Musings of a Mildly Misanthropic Technologist.

Back in 2018 I deployed a two-tier DNS server architecture on my network to provide filtering to recursive clients. I wrote about it in more detail in a blog post but the short summary is that I was using BIND which conditionally forwarded to Unbound which forwarded to Cloudflare's anycast DNS resolvers. Over the years I grew unhappy with the complexity, performance and reliability of this setup and decided to take a step back and re-evaluate the solution. I evaluated my goals to start with and determined that I need to provide the following DNS services.

More (8%) …

With all the hubub lately around ActivityPub and Mastodon I spent some time reconsidering keeping the blog and Thoughts standlone. As originally designed this website is meant to be my publishing platform. I wanted to force conversations to e-mail to select for more thoughtful, person-to-person interactions as opposed to the usual cesspool of spam and unhelpful characters that comment sections usually attract.

More (48%) …

In keeping with the last two years here are the 10 most visited posts of the last year and a comparison to their performance in 2021.

More (12%) …

This is a bit of a departure from what I normally post on here. I've had some of these thoughts rattling around in my head for a while and to end the year I felt like finally sitting down and getting them out. While there is some technical background contained herein it's more of a story as to how and perhaps why this site — the very infrastructure holding up the vast majority of my online presence exists. I suspect that it will attract a different sort of reader than my usual posts as it lacks the utilitarian qualities of me documenting a bitter fight with some technology. Nevertheless I hope that if you take the time to read the rest of this that you find some useful information.

More (5%) …

It looks and feels cheap. If you end up not reading beyond this first paragraph then you have your answer. If you would like to know why, read on. Just prior to the holiday in the US I picked up an Apple Watch Series 7. I have resisted the foray into the wearable device market for a long time but was finally tempted by a decade long frustration with alerts on smartphones. Gone are the days of any meaningful strength to the vibration systems in mobile devices and since I am not a psychopath I nearly always have my phone on silent. Similarly I mourn the loss of the blinking LED, eschewed from inception by i-things for reasons defying understanding. Likely one of many dark patterns designed to force you to pay attention to the stupid thing more often than is actually necessary. As such the round-trip time of any sort of notification on my phone (of which only the Calendar, Mail, Messages, and Phone applications are allowed to produce) is often times measurable in hours. The hope being that perhaps the watch can provide a more reliable indicator of an event needing my attention.

More (19%) …

Shortly after leaving Linux for Mac OS X on the desktop many years ago I left Mozilla for Safari. While I still mostly use Safari I do find myself having to keep Firefox around for the occasional site that doesn't seem to work right in Safari, and naturally I use Firefox on my Windows PC. Over the last few years though, the organization behind Firefox continues to make more and more questionable decisions, bloating the browser and making it uglier. I started trying to combat this sad trend by switching to the Extended Support Release channel which worked for a while but with the sunset of version 78 some of the more awful features have finally been forced upon me. This sent me looking for other ways to try to manage the situation that don't require me to screw around in the settings every time the browser updates to make sure it isn't leaking private data to some ad partner, or Google, or Cloudflare. Thankfully there is a mechanism designed for enterprise IT departments that lets you disable some of the more annoying features using a simple JSON file. After a quick read through the documentation I was able to create a policies.json file that I was happy with that works on both my Windows 10 and macOS Catalina systems.

More (66%) …

A long time ago terminals were physical things that only displayed ASCII text and they typically defaulted to 80 columns. This lead a tremendous amount of software and convention forming around line lengths of between 70 and 80 characters. These days the world has moved on and RFC 3676 came around to try to find a way to bridge the gap between those of us who prefer 80 columns and monospaced fonts and those who have never seen, or just don't care about that world.

More (19%) …

There was much rejoicing this week as it was time for a new work laptop and that means I was finally able to get rid of one of the worst laptops Apple ever made, the regrettable MacBook Pro 13" with the Magic Keyboard and Touch Bar. I am quite picky about keyboards in general as it is the primary method that I interact with computers. While many people may prefer touch interfaces or gestures I find the keyboard to still be the most efficient and expedient input device we have. I was spoiled, growing up with IBM PC keyboards and then eventually moving to IBM Thinkpads. They really set the bar for keyboards in my life and everything ends up being compared to them. All that is to say that the Magic Keyboard with Touch Bar is the worst keyboard I've ever used. The last 2 years I've been mostly working from home using an Apple USB keyboard and have spared myself the most of the frustration and hatred of the vile thing.

More (17%) …

Where we started

My first RSS feed reader was a custom built Perl / PHP monstrosity back in the early 2000s. I later switched to Google Reader and then upon its inevitable sunset to Vienna. As I found myself reading feeds on multiple devices more I found myself wanting a centralized system with a single repository that I could connect clients to and have feed state synchronized. The server application I settled on at the time was Tiny Tiny RSS. I was able to get a plugin working that provided a compatible API to Reeder, which I used on my iPad and the web interface sufficed on my various desktop and laptop machines.

More (7%) …

I have had several complaints about Mailman 3 being the result of an unfortunate set of decisions that lead to the replacement of Mailman 2.

More (6%) …

I've been going over the various things that have crept into my day-to-day computing and evaluating them. In some cases I've found things that needed maintenance (perhaps a future post about refactoring my mutt configuration is called for), and in others I've taken the opportunity to evaluate alternatives.

More (4%) …

I can't imagine it will surprise any regular reader that my preferred MUA is mutt(1), and has been for close to 20 years now. I only switched to using Outlook at my current job a few years ago when they decommissioned the IMAP bridge and forced everyone into it. One of the things I've found myself having to deal with more lately is unsubscribing from marketing e-mails. Typically this was a trivial matter of finding the unsubscribe link and visiting it; however, it seems that lately all links in those e-mails come wrapped in click trackers that are blocked by one or more of my proxy server, DNS configuration, or content filter extensions, making unsubscribing difficult. Luckily RFC 2369 seems very well adhered to by even illegitimate e-mail marketing campaigns so I set out to try to solve the problem in the usual way. Angrily writing software.

More (35%) …

Many years ago I starting building out an extended layer 3 network using IPSec tunnels with GRE tunnels on top of them. As technology moved on I transitioned these from Linux to OpenBSD using isakmpd(8) and then eventually iked(8). I automated the various configuration steps using Puppet and all in all I have been very well served by this over the years. I use IPSec to terminate all of my road warrior client connections as well so it means that the complexity serves several needs. I happened to be upgrading some Mikrotik routers from RouterOS 6 to 7 and noticed they added Wireguard support. I had been hoping Ubiquiti would add Wireguard to the UniFi USG so I could try it out since the version of strongSwan they ship is embarrassingly out of date, but it seems like they have mostly abandoned that product. Armed with an excuse I set out to see what it would take to start up a tunnel.

More (25%) …

I browse the web a little differently than most. I vastly prefer the experience of reading feeds instead of relying on some algorithm and a pile of notifications to direct my attention. To facilitate this I funnel quite a lot of 'modern' content into an ever-growing pile of rage-written software to turn it into various RSS feeds that I can then plug into my reader ecosystem and enjoy at my leisure. Recently I found a RSS to news gateway from the creator of gmane called Gwene. I spent an evening looking at the list of groups, adding a few of the RSS feeds into my reader but there is no way I can take the time to look at all of them so that brings me to the ask! Below is a list of feeds I'm subscribed to, minus my bespoke Instagram, Twitter, Patreon, Tumblr, and YouTube feeds. If you think you know of some that I might like or that I'm just not subscribed to that you think I should be please let me know.

More (18%) …

For some reason every single time I go to do any work on my colocated server that requires remote console access I end up having to remember how the silly console redirection works. Presented here in the vain hope that I will find this next time I need it and perhaps that it may help someone else.

More (52%) …