Ramblings of a Unix Geek
A personal growth moment
Don't ask 'manpage' questions in interviews
Hands off Rocky/Debian installs
When automation is a problem
Bot scrapers DoS me?
I asked ChatGPT to write me a program
VNC into an existing X desktop
What do I recommend? Generalist or specialist?
Decreasing social media footprint
Five Years of COVID
Why I don't use encrypted messenger apps
Stop thinking of privilege in technical terms
Comparison of all my screwdrivers
We don't need security products
Stop changing technology
Google killing adblockers
On 9/11 deniers
Yubikey 5 is broken! Panic! Or not
Crowdstrike issues
Building a home router
Work/Life Balance
API Security at the gateway
Imposter Syndrome
I still dunno what I want to do
New Trek
I dunno what I want to do
MQTT, Home Assistant, Hue emulation working together
Blame Security
Digital Safe version 3
Terrahawks Noughts and Crosses
Using network namespaces for ipv4 only
ChatGPT and Calculators
Looking at YubiKey 5
Search This Site
Microservice Security
Secure your cloud
The problems with port 80
Singe cloud or multi cloud?
Using SSH certificates - revisited
X-Forwarded-For and IP Allow-List
Explaining technology as a story - TLS Certificates
Explaining technology as a story - DHCP
Explaining technology as a story - DNS
Explaining technology as a story - Routing
Summary of my current Home Automation Setup
Making a doorbell semi-smart
Digital Safe version 2
Using RSA and ECDSA on Apache with CentOS / RedHat
Data Loss Prevention (DLP)
More modern TLS settings
It was OK before; why is it broke now?
Extending the wireless on my router
Firewall Basics
RSA wrapped AES
Capital One Breach
SecDevOps? DevSecOps? SecDevSecOpsSec!
When MFA isn't necessarily strong
Adding some smarts to a dumb aircon
Extending automation to the garage
Slowly making my home smart
Emulating a Philips Hue light
Career advice
When Development is Production
Privilege Escalation in Unix
Notes from the service for my Dad
What I did on my weekend
DevOps and Separation of Duties
SRE is not new
Encumbering New Technology
When does an AI become alive?
How I learned to stop worrying and love the cloud
The cloud is not your friend
What we can learn from the rebellion leadership failures in The Last Jedi
Can't Patch, Won't Patch
Meltdown and Spectre
Douglas Charles Harris
Technology is not enough
The three tier network is dead
Software for my digital safe
Know your threats and defend accordingly
Adapting a digital safe to be computer controlled
Key man dependencies and resilient processes
Where to run Docker?
Docker High Level Challenges with vendor containers
Monitoring my router with graphs
Remembering history
Secrets management with Docker Swarm
Using placement constraints with Docker Swarm
A look at Docker Swarm
Simple Docker Orchestration
Looking at how a Docker container runs
What is a Docker container?
Introduction to web SSL certificates
Data At Rest Encryption (DARE)
Stuff changes; don't take things on faith, get the facts
Bottlenecks and SPOFs
Building a home router
Cloud Inventory
Persistent Applications
Multifactor Authentication
Encryption vs Hashing
Role Based Access Control
Lessons from a pentest run
Phishing and Certificate Transparency
Offsite Backups in the cloud
Abusing LD_PRELOAD for fun and profit
Can you control the entry points to your network?
Managing the cloud management layer
Big bugs have lesser bugs
Make it easy to use
Stop, step back, take a minute, slow down
The Itsy Bitsy Security Spider
Always Listening Devices
SSH keeps disconnecting
Backup and restore
Using Letsencrypt for TLS
LXD and machine containers
Building my home server
Intel Clear Containers
Technical Debt
Docker in production
Using SSH certificates
Security Headers on HTTP requests
Scoring an A+ for SSL/TLS
Deep scanning your deployment
Scanning your code
Kerberos keytab management
SSH Password exposure
HSMs, what are they good for?
SSH key management
Single point of truth
Building an OS container
Using a container as a lightweight VM
Lift and Shift
Persistent data
Man in the middle attacks
There's a hole in my security bucket
See me present!
Container Identity
Network Microsegmentation
Using Containers Securely in Production
What made me start thinking about security
Building a small docker container
Why use SSL/TLS on websites?
How public cloud can change your security stance
The risks of Single Sign On
The People Problem
Shadow IT
Vulnerability, Threat, Risk
Container technology
Business cards
Maybe containers are VMs after all
Unix Identity and Access Management
Keeping containers safe
Container Security is Easy
Container security
New site
About me
Breaking the MBR on every hard disk
Gullible
DHS redux
Huh, the department of homeland security is attacking me?
A joke I learned in 1978
Some good Voyager
Why Star Trek Voyager was the worst of all
How does the web still work?
So You Start Server
Historical Java
Scripts
Google Authenticator
Teaching myself javascript
Exelink
Virtualization All Change!
Virtualization Update
The Windows 7 taskbar
IP6 Updates
IPv6 on the LAN
Messing around with ipv6
Kerberos and IPv6
Kerberos and Active Directory
Beginning kerberos
X-No-Archive considered pointless
Virtualization Options
Thin Client Options