Neologism: Octopus mud wrestling

octopus mud wrestling - A situation where multiple conflicting problems and solutions come together to prevent anyone from accomplishing anything useful. Every possible step toward a solution causes two other problems that further complicate things. Sometimes this means that something can't be fixed at all and a forklift upgrade is required. Sometimes attempts to fix everything cause an outage to occur, ruining everybody's day. So called because everything is dirty, messy, confusing, constantly changing and nobody will have any idea what's actually going on until it's over.

Getting stuck upgrading Bolt and what to do about it.

UPDATE - 20170512 - More SQL surgery.

So, as you've no doubt noticed I've been running the Bolt CMS to power my website for a while now.  I've also mentioned once or twice that I've found it to be something of a finicky beast and doing anything major to it can be something of an adventure.  I tried to upgrade my site last week (tonight, by the datestamp on this post) and had to restore from backup yet again because something went sideways.  That something was the upgrade process going wrong and throwing an exception because of something in the cache directory …

Read more...

Virtualbox virtual machines keep aborting.

If you've been experimenting with different operating systems for a while, or you have some need to run more than one OS on a particular desktop machine, chances are you've been playing around with Oracle Virtualbox due to its ease of use, popular set of features, flexibility, and cost. You've also probably run into the following syndrome (usually while trying to build a new virtual machine):


  • You configure a new virtual machine.
  • You associate a bootable optical disk image with the new VM (for the sake of argument, let's say you're experimenting with the 50 megabyte(!) distro Damn Small Linux …

Read more...

Misadventures in IT.

I don't ordinarily write much about work, mostly because it's not that interesting but also because it's a bad habit to get into, lest I let something critical slip and get in trouble. However, the last two days were sufficiently rough (and strange) that I feel that I have to write something about it, if only to give my fellow BOFHes something to go on if they find themselves in the same particular position I was. The past two days have been by far the strangest problem I've ever run into working in IT or information security.

Let's set …

Read more...

Mesh networks, censorship resistence, and free ponies.

A couple of weeks ago the crowd over at Reddit started putting together a project that's been referred to online as /r/darknetplan, an effort to build a completely decentralized, encrypted wireless mesh network that is censorship-resistent and anonymized. They kick around a lot of ideas in their discussion threads (mostly links to other articles, with discussion of each on-site) and the project's IRC server is packed with interested people. Now, I'm not one to slam anyone who wants to give such a project a shot but they came under some scrutiny from a blogger whose opinion is that it's …

Read more...

Situation report from Austin, Texas.

Things have finally slowed down somewhat in Austin, affording me the opportunity to write a long-overdue update. Workdays have been long (averaging thirteen hours out of every twenty-four), which is why I've been quiet lately.

From what I've seen of Austin, it's a pretty nice place. I"m situated a stone's throw from the airport, and within visual distance of the highway system, which has been both relaxing (coming from an urban background) and a pleasant change of pace from the places that I'm usually put up by my employers.

Two nights ago Tiffany (co-worker and fellow foot soldier fighting …

Read more...

A word to would-be presenters out there.

Unless it involves 0-day security vulnerabilities that amount to a global panic in the style of bad Hollywood action movies never, ever install updates of any kind on the laptop you're going to carry into the field with you the week before, or you'll spend every waking moment up until the time you go before the crowd trying to fix your laptop. Don't be That Presenter At the Con.

Random knowledge II.

If you turn on the Xscreensaver module called Sonar while you're running a packet monitoring application (such as TCPdump), people are less likely to think you're doing anything shady, because "Only hacker tools don't have GUIs." Always hack your shell's personal configuration file (~/.bash_profile, for example) to change your shellprompt if you use GNU screen. That way you can tell what shells you've left open are single-access shells and which shells are multiplexed through a single connection with screen. It can get confusing sometimes. Because a shell run inside a GNU screen metaterminal sets an environment variable called $WINDOW, you …

Read more...