Musings of a Mildly Misanthropic Technologist.

October 31, 2019 @15:00

Another year of Podcasts It is that time of the year again, so below is a list of my favorite podcasts this year. As previously, and previously I am not throwing shade on any previously mentioned podcasts. I am still very much enjoying the ones that are still running. I will call out a couple previous podcasts that stood out to me this year, but think of this exercise as additive.

More (10%) …

Original: September 26, 2019 @13:58
Edited: March 11, 2020 @14:55

Edit: March 11, 2020

There appears to be some behavior in the USG's configuration system that made it seem like the below Just Worked with intermediate certificates, however it doesn't. A software update exposed that weakness. Everything else seems to hold true even in version v4.4.50 (current as of now). See this post for the updated information on intermediate CA certificates.

More (12%) …

September 17, 2019 @09:24 circa 2002 I registered my first domain name in 2001 ( and though I had several of those dyndns style names for a few years prior that is where I put up my first blog. In 2015 I got tired of spelling out my e-mail address and got

More (20%) …

September 09, 2019 @11:17

I have been in a mood lately. I've had a couple projects converge to come crashing down all at once. So while fighting the infrastructure changes needed to switch to LetsEncrypt, updating my own internal CA to support modern standards, remodeling a spare bedroom in the house, and trying to organize my password manager I found myself re-reading ancient blogs.

More (11%) …

September 07, 2019 @19:30

So over the last few days I've done a bunch of work on the software that generates the website. It has remained mostly the same since I originally wrote it with the exception of a small refactoring when I moved the publishing workflow over to Docker. After looking at the timing metrics I decided that the various index pages get too damn big even with only 15 articles per page. They often take several seconds to get to DOM Interactive, which... is stupid.

More (35%) …

September 03, 2019 @21:48

Every now and then I decide to throw one of Apple's betas on one of my devices. This time I've been running the iPadOS beta on my iPad Air Generation 3 since the public preview started for 13.0. I like a lot of the features (ok, mostly dark mode) but as is the case with most of the betas there have been a few bumps along the way. The most notable is the behavior of the Home Control privacy setting that I noted back in the iOS 11.0 and iOS 11.2 releases.

More (35%) …

August 19, 2019 @11:23

Late last May Ubiquiti released the v 4.4.41 update for their UniFi Security Gateways and it promptly broke my VPN tunnel. I didn't have time to dig into it at the time so I just rolled back to the previous 4.4.36 release which worked swimmingly. At the end of last month they released the 4.4.44 version with several security fixes so I decided to devote some time to it today.

More (14%) …

August 16, 2019 @11:23

iPad2 Version I was cleaning out my workshop a while back and came across my stash of old hardware. In the pile was a perfectly serviceable iPad 2. Now I say serviceable, but the reality is that while it powers on and works it is stuck at iOS 9.3.5 (so good luck finding App Store apps that will work), and is pretty slow (well, it's a dual core Cortex-A9 @ 1GHz but that is slow these days). Thankfully XCode still supports targeting iOS 9.3 so I set about writing an app to put this thing to use. About the only thing I could think of that I would actually use this thing for is... a digital picture frame.

More (15%) …

August 12, 2019 @14:45

IPv6 vs HTTP/2.0 About 8 months ago I augmented the AWStats based monitoring of my web sites with an InfluxDB, Grafana and JavaScript solution to collect user agent metrics. In looking at the data the thing that jumped out at me the most was the rate of adoption of HTTP/2.0 versus IPv6.

More (23%) …

July 10, 2019 @16:00

git push output Hooks are a great way to execute various tasks as part of your git(1) workflow. Since I run my own repository server I have plugged a number of different things into my repositories, both private and public. There are several previous posts where I discuss some of them.

More (22%) …

June 25, 2019 @11:31

I am sure I am in the minority of mobile users (though probably not a small minority these days, especially among the technically apt) in that I try to only use mobile applications where they provide a large amount of concrete value over the mobile website. The inability to sanely audit applications in conjunction with their ability to exfiltrate way more data than a mobile website raises the bar I set to a much higher level.

More (37%) …

Original: April 04, 2019 @09:35
Edited: October 19, 2021 @11:30

I have mentioned a few times that I rely on OpenBSD VPNs to ensure that clients outside of my home network get the same level of protection as they do inside. This means that I can use already existing DNS and proxy infrastructure to prevent various malvertizing, tracking, beacons, and poorly behaved applications and websites from leaking personal information, and I can prevent wifi hotspots from analyizing my traffic or injecting JavaScript. Creating the actual infrastructure is out of scope for this post, but I did previously post some information about what the DNS configuration looks like.

More (8%) …

April 02, 2019 @18:10

I really don't want to sound like the old man yelling at a cloud here; however, sometimes you need to. When DRM first appeared as a way to sell digital goods on the Internet and prevent the dreaded piracy and sharing that was certain to be the downfall of all capitalism and hurl us into the darkest night, the Internet was, as you might expect quite put out.

More (15%) …

February 20, 2019 @10:21


UniFi Speedtest Ubiquiti's UniFi platform has the ability to run scheduled speed tests to keep an eye on your ISP's throughput from their USG router at a site. I discovered this back when I finished converting the network at the office over to UniFi and have been wanting to replicate this functionality at my other locations where I use OpenBSD routers. Currently I aggregate the data from those devices into my new Grafana-based monitoring platform which I wanted to continue to use so I could have a consolidated view into the infrastructure.

More (22%) …

January 28, 2019 @21:01

Why are you a green bubble?

People often ask me why I have so much of the features of my phones turned off. My iPhone has iCloud, Siri, FaceTime and iMessage all firmly disabled and have since I originally setup the phone, my Mac has never signed into iCloud, and my Android phone has just about everything including Google Play Services disabled. My personal philosophy is that if it doesn't provide me with value, I disable it.

More (47%) …

Subscribe via RSS. Send me a comment.