Working on the foundation of this (getting Wire deployed at and certified by the BSI) was my first job out of college 7 years ago and how I ended up in Berlin. And once you end up in Berlin you can never leave, it seems.
I was actually on site at the Bundeskanzleramt and they had requirements of being able to install the entire server stack airgapped. We ended up building quite a cool delivery method based on Nix to ship the whole closure of the system and the containers inside and spin up a Kubernetes cluster with it. I'm wondering if it is still being used.
Yeh. But wire's storage is based on Cassandra which handles replication of storage. So you could deploy it on local nvme drives as well using a local storage CSI.
That's also how the wire.com cloud is/was run. Large Cassandra cluster on top of EC2 Instance Store as opposed to EBS.
The earliest doc I can find quickly shows that the BSI already recommended Wire in 2021 (at least; couldn't find anything earlier). The actual authorization seemed to have happened some time in 2024, but it's possible that just nobody asked for the formal approval before that.
What I'm saying is - just because the BSI authorizes something, doesn't mean that it has to reach the Bundestag ;)
That's not true. Both AWS' as well as GCP's workload identity tokens are not bound to the VM. If you leak the credentials they're valid until they expire. on AWS the expiry is 6 hours (non-configurable). Even if your IAM role has a shorter expiration, the credentials assumed by the VM will always be valid for 6 hours.
That entirely depends on the location of the proxy and the extra conditions you can express. E.g. you could bind it to a source IP and have the proxy check that, or use some overlay network (like tailscale does)
My point was that you don't literally have to run the proxy on localhost in order to scope the request.
Just a heads up: I know it's cool to generate ASCII art with Claude code these Days but for some reason checks the output? Non of the diagrams in the article look correct to me. They all have spacing issues?
You're probably seeing an Android bug. The default Android monospace font borks the spacing of box-drawing characters. It's been like that for several years. EDIT the same thing might happen on some niche Linux distros
Were they generated by D2? I tested naive generation without extra hints/layout settings, and its ascii charts leave a lot to be desired (including worse artifacts than that, like creating too-narrow charts and text overwriting other text that's too close). SVG output might have been much better.
I've been running into _a lot_ of issues with Hyper/Tonic. Like literal H2 spec violations. Try hosting a tonic server behind nginx or ALB. It will literally just not work as it can't handle GOAWAY retries in a H2 spec-compliant way.
If this fixes that I might consider switching.
However, Google is also working in a new grpc-rust implementation and I have faith in them getting it right so holding tight a little bit longer.
I feel like this is false. These companies mostly seem to monitor social media and security mailing lists with an army of LLMs and then republish someone else's free labor as an LLM slop summary as fast as possible whilst using dodgy SEO practices to get picked up quickly.
They do do original work sometimes. But most of it feels like reposted stuff from the open source community or even other vendors
ooo that will be a nice improvement. So many times I've run `jj status`, then saw a file I wanted gitignored, so I'll edit my gitignore, but the file has already been added to the repo so I have to `mv <file> /tmp/ && jj status && mv /tmp/<file> .` to get the file out of the repo.
Yes, that's why I aim to make the checks transparant to the user. You only need to provide the download url for the authentication to take place. I really need to record a small demo of it.
If you care about this stuff you need to in-house auditing and do your own audits with people who care. Then get certified by an external auditor for the paper.
You can start very lightweight with doing spec driven development with the help of AI if you're at a size where you can't afford that. It's better than nothing.
But the important part is you, as a company, should inherently care.
If you rely on an auditor feedback loop to get compliant you've already lost.
Nobody really tries to get technical people to do the work.
Like cool, it's a great idea and would potentially produce positive results if done well, but the roles pay half the engineering roles, and the interviews are stacked towards compliance frameworks.
There's very little ability to fix a large public company when HR is involved
Maybe it should be treated like on-call duty and have the load spread between existing engineers on some kind of schedule, maybe with some extra comp as incentive because it's boring and will take more effort/time in the "easy case" compared to pager duty.
Maybe that's just a goid moment to review your _policy_. About a half of our compute is exactly that, and we just don't have to do this sort of backups, that'd be silly.
We don't deal with the military though, only fintech (prime brokers and major banks, funds) some government. Plenty of certifications (have someone all site all year round),!no silliness.
But companies don't care. They don't want compliance for feel goods, they want compliance because their partners require it. They do the minimum amount required to check the box
Caring about security and comparing about some of the arbitrary hoops you have to jump through for some of these compliance regimes don’t always overlap as much as you’d expect.
I’ve been at companies where we cared deeply about security, but certain compliance things felt like gimmicks on the side. We absolutely wanted to to do the minimum required to check that box so we could get back to the real work.
I was actually on site at the Bundeskanzleramt and they had requirements of being able to install the entire server stack airgapped. We ended up building quite a cool delivery method based on Nix to ship the whole closure of the system and the containers inside and spin up a Kubernetes cluster with it. I'm wondering if it is still being used.
Amazing to see it's still going strong :)
reply