Today I struggled with an annoying issue concerning the sound system on my Dell XPS 13 7390. Ignoring whatever output sound device I selected, Ubuntu would instead play the audio directly through the built-in speakers. To quote what I regularly hear from my users, “it worked yesterday, and I didn’t change a thing!”

Is there anything more annoying in this world than dealing with Microsoft support? You might assume that Microsoft would appreciate reports detailing the abuse of its services or even act upon that information. But alas, in both cases you’d be wrong.

Content warning: This article contains mildly sexually explicit text and images.

As a longtime believer in a decentralized web, I’m glad to finally have been able to put this blog on the InterPlanetary File System. It’s been a fun little side project, and it allowed me to cut my teeth on IPFS.

In the modern computing era, Slackware might be considered an old relic of a long-forgotten past. The old king may have abdicated the throne, but the embers of past glory still smolder. As we’re on our way towards the release of Slackware 15, allow me to share a few amusing Slackware tales I’ve collected over the years.

Slackers rejoice! The dark ages have finally come to an end. Our benevolent dictator for life has spoken, and KDE Plasma 5 has arrived in /testing on Slackware-current. Patrick Volkerding announced the update with his usual lack of fanfare on the Slackware-current changelog:

The other day I got an automated alert from our managed WordPress hosting service, notifying me of an issue with resource exhaustion for a virtual site. Upon closer inspection, I discovered that the adversary was not your everyday aimless botnet, but something darker, and far more sinister.

ShortDot SA, the top-level domain registry that brought us the infamous .ICU TLD is back with yet another useless domain extension. Say hello to .CYOU TLD, the “savvy and uber-cool domain”, at least according to ShortDot.

Enjoying a lazy Sunday morning, I decided to boot up my Slackware-current laptop to install yet another batch of kernel updates. To repay my kindness, Slackware gave me what I can only describe as a malicious jumpscare that nearly resulted in a heart attack.

A few months ago I was complaining about the lack of MTA-STS adaptation with major email service providers besides Google. Recently though, I’ve noticed a new player connecting to mta-sts.paranoidpenguin.net to retrieve my MTA-STS policy.

I’ve been getting quite a few emails from people wanting to know if I’ve made any progress on the deliverability issues I was facing when delivering email to outlook.com. As good fortune would have it, Microsoft accepted my request to delist my mail server from outlook.com’s internal IP blocklist.

For the last few weeks, my feeds and federated timelines have been filled with absolutely brilliant marketing campaigns for Plausible Analytics, the new open-source privacy-focused website analytics tool. Plausible Analytics has enjoyed exponential growth and is frequently recommended by privacy-conscious voices in the FOSS community.

If you’re a geek like me then you probably enjoy spending your time hardening and optimizing your servers to support modern security standards and policies. If so, I’d like to share my favorite online resources and encourage you to take up the challenge of beating paranoidpenguin.net.

Recently, I was trying to respond to an email delivered to me from an outlook.com sender address. Unfortunately, my response immediately bounced back, and I was informed that my mail server’s IP address had been added to outlook.com’s internal blocklist.

Last month we had an issue with a multitude of unwanted connections against our mail servers from a specific netblock in Argentina. In my experience, coordinated attacks from IP addresses originating from the same netblock usually indicates an issue on the ISP side.

The amount of services offering (or even demanding) two-factor authentication (2FA) is ever-increasing. This has encouraged me to find a more resilient strategy for how I store, manage, and backup my secret keys. My old approach relied solely on using time-based one-time password (TOTP) applications capable of exporting and importing 2FA accounts.