So it's time again for the yearly https://noscript.it/ advertisement (because I renewed it again).

tl.dr. it's a noscript (no javascript) proxy/iframe which allows you to share js-free links with your friends

To celebrate, I had claude clean up the code and do some QoL improvements.

Save megabytes of data for free, and see 100% less ads and get 99.9% less tracking (I do use goatcounter to count the number of visitors but there is no profiling...)

Also updated the "Show me" links to include how much less crap you get when using the JS-less version.

I know the no-js train mostly sailed, but I just don't want to give up on it. Downloading and running code from someone else just to view a website is insecure, and inefficient, except if it's an actuall web app. Or actually same there but slightly less insecure than downloading code and running it on your machine as the browser sandboxes are decent nowadays.

Interesting, Microsoft has (started?) putting up a warning on repos that host exploit code.
From the description it sounds like the code itself would be malicious but afaik this is "just" a PoC.

The interesting part is to see if they start doing this everywhere or just when it's windows exploits that make them look silly :-)

It's a frisk 7C but sun is out and it's time to start collecting that d-vitamin.

Quite an experience to first listen to the Artemis recap and then notice that I (unintentionally) picked my ESA coffee mug.

Humanity can do great things, I hope we can keep the focus on the building rather than destroying.
https://youtu.be/J4FE0JocJpk

I have a persistent little botnet that has been hammering my non-standard ssh-port on my personal VPS for a while since it found it some weeks ago. For a long time I just ignored it, but today I decided to fight back a little.

First, I had claude write me a little script to fetch abuseipdb and turn it into a ipset rule to block everything before it even hits the server. But turns out the free level of abuseipdb only includes the top 10k ones. So I included a otx one also, but still did not catch all of them. Now I added blocklist.de which had the last ones. Let's see where that takes us.

Why am I doing this you might wonder? Is getting your ssh brute forced not part of life on the internet?

Probably, but I like making life hard for attackers even if it's mostly symbolic. First I had a ssh-tarpit with the hopes that it would tie up the scanners, but I think most scanners nowadays written in vibed in golang and it handles concurrency without trouble.

So next I thought I'd impose some cost on their botnet, by reporting them to abuseipdb. If that "burns" their IP and forces them to find a new one, then it's a win. But I was still getting too many connections that was already on the list, so me saying +1 it's bad was not adding much value.

So I thought, what if I block "all" the "known" ones. That means that if someone gets through and reported to abuseipdb, maybe that was a clean address that is now marked bad and might not work against others.

I guess it's like trying to put out a forest fire with a bucket of water, but it's at least something. And at least it cuts down on the noise on my server 10x.

Apple does a lot of shit, but whoever is running their legacy support department should be knighted for their work.

App Store still works on my iPad 2 running iOS9

iOS9 was released September 2015

And I can even install apps I've purchased previously on it.

Anything that relies on a API will most likely not work, but that's not Apples fault.

My only theory on why this can work so well, while the rest crumbles is that whoever does this is someone from the old guard who is "untouchable" and just decides to work on whatever they want, and still has enough power to do these things.

I'd love to know who or what team it is, but I'm also vary that if we shine too much light on them, the numbers must go up people will find them.

https://www.macrumors.com/2026/01/26/iphone-5s-software-update/

A year ago my daughters phone broke and I ordered a @iFixit repair kit and replacement glass. But by the time that arrived she had switched to one of our old iPhone 8, and the repair wasn't needed anymore. The broken phone has been lying around since then until I needed some Sunday meditation and decided to fix it.

It was very finkky and I wouldn't bother with my real phone, even with the guide and the fact that all screws and glue were loose from a previous screw or battery replacement it took time and a lot of patience. But as there was no stress and no worry about breaking anything it was quite relaxing.

Now I have a nice new iPhone SE (oh my it's a nice and small phone) that I don't know what to do with.

Might turn it into a podcast player, my iPhone 4 with iOS6, which currently serves as that, is not working that well anymore and needs a mitmproxy to be able to access anything as it doesn't have the new root certs and doesn't speak modern TLS.

#righttorepair

It's -14 C / 7 F but this dog is too well insulated to care at all. She's just happy she has a new playing field (the frozen lake).

#mondog #FinnishLapphund