a simple stack of rocks

In the past, I've been fascinated by the abstraction of complexity. I drooled over complexity for complexity's sake, which is why my "simple" online presence had ballooned across 5 virtual servers, 1 internal server, self-hosted mail, dns, xmpp, self-hosted dynamic dns, and an extremely brittle set of ansible scripts tying everything together. It was, uh, let's call it fun.

Then things started to become untenable. I have a day job. It was different in college when my side-job was managing servers -- I us


goodbye domain

Over the past several months, I've been slowly trying to reduce my dependence on external (read: out of my control) services as much as feasibly reasonable. Given that I was a server admin in a past life, this gets egregious pretty quickly.

I'm running several websites, mail server, xmpp, monitoring, backups, and code repositories; and there is never enough time to 'keep up' with my main gig and life responsibilities. But recently, I started to feel the Dynamic DNS strain when I began to have more hosts to


gnupg arch pinentry

gnupg logo

I always get a pleasant feeling when I recieve a PGP encrypted file or message, but the message isn't much good if I can't read it. Unfortunately, as I receive so few of such messages, my setup decays without daily use and becomes broken.

Case in point: Decrypting a message using GnuPG on a headless Arch Linux box:

Case in point 2 (added 2015-04-10): this just happened again, I should maybe submit a patch?

  • gnupg has a dependency on pinentry

  • the pinentry package in Arch has this closed bug (closed as 'n


virtualbox crash selecting ISO

Fixed a sweet bug affecting VirtualBox today in a way that I really didn't expect.

I use a lot of virtualization for my work, and use both VirtualBox (4.2.18) and VMWare Workstation (9.0.2) on a daily basis. But setting up new virtual machines using VirtualBox has been a painful experience over the past few weeks because the GUI seemed very unreliable.

When selecting an ISO for the virtual cd drive, everything would work fine until clicking the actual ISO or typing the name or full path of an ISO, at which


inserting control characters in vim

There comes a time in every Unix user's life where they need to enter control characters into their editor. Maybe you're trying to add some ASCII BEL characters to annoy would-be cat'ers, or add some null characters or something, but most likely you want to search and replace!

Simply typing the control character itself is insufficient. You need the escape control character to escape your control character. Consequently, this is CTRL+V.

So to remove all the pesky ^@ from your pristine file, the keystrokes wo


running a private mail server

disclaimer: I am not a lawyer, nothing in this post should be vaguely considered legal advice

Recently, I've been more interested in reducing my dependence on third-party cloud services. For those of us following the security and privacy trends in the industry, it's pretty unclear whether you retain 4th ammendement protection over data on 3rd party servers. As far as the FBI is concerned, they think they should have easy access to any online account, preferably without a warrant and other red tape. Although


nobody uses a locked laptop

I've had a small obsession lately of watching DEFCON videos from years past on YouTube when I get a free moment. It's mostly been good aside from making me paranoid to use my computer. Mostly these guys and gals bring up great ideas for protecting yourself from Ahem..."Adversaries" with things like drive encryption, rapid drive destruction, secure communication, strong passwords, long keys, etc. All these are great things! They keep unauthorized users far from your data and I wouldn't advocate against them.


sql saves the day

Finally cracked the nut on a problem I've been working on: trying to determine from a login event and a record of logins and logouts whether that login event constitutes the beginning of a concurrent session for the given user. Trying to solve this problem using backtracking is a lot of effort and brushes up against the halting problem. In this method, we simply look backwards at logins and logouts from the event being inspected until we can determine if there is an overlapping session. The problem here is


Questionable SNI Support in older IE


ie8 logo

In my current job, I tend to take on the maintenence responsibility for a large obsolete code base which is still being used, but doesn't currently have active maintainers on staff. It's usually low impact work, a few bug fixes here and there, and people stay happy. The software in question is a PHP survey app, which is still in frequent use by various departments at the University. It's one of those pieces of software that other folks would consider to be a lot more important that we do. So n


iTunes crashes the OS X Dock

iTunes 11 icon

Since this is the second time I've had this happen to me, I figured I'd post the relevant fix here for my future benefit. Essentially what happens is, everytime the song changes in iTunes, the Dock process gets an unhandled exception and is forced to restart. I have observed this under OS X 10.7.4 and OS X 10.7.5 and under iTunes 10.6 and iTunes 11.0. It only happens when I reformat my disk and then restore my files via rsync (I don't use TimeMachine actually so I'm not sure if that's a factor or not).



This is a Development Site

After a weekend hack-a-thon which extended to this morning (and perhaps throughout the rest of my life), I deployed my latest version of this site this morning.

Although it doesn't look much different, the way it's edited, generated, and rendered is mostly new. As I describe on my projects page, I've been working on going static since about July, but I've been working especially since last Friday.

The result is that now my site doesn't require python on the webserver. Although python is used to build out al


down the puppet hole

down the puppet hole

In my post a few months back, I was discussing some DNS issues we were experiencing while deploying puppet to some workstations in the ResTek office. Unfortunately, after the issue with the faulty init.d start scripts was resolved, half of the machines were still not 'calling in' to the puppetmaster. I should mention at this point that the current version of puppet in the Ubuntu repositories is 2.7.11; naively, this is the version that we are running.

After sifting through bug reports and working on othe


Cory Doctorow: the coming war on general computation

Last year at 28C3, Cory Doctorow delivered a powerful keynote talk about his vision of controls in the general purpose PC market. It's a semi-apocalyptic state of affairs when you realize that he's right. There is profit (and other) incentives to limit what you can do with your computation devices.

I'd say this video was the highlight of 28C3. In the wake of all the 29C3 that will be coming out, I couldn't let this gem go unnoticed. Well worth watching (or rewatching).

Video details

Event: 28th Chaos Comm

i need a new home

So, I've been paying about $5/month to host this site along with several other domains for myself and my comrades. Given the price point, i feel like I could probably do better than shared hosting. While I haven't had any specific problems, my site (obviously) does not draw that much traffic. If any posts or information hosted here or on any of my other hosted sites goes viral, it could very easily bring the entire server down. Not only would I likely be reprimanded for such an ...

puppet requires DNS

PuppetWorking at ResTek over the summer is a much different experience than working during the school year. For one: I am now working 40 hours per week (up from 15), and also many more people are working in the office regularly which makes collaboration easier. All this leads to an environment where things get done in a third or less of the time it would 'normally' take to complete. And the bugfixing is very intense.

The first big project that's nearing completion is a new deploy...

just when you think you know, you don't

I dont always test my code but when I do its on the production serverAs the natural-born overachieving perfection-seeking pragmatist that I am, I often find myself exceeding the specifications on my Computer Science assignments. Generally, I find them to be either too simple, or not interesting; and in an effort to 'get the education my parents paid for' I make my own rules.

Unfortunately, in UNIX software development, part of the specification is to explicitly NOT stray from the specification...and the assignments are too easy. How coul... goes live

After a month of waiting and sitting on my design, I finally decided it was time to go live with the new site layout. I'm not doing this because I feel it's particularly good or finished, but mainly because my old theme was making very restless and I wanted a nice clean place to write and share some thoughts and information with the world.

I'll be improving the site in the coming months and adding more integration features such as commentary. For now, feel free to dm me on twitter or shoot an email.

The new


cad/cam/cnc: competing in skillsUSA

As a sophomore in high school, I unwittingly took Stuart Smith's CAM class and learned some CAD, CAM, and CNC milling on ProLight and Haas Mills. In fact, I came to learn that my high school just happened to have one of the best CNC labs in the entire country. I went on to take 2nd Place in the Washington state Automated Manufacturing contest in 2007, 1st Place in 2008 and 2009. And 3rd place in the entire Nation in 2008! Who knew? My specialty on the three person Automated M...

A Stupid Way to Brick an Awesome Router

WRT54GL Router by Linksys

The Linksys WRT54GL is arguably one of the most rock solid home/office routers that one can buy today. Even though the hardware is becoming more and more dated running one with a custom firmware can give someone like me (a nerdy hobbyist) an extremely powerful router for a relatively low price.

I recently traded my dad my never WRT110N wireless-N router for his older WRT54GL purely for the ability to run custom firmware. Unfortunately I also learned something pretty interesting about how these router