Toots for brnrd@bsd.network account

Written by sighBer nard on 2025-01-24 at 12:45

[#]fedihire

Opportunity to work with me on developing security building-blocks for the most complicated machines in the world (at ASML).

https://asml.wd3.myworkdayjobs.com/ASMLEXT1/job/Veldhoven-Netherlands/Senior-Product-Security-Engineer_J-00306828

=> More informations about this toot | View the thread

Written by sighBer nard on 2025-01-24 at 07:40

(Un?)popular opinion.

Corporate Security departments attract personnel that don't understand the technology yet do wish to impose impossible requirements...

There's no arguing with the types, business moves on and starts ignoring them outright.

=> More informations about this toot | View the thread

Written by sighBer nard on 2025-01-19 at 17:49

Sunday blogging. Hope this is of use to anyone else!

Forced airflow for my central heating convectors.

https://brnrd.eu/misc/2025-01-19/home-improvement-forced-airflow-convectors-part-1.html

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-31 at 23:08

Het mooiste vuurwerk? Venus en de sterrenhemel!

=> View attached media

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-30 at 13:37

Greetings from Chäserstatt (a.o. microbrewery). Nice snowshoeing for an hour makes thirsty

=> View attached media

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-28 at 22:01

New PQC blog post. Using Windows ssh-agent with a Security Key (via Windows Hello) from WSL. And updating your SSH client in WSL to support X-Wing ML-KEM/x25519 Post-Quantum crypto.

https://brnrd.eu/security/2024-12-28/ssh-with-pqc-and-security-key.html

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-26 at 21:37

Funny story about @mwl's books impact...

Shortly into my new job, I advised a new colleague to read SSH mastery and PAM mastery. He went for a 2/week holiday, and upon return he said that he'd thought of me twice during his holidays.

/me: "uhoh, that ain't good!"

First I saw your name in the sponsor list for SSH mastery.

Reading SSH mastery, I thought of a way to run a private git via SSH, first search result was your blog https://brnrd.eu/freebsd/2023-08-06/your-private-git-server-in-a-chroot.html

All's well that ends well!

(Now to get said colleague to write an RFC for his air-gapped time-bound no-secret-shared "break-glass" authn mechanism and PAM module...)

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-25 at 19:19

Reading @pluralistic https://pluralistic.net/2024/12/20/clinical-trial-by-ordeal/ it feels like what we see playing out in the Netherlands currently. We have a ruling coalition of 4 parties (all very- to right of centrist) that have all written their part of the "coalition agreement".

It's all contradictory, impossible ambition that'll hurt everyone but the ultra-rich.

The fashmob still seems to love whatever impossible policy is being proposed. Utterly deranged.

So indeed, it doesn't seem to matter how unhinged your policies and ambitions are, the turkeys vote for Christmas even more vehemently.

Waiting for a bill proposing to double the speed of light. Because, why not?!?

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-25 at 18:32

Dictator, convicted murderer, drug-trafficker, former president of Surinam has died. We refer to him as Bouterse or Desi Bouterse.

Missed oppo to call him by his real name: Desiree

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-25 at 12:28

Balkony is having Titanic aspirations it seems

=> View attached media

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-24 at 09:19

Gotten word that I'm allowed (after some modifications) to make a project at former employer open source. YAY!

So my CertPortal should see the public light soonish.

ACME dns-01 gateway to issue certs for machines not internet-exposed.

ACME issue certificates via CSR upload (and auto-renewal).

Certificate Transparency log monitoring (via CT logs or crt.sh)

Endpoint conf checks on all hostnames with a valid cert.

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-15 at 18:19

Deze podcast van Kustaw Bessems met emeritus hoogleraar rechtsfilosofie Dorien Pessers is een must voor iedereen die de democratie niet afwijst.

Hoe het recht bedoeld is. Niet zoals nu dat de rijken en grote bedrijven het recht kunnen gebruiken, maar hoe het recht begon als bescherming van de burger tegen de machtigen (incl. overheid).

https://traffic.omny.fm/d/clips/33dbd2dc-d464-471d-9feb-abae00330078/bce2e91a-33ec-4b0e-977b-ade900736ec6/73b3b890-acfc-4376-b999-af300093747f/audio.mp3

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-15 at 17:19

My new "datacenter" is done :flan_aww:

Biggest issue was the Realtek 8125 driver crashing FreeBSD 14.2 (LibreBSD)

=> View attached media

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-15 at 16:50

Wheee!!! Got a Banksy for Sinterklaas!!!

=> View attached media

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-12 at 18:35

New home-server arrived.

10-35W AMD Ryzen 7 5825U 8C/16T Zen3

2 x 32GB DDR4-3200

Temp 256GB Gen3 x4 NVME

=> View attached media

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-09 at 10:44

And a new port security/openssl-oqsprovider for FreeBSD. Hybrid Quantum-Safe cryptography on FreeBSD (X-Wing/X25519MLKEM768) using oqsprovider and Apache httpd. https://brnrd.eu/security/2024-12-07/apache-httpd-with-hybrid-ml-kem-post-quantum-cryptography.html

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-08 at 16:12

It was time for a new blog-post. Enabing hybrid X25519/ML-KEM in Apache httpd.

https://brnrd.eu/security/2024-12-07/apache-httpd-with-hybrid-ml-kem-post-quantum-cryptography.html

=> More informations about this toot | View the thread

Written by sighBer nard on 2024-12-03 at 18:01

[#]HeezeLeende fietsgemeente (not!) #bicycle #commute. Autogemeente zal je bedoelen!

Nadat er een tunnel voor koeien was aangelegd, was er geen geld meer om het fietspad naar Waalre te verbeteren. Wat rest is een ambitieus plan.

De automobilisten worden niet gestoord als de koeien gemolken worden (en staan bijna nooit in die wei).

Ook automobilisten moest het onmogelijk worden om verder over het asfalt het bos in te rijden. Dus een balk over het asfalt, en de fietsers mogen over een gravelpaadje er langs. De automobilisten die vinden dat ze er toch moeten zijn, schuiven de grote steen weg en gebruiken alsnog het gravelpad. De balk had weinig meters verder gehoeven om de autos tegen te houden zonder de fietsers tot last te zijn. Alles ondanks bezwaren van fietsersbond, gemeente :shrug:

En de fietser? Die rijdt nu, in het donker, voorzichtig door een laag modder waarin zich ook een diepere plas modder bevind en zit onder.

Bedankt!!!

En de fietser, die ploetert voort...

PS. Een voorgestelde alternatieve fietsroute "kan ook niet", want dan zou het waterleidingbedrijf er last van kunnen hebben... Rond 2010 zijn al grote stukken zandpad halfverhard zodat zij beter "controle konden uitvoeren op terroristen die de bronnen konden vergiftigen" gelegenheidsargument want zandpaden en regen onhandig voor incidenteel autos/vrachtwagens.

=> View attached media

=> More informations about this toot | View the thread