I have a persistent little botnet that has been hammering my non-standard ssh-port on my personal VPS for a while since it found it some weeks ago. For a long time I just ignored it, but today I decided to fight back a little.

First, I had claude write me a little script to fetch abuseipdb and turn it into a ipset rule to block everything before it even hits the server. But turns out the free level of abuseipdb only includes the top 10k ones. So I included a otx one also, but still did not catch all of them. Now I added blocklist.de which had the last ones. Let's see where that takes us.

Why am I doing this you might wonder? Is getting your ssh brute forced not part of life on the internet?

Probably, but I like making life hard for attackers even if it's mostly symbolic. First I had a ssh-tarpit with the hopes that it would tie up the scanners, but I think most scanners nowadays written in vibed in golang and it handles concurrency without trouble.

So next I thought I'd impose some cost on their botnet, by reporting them to abuseipdb. If that "burns" their IP and forces them to find a new one, then it's a win. But I was still getting too many connections that was already on the list, so me saying +1 it's bad was not adding much value.

So I thought, what if I block "all" the "known" ones. That means that if someone gets through and reported to abuseipdb, maybe that was a clean address that is now marked bad and might not work against others.

I guess it's like trying to put out a forest fire with a bucket of water, but it's at least something. And at least it cuts down on the noise on my server 10x.

Apple does a lot of shit, but whoever is running their legacy support department should be knighted for their work.

App Store still works on my iPad 2 running iOS9

iOS9 was released September 2015

And I can even install apps I've purchased previously on it.

Anything that relies on a API will most likely not work, but that's not Apples fault.

My only theory on why this can work so well, while the rest crumbles is that whoever does this is someone from the old guard who is "untouchable" and just decides to work on whatever they want, and still has enough power to do these things.

I'd love to know who or what team it is, but I'm also vary that if we shine too much light on them, the numbers must go up people will find them.

https://www.macrumors.com/2026/01/26/iphone-5s-software-update/

A year ago my daughters phone broke and I ordered a @iFixit repair kit and replacement glass. But by the time that arrived she had switched to one of our old iPhone 8, and the repair wasn't needed anymore. The broken phone has been lying around since then until I needed some Sunday meditation and decided to fix it.

It was very finkky and I wouldn't bother with my real phone, even with the guide and the fact that all screws and glue were loose from a previous screw or battery replacement it took time and a lot of patience. But as there was no stress and no worry about breaking anything it was quite relaxing.

Now I have a nice new iPhone SE (oh my it's a nice and small phone) that I don't know what to do with.

Might turn it into a podcast player, my iPhone 4 with iOS6, which currently serves as that, is not working that well anymore and needs a mitmproxy to be able to access anything as it doesn't have the new root certs and doesn't speak modern TLS.

#righttorepair

It's -14 C / 7 F but this dog is too well insulated to care at all. She's just happy she has a new playing field (the frozen lake).

#mondog #FinnishLapphund

Damn it's quite hard to see anything on the screen but we have had like 5 hours of sun during the last 30 days so I'm going to enjoy it while I can

#Fensterfreitag

So it's CR2032 showdown time. The Duracells are 1.5e each and the Nedis are 0.5e each.

I put one each in one of my zigbee humidity and temperature monitors, let's see if there is a difference long term.

This might make some people upset, and others doubly so.

I have made a mastodon archiving app which will index my timeline/favs/bookmarks and allow me to search it later.

And... I vibe coded all of it!
In Swift/UI because I have not touched Swift in.. 10 years and only briefly back then.

I'm really quite happy with the result. An although I could have done this myself but it would have taken weeks and it would have produced a worse result.

When I first looked for this, I came across and remembered the Searchtodon hulabaloo. From this, I know there are some people who object to their posts being indexed in any way, and I want to respect that without making the app useless. And also figuring out if someone has deleted a toot is kind of impossible. The compromise I came up with was to just show a snippet of text, not the full toot. To see the full toot, you have to click the result and you will be taken to a real mastodon client showing that toot. If the toot is deleted, that won't work.

I don't know if I will share it or open source it, maybe if there is interest. For now, I'm just happy I don't have to spend 10 minutes trying to find that toot I saw last week.

My 13 mini still beats all the new Apple phones in a straight out spec comparison, not even close. The air wins in one by measuring the thinnest part but is still worse in all other ways.

Good on Apple for supporting "old" phones, and thanks to organisations like HOP https://www.halteobsolescence.org/qui-sommes-nous/ who keep them honest and prevent them from introducing too obvious degradations with the forced updates.