cwoellner.com ~ personal website & blog

Mixed Bag #1

Published on: Saturday, Feb 4, 2023

Intro

For the last couple of months, I didn’t really find the time or the motivation to write any new full articles (I was moving), but there are still some topics I want to briefly mention, so I will put all of them in this post.

What happened

I did a complete a couple of certifications:

Microsoft Certified: Security Operations Analyst Associate

With their annual conference Ignite, Microsoft offered a program called “Cloud Skills Challenge”, which tasked you to complete a learning path on Microsoft Learn and rewarded you with an exam voucher. I took part, went down the security-focused path, and got my voucher for the SC-200. Because the voucher was only valid for three months, I had to use it in January. I booked an exam slot for early January and used the time between Christmas and the new year to study. The material offered by Microsoft for free was really good, but I added in some external resources for a couple of topics, like Kusto and security-related roles and permissions. Since I am not allowed to talk about the exam in detail, all I will say is that I liked both the format and the difficulty. As a Linux enthusiast, a part of me always hopes to find a way to hate on Microsoft, but the free learning material, the voucher, and the exam were all in all a really positive experience. I will try to do the SC-100 later this year.

Certified Ethical Hacker

Last year, my employer paid for a week-long CEHv11 course, so I was kind of on the hook to sit for the exam. The certification gets a lot of hate online, and I can partially understand why: It won’t turn you into a penetration tester, but it gives you an overview of most of the security topics. So, while it won’t help hackers on a daily basis, it’s actually quite good for all other roles, essentially a Security+ on steroids. Regarding the exam, it felt as if it lacked some love; it felt very straightforward and plain. Despite the negative points I mentioned here, I still feel like it is quite valuable for me, since I don’t have a whole lot of other credentials to prove my proficiency in the field of cybersecurity.

I spun up a Bitcoin full Node

I started to feel somewhat bad for not contributing to Bitcoin, so I installed Void Linux on an old PC and started to run my own node. The download of the blockchain was surprising fast; it was done in around a day and was mainly slowed down by my old CPU taking ages to verify the individual blocks. The node currently runs over Tor only and even has a couple of peers connected to it.

bitcoin-cli -netinfo

What is happening

EU crackdown on encryption

This has been going on for the last couple of years, but since last summer, the efforts appear to have significantly increased. I am not sure how it is supposed to work - Will they force Microsoft to remotely install spyware on your PC? Will you not be able to post files on social media that have not been scanned by the EU? - but, overall, it will be another step in China’s footsteps, a very concerning course. It is increasingly important to be less reliant on governments; for example, get Bitcoin or Monero and hone your skills, so you can work in any country around the world. The ongoing fight against personal freedom in the EU and Germany outside of encryption might need its own post.

Bitcoin in Nigeria and the Congo

This week, news broke that the price of bitcoin on the Nigerian cryptocurrency exchange NairaEX hit $40.000, which was caused by Nigerians fleeing out of their country’s currency into any non-seizeable asset. Nigeria recently moved from a traditional fiat currency to a CBDC, a development that the general population was not very fond of.

In more positive news, a national park in the Congo started using its excess hydro-energy to mine Bitcoin; the profits of the mining operation are used to help with the funding of the park. Last year the park earned $500.000 from mining, so I guess my post about Bitcoin mining being good for the environment wasn’t too far off.

Hydroponic Peppers

Last year I started growing hot peppers in soil, which was an overall positive experience, but for most of the year I was fighting with fungus gnats that kept infecting my indoor plants. This year, since the larva of the fungus gnats lives in the soil, I took the logical step to just remove the soil for the indoor plant and grow them in a hydroponic solution. I started planting the seeds in rockwool in January, and most of the plants have already sprouted. Some already have their first hydroponic roots, so until now my hydroponic setup has worked quite well. I will keep you updated through the year and post some pictures once the plants look a bit impressive.

What is going to happen

Getting a practical hacking cert

The CEH and the already mentioned ongoing political situation have motivated me to improve my currently very rudimentary hacking skills. And what better goal is there to set than practical hacking certification? I don’t think I will go for the OSCP; from what I heard, their student labs are shared, and having someone reset a machine you’re using as a proxy or currently trying to exploit sounds extremely annoying. I expect more from an $1200 certificate. Instead, I will most likely go for the HTB Certified Penetration Testing Specialist. My company already has a subscription to HackTheBox Academy, so it won’t cost me a thing. What I’ve seen from HTB Academy so far has been very positive; their style of mixing theory and practice really fits my style of learning. The certification requires you to take a ton of modules before you can take the exam, so this project will most likely stretch through most of the year.

Building a no-dig garden bed

I recently saw a couple of videos from Charles Dowding, and I am planning to create one of these no-dig beds in my own garden. I’ve already collected the cardboard, so all I’m missing is the compost. Once it gets a little bit warmer here, I will try to buy some municipal compost. I guess growing your own food is the next step in the Linux pipeline ( Linux -> Bitcoin -> Self-reliance -> ? ).

Entering the void

While trying out Void Linux on the PC running my bitcoin node, I really enjoyed the experience. I never disliked systemd, but after trying out a distro with a different init system, my opinion on this topic has changed: Configuring anything in systemd feels more complicated than it should be. I have created my fair share of services and timers, and yet I still run into new problems. On the other hand, even as a novice, using runit felt easy and “natural”, I was able to get my services up and running quickly. So once I get a new desktop, I will stop using Arch Linux and install Void Linux.

Want to chat about anything you read on here? Feel free to e-mail me at christian@cwoellner.com