Original: October 31, 2018 @21:50
Edited: August 15, 2019 @21:00
I have been looking for reasons to try Docker on
one of the random stack of un-used Raspberry Pis
that I have laying around and thought it might be fun to build a little
travel router. Somehow that morphed into lets get
Tor working on here and then well if I can
get a client, and a relay, why not an onion service?
More (4%) …
September 27, 2018 @11:30
I was making some firewall changes last weekend and while watching the
logs I discovered that every now and then some host would try to connect
to 169.254.169.254 on port 80. This was peculiar since I don't use the
IPv4 link local addresses
anywhere in my network. It seemed to be happening randomly from all of my
Linux hosts, both physical and virtual.
More (9%) …
September 16, 2018 @15:00
I installed one of the Mojave
public betas last week on the Mac Mini I have in the office. I used it
as an excuse to finally tweak a
I wrote for customizing macOS out of the box.
More (10%) …
September 15, 2018 @16:40
For a while now I've used a Yubikey Neo as a PIV card to authenticate to
my public facing hosts. This is fairly straightforward but requires
a host with OpenSC on it. In my
I have a function called add_smartcard which will add the PIV driver
to the ssh-agent. This means I actually authenticate with the key that
was generated in the Yubikey and not my password.
More (11%) …
Original: September 03, 2018 @20:31
Edited: September 04, 2018 @23:30
So, I mentioned a while back that
I watch Acquisitions Inc on the yubtubs. Well
through there I also started watching Dice, Camera, Action.
During the Stream of Many Eyes event there was a DCA
episode featuring Travis McElroy and that reminded me of the fact that I
have had The Adventure Zone
languishing away on my iPhone for a while now, un-listened to. Now I'm
pretty terrible about keeping up with podcasts (there is so much good stuff
out there to listen to and watch these days) so I just wanted to toss out
a few words about what happened next.
More (27%) …
September 02, 2018 @12:45
Recently I had a rental VW with the fancy new radio in it and I figured
I'd give CarPlay a shot.
More (66%) …
August 29, 2018 @09:20
I've been stewing about this for a while and have not yet found an
alternative so this is part rant part dear lazyweb plea.
More (10%) …
August 27, 2018 @17:10
For a long time now the core of my ad blocking strategy has been squid
and privoxy running on my OpenBSD routers. Mobile devices VPN into the
network and receive a proxy.pac which routes all traffic to these proxies
which reject connections to known ad hosts. With the growing adoption of HTTPS
(thankfully) privoxy is becoming less and less useful so I have been trying
to find better ways to block ads at the networking level.
More (11%) …
August 26, 2018 @11:30
I know I'm not 'average' when it comes to my opinions about technology.
I imagine this has to do with growing up with technology that was much
more simplistic than it is today. Compared to modern software and
hardware the NEC PowerMate 286 running DOS 6.0 that I learned to program
on was extremely simple. Not that it wasn't powerful, but it didn't have
any designs to hide things from you. You had access to the hardware
directly, and all the memory, and all the peripheral I/O space. You were
able to completely control the system, and even understand exactly what was
More (16%) …
August 25, 2018 @12:00
Ubiquiti has discontinued UniFi Video and I do
endorse its replacement. More information may
be found in
Since I installed the first bits of the
Ubiquiti UniFi family of products in my network
I have been impressed. They have never failed to meet my expectations.
I have written several articles about some rather advanced configuration
and implementation details:
More (11%) …
July 25, 2018 @20:00
A couple days ago I wrote a bit about setting up
a new Ubiquiti
UniFi Security Gateway, and
after living with it for a bit I have a few additional notes.
More (15%) …
July 20, 2018 @16:45
I have several physical locations linked together with VPN tunnels. The
central VPN server runs OpenBSD with iked(8). I also have several
roaming clients (iOS and macOS) that terminate client access tunnels to
this system so I am loathe to make breaking changes to it. The site to
site tunnels run a gif(8) tunnel in IP-over-IP mode to provide a
layer 3 routable interface on top of the IKEv2 tunnel. My internal tunnels
run ospfd(8) and ospf6d(8) to exchange routes and my
external site to site tunnels run bgpd(8). Most of my internal
sites use OpenBSD as endpoints so configuration is painfully simple,
however in my office at work I have been using a MikroTik RouterBoard
RB951-2HnD. This has worked well enough but lately it has been showing
its age, randomly requiring manual intervention to re-establish tunnels and
flirting with periods of unexplainable high latency.
More (19%) …
July 12, 2018 @20:47
I enabled HTTPS on this website
just under a year ago. If you follow
my blog you know that this is a static website,
and since there appears to be a bit of an uproar in the web community over
HTTPS right now I figured I'd simply weigh in.
More (21%) …
April 06, 2018 @14:30
I had occasion today to install some updates on one of my macOS systems
and found myself inconvenienced by a number of applications adding a pile
of dock icons without asking. I don't keep much in the dock on my systems
preferring to use clover+space to launch applications and I don't think I
have touched the dock layout in literally years at this point so I went
searching for a solution.
More (48%) …
March 30, 2018 @10:06
I spent a few hours this week taking a break from
(which is scratching the same itch that Sim City / Sim Tower seems to
scratch for me) and finally got around to playing
VA-11 HALL-A. I really like this kind of
game, a mechanically simplistic story driven world with interesting
characters and design.
More (56%) …