The world awaits...

secure computing (11)

OPNSense and One-to-One NAT

This is mostly a technical note to others struggling with One-to-One NAT on OPNsense. You want to setup public, routable IPs that map 1:1 to a private, non-routable IP. First, setup the Virtual IP on…

Continue reading...

Passkeys and Tech Duopoly

Passkeys are vendor lock in and tries to turn a few big tech companies into critical infrastructure. I started to write this post in October 2022 when there was a huge push about the coming…

Continue reading...

Thought Experiment with Redox OS

In conversation with a Rust fanatic, we stumbled into the topic of operating systems. RedoxOS is an operating system written in Rust, from scratch. Everything is in rust, the core libraries, the kernel, the device…

Continue reading...

48 --> 6

Recently, my two 24-core servers were shutdown and replaced with a 6-core Pine64 RockPro64. There were three migrations. The first migration was from compiled-from-source binaries to docker containers. The second migration was one 24-core server…

Continue reading...

Initial Thoughts on FIDO

If you're involved in computer security and authentication,you might know about the FIDO Alliance. If you haven't, you know about them now given the giant marketing push about the great cloud-controlled, passwordless future we have…

Continue reading...

Time for a Personal Cloud

The Apple CSAM scanning highlights something many know but shrugged off, your data in the cloud is yours, and the providers. Unless you take strong measures to combat it, your data is yours and theirs.

Continue reading...

How I Store Files in a Cloud

Background In discussions with someone about cloud security, they were surprised to learn I store anything in the cloud. It's convenient to have my files synced between machines. I use syncthing, resilio, and cloud drives.

Continue reading...