Post-Quantum Cryptography (SSH) - We Have Been Warned This is just a short note following on from my recent posts on PQC and SSH/TLS and PQC and Signal. In particular I noted for SSH that connections between reasonably recent servers and clients are already protected with post-quantum-cryptography protocols. Today I also discovered while logging into a not-so-up-to-date server (but an up-to-date client) that warnings are now being shown: user@up-do-date:~$ssh no-so-up-to-date.example.org ** WARNING: connection is not using a post-quantum key exchange algorithm. ** This session may be vulnerable to "store now, decrypt later" attacks. ** The server may need to be upgraded. See https://openssh.com/pq.html user@no-so-up-to-date.example.org's password: Which should certainly help encourage maintainers of those not-so-up-to-date systems to get that done.

You’re staring at a bug that definitely wasn’t there six months ago. The codebase has hundreds of commits since then. You could read through every one looking for the culprit - or you could let git bisect find it for you in five steps. git bisect performs a binary search through your commit history. You tell it one good commit and one bad commit, and it checks out the midpoint for you to test. You say “good” or “bad”, it halves the range again (running a binary search) and in no time it tells you exactly which commit introduced the problem. ...

Remember the days when you could connect to a web server using telnet or netcat and manually type HTTP requests? That interactive experience was a great way to understand how HTTP/1.1 worked under the hood. With HTTP/2 and HTTP/3, that direct interaction became impossible because both protocols use binary framing instead of plain text. In this post I’m exploring how to build interactive HTTP/2 and HTTP/3 clients in Python - not for any production use but to better understand what’s going on in those connections. ...

With all the best intentions in the world sometimes commit-logs are skipped or entered in haste - a brief short-term gain for long-term pain and future-you (or worse someone else) feeling rightly peeved with you. For personal repositories the temptation to quickly type “notes” / “comments” etc. can be even stronger and once the commits are made you probably wont be thinking about them again until you need to (enter peeved future self). ...

What is PyNotes? PyNotes is a side project I’ve been gradually building to document Python in a systematic way. The goal is to create a comprehensive reference covering three main areas: Python Enhancement Proposals (PEPs): The proposals that shape how Python evolves Python Standard Library: The modules and packages that come with Python Official Python Tutorial: A walkthrough of Python’s core concepts The site lives at pynotes.bjdean.id.au and follows a consistent format for each article: a TL;DR summary, an “Interesting!” callout highlighting something noteworthy, and bite-sized sections with practical code examples. ...

The Weight of Early Decisions Software has remarkable longevity. Code written decades ago continues to run on millions of systems today, carrying forward not just functionality but also design decisions—both good and bad. When we write software, we’re not just solving today’s problems. We’re making choices that will affect users for years, perhaps decades. This is particularly true for foundational tools that become part of the Unix ecosystem. Once a command-line interface is established, changing it becomes extraordinarily difficult due to backward compatibility concerns, scripting dependencies, and the muscle memory of administrators worldwide. ...

Description Congee is a comforting Asian rice porridge with a silky, creamy texture. This Instant Pot version speeds up the cook, the pressure cooker does all the work transforming rice and stock into comfort food, while searing the chicken first adds depth of flavor. Stats ⏱️ Prep time: 10 minutes ✦ Cook time: 30 minutes ✦ Extra time: 15 minutes natural release ✦ Total time: 55 minutes 🍽️ Serves: 4-6 people ...

Description A creamy Japanese-style pumpkin salad with kewpie mayonnaise, cream cheese, and red onion. Based on a US-based recipe using Kabocha - in Australia this recipe works perfectly with Kent pumpkin. Or just choose your favourite winter squash! Stats ⏱️ Prep time: 20 minutes ✦ Cook time: 40 minutes ✦ Chilling time: 1 hour ✦ Total time: 2 hours ✦ 🍽️ Serves: 4 Ingredients 800g Kent pumpkin (or kabocha, or your favourite winter squash ): peeled, deseeded and cubed (3-4cm) 1 tablespoon olive oil ½ red onion (1e 1about 160g) 2 tablespoons Japanese Kewpie mayonnaise 2 tablespoons cream cheese Ground black pepper Instructions Preheat the oven to 180°C. ...

What Linux Load Average Actually Measures Linux’s load average metric is often misunderstood because it tracks processes in two distinct states: Runnable - processes actively running or waiting for CPU time Uninterruptible sleep - processes blocked waiting for I/O operations (disk, network, etc.) This distinction is important. A high load average might indicate CPU contention, but it could just as easily mean your system is waiting on slow disk I/O or network responses. This approach provides a more complete picture of system resource pressure than simply counting runnable processes. ...

TL;DR Azure AI Foundry makes fine-tuning accessible with straightforward data preparation requirements, but costs can accumulate quickly during experimentation. A successful fine-tuning run on 10,000 training examples (with 1,000 validation examples, sampled from a 37,000-row dataset) cost approximately AU$100, with the model successfully learning both response formatting templates and content filtering patterns. Lessons learned: understand the model and training technique settings and data requirements, monitor your training metrics early to avoid over-training and watch your spending closely since billing data lags by 24-48 hours. ...

TL;DR strace is a tool that traces system calls and signals while a progam is running. The output is verbose and can be hard to comprehend at a glance. I built explain-strace, a Python tool that parses strace output and adds human-readable descriptions for each system call, categorizes them (filesystem, network, memory, etc.), and provides summary statistics. The tool evolved from a simple parser to a maintainable system that generates syscall metadata directly from Linux kernel source, keeping pace with kernel updates automatically. ...

Overview Signal has added post-quantum cryptography with a new protocol called the SPQR (Sparse Post-Quantum Ratchet). This combines with Signal’s existing Double Ratchet to form a Triple Ratchet system. Signal uses the quantum-secure Key-Encapsulation Mechanism (ML-KEM 768) algorithm alongside traditional elliptic curve cryptography, which means attackers need to break both elliptic curve and ML-KEM cryptography to read messages. Signal are rolling out this new protocol in multiple phases - initially allowing older non-SPQR clients to interact with up-to-date clients and for older sessions (which might last for years) to continue working. In their final phase (once Signal have determined that all clients support the new protocol) older sessions will be upgraded to use SPQR. These phases are being planned to ensure nothing changes from an end-user experience. ...

Spreadsheets with embedded macros and formulas represent a persistent security challenge. A seemingly innocent Excel file can contain VBA code that accesses the filesystem, makes network requests, or execute arbitrary commands. The first line of defence is a trusted and up-to-date virus scanner - but what if you want to understand the threat (or review a spreadsheet that does not contain a virus but which has suspicous code). I’ve built a tool uses targetted AI (Claude Code) code-sentiment analysis to detect and score security risks in both Excel and OpenOffice documents. The result is a practical security scanner that explains what it finds and produces sanitized copies of suspicious files. ...

What is the Claude Code SDK? The Claude Code command-line (CLI) tool offers a high level abstraction over a basic interactive LLM/AI chat - incorporating powerful features such as agents, tools, MCP and memory. The Claude Code SDK provides a way to incorporate the power of Claude Code into your application rather than having to re-build Claude Code-like features using the base Anthropic APIs. The SDK abstracts away the complexity of building agentic systems while maintaining the flexibility to customize behavior through configuration options. ...

TL;DR Django allows custom management commands to extend the core manage.py interface, allowing easy integration with the application when building backend processes, automation scripts, and scheduled jobs (while providing access into the Django application environment, data model and functions via the same structures used to build the website). Where to create and/or find the code Django discovers management commands through a specific directory layout in your apps: your_app/ management/ __init__.py commands/ __init__.py send_notifications.py update_reports.py Every command file defines a Command class that extends BaseCommand: ...

TL;DR Django provides a complete authentication and authorization sub-system out of the box. Use @login_required to restrict views to authenticated users and @permission_required to enforce granular access control based on custom permissions defined in your models. Interesting! Django automatically creates four default permissions for every model (add, change, delete, view) during migrations, but you can define custom permissions in your model’s Meta class to implement fine-grained authorization for any business logic you need. ...

Preparing for the Quantum Future: A Practical Guide to Post-Quantum Cryptography TL;DR Advances in quantum processing capabilities are rapidly bringing forward the estimated date that a cryptographically relevant quantum computer (CRQC) will be available and previously strong encryption algorithms will be broken. With the recommended date for ceasing the use of traditional asymmetric cryptography now only years away in 2030, “Harvest now, decrypt later” attacks mean switching to Post-Quantum Cryptography (PQC) strong encryption algorithms is something to do today. ...

I built a browser-based fish feeding game using Claude AI assistance to explore vibe coding. Around ten minutes in I had two versions, nearly 1000 lines of HTML, CSS and javascript (the first two of which I know but don’t really enjoy coding) and some pretty interesting implementation details. Version 1 is here. (Result of first basic prompt) Version 2 is here. (After asking for a reset button and some special effects) ...

TL;DR AI pair programming doesn’t just fill knowledge gaps - it accelerates learning across domains. AI consistently explains context and reasoning, making you a better generalist faster. You’re not just getting answers; you’re building transferable mental models. Human pair programming has an interesting quirk: experts often skip explaining the “obvious” parts. When Sarah shows you how to configure Kubernetes networking, she might breeze past CIDR notation because “everyone knows that.” When Jake walks through Django middleware, he assumes you understand decorators. ...

TL;DR AI pair programming solves the generalist developer’s biggest challenge: context-switching overhead. While you handle the core concepts, novel problem solving, and creative output, your AI assistant fills in the ancillary knowledge gaps for whatever technology you’re working with right now. Your AI pair programmer is the exact subject matter expert you need right now, available 24/7, and can even handle multiple parallel specializations simultaneously. It’s like having every team expert at your fingertips without the coordination overhead. ...