Skip to content

Blog

Rustlings

In a second attempt to learn Rust well enough to actually build something of use with it, I've discovered the Rustlings tool, which is an interactive teaching tool from the Rust foundation.

Basically, you install rustlings, and it generates a series of broken rust files as a variety of exercises and quizzes for you, and then provides a CLI tool to walk you through them and track completion, etc. as well as provide hints if you are lost on how to do part of the exercise.

It's pretty slick, lets you stay all in your IDE:

Rustlings

So far, it's pretty straight forward. Most slowness/awkwardness in Rust is with the slight syntactic differences from Go and Python (such as including a method return type after an arrow). For example, the following snippet returns a Vector of i32s:

fn vec_map_example(input: &[i32]) -> Vec<i32> {}

It is clear and obvious when reading it, but I'm just not used to writing it yet. The other bit that has given me pain while writing is forgetting the : symbol for type assignment (e.g. that input: &[i32] segment).

Oh, and adding ; at the end of the line....except when you don't! It's like the worst part of JavaScript :(

With that said, the compiler warnings are, as promised, insanely helpful! 'Did you mean to do X' is almost always exactly what was meant.

Changing to mkdocs

I've been a big fan of Mkdocs and especially the MKDocs Material Theme for years. We sponsor Martin for the Material Theme at work, and use it extensively to provide easy to use custom-looking documentation sites for our customers.

Figured it was about time to switch from Hugo to MKdocs for my personal site, maybe make it easier to add content now...

Dev is Prod

Everyone’s shifting left

It seems like everybody is shifting to CI/CD. Hopefully, they are involving security (‘shifting left’ on security), and security is engaging.

Discussions around security and CI/CD focus on security of the product under development, rather than details of the development tooling.
DevSecOps focuses on mitigating bugs and security problems early in the development lifecycle at best, and vulnerability scanning container artifacts as part of a deployment pipeline at worst (while still a net positive step). The data shows shifting security left in this fashion is a solidly positive impact for organizations 2.

Virtual Geeks

Do you still call it a happy hour if it's 6 hours long?

Throwback history

DC757/HRGeeks

My friend Ethan started a local DefCon chapter back in the early 2000s (2003-ish?), which eventually grew from being a small (5-7 people) gathering focused on security/hacking, to a much larger (50+) person general geek meetup. Somewhere along the way we switched the name to 'HRGeeks' (which in retrospect has caused so much confusion with human resources professionals), and I started 'hosting' - sending out reminders/invites, coordinating with the restaurant (nearly always Kelley's Irish Pub at Pembroke Mall, which is now gone), and nudging/pushing/personally texting/calling specific introvert/forgetful friends to come out for a bit. These meetups started around 6:30PM, and usually went until Kelley's closed at 2AM, and then continued on standing around in the parking lot until 3 or sometimes 4AM.
At one point, we had gotten so big that people were showing up to 'the geek meetup' that nobody new and weren't on any of the invite lists - friends of friends of friends had gotten word that 'fun geek meetup happens at Kelleys at 6:30 on the 1st Thursday of every month', and had just shown up in blind faith that it was still there (it was, for about 8 years!).