Technical Writing Samples

The following are selections of my technical writing, including conceptual explainers and developers tutorials.

For my tech journalism work, see my VentureBeat author page.

My research-oriented writing on consciousness, evolution, and artificial intelligence can be found here

Selections on Cloud Security:

These are examples of my work on cloud security, adapted from pages I authored for the CockroachDB open source documentation.

• How do Transport Layer Security (TLS) and Public Key Infrastructure (PKI) work?
• Manage PKI certificates for a CockroachDB deployment with HashiCorp Vault
• Using HashiCorp Vault’s Dynamic Secrets for Enhanced Database Credential Security in CockroachDB

Blockchain Node Operations

This is a user guide for the transaction indexer for Gno.land, Go language-based blockchain. The transaction indexer is a foundation of data-rich blockchain ecosystems, allowing efficient queries by off-chain apps.

• Gno.land Transaction Indexer User Guide

This tutorial walks a user through getting started with Hedera Local Node, a minimal local deployment of Hedera, a high-performance block-chain-alternate distributed ledger technology based on the hashgraph consensus algorithm. This setup offers a way to locally test Web3 smart contracts in a performant, ethereum-compatible runtime.

• Deploying Hedera Local Node

Kubes for Noobs: An Introduction to Kubernetes

This tutorial offers a conceptual introduction to Kubernetes, and then guides the user through a hands-on, beginner-level exercise using Kubernetes and Google Cloud to create a compute cluster and deploy a simple web application:

• Kubes for Noobs: An Introduction to Kubernetes

Some Cloud Operations Problems and Remediations

The following two writing samples are instructions on how to fix common shortcomings for small organizations with cloud-based compute infrastructure. Each problem has remediation instructions for both Amazon Web Service (AWS) and Google Cloud Platform (GCP).

• Problem 1: Insufficient errors monitoring

• Problem 2: Insecure credential handing

Risk Assessment and Remediation for AWS-managed SecurityAudit IAM Policy

Amazon offers a managed Identity and Access Management (IAM) policy, named SecurityAudit, designed to grant a security auditor privileges sufficient to perform security auditing functions. However, granting infrastructure access privileges should always be carefully considered, especially when the user would be someone outside of the organization or company. As an organization performing audits, is it appropriate to ask for these permissions? Does granting the privileges contained in the SecurityAudit policy expose a client organization to increased risk of leaking their customers’ personally identifiable information (PII), or otherwise endanger their compute environment or information assets in the case of irresponsible or malicious use of the permissions by the granted user, i.e. the security auditor?

This document addresses those questions and recommends ways of fine-tuning the security policy to protect against possible threats:

• Risk Assessment and Remediation for AWS-managed SecurityAudit IAM Policy