fak3r

What About Them?

This is a previously unpublished sketch written on 2007-04-18 of two people talking about the constant state of fear in a nation controlled by the media. Strangely it’s still relevant today. […] “But what about them; what’s the difference?” “What?” “With their outlook on things, everything is just so negative, have we evolved that way?” “You’re telling me you mean we became more negative as a species over 50 years? I doubt that’s an answer.” “No, I agree with you, but why are we that way?

Read more →

Best music of 2015

Metz (photo from radio1190 ) Another year, another batch of new toons to love. As always, discovering new music never gets old, the endless digging for new sounds continues to be one of my favorite things. Let’s rock! Courtney Barnett “Sometimes I Sit and Think, Sometimes I Just Sit” Built To Spill “Untethered Moon” Deerhunter “Fading Frontier” Hop Along “Painted Shut” Jason Isbell “Something More Than Free” Jamie xx “In

Read more →

HOWTO build nginx with HTTP 2 support

UPDATE 02-29-2016 a reader had issues getting this working, and after reproducing his issue I found that the ssl_cipers HIGH:!aNULL:!MD5; no longer works. Apparently sometime after I wrote this, the HTTP/2 specs were updated, and browsers followed suit. This blog post tells us, “According to the HTTP/2 specification, over TLS 1.2 HTTP/2 SHOULD NOT use any of the cipher suites that are listed in the cipher suite black list, found here” So now, we have to call out another cipher before the blacklisted ones ssl_ciphers AESGCM:HIGH:!aNULL:!MD5 Thanks for the note Elias!

Last week nginx relased mainline version 1.9.5 which features experimental HTTP/2 module. According to the Internet Engineering Task ForceHTTP/2 enables a more efficient use of network resources and a reduced perception of latency by introducing header field compression and allowing multiple concurrent exchanges on the same connection. It also introduces unsolicited push of representations from servers to clients. This specification is an alternative to, but does not obsolete, the HTTP/1.1 message syntax. HTTP’s existing semantics remain unchanged.” You can get an idea of how HTTP/2 is better and faster on this demo page which shows the multiple connections making a significant difference.

TL;DR it’s faster, backwards compatible and the new hotness (obviously).

Read more →

Bruce on privacy

I’ve written about Bruce Schnier many times before, but this recent comment perfectly captures why we all need to be concerned about our only privacy

Read more →

Best Songwriters Morrissey and Marr

In a recent article, the magazine Rolling Stone tries to list the 100 Greatest Songwriters of All Time, and while any list that a audacious will have it’s detractors (and there is much to criticize in this one), it’s refreshing to see the songwriting tandem of Morrissey and Marr getting the props they deserve. Breaking in at #67, the post features some very nice quotes from Marr about Morrissey, and a photo of the pair of key Smiths that I’ve never seen before. Here are both, for review.

Read more →

They're made out of meat

I’m a big fan of science fiction writing, and with humor it’s even better! Here’s a great one I found online, first a note from the author Terry Bisson, “I’m honored that this often shows up on the internet. Here’s the correct version, as published in Omni, 1990. Thanks for your interest in my work. If you enjoyed this little piece, please give a dollar to a homeless person.”

Read more →

HOWTO use npm behind a corporate proxy

Overview

Working at $big_company is not without its challenges, but the least of which should be network access, right? No, of course not. Installed “security appliances” (see the SSL MiTM post for more on that) on the network always limit access from within the corporate firewall out to the Iernet at large to protect from security vulurables. This is all great and fine, but that kind of protection always errs on blocking, so working with open source projects that are easy to install and run out in the real world become a nightmare when you’re inside the coporate firewall.

Read more →

Does your employer run SSL MiTM attacks on you?

TL;DR companies are buying appliances that run SSL MiTM (Man in The Middle) attacks against their users, decrypting sessions on the fly without the user’s knowledge. You should find out if this is happening to you. As a self described privacy advocate, I consider myself pretty cognizant of when I might be under some sort of network surveillance; I know what to look for, and enjoy understanding ways to avoid it (often by not visiting certain sites from certain networks), but one day I hit something that surprised me.

Read more →

HOWTO Turn On Firefox Tracking Protection

Years ago there was a lot of excitment about Do Not Track (DNT) as a way to enhance online privacy for users by allowing them to ‘opt-out’ of tracking by websites and advertisers. The idea as defined on Wikipedia:

The Do Not Track header is the proposed HTTP header field DNT that requests that a web application disable either its tracking or cross-site user tracking of an individual user. The Do Not Track header was originally proposed in 2009 by researchers Christopher Soghoian, Sid Stamm, and Dan Kaminsky. Efforts to standardize Do Not Track by the W3C have so far been unsuccessful.

Read more →

HOWTO Get a New CoreOS AMI ID

I’ve used CoreOS a good deal for the last few months, automating it on Amazon Web Services to run Docker instances like a boss, but when a new version comes out, figuring out the new AMI ID to target is cumbersome. What happens is that a new CoreOS version will be built with AWS, resulting in a new AMI ID, but going to the CoreOS cloud provider’s page to manually grok the ID is no fun. I knew there had to be a automated way to do this, but earlier attempts failed. That changed today as I got a clue from the #coreos channel on irc.freenode.net. Here’s the gist:

Read more →

Mogwai, Helicon 1

One of my all time favorite bands Mogwai (still #2 on my last.fm listen list) is releasing a career spanning 3 CD / 6 LP set called Belters Box. For the occasion they’ve released a new video, for an old song, Helicon 1. Directory Graig Murray has this to say about it, “The film you see is made from 100% 35mm stills which I shot off the screen: I used about 100+ rolls which were all individually scanned. All effects you see in the film are physical workings of the negatives (scanner compositing, scratching, liquids etc). Given the logistics of shooting everything discreetly and also in the sea, the original footage was all shot on an iphone and a go-pro, with some addition animation using 35mm.”

Read more →

Snowden on privacy

While Edward Snowden may be hiding in Russia, he understands and thinks about the freedoms American’s take for granted everyday. In a recent Reddit AMA he succinctly described why he is such a firm believer in privacy, giving his argument against the often heard, “I don’t care if they violate my privacy; I’ve got nothing to hide”.

Read more →

HOWTO build microservices infrastructure with Mantl

Overview

I’ve been watching ciscocloud/microservices-infrastructure for awhile, an ambitious project designed to get a microservices infrastructure setup with a reasonable set of defaults. Now they seem to be getting more serious about the project and have renamed it mantl, which they define as, “A container orchestrator, docker, a network stack, something to pool your logs, something to monitor health, a sprinkle of service discovery and some automation”. This sounds amazing, and certainly similar to something I did/try to do with my stax project… but just like with stax, there’s lots to do up front. Let’s give it a go. Will run it on AWS, but note that it can also be run on Vagrant, Openstack, Google Compute Engine, as well as bare metal, via Terraform. As usual I’m working from Debian, so if you’re in something else, or OSX, your initial setup will vary.

Read more →

HOWTO build tiny docker images

Overview For the past year it seems, everyone is trying Docker, running processes in containers to make environments more predictable and reproducable. However old habits die hard, and once again I see installations that are far larger with wasted resources at best, and insecure, unused services running at worst. Most people running Docker are using huge images with needless applications installed and taking up space for their containers. Meanwhile, if you search in the Docker Registry for ‘debian minimal’ you’ll come across some images that are over 260 MB!

Read more →

HOWTO get started with lxc and lxd

Today Ubuntu released 15.04 (Vivid Vervet) which is a huge release for the lastest cloud and server options. Updated OpenStack, Juju, libvirt, qemu, Open vSwitch, Ceph, cloud-init, docker, corosync, haproxy, pacemaker - and the stars of the show, Ubuntu’s take on the container world, lxc, lxd and Ubuntu Core, aka Snappy. With all of that fun stuff I didn’t waste any time, I grabbed the server ISO of 15.04 and slapped it on a server. I got started with lxc and lxd to check them out, and while there’s plenty more to do and learn, here’s how to get started with them.

Read more →

Green Chile Chicken Enchiladas

And now for something completely different, it’s a followup to my only other cooking post, Migas. Keeping it in the Mexican/Tex-mex realm, today we’re going to make some green chile chicken enchiladas!

Green chile chicken enchiladas

Read more →

The Computer Fraud and Abuse Act (CFAA)

From an article about the court case against weev (yes he’s a creep, but he still has rights) is an apt, consise definition of the Computer Fraud and Abuse Act (CFAA) and how it’s being used/abused today. ”… the CFAA, a law passed 30 years ago before every home — indeed, every person’s pocket or purse — held a computer. The CFAA is an anti-hacking statute that makes it a crime to obtain information from a computer “without authorization.” Since lawmakers never spelled out exactly what they meant by that, prosecutors have, over the years, stretched the law to encompass all sorts of harmless activities.

Read more →

Best Music of 2014

This is the 2014 update to my ‘best music of’ list that I do every Decemeber after another year of new sounds. This year was highlighted with seeing more live shows than years past, a trend I will continue as we move into 2015. See you at the show, I’ll be in the middle of the floor about 13 back, and ya, I’m ready for another - I’ll get the next one, thanks.

Read more →

HOWTO update Googledrive icons to go with the dark Yosemite theme

I’ve been using Apple OS X Yosemite since the first beta, and I’ve been very impressed with its stability, and slight UI updates. Once it went official, I immediately tried out the ‘dark’ theme (System Preferences > General, then check: Use dark menu bar and Dock) which gives you just that, a dark menubar (black actually) with white icons and writing. The cool thing is that in the past this is one thing you could never (officially) change in OS X, so now that they’ve given it a proper integration and UI testing, it looks nice and feels new. Since the dark theme in Yosemite is so new not all apps support it, so they might have an icon that doesn’t stand out as well now that the background isn’t light. This is certainly the case with Google Drive, which I’ve been trying out as a way to consolidate documents and files that don’t need to be private. The screenshot tells the tale of the icon, and it isn’t pretty:

Googledrive menu icon on Yosemite's dark theme (it's the 3rd from the left)

Read more →

HOWTO serve Gandi SSL certs in nginx

I’m a big fan of Gandi for domain hosting since they are very transparent about their operation, support the efforts of EFF and last but not least, are based in Paris. So today I transfered fak3r.com over to Gandi, and earned a free SSL cert for a year for doing so! Cool, since my old StartSSL cert expired, I needed to replace it, so this was nice timing. Now while Gandi’s documentation is very good, and I’ve done plenty of SSL setup before, I still hit a snag that I’ve hit before, so this time I wanted to record it so I wouldn’t have to look it up again next time.

Read more →

More tech pros earning six figures than ever

A new report from Dice.com, “…suggests that more tech people are earning six figures a year than ever. Some 32 percent of full-time tech pros took home more than $100,000 in 2013, according to the findings, up from 30 percent in 2012 and 26 percent in 2011. For contractors, the data is even better: In 2013, a staggering 54 percent of them earned more than $100,000 a year, up from 51 percent the previous year and 50 percent in 2011. How far that money goes depends on where you live, of course, but it does seem like a growing number of the world’s tech workers are earning a significant amount of cash.”

Read more →

Office Space script

While looking for quotes from the movie Office Space, I came across the script on IMSDb, and liked it so much I reposted it here (you know, for great justice). This movie is universal, everywhere I’ve worked people call out quotes from it, and it’s like, ya, they get it too. Recommend.

Office Space

Read more →

HOWTO install open source Adobe terminal fonts

In September 2012, Adobe released its second open source (under the Open Font License 1.1) typeface family, Source Code Pro. This is a monospaced version of the first one, Source Sans Pro, and that’s significant because I’m always looking for a good, monospaced font I can use in my terminals. This one looked like a great option to try out, so I downloaded it and gave it a run. Below are the steps to manually install it via the command-line, and while this is in Ubuntu, Debian and other Linuxes should work the same way, but as always YMMV. So let’s get started.

Read more →

Through a PRISM, Darkly - EFF at 30c3

Here’s a great talk from the Chaos Computer Club’s current event, 30c3 happening now in Munich. Here Kurt from EFF gives a great overview of what we know the goverment is doing, and ways to fight against mass surveillance. “From Stellar Wind to PRISM, Boundless Informant to EvilOlive, the NSA spying programs are shrouded in secrecy and rubber-stamped by secret opinions from a court that meets in a faraday cage. The Electronic Frontier Foundation’s Kurt Opsahl explains the known facts about how the programs operate and the laws and regulations the U.S.

Read more →

Best music of 2013

Here is my annual post of the best music released in the year of 2013. I’m looking forward to seeing Arcade Fire, and later Nick Cave and the Bad Seeds in the Summer or 2014. I have some links so you can hear some of the music that got me through this year. Give those a listen, then buy music and finally, go out and see bands play live! Photo

Read more →