OpenBSD VPN DNS
In my lab I have two network segments. The first is dedicated to Wifi and the
second is wired. The Wifi network is for ...
OpenBSD 7.0 RaspberryPI Setup
I have an 8GB Raspberry Pi (model 4-ish). Granted I no longer like my rpi hardware... for the price they really cannnot...
If I Were Q
> If I were Q this is exactly how I would do it! -Jimmy Kimmel
Rich Dad Poor Dad Author Holds Gold Silver Bitcoin
As yesterday was "stress awareness day" and a hacker at some rightwing-nut publication sold my cell number
to some phis...
Follow the Money Bitcoin
I'm still pulling my bitcoin hair out. I think if people truly understood all the moving parts they
would stay the hell...
4G LTE 5G WTF
I life and work in a cellular blackhole and if it were not for WiFi-Calling I would be forced to use
smoke signls inste...
Things You Do Not Know About Crypto Currency but should
I'll admit it from the beginning that I have no proof I just know it to be true. (Thanks Bill Maher). Buying into BTC
OpenBSD Restarting Relayd
It seems really strange to me that I cannot find this post... So I had to write it myself.
> The "OpenBSD way" is read...
VPN or Bastion Host? That is the question.
I wanted to say something like "I'm not going to discuss my security" but then that would contradict the title of the p...
Principle of Least Privilege
I was reading a doc [Security in Chrome OS](https://chromium.googlesource.com/chromiumos/docs/+/HEAD/security/chromeos_...
Pop_os Getting Attention
There is no doubt that POP\_OS is getting a lot of attention. They certainly have put a lot of
polish on Ubuntu... but ...
Should You Pass Along Swipe Fees to Your Customer
The answer is a resounding NO.
Without any explanation I just received a letter from one of my vendors who said that ...
OpenBSD Syspatch Pkg Update Tanked by Letsencrypt CA Expiration
I fell into the post about the letsencrypt CA expiration Sept 30. I mentioned it to my team
and effectively I was told ...
Mixing Http Https Relay
Sadly `relayd` has not been updated in 2 years and the email address for the main contributor is no longer responding. ...
Openbsd Relayd Httpd My App
I have an openbsd system running with relayd and httpd and letsencrypt... and not it's time add an
Installing FreeDT on OpenBSD. [FreeDT](http://offog.org/code/freedt/)
mkdir -p /service
mkdir -p /s...
Robots Moving Free Space Autopilot
I have yet to implement anything using AI like tensor flow... but as I sit here watching the boston
dynamics videos and...
OpenBSD 6.9 Lenovo Ideapad 3 14
HEADLINE: I was able to install OpenBSD 6.9 onto a Lenovo Ideapad 3 14.
It was pretty simple as installations go but t...
I'll say it again... I like my ChromeOS devices. But I also hate them. I do not know how many Linux
kernel programmers ...
Touch and Pen
I have owned a Google Pixel for several years and I fully expect it to hit end of life in the next year or so. Maybe.
I never knew EXACTLY what `Moore's Law` said but essentially "power doubles"... Thanks to google I see:
> Moore's law ...
The Case for VPS(cloud)
I've deployed various OSs on both on-prem (VMware, OpenStack, virtualbox, vmm, ...) and many VPS services
The new season of laptop envy has begun and it is a very trying time. For many months now I have been
marching toward a...
Certbot Acme Client Wildcard Domain Letsencrypt
I am/was a firm believer in a wildcard domain. Back in the days prior to `Let's Encrypt` you would have
to pay big mone...
Google Support Sucked Now Worse
In the world of Free and Open Source software it has been buyer beware. The same thing applies to Google's domain
Regardless of what ATT says is their 4G/LTE coverage... my home is a wasteland. If I do not put my phone in just the ri...
There must be over 100 OTP authenticator applications on the Google Play Store. Unfortunately
only 4 or 5 have the trus...
Just Not a Lot of Interest in It
Watching the "FreeBSD bhyve intro" on youtube and Grehan made the statement. "just not a lot of interest in it". He
Why a BSD Laptop
The squirrels have reasserted themselves and are chirping at the base of the tree. Over the last 2 days I have been
Downside of Low Code
"low code" as one very serious _Achilles' heel_. The problem with low-code is that it's actually an exercise in filling...
Falicy of 10x Programmers
I'm a pretty good programmer. There was a time when I thought enough of myself to think I was a 10x
programmer and I'd ...
Laptop Tablet Desktop
I have several laptops, tablets and desktop computers. My daily driver is a laptop with 4 external
monitors. I like bei...
CVE Says What?
I find it funny and ironic that geeks and nerds that decided Windows is buggy and lacks geek-cred
that switched to Linu...
Stop the Vm Maddness
This post has been a long time coming. I have been working on VMs like VMware, VirtualBox, Proxmox,...
Chromebook: How Much RAM
I would like to know what the percentage of chromebooks and the amount of RAM they have installed. I know that for basi...
Made for ChromeOS
Taking the dog for the evening constitutional I was reading an article which had the headline
"Opera for ChromeOS". To ...
ChromeOS Linux Openvpn Split Dns
The OpenVPN documentation is frustrating on the topic of split-dns because the author(s) seem to play both sides.
HA Vms and Multipath iSCSI
Both Proxmox and vmWare talk about High Availability(HA) and hot migration from host to host. One way they claim to be
There is a youtube channel "My Playhouse"... I do not know much about this person but he must
have $200-500K invested i...
Github Copilot What Does It Mean
Some times I get caught in a rant so let's see how this one goes.
Watch the movie, numbers, and it's a story as old as...
Pop_os Review of Reviews
What is pop\_os? It's stock ubuntu desktop linux with a facelift. Why stock ubuntu? That's because
system76 deploys ub...
Golang Support for Fossil-scm
Golang is a good programming language. First of all it's not `c` although I can make a case for moving back to `c`. Sec...
Answering this question is a pain in the ass and frankly it's basically the same reason
why people hire me. Sadly the #...
Server Side Webassembly
I'm not certain how I got to the point where I was asking myself about WebAssembly on the server. The search results
Nyxt Lisp Browser
I just watched a few minutes of a video talking about the Nyxt browser. The browser seems to be implemented in lisp
Rust in the Linux Kernel
Google has been telegraphing that it's going to accept or start working with rust in the Android kernel and now there
Tiny Operating System
The last few days I have been looking for a tiny os to fill the gap between BSD, Linux, chroot/jail, and virtual machin...
Minimal Operating Systems
I really liked RancherOS not because of the docker integration but the footbrint and boot-times. In recent
days I've ha...
Truenas vs Synology
Lawrence Systems did a good comparison between TrueNAS and Synology DSM. I do not have many complaints about his conten...
Intel Nuc Pci Slot0 Timeout
I'm not able to install OpenBSD 6.9 on my Intel NUC i5. It's a few years old so I'm kinda surprised that
OpenBSD will n...
Certified by Best Buy Expert Sucks
I purchased a Samsung Galaxy Chromebook from Best Buy. It was supposed to be a "Certified" machine... all the parts and...
Update Update Update
People used to complain about Microsoft Windows updates. They took so long and many were buggy. It was interesting that...
OpenBSD Is the tuner of Operating Systems
I like OpenBSD and I like what they stand for and how they get there. But unfortunately I keep running into showstopper...
I'm pulling my hair out trying to get any of my OpenBSD 6.8 or 6.9 systems connect to my Synology NAS with iSCSI suppor...
Learn Something New Every Day pkg add OpenBSD
From the learn something new catalog.... I have been struggling with orchestrating my OpenBSD deployments. It's certain...
State of Work; My Environment
## Preface and Background
- a security expert or researcher
- an Operating Systems expert
- a Cloud expert...
Never Too Late
I have been chasing the VPC-internet-gateway as described by DigitalOcean. There is nothing complicated about the syste...
"Justified" was a great Texas Ranger TV series. Justified is also how I'm feeling now about my decisoin to abandon Linu...
OpenBSD vmm Gateway
UGH! There are those days when I feel like Charlie Brown trying to kick a fieldgoal while Lucy is holding... and I know...
Virtual Machines Jails Chroot Docker
Will Dell actually spinoff VMware? What does that mean to you/me?
I use VMware almost exclusively for my development a...
Why Not BSD
I have been a longtime BSD admin. I got my start a long time ago when working on commercial firewalls. It's easy to get...
Will I Ever Use Nim
There was a time when I thought that `nim` checked a number of boxed. That was until it was discovered that it was bein...
Merge Sqlite and Tclsh
I've mentioned my DSL strategy before ... and while I'm comfortable with bash I'm getting more reliant on tclsh because...
PHP Fail Now What
I've been touting the benefits of my TCL inspired DSL for a couple of years now. In fact I have never liked DSLs in prin...
What's in a project name? EVERYTHING. Naming a project "carrot" or some other wacky name is a crazy waste of time. Whil...
What Is Your Next Language
I still think that there is a chance we will see a technology pandemic... see solarwinds et al. Over he last year I hav...
If you had to implement a dashboard what would it's purpose be? I'm looking at some bootstrap dashboards and some
M2 Warranty Warning
PRIVACY WARNING... One of the things I really like about ChromeOS is that I can configure, upgrade and powerwash as sim...
Chromebook i7 Cores
I wanted to be an early adopter of the ChromeOS echosystem when the early CX devices were available. Unfortunately,
Your Toolchain Hacked
Be honest... what are the chances that your toolchain has been hacked or trojaned? As I've mentioned time and again
There is so much that we do not know about the SolarWind hack and that we are not likely to ever know... But given the
What should we learn from the Solarwinds hack... that bad actors can be patient and are playing the long game. Also, th...
To the point... micro-services solve some problems and create a lot more. But let's start at the beginning...
CentOS Stream Who Cares?
There is tons of hoopla surrounding CentOS going all 2019-stream _but who really cares?_ Look, there is nothing
Third Party Dependencies
When I started writing code using golang there was no need for a library vendoring solution. There were very few to tru...
What is a monolith?
> defined: "a single great stone often in the form of an obelisk or column" --Webster
But to be c...
The Case for Dsl
In the video "why software engineers disagree about everything"... reason #2 is "high switching costs".
That is the nu...
LinuxKIT or Commercial Linux
Deploying commercial grade linux saves a lot of time in the short term but what's it good for in 2020?
Back about 20 ye...
Micro Services Got It Wrong
There was a time when I was sucked into microservices and then there was a time when I was repusled.
> I spent the fir...
Virtual Machine Swap
Looking at one of my VMs I see that I've used about 50% of my swap space. Swap space on a VM is a killer. The competiti...
Rule number one... know what system resources you need. Rule number two... know what decisions you make
could offset th...
Why Puppet Ansible or Other
I've tried to use Puppet and Ansible to orchestrate large enterprise systems and it's just no fun to use. All those fra...
Fedora IoT Is Not IoT
I really wanted to run my microservice on Fedora IoT. But alas it's not IoT. The idea that Fedora IoT expects
Fedora Is No Red Hat
I said the same thing about CentOS... Fedora is not Red Hat.
Both Fedora and CoreOS have great reputations but should ...
CentOS Is No Red Hat
What is CentOS? Well, it's a linux based operating system forked from the open sourced parts of Red Hat. More important...
Since I started my progrssional career before the internet I learned by reading books. Until a few years ago I maintain...
Many years ago when the "internet" was just a bunch of BBS', AOL, Compuserve, and ham radio packet networks I deployed ...
Only Tool Is a Hammer
The saying goes... _if your only tool is a hammer then all your problems look like nails._ By extension
a speaker at th...
Why on earth does `linuxkit` not have a million stars? I'm perplexed by the number of container-based projects that are...
OpenBSD Encrypted Microsegments With Wireguard
Everything I have been reading about wireguard suggests that most prople use it as a replacement for VPN. Meaning
Next Best Programming Language
I'm not sure why java and python are at the top of the list according to github metrics. There is something
Pulling My Hair
I'm pulling my hair out trying to clarify my POV on production network security. To reiterate there is
something to be ...
Fun Facts for the Day
Client/server notation indicates who initiates the connection and who sits around waiting. Wireguard seems
to work best...
Securing Microsegment Connections
I'm losing hair trying to reconcile _Zero Trust Architecture_ and _Secure Authenticated and Authorized Connections_.
Which Container OS
Rancher did a simple [comparison](https://rancher.com/blog/2019/comparison-of-container-operating-systems/)
of OS' capa...
Zero Trust Network
_Zero Trust Network_ has a new meaning to me. "It's an architecture not a product". The theme presented in a 2019 talk
Zero Trust Networking
What a complete mess! I'm researching Zero-Trust, SDN, Containers and VMs and frankly it's a mess of marketing
Is Vmware Really That Good
What are you really getting from ESXi that you cannot get from a homebrew of the same? Sure there is something to be
Orchestration and Virtual Hosting
I'm building some orchestration tools built on `govc` and my own project `runnable-markdown`. It works; but from a prod...
Pi Now Pt4
Now that the videos have been migrated to the AP it's time to process the videos. It's just not clear how to