It is that time of the year again, so below is a list of my favorite
podcasts this year. As previously,
and previously I am not
throwing shade on any previously mentioned podcasts. I am still very
much enjoying the ones that are still running. I will call out a couple
previous podcasts that stood out to me this year, but think of this
exercise as additive.
Edited: March 11, 2020 @14:55
Edit: March 11, 2020
There appears to be some behavior in the USG's configuration system that made it seem like the below Just Worked with intermediate certificates, however it doesn't. A software update exposed that weakness. Everything else seems to hold true even in version v4.4.50 (current as of now). See this post for the updated information on intermediate CA certificates.
I registered my first domain name in 2001 (ub3rgeek.net) and though I had
several of those dyndns style names for a few years prior that is where I
put up my first blog. In 2015 I got tired of spelling out my e-mail address
and got going-flying.com.
I have been in a mood lately. I've had a couple projects converge to come crashing down all at once. So while fighting the infrastructure changes needed to switch going-flying.com to LetsEncrypt, updating my own internal CA to support modern standards, remodeling a spare bedroom in the house, and trying to organize my password manager I found myself re-reading ancient blogs.
So over the last few days I've done a bunch of work on the software that generates the website. It has remained mostly the same since I originally wrote it with the exception of a small refactoring when I moved the publishing workflow over to Docker. After looking at the timing metrics I decided that the various index pages get too damn big even with only 15 articles per page. They often take several seconds to get to DOM Interactive, which... is stupid.
Every now and then I decide to throw one of Apple's betas on one of my devices. This time I've been running the iPadOS beta on my iPad Air Generation 3 since the public preview started for 13.0. I like a lot of the features (ok, mostly dark mode) but as is the case with most of the betas there have been a few bumps along the way. The most notable is the behavior of the Home Control privacy setting that I noted back in the iOS 11.0 and iOS 11.2 releases.
Late last May Ubiquiti released the v 4.4.41 update for their UniFi Security Gateways and it promptly broke my VPN tunnel. I didn't have time to dig into it at the time so I just rolled back to the previous 4.4.36 release which worked swimmingly. At the end of last month they released the 4.4.44 version with several security fixes so I decided to devote some time to it today.
I was cleaning out my workshop a while back and came across my stash of old
hardware. In the pile was a perfectly serviceable
iPad 2.
Now I say serviceable, but the reality is that while it powers on and works it
is stuck at iOS 9.3.5 (so good luck finding App Store apps that will work),
and is pretty slow (well, it's a dual core Cortex-A9 @ 1GHz but that is slow
these days). Thankfully XCode still supports targeting iOS 9.3 so I set about
writing an app to put this thing to use. About the only thing I could think
of that I would actually use this thing for is... a digital picture frame.
About 8 months ago I augmented the AWStats based
monitoring of my web sites with an InfluxDB, Grafana and JavaScript solution
to collect user agent metrics.
In looking at the data the thing that jumped out at me the most was the
rate of adoption of HTTP/2.0 versus IPv6.
Hooks are a great way to execute various tasks as part of your git(1)
workflow. Since I run my own repository server I have plugged a number of
different things into my repositories, both private and public. There are
several previous
posts where I
discuss some of them.
I am sure I am in the minority of mobile users (though probably not a small minority these days, especially among the technically apt) in that I try to only use mobile applications where they provide a large amount of concrete value over the mobile website. The inability to sanely audit applications in conjunction with their ability to exfiltrate way more data than a mobile website raises the bar I set to a much higher level.
Edited: October 19, 2021 @11:30
I have mentioned a few times that I rely on OpenBSD VPNs to ensure that clients outside of my home network get the same level of protection as they do inside. This means that I can use already existing DNS and proxy infrastructure to prevent various malvertizing, tracking, beacons, and poorly behaved applications and websites from leaking personal information, and I can prevent wifi hotspots from analyizing my traffic or injecting JavaScript. Creating the actual infrastructure is out of scope for this post, but I did previously post some information about what the DNS configuration looks like.
I really don't want to sound like the old man yelling at a cloud here; however, sometimes you need to. When DRM first appeared as a way to sell digital goods on the Internet and prevent the dreaded piracy and sharing that was certain to be the downfall of all capitalism and hurl us into the darkest night, the Internet was, as you might expect quite put out.
Goal
Ubiquiti's UniFi platform has the ability to
run scheduled speed tests to keep an eye on your ISP's throughput from
their USG router at a site. I discovered this back when I finished
converting the network at the office
over to UniFi and have been wanting to replicate this functionality at my
other locations where I use OpenBSD routers.
Currently I aggregate the data from those devices into my
new Grafana-based monitoring platform which I wanted to continue to use so I could
have a consolidated view into the infrastructure.
Why are you a green bubble?
People often ask me why I have so much of the features of my phones turned off. My iPhone has iCloud, Siri, FaceTime and iMessage all firmly disabled and have since I originally setup the phone, my Mac has never signed into iCloud, and my Android phone has just about everything including Google Play Services disabled. My personal philosophy is that if it doesn't provide me with value, I disable it.