A year or so ago, I was looking for a new phone. I had been using a Google Nexus 6 for two years, ever since I became a beta tester for Project Fi. I loved Project Fi (Google is eversomuch cooler than any other cellular carrier/MVNO in the US), but getting timely updates—even security updates—for the Nexus was like pulling teeth, and they dropped support for what had been their flagship phone barely a year after I bought it. Add to that the fact that there’s no effective private backup solution for Android devices, and I didn’t have any real choice. I had an old iPhone 5 that I had owned for maybe four years, and it was still running the latest version of iOS with all the security updates delivered instantly, while my three-years-newer Android was a security breach waiting to happen.
If you tried visiting this site (or Loose Associations or twoprops.net or Sacramento Medical Oasis, Inc. or…) over the past five days, you’ve probably been disappointed. I took a little trip with Matthew and Joshua to Key West and, as soon as I got about 3,000 miles from home, a network switch decided to die.
Josh asked me the other day about how we backed up early hard disks when we didn’t have small portable drives, the internet, NAS, or writable DVDs. I started telling him about my teak box with the tambour top that held 50 (or was it 100?) 1.4MB 3½” floppy disks. I remember a routine of running a backup program while feeding disk after disk into the machine for an hour or two every day.
One critically-important aspect to running WordPress sites is keeping everything up-to-date. Not just the WordPress software itself, but themes and plugins. I wrote a quick script to keep everything tidy; it runs as a
cron job, and it runs often.
There are a number of cool-looking thumb drive holders around, but I decided to roll my own using FreeCAD and my 3D printer. It holds six drives with space in the middle for any loose caps. Continue reading
My internet went down on Saturday. The very friendly and competent folks at Consolidated Communications couldn’t get a truck out to fix it until today (Monday), so we had to spend the weekend limping by with mobile data.
It turns out an animal had chewed through a couple of cables under the house. It’s the first significant failure of my service here in 15 years, and they fixed it quickly and efficiently. Both the phone staff and the field tech were awesome.
I went to my second Defcon 916 meeting yesterday. They did a great hands-on demonstration of remotely obtaining a root shell on a slightly-misconfigured GNU/Linux web server.
The principles are largely the same as from my hacking days in the 1990’s, but the tools… there’s a brave new world of resources for the would-be pwner.
I also realized it was the first time I’ve done any kind of hacking when there was someone else in the same room.
Yes, I am one of those Linux jockeys who loathe systemd. Why? In a nutshell, I have had more unscheduled downtime directly attributable to systemd than all other downtime combined over the past fifteen years.
I have one whitebox router I built that loses its iptables settings on reboot, leaving this web site and a few others unreachable until I sign on and manually reset the iptables rules. Naturally, I blamed some systemd weirdness. As it turns out, it was due to a small init script I had written to work around a bug systemd had when it was first released. So, though the mistake was actually mine, it wouldn’t have happened if there hadn’t been an opaque bug in systemd.
I just hope the Devuan gets the ongoing love it deserves.
I attended DEFCON 916 today, a local group of hackersorts. I haven’t been to a DEFCON since near the beginning (1997, IIRC) but there seem to be few local events for the geeky crowd. I’ve been doing my infosec work in almost total isolation since moving to Sacramento, so it was nice to meet some of the tribe IRL.
I struggled for years with SSL certificates. They were often expensive, limited, and most of the CAs I had to deal with seemed kind of… sleazy. I remember it taking weeks and way too much money to get my first certificate for the now-defunct ssl.guerillaphysician.com domain. I’ve always felt, though, that SSL/TLS should have been the default web protocol from the beginning.