Josh asked me the other day about how we backed up early hard disks when we didn’t have small portable drives, the internet, NAS, or writable DVDs. I started telling him about my teak box with the tambour top that held 50 (or was it 100?) 1.4MB 3½” floppy disks. I remember a routine of running a backup program while feeding disk after disk into the machine for an hour or two every day.
One critically-important aspect to running WordPress sites is keeping everything up-to-date. Not just the WordPress software itself, but themes and plugins. I wrote a quick script to keep everything tidy; it runs as a
cron job, and it runs often.
There are a number of cool-looking thumb drive holders around, but I decided to roll my own using FreeCAD and my 3D printer. It holds six drives with space in the middle for any loose caps. Continue reading
My internet went down on Saturday. The very friendly and competent folks at Consolidated Communications couldn’t get a truck out to fix it until today (Monday), so we had to spend the weekend limping by with mobile data.
It turns out an animal had chewed through a couple of cables under the house. It’s the first significant failure of my service here in 15 years, and they fixed it quickly and efficiently. Both the phone staff and the field tech were awesome.
I went to my second Defcon 916 meeting yesterday. They did a great hands-on demonstration of remotely obtaining a root shell on a slightly-misconfigured GNU/Linux web server.
The principles are largely the same as from my hacking days in the 1990’s, but the tools… there’s a brave new world of resources for the would-be pwner.
I also realized it was the first time I’ve done any kind of hacking when there was someone else in the same room.
Yes, I am one of those Linux jockeys who loathe systemd. Why? In a nutshell, I have had more unscheduled downtime directly attributable to systemd than all other downtime combined over the past fifteen years.
I have one whitebox router I built that loses its iptables settings on reboot, leaving this web site and a few others unreachable until I sign on and manually reset the iptables rules. Naturally, I blamed some systemd weirdness. As it turns out, it was due to a small init script I had written to work around a bug systemd had when it was first released. So, though the mistake was actually mine, it wouldn’t have happened if there hadn’t been an opaque bug in systemd.
I just hope the Devuan gets the ongoing love it deserves.
I attended DEFCON 916 today, a local group of hackersorts. I haven’t been to a DEFCON since near the beginning (1997, IIRC) but there seem to be few local events for the geeky crowd. I’ve been doing my infosec work in almost total isolation since moving to Sacramento, so it was nice to meet some of the tribe IRL.
I struggled for years with SSL certificates. They were often expensive, limited, and most of the CAs I had to deal with seemed kind of… sleazy. I remember it taking weeks and way too much money to get my first certificate for the now-defunct ssl.guerillaphysician.com domain. I’ve always felt, though, that SSL/TLS should have been the default web protocol from the beginning.
I just renewed my membership to TidBITS. If you’ve never heard of TidBITS, you should check them out. They have been publishing continuously online for 28 years, and their content is second to none. They also host an amazing online discussion list, TidBITS-Talk. The site’s content is focused on Apple news and technology, but the quality of the journalism is so high and the coverage is broad enough that there is likely something there for everyone.
Membership is completely optional, so check it out. It is not hyperbole to say that TidBITS has improved the quality of my life every week for the past quarter century.
Ha! It just occurred to me that I have now embraced three technologies that I have heretofore avoided: WordPress itself has had a number of security issues, and PHP and mySQL have a level of configuration complexity that can lead to vulnerabilities. But that’s history, right? At least I am isolating these technologies on their own physical box away from sensitive information. Time will tell.