Matthew Ernisse

September 24, 2020 @16:06

The last few days have been notable largely thanks to the premature failure of a Samsung Evo 860 SSD which corrupted my Windows 10 install. A bunch of faffing about later (in spite of the fact that I have my PC backed up using the built-in Windows backup feature) I found myself having to setup up my user profile again. I should note that I stopped using Windows regularly in the XP time frame so I'm not particularly comfortable with it, but I keep this one system around to run games since gaming on macOS or Linux is for the youth who have not realized how precious their time is yet.

More (9%) …

August 21, 2020 @20:28

There has been much written about the Epic / Apple / Google love triangle currently happening wherein Epic Games (a ~17.3 billion USD valued private company) has purposefully broken the terms of service of Apple (a 2.13 trillion USD valued public company) and Google (a subsidiary of a 1.07 trillion USD valued public company) to create cause to sue Apple and Google over the size of the cut they take under the guise of the app stores being anti-competitive.

More (17%) …

August 14, 2020 @21:59

I've had a UniFi USG-3 in the office for a while now, and I have had a few problems with it over the years. The most recent being a quirk of the configuration system that ham strings certificate authentication with intermediate CAs. You can read about my struggle a little bit in a previous post.

More (19%) …

April 30, 2020 @11:30

... or how I stopped worrying and learned to love Device Tree.

I have been looking around for a long time for a green CRT Wyse terminal to replace one I had many many years ago but got rid of in a move. I finally found a decent WY-60 on EBay so I picked that up at the end of last year. Now that I've had some time on my hands I set about getting it to do something useful.

More (2%) …

April 14, 2020 @13:00

Shortly after Christmas I finally broke down and bought myself a MikroTik Wireless Wire kit to connect my network out to my garage. The kit consists of a pair of wAP 60G units pre-paired for a point to point link. About 3 years ago I installed several Ubiquiti UniFi access points, then after adding UniFi Video to the garage I swapped out a failing Linksys switch with a UniFi SW8-150. Throughout all of this the garage remained linked to the house via the UniFi meshing between the UAP-AC-MESH on the garage and the UAP-AC-PRO in the basement. This worked but was not fantastic as the meshing relies on WDS to extend the WiFi to the remote access point. Since WiFi runs over a single set of channels it is inherently half duplex (eg: the AP and the device both use the same channel for transmit and receive), and by extending my network in this manner the performance on the part of the property covered by the basement and garage access points was not what it could have been.

More (30%) …

March 11, 2020 @15:00

The Problem

So I came into the office this morning and noticed that my Ubiquiti USG-3 had upgraded itself from v4.4.44.5213844 to v4.4.50.5272448 and the VPN tunnel was down. I flailed at a few obvious things, reset the clock since it had lost connection to my NTP server, made sure the configuration didn't get wiped, made sure my certificates appeared to be in place. Everything checked out OK and the logs weren't showing anything so I went and cranked up the debug level in /etc/strongswan.d/charon-logging.conf changing the level of both ike and net to 2 and restarting the daemon with ipsec stop and ipsec start. After a bit I noticed the following in /var/log/charon.log:

More (26%) …

February 16, 2020 @17:57

Buried in a long rant about general Apple screwyness lately I mentioned that I've been having issues with automount(8) in macOS Catalina. I have been periodically poking around at the system to see if I can figure out why the heck it is happening. The general wonkyness already drove me to convert my iTunes Library backup script to using rsync(1) to use SSH as a transport instead of simply copying to the automounted backup folder.

More (21%) …

February 14, 2020 @22:40

I have not really had the time to sit down and have a good rant about Apple lately. I swear that I try not to get too emotionally invested in products but since I end up using one Apple product or another just about every day the annoyance just seems to pile up and eventually I just need to let it out. I will start on a somewhat nice note by remembering that since switching to OSX back around Snow Leopard and iOS back in 2017 it has mostly been a decent experience. At first I really liked having simple access to Unix style tools in an OS that I didn't need to screw around with. I also appreciated the privacy features and consistent user interface in iOS.

More (8%) …

February 11, 2020 @09:30

I was chasing down random errors last weekend in an effort to cut down on the daily deluge of messages from cron(8) and I realized that it had been several months since the Synology NAS I have at work successfully backed up. It only runs once a week so the e-mails largely got overlooked and somewhat shamefully when I came across them I often suspected that the office Internet connection just dropped mid-transfer.

More (15%) …

January 13, 2020 @17:30

Back in 2014 I built a FlightAware ADS-B feeder using a Raspberry Pi and a USB SDR dongle. While all commercial traffic is required to use the 1090MHz 'Extended Squitter' extension to the Mode S transponder as of January 1, 2020 there is an option for the general aviation community known as UAT, which operates on 978MHz and is meant to provide more affordable in-aircraft equipment for aircraft that will not operate above 18,000 ft MSL. Now that adoption is mandatory in US controlled airspace, I wanted to add UAT capability to my surveillance site. Since the 1090MHz feeder uses most of the capability of the Raspberry Pi in it, I decided to use a Raspberry Pi Zero W that I had laying around to build a separate feeder for UAT.

More (28%) …

November 07, 2019 @08:46

Last night I had a need to put together a new OpenBSD machine. Since I already use DigitalOcean for one of my public DNS servers I wanted to use them for this need but sadly like all too many of the cloud providers they don't support OpenBSD. Now they do support FreeBSD and I found a couple writeups that show how to use FreeBSD as a shim to install OpenBSD.

More (26%) …

November 02, 2019 @22:20

I've been using iOS 13 since the public beta and have has some... unkind things to say already. I will pile a few other complaints on as an introduction here to set the tone. The most general one I have is that the random new animations in the UI that seem to periodically result in slowdowns or lost taps. iOS 13.1 had a horrible bug where it would not let you scroll while the selection animation was running in a list view (like in Mail), but at least that seems to be fixed in 13.2. Finally the continuing user anti-experience that I complained about in my impressions of iOS 11 post continues. It takes at least 3 taps to get anywhere useful in half of the stock apps now because of the stupid defaults views. Music and Podcasts are my most frequently used examples of this but the App Store is now totally useless. I don't even think there is a way to just list all the apps in a single category anymore. So good luck if you aren't searching for an app by name or looking for one of the 100 most popular apps out of the however many million apps in there. Good thing Apple doesn't lock you into their App Store for getting software on your device... oh... wait.

More (32%) …

November 02, 2019 @15:20

I think it's pretty clear that I have a pretty large pile of technology laying around. Most of it exists to bend some of the more vile trends in technology to my will (for example, I force everything to use my own DNS resolvers which have extensive block lists and force all requests that go out to the Internet to use DNS-over-TLS so my ISP can't intercept my DNS requests to profile me), but I also believe that if you are involved in technology you should try to host as much of your own online presence as you can.

More (18%) …

Edited: March 11, 2020 @14:55

Edit: March 11, 2020

There appears to be some behavior in the USG's configuration system that made it seem like the below Just Worked with intermediate certificates, however it doesn't. A software update exposed that weakness. Everything else seems to hold true even in version v4.4.50 (current as of now). See this post for the updated information on intermediate CA certificates.

More (12%) …

September 17, 2019 @09:24

I registered my first domain name in 2001 (ub3rgeek.net) and though I had several of those dyndns style names for a few years prior that is where I put up my first blog. In 2015 I got tired of spelling out my e-mail address and got going-flying.com.

More (16%) …

Subscribe via RSS. Send me a comment.