Matthew Ernisse

June 25, 2019 @11:31

I am sure I am in the minority of mobile users (though probably not a small minority these days, especially among the technically apt) in that I try to only use mobile applications where they provide a large amount of concrete value over the mobile website. The inability to sanely audit applications in conjunction with their ability to exfiltrate way more data than a mobile website raises the bar I set to a much higher level.

More (37%) …

April 04, 2019 @09:35

I have mentioned a few times that I rely on OpenBSD VPNs to ensure that clients outside of my home network get the same level of protection as they do inside. This means that I can use already existing DNS and proxy infrastructure to prevent various malvertizing, tracking, beacons, and poorly behaved applications and websites from leaking personal information, and I can prevent wifi hotspots from analyizing my traffic or injecting JavaScript. Creating the actual infrastructure is out of scope for this post, but I did previously post some information about what the DNS configuration looks like.

More (8%) …

April 02, 2019 @18:10

I really don't want to sound like the old man yelling at a cloud here; however, sometimes you need to. When DRM first appeared as a way to sell digital goods on the Internet and prevent the dreaded piracy and sharing that was certain to be the downfall of all capitalism and hurl us into the darkest night, the Internet was, as you might expect quite put out.

More (15%) …

December 04, 2018 @11:00

I'm trying to figure out a way to balance the lack of surprise and schadenfreude I have at Tumblr/Verizon's decision to paint all sexual content with the regressive and transparent 'but think of the children' brush. Tumblr grew largely thanks to the alternative and adult communities that found its permissive and accepting nature welcoming. It became what it is today because of the LGBTQ+ and sex worker communities, and now it has decided to break up. Their post paints a pretty picture full of platitudes, inclusiveness, acceptance, and love of community but it is obvious to the most casual of observer that it is just a sham. Tumblr is breaking up with the people that helped it grow because it is easier than trying to actually make the service a better place.

More (25%) …

November 26, 2018 @15:30

While I was waiting for new tires to be put on my car today I was able to watch the landing of Mars InSight which was relayed via the MarCo A&B experimental interplanetary cube sats.

More (21%) …

November 07, 2018 @23:30

A little over six and a half years ago I left the Linux as a desktop community for the Mac community. I replaced a Lenovo Thinkpad T500 for an Apple refurbished late 2011 MacBook Pro and honestly have not regretted it.

More (5%) …

September 27, 2018 @11:30

I was making some firewall changes last weekend and while watching the logs I discovered that every now and then some host would try to connect to 169.254.169.254 on port 80. This was peculiar since I don't use the IPv4 link local addresses anywhere in my network. It seemed to be happening randomly from all of my Linux hosts, both physical and virtual.

More (9%) …

September 16, 2018 @15:00

I installed one of the Mojave public betas last week on the Mac Mini I have in the office. I used it as an excuse to finally tweak a script I wrote for customizing macOS out of the box.

More (10%) …

September 15, 2018 @16:40

For a while now I've used a Yubikey Neo as a PIV card to authenticate to my public facing hosts. This is fairly straightforward but requires a host with OpenSC on it. In my .profile I have a function called add_smartcard which will add the PIV driver to the ssh-agent. This means I actually authenticate with the key that was generated in the Yubikey and not my password.

More (11%) …

September 02, 2018 @12:45

Recently I had a rental VW with the fancy new radio in it and I figured I'd give CarPlay a shot.

Welp.

More (66%) …

August 29, 2018 @09:20

I've been stewing about this for a while and have not yet found an alternative so this is part rant part dear lazyweb plea.

More (7%) …

August 27, 2018 @17:10

For a long time now the core of my ad blocking strategy has been squid and privoxy running on my OpenBSD routers. Mobile devices VPN into the network and receive a proxy.pac which routes all traffic to these proxies which reject connections to known ad hosts. With the growing adoption of HTTPS (thankfully) privoxy is becoming less and less useful so I have been trying to find better ways to block ads at the networking level.

More (11%) …

August 26, 2018 @11:30

iPictureFrame and XCode

I know I'm not 'average' when it comes to my opinions about technology. I imagine this has to do with growing up with technology that was much more simplistic than it is today. Compared to modern software and hardware the NEC PowerMate 286 running DOS 6.0 that I learned to program on was extremely simple. Not that it wasn't powerful, but it didn't have any designs to hide things from you. You had access to the hardware directly, and all the memory, and all the peripheral I/O space. You were able to completely control the system, and even understand exactly what was going on.

More (16%) …

August 25, 2018 @12:00

UniFi Switches in the NMS

Since I installed the first bits of the Ubiquiti UniFi family of products in my network I have been impressed. They have never failed to meet my expectations. I have written several articles about some rather advanced configuration and implementation details:

More (10%) …

July 25, 2018 @20:00

UniFi Security Gateway in the NMS

A couple days ago I wrote a bit about setting up a new Ubiquiti UniFi Security Gateway, and after living with it for a bit I have a few additional notes.

More (14%) …

Subscribe via RSS. Send me a comment.