Share this page!

Jan Schaumann Profile picture
Twitter logo
1 Apr, 4 tweets, 1 min read
Oh, lol, looks like Azure DNS is busted right now. That's... gotta hurt.
How’d I notice? I didn’t receive an email to my @FollowStevens address, because my mail server doesn’t talk to MTAs that it can’t reverse the IP address for, which is a great lesson for my students, since we _just_ discussed SMTP and spam protections. 😂

So yeah, “there is no cloud, only other people’s computers” once again.
Also: rule #1 of outage pages: make sure your outage page doesn’t rely on the things it’s reporting outages for.

status.azure.com 👀

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Jan Schaumann

Jan Schaumann Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @jschauma

Jan Schaumann Profile picture
3 Apr
Look, your email validation logic is very, very likely wrong.

A few examples:
Email addresses can contain multiple '@'s.

Well, SMTP "RCPT TO" anyway, where this is valid:

@1st.relay,@2nd.relay:user@final.domain

MTAs generally don't relay them any more, but most seem to accept and deliver to user@final.domain.
Bang paths may be accepted.

No, not what you think, you pig. UUCP. This is valid:

relay.domain!user@domain

Your MTA will probably reject this as an attempt to relay, but, hey, it's valid, although RFC5321 does not tell you to treat "!" special.
Read 17 tweets
Jan Schaumann Profile picture
10 Feb
10 Software Engineering Laws Everybody Loves to Ignore

A Twitter 🧵
1. Conway's Law

Also known as: "You will ship your org chart."

"Any organization that designs a system will produce a design whose structure is a copy of the organization's communication structure."
You may _think_ you can avoid it via cross-functional standup meetings and stakeholder updates and decision matrices, but eventually and inevitably conflicting or diverging priorities will lead to equally conflicting or divergent processes and outcomes.
Read 19 tweets
Jan Schaumann Profile picture
6 Aug 20
7 battles #infosec has lost but we keep wasting efforts on trying to fight again and again nonetheless:
1) Users will always click on links in emails.

Stop trying to teach them to distinguish "bad" and "good" links. Instead, focus on ensuring their computer cannot be compromised by visiting a website and phished credentials are time-limited or otherwise useless to the attacker.
2) Users will pick bad passwords that they then reuse.

You can get _some_ users to use a password manager, but you can't enforce good passwords and practices. The only real solution is multi-factor auth, preferably via FIDO U2F and/or biometrics.
Read 10 tweets
Jan Schaumann Profile picture
1 Apr 20
A Few Simple* Rules To Build Scalable Tools

🧵 👇

* "simple", yes, in nature; consistently applying them requires discipline
Don't assume you can write intermediate data to a temporary file. Avoid I/O where possible. Avoid state.

Don't try to read all input into memory. Process as a stream.

When implementing e.g., an HTTP API, don't generate all data in one go. Paginate results.
Don't hardcode assumptions and user- or environment- specific settings. Separate code and config.

Don't leak tokens or passwords. Separate config from secrets.

Don't trust input outside of your control. Assume a hostile environment.
Read 8 tweets
Jan Schaumann Profile picture
11 Mar 20
So You Have A Jira Queue...

A brief Twitter r̶a̶n̶t̶ 🧵 on responsible ticket management, born out of years of frustration:
There's few things as frustrating in a large organization as diligently filing a ticket or reporting a problem only for it to sit there without anybody looking at it until it's closed by some automated job marking it as stale because it hasn't seen any updates in a year.
If you have a product that warrants a ticket queue, then you owe it to your users to manage it just as you owe it to your team to manage their workload.

Proper ticket management helps you set expectations, drive metrics, gain insights, and allow others to rely on you.
Read 19 tweets
Jan Schaumann Profile picture
25 Jan 20
(A few) Ops Lessons We All Learn The Hard Way -- a Twitter 🧵:
1. Email is the worst monitoring and alerting mechanism except for all the others.

2. Absence of a signal is itself a signal.

3. The severity of an incident is measured by the number of rules broken in resolving it.
4. The mobile hotspot you're paying for so you can leave your house while you're oncall only works at home and in the office.

5. The only other person who knows how this works is also on vacation.
Read 51 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @jschauma has new unrolls!

Check out other threads from @jschauma!

Read all threads by @jschauma