When you manage more than a handful of Debian or Ubuntu systems, you quickly discover that downloading the same packages repeatedly from the internet is both wasteful and slow. Enter apt-cacher-ng, a caching proxy specifically designed for Debian package repositories. It sits between your local machines and the upstream mirrors, storing packages locally after the first download and serving them from cache for subsequent requests.

The beauty of apt-cacher-ng lies in its simplicity. Installation is straightforward: a single apt install apt-cacher-ng on a server, and you have a working proxy listening on port 3142. Client configuration is equally painless – you can either set the proxy in each machine’s apt configuration, or use the auto-detect feature if your network supports it. Once configured, every package fetched by any client is cached, dramatically reducing bandwidth usage and speeding up updates across your network.

Every project accumulates a collection of commands: build the thing, run the tests, deploy to staging, convert images, lint the code. These commands live in README files, shell history, or the developer’s memory. Make has been the traditional solution for decades, but its tab-sensitivity and arcane syntax make it frustrating for simple task running. Taskfile offers a modern alternative.

Taskfile uses a simple YAML format that feels immediately familiar. Tasks have names, descriptions, and commands. Running task serve executes the serve task. Running task --list shows all available tasks with their descriptions. No tabs-versus-spaces gotchas, no implicit rules to remember, no wrestling with pattern matching when you just want to run a shell command.

I recently took and passed the ISC2 CISSP . The certification covered a broad range of topics, most of which I was already familiar with from experience as a software engineer. Those areas I was less familiar with included legal and procedural requirements around risk assessment, physical security, and the theory behind encryption and permissions management.

What I’ve been working on for a while now: Cisco Remote Scripts

With the introduction of Remote Scripts powered by Orbital, a search and response feature of Cisco Secure Endpoint in either the Advantage or the Premier tier, incident responders can respond to sophisticated threats with minimal business disruption, and administrators can provide an overall safer and better user experience. Remote scripts harness the power of Orbital Advanced Search capabilities, which provides hundreds of prepared queries curated by Cisco’s Talos threat intelligence group, allowing you to quickly run complex queries on any endpoint.

One very useful command for locating files and performing operations on them is find with the -exec option.

find [path] [arguments] -exec [command] {} \;

The part that’s tricky to remember is the escaped semicolon at the end.

Per-file vs batch mode

The \; terminator runs the command once per file found:

find . -name "*.log" -exec rm {} \;
# Equivalent to: rm file1.log; rm file2.log; rm file3.log

The + terminator batches files into fewer command invocations, which is faster:

In the early days of the internet, and even before that, there was a distinct difference in the terminology used for the people who obtained unauthorized access to computer systems. The term hacker meant someone who created an interesting hack, usually something interesting that used a system – not necessarily even a computer system – to do something outside its design intent. A Rube Goldberg machine is a good example of a hack. So is playing music with printers . Conversely, cracker was applied to people who broke into computer systems for nefarious purposes. There was often some overlap between the two, as people making interesting hacks often didn’t have authorized access to the systems they were using.

I recently took and passed the GCIH Certification . It’s primarily focused on understanding how attackers behave, the tools they use, and why those tools do the things they do.

Last weekend, I took the certification exam to become a GIAC certified incident handler . Both the exam and the course material leading up to it were interesting enough to deserve a few comments.

One thing I was moderately surprised by in the SANS course was the initial focus on Linux shell tools and Windows Powershell. I’ve been using Linux for a long time, so there weren’t any surprises there. The Powershell material was new to me.

Ship of Destiny concludes Robin Hobb’s Liveship Traders trilogy. Having committed to the series after enjoying her Farseer books, I finished it—but my reservations from The Mad Ship carried through to the end.

The finale brings together the various plot threads: the Vestrit family drama, Kennit’s pirate ambitions, the serpents’ journey, and the truth about liveships and dragons. Hobb ties things up competently enough, but the journey there continued to frustrate me.

The Mad Ship is the second book in Robin Hobb’s Liveship Traders trilogy. I came to this series after enjoying her Farseer trilogy (though finding it quite depressing), and read all three books in sequence shortly after publication.

The premise of living ships made from dragon cocoons has potential, and Hobb’s world-building remains detailed. However, several aspects didn’t work for me.

The trilogy leans heavily into themes of mental illness and trauma. Characters spend considerable time processing their psychological wounds rather than taking action. If you enjoy character introspection, this may appeal to you. I found it slowed the narrative and made the books feel like they were about suffering rather than adventure.