Not deploying a simple HTTP header, something that literally every website security scan out there would flag, is apparently not a sign of crappy security practices, folks.
My sidekiq process (specifically the one handling the "push" queue) just ran into its ulimit for some reason and started failing jobs with "Too many open files - getaddrinfo".
Monitoring shows that the open socket count has been increasing ever since I updated to 2.1, making me think it's somehow leaking sockets. Is anyone else seeing this?
If your monitoring isn't tracking this, you can count manually with:
ls -l /proc/<SIDEKIQ_PID>/fd | wc -l
Amazon launched a preview of their Translate API today, and there's no attribution requirement! 🎉
This service is the best fit for Mastodon so far, so I can probably (finally!) push that feature once they release the Ruby SDK and process my preview application.
We might be looking at another "Apple pls sign firmware with backdoor" court case soon: https://9to5mac.com/2017/11/19/unlock-texas-shooter-iphone-se/
Unlike the San Bernardino case, this iPhone has a Secure Enclave. Law enforcement could try to find someone that sells them an exploit (which should not be an option unless there's a design flaw in the Secure Enclave), or they could go through the courts, who could force them to sign firmware that disables PIN rate-limiting and the auto-wipe feature.
Update imagemagick. Again.
mastodon.at admin | Software Development | DevOps | InfoSec | @patfigel on Twitter | keybase.io/pfg | GPG: 286BE9D35F9FE18A | DM for Signal | Vienna, Austria
This instance was shut down on March 31st, 2020.