Holy color gradient batman

This is cyberpunk as hell, and awesome.

Unfortunately apple does not expose mac addresses to apps, so iPhone users can’t do it :(

Private trackers disgust me. What kind of pirate turns away from the world, to re-seeding fragments of files they don’t care about to other cowards with slightly slower rss feeds; all for a chance at enough ratio to get the show you want? It’s a country club, with self-validating assholes, dry hot dogs, and tall fences.

The Mainline DHT is the way forward. There is no social credit here. The kids in Africa are starving, and I will throw them as much as I can, kilobyte by kilobyte, for no reason at all, for I too was a leecher once.

Look, the monks in belgium could survive on beer alone for months at a time, and surely coors lite is not that different. I’ll be fine!

I pay attention to credit card readers.

I have gotten to know their makes and some models. I have developed preferences. When I go to a run down establishment and they have a nice reader, I am pleasantly surprised. I know that walmart uses ingenico isc250s, and they do not support tap. I know that dunkin has high quality readers, and sometimes tim hortons does too, but less frequently.

When leaving a place, I might say something like “damn, you don’t see that model of verifone very often”, and my friends will look at me funny.

Semi-related, did you know that most receipt printers have embedded telnet servers in them?

They crave that mineral

Me: “Computer, I’m licking two paperclips that I’ve stuck into the vga port. I’d like to taste the rainbow. Send video to the port, please?”

Computer: “Sure thing boss!”

Me: “Alright, now, can I put my presentation on this projector over hdmi?”

Computer: “No fuck you, hdmi protocol negotiation failed, and I’m scrambling your audio outputs for the rest of the day too”

Had to write a paper in college with 100 citations.

We used zotero for citation management, and it would dump a bibtex file on demand.

The paper was written in markdown, stored in git, and rendered through pandoc. We would cite a paper with parentheses and something resembling an id, like (lewis).

We gave pandoc a “citation style definition”, and it took care of everything. Every citation was perfectly formatted. The bibliography was perfectly formatted. Inline references were perfect. Numbering was perfect. All the metadata was ripped from pdfs automatically. It was downright magical.

At what point does a collection of microservices become a monolith that uses http instead of a bus 🤔

Anything exposed to the internet will be found by the scanners. Moving ssh off of port 22 doesn’t do anything except make it less convenient for you to use. The scanners will find it, and when they do, they will try to log in.

(It’s actually pretty easy to write a little script to listen on port 20 (telnet) and collect the default login creds that the worms so kindly share)

The thing that protects you is strong authentication. Turn off password auth entirely, and generate a long keypair. Disable root login entirely.

Most self-hosted software is built by hobbyists with some goal, and rock solid authentication is generally not that goal. You should, if you can, put most things behind some reverse-proxy with a strong auth layer, like Teleport.

You will get lots of advice to hide things behind a vpn. A vpn provides centralized strong authentication. It’s a good idea, but decreases accessibility (which is part of security) - so there’s a value judgement here between the strength of a vpn and your accessibility goals.

Some of my services (ssh, wg, nginx) are open to the internet. Some are behind a reverse proxy. Some require a vpn connection, even within my own house. It depends on who it’s for - just me, technical friends, the world, or my technically-challenged parents trying to type something with a roku remote.

After strong auth, you want to think about software vulnerabilities - and you don’t have to think much, because there’s only one answer: keep your stuff up to date.

All of the above covers the P in PICERL (pick-uh-rel) for Prepare. I stands for Identify, and this is tricky. In an ideal world, you get a real-time notification (on your phone if possible) when any of these things happen:

• Any successful ssh login
• Any successful root login
• If a port starts listening that you didn’t expect
• If the system watching for these things goes down (have two systems that watch each other)

That list could be much longer, but that’s a good start.

After Identification, there’s Contain + Eradicate. In a homelab context, that’s probably a fresh re-install of the OS. Attacker persistence mechanisms are insane - once they’re in, they’re in. Reformat the disk.

R is for recover or remediate depending on who you ask. If you reformatted your disks, it stands for “rebuild”. Combine this with L (lessons learned) to rebuild differently than before.

To close out this essay though, I want to reiterate Strong Auth. If you’ve got strong auth and keep things up to date, a breach should never happen. A lot of people work very hard every day to keep the strong auth strong ;)

Thankfully not red 40. I’m red 40 maxxing. Give me your gummy worms and fruit punch Gatorade. I’ve had a headache for 3 years but the immunity is building, I can feel it.

I think it’s a D-tier article. I wouldn’t be surprised if it was half gpt. It could have been summarized in a single paragraph, but was clearly being drawn out to make screen real-estate for the ads.

Arch-packaging-haskell moment

It’s really not bad, you just have to rememb

Segmentation Fault - Core Dumped

If I count the roads off the sides, on ramps and off ramps, etc, the highest I can get is 18 lanes. Is this the photo of where it’s 26 wide? I can’t seem to find it.

I work in cybersecurity. This quote is gold and I’m putting it on our office whiteboard.

2014 impreza. No screen at all. I bought a phone mount that shows waze and charges my phone.

I have cruise control and heated seats. And I can operate both with gloves on!

Don’t need a backup cam because my windows and mirrors are good.

I will drive this car until it dies, and then I’ll replace the head gaskets and drive it until it dies again. And then I will replace the cvt and drive it until it dies a third time.

Unfortunately there’s nothing you can do about the NY road salt. The frame will be left, flake by flake, in the gutters of 490. It’s the only thing that can take this car from me, and it is its inevitable fate.

There is no such thing as easy or hard.

Give it a try, fuck it up, and give it a try again. Try not to fuck it up in the same way as the first time. Repeat until it works - it will work eventually.

It took me about 6 hours and 3 disk re-formats my first time. I was particularly bad at it. I barely knew what a disk was, nevermind a partition.

Actually I’m still not sure what a partition is.

You’ll do fine :)

It’s called “Fractional Reserve Banking”. The bank only needs to have about 10% of a loan on hand.

If a bank has $100, they can write a loan for $1,000; effectively putting $900 more into circulation. When that is spent, it gets deposited into a bank, which can then loan it out amplified again.

This could create infinite money, as I understand it. Since there is not infinite money, there must be a gap in my understanding somewhere.