Featured Articles

Hardening Guide for phpList
WordPress Profiling with XHProf (Debugging & Optimizing Speed)
Introducing BusKill: A Kill Cord for your Laptop
Trusted Boot (Anti-Evil-Maid, Heads, and PureBoot)
Detecting (Malicious) Unicode in GitHub PRs
WordPress Multisite on the Darknet (Mercator .onion alias)
Crowdfunding on Crowd Supply (Review of my experience)
Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)
Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)
previous arrow
next arrow

New Look!

Well, my old server died (I think the processor fried itself somehow). Due to school workload, I wasn’t able to properly configure a new server until now, thereby this blog has been down for months (and, surprisingly, I’ve actually had people comment about it being down–mostly because they were unable to flame me, though *shrug*).

Anyway, I’ve finally got a new (actually, it’s quite old) rack-mountable server (minus the rack) running FreeBSD as a replacement. Moreover, I’ve changed the theme, so this site had both a different software and hardware look!

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael

tech.michaelaltfield.net/

IPv6

In light of the whole world going crazy because the we’re running out of IPv4 addresses, I did some calculations.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: IPv6

Study Software

My senior year of high school, I was preparing for probably the hardest exam I’d ever have to take: my Anatomy and Physiology final exam. In order to make an A in the class, I had to make >92 on the exam. Our teacher gave us a pool of 500 questions; of those 500 questions, she would pick 100 to make up our exam. So, I set to work on memorizing the answers to those questions backwards and forwards.

Instead of using note cards (writing the question on the front and the answer on the back), I spent just as much work (maybe less) in writing a small PHP script that would import a list of ‘note cards’, prompt me with a random side (front or back) of a random card, hesitate (allow me to think of the answer), give me the answer upon my request, and allow me to mark whether or not I got it correct. At the end of this process (2 prompts (one for each side) * the # of cards = a long ass time), it gives me a list of the ‘note cards’ that I got wrong so that I can re-study them and
. . . → Read More: Study Software

Smooth Wall

I’ve wanted to setup a serious linux-based firewall for my home network for some time now, and I finally got around to it yesterday.

There are TON of linux router distros out there, but instead of spending 8 hours picking & choosing, comparing & contrasting, nitpicking & debating, I asked someone else ;). Two buddies of mine have a similar setup at their homes: one uses Smooth Wall; one uses IPCop. I arbitrarily chose Smooth Wall (after actually setting it up, though, I think IPCop would have been a better choice–c’est la vie.

The installation is supposed to be quite painless, and it was–for the most part. The documentation and install process was intuitive and easy to follow, but it didn’t work OOTB. I probably only had so much difficulty because of hardware issues (fried NICs?) which is by no means Smooth Wall’s fault. Nevertheless, it took ~5 hours of bang-your-head-against-the-table troubleshooting ’till I could finally unhook the monitor & keyboard, shove it in a corner, and get some sleep.

I was also disappointed with two things that didn’t work as I had expected OOTB:

DHCP DNS VPN Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and
. . . → Read More: Smooth Wall

eHome — are you home?

Alright, this is bullshit.

I bought an eHome wireless NIC a while ago for really cheap. Haven’t heard of eHome? Neither had I, but it didn’t take me long to realize that it was actually part of D-Link Corporation when I sent my rebates to a DLink corporate address, and when I read the message: “Copyright © D-Link Corporation/D-Link Systems, Inc. All rights reserved. eHome Networking and the eHome Networking logo are registered trademarks of D-Link Corporation or its subsidiaries in the United States and other countries…”

So, I figured: D-Link is a popular company, they’re not going anywhere, they sell tons of devices, so my chipset is probably well supported in Linux, right? Wrong.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: eHome — are you home?

ext3 journal recovery

Every now and then, linux crashes (and consequently, hell feels a little cold). I’m not sure how to diagnose the issue, but I’m almost certain it’s a result of some unstable openGL screensaver, some faulty X app, or basically anything but hardened command-line driven applications (which is simply to say: linux is perfectly stable without a GUI).

Anyway, even fewer times than a crash occurs, I sometimes cannot boot my system following the crash due to a corrupt journal on my main, root partition. To fix it, I have to boot to a live-cd (typically my gentoo minimal install CD), and type one simple command that I have scrawled in huge writing, double boxed on a desk pad. I can’t tell you how many times this little command has saved my life.

Type this to fix an ext3 journal corruption:

e2fsck -b 32786 /dev/sda3

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael

tech.michaelaltfield.net/

`ps` fail with sys-process/procps

Today, I ran an `emerge -uDN world`, and mysql kept failing on the ./configure step because it couldn’t properly execute `ps`.

For as long as I can remember, my gentoo box has been unable to run `ps`. Every time I did, I’d get a “No such file or directory” error regarding /lib64/libproc-3.2.6.so

Upon further investigation, I found that an `ls /lib64/libproc*` showed two files:

/lib64/libproc-3.2.7.so /lib64/libproc.so

…so, `ps` was trying to access 3.2.6, and I had 3.2.7. Obviously something was out of whack–probably an environment variable. I tried creating a /lib64/libproc-3.2.6.so symlink back to the /lib64/libproc-3.2.7, but `ps` only failed with a different error.

So, naturally, I figured I would simply unmerge and re-emerge the package. An `emerge –search libproc` reveled only one package: dev-libs/libproccpuinfo. After unmerging and re-emerging this package a dozen times, I fell back to google. Turns out that the REAL package for the libproc.so file is sys-process/procps. When I got the…

!!! ‘sys-process/procps’ is part of your system profile. !!! Unmerging it may be damaging to your system.

>>> Waiting 10 seconds before starting…

…message, I was sure that I’d break my system, but I continued, finished the unmerge, re-emerged the package, crossed my fingers, and
. . . → Read More: `ps` fail with sys-process/procps

Re: The problem with wikipedia

Alright, I’ve been working on my research paper (an attempt to document the history and differences, and an overall comparison between the Microsoft DirectX API and the SGI OpenGL API), so I’ve been caught in the inevitable wikipedia trap. Here was my path:

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Re: The problem with wikipedia

Blog Moved & Upgraded

So, it turned out that–by some miraculus chance–the day I decide to move my blog from wordpress.com to my own server is the day after a major upgrade of wordpress is released (v2.3 to 2.5). I figured that, while I was at it, I would upgrade the server that I setup a few weeks back (I’ve been planning this move for a while now, just never really got around to finishing). I’m pretty sure I followed the installation process just fine, but when I tried to go to any page on my fresh, new site (including wp-admin/upgrade.php) I got slammed with this lovely error:

Fatal error: Call to undefined function require_wp_db()

Eventually I decided “fuck the installation instructions.” I was able to install it by copying my config file and other data TO the new wordpress folder (the suggested process is the reverse: copying the new files into your current, older install).

It’s a bitch of a thing to search, too. If you search for that error (at least now, anyway) you get a bunch of popular blog sites that have since been fixed. There is no info from the webmaster or blog author as to HOW they fixed it,
. . . → Read More: Blog Moved & Upgraded

Grown-up Security

Well, I’ve been fuming for the past few weeks over something, and I’ve just now gotten around to doing something about it.

I went back to my dorm room the other day, and a few buddies followed me in. One of them was carrying a camera; he was filming me for whatever reason (he’s weird like that). Anyway, I sat down at my computer and unlocked it (brought it out of the screensaver with my password) so I could begin studying for the upcoming finals (the next morning). Soon as I did, the dude with the camera behind me smiled and said, “Now I’ve got your password.” I didn’t know what to do. My computer password is the most secure password I have: alpha, numeric, symbol, and 10 characters long. I use that VERY secure password for the things that I REALLY need secured: computer data, and banks. The first former would be bad, but the later would be worse. If he knows that password, he can literally bankrupt me. Oh shit.

So, something had to be done; I needed to evolve the way I secure things. I’m in college now, so I should probably do it anyway. I need
. . . → Read More: Grown-up Security