writing for an audience of one

Uh, CloudFlare...wat?

If you're using CloudFlare, take a look at this thread immediately and start Googling for news on the subject. It's a pretty bad security breach that involves CloudFront proxies and leaking memory across the Internet.

Posted: Thursday, February 23rd, 2017 at 8:54 PM EST

SHA-1 Collision Found

Wellp, it's official. SHA-1 should be assumed to be broken because a collision was found. It took a pretty massive amount of computing power to discover it, but it happened.

While it's not a doomsday-style scenario, it's still something to keep in mind for running systems and future design. I utilize SHA-2 at the mininum (256-bit or 512-bit), and even then I don't think it's something that should be assumed won't be broken in the coming few years.

This discovery of an SHA-1 collision was generally predicted for the 2020s, so it has happened a couple of years early. I'm no crypto expert, but good alternatives aside from just SHA-2/SHA-3 seem to be ChaCha/BLAKE or Whirlpool.

Posted: Thursday, February 23rd, 2017 at 3:20 PM EST

Why I stick to FreeBSD

Working on dog fooding my base build projects on this site, so should be getting back to posting at least once every couple of weeks. The base builds for this site involve the API server, the web client (this site), and the CMS. Will update with more technical details on the next post in the next few weeks.

I run FreeBSD on my servers, and have been since 2.1.7 (97 or 98). Linux is great and all, but my preference is for FreeBSD because of the bundled kernel + user space distribution, along with goodies like ZFS and jails (which I prefer to Docker).

Posted: Friday, February 17th, 2017 at 8:26 AM EST

SUR40 Revisited

Powered back the SUR40 unit that I haven't touched since earlier this year. Imaged the partitions using CloneZilla/ntfsclone in case I needed drivers or applications off it. Then used east2boot to build a bootable USB stick with both Windows 10 & Linux on it.

Turns out that Linux added native driver support for the SUR40/PixelSense, which is awesome. What's even more awesome is that the system is actually pretty snappy and responsive! I'm looking forward to playing around with it and seeing what can be done.

The primary purpose though is to try to build an application for a specific event. It would probably be best as a desktop application that uses OpenGL to render the custom NUI, since it needs to be multi-directional. It's also going to have to integrate with an existing infrastructure of an API server that also serves up a webapp as well as native mobile apps. Should be pretty interesting.

Posted: Saturday, November 19th, 2016 at 7:30 PM EST

Startup Financing

Startup financing is done in stages and, generally speaking, the stages are broken down as follows:

  1. Pre-Seed
  2. Seed / Angel
  3. Series
  4. Bridge / Mez
  5. IPO

Will expand more on this later.

Posted: Thursday, October 27th, 2016 at 9:10PM EST

Humor from Stern

I've been listening to a lot of Howard Stern in the background while 'working', and this one had me cracking up:

Howard: What does your brother do for a living?
Girl: He's a web developer.
Howard: A web developer? What is he, Spiderman?
Posted: Tuesday, October 25th, 2016 at 4:15AM EST

Site Status

The site is mostly unfinished, but I'll slowly finish it over the next couple of weeks. The work page is going to take a while, as there are a lot of projects to go through in addition to hobby projects as well.

Posted: Monday, October 24th, 2016 at 10:23PM EST

Inaugural Post

Wellp, looks like it's back up. Plenty to write about, so the goal is to post something once every 7-14 days. Most of my existing notes/drafts are based around technology, business, fitness, public policy.

Posted: Monday, October 24th, 2016 at 9:55PM EST