GitHub Was Never About Fun

A few days ago I came across an article by Jared Palmer titled GitHub isn’t fun anymore besides the somewhat clickbait-y title he talks about the changes that GitHub has made to the trending section and how GitHub doesn’t feel fun any more.

Sure, the trending page is a cool little gimmick section where you can see popular repositories (or used to be able too), but GitHub was never about fun or non-code features. GitHub is a tool.

Since Microsoft acquired GitHub they have introduced a lot of great new features, one of which I find extremely useful is GitHub Actions. The code review workflow is awesome, protected branches, free private repositories and more.

Why does everything have to be gamified? I am 32 and part of a generation that has short attention spans and inability to do mundane tasks. Like children, my generation seemingly needs instant gratification, karma, scoreboards, points and other features to keep us engaged.

The way that trending used to work was too easily gamed and did not necessarily mean the quality of the repos was good. I am glad they changed how it works, how it works now is properly more indicative of popularity than the previous way it worked.

If you think GitHub isn’t fun, you should try Bitbucket, it is terrible and literally the worst source management platform around. You’ll know what funless really feels like using Bitbucket where projects go to die.

Fixing The Certbot Issue “The client lacks sufficient authorization/404 Not Found…”

I am a huge fan of Let’s Encrypt and their free SSL certificate service using Certbot. However, recently whilst setting up a new domain name and attempting to get a certificate, I encountered an error I had never experienced before.

The client lacks sufficient authorization :: The key authorization file from the server did not match this challenge

It couldn’t access the folder where it stored the secrets and was resulting in a 404 error. I manually created the folder and I could access it, so why Certbot couldn’t was a mystery.

After some investigation and dead-end Googling, I found the problem and fixed it. I use Linode for my hosting and use the default DNS entries option when adding a new domain.

Well, it turns out by default Linode will add IPv6 AAAA entries to the server and if you do not have Nginx configured to handle IPv6, it will not resolve properly.

It looked something like this:

The culprit was the second entry for the domain with the weird value 2400:8902::f03c:91ff:fe59:f74c this is an IPv6 address and unless you have your server configured to support them, it’ll result in an error when trying to create an SSL certificate.

The fix ends up being rather simple. Either update your server to support those types of addresses or remove the IPV6 entries from your DNS settings and make sure you wait a good 10-20 minutes before trying again.

Ditching Travis CI For GitHub Actions

I have been using Travis CI for my continuous workflow needs for a very long time now. It does what it does and it does it well. However, Travis is an additional service you have to configure and login to, it is a bit disjointed from the code itself.

When GitHub announced Actions, it was a game-changer. Essentially, it was Travis CI embedded into GitHub itself. Over time, the community have run with GitHub Actions and now there are numerous “recipes” to do tasks inside of your actions.

When the feature was first announced and released, it had some teething issues. I actually gave up on GitHub Actions after running into issues I just didn’t bother working around and stuck with the tried and tested Travis CI.

Fast forward to now and I have begun switching over my own projects to use GitHub Actions as well as numerous Npm packages and open-source projects I contribute too are also equally making the switch.

To me, one of the biggest drawcards of GitHub Actions is they are coupled to the repository itself. I try and reduce the number of external dependencies in my projects as much as possible (within reason).

In the past, I have run into issues configuring Travis CI. I once struggled getting Travis CI setup to rsync some files via SSH to a remote server, spending hours upon hours trying to use the Travis CLI to generate an encrypted file in the format it expects .enc I eventually got there, but it as painful.

Ironically, I recently was tasked with creating a build in GitHub Actions that deployed via SSH and it was easy, using a script from the marketplace, I had it all working in five minutes. You can store the private key itself inside of a secret (which is not visible to anyone).

I was never doing anything overly complicated in Travis CI, so I doubt I will notice any difference switching over. The speed of GitHub Actions does seem to be faster (in both spin up and build time), so that is a huge plus.

The Australian CovidSafe App Doesn’t Even Work On iOS Properly

And the government wonders why people were sceptical of the CovidSafe rollout (besides the very real safety concerns). It seems the CovidSafe rollout is flawed, with the discovery that the iOS version doesn’t even work properly.

Software developer Joshua Byrd recently posted his findings on Twitter and they’re pretty damning. Basically, the app will only ever work in the foreground with the screen on for iOS users.

On a technical level as explained in further Tweets, the phone will not broadcast UUID’s unless it is open. Coincidentally, the same issue was reported with Singapore’s app which CovidSafe is based upon and seemingly, nobody learned their lesson from.

Basically, unless you are aware of the power saving mode which just makes you leave the app open in your pocket upside down meaning you can’t use any other apps, the app itself is useless for a majority of iOS users.

Apple and Google have been working on their own OS level contact tracing API’s and presumably, it would be in the interest of the Australian government to migrate over to these API’s asap. Not only from a technical perspective, but also to alleviate privacy concerns users have over the app being used in the future as a surveillance tool.

Why Is Voat Still A Thing?

Remember Voat? The non-censored alternative to Reddit that saw an influx of users in 2015 after Reddit started cleaning up its house a bit and claims of censorship became a hot button issue that drove people away from Reddit.

The site has now become an anti-vaxxer, conspiracy theorist platform that resembles an uncontrollable raging dumpster fire. Although to be fair, the site was always teetering on the edge even in the beginning.

After Reddit started banning subreddits such as those dedicated to PizzaGate, many moved over to Voat. And when the whole QAnon thing came to be and Reddit subsequently banned that community, they also moved to Voat.

As you can see, Voat sure knows how to attract the right people to its platform. I haven’t been to the site in years, so it was an interesting experience to go and see what constitutes front-page material these days and well, the screenshots speak for themselves.

Given the COVID-19 pandemic is a hot button issue right now, it is not unexpected to see a tonne of paranoid conspiracy theories surrounding vaccinations and COVID-19.

My question is, how is Voat even still alive? Many of its subverses (sub communities) seem to be completely dead like /v/javascript and the only ones that seem to be thriving are the conspiracy theory sub communities.

I Am Starting To Lose Respect For Elon Musk; Has He Become Unhinged?

The signs have been there for a while now. Elon Musk is the eccentric real life version of Tony Stark, who some believe is going to save the world with his forward thinking investments and ideas like making electric vehicles cool or making his own rockets.

But, for all of Elon’s great and commendable achievements, come some highly questionable decisions and remarks. Known for his non-corporate approach to communication, he has landed himself into hot water a few times now.

One of the most notable instances is when he called a scuba diva who helped rescue some kids trapped in a Thai cave a “pedo” it landed him in court.

Then there is Elon’s run ins with the SEC for his Tweets which has been perceived as market manipulation.

The Coronavirus panic is dumb, will go down as one of the stupidest things such an intelligent person has ever said. Then he voiced his doubts on the connection between COVID-19 and the deaths in Italy.

And more recently, Musk called for America to be “freed” in a Boomer style all-caps Tweet, FREE AMERICA NOW. The kind of remark that wouldn’t sound out of place at a Trump MAGA rally or pro-gun lobby funded event deriding legislation to take away their guns. You only have to look at some of the responses agreeing with Elon affiliated with the “right” many who are self described patriots according to their bios.

Many would argue that Elon has never been completely hinged to begin with. The awkward genius that seemingly can do no wrong amongst with die-hard fanbase.

The New Imgflip AI Meme Generator Is Fun (and dark)

I love a good meme and when I encountered Imgflip’s AI meme generator recently, even more so. As I cycled through the generator I noticed that it started producing some interesting memes.

The site describes the process for obtaining data to produce some of the AI memes:

The network was trained using public images generated by users of the Imgflip Meme Generator for the top 48 most popular Meme Templates. Beware, no profanity filtering was done on the training data so you may encounter vulgarity.

I have spent a lot of time just randomly generating memes, more than I would like to admit. It produces some questionable memes and some good ones as well.

The Eric Andre “why would” meme perhaps produced some of the darkest memes of all.

One of my favourite of the bunch is this one, which seems quite accurate:

And finally, one of my favourites:

You will never be a good communist.

I downloaded the Australian government’s CovidSafe Tracking App (so you don’t have too if you don’t wanna)

The controversial Australian government contact tracing application based on the Singapore version has finally been released for Australians. Understandably, a lot of people are concerned about their privacy and whether or not the government messed this up.

I had a spare phone lying around, so I installed the application for the lols. I decided to see if I could find anything nefarious with the app or if it drains my battery like Singaporeans reported their app did.

I am talking about the Android version in this article, presumably the Apple version is also the same, albeit when we speak about permissions, iOS offers its own set of permissions that developers can request.

Firstly, I commend the Australian government to an app which doesn’t look terrible. Usually, government built apps look terrible and work terribly, probably because it’s not a from-scratch application and based on Singapore’s app TraceTogether.

This is not going to be a technical deep-dive on the application or decompiling it and discussing lines of code. If you’re looking for the decompiled source, the community has already started doing that here. Although, the Australian government says the code will be made open source, who knows if or when that will be happening.

It appears on the surface the app is quite unremarkable. Like the Singapore version, it encrypts your data locally on your device and only through a request can you allow your data to be decrypted. Right now as the app currently stands, it seems safe. However, I have valid concerns which you should also have.

Does CovidSafe Drain My Battery?

From what I could see running it for a few hours, no. While I did not go out and try and get it to make a “trace handshake” with anyone else, it appears the app doesn’t use that much battery. In the few hours I used it, I saw a few percent drop which is nothing compared to Spotify, Pokemon Go or YouTube.

The application also appears to work fine in the background on Android as well. You get a notification telling you the app is active in the background and that’s it. There is no need to run the app and have it the only one open meaning you can interact and use other apps and features on your phone.

ACCESS_FINE_LOCATION

While the app only appears to access Bluetooth right now and uses it to determine the vicinity you are in relation to other app users, the app asks for the ACCESS_FINE_LOCATION permission on Android. If you read up on this permission here in the Android documentation, pay close attention to what it provides.

Allows the API to determine as precise a location as possible from the available location providers, including the Global Positioning System (GPS) as well as WiFi and mobile cell data.

Without fearmongering, I want to point out that the application at the time of writing this only ever uses Bluetooth. The ability to use GPS or anything else for location does not appear to be in the current application.

In theory, there is nothing stopping the Australian government from making an update which allows them to also track your location via GPS. This permission gives the app the ability to track GPS data if it wanted too, but I want to stress again, the app does NOT currently do this.

Concerns About Privacy

The CovidSafe application as far as I can see is safe. It does everything that the government said it would and it also appears to not be sending anything off in secret to the government or tracking your movements. However, I implore you the reader to be sceptical for a few reasons.

The first reason relates to the government’s mandatory data retention legislation. Law enforcement agencies are being given browser history of people under investigation, despite the fact the legislation specifically excluding it.

Given the LNP passed such legislation in 2015 and ever since there have been numerous reports and instances of metadata being incorrectly given to agencies, people and agencies getting access to data that they shouldn’t and overall confusion around how the scheme and subsequent legislation works.

Since the introduction of this legislation, there has also been significant scope creep where more and more agencies and bodies are able to access metadata. (from Greyhound Racing Victoria to Consumer Affairs and various local councils). If you think only law enforcement and national security agencies can access your metadata, think again.

A very real scenario

The second and most important reason relates to the controversial encryption weakening legislation that was passed in 2018. Given everything that has happened since then, it’s easy to forget this legislation passed and still exists.

If you think that the concerns around privacy and data are invalid, looking no further than law enforcement agencies asking for added capabilities to be added into the application. A request which the Morrison government knocked back, but the fact they even asked in the first place should concern you.

Here is where things get muddy and it’s a concern that not even the government can reassure citizens on. The encryption weakening legislation passed in 2018 could in theory, allow the government to add in a backdoor or added features to the application in a stealth update and nobody would be allowed to say anything.

All of the legal provisions are there to allow the Morrison government to enable this application (with a few lines of added code) to become something that can track your location through GPS given the permission to do so has already been granted.

Legally speaking (I am not a lawyer) the interpretation of all of this is the promised safeguards for the CovidSafe app would NOT override the backdoor encryption legislation or any other established legislation if they were to ever conflict with one another. As such, the reassurances and promises that protections are in place for CovidSafe are nothing more than empty words.

While I do not doubt that this app could be incredibly effective in helping trace COVID-19 infections and spread, there are just too many unknowns for me to consider installing this app. At the end of the day, make the decision that feels right to you and do not let this post or anyone else’s opinion do anything more than inform you and allow you to make your own decisions.

Dinnerly Australia — COVID-19 Review

As I explained in my HelloFresh review here, we have been trying out at home meal kits because of the shortages of basics in the grocery stores here in Australia such as; mince, flour, eggs and so on.

After trying HelloFresh, we decided to try out Dinnerly which markets itself as, “Australia’s most affordable home dinner kit” it’s actually owned by Marley Spoon, just a cheaper version for those who cannot afford Marley Spoon which is one of the more expensive options.

First Impressions

The ordering experience itself was smooth. Enter your details and then choose your meals, it’s a similar story to HelloFresh and presumably every other meal kit service out there.

The menu we were shown for the week we were ordering was a stark contrast to HelloFresh. The affordability aspect of Dinnerly is most of their meals have just six ingredients and basic ones.

We got a box with four meals, and two portions in each. We assumed like HelloFresh, the portions would be massive and feed my wife and I as well as our two young kids.

On the surface, this all looks great. I was particularly excited for the tacos and if you’re wondering why I rated them 1 star, keeping reading because I explain why further down.

You get what you pay for

Like anything in life, when you pay less you get less. With Dinnerly the meals are the kinds of things that anyone with a copy of Jamie Oliver’s cheap meal recipe books would expect to make. Chillis, curries and chicken/veg.

The first sign you have ordered a cheap meal kit is the packaging. This is no HelloFresh, the ingredients are kind of just thrown into the small box that ships to your door. Nothing is categorised by colour or any system, you have to dig through and find what you’re looking for.

Quality-wise, the produce just didn’t look that good. The vegetables and salads just looked less fresh than what you might find in a supermarket. Allegedly they come straight from the farm, which is maybe an acronym for some large freezer where they keep everything stored.

Our favourite meal by far was the parmesan meatloaf, it was a pleasant surprise given we are not big meatloaf eaters. It was actually a really nice meal, we had this on the first day. It was a nice introduction to Dinnerly, until the subsequent nights.

Weird pantry staples

Because you get less in the box, you’re required to provide more pantry staples beyond oil, salt and pepper. For the Chimichurri Chicken recipe, this is what the recipe asks you to provide; red wine vinegar, 1 garlic clove, honey and olive oil from the pantry. The Indian Halloumi Curry required; 2 garlic cloves, olive oil and tomato paste.

Perhaps the most demanding of all of the recipes in terms of pantry staples was the Beef and Parmesan meatloaves. This recipe required you to provide; 1 egg, olive oil, tomato paste, Worcestershire sauce and tomato sauce.

This is a recurring theme with Dinnerly. They might ship you 6 ingredient meals, but they require you to have another six ingredients in your pantry. The oil is a common staple, but tomato paste not so much.

I am looking at this through a distorted HelloFresh lens and with HelloFresh they required pantry staples as well, but never to this degree. At most HelloFresh required oil, butter and an occasional egg. Never tomato paste, tomato sauce or anything else. They also always provided garlic when needed.

The Ranchero Taco Incident 2020

This is the recipe we were looking forward to the most. After eating our way through the collection of so-so meals, the tacos seemed like the redeeming meal of the week (or so we thought).

After meticulously following the steps, as the mince was cooking a noticeable amount of fat was present. The recipe calls for 1 tsp of olive oil added to the pan before cooking the mince, we didn’t do that and it was a good call considering the pan was incredibly oily, it didn’t need any more.

The disappointment of these tacos emanated around the dining table. Our kids who love tacos and were excited for these as well barely ate any. My wife and I were similarly disgusted with the amount of fat dripping onto the plate.

There was so much oil on our plates, I was convinced that the USA was preparing to invade our dining room.

This incident really cemented that Dinnerly was not for us. We are not food snobs, we just don’t like being drowned in copious amounts of oil and meals that have some semblance of taste in them.

Maybe we got a bad box or maybe Dinnerly is so focused on cutting costs and being affordable they’re willing to send inferior meat and produce to their subscribers.

I was so disappointed I contacted Dinnerly to let them know of my disappointment and frustration. I felt misled, these tacos were meant to taste good, how hard is it to make tacos? While they apologised, they said they would pass on my feedback to the “culinary team” which is probably code for, “We’re not going to do anything”

We will not be paying to try Dinnerly again. I wouldn’t recommend Dinnerly to my friends, family or even my enemies. It was subpar and disappointing, really not that much cheaper than HelloFresh. Save your money and get a HelloFresh box instead or just buy your own ingredients, your chances of disappointment will be so much lower.

COVID-19 Remote Is Not Working Real Remote Work

Globally, many of us are all in the same unfortunate and unprecedented situation because of the Novel Coronavirus COVID-19. I am fortunate to both work in an industry where I still have a job and for a company mostly unaffected by COVID-19.

Sadly, for many, this is not the case as people find themselves out of work through no fault of their own. For others, they find themselves working remotely; for many, it’s their first time.

With many countries in some kind of lockdown, unnecessary travel has meant we can only leave the house for essential purposes like food and exercise. It’s a difficult time for everyone for a multitude of reasons.

I have been fortunate to already work remotely for the last two-and-a-half years. Working remotely is not a new experience to me, but working remotely during the COVID-19 pandemic is a unique and trying experience.

I want you to know as someone who worked remotely before this, that if you’re finding remote work difficult right now, this is not what is usually looks like. It’s not this difficult or stressful; it’s terrific if done right.

I am not the most outgoing person in the world, but not being able to go out for dinner, to a Cafe, for a nice breakfast somewhere or catch up for a beer with a friend. You do not realise you are more social than you are until you can’t be.

Right now, there is no separation of work and life. We work at home, and then we stay at home. We sleep and wake up at home, and we work at home. The need to run errands and other non-essential activities have taken a backseat for us all for the time being.

We are all stressed. We’re currently experiencing COVID-19 news fatigue, distant from friends and family. For those of us who have kids, they’re probably at home and causing some new logistic problems to work around.

For many suddenly forced to work from home, it sucks for you right now. Many are probably begging to go back into the office and have some kind of colleague interaction. The situation you find yourself in right now is not remote work; this is self-imprisonment. People shouldn’t be forced to work remotely, merely given the option to take it or leave it.

For our family, we have two young kids at home. My wife is studying to be a nurse, and she relied on our 4.5-year-old energetic sun going to kindy so she could study and complete all of the extra subjects she took on to finish her degree faster. All of a sudden, he is home, and our 1.5-year-old daughter exploring cupboards and draws is as well.

The house is chaotic at the best of times, sometimes it’s Armageddon as our son, in particular, is used to playing with other kids, playing on the playground or doing things outside. He loves the science centre and Dreamworld theme park, both of which are not possible right now.

Don’t let this pandemic warp your perspective or make you think that working remotely is always this stressful and terrible; it’s not. When all of this passes, I hope many give it another go and realise that working from home during a pandemic versus not working during a pandemic are two different experiences.

If you are struggling to work remotely right now, that’s to be expected given the circumstances. But, when things go back to normal (whenever that is) you will appreciate the flexibility and cost-savings of working remotely versus an office and commute.

Times are tough for everyone right now. We will get through this.