Feuerfest

Photo by Tima Miroshnichenko: https://www.pexels.com/photo/a-computer-monitor-5380589/

Algorithm: Yo, look here! On the start page! A recommendation for a movie/video/song/article from a genre you've never watched/listened to/read! But it's one of our own productions!

Algorithm: Or content you've already consumed 4 weeks ago. You surely like to re-consume it again while that memory is still fresh, right?

Algorithm: On the other hand we have content you rated with a "Like" years ago. - But we completely ignore your recent interests and likes when proposing those.

Me: Uh, where is the notice about this new piece of content, which was released today, from the series I'm watching since months and always consume each new part directly on the day of its release? Do I really have to use the search?

Algorithm: Uh.. Can I interest you in some World War documentation?

*sigh* Every. Single. Time.

Folks! Don't declare your algorithm helps users finding new interesting content, when all it does is advertising.

Photo by Chevanon Photography: https://www.pexels.com/photo/person-performing-coffee-art-302899/

I really dislike the uninformed attitude of some companies to the dependencies of their software. In this case: Rundeck
They actually state the following in their installation documentation:

Rundeck depends on Java 11. The Java 14 packages will satisfy this dependency however Rundeck will not function properly with them. It is recommended to install the openjdk-11-jre-headless package manually.
Source: https://docs.rundeck.com/docs/administration/install/linux-deb.html

In case Pagerduty (who owns Rundeck) didn't get the memo: Java11 reached end-of-life years ago! And some Linux distributions don't have packages for it any more. The latest Java version is Java22. And the current LTS version is Java21.

Utilizing https://endoflife.date/ we can easily get an overview of the respective dates.

Free builds from Oracle: https://endoflife.date/openjdk-builds-from-oracle: End of life reached: 19th March, 2019.

Paid builds from Oracle: https://endoflife.date/oracle-jdk: Premier Support reached end-of-life on 30th September 2023. Extended Support last until 31th January 2032.

RedHat builds of OpenJDK: https://endoflife.date/redhat-build-of-openjdk: Support ends 30th October 2024. With paid extended life-cycle support 1 it ends 31th October 2027.

However this is just for the OpenJDK packages!

The really important part is: Are there any Java11 packages for the operating system being used?

RedHat Linux Enterprise Server 9 contains Java1.8, Java11 and Java17.

SuSE Linux Enterprise Server 15 SP6 contains Java1.8, Java11 and Java17.

Ubuntu 24.04 - the current LTS version, provides OpenJDK packages for version 11, 17 and 21.

Debian Stable (Bookworm currently) ships with OpenJDK 17 only.

Sure, there are backports available for Debian, or you can just build your own packages. But that is not what bothers me. Java11 was released in September 2018. That is about 6 years ago. Java14 was released in March 2020. Four years ago.

And in all these years, they haven't been able to update their commercial application to depend on a more recent version of Java? Which is included in more recently released distributions? Or least make it work with them? This annoys me. Yes, it's nice that you offer free community packages for non-commercial distributions - but if I can't install your software because of missing dependencies, it doesn't help at all.

Especially as many business customers run commercial Linux distributions such as RedHat Linux Enterprise Server (RHEL) or SuSE Linux Enterprise Server (SLES) and are required to update regularly. Either by their own processes & standards or by law/insurances.

They literally can't install or even run older, unsupported versions of Java11 packages. This effectively forces them to purchase additional support packages for older versions of Java. Great! Not to mention if RHEL or SLES were to drop Java11 support. (Well, at least OpenJDK11 is already somewhat confirmed for RHEL10. Though I don't know if only with a valid ELS subscription or not. SuSE has not said anything about Java11 and SLES16 as far as I know).

Or they run one of the big non-commercial distributions like Debian or Ubuntu. Sure, Ubuntu 24.04 would be a viable alternative. But what if the customer doesn't have any Ubuntu servers? Should there be one or two Ubuntu servers out of thousands, just for one meagre application?

Create completely new Ansible playbooks and/or Puppet modules just for a handful of servers running a completely different OS? Maybe even use different software for other basic tasks like backup, LDAP integration, etc. in case the current software doesn't support Ubuntu LTS? This can easily lead to a long (and expensive) software chain reaction. Not to mention the new skills required at staff level.

"Just use docker."

You do understand that Docker is no solution to security risks when the container runs the same outdated software, yes? Sure it's good for mitigation/reduction of the attack surface but it doesn't fix the underlying problem.

And this annoys me. We really should hold enterprise software accountable to higher standards.

I do understand fairly well that someone at Pagerduty must have thought: "Well, all major (commercial) Linux distributions still support Java11, so there is no business risk for us. And for the rest we just provide container images via Docker." Yep, this is the reason why we sometimes can't have nice things. Total neglect of the wider responsibility while additionally ignoring the fact that Java11 needs to be included in all these commercial distributions as still too many software products rely on it.

If you sell software, every process involved in creating that piece of software should be treated as part of your core business and main revenue stream. Giving it the attention it deserves. If you don't, I'm going to make a few assumptions about your business. And those assumptions won't be favourable.

Unfortunately, this form of critical thinking about software dependencies is eroding as "Just use Docker" becomes the new norm among the next generation of IT professionals.

Photo by Pixabay: https://www.pexels.com/photo/flare-of-fire-on-wood-with-black-smokes-57461/

This topic comes up far to often, therefore I decided to make a blogpost out of it. After all copy & pasting a link is easier than repeatedly writing the same bullet points.

Also: This is my private opinion and this article should rather be treated as a rant.

• Mail templates are separate files? And the workflow to create them is seriously that antique?
  
  • Under Create an email message template (microsoft.com) Microsoft details how to create an email template. But you notice something? They use the term "[...] that include information that infrequently changes [...]" means only static text is allowed.
  • Yep, you can't draft mail templates where certain values get auto-filled and the like. I mean, how many employees, consultants, etc. have to sent their weekly/monthly time-sheet to someone? Is it so hard to automatically fill in the week number, month and automatically attach the latest file with a certain file name in a specified folder?
    • Yes! Automating this with software is surely the best way. But we all know how the reality in many companies looks like, right?
  • Additionally the mail templates are stored as files on your filesystem under: C:\users\username\appdata\roaming\microsoft\templates.
    • This means: Mail templates are not treated as mails in draft mode or the like. No, you have to load an external file via a separate dialogue into Outlook. That's user experience from the 1980s?
  • Workaround: Create a folder templates, create a sub-folder templates-for-templates. Store mail drafts (with recipients, subject, text, etc.) in templates-for-templates. When needed copy to templates. Attach file. Edit text manually. Hit send.
  • Never send directly out of templates-for-templates as else your template is gone.
  • But seriously? Why is this process so old and convoluted? I suspect the feature is kept this way because Microsoft is afraid of people utilizing it to send spam. But.. Sending spam manually? I think this stopped to be a thing at May 5th, 2000 (Wikipedia) at the latest.. Every worm/virus out there has it's own build-in logic to generate different subjects/texts/etc. Why deliberately keep a feature in such a broken state and punish your legitimate users?
• No regular expressions in filter keywords
  • This annoys me probably the most. When you specify a filter "Sort all mails, where the subject begins with Newsletter PC news into a folder", Outlook will only sort mail with the exact subject of "Newsletter PC news"
  • Which is stupid when there is a static & changing part in the subject. I mean it's 2024. Support some kind of wildcard string matching via asterisks is not really new, isn't it? Like: "Sort all mail where the subject starts with "Newsletter PC news*" and then "Newsletter PC news April 2024" will also get sorted.. No. Not in Outlook.
• Constant nuisance: Ctrl+F doesn't bring up the search bar - Instead it opens the new mail window..
  • I mean really? Ctrl+F is the shortcut for search everywhere. Why change that!?
  • Info: Ctrl+E activates the search field on top
• Only one organizer for events
  • Ok, technically this isn't outlook but rather CalDAV and hence Google calendar, etc. suffer the from the same problems. But I still list it as a fault.
  • Why? Microsoft has repeatedly shown the middle finger to organizations like the ISO and the like. When it suits Microsoft's market share, they basically are willing to ignore a lot of common standards (like Google, Facebook, etc..). With their Active Directory infrastructure and Office Suite they have everything in-house and 100% under their own control to make this feature work in Windows environments - which most companies do run. But they don't care.
  • I mean.. On the other hand I'm glad that they follow the standard. It just turns out so often to be a feature we are in need of that I stopped counting.
  • And you already need proprietary connectors to properly integrate your Exchange calendar into other mail programs like Mozilla Thunderbird. So this shouldn't be really a big deal-breaker either..
• Only one reminder for events
  • Due to my Attention deficit disorder I tend to have what is called "Altered time perception" or "time blindness". This means I won't experience 15 minutes as 15 minutes or grossly under-/overestimate how much time I really have left. Best description for non-ADDers I can give is: This means I will think of 15 minutes as "Ah, I still have 1 hour left." That this can lead to situations where I am late or wasn't able to fully prepare something for a meeting should be clear.
  • Therefore it really helps me to be able to set multiple reminders for an event.
  • Usually I do the following: 1 hour before, 30min, 15min. This helps me to break out of the time blindness and synchronize my altered time perception with reality. Enabling me to finish tasks before the meeting/event happens.
  • For events like a business trip which take more time to prepare I often set a reminder 1 or 2 weeks in advance. This way I have time to do my laundry in time and so on.
  • Outlook however only supports the setting of ONE reminder.. Yeah..
  • My workaround is to have events also in my private calendar. (Of course without any details and often just a generic title/description as to not store client information on my private device.)
• Remember Xobni? / The search is horrible
  • Outlook search is a single input field and then it searches over everything. You can't specify if the search term you used is a name, part of the name of a file or part of an email address.
  • In the early 2000s there was Xobni. Slogan: "It reverts your Inbox." - Hence the name Xobni. It was a an add-on which added another sidebar to Outlook. There it displayed all people you've mailed with. And when you clicked on a person you saw all mails, all mail threads and, most importantly, all attachments this person had sent to you (or you to them). You could even add links to the persons social media profiles, etc. It was brilliant. And made work so easy. As often I remembered only the person who sent a file to me or the thread in which it was attached - but not the actual mail or even the subject of the mail, etc. Xobni made it pretty easy to work around that. Making it possible to search Outlook in a way in which our brain works.
  • Well, sadly Yahoo bought Xobni in July 2013 and shut it down in July 2014.
  • But it's 2024 and Microsoft hasn't come up with a similar functionality yet? Really?

Photo by Pixabay: https://www.pexels.com/photo/clear-glass-with-red-sand-grainer-39396/

It's far too often that I encounter blogs, "What's new?"-sections or other content which doesn't have any form of date or timestamp indicating when the content was first published, last modified, etc. And, to a certain degree, I find it annoying. As these information provide a crucial context. It allows me to make certain assumptions and sort it in correctly.

It's like when you read a Changelog for a piece of software and the added/changed/removed features are not attributed to the version of the software where they did change. Not helpful at all.

A political piece, written at the height of a scandal might not include crucial information. Which only was discovered months after. During the lengthy and boring police investigation. About which - of course - nobody writes in detail. With a date next to that text I can sort the piece into it's correct position in the timeline and explain to myself why certain arguments weren't done or are plain wrong - but maybe were the current knowledge at the time it was written.

Today I got curious about what happened to the german PC handbook publishing company Data Becker. And I found this blogpost (in german) by Thomas Vehmeier: Data Becker – eine Ära geht zu Ende (vehmeier.com). Apparently he worked at Data Becker in the middle of the 1990's. And in his text he writes about his experience and how & why Data Becker failed when the Internet, and therefore the market, began to change.

But.. There is no date. Nowhere. He also doesn't mention the year when Data Becker got out of business. Classical archaeological problem. We can only definitely say "It happened after the 1990's". But apart from that? Well he links to the WirtschaftsWoche. A german business magazine. They do a have date on their article. 9th October 2013. And they wrote that Data Becker will go out of business in 2014.

Does this clarify when his text was written? No, but it answers it somewhat sufficiently.

Albeit it illustrates my problem. Yes, it is not an unsolvable one, but still annoying - for me. And, I guess, I'm again in the minority here.

Photo by Tim Gouw: https://www.pexels.com/photo/man-in-white-shirt-using-macbook-pro-52608/

I'm just so fucking happy right now I have never been a customer of GoDaddy. As I learned via Reddit yesterday GoDaddy closed the access to their DNS API for many customers.

No prior information.

No change of the documentation regarding API access.

Nothing.

For many customers this meant that their revenue stream was affected as, for example, the SSL-Certificates for web services couldn't be automatically renewed. Which is the case when you are using Let's Encrypt.

Therefore I can't say it in any other words: GoDaddy deliberately sabotaged it's customers in order to maximize it's income.

Yeah, fuck you GoDaddy. You are on my personal blacklist now. Never going to do business with you. Not that I planned, but sometimes decisions like this must be called out and sanctioned.

When customers asked why their API calls returned an HTTP 403 error (Forbidden) GoDaddy provided the following answer (accentuation done by myself):

Hi, We have recently updated the account requirements to access parts of our production Domains API. As part of this update, access to these APIs are now limited: If you have lost access to these APIs, but feel you meet these requirements, please reply back with your account number and we will review your account and whitelist you if we have denied you access in error. Please note that this does not affect your access to any of our OTE APIs. If you have any further questions or need assistance with other API questions, please reach out. Regards, API Support TeamAvailability API: Limited to accounts with 50 or more domains Management and DNS APIs: Limited to accounts with 10 or more domains and/or an active Discount Domain Club plan.

Wow. The mentioned OTE API meanwhile is no workaround. It's GoDaddy's test API. Used to verify that your API-Calls work, prior to sending them to the productive API. You can't do anything there which would help GoDaddy's customers to find a solution without having to pay.

Sources

Am I the only one who can't use the API? (Reddit)

Warning: Godaddy silently cut access to their DNS API unless you pay them more money. If you're using Godaddy domain with letsencrypt or acme, be aware because your autorenewal will fail. (Reddit)

Made by myself https://admin.brennt.net/bl-content/uploads/pages/44e0aefb15224b22617e9f62071dda3f/uuid.jpg

This is a rant about software.

Dear Software-Vendors,
when you write that your software expects an UUID. Then please make sure that YOU actually first understand what a UUID is. Or to be precise: How the syntax of an UUID looks like and what it tries to achieve (the semantic of a UUID so to speak).

This is a UUID: 550e8400-e29b-11d4-a716-446655440000

That is: EIGHT DASH FOUR DASH FOUR DASH FOUR DASH TWELVE.
Repeat after me: 8-4-4-4-12

All those numbers are represented by strings consisting of hexadecimal characters. Meaning each and every character can either be 0-9 or a-f (NOT a-z because that wouldn't be hexadecimal).
There is no "It has to be a 3 at the seventh position". No. All hexadecimal, all random. Well.. In UUID v4 at least. But for the sake of ranting I won't go into detail here.
You can accept upper and lowercase but that is not allowed to matter.
Similarly like upper-/lowercase in emailadresses doesn't matter.

If you request an UUID of: 9-3-4-4-12

AND/OR

expect the first character to be an upper or lowercase character

AND/OR

you accept characters from A to Z...

Then you should be ashamed and I have no words left for you.

If you then follow up with: "But it's for sEcUriTy! z0mg!" No. Just no. Stop that. Seriously.
That's just your carefully chosen incompatibility (to keep your users nicely tucked in your software ecosystem) and FUD (Fear, uncertainty and doubt). But nothing else.
Also you just broke every single tool out there which verifies and checks UUIDs. Which actually comes in very handy in.. Uhm.. Software-Security? Like you know.. Don't use the same UUID twice, etc. Or Code-Linting tools and the like - which are part of the OPERATIONAL security of your customers.
So please: Stop that BS. Seriously.

Please: Don't be that kind of software vendor. Thank you, please make sure to visit my TED-Talk. 😂

Don't get me wrong: You can make up your own unique identifier syntax. But then: DON'T call it UUID! That name is standardized world-wide with the OSF, IETF, ISO and probably many other important standardization organisations.
Instead: Feel free to create a new one of this lovingly VS3LA's (Vendor specific 3 letter acronyms) which every software vendors seems to like..
Then at least every IT person will know that we are talking about something different.