Thu 28 May 2020
Thu 12 March 2020
Who do you trust? And do you trust them indefinitely far into the future?
If you have specific reasons to believe you will be targetted by an interested, competent, resourceful attacker: you need serious information security measures, which will be painful and potentially expensive in both time and money. I have no such specific fears, so I’m merely interested in protecting my household against generalized attacks, the sort of thing that Google and Facebook and Amazon and every advertiser in the world carries out as a matter of course.
In this installment, I’m going to increase the difficulty of tracking my household network via intercepting DNS requests. I will assume you know a fair amount about DNS and feel comfortable configuring daemons and running them – this isn’t a step-by-step HowTo.
Sat 22 February 2020
Since this class of bug just bit me, I figured I would write it up in the nearly futile hope that it might prevent me from making it again.
This bug is most often evident when we have a software stack that has varying levels of configuration available in each layer, ranging from simple components that are either installed or not to complex components with configuration stored in files.
Today’s example is my home theater computer, which has these relevant layers:
Sun 29 December 2019
Thu 19 December 2019
The scientific method goes boing.
- Form a question.
- Observe evidence.
- Form hypotheses.
- Create experiments.
- Observe results.
- Compare hypotheses.
- Be critical.
The scientific method runs off the rails in step 2 and explodes into uncertainty in step 3. It turns out that observing evidence is rarely easy or straightforward: it’s a great big universe, and we’re all really puny. And “forming hypotheses” is synonymous with “make guesses” – potentially educated, informed guesses, but still a creative process that is likely to baffle AI for decades to come.
That brings us to today’s problem: why does Netflix hate me?
Wed 27 November 2019
Work asks that I bring home an Apple laptop so that I maintain some sort of fluency with the systems that the majority of our employees use. For the last while this has been a 2011 MacBook Pro with 20GB of RAM and an SSD. The keyboard finally sputtered its way to an unusable state (most of the modifier keys, shift/ctrl/alt/command/option/super/meta/hyper…) were unpredictably triggering or failing to trigger) and I asked for a replacement.
“Whatever has a functioning escape key, please.”
So they signed out a 2015 MacBookPro to me. It has 8GB of RAM (not upgradable) and an SSD (ditto).
Tue 05 November 2019
If you have a Linux system that was using systemd as its init system, and you changed it to something else, and now nearly everything is incredibly slow:
Remove libnss-systemd; check for and remove systemd options from
As you will no doubt recall, that config controls the methods that the system uses for various lookups. Most things are
files, which is to say the system should look in the appropriate config files.
hosts is usually files followed by DNS. If you have Kerberos or LDAP or some other networked signon system, this is where it would be configured.
Who knew that systemd wanted control of that, too? Not I.
Tue 29 October 2019
Sun 06 October 2019
Centralized facilities are easier to manage. Centralized facilities are easier to control.
Distributed facilities are harder to manage, harder to control.
Centralized facilities need expensive, difficult redundancies to maintain function during a partial outage. Distributed facilities need coordination.
Centralized is cheaper than distributed if you don’t pay for the things that can make it reliable.
Tue 20 August 2019
Fri 12 July 2019
This is a reminder that spinning storage is still useful for large data dumps, media, backups, and other bulky things that you don’t need to change continuously.
But mostly, it’s cost-effective. The two current sweet spots for capacity/performance (assuming brand-name, non-sale, 7200RPM SATA3 3.5" disks) are at 4TB (about $75) and 10TB (about $270).
I also remind you that you want RAID for reliability, but it’s not backup by itself.
Tue 25 June 2019
Via Rick Thomas on the Debian Users mailing list:
In any case, the solution I came up with is
apt-get --purge install -y sysvinit-core dbus- glib-networking- libgtk-3-0- apt-get --purge autoremove
Note the trailing minus-signs on dbus- glib-networking- libgtk-3-0- These packages need to be deleted in the same pass as sysvinit-core …
Wed 15 May 2019
Wed 17 April 2019
I recently ordered a dozen things from Amazon from six vendors. All the things were pretty technical – ethernet switches, fiber optic cables, transceivers, things like that. This is normal.
Four of the six vendors asked me to review their products. Two asked me multiple times over the same order.
Here’s my policy, and I urge you to consider the same one:
I will only leave a review on a commerce site if I have an unusual experience to report. An unusual experience is either surprisingly good or exceptionally bad. I won’t give any feedback for a transaction in which I paid the agreed amount of money, received the product in a reasonable time, and the product worked as expected.
Adding reviews outside of that policy has two negative effects: it adds useless noise to the review section, and it tends to inflate star-system grades.
Thu 21 March 2019