Xe Iaso's blog is an independent blog covering systems & infrastructure and programming. It publishes on a weekly or bi-weekly basis, with 29 posts in its archive and 7 readers following along on Blogs Are Back.
Regular
Publishes weekly or bi-weekly
7
Independent Blog
English
How this blog's content is accessed through Blogs Are Back.
Full Content
RSS feed includes complete post content for reading in-app
Proxy Required
Feed is fetched through our proxy for browser compatibility
Direct Post Links
Post pages can be loaded directly in the reader
Embeddable
Posts can be displayed inline in the reader view
This blog appears in the following curated collections.
Recent posts from Xe Iaso's blog's RSS feed.
Giving your Go apps Tigris superpowers
Tigris is S3-compatible, which means you can point the AWS SDK at it and most things just work. The catch is that the Tigris-exclusive features—bucket forking, snapshots, object renaming, and the like—need verbose workarounds because the AWS SDK doesn't know they exist. So we wrote a Go SDK that does. It comes in two flavors: the storage package is a drop-in replacement for the standard S3 client with first-class methods for the Tigris-specific operations, and simplestorage is a higher-l...
IPv6 zones in URLs are a mistake
IPv6 is weird. One of the more strange parts of the standard is that every interface's link local addresses are in fe80::whatever. If you have a machine with two network interfaces, both of them will be in fe80::, so if you have a packet destined to fe80::4, how do you disambiguate it? The answer is you use IPv6 scopes/zones. The exact format of what goes into a zone is OS dependent, but on Linux it's the interface name and on Windows it's the interface ID. This lets the kernel's routing...
"No way to prevent this" say users of only package manager where this regularly happens
In the hours following the news that Redhat Insights' JavaScript packages fell victim to a supply chain attack via NPM, developers and systems administrators scrambled ensure all of their projects were unaffected from a supply chain attack that steals credentials for AWS, GCP, Azure, Kubernetes, HashiCorp Vault, npm, and CircleCI before then self-propagating via said stolen npm credentials and the bypass_2fa setting. This establishes persistence via Claude Code hooks and VS Code...
Dancing mad with sandboxing
CadeyWhat is an operating system, really?AoiI mean, isn't it obvious? It's something like FreeBSD or Fedora that has a kernel, userspace, graphics stack, core set of programs, and everything else you need to be able to use a computer. Is this a trick question?NumaWell it depends, is the Nintendo Switch OS an operating system? It doesn't have a shell in the same way FreeBSD does. Is SEL4 an OS? It doesn't ship with core utilities. Is Linux an OS? Is Windows an OS?A...
"No way to prevent this" say users of only package manager where this regularly happens
In the hours following the news that art-template fell victim to a supply chain attack via NPM, developers and systems administrators scrambled ensure all of their projects were unaffected from a supply chain attack where attackers have controlled the repository since 2025 and are using it to load unauthorized JavaScript from third party domains, including but not limited to Baidu Analytics. This is is due to the affected dependencies being distributed via NPM, th...
Follow Xe Iaso's blog
Add this blog to your reading list on Blogs Are Back, or visit the blog directly.