Shared posts

25 Jan 09:10

La dependencia europea de medios de pago usamericanos [Fr]

by SRAD

Intervención de la eurodiputada Aurore Lalucq: Visa, Mastercard, Paypal... prácticamente todos los medios de pago que utilizamos son usamericanos, y Trump nos los puede cortar de un día para otro. Pido organizar una reunión urgente para crear un sistema de pagos europeo. No costaría caro, hablamos de unos 10 millones de euros.

etiquetas: ue, usa, eeyy, medios de pago, dinero, tarjetas

» noticia original (www.reddit.com)

25 Jan 09:10

Niña se suicida en EEUU por acoso y amenazas de deportación

by Verdaderofalso

Jocelynn Rojo falleció tras un intento de suicidio. Fue víctima de bullying en su escuela en Texas; la amenazaron con llamar a ICE para deportar a su familia.

etiquetas: niña, eeuu, suicidio, jocelyn rojo, ice

» noticia original (www.sinembargo.mx)

25 Jan 09:10

Joaquín Reyes imita a Lamine Yamal y lanza una pulla a Santiago Abascal: "El único moro que no quiere deportar"

by Delay

"Trabajo, disciplina y... Leo Messi me traspasó sus poderes". "Me metió en un barreño y me dijo: 'Algún día tendrás mi talento para jugar al fútbol y para vestir regular'"

etiquetas: lamine yamal, parodia, santiago abascal

» noticia original (www.eleconomista.es)

25 Jan 09:10

Una galería que explica decenas de formatos de archivo, para desentrañar cómo están codificados [ENG]

by ccguy

La galería contiene las especificaciones de decenas de formatos, explicados a nivel de bytes y binario, y también a modo de guía visual. Así que nada de tener que ponerse a picar y compilar código sin saber cómo funciona todo. [vía microsiervos]

etiquetas: ficheros, formatos

» noticia original (formats.kaitai.io)

25 Jan 09:10

Asesinato de Alex Pretti [EN]

by Milmariposas

Asesinato de Alex Jeffrey Pretti en Minneapolis este 24 de enero de 2026

etiquetas: asesinato, alex pretti, minneapolis, ice, wikipedia

» noticia original (en.wikipedia.org)

25 Jan 09:09

Alemania teme que Trump confisque su oro: expertos piden repatriar 236 mil millones guardados en Nueva York

by Dragstat

La preocupación en círculos políticos y económicos va en aumento ya que las acciones militares de Donald Trump tienen a Alemania mirando con nerviosismo hacia Nueva York, donde guarda casi la mitad de sus reservas de oro, el país posee 3.352 toneladas de oro, las segundas reservas más grandes del mundo después de Estados Unidos. Poco más de la mitad de las reservas están en las bóvedas del Bundesbank en Fráncfort, otra parte en el Banco de Inglaterra, y el resto 1.236 toneladas, almacenadas en la Reserva Federal de Estados Unidos.

etiquetas: alemania, oro, reservas, estados unidos, repatriar

» noticia original (www.zocalo.com.mx)

25 Jan 09:09

Quince formas distintas de generar laberintos y verlas en acción

by ccguy

Es curioso echar un vistazo a Algoritmos para Laberintos, donde se muestran 15 formas de generar laberintos*. Aunque no todos son visualmente agraciados ni «complicados» desde el punto de vista de su resolución, explica todas las formas más o menos habituales de construirlos con un ordenador. Son algoritmos tanto clásicos como modernos, de código abierto y con animaciones paso a paso. [vía microsiervos y entradilla fusilada de ahí]

etiquetas: laberintos, algoritmos

» noticia original (www.jamisbuck.org)

25 Jan 09:09

Niña se suicida en EU por acoso y amenazas de deportación

by yop

Jocelynn Rojo falleció tras un intento de suicidio. Fue víctima de bullying en su escuela en Texas; la amenazaron con llamar a ICE para deportar a su familia.

25 Jan 09:06

Day-3 | DevSecOps for Terraform in 1 hour.

by Abhishek.Veeramalla

Join Membership for Career Guidance:
www.youtube.com/abhishekveeramalla/join

This is Day-3 of DevSecOps Zero to Hero, This video covers DevSecOps for Terraform. By the end you will learn how to setup vault intergration with terraform and use it along with GH Actions. You will also learn about checkov and other best practices for securing terraform.

These pratices are followed by enterprise and best DevSecOps experts.

GitHub Repo for the course:
https://github.com/iam-veeramalla/DevSecOps-Zero-to-Hero/

Free Course on the channel
==============================
- DevOps Zero to Hero Playlist: https://www.youtube.com/playlist?list=PLdpzxOOAlwvIKMhk8WhzN1pYoJ1YU8Csa
- AWS Zero to Hero Playlist: https://www.youtube.com/playlist?list=PLdpzxOOAlwvLNOxX0RfndiYSt1Le9azze
- Azure Zero to Hero Playlist: https://www.youtube.com/playlist?list=PLdpzxOOAlwvIcxgCUyBHVOcWs0Krjx9xR
- Terraform Zero to Hero Playlist: https://www.youtube.com/playlist?list=PLdpzxOOAlwvI0O4PeKVV1-yJoX2AqIWuf
- Python for DevOps Playlist: https://www.youtube.com/playlist?list=PLdpzxOOAlwvKwTyYNJCUwGPvql0TrsPgv

About me:
========
Instagram: https://www.instagram.com/abhishekveeramalla_official/
Telegram Channel : https://t.me/abhishekveeramalla
LinkedIn: https://www.linkedin.com/in/abhishek-veeramalla
GitHub: https://github.com/iam-veeramalla
Medium: https://abhishekveeramalla-av.medium.com/

Disclaimer: Unauthorized copying, reproduction, or distribution of this video content, in whole or in part, is strictly prohibited. Any attempt to upload, share, or use this content for commercial or non-commercial purposes without explicit permission from the owner will be subject to legal action. All rights reserved.
25 Jan 09:05

“Everyone Will Hate Me For Saying This”

by Tucker Carlson

Watch more here: https://www.youtube.com/@TuckerCarlson/featured

#tuckercarlson #saftyrules #saftyfirst #safty #destiny
25 Jan 09:04

🔴 LOS MINUTOS DEL ODIO- Edición especial - Semana 04 de 2026-01-24)

by Fabián C. Barrio

Este vídeo analiza el accidente ferroviario de Adamuz desde una perspectiva que va más allá del suceso técnico. No se trata solo de una soldadura defectuosa, un tramo de vía deteriorado o un fallo puntual en la infraestructura. Se trata de un patrón. De una forma de gestionar lo público. De una cultura política basada en el relato, la propaganda, el control del discurso y la sustitución de la responsabilidad por la narrativa.

Desde el descarrilamiento del tren Iryo 6189 y la colisión con el Alvia Madrid–Huelva, hasta la respuesta política, mediática e institucional, este análisis recorre:
la gestión de ADIF
el papel del Ministerio de Transportes
la figura de Óscar Puente
la situación estructural de Renfe
la politización de las catástrofes
el deterioro del mantenimiento ferroviario
la pérdida de credibilidad institucional
el uso propagandístico del dolor
la gestión de crisis en España
el control de la agenda mediática
la degradación de los servicios públicos
la normalización de la incompetencia

También se abordan los antecedentes históricos: Prestige, Yak-42, Alvia de Santiago, DANA, apagones, accidentes ferroviarios y la repetición de un mismo patrón político: negar, controlar el relato, ganar tiempo, diluir responsabilidades.

Este vídeo no busca imponer conclusiones. Busca reconstruir los hechos, ordenar la información y mostrar el contexto real en el que se produce la tragedia de Adamuz.

Porque los países no se degradan de golpe. Se deterioran por acumulación.
Y cuando el sistema falla, nunca pagan los despachos.
Paga la gente.

Temas clave:
Accidente ferroviario Adamuz
Descarrilamiento tren España
Iryo 6189
Alvia Madrid Huelva
ADIF
Renfe
Ministerio de Transportes
Óscar Puente
Infraestructuras ferroviarias
Seguridad ferroviaria
Gestión pública
Corrupción política
Propaganda institucional
Manipulación mediática
Responsabilidad política
Servicios públicos en España
Crisis institucional
Colapso de infraestructuras
Estado del ferrocarril español
25 Jan 09:01

Humor 25/1/26

by Sofi Siete

 






RUP = Región Ultraperiférica de la Unión Europea






 






25 Jan 08:56

Ricky Gervais: “Hace 30 años, le di un riñón a mi sobrino”.

by Fino

Transcripción tras el salto.

Entrevistador: Justo antes de que te vayas, ¿es posible? Sabes que le pedimos a cada invitado algo exclusivo que podamos… ¿verdad? Ya sabes a qué me refiero. La atención es moneda y todo eso.

Ricky Gervais: Bueno, he pensado en ello. Y… estoy preocupado por este.

Entrevistador: Vale, porque a veces las cosas son secretas por una razón.

Ricky Gervais: No, no, lo entiendo. Hace 30 años, le di un riñón a mi sobrino.

Entrevistador: ¿En serio?

Ricky Gervais: Iba a morir. Oh, Dios mío. No, estoy bromeando, él murió.

Entrevistador: [Risas] Tenemos whisky saliendo el próximo año. Nadie sabe de eso.

Ricky Gervais: Es ultrasecreto, ni siquiera puedo decirte el nombre. Pero tenemos un whisky inglés premium de malta.

Entrevistador: Pareces como si fueras a llorar.

Ricky Gervais: Sí, te lo dije. Eso es lo que hay, chico.

Ver post completo: Ricky Gervais: “Hace 30 años, le di un riñón a mi sobrino”.

25 Jan 08:51

Feminista describe el tipo de hombre que buscan las mujeres de ahora: “A las mujeres nos dejó de gustar el varón macho y nos empezó a gustar el twink que roza lo gay, es aliade, tiene la espalda más chica que vos, usa tote bag, llora y conecta con las emociones”.

by Fino
25 Jan 08:49

El Iryo descarriló desde un tramo de la vía que no estaba renovado.

by Fino

El Iryo descarriló desde un tramo de la vía que no estaba renovado.

En imágenes captadas por este diario en el punto exacto del accidente, pueden apreciarse los relieves del carril izquierdo con la cifra “89”, que según esta normativa corresponderían al año de fabricación e indicarían que son piezas originales en el trazado del primer corredor de alta velocidad en España, que se inauguró en 1992, hace más de 33 años. Las traviesas de esta parte sin renovar llevan el sello de la marca que utilizó Renfe hasta 2005, cuando se escindió de Adif. Comparten el tramo con carriles que llevan la cifra “23”. @elmundo

El Iryo descarriló desde un tramo de la vía que no estaba renovado.

Ver post completo: El Iryo descarriló desde un tramo de la vía que no estaba renovado.

25 Jan 08:48

En 1984, el reportero John Stossel le preguntó al luchador Dr. D si la lucha libre era “falsa” tras bambalinas del Madison Square Garden. Stossel recibió dos bofetadas reales que le causaron daños auditivos permanentes. Stossel le demandó por 5 millones de dólares, mientras que Schultz fue inmediatamente despedido y expulsado de la WWF.

by Fino
25 Jan 08:48

A veces las cosas van funcionando a pesar de estar mal montadas.

by Fino
25 Jan 08:47

Parece un sketch de José Mota.

by Fino
25 Jan 08:46

Bruce MacKinnon  [facebook]

carloskaplan:

Bruce MacKinnon  [facebook]

… vía carloskaplan

25 Jan 08:45

Los pasajeros del Alvia dicen que los servicios de emergencia llegaron hora y media después del accidente.

by Fino

Los pasajeros del Alvia dicen que los servicios de emergencia llegaron hora y media después del accidente.

Pese al comunicado de Renfe, los pasajeros del Alvia estiman, en base a lo que recuerdan, que esperaron a ser atendidos. Uno de los afectados, Santiago Rosendo, declaraba este viernes en ‘Más Vale Tarde’ que vio a los primeros sanitarios sobre las 21:15 horas, una hora y media más tarde del accidente. @lasexta

Los pasajeros del Alvia dicen que los servicios de emergencia llegaron hora y media después del accidente.

Los pasajeros del Alvia dicen que los servicios de emergencia llegaron hora y media después del accidente.

@O_Diosa__

Ver post completo: Los pasajeros del Alvia dicen que los servicios de emergencia llegaron hora y media después del accidente.

25 Jan 08:44

Mastering Google Cloud Networking: NCC Multi-Hub Patterns and Migration Strategies

by Arnaud Redon

Following up my last article on NCC patterns, this one shows why and how to handle multi-hub designs, and a step-by-step technical blueprint for a zero-downtime migration.

As cloud architectures evolve from simple single-region deployments to complex, global multi-cloud ecosystems, the networking glue holding them together must evolve as well. For years, VPC Peering and Hub & spokes patterns were the gold standard, but its scaling limits and lack of transitivity often forced architects into complex workarounds.

Enter Network Connectivity Center (NCC). With the recent GA of VPC Spoke Dynamic Route Exchange, NCC has transformed from a hybrid-only tool into a global routing engine.

1. The Architectural Shift: Why NCC?

For a GCP Architect, NCC isn’t just “Peering 2.0.” It is a centralized hub-and-spoke model that solves three major pain points:

  • Scale: VPC Peering is limited by the number of peerings per VPC (typically 25). NCC supports up to 250 VPC spokes per hub, allowing for massive enterprise-scale topologies.
  • Transitivity & Path Control: Unlike Peering, NCC allows for dynamic route exchange. You can use Export/Import filters to control exactly which prefixes are shared, preventing route leakage and managing overlapping IP spaces and bypass non transitivity between VPC Spokes with PSA or PSC transitivity propagation.
  • Unified Hybrid Connectivity: NCC treats VPCs, Cloud Interconnects, and SD-WAN (Router Appliances) as equal “spokes,” providing a single pane of glass for your global wide area network.

For more details, I give you the link of my last articles about advanced features: NCC patterns

2. Multi-Hub Design Patterns: Beyond the Global Hub

While a single NCC hub is global by nature, large-scale organizations often require Multi-Hub architectures for administrative isolation, regulatory compliance (data residency), or to bypass specific resource limits with more than 250 VPC spokes.

Here are the three primary patterns for interconnecting multiple NCC hubs:

Pattern A: Inter-Hub Connectivity via HA-VPN

This is the most common pattern for strict isolation between environments (e.g., a “Production Hub” and a “Non-Prod Hub”).

  • Mechanism: Deploy HA-VPN gateways in a VPC spoke of each hub and create tunnels between them.
  • Pros: Decouple NCC hub resource limits;High isolation; independent routing domains; easy to implement. NCC hub Isolation by continent
  • Cons: Additional costs for VPN tunnels and data transfer; limited by VPN throughput (though scalable with multiple tunnels).Transferrable to Prod/Dev/QA topology

Pattern B: Multi-NIC Network Virtual Appliances (NVAs)

For architects requiring deep packet inspection (Firewalls, IDS/IPS) between hubs.

  • Mechanism: Deploy a 3rd-party NVA (Fortinet, Palo Alto, etc.) with nic0 in Hub A's transit VPC and nic1 in Hub B's transit VPC.Multi-nic NVA — per region. Three NCC hubs in one GCP Project
  • Pros: Decouple NCC hub resource limits;NCC hub isolation by continent;Centralized security stack; advanced traffic engineering using BGP. Transferrable to Prod/Dev/QA topology
  • Cons: Management overhead of VMs; potential bottleneck if not scaled correctly (using Internal Load Balancers as next hops). Incur cross-regional data transfer costs

Pattern C: Transit via Partner Interconnect / Cross-Cloud

  • Mechanism: Using a third-party fabric (like Megaport or Equinix) to bridge two different NCC hubs, often used in multi-cloud scenarios.
  • Pros: Partner Interconnect Bandwidth — NCC Hub isolation by continent;Decouple NCC hub resource limits;Lower latency for inter-cloud traffic; bypasses the public internet.Transferrable to Prod/Dev/QA topology;deployment NCC hub(s) in One Project or One NCC hub per Project
  • Pros: Partner Interconnect Cost — Incur cross-regional data transfer costs

Let’s configure a multi-NCC hub with the VPN pattern

VPC configuration

provider "google" {
project = var.project_id
}

# Create the network shared services
module "shared-services" {
source = "terraform-google-modules/network/google"

# Give the network a name and project
project_id = var.project_id
network_name = "vpc-shared-services"
routing_mode = "GLOBAL"
delete_default_internet_gateway_routes = true


subnets = [
{
# region eu-west1
subnet_name = "nodes-euw1"
subnet_ip = "10.1.0.0/24"
subnet_region = "europe-west1"
subnet_private_access = "true"
},
]

secondary_ranges = {
nodes-euw1 = [
{
range_name = "pods"
ip_cidr_range = "192.168.16.0/21"
},
{
range_name = "services"
ip_cidr_range = "192.168.24.0/21"
},
{
range_name = "pods-autopilot"
ip_cidr_range = "192.168.32.0/21"
},
{
range_name = "services-autopilot"
ip_cidr_range = "192.168.40.0/21"
}
]

subnet-02 = []
}

routes = []
}

# Create the network onprem
module "onprem" {
source = "terraform-google-modules/network/google"

# Give the network a name and project
project_id = var.project_id
network_name = "onprem"
delete_default_internet_gateway_routes = true

#set best path selection VPC Mode to standard
bgp_best_path_selection_mode = "STANDARD"
bgp_always_compare_med = true
routing_mode = "GLOBAL"

subnets = [
{
# region eu-west1
subnet_name = "sub-onprem"
subnet_ip = "10.2.0.0/24"
subnet_region = "europe-west1"
subnet_private_access = "true"
}
]
routes = []
}


# Create the network shared services
module "eu-routing-vpc" {
source = "terraform-google-modules/network/google"

# Give the network a name and project
project_id = var.project_id
network_name = "eu-routing-vpc"
routing_mode = "GLOBAL"
delete_default_internet_gateway_routes = true


subnets = []
routes = []
}

# Create the network shared services
module "us-routing-vpc" {
source = "terraform-google-modules/network/google"

# Give the network a name and project
project_id = var.project_id
network_name = "us-routing-vpc"
routing_mode = "GLOBAL"
delete_default_internet_gateway_routes = true

subnets = []
routes = []
}

# Create the network us-vpc
module "us-vpc" {
source = "terraform-google-modules/network/google"

# Give the network a name and project
project_id = var.project_id
network_name = "us-vpc"
routing_mode = "GLOBAL"
delete_default_internet_gateway_routes = true

subnets = [
{
# region eu-west1
subnet_name = "us-east1"
subnet_ip = "10.10.0.0/24"
subnet_region = "us-east1"
subnet_private_access = "true"
},
]

routes = []
}

configure the vpn tunnels between onprem, eu and us vpn

module "vpn_ha-1" {
source = "terraform-google-modules/vpn/google//modules/vpn_ha"
version = "~> 4.0"
project_id = var.project_id
region = "europe-west1"
network = module.eu-routing-vpc.network_name
name = "eu-routing-vpc-to-onprem"
peer_gcp_gateway = module.vpn_ha-2.self_link
router_asn = 64514

router_advertise_config = {
ip_ranges = {
"10.1.0.0/24" = "shared-services",
"10.10.0.0/24" = "us-vpc-subnet",
"199.36.153.8/30" = "private google apis"
}
mode = "CUSTOM"
groups = ["ALL_SUBNETS"]
}

tunnels = {
remote-0 = {
bgp_peer = {
address = "169.254.1.1"
asn = 64513
}
bgp_peer_options = null
bgp_session_range = "169.254.1.2/30"
ike_version = 2
vpn_gateway_interface = 0
peer_external_gateway_interface = null
shared_secret = ""
}
}
}
module "vpn_ha-2" {
source = "terraform-google-modules/vpn/google//modules/vpn_ha"
version = "~> 4.0"
project_id = var.project_id
region = "europe-west1"
network = module.onprem.network_name
name = "onprem-to-eu-routing-vpc"
router_asn = 64513
peer_gcp_gateway = module.vpn_ha-1.self_link

router_advertise_config = {
ip_ranges = {
"10.2.0.0/24" = "onprem-subnet",
}
mode = "CUSTOM"
groups = ["ALL_SUBNETS"]
}

tunnels = {
remote-0 = {
bgp_peer = {
address = "169.254.1.2"
asn = 64514
}
bgp_peer_options = {
route_priority = 100
}
bgp_session_range = "169.254.1.1/30"
ike_version = 2
vpn_gateway_interface = 0
shared_secret = module.vpn_ha-1.random_secret
}

}
}

#vpc routing

module "vpn_ha-vpcrouting" {
source = "terraform-google-modules/vpn/google//modules/vpn_ha"
version = "~> 4.0"
project_id = var.project_id
region = "europe-west1"
network = module.eu-routing-vpc.network_name
name = "routing-eu-to-us"
peer_gcp_gateway = module.vpn_ha-vpcrouting-2.self_link
router_asn = 64515

tunnels = {
remote-0 = {
bgp_peer = {
address = "169.254.3.1"
asn = 64516
}
bgp_peer_options = null
bgp_session_range = "169.254.3.2/30"
ike_version = 2
vpn_gateway_interface = 0
peer_external_gateway_interface = null
shared_secret = ""
}
}
}

module "vpn_ha-vpcrouting-2" {
source = "terraform-google-modules/vpn/google//modules/vpn_ha"
version = "~> 4.0"
project_id = var.project_id
region = "us-east1"
network = module.us-routing-vpc.network_name
name = "routing-us-to-eu"
router_asn = 64516
peer_gcp_gateway = module.vpn_ha-vpcrouting.self_link

tunnels = {
remote-0 = {
bgp_peer = {
address = "169.254.3.2"
asn = 64515
}
bgp_peer_options = {
route_priority = 1000
}
bgp_session_range = "169.254.3.1/30"
ike_version = 2
vpn_gateway_interface = 0
shared_secret = module.vpn_ha-vpcrouting.random_secret
}

}
}

configure the different NCC hub

resource "google_network_connectivity_hub" "eu-hub" {
depends_on = [module.eu-routing-vpc]
name = "eu-hub"
description = "eu-hub"
preset_topology = "MESH"

#activate psc propagation
export_psc = true
}

resource "google_network_connectivity_hub" "us-hub" {
depends_on = [module.eu-routing-vpc]
name = "us-hub"
description = "us-hub"
preset_topology = "MESH"

#activate psc propagation
export_psc = true
}


resource "google_network_connectivity_spoke" "shared-services" {
name = "shared-services"
location = "global"
description = "shared-services spoke"

hub = google_network_connectivity_hub.eu-hub.id

linked_vpc_network {
uri = module.shared-services.network_id
}
}

resource "google_network_connectivity_spoke" "us-vpc" {
name = "us-vpc"
location = "global"
description = "us-vpc spoke"

hub = google_network_connectivity_hub.us-hub.id

linked_vpc_network {
uri = module.us-vpc.network_id
}
}

# Spoke pour le VPN venant de l'On-Prem
resource "google_network_connectivity_spoke" "onprem_vpn_spoke" {
name = "spoke-onprem-vpn"
location = "europe-west1"
hub = google_network_connectivity_hub.eu-hub.id

linked_vpn_tunnels {
# Ce tunnel DOIT être dans le VPC 'eu-routing-vpc'
uris = ["https://www.googleapis.com/compute/v1/projects/${var.project_id}/regions/europe-west1/vpnTunnels/eu-routing-vpc-to-onprem-remote-0"]
site_to_site_data_transfer = true
include_import_ranges = ["ALL_IPV4_RANGES"]
}
}

# Spoke pour le VPN allant vers les USA (Inter-Hub)
resource "google_network_connectivity_spoke" "us_interconnect_spoke" {
name = "spoke-to-us-hub"
location = "europe-west1"
hub = google_network_connectivity_hub.eu-hub.id

linked_vpn_tunnels {

uris = ["https://www.googleapis.com/compute/v1/projects/${var.project_id}/regions/europe-west1/vpnTunnels/routing-eu-to-us-remote-0"]
site_to_site_data_transfer = true
include_import_ranges = ["ALL_IPV4_RANGES"]
}
}

# Spoke côté US pour recevoir le tunnel venant de l'Europe
resource "google_network_connectivity_spoke" "eu_interconnect_spoke_us" {
name = "spoke-from-eu-hub"
location = "us-east1"
hub = google_network_connectivity_hub.us-hub.id

linked_vpn_tunnels {
uris = ["https://www.googleapis.com/compute/v1/projects/${var.project_id}/regions/us-east1/vpnTunnels/routing-us-to-eu-remote-0"]
site_to_site_data_transfer = true
include_import_ranges = ["ALL_IPV4_RANGES"]
}
}


resource "google_network_connectivity_spoke" "eu-routing" {
name = "eu-routing"
location = "global"
description = "Spoke VPC de transit (Indispensable pour le routage forward)"

hub = google_network_connectivity_hub.eu-hub.id

linked_vpc_network {
uri = module.eu-routing-vpc.network_id
}
}

resource "google_network_connectivity_spoke" "us-routing-vpc" {
name = "us-routing-vpc"
location = "global"
description = "us-routing-vpc spoke"

hub = google_network_connectivity_hub.us-hub.id

linked_vpc_network {
uri = module.us-routing-vpc.network_id
}
}

Finally , configure firewall rules for testing

resource "google_compute_network_firewall_policy" "policy" {
name = "my-firewall-policy"
project = var.project_id
description = "firewall policy sanbox"
}

resource "google_compute_network_firewall_policy_association" "eu-routing-vpc" {
name = "eu-routing-vpc-association"
project = var.project_id
attachment_target = module.eu-routing-vpc.network_id
firewall_policy = google_compute_network_firewall_policy.policy.id
}

resource "google_compute_network_firewall_policy_association" "us-routing-vpc" {
name = "us-routing-vpc-association"
project = var.project_id
attachment_target = module.us-routing-vpc.network_id
firewall_policy = google_compute_network_firewall_policy.policy.id
}


resource "google_compute_network_firewall_policy_association" "onprem" {
name = "onprem-association"
project = var.project_id
attachment_target = module.onprem.network_id
firewall_policy = google_compute_network_firewall_policy.policy.id
}

resource "google_compute_network_firewall_policy_association" "shared" {
name = "shared-association"
project = var.project_id
attachment_target = module.shared-services.network_id
firewall_policy = google_compute_network_firewall_policy.policy.id
}

resource "google_compute_network_firewall_policy_association" "vpc-us" {
name = "vpc-us-association"
project = var.project_id
attachment_target = module.us-vpc.network_id
firewall_policy = google_compute_network_firewall_policy.policy.id
}

resource "google_compute_network_firewall_policy_rule" "iap" {
action = "allow"
description = "iap rule"
direction = "INGRESS"
disabled = false
enable_logging = true
firewall_policy = google_compute_network_firewall_policy.policy.name
priority = 1000
rule_name = "IAP"

match {
src_ip_ranges = ["35.235.240.0/20"]
dest_ip_ranges = ["0.0.0.0/0"]

layer4_configs {
ip_protocol = "tcp"
ports = ["22", "3389"]
}
}
}

resource "google_compute_network_firewall_policy_rule" "allow_internal_data" {
action = "allow"
description = "Allow all internal traffic"
direction = "INGRESS"
disabled = false
enable_logging = true
firewall_policy = google_compute_network_firewall_policy.policy.name
priority = 900
rule_name = "allow-internal-data"

match {
# Autorise OnPrem (10.2), Shared (10.1), US (10.10)
src_ip_ranges = ["10.1.0.0/24", "10.2.0.0/24", "10.10.0.0/24"]
dest_ip_ranges = ["0.0.0.0/0"]
layer4_configs {
ip_protocol = "all"
}
}
}

3. The Migration Blueprint: From Legacy Peering to NCC

Migrating a “live” network is not easy and risky. To avoid issues, here is the technical workflow to transition from a Hub-and-Spoke Peering model to NCC.

Phase 1: The Parallel “Shadow” Transit

Do not tear down your existing peerings yet.

  1. Create the NCC Hub: Set up your global hub resource.
  2. The New Transit VPC: Create a new VPC that will act as the “Next-Gen Hub.”
  3. Establish Hybrid Spokes: Set up new Cloud Interconnect VLAN attachments or HA-VPN tunnels and attach them to the NCC Hub.
  4. BGP Preparation: Ensure your On-Premise routers are ready to receive routes from the new Cloud Routers.

Phase 2: Workload Integration (The Spoke Transition)

  1. Attach Workload VPCs: Add your application VPCs as spokes to the NCC hub.
  2. Route Filtering: Use Export Filters on the NCC spokes to ensure they don’t immediately start advertising routes that conflict with the existing peering routes.
  3. The “Edge Group” Logic: Place hybrid spokes in an Edge Group to facilitate transit between VPC spokes and On-Premise.

Phase 3: Traffic Swing (The “Big Switch”)

  1. Adjust Administrative Distance: On-premise, prefer the routes learned via the new NCC-connected Interconnects (by adjusting BGP Multi-Exit Discriminator — MED).
  2. Monitor Flows: Use Network Topology and Flow Logs in the GCP Console to verify that traffic is moving through the NCC Hub and not the legacy Peering links.
  3. Incremental Peering Removal: Once traffic is confirmed on the NCC path, delete the VPC Peering connections one by one.

Phase 4: Add new VPCs

4. Architect’s Decision Matrix: Pros, Cons, and Caveats

Choosing between traditional VPC Peering, Cloud Router architectures, and Network Connectivity Center (NCC) is a strategic decision. As your network grows from a few isolated VPCs to a complex hybrid-cloud mesh, the trade-offs change.

Use this matrix to determine if NCC is the right fit for your current infrastructure.

Pros & Cons: The Reality of NCC

The Pros

  • Operational Simplicity: NCC eliminates the “peering mesh” nightmare. You connect a VPC or a VPN as a spoke, and the Hub handles the distribution.
  • Unified Hybrid Connectivity: It acts as a single pane of glass for On-prem-to-Cloud and Cloud-to-Cloud (multi-region) traffic.
  • High Performance: Leveraging Google’s global backbone, NCC provides lower latency and higher reliability than managing multiple disparate tunnels.

The Cons

  • Complexity of BGP: NCC relies heavily on BGP (Border Gateway Protocol). If your team isn’t comfortable with dynamic routing, the setup can be daunting.
  • Cost Management: Unlike “free” VPC Peering within the same region, NCC involves costs per spoke and data processing fees that can scale quickly if not monitored

Conclusion

The move to Network Connectivity Center is a mandatory step for any GCP environment reaching enterprise maturity. By adopting a Multi-Hub design where necessary and following a staged migration path, architects can provide their organizations with a network that is not only scalable but also significantly easier to manage than traditional peering meshes.

Always validate your routing logic with Network Intelligence Center (Connectivity Tests) before deleting your legacy peerings. Happy routing!

I hope you enjoyed reading this. See you next time 👋


Mastering Google Cloud Networking: NCC Multi-Hub Patterns and Migration Strategies was originally published in Google Cloud - Community on Medium, where people are continuing the conversation by highlighting and responding to this story.

25 Jan 08:43

Identity as Code: A Real-World Strategy for Managing GCP IAM Roles using Terraform

by Lucas Nogueira

In this article, we explore a scalable role management strategy known as IAM Personas. We will move beyond theory to examine specific architectural examples and provide production-ready code samples. Finally, we will demonstrate how to deploy this strategy on Google Cloud Platform by leveraging a structured Infrastructure as Code (IaC) approach.

Structuring Resources by Business Unit

To effectively implement the User Personas Approach, we must first establish an Organization Hierarchy. This step is foundational, as it allows us to organize resources according to business units.

Below is a simplified example featuring two main branches: a Security folder for operations and a General folder for developer units. While this example is streamlined for clarity, your actual hierarchy may be more complex depending on your organization’s maturity.

Defining RBAC Requirements & Boundaries

Next, we define the Role-Based Access Control (RBAC) requirements. Based on our hierarchy, we have established the following strict access rules:

  • Security Team: Has exclusive access to the Security folder. No other role may enter this directory.
  • Sysadmins: Have broad access to the General folder and all contained Developer units. However, they are explicitly denied access to the Security folder.
  • Developer Teams: Are isolated to their specific units (e.g., Team 1 can only access Unit 1). Cross-unit access is strictly prohibited.

Persona Identification and Scalability

Deriving from our established access rules, we can identify four distinct personas for this scenario:

  • Security Admins
  • Sysadmins
  • Unit 1 Developers
  • Unit 2 Developers

In a production environment, this list expands significantly to encompass roles such as Billing Admins, Auditors, Marketing, and Accounting. Regardless of whether an organization has ten roles or ten thousand, the fundamental goal of the Personas Approach remains the same: to systematically identify every role and explicitly define the permissions they require.

Defining Roles & Implementation Strategy

We adhere to a strict scope-based permission model to ensure security and operational efficiency:

Security Admins

  • Scope: Entire Organization.
  • Role: They require global oversight. We assign roles/iam.securityAdmin at the top-level Organization node, allowing them to define access controls across all folders. Additionally, roles/securitycenter.admin is granted to monitor threats in every project, from infrastructure to individual dev units.

Sysadmins

  • Scope: General Folder.
  • Role: Acting as infrastructure architects, they manage the hierarchy (folderAdmin) and networking (networkAdmin) for the General folder and its children. However, they are restricted from altering the global IAM policies set by Security.

Developers

  • Scope: Unit Sub-folders.
  • Role: Strictly isolated. Unit 1 Developers control specific resources (compute.admin, storage.admin) within their designated folder, with zero visibility into Unit 2 or the Organization’s broader security configurations.

The Implementation Strategy

With the hierarchy and personas defined, the implementation of the Personas IAM approach is straightforward. We avoid assigning permissions to individual users. Instead, we follow this three-step workflow:

  1. Create a Group for each identified persona.
  2. Assign Permissions to that specific Group.
  3. Add Users to the Group, allowing them to automatically inherit the correct access.

Implementation via Infrastructure as Code (IaC)

With our roles and groups clearly defined, we will now leverage the GCP Hardening Toolkit IAM module to provision these resources.

While it is possible to configure these settings manually in the console, we strongly recommend an Infrastructure as Code (IaC) approach. IaC transforms your IAM structure into a single source of truth, providing granular control over changes and ensuring complete traceability for audits. By code-ifying these rules, we avoid ‘configuration drift’ and ensure the security model remains intact as the organization scales.

Configuration Overview

This Terraform configuration utilizes the GCP Hardening Toolkit IAM module to strictly enforce our design.

Inside the groups block, we define each persona as a distinct object. The module reads this list to automatically create the corresponding Google Groups (e.g., gcp-security-admins@example.com) and applies the specific IAM role bindings to the correct scope (Organization or Folder). This ensures that the security model is deployed exactly as architected, with no manual intervention required.

# terraform.tfvars

# Global Settings
customer_id = "C012345ab" # Replace with your Workspace Customer ID
domain = "example.com"
allow_multi_point_grants = false

# The Persona Definitions
groups = [
# ---------------------------------------------------------
# 1. Security Admins
# Scope: Entire Organization
# ---------------------------------------------------------
{
display_name = "gcp-security-admins"
description = "Global Security Operations & Oversight"
roles = [
"roles/iam.securityAdmin", # Define Access Policies
"roles/securitycenter.admin", # Monitor Threats (SCC)
"roles/logging.admin", # Manage Audit Logs
"roles/secretmanager.admin" # Manage Global Secrets
]
},

# ---------------------------------------------------------
# 2. Sysadmins
# Scope: General Folder (Inherits to Unit 1 & Unit 2)
# ---------------------------------------------------------
{
display_name = "gcp-sysadmins"
description = "Infrastructure & Networking Architects"
folder_id = "folders/200000001" # The General Folder ID
roles = [
"roles/resourcemanager.folderAdmin", # Manage Project Structure
"roles/compute.networkAdmin", # Manage VPCs/Firewalls
"roles/billing.projectManager" # Link Billing Accounts
]
},

# ---------------------------------------------------------
# 3. Unit 1 Developers
# Scope: Unit 1 Folder (Isolated)
# ---------------------------------------------------------
{
display_name = "gcp-unit-1-developers"
description = "Application Team - Business Unit 1"
folder_id = "folders/300000001" # Unit 1 Sub-folder ID
roles = [
"roles/compute.admin", # Manage VMs
"roles/storage.admin", # Manage Buckets
"roles/serviceusage.serviceUsageConsumer" # View enabled APIs
]
},

# ---------------------------------------------------------
# 4. Unit 2 Developers
# Scope: Unit 2 Folder (Isolated)
# ---------------------------------------------------------
{
display_name = "gcp-unit-2-developers"
description = "Application Team - Business Unit 2"
folder_id = "folders/300000002" # Unit 2 Sub-folder ID
roles = [
"roles/compute.admin", # Manage VMs
"roles/storage.admin", # Manage Buckets
"roles/serviceusage.serviceUsageConsumer" # View enabled APIs
]
}
]
Note: Permission Grant Models The GCP Hardening Toolkit module supports two distinct permission strategies: Single-Point and Multi-Point grants. Choosing the right model impacts your security posture and audit complexity. We strongly recommend reviewing the article: Comparing Group Permission Models: Security Implications and Analysis to understand the trade-offs before finalizing your configuration.

Once the configuration is finalized, we simply execute terraform apply to provision the groups and permissions. This strategy centralizes our IAM management, maintaining both a registry of organizational roles and a complete history of permission changes in a single repository.

Conclusion: From Concept to Production

In this article, we demonstrated how to shift identity management from a manual bottleneck to a scalable engineering process using Infrastructure as Code (IaC). By treating permissions as code, we ensure that our security model is immutable, auditable, and easy to scale as new business units are onboarded.

It is important to note that the configuration demonstrated above is a simplified example designed for clarity. We focused on just four core personas — Security, Sysadmins, and two Developer units — to illustrate the mechanics of the strategy.

However, real-world enterprise environments are significantly more complex, often requiring dozens of distinct personas, nested folder structures, and conditional access policies. For a complete, production-ready reference, we recommend exploring the GCP Hardening Toolkit repository. It contains a comprehensive, “real-world” example implementation that handles full-scale organizational complexity, demonstrating exactly how to apply these principles at an enterprise level.


Identity as Code: A Real-World Strategy for Managing GCP IAM Roles using Terraform was originally published in Google Cloud - Community on Medium, where people are continuing the conversation by highlighting and responding to this story.

25 Jan 08:39

Minneapolis Is a Second Amendment Wake-Up Call

by Tyler Austin Harper

Last week, as rumors swirled about an impending ICE surge that would target the Somali population in Maine, where I live, I called my barbershop to schedule a last-minute appointment. I didn’t want a haircut, but I worried that I needed one. I am a light-skinned Black American: My hair and beard are thick and curly. On Thursday, I had both cut extra short in an effort to look less like someone ICE might find interesting. That is to say, for the first time in my life, I tried to look a little whiter.

I had seen video after video of federal agents occupying Minneapolis, flagrantly racially profiling innocent people on the street—demanding that American citizens, including police officers and Native Americans, show their papers, and even detaining some—and it seemed that the same chaos was coming to southern Maine.  

I also made another change in advance of ICE’s arrival: I stopped carrying the 9-mm compact handgun—a Glock 19 equipped with a Holosun red dot—that I keep underneath my shirt most days, in full compliance with Maine’s concealed-carry laws. Although it is completely within my rights to carry concealed in my state (a practice I began a little over a year ago, after having gotten several death threats for my political writing), the past few weeks have made it apparent that ICE and Border Patrol don’t put much store in the law or Constitution.

When I heard news that Maine was about to get the Minneapolis treatment, a fear gnawed at me: What happens if I’m harassed or grabbed by an ICE agent for walking down the street without my passport, and an agent feels the pistol beneath my sweatshirt? What happens, God forbid, if my Glock dislodges from my appendix holster while I’m being roughly detained? I worried that, in such an event, ICE officers—poorly trained, trigger-happy—might panic and shoot me out of fear, even if I was doing nothing illegal or threatening. I worried, too, that they might not even bother to learn Maine’s gun laws before descending on my state.

Today, Border Patrol’s killing of Alex Jeffrey Pretti—a 37-year-old ICU nurse who the Minneapolis Police Department believes possessed a legal-carry permit, and was armed in the lead-up to his death—made it clear that my paranoia was justified. It also made it clear that it is not only minorities who are having their First, Fourth, and now Second Amendment rights trampled by the federal government: Pretti, like Renee Nicole Good before him, was white. And while new facts could certainly emerge that complicate what we know so far, existing videos of the incident seem to show that he never reached for his weapon in his fatal encounter with the feds. It appears to have been removed by agents before they shot him dead, after first pepper-spraying him in the face as he tried to help a woman who had been knocked to the ground. Apparently, the federal boot heel is now colorblind, one of the Trump administration’s more notable anti-DEI achievements.

Although the administration claims that its immigration-enforcement operations are meant to protect Americans from an “invasion” of foreign-born gang members, federal officials have now killed two American citizens—specifically, white American citizens, the kind Donald Trump and Stephen Miller tacitly signal they care the most about—in less than a month. It is plain that Operation Metro Surge and Operation Catch of the Day—yes, that’s what ICE actually calls its Maine operation—are not about protecting the good citizens of Minnesota and Maine. And they are certainly not about protecting our rights guaranteed by the Constitution.

I’ve spent nearly my entire life in American gun culture: My father was a combat veteran turned state-police officer; I come from a hunting family; my first job was at a gun club; I regularly invest hours at the range, and burn through 1,000 or more rounds of pistol and rifle ammo every month. I admit that by the standards of some readers, I no doubt qualify as a “gun nut.” And I have had innumerable arguments with liberal friends about the Second Amendment. My views are unfashionable in some of the circles in which I travel. I believe, and have always believed, that despite the National Rifle Association’s faults, the organization is correct about the core purpose of the Second Amendment: to prevent government tyranny. And because tyrannical governments can be either liberal or conservative, the Constitution protects those on the left and right equally.

Some time before he was shot dead in Utah, Charlie Kirk said, now infamously, that it was worth accepting “some gun deaths every single year so that we can have the Second Amendment to protect our other God-given rights.” Many of his critics dredged up that quote following his assassination, noting the irony and suggesting that his manner of death disproved his argument. I agreed with Kirk about very little, but about this he was right: The blight of gun violence is a uniquely American tragedy. But the Second Amendment is a uniquely American freedom, and in fact is the very thing that makes possible all the others.

Some pro-gun organizations are already taking a stand: “Every peaceable Minnesotan has the right to keep and bear arms—including while attending protests, acting as observers, or exercising their First Amendment rights,” Minnesota’s Gun Owners Caucus wrote in response to today’s killing. “These rights do not disappear when someone is lawfully armed, and they must be respected and protected at all times.” Gun Owners of America, meanwhile, observed that the “Second Amendment protects American’s right to bear arms while protesting—a right the federal government must not infringe upon.” Despite touting itself as a staunch defender of American gun rights, however, the Trump administration appears to be taking a rather different tone. “Thank God for the patriots of @ICEgov,” Secretary of Defense Pete Hegseth posted on X, showing no concern that a federal agent emptied his magazine into the back of an apparently law-abiding, gun-owning American who seemed to have been safely disarmed. “You are SAVING the country.”

Whether they lean right or left, are pro-immigration or have more restrictionist views, my fellow gun owners should understand the message that is being sent by this administration: If you exercise your constitutionally protected right to bear arms, masked federal agents can murder you in cold blood, simply because an American citizen exercising their Second Amendment rights scares them. This isn’t about politics; it is about the rights that make our politics possible in the first place.

It is not yet clear what exactly Pretti’s own views were, or what motivated him to be on that Minneapolis street. But he knew what the Second Amendment is for: to affirm that Americans are a free people, and free people will not be cowed by masked federal agents. As this country’s gun enthusiasts have long known, freedom means little if you lack the means to keep it. Without the Second Amendment, the Constitution is a bit of parchment. With the Second Amendment, the Constitution is a demand. These rights shall not be infringed.

25 Jan 08:39

¿El FREESTYLE se está muriendo?

by ConPdePodcast
25 Jan 08:34

Matthew McConaughey on How to Fall Back in Love with Your Life | A Bit of Optimism

by Simon Sinek

In a world defined by constant change, reinvention isn’t optional - it’s essential. We often assume reinvention comes from bold leaps or lucky breaks, but actor and author Matthew McConaughey’s story suggests a quieter approach can be far more powerful.

In this episode, Matthew joins me to explore the inner practices that have shaped both his life and his legendary career in Hollywood. From stepping away from romantic comedies at the height of his success to sitting with uncertainty when there were no guarantees on the other side, Matthew shares how learning to get comfortable with discomfort empowered the most meaningful reinventions of his life.

At the center of our conversation is curiosity - self-curiosity. Matthew reflects on decades of journaling as a way to notice patterns, stay honest, and make sense of moments that feel unclear. Rather than avoiding discomfort, he learned to treat it as information to study, learn from, and eventually act on.

We talk about what it takes to stay relevant without losing yourself, why reinvention often requires carrying the risk before anyone else believes in the outcome, and how self-curiosity can become a compass when the path forward isn’t obvious.

Matthew also shares how these ideas come to life in his newest book, Poems & Prayers - a collection of reflections shaped by presence, patience, and the courage to keep asking better questions.

If you’re navigating change, questioning your direction, or looking to grow while remaining true to yourself, this conversation offers a grounded and thoughtful path forward.

This is… A Bit of Optimism.

---------------------------

To check out Matthew’s new book Poems & Prayers, head to: http://www.poemsprayers.com

+ + +

Simon is an unshakable optimist. He believes in a bright future and our ability to build it together.

Described as “a visionary thinker with a rare intellect,” Simon has devoted his professional life to help advance a vision of the world that does not yet exist; a world in which the vast majority of people wake up every single morning inspired, feel safe wherever they are and end the day fulfilled by the work that they do.

Simon is the author of multiple best-selling books including Start With Why, Leaders Eat Last, Together is Better, and The Infinite Game.

+ + +

Website: http://simonsinek.com/
Live Online Classes: https://simonsinek.com/classes/
Podcast: http://apple.co/simonsinek
Instagram: https://instagram.com/simonsinek/
Linkedin: https://linkedin.com/in/simonsinek/
Twitter: https://twitter.com/simonsinek
Facebook: https://www.facebook.com/simonsinek

Simon’s books:
The Infinite Game: https://simonsinek.com/books/the-infinite-game/
Start With Why: https://simonsinek.com/books/start-with-why/
Find Your Why: https://simonsinek.com/books/find-your-why/
Leaders Eat Last: https://simonsinek.com/books/leaders-eat-last/
Together is Better: https://simonsinek.com/books/together-is-better/

+ + +

#simonsinek

Chapters
00:00 Intro
01:58 Why Matthew McConaughey Stopped Taking Rom-Com Roles
02:38 Curiosity as a Career Strategy
03:55 Why Better Work Matters More Than Popularity
06:25 When Success Becomes a Trap
08:51 Saying No to What Worked Before
10:08 Bearing the Risk of Reinvention
16:39 Why You Have to Carry the Risk First
19:05 Confidence, Arrogance, and Real Humility
24:22 The Paradox of Selfishness and Selflessness
30:46 Why Checking in With Yourself Matters
34:53 Staying in the Discomfort Long Enough to Change
36:00 How Journaling Turns Shame into Insight
40:20 Entering Work with Reverence
42:01 The Project That Made Matthew Happiest
44:10 Poems & Prayers and Performing Live
45:27 A Childhood Memory That Explains Everything
49:07 Why Self-Curiosity Is the Real Superpower
53:06 Self-Involved vs. Self-Curious
25 Jan 08:33

Quince formas distintas de generar laberintos y verlas en acción

by alvy@microsiervos.com (Alvy)

Quince formas distintas de generar laberintos y verlas en acción

Es curioso echar un vistazo a Algoritmos para Laberintos, donde se muestran 15 formas de generar laberintos*. Aunque no todos son visualmente agraciados ni «complicados» desde el punto de vista de su resolución, explica todas las formas más o menos habituales de construirlos con un ordenador. Son algoritmos tanto clásicos como modernos, de código abierto y con animaciones paso a paso.

En total hay 15 algoritmos diferentes, cada uno con comportamientos y resultados claramente reconocibles. Se ofrecen en tres tamaños a partir de una retícula de 5×5, 15×15 y 25×25. Mis favoritos son el Recursive Backtracking y el Hunt and Kill. El resto me parece que generan caminos demasiado sencillos, que se acortan en uno o dos pasos y son casi triviales de resolver.

El código fuente completo está disponible públicamente en GitHub (CoffeeScript Mazes) y acompaña al libro Mazes for Programmers, que enseña los métodos desde un punto de vista práctico y que seguramente gustará a quienes les apasionen estos temas.

Entre los algoritmos incluidos hay enfoques deterministas, aleatorios e híbridos. Aparecen clásicos como Árbol binario y Sidewinder, métodos de caminatas aleatorias con garantías de uniformidad estadística como Aldous-Broder y Wilson y y técnicas recursivas. Hay combinaciones prácticas como el algoritmo de Houston, que mezcla el Aldous-Broder y el Wilson para ganar velocidad a costa de perder uniformidad.

_____
* Hay una diferencia sutil entre maze y labyrinth en inglés, palabras para las cuales solo usamos «laberinto» en castellano. Un labyrinth tiene una sola ruta sin bifurcaciones y no es difícil de seguir; solo tiene un entrada y una salida y pueden tener ciertas connotaciones «espirituales». En cambio los maze son más enrevesados, con muchas opciones y rutas que tomar, puede estar diseñado para ser más o menos difícil, quizá tenga varias entradas y salidas y son los que se utilizan en los experimentos científicos.

Relacionado:

# Enlace Permanente

25 Jan 08:33

Una galería que explica decenas de formatos de archivo, para desentrañar cómo están codificados

by alvy@microsiervos.com (Alvy)

Una galería que explica decenas de formatos de archivo, por si necesitas desentrañar cómo están codificados

La Galería de formatos para Kaitai Struct es una explicación de las especificaciones de un montón de formatos binarios («tipos de archivo» sería otra forma de llamarlos) y cómo entender qué contienen los archivos, byte a byte, de forma relativamente sencilla.

De hecho aunque Kaitai Struct es un lenguaje para describir formatos de datos, no es necesario utilizarlo para aprovechar este estupendo recurso. La galería contiene las especificaciones de decenas de formatos, explicados a nivel de bytes y binario, y también a modo de guía visual. Así que nada de tener que ponerse a picar y compilar código sin saber cómo funciona todo.

Una galería que explica decenas de formatos de archivo, por si necesitas desentrañar cómo están codificados / DBF

En la lista de formatos, agrupadas por categorías, hay archivos de imagen, bases de datos (incluyendo el legendario .DBF de dBase, que se usaba en 1982, literalmente el «año de Naranjito»), ejecutables, sistemas de ficheros, protocolos de red, contenedores multimedia, etcétera. Estas especificaciones están escritas describiendo campo a campo cómo está organizado el formato en binario: sus encabezados, tipos de datos, longitud de registros y repeticiones. Están las tipografías TTF o de las imágenes BMP y los frames de las redes Ethernet.

Esta galería es, en cierto modo, es como la piedra de Rosetta de los formatos. Lo mejor es que además de usarlo en Kaitai también se incluye código para analizar los archivos en diferentes lenguajes, entre ellos: C++ y C#, Go, Java, Perl, PHP, Python, Ruby y Rust. Así que quien necesite usar alguno de estos formatos por razones prácticas, o incluso históricas, lo tiene fácil, sin tener que escribir todo el código desde cero.

# Enlace Permanente

24 Jan 21:10

Jerusalén Oriental: Aumenta la expulsión de palestinos

by Free_palestine

En muchos casos, las viviendas desalojadas pasan a manos de colonos israelíes o se usan para proyectos turísticos y de asentamiento, erosionando aún más la presencia palestina en zonas clave. En tanto, la expansión de asentamientos agudiza el aislamiento de la ciudad del resto de Cisjordania y profundiza la segregación, alerta ONU Derechos Humanos.

etiquetas: cisjordania, jerusalén, expulsión, palestinos, aumento

» noticia original (news.un.org)

24 Jan 21:10

Rescatadas 12 personas en Cotos este viernes por la noche: subieron a la sierra sin planear su regreso

by mmlv

Un grupo de 12 personas tuvo que ser rescatado anoche en el Puerto de Cotos tras quedar completamente aisladas y sin posibilidad de regresar a sus domicilios. Los excursionistas habían subido a la sierra a lo largo del día para disfrutar de la nieve, pero no habían previsto ni asegurado el transporte de vuelta antes de que las condiciones meteorológicas empeoraran y los servicios de transporte público finalizaran.

etiquetas: madrid, puerto de cotos, rescate, nieve, imprudencia

» noticia original (zonaretiro.com)

24 Jan 21:09

Un hombre muere en Minneapolis tiroteado por la policía en plena crisis por las redadas antiinmigrantes de Trump

by ClaraBernardo

Un hombre ha muerto este sábado tiroteado por un agente de la policía federal de Estados Unidos en Minneapolis, según ha confirmado el jefe de la Policía de esta ciudad, Brian O’Hara, en declaraciones al Minnesota Star Tribune. Es la segunda persona que fallece por disparos de la policía en la capital de Minnesota en tres semanas: el 7 de enero, una mujer de 37 años, Renee Good, murió tiroteada por otro agente después de participar en unas protestas contra las redadas anti migratorias

etiquetas: hombre, muere, minneapolis, policía, trump, ice, redadas anti migratorias

» noticia original (elpais.com)