Category: technology

Posted on

Blogging Platforms in 2025

I’m not sure how many of you readers out there have been following this blog since its inception in 2002, but it has gone through many changes over the years. In the beginning, it was a simple HTML and PHP site that I maintained by hand. I eventually learned more about databases, hosting, and various blogging platforms.

Somewhere around 2003 this blog became powered by B2/Cafelog, from which WordPress was eventually forked by Matt Mullenweg. WordPress quickly became awesome, and that is what powered this blog for decades.

About a year ago, I grew really frustrated with the WordPress ecosystem because every time I’d log into the dashboard, it was slower. I was getting spammed by plugins trying to get me to upgrade or buy related plugins. I realized that sometimes I would install a plugin and it would install other plugins without my permission.

This annoying tactic became totally unacceptable to me. So I looked for a way out and I found Ghost CMS. I set myself up over there on that platform for about four or five months, but I realized customizing it was really difficult. And it was expensive.

Spending $25+ a month for a hobby blog just didn’t feel like it was worth it to me. I do maintain the strong opinion that Ghost is an excellent alternative to Substack, which I refuse to link to, but that is a story for another day.

So I migrated away from Ghost and I found Chyrp Lite, which ran this site for about eight more months, right up until a few weeks ago. Chyrp Lite was really cool. It was a basic PHP-based, MySQL database-driven blog platform that did what it needed to simply and quickly.

It was reminiscent of something you would find around the year 2008. I thought it was pretty cool, but once again, it felt rather limited and difficult to customize. It also didn’t feel like there was a lot of ongoing development to support it.

So I had a stroke of imagination one night and started wondering about forks of WordPress to see if anyone had taken the code base, which is open source, and forked it into something less cluttered and less heavy.

Sure enough, Classic Press existed. It gets rid of the Gutenberg editor in WordPress, which was controversial when it came out in the first place and I never really cared for. Classic Press is like a modern version of WordPress from 10 years ago, but it receives updates and is secure, and it is compatible with a lot of current plugins and themes out there.

That said, I’m trying to keep it simple here and I’ve been using one of the default WordPress themes, Twenty Seventeen, and am customizing that to my liking.

So far, it’s smooth, it’s fast, it’s lean, it’s clean, and I’m not getting spammed on the admin panels. You should check it out if you’re a blogger and you’re tired of how bogged down WordPress has become with all kinds of freemium plugin spam.

Posted on

Obsidian.md and Plugin Security

Obsidian.md is an awesome note taking system. However, any third party plugin you install has access to all the files on your computer. You must hope the developer is nice or that their GitHub credentials don’t get compromised by a bad actor who then pushes out a malicious update.

The barrier to entry to get a plugin added to the Obsidian marketplace is low, and performed only once. There is not follow-up security review.

Common retorts to these statements, and my replies:

  • It’s the same thing as X app (VS Code, e.g.)
    My reply: Yes, and that is also bad.
  • Plugins with many users are safer because they have more eyes reviewing the code
    My reply: Yes, and they are the more attractive targets. A contributor need only enough time to push a bad update no one notices to infect thousands of computers. So like, 20 minutes?
  • I don’t put anything valuable or private in my notes anyway
    My reply: How about the rest of your computer? Because that’s what they have access to.

In summary, if you use Obsidian, don’t use plugins until or unless they improve this situation.

Posted on

Getting out of it what you put into it

It’s been difficult to make myself come here and blog.

Somewhere along the way, things on the internet changed. I used to enjoy writing updates in a blog post, letting friends and family know what had been going on around here, what I was up to, or even just what I was thinking. I knew that there were certain people who followed my blog pretty frequently and would often comment or even just acknowledge that I had posted something. It was a nice community feeling, and I would read other people’s blogs as well. Somewhere along the way this all shifted. I think it probably had something to do with Facebook becoming the predominant platform for people posting updates and being able to keep up with many more people in that format.

It’s a real shame though, because now I’ve gotten myself off of Facebook, off of Instagram, off of Twitter, and I’m largely just biding my time here and on Bluesky.

I find myself not wanting to share content or updates or news or anything like that. I definitely feel more more guarded about what I share online.

Perhaps it’s because of all the horror stories I’ve read about people getting stalked or swatted or whatever, just because they said something someone else didn’t like or disagreed with. I’ve been thinking often about how the internet really has precipitated the downfall of humanity. It’s pretty sad because I thought it was going to be an awesome thing for quite a while.

It definitely had an un-jaded, innocent adolescence phase. However, what happened was that once the World Wide Web became more and more accessible and was starting to be carried around in everyone’s pockets, everything started to change for the worse.

I remember back in college I took a class on how to use the World Wide Web. It was a great introduction into internet culture, what it meant to have a flame war, what spam was, and what good netiquette was.

That’s a word you don’t really hear anymore. Netiquette. It’s a shame. Everyone thinks they have the right to just get very angry at everyone else now, and it’s taken a lot of the fun out of the whole thing.

Maybe if people had been required to take lessons about the internet in order to access it, and had to learn how easily you can be fooled by misinformation and how you need to be able to discern between what’s real and what’s not, we might not be in the predicament we’re in today.

So I don’t know, maybe I’ll take this blog down in the near future. Is anyone reading it? My web statistics say “no”. So this is pretty much an exercise in talking into the ether. I’m putting things into it, but getting out nothing.

Posted on

The Toxic Utility of AI

If you’ve ever ventured onto the social media platform called BlueSky (which, I do love and is the only social platform I am on), or certain corners of other platforms like Reddit, you will likely have run across a very passionate set of people who disavow and berate anything related to artificial intelligence technology. They get so rabid in their attacks, they lose sight of the fact that AI actually has some usefulness when applied to certain situations that don’t invade privacy, don’t steal intellectual property, and don’t do things without asking you. However, if you try to point this out, you will get blocked, banned, ridiculed, and blasted for bringing it up. There seems to be no middle ground for these anti-AI people.

It’s very unfortunate. I wholly sympathize with a lot of their concerns. I don’t like the fact that AI is using intellectual property such as artwork, writing, music, and a host of other things that humans have created in order to train itself. I don’t like that this is usually done without asking anyone for their permission. And I don’t like that we’re in this situation where we have to claw back what AI has taken from us. I totally understand why that has pissed some people off entirely because it has pissed me off for the same reasons.

I recently saw someone on LinkedIn post that AI is just a glorified spell checker. And I actually agree. It’s not creative. It’s not smart. It doesn’t make decisions on its own. It relies on everything that it has been fed. So it’s really way less than it’s cracked up to be in many ways.

All of that being said, there are absolutely worthwhile use cases for artificial intelligence.
Personally, I’ve started using voice dictation with AI-assisted technology to help me speed up typing and relieve my aging fingers that have gotten slower and are usually aching by the end of a long workday. I’m enjoying that aspect of AI very much.
In fact, this whole article was written by me using a voice-to-text app called, VoiceInk. It does such an incredible job at recognizing my speech patterns, pauses, and corrections of myself. These things weren’t possible just a few years ago with any sort of voice to text application. And it does it fast.

Anyway, these are just some thoughts I’ve had bugging me and I decided to get them out there.

Posted on

Cleaning Up Apple Contacts

Apple Contacts get out-of-sync and become a mess over time, especially if you have multiple email accounts and have amassed a collection of contacts over the years. This problem was driving me nuts for quite a while, so I finally decided to sit down and fix it. Since it wasn’t simple to research, but ended up being simple to fix, I thought I’d share the solution. I am drawing upon some guidance I found on Reddit, but adding some additional tips.

The solution is to get all your devices (iPhone, Mac, iPad, etc) to only use iCloud to sync your contacts. In my case, I had contacts split across multiple email accounts I had collected over the years, and they didn’t sync up. Some cleanup is required.

Pre-requisites

You need both a computer and your phone for this.

Solution

  • Go to your iPhone Contacts app.
  • Click the top-left corner where it says “Lists”:
  • You will see all the accounts housing your contact on this page.
  • At the top of this is is “All Contacts”, which is a collection of everything you see below. Long press the “All Contacts” line (this is the merged list of all Contacts from different accounts). You’ll see an option to export all contacts.
  • Export the backup file (All Contacts.vcf) to your email or iCloud Drive or Airdrop. Whichever you choose, the goal is to send it to your computer and save it there.
  • Log in to iCloud.com from a browser on your computer. This can’t be done from your iPhone.
  • Go to Contacts in iCloud.com and click the + sign, then select Import Contact.
Click Import Contact here
  • Import the VCF file you just saved to your computer.
  • This may end up creating multiple copies of some of your contacts, which is OK, because we will soon merge and remove duplicate contacts.
  • BUT FIRST, you will need to stop syncing contacts for all the accounts you see on your iPhone and your Mac (and any other device), and only sync contacts to iCloud. Here’s what it looks like on the Mac:
  • For each account listed, open it and un-check Contacts.
  • Do the same on your other devices. Have them sync contacts only via iCloud.
  • Back on your phone, load up the Contacts app again.
  • It should notify you the duplicates it found. You can safely click Merge. It may take a little time to sync up, depending on how many contacts you have, but this should solve all of your problems!
Posted on

LinkedIn is at Peak Enshittifaction

💡
These are my personal opinions, which exist in an entirely segmented realm of my brain and my existence than that of my employer. They are not associated.

This is a story about the enshittification of LinkedIn. You are probably familiar with it.

I’ve been on LinkedIn for about 20 years. It started as a useful way to demonstrate my work experience, connect with current and past coworkers, and build business relationships. It was useful as a digital calling card of sorts.

At security conferences, I’d quickly pull up the app on my phone and befriend someone I had just met and had a conversation with. We’d keep in touch and Like or comment on each other’s LinkedIn posts.

Admittedly, most of those connections I made would never become anything else. We didn’t continue any real-world conversations or reach out to each other at all. These “friends” just became reminders of a short conversation I once had at a conference or workshop. I started wondering what the use of this site was, yet, everyone seemed to be using it, so I found myself curiously coming back once in a while.

Persistent Outreach

I can’t pick out an exact point in time that it started happening, but there was a noticeable shift in the kinds of connection requests I started getting. Maybe it coincided with my job title changes as they evolved and became more desirable for marketers to reach out to. Maybe it coincided with LinkedIn becoming a marketing person’s fertile playground. I am not sure, but something shifted.

One change I did notice, and I never felt like figuring out why, is that I started getting Followers in addition to people asking me to Connect. Some people would Follow me and then ask to Connect later. LinkedIn never did anything noticeable to explain what this all meant, but it happened.

Who? Why?

It was confusing, and I never felt like looking into it, so I just started ignoring them.

Sales Pitches

Everything started turning into sales pitches: requests to “run something by you,” get “10 minutes of your time,” show me an article they’d “really like your opinion on.” All in the name of making a connection –and possible sales lead– to meet a quota in SalesForce (most likely).

They even tried bribery in the form of sending me an Amazon gift card, just to meet with them for 30 minutes and hear their pitch. I know for a fact, based on experience, this would only lead to even more persistent follow-ups, “ticklers”, and pressurized tactics to sell to me.

I stopped going to LinkedIn as much.

Overly Persistent Salespeople

Within the last 2 years, I started getting connection requests alongside immediate follow-ups to my work email, and it became clear that I decided I needed to look into things – or shut down my LinkedIn account. Some setting somewhere must have changed, but I wasn’t sure what.

I was sure, however, that I had never put my work email address into LinkedIn. Yes, it was probably easy to guess based on who I work for, but this cold-calling tactic was sleazy and would immediately turn me off to any reputable vendors, especially when they had be annoyingly persistent by sending me multiple “just let me know if you’d like me to stop bugging you” types of emails.

In short: if you are a salesperson, please don’t do this.

Silent Privacy Changes

The company has implemented some invasive changes over the years, and didn’t bother to tell users – or buried the notices deep in their TOS that no one read. Their lack of privacy by default has always been concerning. Some of these were questionable, others, such as opting you in to AI training, were mind-boggling. There was even a short-lived lawsuit about that.

The AI setting you didn’t know about.

LinkedIn’s True Enshittification

The true indicator that we had reached the event horizon in the downfall of LinkedIn occurred sometime in the last year.

I logged in one day and saw that posts and comments had turned vitriolic. They had become like Twitter, like the comment section on your local newspaper’s website, or just about any thread on NextDoor these days.

An Executive Director!

People were making terrible statements with their employer’s name associated with them.

Posting your pronouns was never required. Why is it such a problem anyway?

Yes, it coincides with the political climate in the USA and the general climate of intolerant “free speech” that has proliferated everywhere as a result. But in a setting of professional profiles closely tied to employers? Why risk your job, your customer base, or your reputation?

“Listener”
Even using the “R” word.

I will just say this about that: we are all humans, we all deserve equal opportunity to live, love, and thrive. You know, that whole “Life, Liberty, and the Pursuit of Happiness” thing.

Live and let live. Do unto others as you would have them do unto you. A rising tide lifts all boats. You know…basic decency to others.

LinkedIn is now complicit in stifling these pursuits.

I am at a loss for any further words, really. Having left Facebook, Instagram, and Twitter within the last month, I am now shutting down my LinkedIn profile.

Indeed.

— willc

Posted on

Bugs inside the house?

No, not the smart home management variety that are always listening (looking at you, Siri, Alexa, and Google Home), or the kind that spies of yore used (or maybe still use?) to listen in on your dinner plans or football watching habits.

No, I am referring to actual bugs. Insects. Things that are highly annoying when they get into your home. We get these often in our house, as doors tend to get left open due to our indoor/outdoor lifestyle in the warmer months.

From mosquitos to house flies to various types of gnats and stinging things, we tend to get them all.

Aspectek Bug Zapper To The Rescue

On a whim, I bought one of these Aspektec bug zappers off Amazon, and it has been the best $40 I ever spent. In fact, I ended up buying a second one to keep in the basement since the one on the main floor worked so well. It attracts ’em, it zaps ’em, it splats ’em.

There are few downsides, however. First is that the zapping noise is rather loud, but that is also satisfying in a demented way.

Second is that the bugs don’t always fall into the removable tray at the bottom, so expect to wipe or vacuum some of them up.

Lastly, some of the bigger bugs this thing has zapped, including large flies and hornets, tend to linger a bit and get zapped repeatedly. In fact, they start smoldering on occasion, which isn’t the most pleasant thing when it comes to household smells. But I tend not to be bothered by that sort of thing.

The good news is my cats leave it alone and are not interested in it, and we don’t get eaten by mosquitos at night in our own house!

Posted on

All In One SEO Plugin in 2024: Avoid it like the plague

I updated the All In One SEO Plugin on this website today. The next thing I knew, I had two new plugins installed for me, the Monsterinsights and some sort of opt-in plugin called Optinmonster.

Yeet!

I deleted all that shit faster than you can throw a watermelon off an overpass. After googling around a bit to figure out what had happened, I discovered this post that keyed me in to what was going on:

MonsterInsights is Auto-installed
https://wordpress.org/support/topic/monsterinsights-is-auto-installed/

This is a terrible practice I hope no other WordPress plugin developers emulate. If you do, I hope the community shames you into reconsidering your ways.

Why is this so bad? Let me enumerate they ways:

Installing one plugin should never, EVER install more plugins without giving a person the awareness that this is happening! It’s bad form, it’s stealing a website’s resources, it’s stealing screen real estate, it’s introducing unknown risk, and broadening your website’s threat profile without telling you.

Then you get all these banners asking you to set up all these paid connections for these plugins to work. Bad form, again!

The Kicker

To top it all off, after walking through the All In One SEO setup steps, I found an email waiting for me moments later:

I did not opt in for this! This egregious action is most certainly in violation of the US CAN-SPAM laws. I can’t wait to report them. In fact, I will go do that now

Ok, I feel a little better now.

If you offer a plugin for people to use, you should never assume they want MORE plugins installed, and never grab their email address from their WordPress settings to sign them up for ANYTHING outside of your plugin installed.

Posted on

The Offensive Security Certified Professional (OSCP) Exam

The Offensive Security Certified Professional (OSCP) exam is known for being one of the most challenging certification exams in the cybersecurity field. It’s a hands-on test of your ability to identify and exploit vulnerabilities in a live, virtual environment.

The exam is not for the faint of heart. It requires a significant amount of time and effort to prepare, and even experienced security professionals may find it difficult to pass. In fact, the pass rate for the OSCP exam is typically less than 50%.

So, what makes the OSCP exam so challenging? For starters, it’s an extremely hands-on exam. Rather than simply testing your knowledge of security concepts, it requires you to actually demonstrate your skills by completing a series of real-world challenges. This means you need to have a strong foundation in security principles and a practical understanding of how to identify and exploit vulnerabilities.

In addition, the exam is time-limited. You have just 24 hours to complete the challenges and submit your results. This means you need to be able to work quickly and efficiently under pressure.

So, how can you prepare for the OSCP exam and improve your chances of passing? Here are a few tips:

  1. Take the OSCP training course. The OSCP exam is designed to test the skills and knowledge you gain from the Offensive Security Penetration Testing with Kali Linux (PwK) course. This course provides a comprehensive introduction to the tools and techniques used by professional penetration testers, and is an essential foundation for anyone looking to take the OSCP exam.
  2. Practice, practice, practice. The best way to prepare for the OSCP exam is to get hands-on experience with the tools and techniques you’ll be tested on. This means setting up your own lab environment and practicing your skills on a regular basis.
  3. Work through the lab challenges. The OSCP exam includes a series of lab challenges that test your ability to identify and exploit vulnerabilities in a live, virtual environment. Completing these challenges will give you a good idea of the types of tasks you’ll be expected to perform during the exam, and can help you develop the skills and confidence you need to succeed.
  4. Get support from the community. The OSCP exam can be a daunting and isolating experience, but you don’t have to go it alone. There are many online communities and forums where you can connect with other OSCP exam takers and get support, advice, and encouragement.

Overall, the OSCP exam is a challenging but rewarding experience. By preparing thoroughly and staying focused, you can increase your chances of success and earn one of the most respected certifications in the cybersecurity field.

—–

This entire blog post was created by artificial intelligence. Text by ChatGPT. Photo by Midjourney.

Posted on

Self Hosting – Cloudron

I have been using Cloudron recently, and after initially trying it out a couple years ago, I found it to be a really easy, awesome way to create my own, personal, cloud, keeping the peering eyes of big-tech out of my life.

So far I have been using Cloudron to manage my OnlyOffice office instance (better than MS Office or Google Docs) and my instance of Nextcloud, a Google Drive-like file storage and sharing center. They integrate with each other to create your own, secure, private office suite with file storage.

The best part is that you can do all this simply from the DigitalOcean Marketplace – a one-click shop for easy installation of everything. All you need is a domain name to point at it.

Once you have it installed, you can set it and forget it, as Cloudron will keep itself updated, patched, and secure.

Cloudron Coupon Code

It isn’t cheap to run Cloudron, but it lets you host 2 app without a subscriotion. I have yet to find a working Cloudron coupon code out there, but there are Cloudron referral codes such as my own (https://cloudron.io/?refcode=901142a319d1498b) which earn the referee a small discount. Once you have your own Cloudron account set up, you can use your own referral code and encourage others to use.

So that is me encouraging you to use my referrer code 😀

clicky