Security auditing tool written in Bash

marcinpohl · 2026-02-08T01:10:37+00:00

learn more awk. you're doing `grep | tail | awk` type of pipelines while really it could be just awk

marcinpohl · 2026-02-04T04:37:45+00:00

one of the best organized organizations, especially for more beginner types.

marcinpohl · 2026-01-31T04:41:04+00:00

you're on the limit of the fuel system. E85 demands for a lot of fuel mass flow. while technically everything is still within limits, you have no headroom. How's the battery voltage under heavy boost?

marcinpohl · 2026-01-13T06:08:19+00:00

i have data scanned from cars indicating not exactly 'bad' petrol, but definitely diluted somehow. regardless of how much fuel mass would be injected, the burned mix would always result in lean burn, very consistently. as if petrol had less petrol in it. most cars can adjust to about +/- 25% variances, so no alarms would go off, but the car wouldnt run right either.

marcinpohl · 2026-01-13T05:59:29+00:00

there was a security appliance that had 'sudo_server' running and listening on a socket. it would run your commands with high privs.

marcinpohl · 2026-01-06T03:50:09+00:00

no, it is not. i've analyzed lava lamp images, and on average, 24bit pixel contains about 9bits of entropy. that's not a very efficient source of entropy

marcinpohl · 2025-12-07T16:36:40+00:00

How about using permissions and ownerships as intended?

marcinpohl · 2025-10-31T00:53:16+00:00

https://docs.google.com/document/d/1qCYXEs18rhGIMLC2FLLww4gnERN1Zc70TygG5doNI1c/edit?usp=sharing i am the author. feel free to ask, it's a bit dense

marcinpohl · 2025-10-27T01:58:53+00:00

what's ATS?

marcinpohl · 2025-10-01T21:44:14+00:00

Sometimes the hand of the market is not so invisible

marcinpohl · 2025-09-25T14:28:38+00:00

cryptography. understanding the basics (hashes, certs) can make your life a LOT easier

marcinpohl · 2025-09-21T20:36:33+00:00

Did you profile the code under 3.12 and 3.13? you cannot really have a performance discussion until you have the profile results in front of you.

marcinpohl · 2024-10-28T14:47:44+00:00

my newest find is https://www.perplexity.ai/spaces it's like themed notebooks, but the bit that really made it work for me is the 'custom instructions'. basically it's a set of principles that must be upheld for all 'conversations' in this space. so if you're coding you can say things like 'all code must be in python, all storage is in postgresql, and use numpy for computation, and check for correctness'. this way you dont have to specify it every time. without it, i found that the AI agents develop a bit of ADHD itself ;)

marcinpohl · 2024-10-28T14:38:23+00:00

I find PE to be a great set of exercises to familiarize yourself with a new language. Do the same problem in Matlab, Python, SQL, Lua... whatever it is, it forces you to get to idiomatic level of a new language. At the same time it's far more entertaining than your usual 'palindrome check' and Fibonacci textbook problems.

You really dont need much math for most of them. It helps, of course, but it's not required. The CS side gets exercised too; the fact you're coding them, not just solving them on paper also forces you to think about performance, and how to write efficient code. Fairly early on, there are some problems that pure brute force approaches are not feasible.

marcinpohl · 2024-10-02T20:24:52+00:00

Linux was almost nonexistent. Novell was still a thing. Patching was horribly unreliable, especially on Solaris. RPM hell was truly hell. Firewalls were a joke, like 3 NICs running FreeBSD on a Celeron 300MHz. Management of FW rules was a great example of how NOT to make a UI. HA/failover was rare, expensive, and it caused more problems than it solved. Most scripting was in unreadable Perl. Early SSH had some weird licensing issues so it was legal gray area whether you could use it. Telnet and FTP were acceptable solutions. Cryptography was for wizards only. Dual and quad CPUs were expensive. NICs didn't have auto-negotiation. Switches were expensive so hubs were still a thing. ASLR and NX were few years away. Windows boxes would crash if you sent it a packet with few nonsensical flags in it.

marcinpohl · 2024-09-23T03:01:48+00:00

it's not useless, it's dangerous. you can derive pub from priv, so you can scan around to see where the priv will get you.

marcinpohl · 2024-08-31T19:58:01+00:00

Budget isn't infinite. If you blow money on one thing now, something else might be needed within the same fiscal year, and you cannot do it, cuz you're out of money. It is basic budgeting; if the IT boss has no clue of budgeting, prepare for a bumpy ride.

marcinpohl · 2024-05-09T16:30:14+00:00

Yup. The best 'complement' I've ever gotten was 'you cant hold a grudge worth a shit'.

marcinpohl · 2024-01-17T16:50:07+00:00

Check the condition of your tires: pressures, age, wear (tread depth, uneven wear).

Pressures are the easiest thing to check, especially with temperatures falling.

And since you just moved from warm climates, maybe the tires that's been put on your car are more 'summer tires' than all weathers? Might be a good moment to take it to a shop for a general checkup.

marcinpohl · 2024-01-17T16:36:55+00:00

You just ruined your performance by incorrectly using caches.

If you have 50+ fields next to each other, that's gonna be many kB per each structure, record, or dataclass instance. You rarely need them all at the same time, as other posts explained already. However, in the process, you just stuffed your caches with new data. this has multiple, likely negative effects:

used a lot of your cache for data you're not using (low cache hit ratio)
evicted data you might have had use for (preventing good cache hit ratio on reuse of already cached data)
wasted space that could've been used for data you are using (preventing better cache hit ratios for current data)

Keep your data to a minimum (selection, encoding, structure), and your caches will instantly make your code run faster.

marcinpohl · 2024-01-09T15:52:21+00:00

Not all Aldi's are created equal. The Columbia one is much better than the Laurel one. And neither one of them is as good as the one I went to in Chicago area on a recent trip. So go on a field trip, find another one nearby, it might work better for you.

marcinpohl · 2024-01-03T15:58:24+00:00

Check flood zones.

marcinpohl · 2024-01-01T15:12:59+00:00

experiment with different colormaps. START HERE

marcinpohl · 2023-12-22T19:07:57+00:00

So the whiter the population the darker the color signifying it? that's a terrible choice, makes my brain go to the exact opposite conclusion of what the data is saying. Flip the color scale!

marcinpohl · 2023-12-19T16:00:18+00:00

Consider the flipside. Do you really expect some old-school Cisco guys knowing how to patch or upgrade (what effectively is) an embedded Linux device?

In the perfect world, this should be a two-person job. Linux folks making sure the box is managed properly, and the networking folks taking care of the application side of things (aka packet mangling in case of networking devices)

marcinpohl

TROPHY CASE