About Victor Kropp

A software engineer in Munich, Germany.

The RSS's url is : https://victor.kropp.name/blog/index.xml

Please copy to your reader or subscribe it with :

Preview of RSS feed of Victor Kropp

Golf and Maps

2024-09-14 02:28:18

In January, I got a chance to try golf for the first time. We were in Cyprus, so the grass was perfect even in mid-winter. The weather wasn’t, as it was pouring for a good portion of the masterclass.

We were trained by a professional British golfer who has long retired. He was very passionate about the game and eagerly explained to us everything we wanted to know.

Thanks to that opportunity, I came to understand that I don’t like golf. I’ve spent some good time with friends, but the learning curve to master the game is quite steep. It will bring me little joy to play it knowing I can’t control the ball.

Golf City Puchheim at OpenStreetMap, before and after

Golf City Puchheim at OpenStreetMap, before and after

However, there was the other thing I also learned that day: the whole golf course terminology (par, handicap, etc.), which I can now put in good use to map some nearby golf courses on OpenStreetMap. For example, this one in Puchheim, which I occasionally run or ride nearby.



This is post 17 of #100DaysToOffload

August 2024 Reading List

2024-09-11 15:08:44

I had some very intense working weeks, followed by a well-earned vacation in August, so I skipped blogging during this period. And now I’m making up for it.

Read it later

The secret origin of “log in”

We do it dozens of times a day, every day, but why do we call it logging in?

Round Rects Are Everywhere!

An absurdly simple algorithm to draw rounded rectangles and how they become an indispensable part of every user interface.

Electric bikepacking: lessons learned over four days and 250 miles

I don’t plan to buy an electric bike anytime soon, but I wish more people could enjoy cycling, and e-bikes really help with that.

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

The method described in the article is quite expensive, requires specialized hardware and physical access to the token, but nonetheless it is a serious security issue.

Boston Marathon Map

I need to start a regular Map of the Month section in this digest.

App of the Month

I’ve been reading, writing, editing and commenting on tons of Google Docs lately, so let’s name it my App of the Month. And it really deserves it.

GitHub Highlight of the Month

Github nate-parrott/ball

Useless, but fun.

Once upon a time on Wikipedia

Bouba/kiki effect

Interesting how this effect can be observed in many different languages and cultures.



This is post 16 of #100DaysToOffload

July 2024 Reading List

2024-07-26 01:30:09

Read it later

Why Is Chile So Long?

Chile is so long, it’s curved.

In this article full of various maps, the unique position of Chile, which leads to its unique shape, is explained. I love maps.

How the Stream Deck rose from the ashes of a legendary keyboard

I remember the original Optimus keyboard, which featured a display under each key. Of course, I never had one, as I was a student in those days, and it was ridiculously expensive. Cool how it was reborn in a gadget owned by millions now.

The Math of Card Shuffling

How many times do you have to riffle a deck of cards before it is completely shuffled?

Getting buy-in to get things done

When you have buy-in, people will actively work toward the goal instead of just agreeing to it. Getting buy-in is hard.

Senior to Staff Engineer

The higher you climb the career ladder, the more it is about soft skills rather than hard skills.

How “Exit Traps” Can Make Your Bash Scripts Way More Robust And Reliable

Read this if you’re writing shell scripts as part of your automations.

App of the Month

I haven’t highlighted Spotify here yet, but it is an app I can’t image my life without. I’m listening to music all day long on, when I work or work out, during commutes, when I’m relaxing at home or getting asleep.

With all music streaming services having more or less the same catalog, Spotify is a clear winner for me in terms of their suggestions. My Monday starts with Discover weekly and 99% of my current rotation I discovered thanks to Spotify.

GitHub Highlight of the Month

Github paperless-ngx/paperless-ngx

Paperless-ngx is a document management system that transforms your physical documents into a searchable online archive so you can keep, well, less paper.

I’m working on organizing my document storage, and so far I’ve been delighted with Paperless. More on it later, after I fully convert my document archive.

Once upon a time on Wikipedia

Angzarr

Angzarr (⍼) is the name of a ghost character-like Unicode symbol of unknown origin.



This is post 15 of #100DaysToOffload

Stand-up Paddling

2024-07-22 23:19:16

This weekend I tried stand-up paddling for the first time. We had a great time both Saturday and Sunday at Lake Starnberg with our kids and friends.

It was hot and sunny, and it is a day you want to spend near or in the water.

Our family SUP board

Our family SUP board

Our board has buoyancy to carry an adult and two kids, and that’s what we did. Kids enjoyed it a lot, they liked gliding in calm shallow waters near the shore and watching around.

It was a perfect weekend until the board exploded (the seam was a bit loose) in the middle of the second day. Luckily for us, we were ashore at that moment, but the board now needs repair or replacement. Hopefully, I’ll be able to sort it out before the next weekend. As it is forecasted to be as hot as this one.



This is post 14 of #100DaysToOffload

Toolbox App Nostalgia

2024-07-18 01:54:28

We redesigned Toolbox App last year, and its new look has recently been released. This is probably the last unreleased feature of the app that I’ve touched before leaving the team in April.

So, I decided now is a good time to share a timelapse of the Toolbox App interface as it evolved over the years.

Toolbox App from 1.0 to 2.0

Toolbox App from 1.0 to 2.0

I wish the team all the best, and exciting new development ahead!



This is post 13 of #100DaysToOffload

Take DNS under control with DNSSEC

2024-07-05 23:39:26

In the first part I’ve shown the simple way to manage DNS with dnscontrol. However, I started the migration not only to consolidate all domain configs in one place, but also to apply best practices in their management.

CAA record

DNS was developed quite long ago. It was designed to be distributed, but without security in mind. It just wasn’t an issue back then.

The same with HTTP. Only in recent years, websites have become HTTPS by default. HTTPS requires a valid certificate issued by some trusted Certificate Authority. To prevent unauthorized CA from issuing certificate for a domain, one may use a CAA DNS record specifying allowed authorities.

DNSSEC

However, unless the DNS records themselves are verified, it doesn’t prevent malicious actors from forging them, including the CAA record. Here comes DNSSEC.

The main idea behind it is to sign DNS records, so that any client may verify that they are not changed as a part of MITM attack.

Not every DNS provider supports DNSSEC, unfortunately. That was one of the reasons for me to change the DNS provider in the first place.

deSEC

I chose deSEC – a free DNS provider built with security in mind to promote DNSSEC. Since it is fully supported by dnscontrol migration there was a breeze.

deSEC is hosted in Germany and supported by non-commercial organization. If you decide to use their services, please consider donating. These donations are tax-deductible in Germany.

Signing keys publication needed to be done manually, but that was not a big issue for me. However, I wish dnscontrol would be able to handle it.

Verification

To verify the security of your zone, you may use DNSSEC Analyzer. Here, for example, is a report for kropp.name.

And with that, I consider my DNS setup complete and future-proof.



This is post 12 of #100DaysToOffload

Take DNS under control with dnscontrol

2024-07-02 01:39:26

I own a number of domains for my personal website, hobby projects, and, of course, those awesome side project ideas, which were never implemented. These domains are registered by two different registrars, hosted on multiple providers, and provide different services (e.g., mail, VPN, etc.) Managing and updating them manually every time is tedious and error-prone.

So I finally decided to automate it. I considered several options, including terraform, but ended up with a much simpler dedicated solution: dnscontrol. It features a simple DSL for DNS zones descriptions and provides integrations with many popular DNS registrars and hosting providers.

Getting started

DNSControl is also very user-friendly and extremely easy to start with. All you need is to set up credentials (API tokens) for all third-parties and invoke

dnscontrol get-zones --format=js --out=draft.js your-provider

dnscontrol infers your current setup by accessing provider’s API. Here’s a sample of draft configuration for this domain (some entries omitted for brevity):

D("kropp.name", REG_CHANGEME,
        DnsProvider(DSP_DO),
        DefaultTTL(3600),
        //NAMESERVER("ns1.digitalocean.com."),
        //NAMESERVER("ns2.digitalocean.com."),
        //NAMESERVER("ns3.digitalocean.com."),
        A("@", "165.227.134.122", TTL(1800)),
        MX("@", 10, "aspmx1.migadu.com."),
        MX("@", 20, "aspmx2.migadu.com."),
        CNAME("victor", "kropp.name.", TTL(1800)),
        CAA("@", "issue", "letsencrypt.org", CAA_CRITICAL),
        AAAA("@", "2a03:b0c0:3:d0::cd:1"),
END);

This is an (almost) usable configuration, I only needed to provide a registrar in the first line. And after that refactor the configuration to extract common parts, which are shared between domains.

Reusing configuration

For example, I use Migadu for all my mail. Email setup requires setting around 10 DNS entries nowadays, and it appeared that none of my domains had all of them. Now, I’m using a common function, which configures e-mail for the domain with all best practices applied:

var MAIL_TTL = TTL(14400);
var VERIFICATION_TTL = TTL(43200);

var MIGADU_MAIL = function(domain) {
  return [
    MX("@", 10, "aspmx1.migadu.com.", MAIL_TTL),
    MX("@", 20, "aspmx2.migadu.com.", MAIL_TTL),
    CNAME("key1._domainkey", "key1." + domain + "._domainkey.migadu.com.", VERIFICATION_TTL),
    CNAME("key2._domainkey", "key2." + domain + "._domainkey.migadu.com.", VERIFICATION_TTL),
    CNAME("key3._domainkey", "key3." + domain + "._domainkey.migadu.com.", VERIFICATION_TTL),
    TXT("@", "v=spf1 include:spf.migadu.com -all"),
    TXT("_dmarc", "v=DMARC1; p=quarantine;"),
    CNAME("autoconfig", "autoconfig.migadu.com."),
    SRV("_autodiscover._tcp", 0, 1, 443, "autodiscover.migadu.com."),
    SRV("_submissions._tcp", 0, 1, 465, "smtp.migadu.com."),
    SRV("_imaps._tcp", 0, 1, 993, "imap.migadu.com."),
    SRV("_pop3s._tcp", 0, 1, 995, "pop.migadu.com."),
  ]
}

And now setting up a new domain is a breeze!

Preview and apply changes

After you’ve finished, move draft.js to dnscontrol.js and run

dnscontrol preview

This command verifies the configuration and lists all potential changes. After you verify they are intended, run

dnscontrol push

to apply them.

That’s it.

Note on credentials

DNSControl uses creds.json file with the following content to access providers on your behalf.

{
  "digitalocean": {
    "TYPE": "DIGITALOCEAN",
    "token": "$DO_TOKEN"
  }
}

Although you can put all tokens right there, you cannot place the file under version control then. Instead, I use environment variables for sensitive tokens. This allows me to track this file. This is important because provider ids are used in dnsconfig.js, and it also provides changes history.

Now all my domains are under dnscontrol and their configuration is tracked with git. If the need arises to move them to another DNS provider, it would be a piece of cake.



This is post 11 of #100DaysToOffload

June 2024 Reading List

2024-06-28 01:36:09

It’s been a busy month, and I mostly read books, but still have some articles to recommend.

Read it later

How Actors Remember Their Lines

My high school teachers and university professors always taught me not to remember theorem proofs by heart, but instead remember the process, thought flow. Actors seemingly use the same trick.

When privacy expires

A showcase how important is domain ownership. As soon as you published something on the web, or shared your email, you need to maintain the domain for life.

Designing a Lego orrery

Even before finishing reading this article, I found out that Lego just released a very similar official set. This MOC is clearly superior.

Visualizing MBTA Data

This visualization is maybe ten years old already, but it is still mesmerizing. I want to find a reliable data source and re-create it for Munich S-Bahn trains.

htmx sucks

A sarcastic rant from the author of htmx himself.

App of the Month

It was a month of travels for me, and I’ve used a boatload of different traveling apps to buy tickets, book hotels, check flight statuses, find the best public transport and running routes in at least 3 different cities, or just look at the map trying to figure out where am I today.

I can’t highlight any single one of them, as my use cases are temporary by their very nature. And as soon as leave the city, I delete their transit app. ¯\_(ツ)_/¯

GitHub Highlight of the Month

Github caddyserver/caddy

My webserver of choice for hobby projects and this very page. Works out of the box with minimal configuration and automatic SSL via Let’s Encrypt.

Once upon a time on Wikipedia

Wind phone

The wind phone (風の電話, kaze no denwa) is an unconnected telephone booth in Ōtsuchi, Iwate Prefecture, Japan, where visitors can hold one-way conversations with deceased loved ones.



This is post 10 of #100DaysToOffload

Bose QuietComfort Ultra Headphones

2024-06-26 01:47:18

I recently upgraded my good old Bose QuietComfort 35 headphones, which flawlessly served me for more than eight years. I looked for options, even asked colleagues on Slack, and received tons of suggestions, but ultimately decided for Bose again.

I didn’t want in-ear headphones because I never can make them work for me. I tried AirPods Pro, for example, but immediately returned them, as I wasn’t able to plug them in securely. Even though I liked their noise cancellation, awareness features and, of course, interoperability, the proper fit is essential.

I’ve already battle-tested my new Ultra headphones on trains and planes, and can now share my initial impressions.

Me wearing brand new Bose QuietComfort Ultra headphones

Me wearing brand new Bose QuietComfort Ultra headphones

Key upgrades

Unchanged (for good)

Controversial stuff

Materials

The main weakness of QuietComfort 35 headphones was the quality of ear cups and headband. I replaced them many times over the years. I have no idea how well would Ultra survive the extensive use, I just hope it would be better than its predecessor.

Wrap up

Overall, I’m delighted to have these headphones. They maybe are a bit overpriced, but I got a great deal which cut down the price almost to 60% of the original. And since I see it as an investment for the next 8–10 years, I’m pretty satisfied.



This is post 9 of #100DaysToOffload

First thoughts on WWDC 2024 announcements

2024-06-11 21:08:09

The annual Apple’s WWDC Keynote took place yesterday, and here are all the things that caught my attention.

macOS Sequoia

iPhone Mirroring

iPhone mirroring. Image: Apple

iPhone mirroring. Image: Apple

The upcoming macOS release will bring iPhone Mirroring. I’ll see if I need it during a regular workday, as I don’t need any additional interruption, and all required apps are already on my Mac. However, it may become a lifesaver for those who accidentally break the phone screen, rendering it useless. Now, they will be able to access the phone and extract all needed information more easily.

Window tiling

I’ve been using Rectangle, and since I only need a few basic window tiling/movement actions, I probably would be able to drop it in favor of a built-in functionality.

iPadOS 18

A calculator, finally! Not so much excited about math notes. They seem to be targeted to students, while I can’t remember when I needed such a thing last time.

Script writing can be a cool way to create very own xkcd-like comics. And it is a legit application of ML.

iOS 18

Customizable Home Screen and Control Center

Home screen in dark mode. Image: Apple

Home screen in dark mode. Image: Apple

These are long awaited features, which have been available on Android for ages. And, finally, I will be able to remove the Flashlight icon from the Lock screen, which I have accidentally launched so many times.

Apple TV

Nothing really exciting for me, except maybe redesigned Fitness+ app, but I had no complaints about it.

watchOS 11

The most exciting update for me personally, however, it will force me to replace my first-gen Watch SE, as it is no longer compatible.

Training load and Vitals

Training load in Fitness app on iPhone and Apple Watch. Image: Apple

Training load in Fitness app on iPhone and Apple Watch. Image: Apple

I’m looking forward to seeing how Training load and Vitals trends will work. Apple’s health and fitness apps know a lot about me (much more than any other), so I hope these new metrics will be trustful and actually useful.

Pausing and changing Move goals

Activity rings settings in Fitness app on iPhone and Apple Watch. Image: Apple

Activity rings settings in Fitness app on iPhone and Apple Watch. Image: Apple

My longstanding complaint about Activity Rings implementation is that it is absolutely impossible to have a rest day. If you’re into this game and want to keep your streak going, you should train even when it actually a wrong thing to do. Proper rest is a key to fitness level progress.

Hiking routes

Hiking routes in Apple Maps. Image: Apple

Hiking routes in Apple Maps. Image: Apple

I could have put Hiking routes to a good use, but it seems to be limited to US National Park, at least for now.

Cross-platform

Passwords

New Passwords app on iPad. Image: Apple

New Passwords app on iPad. Image: Apple

A dedicated Passwords app may be a huge deal for many, but I’m going to stay with 1Password for the foreseeable future. I just don’t want to put all eggs in a single basket.

Notes

There are many quality-of-life improvements in the Notes app, which I highly appreciate: like highlights, collapsible headings.

Apple Intelligence

I can hardly imagine myself using Genmoji, but I’m looking forward to using Writing tools.

Similarly, I haven’t used Siri much, as I simply could achieve everything I needed much faster without it. With this update, and an ability to write to Siri, instead of issuing voice commands, I may start using it.

Final thoughts

These updates bring lots of useful features across the whole ecosystem, and I can’t wait to start using them.



This is post 8 of #100DaysToOffload