Unl0ckd 👋

The intersection of Faith, Liberty, Security, Privacy, Technology, and Family

Why I didn't budget for a penetration test in 2024

BLUF Competing priorities, cost-consciousness, and lower-hanging security fruit were the reasons penetration didn’t make it into my AOP this year. I’m not in a highly regulated environment, though, so if regular penetration testing is a requirement, then your options are limited, but here are some things to consider. Analysis Each offensive security consultancy and penetration tester has their own methodlogy. Penetration testing isn’t guaranteed to find your most prevalent vulnerability, nor your most difficult, movie-plot security threat....

May 21, 2024 · 3 min · 570 words · Chris

The XZ Utils Vulnerability

CVE-2024-3094 highlights the strengths and weaknesses of Open Source.

April 2, 2024 · 2 min · 365 words · Chris

On Software Predictability

Life’s busy. Also, it’s hard. Software that breaks compatibility or predictability makes life harder. Returning to a project after years off requires re-orientation of architecture and tooling. Although difficult, it’s a fair assumption to make that one should need to re-orient on an architecture: understanding where everything goes is natrual. The tooling, on the other hand, should remain stable. Familiar. Predictable. Imagine moving out of your childhood room to attend university or join the military....

March 3, 2024 · 2 min · 271 words · Chris

Life Management System Comparison

I describe how Pillars, Pipelines, and Vaults is the best Life Management system I’ve found

February 21, 2022 · 9 min · Chris

Add MFA to Fedora with Yubikey

Add MFA to sudo and gnome in Fedora using a Yubikey and authselect

May 3, 2021 · 3 min · Chris

Grabbag

RMS, Dan Kaminsky, FLoCS, Fedora

May 1, 2021 · 3 min · Chris

Use AWS Config To Hunt Public S3 Buckets

This post covers using AWS Config as a starting point to find public s3 buckets in your organization.

November 2, 2020 · 2 min · Chris

Set Security Headers using Cloudflare Workers

This article covers previous work and introduces a warning

October 9, 2020 · 2 min · Chris

Aws S3 Cloudfront Cloudflare Https

This post covers increasing security for a static site hosted on s3 using cloudfront and cloudflare

October 2, 2020 · 2 min · Chris

Blacklight Privacy Tool

Today on my Mastodon feed, several folks were discussing a new tool by TheMarkup called Blacklight. This tool is billed as a “real-time website privacy inspector” that showcases the ad and tracking tech deployed by a website. I shared this tool with several colleagues and it engendered a stimulating conversation surrounding company commitment to privacy. I argued during this conversation that it would be worse for a company to claim to value customer privacy and then have Blacklight reveal otherwise, than to have made no such claim in the first place....

September 22, 2020 · 2 min · Chris

Using Local Fonts - Hugo Academic Theme

The fresh new look of this site is provided by the Academic Hugo Theme. Because I value your privacy just as I value my own, I needed to modify this theme to not make use of Google Web Fonts because use of this service enables Google to further track users. In this guide, I’ll add the Montserrat font by Julieta Ulanovsky as the heading font for this blog: TL;DR - Recap...

September 3, 2020 · 6 min · Chris

Thoughtful Birthday Present

When my Dad turned 70, I couldn’t decide what to get him. He claimed to not want anything leaving me in a bind. I thought for days about what to get him and the idea I finally settled on seemed inadequate to me, but it wound up being a hit: I presented him with a hand-written book containing 70 memories of him throughout my life. He got emotional over this gift, and for a man as stoic as he is, this was a surprise....

September 2, 2020 · 1 min · Chris

A Fresh Look

I’ve updated this site’s appearance with a new hugo blog theme

August 31, 2020 · 2 min · Chris

Fingerprinting Privacy: Brave vs Firefox

Brave and Firefox bill themselves as privacy champions. How do they fare at fingerprinting protection?

August 20, 2020 · 4 min · Chris

Find Resources With AWS Config

Use AWS Config to locate AWS resources

August 12, 2020 · 3 min · Chris

Joining the FSF

I’ve joined the Free Software Foundation and so should you!

June 17, 2020 · 1 min · Chris

One Month With Mastodon

I’ve switched to Mastodon and so should you.

June 11, 2020 · 6 min · Chris

Moving From Macos to Linux

I’ve adopted Linux on the desktop. Here’s how I adapted my macOS workflow…

May 26, 2020 · 4 min · Chris

Compiling Emacs 27 on macOS

The easy way to compile Emacs 27 on macOS using Homebrew

May 15, 2020 · 1 min · Chris

How to Securely Configure CloudFlare with S3

This post covers how to secure an S3 bucket serving content through Cloudflare

April 17, 2020 · 4 min · Chris