Matt Moyer
@moyer.dev
Reposted by Matt Moyer
good morning and welcome to 2025
January 6, 2025 at 4:20 PM
good morning and welcome to 2025
Reposted by Matt Moyer
Each and every fresh snow reveals how much we’ve over-designed our streets and roads for cars, making them faster and more dangerous for everyone, and how much space we could reclaim for people and public life if we thought about street design differently.
We call them #sneckdowns. #sneckdown
We call them #sneckdowns. #sneckdown
November 22, 2024 at 3:35 PM
Each and every fresh snow reveals how much we’ve over-designed our streets and roads for cars, making them faster and more dangerous for everyone, and how much space we could reclaim for people and public life if we thought about street design differently.
We call them #sneckdowns. #sneckdown
We call them #sneckdowns. #sneckdown
Reposted by Matt Moyer
My latest in Bloomberg CityLab:
Kansas City is a pioneer using microtransit, one of the hottest ideas in public transit.
But KCATA chief Frank White told me microtransit’s costs are astronomical, 10x more than a fixed-route bus. He thinks the hype is overblown.
www.bloomberg.com/news/article...
Kansas City is a pioneer using microtransit, one of the hottest ideas in public transit.
But KCATA chief Frank White told me microtransit’s costs are astronomical, 10x more than a fixed-route bus. He thinks the hype is overblown.
www.bloomberg.com/news/article...
Kansas City Looks Back on its Long, Costly Ride With Microtransit
Since 2016, the Kansas City Area Transportation Authority has offered door-to-door trips from on-demand shuttles. Here’s what the transit operator has learned.
www.bloomberg.com
December 5, 2024 at 1:34 PM
My latest in Bloomberg CityLab:
Kansas City is a pioneer using microtransit, one of the hottest ideas in public transit.
But KCATA chief Frank White told me microtransit’s costs are astronomical, 10x more than a fixed-route bus. He thinks the hype is overblown.
www.bloomberg.com/news/article...
Kansas City is a pioneer using microtransit, one of the hottest ideas in public transit.
But KCATA chief Frank White told me microtransit’s costs are astronomical, 10x more than a fixed-route bus. He thinks the hype is overblown.
www.bloomberg.com/news/article...
Reposted by Matt Moyer
You surely having nothing better to do on a Thankgiving night than reading about the new AWS SSO PKCE authentication flow!
blog.christophetd.fr/pkce-aws-sso/
tl;dr: Contrary to device code authentication, it can't be used for phishing, but there's still no way to disable device code authentication
blog.christophetd.fr/pkce-aws-sso/
tl;dr: Contrary to device code authentication, it can't be used for phishing, but there's still no way to disable device code authentication
The New PKCE Authentication in AWS SSO Brings Hope (Mostly) - Christophe Tafani-Dereeper
In 2021, I wrote about how offensive actors can leverage AWS SSO device code for phishing, rendering modern security controls like FIDO authentication or identity provide device posture ineffective: P...
blog.christophetd.fr
November 29, 2024 at 12:01 AM
You surely having nothing better to do on a Thankgiving night than reading about the new AWS SSO PKCE authentication flow!
blog.christophetd.fr/pkce-aws-sso/
tl;dr: Contrary to device code authentication, it can't be used for phishing, but there's still no way to disable device code authentication
blog.christophetd.fr/pkce-aws-sso/
tl;dr: Contrary to device code authentication, it can't be used for phishing, but there's still no way to disable device code authentication
Reposted by Matt Moyer
I wrote some guidance on how to use AWS's new RCP feature: www.wiz.io/blog/how-to-...
How to use AWS Resource Control Policies | Wiz Blog
Unlock the Power of AWS Resource Control Policies: Enforce Security and Streamline Governance Across Your Organization.
www.wiz.io
November 28, 2024 at 2:38 PM
I wrote some guidance on how to use AWS's new RCP feature: www.wiz.io/blog/how-to-...
Reposted by Matt Moyer
Does anyone have good resources that discuss authorization, particularly in a distributed system? Not like _how_ but when/where to do it.
eg. do you authorize at every network boundary? only at the gateway? everywhere in the code?
eg. do you authorize at every network boundary? only at the gateway? everywhere in the code?
November 25, 2024 at 4:47 AM
Does anyone have good resources that discuss authorization, particularly in a distributed system? Not like _how_ but when/where to do it.
eg. do you authorize at every network boundary? only at the gateway? everywhere in the code?
eg. do you authorize at every network boundary? only at the gateway? everywhere in the code?
Reposted by Matt Moyer
We should redesign cities for autonomous kids, not autonomous cars.
November 23, 2024 at 4:53 AM
We should redesign cities for autonomous kids, not autonomous cars.
Reposted by Matt Moyer
Reposted by Matt Moyer
November 19, 2024 at 1:55 PM
Reposted by Matt Moyer
Re: the DOJ / Chrome story - it's bad news.
Browsers are massive and costly. Underdogs like Brave are the wrong benchmark: they tap into Google's work.
And there's nothing that ChromeCo can sell to pay its bills that wouldn't hurt users worse than the ad dollars they're relying on today.
Browsers are massive and costly. Underdogs like Brave are the wrong benchmark: they tap into Google's work.
And there's nothing that ChromeCo can sell to pay its bills that wouldn't hurt users worse than the ad dollars they're relying on today.
November 19, 2024 at 2:18 AM
Re: the DOJ / Chrome story - it's bad news.
Browsers are massive and costly. Underdogs like Brave are the wrong benchmark: they tap into Google's work.
And there's nothing that ChromeCo can sell to pay its bills that wouldn't hurt users worse than the ad dollars they're relying on today.
Browsers are massive and costly. Underdogs like Brave are the wrong benchmark: they tap into Google's work.
And there's nothing that ChromeCo can sell to pay its bills that wouldn't hurt users worse than the ad dollars they're relying on today.
Reposted by Matt Moyer
Speed reading @skamille.bsky.social & Ian Nowland's new book: Platform Engineering
Interesting tidbits in 🧵
paved roads 🛣️: “layers multiple offerings together into easy-to-use workflows”
vs
railways 🚟 building to fill a "meaningful gap that is not covered by any existing product”
Interesting tidbits in 🧵
paved roads 🛣️: “layers multiple offerings together into easy-to-use workflows”
vs
railways 🚟 building to fill a "meaningful gap that is not covered by any existing product”
November 18, 2024 at 10:59 AM
Speed reading @skamille.bsky.social & Ian Nowland's new book: Platform Engineering
Interesting tidbits in 🧵
paved roads 🛣️: “layers multiple offerings together into easy-to-use workflows”
vs
railways 🚟 building to fill a "meaningful gap that is not covered by any existing product”
Interesting tidbits in 🧵
paved roads 🛣️: “layers multiple offerings together into easy-to-use workflows”
vs
railways 🚟 building to fill a "meaningful gap that is not covered by any existing product”
Reposted by Matt Moyer
one to two billion files in a folder: an easy weeknight dinner. you will definitely not regret one to two billion files in a folder.
Looking for a new key-value store?
Try a billion files in a folder. Your filesystem won't mind.
A billion files in a folder will just work. Don't worry about it.
A billion files, in one folder.
Live your life. You don't need a fancy piece of software, you have XFS.
Try a billion files in a folder. Your filesystem won't mind.
A billion files in a folder will just work. Don't worry about it.
A billion files, in one folder.
Live your life. You don't need a fancy piece of software, you have XFS.
November 13, 2024 at 11:01 PM
one to two billion files in a folder: an easy weeknight dinner. you will definitely not regret one to two billion files in a folder.
Reposted by Matt Moyer
A quick blog on an interesting potential foot gun in #kubernetes RBAC where GET rights can allow for command execution in pods.
raesene.github.io/blog/2024/11...
raesene.github.io/blog/2024/11...
When is read-only not read-only?
raesene.github.io
November 11, 2024 at 2:37 PM
A quick blog on an interesting potential foot gun in #kubernetes RBAC where GET rights can allow for command execution in pods.
raesene.github.io/blog/2024/11...
raesene.github.io/blog/2024/11...
Reposted by Matt Moyer
Very important finding on crosswalks, yield rates, and speed.
At 20 mph, 3 out of every 4 drivers yield to a pedestrian in the basic crosswalk.
At just 30 mph, that rate drops to 1 in 8 drivers.
At 20 mph, 3 out of every 4 drivers yield to a pedestrian in the basic crosswalk.
At just 30 mph, that rate drops to 1 in 8 drivers.
November 7, 2024 at 4:49 PM
Very important finding on crosswalks, yield rates, and speed.
At 20 mph, 3 out of every 4 drivers yield to a pedestrian in the basic crosswalk.
At just 30 mph, that rate drops to 1 in 8 drivers.
At 20 mph, 3 out of every 4 drivers yield to a pedestrian in the basic crosswalk.
At just 30 mph, that rate drops to 1 in 8 drivers.
Reposted by Matt Moyer
This is for those building Kube APIs, in @crossplane_io or any CRD. @_surbaniak and I will dive into Kube API evolution. What's the mental model, which patterns work, which don't.
No rants how bad or hard it is. Pure knowledge to navigate the domain.
https://sched.co/1i7qn
No rants how bad or hard it is. Pure knowledge to navigate the domain.
https://sched.co/1i7qn
KubeCon + CloudNativeCon North America 2024: The Missing Talk About API Versioning &...
View more about this event at KubeCon + CloudNativeCon North America 2024
kccncna2024.sched.com
November 7, 2024 at 5:24 PM
This is for those building Kube APIs, in @crossplane_io or any CRD. @_surbaniak and I will dive into Kube API evolution. What's the mental model, which patterns work, which don't.
No rants how bad or hard it is. Pure knowledge to navigate the domain.
https://sched.co/1i7qn
No rants how bad or hard it is. Pure knowledge to navigate the domain.
https://sched.co/1i7qn
Reposted by Matt Moyer
The cross-sign of ISRG Root X1 by DST Root CA X3 has now expired.
It's been 10 years in the making, but Let's Encrypt is now a fully standalone certificate authority, trusted by the vast majority of browsers and other devices 🔐
It's been 10 years in the making, but Let's Encrypt is now a fully standalone certificate authority, trusted by the vast majority of browsers and other devices 🔐
October 1, 2024 at 4:34 PM
The cross-sign of ISRG Root X1 by DST Root CA X3 has now expired.
It's been 10 years in the making, but Let's Encrypt is now a fully standalone certificate authority, trusted by the vast majority of browsers and other devices 🔐
It's been 10 years in the making, but Let's Encrypt is now a fully standalone certificate authority, trusted by the vast majority of browsers and other devices 🔐
Reposted by Matt Moyer
people (on here) yelled at me about this when i said it before but a) you need traffic enforcement and b) speed cameras are vastly preferable to cops.
“…when speed cameras are doing the ticketing, the proportion of tickets issued to Black and white drivers aligns closely with their respective share of roadway users. With human enforcement, in contrast, police officers stop Black drivers at a rate that far outstrips their presence on the road.”
Police stop more Black drivers, while speed cameras issue unbiased tickets − new study from Chicago
‘Driving while Black’: Researchers found that Black drivers make up 70% of police traffic stops on roads where only half the drivers are Black.
theconversation.com
September 30, 2024 at 9:06 AM
people (on here) yelled at me about this when i said it before but a) you need traffic enforcement and b) speed cameras are vastly preferable to cops.
Reposted by Matt Moyer
some Go web dev notes jvns.ca/blog/2024/09...
September 28, 2024 at 1:31 PM
some Go web dev notes jvns.ca/blog/2024/09...
Reposted by Matt Moyer
JEFFERSON CITY, Mo. (AP) — Missouri high court rules a measure to restore abortion rights will be on the ballot, despite Republican opposition.
September 10, 2024 at 7:25 PM
JEFFERSON CITY, Mo. (AP) — Missouri high court rules a measure to restore abortion rights will be on the ballot, despite Republican opposition.
Reposted by Matt Moyer
The people who live in the single-family homes next to the lot that's slated to be turned into an affordable housing complex will always turn out to the community engagement meeting. The people who don't yet live in the affordable housing complex obviously won't. We have to change this system.
If your vision of society means that being a good citizen in a functioning society that builds enough housing will require attending multiple hours-long meetings per month...then your expectations are way, way, WAY too high. People should not have to do that--and they mostly won't.
August 23, 2024 at 10:07 PM
The people who live in the single-family homes next to the lot that's slated to be turned into an affordable housing complex will always turn out to the community engagement meeting. The people who don't yet live in the affordable housing complex obviously won't. We have to change this system.
Reposted by Matt Moyer
ICYMI: Missouri just imposed a new mandate for Kansas City to spend 25% of its general revenue on the police.
AND local officials will have no say in how their $ gets spent by the police department—since it's a rare city with no control over the police. boltsmag.org/kansas-city-...
AND local officials will have no say in how their $ gets spent by the police department—since it's a rare city with no control over the police. boltsmag.org/kansas-city-...
“A Vote Against Democracy”: Missouri Forces One City to Lock In More Money for Police
Voters approved a statewide measure requiring Kansas City to spend at least 25 percent of its general revenue on police. It’s the only city in the state with no control over how it’s policed.
boltsmag.org
August 8, 2024 at 11:13 PM
ICYMI: Missouri just imposed a new mandate for Kansas City to spend 25% of its general revenue on the police.
AND local officials will have no say in how their $ gets spent by the police department—since it's a rare city with no control over the police. boltsmag.org/kansas-city-...
AND local officials will have no say in how their $ gets spent by the police department—since it's a rare city with no control over the police. boltsmag.org/kansas-city-...
Reposted by Matt Moyer
We got tricked by science fiction into thinking a futuristic city is all about flying cars and crystal towers and hologram billboards but what it really looks like is nice apartment blocks, good mass transit, pedestrian zones with shade trees and safe bike lanes.
June 26, 2024 at 9:14 PM
We got tricked by science fiction into thinking a futuristic city is all about flying cars and crystal towers and hologram billboards but what it really looks like is nice apartment blocks, good mass transit, pedestrian zones with shade trees and safe bike lanes.
Reposted by Matt Moyer
Can't believe Little Bobby Tables is all grown up and has had their first kid, Ignore All Previous Instructions
June 28, 2024 at 1:02 AM
Can't believe Little Bobby Tables is all grown up and has had their first kid, Ignore All Previous Instructions
Reposted by Matt Moyer
This was a fun and challenging feature to build, so happy it's finally rolling out!
If you wanna read a bit about how I built the backend for it, check out this blog post - jazco.dev/2024/04/20/r...
Roaring Bitmaps are a really neat datastructure and have a lot of uses in large-scale systems :)
If you wanna read a bit about how I built the backend for it, check out this blog post - jazco.dev/2024/04/20/r...
Roaring Bitmaps are a really neat datastructure and have a lot of uses in large-scale systems :)
June 12, 2024 at 5:44 PM
This was a fun and challenging feature to build, so happy it's finally rolling out!
If you wanna read a bit about how I built the backend for it, check out this blog post - jazco.dev/2024/04/20/r...
Roaring Bitmaps are a really neat datastructure and have a lot of uses in large-scale systems :)
If you wanna read a bit about how I built the backend for it, check out this blog post - jazco.dev/2024/04/20/r...
Roaring Bitmaps are a really neat datastructure and have a lot of uses in large-scale systems :)