Recent Blog Posts

For some time I've experimented and looked for a good solution for building (reproducible) development boxes. These will be virtual machines aimed for development. In the beginning they will be local virtual machines, but in the future they could also be remote machines. Main reason for using the development boxes would be added security by separating and isolating projects/customer work from each other. Each VM would have projects for one customer and only required SSH/access keys. The actual builds are also run in isolated containers and have even more reduced access to resources. This will protect against supply-chain malware as they reduce significantly resources the malware can read, like SSH keys and access tokens. Here are requirements for my setup:

SSH commit signing support was added to Git version 2.34.0. In this post I look at how to sign Git commits with SSH keys, preferably backed with FIDO2 security keys. There are different opinions whether signing commits is worth the extra effort. For example just recently Harley Watson wrote how commit signing is still kinda wack and Ludovic Courtès wrote on the importance of signing and verifying commits. This post is about the technical aspects of signing commits.

I consider ads on the Internet a major hindrance. They usually are large and flashy (especially video ads) and hence distract user from the task at hand. They have are also being used to track users and even being used to spread malware. I have used ad blocking on the browser for a long time, currently I use UBlock Origin.

I recently got myself a new laptop, HP Dragonfly Elitebook Max G3. Here are some impressions of the laptop and few thoughts about the Linux support for it.