Unl0ckd 馃憢

The intersection of Faith, Liberty, Security, Privacy, Technology, and Family

Why I didn't budget for a penetration test in 2024

BLUF Competing priorities, cost-consciousness, and lower-hanging security fruit were the reasons penetration didn鈥檛 make it into my AOP this year. I鈥檓 not in a highly regulated environment, though, so if regular penetration testing is a requirement, then your options are limited, but here are some things to consider. Analysis Each offensive security consultancy and penetration tester has their own methodlogy. Penetration testing isn鈥檛 guaranteed to find your most prevalent vulnerability, nor your most difficult, movie-plot security threat....

May 21, 2024 路 3 min 路 570 words 路 Chris

The XZ Utils Vulnerability

CVE-2024-3094 highlights the strengths and weaknesses of Open Source.

April 2, 2024 路 2 min 路 365 words 路 Chris

On Software Predictability

Life鈥檚 busy. Also, it鈥檚 hard. Software that breaks compatibility or predictability makes life harder. Returning to a project after years off requires re-orientation of architecture and tooling. Although difficult, it鈥檚 a fair assumption to make that one should need to re-orient on an architecture: understanding where everything goes is natrual. The tooling, on the other hand, should remain stable. Familiar. Predictable. Imagine moving out of your childhood room to attend university or join the military....

March 3, 2024 路 2 min 路 271 words 路 Chris

Life Management System Comparison

I describe how Pillars, Pipelines, and Vaults is the best Life Management system I鈥檝e found

February 21, 2022 路 9 min 路 Chris

Add MFA to Fedora with Yubikey

Add MFA to sudo and gnome in Fedora using a Yubikey and authselect

May 3, 2021 路 3 min 路 Chris


RMS, Dan Kaminsky, FLoCS, Fedora

May 1, 2021 路 3 min 路 Chris

Use AWS Config To Hunt Public S3 Buckets

This post covers using AWS Config as a starting point to find public s3 buckets in your organization.

November 2, 2020 路 2 min 路 Chris

Set Security Headers using Cloudflare Workers

This article covers previous work and introduces a warning

October 9, 2020 路 2 min 路 Chris

Aws S3 Cloudfront Cloudflare Https

This post covers increasing security for a static site hosted on s3 using cloudfront and cloudflare

October 2, 2020 路 2 min 路 Chris

Blacklight Privacy Tool

Today on my Mastodon feed, several folks were discussing a new tool by TheMarkup called Blacklight. This tool is billed as a 鈥渞eal-time website privacy inspector鈥 that showcases the ad and tracking tech deployed by a website. I shared this tool with several colleagues and it engendered a stimulating conversation surrounding company commitment to privacy. I argued during this conversation that it would be worse for a company to claim to value customer privacy and then have Blacklight reveal otherwise, than to have made no such claim in the first place....

September 22, 2020 路 2 min 路 Chris

Using Local Fonts - Hugo Academic Theme

The fresh new look of this site is provided by the Academic Hugo Theme. Because I value your privacy just as I value my own, I needed to modify this theme to not make use of Google Web Fonts because use of this service enables Google to further track users. In this guide, I鈥檒l add the Montserrat font by Julieta Ulanovsky as the heading font for this blog: TL;DR - Recap...

September 3, 2020 路 6 min 路 Chris

Thoughtful Birthday Present

When my Dad turned 70, I couldn鈥檛 decide what to get him. He claimed to not want anything leaving me in a bind. I thought for days about what to get him and the idea I finally settled on seemed inadequate to me, but it wound up being a hit: I presented him with a hand-written book containing 70 memories of him throughout my life. He got emotional over this gift, and for a man as stoic as he is, this was a surprise....

September 2, 2020 路 1 min 路 Chris

A Fresh Look

I鈥檝e updated this site鈥檚 appearance with a new hugo blog theme

August 31, 2020 路 2 min 路 Chris

Fingerprinting Privacy: Brave vs Firefox

Brave and Firefox bill themselves as privacy champions. How do they fare at fingerprinting protection?

August 20, 2020 路 4 min 路 Chris

Find Resources With AWS Config

Use AWS Config to locate AWS resources

August 12, 2020 路 3 min 路 Chris

Joining the FSF

I鈥檝e joined the Free Software Foundation and so should you!

June 17, 2020 路 1 min 路 Chris

One Month With Mastodon

I鈥檝e switched to Mastodon and so should you.

June 11, 2020 路 6 min 路 Chris

Moving From Macos to Linux

I鈥檝e adopted Linux on the desktop. Here鈥檚 how I adapted my macOS workflow鈥

May 26, 2020 路 4 min 路 Chris

Compiling Emacs 27 on macOS

The easy way to compile Emacs 27 on macOS using Homebrew

May 15, 2020 路 1 min 路 Chris

How to Securely Configure CloudFlare with S3

This post covers how to secure an S3 bucket serving content through Cloudflare

April 17, 2020 路 4 min 路 Chris