Digital Shokunin

So I can’t STFU about keto, so the below is what started as a sentence or two explanation of my experience of keto in response to something that turned into a blog post, so I decided to cut my comment short and post it here.

I started the last week of January, I’ve gone from 268 to 233, and that’s falling off the wagon several times (sometimes intentionally for special meals/travel) and getting back on it. I’ve also been doing some moderate weight lifting using the 5x5 routine and intermittent fasting (watch videos by Dr. Jason Fung on YouTube) when I start to plateau or I’ll carb shock my body with something super sugary if the weight loss tapers off for several weeks (bro science behind why I think it works, but it works for me, some people think it’s terrible). Also, while whiskey is okay, it seems to slow my weight loss because it has calories and slows metabolism, makes you retain water when you’re recovering, etc, so I drink less and am about to try something called LyteShow that helps. The other thing I get sometimes is Halo Top ice cream, which Publix, and surprisingly Walmart sells, which believe it or not is keto friendly ice cream (if you only eat a 1/4 cup and are super low on other carbs that day) that uses primarily sugar alcohols and dietary fiber mostly in place carbs or artificial sweeteners.

Iworked another year as staff for CarolinaCon 2017. This year I helped run the hardware hacking village with my friends and fellow members of FALE which was mostly if not completely used to assemble badges for the conference which where Atmel based hardware badges that communicated wirelessly with RF modules on the ~900+Mhz frequency range. The badges were designed by my friend melvin2001 whom I miss badly now that he’s moved across country. The code for the badges are located on the FALE GitHub.

Now I’m sitting on a plane, heading back to my family.

I just got through with the RedHat Summit 2017 in Boston and I also visited some of my family while there. It was an intense 3-4 days.

I generally love Boston, and also Cambridge across the river. While I was there, I took a visit over to the MIT Press Bookstore, and bought a few books, including Grokking algorithms which was a book that I already had on my wishlist, but wasn’t one I could find in the store anywhere else. It was going to be my next Amazon purchase, but I was lucky enough to find it there. I also bought Tokyo Boogie-Woogie, and one other book. I also explored Chinatown and had my first hot pot, which was an awesome experience.

I have only two kids at this point and for the foreseeable future. Both are fairly young, but one is getting old enough that I’m starting to think about teaching her some of the basic programming and STEM related subjects fairly early. She already is quite taken by Minecraft, and can navigate the computer pretty well even if she doesn’t yet know all the keys on the keyboard. She knows how to move and do things, etc. She can also use a tablet or touch screen device with ease.

I’m sitting on a plane waiting for my delayed flight to Boston listening to Adam Savage rant about Apple’s lack of ease of use (of which I totally agree). I figured it was the perfect time to finish this blog. Oh yeah, why am I on a plane? I’m heading to Red Hat Summit 2017. I might write about that later. In like a year or so. Yes, I back dated this if you realize the RH Summit is in May, but I’ve been meaning to write this post for over a month.

2016 has been another crazy year for me, and 2017 is just as crazy. I’ve been putting off updating my site for a while (a whole year). So here is a summary update of just some of the things I’ve been working on for 2016 and the first few months of 2017.

Certifications: I am now a Puppet Certified Professional 2016, I guess if its not obvious, I’ve been working even more heavily with Puppet, going to training, writing modules, etc. This was my first certification and I will say the test is very difficult testing you on every obscure area of Puppet, and it changes a lot between versions. If you’re studying for this exam, you need to practically read all their documentation on top of training and having real life experience. Their are study guides, I also just recently obtained certification as an IBM Certified System Administrator for WebSphere Application Server Network Deployment V8.5.5 and Liberty Profile. Mostly because I’ve been working with it heavily for a while so the certification was just a formality, I barely studied for that one.

I gave another talk for this year’s CarolinaCon 12 called “Never Go Full Spectrum Cyber”. For this talk I focused on mistakes “hackers” and even some InfoSec professionals have made and then a short summary at the end of OpSec lessons that could have prevented the mistakes covered earlier in the talk.

The talk slides are here. [UPDATE: The talk video is here.]

I referenced OpSec work and talks done by the grugq. You can find his site I mentioned in my talk at grugq.github.io. The grugq’s talk I also mentioned is called OPSEC: Because Jail is for wuftpd.

I recently started with a new company doing more of the role I was in at my previous job focused on J2EE applications, etc. However, I additionally ended up taking over management of Eucalyptus which is an AWS compatible cloud solution.

It’s been an exciting change of pace over configuring, troubleshooting, and restarting JVM’s. I’ve worked heavily with it and its underlying open source components that it utilizes like KVM, qemu, S3 (which this site is hosted on an S3 bucket), creating new images (using packer and some fancy script-fu I’ve got it fully automated), and customizing them. So far doing and upgrade and setting up a new availability zone have been tasks I’ve been carrying out in the short time since I’ve started working with it. If I ever run my own lab besides the ESXi based one being setup at my local hackerspace, I may use Eucalyptus.

I’m still recovering from Vegas even a week later. So I’m just going to link a bunch of things you should check out and mention a few cool things that happened or that I saw.

• PowerShell Empire - written in my two favorite scripting languages, may replace Meterpreter someday.
• Modern Honeypot Network - build your own cloud based network of honeypots that feed results back into a centralized server.
• HoneyDrive - an okay honeypot VM image (if you for some reason want to run your honeypot in VirtualBox or VMWare)

I also put together a DarkNet badge, walked until my knee gave out, attended a lot of events. DefCon itself was overcrowded, I stayed out of the talks and main halls and focused on SkyTalks, and the villages and competition areas. The DefCon biohacking village was to me the most interesting new thing this year.

Quick summary of a few cons I went to. I went to ISSA conference in Charlotte earlier with FALE, but more recently I went to BSides Asheville as a volunteer. I also participated in their CTF with some Cha-Ha members, and we came very close to winning, but placed second. Some friends and I camped out isntead of staying in a hotel, listened to bluegrass in a mountain bar and saw some talks, etc.