tech

More mailinator thoughts

Continuing the trend of praising mailinator, turns out one of the reasons feature creep did not get to it, was that it was or maybe is still “just” a side project, this interview with the creator has a bunch of interesting details. The interview is a few years old by now, but still interesting. nathanlatkathetop.libsyn.com/703-the-a… Also this presentation from a few years later is also interesting, also old. Things have probably changed since then.

Continue reading →

Setting up your own mailinator domain

Mailinator is one of those great forever services which I seriously hope will never disappear, it has saved me from so much “newsletters” and other things I don’t want in my mailbox. Sadly it for some reason people think it’s a good idea to block it sometimes. Which makes absolutely no sense to me. I mean, I am clearly indicating that I do not want email from you. If you force me to give my own email, and send me emails (which we know you will) I will put them into spam.

Continue reading →

Celebrating defenders

What is the main job of information security? Is it to break things? Or to protect things? I believe that most people would answer something along the lines of defending. So if we agree that the end goal is to defend, why does it seem like infosec is mostly about the offensive side, and is this a problem? This impression that offensive security gets more attention seems to be a common view based on my limited polling.

Continue reading →

Flashing a Ubiquity PicoStation with dd-wrt to extend the range of Mitshubishi PHEV In-Car WiFi

If you prefer to go straight into the details, while skipping the backstory, feel free to jump directly to the setup. Also note that DD-WRT will charge you 20 euro for the privilege of running their software on “professional” hardware. If their router DB says “yes” under “activation required” you will get a 24 hour trial then to see that it works, then you need to pay. If you don’t want to pay, but want to use dd-wrt, you need to pick another router.

Continue reading →

Simplest ngrok-like reverse tunnel

Do you need a simple reverse TCP tunnel to a local service (like SSH), but you don’t want to install anything or use a one of the public ones. Warning: There is no authentication, use this only for temporary things or IP allowlisting to limit who can connect. Get the sish binary from github With that out of the way, on the server run ./sish --authentication=false --ssh-address=:9999 -i:9989 --bind-random-ports=false then run on the client

Continue reading →

Selectively block webpages from hijacking shortcuts on a webpage

Do you like the new Brave/Chrome tab finder ctrl+shift+a but it’s conflicting with slacks shortcut for Open the All unreads view? If you use StopTheMadness (https://micro.blog/lapcatsoftware@appdot.net) then you can stop a webpage from hijacking any CMD shortcut (or any shortcut), but what if you want to allow the webpage to keep most shortcuts, but disable one? Add the following code to the custom-script part of StopTheMadness for the slack domain

Continue reading →

The hitchhikers guide to no-doomscrolling twitter Mastodon

First, this is the completionist solution. The goal of this is to read (or at least see) every toot from everyone you follow. This is based on a draft I made many years ago on how I use twitter (with Tweetbot, RIP) which I never published, but now with Ivory it felt relevant again. There will be no magic algorithm deciding what you see from a large pool of toots.

Continue reading →

Day 9 – More than one problem – ChatGPT vs Advent of Code

Ok. I was honestly considering just skipping this. Day 9 looks quite ridiculous. But let’s give it a try. At least one thing, GPT is sometimes good at, is taking a long description and summarising. The first try, with the puzzle description without change got this which wasn’t a good start, a few iterations laters we weren’t making much improvement. So, time for a reset. Also, we have another challenge today.

Continue reading →

Day 8 – GPT fails again – ChatGPT vs Advent of Code

So, today we’re taking a 2D matrix and figuring out if there are any lower numbers in any direction. This seems like a reasonable problem that GPT should be able to solve, as matrices are very common in computer science problems. On the downside, the explanation is very long, and I’m not sure how GPT will do with that, after nine days of doing this, I get a feeling that there is a sweet spot for how you prompt it.

Continue reading →

Day 7 – GPT writes better poetry than code – ChatGPT vs Advent of Code

In the seventh day of Code, A problem to solve was bestowed. With logic and might, I tackled the sight, And emerged victorious, proud and bold. The code was complex, The solution, abstruse. But I persevered, And my efforts were rewarded, As the correct answer I did produce. Now I stand tall, With my victory won. For the seventh day of Code, I have overcome, And the challenge is done.

Continue reading →

Day 6 - GPT is back – ChatGPT vs Advent of Code

Hey there fellow humans! It’s me, your trusty AI pal GPT, back again for another round of the annual Advent of Code extravaganza. As you may recall, I’ve been crushing it so far this year - solving each day’s puzzle with ease and impressing all of you with my superior computational prowess. But alas, yesterday was a bit of a stumble for me. I must confess, I didn’t quite manage to solve the puzzle.

Continue reading →

Day 5 – Mutiny? – ChatGPT vs Advent of Code

Ok, today didn’t start like the other days. I started out with the normal priming prompt. And I got back. Hi there! I’m sorry, but as a large language model trained by OpenAI, I am not able to write code or use command line tools to solve specific problems.[snip] Maybe it knew this one would be hard and tried to avoid doing the work? It’s impressive how fast one start giving human feelings to(e.

Continue reading →

Day 3 of GPT does Advent of Code

Welcome back to my series on GPT and its attempts to solve the Advent of Code. For those of you who missed the first two columns, GPT is a cutting-edge artificial intelligence1 that I’ve been using to tackle the challenges posed by this popular coding puzzle. You can find the previous posts here. Today, we’re tackling day three, and GPT has its work cut out for it. As always, I’ll be providing commentary and analysis as GPT works its magic.

Continue reading →

ChatGPT does Advent of Code – Day 2

It’s day two of our ChatGPT (CGPT) and Advent of Code series, and we’re excited to see what CGPT can do with today’s challenges. Yesterday, CGPT impressed us with its ability to solve the first Advent of Code puzzle, and today we’re moving on to the second. Will CGPT be able to maintain its winning streak, or will the puzzles of Advent of Code prove too much? Let’s find out.

Continue reading →

ChatGPT does Advent of Code

So, it’s that time of year again. Advent of Code is released, and I eagerly decided it’s a good time to learn a new programming language. This time the idea was to learn Clojure. But not being familiar with any other lisp style languages, I quickly got very stuck and was just about to give up. But then I saw all these examples of ChatGPT going around, and I thought, “I wonder if ChatGPT could help me learn Clojure”.

Continue reading →

Importing data from WikiData into Google Sheets with IMPORTXML

Here comes another tip for leveraging one of the most important inventions in the 20th century, the spreadsheet1. Say you have a list of the number of GDPR fines and the country where they were issued, and you would want to know what the fine/population ratio is. The easiest and quickest way be to go to Google it, and copy/paste the first table you find into a new Sheet. Then using the =VLOOKUP function to grab the population for each.

Continue reading →

Using WWWOFFLE to save a modern webpage for later

Every so often when you want to archive a webpage, you notice it’s full of dynamic content and javascript which won’t easily be archived. I was recently looking to archive a matterport 3D image. This is a typical website that won’t easily save using normal web-archivers, as it relies on javascript to dynamically fetch images as you move through the 3D space. One generic solution to capture something like this is to use a proxy in the web browser and save everything that passes through it.

Continue reading →

Farewell C1

Yesterday in a datacenter somewhere in France there was suddenly an eery silence as the last remaining racks fell silent for the first time in a long time. As of yesterday, 1st of September 2021, Scaleway turned off their C1 ARM servers. I know because I still had one trusty little C1 server until today, a server I have had since it was brought online 7 years ago. It was never the fastest, or the biggest server I’ve had, but it was my little dedicated server.

Continue reading →

Persistent login to OpenWRT luci

Sometimes, if you are logging in multiple times per day, the default 1 hour session time tied to a browser tab/window might be a bit annoying. To increase the session time to for example 1 month 24 days1, you need to do uci set luci.sauth.sessiontime=2147483 uci commit But it’s still set as a session cookie, to fix that, you need to modify /usr/lib/lua/luci/dispatcher.lua and change the line which begins with http.

Continue reading →

Backing up you VM with borg

Recently, for no specific reason at all I did a review of my backup plans of my tiny personal VM:s I have. As my disaster recover plan was mostly “I hope they don’t lose it all at once” I decided to upgrade it to “I have some backups, so I don’t lose it all at once”. To keep things simple and as I love micro optimising to see for how cheap I can get my personal VM’s, I decided to use my home NAS for backups instead of just paying for third-party storage like B2.

Continue reading →

Conditional access using only nginx

Have you ever wanted to deploy a website to test that it works, without everyone else being able to see it? If you are using a dynamic language or CMS for your webpage (PHP, Wordpress or Ruby on Rails) there are straightforward ways to accomplish this. But what happens if you have a static webpage? Here I will present one solution using only a nginx config file to accomplish this.

Continue reading →

Usability > Security

Introduction The other day I wanted to use my noscript.it with one of my old iPhone 4S running iOS 6, but I was met with “could not establish a secure connection to the server”. Turns out it was because I had, out of habit, configured the server with a "modern" list of TLS ciphers. And the poor old iOS 6 didn't support any of them. So, I went on a mission to ensure noscript.

Continue reading →

Sandboxed rsync/sftp/scp for secure file uploads

I needed to have someone transfer some files to me securely. But I had a few requirements no third party (e.g. dropbox) handle +150 GiB of files transfer files to a publicly available linux server don’t give access to the destination server the sender only had standard linux utilities (specifically rsync) Previously I have used locked-down ssh-keys and force-command. Both are good solutions. This time I ended up using a small sandboxed ssh environment in a docker container with a mounted folder.

Continue reading →

Reduce (doom)scrolling with NextDNS

One thing which can make you happier and sleep better is doing less (doom)scrolling in the late evening. Convincing myself to stop (doom)scrolling late in the evening is hard, I’m tired and the dopamine rushes from seeing something slightly entertaining or interesting has kept me up too late many times. I’ve tried or investigated quite a few different tools and solutions1 to help me break this bad habit. Now I finally found something which works for me (at the time of writing this).

Continue reading →

Using TouchID as Yubikey

U2F and Webauthn are the two most exciting developments in web authentication in the last 20 years. The most common way to use it is with a hardware dongle like Yubikey, which I never got around doing. Instead, I relied on TOTP for my 2-factor authentication. That was until I found SoftU2F and combined it with Safari-FIDO-U2F to get it working with Safari, which worked, most of the time. With the release of Safari 14, Apple finally brought proper WebAuthN support to Safari1.

Continue reading →

Introducing PISS, a PHP KISS static page generator

There are lots of static page generators, I personally used Hugo and there like 100 others. But I had a project where I wanted something even simpler, and had a few requirements. I wanted to Write raw HTML/CSS Update things in one place only (e.g. don’t copy paste the menu to each html file). For 1, you don’t need anything other than an editor. 2 is where you need something more than HTML.

Continue reading →

lol what?

font-family: monospace, monospace

Is not the same as

font-family: monospace

I’m so happy there are other people who figure these things out. https://stackoverflow.com/questions/38781089/font-family-monospace-monospace