geeklynad's recent activity

  1. Comment on Adventures in Mastoland: A retrospective on Searchtodon in ~tech

    geeklynad
    Link Parent
    Yea, for sure it's one sided. That's kinda unavoidable considering I'm talking about my own impressions. Total of two interactions (I said I was a small sample size): posted something empathizing...

    Yea, for sure it's one sided. That's kinda unavoidable considering I'm talking about my own impressions.

    Total of two interactions (I said I was a small sample size): posted something empathizing with OP. One was met with basically I don't know what you're getting at, subtext of are you just looking for an argument? The other was met with Godwin's Law. Apart from that, I'm not going to get into details of the interactions. You're free to not take my word for it. Those examples were brought up only for context of my own personal impressions, not as evidence of the problems (which I think are sufficiently illustrated in the main post).

    As for what people were upset about, my best guess is laid out in my previous post. I think people are just inherently wary of broadly scoped interactions due to the state of social media.

    3 votes
  2. Comment on Adventures in Mastoland: A retrospective on Searchtodon in ~tech

    geeklynad
    Link
    I recall seeing another's account of blowback from fielding the idea of functional searching. My engagement with people on mastadon has been remarkably limited. I mainly lurk. But in the small...

    I recall seeing another's account of blowback from fielding the idea of functional searching.

    My engagement with people on mastadon has been remarkably limited. I mainly lurk. But in the small handful of times I've tried to interact with people there, I've been met as an antagonist. I am not an antagonistic person by nature by a long shot. Granted, this is an incredibly small sample size and I shouldn't be taking it at an illustration of the community as a whole. But it's hard not to when combined with other impressions.

    I see these forays into mastadon searchability as a mechanism of testing security resilience. This concept was even mentioned in this write-up as well as the other I read through (sorry I don't have a link for it; it was remarkably similar with regards to blowback). So in my mind, the signal being sent isn't just "we want privacy", it's also "we don't want to know about privacy issues". Lack of noindex propagation is a prime example.

    It can be assured that bad actors do and will continue to take advantage of any given lack of security feature. Exclusion from federation will likely only eliminate a percentage of the whole, as plenty will slip by unnoticed. Finding and resolving issues, coming up with improved models, and working with the people within the community who are motivated to do the digging would all be necessary to improve upon matters. Instead, those efforts seem to simply be met with stamping of feet, planting of a flag, and a pronouncement of "this is our town!"

    It's in keeping with my own small sampling of interactions. Has more of a feel of driving others out of town than it does of trying to build up a community. Which, given the state of social media as a whole, is unsurprising. I think that what's currently most desired in social media is more insular than what mastadon's design has to offer. I've found far more value in the limited feedback from people who I like and trust than I did from having a broad audience with all its varied responses. The loss of a broad audience is hard to get past at first. The feeling of being seen by many is alluring. But the quality of interactions is fundamentally different.

    I get the impression that a lot of people there are in the throes of grappling with that effect. While I'll continue to lurk the site for useful information, I stopped wanting to try to talk to people there. Hopefully they'll collectively come through the other side having figured out what they want from the platform and from online interactions in general.

    5 votes
  3. Comment on Stop talking to each other and start buying things: Three decades of survival in the desert of social media in ~life

    geeklynad
    Link Parent
    Ok that makes sense. So not so much from a single source as it is a general bit of wisdom. I've found that it's not only useful for keeping myself in check from being cocky, but also for relieving...

    Ok that makes sense. So not so much from a single source as it is a general bit of wisdom. I've found that it's not only useful for keeping myself in check from being cocky, but also for relieving the self imposed expectation of trying to be the best at something. It has also been a useful bit of insight into other people's various motivations.

    Little bits like that which just float around in my head and become repeating themes kind of evolve into lenses through which to analyze the world around me.

  4. Comment on Stop talking to each other and start buying things: Three decades of survival in the desert of social media in ~life

    geeklynad
    Link Parent
    lol that's hilarious. I mean I know for certain was my stepdad that originally burned it into my mind. I just don't know where he got it. He was in muy thai for a long time, and when he mentions...

    lol that's hilarious. I mean I know for certain was my stepdad that originally burned it into my mind. I just don't know where he got it. He was in muy thai for a long time, and when he mentions that it's in that context. But it would definitely be hilarious if he saw me watching that, heard that line, and figured it was a good enough quote.

  5. Comment on Stop talking to each other and start buying things: Three decades of survival in the desert of social media in ~life

    geeklynad
    Link Parent
    I don't think she's citing that headline as a primary example of a business model gone wrong. Frame it a different way. She saw it when she was, what, 12? Mentioned that it made a big impact....

    I don't think she's citing that headline as a primary example of a business model gone wrong.

    Frame it a different way. She saw it when she was, what, 12? Mentioned that it made a big impact. Memories like that can stick in your mind for a long time, detached from external events. They float around, touching on other experiences, reinforcing themselves through repetition.

    It wasn't the content of the article, but rather just that notion described by the headline that she reiterates throughout.

    I have a similar memory from a similar age. The line, "There's always someone better" has stuck with me. I think it was originally in the context of martial arts, but I have no idea who said it regarding what exactly. It doesn't matter to me. Because I've found that to be so ubiquitous. I've gleaned a lot of insight through the repetition of that line over my life, and even though I'll probably never bother finding out the original context for it, it doesn't change the insights that I've had regarding it.

    4 votes
  6. Comment on Stop talking to each other and start buying things: Three decades of survival in the desert of social media in ~life

    geeklynad
    Link
    Dang that was a fantastic read. I'm around the same age and that sums up my feelings towards the matter of social media pretty nicely. Putting effort into building communities only to have them...

    Dang that was a fantastic read. I'm around the same age and that sums up my feelings towards the matter of social media pretty nicely. Putting effort into building communities only to have them crumble out from underneath you because the platform itself becomes unstable... over and over. It gets exasperating and tiring. There are quite a few people I have known who have helped shaped my life that I will likely never hear from again because it's hard to stay in touch with every single leaf that has been scattered to the wind.

    5 votes
  7. Comment on Your successes in 2022 in ~talk

    geeklynad
    Link
    As a first step toward shifting over to a completely different career, I started off the year by cramming for and passing the sec+ exam. (I come from doing construction and various freelance/gig...

    As a first step toward shifting over to a completely different career, I started off the year by cramming for and passing the sec+ exam. (I come from doing construction and various freelance/gig based work, but I've been into computers perpetually.)
    I helped my mom prep for and recover from difficult health stuff. Basically, keeping up on medical studies, helping her with physical therapy stuff, and doing lots of cooking. Sometimes ya just gotta throw some brioche croissants at life for things to start looking up.
    I learned a bunch of networking stuff and completely revamped my home network with pfSense, Mikrotiks, and Ubiquitis running VLANs. (Just wanna mention how huge of a difference good documentation can make, and how mind bogglingly frustrating lack of documentation can be... AHEMMikrotikAHEM)
    Learned how to set up a website served off an AWS EC2 instance using Ghost on Ubuntu Server, got myself a .dev domain, and populated my site with a bunch of of the stuff I've been doing and learning about.
    Learned a bit of Python. Never really programmed much before. During my networking adventures, I stumbled across a vulnerability in a piece of network hardware. And despite having never even touched any Java before, and barely knowing Python, I managed to crank out an exploit for the vulnerability in both languages. I then reported the vulnerability to the company and filed for a CVE. The company has been working on a patch, which I tested out for them.
    Put together my resume (it's a from scratch kinda deal, as I've never needed one before) and have been getting ready to finally start putting in some applications.
    Oh and I've had some pretty fantastic times playing some games with friends this year too. It's been nice.
    I still kinda wish that I had been able to get a bit more done. But having written all that out (knowing that there are plenty of little things that are more noteworthy to just me personally), I think I'm pretty cool with this year. Have much much worse, that's for sure.

    8 votes
  8. Comment on Valheim dedicated servers using Docker in Linux in ~games

    geeklynad
    Link Parent
    Yea I have a small group of close friends that I like to play with. I've tried a couple times with randos but it's just not the same vibe. There's always who wants to just blaze through...

    Yea I have a small group of close friends that I like to play with. I've tried a couple times with randos but it's just not the same vibe. There's always who wants to just blaze through progression, which is pretty antithetical to the pacing that I enjoy. I like to be able to take my time with things, namely because I like to spent a lot of time building infrastructure. But when there's someone who wants to blaze on through ahead of everyone, suddenly everyone else has to progress in order to handle the next tiers of mobs and raids. So having a good group with some cohesion makes a huge difference.

    I haven't checked out mistlands itself yet. Have a friend that wanted to get into it, so we all decided to start a new world with fresh characters. So it'll probably be a while before we progress up to mistlands. I've been kinda itching to check it out, but I think I can hold off to do it with the group. I've seen a few spoilers along the way, but I still think it'll be nice to experience it for the first time with the rest of my friends.

    I hear you about the grind though. Swamp in particular was brutal. Less now, as they balanced it a bit. But that's another thing that playing with good friends negates a lot. For me it becomes less about moving forward than it is about just spending time with people you enjoy being around.

    3 votes
  9. Comment on Valheim dedicated servers using Docker in Linux in ~games

    geeklynad
    Link
    Wasn't sure whether it was more appropriate to post this here in games or if it would have been better in comp. Hopefully this is fine. My friend and I got frustrated with the dedicated server...

    Wasn't sure whether it was more appropriate to post this here in games or if it would have been better in comp. Hopefully this is fine.

    My friend and I got frustrated with the dedicated server hosting service we were using, so I took a 10 year old computer I had laying around and set it up to run our own dedicated servers. This was my first experience with Docker and I honestly couldn't be happier about it. I wanted to write up this experience and share it because it was worth every minute. If you're a total Valheim nerd like myself and you've got a spare rig laying around collecting dust, I highly recommend diving into this.

    I'm also working on writing up a how-to for setting up remote access using a VPN hosted from pfSense.

    5 votes
  10. Comment on Medical selfies in ~health

    geeklynad
    Link
    Ooo! Excited to see some Eric Topol in the wild. He's been an amazing source of information on covid for the past couple years. I'm also a big fan of how much more accessible at-home equipment is...

    Ooo! Excited to see some Eric Topol in the wild. He's been an amazing source of information on covid for the past couple years.

    I'm also a big fan of how much more accessible at-home equipment is becoming. I would love to be able to play around with some ultrasound imaging.

    2 votes
  11. Comment on This video tells the story of the Nakagin Capsule Tower, its design, construction, life, and ultimate demise in ~design

    geeklynad
    Link
    A method for replacing individual components without disturbing others would have been a game changer. And some built in redundancy of utilities.

    A method for replacing individual components without disturbing others would have been a game changer. And some built in redundancy of utilities.

    2 votes
  12. Comment on Remote Access that's safe and not a scary nightmare in ~tech

    geeklynad
    Link Parent
    This is the method I'd recommend as well. I run an OpenVPN server from my pfSense and it's the only open port I need on my firewall for local resources (unless I'm running a game server for some...

    This is the method I'd recommend as well. I run an OpenVPN server from my pfSense and it's the only open port I need on my firewall for local resources (unless I'm running a game server for some friends).

    Security-wise, it's about as good as it gets. It can be configured to require both a password and a certificate from clients. While there are port scanners that will look for it, they are not nearly as frequent as scans for RDP, and known attacks against a single VPN are much easier to manage than those against a given remote desktop service.

    Network-wise, it can be configured to integrate or isolate within the local network. Although, this would depend on the network. The pfSense integration of OpenVPN gives me just as much control over it as it does any other subnet. Mileage would vary with other setups, and network segmentation may be difficult to pull off with given network hardware. But this isn't necessary for just getting a secure tunnel for remote desktop, it's more of a nice feature if you can arrange it because it allows you to additionally limit access if needed.

    3 votes
  13. Comment on Visualizing the layers of the TCP/IP model in ~comp

    geeklynad
    Link
    Recently finished part 2 of my series on VLANs. This one gets into reimagining the TCP/IP and OSI models in a way that I actually find useful. When I first started looking into writing about these...

    Recently finished part 2 of my series on VLANs. This one gets into reimagining the TCP/IP and OSI models in a way that I actually find useful.

    When I first started looking into writing about these models, I just got more and more frustrated with the explanations. Too many conflicting takes on something that seems only marginally useful for communication purposes. But in the course of coming up with my own explanation of VLANs, I found that adding some dimension to it made things much more useful for visualization purposes.

    First part of the article can be found here (with Tildes thread here).

    If you catch any mistakes, please let me know. Whether grammatical, technical, conceptual, or whatever, I'm hungry for some feedback on this. And pizza. Hungry for pizza. I should make some pizza.

    2 votes
  14. Comment on What programming/technical projects have you been working on? in ~comp

    geeklynad
    Link
    I'm getting antsy waiting on a vulnerability I reported to go through the process. The company I reported the vuln to has supposedly been working on a patch. I haven't heard from them in a month...

    I'm getting antsy waiting on a vulnerability I reported to go through the process.

    The company I reported the vuln to has supposedly been working on a patch. I haven't heard from them in a month though. I also filed with MITRE to reserve a CVE for it for when I publish report and proof of concept, but I haven't heard from them in a month either.

    This is my first time reporting a vulnerability. I know that I should just be patient with this process. But there is a constant nagging feeling that if I just published, the process would suddenly speed up and gears would start turning. But I have to convince myself that the gears are already turning, even though I don't get to sit here and watch them.

    If the company has been taking this long to write the patch, I'm hoping it means that it'll be a worthwhile one (they attempted to patch this previously, but failed to resolve the underlying issue). And MITRE could very easily just have a lot of their plate right now.

    The main reason I'm antsy about it is that I'd eager to start applying to tech jobs, and I'd really like to be able to put this project on my resume. But as it stands, it's likely that I'll be waiting until mid Dec to be able to do so. I can live with that though. In the meantime, I've been working on writing up articles on other projects in order to illustrate some competency and experience despite not having actual work experience.

    6 votes
  15. Comment on The strangest explanation of VLANs you've never heard in ~comp

    geeklynad
    Link
    This started as a weekend "take a break from frustrating stuff" doing some 3d modeling for fun. In the process, I starting getting ideas for how to represent the sticky parts of explaining VLANs....

    This started as a weekend "take a break from frustrating stuff" doing some 3d modeling for fun. In the process, I starting getting ideas for how to represent the sticky parts of explaining VLANs. This is a "part 1" of a series, and it gets into basic topology concepts using 3d models, then translating those concepts over to network concepts.

    Part 2 is on the way soon, but if anyone has any feedback on where improvements could be made, or letting me know if it's even comprehensible, it'd be much appreciated. This has been a weird write up and I've had to scrap a lot of ideas to keep myself from going on excessive tangents. So a sanity check... would be oh so nice.

    1 vote
  16. Comment on Router recommendations in 2022 in ~comp

    geeklynad
    Link
    Over the summer, I completely redid my home network. Used an old PC to make a pfSense box as the main router/firewall, complete with VLANs and Suricata for intrustion detection/prevention. For...

    Over the summer, I completely redid my home network. Used an old PC to make a pfSense box as the main router/firewall, complete with VLANs and Suricata for intrustion detection/prevention. For network appliances, I tried out both Mikrotik and Ubiquiti. I have two hAP ac^2s that serve as kinda the main backbone and access points, and two EdgeRouter-Xs for edge switches.
    Mikrotik is fantastic bang for the buck, and they're fantastically capable. But their user interfaces are bizarre as heck and their documentation is a quick trip to crazy town. But if you learn how to use them, they are beasts. It's just... a big if. Honestly, it's not so bad if you keep it simple. But if you ever end up wanting to do VLANs, be prepared for a rabbit hole. (I'm currently working on writing up some extensive explanations to fill in the gaps.)
    Ubiquiti is comparable to Mikrotik, but their interface is much more intuitive and their documentation actually explains things. The only problem is that they can be difficult to get a hold of at MSRP because they get swooped by scalpers and resold at ridiculous markup.
    pfSense is absolutely amazing. It's free, it's incredibly well documented, it's capable of all kinds of things (I host a VPN so that I can access my home network from anywhere, for example), and it can be installed on dang near anything. It can serve very well as a main router, but you'll likely still need access points.
    Of these, I'd say that Ubiquiti is probably the least DIY of the bunch. They still have a learning curve compared to typical consumer grade stuff, but it's a forgiving one that if you put the time into learning it will reward you with potential far beyond the normie stuff.
    I'd be happy to go into more depth on any of that. I've been planning on writing up articles on all of them eventually, but if there's anything in here you'd be interested in knowing more about I'd be happy to elaborate.

    5 votes
  17. Comment on What programming/technical projects have you been working on? in ~comp

    geeklynad
    Link
    I recently wrote an exploit for a soho network switch. I wrote up a report and submitted it to the company about a month ago. I've been holding off on submitting it to MITRE for a CVE because it...

    I recently wrote an exploit for a soho network switch. I wrote up a report and submitted it to the company about a month ago. I've been holding off on submitting it to MITRE for a CVE because it feels like it might be the best course to await acknowledgment from the company. But I haven't received much back from them. Last week, they (finally) wrote back to request access to the proof of concept. Supposedly, it has been sent to the product team.

    I'm debating how much longer to give them to review internally before moving forward. I'd like to submit this report to MITRE and get that process underway. I'd like to have their confirmation first, but I don't get the impression they're making this a priority. I'd also like to publish my findings as a warning to others who might buy this product, as I don't think they're going to patch it. And ultimately, this is a project that I'd like to include on a resume, as I'm trying to transition careers from doing construction for most of my life into working in tech. This is the most noteworthy project I've done so far and I'm excited to be able to include it. But at the same time, I'm trying to be empathetic toward the company to give them a reasonable amount of time to respond.

    If anyone has any experience with the CVE process, I'd appreciate any pointers.

    7 votes