspect kubectl traffic. I’m now inspired to go do this myself and see what knowledge I can gain.
• Corey Quinn proclaims “BGP is a hot mess”; Ivan Pepelnjak lays out some facts.

Servers/Hardware

I don’t have anything to share this time around, but I’ll stay alert for content to include future Tech Short Takes.

Security

• This basic introduction of firewalld as found in CentOS 8 may prove useful to some readers. I’ve been messing around with firewalld ever since Continue reading

Five Minutes To Magic Time

Have you ever worked with someone that has the most valuable time in the world? Someone that counts each precious minute in their presence as if you’re keeping them from something very, very important that they could use to solve world hunger or cure cancer? If you haven’t then you’re a very lucky person indeed. Sadly, almost everyone, especially those in IT, has had the misfortune to be involved with someone whose time is more precious than platinum-plated saffron.

That’s not to say that we should be wasting the time of those we work with. Simple things like being late to meetings or not having your materials prepared are easy ways to help reduce the time of meetings or to make things run smoothly. Those items are common courtesies that should be extended to all the people you meet, from the cashier that takes your order at a fast food establishment to the most powerful people on the planet. No, this is about something deeper and more insidious.

No Time For Hugs

I’ve seen the kind of behavior I’ve described very often in the higher echelons of companies. People that live at the CxO level often have very little time Continue reading

Heavy Networking 488: Using Genetic Algorithms To Avoid Internet Censorship

Today's Heavy Networking dives into a research project, Geneva, that uses genetic algorithms to evade Internet censorship. The project was developed at the University of Maryland. We drill into how it works with guests Dr. David Levin and graduate student Kevin Bock from the University of Maryland.

The post Heavy Networking 488: Using Genetic Algorithms To Avoid Internet Censorship appeared first on Packet Pushers.

New Applications, More Users Drive Bright Outlook for HPC

According to Hyperion Research, 2018 was a banner year for the high performance computing industry. …

New Applications, More Users Drive Bright Outlook for HPC was written by Michael Feldman at The Next Platform.

Nokia Argues Cloud Native Is Essential to 5G Core

Arm Supercomputer Captures The Energy Efficiency Crown

When it comes to energy-efficient supercomputing, sometimes less is more. That was illustrated this week by Fujitsu with its A64FX prototype, which captured the top spot on the Green500 list. …

Arm Supercomputer Captures The Energy Efficiency Crown was written by Michael Feldman at The Next Platform.

A10 Hires New CEO, No Word on Potential Sale

Learn the basics of electrical engineering for only $25 today.

Without electrical engineers, everything from your home lighting to your smartphone wouldn’t work properly. Needless to say, electrical engineers make our world go round, and it’s them who spearhead the latest innovations in tech. If you’re intent on creating the world’s next revolutionary product, you’ll at least need to understand the basics, and this bundle will get you up to speed for just $25.To read this article in full, please click here

Recommended Networking Resources for September 2019 First Week

Weekly Wrap: Palo Alto Networks Leaps Into SASE Market

Video: Breaking the End-to-End Principle

Original TCP/IP and OSI network stacks had relatively clean layered architecture (forgetting the battle scars for the moment) and relied on end-to-end principle to keep the network core simple.

As always, no good deed goes unpunished - “creative” individuals trying to force-fit their mis-designed star-shaped pegs into round holes, and networking vendors looking for competitive advantage quickly destroyed the idea with tons of middlebox devices, ranging from firewalls and load balancers to NAT, WAN optimization, and DPI monstrosities.

You need free ipSpace.net subscription to watch the video, or a paid ipSpace.net subscriptions to watch the whole How Networks Really Work webinar.

PlanAlyzer: assessing threats to the validity of online experiments

PlanAlyzer: assessing threats to the validity of online experiments Tosch et al., OOPSLA’19

It’s easy to make experimental design mistakes that invalidate your online controlled experiments. At an organisation like Facebook (who kindly supplied the corpus of experiments used in this study), the state of art is to have a pool of experts carefully review all experiments. PlanAlyzer acts a bit like a linter for online experiment designs, where those designs are specified in the PlanOut language.

We present the first approach for statically checking the internal validity of online experiments. Our checks are based on well-known problems that arise in experimental design and causal inference… PlanAlyzer checks PlanOut programs for a variety of threats to internal validity, including failures of randomization, treatment assignment, and causal sufficiency.

As well as pointing out any bugs in the experiment design, PlanAlyzer will also output a set of contrasts — comparisons that you can safely make given the design of the experiment. Hopefully the comparison you wanted to make when you set up the experiment is in that set!

Experimental design with PlanOut

PlanOut is a open source framework for online field experiments, developed by and extensively used at Facebook. To quote Continue reading

Go Notes: Arrays

Go Notes: Arrays